Compare commits

...

4 commits

Author SHA1 Message Date
Virgil Dupras
466f627852 Fix gentoo
It didn't work from within vagrant. Now it does.
2018-04-15 20:24:19 -04:00
Virgil Dupras
04b8dfe1dc Add mk-gentoo.sh 2018-04-15 17:01:03 -04:00
Virgil Dupras
054e462e0b debian: re-enable provisioning tools installation 2018-04-15 09:55:37 -04:00
Virgil Dupras
bc8b070565 Unprivileged box creation: first step
I've been hacking my way through building vagrant boxes in unprivileged
containers. It works. Barely but it works. I can end up with a
functional vagrant box with `make stretch`.

The only place where I need `sudo` is when we tar up the root fs because
it doesn't belong to the same UID.
2018-04-14 23:30:48 -04:00
18 changed files with 264 additions and 946 deletions

View file

@ -1,7 +1,7 @@
UBUNTU_BOXES= precise quantal raring saucy trusty utopic vivid wily xenial UBUNTU_BOXES= xenial
DEBIAN_BOXES= squeeze wheezy jessie stretch sid DEBIAN_BOXES= jessie stretch sid
CENTOS_BOXES= 6 7 CENTOS_BOXES= 7
FEDORA_BOXES= rawhide 23 22 21 20 19 FEDORA_BOXES= rawhide 23
TODAY=$(shell date -u +"%Y-%m-%d") TODAY=$(shell date -u +"%Y-%m-%d")
# Replace i686 with i386 and x86_64 with amd64 # Replace i686 with i386 and x86_64 with amd64
@ -21,38 +21,38 @@ $(UBUNTU_BOXES): CONTAINER = "vagrant-base-${@}-$(ARCH)"
$(UBUNTU_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-${@}-$(ARCH).box" $(UBUNTU_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-${@}-$(ARCH).box"
$(UBUNTU_BOXES): $(UBUNTU_BOXES):
@mkdir -p $$(dirname $(PACKAGE)) @mkdir -p $$(dirname $(PACKAGE))
@sudo -E ./mk-debian.sh ubuntu $(@) $(ARCH) $(CONTAINER) $(PACKAGE) @./mk-debian.sh ubuntu $(@) $(ARCH) $(CONTAINER) $(PACKAGE)
@sudo chmod +rw $(PACKAGE) @chmod +rw $(PACKAGE)
@sudo chown ${USER}: $(PACKAGE) @chown ${USER}: $(PACKAGE)
$(DEBIAN_BOXES): CONTAINER = "vagrant-base-${@}-$(ARCH)" $(DEBIAN_BOXES): CONTAINER = "vagrant-base-${@}-$(ARCH)"
$(DEBIAN_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-${@}-$(ARCH).box" $(DEBIAN_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-${@}-$(ARCH).box"
$(DEBIAN_BOXES): $(DEBIAN_BOXES):
@mkdir -p $$(dirname $(PACKAGE)) @mkdir -p $$(dirname $(PACKAGE))
@sudo -E ./mk-debian.sh debian $(@) $(ARCH) $(CONTAINER) $(PACKAGE) @./mk-debian.sh debian $(@) $(ARCH) $(CONTAINER) $(PACKAGE)
@sudo chmod +rw $(PACKAGE) @chmod +rw $(PACKAGE)
@sudo chown ${USER}: $(PACKAGE) @chown ${USER}: $(PACKAGE)
$(CENTOS_BOXES): CONTAINER = "vagrant-base-centos-${@}-$(ARCH)" $(CENTOS_BOXES): CONTAINER = "vagrant-base-centos-${@}-$(ARCH)"
$(CENTOS_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-centos-${@}-$(ARCH).box" $(CENTOS_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-centos-${@}-$(ARCH).box"
$(CENTOS_BOXES): $(CENTOS_BOXES):
@mkdir -p $$(dirname $(PACKAGE)) @mkdir -p $$(dirname $(PACKAGE))
@sudo -E ./mk-centos.sh $(@) $(ARCH) $(CONTAINER) $(PACKAGE) @./mk-centos.sh $(@) $(ARCH) $(CONTAINER) $(PACKAGE)
@sudo chmod +rw $(PACKAGE) @chmod +rw $(PACKAGE)
@sudo chown ${USER}: $(PACKAGE) @chown ${USER}: $(PACKAGE)
$(FEDORA_BOXES): CONTAINER = "vagrant-base-fedora-${@}-$(ARCH)" $(FEDORA_BOXES): CONTAINER = "vagrant-base-fedora-${@}-$(ARCH)"
$(FEDORA_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-fedora-${@}-$(ARCH).box" $(FEDORA_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-fedora-${@}-$(ARCH).box"
$(FEDORA_BOXES): $(FEDORA_BOXES):
@mkdir -p $$(dirname $(PACKAGE)) @mkdir -p $$(dirname $(PACKAGE))
@sudo -E ./mk-fedora.sh $(@) $(ARCH) $(CONTAINER) $(PACKAGE) @./mk-fedora.sh $(@) $(ARCH) $(CONTAINER) $(PACKAGE)
@sudo chmod +rw $(PACKAGE) @chmod +rw $(PACKAGE)
@sudo chown ${USER}: $(PACKAGE) @chown ${USER}: $(PACKAGE)
acceptance: CONTAINER = "vagrant-base-acceptance-$(ARCH)" acceptance: CONTAINER = "vagrant-base-acceptance-$(ARCH)"
acceptance: PACKAGE = "output/${TODAY}/vagrant-lxc-acceptance-$(ARCH).box" acceptance: PACKAGE = "output/${TODAY}/vagrant-lxc-acceptance-$(ARCH).box"
acceptance: acceptance:
@mkdir -p $$(dirname $(PACKAGE)) @mkdir -p $$(dirname $(PACKAGE))
@PUPPET=1 CHEF=1 sudo -E ./mk-debian.sh ubuntu precise $(ARCH) $(CONTAINER) $(PACKAGE) @PUPPET=1 CHEF=1 ./mk-debian.sh ubuntu precise $(ARCH) $(CONTAINER) $(PACKAGE)
@sudo chmod +rw $(PACKAGE) @chmod +rw $(PACKAGE)
@sudo chown ${USER}: $(PACKAGE) @chown ${USER}: $(PACKAGE)
release: release:
@test -z '$(version)' && echo 'version parameter not provided to `make`!' && exit 1 || return 0 @test -z '$(version)' && echo 'version parameter not provided to `make`!' && exit 1 || return 0
@ -63,7 +63,7 @@ release:
clean: ALL_BOXES = ${DEBIAN_BOXES} ${UBUNTU_BOXES} ${CENTOS_BOXES} ${FEDORA_BOXES} acceptance clean: ALL_BOXES = ${DEBIAN_BOXES} ${UBUNTU_BOXES} ${CENTOS_BOXES} ${FEDORA_BOXES} acceptance
clean: clean:
@for r in $(ALL_BOXES); do \ @for r in $(ALL_BOXES); do \
sudo -E ./clean.sh $${r}\ ./clean.sh $${r}\
vagrant-base-$${r}-$(ARCH) \ vagrant-base-$${r}-$(ARCH) \
output/${TODAY}/vagrant-lxc-$${r}-$(ARCH).box; \ output/${TODAY}/vagrant-lxc-$${r}-$(ARCH).box; \
done done

View file

@ -1,159 +0,0 @@
#!/bin/bash
# set -x
set -e
# Script used to build OpenMandriva base vagrant-lxc containers, currently limited to
# host's arch
#
# USAGE:
# $ cd boxes && sudo ./build-openmandriva-box.sh OPENMANDRIVA_RELEASE BOX_ARCH
#
# TODO: scripts for install CHEF, PUPPET, SALT, BABUSHKA
# To enable Chef or any other configuration management tool pass '1' to the
# corresponding env var:
# $ CHEF=1 sudo -E ./build-openmandriva-box.sh OPENMANDRIVA_RELEASE BOX_ARCH
# $ PUPPET=1 sudo -E ./build-openmandriva-box.sh OPENMANDRIVA_RELEASE BOX_ARCH
# $ SALT=1 sudo -E ./build-openmandriva-box.sh OPENMANDRIVA_RELEASE BOX_ARCH
# $ BABUSHKA=1 sudo -E ./build-openmandriva-box.sh OPENMANDRIVA_RELEASE BOX_ARCH
##################################################################################
# 0 - Initial setup and sanity checks
TODAY=$(date -u +"%Y-%m-%d")
NOW=$(date -u)
RELEASE=${1:-"openmandriva2013.0"}
ARCH=${2:-"x86_64"}
PKG=vagrant-lxc-${RELEASE}-${ARCH}-${TODAY}.box
WORKING_DIR=/tmp/vagrant-lxc-${RELEASE}
VAGRANT_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
ROOTFS=/var/lib/lxc/${RELEASE}-base/${RELEASE}-base/rootfs
# Providing '1' will enable these tools
CHEF=${CHEF:-0}
PUPPET=${PUPPET:-0}
SALT=${SALT:-0}
BABUSHKA=${BABUSHKA:-0}
# Path to files bundled with the box
CWD=`readlink -f .`
LXC_TEMPLATE=${CWD}/common/lxc-template-openmandriva
LXC_CONF=${CWD}/common/lxc.conf
METATADA_JSON=${CWD}/common/metadata.json
# Set up a working dir
mkdir -p $WORKING_DIR
if [ -f "${WORKING_DIR}/${PKG}" ]; then
echo "Found a box on ${WORKING_DIR}/${PKG} already!"
exit 1
fi
##################################################################################
# 1 - Create the base container
if $(lxc-ls | grep -q "${RELEASE}-base"); then
echo "Base container already exists, please remove it with \`lxc-destroy -n ${RELEASE}-base\`!"
exit 1
else
export SUITE=$RELEASE
lxc-create -n ${RELEASE}-base -t openmandriva -- -R ${RELEASE} --arch ${ARCH}
fi
######################################
# 2 - Fix some known issues
# Fixes some networking issues
cat /etc/resolv.conf > ${ROOTFS}/etc/resolv.conf
##################################################################################
# 3 - Prepare vagrant user
chroot ${ROOTFS} su -c 'useradd --create-home -s /bin/bash vagrant'
# echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd
chroot ${ROOTFS} su -c "echo -n 'vagrant:vagrant' | chpasswd"
##################################################################################
# 4 - Setup SSH access and passwordless sudo
# Configure SSH access
mkdir -p ${ROOTFS}/home/vagrant/.ssh
echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys
chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh
chroot ${ROOTFS} urpmi sudo --auto
chroot ${ROOTFS} usermod -a -G wheel vagrant
# Enable passwordless sudo for users under the "sudo" group
cp ${ROOTFS}/etc/sudoers{,.orig}
sed -i 's/Defaults requiretty/\# Defaults requiretty/' ${ROOTFS}/etc/sudoers
sed -i 's/\#%wheel/\%wheel/' ${ROOTFS}/etc/sudoers
sed -i 's/\# %wheel/\%wheel/' ${ROOTFS}/etc/sudoers
# sed -i -e \
# 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=(ALL) NOPASSWD:ALL/g' \
# ${ROOTFS}/etc/sudoers
##################################################################################
# 5 - Add some goodies and update packages
PACKAGES=(vim curl wget man bash-completion openssh-server openssh-clients tar)
chroot ${ROOTFS} urpmi ${PACKAGES[*]} --auto
chroot ${ROOTFS} urpmi.update -a
##################################################################################
# 6 - Configuration management tools
if [ $CHEF = 1 ]; then
./common/install-chef $ROOTFS
fi
if [ $PUPPET = 1 ]; then
./common/install-puppet $ROOTFS
fi
if [ $SALT = 1 ]; then
./common/install-salt $ROOTFS
fi
if [ $BABUSHKA = 1 ]; then
./common/install-babushka $ROOTFS
fi
##################################################################################
# 7 - Free up some disk space
rm -rf ${ROOTFS}/tmp/*
# chroot ${ROOTFS} urpmi clean metadata
##################################################################################
# 8 - Build box package
# Compress container's rootfs
cd $(dirname $ROOTFS)
tar --numeric-owner -czf /tmp/vagrant-lxc-${RELEASE}/rootfs.tar.gz ./rootfs/*
# Prepare package contents
cd $WORKING_DIR
cp $LXC_TEMPLATE lxc-template
cp $LXC_CONF .
cp $METATADA_JSON .
chmod +x lxc-template
sed -i "s/<TODAY>/${NOW}/" metadata.json
# Vagrant box!
tar -czf $PKG ./*
chmod +rw ${WORKING_DIR}/${PKG}
mkdir -p ${CWD}/output
mv ${WORKING_DIR}/${PKG} ${CWD}/output
# Clean up after ourselves
rm -rf ${WORKING_DIR}
echo "The base box was built successfully to ${CWD}/output/${PKG}"

View file

@ -26,48 +26,20 @@ fi
# If we got to this point, we need to create the container # If we got to this point, we need to create the container
log "Creating container..." log "Creating container..."
if [ $RELEASE = 'raring' ] || [ $RELEASE = 'wily' ] || [ $RELEASE = 'xenial' ]; then utils.lxc.create -t download -- \
utils.lxc.create -t ubuntu -- \
--release ${RELEASE} \
--arch ${ARCH}
elif [ $RELEASE = 'squeeze' ] || [ $RELEASE = 'wheezy' ]; then
utils.lxc.create -t debian -- \
--release ${RELEASE} \
--arch ${ARCH}
elif [ ${DISTRIBUTION} = 'fedora' ] && [ "${RELEASE}" = 'rawhide' ]; then
ARCH=$(echo ${ARCH} | sed -e "s/38/68/" | sed -e "s/amd64/x86_64/")
utils.lxc.create -t fedora --\
--release ${RELEASE} \
--arch ${ARCH}
elif [ ${DISTRIBUTION} = 'fedora' ] && [ ${RELEASE} -ge 21 ]; then
ARCH=$(echo ${ARCH} | sed -e "s/38/68/" | sed -e "s/amd64/x86_64/")
utils.lxc.create -t fedora --\
--release ${RELEASE} \
--arch ${ARCH}
else
utils.lxc.create -t download -- \
--dist ${DISTRIBUTION} \ --dist ${DISTRIBUTION} \
--release ${RELEASE} \ --release ${RELEASE} \
--arch ${ARCH} --arch ${ARCH}
fi
if [ ${DISTRIBUTION} = 'fedora' ] ||\ # Improve systemd support:
[ ${DISTRIBUTION} = 'ubuntu' -a ${RELEASE} = 'wily' ] ||\ # - The fedora template does it but the fedora images from the download
[ ${DISTRIBUTION} = 'debian' -a ${RELEASE} = 'jessie' ] ||\ # template apparently don't.
[ ${DISTRIBUTION} = 'debian' -a ${RELEASE} = 'stretch' ] # - The debian template does it but the debian image from the download
then # template apparently not.
# Improve systemd support: utils.lxc.stop
# - The fedora template does it but the fedora images from the download cfgpath="${HOME}/.local/share/lxc/${CONTAINER}/config"
# template apparently don't. echo >> ${cfgpath}
# - The debian template does it but the debian image from the download echo "# settings for systemd with PID 1:" >> ${cfgpath}
# template apparently not. echo "lxc.autodev = 1" >> ${cfgpath}
utils.lxc.stop
echo >> /var/lib/lxc/${CONTAINER}/config
echo "# settings for systemd with PID 1:" >> /var/lib/lxc/${CONTAINER}/config
echo "lxc.kmsg = 0" >> /var/lib/lxc/${CONTAINER}/config
echo "lxc.autodev = 1" >> /var/lib/lxc/${CONTAINER}/config
utils.lxc.start
utils.lxc.attach rm -f /dev/kmsg
utils.lxc.stop
fi
log "Container created!" log "Container created!"

View file

@ -1,225 +0,0 @@
#!/bin/bash
# This is a modified version of /usr/share/lxc/templates/lxc-openmandriva
# that comes with OpenMandriva changed to suit vagrant-lxc needs
#
# template script for generating openmandriva container for LXC
#
#
# lxc: linux Container library
# Authors:
# Alexander Khryukin <alexander@mezon.ru>
# Vokhmin Alexey V <avokhmin@gmail.com>
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
set -e
if [ -r /etc/default/lxc ]; then
. /etc/default/lxc
fi
extract_rootfs()
{
tarball=$1
arch=$2
rootfs=$3
echo "Extracting $tarball ..."
mkdir -p $(dirname $rootfs)
(cd `dirname $rootfs` && tar xfz $tarball)
return 0
}
install_openmandriva()
{
rootfs=$1
release=$2
tarball=$3
mkdir -p /var/lock/subsys/
(
flock -x 200
if [ $? -ne 0 ]; then
echo "Cache repository is busy."
return 1
fi
extract_rootfs $tarball $arch $rootfs
if [ $? -ne 0 ]; then
echo "Failed to copy rootfs"
return 1
fi
return 0
) 200>/var/lock/subsys/lxc
return $?
}
copy_configuration()
{
path=$1
rootfs=$2
name=$3
grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config
# if there is exactly one veth network entry, make sure it has an
# associated hwaddr.
nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
if [ $nics -eq 1 ]; then
grep -q "^lxc.network.hwaddr" $path/config || sed -i -e "/^lxc\.network\.type[ \t]*=[ \t]*veth/a lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')" $path/config
fi
if [ $? -ne 0 ]; then
echo "Failed to add configuration"
return 1
fi
return 0
}
post_process()
{
rootfs=$1
# rmdir /dev/shm for containers that have /run/shm
# I'm afraid of doing rm -rf $rootfs/dev/shm, in case it did
# get bind mounted to the host's /run/shm. So try to rmdir
# it, and in case that fails move it out of the way.
if [ ! -L $rootfs/dev/shm ] && [ -d $rootfs/run/shm ] && [ -e $rootfs/dev/shm ]; then
mv $rootfs/dev/shm $rootfs/dev/shm.bak
ln -s /run/shm $rootfs/dev/shm
fi
}
usage()
{
cat <<EOF
usage:
$1 -n|--name=<container_name>
[-p|--path=<path>] [-c|--clean] [-R|--release=<openmandriva2013.0/rosa2012.1/cooker/ release>]
[-4|--ipv4=<ipv4 address>] [-6|--ipv6=<ipv6 address>]
[-g|--gw=<gw address>] [-d|--dns=<dns address>]
[-P|--profile=<name of the profile>] [--rootfs=<path>]
[-A|--arch=<arch of the container>]
[-T|--tarball <tarball path>]
[-S|--auth-key <auth-key path>]
[-h|--help]
Mandatory args:
-n,--name container name, used to as an identifier for that container from now on
Optional args:
-p,--path path to where the container rootfs will be created, defaults to /var/lib/lxc. The container config will go under /var/lib/lxc in that case
-c,--clean clean the cache
-R,--release openmandriva2013.0/cooker/rosa2012.1 release for the new container. if the host is OpenMandriva, then it will default to the host's release.
-4,--ipv4 specify the ipv4 address to assign to the virtualized interface, eg. 192.168.1.123/24
-6,--ipv6 specify the ipv6 address to assign to the virtualized interface, eg. 2003:db8:1:0:214:1234:fe0b:3596/64
-g,--gw specify the default gw, eg. 192.168.1.1
-G,--gw6 specify the default gw, eg. 2003:db8:1:0:214:1234:fe0b:3596
-d,--dns specify the DNS server, eg. 192.168.1.2
-P,--profile Profile name is the file name in /etc/lxc/profiles contained packages name for install to cache.
-A,--arch Define what arch the container will be [i586,x86_64,armv7l,armv7hl]
---rootfs rootfs path
-h,--help print this help
EOF
return 0
}
options=$(getopt -o hp:n:P:cR:4:6:g:d:A:S:T: -l help,rootfs:,path:,name:,profile:,clean:,release:,ipv4:,ipv6:,gw:,dns:,arch:,auth-key:,tarball: -- "$@")
if [ $? -ne 0 ]; then
usage $(basename $0)
exit 1
fi
eval set -- "$options"
# doesn't use
release=${release:-"cooker"}
hostarch=$(uname -m)
while true
do
case "$1" in
-h|--help) usage $0 && exit 0;;
-p|--path) path=$2; shift 2;;
--rootfs) rootfs_path=$2; shift 2;;
-n|--name) name=$2; shift 2;;
-P|--profile) profile=$2; shift 2;;
-c|--clean) clean=$2; shift 2;;
-R|--release) release=$2; shift 2;;
-T|--tarball) tarball=$2; shift 2;;
-S|--auth-key) auth_key=$2; shift 2;;
-A|--arch) arch=$2; shift 2;;
-4|--ipv4) ipv4=$2; shift 2;;
-6|--ipv6) ipv6=$2; shift 2;;
-g|--gw) gw=$2; shift 2;;
-d|--dns) dns=$2; shift 2;;
--) shift 1; break ;;
*) break ;;
esac
done
arch=${arch:-$hostarch}
if [ $hostarch = "i586" -a $arch = "x86_64" ]; then
echo "can't create x86_64 container on i586"
exit 1
fi
if [ -z "$path" ]; then
echo "'path' parameter is required"
exit 1
fi
if [ "$(id -u)" != "0" ]; then
echo "This script should be run as 'root'"
exit 1
fi
# detect rootfs
config="$path/config"
# if $rootfs exists here, it was passed in with --rootfs
if [ -z "$rootfs" ]; then
if grep -q '^lxc.rootfs' $config 2>/dev/null ; then
rootfs=`grep 'lxc.rootfs =' $config | awk -F= '{ print $2 }'`
else
rootfs=$path/rootfs
fi
fi
install_openmandriva $rootfs $release $tarball
if [ $? -ne 0 ]; then
echo "failed to install openmandriva $release"
exit 1
fi
copy_configuration $path $rootfs $name $arch
if [ $? -ne 0 ]; then
echo "failed write configuration file"
exit 1
fi
post_process $rootfs $release
echo ""
echo "##"
echo "# The default user is 'vagrant' with password 'vagrant'!"
echo "# Use the 'sudo' command to run tasks as root in the container."
echo "##"
echo ""

View file

@ -1,226 +0,0 @@
#!/bin/bash
# This is a modified version of /usr/share/lxc/templates/lxc-ubuntu
# that comes with Ubuntu 13.04 changed to suit vagrant-lxc needs
#
# template script for generating ubuntu container for LXC
#
# This script consolidates and extends the existing lxc ubuntu scripts
#
# Copyright © 2011 Serge Hallyn <serge.hallyn@canonical.com>
# Copyright © 2010 Wilhelm Meier
# Author: Wilhelm Meier <wilhelm.meier@fh-kl.de>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2, as
# published by the Free Software Foundation.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
#
set -e
if [ -r /etc/default/lxc ]; then
. /etc/default/lxc
fi
extract_rootfs()
{
tarball=$1
arch=$2
rootfs=$3
echo "Extracting $tarball ..."
mkdir -p $rootfs
(cd $rootfs && tar xfz $tarball --strip-components=2)
return 0
}
install_ubuntu()
{
rootfs=$1
release=$2
tarball=$3
mkdir -p /var/lock/subsys/
(
flock -x 200
if [ $? -ne 0 ]; then
echo "Cache repository is busy."
return 1
fi
extract_rootfs $tarball $arch $rootfs
if [ $? -ne 0 ]; then
echo "Failed to copy rootfs"
return 1
fi
return 0
) 200>/var/lock/subsys/lxc
return $?
}
copy_configuration()
{
path=$1
rootfs=$2
name=$3
grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config
# if there is exactly one veth network entry, make sure it has an
# associated hwaddr.
nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
if [ $nics -eq 1 ]; then
grep -q "^lxc.network.hwaddr" $path/config || sed -i -e "/^lxc\.network\.type[ \t]*=[ \t]*veth/a lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')" $path/config
fi
if [ $? -ne 0 ]; then
echo "Failed to add configuration"
return 1
fi
return 0
}
post_process()
{
rootfs=$1
# rmdir /dev/shm for containers that have /run/shm
# I'm afraid of doing rm -rf $rootfs/dev/shm, in case it did
# get bind mounted to the host's /run/shm. So try to rmdir
# it, and in case that fails move it out of the way.
if [ ! -L $rootfs/dev/shm ] && [ -d $rootfs/run/shm ] && [ -e $rootfs/dev/shm ]; then
mv $rootfs/dev/shm $rootfs/dev/shm.bak
ln -s /run/shm $rootfs/dev/shm
fi
}
usage()
{
cat <<EOF
$1 -h|--help [-a|--arch] [--trim] [-d|--debug] [--rootfs <rootfs>] [-T|--tarball <rootfs-tarball>
arch: the container architecture (e.g. amd64): defaults to host arch
EOF
return 0
}
options=$(getopt -o a:b:hp:r:xn:FS:d:C -l arch:,help,path:,release:,trim,name:,flush-cache,auth-key:,debug:,tarball:,rootfs: -- "$@")
if [ $? -ne 0 ]; then
usage $(basename $0)
exit 1
fi
eval set -- "$options"
release=precise # Default to the last Ubuntu LTS release for non-Ubuntu systems
if [ -f /etc/lsb-release ]; then
. /etc/lsb-release
if [ "$DISTRIB_ID" = "Ubuntu" ]; then
release=$DISTRIB_CODENAME
fi
fi
arch=$(uname -m)
# Code taken from debootstrap
if [ -x /usr/bin/dpkg ] && /usr/bin/dpkg --print-architecture >/dev/null 2>&1; then
arch=`/usr/bin/dpkg --print-architecture`
elif type udpkg >/dev/null 2>&1 && udpkg --print-architecture >/dev/null 2>&1; then
arch=`/usr/bin/udpkg --print-architecture`
else
arch=$(uname -m)
if [ "$arch" = "i686" ]; then
arch="i386"
elif [ "$arch" = "x86_64" ]; then
arch="amd64"
elif [ "$arch" = "armv7l" ]; then
arch="armel"
fi
fi
debug=0
trim_container=0
hostarch=$arch
while true
do
case "$1" in
-h|--help) usage $0 && exit 0;;
--rootfs) rootfs=$2; shift 2;;
-p|--path) path=$2; shift 2;;
-n|--name) name=$2; shift 2;;
-T|--tarball) tarball=$2; shift 2;;
-a|--arch) arch=$2; shift 2;;
-S|--auth-key) auth_key=$2; shift 2;;
-d|--debug) debug=1; shift 1;;
--) shift 1; break ;;
*) break ;;
esac
done
if [ $debug -eq 1 ]; then
set -x
fi
if [ "$arch" == "i686" ]; then
arch=i386
fi
if [ $hostarch = "i386" -a $arch = "amd64" ]; then
echo "can't create amd64 container on i386"
exit 1
fi
if [ -z "$path" ]; then
echo "'path' parameter is required"
exit 1
fi
if [ "$(id -u)" != "0" ]; then
echo "This script should be run as 'root'"
exit 1
fi
# detect rootfs
config="$path/config"
# if $rootfs exists here, it was passed in with --rootfs
if [ -z "$rootfs" ]; then
if grep -q '^lxc.rootfs' $config 2>/dev/null ; then
rootfs=`grep 'lxc.rootfs =' $config | awk -F= '{ print $2 }'`
else
rootfs=$path/rootfs
fi
fi
install_ubuntu $rootfs $release $tarball
if [ $? -ne 0 ]; then
echo "failed to install ubuntu $release"
exit 1
fi
copy_configuration $path $rootfs $name $arch
if [ $? -ne 0 ]; then
echo "failed write configuration file"
exit 1
fi
post_process $rootfs $release $trim_container
echo ""
echo "##"
echo "# The default user is 'vagrant' with password 'vagrant'!"
echo "# Use the 'sudo' command to run tasks as root in the container."
echo "##"
echo ""

View file

@ -3,23 +3,28 @@ set -e
source common/ui.sh source common/ui.sh
ROOTFS="${HOME}/.local/share/lxc/${CONTAINER}/rootfs"
WORKING_DIR="/tmp/${CONTAINER}"
debug "Creating ${WORKING_DIR}"
mkdir -p ${WORKING_DIR}
mkdir -p $(dirname ${PACKAGE})
# TODO: Create file with build date / time on container # TODO: Create file with build date / time on container
info "Packaging '${CONTAINER}' to '${PACKAGE}'..." info "Packaging '${CONTAINER}' to '${PACKAGE}'..."
debug 'Stopping container'
lxc-stop -n ${CONTAINER} &>/dev/null || true
if [ -f ${WORKING_DIR}/rootfs.tar.gz ]; then if [ -f ${WORKING_DIR}/rootfs.tar.gz ]; then
log "Removing previous rootfs tarball" log "Removing previous rootfs tarball"
rm -f ${WORKING_DIR}/rootfs.tar.gz rm -f ${WORKING_DIR}/rootfs.tar.gz
fi fi
log "Compressing container's rootfs" log "Compressing container's rootfs (sudo needed)"
pushd $(dirname ${ROOTFS}) &>>${LOG} pushd $(dirname ${ROOTFS})
tar --numeric-owner --anchored --exclude=./rootfs/dev/log -czf \ sudo tar --numeric-owner --anchored --exclude=./rootfs/dev/log -czf \
${WORKING_DIR}/rootfs.tar.gz ./rootfs/* ${WORKING_DIR}/rootfs.tar.gz ./rootfs/*
popd &>>${LOG} popd
sudo chown ${UID} ${WORKING_DIR}/rootfs.tar.gz
# Prepare package contents # Prepare package contents
log 'Preparing box package contents' log 'Preparing box package contents'

View file

@ -1,57 +1,38 @@
#!/bin/bash #!/bin/bash
set -e set -e
source /etc/profile
source common/ui.sh
export VAGRANT_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" export VAGRANT_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
info "Preparing vagrant user..."
# Create vagrant user # Create vagrant user
if $(grep -q 'vagrant' ${ROOTFS}/etc/shadow); then if $(grep -q 'vagrant' /etc/shadow); then
log 'Skipping vagrant user creation' echo 'Skipping vagrant user creation'
elif $(grep -q 'ubuntu' ${ROOTFS}/etc/shadow); then elif $(grep -q 'ubuntu' /etc/shadow); then
debug 'vagrant user does not exist, renaming ubuntu user...' echo 'vagrant user does not exist, renaming ubuntu user...'
mv ${ROOTFS}/home/{ubuntu,vagrant} mv /home/{ubuntu,vagrant}
chroot ${ROOTFS} usermod -l vagrant -d /home/vagrant ubuntu &>> ${LOG} usermod -l vagrant -d /home/vagrant ubuntu
chroot ${ROOTFS} groupmod -n vagrant ubuntu &>> ${LOG} groupmod -n vagrant ubuntu
echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd echo -n 'vagrant:vagrant' | chpasswd
log 'Renamed ubuntu user to vagrant and changed password.' echo 'Renamed ubuntu user to vagrant and changed password.'
elif [ ${DISTRIBUTION} = 'centos' -o ${DISTRIBUTION} = 'fedora' ]; then elif [ ${DISTRIBUTION} = 'centos' -o ${DISTRIBUTION} = 'fedora' ]; then
debug 'Creating vagrant user...' echo 'Creating vagrant user...'
chroot ${ROOTFS} useradd --create-home -s /bin/bash -u 1000 vagrant &>> ${LOG} useradd --create-home -s /bin/bash -u 1000 vagrant
echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd echo -n 'vagrant:vagrant' | chpasswd
sed -i 's/^Defaults\s\+requiretty/# Defaults requiretty/' $ROOTFS/etc/sudoers sed -i 's/^Defaults\s\+requiretty/# Defaults requiretty/' /etc/sudoers
if [ ${RELEASE} -eq 6 ]; then
info 'Disabling password aging for root...'
# disable password aging (required on Centos 6)
# pretend that password was changed today (won't fail during provisioning)
chroot ${ROOTFS} chage -I -1 -m 0 -M 99999 -E -1 -d `date +%Y-%m-%d` root
fi
else else
debug 'Creating vagrant user...' echo 'Creating vagrant user...'
chroot ${ROOTFS} useradd --create-home -s /bin/bash vagrant &>> ${LOG} useradd --create-home -s /bin/bash vagrant
chroot ${ROOTFS} adduser vagrant sudo &>> ${LOG} echo -n 'vagrant:vagrant' | chpasswd
echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd
fi fi
# Configure SSH access # Configure SSH access
if [ -d ${ROOTFS}/home/vagrant/.ssh ]; then mkdir -p /home/vagrant/.ssh
log 'Skipping vagrant SSH credentials configuration' echo $VAGRANT_KEY > /home/vagrant/.ssh/authorized_keys
else chown -R vagrant /home/vagrant/.ssh
debug 'SSH key has not been set' chmod +x /home/vagrant/.ssh
mkdir -p ${ROOTFS}/home/vagrant/.ssh echo 'SSH credentials configured for the vagrant user.'
echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys
chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh
log 'SSH credentials configured for the vagrant user.'
fi
# Enable passwordless sudo for the vagrant user # Enable passwordless sudo for the vagrant user
if [ -f ${ROOTFS}/etc/sudoers.d/vagrant ]; then echo "vagrant ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/vagrant
log 'Skipping sudoers file creation.' chmod 0440 /etc/sudoers.d/vagrant
else echo 'Sudoers file created.'
debug 'Sudoers file was not found'
echo "vagrant ALL=(ALL) NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant
chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant
log 'Sudoers file created.'
fi

View file

@ -7,19 +7,16 @@ export WARN_COLOR='\033[33;01m'
log() { log() {
LOG_PREFIX="${DISTRIBUTION}-${RELEASE}" LOG_PREFIX="${DISTRIBUTION}-${RELEASE}"
echo " [${LOG_PREFIX}] ${1}" >>${LOG} echo " [${LOG_PREFIX}] ${1}"
echo " [${LOG_PREFIX}] ${1}" >&2
} }
warn() { warn() {
LOG_PREFIX="${DISTRIBUTION}-${RELEASE}" LOG_PREFIX="${DISTRIBUTION}-${RELEASE}"
echo "==> [${LOG_PREFIX}] [WARN] ${1}" >>${LOG}
echo -e "${WARN_COLOR}==> [${LOG_PREFIX}] ${1}${NO_COLOR}" echo -e "${WARN_COLOR}==> [${LOG_PREFIX}] ${1}${NO_COLOR}"
} }
info() { info() {
LOG_PREFIX="${DISTRIBUTION}-${RELEASE}" LOG_PREFIX="${DISTRIBUTION}-${RELEASE}"
echo "==> [${LOG_PREFIX}] [INFO] ${1}" >>${LOG}
echo -e "${OK_COLOR}==> [${LOG_PREFIX}] ${1}${NO_COLOR}" echo -e "${OK_COLOR}==> [${LOG_PREFIX}] ${1}${NO_COLOR}"
} }

View file

@ -3,21 +3,31 @@
utils.lxc.attach() { utils.lxc.attach() {
cmd="$@" cmd="$@"
log "Running [${cmd}] inside '${CONTAINER}' container..." log "Running [${cmd}] inside '${CONTAINER}' container..."
(lxc-attach -n ${CONTAINER} -- $cmd) &>> ${LOG} lxc-attach -n ${CONTAINER} -- $cmd
}
utils.lxc.pipetofile() {
lxc-attach -n ${CONTAINER} -- /bin/bash -c "tee $1 > /dev/null"
}
utils.lxc.runscript() {
log "Running $1 inside '${CONTAINER}'..."
cat $1 | utils.lxc.pipetofile /script.sh
utils.lxc.attach /bin/bash /script.sh
} }
utils.lxc.start() { utils.lxc.start() {
lxc-start -d -n ${CONTAINER} &>> ${LOG} || true lxc-start -d -n ${CONTAINER} || true
} }
utils.lxc.stop() { utils.lxc.stop() {
lxc-stop -n ${CONTAINER} &>> ${LOG} || true lxc-stop -n ${CONTAINER} || true
} }
utils.lxc.destroy() { utils.lxc.destroy() {
lxc-destroy -n ${CONTAINER} &>> ${LOG} lxc-destroy -n ${CONTAINER}
} }
utils.lxc.create() { utils.lxc.create() {
lxc-create -n ${CONTAINER} "$@" &>> ${LOG} lxc-create -n ${CONTAINER} "$@"
} }

5
conf/gentoo Normal file
View file

@ -0,0 +1,5 @@
lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
# Default console settings
lxc.tty = 4
lxc.pts = 1024

21
debian/clean.sh vendored
View file

@ -1,19 +1,16 @@
#!/bin/bash #!/bin/bash
set -e set -e
source /etc/profile
source common/ui.sh echo "Cleaning up"
source common/utils.sh
debug 'Bringing container up' rm /script.sh
utils.lxc.start
info "Cleaning up '${CONTAINER}'..." echo 'Removing temporary files...'
rm -rf /tmp/*
log 'Removing temporary files...' echo 'cleaning up dhcp leases'
rm -rf ${ROOTFS}/tmp/* rm -f /var/lib/dhcp/*
log 'cleaning up dhcp leases' echo 'Removing downloaded packages...'
rm -f ${ROOTFS}/var/lib/dhcp/* apt-get clean
log 'Removing downloaded packages...'
utils.lxc.attach apt-get clean

View file

@ -1,7 +0,0 @@
#!/bin/bash
ANSIBLE_VERSION=${ANSIBLE_VERSION:-latest}
apt-get install -y build-essential python-setuptools python-jinja2 python-yaml python-paramiko python-httplib2 python-crypto sshpass
wget https://releases.ansible.com/ansible/ansible-$ANSIBLE_VERSION.tar.gz -O /tmp//ansible.tar.gz
tar -zxvf /tmp/ansible.tar.gz -C /tmp/ && rm -r /tmp/ansible.tar.gz
cd /tmp/ansible-* && make && make install

View file

@ -1,158 +1,48 @@
#!/bin/bash #!/bin/bash
set -e set -e
source common/ui.sh source /etc/profile
source common/utils.sh
info 'Installing extra packages and upgrading' echo 'Installing extra packages and upgrading'
debug 'Bringing container up'
utils.lxc.start
# Sleep for a bit so that the container can get an IP
SECS=15
log "Sleeping for $SECS seconds..."
sleep $SECS
PACKAGES=(vim curl wget man-db openssh-server bash-completion ca-certificates sudo) PACKAGES=(vim curl wget man-db openssh-server bash-completion ca-certificates sudo)
log "Installing additional packages: ${ADDPACKAGES}" echo "Installing additional packages: ${ADDPACKAGES}"
PACKAGES+=" ${ADDPACKAGES}" PACKAGES+=" ${ADDPACKAGES}"
if [ $DISTRIBUTION = 'ubuntu' ]; then if [ $DISTRIBUTION = 'ubuntu' ]; then
PACKAGES+=' software-properties-common' PACKAGES+=' software-properties-common'
fi fi
if [ $RELEASE != 'raring' ] && [ $RELEASE != 'saucy' ] && [ $RELEASE != 'trusty' ] && [ $RELEASE != 'wily' ] ; then
PACKAGES+=' nfs-common'
fi
if [ $RELEASE != 'stretch' ] ; then
PACKAGES+=' python-software-properties'
fi
utils.lxc.attach apt-get update
utils.lxc.attach apt-get install ${PACKAGES[*]} -y --force-yes
utils.lxc.attach apt-get upgrade -y --force-yes
ANSIBLE=${ANSIBLE:-0} ANSIBLE=${ANSIBLE:-0}
if [[ $ANSIBLE = 1 ]]; then
PACKAGES+=' ansible'
fi
CHEF=${CHEF:-0} CHEF=${CHEF:-0}
if [[ $CHEF = 1 ]]; then
PACKAGES+=' chef'
fi
PUPPET=${PUPPET:-0} PUPPET=${PUPPET:-0}
if [[ $PUPPET = 1 ]]; then
PACKAGES+=' puppet'
fi
SALT=${SALT:-0} SALT=${SALT:-0}
BABUSHKA=${BABUSHKA:-0} if [[ $SALT = 1 ]]; then
PACKAGES+=' salt-minion'
fi
export DEBIAN_FRONTEND=noninteractive
export DEBIAN_PRIORITY=critical
apt-get update
apt-get install ${PACKAGES[*]} -y --force-yes
apt-get upgrade -y --force-yes
if [ $DISTRIBUTION = 'debian' ]; then if [ $DISTRIBUTION = 'debian' ]; then
# Enable bash-completion # Enable bash-completion
sed -e '/^#if ! shopt -oq posix; then/,/^#fi/ s/^#\(.*\)/\1/g' \ sed -e '/^#if ! shopt -oq posix; then/,/^#fi/ s/^#\(.*\)/\1/g' \
-i ${ROOTFS}/etc/bash.bashrc -i /etc/bash.bashrc
fi
if [ $ANSIBLE = 1 ]; then
if $(lxc-attach -n ${CONTAINER} -- which ansible &>/dev/null); then
log "Ansible has been installed on container, skipping"
else
info "Installing Ansible"
cp debian/install-ansible.sh ${ROOTFS}/tmp/ && chmod +x ${ROOTFS}/tmp/install-ansible.sh
utils.lxc.attach /tmp/install-ansible.sh &>>${LOG}
fi
else
log "Skipping Ansible installation"
fi
if [ $CHEF = 1 ]; then
if $(lxc-attach -n ${CONTAINER} -- which chef-solo &>/dev/null); then
log "Chef has been installed on container, skipping"
else
log "Installing Chef"
cat > ${ROOTFS}/tmp/install-chef.sh << EOF
#!/bin/sh
curl -L https://www.opscode.com/chef/install.sh -k | sudo bash
EOF
chmod +x ${ROOTFS}/tmp/install-chef.sh
utils.lxc.attach /tmp/install-chef.sh
fi
else
log "Skipping Chef installation"
fi
if [ $PUPPET = 1 ]; then
if $(lxc-attach -n ${CONTAINER} -- which puppet &>/dev/null); then
log "Puppet has been installed on container, skipping"
elif [ ${RELEASE} = 'sid' ]; then
warn "Puppet can't be installed on Debian sid, skipping"
else
log "Installing Puppet"
wget http://apt.puppetlabs.com/puppetlabs-release-${RELEASE}.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" &>>${LOG}
utils.lxc.attach dpkg -i "/tmp/puppetlabs-release-stable.deb"
utils.lxc.attach apt-get update
utils.lxc.attach apt-get install puppet -y --force-yes
fi
else
log "Skipping Puppet installation"
fi
if [ $SALT = 1 ]; then
if $(lxc-attach -n ${CONTAINER} -- which salt-minion &>/dev/null); then
log "Salt has been installed on container, skipping"
elif [ ${RELEASE} = 'raring' ]; then
warn "Salt can't be installed on Ubuntu Raring 13.04, skipping"
else
if [ $DISTRIBUTION = 'ubuntu' ]; then
if [ $RELEASE = 'precise' ] || [ $RELEASE = 'trusty' ] || [ $RELEASE = 'xenial' ] ; then
# For LTS releases we use packages from repo.saltstack.com
if [ $RELEASE = 'precise' ]; then
SALT_SOURCE_1="deb http://repo.saltstack.com/apt/ubuntu/12.04/amd64/latest precise main"
SALT_GPG_KEY="https://repo.saltstack.com/apt/ubuntu/12.04/amd64/latest/SALTSTACK-GPG-KEY.pub"
elif [ $RELEASE = 'trusty' ]; then
SALT_SOURCE_1="deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest trusty main"
SALT_GPG_KEY="https://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest/SALTSTACK-GPG-KEY.pub"
elif [ $RELEASE = 'xenial' ]; then
SALT_SOURCE_1="deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/latest xenial main"
SALT_GPG_KEY="https://repo.saltstack.com/apt/ubuntu/16.04/amd64/latest/SALTSTACK-GPG-KEY.pub"
fi
echo $SALT_SOURCE_1 > ${ROOTFS}/etc/apt/sources.list.d/saltstack.list
utils.lxc.attach wget -q -O /tmp/salt.key $SALT_GPG_KEY
utils.lxc.attach apt-key add /tmp/salt.key
elif [ $RELEASE = 'quantal' ] || [ $RELEASE = 'saucy' ] ; then
utils.lxc.attach add-apt-repository -y ppa:saltstack/salt
fi
# For Utopic, Vivid and Wily releases use system packages
else # DEBIAN
if [ $RELEASE == "squeeze" ]; then
SALT_SOURCE_1="deb http://debian.saltstack.com/debian squeeze-saltstack main"
SALT_SOURCE_2="deb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free"
elif [ $RELEASE == "wheezy" ]; then
SALT_SOURCE_1="deb http://repo.saltstack.com/apt/debian/7/amd64/latest wheezy main"
elif [ $RELEASE == "jessie" ]; then
SALT_SOURCE_1="deb http://repo.saltstack.com/apt/debian/8/amd64/latest jessie main"
else
SALT_SOURCE_1="deb http://debian.saltstack.com/debian unstable main"
fi
echo $SALT_SOURCE_1 > ${ROOTFS}/etc/apt/sources.list.d/saltstack.list
echo $SALT_SOURCE_2 >> ${ROOTFS}/etc/apt/sources.list.d/saltstack.list
utils.lxc.attach wget -q -O /tmp/salt.key "https://repo.saltstack.com/apt/debian/8/amd64/latest/SALTSTACK-GPG-KEY.pub"
utils.lxc.attach apt-key add /tmp/salt.key
fi
utils.lxc.attach apt-get update
utils.lxc.attach apt-get install salt-minion -y --force-yes
fi
else
log "Skipping Salt installation"
fi
if [ $BABUSHKA = 1 ]; then
if $(lxc-attach -n ${CONTAINER} -- which babushka &>/dev/null); then
log "Babushka has been installed on container, skipping"
elif [ ${RELEASE} = 'trusty' ]; then
warn "Babushka can't be installed on Ubuntu Trusty 14.04, skipping"
else
log "Installing Babushka"
cat > $ROOTFS/tmp/install-babushka.sh << EOF
#!/bin/sh
curl https://babushka.me/up | sudo bash
EOF
chmod +x $ROOTFS/tmp/install-babushka.sh
utils.lxc.attach /tmp/install-babushka.sh
fi
else
log "Skipping Babushka installation"
fi fi

View file

@ -1,52 +1,33 @@
#!/bin/bash #!/bin/bash
set -e set -e
source /etc/profile
source common/ui.sh
source common/utils.sh
# Fixes some networking issues # Fixes some networking issues
# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info # See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info
if ! $(grep -q 'ip6-allhosts' ${ROOTFS}/etc/hosts); then if ! $(grep -q 'ip6-allhosts' /etc/hosts); then
log "Adding ipv6 allhosts entry to container's /etc/hosts" echo 'ff02::3 ip6-allhosts' >> /etc/hosts
echo 'ff02::3 ip6-allhosts' >> ${ROOTFS}/etc/hosts
fi fi
utils.lxc.start # Ensure locales are properly set, based on http://askubuntu.com/a/238063
LANG=${LANG:-en_US.UTF-8}
sed -i "s/^# ${LANG}/${LANG}/" /etc/locale.gen
if [ ${DISTRIBUTION} = 'debian' ]; then # Fixes some networking issues
# Ensure locales are properly set, based on http://askubuntu.com/a/238063 # See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info
LANG=${LANG:-en_US.UTF-8} sed -i -e "s/\(127.0.0.1\s\+localhost\)/\1\n127.0.1.1\t${CONTAINER}\n/g" /etc/hosts
sed -i "s/^# ${LANG}/${LANG}/" ${ROOTFS}/etc/locale.gen
# Fixes some networking issues # Fixes for jessie, following the guide from
# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info # https://wiki.debian.org/LXC#Incompatibility_with_systemd
sed -i -e "s/\(127.0.0.1\s\+localhost\)/\1\n127.0.1.1\t${CONTAINER}\n/g" ${ROOTFS}/etc/hosts if [ "$RELEASE" = 'jessie' ] || [ "$RELEASE" = 'stretch' ]; then
# Ensures that `/tmp` does not get cleared on halt
# See https://github.com/fgrehm/vagrant-lxc/issues/68 for more info
utils.lxc.attach /usr/sbin/update-rc.d -f checkroot-bootclean.sh remove
utils.lxc.attach /usr/sbin/update-rc.d -f mountall-bootclean.sh remove
utils.lxc.attach /usr/sbin/update-rc.d -f mountnfs-bootclean.sh remove
# Fixes for jessie, following the guide from
# https://wiki.debian.org/LXC#Incompatibility_with_systemd
if [ "$RELEASE" = 'jessie' ] || [ "$RELEASE" = 'stretch' ]; then
# Reconfigure the LXC # Reconfigure the LXC
utils.lxc.attach /bin/cp \ cp /lib/systemd/system/getty@.service /etc/systemd/system/getty@.service
/lib/systemd/system/getty@.service \
/etc/systemd/system/getty@.service
# Comment out ConditionPathExists # Comment out ConditionPathExists
sed -i -e 's/\(ConditionPathExists=\)/# \n# \1/' \ sed -i -e 's/\(ConditionPathExists=\)/# \n# \1/' \
"${ROOTFS}/etc/systemd/system/getty@.service" "/etc/systemd/system/getty@.service"
# Mask udev.service and systemd-udevd.service: # Mask udev.service and systemd-udevd.service:
utils.lxc.attach /bin/systemctl mask udev.service systemd-udevd.service systemctl mask udev.service systemd-udevd.service
fi
fi fi
utils.lxc.attach /usr/sbin/locale-gen ${LANG} locale-gen ${LANG}
utils.lxc.attach update-locale LANG=${LANG} update-locale LANG=${LANG}
# Fix to allow bindfs
utils.lxc.attach ln -sf /bin/true /sbin/modprobe
utils.lxc.attach mknod -m 666 /dev/fuse c 10 229

14
gentoo/clean.sh Normal file
View file

@ -0,0 +1,14 @@
#!/bin/bash
set -e
source /etc/profile
echo "Cleaning up"
rm /script.sh
echo 'Removing temporary files...'
rm -rf /tmp/*
echo 'cleaning up distfiles'
rm -f /usr/portage/distfiles/*

41
gentoo/install-packages.sh Executable file
View file

@ -0,0 +1,41 @@
#!/bin/bash
set -e
source /etc/profile
echo 'Installing packages and upgrading'
PACKAGES=(net-misc/curl wget man-db openssh ca-certificates sudo)
echo "Installing additional packages: ${ADDPACKAGES}"
PACKAGES+=" ${ADDPACKAGES}"
ANSIBLE=${ANSIBLE:-0}
if [[ $ANSIBLE = 1 ]]; then
PACKAGES+=' ansible'
fi
CHEF=${CHEF:-0}
if [[ $CHEF = 1 ]]; then
echo "Chef installation isn't supported on Gentoo"
exit 1
fi
PUPPET=${PUPPET:-0}
if [[ $PUPPET = 1 ]]; then
PACKAGES+=' puppet'
fi
SALT=${SALT:-0}
if [[ $SALT = 1 ]]; then
PACKAGES+=' salt'
fi
# trying to set capabilities on an unprivileged container fails.
echo "*/* -filecaps" > /etc/portage/package.use/vagrant_overrides
emerge --sync
emerge --noreplace ${PACKAGES[*]}
emerge -uND @world
rc-config add sshd default

View file

@ -2,11 +2,7 @@
set -e set -e
source common/ui.sh source common/ui.sh
source common/utils.sh
if [ "$(id -u)" != "0" ]; then
echo "You should run this script as root (sudo)."
exit 1
fi
export DISTRIBUTION=$1 export DISTRIBUTION=$1
export RELEASE=$2 export RELEASE=$2
@ -14,16 +10,12 @@ export ARCH=$3
export CONTAINER=$4 export CONTAINER=$4
export PACKAGE=$5 export PACKAGE=$5
export ADDPACKAGES=${ADDPACKAGES-$(cat ${RELEASE}_packages | tr "\n" " ")} export ADDPACKAGES=${ADDPACKAGES-$(cat ${RELEASE}_packages | tr "\n" " ")}
export ROOTFS="/var/lib/lxc/${CONTAINER}/rootfs" export ROOTFS="${HOME}/.local/share/lxc/${CONTAINER}/rootfs"
export WORKING_DIR="/tmp/${CONTAINER}" export WORKING_DIR="/tmp/${CONTAINER}"
export NOW=$(date -u) export NOW=$(date -u)
export LOG=$(readlink -f .)/log/${CONTAINER}.log
mkdir -p $(dirname $LOG) echo '############################################'
echo '############################################' > ${LOG} echo "# Beginning build at $(date)"
echo "# Beginning build at $(date)" >> ${LOG}
touch ${LOG}
chmod +rw ${LOG}
if [ -f ${PACKAGE} ]; then if [ -f ${PACKAGE} ]; then
warn "The box '${PACKAGE}' already exists, skipping..." warn "The box '${PACKAGE}' already exists, skipping..."
@ -37,12 +29,20 @@ mkdir -p ${WORKING_DIR}
info "Building box to '${PACKAGE}'..." info "Building box to '${PACKAGE}'..."
./common/download.sh ${DISTRIBUTION} ${RELEASE} ${ARCH} ${CONTAINER} ./common/download.sh ${DISTRIBUTION} ${RELEASE} ${ARCH} ${CONTAINER}
./debian/vagrant-lxc-fixes.sh ${DISTRIBUTION} ${RELEASE} ${ARCH} ${CONTAINER} utils.lxc.start
./debian/install-extras.sh ${CONTAINER}
./common/prepare-vagrant-user.sh ${DISTRIBUTION} ${CONTAINER} SECS=15
./debian/clean.sh ${CONTAINER} log "Sleeping for $SECS seconds..."
./common/package.sh ${CONTAINER} ${PACKAGE} sleep $SECS
utils.lxc.runscript debian/vagrant-lxc-fixes.sh
utils.lxc.runscript debian/install-extras.sh
utils.lxc.runscript common/prepare-vagrant-user.sh
utils.lxc.runscript debian/clean.sh
utils.lxc.stop
./common/package.sh
info "Finished building '${PACKAGE}'!" info "Finished building '${PACKAGE}'!"
log "Run \`sudo lxc-destroy -n ${CONTAINER}\` or \`make clean\` to remove the container that was created along the way" log "Run \`lxc-destroy -n ${CONTAINER}\` or \`make clean\` to remove the container that was created along the way"
echo echo

42
mk-gentoo.sh Executable file
View file

@ -0,0 +1,42 @@
#!/bin/bash
set -e
source common/ui.sh
source common/utils.sh
TODAY=$(date -u +"%Y-%m-%d")
export DISTRIBUTION=gentoo
export RELEASE=current
export ARCH=$(uname -m | sed -e "s/68/38/" | sed -e "s/x86_64/amd64/")
export CONTAINER="vagrant-base-${DISTRIBUTION}-${ARCH}"
export PACKAGE="output/${TODAY}/${CONTAINER}.box"
export NOW=$(date -u)
echo '############################################'
echo "# Beginning build at $(date)"
if [ -f ${PACKAGE} ]; then
warn "The box '${PACKAGE}' already exists, skipping..."
echo
exit
fi
info "Building box to '${PACKAGE}'..."
./common/download.sh
utils.lxc.start
SECS=15
log "Sleeping for $SECS seconds..."
sleep $SECS
utils.lxc.runscript gentoo/install-packages.sh
utils.lxc.runscript common/prepare-vagrant-user.sh
utils.lxc.runscript gentoo/clean.sh
utils.lxc.stop
./common/package.sh
info "Finished building '${PACKAGE}'!"
log "Run \`lxc-destroy -n ${CONTAINER}\` or \`make clean\` to remove the container that was created along the way"
echo