From b5b74b561d10b8c627bcf49b0234d1fb22b9c09f Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 25 Jul 2021 09:54:36 +0200 Subject: Making previous container curl create script a container get script. Signed-off-by: Daniel Baumann --- Makefile | 2 +- share/build-scripts/curl | 492 ---------------------- share/build-scripts/curl.d/0001-debconf | 54 --- share/build-scripts/curl.d/0001-debconf.templates | 11 - share/get-scripts/curl | 490 +++++++++++++++++++++ share/get-scripts/curl.d/0001-debconf | 54 +++ share/get-scripts/curl.d/0001-debconf.templates | 11 + share/man/container-build.1.rst | 3 - share/man/container-create-curl.1.rst | 148 ------- share/man/container-get-curl.1.rst | 148 +++++++ 10 files changed, 704 insertions(+), 709 deletions(-) delete mode 100755 share/build-scripts/curl delete mode 100755 share/build-scripts/curl.d/0001-debconf delete mode 100644 share/build-scripts/curl.d/0001-debconf.templates create mode 100755 share/get-scripts/curl create mode 100755 share/get-scripts/curl.d/0001-debconf create mode 100644 share/get-scripts/curl.d/0001-debconf.templates delete mode 100644 share/man/container-create-curl.1.rst create mode 100644 share/man/container-get-curl.1.rst diff --git a/Makefile b/Makefile index 77799aa..1bb8093 100644 --- a/Makefile +++ b/Makefile @@ -81,7 +81,7 @@ install: build mkdir -p $(DESTDIR)/usr/share/$(SOFTWARE) cp -r VERSION.txt $(DESTDIR)/usr/share/$(SOFTWARE) - cp -r share/config share/hooks share/build-scripts $(DESTDIR)/usr/share/$(SOFTWARE) + cp -r share/config share/hooks share/build-scripts share/get-scripts $(DESTDIR)/usr/share/$(SOFTWARE) mkdir -p $(DESTDIR)/usr/share/bash-completion/completions cp -r share/bash-completion/* $(DESTDIR)/usr/share/bash-completion/completions diff --git a/share/build-scripts/curl b/share/build-scripts/curl deleted file mode 100755 index 98c2b82..0000000 --- a/share/build-scripts/curl +++ /dev/null @@ -1,492 +0,0 @@ -#!/bin/sh - -# Copyright (C) 2014-2021 Daniel Baumann -# -# SPDX-License-Identifier: GPL-3.0+ -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . - -set -e - -PROJECT="open-infrastructure" -SOFTWARE="compute-tools" -PROGRAM="container" - -HOOKS="/etc/${SOFTWARE}/hooks" -KEYS="/etc/${SOFTWARE}/keys" -MACHINES="/var/lib/machines" -CACHE="/var/cache/${PROGRAM}/system" - -SCRIPT="${0}" -export SCRIPT - -Parameters () -{ - GETOPT_LONGOPTIONS="bind:,bind-ro:,script:,name:,architecture:,clean,password:,server:,setup:,system:," - GETOPT_OPTIONS="b:,s:,n:,a:,p:" - - PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${SCRIPT} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" - - if [ "${?}" != "0" ] - then - echo "'${SCRIPT}': getopt exit" >&2 - exit 1 - fi - - eval set -- "${PARAMETERS}" - - while true - do - case "${1}" in - -b|--bind) - # ignore - shift 2 - ;; - - --bind-ro) - # ignore - shift 2 - ;; - - --cnt.auto) - # ignore - shift 2 - ;; - - --cnt.container-server) - # ignore - shift 2 - ;; - - -s|--script) - # ignore - shift 2 - ;; - - -n|--name) - NAME="${2}" - shift 2 - ;; - - -a|--architecture) - ARCHITECTURE="${2}" - shift 2 - ;; - - --clean) - CLEAN="true" - shift 1 - ;; - - -p|--password) - PASSWORD="${2}" - shift 2 - ;; - - --server) - SERVER="${2}" - shift 2 - ;; - - --setup) - SETUP="${2}" - shift 2 - ;; - - --system) - SYSTEM="${2}" - shift 2 - ;; - - --) - shift 1 - break - ;; - - *) - echo "'${SCRIPT}': getopt error" >&2 - exit 1 - ;; - esac - done -} - -Usage () -{ - echo "Usage: container create -n|--name NAME -s|--script ${SCRIPT} -- [--clean] [-p|--password PASSWORD] [--server SERVER] [--setup SETUP] [--system SYSTEM]" >&2 - exit 1 -} - -Parameters "${@}" - -if [ -z "${NAME}" ] -then - Usage -fi - -if [ -e "${MACHINES}/${NAME}" ] -then - echo "'${NAME}': container already exists" >&2 - exit 1 -fi - -if [ ! -x /usr/bin/curl ] -then - echo "'${NAME}': /usr/bin/curl - no such file." >&2 - exit 1 -fi - -if [ "$(id -u)" -ne 0 ] -then - echo "'${NAME}': need root privileges" >&2 - exit 1 -fi - -COMPRESSIONS="" - -if [ -x /usr/bin/lzip ] -then - COMPRESSIONS="${COMPRESSIONS} lz" -fi - -if [ -x /usr/bin/xz ] -then - COMPRESSIONS="${COMPRESSIONS} xz" -fi - -if [ -x /bin/gzip ] -then - COMPRESSIONS="${COMPRESSIONS} gz" -fi - -if [ -z "${COMPRESSIONS}" ] -then - echo "'${NAME}': no supported compressor available (lz, xz, gz)." - exit 1 -fi - -SERVER="${SERVER:-https://get.open-infrastructure.net/system/container/debian}" -PASSWORD="${PASSWORD:-$(dd if=/dev/urandom bs=12 count=1 2> /dev/null | base64)}" - -VERSION="$(container version)" - -export SERVER - -Debconf () -{ - # Configure local debconf - mkdir -p "${DEBCONF_TMPDIR}/debconf" - -cat > "${DEBCONF_TMPDIR}/debconf.systemrc" << EOF -Config: configdb -Templates: templatedb - -Name: config -Driver: File -Mode: 644 -Reject-Type: password -Filename: ${DEBCONF_TMPDIR}/debconf/config.dat - -Name: passwords -Driver: File -Mode: 600 -Backup: false -Required: false -Accept-Type: password -Filename: ${DEBCONF_TMPDIR}/debconf/passwords.dat - -Name: configdb -Driver: Stack -Stack: config, passwords - -Name: templatedb -Driver: File -Mode: 644 -Filename: ${DEBCONF_TMPDIR}/debconf/templates.dat -EOF - - DEBCONF_SYSTEMRC="${DEBCONF_TMPDIR}/debconf.systemrc" - export DEBCONF_SYSTEMRC -} - -# Pre hooks -for FILE in "${HOOKS}/pre-${SCRIPT}".* "${HOOKS}/${NAME}.pre-${SCRIPT}" -do - if [ -x "${FILE}" ] - then - "${FILE}" - fi -done - -# Run - -# FIXME: default server via configuration file - -CURL_OPTIONS="" - -if curl -V | grep -qs http2 -then - CURL_OPTIONS="${CURL_OPTIONS} --http2" -fi - -if [ -z "${SYSTEM}" ] -then - # Downloading container list - if curl --fail --head --output /dev/null --silent "${SERVER}/container-list.txt" - then - mkdir -p "/tmp/${SOFTWARE}" - DEBCONF_TMPDIR="$(mktemp -d -p "/tmp/${SOFTWARE}" -t $(basename ${0}).XXXX)" - export DEBCONF_TMPDIR - - if [ -z "${ARCHITECTURE}" ] - then - case "$(dpkg --print-architecture)" in - amd64) - GREP_PATTERN="(amd64|i386)" - ;; - esac - fi - - GREP_PATTERN="${GREP_PATTERN:-${ARCHITECTURE}}" - - echo "Downloading $(echo ${SERVER} | awk -F/ '{ print $3 }') container list" - curl --fail --location --progress-bar --user-agent ${SOFTWARE}/${VERSION} ${CURL_OPTIONS} \ - "${SERVER}/container-list.txt" | grep -E "${GREP_PATTERN}" > "${DEBCONF_TMPDIR}/container-list.txt" - - umask 0022 - - Debconf - - # Run debconf parts - for DEBCONF_SCRIPT in /usr/share/${SOFTWARE}/scripts/curl.d/* - do - if [ -x "${DEBCONF_SCRIPT}" ] - then - "${DEBCONF_SCRIPT}" - fi - done - - # Read-in configuration from debconf - . "${DEBCONF_TMPDIR}/debconf.default" - - # Remove debconf temporary files - rm --preserve-root --one-file-system -rf "${DEBCONF_TMPDIR}" - rmdir --ignore-fail-on-non-empty "/tmp/${SOFTWARE}" 2>&1 || true - fi -fi - -for COMPRESSION in ${COMPRESSIONS} -do - if curl --fail --head --output /dev/null --silent "${SERVER}/${SYSTEM}.${COMPRESSION}" - then - SYSTEM="${SYSTEM}.${COMPRESSION}" - break - fi -done - -# Downloading container files -mkdir -p "${CACHE}" - -SETUP="${SETUP:-$(echo ${SYSTEM} | sed -e 's|.system.tar.|.setup.tar.|')}" - -for FILE in "${SYSTEM}" "${SYSTEM}.sign" "${SYSTEM}.sha512" \ - "${SETUP}" "${SETUP}.sign" "${SETUP}.sha512" -do - if curl --fail --head --output /dev/null --silent "${SERVER}/${FILE}" - then - case "${FILE}" in - *.sha512) - if [ -e "${CACHE}/$(basename ${FILE} .sha512).sign" ] - then - continue - fi - ;; - esac - - if [ -e "${CACHE}/${FILE}" ] - then - CURL_TIME_COND="--time-cond ${CACHE}/${FILE}" - else - CURL_TIME_COND="" - fi - - echo "Downloading ${FILE}" - curl --fail --location --progress-bar --user-agent ${SOFTWARE}/${VERSION} ${CURL_OPTIONS} ${CURL_TIME_COND} \ - "${SERVER}/${FILE}" -o "${CACHE}/${FILE}" - fi -done - -cd "${CACHE}" - -for FILE in "${SYSTEM}" "${SETUP}" -do - if [ ! -e "${FILE}" ] - then - continue - fi - - if [ -e "${FILE}.sign" ] - then - echo -n "Verifying ${FILE}:" - - set +e - gpg --homedir "${KEYS}" --verify "${FILE}.sign" "${FILE}" > /dev/null 2>&1 - GNUPG="${?}" - set -e - - case "${GNUPG}" in - 0) - echo " gpg ok." - continue - ;; - - *) - echo " gpg failed." - exit 1 - ;; - esac - elif [ -e "${FILE}.sha512" ] - then - echo -n "Verifying ${FILE}:" - - set +e - sha512sum --check "${FILE}.sha512" --status - SHA512SUM="${?}" - set -e - - case "${SHA512SUM}" in - 0) - echo " sha512 ok." - ;; - - *) - echo " sha512 failed." - exit 1 - ;; - esac - fi -done - -cd "${OLDPWD}" - -case "${SYSTEM}" in - *.gz) - TAR_OPTIONS="--gzip" - - if [ ! -e /bin/gzip ] - then - echo -en "\n" - echo "'${NAME}': /bin/lzip - no such file." >&2 - exit 1 - fi - ;; - - *.lz) - TAR_OPTIONS="--lzip" - - if [ ! -e /usr/bin/lzip ] - then - echo -en "\n" - echo "'${NAME}': /usr/bin/lzip - no such file." >&2 - exit 1 - fi - ;; - - *.xz) - TAR_OPTIONS="--xz" - - if [ ! -e /usr/bin/xz ] - then - echo -en "\n" - echo "'${NAME}': /usr/bin/xz - no such file." >&2 - exit 1 - fi - ;; - - *) - TAR_OPTIONS="" - ;; -esac - -for FILE in "${SYSTEM}" "${SETUP}" -do - if [ ! -e "${CACHE}/${FILE}" ] - then - continue - fi - - case "${FILE}" in - *.system.tar.*) - DIRECTORY="${MACHINES}/${NAME}" - ;; - - *.setup.tar.*) - DIRECTORY="${MACHINES}/${NAME}/setup" - ;; - esac - - mkdir -p "${DIRECTORY}" - - if [ -e /usr/bin/pv ] - then - echo "Unpacking ${FILE}" - pv --format '%p' --width 77 "${CACHE}/${FILE}" | tar xf - ${TAR_OPTIONS} -C "${DIRECTORY}" --strip 1 - else - echo -n "Unpacking ${FILE}:" - tar xf "${CACHE}/${FILE}" ${TAR_OPTIONS} -C "${DIRECTORY}" --strip 1 - echo " ok." - fi -done - -if [ -x "${MACHINES}/${NAME}/setup/container" ] -then - chroot "${MACHINES}/${NAME}" /usr/bin/env -i \ - LC_ALL="C" PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games" TERM="${TERM}" \ - DEBIAN_FRONTEND="dialog" DEBIAN_PRIORITY="low" \ - DEBCONF_NONINTERACTIVE_SEEN="true" DEBCONF_NOWARNINGS="true" \ - NAME="${NAME}" \ - /setup/container - - rm -rf "${MACHINES}/${NAME}/setup" -fi - -# Creating machine-id -chroot "${MACHINES}/${NAME}" systemd-machine-id-setup > /dev/null 2>&1 - -# Setting hostname -echo "${NAME}" > "${MACHINES}/${NAME}/etc/hostname" - -# Copying resolv.conf -cp -L /etc/resolv.conf "${MACHINES}/${NAME}/etc/resolv.conf" - -# Setting root password -echo root:${PASSWORD} | chroot "${MACHINES}/${NAME}" chpasswd -echo "${NAME}: root password set to '${PASSWORD}'." - -# Remove cache -case "${CLEAN}" in - true) - rm -f "${CACHE}/${SYSTEM}" "${CACHE}/${SYSTEM}.sha512" - rm -f "${CACHE}/${SETUP}" "${CACHE}/${SETUP}.sha512" - ;; -esac - -# Post hooks -for FILE in "${HOOKS}/post-${SCRIPT}".* "${HOOKS}/${NAME}.post-${SCRIPT}" -do - if [ -x "${FILE}" ] - then - "${FILE}" - fi -done diff --git a/share/build-scripts/curl.d/0001-debconf b/share/build-scripts/curl.d/0001-debconf deleted file mode 100755 index 083d469..0000000 --- a/share/build-scripts/curl.d/0001-debconf +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/sh - -# Copyright (C) 2014-2021 Daniel Baumann -# -# SPDX-License-Identifier: GPL-3.0+ -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . - -set -e - -DEBCONF_NOWARNINGS="true" -export DEBCONF_NOWARNINGS - -. /usr/share/debconf/confmodule - -System () -{ - TITLE="$(echo ${SERVER} | awk -F/ '{ print $3 }')" - - SYSTEMS="$(for SYSTEM in $(cat ${DEBCONF_TMPDIR}/container-list.txt | cut -d\| -f2 | sed -e 's| |#|g'); do echo -n "$(echo ${SYSTEM} | sed -e 's|#| |g'), "; done | sed -e 's|, $||')" - SYSTEMS_C="$(for SYSTEM_C in $(cat ${DEBCONF_TMPDIR}/container-list.txt | cut -d\| -f1); do echo -n "${SYSTEM_C}, "; done | sed -e 's|, $||')" - - db_subst cnt-curl/title TITLE "${TITLE}" - - db_subst cnt-curl/system CHOICES "${SYSTEMS}" - db_subst cnt-curl/system CHOICES_C "${SYSTEMS_C}" - - db_fset cnt-curl/system seen false - - db_settitle cnt-curl/title - db_input high cnt-curl/system || true - db_go - - db_get cnt-curl/system - SYSTEM="${RET}" # select - - echo "SYSTEM=\"${SYSTEM}\"" >> "${DEBCONF_TMPDIR}/debconf.default" - export SYSTEM -} - -System - -db_stop diff --git a/share/build-scripts/curl.d/0001-debconf.templates b/share/build-scripts/curl.d/0001-debconf.templates deleted file mode 100644 index 59319e4..0000000 --- a/share/build-scripts/curl.d/0001-debconf.templates +++ /dev/null @@ -1,11 +0,0 @@ -Template: cnt-curl/title -Type: title -Description: ${TITLE} - -Template: cnt-curl/system -Type: select -Default: -Choices-C: ${CHOICES_C} -Choices: ${CHOICES} -Description: Container list: - Select the system to use for building the container. diff --git a/share/get-scripts/curl b/share/get-scripts/curl new file mode 100755 index 0000000..435e8e9 --- /dev/null +++ b/share/get-scripts/curl @@ -0,0 +1,490 @@ +#!/bin/sh + +# Copyright (C) 2014-2021 Daniel Baumann +# +# SPDX-License-Identifier: GPL-3.0+ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +set -e + +PROJECT="open-infrastructure" +SOFTWARE="compute-tools" +PROGRAM="container" + +SCRIPT="${0}" +export SCRIPT + +HOOKS="/etc/${SOFTWARE}/hooks" +KEYS="/etc/${SOFTWARE}/keys" +MACHINES="/var/lib/machines" + +Parameters () +{ + GETOPT_LONGOPTIONS="bind:,bind-ro:,script:,name:,architecture:,clean,password:,server:,setup:,system:," + GETOPT_OPTIONS="b:,s:,n:,a:,p:" + + PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${SCRIPT} --options ${GETOPT_OPTIONS} --shell sh -- ${@})" + + if [ "${?}" != "0" ] + then + echo "'${SCRIPT}': getopt exit" >&2 + exit 1 + fi + + eval set -- "${PARAMETERS}" + + while true + do + case "${1}" in + -b|--bind) + # ignore + shift 2 + ;; + + --bind-ro) + # ignore + shift 2 + ;; + + --cnt.auto) + # ignore + shift 2 + ;; + + --cnt.container-server) + # ignore + shift 2 + ;; + + -s|--script) + # ignore + shift 2 + ;; + + -n|--name) + NAME="${2}" + shift 2 + ;; + + -a|--architecture) + ARCHITECTURE="${2}" + shift 2 + ;; + + --clean) + CLEAN="true" + shift 1 + ;; + + -p|--password) + PASSWORD="${2}" + shift 2 + ;; + + --server) + SERVER="${2}" + shift 2 + ;; + + --setup) + SETUP="${2}" + shift 2 + ;; + + --system) + SYSTEM="${2}" + shift 2 + ;; + + --) + shift 1 + break + ;; + + *) + echo "'${SCRIPT}': getopt error" >&2 + exit 1 + ;; + esac + done +} + +Usage () +{ + echo "Usage: container get -n|--name NAME -s|--script ${SCRIPT} -- [--clean] [-p|--password PASSWORD] [--server SERVER] [--setup SETUP] [--system SYSTEM]" >&2 + exit 1 +} + +Parameters "${@}" + +if [ -z "${NAME}" ] +then + Usage +fi + +if [ -e "${MACHINES}/${NAME}" ] +then + echo "'${NAME}': container already exists" >&2 + exit 1 +fi + +if [ ! -x /usr/bin/curl ] +then + echo "'${NAME}': /usr/bin/curl - no such file." >&2 + exit 1 +fi + +if [ "$(id -u)" -ne 0 ] +then + echo "'${NAME}': need root privileges" >&2 + exit 1 +fi + +COMPRESSIONS="" + +if [ -x /usr/bin/lzip ] +then + COMPRESSIONS="${COMPRESSIONS} lz" +fi + +if [ -x /usr/bin/xz ] +then + COMPRESSIONS="${COMPRESSIONS} xz" +fi + +if [ -x /bin/gzip ] +then + COMPRESSIONS="${COMPRESSIONS} gz" +fi + +if [ -z "${COMPRESSIONS}" ] +then + echo "'${NAME}': no supported compressor available (lz, xz, gz)." + exit 1 +fi + +SERVER="${SERVER:-https://get.open-infrastructure.net/system/container/debian}" +PASSWORD="${PASSWORD:-$(dd if=/dev/urandom bs=12 count=1 2> /dev/null | base64)}" +CACHE="/var/cache/${PROGRAM}/get-$(basename ${SCRIPT})/$(echo ${SERVER} | sed -e 's|.*//||' -e 's|/|_|g')" + +VERSION="$(container version)" + +Debconf () +{ + # Configure local debconf + mkdir -p "${DEBCONF_TMPDIR}/debconf" + +cat > "${DEBCONF_TMPDIR}/debconf.systemrc" << EOF +Config: configdb +Templates: templatedb + +Name: config +Driver: File +Mode: 644 +Reject-Type: password +Filename: ${DEBCONF_TMPDIR}/debconf/config.dat + +Name: passwords +Driver: File +Mode: 600 +Backup: false +Required: false +Accept-Type: password +Filename: ${DEBCONF_TMPDIR}/debconf/passwords.dat + +Name: configdb +Driver: Stack +Stack: config, passwords + +Name: templatedb +Driver: File +Mode: 644 +Filename: ${DEBCONF_TMPDIR}/debconf/templates.dat +EOF + + DEBCONF_SYSTEMRC="${DEBCONF_TMPDIR}/debconf.systemrc" + export DEBCONF_SYSTEMRC +} + +# Pre hooks +for FILE in "${HOOKS}/pre-${SCRIPT}".* "${HOOKS}/${NAME}.pre-${SCRIPT}" +do + if [ -x "${FILE}" ] + then + "${FILE}" + fi +done + +# Run + +# FIXME: default server via configuration file + +CURL_OPTIONS="" + +if curl -V | grep -qs http2 +then + CURL_OPTIONS="${CURL_OPTIONS} --http2" +fi + +if [ -z "${SYSTEM}" ] +then + # Downloading container list + if curl --fail --head --output /dev/null --silent "${SERVER}/container-list.txt" + then + mkdir -p "/tmp/${SOFTWARE}" + DEBCONF_TMPDIR="$(mktemp -d -p "/tmp/${SOFTWARE}" -t $(basename ${0}).XXXX)" + export DEBCONF_TMPDIR + + if [ -z "${ARCHITECTURE}" ] + then + case "$(dpkg --print-architecture)" in + amd64) + GREP_PATTERN="(amd64|i386)" + ;; + esac + fi + + GREP_PATTERN="${GREP_PATTERN:-${ARCHITECTURE}}" + + echo "Downloading $(echo ${SERVER} | awk -F/ '{ print $3 }') container list" + curl --fail --location --progress-bar --user-agent ${SOFTWARE}/${VERSION} ${CURL_OPTIONS} \ + "${SERVER}/container-list.txt" | grep -E "${GREP_PATTERN}" > "${DEBCONF_TMPDIR}/container-list.txt" + + umask 0022 + + Debconf + + # Run debconf parts + for DEBCONF_SCRIPT in /usr/share/${SOFTWARE}/get-scripts/curl.d/* + do + if [ -x "${DEBCONF_SCRIPT}" ] + then + "${DEBCONF_SCRIPT}" + fi + done + + # Read-in configuration from debconf + . "${DEBCONF_TMPDIR}/debconf.default" + + # Remove debconf temporary files + rm --preserve-root --one-file-system -rf "${DEBCONF_TMPDIR}" + rmdir --ignore-fail-on-non-empty "/tmp/${SOFTWARE}" 2>&1 || true + fi +fi + +for COMPRESSION in ${COMPRESSIONS} +do + if curl --fail --head --output /dev/null --silent "${SERVER}/${SYSTEM}.${COMPRESSION}" + then + SYSTEM="${SYSTEM}.${COMPRESSION}" + break + fi +done + +# Downloading container files +mkdir -p "${CACHE}" + +SETUP="${SETUP:-$(echo ${SYSTEM} | sed -e 's|.system.tar.|.setup.tar.|')}" + +for FILE in "${SYSTEM}" "${SYSTEM}.sign" "${SYSTEM}.sha512" \ + "${SETUP}" "${SETUP}.sign" "${SETUP}.sha512" +do + if curl --fail --head --output /dev/null --silent "${SERVER}/${FILE}" + then + case "${FILE}" in + *.sha512) + if [ -e "${CACHE}/$(basename ${FILE} .sha512).sign" ] + then + continue + fi + ;; + esac + + if [ -e "${CACHE}/${FILE}" ] + then + CURL_TIME_COND="--time-cond ${CACHE}/${FILE}" + else + CURL_TIME_COND="" + fi + + echo "Downloading ${FILE}" + curl --fail --location --progress-bar --user-agent ${SOFTWARE}/${VERSION} ${CURL_OPTIONS} ${CURL_TIME_COND} \ + "${SERVER}/${FILE}" -o "${CACHE}/${FILE}" + fi +done + +cd "${CACHE}" + +for FILE in "${SYSTEM}" "${SETUP}" +do + if [ ! -e "${FILE}" ] + then + continue + fi + + if [ -e "${FILE}.sign" ] + then + echo -n "Verifying ${FILE}:" + + set +e + gpg --homedir "${KEYS}" --verify "${FILE}.sign" "${FILE}" > /dev/null 2>&1 + GNUPG="${?}" + set -e + + case "${GNUPG}" in + 0) + echo " gpg ok." + continue + ;; + + *) + echo " gpg failed." + exit 1 + ;; + esac + elif [ -e "${FILE}.sha512" ] + then + echo -n "Verifying ${FILE}:" + + set +e + sha512sum --check "${FILE}.sha512" --status + SHA512SUM="${?}" + set -e + + case "${SHA512SUM}" in + 0) + echo " sha512 ok." + ;; + + *) + echo " sha512 failed." + exit 1 + ;; + esac + fi +done + +cd "${OLDPWD}" + +case "${SYSTEM}" in + *.gz) + TAR_OPTIONS="--gzip" + + if [ ! -e /bin/gzip ] + then + echo -en "\n" + echo "'${NAME}': /bin/lzip - no such file." >&2 + exit 1 + fi + ;; + + *.lz) + TAR_OPTIONS="--lzip" + + if [ ! -e /usr/bin/lzip ] + then + echo -en "\n" + echo "'${NAME}': /usr/bin/lzip - no such file." >&2 + exit 1 + fi + ;; + + *.xz) + TAR_OPTIONS="--xz" + + if [ ! -e /usr/bin/xz ] + then + echo -en "\n" + echo "'${NAME}': /usr/bin/xz - no such file." >&2 + exit 1 + fi + ;; + + *) + TAR_OPTIONS="" + ;; +esac + +for FILE in "${SYSTEM}" "${SETUP}" +do + if [ ! -e "${CACHE}/${FILE}" ] + then + continue + fi + + case "${FILE}" in + *.system.tar.*) + DIRECTORY="${MACHINES}/${NAME}" + ;; + + *.setup.tar.*) + DIRECTORY="${MACHINES}/${NAME}/setup" + ;; + esac + + mkdir -p "${DIRECTORY}" + + if [ -e /usr/bin/pv ] + then + echo "Unpacking ${FILE}" + pv --format '%p' --width 77 "${CACHE}/${FILE}" | tar xf - ${TAR_OPTIONS} -C "${DIRECTORY}" --strip 1 + else + echo -n "Unpacking ${FILE}:" + tar xf "${CACHE}/${FILE}" ${TAR_OPTIONS} -C "${DIRECTORY}" --strip 1 + echo " ok." + fi +done + +if [ -x "${MACHINES}/${NAME}/setup/container" ] +then + chroot "${MACHINES}/${NAME}" /usr/bin/env -i \ + LC_ALL="C" PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games" TERM="${TERM}" \ + DEBIAN_FRONTEND="dialog" DEBIAN_PRIORITY="low" \ + DEBCONF_NONINTERACTIVE_SEEN="true" DEBCONF_NOWARNINGS="true" \ + NAME="${NAME}" \ + /setup/container + + rm -rf "${MACHINES}/${NAME}/setup" +fi + +# Creating machine-id +chroot "${MACHINES}/${NAME}" systemd-machine-id-setup > /dev/null 2>&1 + +# Setting hostname +echo "${NAME}" > "${MACHINES}/${NAME}/etc/hostname" + +# Copying resolv.conf +cp -L /etc/resolv.conf "${MACHINES}/${NAME}/etc/resolv.conf" + +# Setting root password +echo root:${PASSWORD} | chroot "${MACHINES}/${NAME}" chpasswd +echo "${NAME}: root password set to '${PASSWORD}'." + +# Remove cache +case "${CLEAN}" in + true) + rm -f "${CACHE}/${SYSTEM}" "${CACHE}/${SYSTEM}.sha512" + rm -f "${CACHE}/${SETUP}" "${CACHE}/${SETUP}.sha512" + ;; +esac + +# Post hooks +for FILE in "${HOOKS}/post-${SCRIPT}".* "${HOOKS}/${NAME}.post-${SCRIPT}" +do + if [ -x "${FILE}" ] + then + "${FILE}" + fi +done diff --git a/share/get-scripts/curl.d/0001-debconf b/share/get-scripts/curl.d/0001-debconf new file mode 100755 index 0000000..083d469 --- /dev/null +++ b/share/get-scripts/curl.d/0001-debconf @@ -0,0 +1,54 @@ +#!/bin/sh + +# Copyright (C) 2014-2021 Daniel Baumann +# +# SPDX-License-Identifier: GPL-3.0+ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +set -e + +DEBCONF_NOWARNINGS="true" +export DEBCONF_NOWARNINGS + +. /usr/share/debconf/confmodule + +System () +{ + TITLE="$(echo ${SERVER} | awk -F/ '{ print $3 }')" + + SYSTEMS="$(for SYSTEM in $(cat ${DEBCONF_TMPDIR}/container-list.txt | cut -d\| -f2 | sed -e 's| |#|g'); do echo -n "$(echo ${SYSTEM} | sed -e 's|#| |g'), "; done | sed -e 's|, $||')" + SYSTEMS_C="$(for SYSTEM_C in $(cat ${DEBCONF_TMPDIR}/container-list.txt | cut -d\| -f1); do echo -n "${SYSTEM_C}, "; done | sed -e 's|, $||')" + + db_subst cnt-curl/title TITLE "${TITLE}" + + db_subst cnt-curl/system CHOICES "${SYSTEMS}" + db_subst cnt-curl/system CHOICES_C "${SYSTEMS_C}" + + db_fset cnt-curl/system seen false + + db_settitle cnt-curl/title + db_input high cnt-curl/system || true + db_go + + db_get cnt-curl/system + SYSTEM="${RET}" # select + + echo "SYSTEM=\"${SYSTEM}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export SYSTEM +} + +System + +db_stop diff --git a/share/get-scripts/curl.d/0001-debconf.templates b/share/get-scripts/curl.d/0001-debconf.templates new file mode 100644 index 0000000..c63994d --- /dev/null +++ b/share/get-scripts/curl.d/0001-debconf.templates @@ -0,0 +1,11 @@ +Template: cnt-curl/title +Type: title +Description: ${TITLE} + +Template: cnt-curl/system +Type: select +Default: +Choices-C: ${CHOICES_C} +Choices: ${CHOICES} +Description: Container list: + Select the system to use for downloading the container. diff --git a/share/man/container-build.1.rst b/share/man/container-build.1.rst index 55f2a9b..d4d7fc5 100644 --- a/share/man/container-build.1.rst +++ b/share/man/container-build.1.rst @@ -44,9 +44,6 @@ Scripts The following build scripts are available: -curl: - Basic script to build Debian based container, see container-create-curl(1). - debootstrap: Basic script to build Debian based container, see container-build-debootstrap(1). diff --git a/share/man/container-create-curl.1.rst b/share/man/container-create-curl.1.rst deleted file mode 100644 index ccf5f3c..0000000 --- a/share/man/container-create-curl.1.rst +++ /dev/null @@ -1,148 +0,0 @@ -.. Open Infrastructure: compute-tools - -.. Copyright (C) 2014-2021 Daniel Baumann -.. -.. SPDX-License-Identifier: GPL-3.0+ -.. -.. This program is free software: you can redistribute it and/or modify -.. it under the terms of the GNU General Public License as published by -.. the Free Software Foundation, either version 3 of the License, or -.. (at your option) any later version. -.. -.. This program is distributed in the hope that it will be useful, -.. but WITHOUT ANY WARRANTY; without even the implied warranty of -.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -.. GNU General Public License for more details. -.. -.. You should have received a copy of the GNU General Public License -.. along with this program. If not, see . - -===================== -container-create-curl -===================== - -------------------------------------------------------------------------- -Create a Debian based container by downloading a tarball over the network -------------------------------------------------------------------------- - -:manual section: 1 -:manual group: Open Infrastructure - -Synopsis -======== - -| **container create -s curl** ['OPTIONS'] - -Description -=========== - -The curl container creation script uses curl(1) to download a tarball over the -network to create a Debian based container. - -Depending on the tarball this script otherwise creates a pure Debian system -with three modificiations: - - * hostname is set (container name) in /etc/hostname - * systemd machine-id is generated in /etc/machine-id - * root password is set (user specified or 16 random characters) - -Container images ----------------- - -compute-tools will download tarballs from a server expecting that the images are -tarballs with either gzip, lzip, xz, or no compression. See container-images.sh -as an example on how to create your own container images. - -Options -======= - -The following script options are available: - --n, --name='NAME': - Specify container name. - --a, --architecture='ARCHITECTURE': - Specify container architecture. - ---clean: - Remove downloaded tarball after successful container creation. - --p, --root-password='PASSWORD': - Specify the root password, defaults to a random 16 character password. - ---server='SERVER': - Specify the image server to download from, defaults to - 'https://get.open-infrastructure.net/system/container/debian'. - ---setup='SETUP': - Specify the setup image name to download, defaults to the value specified - through --system using the setup.tar.${COMPRESSION} suffix (where - ${COMPRESSION} is either lz, xz, or gz depending on compressor availability on - the host system). - ---system='SYSTEM': - Specify the system image name to download, defaults to - debian-bullseye-current_${ARCHITECTURE}.system.tar.${COMPRESSION} (where - ${ARCHITECTURE} is the host systems architecture and ${COMPRESSION} either - lz, xz, or gz depending on compressor availability on the host system). - -Examples -======== - -Create a Debian 11 (bullseye) based container with same architecture as the host -system: - - sudo container create -s curl -n bullseye.example.net - -Create a Debian 11 (bullseye) based container with different architecture as the -host system: - - sudo container create -s curl -n bullseye-i386.example.net -- --system debian-bullseye-current_i386.system.tar.xz - -Files -===== - -The following files are used: - -/etc/compute-tools/config: - Container configuration files. - -/usr/share/compute-tools/scripts: - Container creation scripts. - -/usr/share/doc/compute-tools: - Container documentation. - -/var/lib/machines: - Container directory. - -/var/cache/container: - Container cache directory. - -See also -======== - -| compute-tools(7), -| container(1). - -Homepage -======== - -More information about compute-tools and the Open Infrastructure project can be -found on the homepage (https://open-infrastructure.net). - -Contact -======= - -Bug reports, feature requests, help, patches, support and everything else are -welcome on the Open Infrastructure Software Mailing List -. - -Debian specific bugs can also be reported in the Debian Bug Tracking System -(https://bugs.debian.org). - -Authors -======= - -compute-tools were written by Daniel Baumann - and others. diff --git a/share/man/container-get-curl.1.rst b/share/man/container-get-curl.1.rst new file mode 100644 index 0000000..ba44ba0 --- /dev/null +++ b/share/man/container-get-curl.1.rst @@ -0,0 +1,148 @@ +.. Open Infrastructure: compute-tools + +.. Copyright (C) 2014-2021 Daniel Baumann +.. +.. SPDX-License-Identifier: GPL-3.0+ +.. +.. This program is free software: you can redistribute it and/or modify +.. it under the terms of the GNU General Public License as published by +.. the Free Software Foundation, either version 3 of the License, or +.. (at your option) any later version. +.. +.. This program is distributed in the hope that it will be useful, +.. but WITHOUT ANY WARRANTY; without even the implied warranty of +.. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.. GNU General Public License for more details. +.. +.. You should have received a copy of the GNU General Public License +.. along with this program. If not, see . + +================== +container-get-curl +================== + +--------------------------------------------------------------------------- +Download a Debian based container by downloading a tarball over the network +--------------------------------------------------------------------------- + +:manual section: 1 +:manual group: Open Infrastructure + +Synopsis +======== + +| **container get -s curl** ['OPTIONS'] + +Description +=========== + +The curl container download script uses curl(1) to download a tarball over the +network to create a Debian based container. + +Depending on the tarball this script otherwise creates a pure Debian system +with three modificiations: + + * hostname is set (container name) in /etc/hostname + * systemd machine-id is generated in /etc/machine-id + * root password is set (user specified or 16 random characters) + +Container images +---------------- + +compute-tools will download tarballs from a server expecting that the images are +tarballs with either gzip, lzip, xz, or no compression. See container-images.sh +as an example on how to create your own container images. + +Options +======= + +The following script options are available: + +-n, --name='NAME': + Specify container name. + +-a, --architecture='ARCHITECTURE': + Specify container architecture. + +--clean: + Remove container tarball after successful download. + +-p, --root-password='PASSWORD': + Specify the root password, defaults to a random 16 character password. + +--server='SERVER': + Specify the image server to download from, defaults to + 'https://get.open-infrastructure.net/system/container/debian'. + +--setup='SETUP': + Specify the setup image name to download, defaults to the value specified + through --system using the setup.tar.${COMPRESSION} suffix (where + ${COMPRESSION} is either lz, xz, or gz depending on compressor availability on + the host system). + +--system='SYSTEM': + Specify the system image name to download, defaults to + debian-bullseye-current_${ARCHITECTURE}.system.tar.${COMPRESSION} (where + ${ARCHITECTURE} is the host systems architecture and ${COMPRESSION} either + lz, xz, or gz depending on compressor availability on the host system). + +Examples +======== + +Download a Debian 11 (bullseye) based container with same architecture as the host +system: + + sudo container get -s curl -n bullseye.example.net + +Download a Debian 11 (bullseye) based container with different architecture as the +host system: + + sudo container get -s curl -n bullseye-i386.example.net -- --system debian-bullseye-current_i386.system.tar.xz + +Files +===== + +The following files are used: + +/etc/compute-tools/config: + Container configuration files. + +/usr/share/compute-tools/get-scripts: + Container download scripts. + +/usr/share/doc/compute-tools: + Container documentation. + +/var/lib/machines: + Container directory. + +/var/cache/container: + Container cache directory. + +See also +======== + +| compute-tools(7), +| container(1). + +Homepage +======== + +More information about compute-tools and the Open Infrastructure project can be +found on the homepage (https://open-infrastructure.net). + +Contact +======= + +Bug reports, feature requests, help, patches, support and everything else are +welcome on the Open Infrastructure Software Mailing List +. + +Debian specific bugs can also be reported in the Debian Bug Tracking System +(https://bugs.debian.org). + +Authors +======= + +compute-tools were written by Daniel Baumann + and others. -- cgit v1.2.3