working on install script

5 years ago · ad68619f6d
4 changed files with 81 additions and 35 deletions
--- a/bin/pdm-build
+++ b/bin/pdm-build
@ -1,5 +1,5 @@
 #!/bin/bash
-
+################################################################################
 # Functions/variables
 quit() {
        if [[ $1 == 0 || $FLAGS_debug == $FLAGS_FALSE ]]; then
@ -16,12 +16,13 @@ source shflags
 DEFINE_boolean 'squash' false 'squash newly built layers into a single new layer' 's'
 DEFINE_boolean 'debug' false "Don't delete temporary container on build fail" 'd'
 DEFINE_string 'tag' 'latest' 'Tag (other than date) to assign to the image' 't'
-FLAGS_HELP="Usage: $0 [-s] [-d] [-t tag] [directory] [name]

-Builds an image from the Containerfile and (optionally) Systemdfile in a
-directory passed as the first argument, and names the image after the second
-argument. If no first argument is given, the current working directory is
-used. If no second argument is given, the image is named after the directory.
+FLAGS_HELP="Usage: $0 [-sd] [-t tag] [directory] [name]
+
+Builds an image from the Containerfile and (optionally) Systemdfile in the
+specified directory, and tags the image with the given name. If no directory
+argument is given, the current working directory is used. If no name argument
+is given, the image is named after the directory.
 "
 FLAGS "$@" || exit $?
 eval set -- "${FLAGS_ARGV}"
--- a/bin/pdm-launch
+++ b/bin/pdm-launch
@ -1,26 +1,35 @@
 #!/bin/bash
-
+################################################################################
 # Handle flags
 source shflags
 DEFINE_boolean 'overwrite' false 'Overwrite container if one with same name already exists.' 'o'
-DEFINE_boolean 'config' false "Automatically configure container with deploy options stored in image metadata." 'c'
-DEFINE_string 'deployopts' 'deployopts' 'Image metadata label from which to get the deploy options.' 'd'
-FLAGS_HELP="Usage: $0 [-o] [-d label] image [name]
+DEFINE_boolean 'config' false 'Automatically configure container with deploy options stored in image metadata.' 'c'
+DEFINE_string 'label' 'deployopts' 'Image metadata label from which to get the deploy options.' 'l'
+
+FLAGS_HELP="Usage: $0 [-oc] [-d label] [image] [name]

-Creates and starts a container from the specified image. If a second
-argument is given, the container name is set to that string. Otherwise, the
-container is given the same name as the image.
+Creates and starts a container from the specified image, and assigns it the
+specified name. If no image argument is given, uses the current working
+directory as the name of the image. If no name argument is given, the container
+is given the same name as the image.
 "
 FLAGS "$@" || exit $?
 eval set -- "${FLAGS_ARGV}"

+# Handle errors/arguments/cases
+if [[ $# -gt 2 ]]; then
+        echo "Error: too many arguments"
+        echo ""
+        flags_help
+        exit 1
+fi
+
 if [[ -n $1 ]]; then
        image=$1
 else
-        echo "Error: need image name"
+        echo "Warning: No image name given. Assuming image name from current working directory."
        echo ""
-        flags_help
-        exit 1
+	image=$(basename $(pwd))
 fi

 if [[ -n $2 ]]; then
@ -44,6 +53,5 @@ if [[ $FLAGS_overwrite ]]; then
        podman rm -i -f $name
 fi

-podman create --name $name $deployopts $image
-podman start $name
+podman run -itd --name $name --hostname $name --userns=keep-id $deployopts $image
 echo "Done!"
--- a/install.sh
+++ b/install.sh
@ -1,8 +1,15 @@
-#1/bin/bash
+#!/bin/bash

+# Variables
+myusr=containers
+myuid=60000
+
+# Main
+set -e
+
+echo "Attempting to autodetect distro ..."
 distro=$(lsb_release -is)
 release=$(lsb_release -rs)
-
 if [[ $distro == "Debian" ]]; then
    echo "Detected distro: Debian"
    if [[ $release == "10" ]]; then
@ -15,23 +22,53 @@ if [[ $distro == "Debian" ]]; then
 	echo "Error: failed to detect release"
 	exit 1
    fi
-    sudo apt install -y gnupg 
-    echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_$release/ /" | sudo tee /etc/apt/sources.list.d/podman.list
-    curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_$release/Release.key | sudo apt-key add -
+    echo "Installing podman ..."
+    sudo apt install -y gnupg curl
+    echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_${release:?}/ /" | sudo tee /etc/apt/sources.list.d/podman.list
+    curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_${release:?}/Release.key | sudo apt-key add -

    sudo apt update -y
-    sudo apt install -y podman
+    sudo apt install -y fuse-overlayfs slirp4netns podman
 else
-    echo "Error: failed to detect distro"
+    echo "Error: failed to detect distro."
    exit 1
 fi

-# copy bin files to /usr/local/bin
-sudo rsync -vaSH bin/ /usr/local/bin/
+echo "Creating containers user ..."
+user_id=$(id -u $myusr > /dev/null 2>&1)
+user_exists=$(echo $?)
+if [[ $user_exists != 0 ]]; then
+    sudo addgroup $myusr --gid $myuid  --system
+    sudo adduser $myusr --ingroup $myusr --uid $myuid --disabled-password --gecos "Containers User" --shell /usr/sbin/nologin --no-create-home --home /srv/$myusr --system
+elif [[ $user_id != $myuid ]]; then
+    echo "Error: User \"$myusr\" already exists, but does not have UID $myuid."
+    echo "Please delete user \"$myusr\" and then re-run the install script."
+    exit 2
+else
+    echo "User \"$myusr\" is already configured. Skipping ..."
+fi

+echo "Configuring subuids and subgids ..."
+echo "$myusr:1000000:1000000000" | sudo tee -a /etc/subuid /etc/subgid
+
+echo "Configuring kernel parameters ..."
+kernel.unprivileged_userns_clone=1
+#net.ipv4.ping_group_range=0 1001000000
+
+echo "Copying scripts to /usr/local/bin ..."
+# copy bin files to /usr/local/bin
+sudo cp bin/* /usr/local/bin/
 # copy shflags to /usr/local/bin as well
-sudo rsync -vaSH lib/shflags /usr/local/bin/
+sudo cp lib/shflags /usr/local/bin/

+echo "Installing containers startup service ..."
 # install systemd startup service
-#sudo rsync -vaSH lib/containers-startup.service /etc/systemd/system/
-#sudo systemctl enable containers-startup.service
+sudo cp lib/containers-startup.service /etc/systemd/system/
+sudo systemctl enable containers-startup.service
+# create startup.sh if it doesn't exist
+if [[ ! -f /etc/containers/startup.sh ]]; then
+    printf "#!/bin/bash\n\n" | sudo tee /etc/containers/startup.sh
+fi
+sudo chmod +x /etc/containers/startup.sh
+echo "Installed containers startup script in /etc/containers/startup.sh. Put any podman-related commands that should run on startup in that file."
+
--- a/src/debian/Containerfile
+++ b/src/debian/Containerfile
@ -12,11 +12,11 @@ RUN rm /etc/localtime && \
    echo $TZ > /etc/timezone

 # Install packages
-RUN apt update -y 
-RUN apt upgrade -y
-RUN apt install -y init sudo wget nano less man-db unzip
-RUN apt autoremove -y --purge
-RUN apt clean -y
+RUN apt update -y && \
+    apt upgrade -y && \
+    apt install -y init sudo wget nano less man-db unzip && \
+    apt autoremove -y --purge && \
+    apt clean -y

 # Set configuration
 COPY assets/nanorc /etc/nanorc