diff options
Diffstat (limited to 'share')
80 files changed, 4093 insertions, 2479 deletions
diff --git a/share/bash-completion/container b/share/bash-completion/container index 95199b1..5b57193 100644 --- a/share/bash-completion/container +++ b/share/bash-completion/container @@ -1,7 +1,6 @@ -# bash-completion -# -# Copyright (C) 2016 Andreas Kreuzer <andreas.kreuzer@open-infrastructure.net> -# Copyright (C) 2016-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Open Infrastructure: compute-tools + +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -16,7 +15,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. _container() { @@ -44,6 +43,28 @@ _container() return 0 ;; + build|b) + case "${prev}" in + -n|--name) + opts="$(cd /etc/compute-tools/debconf 2>/dev/null && ls *.cfg */*.cfg 2>/dev/null | sed -e 's|.*/||g' -e 's|.cfg$||g')" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + + -s|--script) + opts="$(cd /usr/share/compute-tools/build-scripts && find -maxdepth 1 -not -type d -and -not -name 'default' -and -not -name 'debconf' -and -not -name '*.d' -printf '%P\n' | sort)" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + + *) + opts="-n --name -c --capability -d --drop-capability -s --script -v --verbose -b --bind --bind-ro" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + esac + ;; + console) case "${prev}" in -n|--name) @@ -60,16 +81,32 @@ _container() esac ;; - create|cr) + enter|run) case "${prev}" in -n|--name) - opts="$(cd /etc/open-infrastructure/container/debconf 2>/dev/null && ls *.cfg */*.cfg 2>/dev/null | sed -e 's|.*/||g' -e 's|.cfg$||g')" + opts="$(container list -s -f shell)" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + + *) + opts="-n --name" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + esac + ;; + + get|g) + case "${prev}" in + -n|--name) + opts="$(cd /etc/compute-tools/debconf 2>/dev/null && ls *.cfg */*.cfg 2>/dev/null | sed -e 's|.*/||g' -e 's|.cfg$||g')" COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) return 0 ;; -s|--script) - opts="$(cd /usr/share/open-infrastructure/container/scripts && find -maxdepth 1 -not -type d -and -not -name 'default' -and -not -name 'debconf' -and -not -name '*.d' -printf '%P\n' | sort)" + opts="$(cd /usr/share/compute-tools/get-scripts && find -maxdepth 1 -not -type d -and -not -name 'default' -and -not -name 'debconf' -and -not -name '*.d' -printf '%P\n' | sort)" COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) return 0 ;; @@ -82,16 +119,16 @@ _container() esac ;; - enter) + info) case "${prev}" in -n|--name) - opts="$(container list -s -f shell)" + opts="$(container list -t -f shell)" COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) return 0 ;; *) - opts="-n --name" + opts="--status --os --ip" COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) return 0 ;; @@ -99,9 +136,25 @@ _container() ;; key) - opts="-a --add -l --list -r --remove" - COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) - return 0 + case "${prev}" in + -a|--add) + opts="$(cd /usr/share/compute-tools/keys 2>/dev/null && ls *.pub 2>/dev/null | sed -e 's|.*/||g' -e 's|.pub$||g')" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + + -r|--remove) + opts="$(gpg --homedir /etc/compute-tools/keys --list-keys | grep ^uid | sed -e 's|.*<||' -e 's|>||')" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + + *) + opts="-a --add -r --remove -l --list" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + esac ;; limit) @@ -145,13 +198,13 @@ _container() log) case "${prev}" in -d|--date) - opts="$(if ls /var/log/open-infrastructure/container.log-*.gz > /dev/null 2>&1; + opts="$(if ls /var/log/compute-tools/container.log-*.gz > /dev/null 2>&1; then \ - zcat /var/log/open-infrastructure/container.log-*.gz | awk '{ print $1 }' | sort -u; \ + zcat /var/log/compute-tools/container.log-*.gz | awk '{ print $1 }' | sort -u; \ fi; \ - if [ -e /var/log/open-infrastructure/container.log ]; \ + if [ -e /var/log/compute-tools/container.log ]; \ then \ - awk '{ print $1 }' /var/log/open-infrastructure/container.log | sort -u; \ + awk '{ print $1 }' /var/log/compute-tools/container.log | sort -u; \ fi) \ today yesterday" COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) @@ -159,13 +212,13 @@ _container() ;; -n|--name) - opts="$(if ls /var/log/open-infrastructure/container.log-*.gz > /dev/null 2>&1; + opts="$(if ls /var/log/compute-tools/container.log-*.gz > /dev/null 2>&1; then \ - zgrep -E '(\-n|\-\-name) ' /var/log/open-infrastructure/container.log-*.gz | sed -e 's|.*-n ||' -e 's|.*--name ||' -e 's| .*$||' | sort -u; \ + zgrep -E '(\-n|\-\-name) ' /var/log/compute-tools/container.log-*.gz | sed -e 's|.*-n ||' -e 's|.*--name ||' -e 's| .*$||' | sort -u; \ fi; \ - if [ -e /var/log/open-infrastructure/container.log ]; \ + if [ -e /var/log/compute-tools/container.log ]; \ then \ - grep -E '(\-n|\-\-name) ' /var/log/open-infrastructure/container.log | sed -e 's|.*-n ||' -e 's|.*--name ||' -e 's| .*$||' | sort -u; \ + grep -E '(\-n|\-\-name) ' /var/log/compute-tools/container.log | sed -e 's|.*-n ||' -e 's|.*--name ||' -e 's| .*$||' | sort -u; \ fi)" COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) return 0 @@ -204,14 +257,30 @@ _container() ;; *) - opts="-n --name -f --force" + opts="-n --name -f --force -i --interactive -k --kill" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + esac + ;; + + rebuild|rb) + case "${prev}" in + -n|--name) + opts="$(container list -f shell)" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + + *) + opts="-n --name -f --force -v --verbose" COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) return 0 ;; esac ;; - restart|rt) + restart|rs) case "${prev}" in -n|--name) opts="$(container list -s -f shell)" @@ -246,7 +315,7 @@ _container() status|st) case "${prev}" in -n|--name) - opts="$(container list -t -f shell)" + opts="$(container list -f shell)" COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) return 0 ;; @@ -281,12 +350,28 @@ _container() return 0 ;; + update|u) + case "${prev}" in + -n|--name) + opts="$(container list -s -f shell)" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + + *) + opts="-n --name -f --full-upgrade -r --autoremove -p --purge --y --yes" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + return 0 + ;; + esac + ;; + version|ver) return 0 ;; *) - local commands=$(cd /usr/lib/open-infrastructure/container 2>/dev/null && find * -type f -print) + local commands=$(cd /usr/libexec/container 2>/dev/null && find * -type f -print) COMPREPLY=( $(compgen -W "${commands}" -- ${cur}) ) return 0 ;; diff --git a/share/scripts/debconf b/share/build-scripts/debconf index 197791a..d6739ad 100755 --- a/share/scripts/debconf +++ b/share/build-scripts/debconf @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,18 +15,21 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. set -e PROJECT="open-infrastructure" SOFTWARE="compute-tools" PROGRAM="container" +VERSION="$(container version)" + SCRIPT="${0}" export SCRIPT -CONFIG="/etc/${PROJECT}/${PROGRAM}/config" -HOOKS="/etc/${PROJECT}/${PROGRAM}/hooks" +CACHE="/var/cache/${PROGRAM}/build-$(basename ${SCRIPT})" +CONFIG="/etc/${SOFTWARE}/config" +HOOKS="/etc/${SOFTWARE}/hooks" MACHINES="/var/lib/machines" Parameters () @@ -97,7 +100,7 @@ Parameters () Usage () { - echo "Usage: container create -n|--name NAME -s|--script ${SCRIPT} -- [-p|--preseed-file FILE]" >&2 + echo "Usage: container build -n|--name NAME -s|--script ${SCRIPT} -- [-p|--preseed-file FILE]" >&2 exit 1 } @@ -114,18 +117,14 @@ then exit 1 fi -if [ ! -x /usr/sbin/debootstrap ] -then - echo "'${NAME}': /usr/sbin/debootstrap - no such file." >&2 - exit 1 -fi - if [ "$(id -u)" -ne 0 ] then echo "'${NAME}': need root privileges" >&2 exit 1 fi +HOST="$(echo ${NAME} | cut -d. -f1)" + Mount () { # Mounting rw bind mounts @@ -167,6 +166,7 @@ Mount () then CNT_OVERLAYS="$(echo ${CNT_OVERLAY} | sed -e 's|;| |g')" + COUNT="0" for CNT_OVERLAY in ${CNT_OVERLAYS} do DIRECTORY_LOWER="$(echo ${CNT_OVERLAY} | awk -F: '{ print $1 }')" @@ -174,12 +174,23 @@ Mount () DIRECTORY_WORK="$(echo ${CNT_OVERLAY} | awk -F: '{ print $3 }')" DIRECTORY_MERGED="$(echo ${CNT_OVERLAY} | awk -F: '{ print $4 }')" + COUNT="$((${COUNT} + 1))" + CNT_OVERLAY_OPTION="$(echo ${CNT_OVERLAY_OPTIONS} | awk -F ';' "{ print \$${COUNT} }")" + for DIRECTORY in "${DIRECTORY_LOWER}" "${DIRECTORY_UPPER}" "${DIRECTORY_WORK}" "${DIRECTORY_MERGED}" do mkdir -p "${DIRECTORY}" done - mount -t overlay overlay-${NAME} -olowerdir="${DIRECTORY_LOWER}",upperdir="${DIRECTORY_UPPER}",workdir="${DIRECTORY_WORK}" "${DIRECTORY_MERGED}" + if ! findmnt -n -o SOURCE "${DIRECTORY_MERGED}" | grep -qs '^overlay-' + then + if [ -n "${CNT_OVERLAY_OPTION}" ] + then + CNT_OVERLAY_OPTION="-o ${CNT_OVERLAY_OPTION}" + fi + + mount -t overlay overlay-${NAME} ${CNT_OVERLAY_OPTION} -olowerdir="${DIRECTORY_LOWER}",upperdir="${DIRECTORY_UPPER}",workdir="${DIRECTORY_WORK}" "${DIRECTORY_MERGED}" + fi done fi } @@ -205,6 +216,12 @@ Umount () rmdir --ignore-fail-on-non-empty --parents ${DIRECTORY} > /dev/null 2>&1 || true done done + + # empty workdir otherwise there might happen stale file handles + if [ -d "${DIRECTORY_WORK}" ] + then + rm --preserve-root --one-file-system -rf "${DIRECTORY_WORK}"/* + fi fi # Unmounting ro bind mounts @@ -348,7 +365,7 @@ EOF export DEBCONF_SYSTEMRC } -Debootstrap () +Bootstrap () { DIRECTORY="${1}" @@ -371,8 +388,101 @@ Debootstrap () esac mkdir -p "$(dirname ${DIRECTORY})" - debootstrap --verbose --arch=${ARCHITECTURE} --components=${PARENT_ARCHIVE_AREAS} \ - --exclude=${EXCLUDE} --include=${INCLUDE} ${PARENT_DISTRIBUTION} "${DIRECTORY}" ${PARENT_MIRROR} + + case "${BOOTSTRAP}" in + debootstrap) + debootstrap --verbose --arch=${ARCHITECTURE} --components=${PARENT_ARCHIVE_AREAS} \ + --exclude=${EXCLUDE} --include=${INCLUDE} ${PARENT_DISTRIBUTION} "${DIRECTORY}" ${PARENT_MIRROR} + ;; + + mmdebstrap) + mmdebstrap --arch=${ARCHITECTURE} --components=${PARENT_ARCHIVE_AREAS} \ + --format=directory --mode=root --aptopt='APT::Sandbox::User "root"' \ + --include=${INCLUDE} ${PARENT_DISTRIBUTION} "${DIRECTORY}" ${PARENT_MIRROR} + ;; + + *) + echo "'${NAME}': ${BOOTSTRAP} - not supported" >&2 + exit 1 + ;; + esac +} + +Image () +{ + DIRECTORY="${1}" + + FILES="${IMAGE}" + + for NUMBER in $(seq 1 ${IMAGE_NUMBER}) + do + eval FILES="${FILES} $`echo IMAGE${NUMBER}`" + done + + for FILE in ${FILES} + do + case "${FILE}" in + *.gz) + TAR_OPTIONS="--gzip" + + if [ ! -e /bin/gzip ] + then + echo -en "\n" + echo "'${NAME}': /bin/lzip - no such file." >&2 + exit 1 + fi + ;; + + *.lz) + TAR_OPTIONS="--lzip" + + if [ ! -e /usr/bin/lzip ] + then + echo -en "\n" + echo "'${NAME}': /usr/bin/lzip - no such file." >&2 + exit 1 + fi + ;; + + *.xz) + TAR_OPTIONS="--xz" + + if [ ! -e /usr/bin/xz ] + then + echo -en "\n" + echo "'${NAME}': /usr/bin/xz - no such file." >&2 + exit 1 + fi + ;; + + *) + TAR_OPTIONS="" + ;; + esac + + mkdir -p "${DIRECTORY}" + + echo "Using ${FILE}" + + if [ -e /usr/bin/pv ] + then + curl --fail --location --progress-bar --user-agent ${SOFTWARE}/${VERSION} --http2 ${CURL_TIME_COND} \ + "${FILE}" -o - | \ + pv --format '%p' --width 77 | \ + tar -C "${DIRECTORY}" --strip 1 ${TAR_OPTIONS} -xf - + #pv --format '%p' --width 77 "${CACHE}/${FILE}" | tar xf - ${TAR_OPTIONS} -C "${DIRECTORY}" --strip 1 + else + curl --fail --location --progress-bar --user-agent ${SOFTWARE}/${VERSION} --http2 ${CURL_TIME_COND} \ + "${FILE}" -o - | \ + tar -C "${DIRECTORY}" --strip 1 ${TAR_OPTIONS} -xf - + fi + + echo " ok." + done + + # Writing resolv.conf + rm -f "${DIRECTORY}/etc/resolv.conf" + cp /etc/resolv.conf "${DIRECTORY}/etc" } Configure_apt () @@ -404,7 +514,11 @@ EOF rm -f "${DIRECTORY}/progress-linux.cfg" - Chroot "${DIRECTORY}" "apt update" + case "${INSTALLER}" in + bootstrap) + Chroot "${DIRECTORY}" "apt update" + ;; + esac ;; esac } @@ -430,36 +544,8 @@ EOF rm -f "${DIRECTORY}/etc/mtab" ln -s /proc/self/mounts "${DIRECTORY}/etc/mtab" - # Temporary hack for dpkg - if [ -e "${DIRECTORY}/etc/dpkg/origins/default" ] - then - rm -f "${DIRECTORY}/etc/dpkg/origins/default" - Chroot "${DIRECTORY}" "dpkg-reconfigure base-files" - fi - - # Temporary hack for base-files - for FILE in motd.tail motd profile - do - if [ -e "${DIRECTORY}/usr/share/base-files/${FILE}" ] - then - rm -f "${DIRECTORY}/etc/${FILE}" - cp "${DIRECTORY}/usr/share/base-files/${FILE}" "${DIRECTORY}/etc" - fi - done - - # Temporary hack for readline - if [ -e "${DIRECTORY}/etc/inputrc" ] - then - rm -f "${DIRECTORY}/etc/inputrc" - cp "${DIRECTORY}/usr/share/readline/inputrc" "${DIRECTORY}/etc" - fi - - # Temporary hack for sysvinit - if [ -e "${DIRECTORY}/etc/inittab" ] - then - rm -f "${DIRECTORY}/etc/inittab" - cp "${DIRECTORY}/usr/share/sysvinit/inittab" "${DIRECTORY}/etc/inittab" - fi + # Removing machine-id + rm -f "${DIRECTORY}/etc/machine-id" # Removing resolv.conf rm -f "${DIRECTORY}/etc/resolv.conf" @@ -499,10 +585,14 @@ EOF for PARENT_REPO in ${PARENT_ARCHIVES} do case "${PARENT_REPO}" in - ${PARENT_DIST}-security) + buster-security) echo "deb ${PARENT_MIRROR_SECURITY} ${PARENT_DIST}/updates ${PARENT_AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/debian.list" ;; + ${PARENT_DIST}-security) + echo "deb ${PARENT_MIRROR_SECURITY} ${PARENT_DIST}-security ${PARENT_AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/debian.list" + ;; + ${PARENT_DIST}-updates) echo "deb ${PARENT_MIRROR} ${PARENT_DIST}-updates ${PARENT_AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/debian.list" ;; @@ -590,10 +680,15 @@ EOF IPV4_ADDRESS1_PART4="$(echo ${IPV4_ADDRESS1} | cut -d. -f4)" IPV6_ADDRESS1="$(${DIG} AAAA +short ${NAME} | tail -n1)" - # TODO: address parts + # FIXME: address parts + + export IPV4_ADDRESS1 IPV4_ADDRESS1_PART1 IPV4_ADDRESS1_PART2 IPV4_ADDRESS1_PART3 IPV4_ADDRESS1_PART4 + export IPV6_ADDRESS1 fi - sed -e "s|@NAME@|${NAME}|g" \ + sed -e "s|@FILE@|${FILE}|g" \ + -e "s|@NAME@|${NAME}|g" \ + -e "s|@HOST@|${HOST}|g" \ -e "s|@IPV4_ADDRESS1@|${IPV4_ADDRESS1}|g" \ -e "s|@IPV4_ADDRESS1_PART1@|${IPV4_ADDRESS1_PART1}|g" \ -e "s|@IPV4_ADDRESS1_PART2@|${IPV4_ADDRESS1_PART2}|g" \ @@ -615,7 +710,7 @@ EOF do if grep -qs locales "${FILE}" then - if [ -e "${DIRECTORY}/var/lib/dpkg/info/locales.list" ] + if Chroot "${DIRECTORY}" dpkg --get-selections | awk '{ print $1 }' | grep -qs '^locales$' then rm -f "${DIRECTORY}/etc/default/locale" "${DIRECTORY}/etc/locale.gen" Chroot "${DIRECTORY}" "DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=criticial dpkg-reconfigure locales" @@ -652,23 +747,13 @@ EOF done fi - # Temporary hack for base-files (base-files gets upgraded, so run it second time) - for FILE in motd.tail motd profile - do - if [ -e "${DIRECTORY}/usr/share/base-files/${FILE}" ] - then - rm -f "${DIRECTORY}/etc/${FILE}" - cp "${DIRECTORY}/usr/share/base-files/${FILE}" "${DIRECTORY}/etc" - fi - done - if [ -n "${PACKAGES}" ] then Chroot "${DIRECTORY}" "apt --option Dpkg::Options::=--force-confnew --yes install ${PACKAGES}" fi # Manual hack to regenerate ssh keys - if [ -e "${DIRECTORY}/var/lib/dpkg/info/openssh-server.postinst" ] && \ + if Chroot "${DIRECTORY}" dpkg --get-selections | awk '{ print $1 }' | grep -qs '^openssh-server$' && \ ! ls "${DIRECTORY}"/etc/ssh/ssh_host_*_key > /dev/null 2>&1 then Chroot "${DIRECTORY}" "DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=criticial dpkg-reconfigure openssh-server" @@ -873,6 +958,14 @@ EOF fi ;; + + stub) + +cat >> "${DIRECTORY}/etc/systemd/network/eno${NUMBER}.network" << EOF +DHCP=no +EOF + + ;; esac if [ -n "${IPV4_POST_UP}" ] @@ -955,6 +1048,15 @@ EOF fi ;; + + stub) + +cat >> "${DIRECTORY}/etc/systemd/network/eno${NUMBER}.network" << EOF +DHCP=no +IPv6AcceptRA=no +EOF + + ;; esac if [ -n "${IPV6_POST_UP}" ] @@ -1014,6 +1116,7 @@ Commands () -e "s|^cnt.container-server=.*|cnt.container-server=${CNT_CONTAINER_SERVER}|g" \ -e "s|^cnt.network-bridge=.*|cnt.network-bridge=${HOST_INTERFACE_NAME}:${NETWORK1_BRIDGE:-bridge0}|g" \ -e "s|^cnt.overlay=.*|cnt.overlay=${CNT_OVERLAY}|g" \ + -e "s|^cnt.overlay-options=.*|cnt.overlay-options=${CNT_OVERLAY_OPTIONS}|g" \ -e "s|^bind=.*|bind=${BIND}|g" \ -e "s|^bind-ro=.*|bind-ro=${BIND_RO}|g" \ -e "s|^network-veth-extra=.*|network-veth-extra=${HOST_INTERFACE_NAME}:eno1|g" \ @@ -1085,6 +1188,7 @@ trap 'Umount' EXIT HUP INT QUIT TERM umask 0022 export NAME +export HOST Debconf @@ -1098,7 +1202,7 @@ do done # Run debconf parts -for DEBCONF_SCRIPT in "/usr/share/${PROJECT}/${PROGRAM}/scripts/debconf.d"/* +for DEBCONF_SCRIPT in "/usr/share/${SOFTWARE}/build-scripts/debconf.d"/* do if [ -x "${DEBCONF_SCRIPT}" ] then @@ -1109,25 +1213,91 @@ done # Read-in configuration from debconf . "${DEBCONF_TMPDIR}/debconf.default" -CACHE="/var/cache/${PROJECT}/${PROGRAM}/${MODE}" SYSTEM="${MACHINES}/${NAME}" -## Generic parts -if [ ! -e "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" ] +if [ -z "${IMAGE}" ] && [ -z "${IMAGE1}" ] then - Debootstrap "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" - Configure_apt "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" - Deconfigure_system "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" - - mv "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" + INSTALLER="bootstrap" +else + INSTALLER="image" fi -Upgrade_system "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" || echo "W: If upgrading the system failed, try removing the cache for your distribution in /var/cache/${PROJECT}/${PROGRAM}" -Cleanup_system "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" +case "${INSTALLER}" in + bootstrap) + ## Dependencies + if [ -x /usr/bin/mmdebstrap ] + then + BOOTSTRAP="mmdebstrap" + elif [ -x /usr/sbin/debootstrap ] + then + BOOTSTRAP="debootstrap" + else + echo "'${NAME}': /usr/bin/mmdebstrap or /usr/sbin/debootstrap - no such file." >&2 + exit 1 + fi + + ## Generic parts + if [ ! -e "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" ] + then + Bootstrap "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" + Configure_apt "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" + Deconfigure_system "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" + + mv "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" + fi + + Upgrade_system "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" || echo "W: If upgrading the system failed, try removing the cache for your distribution in /var/cache/${PROGRAM}" + Cleanup_system "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" + + ## Specific parts + mkdir -p "${MACHINES}" + cp -a "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" "${MACHINES}/${NAME}" + ;; + + image) + ## Dependencies + if [ -x /usr/bin/curl ] + then + GET="curl" + elif [ -x /usr/bin/wget ] + then + GET="wget" + else + echo "'${NAME}': /usr/bin/curl or /usr/bin/wget - no such file." >&2 + exit 1 + fi + + COMPRESSIONS="" + + if [ -x /usr/bin/lzip ] + then + COMPRESSIONS="${COMPRESSIONS} lz" + fi + + if [ -x /usr/bin/xz ] + then + COMPRESSIONS="${COMPRESSIONS} xz" + fi + + if [ -x /bin/gzip ] + then + COMPRESSIONS="${COMPRESSIONS} gz" + fi + + if [ -z "${COMPRESSIONS}" ] + then + echo "'${NAME}': no supported compressor available (lz, xz, gz)." + exit 1 + fi + + ## Parts + mkdir -p "${MACHINES}" + Image "${MACHINES}/${NAME}" -## Specific parts -mkdir -p "${MACHINES}" -cp -a "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" "${MACHINES}/${NAME}" + Configure_apt "${MACHINES}/${NAME}" + Deconfigure_system "${MACHINES}/${NAME}" + ;; +esac Mount diff --git a/share/scripts/debconf.d/0001-preseed-file b/share/build-scripts/debconf.d/0001-preseed-file index 2c83675..aa2c3c7 100755 --- a/share/scripts/debconf.d/0001-preseed-file +++ b/share/build-scripts/debconf.d/0001-preseed-file @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,56 +15,75 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. set -e PROJECT="open-infrastructure" +SOFTWARE="compute-tools" PROGRAM="container" -CONFIG="/etc/${PROJECT}/${PROGRAM}/debconf" +CONFIG="/etc/${SOFTWARE}/config" +DEBCONF="/etc/${SOFTWARE}/debconf" DEBCONF_NOWARNINGS="true" export DEBCONF_NOWARNINGS . /usr/share/debconf/confmodule +# debconf template hierarchy (first match wins): +# +# 1. user specified a preseed file through commandline options +# 2. /etc/compute-tools/debconf/${NAME}.cfg exists +# 3. /etc/compute-tools/debconf/links/${NAME}.cfg exists +# 4. /etc/compute-tools/debconf/*/${NAME}.cfg exists (only one file!) +# 5. /etc/compute-tools/debconf/default.cfg exists +# 6. user chooses from list of available (if any) *.cfg files +# (recursively) found in /etc/compute-tools/debconf, +# /etc/compute-tools/debconf/links is excluded. + if [ -n "${PRESEED_FILE}" ] then # user specified one or more preseed files through commandline option db_set container/preseed-file "${PRESEED_FILE}" db_fset container/preseed-file seen true -elif [ -e "${CONFIG}/${NAME}.cfg" ] +elif [ -e "${DEBCONF}/${NAME}.cfg" ] then # user did not specify a pressed file, but there is a matching one # available on the system matching the container name - db_set container/preseed-file "${CONFIG}/${NAME}.cfg" + db_set container/preseed-file "${DEBCONF}/${NAME}.cfg" db_fset container/preseed-file seen true -elif [ "$(ls ${CONFIG}/*/${NAME}.cfg 2>/dev/null | wc -l)" -eq 1 ] +elif [ -e "${DEBCONF}/links/${NAME}.cfg" ] +then + # user did not specify a pressed file, but there is a matching one + # in /etc/${SOFTWARE}/debconf/links directory + db_set container/preseed-file "${DEBCONF}/links/${NAME}.cfg" + db_fset container/preseed-file seen true +elif [ "$(ls ${DEBCONF}/*/${NAME}.cfg 2>/dev/null | wc -l)" -eq 1 ] then # user did not specify a pressed file, but there is 1 (and only 1) - # matching in a sub-directory of /etc/${PROJECT}/${PROGRAM}/debconf + # matching in a sub-directory of /etc/${SOFTWARE}/debconf - FILE="$(ls ${CONFIG}/*/${NAME}.cfg)" + FILE="$(ls ${DEBCONF}/*/${NAME}.cfg)" db_set container/preseed-file "${FILE}" db_fset container/preseed-file seen true -elif [ -e "${CONFIG}/default.cfg" ] +elif [ -e "${DEBCONF}/default.cfg" ] then # user did not specify a pressed file, but there is a default one - db_set container/preseed-file "${CONFIG}/default.cfg" + db_set container/preseed-file "${DEBCONF}/default.cfg" db_fset container/preseed-file seen true -elif ls "${CONFIG}"/*.cfg > /dev/null 2>&1 || ls "${CONFIG}"/*/*.cfg > /dev/null 2>&1 +elif ls "${DEBCONF}"/*.cfg > /dev/null 2>&1 || ls "${DEBCONF}"/*/*.cfg > /dev/null 2>&1 then # user has not specified preseed files through commandline option, # showing debconf selection dialog for global preseed file. - FILES="$(cd ${CONFIG} && find . -type f -name '*.cfg' -printf '%P\n' | LC_ALL=C sort)" + FILES="$(cd ${DEBCONF} && find . -type f -name '*.cfg' -printf '%P\n' | grep -v '^links\/' | LC_ALL=C sort -V)" PRESEED_FILES="$(for FILE in ${FILES}; do echo -n "$(echo ${FILE} | sed -e 's|.cfg$||'), "; done | sed -e 's|, $||')" if [ -n "${PRESEED_FILES}" ] then - db_subst container/preseed-files CHOICES "none, custom, , ${PRESEED_FILES}" + db_subst container/preseed-files CHOICES "custom, exit, none, , ${PRESEED_FILES}" db_settitle container/title db_input high container/preseed-files || true @@ -74,12 +93,17 @@ then PRESEED_FILE="${RET}" # select case "${PRESEED_FILE}" in - none|custom) + custom|none) + ;; + + exit) + rm -f "${CONFIG}/${NAME}.conf" + exit 1 ;; *) # user specified preseed file through debconf select - db_set container/preseed-file "${CONFIG}/${PRESEED_FILE}.cfg" + db_set container/preseed-file "${DEBCONF}/${PRESEED_FILE}.cfg" db_fset container/preseed-file seen true ;; esac diff --git a/share/scripts/debconf.d/0001-preseed-file.templates b/share/build-scripts/debconf.d/0001-preseed-file.templates index 7e12e0d..9be825d 100644 --- a/share/scripts/debconf.d/0001-preseed-file.templates +++ b/share/build-scripts/debconf.d/0001-preseed-file.templates @@ -13,6 +13,6 @@ Type: string Default: Description: Enter (optional) preseed file to use: A preseed file can be used to automatically answer questions to this - container create script. + container build script. . If you do not want to use a preseed file, leave this question empty. diff --git a/share/scripts/debconf.d/0002-preseed-debconf b/share/build-scripts/debconf.d/0002-preseed-debconf index a9c7e77..e4b5f44 100755 --- a/share/scripts/debconf.d/0002-preseed-debconf +++ b/share/build-scripts/debconf.d/0002-preseed-debconf @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,7 +15,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. set -e @@ -93,6 +93,7 @@ do fi sed -e "s|@NAME@|${NAME}|g" \ + -e "s|@HOST@|${HOST}|g" \ -e "s|@IPV4_ADDRESS1@|${IPV4_ADDRESS1}|g" \ -e "s|@IPV4_ADDRESS1_PART1@|${IPV4_ADDRESS1_PART1}|g" \ -e "s|@IPV4_ADDRESS1_PART2@|${IPV4_ADDRESS1_PART2}|g" \ diff --git a/share/scripts/debconf.d/0003-debconf b/share/build-scripts/debconf.d/0003-debconf index c5925f2..e12e25e 100755 --- a/share/scripts/debconf.d/0003-debconf +++ b/share/build-scripts/debconf.d/0003-debconf @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,7 +15,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. set -e @@ -44,6 +44,39 @@ Mode () export MODE } +Images () +{ + if db_get container/image && [ "${RET}" ] + then + db_get container/image + IMAGE="${RET}" # string (w/o empty) + + echo "IMAGE=\"${IMAGE}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + fi + + NUMBER="1" + + while db_get container/image${NUMBER} && [ "${RET}" ] + do + if db_get container/image${NUMBER} + then + eval IMAGE${NUMBER}="\"${RET}\"" # string (w/o empty) + fi + + NUMBER="$((${NUMBER} + 1))" + done + + IMAGE_NUMBER="$((${NUMBER} - 1))" + + echo "IMAGE_NUMBER=\"${IMAGE_NUMBER}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + for NUMBER in $(seq 1 ${IMAGE_NUMBER}) + do + eval IMAGE="$`echo IMAGE${NUMBER}`" + echo "IMAGE${NUMBER}=\"${IMAGE}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + done +} + Distribution () { db_get container/distribution @@ -53,18 +86,18 @@ Distribution () then case "${MODE}" in debian) - db_subst container/distribution CHOICES "Debian GNU/Linux 9 \"stretch\", Debian GNU/Linux 10 \"buster\", Debian GNU/Linux testing/bullseye, Debian GNU/Linux unstable/sid" - db_subst container/distribution CHOICES_C "stretch, buster, bullseye, sid" + db_subst container/distribution CHOICES "Debian GNU/Linux 10 \"buster\", Debian GNU/Linux 11 \"bullseye\", Debian GNU/Linux 12 \"bookworm\", Debian GNU/Linux testing, Debian GNU/Linux unstable/sid" + db_subst container/distribution CHOICES_C "buster, bullseye, bookworm, testing, sid" - db_set container/distribution buster + db_set container/distribution bookworm db_fset container/distribution seen false ;; progress-linux) - db_subst container/distribution CHOICES "Progress Linux 5 (engywuck), Progress Linux 5+ (engywuck-backports)" - db_subst container/distribution CHOICES_C "engywuck, engywuck-backports" + db_subst container/distribution CHOICES "Progress Linux 5 (engywuck), Progress Linux 5.99 (engywuck-backports), Progress Linux 6 (fuchur), Progress Linux 6.99 (fuchur-backports), Progress Linux 7 (graograman), Progress Linux 7.99 (graograman-backports)" + db_subst container/distribution CHOICES_C "engywuck, engywuck-backports, fuchur, fuchur-backports, graograman, graograman-backports" - db_set container/distribution engywuck-backports + db_set container/distribution graograman-backports db_fset container/distribution seen false ;; esac @@ -94,6 +127,14 @@ Parent_distribution () engywuck*) PARENT_DISTRIBUTION="buster" ;; + + fuchur*) + PARENT_DISTRIBUTION="bullseye" + ;; + + graograman*) + PARENT_DISTRIBUTION="bookworm" + ;; esac ;; @@ -118,7 +159,7 @@ Architecture () arm64) DEFAULT="arm64" - CHOICES="Automatic, RaspberryPi 3 (arm64)" + CHOICES="Automatic, RaspberryPi 3 and newer (arm64)" CHOICES_C="auto, arm64" ;; @@ -304,7 +345,7 @@ Mirror () ;; progress-linux) - db_set container/mirror https://cdn.deb.progress-linux.org/packages + db_set container/mirror https://deb.progress-linux.org/packages db_fset container/mirror seen false ;; esac @@ -324,7 +365,7 @@ Mirror () ;; progress-linux) - MIRROR="https://cdn.deb.progress-linux.org/packages" + MIRROR="https://deb.progress-linux.org/packages" ;; esac fi @@ -348,7 +389,7 @@ Mirror_security () then case "${MODE}" in debian) - db_set container/mirror-security http://security.debian.org + db_set container/mirror-security https://security.debian.org db_fset container/mirror-security seen false ;; @@ -369,7 +410,7 @@ Mirror_security () then case "${MODE}" in debian) - MIRROR_SECURITY="http://security.debian.org" + MIRROR_SECURITY="https://security.debian.org" ;; *) @@ -441,7 +482,7 @@ Parent_mirror_security () then case "${MODE}" in progress-linux) - db_set container/parent-mirror-security http://security.debian.org + db_set container/parent-mirror-security https://security.debian.org db_fset container/parent-mirror-security seen false db_settitle container/title @@ -462,7 +503,7 @@ Parent_mirror_security () then case "${MODE}" in progress-linux) - PARENT_MIRROR_SECURITY="http://security.debian.org" + PARENT_MIRROR_SECURITY="https://security.debian.org" ;; *) @@ -481,18 +522,28 @@ Archive_areas () db_get container/archive-areas ARCHIVE_AREAS="${RET}" + case "${PARENT_DISTRIBUTION}" in + bookworm|testing|sid) + ARCHIVE_AREAS_ALL="main, contrib, non-free, non-free-firmware" + ;; + + *) + ARCHIVE_AREAS_ALL="main, contrib, non-free" + ;; + esac + if [ -z "${ARCHIVE_AREAS}" ] then case "${MODE}" in progress-linux) - db_subst container/archive-areas CHOICES "main, contrib, non-free" + db_subst container/archive-areas CHOICES "${ARCHIVE_AREAS_ALL}" - db_set container/archive-areas "main, contrib, non-free" + db_set container/archive-areas "${ARCHIVE_AREAS_ALL}" db_fset container/archive-areas seen false ;; *) - db_subst container/archive-areas CHOICES "main, contrib, non-free" + db_subst container/archive-areas CHOICES "${ARCHIVE_AREAS_ALL}" db_set container/archive-areas "main" db_fset container/archive-areas seen false @@ -514,7 +565,7 @@ Archive_areas () ;; progress-linux) - ARCHIVE_AREAS="main, contrib, non-free" + ARCHIVE_AREAS="${ARCHIVE_AREAS_ALL}" ;; esac fi @@ -531,13 +582,23 @@ Parent_archive_areas () db_get container/parent-archive-areas PARENT_ARCHIVE_AREAS="${RET}" # multiselect (w/o empty) + case "${PARENT_DISTRIBUTION}" in + bookworm|testing|sid) + PARENT_ARCHIVE_AREAS_ALL="main, contrib, non-free, non-free-firmware" + ;; + + *) + PARENT_ARCHIVE_AREAS_ALL="main, contrib, non-free" + ;; + esac + if [ -z "${PARENT_ARCHIVE_AREAS}" ] then case "${MODE}" in progress-linux) - db_subst container/parent-archive-areas CHOICES "main, contrib, non-free" + db_subst container/parent-archive-areas CHOICES "${PARENT_ARCHIVE_AREAS_ALL}" - db_set container/parent-archive-areas "main, contrib, non-free" + db_set container/parent-archive-areas "${PARENT_ARCHIVE_AREAS_ALL}" db_fset container/parent-archive-areas seen false db_settitle container/title @@ -560,7 +621,7 @@ Parent_archive_areas () then case "${MODE}" in progress-linux) - PARENT_ARCHIVE_AREAS="main, contrib, non-free" + PARENT_ARCHIVE_AREAS="${PARENT_ARCHIVE_AREAS_ALL}" ;; *) @@ -864,6 +925,20 @@ Network () db_input high container/network1/ipv4-post-down || true db_go ;; + + stub) + db_settitle container/title + db_input high container/network1/ipv4-comment || true + db_go + + db_settitle container/title + db_input high container/network1/ipv4-post-up || true + db_go + + db_settitle container/title + db_input high container/network1/ipv4-post-down || true + db_go + ;; esac db_settitle container/title @@ -902,6 +977,20 @@ Network () db_input high container/network1/ipv6-post-down || true db_go ;; + + stub) + db_settitle container/title + db_input high container/network1/ipv6-comment || true + db_go + + db_settitle container/title + db_input high container/network1/ipv6-post-up || true + db_go + + db_settitle container/title + db_input high container/network1/ipv6-post-down || true + db_go + ;; esac if [ "${NETWORK1_IPV4_METHOD}" = "static" ] || [ "${NETWORK1_IPV6_METHOD}" = "static" ] @@ -1201,10 +1290,10 @@ Internal_options () if db_get container/auto then - CNT_AUTO="${RET:-true}" # string (w/o empty) + CNT_AUTO="${RET:-last-on}" # string (w/o empty) fi - CNT_AUTO="${CNT_AUTO:-true}" + CNT_AUTO="${CNT_AUTO:-last-on}" echo "CNT_AUTO=\"${CNT_AUTO}\"" >> "${DEBCONF_TMPDIR}/debconf.default" if db_get container/container-server @@ -1242,9 +1331,17 @@ Internal_options () fi echo "CNT_OVERLAY=\"${CNT_OVERLAY}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + if db_get container/overlay-options + then + CNT_OVERLAY_OPTIONS="${RET}" # string (w/ empty) + fi + + echo "CNT_OVERLAY_OPTIONS=\"${CNT_OVERLAY_OPTIONS}\"" >> "${DEBCONF_TMPDIR}/debconf.default" } Mode +Images Distribution Parent_distribution diff --git a/share/scripts/debconf.d/0003-debconf.templates b/share/build-scripts/debconf.d/0003-debconf.templates index 73952a8..551033a 100644 --- a/share/scripts/debconf.d/0003-debconf.templates +++ b/share/build-scripts/debconf.d/0003-debconf.templates @@ -10,6 +10,12 @@ Choices: ${CHOICES} Description: Mode Mode. +Template: container/image +Type: string +Default: +Description: Image + Image. + Template: container/distribution Type: select Default: @@ -112,7 +118,7 @@ Description: Veth name Template: container/network1/ipv4-method Type: select -Choices: dhcp, static, none +Choices: dhcp, static, stub, none Default: Description: Ethernet Interface Method (IPv4)? What method should be used to configure the ethernet interface? @@ -173,7 +179,7 @@ Description: Ethernet post-down Command (IPv4)? Template: container/network1/ipv6-method Type: select -Choices: static, none +Choices: dhcp, static, stub, none Default: Description: Ethernet Interface Method (IPv6)? What method should be used to configure the ethernet interface? diff --git a/share/scripts/debootstrap b/share/build-scripts/debootstrap index f69d006..5ab5db2 100755 --- a/share/scripts/debootstrap +++ b/share/build-scripts/debootstrap @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,7 +15,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. set -e @@ -25,7 +25,7 @@ PROGRAM="container" SCRIPT="$(basename ${0})" -HOOKS="/etc/${PROJECT}/${PROGRAM}/hooks" +HOOKS="/etc/${SOFTWARE}/hooks" MACHINES="/var/lib/machines" Parameters () @@ -111,7 +111,7 @@ Parameters () Usage () { - echo "Usage: container create -n|--name NAME -s|--script ${SCRIPT} -- [-a|--architecture ARCHITECTURE] [-d|--distribution DISTRIBUTION] [-m|--mirror MIRROR] [-p|--password PASSWORD}" >&2 + echo "Usage: container build -n|--name NAME -s|--script ${SCRIPT} -- [-a|--architecture ARCHITECTURE] [-d|--distribution DISTRIBUTION] [-m|--mirror MIRROR] [-p|--password PASSWORD}" >&2 exit 1 } @@ -136,7 +136,7 @@ case "${SCRIPT}" in mmdebstrap) BOOTSTRAP="/usr/bin/mmdebstrap" - BOOTSTRAP_OPTIONS="--mode=root" + BOOTSTRAP_OPTIONS="--format=directory --mode=root --aptopt='APT::Sandbox::User \"root\"'" ;; esac @@ -153,7 +153,7 @@ then fi ARCHITECTURE="${ARCHITECTURE:-$(dpkg --print-architecture)}" -DISTRIBUTION="${DISTRIBUTION:-buster}" +DISTRIBUTION="${DISTRIBUTION:-bookworm}" MIRROR="${MIRROR:-https://deb.debian.org/debian}" PASSWORD="${PASSWORD:-$(dd if=/dev/urandom bs=12 count=1 2> /dev/null | base64)}" @@ -174,9 +174,11 @@ do fi done +# Run mkdir -p "${MACHINES}" - ${BOOTSTRAP} ${BOOTSTRAP_OPTIONS} --arch=${ARCHITECTURE} --include=${INCLUDE} ${DISTRIBUTION} ${MACHINES}/${NAME} ${MIRROR} + +# Cleaning apt cache chroot "${MACHINES}/${NAME}" apt clean # Setting hostname diff --git a/share/config/container.conf.in b/share/config/container.conf.in index ebf91b9..d3f9a48 100644 --- a/share/config/container.conf.in +++ b/share/config/container.conf.in @@ -1,10 +1,12 @@ -# compute-tools: @NAME@ +# Open Infrastructure: compute-tools [start] cnt.auto=@CNT_AUTO@ cnt.container-server=@CNT_CONTAINER_SERVER@ cnt.network-bridge=@CNT_NETWORK_BRIDGE@ cnt.overlay=@CNT_OVERLAY@ +cnt.overlay-options=@CNT_OVERLAY_OPTIONS@ +cnt.start=@CNT_START@ bind=@BIND@ bind-ro=@BIND_RO@ boot=@BOOT@ diff --git a/share/doc/examples/buster.cfg b/share/doc/examples/bookworm.cfg index cfc8595..1f878f4 100644 --- a/share/doc/examples/buster.cfg +++ b/share/doc/examples/bookworm.cfg @@ -1,5 +1,5 @@ -# example for automated Debian 10 (buster) based container creation -# using: sudo container create -s debian +# example for automated Debian 12 (bookworm) based container building +# using: sudo container build -s debian debconf debconf/priority select critical debconf debconf/frontend select Noninteractive @@ -9,16 +9,16 @@ compute-tools container/mode select debian #compute-tools container/preseed-files string #compute-tools container/include-preseed-files string -compute-tools container/distribution select buster +compute-tools container/distribution select bookworm #compute-tools container/parent-distribution select compute-tools container/architecture select auto -compute-tools container/archives multiselect buster-security, buster-updates +compute-tools container/archives multiselect bookworm-security, bookworm-updates #compute-tools container/parent-archives multiselect compute-tools container/mirror string https://deb.debian.org/debian -compute-tools container/mirror-security string http://security.debian.org +compute-tools container/mirror-security string https://security.debian.org #compute-tools container/parent-mirror string #compute-tools container/parent-mirror-security string diff --git a/share/doc/examples/container-images.sh b/share/doc/examples/container-images.sh index 8f1a2a3..b711048 100755 --- a/share/doc/examples/container-images.sh +++ b/share/doc/examples/container-images.sh @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,16 +15,16 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. -# Description: example for automated Debian base system container image creation -# Requires: debootstrap plzip xz-utils -# Usage: sudo ./container-images.sh +# Description: example for automated Debian base system container image builds +# Requires: debootstrap plzip xz-utils sudo +# Usage: ./container-images.sh set -e ARCHITECTURES="amd64 i386" -DISTRIBUTIONS="jessie stretch buster sid" +DISTRIBUTIONS="buster bullseye bookworm sid" MIRROR="https://deb.debian.org/debian" INCLUDE="dbus" @@ -77,29 +77,29 @@ do ;; esac - echo "Creating ${SYSTEM}.system.tar.${COMPRESSION}" + echo "Building ${SYSTEM}.system.tar.${COMPRESSION}" sudo tar ${TAR_OPTIONS} -cf "${SYSTEM}.system.tar.${COMPRESSION}" "${SYSTEM}" - echo "Creating ${SYSTEM}.system.tar.${COMPRESSION}.sha512" + echo "Building ${SYSTEM}.system.tar.${COMPRESSION}.sha512" sha512sum "${SYSTEM}.system.tar.${COMPRESSION}" > "${SYSTEM}.system.tar.${COMPRESSION}.sha512" if [ -n "${KEY}" ] then - echo "Creating ${SYSTEM}.system.tar.${COMPRESSION}.sign" + echo "Building ${SYSTEM}.system.tar.${COMPRESSION}.sig" gpg -a -b --default-key ${KEY} ${SYSTEM}.system.tar.${COMPRESSION} - mv "${SYSTEM}.system.tar.${COMPRESSION}.asc" "${SYSTEM}.system.tar.${COMPRESSION}.sign" + mv "${SYSTEM}.system.tar.${COMPRESSION}.asc" "${SYSTEM}.system.tar.${COMPRESSION}.sig" fi - echo "Creating ${SYSTEM}.system.tar.${COMPRESSION} symlink" + echo "Building ${SYSTEM}.system.tar.${COMPRESSION} symlink" ln -sf "${SYSTEM}.system.tar.${COMPRESSION}" "$(echo ${SYSTEM}.system.tar.${COMPRESSION} | sed -e "s|${DATE}|current|")" - echo "Creating ${SYSTEM}.system.tar.${COMPRESSION}.sha512 copy" + echo "Building ${SYSTEM}.system.tar.${COMPRESSION}.sha512 copy" sed -e "s|${DATE}|current|" "${SYSTEM}.system.tar.${COMPRESSION}.sha512" > "$(echo ${SYSTEM}.system.tar.${COMPRESSION}.sha512 | sed -e "s|${DATE}|current|")" - if [ -e "${SYSTEM}.system.tar.${COMPRESSION}.sign" ] + if [ -e "${SYSTEM}.system.tar.${COMPRESSION}.sig" ] then - echo "Creating ${SYSTEM}.system.tar.${COMPRESSION}.sign copy" - cp "${SYSTEM}.system.tar.${COMPRESSION}.sign" "$(echo ${SYSTEM}.system.tar.${COMPRESSION}.sign | sed -e "s|${DATE}|current|")" + echo "Building ${SYSTEM}.system.tar.${COMPRESSION}.sig copy" + cp "${SYSTEM}.system.tar.${COMPRESSION}.sig" "$(echo ${SYSTEM}.system.tar.${COMPRESSION}.sig | sed -e "s|${DATE}|current|")" fi done diff --git a/share/doc/examples/engywuck-backports.cfg b/share/doc/examples/graograman-backports.cfg index 392c40d..d1d2640 100644 --- a/share/doc/examples/engywuck-backports.cfg +++ b/share/doc/examples/graograman-backports.cfg @@ -1,5 +1,5 @@ -# example for automated Progress Linux 5+ (engywuck-backports) container creation -# using: sudo container create -s progress-linux +# example for automated Progress Linux 7.99 (graograman-backports) container building +# using: sudo container build -s progress-linux debconf debconf/priority select critical debconf debconf/frontend select Noninteractive @@ -9,22 +9,22 @@ compute-tools container/mode select progress-linux #compute-tools container/preseed-files string #compute-tools container/include-preseed-files string -compute-tools container/distribution select engywuck-backports +compute-tools container/distribution select graograman-backports #compute-tools container/parent-distribution select compute-tools container/architecture select auto -compute-tools container/archives multiselect engywuck-security, engywuck-updates, engywuck-extras, engywuck-backports, engywuck-backports-extras +compute-tools container/archives multiselect graograman-security, graograman-updates, graograman-extras, graograman-backports, graograman-backports-extras #compute-tools container/parent-archives multiselect -compute-tools container/mirror string https://cdn.deb.progress-linux.org/packages -compute-tools container/mirror-security string https://cdn.deb.progress-linux.org/packages +compute-tools container/mirror string https://deb.progress-linux.org/packages +compute-tools container/mirror-security string https://deb.progress-linux.org/packages compute-tools container/parent-mirror string https://deb.debian.org/debian -compute-tools container/parent-mirror-security string http://security.debian.org +compute-tools container/parent-mirror-security string https://security.debian.org -compute-tools container/archive-areas multiselect main, contrib, non-free -compute-tools container/parent-archive-areas multiselect main, contrib, non-free +compute-tools container/archive-areas multiselect main, contrib, non-free, non-free-firmware +compute-tools container/parent-archive-areas multiselect main, contrib, non-free, non-free-firmware compute-tools container/packages string knot-resolver openssh-server diff --git a/share/doc/HOST-SETUP.txt b/share/doc/host-setup.old.txt index d0a2395..69368d1 100644 --- a/share/doc/HOST-SETUP.txt +++ b/share/doc/host-setup.old.txt @@ -1,5 +1,5 @@ -compute-tools: Host Setup -========================= +compute-tools: Host Setup (with ifupdown) +========================================= 1. Debian Packages @@ -11,27 +11,27 @@ apt install bridge-utils ifenslave vlan 2. Boot Parameters ------------------ -2.1 CGroup Memory Controller -~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +2.1 CGroup Memory Controller (optional) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In order to enable the memory controller the following boot parameter needs to be used: cgroup_enable=memory -2.2 CGroup Swap Controller -~~~~~~~~~~~~~~~~~~~~~~~~~~ +2.2 CGroup Swap Controller (optional) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In order to enable the swap controller the following boot parameter needs to be used: swapaccount=1 -2.3 vsyscall -~~~~~~~~~~~~ +2.3 vsyscall (legacy) +~~~~~~~~~~~~~~~~~~~~~ In order to be able to execute binaries linked to older libc versions -(<= wheezy) newer linux versions (>= buster), add the following boot parameter -(see #881813 for more information): +(<= wheezy) on newer linux versions (>= buster), add the following boot +parameter (see #881813 for more information): vsyscall=emulate @@ -39,18 +39,10 @@ In order to be able to execute binaries linked to older libc versions 3. Networking ~~~~~~~~~~~~~ -3.1 Enable IPv4 Forwarding -~~~~~~~~~~~~~~~~~~~~~~~~~~ - -apt install procps -echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/ip_foward.conf -sysctl -p - - -3.2 Configure Network Bridge +3.1 Configure Network Bridge ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -3.2.1 Bridge: 1 Interface, standalone, DHCP +3.1.1 Bridge: 1 Interface, standalone, DHCP ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ cat > /etc/network/interfaces << EOF @@ -72,7 +64,7 @@ iface bridge0 inet dhcp EOF -3.2.2 Bridge: 1 Interface, standalone, static +3.1.2 Bridge: 1 Interface, standalone, static ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ cat > /etc/network/interfaces << EOF @@ -101,7 +93,7 @@ iface bridge0 inet static EOF -3.2.3 Bridge: 2 logical Interfaces, subnet, static +3.1.3 Bridge: 2 logical Interfaces, subnet, static ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ cat > /etc/network/interfaces << EOF @@ -129,7 +121,7 @@ iface bridge0 inet static EOF -3.2.4 Bridge: 3 physical Interfaces, vlan, bonding, static +3.1.4 Bridge: 3 physical Interfaces, vlan, bonding, static ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ cat > /etc/network/interfaces << EOF @@ -216,3 +208,23 @@ IPv6 addresses and netmasks. In order to use dual-stack, bridges must have a IPv4 address assigned (can be a dummy one from a privacy range or 127.0.0.0/8). + +Let me repeat: dual-stack only works when you assign a primary IPv6 address +(private or public, doesn't matter) *and* add an additional IPv4 address. +Yes, the IPv4 address can be a private address, the containers can still +have a public IPv4 address. + +A complete example looks like this: + +auto bridge0 +iface bridge0 inet6 static + address 2a07:6b47:4::4:1 + netmask 48 + + up ip addr add 127.4.4.1 dev $IFACE + down ip addr del 127.4.4.1 dev $IFACE + + bridge_fd 0 + bridge_maxwait 0 + bridge_stp 0 + bridge-mcquerier 1 diff --git a/share/doc/host-setup.txt b/share/doc/host-setup.txt new file mode 100644 index 0000000..083e1aa --- /dev/null +++ b/share/doc/host-setup.txt @@ -0,0 +1,217 @@ +compute-tools: Host Setup (with systemd-networkd) +================================================= + + +1. Debian Packages +------------------- + +apt install systemd-networkd bridge-utils + +Make sure to enable networkd (sudo systemctl enable systemd-networkd) +and convert /etc/network/interfaces (see systemd-networkd documentation). + + +2. Boot Parameters +------------------ + +2.1 CGroup Memory Controller (optional) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +In order to enable the memory controller the following boot parameter needs to be used: + + cgroup_enable=memory + + +2.2 CGroup Swap Controller (optional) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +In order to enable the swap controller the following boot parameter needs to be used: + + swapaccount=1 + +2.3 vsyscall (legacy) +~~~~~~~~~~~~~~~~~~~~~ + +In order to be able to execute binaries linked to older libc versions +(<= wheezy) on newer linux versions (>= buster), add the following boot +parameter (see #881813 for more information): + + vsyscall=emulate + + +3. Networking +~~~~~~~~~~~~~ + +3.1 Configure Network Bridge +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +3.1.1 Bridge: 1 Interface, standalone, DHCP +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +cat > /etc/systemd/network/bridge0.netdev << EOF +[NetDev] +Name=bridge0 +Kind=bridge +EOF + +cat > /etc/systemd/network/bridge0.network << EOF +[Match] +Name=bridge-0 + +[Network] +DHCP=yes +EOF + + +3.1.2 Bridge: 1 Interface, standalone, static +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +cat > /etc/systemd/network/bridge0.netdev << EOF +[NetDev] +Name=bridge0 +Kind=bridge +EOF + +cat > /etc/systemd/network/bridge0.network << EOF +[Match] +Name=bridge-0 + +[Network] +Address=10.0.0.2/24 +Gateway=10.0.0.1 +EOF + + +3.1.3 Bridge: 3 physical Interfaces, vlan, bonding, static +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +cat > /etc/systemd/network/eno2.network<< EOF +[Match] +Name=eno2 + +[Network] +Bond=bond0 +EOF + +cat > /etc/systemd/network/eno3.network<< EOF +[Match] +Name=eno3 + +[Network] +Bond=bond0 +EOF + +cat > /etc/systemd/network/bond0.netdev << EOF +[NetDev] +Name=bond0 +Kind=bond + +[Bond] +Mode=802.3ad +TransmitHashPolicy=layer3+4 +MIIMonitorSec=0.1 +UpDelaySec=0.2 +DownDelaySec=0.2 +EOF + +cat > /etc/systemd/network/bond0.network << EOF +[Match] +Name=bond0 + +[Network] +VLAN=100 +EOF + +cat > /etc/systemd/network/vlan-100.netdev << EOF +[NetDev] +Name=vlan-100 +Kind=vlan + +[VLAN] +Id=100 +EOF + +cat > /etc/systemd/network/vlan-100.netdev << EOF +[Match] +Name=vlan-100 + +[Network] +Bridge=bridge-100 +EOF + +cat > /etc/systemd/network/bridge-100.netdev << EOF +[NetDev] +Name=bridge-100 +Kind=bridge +EOF + +cat > /etc/systemd/network/bridge-100.network << EOF +[Match] +Name=bridge-100 + +[Network] +Address=10.100.0.2/24 +Gateway=10.100.0.1 +EOF + + +4. Enabling user namespace for unprivileged containers +------------------------------------------------------ + +Linux supports unprivileged containers with the user namespace. +By default the user namespace is disabled on Debian systems (see #898446). +To enable user namespace, edit the following file for a permant change: + + /etc/sysctl.d/zz-compute-tools.conf + sysctl -p + +or enable it manually with: + + echo 1 > /proc/sys/kernel/unprivileged_userns_clone + +Note that containers need to be started with the correct +configuration in /etc/compute-tools/container/config to run unpriviled +(private-users option). + + +5. Enabling container-shell +--------------------------- + +Managing privileged containers requires root privileges. In order to allow +unprivileged users to manage privileged containers without granting them +privileges or accounts, the container-shell can be used together with sudo +and a container user. + + sudo adduser --gecos "compute-tools,,," \ + --home /var/lib/open-infrastructure/container-shell \ + --shell /usr/bin/container-shell + + +6. IPv4 and IPv6 dual-stack +--------------------------- + +Examples for /etc/network/interfaces above work for IPv6 too when using correct +IPv6 addresses and netmasks. + +In order to use dual-stack, bridges must have a IPv4 address assigned +(can be a dummy one from a privacy range or 127.0.0.0/8). + +Let me repeat: dual-stack only works when you assign a primary IPv6 address +(private or public, doesn't matter) *and* add an additional IPv4 address. +Yes, the IPv4 address can be a private address, the containers can still +have a public IPv4 address. + +A complete example looks like this: + +auto bridge0 +iface bridge0 inet6 static + address 2a07:6b47:4::4:1 + netmask 48 + + up ip addr add 127.4.4.1 dev $IFACE + down ip addr del 127.4.4.1 dev $IFACE + + bridge_fd 0 + bridge_maxwait 0 + bridge_stp 0 + bridge-mcquerier 1 diff --git a/share/scripts/curl b/share/get-scripts/curl index b756c48..00a8d73 100755 --- a/share/scripts/curl +++ b/share/get-scripts/curl @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,19 +15,20 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. set -e PROJECT="open-infrastructure" SOFTWARE="compute-tools" PROGRAM="container" + SCRIPT="${0}" +export SCRIPT -HOOKS="/etc/${PROJECT}/${PROGRAM}/hooks" -KEYS="/etc/${PROJECT}/${PROGRAM}/keys" +HOOKS="/etc/${SOFTWARE}/hooks" +KEYS="/etc/${SOFTWARE}/keys" MACHINES="/var/lib/machines" -CACHE="/var/cache/${PROJECT}/${PROGRAM}/system" Parameters () { @@ -122,7 +123,7 @@ Parameters () Usage () { - echo "Usage: container create -n|--name NAME -s|--script ${SCRIPT} -- [--clean] [-p|--password PASSWORD] [--server SERVER] [--setup SETUP] [--system SYSTEM]" >&2 + echo "Usage: container get -n|--name NAME -s|--script ${SCRIPT} -- [--clean] [-p|--password PASSWORD] [--server SERVER] [--setup SETUP] [--system SYSTEM]" >&2 exit 1 } @@ -176,11 +177,10 @@ fi SERVER="${SERVER:-https://get.open-infrastructure.net/system/container/debian}" PASSWORD="${PASSWORD:-$(dd if=/dev/urandom bs=12 count=1 2> /dev/null | base64)}" +CACHE="/var/cache/${PROGRAM}/get-$(basename ${SCRIPT})/$(echo ${SERVER} | sed -e 's|.*//||' -e 's|/|_|g')" VERSION="$(container version)" -export SERVER - Debconf () { # Configure local debconf @@ -231,13 +231,6 @@ done # FIXME: default server via configuration file -CURL_OPTIONS="" - -if curl -V | grep -qs http2 -then - CURL_OPTIONS="${CURL_OPTIONS} --http2" -fi - if [ -z "${SYSTEM}" ] then # Downloading container list @@ -259,7 +252,7 @@ then GREP_PATTERN="${GREP_PATTERN:-${ARCHITECTURE}}" echo "Downloading $(echo ${SERVER} | awk -F/ '{ print $3 }') container list" - curl --fail --location --progress-bar --user-agent ${SOFTWARE}/${VERSION} ${CURL_OPTIONS} \ + curl --fail --location --progress-bar --user-agent ${SOFTWARE}/${VERSION} --http2 \ "${SERVER}/container-list.txt" | grep -E "${GREP_PATTERN}" > "${DEBCONF_TMPDIR}/container-list.txt" umask 0022 @@ -267,7 +260,7 @@ then Debconf # Run debconf parts - for DEBCONF_SCRIPT in /usr/share/${PROJECT}/${PROGRAM}/scripts/curl.d/* + for DEBCONF_SCRIPT in /usr/share/${SOFTWARE}/get-scripts/curl.d/* do if [ -x "${DEBCONF_SCRIPT}" ] then @@ -298,14 +291,14 @@ mkdir -p "${CACHE}" SETUP="${SETUP:-$(echo ${SYSTEM} | sed -e 's|.system.tar.|.setup.tar.|')}" -for FILE in "${SYSTEM}" "${SYSTEM}.sign" "${SYSTEM}.sha512" \ - "${SETUP}" "${SETUP}.sign" "${SETUP}.sha512" +for FILE in "${SYSTEM}" "${SYSTEM}.sig" "${SYSTEM}.sha512" \ + "${SETUP}" "${SETUP}.sig" "${SETUP}.sha512" do if curl --fail --head --output /dev/null --silent "${SERVER}/${FILE}" then case "${FILE}" in *.sha512) - if [ -e "${CACHE}/$(basename ${FILE} .sha512).sign" ] + if [ -e "${CACHE}/$(basename ${FILE} .sha512).sig" ] then continue fi @@ -320,7 +313,7 @@ do fi echo "Downloading ${FILE}" - curl --fail --location --progress-bar --user-agent ${SOFTWARE}/${VERSION} ${CURL_OPTIONS} ${CURL_TIME_COND} \ + curl --fail --location --progress-bar --user-agent ${SOFTWARE}/${VERSION} --http2 ${CURL_TIME_COND} \ "${SERVER}/${FILE}" -o "${CACHE}/${FILE}" fi done @@ -334,12 +327,12 @@ do continue fi - if [ -e "${FILE}.sign" ] + if [ -e "${FILE}.sig" ] then echo -n "Verifying ${FILE}:" set +e - gpg --homedir "${KEYS}" --verify "${FILE}.sign" "${FILE}" > /dev/null 2>&1 + gpg --homedir "${KEYS}" --verify "${FILE}.sig" "${FILE}" > /dev/null 2>&1 GNUPG="${?}" set -e diff --git a/share/scripts/curl.d/0001-debconf b/share/get-scripts/curl.d/0001-debconf index 6c3699a..5c5936e 100755 --- a/share/scripts/curl.d/0001-debconf +++ b/share/get-scripts/curl.d/0001-debconf @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,7 +15,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. set -e diff --git a/share/scripts/curl.d/0001-debconf.templates b/share/get-scripts/curl.d/0001-debconf.templates index c87e47e..c63994d 100644 --- a/share/scripts/curl.d/0001-debconf.templates +++ b/share/get-scripts/curl.d/0001-debconf.templates @@ -8,4 +8,4 @@ Default: Choices-C: ${CHOICES_C} Choices: ${CHOICES} Description: Container list: - Select the system to use for creating the container. + Select the system to use for downloading the container. diff --git a/share/hooks/post-start.chown-nvidia.sh b/share/hooks/post-start.chown-nvidia.sh index 4dbc247..225f13b 100755 --- a/share/hooks/post-start.chown-nvidia.sh +++ b/share/hooks/post-start.chown-nvidia.sh @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,10 +15,14 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. set -e +PROJECT="open-infrastructure" +SOFTWARE="compute-tools" +PROGRAM="container" + CONTAINER="/var/lib/machines" if grep -qs nvidia "${CONTAINER}/${NAME}/etc/group" diff --git a/share/hooks/pre-create.git-pull.sh b/share/hooks/pre-build.git-pull.sh index 582479e..f1ae24b 100755 --- a/share/hooks/pre-create.git-pull.sh +++ b/share/hooks/pre-build.git-pull.sh @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,14 +15,15 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. set -e PROJECT="open-infrastructure" +SOFTWARE="compute-tools" PROGRAM="container" -DIRECTORIES="/etc/${PROJECT}/${PROGRAM}/debconf /etc/${PROJECT}/${PROGRAM}/debconf/*/" +DIRECTORIES="$(for DIRECTORY in $(find /etc/${SOFTWARE}/debconf/ -type d -name ".git"); do echo $(dirname ${DIRECTORY}); done | sort -uV)" for DIRECTORY in ${DIRECTORIES} do @@ -30,10 +31,13 @@ do then echo "Updating ${DIRECTORY}..." - if [ -e "/etc/${PROJECT}/${PROGRAM}.conf" ] - then - . "/etc/${PROJECT}/${PROGRAM}.conf" - fi + for FILE in "/etc/${SOFTWARE}/${PROGRAM}.conf" "/etc/${SOFTWARE}/${PROGRAM}.conf.d"/*.conf + do + if [ -e "${FILE}" ] + then + . "${FILE}" + fi + done DEBCONF_ID="${DEBCONF_ID:-HEAD}" diff --git a/share/hooks/pre-get.git-pull.sh b/share/hooks/pre-get.git-pull.sh new file mode 100755 index 0000000..f1ae24b --- /dev/null +++ b/share/hooks/pre-get.git-pull.sh @@ -0,0 +1,53 @@ +#!/bin/sh + +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# +# SPDX-License-Identifier: GPL-3.0+ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +set -e + +PROJECT="open-infrastructure" +SOFTWARE="compute-tools" +PROGRAM="container" + +DIRECTORIES="$(for DIRECTORY in $(find /etc/${SOFTWARE}/debconf/ -type d -name ".git"); do echo $(dirname ${DIRECTORY}); done | sort -uV)" + +for DIRECTORY in ${DIRECTORIES} +do + if [ -e "${DIRECTORY}/.git" ] && [ -e /usr/bin/git ] + then + echo "Updating ${DIRECTORY}..." + + for FILE in "/etc/${SOFTWARE}/${PROGRAM}.conf" "/etc/${SOFTWARE}/${PROGRAM}.conf.d"/*.conf + do + if [ -e "${FILE}" ] + then + . "${FILE}" + fi + done + + DEBCONF_ID="${DEBCONF_ID:-HEAD}" + + cd "${DIRECTORY}" + + git clean -dfx + git checkout -f ${DEBCONF_ID} + git pull --rebase + echo + + cd "${OLDPWD}" + fi +done diff --git a/share/hooks/pre-start.unlink-console.sh b/share/hooks/pre-start.unlink-console.sh index 566a4de..cebbe03 100755 --- a/share/hooks/pre-start.unlink-console.sh +++ b/share/hooks/pre-start.unlink-console.sh @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,14 +15,15 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. set -e PROJECT="open-infrastructure" +SOFTWARE="compute-tools" PROGRAM="container" -CONFIG="/etc/${PROJECT}/${PROGRAM}/config" +CONFIG="/etc/${SOFTWARE}/config" # Run if grep -qs 'bind=.*/dev:/dev;' "${CONFIG}/${NAME}.conf" diff --git a/share/keys/daniel.baumann@open-infrastructure.net_0xB62C61A10B93195F.pub b/share/keys/daniel.baumann@open-infrastructure.net_0xB62C61A10B93195F.pub new file mode 100644 index 0000000..1e1884d --- /dev/null +++ b/share/keys/daniel.baumann@open-infrastructure.net_0xB62C61A10B93195F.pub @@ -0,0 +1,14 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEXAKTMBYJKwYBBAHaRw8BAQdAqmmCJDP5dgZLR8JflHZa4QF86ahh9gW7/5bd +HUkkrsS0N0RhbmllbCBCYXVtYW5uIDxkYW5pZWwuYmF1bWFubkBvcGVuLWluZnJh +c3RydWN0dXJlLm5ldD6IkAQTFggAOBYhBIrjR8Yn591RIGv9hLYsYaELkxlfBQJc +ApMwAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJELYsYaELkxlf2NUBAPyZ +GPLameJQ0qqdYhLW9fXqZgsnEEjndBJJWcCgpPolAQDfovZ1AsjVssTV9vcajOWw +dNa6PGI/gWqoCCqsbK4GC7g4BFwCkzASCisGAQQBl1UBBQEBB0C0e0KJyQVQE8de +THs48MotPKrefjhM0a22iziA8jWkXQMBCAeIeAQYFggAIBYhBIrjR8Yn591RIGv9 +hLYsYaELkxlfBQJcApMwAhsMAAoJELYsYaELkxlfMIwA/1JQ/fItM3rCfXb/yKIL +5CNQ4UhrEY0YPHjhAAJAQ8bFAQDlQbUiVlqDVatOh+BIK6cPGjE+FYvuRArIuZHv +rlmxCA== +=Tn5F +-----END PGP PUBLIC KEY BLOCK----- diff --git a/share/keys/daniel@debian.org_0x55CF1BF986ABB9C7.pub b/share/keys/daniel@debian.org_0x55CF1BF986ABB9C7.pub new file mode 100644 index 0000000..910f870 --- /dev/null +++ b/share/keys/daniel@debian.org_0x55CF1BF986ABB9C7.pub @@ -0,0 +1,52 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFPK4YgBEADflMdQSKGvLczvCmdYSeF3nWRE6zYG2DDoeHadp0sCs7jXgVS4 +ulWzuusV2ccAwb2hANmlPC2grEWSSQUs0PykQwgY9PzvYCVw4AGKKua3QPDMBc52 +MT43cOEhCXdcJcuMaovMVkke7YvVqwWVzM2QBXbGsqXtWMuFSFB6JhIqe4pdyyrX +zIFIwFsU/MuS0K5Wbf4HBkw4JYgM2RUare/9awn/yKsQCQ3jeF5g9IRPz+zhagvT +6dReJcAZCunCkktwS8Pi7mXk0O9k0C4BV+T6Dw81rsMXwVQF5SWkBCul4evnnUpT +NUHmZYlht6WAflrd+fyGBHRMsq04GqHze0GeyAQ8DcGhBaHHku2BixSATqrnhud5 +mPL4xQQxOS4/ojBBDxVNNS7sX+2ivYLtdD1pTCQT1Xd869b8eIVCczq/+9GJnL1f +XHIZuZrjxss1Hb+38LK5fCaKbTSpM0dkSlzHnZKx1BfOXCJp/KAfBTZwxMEh95SK +IzcbKYzzo1vFUZHOkspW1qo3r4mq8wboAljilJjdyBSVUQKpTYel/p6NCmEmAozH +CzSV/xiHaf2cfpQau1YEmShD73VTt2b4CVn4sGLrAQNp3S9dCAKpz6u3wXMa8vWI +3sDq1RtXAX/YV5+VMeTH4LiMuzd3KUUnCb5O+GspBZymoCnCwd266g8eSwARAQAB +tCdEYW5pZWwgQmF1bWFubiA8bWFpbEBkYW5pZWwtYmF1bWFubi5jaD6JAj0EEwEK +ACcFAlPK4YgCGwMFCROq0IAFCwkIBwMFFQoJCAsFFgMCAQACHgECF4AACgkQVc8b ++YaruceN+A/+N+2A1Tt11fJ/iyP3hS+3Eaj6oE6bIQLiD9nAJeg9uLMII6lOOEkh +7Irs+IE8MsiG7DY4wWKahtdci3Vhad71chNXnLOrMKWOk/1VFm+mjMil2oauU3fi +6mwzb/gNyB3JLCe3oNX7TsqNAJjdPwbrVpwhJXOKKEjFitNoJMAg6m8vtNtIk2yE +YRTU2VJG7sKaMzvHg7KxlIGsarsamFpLRx7ZnnrcA8ewsvNn6fYF8Zp8W2puScsK +O26aHfZxrTzzBfxZ/anrPlXkFEvyVI3+qLYbDuLfPEEHQX9zh91++yKu1pYcTb/U +KZrQIthoJ0RCdHs65uTidTtM+4/jtlUFr07LAZaQr0i8uc2HstNfqIijszvlkPOb +lobplBB0a+saFI5CeronCzfL6uXMDe57luT6rkd+lxKC0SZ2Ai1Pon4uRbLsiAWW +SX/DqlOaq0Zmg0vLYo64/rtw5/gbVFdBTidzEUkiX7xjxBahRLH95knPlUyaFXct +AWERYH9brMoNl9WoPUlo4j8UrItJWXlHTw+LPCPPGNdAwchv4naozGau6xuVyVN7 +UVBXO8YMiWXXHhGQz7pX46R1OpfdoSe2nKOOJkvTL8jUCnTMl8/dFCsm2KwZMDdQ +IvvQ19ok5QijWZyPJhEUMAb8y++p2KSwclRWHng10jQMBP+o3C8Lpt6IRgQTEQoA +BgUCU8r6OgAKCRD4LlzASysrnmVZAKCMqPcLD1k/hgkBpZQXcYgryna01QCfV7KM +hALFW3G/ySPEPv/THC7P2QO5Ag0EU8rhiAEQANVpq7tDaynnl+SJQYf3QX8NuV7T +tAV/ct+Ehw2IGdv43Sv3fBYUkh16UJyBK9Qx1NP7Dljj/sGlAa3kyOiZsAGagrXU +B55nrN3LWFJLfph0VGqsJYP9t4eu5RLRD+uathcLwHEWeINoqIb8TKTxJOvvvsvw +VP2+QaVYKsfvn12jmrjAj1/loBjlwuPMTrwB/U2049LqbTbz+CurLwKPAuRim66r +7wO4yeZMMlYMwnXljHO0/3WR7n6H5wO16v1QrKCYmg2rheGLeh+SUCrCzNzygP78 +gD1OqH395JQhsJQJxw2apG1dLQETWAaVBpQ+3+3aJrjhyZ4XxfyCRYntpxIhY5GA +CcGrHkY7/EMNw1dZEMisDFaKfRxgduFjqMNTfwlGHmgnfuEvyVpeZ1zL5nzV8Wgq +KR5xUcCB0a2UjN2UficpMIsD00R51NlxDgUGT9t+ehLWU56RX8k6O9HXnsyLF0Xo +ahncubKPg5txU+9MI0i4Mib5pm1gGqgPGHweuUOoL21hljJIfldtbfGwApoQ7jbd ++8mOX5UAXxJDX4IVTd9HX70suhJraIpIVf2qSafJwth1ZM21PET27tGn4xmuA3vW +sNLLRBKeeQ584n0sKPUMrS/+sRLPYlGwVO7tU1okRdP6SGndVI8xv8nOxheKXqaO +QxYz2vFMbuWP/1CfABEBAAGJAiUEGAEKAA8FAlPK4YgCGwwFCROq0IAACgkQVc8b ++YaruceOTQ/8C6ZZme6wT6ccw42XHsv8yKFh05TPSWXR3acV1FXzncDMjIMrU097 +Y6+I8xp5y1DULziH177666SOehk3AkHSo7GUIzxLYksOx3RFskBZpQatwThr1x2S +0YVlxMAi/juZny0rarxTrvk2YAkDC7QCaSXScrn3K03QPjnYSlv73cj2lPAurfgs +eXL0N4xOmgbwDFnTXnuxLajA8SyuaDclIeHOp5izPQg24AzlMr0iGBZDcRyov1AH +bkD7NqjX8vZmTEcloYZKM8m8GAx/S52rFTc0V9t+wyNq7ZHAmzu/jqgzGyAeGbnX +mnCVW4JkrV64wFMJODAOwuJ4crZjnyHqaBAUeukpfeJj0BijskuJfj570Zq+qNHQ +6JHiHir6kedL/Xg4onNDJyTDMWmg8cRd2vrxclUXk6AfFLb9Wp/8Lf1YmzFnLg4u +GH3BcO4CJNBS0Z92JQD+Xdvgr7E7P3VbOSVDzJzFsilYhJgCxNkRWU5YbqBRQyG2 +4uVpTF2gu5nkjNJ+HYUWsTjgOP3Avr7KlLWJr3NfQLKhjG4AyKPGvNPgzQpUBE9O +ADEfyz7xVsngvIcYLT3sN6/qDpFW3QWGfBBhzWGe2ekpIDNHP4lao3oRS/+LGK8j +gHpGR2pddZzWSsAZIGqHxQEgo9ZpnfBCqub9N5ATiimma5Ot44pBkEw= +=aSin +-----END PGP PUBLIC KEY BLOCK----- diff --git a/share/logrotate/container b/share/logrotate/container index 14599be..d1783de 100644 --- a/share/logrotate/container +++ b/share/logrotate/container @@ -1,4 +1,6 @@ -/var/log/open-infrastructure/container.log { +# Open Infrastructure: compute-tools + +/var/log/compute-tools/container.log { compress create 0640 root adm dateext diff --git a/share/man/Makefile b/share/man/Makefile index 535b2b1..a878dbd 100644 --- a/share/man/Makefile +++ b/share/man/Makefile @@ -1,6 +1,6 @@ -# Makefile +# Open Infrastructure: compute-tools -# Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> # # SPDX-License-Identifier: GPL-3.0+ # @@ -15,30 +15,45 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. -# Depends: asciidoc dblatex docbook-xsl libxml2-utils source-highlight +# Depends: python3-docutils -A2X = a2x \ - --asciidoc-opts="-a revdate=$(shell cat ../../VERSION.txt)" \ - --doctype=manpage +RST2MAN = rst2man \ + --no-datestamp \ + --no-generator \ + --strict \ + --strip-comments \ + --tab-width=4 \ + --verbose + +VERSION := $(shell cat ../../VERSION.txt) SHELL := sh -e all: build -clean: - rm -f *.[0-9] - rm -f *.xml - build: man rebuild: clean build -man: *.txt - for FILE in *.txt; \ +man: man.in *.rst + @echo -n "Creating manpages... " + + @for FILE in *.rst; \ do \ - $(A2X) --format=manpage $${FILE}; \ + cp man.in $$(basename $${FILE} .rst); \ + $(RST2MAN) $${FILE} | \ + sed -e '/^.\\" Man page generated/d' \ + -e '/^.\\" Generated by/d' \ + -e "s|^\(.TH .*\) \(\"\" \"\"\) |\1 $${VERSION} compute-tools |" \ + >> $$(basename $${FILE} .rst); \ + echo -n "."; \ done + @echo " done." + +clean: + rm -f *.[0-9] + .PHONY: all clean build rebuild man diff --git a/share/man/compute-tools.7.rst b/share/man/compute-tools.7.rst new file mode 100644 index 0000000..33e6aea --- /dev/null +++ b/share/man/compute-tools.7.rst @@ -0,0 +1,153 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +============= +compute-tools +============= + +-------------------------------- +Manage systemd-nspawn containers +-------------------------------- + +:manual section: 7 +:manual group: Open Infrastructure + +Description +=========== + +[A Linux container] is an operating-system-level virtualization environment for +running multiple isolated Linux systems (containers) on a single Linux control +host. + + -- Wikipedia (https://en.wikipedia.org/wiki/LXC) + +**compute-tools** provides the system integration for managing containers using +systemd-nspawn(1). + +Download +======== + +| Upstream Releases: +| https://get.open-infrastructure.net/software/compute-tools/upstream + +| Upstream Sources: +| https://git.open-infrastructure.net/software/compute-tools + +| Debian Releases: +| https://get.open-infrastructure.net/software/compute-tools/debian + +| Debian Sources: +| https://git.progress-linux.org/users/daniel/debian/packages/open-infrastructure-compute-tools + +Installation +============ + +Source +------ + +| $ sudo apt install git make python3-docutils dbus systemd-container +| $ git clone https://git.open-infrastructure.net/software/compute-tools +| $ cd compute-tools && sudo make install + +Debian 9 (stretch) and newer +---------------------------- + +| $ sudo apt install compute-tools + +Development +=========== + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +(https://lists.open-infrastructure.net/listinfo/software). + +Please base patches against the 'next' Git branch using common sense +(https://www.kernel.org/doc/Documentation/SubmittingPatches). + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Known limitations +================= + +This version of compute-tools currently do not work with systemd-networkd and +depend on ifupdown. + +Using overlay, the upper directory can not be an NFS mount due to limitations in +Linux' overlay filesystem +(https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/filesystems/overlayfs.txt). + +Usage +===== + +Build a new container: + sudo container build -n NAME + +Start a container: + sudo container start -n NAME + +Stop a container: + sudo container stop -n NAME + +Remove a container: + sudo container remove -n NAME + +List container on the system: + sudo container list + +Show container version: + container version + +See container(1) for a list of all container commands. + +Links +===== + +| * Linux Weekly News: Kernel / Containers +| (https://lwn.net/Kernel/Index/#Containers) + +| * Linux Weekly News: Security / Containers +| (https://lwn.net/Security/Index/#Containers) + +| * 2016-02-24: Systemd vs. Docker +| (https://lwn.net/Articles/676831/) + +| * 2015-06-10: Systemd and containers +| (https://lwn.net/Articles/647634/) + +| * 2014-07-07: Control groups +| (https://lwn.net/Articles/604609/) + +| * 2013-11-13: Systemd-Nspawn is Chroot on Steroids [LinuxCon Europe] +| (https://www.youtube.com/watch?v=s7LlUs5D9p4) + +| * 2013-11-03: Creating containers with systemd-nspawn +| (https://lwn.net/Articles/572957/) + +| * 2013-02-06: Systemd lightweight containers +| (https://lwn.net/Articles/536033/) + +| * 2013-01-04: Namespaces in operation +| (https://lwn.net/Articles/531114/) + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/compute-tools.7.txt b/share/man/compute-tools.7.txt deleted file mode 100644 index bcd234f..0000000 --- a/share/man/compute-tools.7.txt +++ /dev/null @@ -1,133 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-TOOLS(7) -================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -compute-tools - Manage systemd-nspawn containers - - -DESCRIPTION ------------ -"[A Linux container] is an operating-system-level virtualization environment for running multiple isolated Linux systems (containers) on a single Linux control host.":: - -- Wikipedia (https://en.wikipedia.org/wiki/LXC) - -compute-tools provides the system integration for managing containers using systemd-nspawn. - - -DOWNLOAD --------- - * Upstream Releases: https://get.open-infrastructure.net/software/compute-tools/upstream - * Upstream Sources: https://git.open-infrastructure.net/software/compute-tools - * Debian Releases: https://get.open-infrastructure.net/software/compute-tools/debian - * Debian Sources: https://git.progress-linux.org/users/daniel/debian/packages/open-infrastructure-compute-tools - - -INSTALLATION ------------- - -SOURCE -~~~~~~ - 1. sudo apt install asciidoc git docbook-xml docbook-xsl libxml2-utils make xsltproc dbus systemd-container - 2. git clone https://git.open-infrastructure.net/software/compute-tools - 3. cd compute-tools && sudo make install - -DEBIAN 9 (STRETCH) AND NEWER -~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - * sudo apt install container-tools - - -DEVELOPMENT ------------ -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List: - - * https://lists.open-infrastructure.net/listinfo/software - -Please base patches against the 'next' Git branch using common sense: - - * https://www.kernel.org/doc/Documentation/SubmittingPatches - -Debian specific bugs can also be reported in the Debian Bug Tracking System: - - * https://bugs.debian.org - - -KNOWN LIMITATIONS ------------------ - * This version of compute-tools currently do not work with systemd-networkd and depend on ifupdown. - * Using overlay, the upper directory can not be an NFS mount due to limitations in Linux' overlay filesystem, - see https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/filesystems/overlayfs.txt - - -USAGE ------ -*Create a new container:*:: - sudo container create -n NAME - -*Start a container:*:: - sudo container start -n NAME - -*Stop a container:*:: - sudo container stop -n NAME - -*Remove a container:*:: - sudo container remove -n NAME - -*List container on the system:*:: - sudo container list - -*Show container version:*:: - container version - -See container(1) for a list of all container commands. - - -LINKS ------ -*2016-02-24: Systemd vs. Docker*:: - https://lwn.net/Articles/676831/ - -*2015-06-10: Systemd and containers*:: - https://lwn.net/Articles/647634/ - -*2014-07-07: Control groups*:: - https://lwn.net/Articles/604609/ - -*2013-11-13: Systemd-Nspawn is Chroot on Steroids [LinuxCon Europe]*:: - https://www.youtube.com/watch?v=s7LlUs5D9p4 - -*2013-11-03: Creating containers with systemd-nspawn*:: - https://lwn.net/Articles/572957/ - -*2013-02-06: Systemd lightweight containers*:: - https://lwn.net/Articles/536033/ - -*2013-01-04: Namespaces in operation*:: - https://lwn.net/Articles/531114/ - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-auto.1.rst b/share/man/container-auto.1.rst new file mode 100644 index 0000000..68836eb --- /dev/null +++ b/share/man/container-auto.1.rst @@ -0,0 +1,92 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +============== +container-auto +============== + +------------------------------------------------------- +Start/stop all container automatically at boot/shutdown +------------------------------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container auto** ['OPTIONS'] + +Description +=========== + +The **container auto** command starts or stops all container on the host system. + +Options +======= + +The following **container auto** options are available: + +-f, --force: + Removing stray lock file if existing. + +-s, --start: + Start all container on the host system. + +-t, --stop: + Stop all container on the host system. + +Examples +======== + +Start all container on the host system: + + sudo container auto --start + +Stop all container on the host system: + + sudo container auto --stop + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-auto.1.txt b/share/man/container-auto.1.txt deleted file mode 100644 index b1aa550..0000000 --- a/share/man/container-auto.1.txt +++ /dev/null @@ -1,85 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-START(1) -================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-auto - Start/stop all container automatically at boot/shutdown - - -SYNOPSIS --------- -*container auto* ['OPTIONS'] - - -DESCRIPTION ------------ -The container auto command starts or stops all container on the host system. - - -OPTIONS -------- -The following container options are available: - -*-f, --force*:: - Removing stray lock file if existing. - -*-s, --start*:: - Start all container on the host system. - -*-t, --stop*:: - Stop all container on the host system. - - -EXAMPLES --------- -*Start all container on the host system:*:: - sudo container auto --start - -*Stop all container on the host system:*:: - sudo container auto --stop - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-build-debconf.1.rst b/share/man/container-build-debconf.1.rst new file mode 100644 index 0000000..6543140 --- /dev/null +++ b/share/man/container-build-debconf.1.rst @@ -0,0 +1,173 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +======================= +container-build-debconf +======================= + +----------------------------------------------------- +Build an advanced Debian based container with debconf +----------------------------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container build -s debconf** ['OPTIONS'] +| **cnt b -s debconf** ['OPTIONS'] + +| **container build -s debian** ['OPTIONS'] +| **cnt b -s debian** ['OPTIONS'] + +| **container build -s progress-linux** ['OPTIONS'] +| **cnt b -s progress-linux** ['OPTIONS'] + +Description +=========== + +The debconf container build script uses debconf(1) to automatically build a +Debian based container. + +Scope +----- + +Note that this container build script can do a few things more than just +automatically debootstrap based on a preseed file. It also allows you to set a +root password, configure the network, install certain packages and execute +hooks. + +But: this is *not* a replacement for a configuration management system (like +ansible, puppet, etc.). The intenion of this script is to build the initial +container to that extend that a configuration management system can take over. + +As an analogy, think of debian-installer: d-i sets up your system to make it +ready to boot and connect to the network. Everything after that is out of scope. +Same goes for this script. + +Functions +--------- + +This script performs the following configuration on top of a Debian based +system: + + * network + * root password + * apt repositories + * \.\.\. + +Modes +----- + +This container build script can be used under two different names: debian and +progress-linux. + +Alternative, calling it under the debconf name is equal to the debian mode. + +Preseeding +---------- + +Hierarchy of Preseed Files: + + * The debconf script can be fully preseeded. Such preseed files can include + one or more preseed files themselfs (currently, only one layer of includes + is supported, no nested or recursive includes). + + * The general rule of 'the later preseed file overwrites the earlier' applies. + The debconf script reads the main preseed file (specified either on command + line or by debconf selection/input dialog) after any included preseed files + in there. + + * That means that debconf values after the include statement in the main + preseed file can overwrite any values specified in the included preseed + files. + +Options +======= + +The following script options are available: + +-n, --name='NAME': + Specify container name. + +-p, --preseed-file='FILE': + Specify the preseed file. + +Examples +======== + +Build a Debian based container: + + sudo container build -s debian -n debian.example.net + +Build a Progress Linux container: + + sudo container build -s progress-linux -n progress.example.net + +Files +===== + +The following files are used: + +/etc/compute-tools/config: + Container configuration files. + +/usr/share/compute-tools/build-scripts: + Container build scripts. + +/usr/share/doc/compute-tools: + Container documentation. + +/var/lib/machines: + Container directory. + +/var/cache/container: + Container cache directory. + +/tmp/compute-tools: + Container temporary directory. + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-build-debootstrap.1.rst b/share/man/container-build-debootstrap.1.rst new file mode 100644 index 0000000..10538c5 --- /dev/null +++ b/share/man/container-build-debootstrap.1.rst @@ -0,0 +1,111 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +=========================== +container-build-debootstrap +=========================== + +------------------------------------------------------------------- +Build a basic Debian based container with debootstrap or mmdebstrap +------------------------------------------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container build -s debootstrap** ['OPTIONS'] +| **cnt b -s debootstrap** ['OPTIONS'] + +| **container build -s mmdebstrap** ['OPTIONS'] +| **cnt b -s mmdebstrap** ['OPTIONS'] + +Description +=========== + +The debootstrap container build script uses debootstrap(8) or mmdebstrap(1) +to build a Debian based container. + +This script builds a pure Debian system with three modificiations: + + * apt cache of packages downloaded during debootstrap is cleaned + * hostname is set (container name) in /etc/hostname + * root password is set (user specified or 16 random characters) + +Options +======= + +The following script options are available: + +-n, --name='NAME': + Specify container name. + +-a, --architecture='ARCHITECTURE': + Specify the Debian architecture, defaults to the host systems architecture. + +-d, --distribution='DISTRIBUTION': + Specify the Debian distribution, defaults to 'bookworm'. + +-m, --mirror='MIRROR': + Specify the Debian mirror, defaults to 'https://deb.debian.org/debian'. + +-p, --root-password='PASSWORD': + Specify the root password, defaults to a random 16 character password. + +Examples +======== + +Build a Debian 12 (bookworm) based container with same architecture as the host +system using debootstrap: + + sudo container build -s debootstrap -n bookworm.example.net + +Build a Debian 12 (bookworm) based container with different architecture as the +host system using mmdebstrap: + + sudo container build -s mmdebstrap -n bookworm-i386.example.net -- -a i386 + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-build.1.rst b/share/man/container-build.1.rst new file mode 100644 index 0000000..faa0e16 --- /dev/null +++ b/share/man/container-build.1.rst @@ -0,0 +1,139 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +=============== +container-build +=============== + +----------------- +Build a container +----------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container build** ['OPTIONS'] +| **cnt b** ['OPTIONS'] + +Description +=========== + +The **container build** command builds a container based on a script. + +Scripts +------- + +The following build scripts are available: + +debootstrap: + Basic script to build Debian based container, see + container-build-debootstrap(1). + +debconf: + Advanced script to automatically build Debian based container, see + container-build-debconf(1). + +default: + Symlink (if existing) to a build script which is used if no script was + specified. On Debian based system this can be managed through + update-alternatives(1), i.e. 'sudo update-alternatives --config + container_build-script'. + +Options +======= + +The following **container build** options are available: + +-n, --name='NAME': + Specify container name. + +-c, --capability='CAPABILITY': + Specify capabilities to grant, see capabilities(7). + +-d, --drop-capability='DROP_CAPABILITY': + Specify capabilities to drop, see capabilities(7). + +-s, --script='SCRIPT': + Specify container build script, defaults to 'debootstrap'. + +-v, --verbose: + Explain what is being done. + +-b, --bind='DIRECTORY:DIRECTORY[:OPTIONS][;DIRECTORY:DIRECTORY[:OPTIONS]]': + Specify container read-write bind mounts, see systemd-nspawn(1) --bind option. + +--bind-ro='DIRECTORY:DIRECTORY[:OPTIONS][;DIRECTORY:DIRECTORY[:OPTIONS]]': + Specify container read-only bind mounts, see systemd-nspawn(1) --bind-ro + option. + +--cnt-overlay='DIRECTORY_LOWER:DIRECTORY_UPPER:DIRECTORY_WORK:DIRECTORY_MERGED[;DIRECTORY_UPPER:DIRECTORY_LOWER:DIRECTORY_WORK:DIRECTORY_MERGED]': + Specify container overlay mounts, see Documentation/filesystems/overlayfs.txt. + +--cnt.overlay-options='OPTION1,OPTION2[;OPTION3,OPTION4]': + Specify container overlay mount options, see + Documentation/filesystems/overlayfs.txt. + +--cnt.start='OPTION1[,OPTION2,...]': + Specify container start options, see container-start(1). + +Examples +======== + +Build example.net container using debootstrap script: + + sudo container build -n example.net -s debootstrap + +Build example.net container using debconf script: + + sudo container build -n example.net -s debconf + +Build example.net container with the default build script and start it: + + sudo container build,start -n example.net + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-console.1.rst b/share/man/container-console.1.rst new file mode 100644 index 0000000..a3afd51 --- /dev/null +++ b/share/man/container-console.1.rst @@ -0,0 +1,86 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +================= +container-console +================= + +------------------------------- +Attach a console to a container +------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container console** ['OPTIONS'] + +Description +=========== + +The **container console** command attaches a console to a container. + +While 'container enter' bypasses the login prompt and drops to a root shell, the +'container console' command shows a full login prompt where any valid user and +password combination can be used. + +Options +======= + +The following **container console** options are available: + +-n, --name='NAME': + Specify container name. + +Examples +======== + +Attach console to example.net container: + + sudo container console -n example.net + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-console.1.txt b/share/man/container-console.1.txt deleted file mode 100644 index 7f4fb03..0000000 --- a/share/man/container-console.1.txt +++ /dev/null @@ -1,79 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-CONSOLE(1) -==================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-console - Attach a console to a container - - -SYNOPSIS --------- -*container console* ['OPTIONS'] - - -DESCRIPTION ------------ -The container console command attaches a console to a container. - -While 'container enter' bypasses the login prompt and drops to a root shell, -the 'container console' command shows a full login prompt where any valid user and password combination can be used. - - -OPTIONS -------- -The following container options are available: - -*-n, --name='NAME'*:: - Specify container name. - - -EXAMPLES --------- -*Attach console to example.net container:*:: - sudo container console -n example.net - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-create-curl.1.txt b/share/man/container-create-curl.1.txt deleted file mode 100644 index c15ee4e..0000000 --- a/share/man/container-create-curl.1.txt +++ /dev/null @@ -1,129 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-CREATE-CURL(1) -======================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-create-curl - Create a Debian based container by downloading a tarball over the network - - -SYNOPSIS --------- -*container create -s curl* ['OPTIONS'] - - -DESCRIPTION ------------ -The curl container creation script uses curl(1) to download a tarball over the -network to create a Debian based container. - -Depending on the tarball this script otherwise creates a pure Debian system with three modificiations: - - * hostname is set (container name) in /etc/hostname - * systemd machine-id is generated in /etc/machine-id - * root password is set (user specified or 16 random characters) - - -OPTIONS -------- -The following script options are available: - -*-n, --name='NAME'*:: - Specify container name. - -*-a, --architecture='ARCHITECTURE'*:: - Specify container architecture. - -"--clean*:: - Remove downloaded tarball after successfull container creation. - -*-p, --root-password='PASSWORD'*:: - Specify the root password, defaults to a random 16 character password. - -*--server='SERVER'*:: - Specify the image server to download from, defaults to https://get.open-infrastructure.net/system/container/debian. - -*--setup='SETUP'*:: - Specify the setup image name to download, defaults to the value specified through --system using the setup.tar.${COMPRESSION} suffix. - -*--system='SYSTEM'*:: - Specify the system image name to download, defaults to debian-stretch-current_${ARCHITECTURE}.system.tar.${COMPRESSION} (where ${ARCHITECTURE} is the host systems architecture and ${COMPRESSION} either lz, xz, or gz depending on compressor availability on the host system). - - -EXAMPLES --------- -*Create a Debian 9 (stretch) based container with same architecture as the host system:*:: - sudo container create -s curl -n stretch.example.net - -*Create a Debian 9 (stretch) based container with different architecture as the host system:*:: - sudo container create -s curl -n stretch-i386.example.net -- --system debian-stretch-current_i386.system.tar.xz - -FILES ------ -The following files are used: - -*/etc/open-infrastructure/container/config*:: - Container configuration files. - -*/usr/share/open-infrastructure/container/scripts*:: - Container creation scripts. - -*/usr/share/doc/compute-tools*:: - Container documentation. - -*/var/lib/machines*:: - Container directory. - -*/var/cache/open-infrastructure/container*:: - Container cache directory. - - -CONTAINER IMAGES ----------------- - -compute-tools will download tarballs from a server expecting that the images are tarballs with either gzip, lzip, xz, or no compression. See container-images.sh as an example on how to create your own container images. - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-create-debconf.1.txt b/share/man/container-create-debconf.1.txt deleted file mode 100644 index 0381cae..0000000 --- a/share/man/container-create-debconf.1.txt +++ /dev/null @@ -1,157 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-CREATE-DEBOOTSTRAP(1) -=============================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-create-debconf - Create an advanced Debian based container with debconf - - -SYNOPSIS --------- -*container create -s debconf* ['OPTIONS'] -*cnt cr -s debconf* ['OPTIONS'] - -*container create -s debian* ['OPTIONS'] -*cnt cr -s debian* ['OPTIONS'] - -*container create -s progress-linux* ['OPTIONS'] -*cnt cr -s progress-linux* ['OPTIONS'] - - -DESCRIPTION ------------ -The debconf container creation script uses debconf(1) to automatically create a Debian based container. - -SCOPE -~~~~~ -Note that this container creation script can do a few things more than just automatically debootstrap based on a preseed file. -It also allows you to set a root password, configure the network, install certain packages and execute hooks. - -But: this is *not* a replacement for a configuration management system (like ansible, puppet, etc.). -The intenion of this script is to create the initial container to that extend that a configuration managment system -can take over. - -As an analogy, think of debian-installer: d-i sets up your system to make it ready to boot and connect to the network. Everything -after that is out of scope. Same goes for this script. - -FUNCTIONS -~~~~~~~~~ - -This script performs the following configuration on top of a Debian based system: - - * network - * root password - * apt repositories - * ... - -MODES -~~~~~ -This container creation script can be used under two different names: debian and progress-linux. - -Alternative, calling it under the debconf name is equal to the debian mode. - - -PRESEEDING -~~~~~~~~~~ - -Hierarchy of Preseed Files - -The debconf script can be fully preseeded. Such preseed files -can include one or more preseed files themselfs (currently, only one layer of -includes is supported, no nested or recursive includes). - -The general rule of 'the later preseed file overwrites the earlier' applies. -The debconf script reads the main preseed file (specified either on command line or -by debconf selection/input dialog) after any included preseed files in there. - -That means that debconf values after the include statement in the main preseed -file can overwrite any values specified in the included preseed files. - - -OPTIONS -------- -The following script options are available: - -*-n, --name='NAME'*:: - Specify container name. - -*-p, --preseed-file='FILE'*:: - Specify the preseed file. - - -EXAMPLES --------- -*Create a Debian based container:*:: - sudo container create -s debian -n debian.example.net - -*Create a Progress Linux container:*:: - sudo container create -s progress-linux -n progress.example.net - - -FILES ------ -The following files are used: - -*/etc/open-infrastructure/container/config*:: - Container configuration files. - -*/usr/share/open-infrastructure/container/scripts*:: - Container creation scripts. - -*/usr/share/doc/compute-tools*:: - Container documentation. - -*/var/lib/machines*:: - Container directory. - -*/var/cache/open-infrastructure/container*:: - Container cache directory. - -*/tmp/compute-tools*:: - Container temporary directory. - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-create-debootstrap.1.txt b/share/man/container-create-debootstrap.1.txt deleted file mode 100644 index 6acdbeb..0000000 --- a/share/man/container-create-debootstrap.1.txt +++ /dev/null @@ -1,100 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-CREATE-DEBOOTSTRAP(1) -=============================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-create-debootstrap - Create a basic Debian based container with debootstrap or mmdebstrap - - -SYNOPSIS --------- -*container create -s debootstrap* ['OPTIONS'] -*cnt cr -s debootstrap* ['OPTIONS'] - -*container create -s mmdebstrap* ['OPTIONS'] -*cnt cr -s mmdebstrap* ['OPTIONS'] - -DESCRIPTION ------------ -The debootstrap container creation script uses debootstrap(8) or mmdebstrap(1) to create a Debian based container. - -This script creates a pure Debian system with three modificiations: - - * apt cache of packages downloaded during debootstrap is cleaned - * hostname is set (container name) in /etc/hostname - * root password is set (user specified or 16 random characters) - - -OPTIONS -------- -The following script options are available: - -*-n, --name='NAME'*:: - Specify container name. - -*-a, --architecture='ARCHITECTURE'*:: - Specify the Debian architecture, defaults to the host systems architecture. - -*-d, --distribution='DISTRIBUTION'*:: - Specify the Debian distribution, defaults to stretch. - -*-m, --mirror='MIRROR'*:: - Specify the Debian mirror, defaults to https://deb.debian.org/debian. - -*-p, --root-password='PASSWORD'*:: - Specify the root password, defaults to a random 16 character password. - - -EXAMPLES --------- -*Create a Debian 9 (stretch) based container with same architecture as the host system using debootstrap:*:: - sudo container create -s debootstrap -n stretch.example.net - -*Create a Debian 9 (stretch) based container with different architecture as the host system using mmdebstrap:*:: - sudo container create -s mmdebstrap -n stretch-i386.example.net -- -a i386 - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-create.1.txt b/share/man/container-create.1.txt deleted file mode 100644 index 7770d9b..0000000 --- a/share/man/container-create.1.txt +++ /dev/null @@ -1,123 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-CREATE(1) -=================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-create - Create a container - - -SYNOPSIS --------- -*container create* ['OPTIONS'] -*cnt cr* ['OPTIONS'] - - -DESCRIPTION ------------ -The container-create command creates a container based on a script. - - -OPTIONS -------- -The following container-create options are available: - -*-n, --name='NAME'*:: - Specify container name. - -*-c, --capability='CAPABILITY'*:: - Specify capabilities to grant, see capabilities(7). - -*-d, --drop-capability='DROP_CAPABILITY'*:: - Specify capabilities to drop, see capabilities(7). - -*-s, --script='SCRIPT'*:: - Specify container creation script, defaults to debootstrap. - -*-v, --verbose*:: - Explain what is being done. - -*-b, --bind='DIRECTORY:DIRECTORY[:OPTIONS][;DIRECTORY:DIRECTORY[:OPTIONS]]'*:: - Specify container read-write bind mounts, see systemd-nspawn(1) --bind option. - -*--bind-ro='DIRECTORY:DIRECTORY[:OPTIONS][;DIRECTORY:DIRECTORY[:OPTIONS]]'*:: - Specify container read-only bind mounts, see systemd-nspawn(1) --bind-ro option. - -*--cnt-overlay='DIRECTORY_LOWER:DIRECTORY_UPPER:DIRECTORY_WORK:DIRECTORY_MERGED[;DIRECTORY_UPPER:DIRECTORY_LOWER:DIRECTORY_WORK:DIRECTORY_MERGED]'*:: - Specify container overlay mounts, see Documentation/filesystems/overlayfs.txt. - - -SCRIPTS -------- -The following container scripts are available: - -*curl*:: - Basic script to create Debian based container, see container-create-curl(1). - -*debootstrap*:: - Basic script to create Debian based container, see container-create-debootstrap(1). - -*debconf*:: - Advanced script to automatically create Debian based container, see container-create-debconf(1). - -*default*:: - Symlink (if existing) to a container script which is used if no script was specified. On Debian based system this can be managed through update-alternatives(1), i.e. 'sudo update-alternatives --config container_script'. - - -EXAMPLES --------- -*Create example.net container using curl script:*:: - sudo container create -n example.net -s curl - -*Create example.net container using debootstrap script:*:: - sudo container create -n example.net -s debootstrap - -*Create example.net container using debconf script:*:: - sudo container create -n example.net -s debconf - -*Create example.net container with the default create script and start it:*:: - sudo container create,start -n example.net - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-enter.1.rst b/share/man/container-enter.1.rst new file mode 100644 index 0000000..65961f5 --- /dev/null +++ b/share/man/container-enter.1.rst @@ -0,0 +1,86 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +=============== +container-enter +=============== + +--------------------------- +Enter a container namespace +--------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container enter** ['OPTIONS'] + +Description +=========== + +The **container enter** command enters a container namespace. + +While 'container console' shows a full login prompt where any valid user and +password combination can be used, the 'container enter' command bypasses this +and drops to a root shell. + +Options +======= + +The following **container enter** options are available: + +-n, --name='NAME': + Specify container name. + +Examples +======== + +Enter to example.net container namespace: + + sudo container enter -n example.net + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-enter.1.txt b/share/man/container-enter.1.txt deleted file mode 100644 index 162d510..0000000 --- a/share/man/container-enter.1.txt +++ /dev/null @@ -1,79 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-CONSOLE(1) -==================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-enter - Enter a container namespace - - -SYNOPSIS --------- -*container enter* ['OPTIONS'] - - -DESCRIPTION ------------ -The container enter enters a container namespace. - -While 'container console' shows a full login prompt where any valid user and password combination can be used, -the 'container enter' command bypasses this and drops to a root shell. - - -OPTIONS -------- -The following container options are available: - -*-n, --name='NAME'*:: - Specify container name. - - -EXAMPLES --------- -*Enter to example.net container namespace:*:: - sudo container enter -n example.net - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-get-curl.1.rst b/share/man/container-get-curl.1.rst new file mode 100644 index 0000000..01ae592 --- /dev/null +++ b/share/man/container-get-curl.1.rst @@ -0,0 +1,148 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +================== +container-get-curl +================== + +--------------------------------------------------------------------------- +Download a Debian based container by downloading a tarball over the network +--------------------------------------------------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container get -s curl** ['OPTIONS'] + +Description +=========== + +The curl container download script uses curl(1) to download a tarball over the +network to create a Debian based container. + +Depending on the tarball this script otherwise creates a pure Debian system +with three modificiations: + + * hostname is set (container name) in /etc/hostname + * systemd machine-id is generated in /etc/machine-id + * root password is set (user specified or 16 random characters) + +Container images +---------------- + +compute-tools will download tarballs from a server expecting that the images are +tarballs with either gzip, lzip, xz, or no compression. See container-images.sh +as an example on how to create your own container images. + +Options +======= + +The following script options are available: + +-n, --name='NAME': + Specify container name. + +-a, --architecture='ARCHITECTURE': + Specify container architecture. + +--clean: + Remove container tarball after successful download. + +-p, --root-password='PASSWORD': + Specify the root password, defaults to a random 16 character password. + +--server='SERVER': + Specify the image server to download from, defaults to + 'https://get.open-infrastructure.net/system/container/debian'. + +--setup='SETUP': + Specify the setup image name to download, defaults to the value specified + through --system using the setup.tar.${COMPRESSION} suffix (where + ${COMPRESSION} is either lz, xz, or gz depending on compressor availability on + the host system). + +--system='SYSTEM': + Specify the system image name to download, defaults to + debian-bookworm-current_${ARCHITECTURE}.system.tar.${COMPRESSION} (where + ${ARCHITECTURE} is the host systems architecture and ${COMPRESSION} either + lz, xz, or gz depending on compressor availability on the host system). + +Examples +======== + +Download a Debian 12 (bookworm) based container with same architecture as the host +system: + + sudo container get -s curl -n bookworm.example.net + +Download a Debian 12 (bookworm) based container with different architecture as the +host system: + + sudo container get -s curl -n bookworm-i386.example.net -- --system debian-bookworm-current_i386.system.tar.xz + +Files +===== + +The following files are used: + +/etc/compute-tools/config: + Container configuration files. + +/usr/share/compute-tools/get-scripts: + Container download scripts. + +/usr/share/doc/compute-tools: + Container documentation. + +/var/lib/machines: + Container directory. + +/var/cache/container: + Container cache directory. + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-get.1.rst b/share/man/container-get.1.rst new file mode 100644 index 0000000..8ec61de --- /dev/null +++ b/share/man/container-get.1.rst @@ -0,0 +1,130 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +============= +container-get +============= + +-------------------- +Download a container +-------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container get** ['OPTIONS'] +| **cnt g** ['OPTIONS'] + +Description +=========== + +The **container get** command downloads a container based on a script. + +Scripts +------- + +The following download scripts are available: + +curl: + Basic script to build Debian based container, see container-create-curl(1). + +default: + Symlink (if existing) to a download script which is used if no script was + specified. On Debian based system this can be managed through + update-alternatives(1), i.e. 'sudo update-alternatives --config + container_get-script'. + +Options +======= + +The following **container get** options are available: + +-n, --name='NAME': + Specify container name. + +-c, --capability='CAPABILITY': + Specify capabilities to grant, see capabilities(7). + +-d, --drop-capability='DROP_CAPABILITY': + Specify capabilities to drop, see capabilities(7). + +-s, --script='SCRIPT': + Specify container build script, defaults to 'debootstrap'. + +-v, --verbose: + Explain what is being done. + +-b, --bind='DIRECTORY:DIRECTORY[:OPTIONS][;DIRECTORY:DIRECTORY[:OPTIONS]]': + Specify container read-write bind mounts, see systemd-nspawn(1) --bind option. + +--bind-ro='DIRECTORY:DIRECTORY[:OPTIONS][;DIRECTORY:DIRECTORY[:OPTIONS]]': + Specify container read-only bind mounts, see systemd-nspawn(1) --bind-ro + option. + +--cnt-overlay='DIRECTORY_LOWER:DIRECTORY_UPPER:DIRECTORY_WORK:DIRECTORY_MERGED[;DIRECTORY_UPPER:DIRECTORY_LOWER:DIRECTORY_WORK:DIRECTORY_MERGED]': + Specify container overlay mounts, see Documentation/filesystems/overlayfs.txt. + +--cnt.overlay-options='OPTION1,OPTION2[;OPTION3,OPTION4]': + Specify container overlay mount options, see + Documentation/filesystems/overlayfs.txt. + +--cnt.start='OPTION1[,OPTION2,...]': + Specify container start options, see container-start(1). + +Examples +======== + +Create example.net container using curl script: + + sudo container get -n example.net -s curl + +Create example.net container with the default download script and start it: + + sudo container get,start -n example.net + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-info.1.rst b/share/man/container-info.1.rst new file mode 100644 index 0000000..99ccb55 --- /dev/null +++ b/share/man/container-info.1.rst @@ -0,0 +1,100 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +============== +container-info +============== + +---------------------------------------- +Show specific information of a container +---------------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container info** ['OPTIONS'] + +Description +=========== + +The **container info** command shows specific information of a container. + +Options +======= + +The following **container info** options are available, defaults to '--status +--os --ip': + +-n, --name='NAME': + Specify container name. Specifying 'ALL' will start all stopped container. + +--status: + Show container status (started|stopped|other). + +--os: + Show container operating system (FIXME: Debian only). + +--ip: + Show container IP address. + +Examples +======== + +Show example.net container status: + + sudo container info -n example.net --status + +Show example.net container operating system: + + sudo container info -n example.net --os + +Show example.net container IP address: + + sudo container info -n example.net --ip + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-key.1.rst b/share/man/container-key.1.rst new file mode 100644 index 0000000..d02fc3b --- /dev/null +++ b/share/man/container-key.1.rst @@ -0,0 +1,114 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +============= +container-key +============= + +--------------------------------------------- +Manage GnuPG keyring for container operations +--------------------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container key** ['OPTIONS'] + +Description +=========== + +The **container key** command manages the GnuPG keyring for container +operations. + +Options +======= + +The following **container key** options are available: + +-a, --add='KEY_FILE|KEY_ID': + Add a key to the keyring. + +-l, --list': + List keys in the keyring. + +-r, --remove='KEY': + Remove a key from the keyring. + +Examples +======== + +Add a key to the keyring manually: + + gpg --keyserver hkps://keys.openpgp.org --recv 0x55CF1BF986ABB9C7 + + gpg --armor --export 0x55CF1BF986ABB9C7 | sudo container key --add - + +Assisted adding of the same key: + + sudo container key --add 0x55CF1BF986ABB9C7 + +Remove a key from the keyring: + + sudo container key --remove 0x55CF1BF986ABB9C7 + +List keys in the keyring: + + sudo container key --list + +Files +===== + +The following files are used: + +/etc/compute-tools/keys: + Active container keyring. + +/usr/share/compute-tools/keys: + Inactive container keyring library. + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-key.1.txt b/share/man/container-key.1.txt deleted file mode 100644 index 9463141..0000000 --- a/share/man/container-key.1.txt +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-KEY(1) -================ -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-key - Manage GnuPG keyring for container operations - - -SYNOPSIS --------- -*container key* ['OPTIONS'] - - -DESCRIPTION ------------ -The container key manages the GnuPG keyring for container operations. - - -OPTIONS -------- -The following container options are available: - -*-a, --add='KEY'*:: - Add a key to the keyring. - -*-l, --list'*:: - List keys in the keyring. - -*-r, --remove='KEY'*:: - Remove a key from the keyring. - - -EXAMPLES --------- -*Add a key to the keyring:*:: - gpg --keyserver hkps://hkps.pool.sks-keyservers.net --recv 0x1E9B3AED2D9FA8F6 - gpg --armor --export 0x1E9B3AED2D9FA8F6 | sudo container key --add - - -*Remove a key from the keyring:*:: - sudo container key --remove 0x1E9B3AED2D9FA8F6 - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-limit.1.rst b/share/man/container-limit.1.rst new file mode 100644 index 0000000..715314e --- /dev/null +++ b/share/man/container-limit.1.rst @@ -0,0 +1,121 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +=============== +container-limit +=============== + +------------------------------ +Limit resources of a container +------------------------------ + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container limit** ['OPTIONS'] + +Description +=========== + +The **container limit** command limits resources available to a container at +runtime. + +Options +======= + +The following **container limit** options are available: + +-n, --name='NAME': + Specify container name. + +--blockio-device-weight='DEVICE WEIGHT': + Specify device specific blockio weight, see systemd.resource-control(5). + +--blockio-read-bandwidth='DEVICE BYTES': + Specify device specific blockio read bandwidth, see + systemd.resource-control(5). + +-b, --blockio-weight='WEIGHT': + Specify general blockio weight, see systemd.resource-control(5). + +--blockio-write-bandwidth='DEVICE BYTES': + Specify device specific blockio write bandwidth, see + systemd.resource-control(5). + +-c, --cpu-quota='QUOTA': + Specify CPU quota, see systemd.resource-control(5). + +--cpu-shares='SHARES': + Specify CPU shares, see systemd.resource-control(5). + +-m, --memory-limit='BYTES': + Specify memory limit, see systemd.resource-control(5). + +-t, --tasks-max='NUMBER': + Specify tasks max, see systemd.resource-control(5). + +Examples +======== + +Set blockio weight for the example.net container: + + sudo container limit -n example.net --blockio-weight 100 + +Set CPU quota for the example.net container: + + sudo container limit -n example.net --cpu-quota 10% + +Set memory limit for the example.net container to 1GB: + + sudo container limit -n example.net --memory-limit 1G + +Set tasks max for the example.net container to 100: + + sudo container limit -n example.net --tasks-max 100 + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-limit.1.txt b/share/man/container-limit.1.txt deleted file mode 100644 index c5c2408..0000000 --- a/share/man/container-limit.1.txt +++ /dev/null @@ -1,109 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-LIMIT(1) -================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-limit - Limit ressources of a container - - -SYNOPSIS --------- -*container limit* ['OPTIONS'] - - -DESCRIPTION ------------ -The container limit command limits ressources available to a container at runtime. - - -OPTIONS -------- -The following container options are available: - -*-n, --name='NAME'*:: - Specify container name. - -*--blockio-device-weight='DEVICE WEIGHT'*:: - Specify device specific blockio weight, see systemd.resource-control(5). - -*--blockio-read-bandwidth='DEVICE BYTES'*:: - Specify device specific blockio read bandwidth, see systemd.resource-control(5). - -*-b, --blockio-weight='WEIGHT'*:: - Specify general blockio weight, see systemd.resource-control(5). - -*--blockio-write-bandwidth='DEVICE BYTES'*:: - Specify device specific blockio write bandwidth, see systemd.resource-control(5). - -*-c, --cpu-quota='QUOTA'*:: - Specify CPU quota, see systemd.resource-control(5). - -*--cpu-shares='SHARES'*:: - Specify CPU shares, see systemd.resource-control(5). - -*-m, --memory-limit='BYTES'*:: - Specify memory limit, see systemd.resource-control(5). - -*-t, --tasks-max='NUMBER'*:: - Specify tasks max, see systemd.resource-control(5). - - -EXAMPLES --------- -*Set blockio weight for the example.net container:*:: - sudo container limit -n example.net --blockio-weight 100 - -*Set CPU quota for the example.net container:*:: - sudo container limit -n example.net --cpu-quota 10% - -*Set memory limit for the example.net container to 1GB:*:: - sudo container limit -n example.net --memory-limit 1G - -*Set tasks max for the example.net container to 100:*:: - sudo container limit -n example.net --tasks-max 100 - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-list.1.rst b/share/man/container-list.1.rst new file mode 100644 index 0000000..674bacf --- /dev/null +++ b/share/man/container-list.1.rst @@ -0,0 +1,146 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +============== +container-list +============== + +---------------------------- +List container on the system +---------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container list** ['OPTIONS'] +| **cnt ls** ['OPTIONS'] + +Description +=========== + +The **container list** command lists container on the system. + +Options +======= + +The following **container list** options are available, defaults to '--started +--stopped': + +-a, --all: + List all available container (started, stopped, and other). + +--csv-separator='SEPARATOR': + Specify custom CSV separator, defaults to ','. + +-f, --format='FORMAT': + Use format to list container. Currently available formats are 'cli' (default), + 'csv', 'json', 'nwdiag', 'shell', 'sh', 'yaml', or 'xml'. + +-h, --host='HOSTNAME': + List only container that are enabled for automatic start on the specified + hostname. Defaults to list containers of the local system only. Using 'all' + shows all container regardless of any automatic start configuration. + +--nwdiag-color='COLOR': + Specify custom nwdiag color for the host box, defaults to '#3465a4'. + +--nwdiag-label='LABEL': + Specify custom nwdiag label for the diagram, defaults to empty. + +-o, --other: + List only container that are not enable for automatic start on the current + system. + +-s, --started: + List only started container. + +-t, --stopped: + List only stopped container. + +Examples +======== + +List all started and stopped containers of the local system: + + sudo container list + +List all started and other containers: + + sudo container list -s -o + +Create a CSV export of all started and stopped containers: + + sudo container list -f csv + +Create a JSON export of all started and stopped containers: + + sudo container list -f json + +Create a nwdiag export of all started and stopped containers: + + sudo container list -f nwdiag + +Create a SVG image via nwdiag of all started and stopped containers: + + sudo container list -f nwdiag | nwdiag -T svg -o cnt-list.svg - + +Create a shell export of all started and stopped containers: + + sudo container list -f shell + + sudo container list -f sh + +Create a YAML export of all started and stopped containers: + + sudo container list -f yaml + +Create a XML export of all started and stopped containers: + + sudo container list -f xml + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-list.1.txt b/share/man/container-list.1.txt deleted file mode 100644 index 15a54c2..0000000 --- a/share/man/container-list.1.txt +++ /dev/null @@ -1,125 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-LIST(1) -================= -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-list - List container on the system - - -SYNOPSIS --------- -*container list* ['OPTIONS'] -*container ls* ['OPTIONS'] - - -DESCRIPTION ------------ -The container list command lists container on the system. - - -OPTIONS -------- -The following container options are available, defaults to *--started --stopped*: - -*-a, --all*:: - List all available container (started, stopped, and other). - -*--csv-separator='SEPARATOR'*:: - Specify custom CSV separator, defaults to ','. - -*-f, --format='FORMAT'*:: - Use format to list container. Currently available formats are 'cli' (default), 'csv', 'json', 'nwdiag', 'shell', 'sh', 'yaml', or 'xml'. - -*-h, --host='HOSTNAME'*:: - List only container that are enabled for automatic start on the specified hostname. Defaults to list containers of the local system only. Using 'all' shows all container regardless of any automatic start configuration. - -*--nwdiag-color='COLOR'*:: - Specify custom nwdiag color for the host box, defaults to '#3465a4'. - -*--nwdiag-label='LABEL'*:: - Specify custom nwdiag label for the diagram, defaults to empty. - -*-o, --other*:: - List only container that are not enable for automatic start on the current system. - -*-s, --started*:: - List only started container. - -*-t, --stopped*:: - List only stopped container. - -EXAMPLES --------- -*List all started and stopped containers of the local system:*:: - sudo container list - -*List all started and other containers:*:: - sudo container list -s -o - -*Create a CSV export of all started and stopped containers:*:: - sudo container list -f csv - -*Create a JSON export of all started and stopped containers:*:: - sudo container list -f json - -*Create a nwdiag export of all started and stopped containers:*:: - sudo container list -f nwdiag - -*Create a SVG image via nwdiag of all started and stopped containers:*:: - sudo container list -f nwdiag | nwdiag -T svg -o cnt-list.svg - - -*Create a shell export of all started and stopped containers:*:: - sudo container list -f shell - sudo container list -f sh - -*Create a YAML export of all started and stopped containers:*:: - sudo container list -f yaml - -*Create a XML export of all started and stopped containers:*:: - sudo container list -f xml - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-log.1.rst b/share/man/container-log.1.rst new file mode 100644 index 0000000..5e72184 --- /dev/null +++ b/share/man/container-log.1.rst @@ -0,0 +1,101 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +============= +container-log +============= + +------------------ +Show container log +------------------ + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container log** ['OPTIONS'] + +Description +=========== + +The **container log** command shows the container log. + +Options +======= + +The following **container log** options are available: + +-d, --date: + Show only log entries of the specified date as 'YYYY-MM-DD' or a date range like 'today-7'. + +-n, --name: + Show only log entries for the specified container. + +Examples +======== + +Show all log entries: + + sudo container log + +Show only log entries of today: + + sudo container log -d today + +Show only log entries of yesterday: + + sudo container log -d yesterday + +Show all log entries of the example.net container: + + sudo container log -n example.net + +Show only log entries of the example.net container of the last 30 days: + + sudo container log -d today-30 -n example.net + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-log.1.txt b/share/man/container-log.1.txt deleted file mode 100644 index fa9fe71..0000000 --- a/share/man/container-log.1.txt +++ /dev/null @@ -1,90 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-LOG(1) -================ -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-log - Show container log - - -SYNOPSIS --------- -*container log* ['OPTIONS'] - - -DESCRIPTION ------------ -The container log command shows the container log. - - -OPTIONS -------- -The following container options are available: - -*-d, --date*:: - Show only log entries of the specified date as 'YYYY-MM-DD' or a date range like 'today-7'. - -*-n, --name*:: - Show only log entries for the specified container. - -EXAMPLES --------- -*Show all log entries:*:: - sudo container log - -*Show only log entries of today:*:: - sudo container log -d today - -*Show only log entries of yesterday:*:: - sudo container log -d yesterday - -*Show all log entries of the example.net container:*:: - sudo container log -n example.net - -*Show only log entries of the example.net container of the last 30 days:*:: - sudo container log -d today-30 -n example.net - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-move.1.rst b/share/man/container-move.1.rst new file mode 100644 index 0000000..ecbea6b --- /dev/null +++ b/share/man/container-move.1.rst @@ -0,0 +1,93 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +============== +container-move +============== + +------------------ +Rename a container +------------------ + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container move** ['OPTIONS'] +| **cnt mv** ['OPTIONS'] + +Description +=========== + +The **container move** commands renames a container. + +Options +======= + +The following **container move** options are available: + +-n, --new='NAME': + Specify new container name. + +-f, --force: + Do not prompt before moving. + +-o, --old: + Specify old container name. + +Examples +======== + +Rename example.net container to example.org: + + sudo container move -n example.org -o example.net + +Rename example.net container to example.org without prompt: + + sudo container move -n example.org -o example.net -f + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-move.1.txt b/share/man/container-move.1.txt deleted file mode 100644 index fd6b83d..0000000 --- a/share/man/container-move.1.txt +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-REMOVE(1) -=================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-move - Rename a container - - -SYNOPSIS --------- -*container move* ['OPTIONS'] -*cnt mv* ['OPTIONS'] - - -DESCRIPTION ------------ -The container move commands renames a container. - - -OPTIONS -------- -The following container options are available: - -*-n, --new='NAME'*:: - Specify new container name. - -*-f, --force*:: - Do not prompt before moving. - -*-o, --old*:: - Specify old container name. - - -EXAMPLES --------- -*Rename example.net container to example.org:*:: - sudo container move -n example.org -o example.net - -*Rename example.net container to example.org without prompt:*:: - sudo container move -n example.org -o example.net -f - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-rebuild.1.rst b/share/man/container-rebuild.1.rst new file mode 100644 index 0000000..4f7bbd8 --- /dev/null +++ b/share/man/container-rebuild.1.rst @@ -0,0 +1,93 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +================= +container-rebuild +================= + +------------------- +Restart a container +------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container rebuild** ['OPTIONS'] +| **cnt rb** ['OPTIONS'] + +Description +=========== + +The **container rebuild** command rebuilds a container by stopping, removing, building, and starting an existing container. + +Options +======= + +The following **container rebuild** options are available: + +-n, --name='NAME': + Specify container name. Specifying 'ALL' will rebuild all started container. + +-f, --force: + Do not fail if container is running. + +-v, --verbose: + Explain what is being done. + +Examples +======== + +Rebuild example.net container: + + sudo container rebuild -n example.net + +Restart all container: + + sudo container rebuild -n ALL + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-remove.1.rst b/share/man/container-remove.1.rst new file mode 100644 index 0000000..00f1ad1 --- /dev/null +++ b/share/man/container-remove.1.rst @@ -0,0 +1,104 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +================ +container-remove +================ + +------------------ +Remove a container +------------------ + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container remove** ['OPTIONS'] +| **cnt rm** ['OPTIONS'] + +Description +=========== + +The **container remove** command removes a container. + +Options +======= + +The following **container remove** options are available: + +-n, --name='NAME': + Specify container name. Specifying 'ALL' will remove all stopped container. + +--allow-stop: + Stop container prior removal. + +-f, --force: + Do not prompt before removal. + +-v, --verbose: + Explain what is being done. + +Examples +======== + +Remove example.net container from the system: + + sudo container remove -n example.net + +Remove example.net container from the system without prompt: + + sudo container remove -n example.net -f + +Remove a running container from the system, without prompt: + + sudo container remove -n example.net -f --allow-stop + +Remove all container: + + sudo container remove -n ALL + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-remove.1.txt b/share/man/container-remove.1.txt deleted file mode 100644 index afe8d03..0000000 --- a/share/man/container-remove.1.txt +++ /dev/null @@ -1,95 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-REMOVE(1) -=================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-remove - Remove a container - - -SYNOPSIS --------- -*container remove* ['OPTIONS'] -*cnt rm* ['OPTIONS'] - - -DESCRIPTION ------------ -The container remove command removes a container. - - -OPTIONS -------- -The following container options are available: - -*-n, --name='NAME'*:: - Specify container name. Specifying 'ALL' will remove all stopped container. - -*--allow-stop*:: - Stop container prior removal. - -*-f, --force*:: - Do not prompt before removal. - -*-v, --verbose*:: - Explain what is being done. - - -EXAMPLES --------- -*Remove example.net container from the system:*:: - sudo container remove -n example.net - -*Remove example.net container from the system without prompt:*:: - sudo container remove -n example.net -f - -*Remove a running container from the system, without prompt:*:: - sudo container remove -n example.net -f --allow-stop - -*Remove all container:*:: - sudo container remove -n ALL - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-restart.1.rst b/share/man/container-restart.1.rst new file mode 100644 index 0000000..c52353d --- /dev/null +++ b/share/man/container-restart.1.rst @@ -0,0 +1,96 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +================= +container-restart +================= + +------------------- +Restart a container +------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container restart** ['OPTIONS'] +| **cnt rs** ['OPTIONS'] + +Description +=========== + +The **container restart** command restarts a container. + +Options +======= + +The following **container restart** options are available: + +-n, --name='NAME': + Specify container name. Specifying 'ALL' will restart all started container. + +-f, --force: + Do not prompt before every restarting. + +-i, --interactive: + Prompt before every restarting (default). + +-v, --verbose: + Explain what is being done. + +Examples +======== + +Restart example.net container: + + sudo container restart -n example.net + +Restart all container: + + sudo container restart -n ALL + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-restart.1.txt b/share/man/container-restart.1.txt deleted file mode 100644 index b0d66e2..0000000 --- a/share/man/container-restart.1.txt +++ /dev/null @@ -1,80 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-RESTART(1) -==================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-restart - Restart a container - - -SYNOPSIS --------- -*container restart* ['OPTIONS'] -*cnt rs* ['OPTIONS'] - - -DESCRIPTION ------------ -The container restart command restarts a container. - - -OPTIONS -------- -The following container options are available: - -*-n, --name='NAME'*:: - Specify container name. Specifying 'ALL' will restart all started container. - - -EXAMPLES --------- -*Restart example.net container:*:: - sudo container restart -n example.net - -*Restart all container:*:: - sudo container restart -n ALL - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net> - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-run.1.rst b/share/man/container-run.1.rst new file mode 100644 index 0000000..0fb923d --- /dev/null +++ b/share/man/container-run.1.rst @@ -0,0 +1,88 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +============= +container-run +============= + +----------------------------------------- +Execute commands in a container namespace +----------------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container run** ['OPTIONS'] -- 'COMMAND'\|"COMMANDS" +| **cnt r** ['OPTIONS'] -- 'COMMAND'\|"COMMANDS" + +Description +=========== + +The **container run** command executes arbitrary commands as root in a container +namespace. + +Options +======= + +The following **container run** options are available: + +-n, --name='NAME': + Specify container name. Specifying 'ALL' will start all stopped container. + +Examples +======== + +Run 'hostname' in example.net container: + + sudo container run -n example.net -- hostname + +Create and delete a file in example.net container: + + sudo container run -n example.net -- 'touch /tmp/foo && rm -f /tmp/foo' + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-shell.1.rst b/share/man/container-shell.1.rst new file mode 100644 index 0000000..b12958f --- /dev/null +++ b/share/man/container-shell.1.rst @@ -0,0 +1,141 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +=============== +container-shell +=============== + +---------------------------------------- +Manage systemd-nspawn containers (shell) +---------------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container-shell** ['OPTIONS'] +| **cntsh** ['OPTIONS'] + +Description +=========== + +compute-tools provides the system integration for managing containers using +systemd-nspawn. + +Usage +----- + +Although the **container-shell** can be started from a running system like any +other program, the main intend is to use the **container-shell** via SSH. That +way otherwise unprivileged users have possibility to manage containers without +needing a regular shell login on the container server. + +For usage over SSH a unprivileged user should be created: + +| +| sudo adduser --gecos "compute-tools,,," \\ +| --home /var/lib/open-infrastructure/container-shell \\ +| --shell /usr/bin/container-shell + +The container-shell can then be allowed for specific SSH keys via +/var/lib/compute-tools/container-shell/.ssh/authorized_keys like so: + +| +| command="/usr/bin/container-shell",no-port-forwarding,no-X11-forwarding,\\ +| no-agent-forwarding,no-pty ssh-ed25519 [...] + +Restricted shell +---------------- + +The container-shell by default grants any user that has access to it to use all available container commands. + +Through two corresponding environment variables users can be allowed or disallowed to use specific container commands. +In connection with SSH this makes it possible to grant certain SSH keys (and by that, users) privileges to operate container +servers without having to give them root access, a login shell at all and prevents them from doing things they are not trusted to do. + +Example (blacklisting) +^^^^^^^^^^^^^^^^^^^^^^ + +In order to allow all commands except for removing and stopping containers, the +following variable can be used: + +| +| command="CONTAINER_COMMANDS_DISABLE='remove stop' \\ +| /usr/bin/container-shell",no-port-forwarding,no-X11-forwarding,\\ +| no-agent-forwarding,no-pty ssh-ed25519 [...] + +Example (whitelisting) +^^^^^^^^^^^^^^^^^^^^^^ + +The other way around works too. To disallow all commands except for listing +containers and showing the compute-tools version, the following variable can be +used: + +| +| command="CONTAINER_COMMANDS_ENABLE='list version' \\ +| /usr/bin/container-shell",no-port-forwarding,no-X11-forwarding,\\ +| no-agent-forwarding,no-pty ssh-ed25519 [...] + +Commands +======== + +All container commands are available, see container(1). Additionally, the +following commands are specific to container-shell: + +about: + Shows introduction (manpage). + +help: + Shows available commands within the container-shell. + +help COMMAND: + Shows help (manpage) for a specific container command. + +logout, exit: + Exits container-shell. + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-shell.1.txt b/share/man/container-shell.1.txt deleted file mode 100644 index cd19c69..0000000 --- a/share/man/container-shell.1.txt +++ /dev/null @@ -1,112 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER(1) -============ -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-shell - Manage systemd-nspawn containers (shell) - - -SYNOPSIS --------- -*container-shell* - - -DESCRIPTION ------------ -compute-tools provides the system integration for managing containers using systemd-nspawn. - - -COMMANDS --------- -All container commands are available, see container(1). Additionally, the following commands are specific to container-shell: - -*about:*:: - shows introduction (manpage). - -*help:*:: - shows available commands within the container-shell. - -*help COMMAND:*:: - shows help (manpage) for a specific container command. - -*logout*, *exit:*:: - exits container-shell. - -USAGE ------ -Although the container-shell can be started from a running system like any other program, the main intend is to use the -container-shell via SSH. That way otherwise unprivileged users have possibility to manage containers without -needing a regular shell login on the container server. - -For usage over SSH a unprivileged user should be created: - - sudo adduser --gecos "compute-tools,,," \ - --home /var/lib/open-infrastructure/container-shell \ - --shell /usr/bin/container-shell - -The container-shell can then be allowed for specific SSH keys via /var/lib/open-infrastructure/container-shell/.ssh/authorized_keys like so: - - command="/usr/bin/container-shell",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-ed25519 [...] - - -RESTRICTED SHELL ----------------- -The container-shell by default grants any user that has access to it to use all available container commands. - -Through two corresponding environment variables users can be allowed or disallowed to use specific container commands. -In connection with SSH this makes it possible to grant certain SSH keys (and by that, users) privileges to operate container -servers without having to give them root access, a login shell at all and prevents them from doing things they are not trusted to do. - -Example (blacklisting): In order to allow all commands except for removing and stopping containers, the following variable can be used: - - command="CONTAINER_COMMANDS_DISABLE='remove stop' /usr/bin/container-shell",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa [...] - -Example (whitelisting): The other way around works too. To disallow all commands except for listing containers and showing the compute-tools version, the following variable can be used: - - command="CONTAINER_COMMANDS_ENABLE='list version' /usr/bin/container-shell",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa [...] - - -SEE ALSO --------- -machinectl(1), -systemd-nspawn(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-start.1.rst b/share/man/container-start.1.rst new file mode 100644 index 0000000..65d4af7 --- /dev/null +++ b/share/man/container-start.1.rst @@ -0,0 +1,93 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +=============== +container-start +=============== + +----------------- +Start a container +----------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container start** ['OPTIONS'] +| **cnt s** ['OPTIONS'] + +Description +=========== + +The **container start** command starts a container. + +Options +======= + +The following **container start** options are available: + +-n, --name='NAME': + Specify container name. Specifying 'ALL' will start all stopped container. + +-f, --force': + Removing stray lock file if existing. + +-v, --verbose: + Explain what is being done. + +Examples +======== + +Start example.net container: + + sudo container start -n example.net + +Start all container: + + sudo container start -n ALL + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-start.1.txt b/share/man/container-start.1.txt deleted file mode 100644 index e6c874e..0000000 --- a/share/man/container-start.1.txt +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-START(1) -================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-start - Start a container - - -SYNOPSIS --------- -*container start* ['OPTIONS'] -*cnt s* ['OPTIONS'] - - -DESCRIPTION ------------ -The container start command starts a container. - - -OPTIONS -------- -The following container options are available: - -*-n, --name='NAME'*:: - Specify container name. Specifying 'ALL' will start all stopped container. - -*-f, --force'*:: - Removing stray lock file if existing. - -*-v, --verbose*:: - Explain what is being done. - - -EXAMPLES --------- -*Start example.net container:*:: - sudo container start -n example.net - -*Start all container:*:: - sudo container start -n ALL - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-status.1.rst b/share/man/container-status.1.rst new file mode 100644 index 0000000..ad51ba7 --- /dev/null +++ b/share/man/container-status.1.rst @@ -0,0 +1,83 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +================ +container-status +================ + +--------------------- +Show container status +--------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container status** ['OPTIONS'] +| **cnt st** ['OPTIONS'] + +Description +=========== + +The **container status** command displays the status of a container. + +Options +======= + +The following **container status** options are available: + +-n, --name='NAME': + Specify container name. + +Examples +======== + +show status of example.net container: + + sudo container status -n example.net + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-status.1.txt b/share/man/container-status.1.txt deleted file mode 100644 index 86820df..0000000 --- a/share/man/container-status.1.txt +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright (C) 2016 Simon Spöehel <simon.spoehel@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-STATUS(1) -=================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-status - Show container status - - -SYNOPSIS --------- -*container status* ['OPTIONS'] -*cnt st* ['OPTIONS'] - - -DESCRIPTION ------------ -The container-status command displays the status of a container. - - -OPTIONS -------- -The following container-status options are available: - -*-n, --name='NAME'*:: - Specify container name. - - -EXAMPLES --------- -*show status of example.net container:*:: - sudo container status -n example.net - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-stop.1.rst b/share/man/container-stop.1.rst new file mode 100644 index 0000000..bf668be --- /dev/null +++ b/share/man/container-stop.1.rst @@ -0,0 +1,108 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +============== +container-stop +============== + +---------------- +Stop a container +---------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container stop** ['OPTIONS'] +| **cnt t** ['OPTIONS'] + +Description +=========== + +The **container stop** command stops a container by running the proper shutdown +sequence. + +Options +======= + +The following **container stop** options are available: + +-n, --name='NAME': + Specify container name. Specifying 'ALL' will stop all started container. + +-f, --force: + Do not prompt before every stopping. + +-i, --interactive: + Prompt before every stopping (default). + +-k, --kill: + Instead of running the proper shutdown sequence, terminate all processes of the container imediatly. + +-v, --verbose: + Explain what is being done. + +Examples +======== + +Shutdown example.net container: + + sudo container stop -n example.net + +Shutdown example.net container without prompting: + + sudo container stop -n example.net -f + +Immediately stop example.net container: + + sudo container stop -n example.net -k + +Stop all container: + + sudo container stop -n ALL + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-stop.1.txt b/share/man/container-stop.1.txt deleted file mode 100644 index 4450ba3..0000000 --- a/share/man/container-stop.1.txt +++ /dev/null @@ -1,86 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-STOP(1) -================= -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-stop - Stop a container - - -SYNOPSIS --------- -*container stop* ['OPTIONS'] -*cnt t* ['OPTIONS'] - - -DESCRIPTION ------------ -The container stop command stops a container by running the proper shutdown sequence. - - -OPTIONS -------- -The following container options are available: - -*-n, --name='NAME'*:: - Specify container name. Specifying 'ALL' will stop all started container. - -*-f, --force*:: - Instead of running the proper shutdown sequence, terminate all processes of the container imediatly. - - -EXAMPLES --------- -*Shutdown example.net container:*:: - sudo container stop -n example.net - -*Immediately stop example.net container:*:: - sudo container stop -n example.net -f - -*Stop all container:*:: - sudo container stop -n ALL - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-top.1.rst b/share/man/container-top.1.rst new file mode 100644 index 0000000..7349b60 --- /dev/null +++ b/share/man/container-top.1.rst @@ -0,0 +1,82 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +============= +container-top +============= + +------------------------------------ +Dynamic list container on the system +------------------------------------ + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container top** ['OPTIONS'] + +Description +=========== + +The **container top** command dynamically lists container on the system. + +Options +======= + +The following **container top** options are available, defaults to '--delay 1': + +-d, --delay='SECONDS[.TENTHS]': + Specifies the delay between screen updates, defaults to '1'. + +Examples +======== + +Dynamically list containers of the local system: + + sudo container top + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-top.1.txt b/share/man/container-top.1.txt deleted file mode 100644 index 4f41b79..0000000 --- a/share/man/container-top.1.txt +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-TOP(1) -================ -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-top - Dynamic list container on the system - - -SYNOPSIS --------- -*container top* ['OPTIONS'] - - -DESCRIPTION ------------ -The container top command dynamically lists container on the system. - - -OPTIONS -------- -The following container options are available, defaults to *--delay 1*: - -*-d, --delay='SECONDS[.TENTHS]'*:: - Specifies the delay between screen updates, defaults to 1. - - -EXAMPLES --------- -*Dynamically list containers of the local system:*:: - sudo container top - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-update.1.rst b/share/man/container-update.1.rst new file mode 100644 index 0000000..ec64f6b --- /dev/null +++ b/share/man/container-update.1.rst @@ -0,0 +1,114 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +================ +container-update +================ + +-------------------------------------------- +Update the packages installed in a container +-------------------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container update** ['OPTIONS'] +| **cnt u** ['OPTIONS'] + +Description +=========== + +The **container update** command updates packages installed in a container. + +Options +======= + +The following **container update** options are available: + +-n, --name='NAME': + Specify container name. Specifying 'ALL' will start all stopped container. + +-f, --full-upgrade: + Runs an additional 'apt full-upgrade' after 'apt upgrade'. + +-i, --interactive: + Prompt before every container update. + +-r, --autoremove: + Runs an additional 'apt autoremove' after 'apt upgrade'. + +-p, --purge: + Passing '--purge' to 'apt autoremove'. + +-y|--yes: + Passing 'yes' to all questions asked by the package manager. + +Examples +======== + +Update example.net container (apt update && apt upgrade): + + sudo container update -n example.net + +Update example.net container without asking questions (apt update && apt --yes +upgrade): + + sudo container update -n example.net -y + +Full update of example.net container without asking questions (apt update && +apt --yes upgrade && apt --yes full-upgrade): + + sudo container update -n example.net -f -y + +Full update of all container on the host, with asking questions and +purging unused packages (apt update && apt upgrade && apt full-upgrade && apt +autoremove): + + sudo container update -n ALL -f -r -p -y + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-version.1.rst b/share/man/container-version.1.rst new file mode 100644 index 0000000..3f0266d --- /dev/null +++ b/share/man/container-version.1.rst @@ -0,0 +1,79 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +================= +container-version +================= + +---------------------- +Show container version +---------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container version** ['OPTIONS'] + +Description +=========== + +The **container version** command shows the container version number. + +Options +======= + +The **container version** command has no options. + +Examples +======== + +Show container version: + + container version + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container-version.1.txt b/share/man/container-version.1.txt deleted file mode 100644 index 498d842..0000000 --- a/share/man/container-version.1.txt +++ /dev/null @@ -1,73 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER-VERSION(1) -==================== -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container-version - Show container version - - -SYNOPSIS --------- -*container version* ['OPTIONS'] - - -DESCRIPTION ------------ -The container version command shows the container version number. - - -OPTIONS -------- -This command has no options. - - -EXAMPLES --------- -*Show container version:*:: - container version - - -SEE ALSO --------- -compute-tools(7), -container(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container.1.rst b/share/man/container.1.rst new file mode 100644 index 0000000..c08cbd9 --- /dev/null +++ b/share/man/container.1.rst @@ -0,0 +1,171 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see <https://www.gnu.org/licenses/>. + +========= +container +========= + +-------------------------------- +Manage systemd-nspawn containers +-------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container** 'COMMAND' ['OPTIONS'] +| **container** 'COMMAND1','COMMAND2',... 'COMMANDn' + +Description +=========== + +compute-tools provides the system integration for managing containers using +systemd-nspawn. + +Options +======= + +The following **container** common options are available: + +-n, --name='NAME': + Specify container name. + +Commands +======== + +The following **container** commands are available: + +build: + Build a new container, see container-build(1). + +start: + Start a container, see container-start(1). + +rebuild: + Rebuild a container, see container-rebuild(1). + +restart: + Restart a container, see container-restart(1). + +stop: + Stop a container, see container-stop(1). + +remove: + Remove a container, see container-remove(1). + +move: + Rename a container, see container-move(1). + +console: + Attach console to a container, see container-console(1). + +enter: + Enter a container namespace, see container-enter(1). + +run: + Execute commands in a container namespace, see container-run(1). + +info: + Show specific information of a container, see container-info(1). + +key: + Manage GnuPG keyring for container operations, see container-key(1). + +limit: + Limit resources of a container, see container-limit(1). + +list: + List container on the system, see container-list(1). + +log: + Show container log, see container-log(1). + +status: + Show container status, see container-status(1). + +top: + Dynamic list of container on the system, see container-top(1). + +update: + Update the packages installed in a container. + +version: + Show container version, see container-version(1). + +Files +===== + +The following files are used: + +/etc/compute-tools/container.conf, /etc/compute-tools/container.conf.d/\*.conf: + Container configuration files. + +/usr/bin/container, /usr/bin/cnt: + Container program. + +/usr/bin/container-shell, /usr/bin/cntsh: + Container shell program. + +/usr/libexec/container: + Container commands. + +/usr/share/compute-tools/: + Container shared data. + +/usr/share/doc/compute-tools: + Container documentation files. + +/var/cache/container: + Container cache directory. + +/var/lib/machines: + Container root directory. + +/var/log/compute-tools: + Container log files. + +See also +======== + +| machinectl(1), +| systemd-nspawn(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +<software@lists.open-infrastructure.net>. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann +<daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/container.1.txt b/share/man/container.1.txt deleted file mode 100644 index 02cdc64..0000000 --- a/share/man/container.1.txt +++ /dev/null @@ -1,153 +0,0 @@ -// Copyright (C) 2014-2020 Daniel Baumann <daniel.baumann@open-infrastructure.net> -// -// SPDX-License-Identifier: GPL-3.0+ -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see <http://www.gnu.org/licenses/>. - -CONTAINER(1) -============ -:doctype: manpage -:man manual: Open Infrastructure -:man source: compute-tools -:man version: {revnumber} - - -NAME ----- -container - Manage systemd-nspawn containers - - -SYNOPSIS --------- -*container* 'COMMAND' ['OPTIONS'] -*container* 'COMMAND1','COMMAND2',... 'COMMANDn' - - -DESCRIPTION ------------ -compute-tools provides the system integration for managing containers using systemd-nspawn. - - -OPTIONS -------- -The following container common options are available: - -*-n, --name='NAME'*:: - Specify container name. - - -COMMANDS --------- -The following container commands are available: - -*create*:: - Create a new container, see container-create(1). - -*start*:: - Start a container, see container-start(1). - -*restart*:: - Restart a container, see container-restart(1). - -*stop*:: - Stop a container, see container-stop(1). - -*remove*:: - Remove a container, see container-remove(1). - -*move*:: - Rename a container, see container-move(1). - -*console*:: - Attach console to a container, see container-console(1). - -*enter*:: - Enter a container namespace, see container-enter(1). - -*key*:: - Manage GnuPG keyring for container operations, see container-key(1). - -*limit*:: - Limit ressources of a container, see container-limit(1). - -*list*:: - List container on the system, see container-list(1). - -*log*:: - Show container log, see container-log(1). - -*status*:: - Show container status, see container-status(1). - -*top*:: - Dynamic list of container on the system, see container-top(1). - -*version*:: - Show container version, see container-version(1). - - -FILES ------ -The following files are used: - -*/etc/open-infrastructure/container*:: - Container configuration files. - -*/usr/bin/container*, */usr/bin/cnt*:: - Container program. - -*/usr/bin/container-shell*, */usr/bin/cntsh*:: - Container shell program. - -*/usr/lib/open-infrastructure/container*:: - Container commands. - -*/usr/share/open-infrastructure/container*:: - Container shared data. - -*/usr/share/doc/compute-tools*:: - Container documentation files. - -*/var/cache/open-infrastructure/container*:: - Container cache directory. - -*/var/lib/machines*:: - Container root directory. - -*/var/log/open-infrastructure*:: - Container log files. - - -SEE ALSO --------- -machinectl(1), -systemd-nspawn(1). - - -HOMEPAGE --------- -More information about compute-tools and the Open Infrastructure project can be found on the homepage at https://open-infrastructure.net. - - -CONTACT -------- -Bug reports, feature requests, help, patches, support and everything else -are welcome on the Open Infrastructure Software Mailing List <software@lists.open-infrastructure.net>. - -Debian specific bugs can also be reported in the Debian Bug Tracking System at https://bugs.debian.org. - - -AUTHORS -------- -compute-tools were written by Daniel Baumann <daniel.baumann@open-infrastructure.net> and others. diff --git a/share/man/man.in b/share/man/man.in new file mode 100644 index 0000000..45a5f40 --- /dev/null +++ b/share/man/man.in @@ -0,0 +1,19 @@ +.\" Open Infrastructure: compute-tools +.\" +.\" Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +.\" +.\" SPDX-License-Identifier: GPL-3.0+ +.\" +.\" This program is free software: you can redistribute it and/or modify +.\" it under the terms of the GNU General Public License as published by +.\" the Free Software Foundation, either version 3 of the License, or +.\" (at your option) any later version. +.\" +.\" This program is distributed in the hope that it will be useful, +.\" but WITHOUT ANY WARRANTY; without even the implied warranty of +.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.\" GNU General Public License for more details. +.\" +.\" You should have received a copy of the GNU General Public License +.\" along with this program. If not, see <https://www.gnu.org/licenses/>. +.\" diff --git a/share/needrestart/container-tools.conf b/share/needrestart/container-tools.conf new file mode 100644 index 0000000..cd1c76b --- /dev/null +++ b/share/needrestart/container-tools.conf @@ -0,0 +1,6 @@ +# Open Infrastructure: compute-tools + +$nrconf{blacklist_rc} = [ + # container-tools + qr(^container@(.*).service) => 0, +]; diff --git a/share/procps/zz-container.conf b/share/procps/zz-container.conf index c464c42..61c047d 100644 --- a/share/procps/zz-container.conf +++ b/share/procps/zz-container.conf @@ -1,3 +1,5 @@ +# Open Infrastructure: compute-tools + # The default limits are set to low for running many containers # and eventually lead to errors like the following on container start: # diff --git a/share/sudo/container-shell b/share/sudo/container-shell index cd3f74d..c4108a6 100644 --- a/share/sudo/container-shell +++ b/share/sudo/container-shell @@ -1 +1,3 @@ +# Open Infrastructure: compute-tools + container ALL=NOPASSWD: /usr/bin/container diff --git a/share/systemd/container-auto.service b/share/systemd/container-auto.service index 4d7e10e..50f8ac6 100644 --- a/share/systemd/container-auto.service +++ b/share/systemd/container-auto.service @@ -1,3 +1,5 @@ +# Open Infrastructure: compute-tools + [Unit] Description=compute-tools automatic start and stop Documentation=man:container-auto @@ -9,8 +11,8 @@ RemainAfterExit=yes ExecStart=/usr/bin/container auto --start ExecStop=/usr/bin/container auto --stop Delegate=yes -StandardOutput=syslog -StandardError=syslog +StandardOutput=journal +StandardError=journal [Install] WantedBy=multi-user.target diff --git a/share/systemd/container@.service b/share/systemd/container@.service index 9e9f720..4bd7be5 100644 --- a/share/systemd/container@.service +++ b/share/systemd/container@.service @@ -1,9 +1,12 @@ +# Open Infrastructure: compute-tools + [Unit] Description="Container: %i" Documentation=man:compute-tools [Service] Type=simple +Environment=TERM=xterm-256color ExecStart=/usr/bin/container start --name %i --nspawn --no-notification ExecStartPost=/usr/bin/container start --name %i --start --no-notification ExecStopPost=/usr/bin/container stop -n %i --clean --no-notification |