github.com/goreleaser/goreleaser@v1.25.1/www/docs/customization/nfpm.md (about) 1 # Linux packages (via nFPM) 2 3 GoReleaser can be wired to [nfpm](https://github.com/goreleaser/nfpm) to 4 generate and publish `.deb`, `.rpm`, `.apk`, and Archlinux packages. 5 6 Available options: 7 8 ```yaml 9 # .goreleaser.yaml 10 nfpms: 11 # note that this is an array of nfpm configs 12 - # 13 # ID of the nfpm config, must be unique. 14 # 15 # Default: 'default' 16 id: foo 17 18 # Name of the package. 19 # Default: ProjectName 20 # Templates: allowed (since v1.18) 21 package_name: foo 22 23 # You can change the file name of the package. 24 # 25 # Default: '{{ .PackageName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ with .Arm }}v{{ . }}{{ end }}{{ with .Mips }}_{{ . }}{{ end }}{{ if not (eq .Amd64 "v1") }}{{ .Amd64 }}{{ end }}' 26 # Templates: allowed 27 file_name_template: "{{ .ConventionalFileName }}" 28 29 # Build IDs for the builds you want to create NFPM packages for. 30 # Defaults empty, which means no filtering. 31 builds: 32 - foo 33 - bar 34 35 # Your app's vendor. 36 vendor: Drum Roll Inc. 37 38 # Your app's homepage. 39 homepage: https://example.com/ 40 41 # Your app's maintainer (probably you). 42 maintainer: Drummer <drum-roll@example.com> 43 44 # Your app's description. 45 description: |- 46 Drum rolls installer package. 47 Software to create fast and easy drum rolls. 48 49 # Your app's license. 50 license: Apache 2.0 51 52 # Formats to be generated. 53 formats: 54 - apk 55 - deb 56 - rpm 57 - termux.deb # Since: v1.11 58 - archlinux # Since: v1.13 59 60 # Umask to be used on files without explicit mode set. (overridable) 61 # 62 # Default: 0o002 (will remove world-writable permissions) 63 # Since: v1.19 64 umask: 0o002 65 66 # Packages your package depends on. (overridable) 67 dependencies: 68 - git 69 - zsh 70 71 # Packages it provides. (overridable) 72 # 73 # Since: v1.11 74 provides: 75 - bar 76 77 # Packages your package recommends installing. (overridable) 78 recommends: 79 - bzr 80 - gtk 81 82 # Packages your package suggests installing. (overridable) 83 suggests: 84 - cvs 85 - ksh 86 87 # Packages that conflict with your package. (overridable) 88 conflicts: 89 - svn 90 - bash 91 92 # Packages it replaces. (overridable) 93 replaces: 94 - fish 95 96 # Path that the binaries should be installed. 97 # 98 # Default: '/usr/bin' 99 bindir: /usr/bin 100 101 # Paths to the directories where to put specific types of libraries that 102 # GoReleaser built. 103 # 104 # This should be used together with `builds.buildmode` 105 # 106 # Since: v1.24. 107 # Templates: allowed 108 libdirs: 109 # Default: '/usr/include' 110 headers: /usr/include/something 111 112 # Default: '/usr/lib' 113 cshared: /usr/lib/foo 114 115 # Default: '/usr/lib' 116 carchive: /usr/lib/foobar 117 118 # Version Epoch. 119 # Default: extracted from `version` if it is semver compatible 120 epoch: 2 121 122 # Version Prerelease. 123 # Default: extracted from `version` if it is semver compatible 124 prerelease: beta1 125 126 # Version Metadata (previously deb.metadata). 127 # Setting metadata might interfere with version comparisons depending on the 128 # packager. 129 # 130 # Default: extracted from `version` if it is semver compatible 131 version_metadata: git 132 133 # Version Release. 134 release: 1 135 136 # Section. 137 section: default 138 139 # Priority. 140 priority: extra 141 142 # Makes a meta package - an empty package that contains only supporting 143 # files and dependencies. 144 # When set to `true`, the `builds` option is ignored. 145 meta: true 146 147 # Changelog YAML file, see: https://github.com/goreleaser/chglog 148 # 149 # You can use goreleaser/chglog to create the changelog for your project, 150 # pass that changelog yaml file to GoReleaser, 151 # and it should in turn setup it accordingly for the given available 152 # formats (deb and rpm at the moment). 153 # 154 # Experimental. 155 # Since: v1.11 156 changelog: ./foo.yml 157 158 # Contents to add to the package. 159 # GoReleaser will automatically add the binaries. 160 contents: 161 # Basic file that applies to all packagers 162 - src: path/to/foo 163 dst: /usr/bin/foo 164 165 # This will add all files in some/directory or in subdirectories at the 166 # same level under the directory /etc. This means the tree structure in 167 # some/directory will not be replicated. 168 - src: some/directory/ 169 dst: /etc 170 171 # This will replicate the directory structure under some/directory at 172 # /etc, using the "tree" type. 173 # 174 # Since: v1.17 175 # Templates: allowed 176 - src: some/directory/ 177 dst: /etc 178 type: tree 179 180 # Simple config file 181 - src: path/to/foo.conf 182 dst: /etc/foo.conf 183 type: config 184 185 # Simple symlink. 186 # Corresponds to `ln -s /sbin/foo /usr/local/bin/foo` 187 - src: /sbin/foo 188 dst: /usr/bin/foo 189 type: "symlink" 190 191 # Corresponds to `%config(noreplace)` if the packager is rpm, otherwise it 192 # is just a config file 193 - src: path/to/local/bar.conf 194 dst: /etc/bar.conf 195 type: "config|noreplace" 196 197 # The src and dst attributes also supports name templates 198 - src: path/{{ .Os }}-{{ .Arch }}/bar.conf 199 dst: /etc/foo/bar-{{ .ProjectName }}.conf 200 201 # Additional templated contents to add to the archive. 202 # Those files will have their contents pass through the template engine, 203 # and its results will be added to the package. 204 # 205 # This feature is only available in GoReleaser Pro. 206 # Since: v1.17 (pro) 207 # Templates: allowed 208 templated_contents: 209 # a more complete example, check the globbing deep dive below 210 - src: "LICENSE.md.tpl" 211 dst: LICENSE.md 212 213 # These files are not actually present in the package, but the file names 214 # are added to the package header. From the RPM directives documentation: 215 # 216 # "There are times when a file should be owned by the package but not 217 # installed - log files and state files are good examples of cases you 218 # might desire this to happen." 219 # 220 # "The way to achieve this, is to use the %ghost directive. By adding this 221 # directive to the line containing a file, RPM will know about the ghosted 222 # file, but will not add it to the package." 223 # 224 # For non rpm packages ghost files are ignored at this time. 225 - dst: /etc/casper.conf 226 type: ghost 227 - dst: /var/log/boo.log 228 type: ghost 229 230 # You can use the packager field to add files that are unique to a 231 # specific packager 232 - src: path/to/rpm/file.conf 233 dst: /etc/file.conf 234 type: "config|noreplace" 235 packager: rpm 236 - src: path/to/deb/file.conf 237 dst: /etc/file.conf 238 type: "config|noreplace" 239 packager: deb 240 - src: path/to/apk/file.conf 241 dst: /etc/file.conf 242 type: "config|noreplace" 243 packager: apk 244 245 # Sometimes it is important to be able to set the mtime, mode, owner, or 246 # group for a file that differs from what is on the local build system at 247 # build time. 248 - src: path/to/foo 249 dst: /usr/local/foo 250 file_info: 251 mode: 0644 252 mtime: 2008-01-02T15:04:05Z 253 owner: notRoot 254 group: notRoot 255 256 # If `dst` ends with a `/`, it'll create the given path and copy the given 257 # `src` into it, the same way `cp` works with and without trailing `/`. 258 - src: ./foo/bar/* 259 dst: /usr/local/myapp/ 260 261 # Using the type 'dir', empty directories can be created. When building 262 # RPMs, however, this type has another important purpose: Claiming 263 # ownership of that directory. This is important because when upgrading or 264 # removing an RPM package, only the directories for which it has claimed 265 # ownership are removed. However, you should not claim ownership of a 266 # directory that is created by the OS or a dependency of your package. 267 # 268 # A directory in the build environment can optionally be provided in the 269 # 'src' field in order copy mtime and mode from that directory without 270 # having to specify it manually. 271 - dst: /some/dir 272 type: dir 273 file_info: 274 mode: 0700 275 276 # Scripts to execute during the installation of the package. (overridable) 277 # 278 # Keys are the possible targets during the installation process 279 # Values are the paths to the scripts which will be executed. 280 # 281 # Templates: allowed (since v1.20) 282 scripts: 283 preinstall: "scripts/preinstall.sh" 284 postinstall: "scripts/postinstall.sh" 285 preremove: "scripts/preremove.sh" 286 postremove: "scripts/postremove.sh" 287 288 # Templated scripts to execute during the installation of the package. (overridable) 289 # 290 # Keys are the possible targets during the installation process 291 # Values are the paths to the scripts which will be executed. 292 # 293 # This feature is only available in GoReleaser Pro. 294 # Since: v1.20 (pro) 295 # Templates: allowed 296 templated_scripts: 297 preinstall: "scripts/preinstall.sh" 298 postinstall: "scripts/postinstall.sh" 299 preremove: "scripts/preremove.sh" 300 postremove: "scripts/postremove.sh" 301 302 # All fields above marked as `overridable` can be overridden for a given 303 # package format in this section. 304 overrides: 305 # The dependencies override can for example be used to provide version 306 # constraints for dependencies where different package formats use 307 # different versions or for dependencies that are named differently. 308 deb: 309 dependencies: 310 - baz (>= 1.2.3-0) 311 - some-lib-dev 312 # ... 313 rpm: 314 dependencies: 315 - baz >= 1.2.3-0 316 - some-lib-devel 317 # ... 318 apk: 319 # ... 320 321 # Custom configuration applied only to the RPM packager. 322 rpm: 323 # RPM specific scripts. 324 scripts: 325 # The pretrans script runs before all RPM package transactions / stages. 326 pretrans: ./scripts/pretrans.sh 327 # The posttrans script runs after all RPM package transactions / stages. 328 posttrans: ./scripts/posttrans.sh 329 330 # The package summary. 331 # 332 # Default: first line of the description 333 summary: Explicit Summary for Sample Package 334 335 # The package group. 336 # This option is deprecated by most distros but required by old distros 337 # like CentOS 5 / EL 5 and earlier. 338 group: Unspecified 339 340 # The packager is used to identify the organization that actually packaged 341 # the software, as opposed to the author of the software. 342 # `maintainer` will be used as fallback if not specified. 343 # This will expand any env var you set in the field, eg packager: ${PACKAGER} 344 packager: GoReleaser <staff@goreleaser.com> 345 346 # Compression algorithm (gzip (default), lzma or xz). 347 compression: lzma 348 349 # Prefixes for relocatable packages. 350 # 351 # Since: v1.20 352 prefixes: 353 - /usr/bin 354 355 # The package is signed if a key_file is set 356 signature: 357 # PGP secret key file path (can also be ASCII-armored). 358 # 359 # See "Signing key passphrases" below for more information. 360 # 361 # Templates: allowed 362 key_file: "{{ .Env.GPG_KEY_PATH }}" 363 364 # Custom configuration applied only to the Deb packager. 365 deb: 366 # Lintian overrides 367 lintian_overrides: 368 - statically-linked-binary 369 - changelog-file-missing-in-native-package 370 371 # Custom deb special files. 372 scripts: 373 # Deb rules script. 374 rules: foo.sh 375 # Deb templates file, when using debconf. 376 templates: templates 377 378 # Custom deb triggers 379 triggers: 380 # register interest on a trigger activated by another package 381 # (also available: interest_await, interest_noawait) 382 interest: 383 - some-trigger-name 384 # activate a trigger for another package 385 # (also available: activate_await, activate_noawait) 386 activate: 387 - another-trigger-name 388 389 # Packages which would break if this package would be installed. 390 # The installation of this package is blocked if `some-package` 391 # is already installed. 392 breaks: 393 - some-package 394 395 # Packages which would break if this package would be installed. 396 # The installation of this package is blocked if `some-package` 397 # is already installed. 398 # 399 # Since: v1.25. 400 breaks: 401 - some-package 402 403 # The package is signed if a key_file is set 404 signature: 405 # PGP secret key file path (can also be ASCII-armored). 406 # 407 # See "Signing key passphrases" below for more information. 408 # 409 # Templates: allowed 410 key_file: "{{ .Env.GPG_KEY_PATH }}" 411 412 # The type describes the signers role, possible values are "origin", 413 # "maint" and "archive". 414 # 415 # Default: 'origin' 416 type: origin 417 418 # Additional fields for the control file. Empty fields are ignored. 419 # This will expand any env vars you set in the field values, e.g. Vcs-Browser: ${CI_PROJECT_URL} 420 fields: 421 Bugs: https://github.com/goreleaser/nfpm/issues 422 423 # The Debian-specific "predepends" field can be used to ensure the complete installation of a list of 424 # packages (including unpacking, pre- and post installation scripts) prior to the installation of the 425 # built package. 426 predepends: 427 - baz (>= 1.2.3-0) 428 429 apk: 430 # APK specific scripts. 431 scripts: 432 # The preupgrade script runs before APK upgrade. 433 preupgrade: ./scripts/preupgrade.sh 434 # The postupgrade script runs after APK. 435 postupgrade: ./scripts/postupgrade.sh 436 437 # The package is signed if a key_file is set 438 signature: 439 # PGP secret key file path (can also be ASCII-armored). 440 # 441 # See "Signing key passphrases" below for more information. 442 # 443 # Templates: allowed 444 key_file: "{{ .Env.GPG_KEY_PATH }}" 445 446 # The name of the signing key. When verifying a package, the signature 447 # is matched to the public key store in /etc/apk/keys/<key_name>.rsa.pub. 448 # 449 # Default: maintainer's email address 450 # Templates: allowed (since v1.15) 451 key_name: origin 452 453 archlinux: 454 # Archlinux-specific scripts 455 scripts: 456 # The preupgrade script runs before pacman upgrades the package. 457 preupgrade: ./scripts/preupgrade.sh 458 # The postupgrade script runs after pacman upgrades the package. 459 postupgrade: ./scripts/postupgrade.sh 460 461 # The pkgbase can be used to explicitly specify the name to be used to refer 462 # to a group of packages. See: https://wiki.archlinux.org/title/PKGBUILD#pkgbase. 463 pkgbase: foo 464 465 # The packager refers to the organization packaging the software, not to be confused 466 # with the maintainer, which is the person who maintains the software. 467 packager: GoReleaser <staff@goreleaser.com> 468 ``` 469 470 !!! tip 471 472 Learn more about the [name template engine](/customization/templates/). 473 474 !!! info 475 476 Fields marked with "overridable" can be overridden for any format. 477 478 ## Signing key passphrases 479 480 GoReleaser will try to get the password from the following environment 481 variables, in the following order of preference: 482 483 1. `$NFPM_[ID]_[FORMAT]_PASSPHRASE` 484 1. `$NFPM_[ID]_PASSPHRASE` 485 1. `$NFPM_PASSPHRASE` 486 487 Basically, it'll start from the most specific to the most generic. 488 Also, `[ID]` is the uppercase `id` value, and `[FORMAT]` is the uppercase format 489 (`deb`, `rpm`, etc). 490 491 So, if your `nfpms.id` is `default`, then the deb-specific passphrase 492 will be set `$NFPM_DEFAULT_DEB_PASSPHRASE`. GoReleaser will try that, then 493 `$NFPM_DEFAULT_PASSPHRASE`, and finally, `$NFPM_PASSPHRASE`. 494 495 ## A note about Termux 496 497 Termux is the same format as `deb`, the differences are: 498 499 - it uses a different `bindir` (prefixed with `/data/data/com.termux/files/`) 500 - it uses slightly different architecture names than Debian 501 502 ## Conventional file names, Debian, and ARMv6 503 504 On Debian, both ARMv6 and ARMv7 have the same architecture name: `armhf`. 505 506 If you use `{{.ConventionalFileName}}`, and build for both architectures, you'll 507 get duplicated file names. 508 509 You can go around that with something like this: 510 511 ```yaml 512 # .goreleaser.yaml 513 nfpms: 514 - # ... 515 file_name_template: >- 516 {{- trimsuffix .ConventionalFileName .ConventionalExtension -}} 517 {{- if and (eq .Arm "6") (eq .ConventionalExtension ".deb") }}6{{ end -}} 518 {{- if not (eq .Amd64 "v1")}}{{ .Amd64 }}{{ end -}} 519 {{- .ConventionalExtension -}} 520 521 # ... 522 ```