From 7a0a1f92a6f8fa40d987f3e7c73abae7e790ea35 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Thu, 21 Apr 2016 19:46:16 +0200 Subject: Adding upstream version 20160401. Signed-off-by: Daniel Baumann --- share/config/container.conf.in | 13 + share/doc/HOST-SETUP.txt | 169 ++++ share/doc/examples/cairon-backports.cfg | 64 ++ share/doc/examples/jessie.cfg | 32 + share/man/Makefile | 2 +- share/man/container-console.1.txt | 2 +- share/man/container-create-debconf.1.txt | 151 +++ share/man/container-create-debootstrap.1.txt | 10 +- share/man/container-create.1.txt | 16 +- share/man/container-limit.1.txt | 105 ++ share/man/container-list.1.txt | 2 +- share/man/container-remove.1.txt | 2 +- share/man/container-restart.1.txt | 2 +- share/man/container-shell.1.txt | 63 ++ share/man/container-start.1.txt | 2 +- share/man/container-stop.1.txt | 2 +- share/man/container-tools.7.txt | 33 +- share/man/container-version.1.txt | 2 +- share/man/container.1.txt | 12 +- share/scripts/debconf | 974 ++++++++++++++++++ share/scripts/debconf.d/0001-preseed-file | 83 ++ .../scripts/debconf.d/0001-preseed-file.templates | 17 + share/scripts/debconf.d/0002-preseed-debconf | 80 ++ share/scripts/debconf.d/0003-debconf | 1050 ++++++++++++++++++++ share/scripts/debconf.d/0003-debconf.templates | 211 ++++ share/scripts/debian | 1 + share/scripts/debian.d | 1 + share/scripts/debootstrap | 7 +- share/scripts/progress-linux | 1 + share/scripts/progress-linux.d | 1 + share/systemd/container-autostart.service | 15 + 31 files changed, 3102 insertions(+), 23 deletions(-) create mode 100644 share/doc/HOST-SETUP.txt create mode 100644 share/doc/examples/cairon-backports.cfg create mode 100644 share/doc/examples/jessie.cfg create mode 100644 share/man/container-create-debconf.1.txt create mode 100644 share/man/container-limit.1.txt create mode 100644 share/man/container-shell.1.txt create mode 100755 share/scripts/debconf create mode 100755 share/scripts/debconf.d/0001-preseed-file create mode 100644 share/scripts/debconf.d/0001-preseed-file.templates create mode 100755 share/scripts/debconf.d/0002-preseed-debconf create mode 100755 share/scripts/debconf.d/0003-debconf create mode 100644 share/scripts/debconf.d/0003-debconf.templates create mode 120000 share/scripts/debian create mode 120000 share/scripts/debian.d create mode 120000 share/scripts/progress-linux create mode 120000 share/scripts/progress-linux.d create mode 100644 share/systemd/container-autostart.service (limited to 'share') diff --git a/share/config/container.conf.in b/share/config/container.conf.in index 7a0d826..fbf8078 100644 --- a/share/config/container.conf.in +++ b/share/config/container.conf.in @@ -1,11 +1,24 @@ # container-tools: @NAME@ [start] +cnt.autostart=@CNT_AUTOSTART@ bind=@BIND@ boot=@BOOT@ +capability=@CAPABILITY@ directory=@DIRECTORY@ +drop-capability=@DROP_CAPABILITY@ machine=@MACHINE@ network-veth=@NETWORK_VETH@ network-bridge=@NETWORK_BRIDGE@ link-journal=@LINK_JOURNAL@ register=@REGISTER@ + +[limit] +BlockIODeviceWeight= +BlockIOReadBandwidth= +BlockIOWeight= +BlockIOWriteBandwidth= +CPUQuota= +CPUShares= +MemoryLimit= +TasksMax= diff --git a/share/doc/HOST-SETUP.txt b/share/doc/HOST-SETUP.txt new file mode 100644 index 0000000..b8f4cd7 --- /dev/null +++ b/share/doc/HOST-SETUP.txt @@ -0,0 +1,169 @@ +container-tools: Host Setup +=========================== + + +1. Debian Packages +------------------- + +apt install bridge-utils ifenslave vlan + + +2. Boot Parameters +------------------ + +2.1 CGroup Memory Controller +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +In order to enable the memory controller the following boot parameter needs to be used: + + cgroup_enable=memory + + +2.2 CGroup Swap Controller +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +In order to enable the swap controller the following boot parameter needs to be used: + + swapaccount=1 + + +3. Networking +~~~~~~~~~~~~~ + +3.1 Enable IPv4 Forwarding +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +apt install procps +echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/ip_foward.conf +sysctl -p + + +3.2 Configure Network Bridge +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +3.2.1 Bridge: 1 Interface, standalone, DHCP +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +cat > /etc/network/interfaces << EOF +# /etc/network/interfaces + +auto lo +iface lo inet loopback + +iface eth0 inet manual + +auto br0 +iface br0 inet dhcp + bridge_ports eth0 + bridge_fd 0 + bridge_maxwait 0 + bridge_stp 0 +EOF + + +3.2.2 Bridge: 1 Interface, standalone, static +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +cat > /etc/network/interfaces << EOF +# /etc/network/interfaces + +auto lo +iface lo inet loopback + +iface eth0 inet manual + +auto br0 +iface br0 inet static + address 10.0.0.2 + broadcast 10.0.0.255 + gateway 10.0.0.1 + netmask 255.255.255.0 + network 10.0.0.0 + + pre-up ifconfig eth0 down + pre-up ifconfig eth0 up + + bridge_ports eth0 + bridge_fd 0 + bridge_maxwait 0 + bridge_stp 0 +EOF + + +3.2.3 Bridge: 2 logical Interfaces, subnet, static +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +cat > /etc/network/interfaces << EOF +# /etc/network/interfaces + +auto lo +iface lo inet loopback + +autho eth0 +iface eth0 inet dhcp + +auto br0 +iface br0 inet static + address 10.0.0.1 + broadcast 10.0.0.255 + netmask 255.255.255.0 + network 10.0.0.0 + + pre-up brctl addbr br0 + post-down brctl delbr br0 + + bridge_fd 0 + bridge_maxwait 0 + bridge_stp 0 +EOF + + +3.2.4 Bridge: 3 physical Interfaces, vlan, bonding, static +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +cat > /etc/network/interfaces << EOF +# /etc/network/interfaces + +auto lo +iface lo inet loopback + +auto eth0 +iface eth0 inet dhcp + +iface eth1 inet manual + +iface eth2 inet manual + +auto bond0 +iface bond0 inet manual + up ifconfig bond0 0.0.0.0 up + down ifconfig bond0 down + + slaves eth1 eth2 + + bond-mode 4 + bond-miimon 100 + bond-downdelay 200 + bond-updelay 200 + bond-lacp-rate 1 + bond-xmit-hash-policy layer2+3 + +iface bond0.100 inet manual + vlan-raw-device bond0 + +auto br100 +iface br100 inet static + address 10.100.0.2 + broadcast 10.100.0.255 + #gateway 10.100.0.1 + netmask 255.255.255.0 + network 10.100.0.0 + + post-up ip route add 10.100.0.0/24 via 10.100.0.1 dev br100 + post-down ip route del 147.87.226.0/24 dev br100 + + bridge_ports bond0.100 + bridge_fd 0 + bridge_maxwait 0 + bridge_stp 0 +EOF diff --git a/share/doc/examples/cairon-backports.cfg b/share/doc/examples/cairon-backports.cfg new file mode 100644 index 0000000..096cc5e --- /dev/null +++ b/share/doc/examples/cairon-backports.cfg @@ -0,0 +1,64 @@ +# container-tools - Manage systemd-nspawn containers +# +# example for automated Progress Linux 3+ (cairon-backports) container creation +# using: sudo container create -s progress-linux + +#container-tools cnt-debconf/preseed-files string +#container-tools cnt-debconf/include-preseed-files string + +container-tools cnt-debconf/distribution select cairon-backports +#container-tools cnt-debconf/parent-distribution select + +container-tools cnt-debconf/architecture select auto + +container-tools cnt-debconf/archives multiselect cairon-security, cairon-updates, cairon-extras, cairon-backports, cairon-backports-extras +#container-tools cnt-debconf/parent-archives multiselect + +container-tools cnt-debconf/mirror string http://cdn.archive.progress-linux.org/packages +container-tools cnt-debconf/mirror-security string http://cdn.archive.progress-linux.org/packages + +container-tools cnt-debconf/parent-mirror string http://httpredir.debian.org/debian +container-tools cnt-debconf/parent-mirror-security string http://security.debian.org + +container-tools cnt-debconf/archive-areas multiselect main, contrib, non-free +container-tools cnt-debconf/parent-archive-areas multiselect main, contrib, non-free + +container-tools cnt-debconf/packages string openssh-server + +container-tools cnt-debconf/root-password string progress +#container-tools cnt-debconf/root-password-crypted string + +# Network IP configuration +container-tools cnt-debconf/network0/bridge string br0 +container-tools cnt-debconf/network0/ipv4-method select static +container-tools cnt-debconf/network0/ipv4-comment string Primary network interfaces +container-tools cnt-debconf/network0/ipv4-address string 192.168.0.2 +container-tools cnt-debconf/network0/ipv4-broadcast string 192.168.0.255 +container-tools cnt-debconf/network0/ipv4-gateway string 192.168.0.1 +container-tools cnt-debconf/network0/ipv4-netmask string 255.255.255.0 +container-tools cnt-debconf/network0/ipv4-network string 192.168.0.0 +#container-tools cnt-debconf/network0/ipv4-post-up string +#container-tools cnt-debconf/network0/ipv4-post-down string + +# Network DNS configuration +container-tools cnt-debconf/nameserver/server string 127.0.0.1 8.8.8.8 8.8.4.4 +container-tools cnt-debconf/nameserver/domain string example.net +container-tools cnt-debconf/nameserver/search string example.net +container-tools cnt-debconf/nameserver/options string timeout:1 attempts:1 + +# Third-Party Repositories +#container-tools cnt-debconf/archive0/repository string +#container-tools cnt-debconf/archive0/list string +#container-tools cnt-debconf/archive0/comment string +#container-tools cnt-debconf/archive0/source string +#container-tools cnt-debconf/archive0/key string +#container-tools cnt-debconf/archive0/preferences-package string +#container-tools cnt-debconf/archive0/preferences-pin string +#container-tools cnt-debconf/archive0/preferences-pin-priority + +# Internal Options +#container-tools cnt-debconf/apt-recommends string +#container-tools cnt-debconf/debconf-frontend string +#container-tools cnt-debconf/debconf-priority string +#container-tools cnt-debconf/container-command string +#container-tools cnt-debconf/host-command string diff --git a/share/doc/examples/jessie.cfg b/share/doc/examples/jessie.cfg new file mode 100644 index 0000000..509b09e --- /dev/null +++ b/share/doc/examples/jessie.cfg @@ -0,0 +1,32 @@ +# container-tools - Manage systemd-nspawn containers +# +# example for automated Debian 8 (jessie) based container creation +# using: sudo container create -s debian + +#container-tools cnt-debconf/preseed-files string +#container-tools cnt-debconf/include-preseed-files string + +container-tools cnt-debconf/distribution select jessie +#container-tools cnt-debconf/parent-distribution select + +container-tools cnt-debconf/architecture select auto + +container-tools cnt-debconf/archives multiselect jessie-security, jessie-updates +#container-tools cnt-debconf/parent-archives multiselect + +container-tools cnt-debconf/mirror string http://httpredir.debian.org/debian +container-tools cnt-debconf/mirror-security string http://security.debian.org + +#container-tools cnt-debconf/parent-mirror string +#container-tools cnt-debconf/parent-mirror-security string + +container-tools cnt-debconf/archive-areas multiselect main +#container-tools cnt-debconf/parent-archive-areas multiselect + +container-tools cnt-debconf/packages string openssh-server + +container-tools cnt-debconf/root-password string debian +#container-tools cnt-debconf/root-password-crypted string + +container-tools cnt-debconf/network-bridge string br0 +#container-tools cnt-debconf/network-mac string diff --git a/share/man/Makefile b/share/man/Makefile index 721c044..decf333 100644 --- a/share/man/Makefile +++ b/share/man/Makefile @@ -1,6 +1,6 @@ # Makefile -# Open Infrastructure: container-tools +# container-tools - Manage systemd-nspawn containers # Copyright (C) 2014-2016 Daniel Baumann # # This program is free software: you can redistribute it and/or modify diff --git a/share/man/container-console.1.txt b/share/man/container-console.1.txt index 2ce5353..abccf63 100644 --- a/share/man/container-console.1.txt +++ b/share/man/container-console.1.txt @@ -1,4 +1,4 @@ -// Open Infrastructure: container-tools +// container-tools - Manage systemd-nspawn containers // Copyright (C) 2014-2016 Daniel Baumann // // This program is free software: you can redistribute it and/or modify diff --git a/share/man/container-create-debconf.1.txt b/share/man/container-create-debconf.1.txt new file mode 100644 index 0000000..f882714 --- /dev/null +++ b/share/man/container-create-debconf.1.txt @@ -0,0 +1,151 @@ +// container-tools - Manage systemd-nspawn containers +// Copyright (C) 2014-2016 Daniel Baumann +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . + +CONTAINER-CREATE-DEBOOTSTRAP(1) +=============================== +:doctype: manpage +:man manual: Open Infrastructure +:man source: container-tools +:man version: {revnumber} + + +NAME +---- +container-create-debconf - Create an advanced Debian based container with debconf + + +SYNOPSIS +-------- +*container create -s debconf* ['OPTIONS'] +*container create -s debian* ['OPTIONS'] +*container create -s progress-linux* ['OPTIONS'] + + +DESCRIPTION +----------- +The debconf container creation script uses debconf(1) to automatically create a Debian based container. + +SCOPE +~~~~~ +Note that this container creation script can do a few things more than just automatically debootstrap based on a preseed file. +It also allows you to set a root password, configure the network, install certain packages and execute hooks. + +But: this is *not* a replacement for a configuration management system (like ansible, puppet, etc.). +The intenion of this script is to create the initial container to that extend that a configuration managment system +can take over. + +As an analogy, think of debian-installer: d-i sets up your system to make it ready to boot and connect to the network. Everything +after that is out of scope. Same goes for this script. (FIXME) + +FUNCTIONS +~~~~~~~~~ + +This script performs the following configuration on top of a Debian based system: + + * network + * root password + * apt repositories + * ... + +MODES +~~~~~ +This container creation script can be used under two different names: debian and progress-linux. + +Alternative, calling it under the debconf name is equal to the debian mode. + +INTERACTIVE/NONINTERACTIVE +~~~~~~~~~~~~~~~~~~~~~~~~~~ +FIXME + +PRESEEDING +~~~~~~~~~~ + +Hierarchy of Preseed Files + +The debconf script can be fully preseeded. Such preseed files +can include one or more preseed files themselfs (currently, only one layer of +includes is supported, no nested or recursive includes). + +The general rule of 'the later preseed file overwrites the earlier' applies. +The debconf script reads the main preseed file (specified either on command line or +by debconf selection/input dialog) after any included preseed files in there. + +That means that debconf values after the include statement in the main preseed +file can overwrite any values specified in the included preseed files. + + +OPTIONS +------- +The following script options are available: + +*-n, --name='NAME'*:: + Specify container name. + +*-p, --preseed-file='FILE'*:: + Specify the preseed file. + + +EXAMPLES +-------- +*Create a Debian based container:*:: + sudo container create -s debian -n jessie.example.net + +*Create a Progress Linux container:*:: + sudo container create -s progress-linux -n cairon-backports.example.net + + +FILES +----- +The following files are used: + +*/etc/container-tools/config*:: + Container configuration files. + +*/usr/share/container-tools/scripts*:: + Container creation scripts. + +*/usr/share/doc/container-tools*:: + Container documentation. + +*/var/lib/machines*:: + Container directory. + +*/var/cache/container-tools*:: + Container cache directory. + +*/tmp/container-tools*:: + Container temporary directory. + + +SEE ALSO +-------- +container-tools(7), +container(1). + + +HOMEPAGE +-------- +More information about container-tools and the Open Infrastructure project can be found on the homepage at http://open-infrastructure.net. + + +BUGS +---- +Bugs can be reported by opening an issue in the GitHub repository at http://github.com/open-infrastructure/container-tools. + + +AUTHORS +------- +container-tools was written by Daniel Baumann . diff --git a/share/man/container-create-debootstrap.1.txt b/share/man/container-create-debootstrap.1.txt index 1c76711..360d7b6 100644 --- a/share/man/container-create-debootstrap.1.txt +++ b/share/man/container-create-debootstrap.1.txt @@ -1,4 +1,4 @@ -// Open Infrastructure: container-tools +// container-tools - Manage systemd-nspawn containers // Copyright (C) 2014-2016 Daniel Baumann // // This program is free software: you can redistribute it and/or modify @@ -24,7 +24,7 @@ CONTAINER-CREATE-DEBOOTSTRAP(1) NAME ---- -container-create-debootstrap - Create a Debian container with debootstrap +container-create-debootstrap - Create a basic Debian based container with debootstrap SYNOPSIS @@ -34,7 +34,7 @@ SYNOPSIS DESCRIPTION ----------- -The debootstrap container creation script uses debootstrap(8) to create a Debian container. +The debootstrap container creation script uses debootstrap(8) to create a Debian based container. This script creates a pure Debian system with three modificiations: @@ -65,10 +65,10 @@ The following script options are available: EXAMPLES -------- -*Create a Debian 8 (jessie) container with same architecture as the host system:*:: +*Create a Debian 8 (jessie) based container with same architecture as the host system:*:: sudo container create -s debootstrap -n jessie.example.net -*Create a Debian 8 (jessie) with different architecture as the host system:*:: +*Create a Debian 8 (jessie) based container with different architecture as the host system:*:: sudo container create -s debootstrap -n jessie-i386.example.net -- -a i386 diff --git a/share/man/container-create.1.txt b/share/man/container-create.1.txt index 8d9bd06..6646ad1 100644 --- a/share/man/container-create.1.txt +++ b/share/man/container-create.1.txt @@ -1,4 +1,4 @@ -// Open Infrastructure: container-tools +// container-tools - Manage systemd-nspawn containers // Copyright (C) 2014-2016 Daniel Baumann // // This program is free software: you can redistribute it and/or modify @@ -44,6 +44,12 @@ The following container-create options are available: *-n, --name='NAME'*:: Specify container name. +*-c, --capability='CAPABILITY'*:: + Specify capabilities to grant, see capabilities(7). + +*-d, --drop-capability='DROP_CAPABILITY'*:: + Specify capabilities to drop, see capabilities(7). + *-s, --script='SCRIPT'*:: Specify container creation script, defaults to debootstrap. @@ -56,7 +62,10 @@ SCRIPTS The following container scripts are available: *debootstrap*:: - Basic script to create Debian container, see container-create-debootstrap(1). + Basic script to create Debian based container, see container-create-debootstrap(1). + +*debconf*:: + Advanced script to automatically create Debian based container, see container-create-debconf(1). EXAMPLES @@ -64,6 +73,9 @@ EXAMPLES *Create example.net container using debootstrap script:*:: sudo container create -n example.net -s debootstrap +*Create example.net container using debconf script:*:: + sudo container create -n example.net -s debconf + SEE ALSO -------- diff --git a/share/man/container-limit.1.txt b/share/man/container-limit.1.txt new file mode 100644 index 0000000..995374e --- /dev/null +++ b/share/man/container-limit.1.txt @@ -0,0 +1,105 @@ +// container-tools - Manage systemd-nspawn containers +// Copyright (C) 2014-2016 Daniel Baumann +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . + +CONTAINER-STOP(1) +================= +:doctype: manpage +:man manual: Open Infrastructure +:man source: container-tools +:man version: {revnumber} + + +NAME +---- +container-stop - Limit ressources of a container + + +SYNOPSIS +-------- +*container limit* ['OPTIONS'] + + +DESCRIPTION +----------- +The container limit command limits ressources available to a container at runtime. + + +OPTIONS +------- +The following container options are available: + +*-n, --name='NAME'*:: + Specify container name. + +*--blockio-device-weight='DEVICE WEIGHT'*:: + Specify device specific blockio weight, see systemd.resource-control(5). + +*--blockio-read-bandwith='DEVICE BYTES'*:: + Specify device specific blockio read bandwith, see systemd.resource-control(5). + +*-b, --blockio-weight='WEIGHT'*:: + Specify general blockio weight, see systemd.resource-control(5). + +*--blockio-write-bandwith='DEVICE BYTES'*:: + Specify device specific blockio write bandwith, see systemd.resource-control(5). + +*-c, --cpu-quota='QUOTA'*:: + Specify CPU quota, see systemd.resource-control(5). + +*--cpu-shares='SHARES'*:: + Specify CPU shares, see systemd.resource-control(5). + +*-m, --memory-limit='BYTES'*:: + Specify memory limit, see systemd.resource-control(5). + +*-t, --tasks-max='NUMBER'*:: + Specify tasks max, see systemd.resource-control(5). + + +EXAMPLES +-------- +*Set blockio weight for the example.net container:*:: + sudo container limit -n example.net --blockio-weight 100 + +*Set CPU quota for the example.net container:*:: + sudo container limit -n example.net --cpu-quota 10% + +*Set memory limit for the example.net container to 1GB:*:: + sudo container limit -n example.net --memory-limit 1G + +*Set tasks max for the example.net container to 100:*:: + sudo container limit -n example.net --tasks-max 100 + + +SEE ALSO +-------- +container-tools(7), +container(1). + + +HOMEPAGE +-------- +More information about container-tools and the Open Infrastructure project can be found on the homepage at http://open-infrastructure.net. + + +BUGS +---- +Bugs can be reported by opening an issue in the GitHub repository at http://github.com/open-infrastructure/container-tools. + + +AUTHORS +------- +container-tools was written by Daniel Baumann . diff --git a/share/man/container-list.1.txt b/share/man/container-list.1.txt index 58493a2..4dcbd78 100644 --- a/share/man/container-list.1.txt +++ b/share/man/container-list.1.txt @@ -1,4 +1,4 @@ -// Open Infrastructure: container-tools +// container-tools - Manage systemd-nspawn containers // Copyright (C) 2014-2016 Daniel Baumann // // This program is free software: you can redistribute it and/or modify diff --git a/share/man/container-remove.1.txt b/share/man/container-remove.1.txt index b04560f..e5e38bd 100644 --- a/share/man/container-remove.1.txt +++ b/share/man/container-remove.1.txt @@ -1,4 +1,4 @@ -// Open Infrastructure: container-tools +// container-tools - Manage systemd-nspawn containers // Copyright (C) 2014-2016 Daniel Baumann // // This program is free software: you can redistribute it and/or modify diff --git a/share/man/container-restart.1.txt b/share/man/container-restart.1.txt index a388c81..992bc5b 100644 --- a/share/man/container-restart.1.txt +++ b/share/man/container-restart.1.txt @@ -1,4 +1,4 @@ -// Open Infrastructure: container-tools +// container-tools - Manage systemd-nspawn containers // Copyright (C) 2014-2016 Daniel Baumann // // This program is free software: you can redistribute it and/or modify diff --git a/share/man/container-shell.1.txt b/share/man/container-shell.1.txt new file mode 100644 index 0000000..946f77e --- /dev/null +++ b/share/man/container-shell.1.txt @@ -0,0 +1,63 @@ +// container-tools - Manage systemd-nspawn containers +// Copyright (C) 2014-2016 Daniel Baumann +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . + +CONTAINER(1) +============ +:doctype: manpage +:man manual: Open Infrastructure +:man source: container-tools +:man version: {revnumber} + + +NAME +---- +container-shell - Manage systemd-nspawn containers (shell) + + +SYNOPSIS +-------- +*container-shell* + + +DESCRIPTION +----------- +container-tools provides the system integration for managing containers using systemd-nspawn. + + +COMMANDS +-------- +All container commands are available, see container(1). + + +SEE ALSO +-------- +machinectl(1), +systemd-nspawn(1). + + +HOMEPAGE +-------- +More information about container-tools and the Open Infrastructure project can be found on the homepage at http://open-infrastructure.net. + + +BUGS +---- +Bugs can be reported by opening an issue in the GitHub repository at http://github.com/open-infrastructure/container-tools. + + +AUTHORS +------- +container-tools was written by Daniel Baumann . diff --git a/share/man/container-start.1.txt b/share/man/container-start.1.txt index 4bd9039..e74f780 100644 --- a/share/man/container-start.1.txt +++ b/share/man/container-start.1.txt @@ -1,4 +1,4 @@ -// Open Infrastructure: container-tools +// container-tools - Manage systemd-nspawn containers // Copyright (C) 2014-2016 Daniel Baumann // // This program is free software: you can redistribute it and/or modify diff --git a/share/man/container-stop.1.txt b/share/man/container-stop.1.txt index 517a1cf..8f368cf 100644 --- a/share/man/container-stop.1.txt +++ b/share/man/container-stop.1.txt @@ -1,4 +1,4 @@ -// Open Infrastructure: container-tools +// container-tools - Manage systemd-nspawn containers // Copyright (C) 2014-2016 Daniel Baumann // // This program is free software: you can redistribute it and/or modify diff --git a/share/man/container-tools.7.txt b/share/man/container-tools.7.txt index e94afcc..dc35030 100644 --- a/share/man/container-tools.7.txt +++ b/share/man/container-tools.7.txt @@ -1,4 +1,4 @@ -// Open Infrastructure: container-tools +// container-tools - Manage systemd-nspawn containers // Copyright (C) 2014-2016 Daniel Baumann // // This program is free software: you can redistribute it and/or modify @@ -24,15 +24,15 @@ CONTAINER-TOOLS(7) NAME ---- -container-tools - Manage systemd-nspawn Containers +container-tools - Manage systemd-nspawn containers DESCRIPTION ----------- -"[A Linux Container] is an operating-system-level virtualization environment for running multiple isolated Linux systems (containers) on a single Linux control host.":: +"[A Linux container] is an operating-system-level virtualization environment for running multiple isolated Linux systems (containers) on a single Linux control host.":: -- Wikipedia (https://en.wikipedia.org/wiki/LXC) -container-tools provides the integration for Debian based Containers using systemd-nspawn. +container-tools provides the system integration for managing containers using systemd-nspawn. DOWNLOAD @@ -41,6 +41,28 @@ DOWNLOAD * https://github.com/open-infrastructure/container-tools +INSTALLATION +------------ + +SOURCE +~~~~~~ + + 1. sudo apt instal asciidoc git docbook-xml docbook-xsl libxml2-utils make xsltproc + 2. git clone https://github.com/open-infrastructure/container-tools + 3. cd container-tools && sudo make install + +DEBIAN 8 (STRETCH) AND NEWER +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + * sudo apt install open-infrastructure-container-tools + + +DEVELOPMENT +----------- + +Bug reports, feature requests, and patches are welcome. Please base them against the 'next' Git branch. + + USAGE ----- @@ -62,6 +84,9 @@ USAGE *Attach console to a container:*:: sudo container console -n NAME +*limit*:: + sudo container limit -n NAME --cpu-quota 10% + *List container on the system:*:: sudo container list diff --git a/share/man/container-version.1.txt b/share/man/container-version.1.txt index 5fd4147..4fede67 100644 --- a/share/man/container-version.1.txt +++ b/share/man/container-version.1.txt @@ -1,4 +1,4 @@ -// Open Infrastructure: container-tools +// container-tools - Manage systemd-nspawn containers // Copyright (C) 2014-2016 Daniel Baumann // // This program is free software: you can redistribute it and/or modify diff --git a/share/man/container.1.txt b/share/man/container.1.txt index 54e3145..93cf309 100644 --- a/share/man/container.1.txt +++ b/share/man/container.1.txt @@ -1,4 +1,4 @@ -// Open Infrastructure: container-tools +// container-tools - Manage systemd-nspawn containers // Copyright (C) 2014-2016 Daniel Baumann // // This program is free software: you can redistribute it and/or modify @@ -24,7 +24,7 @@ CONTAINER(1) NAME ---- -container - Manage systemd-nspawn Containers +container - Manage systemd-nspawn containers SYNOPSIS @@ -34,7 +34,7 @@ SYNOPSIS DESCRIPTION ----------- -container-tools provides the integration for Debian based Containers using systemd-nspawn. +container-tools provides the system integration for managing containers using systemd-nspawn. OPTIONS @@ -67,6 +67,9 @@ The following container commands are available: *console*:: Attach console to a container, see container-console(1). +*limit*:: + Limit ressources of a container, see container-limit(1). + *list*:: List container on the system, see container-list(1). @@ -81,6 +84,9 @@ The following files are used: */usr/bin/container*, */usr/bin/cnt*:: Container program. +*/usr/bin/container-shell*, */usr/bin/cntsh*:: + Container shell program. + */usr/lib/container-tools*:: Container commands. diff --git a/share/scripts/debconf b/share/scripts/debconf new file mode 100755 index 0000000..cbde345 --- /dev/null +++ b/share/scripts/debconf @@ -0,0 +1,974 @@ +#!/bin/sh + +# container-tools - Manage systemd-nspawn containers +# Copyright (C) 2014-2016 Daniel Baumann +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +set -e + +SCRIPT="${0}" + +CONFIG="/etc/container-tools/config" +MACHINES="/var/lib/machines" + +Parameters () +{ + LONG_OPTIONS="bind:,script:,name:,preseed-file:" + OPTIONS="b:,s:,n:,p:" + + PARAMETERS="$(getopt --longoptions ${LONG_OPTIONS} --name=${SCRIPT} --options ${OPTIONS} --shell sh -- ${@})" + + if [ "${?}" != "0" ] + then + echo "'${SCRIPT}': getopt exit" >&2 + exit 1 + fi + + eval set -- "${PARAMETERS}" + + while true + do + case "${1}" in + -b|--bind) + # ignore + shift 2 + ;; + + --cnt.autostart) + # ignore + shift 2 + ;; + + -s|--script) + # ignore + shift 2 + ;; + + -n|--name) + NAME="${2}" + shift 2 + ;; + + --preseed-file) + PRESEED_FILE="${2}" + shift 2 + ;; + + --) + shift 1 + break + ;; + + *) + echo "'${SCRIPT}': getopt error" >&2 + exit 1 + ;; + esac + done +} + +Usage () +{ + echo "Usage: container create -n|--name NAME -s|--script ${SCRIPT} [-p|--preseed-file FILE]" >&2 + exit 1 +} + +Parameters "${@}" + +if [ -z "${NAME}" ] +then + Usage +fi + +if [ -e "${MACHINES}/${NAME}" ] +then + echo "'${NAME}': container already exists" >&2 + exit 1 +fi + +if [ ! -x /usr/sbin/debootstrap ] +then + echo "'${NAME}': /usr/sbin/debootstrap - no such file." >&2 + exit 1 +fi + +if [ "$(id -u)" -ne 0 ] +then + echo "'${NAME}': need root privileges" >&2 + exit 1 +fi + +Chroot () +{ + CHROOT="${1}" + shift + + chroot "${CHROOT}" /usr/bin/env -i \ + LC_ALL="C" PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games" TERM="${TERM}" \ + DEBIAN_FRONTEND="${DEBCONF_FRONTEND}" DEBIAN_PRIORITY="${DEBCONF_PRIORITY}" \ + DEBCONF_NONINTERACTIVE_SEEN="true" DEBCONF_NOWARNINGS="true" \ + ftp_proxy="${ftp_proxy}" http_proxy="${http_proxy}" \ + ${@} +} + +Upgrade_system () +{ + DIRECTORY="${1}" + + # Mount pseudo-filesystems + mount -o bind /dev/pts "${DIRECTORY}/dev/pts" + mount -o bind /proc "${DIRECTORY}/proc" + mount -o bind /sys "${DIRECTORY}/sys" + + # Bind mount systems apt cache + mount -o bind /var/cache/apt/archives "${DIRECTORY}/var/cache/apt/archives" + + # Disable dpkg syncing + +cat > "${DIRECTORY}/etc/dpkg/dpkg.cfg.d/container-tools" << EOF +force-unsafe-io +EOF + + # Create policy-rc.d file + +cat > "${DIRECTORY}/usr/sbin/policy-rc.d" << EOF +#!/bin/sh +echo "All runlevel operations denied by policy" >&2 +exit 101 +EOF + + chmod 0755 "${DIRECTORY}/usr/sbin/policy-rc.d" + + # Upgrade system + Chroot "${DIRECTORY}" "apt-get update" + Chroot "${DIRECTORY}" "apt-get --yes --option APT::Force-LoopBreak=true upgrade" + Chroot "${DIRECTORY}" "apt-get --yes --option APT::Force-LoopBreak=true dist-upgrade" + + # Unmount systems apt cache + umount "${DIRECTORY}/var/cache/apt/archives" + + Chroot "${DIRECTORY}" "apt-get clean" +} + +Cleanup_system () +{ + DIRECTORY="${1}" + + Chroot "${DIRECTORY}" "apt-get --yes autoremove" + Chroot "${DIRECTORY}" "apt-get clean" + + # Cleanup + rm -f "${DIRECTORY}/etc/dpkg/dpkg.cfg.d/container-tools" + rm -f "${DIRECTORY}/usr/sbin/policy-rc.d" + + # Unmount pseudo-filesystems + umount "${DIRECTORY}/dev/pts" + umount "${DIRECTORY}/proc" + umount "${DIRECTORY}/sys" +} + +Debconf () +{ + # Configure local debconf + mkdir -p /tmp/container-tools + DEBCONF_TMPDIR="$(mktemp -d -p /tmp/container-tools -t $(basename ${0}).XXXX)" + export DEBCONF_TMPDIR + + mkdir -p "${DEBCONF_TMPDIR}/debconf" + +cat > "${DEBCONF_TMPDIR}/debconf.systemrc" << EOF +Config: configdb +Templates: templatedb + +Name: config +Driver: File +Mode: 644 +Reject-Type: password +Filename: ${DEBCONF_TMPDIR}/debconf/config.dat + +Name: passwords +Driver: File +Mode: 600 +Backup: false +Required: false +Accept-Type: password +Filename: ${DEBCONF_TMPDIR}/debconf/passwords.dat + +Name: configdb +Driver: Stack +Stack: config, passwords + +Name: templatedb +Driver: File +Mode: 644 +Filename: ${DEBCONF_TMPDIR}/debconf/templates.dat +EOF + + DEBCONF_SYSTEMRC="${DEBCONF_TMPDIR}/debconf.systemrc" + export DEBCONF_SYSTEMRC +} + +Debootstrap () +{ + DIRECTORY="${1}" + + # FIXME: trim down, debootstrap variants? + case "${MODE}" in + debian) + INCLUDE="--include=ifupdown,locales,libui-dialog-perl,dialog,isc-dhcp-client,netbase,net-tools,iproute,wget,dbus" + ;; + + progress-linux) + INCLUDE="--include=apt-utils,ifupdown,locales-all,libui-dialog-perl,dialog,isc-dhcp-client,netbase,net-tools,iproute,openssh-server,wget,dbus,libpam-systemd" + ;; + esac + + mkdir -p "$(dirname ${DIRECTORY})" + debootstrap --verbose --arch=${ARCHITECTURE} --components=${PARENT_ARCHIVE_AREAS} ${INCLUDE} \ + ${PARENT_DISTRIBUTION} "${DIRECTORY}" ${PARENT_MIRROR} +} + +Configure_apt () +{ + DIRECTORY="${1}" + + # Configure apt + rm -f "${DIRECTORY}/etc/apt/sources.list" + + PARENT_AREA="$(echo ${PARENT_ARCHIVE_AREAS} | sed -e 's|,| |g')" + PARENT_DIST="$(echo ${PARENT_DISTRIBUTION} | sed -e 's|-backports||')" + + echo "deb ${PARENT_MIRROR} ${PARENT_DIST} ${PARENT_AREA}" > "${DIRECTORY}/etc/apt/sources.list.d/debian.list" + + case "${MODE}" in + progress-linux) + AREA="$(echo ${ARCHIVE_AREAS} | sed -e 's|,| |g')" + DIST="$(echo ${DISTRIBUTION} | sed -e 's|-backports||')" + + echo "deb ${MIRROR} ${DIST} ${AREA}" > "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + + case "${DISTRIBUTION}" in + *-backports) + echo "deb ${MIRROR} ${DIST}-backports ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + esac + +cat > "${DIRECTORY}/etc/apt/preferences.d/progress-linux.pref" << EOF +Package: * +Pin: release n=${DIST} +Pin-Priority: 999 + +Package: * +Pin: release n=${DIST}-security +Pin-Priority: 999 + +Package: * +Pin: release n=${DIST}-updates +Pin-Priority: 999 + +Package: * +Pin: release n=${DIST}-lts +Pin-Priority: 999 + +Package: * +Pin: release n=${DIST}-extras +Pin-Priority: 999 +EOF + case "${DISTRIBUTION}" in + *-backports) + +cat >> "${DIRECTORY}/etc/apt/preferences.d/progress-linux.pref" << EOF + +Package: * +Pin: release n=${DIST}-backports +Pin-Priority: 999 + +Package: * +Pin: release n=${DIST}-backports-extras +Pin-Priority: 999 +EOF + + ;; + + *) + +cat >> "${DIRECTORY}/etc/apt/preferences.d/progress-linux.pref" << EOF + +#Package: * +#Pin: release n=${DIST}-backports +#Pin-Priority: 999 + +#Package: * +#Pin: release n=${DIST}-backports-extras +#Pin-Priority: 999 +EOF + + ;; + esac + + # Import archive keys + case "${DISTRIBUTION}" in + *-backports) + KEYS="project/pgp/archive-key-${DIST}.asc project/pgp/archive-key-${DIST}-backports.asc" + ;; + + *) + KEYS="project/pgp/archive-key-${DIST}.asc" + ;; + esac + + for KEY in ${KEYS} + do + KEY_NAME="$(basename ${KEY})" + echo "P: Fetching archive-key ${KEY_NAME}..." + + wget -q "${MIRROR}/${KEY}" -O "${DIRECTORY}/key.asc" + wget -q "${MIRROR}/${KEY}.sig" -O "${DIRECTORY}/key.asc.sig" + + if [ -e /usr/bin/gpgv ] + then + if [ -e /usr/share/keyrings/debian-keyring.gpg ] || [ -e /usr/share/keyrings/debian-maintainers.gpg ] + then + KEY_VALID="" + + for KEYRING in /usr/share/keyrings/debian-keyring.gpg /usr/share/keyrings/debian-maintainers.gpg + do + if [ -e "${KEYRING}" ] + then + echo -n "I: Verifying archive-key ${KEY_NAME} against $(basename ${KEYRING} .gpg | sed -e 's|-keyring||') keyring..." + + # FIXME: doesn't work anymore when the template eventually be run with 'set -e' + /usr/bin/gpgv --quiet --keyring ${KEYRING} "${DIRECTORY}/key.asc.sig" "${DIRECTORY}/key.asc" > /dev/null 2>&1 && KEY_VALID="true" && break + fi + done + + case "${KEY_VALID}" in + true) + echo " successful." + ;; + + *) + echo " failed." + return 1 + ;; + esac + else + echo "W: Skipping archive-key ${KEY_NAME} verification, debian-keyring not available..." + fi + else + echo "W: Skipping archive-key ${KEY_NAME} verification, gpgv not available..." + fi + + echo "P: Importing archive-key ${KEY_NAME}..." + + Chroot "${DIRECTORY}" "apt-key add key.asc" + rm -f "${DIRECTORY}/key.asc" + rm -f "${DIRECTORY}/key.asc.sig" + done + + Chroot "${DIRECTORY}" "apt-get update" + ;; + esac +} + +Deconfigure_system () +{ + DIRECTORY="${1}" + + # Configure fstab + +cat > "${DIRECTORY}/etc/fstab" << EOF +# /etc/fstab: static file system information. +# +# Use 'blkid' to print the universally unique identifier for a +# device; this may be used with UUID= as a more robust way to name devices +# that works even if disks are added and removed. See fstab(5). +# +# + +EOF + + # Fix /etc/mtab + rm -f "${DIRECTORY}/etc/mtab" + ln -s /proc/self/mounts "${DIRECTORY}/etc/mtab" + + # Temporary hack for dpkg + if [ -e "${DIRECTORY}/etc/dpkg/origins/default" ] + then + rm -f "${DIRECTORY}/etc/dpkg/origins/default" + Chroot "${DIRECTORY}" "dpkg-reconfigure base-files" + fi + + # Temporary hack for base-files + for FILE in motd.tail motd profile + do + if [ -e "${DIRECTORY}/usr/share/base-files/${FILE}" ] + then + rm -f "${DIRECTORY}/etc/${FILE}" + cp "${DIRECTORY}/usr/share/base-files/${FILE}" "${DIRECTORY}/etc" + fi + done + + # Temporary hack for readline + if [ -e "${DIRECTORY}/etc/inputrc" ] + then + rm -f "${DIRECTORY}/etc/inputrc" + cp "${DIRECTORY}/usr/share/readline/inputrc" "${DIRECTORY}/etc" + fi + + # Temporary hack for sysvinit + if [ -e "${DIRECTORY}/etc/inittab" ] + then + rm -f "${DIRECTORY}/etc/inittab" + cp "${DIRECTORY}/usr/share/sysvinit/inittab" "${DIRECTORY}/etc/inittab" + fi + + # Removing resolv.conf + #rm -f "${DIRECTORY}/etc/resolv.conf" + # FIXME: needs to stay for the moment + rm -f "${DIRECTORY}/etc/resolv.conf" + cp /etc/resolv.conf "${DIRECTORY}/etc" + + # Removing hosts/hostname + rm -f "${DIRECTORY}"/etc/hosts + rm -f "${DIRECTORY}"/etc/hostname + + # Removing openssh-server host keys + rm -f "${DIRECTORY}"/etc/ssh/ssh_host_*_key + rm -f "${DIRECTORY}"/etc/ssh/ssh_host_*_key.pub +} + +Configure_system () +{ + DIRECTORY="${1}" + + # Overwrite resolv.conf from cache with hosts resolv.conf + rm -f "${DIRECTORY}/etc/resolv.conf" + cp /etc/resolv.conf "${DIRECTORY}/etc" + + echo "${NAME}" > "${DIRECTORY}/etc/hostname" + + # Configure apt + rm -f "${DIRECTORY}/etc/apt/sources.list" + + PARENT_AREA="$(echo ${PARENT_ARCHIVE_AREAS} | sed -e 's|,| |g')" + PARENT_DIST="$(echo ${PARENT_DISTRIBUTION} | sed -e 's|-backports||')" + + echo "deb ${PARENT_MIRROR} ${PARENT_DIST} ${PARENT_AREA}" > "${DIRECTORY}/etc/apt/sources.list.d/debian.list" + + for PARENT_REPO in ${PARENT_ARCHIVES} + do + case "${PARENT_REPO}" in + ${PARENT_DIST}-security) + echo "deb ${PARENT_MIRROR_SECURITY} ${PARENT_DIST}/updates ${PARENT_AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/debian.list" + ;; + + ${PARENT_DIST}-updates) + echo "deb ${PARENT_MIRROR} ${PARENT_DIST}-updates ${PARENT_AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/debian.list" + ;; + + ${PARENT_DIST}-lts) + echo "deb ${PARENT_MIRROR} ${PARENT_DIST}-lts ${PARENT_AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/debian.list" + ;; + + ${PARENT_DIST}-backports) + echo "deb ${PARENT_MIRROR} ${PARENT_DIST}-backports ${PARENT_AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/debian.list" + ;; + + ${PARENT_DIST}-proposed-updates) + echo "deb ${PARENT_MIRROR} ${PARENT_DIST}-proposed-updates ${PARENT_AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/debian.list" + ;; + + experimental) + echo "deb ${PARENT_MIRROR} experimental ${PARENT_AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/debian.list" + ;; + esac + done + + case "${MODE}" in + progress-linux) + AREA="$(echo ${ARCHIVE_AREAS} | sed -e 's|,| |g')" + DIST="$(echo ${DISTRIBUTION} | sed -e 's|-backports||')" + + echo "deb ${MIRROR} ${DIST} ${AREA}" > "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + + for REPO in ${ARCHIVES} + do + case "${REPO}" in + ${DIST}-staging) + echo "deb ${MIRROR} ${DIST}-staging ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-security) + echo "deb ${MIRROR_SECURITY} ${DIST}-security ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-security-staging) + echo "deb ${MIRROR_SECURITY} ${DIST}-security-staging ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-updates) + echo "deb ${MIRROR} ${DIST}-updates ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-updates-staging) + echo "deb ${MIRROR} ${DIST}-updates-staging ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-lts) + echo "deb ${MIRROR} ${DIST}-lts ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-lts-staging) + echo "deb ${MIRROR} ${DIST}-lts-staging ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-extras) + echo "deb ${MIRROR} ${DIST}-extras ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-extras-staging) + echo "deb ${MIRROR} ${DIST}-extras-staging ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-backports) + echo "deb ${MIRROR} ${DIST}-backports ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-backports-staging) + echo "deb ${MIRROR} ${DIST}-backports-staging ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-backports-extras) + echo "deb ${MIRROR} ${DIST}-backports-extras ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + + ${DIST}-backports-extras-staging) + echo "deb ${MIRROR} ${DIST}-backports-extras-staging ${AREA}" >> "${DIRECTORY}/etc/apt/sources.list.d/progress-linux.list" + ;; + esac + done + ;; + esac + + if [ "${APT_RECOMMENDS}" = "false" ] + then + +cat > "${DIRECTORY}/etc/apt/apt.conf.d/recommends.conf" << EOF +APT::Install-Recommends "false"; +EOF + + fi + + # Add local archives configured from preseed file + if ls "${DEBCONF_TMPDIR}/apt"/*.list > /dev/null 2>&1 + then + cp "${DEBCONF_TMPDIR}/apt"/*.list "${DIRECTORY}/etc/apt/sources.list.d" + + if ls "${DEBCONF_TMPDIR}/apt"/*.key > /dev/null 2>&1 + then + for KEY in "${DEBCONF_TMPDIR}/apt"/*.key + do + cp "${KEY}" "${DIRECTORY}" + Chroot "${DIRECTORY}" "apt-key add $(basename ${KEY})" + rm -f "${DIRECTORY}/$(basename ${KEY})" + done + fi + + if ls "${DEBCONF_TMPDIR}/apt"/*.pref > /dev/null 2>&1 + then + cp "${DEBCONF_TMPDIR}/apt"/*.pref "${DIRECTORY}/etc/apt/preferences.d" + fi + fi + + Upgrade_system "${DIRECTORY}" + + # Preseed system + if [ -n "${PRESEED_FILE}" ] + then + for FILE in ${PRESEED_FILE} + do + cat "${FILE}" >> "${DIRECTORY}/preseed.cfg" + done + + Chroot "${DIRECTORY}" "debconf-set-selections preseed.cfg" + + rm -f "${DIRECTORY}/preseed.cfg" + fi + + # FIXME: All packages of priority of essential need to be reconfigured to reflect choices from preseeding + # -> fix: use two-stage bootstrap (foreign) and inject preseeds in between + + # Manual hack to workaround broken preseeding in locales package + if [ -n "${PRESEED_FILE}" ] + then + for FILE in ${PRESEED_FILE} + do + if grep -qs locales "${FILE}" + then + if [ -e "${DIRECTORY}/var/lib/dpkg/info/locales.list" ] + then + rm -f "${DIRECTORY}/etc/default/locale" "${DIRECTORY}/etc/locale.gen" + Chroot "${DIRECTORY}" "DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=criticial dpkg-reconfigure locales" + + break + fi + fi + done + fi + + # Manual hack to create conffiles when using locales-all instead of locales + if [ ! -e "${DIRECTORY}/etc/environment" ] + then + echo "LANG=C.UTF-8" >> "${DIRECTORY}/etc/environment" + fi + + if [ ! -e "${DIRECTORY}/etc/default/locale" ] + then + echo "LANG=C.UTF-8" >> "${DIRECTORY}/etc/default/locale" + fi + + # Manual hack to workaround broken preseeding in tzdata package + if [ -n "${PRESEED_FILE}" ] + then + for FILE in ${PRESEED_FILE} + do + if grep -qs tzdata "${FILE}" + then + rm -f "${DIRECTORY}/etc/timezone" + Chroot "${DIRECTORY}" "DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=criticial dpkg-reconfigure tzdata" + + break + fi + done + fi + + # Temporary hack for base-files (base-files gets upgraded, so run it second time) + for FILE in motd.tail motd profile + do + if [ -e "${DIRECTORY}/usr/share/base-files/${FILE}" ] + then + rm -f "${DIRECTORY}/etc/${FILE}" + cp "${DIRECTORY}/usr/share/base-files/${FILE}" "${DIRECTORY}/etc" + fi + done + + rm -f "${DIRECTORY}/preseed.cfg" + + # FIXME: Install additional packages after lxc-support has been run. + # This is suboptimal, ideally we should install all packages but not run the maintainer scripts, + # then run lxc-support, and run the maintainer scripts. This way, lxc-support would see + # all the installed packages and could skip those scripts entirely when a certain package is not + # installed. Unfortunately, that is not possible in any reasonable way with apt-get. + # FTR: The only known workaround for now would be to first apt-get install --download-only all + # packages, then unpack them with dpkg, run lxc-support, and dpkg --configure them. + # For the time being, it's better to have lxc-support see no packages at all and be run before + # packages are installed, than the other way around. + # Workaround: We're running lxc-support at the end of the template again. + if [ -n "${PACKAGES}" ] + then + case "${DEBCONF_FRONTEND}" in + noninteractive) + Chroot "${DIRECTORY}" apt-get --option APT::Force-LoopBreak=true --option Dpkg::Options::="--force-overwrite" --option Dpkg::Options::="--force-confold" --yes install ${PACKAGES} + ;; + + *) + Chroot "${DIRECTORY}" "apt-get --option APT::Force-LoopBreak=true --yes install ${PACKAGES}" + ;; + esac + fi + + # Manual hack to regenerate ssh keys + if [ -e "${DIRECTORY}/var/lib/dpkg/info/openssh-server.postinst" ] && \ + ! ls "${DIRECTORY}"/etc/ssh/ssh_host_*_key > /dev/null 2>&1 + then + Chroot "${DIRECTORY}" "DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=criticial dpkg-reconfigure openssh-server" + fi + + # container command + if [ -n "${CONTAINER_COMMAND}" ] + then + echo "${CONTAINER_COMMAND}" > "${DIRECTORY}/.container-command" + + chmod 0755 "sh /.container-command" + Chroot "${DIRECTORY}" "sh /.container-command" + + rm -f "${DIRECTORY}/.container-command" + fi + +} + +Configure_network () +{ + # Create /etc/network/interfaces + + DIRECTORY="${1}" + +cat > "${DIRECTORY}/etc/network/interfaces.tmp" << EOF +# Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or +# /usr/share/doc/ifupdown/examples for more information. +EOF + + for NUMBER in $(seq 0 ${NETWORK_NUMBER}) + do + eval IPV4_COMMENT="$`echo NETWORK${NUMBER}_IPV4_COMMENT`" + eval IPV4_METHOD="$`echo NETWORK${NUMBER}_IPV4_METHOD`" + eval IPV4_ADDRESS="$`echo NETWORK${NUMBER}_IPV4_ADDRESS`" + eval IPV4_BROADCAST="$`echo NETWORK${NUMBER}_IPV4_BROADCAST`" + eval IPV4_GATEWAY="$`echo NETWORK${NUMBER}_IPV4_GATEWAY`" + eval IPV4_NETMASK="$`echo NETWORK${NUMBER}_IPV4_NETMASK`" + eval IPV4_NETWORK="$`echo NETWORK${NUMBER}_IPV4_NETWORK`" + eval IPV4_POST_UP="$`echo NETWORK${NUMBER}_IPV4_POST_UP`" + eval IPV4_POST_DOWN="$`echo NETWORK${NUMBER}_IPV4_POST_DOWN`" + + if [ -z "${IPV4_METHOD}" ] + then + continue + fi + + echo >> "${DIRECTORY}/etc/network/interfaces.tmp" + + if [ -n "${IPV4_COMMENT}" ] + then + echo "# ${IPV4_COMMENT}" >> "${DIRECTORY}/etc/network/interfaces.tmp" + fi + + case "${IPV4_METHOD}" in + none) + +cat >> "${DIRECTORY}/etc/network/interfaces.tmp" << EOF +iface host${NUMBER} inet manual +EOF + + ;; + + dhcp) + +cat >> "${DIRECTORY}/etc/network/interfaces.tmp" << EOF +auto host${NUMBER} +iface host${NUMBER} inet dhcp +EOF + + ;; + + static) + +cat >> "${DIRECTORY}/etc/network/interfaces.tmp" << EOF +auto host${NUMBER} +iface host${NUMBER} inet static + address ${IPV4_ADDRESS} +EOF + + if [ -n "${IPV4_BROADCAST}" ] + then + echo " broadcast ${IPV4_BROADCAST}" >> "${DIRECTORY}/etc/network/interfaces.tmp" + fi + + if [ -n "${IPV4_GATEWAY}" ] + then + echo " gateway ${IPV4_GATEWAY}" >> "${DIRECTORY}/etc/network/interfaces.tmp" + fi + + if [ -n "${IPV4_NETMASK}" ] + then + echo " netmask ${IPV4_NETMASK}" >> "${DIRECTORY}/etc/network/interfaces.tmp" + fi + + if [ -n "${IPV4_NETWORK}" ] + then + echo " network ${IPV4_NETWORK}" >> "${DIRECTORY}/etc/network/interfaces.tmp" + fi + + if [ -n "${IPV4_POST_UP}" ] + then + echo " post-up ${IPV4_POST_UP}" >> "${DIRECTORY}/etc/network/interfaces.tmp" + fi + + if [ -n "${IPV4_POST_DOWN}" ] + then + echo " post-down ${IPV4_POST_DOWN}" >> "${DIRECTORY}/etc/network/interfaces.tmp" + fi + ;; + esac + + NUMBER="$((${NUMBER} + 1))" + done + + mv "${DIRECTORY}/etc/network/interfaces.tmp" "${DIRECTORY}/etc/network/interfaces" + + # create /etc/resolv.conf + rm -f "${DIRECTORY}/etc/resolv.conf.tmp" + + if [ -n "${NAMESERVER_DOMAIN}" ] + then + echo "domain ${NAMESERVER_DOMAIN}" >> "${DIRECTORY}/etc/resolv.conf.tmp" + fi + + if [ -n "${NAMESERVER_SEARCH}" ] + then + echo "search ${NAMESERVER_SEARCH}" >> "${DIRECTORY}/etc/resolv.conf.tmp" + fi + + if [ -n "${NAMESERVER_SERVER}" ] + then + if [ -e "${DIRECTORY}/etc/resolv.conf.tmp" ] + then + echo "" >> "${DIRECTORY}/etc/resolv.conf.tmp" + fi + + for NAMESERVER in $(echo ${NAMESERVER_SERVER} | sed -e 's|,| |g') + do + echo "nameserver ${NAMESERVER}" >> "${DIRECTORY}/etc/resolv.conf.tmp" + done + fi + + if [ -n "${NAMESERVER_OPTIONS}" ] + then + if [ -e "${DIRECTORY}/etc/resolv.conf.tmp" ] + then + echo "" >> "${DIRECTORY}/etc/resolv.conf.tmp" + fi + + echo "options ${NAMESERVER_OPTIONS}" >> "${DIRECTORY}/etc/resolv.conf.tmp" + fi + + if [ -e "${DIRECTORY}/etc/resolv.conf.tmp" ] + then + mv "${DIRECTORY}/etc/resolv.conf.tmp" "${DIRECTORY}/etc/resolv.conf" + fi + + # Create /etc/hosts + case "${NETWORK0_IPV4_METHOD}" in + none|dhcp) + +cat > "${DIRECTORY}/etc/hosts.tmp" << EOF +127.0.0.1 localhost ${NAME} + +# The following lines are desirable for IPv6 capable hosts +::1 ip6-localhost ip6-loopback +fe00::0 ip6-localnet +ff00::0 ip6-mcastprefix +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters +EOF + + ;; + + static) + +cat > "${DIRECTORY}/etc/hosts.tmp" << EOF +127.0.0.1 localhost +${NETWORK0_IPV4_ADDRESS} ${NAME} + +# The following lines are desirable for IPv6 capable hosts +::1 ip6-localhost ip6-loopback +fe00::0 ip6-localnet +ff00::0 ip6-mcastprefix +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters +EOF + + ;; + esac + + mv "${DIRECTORY}/etc/hosts.tmp" "${DIRECTORY}/etc/hosts" +} + +Commands () +{ + DIRECTORY="${1}" + + if [ -n "${HOST_COMMAND}" ] + then + echo "${HOST_COMMAND}" > "${DIRECTORY}/.host-command" + + cd "${DIRECTORY}" + sh "${DIRECTORY}/.host-command" + cd "${OLDPWD}" + + rm -f "${DIRECTORY}/.host-command" + fi + + # config (FIXME) + sed -i -e "s|^network-bridge=.*|network-bridge=${NETWORK0_BRIDGE}|" "${CONFIG}/${NAME}.conf" + + # Setting root password + echo root:${ROOT_PASSWORD} | chroot "${DIRECTORY}" chpasswd + + case "${ROOT_RANDOM_PASSWORD}" in + true) + echo "${NAME}: root password set to '${ROOT_PASSWORD}'." + ;; + esac +} + +umask 0022 + +# Get distributor from template filename +MODE="$(basename ${SCRIPT})" + +case "${MODE}" in + debconf) + MODE="debian" + ;; +esac + +export MODE + +CACHE="/var/cache/container-tools/${MODE}" +SYSTEM="${MACHINES}/${NAME}" + +Debconf + +# Run debconf parts +for SCRIPT in /usr/share/container-tools/scripts/debconf.d/* +do + if [ -x "${SCRIPT}" ] + then + # FIXME + # debconf -ocontainer-tools "${SCRIPT}" + "${SCRIPT}" + fi +done + +# Read-in configuration from debconf +. "${DEBCONF_TMPDIR}/debconf.default" + +## Generic parts +if [ ! -e "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" ] +then + Debootstrap "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" + Configure_apt "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" + Deconfigure_system "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" + + mv "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}.tmp" "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" +fi + +Upgrade_system "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" || echo "W: If upgrading the system failed, try removing the cache for your distribution in /var/cache/container-tools" +Cleanup_system "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" + +## Specific parts +cp -a "${CACHE}/${DISTRIBUTION}_${ARCHITECTURE}" "${MACHINES}/${NAME}" + +Configure_system "${MACHINES}/${NAME}" +Configure_network "${MACHINES}/${NAME}" +Cleanup_system "${MACHINES}/${NAME}" + +Commands "${MACHINES}/${NAME}" + +# remove debconf temporary files +#FIXME +#echo rm --preserve-root --one-file-system -rf "${DEBCONF_TMPDIR}" +rmdir --ignore-fail-on-non-empty /tmp/container-tools || true diff --git a/share/scripts/debconf.d/0001-preseed-file b/share/scripts/debconf.d/0001-preseed-file new file mode 100755 index 0000000..82d2049 --- /dev/null +++ b/share/scripts/debconf.d/0001-preseed-file @@ -0,0 +1,83 @@ +#!/bin/sh + +# container-tools - Manage systemd-nspawn containers +# Copyright (C) 2014-2016 Daniel Baumann +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +set -e + +CONFIG="/etc/container-tools/debconf" + +DEBCONF_NOWARNINGS="true" +export DEBCONF_NOWARNINGS + +. /usr/share/debconf/confmodule + +if [ -n "${PRESEED_FILE}" ] +then + # user specified one or more preseed files through commandline option + db_set cnt-debconf/preseed-file "${PRESEED_FILE}" + db_fset cnt-debconf/preseed-file seen true +elif ls "${CONFIG}"/* > /dev/null 2>&1 +then + # user has not specified preseed files through commandline option, + # showing debconf selection dialog for global preseed file. + + FILES="$(cd ${CONFIG} && find * -not -type d -and -not -name '*.cfg' -and -not -name '*.in' -and -not -name '*.sh')" + PRESEED_FILES="$(for FILE in ${FILES}; do echo -n "${FILE}, "; done | sed -e 's|, $||')" + + if [ -n "${PRESEED_FILES}" ] + then + db_subst cnt-debconf/preseed-files CHOICES "none, custom, , ${PRESEED_FILES}" + + db_settitle cnt-debconf/title + db_input high cnt-debconf/preseed-files || true + db_go + + db_get cnt-debconf/preseed-files + PRESEED_FILE="${RET}" # select + + case "${PRESEED_FILE}" in + none|custom) + ;; + + *) + # user specified preseed file through debconf select + db_set cnt-debconf/preseed-file "${CONFIG}/${PRESEED_FILE}" + db_fset cnt-debconf/preseed-file seen true + ;; + esac + fi +fi + +case "${PRESEED_FILE}" in + none) + ;; + + *) + # ask user for a preseed file + db_settitle cnt-debconf/title + db_input high cnt-debconf/preseed-file || true + db_go + + db_get cnt-debconf/preseed-file + PRESEED_FILE="${RET}" # string (w/ empty) + + echo "PRESEED_FILE=\"${PRESEED_FILE}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export PRESEED_FILE + ;; +esac + +db_stop diff --git a/share/scripts/debconf.d/0001-preseed-file.templates b/share/scripts/debconf.d/0001-preseed-file.templates new file mode 100644 index 0000000..98b07e9 --- /dev/null +++ b/share/scripts/debconf.d/0001-preseed-file.templates @@ -0,0 +1,17 @@ +Template: cnt-debconf/title +Type: title +Description: container-tools + +Template: cnt-debconf/preseed-files +Type: select +Default: none +Choices: ${CHOICES} +Description: Choose a preseed config, enter a custom one, or use no preseed file at all. + +Template: cnt-debconf/preseed-file +Type: string +Default: +Description: Enter (optional) preseed file to use: + Preseed file anyone? + . + If you do not want to use a preseed file, leave this question empty. diff --git a/share/scripts/debconf.d/0002-preseed-debconf b/share/scripts/debconf.d/0002-preseed-debconf new file mode 100755 index 0000000..7020431 --- /dev/null +++ b/share/scripts/debconf.d/0002-preseed-debconf @@ -0,0 +1,80 @@ +#!/bin/sh + +# container-tools - Manage systemd-nspawn containers +# Copyright (C) 2014-2016 Daniel Baumann +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +set -e + +if [ -e "${DEBCONF_TMPDIR}/debconf.default" ] +then + . "${DEBCONF_TMPDIR}/debconf.default" +fi + +if [ -z "${PRESEED_FILE}" ] +then + # user has not specified or selected any preseed files + exit 0 +fi + +# user has one or more preseed file specified through commandline option +# or debconf selection dialog. +PRESEED_FILES="$(echo ${PRESEED_FILE} | sed -e 's|,| |g')" + +DEBCONF_PRESEED_FILES="" + +for PRESEED_FILE in ${PRESEED_FILES} +do + if [ ! -e "${PRESEED_FILE}" ] + then + # preseed file does not exist + echo "W: ${PRESEED_FILE}: No such file." + + continue + fi + + # add preseed file to debconf + DEBCONF_PRESEED_FILES="${DEBCONF_PRESEED_FILES} ${PRESEED_FILE}" + + if ! grep -qs '^ *container-tools *cnt-debconf/include-preseed-files' "${PRESEED_FILE}" + then + # preseed file has no includes + continue + fi + + # preseed file has includes + INCLUDE_PRESEED_FILES="$(grep '^ *container-tools *cnt-debconf/include-preseed-files' ${PRESEED_FILE} | awk '{ $1=$2=$3=""; print $0 }' | sed -e 's|,| |g')" + + # FIXME: we're supporting only *ONE* include layer for now, so no nested/recursive includes just yet + for FILE in ${INCLUDE_PRESEED_FILES} + do + if [ -e "${FILE}" ] + then + DEBCONF_PRESEED_FILES="${FILE} ${DEBCONF_PRESEED_FILES}" + else + # included preseed file does not exist + echo "W: ${INCLUDE_PRESEED_FILE}: No such file - included from ${PRESEED_FILE}" + fi + done +done + +for DEBCONF_PRESEED_FILE in ${DEBCONF_PRESEED_FILES} +do + # Apply user specified preseed files + debconf-set-selections "${DEBCONF_PRESEED_FILE}" +done + +# Write expanded list of debconf preseed files +echo "PRESEED_FILE=\"${DEBCONF_PRESEED_FILES}\"" >> "${DEBCONF_TMPDIR}/debconf.default" diff --git a/share/scripts/debconf.d/0003-debconf b/share/scripts/debconf.d/0003-debconf new file mode 100755 index 0000000..2d0e3a9 --- /dev/null +++ b/share/scripts/debconf.d/0003-debconf @@ -0,0 +1,1050 @@ +#!/bin/sh + +# container-tools - Manage systemd-nspawn containers +# Copyright (C) 2014-2016 Daniel Baumann +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +set -e + +DEBCONF_NOWARNINGS="true" +export DEBCONF_NOWARNINGS + +. /usr/share/debconf/confmodule + +Distribution () +{ + db_get cnt-debconf/distribution + DISTRIBUTION="${RET}" # select + + if [ -z "${DISTRIBUTION}" ] + then + case "${MODE}" in + debian) + db_subst cnt-debconf/distribution CHOICES "Debian GNU/Linux 8 \"jessie\", Debian GNU/Linux 9 \"stretch\", Debian GNU/Linux unstable/sid" + db_subst cnt-debconf/distribution CHOICES_C "jessie, stretch, sid" + + db_set cnt-debconf/distribution jessie + db_fset cnt-debconf/distribution seen false + ;; + + progress-linux) + db_subst cnt-debconf/distribution CHOICES "Progress Linux 3 (cairon), Progress Linux 3+ (cairon-backports)" + db_subst cnt-debconf/distribution CHOICES_C "cairon, cairon-backports" + + db_set cnt-debconf/distribution cairon-backports + db_fset cnt-debconf/distribution seen false + ;; + esac + + db_settitle cnt-debconf/title + db_input high cnt-debconf/distribution || true + db_go + + db_get cnt-debconf/distribution + DISTRIBUTION="${RET}" # select + fi + + echo "DISTRIBUTION=\"${DISTRIBUTION}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export DISTRIBUTION +} + +Parent_distribution () +{ + db_get cnt-debconf/parent-distribution + PARENT_DISTRIBUTION="${RET}" + + if [ -z "${PARENT_DISTRIBUTION}" ] + then + case "${MODE}" in + progress-linux) + case "${DISTRIBUTION}" in + cairon*) + PARENT_DISTRIBUTION="jessie" + ;; + esac + ;; + + *) + PARENT_DISTRIBUTION="${DISTRIBUTION}" + ;; + esac + fi + + echo "PARENT_DISTRIBUTION=\"${PARENT_DISTRIBUTION}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export PARENT_DISTRIBUTION +} + +Architecture () +{ + case "$(dpkg --print-architecture)" in + amd64) + DEFAULT="amd64" + CHOICES="Automatic, 32-bit PC (i386), 64-bit PC (amd64)" + CHOICES_C="auto, i386, amd64" + ;; + + arm64) + DEFAULT="arm64" + CHOICES="Automatic, Rpi1 (armel), Rpi2 (armhf), Rpi3 (arm64)" + CHOICES_C="auto, armel, armhf, arm64" + ;; + + armel) + DEFAULT="armel" + CHOICES="Automatic, Rpi1 (armel)" + CHOICES_C="auto, armel" + ;; + + armhf) + DEFAULT="armhf" + CHOICES="Automatic, Rpi1 (armel), Rpi2 (armhf)" + CHOICES_C="auto, armel, armhf" + ;; + + i386) + case "$(uname -m)" in + x86_64) + DEFAULT="amd64" + CHOICES="Automatic, 32-bit PC (i386), 64-bit PC (amd64)" + CHOICES_C="auto, i386, amd64" + ;; + + *) + DEFAULT="i386" + CHOICES="" + CHOICES_C="" + ;; + esac + ;; + + *) + echo "E: Architecture current not yet supported." + exit 1 + esac + + db_get cnt-debconf/architecture + ARCHITECTURE="${RET}" # select + + if [ -z "${ARCHITECTURE}" ] && [ -n "${CHOICES}" ] + then + db_subst cnt-debconf/architecture CHOICES ${CHOICES} + db_subst cnt-debconf/architecture CHOICES_C ${CHOICES_C} + + db_set cnt-debconf/architecture ${DEFAULT} + db_fset cnt-debconf/distribution seen false + + db_settitle cnt-debconf/title + db_input high cnt-debconf/architecture || true + db_go + + db_get cnt-debconf/architecture + ARCHITECTURE="${RET}" # select + fi + + case "${ARCHITECTURE}" in + auto) + ARCHITECTURE="${DEFAULT}" + ;; + esac + + echo "ARCHITECTURE=\"${ARCHITECTURE}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export ARCHITECTURE +} + +Archives () +{ + db_get cnt-debconf/archives + ARCHIVES="${RET}" # multiselect + + if [ -z "${ARCHIVES}" ] + then + case "${MODE}" in + debian) + case "${PARENT_DISTRIBUTION}" in + sid) + db_subst cnt-debconf/archives CHOICES "Experimental" + db_subst cnt-debconf/archives CHOICES_C "experimental" + + db_set cnt-debconf/archives "" + db_fset cnt-debconf/archives seen false + ;; + + *) + db_subst cnt-debconf/archives CHOICES "Security, Updates, LTS, Backports, Proposed Updates" + db_subst cnt-debconf/archives CHOICES_C "${DISTRIBUTION}-security, ${DISTRIBUTION}-updates, ${DISTRIBUTION}-lts, ${DISTRIBUTION}-backports, ${DISTRIBUTION}-proposed-updates" + + case "${PARENT_DISTRIBUTION}" in + sid) + db_set cnt-debconf/archives "" + ;; + + *) + #db_set cnt-debconf/archives "${DISTRIBUTION}-security, ${DISTRIBUTION}-updates, ${DISTRIBUTION}-lts, ${DISTRIBUTION}-backports" + db_set cnt-debconf/archives "${DISTRIBUTION}-security, ${DISTRIBUTION}-updates" + ;; + esac + + db_fset cnt-debconf/archives seen false + ;; + esac + ;; + + progress-linux) + DIST="$(echo ${DISTRIBUTION} | sed -e 's|-backports||')" + + db_subst cnt-debconf/archives CHOICES "staging, Security, Security (staging), Updates, Updates (staging), LTS, LTS (staging), Extras, Extras (staging), Backports, Backports (staging), Backports Extras, Backports Extras (staging)" + db_subst cnt-debconf/archives CHOICES_C "${DIST}-staging, ${DIST}-security, ${DIST}-security-staging, ${DIST}-updates, ${DIST}-updates-staging, ${DIST}-lts, ${DIST}-lts-staging, ${DIST}-extras, ${DIST}-extras-staging, ${DIST}-backports, ${DIST}-backports-staging, ${DIST}-backports-extras, ${DIST}-backports-extras-staging" + + db_set cnt-debconf/archives "${DIST}-security, ${DIST}-updates, ${DIST}-lts, ${DIST}-extras, ${DIST}-backports, ${DIST}-backports-extras" + db_fset cnt-debconf/archives seen false + ;; + esac + + db_settitle cnt-debconf/title + db_input high cnt-debconf/archives || true + db_go + + db_get cnt-debconf/archives + ARCHIVES="${RET}" # multiselect + fi + + ARCHIVES="$(echo ${ARCHIVES} | sed -e 's|, | |g')" + + echo "ARCHIVES=\"${ARCHIVES}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export ARCHIVES +} + +Parent_archives () +{ + db_get cnt-debconf/parent-archives + PARENT_ARCHIVES="${RET}" # multiselect (w/o empty) + + if [ -z "${PARENT_ARCHIVES}" ] + then + case "${MODE}" in + progress-linux) + db_subst cnt-debconf/parent-archives CHOICES "Security, Updates, LTS, Backports, Proposed Updates" + db_subst cnt-debconf/parent-archives CHOICES_C "${PARENT_DISTRIBUTION}-security, ${PARENT_DISTRIBUTION}-updates, ${PARENT_DISTRIBUTION}-lts, ${PARENT_DISTRIBUTION}-backports, ${PARENT_DISTRIBUTION}-proposed-updates" + + case "${PARENT_DISTRIBUTION}" in + *) + #db_set cnt-debconf/parent-archives "${PARENT_DISTRIBUTION}-security, ${PARENT_DISTRIBUTION}-lts, ${PARENT_DISTRIBUTION}-updates, ${PARENT_DISTRIBUTION}-backports" + db_set cnt-debconf/parent-archives "${PARENT_DISTRIBUTION}-security, ${PARENT_DISTRIBUTION}-updates" + ;; + esac + + db_fset cnt-debconf/parent-archives seen false + + db_settitle cnt-debconf/title + db_input high cnt-debconf/parent-archives || true + db_go + ;; + + *) + db_subst cnt-debconf/parent-archives CHOICES "Security, Updates, LTS, Backports, Proposed Updates" + db_subst cnt-debconf/parent-archives CHOICES_C "${ARCHIVES}" + + db_set cnt-debconf/parent-archives "${ARCHIVES}" + db_fset cnt-debconf/parent-archives seen true + ;; + esac + + db_get cnt-debconf/parent-archives + PARENT_ARCHIVES="${RET}" # multiselect (w/o empty) + + if [ -z "${PARENT_ARCHIVES}" ] + then + case "${MODE}" in + progress-linux) + case "${PARENT_DISTRIBUTION}" in + *) + #PARENT_ARCHIVES="${PARENT_DISTRIBUTION}-security, ${PARENT_DISTRIBUTION}-updates, ${PARENT_DISTRIBUTION}-lts, ${PARENT_DISTRIBUTION}-backports" + PARENT_ARCHIVES="${PARENT_DISTRIBUTION}-security, ${PARENT_DISTRIBUTION}-updates" + ;; + esac + ;; + + *) + PARENT_ARCHIVES="${ARCHIVES}" + ;; + esac + fi + fi + + PARENT_ARCHIVES="$(echo ${PARENT_ARCHIVES} | sed -e 's|, | |g')" + + echo "PARENT_ARCHIVES=\"${PARENT_ARCHIVES}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export PARENT_ARCHIVES +} + +Mirror () +{ + db_get cnt-debconf/mirror + MIRROR="${RET}" + + if [ -z "${MIRROR}" ] + then + case "${MODE}" in + debian) + db_set cnt-debconf/mirror http://httpredir.debian.org/debian + db_fset cnt-debconf/mirror seen false + ;; + + progress-linux) + db_set cnt-debconf/mirror http://cdn.archive.progress-linux.org/packages + db_fset cnt-debconf/mirror seen false + ;; + esac + + db_settitle cnt-debconf/title + db_input high cnt-debconf/mirror || true + db_go + + db_get cnt-debconf/mirror + MIRROR="${RET}" # string (w/o empty) + + if [ -z "${MIRROR}" ] + then + case "${MODE}" in + debian) + MIRROR="http://httpredir.debian.org/debian" + ;; + + progress-linux) + MIRROR="http://cdn.archive.progress-linux.org/packages" + ;; + esac + fi + fi + + echo "MIRROR=\"${MIRROR}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export MIRROR +} + +Mirror_security () +{ + if ! echo "${ARCHIVES}" | grep -qs "-security" + then + return 0 + fi + + db_get cnt-debconf/mirror-security + MIRROR_SECURITY="${RET}" # string (w/o empty) + + if [ -z "${MIRROR_SECURITY}" ] + then + case "${MODE}" in + debian) + db_set cnt-debconf/mirror-security http://security.debian.org + db_fset cnt-debconf/mirror-security seen false + ;; + + *) + db_set cnt-debconf/mirror-security ${MIRROR} + db_fset cnt-debconf/mirror-security seen true + ;; + esac + + db_settitle cnt-debconf/title + db_input high cnt-debconf/mirror-security || true + db_go + + db_get cnt-debconf/mirror-security + MIRROR_SECURITY="${RET}" # string (w/o empty) + + if [ -z "${MIRROR_SECURITY}" ] + then + case "${MODE}" in + debian) + MIRROR_SECURITY="http://security.debian.org" + ;; + + *) + MIRROR_SECURITY="${MIRROR}" + ;; + esac + fi + fi + + echo "MIRROR_SECURITY=\"${MIRROR_SECURITY}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export MIRROR_SECURITY +} + +Parent_mirror () +{ + db_get cnt-debconf/parent-mirror + PARENT_MIRROR="${RET}" # string (w/o empty) + + if [ -z "${PARENT_MIRROR}" ] + then + case "${MODE}" in + progress-linux) + db_set cnt-debconf/parent-mirror http://httpredir.debian.org/debian + db_fset cnt-debconf/parent-mirror seen false + + db_settitle cnt-debconf/title + db_input high cnt-debconf/parent-mirror || true + db_go + ;; + + *) + db_set cnt-debconf/parent-mirror ${MIRROR} + db_fset cnt-debconf/parent-mirror seen true + ;; + esac + + db_get cnt-debconf/parent-mirror + PARENT_MIRROR="${RET}" # string (w/o empty) + + if [ -z "${PARENT_MIRROR}" ] + then + case "${MODE}" in + progress-linux) + PARENT_MIRROR="http://httpredir.debian.org/debian" + ;; + + *) + PARENT_MIRROR="${MIRROR}" + ;; + esac + fi + fi + + echo "PARENT_MIRROR=\"${PARENT_MIRROR}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export PARENT_MIRROR +} + +Parent_mirror_security () +{ + if ! echo "${PARENT_ARCHIVES}" | grep -qs "-security" + then + return 0 + fi + + db_get cnt-debconf/parent-mirror-security + PARENT_MIRROR_SECURITY="${RET}" # string (w/o empty) + + if [ -z "${PARENT_MIRROR_SECURITY}" ] + then + case "${MODE}" in + progress-linux) + db_set cnt-debconf/parent-mirror-security http://security.debian.org + db_fset cnt-debconf/parent-mirror-security seen false + + db_settitle cnt-debconf/title + db_input high cnt-debconf/parent-mirror-security || true + db_go + ;; + + *) + db_set cnt-debconf/parent-mirror-security ${MIRROR_SECURITY} + db_fset cnt-debconf/parent-mirror-security seen true + ;; + esac + + db_get cnt-debconf/parent-mirror-security + PARENT_MIRROR_SECURITY="${RET}" # string (w/o empty) + + if [ -z "${PARENT_MIRROR_SECURITY}" ] + then + case "${MODE}" in + progress-linux) + PARENT_MIRROR_SECURITY="http://security.debian.org" + ;; + + *) + PARENT_MIRROR_SECURITY="${MIRROR_SECURITY}" + ;; + esac + fi + fi + + echo "PARENT_MIRROR_SECURITY=\"${PARENT_MIRROR_SECURITY}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export PARENT_MIRROR_SECURITY +} + +Archive_areas () +{ + db_get cnt-debconf/archive-areas + ARCHIVE_AREAS="${RET}" + + if [ -z "${ARCHIVE_AREAS}" ] + then + case "${MODE}" in + progress-linux) + db_subst cnt-debconf/archive-areas CHOICES "main, contrib, non-free" + + db_set cnt-debconf/archive-areas "main, contrib, non-free" + db_fset cnt-debconf/archive-areas seen false + ;; + + *) + db_subst cnt-debconf/archive-areas CHOICES "main, contrib, non-free" + + db_set cnt-debconf/archive-areas "main" + db_fset cnt-debconf/archive-areas seen false + ;; + esac + + db_settitle cnt-debconf/title + db_input high cnt-debconf/archive-areas || true + db_go + + db_get cnt-debconf/archive-areas + ARCHIVE_AREAS="${RET}" # multiselect (w/o empty) + + if [ -z "${ARCHIVE_AREAS}" ] + then + case "${MODE}" in + debian) + ARCHIVE_AREAS="main" + ;; + + progress-linux) + ARCHIVE_AREAS="main, contrib, non-free" + ;; + esac + fi + fi + + ARCHIVE_AREAS="$(echo ${ARCHIVE_AREAS} | sed -e 's| ||g')" + + echo "ARCHIVE_AREAS=\"${ARCHIVE_AREAS}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export ARCHIVE_AREAS +} + +Parent_archive_areas () +{ + db_get cnt-debconf/parent-archive-areas + PARENT_ARCHIVE_AREAS="${RET}" # multiselect (w/o empty) + + if [ -z "${PARENT_ARCHIVE_AREAS}" ] + then + case "${MODE}" in + progress-linux) + db_subst cnt-debconf/parent-archive-areas CHOICES "main, contrib, non-free" + + db_set cnt-debconf/parent-archive-areas "main, contrib, non-free" + db_fset cnt-debconf/parent-archive-areas seen false + + db_settitle cnt-debconf/title + db_input high cnt-debconf/parent-archive-areas || true + db_go + ;; + + *) + db_subst cnt-debconf/parent-archive-areas CHOICES "${ARCHIVE_AREAS}" + + db_set cnt-debconf/parent-archive-areas "${ARCHIVE_AREAS}" + db_fset cnt-debconf/parent-archive-areas seen true + ;; + esac + + db_get cnt-debconf/parent-archive-areas + PARENT_ARCHIVE_AREAS="${RET}" # multiselect (w/o empty) + + if [ -z "${PARENT_ARCHIVE_AREAS}" ] + then + case "${MODE}" in + progress-linux) + PARENT_ARCHIVE_AREAS="main, contrib, non-free" + ;; + + *) + PARENT_ARCHIVE_AREAS="${ARCHIVE_AREAS}" + ;; + esac + fi + fi + + PARENT_ARCHIVE_AREAS="$(echo ${PARENT_ARCHIVE_AREAS} | sed -e 's| ||g')" + + echo "PARENT_ARCHIVE_AREAS=\"${PARENT_ARCHIVE_AREAS}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export PARENT_ARCHIVE_AREAS +} + +Packages () +{ + db_get cnt-debconf/packages + PACKAGES="${RET}" # string (w/ empty) + + if [ -z "${PACKAGES}" ] + then + db_settitle cnt-debconf/title + db_input high cnt-debconf/packages || true + db_go + + db_get cnt-debconf/packages + PACKAGES="${RET}" # string (w/ empty) + fi + + echo "PACKAGES=\"${PACKAGES}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + export PACKAGES +} + +Local_archives () +{ + NUMBER="0" + + while db_get cnt-debconf/archive${NUMBER}/repository && [ "${RET}" ] + do + mkdir -p "${DEBCONF_TMPDIR}/apt" + + REPOSITORY="${RET#deb }" + + LIST="archive${NUMBER}.list" + if db_get cnt-debconf/archive${NUMBER}/list + then + LIST="$(basename ${RET} .list).list" + fi + + COMMENT="" + if db_get cnt-debconf/archive${NUMBER}/comment + then + COMMENT="${RET}" + + echo "# ${COMMENT}" > "${DEBCONF_TMPDIR}/apt/${LIST}" + fi + + echo "deb ${REPOSITORY}" >> "${DEBCONF_TMPDIR}/apt/${LIST}" + + if db_get cnt-debconf/archive${NUMBER}/source && [ "$RET" = true ] + then + echo "deb-src ${REPOSITORY}" >> "${DEBCONF_TMPDIR}/apt/${LIST}" + fi + + KEY="" + if db_get cnt-debconf/archive${NUMBER}/key + then + KEY="${RET}" + + wget -q "${KEY}" -O "${DEBCONF_TMPDIR}/apt/$(basename ${LIST} .list).key" + fi + + PREFERENCES_PACKAGE="" + PREFERENCES_PIN="" + PREFERENCES_PIN_PRIORITY="" + if db_get cnt-debconf/archive${NUMBER}/preferences-package + then + PREFERENCES_PACKAGE="${RET}" + + if db_get cnt-debconf/archive${NUMBER}/preferences-pin + then + PREFERENCES_PIN="${RET}" + fi + + if db_get cnt-debconf/archive${NUMBER}/preferences-pin-priority + then + PREFERENCES_PIN_PRIORITY="${RET}" + fi + + if [ -n "${PREFERENCES_PACKAGE}" ] || [ -n "${PREFERENCES_PIN}" ] || [ -n "${PREFERENCES_PIN_PRIORITY}" ] + then + +cat > "${DEBCONF_TMPDIR}/apt/$(basename ${LIST} .list).pref" << EOF +Package: ${PREFERENCES_PACKAGE} +Pin: ${PREFERENCES_PIN} +Pin-Priority: ${PREFERENCES_PIN_PRIORITY} +EOF + + fi + fi + + NUMBER="$((${NUMBER} + 1))" + done +} + +Network_defaults () +{ + # FIXME: + # * use interfaces.d where possible + # * respect pre-existing interfaces (or interfaces.d) + # * add support for bridges (make interface configuration more generic?) + + NETWORK0_BRIDGE="${NETWORK0_BRIDGE:-br0}" + NETWORK0_IPV4_METHOD="${NETWORK0_IPV4_METHOD:-dhcp}" + NETWORK0_IPV4_ADDRESS="${NETWORK0_IPV4_ADDRESS:-192.168.1.2}" + NETWORK0_IPV4_NETMASK="${NETWORK0_IPV4_NETMASK:-255.255.255.0}" + + if [ "${NETWORK0_IPV4_METHOD}" = "static" ] && [ -e /etc/resolv.conf ] + then + NAMESERVER_SERVER="${NAMESERVER_SERVER:-$(if [ -e /etc/resolv.conf ]; then awk '/^nameserver / {$1=""; print $0}' /etc/resolv.conf; fi)}" + # Workaround to get rid of newlines since debconf can not handle multiline return value in assignments + NAMESERVER_SERVER="$(echo ${NAMESERVER_SERVER})" + + NAMESERVER_DOMAIN="${NAMESERVER_DOMAIN:-$(if [ -e /etc/resolv.conf ]; then awk '/^domain / {$1=""; print $0}' /etc/resolv.conf; fi)}" + NAMESERVER_SEARCH="${NAMESERVER_SEARCH:-$(if [ -e /etc/resolv.conf ]; then awk '/^search / {$1=""; print $0}' /etc/resolv.conf; fi)}" + NAMESERVER_OPTIONS="${NAMESERVER_OPTIONS:-$(if [ -e /etc/resolv.conf ]; then awk '/^options / {$1=""; print $0}' /etc/resolv.conf; fi)}" + fi +} + +Network () +{ + db_get cnt-debconf/network0/bridge + NETWORK0_BRIDGE="${RET}" # string (w/o empty) + + db_get cnt-debconf/network0/ipv4-method + NETWORK0_IPV4_METHOD="${RET}" # select + + db_get cnt-debconf/network0/ipv4-comment + NETWORK0_IPV4_COMMENT="${RET}" # string (w/ empty) + + db_get cnt-debconf/network0/ipv4-address + NETWORK0_IPV4_ADDRESS="${RET}" # string (w/o empty) + + db_get cnt-debconf/network0/ipv4-broadcast + NETWORK0_IPV4_BROADCAST="${RET}" # string (w/ empty) + + db_get cnt-debconf/network0/ipv4-gateway + NETWORK0_IPV4_GATEWAY="${RET}" # string (w/ empty) + + db_get cnt-debconf/network0/ipv4-netmask + NETWORK0_IPV4_NETMASK="${RET}" # string (w/o empty) + + db_get cnt-debconf/network0/ipv4-network + NETWORK0_IPV4_NETWORK="${RET}" # string (w/ empty) + + db_get cnt-debconf/network0/ipv4-post-up + NETWORK0_IPV4_POST_UP="${RET}" # string (w/ empty) + + db_get cnt-debconf/network0/ipv4-post-down + NETWORK0_IPV4_POST_DOWN="${RET}" # string (w/ empty) + + db_get cnt-debconf/nameserver/server + NAMESERVER_SERVER="${RET}" # string (w/ empty) + + db_get cnt-debconf/nameserver/domain + NAMESERVER_DOMAIN="${RET}" # string (w/ empty) + + db_get cnt-debconf/nameserver/search + NAMESERVER_SEARCH="${RET}" # string (w/ empty) + + db_get cnt-debconf/nameserver/options + NAMESERVER_OPTIONS="${RET}" # string (w/ empty) + + Network_defaults + + db_set cnt-debconf/network0/bridge "${NETWORK0_BRIDGE}" + db_fset cnt-debconf/network0/bridge seen false + + db_set cnt-debconf/network0/ipv4-method "${NETWORK0_IPV4_METHOD}" + db_fset cnt-debconf/network0/ipv4-method seen false + + db_set cnt-debconf/network0/ipv4-comment "${NETWORK0_IPV4_COMMENT}" + db_fset cnt-debconf/network0/ipv4-comment seen false + + db_set cnt-debconf/network0/ipv4-address "${NETWORK0_IPV4_ADDRESS}" + db_fset cnt-debconf/network0/ipv4-address seen false + + db_set cnt-debconf/network0/ipv4-broadcast "${NETWORK0_IPV4_BROADCAST}" + db_fset cnt-debconf/network0/ipv4-broadcast seen false + + db_set cnt-debconf/network0/ipv4-gateway "${NETWORK0_IPV4_GATEWAY}" + db_fset cnt-debconf/network0/ipv4-gateway seen false + + db_set cnt-debconf/network0/ipv4-netmask "${NETWORK0_IPV4_NETMASK}" + db_fset cnt-debconf/network0/ipv4-netmask seen false + + db_set cnt-debconf/network0/ipv4-network "${NETWORK0_IPV4_NETWORK}" + db_fset cnt-debconf/network0/ipv4-network seen false + + db_set cnt-debconf/network0/ipv4-post-up "${NETWORK0_IPV4_POST_UP}" + db_fset cnt-debconf/network0/ipv4-post-up seen false + + db_set cnt-debconf/network0/ipv4-post-down "${NETWORK0_IPV4_POST_DOWN}" + db_fset cnt-debconf/network0/ipv4-post-down seen false + + db_set cnt-debconf/nameserver/server "${NAMESERVER_SERVER}" + db_fset cnt-debconf/nameserver/server seen false + + db_set cnt-debconf/nameserver/domain "${NAMESERVER_DOMAIN}" + db_fset cnt-debconf/nameserver/domain seen false + + db_set cnt-debconf/nameserver/search "${NAMESERVER_SEARCH}" + db_fset cnt-debconf/nameserver/search seen false + + db_set cnt-debconf/nameserver/options "${NAMESERVER_OPTIONS}" + db_fset cnt-debconf/nameserver/options seen false + + db_settitle cnt-debconf/title + db_input high cnt-debconf/network0/ipv4-method || true + db_go + + db_get cnt-debconf/network0/bridge + NETWORK0_BRIDGE="${RET}" # select + + db_get cnt-debconf/network0/ipv4-method + NETWORK0_IPV4_METHOD="${RET}" # select + + case "${NETWORK0_IPV4_METHOD}" in + none|dhcp) + ;; + + static) + db_settitle cnt-debconf/title + db_input high cnt-debconf/network0/ipv4-comment || true + db_go + + db_settitle cnt-debconf/title + db_input high cnt-debconf/network0/ipv4-address || true + db_go + + db_settitle cnt-debconf/title + db_input high cnt-debconf/network0/ipv4-broadcast || true + db_go + + db_settitle cnt-debconf/title + db_input high cnt-debconf/network0/ipv4-gateway || true + db_go + + db_settitle cnt-debconf/title + db_input high cnt-debconf/network0/ipv4-netmask || true + db_go + + db_settitle cnt-debconf/title + db_input high cnt-debconf/network0/ipv4-network || true + db_go + + db_settitle cnt-debconf/title + db_input high cnt-debconf/network0/ipv4-post-up || true + db_go + + db_settitle cnt-debconf/title + db_input high cnt-debconf/network0/ipv4-post-down || true + db_go + + db_settitle cnt-debconf/title + db_input high cnt-debconf/nameserver/server || true + db_go + ;; + esac + + NUMBER="0" + + while db_get cnt-debconf/network${NUMBER}/ipv4-method && [ "${RET}" ] + do + if db_get cnt-debconf/network${NUMBER}/bridge + then + eval NETWORK${NUMBER}_BRIDGE="\"${RET}\"" # string (w/o empty) + fi + + if db_get cnt-debconf/network${NUMBER}/ipv4-comment + then + eval NETWORK${NUMBER}_IPV4_COMMENT="\"${RET}\"" # string (w/ empty) + fi + + if db_get cnt-debconf/network${NUMBER}/ipv4-method + then + eval NETWORK${NUMBER}_IPV4_METHOD="\"${RET}\"" # select + fi + + if db_get cnt-debconf/network${NUMBER}/ipv4-address + then + eval NETWORK${NUMBER}_IPV4_ADDRESS="\"${RET}\"" # string (w/o empty) + fi + + if db_get cnt-debconf/network${NUMBER}/ipv4-broadcast + then + eval NETWORK${NUMBER}_IPV4_BROADCAST="\"${RET}\"" # string (w/ empty) + fi + + if db_get cnt-debconf/network${NUMBER}/ipv4-gateway + then + eval NETWORK${NUMBER}_IPV4_GATEWAY="\"${RET}\"" # string (w/ empty) + fi + + if db_get cnt-debconf/network${NUMBER}/ipv4-netmask + then + eval NETWORK${NUMBER}_IPV4_NETMASK="\"${RET}\"" # string (w/o empty) + fi + + if db_get cnt-debconf/network${NUMBER}/ipv4-network + then + eval NETWORK${NUMBER}_IPV4_NETWORK="\"${RET}\"" # string (w/ empty) + fi + + if db_get cnt-debconf/network${NUMBER}/ipv4-post-up + then + eval NETWORK${NUMBER}_IPV4_POST_UP="\"${RET}\"" # string (w/ empty) + fi + + if db_get cnt-debconf/network${NUMBER}/ipv4-post-down + then + eval NETWORK${NUMBER}_IPV4_POST_DOWN="\"${RET}\"" # string (w/ empty) + fi + + NUMBER="$((${NUMBER} + 1))" + done + + NETWORK_NUMBER="${NUMBER}" + + db_get cnt-debconf/nameserver/server + NAMESERVER_SERVER="${RET}" # string (w/ empty) + + db_get cnt-debconf/nameserver/domain + NAMESERVER_DOMAIN="${RET}" # string (w/ empty) + + db_get cnt-debconf/nameserver/search + NAMESERVER_SEARCH="${RET}" # string (w/ empty) + + db_get cnt-debconf/nameserver/options + NAMESERVER_OPTIONS="${RET}" # string (w/ empty) + + Network_defaults + + echo "NETWORK_NUMBER=\"${NETWORK_NUMBER}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + for NUMBER in $(seq 0 ${NETWORK_NUMBER}) + do + eval BRIDGE="$`echo NETWORK${NUMBER}_BRIDGE`" + echo "NETWORK${NUMBER}_BRIDGE=\"${BRIDGE}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + eval COMMENT="$`echo NETWORK${NUMBER}_IPV4_COMMENT`" + echo "NETWORK${NUMBER}_IPV4_COMMENT=\"${COMMENT}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + eval METHOD="$`echo NETWORK${NUMBER}_IPV4_METHOD`" + echo "NETWORK${NUMBER}_IPV4_METHOD=\"${METHOD}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + eval ADDRESS="$`echo NETWORK${NUMBER}_IPV4_ADDRESS`" + echo "NETWORK${NUMBER}_IPV4_ADDRESS=\"${ADDRESS}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + eval BROADCAST="$`echo NETWORK${NUMBER}_IPV4_BROADCAST`" + echo "NETWORK${NUMBER}_IPV4_BROADCAST=\"${BROADCAST}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + eval GATEWAY="$`echo NETWORK${NUMBER}_IPV4_GATEWAY`" + echo "NETWORK${NUMBER}_IPV4_GATEWAY=\"${GATEWAY}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + eval NETMASK="$`echo NETWORK${NUMBER}_IPV4_NETMASK`" + echo "NETWORK${NUMBER}_IPV4_NETMASK=\"${NETMASK}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + eval NETWORK="$`echo NETWORK${NUMBER}_IPV4_NETWORK`" + echo "NETWORK${NUMBER}_IPV4_NETWORK=\"${NETWORK}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + eval POST_UP="$`echo NETWORK${NUMBER}_IPV4_POST_UP`" + echo "NETWORK${NUMBER}_IPV4_POST_UP=\"${POST_UP}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + eval POST_DOWN="$`echo NETWORK${NUMBER}_IPV4_POST_DOWN`" + echo "NETWORK${NUMBER}_IPV4_POST_DOWN=\"${POST_DOWN}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + done + + echo "NAMESERVER_SERVER=\"${NAMESERVER_SERVER}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + echo "NAMESERVER_DOMAIN=\"${NAMESERVER_DOMAIN}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + echo "NAMESERVER_SEARCH=\"${NAMESERVER_SEARCH}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + echo "NAMESERVER_OPTIONS=\"${NAMESERVER_OPTIONS}\"" >> "${DEBCONF_TMPDIR}/debconf.default" +} + +Root_password () +{ + if db_get cnt-debconf/root-password + then + ROOT_PASSWORD="${RET}" # string (w/o empty) + fi + + if [ -z "${ROOT_PASSWORD}" ] + then + # Create a random password as suggestion for the user + RANDOM_PASSWORD="$(dd if=/dev/urandom bs=12 count=1 2> /dev/null | base64)" + + db_set cnt-debconf/root-password ${RANDOM_PASSWORD} + db_fset cnt-debconf/root-password seen false + + db_settitle cnt-debconf/title + db_input high cnt-debconf/root-password || true + db_go + + db_get cnt-debconf/root-password + ROOT_PASSWORD="${RET}" + + if [ -z "${ROOT_PASSWORD}" ] + then + # User did set not set a password, falling back to random password + ROOT_PASSWORD="${RANDOM_PASSWORD}" + fi + + if [ "${ROOT_PASSWORD}" = "${RANDOM_PASSWORD}" ] + then + echo "ROOT_RANDOM_PASSWORD=\"true\"" >> "${DEBCONF_TMPDIR}/debconf.default" + fi + fi + + echo "ROOT_PASSWORD=\"${ROOT_PASSWORD}\"" >> "${DEBCONF_TMPDIR}/debconf.default" +} + +Internal_options () +{ + if db_get cnt-debconf/apt-recommends + then + APT_RECOMMENDS="${RET}" # boolean (w/ empty) + fi + + echo "APT_RECOMMENDS=\"${APT_RECOMMENDS}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + if db_get cnt-debconf/debconf-frontend + then + DEBCONF_FRONTEND="${RET}" # select + fi + + DEBCONF_FRONTEND="${DEBCONF_FRONTEND:-dialog}" + echo "DEBCONF_FRONTEND=\"${DEBCONF_FRONTEND}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + if db_get cnt-debconf/debconf-priority + then + DEBCONF_PRIORITY="${RET}" # select + fi + + DEBCONF_PRIORITY="${DEBCONF_PRIORITY:-high}" + echo "DEBCONF_PRIORITY=\"${DEBCONF_PRIORITY}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + if db_get cnt-debconf/container-command + then + CONTAINER_COMMAND="${RET}" # string (w/ empty) + fi + + echo "CONTAINER_COMMAND=\"${CONTAINER_COMMAND}\"" >> "${DEBCONF_TMPDIR}/debconf.default" + + if db_get cnt-debconf/host-command + then + HOST_COMMAND="${RET}" # string (w/ empty) + fi + + echo "HOST_COMMAND=\"${HOST_COMMAND}\"" >> "${DEBCONF_TMPDIR}/debconf.default" +} + +Distribution +Parent_distribution + +Architecture + +Archives +Parent_archives + +Mirror +Mirror_security + +Parent_mirror +Parent_mirror_security + +Archive_areas +Parent_archive_areas + +Packages +Local_archives + +Network +Root_password + +Internal_options + +db_stop diff --git a/share/scripts/debconf.d/0003-debconf.templates b/share/scripts/debconf.d/0003-debconf.templates new file mode 100644 index 0000000..c568d72 --- /dev/null +++ b/share/scripts/debconf.d/0003-debconf.templates @@ -0,0 +1,211 @@ +Template: cnt-debconf/title +Type: title +Description: container-tools + +Template: cnt-debconf/distribution +Type: select +Default: +Choices-C: ${CHOICES_C} +Choices: ${CHOICES} +Description: Distribution + Distribution. + +Template: cnt-debconf/parent-distribution +Type: select +Default: +Choices-C: ${CHOICES_C} +Choices: ${CHOICES} +Description: for internal use; can be preseeded + Parent Distribution. + +Template: cnt-debconf/architecture +Type: select +Default: +Choices-C: ${CHOICES_C} +Choices: ${CHOICES} +Description: Architecture + Architecture. + +Template: cnt-debconf/archives +Type: multiselect +Default: +Choices-C: ${CHOICES_C} +Choices: ${CHOICES} +Description: Archives + Archives. + +Template: cnt-debconf/parent-archives +Type: multiselect +Default: +Choices-C: ${CHOICES_C} +Choices: ${CHOICES} +Description: Parent Archives + Parent Archives. + +Template: cnt-debconf/mirror +Type: string +Default: +Description: Mirror + Mirror. + +Template: cnt-debconf/mirror-security +Type: string +Default: +Description: Mirror Security + Mirror Security. + +Template: cnt-debconf/parent-mirror +Type: string +Default: +Description: Parent Mirror + Parent Mirror. + +Template: cnt-debconf/parent-mirror-security +Type: string +Default: +Description: Parent Mirror Security + Parent Mirror Security. + +Template: cnt-debconf/archive-areas +Type: multiselect +Default: +Choices: ${CHOICES} +Description: Archive Areas + Archive Areas. + +Template: cnt-debconf/parent-archive-areas +Type: multiselect +Default: +Choices: ${CHOICES} +Description: Parent Archive Areas + Parent Archive Areas. + +Template: cnt-debconf/packages +Type: string +Default: +Description: Packages + Packages. + +Template: cnt-debconf/root-password +Type: string +Default: +Description: Root password + Root password. + +Template: cnt-debconf/network0/bridge +Type: string +Default: +Description: Bridge + Bridge. + +Template: cnt-debconf/network0/ipv4-method +Type: select +Choices: dhcp, static, none +Default: +Description: Ethernet Interface Method (IPv4)? + What method should be used to configure the ethernet interface? + . + This defaults to dhcp and will require that you run a dhcp-server in your + network. + +Template: cnt-debconf/network0/ipv4-comment +Type: string +Default: +Description: Ethernet Interface Comment (IPv4)? + What optional comment would you like to give to the ethernet interface? + . + This defaults to empty. + +Template: cnt-debconf/network0/ipv4-address +Type: string +Default: +Description: Ethernet IP Address (IPv4)? + What should be the IP address of the current system? + . + This defaults to 192.168.1.2. + +Template: cnt-debconf/network0/ipv4-broadcast +Type: string +Default: +Description: Ethernet Broadcast Address (IPv4)? + What should be the broadcast address of the current system? + . + This defaults to empty. + +Template: cnt-debconf/network0/ipv4-gateway +Type: string +Default: +Description: Ethernet Gateway Address (IPv4)? + What should be the gateway address of the current system? + . + This defaults to empty. + +Template: cnt-debconf/network0/ipv4-netmask +Type: string +Default: +Description: Ethernet Network Mask (IPv4)? + What should be the netmask of the current system? + . + This defaults to empty. + +Template: cnt-debconf/network0/ipv4-network +Type: string +Default: +Description: Ethernet Network Address (IPv4)? + What should be the network address of the current system? + . + This defaults to empty. + +Template: cnt-debconf/network0/ipv4-post-up +Type: string +Default: +Description: Ethernet post-up Command (IPv4)? + What should be the post-up command for eth0? + . + This defaults to empty. + +Template: cnt-debconf/network0/ipv4-post-down +Type: string +Default: +Description: Ethernet post-down Command (IPv4)? + What should be the post-down command for eth0? + . + This defaults to empty. + +Template: cnt-debconf/nameserver/server +Type: string +Default: +Description: Nameserver Addresses? + What should be the IP addresses of the nameservers of the current system? + . + This defaults to empty. Multiple nameservers can be separated by whitespace. + +Template: cnt-debconf/nameserver/domain +Type: string +Default: +Description: Nameserver Local Domain Name? + What should be local domain name used for name resolution? + . + See resolv.conf(5) for more information about the 'domain' option. + . + This defaults to empty. + +Template: cnt-debconf/nameserver/search +Type: string +Default: +Description: Nameserver Search List? + What should be search list for hostname lookups? + . + See resolv.conf(5) for more information about the 'search' option. + . + This defaults to empty. + +Template: cnt-debconf/nameserver/options +Type: string +Default: +Description: Nameserver Resolver Options? + What should be the resolver options? + . + See resolv.conf(5) for more information about the 'options' option. + . + This defaults to empty. diff --git a/share/scripts/debian b/share/scripts/debian new file mode 120000 index 0000000..7f725c5 --- /dev/null +++ b/share/scripts/debian @@ -0,0 +1 @@ +debconf \ No newline at end of file diff --git a/share/scripts/debian.d b/share/scripts/debian.d new file mode 120000 index 0000000..4ce36fe --- /dev/null +++ b/share/scripts/debian.d @@ -0,0 +1 @@ +debconf.d \ No newline at end of file diff --git a/share/scripts/debootstrap b/share/scripts/debootstrap index 0961fc9..208e050 100755 --- a/share/scripts/debootstrap +++ b/share/scripts/debootstrap @@ -1,6 +1,6 @@ #!/bin/sh -# Open Infrastructure: container-tools +# container-tools - Manage systemd-nspawn containers # Copyright (C) 2014-2016 Daniel Baumann # # This program is free software: you can redistribute it and/or modify @@ -45,6 +45,11 @@ Parameters () shift 2 ;; + --cnt.autostart) + # ignore + shift 2 + ;; + -s|--script) # ignore shift 2 diff --git a/share/scripts/progress-linux b/share/scripts/progress-linux new file mode 120000 index 0000000..7f725c5 --- /dev/null +++ b/share/scripts/progress-linux @@ -0,0 +1 @@ +debconf \ No newline at end of file diff --git a/share/scripts/progress-linux.d b/share/scripts/progress-linux.d new file mode 120000 index 0000000..4ce36fe --- /dev/null +++ b/share/scripts/progress-linux.d @@ -0,0 +1 @@ +debconf.d \ No newline at end of file diff --git a/share/systemd/container-autostart.service b/share/systemd/container-autostart.service new file mode 100644 index 0000000..1424ce8 --- /dev/null +++ b/share/systemd/container-autostart.service @@ -0,0 +1,15 @@ +[Unit] +Description=container-tools automatic start +After=syslog.target network.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/container-autostart +#ExecStop= +Delegate=yes +StandardOutput=syslog +StandardError=syslog + +[Install] +WantedBy=multi-user.target -- cgit v1.2.3