vagrant-lxc 0.6.0 → 0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/BOXES.md +55 -0
- data/CHANGELOG.md +14 -0
- data/CONTRIBUTING.md +20 -0
- data/Gemfile +1 -1
- data/Gemfile.lock +4 -3
- data/README.md +16 -19
- data/boxes/build-debian-box.sh +167 -0
- data/boxes/build-ubuntu-box.sh +151 -0
- data/boxes/common/install-babushka +4 -3
- data/boxes/common/install-chef +3 -2
- data/boxes/common/install-puppet +3 -2
- data/boxes/common/install-salt +3 -2
- data/boxes/common/lxc-template +10 -13
- data/boxes/common/metadata.json +2 -1
- data/development/Vagrantfile +4 -4
- data/development/site.pp +31 -6
- data/lib/vagrant-lxc/action.rb +44 -40
- data/lib/vagrant-lxc/action/clear_forwarded_ports.rb +4 -0
- data/lib/vagrant-lxc/action/fetch_ip_from_dnsmasq_leases.rb +1 -1
- data/lib/vagrant-lxc/action/fetch_ip_with_lxc_attach.rb +4 -7
- data/lib/vagrant-lxc/action/message.rb +1 -0
- data/lib/vagrant-lxc/action/setup_package_files.rb +1 -0
- data/lib/vagrant-lxc/action/wait_for_communicator.rb +9 -14
- data/lib/vagrant-lxc/driver.rb +10 -7
- data/lib/vagrant-lxc/driver/cli.rb +7 -1
- data/lib/vagrant-lxc/errors.rb +5 -0
- data/lib/vagrant-lxc/version.rb +1 -1
- data/locales/en.yml +8 -2
- data/spec/Vagrantfile +7 -2
- data/spec/unit/driver/cli_spec.rb +8 -0
- metadata +8 -18
- data/boxes/debian/download +0 -156
- data/boxes/debian/finalize +0 -195
- data/boxes/debian/lxc-template +0 -367
- data/boxes/debian/metadata.json.template +0 -9
- data/boxes/ubuntu/download +0 -113
- data/boxes/ubuntu/finalize +0 -374
- data/boxes/ubuntu/lxc-template +0 -559
- data/boxes/ubuntu/metadata.json.template +0 -9
- data/development/shell-provisioning/upgrade-kernel +0 -14
- data/example/Vagrantfile +0 -46
- data/example/cookbooks/hello-world/recipes/default.rb +0 -4
- data/example/puppet/manifests/site.pp +0 -5
- data/example/puppet/modules/hello_world/manifests/init.pp +0 -3
- data/tasks/boxes.rake +0 -115
- data/tasks/boxes.v2.rake +0 -188
data/boxes/debian/finalize
DELETED
@@ -1,195 +0,0 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
# This is a modified version of /usr/share/lxc/templates/lxc-debian
|
4
|
-
# that comes with Ubuntu 13.04 changed to suit vagrant-lxc needs
|
5
|
-
|
6
|
-
set -e
|
7
|
-
|
8
|
-
if [ -r /etc/default/lxc ]; then
|
9
|
-
. /etc/default/lxc
|
10
|
-
fi
|
11
|
-
|
12
|
-
SUITE=${SUITE:-wheezy}
|
13
|
-
MIRROR=${MIRROR:-http://ftp.debian.org/debian}
|
14
|
-
|
15
|
-
configure_debian()
|
16
|
-
{
|
17
|
-
rootfs=$1
|
18
|
-
hostname=$2
|
19
|
-
release=$2
|
20
|
-
|
21
|
-
# squeeze only has /dev/tty and /dev/tty0 by default,
|
22
|
-
# therefore creating missing device nodes for tty1-4.
|
23
|
-
for tty in $(seq 1 4); do
|
24
|
-
if [ ! -e $rootfs/dev/tty$tty ]; then
|
25
|
-
mknod $rootfs/dev/tty$tty c 4 $tty
|
26
|
-
fi
|
27
|
-
done
|
28
|
-
|
29
|
-
# configure the inittab
|
30
|
-
cat <<EOF > $rootfs/etc/inittab
|
31
|
-
id:3:initdefault:
|
32
|
-
si::sysinit:/etc/init.d/rcS
|
33
|
-
l0:0:wait:/etc/init.d/rc 0
|
34
|
-
l1:1:wait:/etc/init.d/rc 1
|
35
|
-
l2:2:wait:/etc/init.d/rc 2
|
36
|
-
l3:3:wait:/etc/init.d/rc 3
|
37
|
-
l4:4:wait:/etc/init.d/rc 4
|
38
|
-
l5:5:wait:/etc/init.d/rc 5
|
39
|
-
l6:6:wait:/etc/init.d/rc 6
|
40
|
-
# Normally not reached, but fallthrough in case of emergency.
|
41
|
-
z6:6:respawn:/sbin/sulogin
|
42
|
-
1:2345:respawn:/sbin/getty 38400 console
|
43
|
-
#c1:12345:respawn:/sbin/getty 38400 tty1 linux
|
44
|
-
c2:12345:respawn:/sbin/getty 38400 tty2 linux
|
45
|
-
c3:12345:respawn:/sbin/getty 38400 tty3 linux
|
46
|
-
c4:12345:respawn:/sbin/getty 38400 tty4 linux
|
47
|
-
p6::ctrlaltdel:/sbin/init 6
|
48
|
-
p0::powerfail:/sbin/init 0
|
49
|
-
EOF
|
50
|
-
|
51
|
-
# disable selinux in debian
|
52
|
-
mkdir -p $rootfs/selinux
|
53
|
-
echo 0 > $rootfs/selinux/enforce
|
54
|
-
|
55
|
-
# configure the network using the dhcp
|
56
|
-
cat <<EOF > $rootfs/etc/network/interfaces
|
57
|
-
auto lo
|
58
|
-
iface lo inet loopback
|
59
|
-
|
60
|
-
auto eth0
|
61
|
-
iface eth0 inet dhcp
|
62
|
-
EOF
|
63
|
-
|
64
|
-
# set the hostname
|
65
|
-
cat <<EOF > $rootfs/etc/hostname
|
66
|
-
$hostname
|
67
|
-
EOF
|
68
|
-
|
69
|
-
# set minimal hosts
|
70
|
-
cat <<EOF > $rootfs/etc/hosts
|
71
|
-
127.0.0.1 localhost
|
72
|
-
127.0.1.1 $hostname
|
73
|
-
|
74
|
-
# The following lines are desirable for IPv6 capable hosts
|
75
|
-
::1 ip6-localhost ip6-loopback
|
76
|
-
fe00::0 ip6-localnet
|
77
|
-
ff00::0 ip6-mcastprefix
|
78
|
-
ff02::1 ip6-allnodes
|
79
|
-
ff02::2 ip6-allrouters
|
80
|
-
ff02::3 ip6-allhosts
|
81
|
-
EOF
|
82
|
-
|
83
|
-
# set default locale
|
84
|
-
cat <<EOF > $rootfs/etc/locale.gen
|
85
|
-
en_US.UTF-8 UTF-8
|
86
|
-
EOF
|
87
|
-
echo "default locale set to en_US.UTF-8 UTF-8"
|
88
|
-
chroot $rootfs locale-gen 'en_US.UTF-8' > /dev/null 2>&1
|
89
|
-
chroot $rootfs update-locale LANG='en_US.UTF-8'
|
90
|
-
echo 'update-locale done'
|
91
|
-
|
92
|
-
# remove pointless services in a container
|
93
|
-
chroot $rootfs /usr/sbin/update-rc.d -f checkroot.sh remove
|
94
|
-
chroot $rootfs /usr/sbin/update-rc.d -f umountfs remove
|
95
|
-
chroot $rootfs /usr/sbin/update-rc.d -f hwclock.sh remove
|
96
|
-
chroot $rootfs /usr/sbin/update-rc.d -f hwclockfirst.sh remove
|
97
|
-
|
98
|
-
echo "root:vagrant" | chroot $rootfs chpasswd
|
99
|
-
|
100
|
-
if ! (grep -q vagrant $rootfs/etc/passwd); then
|
101
|
-
chroot $rootfs useradd --create-home -s /bin/bash vagrant
|
102
|
-
echo "vagrant:vagrant" | chroot $rootfs chpasswd
|
103
|
-
chroot $rootfs adduser vagrant sudo >/dev/null 2>&1 || true
|
104
|
-
chroot $rootfs cp /etc/sudoers /etc/sudoers.orig >/dev/null 2>&1 || true
|
105
|
-
chroot $rootfs sed -i -e \
|
106
|
-
's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' \
|
107
|
-
/etc/sudoers >/dev/null 2>&1 || true
|
108
|
-
fi
|
109
|
-
|
110
|
-
return 0
|
111
|
-
}
|
112
|
-
|
113
|
-
cleanup()
|
114
|
-
{
|
115
|
-
rm -rf ${cache}/partial
|
116
|
-
rm -rf ${cache}/rootfs
|
117
|
-
}
|
118
|
-
|
119
|
-
add_ssh_key()
|
120
|
-
{
|
121
|
-
user=$1
|
122
|
-
|
123
|
-
if [ -n "$auth_key" -a -f "$auth_key" ]; then
|
124
|
-
u_path="/home/${user}/.ssh"
|
125
|
-
root_u_path="$rootfs/$u_path"
|
126
|
-
|
127
|
-
mkdir -p $root_u_path
|
128
|
-
cp $auth_key "$root_u_path/authorized_keys"
|
129
|
-
chroot $rootfs chown -R ${user}: "$u_path"
|
130
|
-
|
131
|
-
echo "Inserted SSH public key from $auth_key into /home/${user}/.ssh/authorized_keys"
|
132
|
-
fi
|
133
|
-
}
|
134
|
-
|
135
|
-
disable_tmp_cleanup() {
|
136
|
-
rootfs=$1
|
137
|
-
chroot $rootfs /usr/sbin/update-rc.d -f checkroot-bootclean.sh remove
|
138
|
-
chroot $rootfs /usr/sbin/update-rc.d -f mountall-bootclean.sh remove
|
139
|
-
chroot $rootfs /usr/sbin/update-rc.d -f mountnfs-bootclean.sh remove
|
140
|
-
}
|
141
|
-
|
142
|
-
release=wheezy # Default to the last Debian stable release
|
143
|
-
|
144
|
-
arch=$(uname -m)
|
145
|
-
|
146
|
-
# Code taken from debootstrap
|
147
|
-
if [ -x /usr/bin/dpkg ] && /usr/bin/dpkg --print-architecture >/dev/null 2>&1; then
|
148
|
-
arch=`/usr/bin/dpkg --print-architecture`
|
149
|
-
elif type udpkg >/dev/null 2>&1 && udpkg --print-architecture >/dev/null 2>&1; then
|
150
|
-
arch=`/usr/bin/udpkg --print-architecture`
|
151
|
-
else
|
152
|
-
arch=$(uname -m)
|
153
|
-
if [ "$arch" = "i686" ]; then
|
154
|
-
arch="i386"
|
155
|
-
elif [ "$arch" = "x86_64" ]; then
|
156
|
-
arch="amd64"
|
157
|
-
elif [ "$arch" = "armv7l" ]; then
|
158
|
-
arch="armel"
|
159
|
-
fi
|
160
|
-
fi
|
161
|
-
|
162
|
-
if [ "$(id -u)" != "0" ]; then
|
163
|
-
echo "This script should be run as 'root'"
|
164
|
-
exit 1
|
165
|
-
fi
|
166
|
-
|
167
|
-
declare cache=`readlink -f .` \
|
168
|
-
arch=$1 \
|
169
|
-
release=$2 \
|
170
|
-
auth_key=$3
|
171
|
-
|
172
|
-
# detect rootfs
|
173
|
-
cache=`readlink -f .`
|
174
|
-
rootfs="${cache}/rootfs"
|
175
|
-
|
176
|
-
configure_debian $rootfs $release
|
177
|
-
if [ $? -ne 0 ]; then
|
178
|
-
echo "failed to configure debian $release for a container"
|
179
|
-
exit 1
|
180
|
-
fi
|
181
|
-
|
182
|
-
add_ssh_key vagrant
|
183
|
-
|
184
|
-
# vagrant and / or plugins might mount some shared folders under /tmp by default
|
185
|
-
# (like puppet manifests) and we need to make sure no shared folder gets its
|
186
|
-
# contents removed because of it. For more information, please check:
|
187
|
-
# https://github.com/fgrehm/vagrant-lxc/issues/68
|
188
|
-
disable_tmp_cleanup $rootfs
|
189
|
-
|
190
|
-
echo ""
|
191
|
-
echo "##"
|
192
|
-
echo "# The default user is 'vagrant' with password 'vagrant'!"
|
193
|
-
echo "# Use the 'sudo' command to run tasks as root in the container."
|
194
|
-
echo "##"
|
195
|
-
echo ""
|
data/boxes/debian/lxc-template
DELETED
@@ -1,367 +0,0 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
# This is a modified version of /usr/share/lxc/templates/lxc-debian
|
4
|
-
# that comes with Ubuntu 13.04 changed to suit vagrant-lxc needs
|
5
|
-
|
6
|
-
set -e
|
7
|
-
|
8
|
-
if [ -r /etc/default/lxc ]; then
|
9
|
-
. /etc/default/lxc
|
10
|
-
fi
|
11
|
-
|
12
|
-
SUITE=${SUITE:-wheezy}
|
13
|
-
MIRROR=${MIRROR:-http://ftp.debian.org/debian}
|
14
|
-
|
15
|
-
configure_debian()
|
16
|
-
{
|
17
|
-
rootfs=$1
|
18
|
-
hostname=$2
|
19
|
-
release=$2
|
20
|
-
|
21
|
-
# squeeze only has /dev/tty and /dev/tty0 by default,
|
22
|
-
# therefore creating missing device nodes for tty1-4.
|
23
|
-
for tty in $(seq 1 4); do
|
24
|
-
if [ ! -e $rootfs/dev/tty$tty ]; then
|
25
|
-
mknod $rootfs/dev/tty$tty c 4 $tty
|
26
|
-
fi
|
27
|
-
done
|
28
|
-
|
29
|
-
# configure the inittab
|
30
|
-
cat <<EOF > $rootfs/etc/inittab
|
31
|
-
id:3:initdefault:
|
32
|
-
si::sysinit:/etc/init.d/rcS
|
33
|
-
l0:0:wait:/etc/init.d/rc 0
|
34
|
-
l1:1:wait:/etc/init.d/rc 1
|
35
|
-
l2:2:wait:/etc/init.d/rc 2
|
36
|
-
l3:3:wait:/etc/init.d/rc 3
|
37
|
-
l4:4:wait:/etc/init.d/rc 4
|
38
|
-
l5:5:wait:/etc/init.d/rc 5
|
39
|
-
l6:6:wait:/etc/init.d/rc 6
|
40
|
-
# Normally not reached, but fallthrough in case of emergency.
|
41
|
-
z6:6:respawn:/sbin/sulogin
|
42
|
-
1:2345:respawn:/sbin/getty 38400 console
|
43
|
-
#c1:12345:respawn:/sbin/getty 38400 tty1 linux
|
44
|
-
c2:12345:respawn:/sbin/getty 38400 tty2 linux
|
45
|
-
c3:12345:respawn:/sbin/getty 38400 tty3 linux
|
46
|
-
c4:12345:respawn:/sbin/getty 38400 tty4 linux
|
47
|
-
p6::ctrlaltdel:/sbin/init 6
|
48
|
-
p0::powerfail:/sbin/init 0
|
49
|
-
EOF
|
50
|
-
|
51
|
-
# disable selinux in debian
|
52
|
-
mkdir -p $rootfs/selinux
|
53
|
-
echo 0 > $rootfs/selinux/enforce
|
54
|
-
|
55
|
-
# configure the network using the dhcp
|
56
|
-
cat <<EOF > $rootfs/etc/network/interfaces
|
57
|
-
auto lo
|
58
|
-
iface lo inet loopback
|
59
|
-
|
60
|
-
auto eth0
|
61
|
-
iface eth0 inet dhcp
|
62
|
-
EOF
|
63
|
-
|
64
|
-
# set the hostname
|
65
|
-
cat <<EOF > $rootfs/etc/hostname
|
66
|
-
$hostname
|
67
|
-
EOF
|
68
|
-
# set minimal hosts
|
69
|
-
cat <<EOF > $rootfs/etc/hosts
|
70
|
-
127.0.0.1 localhost
|
71
|
-
127.0.1.1 $hostname
|
72
|
-
|
73
|
-
# The following lines are desirable for IPv6 capable hosts
|
74
|
-
::1 ip6-localhost ip6-loopback
|
75
|
-
fe00::0 ip6-localnet
|
76
|
-
ff00::0 ip6-mcastprefix
|
77
|
-
ff02::1 ip6-allnodes
|
78
|
-
ff02::2 ip6-allrouters
|
79
|
-
ff02::3 ip6-allhosts
|
80
|
-
EOF
|
81
|
-
|
82
|
-
# set default locale
|
83
|
-
cat <<EOF > $rootfs/etc/locale.gen
|
84
|
-
en_US.UTF-8 UTF-8
|
85
|
-
EOF
|
86
|
-
echo "default locale set to en_US.UTF-8 UTF-8"
|
87
|
-
chroot $rootfs locale-gen 'en_US.UTF-8' > /dev/null 2>&1
|
88
|
-
chroot $rootfs update-locale LANG='en_US.UTF-8'
|
89
|
-
echo 'update-locale done'
|
90
|
-
|
91
|
-
# remove pointless services in a container
|
92
|
-
chroot $rootfs /usr/sbin/update-rc.d -f checkroot.sh remove
|
93
|
-
chroot $rootfs /usr/sbin/update-rc.d -f umountfs remove
|
94
|
-
chroot $rootfs /usr/sbin/update-rc.d -f hwclock.sh remove
|
95
|
-
chroot $rootfs /usr/sbin/update-rc.d -f hwclockfirst.sh remove
|
96
|
-
|
97
|
-
echo "root:vagrant" | chroot $rootfs chpasswd
|
98
|
-
|
99
|
-
if ! (grep -q vagrant $rootfs/etc/passwd); then
|
100
|
-
chroot $rootfs useradd --create-home -s /bin/bash vagrant
|
101
|
-
echo "vagrant:vagrant" | chroot $rootfs chpasswd
|
102
|
-
chroot $rootfs adduser vagrant sudo >/dev/null 2>&1 || true
|
103
|
-
chroot $rootfs cp /etc/sudoers /etc/sudoers.orig >/dev/null 2>&1 || true
|
104
|
-
chroot $rootfs sed -i -e \
|
105
|
-
's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL/g' \
|
106
|
-
/etc/sudoers >/dev/null 2>&1 || true
|
107
|
-
fi
|
108
|
-
|
109
|
-
return 0
|
110
|
-
}
|
111
|
-
|
112
|
-
cleanup()
|
113
|
-
{
|
114
|
-
rm -rf ${cache}/partial
|
115
|
-
rm -rf ${cache}/rootfs
|
116
|
-
}
|
117
|
-
|
118
|
-
extract_rootfs()
|
119
|
-
{
|
120
|
-
tarball=$1
|
121
|
-
arch=$2
|
122
|
-
rootfs=$3
|
123
|
-
|
124
|
-
echo "Extracting $tarball ..."
|
125
|
-
mkdir -p $(dirname $rootfs)
|
126
|
-
(cd `dirname $rootfs` && tar xfz $tarball)
|
127
|
-
return 0
|
128
|
-
}
|
129
|
-
|
130
|
-
install_debian()
|
131
|
-
{
|
132
|
-
rootfs=$1
|
133
|
-
release=$2
|
134
|
-
tarball=$3
|
135
|
-
mkdir -p /var/lock/subsys/
|
136
|
-
|
137
|
-
(
|
138
|
-
flock -x 200
|
139
|
-
if [ $? -ne 0 ]; then
|
140
|
-
echo "Cache repository is busy."
|
141
|
-
return 1
|
142
|
-
fi
|
143
|
-
|
144
|
-
extract_rootfs $tarball $arch $rootfs
|
145
|
-
if [ $? -ne 0 ]; then
|
146
|
-
echo "Failed to copy rootfs"
|
147
|
-
return 1
|
148
|
-
fi
|
149
|
-
|
150
|
-
return 0
|
151
|
-
|
152
|
-
) 200>/var/lock/subsys/lxc
|
153
|
-
|
154
|
-
return $?
|
155
|
-
}
|
156
|
-
|
157
|
-
copy_configuration()
|
158
|
-
{
|
159
|
-
path=$1
|
160
|
-
rootfs=$2
|
161
|
-
name=$3
|
162
|
-
|
163
|
-
# if there is exactly one veth network entry, make sure it has an
|
164
|
-
# associated hwaddr.
|
165
|
-
nics=`grep -e '^lxc\.network\.type[ \t]*=[ \t]*veth' $path/config | wc -l`
|
166
|
-
if [ $nics -eq 1 ]; then
|
167
|
-
grep -q "^lxc.network.hwaddr" $path/config || cat <<EOF >> $path/config
|
168
|
-
lxc.network.hwaddr = 00:16:3e:$(openssl rand -hex 3| sed 's/\(..\)/\1:/g; s/.$//')
|
169
|
-
EOF
|
170
|
-
fi
|
171
|
-
|
172
|
-
grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config
|
173
|
-
cat <<EOF >> $path/config
|
174
|
-
lxc.tty = 4
|
175
|
-
lxc.pts = 1024
|
176
|
-
lxc.utsname = ${name}
|
177
|
-
|
178
|
-
# When using LXC with apparmor, uncomment the next line to run unconfined:
|
179
|
-
#lxc.aa_profile = unconfined
|
180
|
-
|
181
|
-
lxc.cgroup.devices.deny = a
|
182
|
-
# Allow any mknod (but not using the node)
|
183
|
-
lxc.cgroup.devices.allow = c *:* m
|
184
|
-
lxc.cgroup.devices.allow = b *:* m
|
185
|
-
# /dev/null and zero
|
186
|
-
lxc.cgroup.devices.allow = c 1:3 rwm
|
187
|
-
lxc.cgroup.devices.allow = c 1:5 rwm
|
188
|
-
# consoles
|
189
|
-
lxc.cgroup.devices.allow = c 5:1 rwm
|
190
|
-
lxc.cgroup.devices.allow = c 5:0 rwm
|
191
|
-
lxc.cgroup.devices.allow = c 4:0 rwm
|
192
|
-
lxc.cgroup.devices.allow = c 4:1 rwm
|
193
|
-
# /dev/{,u}random
|
194
|
-
lxc.cgroup.devices.allow = c 1:9 rwm
|
195
|
-
lxc.cgroup.devices.allow = c 1:8 rwm
|
196
|
-
lxc.cgroup.devices.allow = c 136:* rwm
|
197
|
-
lxc.cgroup.devices.allow = c 5:2 rwm
|
198
|
-
# rtc
|
199
|
-
lxc.cgroup.devices.allow = c 254:0 rwm
|
200
|
-
#fuse
|
201
|
-
lxc.cgroup.devices.allow = c 10:229 rwm
|
202
|
-
#tun
|
203
|
-
lxc.cgroup.devices.allow = c 10:200 rwm
|
204
|
-
#full
|
205
|
-
lxc.cgroup.devices.allow = c 1:7 rwm
|
206
|
-
#hpet
|
207
|
-
lxc.cgroup.devices.allow = c 10:228 rwm
|
208
|
-
#kvm
|
209
|
-
lxc.cgroup.devices.allow = c 10:232 rwm
|
210
|
-
|
211
|
-
# mounts point
|
212
|
-
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
|
213
|
-
lxc.mount.entry = sysfs sys sysfs defaults 0 0
|
214
|
-
EOF
|
215
|
-
|
216
|
-
if [ $? -ne 0 ]; then
|
217
|
-
echo 'failed to add configuration'
|
218
|
-
return 1
|
219
|
-
fi
|
220
|
-
|
221
|
-
}
|
222
|
-
|
223
|
-
|
224
|
-
add_ssh_key()
|
225
|
-
{
|
226
|
-
user=$1
|
227
|
-
|
228
|
-
if [ -n "$auth_key" -a -f "$auth_key" ]; then
|
229
|
-
u_path="/home/${user}/.ssh"
|
230
|
-
root_u_path="$rootfs/$u_path"
|
231
|
-
|
232
|
-
mkdir -p $root_u_path
|
233
|
-
cp $auth_key "$root_u_path/authorized_keys"
|
234
|
-
chroot $rootfs chown -R ${user}: "$u_path"
|
235
|
-
|
236
|
-
echo "Inserted SSH public key from $auth_key into /home/${user}/.ssh/authorized_keys"
|
237
|
-
fi
|
238
|
-
}
|
239
|
-
|
240
|
-
disable_tmp_cleanup() {
|
241
|
-
rootfs=$1
|
242
|
-
chroot $rootfs /usr/sbin/update-rc.d -f checkroot-bootclean.sh remove
|
243
|
-
chroot $rootfs /usr/sbin/update-rc.d -f mountall-bootclean.sh remove
|
244
|
-
chroot $rootfs /usr/sbin/update-rc.d -f mountnfs-bootclean.sh remove
|
245
|
-
}
|
246
|
-
|
247
|
-
usage()
|
248
|
-
{
|
249
|
-
cat <<EOF
|
250
|
-
$1 -h|--help [-a|--arch] [-d|--debug]
|
251
|
-
[-F | --flush-cache] [-r|--release <release>] [ -S | --auth-key <keyfile>]
|
252
|
-
release: the debian release (e.g. wheezy): defaults to host release on debian, otherwise uses latest stable
|
253
|
-
arch: the container architecture (e.g. amd64): defaults to host arch
|
254
|
-
auth-key: SSH Public key file to inject into container
|
255
|
-
EOF
|
256
|
-
return 0
|
257
|
-
}
|
258
|
-
|
259
|
-
options=$(getopt -o a:b:hp:r:xn:Fd:C -l arch:,help,path:,release:,name:,flush-cache,auth-key:,debug:,tarball: -- "$@")
|
260
|
-
if [ $? -ne 0 ]; then
|
261
|
-
usage $(basename $0)
|
262
|
-
exit 1
|
263
|
-
fi
|
264
|
-
eval set -- "$options"
|
265
|
-
|
266
|
-
release=wheezy # Default to the last Debian stable release
|
267
|
-
|
268
|
-
arch=$(uname -m)
|
269
|
-
|
270
|
-
# Code taken from debootstrap
|
271
|
-
if [ -x /usr/bin/dpkg ] && /usr/bin/dpkg --print-architecture >/dev/null 2>&1; then
|
272
|
-
arch=`/usr/bin/dpkg --print-architecture`
|
273
|
-
elif type udpkg >/dev/null 2>&1 && udpkg --print-architecture >/dev/null 2>&1; then
|
274
|
-
arch=`/usr/bin/udpkg --print-architecture`
|
275
|
-
else
|
276
|
-
arch=$(uname -m)
|
277
|
-
if [ "$arch" = "i686" ]; then
|
278
|
-
arch="i386"
|
279
|
-
elif [ "$arch" = "x86_64" ]; then
|
280
|
-
arch="amd64"
|
281
|
-
elif [ "$arch" = "armv7l" ]; then
|
282
|
-
arch="armel"
|
283
|
-
fi
|
284
|
-
fi
|
285
|
-
|
286
|
-
debug=0
|
287
|
-
hostarch=$arch
|
288
|
-
while true
|
289
|
-
do
|
290
|
-
case "$1" in
|
291
|
-
-h|--help) usage $0 && exit 0;;
|
292
|
-
-p|--path) path=$2; shift 2;;
|
293
|
-
-n|--name) name=$2; shift 2;;
|
294
|
-
-T|--tarball) tarball=$2; shift 2;;
|
295
|
-
-r|--release) release=$2; shift 2;;
|
296
|
-
-S|--auth-key) auth_key=$2; shift 2;;
|
297
|
-
-a|--arch) arch=$2; shift 2;;
|
298
|
-
-d|--debug) debug=1; shift 1;;
|
299
|
-
--) shift 1; break ;;
|
300
|
-
*) break ;;
|
301
|
-
esac
|
302
|
-
done
|
303
|
-
|
304
|
-
if [ $debug -eq 1 ]; then
|
305
|
-
set -x
|
306
|
-
fi
|
307
|
-
|
308
|
-
|
309
|
-
if [ "$arch" == "i686" ]; then
|
310
|
-
arch=i386
|
311
|
-
fi
|
312
|
-
|
313
|
-
if [ $hostarch = "i386" -a $arch = "amd64" ]; then
|
314
|
-
echo "can't create amd64 container on i386"
|
315
|
-
exit 1
|
316
|
-
fi
|
317
|
-
|
318
|
-
if [ -z "$path" ]; then
|
319
|
-
echo "'path' parameter is required"
|
320
|
-
exit 1
|
321
|
-
fi
|
322
|
-
|
323
|
-
if [ "$(id -u)" != "0" ]; then
|
324
|
-
echo "This script should be run as 'root'"
|
325
|
-
exit 1
|
326
|
-
fi
|
327
|
-
|
328
|
-
# detect rootfs
|
329
|
-
config="$path/config"
|
330
|
-
if grep -q '^lxc.rootfs' $config 2>/dev/null ; then
|
331
|
-
rootfs=`grep 'lxc.rootfs =' $config | awk -F= '{ print $2 }'`
|
332
|
-
else
|
333
|
-
rootfs=$path/rootfs
|
334
|
-
fi
|
335
|
-
|
336
|
-
install_debian $rootfs $release $tarball
|
337
|
-
if [ $? -ne 0 ]; then
|
338
|
-
echo "failed to install debian $release"
|
339
|
-
exit 1
|
340
|
-
fi
|
341
|
-
|
342
|
-
configure_debian $rootfs $release
|
343
|
-
if [ $? -ne 0 ]; then
|
344
|
-
echo "failed to configure debian $release for a container"
|
345
|
-
exit 1
|
346
|
-
fi
|
347
|
-
|
348
|
-
copy_configuration $path $rootfs $name
|
349
|
-
if [ $? -ne 0 ]; then
|
350
|
-
echo "failed write configuration file"
|
351
|
-
exit 1
|
352
|
-
fi
|
353
|
-
|
354
|
-
add_ssh_key vagrant
|
355
|
-
|
356
|
-
# vagrant and / or plugins might mount some shared folders under /tmp by default
|
357
|
-
# (like puppet manifests) and we need to make sure no shared folder gets its
|
358
|
-
# contents removed because of it. For more information, please check:
|
359
|
-
# https://github.com/fgrehm/vagrant-lxc/issues/68
|
360
|
-
disable_tmp_cleanup $rootfs
|
361
|
-
|
362
|
-
echo ""
|
363
|
-
echo "##"
|
364
|
-
echo "# The default user is 'vagrant' with password 'vagrant'!"
|
365
|
-
echo "# Use the 'sudo' command to run tasks as root in the container."
|
366
|
-
echo "##"
|
367
|
-
echo ""
|