vagrant-lxc 0.3.3 → 0.3.4

data/boxes/debian/lxc-template

@@ -0,0 +1,363 @@
+#!/bin/bash
+
+# This is a modified version of /usr/share/lxc/templates/lxc-debian
+# that comes with Ubuntu 13.04 changed to suit vagrant-lxc needs
+
+set -e
+
+if [ -r /etc/default/lxc ]; then
+    . /etc/default/lxc
+fi
+
+SUITE=${SUITE:-wheezy}
+MIRROR=${MIRROR:-http://ftp.debian.org/debian}
+
+configure_debian()
+{
+    rootfs=$1
+    hostname=$2
+    release=$2
+
+    # squeeze only has /dev/tty and /dev/tty0 by default,
+    # therefore creating missing device nodes for tty1-4.
+    for tty in $(seq 1 4); do
+        if [ ! -e $rootfs/dev/tty$tty ]; then
+            mknod $rootfs/dev/tty$tty c 4 $tty
+        fi
+    done
+
+    # configure the inittab
+    cat <<EOF > $rootfs/etc/inittab
+id:3:initdefault:
+si::sysinit:/etc/init.d/rcS
+l0:0:wait:/etc/init.d/rc 0
+l1:1:wait:/etc/init.d/rc 1
+l2:2:wait:/etc/init.d/rc 2
+l3:3:wait:/etc/init.d/rc 3
+l4:4:wait:/etc/init.d/rc 4
+l5:5:wait:/etc/init.d/rc 5
+l6:6:wait:/etc/init.d/rc 6
+# Normally not reached, but fallthrough in case of emergency.
+z6:6:respawn:/sbin/sulogin
+1:2345:respawn:/sbin/getty 38400 console
+#c1:12345:respawn:/sbin/getty 38400 tty1 linux
+c2:12345:respawn:/sbin/getty 38400 tty2 linux
+c3:12345:respawn:/sbin/getty 38400 tty3 linux
+c4:12345:respawn:/sbin/getty 38400 tty4 linux
+p6::ctrlaltdel:/sbin/init 6
+p0::powerfail:/sbin/init 0
+EOF
+
+    # disable selinux in debian
+    mkdir -p $rootfs/selinux
+    echo 0 > $rootfs/selinux/enforce
+
+    # configure the network using the dhcp
+    cat <<EOF > $rootfs/etc/network/interfaces
+auto lo
+iface lo inet loopback
+
+auto eth0
+iface eth0 inet dhcp
+EOF
+
+    # set the hostname
+    cat <<EOF > $rootfs/etc/hostname
+$hostname
+EOF
+
+    # set the host in case it is not set so that sudo does not complain about the host
+    if ! (grep -q $hostname $rootfs/etc/hosts); then
+      chroot $rootfs sed -i -e \
+          "s/^127.0.0.1\(\s\+\)localhost$/127.0.0.1\1localhost\n127.0.0.1\1${hostname}/g" \
+          /etc/hosts >/dev/null 2>&1 || true
+    fi
+
+    # set default locale
+    cat <<EOF > $rootfs/etc/locale.gen
+en_US.UTF-8 UTF-8
+EOF
+    echo "default locale set to en_US.UTF-8 UTF-8"
+    chroot $rootfs locale-gen 'en_US.UTF-8' > /dev/null 2>&1
+    chroot $rootfs update-locale LANG='en_US.UTF-8'
+    echo 'update-locale done'
+
+    # remove pointless services in a container
+    chroot $rootfs /usr/sbin/update-rc.d -f checkroot.sh remove
+    chroot $rootfs /usr/sbin/update-rc.d -f umountfs remove
+    chroot $rootfs /usr/sbin/update-rc.d -f hwclock.sh remove
+    chroot $rootfs /usr/sbin/update-rc.d -f hwclockfirst.sh remove
+
+    echo "root:vagrant" | chroot $rootfs chpasswd
+
+    if ! (grep -q vagrant $rootfs/etc/passwd); then
+      chroot $rootfs useradd --create-home -s /bin/bash vagrant
+      echo "vagrant:vagrant" | chroot $rootfs chpasswd
+      chroot $rootfs adduser vagrant sudo >/dev/null 2>&1 || true
+      chroot $rootfs cp /etc/sudoers /etc/sudoers.orig >/dev/null 2>&1 || true
+      chroot $rootfs sed -i -e \
+          's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' \
+          /etc/sudoers >/dev/null 2>&1 || true
+    fi
+
+    return 0
+}
+
+cleanup()
+{
+    rm -rf ${cache}/partial
+    rm -rf ${cache}/rootfs
+}
+
+extract_rootfs()
+{
+    tarball=$1
+    arch=$2
+    rootfs=$3
+
+    echo "Extracting $tarball ..."
+    mkdir -p $(dirname $rootfs)
+    # Make sure the rootfs does not exist before extracting
+    rm -rf $rootfs
+    (cd `dirname $rootfs` && tar xfz $tarball)
+    return 0
+}
+
+install_debian()
+{
+    rootfs=$1
+    release=$2
+    tarball=$3
+    mkdir -p /var/lock/subsys/
+
+    (
+        flock -x 200
+        if [ $? -ne 0 ]; then
+            echo "Cache repository is busy."
+            return 1
+        fi
+
+        extract_rootfs $tarball $arch $rootfs
+        if [ $? -ne 0 ]; then
+            echo "Failed to copy rootfs"
+            return 1
+        fi
+
+        return 0
+
+    ) 200>/var/lock/subsys/lxc
+
+    return $?
+}
+
+copy_configuration()
+{
+    path=$1
+    rootfs=$2
+    name=$3
+
+    # if there is exactly one veth network entry, make sure it has an
+    # associated hwaddr.
+    nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
+    if [ $nics -eq 1 ]; then
+        grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
+lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
+EOF
+    fi
+
+    grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config
+    cat <<EOF >> $path/config
+lxc.tty = 4
+lxc.pts = 1024
+lxc.utsname = ${name}
+
+# When using LXC with apparmor, uncomment the next line to run unconfined:
+#lxc.aa_profile = unconfined
+
+lxc.cgroup.devices.deny = a
+# Allow any mknod (but not using the node)
+lxc.cgroup.devices.allow = c *:* m
+lxc.cgroup.devices.allow = b *:* m
+# /dev/null and zero
+lxc.cgroup.devices.allow = c 1:3 rwm
+lxc.cgroup.devices.allow = c 1:5 rwm
+# consoles
+lxc.cgroup.devices.allow = c 5:1 rwm
+lxc.cgroup.devices.allow = c 5:0 rwm
+lxc.cgroup.devices.allow = c 4:0 rwm
+lxc.cgroup.devices.allow = c 4:1 rwm
+# /dev/{,u}random
+lxc.cgroup.devices.allow = c 1:9 rwm
+lxc.cgroup.devices.allow = c 1:8 rwm
+lxc.cgroup.devices.allow = c 136:* rwm
+lxc.cgroup.devices.allow = c 5:2 rwm
+# rtc
+lxc.cgroup.devices.allow = c 254:0 rwm
+#fuse
+lxc.cgroup.devices.allow = c 10:229 rwm
+#tun
+lxc.cgroup.devices.allow = c 10:200 rwm
+#full
+lxc.cgroup.devices.allow = c 1:7 rwm
+#hpet
+lxc.cgroup.devices.allow = c 10:228 rwm
+#kvm
+lxc.cgroup.devices.allow = c 10:232 rwm
+
+# mounts point
+lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
+lxc.mount.entry = sysfs sys sysfs defaults  0 0
+EOF
+
+    if [ $? -ne 0 ]; then
+        echo 'failed to add configuration'
+        return 1
+    fi
+
+}
+
+
+add_ssh_key()
+{
+    user=$1
+
+    if [ -n "$auth_key" -a -f "$auth_key" ]; then
+        u_path="/home/${user}/.ssh"
+        root_u_path="$rootfs/$u_path"
+
+        mkdir -p $root_u_path
+        cp $auth_key "$root_u_path/authorized_keys"
+        chroot $rootfs chown -R ${user}: "$u_path"
+
+        echo "Inserted SSH public key from $auth_key into /home/${user}/.ssh/authorized_keys"
+    fi
+}
+
+disable_tmp_cleanup() {
+    rootfs=$1
+    chroot $rootfs /usr/sbin/update-rc.d -f checkroot-bootclean.sh remove
+    chroot $rootfs /usr/sbin/update-rc.d -f mountall-bootclean.sh remove
+    chroot $rootfs /usr/sbin/update-rc.d -f mountnfs-bootclean.sh remove
+}
+
+usage()
+{
+    cat <<EOF
+$1 -h|--help [-a|--arch] [-d|--debug]
+  [-F | --flush-cache] [-r|--release <release>] [ -S | --auth-key <keyfile>]
+release: the debian release (e.g. wheezy): defaults to host release on debian, otherwise uses latest stable
+arch: the container architecture (e.g. amd64): defaults to host arch
+auth-key: SSH Public key file to inject into container
+EOF
+    return 0
+}
+
+options=$(getopt -o a:b:hp:r:xn:Fd:C -l arch:,help,path:,release:,name:,flush-cache,auth-key:,debug:,tarball: -- "$@")
+if [ $? -ne 0 ]; then
+    usage $(basename $0)
+    exit 1
+fi
+eval set -- "$options"
+
+release=wheezy  # Default to the last Debian stable release
+
+arch=$(uname -m)
+
+# Code taken from debootstrap
+if [ -x /usr/bin/dpkg ] && /usr/bin/dpkg --print-architecture >/dev/null 2>&1; then
+    arch=`/usr/bin/dpkg --print-architecture`
+elif type udpkg >/dev/null 2>&1 && udpkg --print-architecture >/dev/null 2>&1; then
+    arch=`/usr/bin/udpkg --print-architecture`
+else
+    arch=$(uname -m)
+    if [ "$arch" = "i686" ]; then
+        arch="i386"
+    elif [ "$arch" = "x86_64" ]; then
+        arch="amd64"
+    elif [ "$arch" = "armv7l" ]; then
+        arch="armel"
+    fi
+fi
+
+debug=0
+hostarch=$arch
+while true
+do
+    case "$1" in
+    -h|--help)      usage $0 && exit 0;;
+    -p|--path)      path=$2; shift 2;;
+    -n|--name)      name=$2; shift 2;;
+    -T|--tarball)   tarball=$2; shift 2;;
+    -r|--release)   release=$2; shift 2;;
+    -S|--auth-key)  auth_key=$2; shift 2;;
+    -a|--arch)      arch=$2; shift 2;;
+    -d|--debug)     debug=1; shift 1;;
+    --)             shift 1; break ;;
+        *)              break ;;
+    esac
+done
+
+if [ $debug -eq 1 ]; then
+    set -x
+fi
+
+
+if [ "$arch" == "i686" ]; then
+    arch=i386
+fi
+
+if [ $hostarch = "i386" -a $arch = "amd64" ]; then
+    echo "can't create amd64 container on i386"
+    exit 1
+fi
+
+if [ -z "$path" ]; then
+    echo "'path' parameter is required"
+    exit 1
+fi
+
+if [ "$(id -u)" != "0" ]; then
+    echo "This script should be run as 'root'"
+    exit 1
+fi
+
+# detect rootfs
+config="$path/config"
+if grep -q '^lxc.rootfs' $config 2>/dev/null ; then
+    rootfs=`grep 'lxc.rootfs =' $config | awk -F= '{ print $2 }'`
+else
+    rootfs=$path/rootfs
+fi
+
+install_debian $rootfs $release $tarball
+if [ $? -ne 0 ]; then
+    echo "failed to install debian $release"
+    exit 1
+fi
+
+configure_debian $rootfs $release
+if [ $? -ne 0 ]; then
+    echo "failed to configure debian $release for a container"
+    exit 1
+fi
+
+copy_configuration $path $rootfs $name
+if [ $? -ne 0 ]; then
+    echo "failed write configuration file"
+    exit 1
+fi
+
+add_ssh_key vagrant
+
+# vagrant and / or plugins might mount some shared folders under /tmp by default
+# (like puppet manifests) and we need to make sure no shared folder gets its
+# contents removed because of it. For more information, please check:
+#   https://github.com/fgrehm/vagrant-lxc/issues/68
+disable_tmp_cleanup $rootfs
+
+echo ""
+echo "##"
+echo "# The default user is 'vagrant' with password 'vagrant'!"
+echo "# Use the 'sudo' command to run tasks as root in the container."
+echo "##"
+echo ""

data/boxes/debian/metadata.json.template

@@ -0,0 +1,9 @@
+{
+  "provider": "lxc",
+  "version":  "2",
+
+  "template-opts": {
+    "--arch":    "ARCH",
+    "--release": "RELEASE"
+  }
+}

data/boxes/ubuntu/download

@@ -35,6 +35,17 @@ EOF
 download_ubuntu()
 {
     packages=vim,ssh,curl,wget,bash-completion,manpages,man-db,psmisc
+
+    # Try to guess a list of langpacks to install
+    langpacks="language-pack-en"
+
+    if which dpkg >/dev/null 2>&1; then
+        langpacks=`(echo $langpacks &&
+                    dpkg -l | grep -E "^ii  language-pack-[a-z]* " |
+                        cut -d ' ' -f3) | sort -u`
+    fi
+    packages="$packages,$(echo $langpacks | sed 's/ /,/g')"
+
     echo "installing packages: $packages"
 
     trap cleanup EXIT SIGHUP SIGINT SIGTERM

data/boxes/ubuntu/lxc-template

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # This is a modified version of /usr/share/lxc/templates/lxc-ubuntu
-# that comes with Ubuntu 12.10 changed to suit vagrant-lxc needs
+# that comes with Ubuntu 13.04 changed to suit vagrant-lxc needs
 
 #
 # template script for generating ubuntu container for LXC
@@ -36,8 +36,8 @@ fi
 configure_ubuntu()
 {
     rootfs=$1
-    release=$3
-    hostname='quantal64'
+    release=$2
+    hostname=$2
 
    # configure the network using the dhcp
     cat <<EOF > $rootfs/etc/network/interfaces
@@ -83,6 +83,10 @@ EOF
       echo "vagrant:vagrant" | chroot $rootfs chpasswd
     fi
 
+    # make sure we have the current locale defined in the container
+    chroot $rootfs locale-gen en_US.UTF-8
+    chroot $rootfs update-locale LANG=en_US.UTF-8
+
     return 0
 }
 
@@ -108,8 +112,6 @@ finalize_user()
 
     chroot $rootfs cp /etc/sudoers /etc/sudoers.orig >/dev/null 2>&1 || true
     chroot $rootfs sed -i -e 's/%sudo\s\+ALL=(ALL:ALL)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' /etc/sudoers >/dev/null 2>&1 || true
-    chroot $rootfs locale-gen en_US en_US.UTF-8 hu_HU hu_HU.UTF-8 >/dev/null 2>&1 || true
-    chroot $rootfs dpkg-reconfigure locales >/dev/null 2>&1 || true
 
     if [ -n "$auth_key" -a -f "$auth_key" ]; then
         u_path="/home/${user}/.ssh"
@@ -202,7 +204,6 @@ copy_configuration()
     rootfs=$2
     name=$3
     arch=$4
-    release=$5
 
     if [ $arch = "i386" ]; then
         arch="i686"
@@ -217,24 +218,23 @@ copy_configuration()
     # associated hwaddr.
     nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
     if [ $nics -eq 1 ]; then
-        grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
-lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
-EOF
+        grep -q "^lxc.network.hwaddr" $path/config || sed -i -e "/^lxc\.network\.type[ \t]*=[ \t]*veth/a lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')" $path/config
     fi
 
     grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config
     cat <<EOF >> $path/config
-lxc.utsname = $name
+lxc.mount = $path/fstab
+lxc.pivotdir = lxc_putold
 
 lxc.devttydir =$ttydir
 lxc.tty = 4
 lxc.pts = 1024
-lxc.mount  = $path/fstab
+
+lxc.utsname = $name
 lxc.arch = $arch
 lxc.cap.drop = sys_module mac_admin mac_override
-lxc.pivotdir = lxc_putold
 
-# uncomment the next line to run the container unconfined:
+# When using LXC with apparmor, uncomment the next line to run unconfined:
 #lxc.aa_profile = unconfined
 
 lxc.cgroup.devices.deny = a
@@ -350,15 +350,6 @@ EOF
 # /lib/init/fstab: cleared out for bare-bones lxc
 EOF
 
-    # reconfigure some services
-    if [ -z "$LANG" ]; then
-        chroot $rootfs locale-gen en_US.UTF-8
-        chroot $rootfs update-locale LANG=en_US.UTF-8
-    else
-        chroot $rootfs locale-gen $LANG
-        chroot $rootfs update-locale LANG=$LANG
-    fi
-
     # remove pointless services in a container
     chroot $rootfs /usr/sbin/update-rc.d -f ondemand remove
 
@@ -551,7 +542,7 @@ if [ $? -ne 0 ]; then
     exit 1
 fi
 
-copy_configuration $path $rootfs $name $arch $release
+copy_configuration $path $rootfs $name $arch
 if [ $? -ne 0 ]; then
     echo "failed write configuration file"
     exit 1