container/install.sh

#!/bin/bash

# Variables
myusr=containers
myuid=60000

# Main
set -e

echo "Attempting to autodetect distro ..."
distro=$(lsb_release -is)
release=$(lsb_release -rs)
if [[ $distro == "Debian" ]]; then
    echo "Detected distro: Debian"
    if [[ $release == "10" ]]; then
	echo "Detected release: 10"
	release=10
    elif [[ $release == "testing" ]]; then
	echo "Detected release: testing"
	release=Testing
    else
	echo "Error: failed to detect release"
	exit 1
    fi
    echo "Installing podman ..."
    sudo apt install -y gnupg curl
    echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_${release:?}/ /" | sudo tee /etc/apt/sources.list.d/podman.list
    curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_${release:?}/Release.key | sudo apt-key add -

    sudo apt update -y
    sudo apt install -y fuse-overlayfs slirp4netns podman
else
    echo "Error: failed to detect distro."
    exit 1
fi

echo "Creating containers user ..."
user_id=$(id -u $myusr > /dev/null 2>&1)
user_exists=$(echo $?)
if [[ $user_exists != 0 ]]; then
    sudo addgroup $myusr --gid $myuid  --system
    sudo adduser $myusr --ingroup $myusr --uid $myuid --disabled-password --gecos "Containers User" --shell /usr/sbin/nologin --no-create-home --home /srv/$myusr --system
elif [[ $user_id != $myuid ]]; then
    echo "Error: User \"$myusr\" already exists, but does not have UID $myuid."
    echo "Please delete user \"$myusr\" and then re-run the install script."
    exit 2
else
    echo "User \"$myusr\" is already configured. Skipping ..."
fi

echo "Configuring subuids and subgids ..."
echo "$myusr:1000000:1000000000" | sudo tee -a /etc/subuid /etc/subgid

echo "Configuring kernel parameters ..."
kernel.unprivileged_userns_clone=1
#net.ipv4.ping_group_range=0 1001000000

echo "Copying scripts to /usr/local/bin ..."
# copy bin files to /usr/local/bin
sudo cp bin/* /usr/local/bin/
# copy shflags to /usr/local/bin as well
sudo cp lib/shflags /usr/local/bin/

echo "Installing containers startup service ..."
# install systemd startup service
sudo cp lib/containers-startup.service /etc/systemd/system/
sudo systemctl enable containers-startup.service
# create startup.sh if it doesn't exist
if [[ ! -f /etc/containers/startup.sh ]]; then
    printf "#!/bin/bash\n\n" | sudo tee /etc/containers/startup.sh
fi
sudo chmod +x /etc/containers/startup.sh
echo "Installed containers startup script in /etc/containers/startup.sh. Put any podman-related commands that should run on startup in that file."