summaryrefslogtreecommitdiffstats
path: root/share/scripts/curl
diff options
context:
space:
mode:
Diffstat (limited to 'share/scripts/curl')
-rwxr-xr-xshare/scripts/curl328
1 files changed, 279 insertions, 49 deletions
diff --git a/share/scripts/curl b/share/scripts/curl
index a338020..709e59c 100755
--- a/share/scripts/curl
+++ b/share/scripts/curl
@@ -21,13 +21,14 @@ set -e
SCRIPT="${0}"
HOOKS="/etc/container-tools/hooks"
+KEYS="/etc/container-tools/keys"
MACHINES="/var/lib/machines"
-CACHE="/var/cache/container-tools/images"
+CACHE="/var/cache/container-tools/system"
Parameters ()
{
- GETOPT_LONGOPTIONS="bind:,bind-ro:,script:,name:,clean,image:,server:,password:"
- GETOPT_OPTIONS="b:,s:,n:,p:"
+ GETOPT_LONGOPTIONS="bind:,bind-ro:,script:,name:,architecture:,clean,password:,server:,setup:,system:,"
+ GETOPT_OPTIONS="b:,s:,n:,a:,p:"
PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${SCRIPT} --options ${GETOPT_OPTIONS} --shell sh -- ${@})"
@@ -72,13 +73,18 @@ Parameters ()
shift 2
;;
+ -a|--architecture)
+ ARCHITECTURE="${2}"
+ shift 2
+ ;;
+
--clean)
CLEAN="true"
shift 1
;;
- --image)
- IMAGE="${2}"
+ -p|--password)
+ PASSWORD="${2}"
shift 2
;;
@@ -87,8 +93,13 @@ Parameters ()
shift 2
;;
- -p|--password)
- PASSWORD="${2}"
+ --setup)
+ SETUP="${2}"
+ shift 2
+ ;;
+
+ --system)
+ SYSTEM="${2}"
shift 2
;;
@@ -107,7 +118,7 @@ Parameters ()
Usage ()
{
- echo "Usage: container create -n|--name NAME -s|--script ${SCRIPT} -- [--clean] [--image IMAGE] [--server SERVER] [-p|--password PASSWORD}" >&2
+ echo "Usage: container create -n|--name NAME -s|--script ${SCRIPT} -- [--clean] [-p|--password PASSWORD] [--server SERVER] [--setup SETUP] [--system SYSTEM]" >&2
exit 1
}
@@ -136,13 +147,73 @@ then
exit 1
fi
-ARCHITECTURE="${ARCHITECTURE:-$(dpkg --print-architecture)}"
-IMAGE="${IMAGE:-debian-stretch-${ARCHITECTURE}.tar.xz}"
-SERVER="${SERVER:-https://files.open-infrastructure.net/images/container-tools/current}"
+COMPRESSIONS=""
+
+if [ -x /usr/bin/lzip ]
+then
+ COMPRESSIONS="${COMPRESSIONS} lz"
+fi
+
+if [ -x /usr/bin/xz ]
+then
+ COMPRESSIONS="${COMPRESSIONS} xz"
+fi
+
+if [ -x /bin/gzip ]
+then
+ COMPRESSIONS="${COMPRESSIONS} gz"
+fi
+
+if [ -z "${COMPRESSIONS}" ]
+then
+ echo "'${NAME}': no supported compressor available (lz, xz, gz)."
+ exit 1
+fi
+
+SERVER="${SERVER:-https://files.open-infrastructure.net/system/container/debian}"
PASSWORD="${PASSWORD:-$(dd if=/dev/urandom bs=12 count=1 2> /dev/null | base64)}"
VERSION="$(container version)"
+export SERVER
+
+Debconf ()
+{
+ # Configure local debconf
+ mkdir -p "${DEBCONF_TMPDIR}/debconf"
+
+cat > "${DEBCONF_TMPDIR}/debconf.systemrc" << EOF
+Config: configdb
+Templates: templatedb
+
+Name: config
+Driver: File
+Mode: 644
+Reject-Type: password
+Filename: ${DEBCONF_TMPDIR}/debconf/config.dat
+
+Name: passwords
+Driver: File
+Mode: 600
+Backup: false
+Required: false
+Accept-Type: password
+Filename: ${DEBCONF_TMPDIR}/debconf/passwords.dat
+
+Name: configdb
+Driver: Stack
+Stack: config, passwords
+
+Name: templatedb
+Driver: File
+Mode: 644
+Filename: ${DEBCONF_TMPDIR}/debconf/templates.dat
+EOF
+
+ DEBCONF_SYSTEMRC="${DEBCONF_TMPDIR}/debconf.systemrc"
+ export DEBCONF_SYSTEMRC
+}
+
# Pre hooks
for FILE in "${HOOKS}/pre-${SCRIPT}".* "${HOOKS}/${NAME}.pre-${SCRIPT}"
do
@@ -154,65 +225,189 @@ done
# Run
-# FIXME: Show available image directories on server
-# FIXME: Fetch debconf-choices.txt to show debconf select
-# FIXME: gpg verification against debian-keyring or local keyring
# FIXME: default server via configuration file
-echo "Downloading ${IMAGE}"
-mkdir -p "${CACHE}"
+CURL_OPTIONS=""
-if [ -e "${CACHE}/${IMAGE}" ]
+if curl -V | grep -qs http2
then
- CURL_OPTIONS="--time-cond ${CACHE}/${IMAGE}"
+ CURL_OPTIONS="${CURL_OPTIONS} --http2"
fi
-if curl -V | grep -qs http2
+if [ -z "${SYSTEM}" ]
then
- CURL_OPTIONS="${CURL_OPTIONS} --http2"
+ # Downloading container list
+ if curl --fail --head --output /dev/null --silent "${SERVER}/container-list.txt"
+ then
+ mkdir -p /tmp/container-tools
+ DEBCONF_TMPDIR="$(mktemp -d -p /tmp/container-tools -t $(basename ${0}).XXXX)"
+ export DEBCONF_TMPDIR
+
+ if [ -z "${ARCHITECTURE}" ]
+ then
+ case "$(dpkg --print-architecture)" in
+ amd64)
+ GREP_PATTERN="(amd64|i386)"
+ ;;
+ esac
+ fi
+
+ GREP_PATTERN="${GREP_PATTERN:-${ARCHITECTURE}}"
+
+ echo "Downloading $(echo ${SERVER} | awk -F/ '{ print $3 }') container list"
+ curl --fail --location --progress-bar --user-agent container-tools/${VERSION} ${CURL_OPTIONS} \
+ "${SERVER}/container-list.txt" | grep -E "${GREP_PATTERN}" > "${DEBCONF_TMPDIR}/container-list.txt"
+
+ umask 0022
+
+ Debconf
+
+ # Run debconf parts
+ for DEBCONF_SCRIPT in /usr/share/container-tools/scripts/curl.d/*
+ do
+ if [ -x "${DEBCONF_SCRIPT}" ]
+ then
+ # FIXME
+ # debconf -ocontainer-tools "${DEBCONF_SCRIPT}"
+ "${DEBCONF_SCRIPT}"
+ fi
+ done
+
+ # Read-in configuration from debconf
+ . "${DEBCONF_TMPDIR}/debconf.default"
+
+ # Remove debconf temporary files
+ rm --preserve-root --one-file-system -rf "${DEBCONF_TMPDIR}"
+ rmdir --ignore-fail-on-non-empty /tmp/container-tools 2>&1 || true
+ fi
fi
-curl --fail --location --progress-bar --user-agent container-tools/${VERSION} ${CURL_OPTIONS} \
- "${SERVER}/${IMAGE}" -o "${CACHE}/${IMAGE}"
+for COMPRESSION in ${COMPRESSIONS}
+do
+ if curl --fail --head --output /dev/null --silent "${SERVER}/${SYSTEM}.${COMPRESSION}"
+ then
+ SYSTEM="${SYSTEM}.${COMPRESSION}"
+ break
+ fi
+done
+
+# Downloading container files
+mkdir -p "${CACHE}"
+
+SETUP="${SETUP:-$(echo ${SYSTEM} | sed -e 's|.system.tar.|.setup.tar.|')}"
-curl --fail --location --progress-bar --user-agent container-tools/${VERSION} ${CURL_OPTIONS} \
- "${SERVER}/${IMAGE}.sha512" -o "${CACHE}/${IMAGE}.sha512"
+for FILE in "${SYSTEM}" "${SYSTEM}.gpg" "${SYSTEM}.sha512" \
+ "${SETUP}" "${SETUP}.gpg" "${SETUP}.sha512"
+do
+ if curl --fail --head --output /dev/null --silent "${SERVER}/${FILE}"
+ then
+ case "${FILE}" in
+ *.sha512)
+ if [ -e "${CACHE}/$(basename ${FILE} .sha512).gpg" ]
+ then
+ continue
+ fi
+ ;;
+ esac
+
+ if [ -e "${CACHE}/${FILE}" ]
+ then
+ CURL_TIME_COND="--time-cond ${CACHE}/${FILE}"
+ else
+ CURL_TIME_COND=""
+ fi
+
+ echo "Downloading ${FILE}"
+ curl --fail --location --progress-bar --user-agent container-tools/${VERSION} ${CURL_OPTIONS} ${CURL_TIME_COND} \
+ "${SERVER}/${FILE}" -o "${CACHE}/${FILE}"
+ fi
+done
-echo -n "Verifying ${IMAGE}.sha512"
cd "${CACHE}"
-set +e
-sha512sum --check "${IMAGE}.sha512" --status
-SHA512SUM="${?}"
+for FILE in "${SYSTEM}" "${SETUP}"
+do
+ if [ ! -e "${FILE}" ]
+ then
+ continue
+ fi
-case "${SHA512SUM}" in
- 0)
- echo " ok."
- ;;
+ if [ -e "${FILE}.gpg" ]
+ then
+ echo -n "Verifying ${FILE}:"
- *)
- echo " failed."
- exit 1
- ;;
-esac
+ set +e
+ gpg --homedir "${KEYS}" --verify "${FILE}.gpg" "${FILE}" > /dev/null 2>&1
+ GNUPG="${?}"
+ set -e
-set -e
-cd "${OLDPWD}"
+ case "${GNUPG}" in
+ 0)
+ echo " gpg ok."
+ continue
+ ;;
+
+ *)
+ echo " gpg failed."
+ exit 1
+ ;;
+ esac
+ elif [ -e "${FILE}.sha512" ]
+ then
+ echo -n "Verifying ${FILE}:"
-echo "Unpacking ${IMAGE}"
-mkdir -p "${MACHINES}/${NAME}"
+ set +e
+ sha512sum --check "${FILE}.sha512" --status
+ SHA512SUM="${?}"
+ set -e
-case "${IMAGE}" in
+ case "${SHA512SUM}" in
+ 0)
+ echo " sha512 ok."
+ ;;
+
+ *)
+ echo " sha512 failed."
+ exit 1
+ ;;
+ esac
+ fi
+done
+
+cd "${OLDPWD}"
+
+case "${SYSTEM}" in
*.gz)
TAR_OPTIONS="--gzip"
+
+ if [ ! -e /bin/gzip ]
+ then
+ echo -en "\n"
+ echo "'${NAME}': /bin/lzip - no such file." >&2
+ exit 1
+ fi
;;
*.lz)
TAR_OPTIONS="--lzip"
+
+ if [ ! -e /usr/bin/lzip ]
+ then
+ echo -en "\n"
+ echo "'${NAME}': /usr/bin/lzip - no such file." >&2
+ exit 1
+ fi
;;
*.xz)
TAR_OPTIONS="--xz"
+
+ if [ ! -e /usr/bin/xz ]
+ then
+ echo -en "\n"
+ echo "'${NAME}': /usr/bin/xz - no such file." >&2
+ exit 1
+ fi
;;
*)
@@ -220,11 +415,46 @@ case "${IMAGE}" in
;;
esac
-if [ -e /usr/bin/pv ]
+for FILE in "${SYSTEM}" "${SETUP}"
+do
+ if [ ! -e "${CACHE}/${FILE}" ]
+ then
+ continue
+ fi
+
+ case "${FILE}" in
+ *.system.tar.*)
+ DIRECTORY="${MACHINES}/${NAME}"
+ ;;
+
+ *.setup.tar.*)
+ DIRECTORY="${MACHINES}/${NAME}/setup"
+ ;;
+ esac
+
+ mkdir -p "${DIRECTORY}"
+
+ if [ -e /usr/bin/pv ]
+ then
+ echo "Unpacking ${FILE}"
+ pv --format '%p' --width 77 "${CACHE}/${FILE}" | tar xf - ${TAR_OPTIONS} -C "${DIRECTORY}" --strip 1
+ else
+ echo -n "Unpacking ${FILE}:"
+ tar xf "${CACHE}/${FILE}" ${TAR_OPTIONS} -C "${DIRECTORY}" --strip 1
+ echo " ok."
+ fi
+done
+
+if [ -x "${MACHINES}/${NAME}/setup/container" ]
then
- pv --format '%p' --width 77 "${CACHE}/${IMAGE}" | tar xf - ${TAR_OPTIONS} -C "${MACHINES}/${NAME}" --strip 1
-else
- tar xf "${CACHE}/${IMAGE}" ${TAR_OPTIONS} -C "${MACHINES}/${NAME}" --strip 1
+ chroot "${MACHINES}/${NAME}" /usr/bin/env -i \
+ LC_ALL="C" PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games" TERM="${TERM}" \
+ DEBIAN_FRONTEND="dialog" DEBIAN_PRIORITY="low" \
+ DEBCONF_NONINTERACTIVE_SEEN="true" DEBCONF_NOWARNINGS="true" \
+ NAME="${NAME}" \
+ /setup/container
+
+ rm -rf "${MACHINES}/${NAME}/setup"
fi
# Creating machine-id
@@ -240,11 +470,11 @@ cp -L /etc/resolv.conf "${MACHINES}/${NAME}/etc/resolv.conf"
echo root:${PASSWORD} | chroot "${MACHINES}/${NAME}" chpasswd
echo "${NAME}: root password set to '${PASSWORD}'."
-# Reove cache
+# Remove cache
case "${CLEAN}" in
true)
- rm -f "${CACHE}/${IMAGE}"
- rm -f "${CACHE}/${IMAGE}.sha512"
+ rm -f "${CACHE}/${SYSTEM}" "${CACHE}/${SYSTEM}.sha512"
+ rm -f "${CACHE}/${SETUP}" "${CACHE}/${SETUP}.sha512"
;;
esac
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-14 15:08:21 +0000