Merge pull request #245 from fgrehm/base-boxes-updates
Base boxes revamp
This commit is contained in:
commit
5422d272d2
31 changed files with 865 additions and 688 deletions
9
BOXES.md
9
BOXES.md
|
@ -14,7 +14,7 @@ For example:
|
|||
```
|
||||
git clone https://github.com/fgrehm/vagrant-lxc.git
|
||||
cd vagrant-lxc/boxes
|
||||
PUPPET=1 CHEF=1 sudo -E ./build-ubuntu-box.sh precise amd64
|
||||
PUPPET=1 CHEF=1 make precise
|
||||
```
|
||||
|
||||
Will build a Ubuntu Precise x86_64 box with latest Puppet and Chef pre-installed, please refer to the scripts for more information.
|
||||
|
@ -30,15 +30,16 @@ on knowing what makes a base box for vagrant-lxc, here's what's needed:
|
|||
| --- | --- |
|
||||
| `lxc-template` | Script responsible for creating and setting up the container (used with `lxc-create`), a ["generic script"]() is provided along with project's source. |
|
||||
| `rootfs.tar.gz` | Compressed container rootfs tarball (need to remeber to pass in `--numeric-owner` when creating it) |
|
||||
| `lxc.conf` | |
|
||||
| `metadata.json` | |
|
||||
| `lxc.conf` | File passed in to `lxc-create -f` |
|
||||
| `lxc-config` | Box specific configuration to be _appended_ to the container's config file |
|
||||
| `metadata.json` | Required by Vagrant |
|
||||
|
||||
### metadata.json
|
||||
|
||||
```json
|
||||
{
|
||||
"provider": "lxc",
|
||||
"version": "3",
|
||||
"version": "1.0.0",
|
||||
"built-on": "Sat Sep 21 21:10:00 UTC 2013",
|
||||
"template-opts": {
|
||||
"--arch": "amd64",
|
||||
|
|
36
CHANGELOG.md
36
CHANGELOG.md
|
@ -1,5 +1,41 @@
|
|||
## [0.8.1](https://github.com/fgrehm/vagrant-lxc/compare/v0.8.0...master) (unreleased)
|
||||
|
||||
DEPRECATIONS:
|
||||
|
||||
- Support to **all Vagrant versions prior to 1.5 are now deprecated**, there is a
|
||||
[small layer](lib/vagrant-backports) that ensures compatibility with versions
|
||||
starting with 1.1.5 but there is no guarantee that it will stick for too long.
|
||||
- Boxes released prior to this version are now deprecated and won't be available
|
||||
after the final 1.0.0 release.
|
||||
- `--auth-key` argument is no longer provided to `lxc-template`. This will cause
|
||||
all official base boxes prior to 09/28/2013 to break.
|
||||
|
||||
BASE BOXES:
|
||||
|
||||
- Switched to [`lxc-download`](https://github.com/lxc/lxc/blob/master/templates/lxc-download.in)
|
||||
as the "reference implementation" for the generic `lxc-template` script [[GH-236]]
|
||||
- Added support for _appending_ custom boxes configs with the `lxc-config` file,
|
||||
allowing usage of host's specific configs from `/etc/lxc/default.conf` [[GH-222]]
|
||||
- Include NFS client on Ubuntu and Debian base boxes [[GH-218]]
|
||||
- Improved output for building base boxes
|
||||
- Improved `vagrant` user `sudo` rights [[GH-231]] [[GH-188]]
|
||||
- Locale configuration may follow builder's LANG environment variable [[GH-221]]
|
||||
- Enable bash completion for Debian base boxes [[GH-220]]
|
||||
- Fix broken locale in Ubuntu boxes [[GH-201]]
|
||||
- Install `python-software-properties` by default [[GH-155]]
|
||||
- Fix apt-get error when building Ubuntu boxes [[GH-200]]
|
||||
|
||||
[GH-236]: https://github.com/fgrehm/vagrant-lxc/issues/236
|
||||
[GH-222]: https://github.com/fgrehm/vagrant-lxc/issues/222
|
||||
[GH-218]: https://github.com/fgrehm/vagrant-lxc/issues/218
|
||||
[GH-231]: https://github.com/fgrehm/vagrant-lxc/issues/231
|
||||
[GH-221]: https://github.com/fgrehm/vagrant-lxc/issues/221
|
||||
[GH-220]: https://github.com/fgrehm/vagrant-lxc/issues/220
|
||||
[GH-201]: https://github.com/fgrehm/vagrant-lxc/issues/201
|
||||
[GH-188]: https://github.com/fgrehm/vagrant-lxc/issues/188
|
||||
[GH-155]: https://github.com/fgrehm/vagrant-lxc/issues/155
|
||||
[GH-200]: https://github.com/fgrehm/vagrant-lxc/issues/200
|
||||
|
||||
|
||||
## [0.8.0](https://github.com/fgrehm/vagrant-lxc/compare/v0.7.0...v0.8.0) (Feb 26, 2014)
|
||||
|
||||
|
|
1
boxes/.gitignore
vendored
Normal file
1
boxes/.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
/log
|
34
boxes/Makefile
Normal file
34
boxes/Makefile
Normal file
|
@ -0,0 +1,34 @@
|
|||
UBUNTU_BOXES= precise quantal raring saucy trusty
|
||||
DEBIAN_BOXES= squeeze wheezy sid jessie
|
||||
TODAY=$(shell date -u +"%Y-%m-%d")
|
||||
|
||||
default:
|
||||
|
||||
all: ubuntu debian
|
||||
|
||||
ubuntu: $(UBUNTU_BOXES)
|
||||
debian: $(DEBIAN_BOXES)
|
||||
|
||||
# REFACTOR: Figure out how can we reduce duplicated code
|
||||
$(UBUNTU_BOXES): CONTAINER = "vagrant-lxc-base-${@}-amd64"
|
||||
$(UBUNTU_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-${@}-amd64.box"
|
||||
$(UBUNTU_BOXES):
|
||||
@mkdir -p $$(dirname $(PACKAGE))
|
||||
@sudo -E ./mk-debian.sh ubuntu $(@) amd64 $(CONTAINER) $(PACKAGE)
|
||||
@sudo chmod +rw $(PACKAGE)
|
||||
@sudo chown ${USER}: $(PACKAGE)
|
||||
$(DEBIAN_BOXES): CONTAINER = "vagrant-lxc-base-${@}-amd64"
|
||||
$(DEBIAN_BOXES): PACKAGE = "output/${TODAY}/vagrant-lxc-${@}-amd64.box"
|
||||
$(DEBIAN_BOXES):
|
||||
@mkdir -p $$(dirname $(PACKAGE))
|
||||
@sudo -E ./mk-debian.sh debian $(@) amd64 $(CONTAINER) $(PACKAGE)
|
||||
@sudo chmod +rw $(PACKAGE)
|
||||
@sudo chown ${USER}: $(PACKAGE)
|
||||
|
||||
clean: ALL_BOXES = ${DEBIAN_BOXES} ${UBUNTU_BOXES}
|
||||
clean:
|
||||
@for r in $(ALL_BOXES); do \
|
||||
sudo -E ./clean.sh $${r}\
|
||||
vagrant-lxc-base-$${r}-amd64 \
|
||||
output/${TODAY}/vagrant-lxc-$${r}-amd64.box; \
|
||||
done
|
|
@ -1,22 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# set -x
|
||||
set -e
|
||||
|
||||
# Convenience script used for building all of the base boxes available
|
||||
|
||||
# Ubuntu boxes
|
||||
sudo -E ./build-ubuntu-box.sh precise
|
||||
sudo -E ./build-ubuntu-box.sh quantal
|
||||
sudo -E ./build-ubuntu-box.sh raring
|
||||
sudo -E ./build-ubuntu-box.sh saucy
|
||||
|
||||
# Debian boxes
|
||||
sudo -E ./build-debian-box.sh squeeze
|
||||
sudo -E ./build-debian-box.sh wheezy
|
||||
sudo -E ./build-debian-box.sh sid
|
||||
|
||||
for box in precise raring quantal saucy squeeze wheezy sid; do
|
||||
box="vagrant-lxc-${box}-amd64-`date +%Y-%m-%d`.box"
|
||||
~/bin/dropbox_uploader.sh upload output/${box} Public/
|
||||
done
|
|
@ -1,167 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# set -x
|
||||
set -e
|
||||
|
||||
# Script used to build Debian base vagrant-lxc containers, currently limited to
|
||||
# host's arch
|
||||
#
|
||||
# USAGE:
|
||||
# $ cd boxes && sudo ./build-debian-box.sh DEBIAN_RELEASE
|
||||
#
|
||||
# To enable Chef or any other configuration management tool pass '1' to the
|
||||
# corresponding env var:
|
||||
# $ CHEF=1 sudo -E ./build-debian-box.sh DEBIAN_RELEASE
|
||||
# $ PUPPET=1 sudo -E ./build-debian-box.sh DEBIAN_RELEASE
|
||||
# $ SALT=1 sudo -E ./build-debian-box.sh DEBIAN_RELEASE
|
||||
# $ BABUSHKA=1 sudo -E ./build-debian-box.sh DEBIAN_RELEASE
|
||||
|
||||
##################################################################################
|
||||
# 0 - Initial setup and sanity checks
|
||||
|
||||
TODAY=$(date -u +"%Y-%m-%d")
|
||||
NOW=$(date -u)
|
||||
RELEASE=${1:-"wheezy"}
|
||||
ARCH=$(dpkg --print-architecture) # This is what the Debian template will use under the hood
|
||||
PKG=vagrant-lxc-${RELEASE}-${ARCH}-${TODAY}.box
|
||||
WORKING_DIR=/tmp/vagrant-lxc-${RELEASE}
|
||||
VAGRANT_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
|
||||
ROOTFS=/var/lib/lxc/${RELEASE}-base/rootfs
|
||||
|
||||
# Providing '1' will enable these tools
|
||||
CHEF=${CHEF:-0}
|
||||
PUPPET=${PUPPET:-0}
|
||||
SALT=${SALT:-0}
|
||||
BABUSHKA=${BABUSHKA:-0}
|
||||
|
||||
# Path to files bundled with the box
|
||||
CWD=`readlink -f .`
|
||||
LXC_TEMPLATE=${CWD}/common/lxc-template
|
||||
LXC_CONF=${CWD}/common/lxc.conf
|
||||
METATADA_JSON=${CWD}/common/metadata.json
|
||||
|
||||
# Set up a working dir
|
||||
mkdir -p $WORKING_DIR
|
||||
|
||||
if [ -f "${WORKING_DIR}/${PKG}" ]; then
|
||||
echo "Found a box on ${WORKING_DIR}/${PKG} already!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
##################################################################################
|
||||
# 1 - Create the base container
|
||||
|
||||
if $(lxc-ls | grep -q "${RELEASE}-base"); then
|
||||
echo "Base container already exists, please remove it with \`lxc-destroy -n ${RELEASE}-base\`!"
|
||||
exit 1
|
||||
else
|
||||
export SUITE=$RELEASE
|
||||
lxc-create -n ${RELEASE}-base -t debian
|
||||
fi
|
||||
|
||||
|
||||
######################################
|
||||
# 2 - Fix some known issues
|
||||
|
||||
# Fixes some networking issues
|
||||
# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info
|
||||
sed -i -e "s/\(127.0.0.1\s\+localhost\)/\1\n127.0.1.1\t${RELEASE}-base\n/g" ${ROOTFS}/etc/hosts
|
||||
|
||||
# Ensures that `/tmp` does not get cleared on halt
|
||||
# See https://github.com/fgrehm/vagrant-lxc/issues/68 for more info
|
||||
chroot $ROOTFS /usr/sbin/update-rc.d -f checkroot-bootclean.sh remove
|
||||
chroot $ROOTFS /usr/sbin/update-rc.d -f mountall-bootclean.sh remove
|
||||
chroot $ROOTFS /usr/sbin/update-rc.d -f mountnfs-bootclean.sh remove
|
||||
|
||||
# Ensure locales are properly set, based on http://linux.livejournal.com/1880366.html
|
||||
sed -i "s/^# en_US/en_US/" ${ROOTFS}/etc/locale.gen
|
||||
chroot $ROOTFS /usr/sbin/locale-gen
|
||||
chroot $ROOTFS update-locale LANG=en_US.UTF-8
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 3 - Prepare vagrant user
|
||||
sudo chroot ${ROOTFS} useradd --create-home -s /bin/bash vagrant
|
||||
|
||||
echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 4 - Setup SSH access and passwordless sudo
|
||||
|
||||
# Configure SSH access
|
||||
mkdir -p ${ROOTFS}/home/vagrant/.ssh
|
||||
echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys
|
||||
chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh
|
||||
|
||||
chroot ${ROOTFS} apt-get install sudo -y --force-yes
|
||||
chroot ${ROOTFS} adduser vagrant sudo
|
||||
|
||||
# Enable passwordless sudo for users under the "sudo" group
|
||||
cp ${ROOTFS}/etc/sudoers{,.orig}
|
||||
sed -i -e \
|
||||
's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' \
|
||||
${ROOTFS}/etc/sudoers
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 5 - Add some goodies and update packages
|
||||
|
||||
PACKAGES=(vim curl wget man-db bash-completion ca-certificates)
|
||||
chroot ${ROOTFS} apt-get install ${PACKAGES[*]} -y --force-yes
|
||||
chroot ${ROOTFS} apt-get upgrade -y --force-yes
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 6 - Configuration management tools
|
||||
|
||||
if [ $CHEF = 1 ]; then
|
||||
./common/install-chef $ROOTFS
|
||||
fi
|
||||
|
||||
if [ $PUPPET = 1 ]; then
|
||||
./common/install-puppet $ROOTFS
|
||||
fi
|
||||
|
||||
if [ $SALT = 1 ]; then
|
||||
./common/install-salt-debian $ROOTFS
|
||||
fi
|
||||
|
||||
if [ $BABUSHKA = 1 ]; then
|
||||
./common/install-babushka $ROOTFS
|
||||
fi
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 7 - Free up some disk space
|
||||
|
||||
rm -rf ${ROOTFS}/tmp/*
|
||||
chroot ${ROOTFS} apt-get clean
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 8 - Build box package
|
||||
|
||||
# Compress container's rootfs
|
||||
cd $(dirname $ROOTFS)
|
||||
tar --numeric-owner -czf /tmp/vagrant-lxc-${RELEASE}/rootfs.tar.gz ./rootfs/*
|
||||
|
||||
# Prepare package contents
|
||||
cd $WORKING_DIR
|
||||
cp $LXC_TEMPLATE .
|
||||
cp $LXC_CONF .
|
||||
cp $METATADA_JSON .
|
||||
chmod +x lxc-template
|
||||
sed -i "s/<TODAY>/${NOW}/" metadata.json
|
||||
|
||||
# Vagrant box!
|
||||
tar -czf $PKG ./*
|
||||
|
||||
chmod +rw ${WORKING_DIR}/${PKG}
|
||||
mkdir -p ${CWD}/output
|
||||
mv ${WORKING_DIR}/${PKG} ${CWD}/output
|
||||
|
||||
# Clean up after ourselves
|
||||
rm -rf ${WORKING_DIR}
|
||||
|
||||
echo "The base box was built successfully to ${CWD}/output/${PKG}"
|
|
@ -92,7 +92,7 @@ sed -i 's/Defaults requiretty/\# Defaults requiretty/' ${ROOTFS}/etc/sudoers
|
|||
sed -i 's/\#%wheel/\%wheel/' ${ROOTFS}/etc/sudoers
|
||||
sed -i 's/\# %wheel/\%wheel/' ${ROOTFS}/etc/sudoers
|
||||
# sed -i -e \
|
||||
# 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' \
|
||||
# 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=(ALL) NOPASSWD:ALL/g' \
|
||||
# ${ROOTFS}/etc/sudoers
|
||||
|
||||
|
||||
|
|
|
@ -1,151 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# set -x
|
||||
set -e
|
||||
|
||||
# Script used to build Ubuntu base vagrant-lxc containers
|
||||
#
|
||||
# USAGE:
|
||||
# $ cd boxes && sudo ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH
|
||||
#
|
||||
# To enable Chef or any other configuration management tool pass '1' to the
|
||||
# corresponding env var:
|
||||
# $ CHEF=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH
|
||||
# $ PUPPET=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH
|
||||
# $ SALT=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH
|
||||
# $ BABUSHKA=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH
|
||||
|
||||
##################################################################################
|
||||
# 0 - Initial setup and sanity checks
|
||||
|
||||
TODAY=$(date -u +"%Y-%m-%d")
|
||||
NOW=$(date -u)
|
||||
RELEASE=${1:-"raring"}
|
||||
ARCH=${2:-"amd64"}
|
||||
PKG=vagrant-lxc-${RELEASE}-${ARCH}-${TODAY}.box
|
||||
WORKING_DIR=/tmp/vagrant-lxc-${RELEASE}
|
||||
VAGRANT_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
|
||||
ROOTFS=/var/lib/lxc/${RELEASE}-base/rootfs
|
||||
|
||||
# Providing '1' will enable these tools
|
||||
CHEF=${CHEF:-0}
|
||||
PUPPET=${PUPPET:-0}
|
||||
SALT=${SALT:-0}
|
||||
BABUSHKA=${BABUSHKA:-0}
|
||||
|
||||
# Path to files bundled with the box
|
||||
CWD=`readlink -f .`
|
||||
LXC_TEMPLATE=${CWD}/common/lxc-template
|
||||
LXC_CONF=${CWD}/common/lxc.conf
|
||||
METATADA_JSON=${CWD}/common/metadata.json
|
||||
|
||||
# Set up a working dir
|
||||
mkdir -p $WORKING_DIR
|
||||
|
||||
if [ -f "${WORKING_DIR}/${PKG}" ]; then
|
||||
echo "Found a box on ${WORKING_DIR}/${PKG} already!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
##################################################################################
|
||||
# 1 - Create the base container
|
||||
|
||||
if $(lxc-ls | grep -q "${RELEASE}-base"); then
|
||||
echo "Base container already exists, please remove it with \`lxc-destroy -n ${RELEASE}-base\`!"
|
||||
exit 1
|
||||
else
|
||||
lxc-create -n ${RELEASE}-base -t ubuntu -- --release ${RELEASE} --arch ${ARCH}
|
||||
fi
|
||||
|
||||
# Fixes some networking issues
|
||||
# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info
|
||||
echo 'ff02::3 ip6-allhosts' >> ${ROOTFS}/etc/hosts
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 2 - Prepare vagrant user
|
||||
|
||||
mv ${ROOTFS}/home/{ubuntu,vagrant}
|
||||
chroot ${ROOTFS} usermod -l vagrant -d /home/vagrant ubuntu
|
||||
chroot ${ROOTFS} groupmod -n vagrant ubuntu
|
||||
|
||||
echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 3 - Setup SSH access and passwordless sudo
|
||||
|
||||
# Configure SSH access
|
||||
mkdir -p ${ROOTFS}/home/vagrant/.ssh
|
||||
echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys
|
||||
chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh
|
||||
|
||||
# Enable passwordless sudo for users under the "sudo" group
|
||||
cp ${ROOTFS}/etc/sudoers{,.orig}
|
||||
sed -i -e \
|
||||
's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' \
|
||||
${ROOTFS}/etc/sudoers
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 4 - Add some goodies and update packages
|
||||
|
||||
PACKAGES=(vim curl wget man-db bash-completion)
|
||||
chroot ${ROOTFS} apt-get install ${PACKAGES[*]} -y --force-yes
|
||||
chroot ${ROOTFS} apt-get upgrade -y --force-yes
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 5 - Configuration management tools
|
||||
|
||||
if [ $CHEF = 1 ]; then
|
||||
./common/install-chef $ROOTFS
|
||||
fi
|
||||
|
||||
if [ $PUPPET = 1 ]; then
|
||||
./common/install-puppet $ROOTFS
|
||||
fi
|
||||
|
||||
if [ $SALT = 1 ]; then
|
||||
./common/install-salt $ROOTFS
|
||||
fi
|
||||
|
||||
if [ $BABUSHKA = 1 ]; then
|
||||
./common/install-babushka $ROOTFS
|
||||
fi
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 6 - Free up some disk space
|
||||
|
||||
rm -rf ${ROOTFS}/tmp/*
|
||||
chroot ${ROOTFS} apt-get clean
|
||||
|
||||
|
||||
##################################################################################
|
||||
# 7 - Build box package
|
||||
|
||||
# Compress container's rootfs
|
||||
cd $(dirname $ROOTFS)
|
||||
tar --numeric-owner -czf /tmp/vagrant-lxc-${RELEASE}/rootfs.tar.gz ./rootfs/*
|
||||
|
||||
# Prepare package contents
|
||||
cd $WORKING_DIR
|
||||
cp $LXC_TEMPLATE .
|
||||
cp $LXC_CONF .
|
||||
cp $METATADA_JSON .
|
||||
chmod +x lxc-template
|
||||
sed -i "s/<TODAY>/${NOW}/" metadata.json
|
||||
|
||||
# Vagrant box!
|
||||
tar -czf $PKG ./*
|
||||
|
||||
chmod +rw ${WORKING_DIR}/${PKG}
|
||||
mkdir -p ${CWD}/output
|
||||
mv ${WORKING_DIR}/${PKG} ${CWD}/output
|
||||
|
||||
# Clean up after ourselves
|
||||
rm -rf ${WORKING_DIR}
|
||||
lxc-destroy -n ${RELEASE}-base
|
||||
|
||||
echo "The base box was built successfully to ${CWD}/output/${PKG}"
|
27
boxes/clean.sh
Executable file
27
boxes/clean.sh
Executable file
|
@ -0,0 +1,27 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
source common/ui.sh
|
||||
|
||||
export RELEASE=$1
|
||||
export CONTAINER=$2
|
||||
export PACKAGE=$3
|
||||
export LOG=$(readlink -f .)/log/${CONTAINER}.log
|
||||
|
||||
info "Cleaning ${RELEASE} artifacts..."
|
||||
|
||||
# If container exists, check if want to continue
|
||||
if $(lxc-ls | grep -q ${CONTAINER}); then
|
||||
log "Removing '${CONTAINER}' container"
|
||||
lxc-stop -n ${CONTAINER} &>/dev/null || true
|
||||
lxc-destroy -n ${CONTAINER}
|
||||
else
|
||||
log "The container '${CONTAINER}' does not exist"
|
||||
fi
|
||||
|
||||
if [ -e ${PACKAGE} ]; then
|
||||
log "Removing '${PACKAGE}'"
|
||||
rm -f ${PACKAGE}
|
||||
else
|
||||
log "The package '${PACKAGE}' does not exist"
|
||||
fi
|
|
@ -1,7 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
cache=`readlink -f .`
|
||||
rootfs="${cache}/rootfs"
|
||||
|
||||
rm -rf $rootfs/tmp/*
|
||||
chroot $rootfs apt-get clean
|
43
boxes/common/download.sh
Executable file
43
boxes/common/download.sh
Executable file
|
@ -0,0 +1,43 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
source common/ui.sh
|
||||
source common/utils.sh
|
||||
|
||||
# If container exists, check if want to continue
|
||||
if $(lxc-ls | grep -q ${CONTAINER}); then
|
||||
if ! $(confirm "The '${CONTAINER}' container already exists, do you want to continue building the box?" 'y'); then
|
||||
log 'Aborting...'
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# If container exists and wants to continue building the box
|
||||
if $(lxc-ls | grep -q ${CONTAINER}); then
|
||||
if $(confirm "Do you want to rebuild the '${CONTAINER}' container?" 'n'); then
|
||||
log "Destroying container ${CONTAINER}..."
|
||||
utils.lxc.stop
|
||||
utils.lxc.destroy
|
||||
else
|
||||
log "Reusing existing container..."
|
||||
exit 0
|
||||
fi
|
||||
fi
|
||||
|
||||
# If we got to this point, we need to create the container
|
||||
log "Creating container..."
|
||||
if [ $RELEASE = 'raring' ]; then
|
||||
utils.lxc.create -t ubuntu -- \
|
||||
--release ${RELEASE} \
|
||||
--arch ${ARCH}
|
||||
elif [ $RELEASE = 'squeeze' ]; then
|
||||
utils.lxc.create -t debian -- \
|
||||
--release ${RELEASE} \
|
||||
--arch ${ARCH}
|
||||
else
|
||||
utils.lxc.create -t download -- \
|
||||
--dist ${DISTRIBUTION} \
|
||||
--release ${RELEASE} \
|
||||
--arch ${ARCH}
|
||||
fi
|
||||
log "Container created!"
|
|
@ -1,16 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
rootfs=$1
|
||||
|
||||
echo "installing babushka"
|
||||
cat > $rootfs/tmp/install-babushka.sh << EOF
|
||||
#!/bin/sh
|
||||
curl https://babushka.me/up | sudo bash
|
||||
|
||||
EOF
|
||||
chmod +x $rootfs/tmp/install-babushka.sh
|
||||
chroot $rootfs /tmp/install-babushka.sh
|
||||
|
||||
rm -rf $rootfs/tmp/*
|
|
@ -1,15 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
rootfs=$1
|
||||
|
||||
echo "installing chef"
|
||||
cat > $rootfs/tmp/install-chef.sh << EOF
|
||||
#!/bin/sh
|
||||
curl -L https://www.opscode.com/chef/install.sh -k | sudo bash
|
||||
EOF
|
||||
chmod +x $rootfs/tmp/install-chef.sh
|
||||
chroot $rootfs /tmp/install-chef.sh
|
||||
|
||||
rm -rf $rootfs/tmp/*
|
|
@ -1,13 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
rootfs=$1
|
||||
|
||||
echo "installing puppet"
|
||||
wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${rootfs}/tmp/puppetlabs-release-stable.deb"
|
||||
chroot $rootfs dpkg -i "/tmp/puppetlabs-release-stable.deb"
|
||||
chroot $rootfs apt-get update
|
||||
chroot $rootfs apt-get install puppet -y --force-yes
|
||||
|
||||
rm -rf $rootfs/tmp/*
|
|
@ -1,12 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
rootfs=$1
|
||||
|
||||
echo "installing salt"
|
||||
chroot $rootfs apt-add-repository -y ppa:saltstack/salt
|
||||
chroot $rootfs apt-get update
|
||||
chroot $rootfs apt-get install salt-minion -y --force-yes
|
||||
|
||||
rm -rf $rootfs/tmp/*
|
|
@ -1,28 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
rootfs=$1
|
||||
|
||||
echo "installing salt"
|
||||
|
||||
if [ $SUITE == "squeeze" ]; then
|
||||
SALT_SOURCE="deb http://debian.saltstack.com/debian squeeze-saltstack main\ndeb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free"
|
||||
elif [ $SUITE == "sid" ]; then
|
||||
SALT_SOURCE="deb http://debian.saltstack.com/debian unstable main"
|
||||
else
|
||||
SALT_SOURCE="deb http://debian.saltstack.com/debian wheezy-saltstack main"
|
||||
fi
|
||||
|
||||
cat > $rootfs/tmp/install-salt << EOF
|
||||
#!/bin/sh
|
||||
echo "$SALT_SOURCE" > /etc/apt/sources.list.d/saltstack.list
|
||||
wget -q -O- "http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key" | apt-key add -
|
||||
apt-get update
|
||||
apt-get install -y salt-minion
|
||||
apt-get clean
|
||||
EOF
|
||||
|
||||
chroot $rootfs sh /tmp/install-salt
|
||||
|
||||
rm -rf $rootfs/tmp/*
|
|
@ -1,226 +1,164 @@
|
|||
#!/bin/bash
|
||||
|
||||
# This is a modified version of /usr/share/lxc/templates/lxc-ubuntu
|
||||
# that comes with Ubuntu 13.04 changed to suit vagrant-lxc needs
|
||||
|
||||
# This is a modified version of /usr/share/lxc/templates/lxc-download
|
||||
# that comes with ubuntu-lxc 1.0.0 stable from ppa changed to suit vagrant-lxc needs
|
||||
#
|
||||
# template script for generating ubuntu container for LXC
|
||||
#
|
||||
# This script consolidates and extends the existing lxc ubuntu scripts
|
||||
# Copyright © 2014 Stéphane Graber <stgraber@ubuntu.com>
|
||||
# Copyright © 2014 Fábio Rehm <fgrehm@gmail.com>
|
||||
#
|
||||
# This library is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU Lesser General Public
|
||||
# License as published by the Free Software Foundation; either
|
||||
# version 2.1 of the License, or (at your option) any later version.
|
||||
|
||||
# Copyright © 2011 Serge Hallyn <serge.hallyn@canonical.com>
|
||||
# Copyright © 2010 Wilhelm Meier
|
||||
# Author: Wilhelm Meier <wilhelm.meier@fh-kl.de>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License version 2, as
|
||||
# published by the Free Software Foundation.
|
||||
# This library is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
# Lesser General Public License for more details.
|
||||
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
# You should have received a copy of the GNU Lesser General Public
|
||||
# License along with this library; if not, write to the Free Software
|
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
|
||||
# USA
|
||||
|
||||
# You should have received a copy of the GNU General Public License along
|
||||
# with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
#
|
||||
set -eu
|
||||
|
||||
set -e
|
||||
LXC_HOOK_DIR="/usr/share/lxc/hooks"
|
||||
LXC_TEMPLATE_CONFIG="/usr/share/lxc/config"
|
||||
|
||||
if [ -r /etc/default/lxc ]; then
|
||||
. /etc/default/lxc
|
||||
fi
|
||||
LXC_MAPPED_GID=
|
||||
LXC_MAPPED_UID=
|
||||
LXC_NAME=
|
||||
LXC_PATH=
|
||||
LXC_ROOTFS=
|
||||
LXC_TARBALL=
|
||||
LXC_CONFIG=
|
||||
|
||||
extract_rootfs()
|
||||
{
|
||||
tarball=$1
|
||||
arch=$2
|
||||
rootfs=$3
|
||||
|
||||
echo "Extracting $tarball ..."
|
||||
mkdir -p $rootfs
|
||||
(cd $rootfs && tar xfz $tarball --strip-components=2)
|
||||
return 0
|
||||
}
|
||||
|
||||
install_ubuntu()
|
||||
{
|
||||
rootfs=$1
|
||||
release=$2
|
||||
tarball=$3
|
||||
mkdir -p /var/lock/subsys/
|
||||
|
||||
(
|
||||
flock -x 200
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Cache repository is busy."
|
||||
return 1
|
||||
fi
|
||||
|
||||
extract_rootfs $tarball $arch $rootfs
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Failed to copy rootfs"
|
||||
return 1
|
||||
fi
|
||||
|
||||
return 0
|
||||
|
||||
) 200>/var/lock/subsys/lxc
|
||||
|
||||
return $?
|
||||
}
|
||||
|
||||
copy_configuration()
|
||||
{
|
||||
path=$1
|
||||
rootfs=$2
|
||||
name=$3
|
||||
|
||||
grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config
|
||||
|
||||
# if there is exactly one veth network entry, make sure it has an
|
||||
# associated hwaddr.
|
||||
nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
|
||||
if [ $nics -eq 1 ]; then
|
||||
grep -q "^lxc.network.hwaddr" $path/config || sed -i -e "/^lxc\.network\.type[ \t]*=[ \t]*veth/a lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')" $path/config
|
||||
fi
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Failed to add configuration"
|
||||
return 1
|
||||
fi
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
post_process()
|
||||
{
|
||||
rootfs=$1
|
||||
|
||||
# rmdir /dev/shm for containers that have /run/shm
|
||||
# I'm afraid of doing rm -rf $rootfs/dev/shm, in case it did
|
||||
# get bind mounted to the host's /run/shm. So try to rmdir
|
||||
# it, and in case that fails move it out of the way.
|
||||
if [ ! -L $rootfs/dev/shm ] && [ -d $rootfs/run/shm ] && [ -e $rootfs/dev/shm ]; then
|
||||
mv $rootfs/dev/shm $rootfs/dev/shm.bak
|
||||
ln -s /run/shm $rootfs/dev/shm
|
||||
fi
|
||||
}
|
||||
|
||||
usage()
|
||||
{
|
||||
usage() {
|
||||
cat <<EOF
|
||||
$1 -h|--help [-a|--arch] [--trim] [-d|--debug] [--rootfs <rootfs>] [-T|--tarball <rootfs-tarball>
|
||||
arch: the container architecture (e.g. amd64): defaults to host arch
|
||||
vagrant-lxc default template
|
||||
|
||||
Required arguments:
|
||||
[ --tarball <path> ]: The full path of the rootfs tarball
|
||||
|
||||
Optional arguments:
|
||||
[ --config ]: Configuration file to be used when building the container
|
||||
[ -h | --help ]: This help message
|
||||
|
||||
LXC internal arguments (do not pass manually!):
|
||||
[ --name <name> ]: The container name
|
||||
[ --path <path> ]: The path to the container
|
||||
[ --rootfs <rootfs> ]: The path to the container's rootfs
|
||||
[ --mapped-uid <map> ]: A uid map (user namespaces)
|
||||
[ --mapped-gid <map> ]: A gid map (user namespaces)
|
||||
EOF
|
||||
return 0
|
||||
}
|
||||
|
||||
options=$(getopt -o a:b:hp:r:xn:FS:d:C -l arch:,help,path:,release:,trim,name:,flush-cache,auth-key:,debug:,tarball:,rootfs: -- "$@")
|
||||
options=$(getopt -o h -l tarball:,config:,help:,name:,path:,rootfs:,mapped-uid:,mapped-gid: -- "$@")SS
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
usage $(basename $0)
|
||||
exit 1
|
||||
fi
|
||||
eval set -- "$options"
|
||||
|
||||
release=precise # Default to the last Ubuntu LTS release for non-Ubuntu systems
|
||||
if [ -f /etc/lsb-release ]; then
|
||||
. /etc/lsb-release
|
||||
if [ "$DISTRIB_ID" = "Ubuntu" ]; then
|
||||
release=$DISTRIB_CODENAME
|
||||
fi
|
||||
fi
|
||||
|
||||
arch=$(uname -m)
|
||||
|
||||
# Code taken from debootstrap
|
||||
if [ -x /usr/bin/dpkg ] && /usr/bin/dpkg --print-architecture >/dev/null 2>&1; then
|
||||
arch=`/usr/bin/dpkg --print-architecture`
|
||||
elif type udpkg >/dev/null 2>&1 && udpkg --print-architecture >/dev/null 2>&1; then
|
||||
arch=`/usr/bin/udpkg --print-architecture`
|
||||
else
|
||||
arch=$(uname -m)
|
||||
if [ "$arch" = "i686" ]; then
|
||||
arch="i386"
|
||||
elif [ "$arch" = "x86_64" ]; then
|
||||
arch="amd64"
|
||||
elif [ "$arch" = "armv7l" ]; then
|
||||
arch="armel"
|
||||
fi
|
||||
fi
|
||||
|
||||
debug=0
|
||||
trim_container=0
|
||||
hostarch=$arch
|
||||
while true
|
||||
do
|
||||
case "$1" in
|
||||
-h|--help) usage $0 && exit 0;;
|
||||
--rootfs) rootfs=$2; shift 2;;
|
||||
-p|--path) path=$2; shift 2;;
|
||||
-n|--name) name=$2; shift 2;;
|
||||
-T|--tarball) tarball=$2; shift 2;;
|
||||
-a|--arch) arch=$2; shift 2;;
|
||||
-S|--auth-key) auth_key=$2; shift 2;;
|
||||
-d|--debug) debug=1; shift 1;;
|
||||
--) shift 1; break ;;
|
||||
*) break ;;
|
||||
-h|--help) usage $0 && exit 0;;
|
||||
--config) LXC_CONFIG=$2; shift 2;;
|
||||
--tarball) LXC_TARBALL=$2; shift 2;;
|
||||
--name) LXC_NAME=$2; shift 2;;
|
||||
--path) LXC_PATH=$2; shift 2;;
|
||||
--rootfs) LXC_ROOTFS=$2; shift 2;;
|
||||
--mapped-uid) LXC_MAPPED_UID=$2; shift 2;;
|
||||
--mapped-gid) LXC_MAPPED_GID=$2; shift 2;;
|
||||
*) break;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ $debug -eq 1 ]; then
|
||||
set -x
|
||||
fi
|
||||
|
||||
if [ "$arch" == "i686" ]; then
|
||||
arch=i386
|
||||
fi
|
||||
|
||||
if [ $hostarch = "i386" -a $arch = "amd64" ]; then
|
||||
echo "can't create amd64 container on i386"
|
||||
if [ -z "${LXC_NAME}" ]; then
|
||||
echo "'name' parameter is required"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "$path" ]; then
|
||||
if [ -z "${LXC_TARBALL}" ]; then
|
||||
echo "'tarball' parameter is required"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "${LXC_ROOTFS}" ]; then
|
||||
echo "'rootfs' parameter is required"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "${LXC_CONFIG}" ]; then
|
||||
echo "'config' parameter is required"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "${LXC_PATH}" ]; then
|
||||
echo "'path' parameter is required"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ "$(id -u)" != "0" ]; then
|
||||
echo "This script should be run as 'root'"
|
||||
exit 1
|
||||
fi
|
||||
# Unpack the rootfs
|
||||
echo "Unpacking the rootfs"
|
||||
|
||||
# detect rootfs
|
||||
config="$path/config"
|
||||
# if $rootfs exists here, it was passed in with --rootfs
|
||||
if [ -z "$rootfs" ]; then
|
||||
if grep -q '^lxc.rootfs' $config 2>/dev/null ; then
|
||||
rootfs=`grep 'lxc.rootfs =' $config | awk -F= '{ print $2 }'`
|
||||
else
|
||||
rootfs=$path/rootfs
|
||||
(
|
||||
flock -x 200
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Cache repository is busy."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
mkdir -p ${LXC_ROOTFS}
|
||||
(cd ${LXC_ROOTFS} && tar xfz ${LXC_TARBALL} --strip-components=2)
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Failed to extract rootfs"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
) 200>/var/lock/subsys/lxc
|
||||
|
||||
mkdir -p ${LXC_ROOTFS}/dev/pts/
|
||||
|
||||
## Extract all the network config entries
|
||||
sed -i -e "/lxc.network/{w ${LXC_PATH}/config-network" -e "d}" \
|
||||
${LXC_PATH}/config
|
||||
|
||||
## Extract any other config entry
|
||||
sed -i -e "/lxc./{w ${LXC_PATH}/config-auto" -e "d}" ${LXC_PATH}/config
|
||||
|
||||
## Add the container-specific config
|
||||
echo "" >> ${LXC_PATH}/config
|
||||
echo "##############################################" >> ${LXC_PATH}/config
|
||||
echo "# Container specific configuration (automatically set)" >> ${LXC_PATH}/config
|
||||
if [ -e "${LXC_PATH}/config-auto" ]; then
|
||||
cat ${LXC_PATH}/config-auto >> ${LXC_PATH}/config
|
||||
rm ${LXC_PATH}/config-auto
|
||||
fi
|
||||
echo "lxc.utsname = ${LXC_NAME}" >> ${LXC_PATH}/config
|
||||
|
||||
## Re-add the previously removed network config
|
||||
if [ -e "${LXC_PATH}/config-network" ]; then
|
||||
echo "" >> ${LXC_PATH}/config
|
||||
echo "##############################################" >> ${LXC_PATH}/config
|
||||
echo "# Network configuration (automatically set)" >> ${LXC_PATH}/config
|
||||
cat ${LXC_PATH}/config-network >> ${LXC_PATH}/config
|
||||
rm ${LXC_PATH}/config-network
|
||||
fi
|
||||
|
||||
install_ubuntu $rootfs $release $tarball
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "failed to install ubuntu $release"
|
||||
exit 1
|
||||
fi
|
||||
## Append the defaults
|
||||
echo "" >> ${LXC_PATH}/config
|
||||
echo "##############################################" >> ${LXC_PATH}/config
|
||||
echo "# vagrant-lxc base box specific configuration" >> ${LXC_PATH}/config
|
||||
cat ${LXC_CONFIG} >> ${LXC_PATH}/config
|
||||
|
||||
copy_configuration $path $rootfs $name $arch
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "failed write configuration file"
|
||||
exit 1
|
||||
fi
|
||||
# Empty section for lxc.customize calls from vagrantfile
|
||||
echo "" >> ${LXC_PATH}/config
|
||||
echo "##############################################" >> ${LXC_PATH}/config
|
||||
echo "# vagrant-lxc container specific configuration" >> ${LXC_PATH}/config
|
||||
|
||||
post_process $rootfs $release $trim_container
|
||||
|
||||
echo ""
|
||||
echo "##"
|
||||
echo "# The default user is 'vagrant' with password 'vagrant'!"
|
||||
echo "# Use the 'sudo' command to run tasks as root in the container."
|
||||
echo "##"
|
||||
echo ""
|
||||
exit 0
|
||||
|
|
|
@ -1,49 +0,0 @@
|
|||
lxc.network.type=veth
|
||||
lxc.network.link=lxcbr0
|
||||
lxc.network.flags=up
|
||||
|
||||
lxc.pivotdir = lxc_putold
|
||||
|
||||
lxc.devttydir = lxc
|
||||
lxc.tty = 4
|
||||
lxc.pts = 1024
|
||||
|
||||
lxc.arch = amd64
|
||||
lxc.cap.drop = sys_module mac_admin mac_override
|
||||
|
||||
# When using LXC with apparmor, uncomment the next line to run unconfined:
|
||||
#lxc.aa_profile = unconfined
|
||||
|
||||
lxc.cgroup.devices.deny = a
|
||||
# Allow any mknod (but not using the node)
|
||||
lxc.cgroup.devices.allow = c *:* m
|
||||
lxc.cgroup.devices.allow = b *:* m
|
||||
# /dev/null and zero
|
||||
lxc.cgroup.devices.allow = c 1:3 rwm
|
||||
lxc.cgroup.devices.allow = c 1:5 rwm
|
||||
# consoles
|
||||
lxc.cgroup.devices.allow = c 5:1 rwm
|
||||
lxc.cgroup.devices.allow = c 5:0 rwm
|
||||
#lxc.cgroup.devices.allow = c 4:0 rwm
|
||||
#lxc.cgroup.devices.allow = c 4:1 rwm
|
||||
# /dev/{,u}random
|
||||
lxc.cgroup.devices.allow = c 1:9 rwm
|
||||
lxc.cgroup.devices.allow = c 1:8 rwm
|
||||
lxc.cgroup.devices.allow = c 136:* rwm
|
||||
lxc.cgroup.devices.allow = c 5:2 rwm
|
||||
# rtc
|
||||
lxc.cgroup.devices.allow = c 254:0 rwm
|
||||
#fuse
|
||||
lxc.cgroup.devices.allow = c 10:229 rwm
|
||||
#tun
|
||||
lxc.cgroup.devices.allow = c 10:200 rwm
|
||||
#full
|
||||
lxc.cgroup.devices.allow = c 1:7 rwm
|
||||
#hpet
|
||||
lxc.cgroup.devices.allow = c 10:228 rwm
|
||||
#kvm
|
||||
lxc.cgroup.devices.allow = c 10:232 rwm
|
||||
|
||||
# mounts point
|
||||
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
|
||||
lxc.mount.entry = sysfs sys sysfs defaults 0 0
|
34
boxes/common/package.sh
Executable file
34
boxes/common/package.sh
Executable file
|
@ -0,0 +1,34 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
source common/ui.sh
|
||||
|
||||
# TODO: Create file with build date / time on container
|
||||
|
||||
info "Packaging '${CONTAINER}' to '${PACKAGE}'..."
|
||||
|
||||
debug 'Stopping container'
|
||||
lxc-stop -n ${CONTAINER} &>/dev/null || true
|
||||
|
||||
if [ -f ${WORKING_DIR}/rootfs.tar.gz ]; then
|
||||
log "Removing previous rootfs tarball"
|
||||
rm -f ${WORKING_DIR}/rootfs.tar.gz
|
||||
fi
|
||||
|
||||
log "Compressing container's rootfs"
|
||||
pushd $(dirname ${ROOTFS}) &>>${LOG}
|
||||
tar --numeric-owner --anchored --exclude=./rootfs/dev/log -czf \
|
||||
${WORKING_DIR}/rootfs.tar.gz ./rootfs/*
|
||||
popd &>>${LOG}
|
||||
|
||||
# Prepare package contents
|
||||
log 'Preparing box package contents'
|
||||
cp common/lxc-template ${WORKING_DIR}
|
||||
cp conf/${DISTRIBUTION} ${WORKING_DIR}/lxc-config
|
||||
cp conf/metadata.json ${WORKING_DIR}
|
||||
sed -i "s/<TODAY>/${NOW}/" ${WORKING_DIR}/metadata.json
|
||||
|
||||
# Vagrant box!
|
||||
log 'Packaging box'
|
||||
TARBALL=$(readlink -f ${PACKAGE})
|
||||
(cd ${WORKING_DIR} && tar -czf $TARBALL ./*)
|
46
boxes/common/prepare-vagrant-user.sh
Executable file
46
boxes/common/prepare-vagrant-user.sh
Executable file
|
@ -0,0 +1,46 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
source common/ui.sh
|
||||
|
||||
export VAGRANT_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
|
||||
|
||||
info "Preparing vagrant user..."
|
||||
|
||||
# Create vagrant user
|
||||
if $(grep -q 'vagrant' ${ROOTFS}/etc/shadow); then
|
||||
log 'Skipping vagrant user creation'
|
||||
elif $(grep -q 'ubuntu' ${ROOTFS}/etc/shadow); then
|
||||
debug 'vagrant user does not exist, renaming ubuntu user...'
|
||||
mv ${ROOTFS}/home/{ubuntu,vagrant}
|
||||
chroot ${ROOTFS} usermod -l vagrant -d /home/vagrant ubuntu &>> ${LOG}
|
||||
chroot ${ROOTFS} groupmod -n vagrant ubuntu &>> ${LOG}
|
||||
echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd
|
||||
log 'Renamed ubuntu user to vagrant and changed password.'
|
||||
else
|
||||
debug 'Creating vagrant user...'
|
||||
chroot ${ROOTFS} useradd --create-home -s /bin/bash vagrant &>> ${LOG}
|
||||
chroot ${ROOTFS} adduser vagrant sudo &>> ${LOG}
|
||||
echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd
|
||||
fi
|
||||
|
||||
# Configure SSH access
|
||||
if [ -d ${ROOTFS}/home/vagrant/.ssh ]; then
|
||||
log 'Skipping vagrant SSH credentials configuration'
|
||||
else
|
||||
debug 'SSH key has not been set'
|
||||
mkdir -p ${ROOTFS}/home/vagrant/.ssh
|
||||
echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys
|
||||
chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh
|
||||
log 'SSH credentials configured for the vagrant user.'
|
||||
fi
|
||||
|
||||
# Enable passwordless sudo for the vagrant user
|
||||
if [ -f ${ROOTFS}/etc/sudoers.d/vagrant ]; then
|
||||
log 'Skipping sudoers file creation.'
|
||||
else
|
||||
debug 'Sudoers file was not found'
|
||||
echo "vagrant ALL=(ALL) NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant
|
||||
chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant
|
||||
log 'Sudoers file created.'
|
||||
fi
|
53
boxes/common/ui.sh
Normal file
53
boxes/common/ui.sh
Normal file
|
@ -0,0 +1,53 @@
|
|||
#!/bin/bash
|
||||
|
||||
export NO_COLOR='\033[0m'
|
||||
export OK_COLOR='\033[32;01m'
|
||||
export ERROR_COLOR='\033[31;01m'
|
||||
export WARN_COLOR='\033[33;01m'
|
||||
|
||||
log() {
|
||||
echo " [${RELEASE}] ${1}" >>${LOG}
|
||||
echo " [${RELEASE}] ${1}" >&2
|
||||
}
|
||||
|
||||
warn() {
|
||||
echo "==> [${RELEASE}] [WARN] ${1}" >>${LOG}
|
||||
echo -e "${WARN_COLOR}==> [${RELEASE}] ${1}${NO_COLOR}"
|
||||
}
|
||||
|
||||
info() {
|
||||
echo "==> [${RELEASE}] [INFO] ${1}" >>${LOG}
|
||||
echo -e "${OK_COLOR}==> [${RELEASE}] ${1}${NO_COLOR}"
|
||||
}
|
||||
|
||||
confirm() {
|
||||
question=${1}
|
||||
default=${2}
|
||||
default_prompt=
|
||||
|
||||
if [ $default = 'n' ]; then
|
||||
default_prompt="y/N"
|
||||
default='No'
|
||||
else
|
||||
default_prompt="Y/n"
|
||||
default='Yes'
|
||||
fi
|
||||
|
||||
echo -e -n "${WARN_COLOR}==> [${RELEASE}] ${question} [${default_prompt}] ${NO_COLOR}" >&2
|
||||
read answer
|
||||
|
||||
if [ -z $answer ]; then
|
||||
debug "Answer not provided, assuming '${default}'"
|
||||
answer=${default}
|
||||
fi
|
||||
|
||||
if $(echo ${answer} | grep -q -i '^y'); then
|
||||
return 0
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
debug() {
|
||||
[ ! $DEBUG ] || echo " [${RELEASE}] [DEBUG] ${1}" >&2
|
||||
}
|
23
boxes/common/utils.sh
Normal file
23
boxes/common/utils.sh
Normal file
|
@ -0,0 +1,23 @@
|
|||
#!/bin/bash
|
||||
|
||||
utils.lxc.attach() {
|
||||
cmd="$@"
|
||||
log "Running [${cmd}] inside '${CONTAINER}' container..."
|
||||
(lxc-attach -n ${CONTAINER} -- $cmd) &>> ${LOG}
|
||||
}
|
||||
|
||||
utils.lxc.start() {
|
||||
lxc-start -d -n ${CONTAINER} &>>${LOG} || true
|
||||
}
|
||||
|
||||
utils.lxc.stop() {
|
||||
lxc-stop -n ${CONTAINER} &>>${LOG} || true
|
||||
}
|
||||
|
||||
utils.lxc.destroy() {
|
||||
lxc-destroy -n ${CONTAINER} &>>${LOG}
|
||||
}
|
||||
|
||||
utils.lxc.create() {
|
||||
lxc-create -n ${CONTAINER} "$@" &>>${LOG}
|
||||
}
|
62
boxes/conf/debian
Normal file
62
boxes/conf/debian
Normal file
|
@ -0,0 +1,62 @@
|
|||
# Default pivot location
|
||||
lxc.pivotdir = lxc_putold
|
||||
|
||||
# Default mount entries
|
||||
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
|
||||
lxc.mount.entry = sysfs sys sysfs defaults 0 0
|
||||
lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none bind,optional 0 0
|
||||
|
||||
# Default console settings
|
||||
lxc.tty = 4
|
||||
lxc.pts = 1024
|
||||
|
||||
# Default capabilities
|
||||
lxc.cap.drop = sys_module mac_admin mac_override sys_time
|
||||
|
||||
# When using LXC with apparmor, the container will be confined by default.
|
||||
# If you wish for it to instead run unconfined, copy the following line
|
||||
# (uncommented) to the container's configuration file.
|
||||
#lxc.aa_profile = unconfined
|
||||
|
||||
# To support container nesting on an Ubuntu host while retaining most of
|
||||
# apparmor's added security, use the following two lines instead.
|
||||
#lxc.aa_profile = lxc-container-default-with-nesting
|
||||
#lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups
|
||||
|
||||
# If you wish to allow mounting block filesystems, then use the following
|
||||
# line instead, and make sure to grant access to the block device and/or loop
|
||||
# devices below in lxc.cgroup.devices.allow.
|
||||
#lxc.aa_profile = lxc-container-default-with-mounting
|
||||
|
||||
# Default cgroup limits
|
||||
lxc.cgroup.devices.deny = a
|
||||
## Allow any mknod (but not using the node)
|
||||
lxc.cgroup.devices.allow = c *:* m
|
||||
lxc.cgroup.devices.allow = b *:* m
|
||||
## /dev/null and zero
|
||||
lxc.cgroup.devices.allow = c 1:3 rwm
|
||||
lxc.cgroup.devices.allow = c 1:5 rwm
|
||||
## consoles
|
||||
lxc.cgroup.devices.allow = c 5:0 rwm
|
||||
lxc.cgroup.devices.allow = c 5:1 rwm
|
||||
## /dev/{,u}random
|
||||
lxc.cgroup.devices.allow = c 1:8 rwm
|
||||
lxc.cgroup.devices.allow = c 1:9 rwm
|
||||
## /dev/pts/*
|
||||
lxc.cgroup.devices.allow = c 5:2 rwm
|
||||
lxc.cgroup.devices.allow = c 136:* rwm
|
||||
## rtc
|
||||
lxc.cgroup.devices.allow = c 254:0 rm
|
||||
## fuse
|
||||
lxc.cgroup.devices.allow = c 10:229 rwm
|
||||
## tun
|
||||
lxc.cgroup.devices.allow = c 10:200 rwm
|
||||
## full
|
||||
lxc.cgroup.devices.allow = c 1:7 rwm
|
||||
## hpet
|
||||
lxc.cgroup.devices.allow = c 10:228 rwm
|
||||
## kvm
|
||||
lxc.cgroup.devices.allow = c 10:232 rwm
|
||||
## To use loop devices, copy the following line to the container's
|
||||
## configuration file (uncommented).
|
||||
#lxc.cgroup.devices.allow = b 7:* rwm
|
|
@ -1,5 +1,5 @@
|
|||
{
|
||||
"provider": "lxc",
|
||||
"version": "3",
|
||||
"version": "1.0.0",
|
||||
"built-on": "<TODAY>"
|
||||
}
|
70
boxes/conf/ubuntu
Normal file
70
boxes/conf/ubuntu
Normal file
|
@ -0,0 +1,70 @@
|
|||
# Default pivot location
|
||||
lxc.pivotdir = lxc_putold
|
||||
|
||||
# Default mount entries
|
||||
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
|
||||
lxc.mount.entry = sysfs sys sysfs defaults 0 0
|
||||
lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none bind,optional 0 0
|
||||
lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional 0 0
|
||||
lxc.mount.entry = /sys/kernel/security sys/kernel/security none bind,optional 0 0
|
||||
lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0
|
||||
|
||||
# Default console settings
|
||||
lxc.devttydir = lxc
|
||||
lxc.tty = 4
|
||||
lxc.pts = 1024
|
||||
|
||||
# Default capabilities
|
||||
lxc.cap.drop = sys_module mac_admin mac_override sys_time
|
||||
|
||||
# When using LXC with apparmor, the container will be confined by default.
|
||||
# If you wish for it to instead run unconfined, copy the following line
|
||||
# (uncommented) to the container's configuration file.
|
||||
#lxc.aa_profile = unconfined
|
||||
|
||||
# To support container nesting on an Ubuntu host while retaining most of
|
||||
# apparmor's added security, use the following two lines instead.
|
||||
#lxc.aa_profile = lxc-container-default-with-nesting
|
||||
#lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups
|
||||
|
||||
# Uncomment the following line to autodetect squid-deb-proxy configuration on the
|
||||
# host and forward it to the guest at start time.
|
||||
#lxc.hook.pre-start = /usr/share/lxc/hooks/squid-deb-proxy-client
|
||||
|
||||
# If you wish to allow mounting block filesystems, then use the following
|
||||
# line instead, and make sure to grant access to the block device and/or loop
|
||||
# devices below in lxc.cgroup.devices.allow.
|
||||
#lxc.aa_profile = lxc-container-default-with-mounting
|
||||
|
||||
# Default cgroup limits
|
||||
lxc.cgroup.devices.deny = a
|
||||
## Allow any mknod (but not using the node)
|
||||
lxc.cgroup.devices.allow = c *:* m
|
||||
lxc.cgroup.devices.allow = b *:* m
|
||||
## /dev/null and zero
|
||||
lxc.cgroup.devices.allow = c 1:3 rwm
|
||||
lxc.cgroup.devices.allow = c 1:5 rwm
|
||||
## consoles
|
||||
lxc.cgroup.devices.allow = c 5:0 rwm
|
||||
lxc.cgroup.devices.allow = c 5:1 rwm
|
||||
## /dev/{,u}random
|
||||
lxc.cgroup.devices.allow = c 1:8 rwm
|
||||
lxc.cgroup.devices.allow = c 1:9 rwm
|
||||
## /dev/pts/*
|
||||
lxc.cgroup.devices.allow = c 5:2 rwm
|
||||
lxc.cgroup.devices.allow = c 136:* rwm
|
||||
## rtc
|
||||
lxc.cgroup.devices.allow = c 254:0 rm
|
||||
## fuse
|
||||
lxc.cgroup.devices.allow = c 10:229 rwm
|
||||
## tun
|
||||
lxc.cgroup.devices.allow = c 10:200 rwm
|
||||
## full
|
||||
lxc.cgroup.devices.allow = c 1:7 rwm
|
||||
## hpet
|
||||
lxc.cgroup.devices.allow = c 10:228 rwm
|
||||
## kvm
|
||||
lxc.cgroup.devices.allow = c 10:232 rwm
|
||||
## To use loop devices, copy the following line to the container's
|
||||
## configuration file (uncommented).
|
||||
#lxc.cgroup.devices.allow = b 7:* rwm
|
16
boxes/debian/clean.sh
Executable file
16
boxes/debian/clean.sh
Executable file
|
@ -0,0 +1,16 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
source common/ui.sh
|
||||
source common/utils.sh
|
||||
|
||||
debug 'Bringing container up'
|
||||
utils.lxc.start
|
||||
|
||||
info "Cleaning up '${CONTAINER}'..."
|
||||
|
||||
log 'Removing temporary files...'
|
||||
rm -rf ${ROOTFS}/tmp/*
|
||||
|
||||
log 'Removing downloaded packages...'
|
||||
utils.lxc.attach apt-get clean
|
116
boxes/debian/install-extras.sh
Executable file
116
boxes/debian/install-extras.sh
Executable file
|
@ -0,0 +1,116 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
source common/ui.sh
|
||||
source common/utils.sh
|
||||
|
||||
info 'Installing extra packages and upgrading'
|
||||
|
||||
debug 'Bringing container up'
|
||||
utils.lxc.start
|
||||
|
||||
# Sleep for a bit so that the container can get an IP
|
||||
log 'Sleeping for 5 seconds...'
|
||||
sleep 5
|
||||
|
||||
# TODO: Support for appending to this list from outside
|
||||
PACKAGES=(vim curl wget man-db bash-completion python-software-properties ca-certificates sudo nfs-common)
|
||||
if [ $DISTRIBUTION = 'ubuntu' ]; then
|
||||
PACKAGES+=' software-properties-common'
|
||||
fi
|
||||
utils.lxc.attach apt-get update
|
||||
utils.lxc.attach apt-get install ${PACKAGES[*]} -y --force-yes
|
||||
utils.lxc.attach apt-get upgrade -y --force-yes
|
||||
|
||||
CHEF=${CHEF:-0}
|
||||
PUPPET=${PUPPET:-0}
|
||||
SALT=${SALT:-0}
|
||||
BABUSHKA=${BABUSHKA:-0}
|
||||
|
||||
if [ $DISTRIBUTION = 'debian' ]; then
|
||||
# Enable bash-completion
|
||||
sed -e '/^#if ! shopt -oq posix; then/,/^#fi/ s/^#\(.*\)/\1/g' \
|
||||
-i ${ROOTFS}/etc/bash.bashrc
|
||||
fi
|
||||
|
||||
if [ $CHEF = 1 ]; then
|
||||
if $(lxc-attach -n ${CONTAINER} -- which chef-solo &>/dev/null); then
|
||||
log "Chef has been installed on container, skipping"
|
||||
else
|
||||
log "Installing Chef"
|
||||
cat > ${ROOTFS}/tmp/install-chef.sh << EOF
|
||||
#!/bin/sh
|
||||
curl -L https://www.opscode.com/chef/install.sh -k | sudo bash
|
||||
EOF
|
||||
chmod +x ${ROOTFS}/tmp/install-chef.sh
|
||||
utils.lxc.attach /tmp/install-chef.sh
|
||||
fi
|
||||
else
|
||||
log "Skipping Chef installation"
|
||||
fi
|
||||
|
||||
if [ $PUPPET = 1 ]; then
|
||||
if $(lxc-attach -n ${CONTAINER} -- which puppet &>/dev/null); then
|
||||
log "Puppet has been installed on container, skipping"
|
||||
elif [ ${RELEASE} = 'trusty' ]; then
|
||||
warn "Puppet can't be installed on Ubuntu Trusty 14.04, skipping"
|
||||
elif [ ${RELEASE} = 'sid' ]; then
|
||||
warn "Puppet can't be installed on Debian sid, skipping"
|
||||
else
|
||||
log "Installing Puppet"
|
||||
wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${ROOTFS}/tmp/puppetlabs-release-stable.deb" &>>${LOG}
|
||||
utils.lxc.attach dpkg -i "/tmp/puppetlabs-release-stable.deb"
|
||||
utils.lxc.attach apt-get update
|
||||
utils.lxc.attach apt-get install puppet -y --force-yes
|
||||
fi
|
||||
else
|
||||
log "Skipping Puppet installation"
|
||||
fi
|
||||
|
||||
if [ $SALT = 1 ]; then
|
||||
if $(lxc-attach -n ${CONTAINER} -- which salt-minion &>/dev/null); then
|
||||
log "Salt has been installed on container, skipping"
|
||||
elif [ ${RELEASE} = 'raring' ]; then
|
||||
warn "Salt can't be installed on Ubuntu Raring 13.04, skipping"
|
||||
else
|
||||
if [ $DISTRIBUTION = 'ubuntu' ]; then
|
||||
utils.lxc.attach add-apt-repository -y ppa:saltstack/salt
|
||||
else # DEBIAN
|
||||
if [ $RELEASE == "squeeze" ]; then
|
||||
SALT_SOURCE_1="deb http://debian.saltstack.com/debian squeeze-saltstack main"
|
||||
SALT_SOURCE_2="deb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free"
|
||||
elif [ $RELEASE == "wheezy" ]; then
|
||||
SALT_SOURCE_1="deb http://debian.saltstack.com/debian wheezy-saltstack main"
|
||||
else
|
||||
SALT_SOURCE_1="deb http://debian.saltstack.com/debian unstable main"
|
||||
fi
|
||||
echo $SALT_SOURCE_1 > ${ROOTFS}/etc/apt/sources.list.d/saltstack.list
|
||||
echo $SALT_SOURCE_2 >> ${ROOTFS}/etc/apt/sources.list.d/saltstack.list
|
||||
|
||||
utils.lxc.attach wget -q -O /tmp/salt.key "http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key"
|
||||
utils.lxc.attach apt-key add /tmp/salt.key
|
||||
fi
|
||||
utils.lxc.attach apt-get update
|
||||
utils.lxc.attach apt-get install salt-minion -y --force-yes
|
||||
fi
|
||||
else
|
||||
log "Skipping Salt installation"
|
||||
fi
|
||||
|
||||
if [ $BABUSHKA = 1 ]; then
|
||||
if $(lxc-attach -n ${CONTAINER} -- which babushka &>/dev/null); then
|
||||
log "Babushka has been installed on container, skipping"
|
||||
elif [ ${RELEASE} = 'trusty' ]; then
|
||||
warn "Babushka can't be installed on Ubuntu Trusty 14.04, skipping"
|
||||
else
|
||||
log "Installing Babushka"
|
||||
cat > $ROOTFS/tmp/install-babushka.sh << EOF
|
||||
#!/bin/sh
|
||||
curl https://babushka.me/up | sudo bash
|
||||
EOF
|
||||
chmod +x $ROOTFS/tmp/install-babushka.sh
|
||||
utils.lxc.attach /tmp/install-babushka.sh
|
||||
fi
|
||||
else
|
||||
log "Skipping Babushka installation"
|
||||
fi
|
33
boxes/debian/vagrant-lxc-fixes.sh
Executable file
33
boxes/debian/vagrant-lxc-fixes.sh
Executable file
|
@ -0,0 +1,33 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
source common/ui.sh
|
||||
source common/utils.sh
|
||||
|
||||
# Fixes some networking issues
|
||||
# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info
|
||||
if ! $(grep -q 'ip6-allhosts' ${ROOTFS}/etc/hosts); then
|
||||
log "Adding ipv6 allhosts entry to container's /etc/hosts"
|
||||
echo 'ff02::3 ip6-allhosts' >> ${ROOTFS}/etc/hosts
|
||||
fi
|
||||
|
||||
utils.lxc.start
|
||||
|
||||
if [ ${DISTRIBUTION} = 'debian' ]; then
|
||||
# Ensure locales are properly set, based on http://askubuntu.com/a/238063
|
||||
LANG=${LANG:-en_US.UTF-8}
|
||||
sed -i "s/^# ${LANG}/${LANG}/" ${ROOTFS}/etc/locale.gen
|
||||
|
||||
# Fixes some networking issues
|
||||
# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info
|
||||
sed -i -e "s/\(127.0.0.1\s\+localhost\)/\1\n127.0.1.1\t${RELEASE}-base\n/g" ${ROOTFS}/etc/hosts
|
||||
|
||||
# Ensures that `/tmp` does not get cleared on halt
|
||||
# See https://github.com/fgrehm/vagrant-lxc/issues/68 for more info
|
||||
utils.lxc.attach /usr/sbin/update-rc.d -f checkroot-bootclean.sh remove
|
||||
utils.lxc.attach /usr/sbin/update-rc.d -f mountall-bootclean.sh remove
|
||||
utils.lxc.attach /usr/sbin/update-rc.d -f mountnfs-bootclean.sh remove
|
||||
fi
|
||||
|
||||
utils.lxc.attach /usr/sbin/locale-gen ${LANG}
|
||||
utils.lxc.attach update-locale LANG=${LANG}
|
47
boxes/mk-debian.sh
Executable file
47
boxes/mk-debian.sh
Executable file
|
@ -0,0 +1,47 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
source common/ui.sh
|
||||
|
||||
if [ "$(id -u)" != "0" ]; then
|
||||
echo "You should run this script as root (sudo)."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
export DISTRIBUTION=$1
|
||||
export RELEASE=$2
|
||||
export ARCH=$3
|
||||
export CONTAINER=$4
|
||||
export PACKAGE=$5
|
||||
export ROOTFS="/var/lib/lxc/${CONTAINER}/rootfs"
|
||||
export WORKING_DIR="/tmp/${CONTAINER}"
|
||||
export NOW=$(date -u)
|
||||
export LOG=$(readlink -f .)/log/${CONTAINER}.log
|
||||
|
||||
mkdir -p $(dirname $LOG)
|
||||
echo '############################################' > ${LOG}
|
||||
echo "# Beginning build at $(date)" >> ${LOG}
|
||||
touch ${LOG}
|
||||
chmod +rw ${LOG}
|
||||
|
||||
if [ -f ${PACKAGE} ]; then
|
||||
warn "The box '${PACKAGE}' already exists, skipping..."
|
||||
echo
|
||||
exit
|
||||
fi
|
||||
|
||||
debug "Creating ${WORKING_DIR}"
|
||||
mkdir -p ${WORKING_DIR}
|
||||
|
||||
info "Building box to '${PACKAGE}'..."
|
||||
|
||||
./common/download.sh ${DISTRIBUTION} ${RELEASE} ${ARCH} ${CONTAINER}
|
||||
./debian/vagrant-lxc-fixes.sh ${DISTRIBUTION} ${RELEASE} ${ARCH} ${CONTAINER}
|
||||
./debian/install-extras.sh ${CONTAINER}
|
||||
./common/prepare-vagrant-user.sh ${CONTAINER}
|
||||
./debian/clean.sh ${CONTAINER}
|
||||
./common/package.sh ${CONTAINER} ${PACKAGE}
|
||||
|
||||
info "Finished building '${PACKAGE}'!"
|
||||
log "Run \`sudo lxc-destroy -n ${CONTAINER}\` or \`make clean\` to remove the container that was created along the way"
|
||||
echo
|
|
@ -3,7 +3,8 @@ module Vagrant
|
|||
module Action
|
||||
# Prepare arguments to be used for lxc-create
|
||||
class HandleBoxMetadata
|
||||
SUPPORTED_VERSIONS = [2, 3]
|
||||
SUPPORTED_VERSIONS = ['1.0.0', '2', '3']
|
||||
|
||||
def initialize(app, env)
|
||||
@app = app
|
||||
@logger = Log4r::Logger.new("vagrant::lxc::action::handle_box_metadata")
|
||||
|
@ -16,15 +17,25 @@ module Vagrant
|
|||
@env[:ui].info I18n.t("vagrant.actions.vm.import.importing",
|
||||
:name => @env[:machine].box.name)
|
||||
|
||||
@logger.debug 'Validating box contents'
|
||||
@logger.info 'Validating box contents'
|
||||
validate_box
|
||||
|
||||
@logger.debug 'Setting box options on environment'
|
||||
@env[:lxc_template_opts] = template_opts
|
||||
@logger.info 'Setting box options on environment'
|
||||
@env[:lxc_template_src] = template_src
|
||||
@env[:lxc_template_opts] = template_opts
|
||||
|
||||
# FIXME: Remove support for pre 1.0.0 boxes
|
||||
if box_version != '1.0.0'
|
||||
@env[:ui].warn "WARNING: You are using a base box that has a format that has been deprecated, please upgrade to a new one."
|
||||
@env[:lxc_template_opts].merge!(
|
||||
'--auth-key' => Vagrant.source_root.join('keys', 'vagrant.pub').expand_path.to_s
|
||||
)
|
||||
end
|
||||
|
||||
if template_config_file.exist?
|
||||
@env[:lxc_template_config] = template_config_file.to_s
|
||||
@env[:lxc_template_opts].merge!('--config' => template_config_file.to_s)
|
||||
elsif old_template_config_file.exist?
|
||||
@env[:lxc_template_config] = old_template_config_file.to_s
|
||||
end
|
||||
|
||||
@app.call env
|
||||
|
@ -35,15 +46,17 @@ module Vagrant
|
|||
end
|
||||
|
||||
def template_config_file
|
||||
@template_config_file ||= @box.directory.join('lxc.conf')
|
||||
@template_config_file ||= @box.directory.join('lxc-config')
|
||||
end
|
||||
|
||||
# TODO: Remove this once we remove compatibility for < 1.0.0 boxes
|
||||
def old_template_config_file
|
||||
@old_template_config_file ||= @box.directory.join('lxc.conf')
|
||||
end
|
||||
|
||||
def template_opts
|
||||
@template_opts ||= @box.metadata.fetch('template-opts', {}).dup.merge!(
|
||||
'--tarball' => rootfs_tarball,
|
||||
# TODO: Deprecate this, the rootfs should be ready for vagrant-lxc
|
||||
# SSH access at this point
|
||||
'--auth-key' => Vagrant.source_root.join('keys', 'vagrant.pub').expand_path.to_s
|
||||
'--tarball' => rootfs_tarball
|
||||
)
|
||||
end
|
||||
|
||||
|
@ -52,10 +65,10 @@ module Vagrant
|
|||
end
|
||||
|
||||
def validate_box
|
||||
unless SUPPORTED_VERSIONS.include? @box.metadata.fetch('version').to_i
|
||||
unless SUPPORTED_VERSIONS.include? box_version
|
||||
raise Errors::IncompatibleBox.new name: @box.name,
|
||||
found: @box.metadata.fetch('version').to_i,
|
||||
supported: SUPPORTED_VERSIONS.join(' and ')
|
||||
found: box_version,
|
||||
supported: SUPPORTED_VERSIONS.join(', ')
|
||||
end
|
||||
|
||||
unless File.exists?(template_src)
|
||||
|
@ -66,6 +79,10 @@ module Vagrant
|
|||
raise Errors::RootFSTarballMissing.new name: @box.name
|
||||
end
|
||||
end
|
||||
|
||||
def box_version
|
||||
@box.metadata.fetch('version')
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -6,7 +6,7 @@ require 'vagrant-lxc/action/handle_box_metadata'
|
|||
|
||||
describe Vagrant::LXC::Action::HandleBoxMetadata do
|
||||
let(:app) { double(:app, call: true) }
|
||||
let(:env) { {machine: machine, ui: double(info: true)} }
|
||||
let(:env) { {machine: machine, ui: double(info: true, warn: true)} }
|
||||
let(:machine) { double(:machine, box: box) }
|
||||
let(:box) { double(:box, name: 'box-name', metadata: metadata, directory: box_directory) }
|
||||
let(:box_directory) { Pathname.new('/path/to/box') }
|
||||
|
@ -16,9 +16,54 @@ describe Vagrant::LXC::Action::HandleBoxMetadata do
|
|||
|
||||
subject { described_class.new(app, env) }
|
||||
|
||||
context 'with valid contents' do
|
||||
context 'with 1.0.0 box' do
|
||||
let(:version) { '1.0.0' }
|
||||
|
||||
before do
|
||||
File.stub(exists?: true)
|
||||
# REFACTOR: This is pretty bad
|
||||
subject.stub_chain(:template_config_file, :exist?).and_return(true)
|
||||
subject.stub_chain(:template_config_file, :to_s).and_return(box_directory.join('lxc-config').to_s)
|
||||
subject.call(env)
|
||||
end
|
||||
|
||||
it 'sets the tarball argument for the template' do
|
||||
env[:lxc_template_opts].should include(
|
||||
'--tarball' => box_directory.join('rootfs.tar.gz').to_s
|
||||
)
|
||||
end
|
||||
|
||||
it 'sets the template --config parameter' do
|
||||
env[:lxc_template_opts].should include(
|
||||
'--config' => box_directory.join('lxc-config').to_s
|
||||
)
|
||||
end
|
||||
|
||||
it 'does not set the auth key argument for the template' do
|
||||
env[:lxc_template_opts].should_not include(
|
||||
'--auth-key' => vagrant_key
|
||||
)
|
||||
end
|
||||
|
||||
it 'sets the template options from metadata on env hash' do
|
||||
env[:lxc_template_opts].should include(metadata['template-opts'])
|
||||
end
|
||||
|
||||
it 'sets the template source path on env hash' do
|
||||
env[:lxc_template_src].should == box_directory.join('lxc-template').to_s
|
||||
end
|
||||
|
||||
it 'does not warn about deprecation' do
|
||||
env[:ui].should_not have_received(:warn)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with valid pre 1.0.0 box' do
|
||||
before do
|
||||
File.stub(exists?: true)
|
||||
# REFACTOR: This is pretty bad
|
||||
subject.stub_chain(:old_template_config_file, :exist?).and_return(true)
|
||||
subject.stub_chain(:old_template_config_file, :to_s).and_return(box_directory.join('lxc.conf').to_s)
|
||||
subject.call(env)
|
||||
end
|
||||
|
||||
|
@ -34,6 +79,10 @@ describe Vagrant::LXC::Action::HandleBoxMetadata do
|
|||
)
|
||||
end
|
||||
|
||||
it 'sets the lxc config file parameter' do
|
||||
env[:lxc_template_config].should == box_directory.join('lxc.conf').to_s
|
||||
end
|
||||
|
||||
it 'sets the template options from metadata on env hash' do
|
||||
env[:lxc_template_opts].should include(metadata['template-opts'])
|
||||
end
|
||||
|
@ -41,12 +90,23 @@ describe Vagrant::LXC::Action::HandleBoxMetadata do
|
|||
it 'sets the template source path on env hash' do
|
||||
env[:lxc_template_src].should == box_directory.join('lxc-template').to_s
|
||||
end
|
||||
|
||||
it 'warns about deprecation' do
|
||||
env[:ui].should have_received(:warn)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'with invalid contents' do
|
||||
before { File.stub(exists?: true) }
|
||||
|
||||
it 'raises an error if the version is != 2' do
|
||||
it 'validates box versions' do
|
||||
%w( 2 3 1.0.0 ).each do |v|
|
||||
metadata['version'] = v
|
||||
expect {
|
||||
subject.call(env)
|
||||
}.to_not raise_error(Vagrant::LXC::Errors::IncompatibleBox)
|
||||
end
|
||||
|
||||
metadata['version'] = '1'
|
||||
expect {
|
||||
subject.call(env)
|
||||
|
|
Loading…
Reference in a new issue