boxes: Get rid of old scripts
This commit is contained in:
parent
1b8fb6137b
commit
921e08bdb4
7 changed files with 0 additions and 267 deletions
|
@ -1,154 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# set -x
|
|
||||||
set -e
|
|
||||||
|
|
||||||
# Script used to build Ubuntu base vagrant-lxc containers
|
|
||||||
#
|
|
||||||
# USAGE:
|
|
||||||
# $ cd boxes && sudo ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH
|
|
||||||
#
|
|
||||||
# To enable Chef or any other configuration management tool pass '1' to the
|
|
||||||
# corresponding env var:
|
|
||||||
# $ CHEF=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH
|
|
||||||
# $ PUPPET=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH
|
|
||||||
# $ SALT=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH
|
|
||||||
# $ BABUSHKA=1 sudo -E ./build-ubuntu-box.sh UBUNTU_RELEASE BOX_ARCH
|
|
||||||
|
|
||||||
##################################################################################
|
|
||||||
# 0 - Initial setup and sanity checks
|
|
||||||
|
|
||||||
TODAY=$(date -u +"%Y-%m-%d")
|
|
||||||
NOW=$(date -u)
|
|
||||||
RELEASE=${1:-"raring"}
|
|
||||||
ARCH=${2:-"amd64"}
|
|
||||||
PKG=vagrant-lxc-${RELEASE}-${ARCH}-${TODAY}.box
|
|
||||||
WORKING_DIR=/tmp/vagrant-lxc-${RELEASE}
|
|
||||||
VAGRANT_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
|
|
||||||
ROOTFS=/var/lib/lxc/${RELEASE}-base/rootfs
|
|
||||||
|
|
||||||
# Providing '1' will enable these tools
|
|
||||||
CHEF=${CHEF:-0}
|
|
||||||
PUPPET=${PUPPET:-0}
|
|
||||||
SALT=${SALT:-0}
|
|
||||||
BABUSHKA=${BABUSHKA:-0}
|
|
||||||
|
|
||||||
# Path to files bundled with the box
|
|
||||||
CWD=`readlink -f .`
|
|
||||||
LXC_TEMPLATE=${CWD}/common/lxc-template
|
|
||||||
LXC_CONF=${CWD}/common/lxc.conf
|
|
||||||
METATADA_JSON=${CWD}/common/metadata.json
|
|
||||||
|
|
||||||
# Set up a working dir
|
|
||||||
mkdir -p $WORKING_DIR
|
|
||||||
|
|
||||||
if [ -f "${WORKING_DIR}/${PKG}" ]; then
|
|
||||||
echo "Found a box on ${WORKING_DIR}/${PKG} already!"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
##################################################################################
|
|
||||||
# 1 - Create the base container
|
|
||||||
|
|
||||||
if $(lxc-ls | grep -q "${RELEASE}-base"); then
|
|
||||||
echo "Base container already exists, please remove it with \`lxc-destroy -n ${RELEASE}-base\`!"
|
|
||||||
exit 1
|
|
||||||
else
|
|
||||||
lxc-create -n ${RELEASE}-base -t ubuntu -- --release ${RELEASE} --arch ${ARCH}
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Fixes some networking issues
|
|
||||||
# See https://github.com/fgrehm/vagrant-lxc/issues/91 for more info
|
|
||||||
echo 'ff02::3 ip6-allhosts' >> ${ROOTFS}/etc/hosts
|
|
||||||
|
|
||||||
# Ensure locales are properly set, based on http://askubuntu.com/a/238063
|
|
||||||
chroot ${ROOTFS} locale-gen en_US.UTF-8
|
|
||||||
chroot ${ROOTFS} dpkg-reconfigure locales
|
|
||||||
|
|
||||||
|
|
||||||
##################################################################################
|
|
||||||
# 2 - Prepare vagrant user
|
|
||||||
|
|
||||||
mv ${ROOTFS}/home/{ubuntu,vagrant}
|
|
||||||
chroot ${ROOTFS} usermod -l vagrant -d /home/vagrant ubuntu
|
|
||||||
chroot ${ROOTFS} groupmod -n vagrant ubuntu
|
|
||||||
|
|
||||||
echo -n 'vagrant:vagrant' | chroot ${ROOTFS} chpasswd
|
|
||||||
|
|
||||||
|
|
||||||
##################################################################################
|
|
||||||
# 3 - Setup SSH access and passwordless sudo
|
|
||||||
|
|
||||||
# Configure SSH access
|
|
||||||
mkdir -p ${ROOTFS}/home/vagrant/.ssh
|
|
||||||
echo $VAGRANT_KEY > ${ROOTFS}/home/vagrant/.ssh/authorized_keys
|
|
||||||
chroot ${ROOTFS} chown -R vagrant: /home/vagrant/.ssh
|
|
||||||
|
|
||||||
# Enable passwordless sudo for the vagrant user
|
|
||||||
echo "vagrant ALL=(ALL) NOPASSWD:ALL" > ${ROOTFS}/etc/sudoers.d/vagrant
|
|
||||||
chmod 0440 ${ROOTFS}/etc/sudoers.d/vagrant
|
|
||||||
|
|
||||||
|
|
||||||
##################################################################################
|
|
||||||
# 4 - Add some goodies and update packages
|
|
||||||
|
|
||||||
PACKAGES=(vim curl wget man-db bash-completion python-software-properties software-properties-common)
|
|
||||||
chroot ${ROOTFS} apt-get update
|
|
||||||
chroot ${ROOTFS} apt-get install ${PACKAGES[*]} -y --force-yes
|
|
||||||
chroot ${ROOTFS} apt-get upgrade -y --force-yes
|
|
||||||
|
|
||||||
|
|
||||||
##################################################################################
|
|
||||||
# 5 - Configuration management tools
|
|
||||||
|
|
||||||
if [ $CHEF = 1 ]; then
|
|
||||||
./common/install-chef $ROOTFS
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ $PUPPET = 1 ]; then
|
|
||||||
./common/install-puppet $ROOTFS
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ $SALT = 1 ]; then
|
|
||||||
./common/install-salt $ROOTFS
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ $BABUSHKA = 1 ]; then
|
|
||||||
./common/install-babushka $ROOTFS
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
##################################################################################
|
|
||||||
# 6 - Free up some disk space
|
|
||||||
|
|
||||||
rm -rf ${ROOTFS}/tmp/*
|
|
||||||
chroot ${ROOTFS} apt-get clean
|
|
||||||
|
|
||||||
|
|
||||||
##################################################################################
|
|
||||||
# 7 - Build box package
|
|
||||||
|
|
||||||
# Compress container's rootfs
|
|
||||||
cd $(dirname $ROOTFS)
|
|
||||||
tar --numeric-owner -czf /tmp/vagrant-lxc-${RELEASE}/rootfs.tar.gz ./rootfs/*
|
|
||||||
|
|
||||||
# Prepare package contents
|
|
||||||
cd $WORKING_DIR
|
|
||||||
cp $LXC_TEMPLATE .
|
|
||||||
cp $LXC_CONF .
|
|
||||||
cp $METATADA_JSON .
|
|
||||||
chmod +x lxc-template
|
|
||||||
sed -i "s/<TODAY>/${NOW}/" metadata.json
|
|
||||||
|
|
||||||
# Vagrant box!
|
|
||||||
tar -czf $PKG ./*
|
|
||||||
|
|
||||||
chmod +rw ${WORKING_DIR}/${PKG}
|
|
||||||
mkdir -p ${CWD}/output
|
|
||||||
mv ${WORKING_DIR}/${PKG} ${CWD}/output
|
|
||||||
|
|
||||||
# Clean up after ourselves
|
|
||||||
rm -rf ${WORKING_DIR}
|
|
||||||
lxc-destroy -n ${RELEASE}-base
|
|
||||||
|
|
||||||
echo "The base box was built successfully to ${CWD}/output/${PKG}"
|
|
|
@ -1,7 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
cache=`readlink -f .`
|
|
||||||
rootfs="${cache}/rootfs"
|
|
||||||
|
|
||||||
rm -rf $rootfs/tmp/*
|
|
||||||
chroot $rootfs apt-get clean
|
|
|
@ -1,16 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -e
|
|
||||||
|
|
||||||
rootfs=$1
|
|
||||||
|
|
||||||
echo "installing babushka"
|
|
||||||
cat > $rootfs/tmp/install-babushka.sh << EOF
|
|
||||||
#!/bin/sh
|
|
||||||
curl https://babushka.me/up | sudo bash
|
|
||||||
|
|
||||||
EOF
|
|
||||||
chmod +x $rootfs/tmp/install-babushka.sh
|
|
||||||
chroot $rootfs /tmp/install-babushka.sh
|
|
||||||
|
|
||||||
rm -rf $rootfs/tmp/*
|
|
|
@ -1,15 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -e
|
|
||||||
|
|
||||||
rootfs=$1
|
|
||||||
|
|
||||||
echo "installing chef"
|
|
||||||
cat > $rootfs/tmp/install-chef.sh << EOF
|
|
||||||
#!/bin/sh
|
|
||||||
curl -L https://www.opscode.com/chef/install.sh -k | sudo bash
|
|
||||||
EOF
|
|
||||||
chmod +x $rootfs/tmp/install-chef.sh
|
|
||||||
chroot $rootfs /tmp/install-chef.sh
|
|
||||||
|
|
||||||
rm -rf $rootfs/tmp/*
|
|
|
@ -1,13 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -e
|
|
||||||
|
|
||||||
rootfs=$1
|
|
||||||
|
|
||||||
echo "installing puppet"
|
|
||||||
wget http://apt.puppetlabs.com/puppetlabs-release-stable.deb -O "${rootfs}/tmp/puppetlabs-release-stable.deb"
|
|
||||||
chroot $rootfs dpkg -i "/tmp/puppetlabs-release-stable.deb"
|
|
||||||
chroot $rootfs apt-get update
|
|
||||||
chroot $rootfs apt-get install puppet -y --force-yes
|
|
||||||
|
|
||||||
rm -rf $rootfs/tmp/*
|
|
|
@ -1,13 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -e
|
|
||||||
|
|
||||||
rootfs=$1
|
|
||||||
|
|
||||||
echo "installing salt"
|
|
||||||
|
|
||||||
chroot $rootfs apt-add-repository -y ppa:saltstack/salt
|
|
||||||
chroot $rootfs apt-get update
|
|
||||||
chroot $rootfs apt-get install salt-minion -y --force-yes
|
|
||||||
|
|
||||||
rm -rf $rootfs/tmp/*
|
|
|
@ -1,49 +0,0 @@
|
||||||
lxc.network.type=veth
|
|
||||||
lxc.network.link=lxcbr0
|
|
||||||
lxc.network.flags=up
|
|
||||||
|
|
||||||
lxc.pivotdir = lxc_putold
|
|
||||||
|
|
||||||
lxc.devttydir = lxc
|
|
||||||
lxc.tty = 4
|
|
||||||
lxc.pts = 1024
|
|
||||||
|
|
||||||
lxc.arch = amd64
|
|
||||||
lxc.cap.drop = sys_module mac_admin mac_override
|
|
||||||
|
|
||||||
# When using LXC with apparmor, uncomment the next line to run unconfined:
|
|
||||||
#lxc.aa_profile = unconfined
|
|
||||||
|
|
||||||
lxc.cgroup.devices.deny = a
|
|
||||||
# Allow any mknod (but not using the node)
|
|
||||||
lxc.cgroup.devices.allow = c *:* m
|
|
||||||
lxc.cgroup.devices.allow = b *:* m
|
|
||||||
# /dev/null and zero
|
|
||||||
lxc.cgroup.devices.allow = c 1:3 rwm
|
|
||||||
lxc.cgroup.devices.allow = c 1:5 rwm
|
|
||||||
# consoles
|
|
||||||
lxc.cgroup.devices.allow = c 5:1 rwm
|
|
||||||
lxc.cgroup.devices.allow = c 5:0 rwm
|
|
||||||
#lxc.cgroup.devices.allow = c 4:0 rwm
|
|
||||||
#lxc.cgroup.devices.allow = c 4:1 rwm
|
|
||||||
# /dev/{,u}random
|
|
||||||
lxc.cgroup.devices.allow = c 1:9 rwm
|
|
||||||
lxc.cgroup.devices.allow = c 1:8 rwm
|
|
||||||
lxc.cgroup.devices.allow = c 136:* rwm
|
|
||||||
lxc.cgroup.devices.allow = c 5:2 rwm
|
|
||||||
# rtc
|
|
||||||
lxc.cgroup.devices.allow = c 254:0 rwm
|
|
||||||
#fuse
|
|
||||||
lxc.cgroup.devices.allow = c 10:229 rwm
|
|
||||||
#tun
|
|
||||||
lxc.cgroup.devices.allow = c 10:200 rwm
|
|
||||||
#full
|
|
||||||
lxc.cgroup.devices.allow = c 1:7 rwm
|
|
||||||
#hpet
|
|
||||||
lxc.cgroup.devices.allow = c 10:228 rwm
|
|
||||||
#kvm
|
|
||||||
lxc.cgroup.devices.allow = c 10:232 rwm
|
|
||||||
|
|
||||||
# mounts point
|
|
||||||
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
|
|
||||||
lxc.mount.entry = sysfs sys sysfs defaults 0 0
|
|
Loading…
Reference in a new issue