lxc/templates/lxc-alpine.in

	lxc-alpine.in revision 2a9a0a08077d88ee1d70ca46ca122216f3d1c89a
816bf6f8088b162b681101d93fd450127a0e586fJulian Kornberger#!/bin/sh
a847d9812b328c048773e705606b10875a929034Eugen Kuksa
5e2a6a8992b4e9e77be3a94fc87af4dc14b0c8c4henning muellerinstall_alpine() {
a4344d37747b6733bbd0d8df738b614cb385316cTim Reddehase    rootfs="$1"
d1f0cb74e8bc61e9185488a431b86816cb1cc7edSascha Graef    mkdir -p "$rootfs"/etc/apk || return 1
c273fbbb7863507673f695bc85709c0cb715011fTim Reddehase    cp -r ${keys_dir:-/etc/apk/keys} "$rootfs"/etc/apk/
c273fbbb7863507673f695bc85709c0cb715011fTim Reddehase    if [ -n "$repository" ]; then
5ec1c6ff5da427d945d7fb708567ce3526c4c741Tim Reddehase        echo "$repository" > "$rootfs"/etc/apk/repositories
5ec1c6ff5da427d945d7fb708567ce3526c4c741Tim Reddehase    else
98ba1c38b1cce99ecc61117259f2ae05ffe98469Tim Reddehase        cp /etc/apk/repositories "$rootfs"/etc/apk/repositories || return 1
5ec1c6ff5da427d945d7fb708567ce3526c4c741Tim Reddehase    fi
81a6387a4ab56a24194ecbabd6609c6bcca568b7Tim Reddehase    ${APK:-apk} add -U --initdb --root $rootfs alpine-base
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehase}
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehase
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehaseconfigure_alpine() {
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehase    rootfs="$1"
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehase    echo "Setting up /etc/inittab"
6f84d8dbc4edca35b7e69c8296a257ea17e3b74fTim Reddehase    cat >"$rootfs"/etc/inittab<<EOF
6f84d8dbc4edca35b7e69c8296a257ea17e3b74fTim Reddehase::sysinit:/sbin/rc sysinit
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehase::wait:/sbin/rc default
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehasetty1:12345:respawn:/sbin/getty 38400 tty1
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehase::ctrlaltdel:/sbin/reboot
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehase::shutdown:/sbin/rc shutdown
10be32b36246121321399ec3ab26d4d723d550e3Tim ReddehaseEOF
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehase    # set up nameserver
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehase    grep nameserver /etc/resolv.conf > "$rootfs/etc/resolv.conf"
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehase
10be32b36246121321399ec3ab26d4d723d550e3Tim Reddehase    # configure the network using the dhcp
81a6387a4ab56a24194ecbabd6609c6bcca568b7Tim Reddehase    # note that lxc will set up lo interface
81a6387a4ab56a24194ecbabd6609c6bcca568b7Tim Reddehase    cat <<EOF > $rootfs/etc/network/interfaces
81a6387a4ab56a24194ecbabd6609c6bcca568b7Tim Reddehase#auto lo
81a6387a4ab56a24194ecbabd6609c6bcca568b7Tim Reddehaseiface lo inet loopback
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehaseauto eth0
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehaseiface eth0 inet dhcp
23f0ab4a423943eb59109df37074ef0c330d07c0Tim ReddehaseEOF
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    # set the hostname
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    echo $hostname > $rootfs/etc/hostname
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    # missing device nodes
81a6387a4ab56a24194ecbabd6609c6bcca568b7Tim Reddehase    echo "Setting up device nodes"
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase    mkdir -p -m 755 "$rootfs/dev/pts"
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase    mkdir -p -m 1777 "$rootfs/dev/shm"
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase    mknod -m 666 "$rootfs/dev/full" c 1 7
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase    mknod -m 666 "$rootfs/dev/random" c 1 8
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase    mknod -m 666 "$rootfs/dev/urandom" c 1 9
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    mknod -m 666 "$rootfs/dev/tty0" c 4 0
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    mknod -m 666 "$rootfs/dev/tty1" c 4 1
db8aaeeeb3b24f487a5d02c60d18e96e55f6ba85Tim Reddehase    mknod -m 666 "$rootfs/dev/tty2" c 4 2
db8aaeeeb3b24f487a5d02c60d18e96e55f6ba85Tim Reddehase    mknod -m 666 "$rootfs/dev/tty3" c 4 3
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    mknod -m 666 "$rootfs/dev/tty4" c 4 4
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase#    mknod -m 600 "$rootfs/dev/initctl" p
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    mknod -m 666 "$rootfs/dev/tty" c 5 0
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    mknod -m 666 "$rootfs/dev/console" c 5 1
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    mknod -m 666 "$rootfs/dev/ptmx" c 5 2
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    # start services
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase    ln -s /etc/init.d/syslog "$rootfs"/etc/runlevels/default/syslog
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase
db8aaeeeb3b24f487a5d02c60d18e96e55f6ba85Tim Reddehase    return 0
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase}
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehasecopy_configuration() {
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    path=$1
db8aaeeeb3b24f487a5d02c60d18e96e55f6ba85Tim Reddehase    rootfs=$2
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    hostname=$3
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    grep -q "^lxc.rootfs" $path/config 2>/dev/null \
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase        || echo "lxc.rootfs = $rootfs" >> $path/config
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase    cat <<EOF >> $path/config
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehaselxc.tty = 4
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehaselxc.pts = 1024
4949048bda09e116ee3627383e831455954cbe41Tim Reddehaselxc.utsname = $hostname
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase
db8aaeeeb3b24f487a5d02c60d18e96e55f6ba85Tim Reddehase# When using LXC with apparmor, uncomment the next line to run unconfined:
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase#lxc.aa_profile = unconfined
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase# network interface
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehaselxc.network.name = eth0
db8aaeeeb3b24f487a5d02c60d18e96e55f6ba85Tim Reddehaselxc.network.type = veth
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehaselxc.network.flags = up
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase# enable for bridging
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase#lxc.network.link = br0
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase#lxc.network.ipv4 = n.n.n.n
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase#lxc.network.ipv4.gateway = auto
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase# devices
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehaselxc.cgroup.devices.deny = a
4949048bda09e116ee3627383e831455954cbe41Tim Reddehase# /dev/null and zero
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksalxc.cgroup.devices.allow = c 1:3 rwm
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksalxc.cgroup.devices.allow = c 1:5 rwm
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksa# consoles
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksalxc.cgroup.devices.allow = c 5:1 rwm
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksalxc.cgroup.devices.allow = c 5:0 rwm
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksalxc.cgroup.devices.allow = c 4:0 rwm
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksalxc.cgroup.devices.allow = c 4:1 rwm
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksa# /dev/{,u}random
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksalxc.cgroup.devices.allow = c 1:9 rwm
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksalxc.cgroup.devices.allow = c 1:8 rwm
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksalxc.cgroup.devices.allow = c 136:* rwm
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksalxc.cgroup.devices.allow = c 5:2 rwm
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksa# rtc
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksalxc.cgroup.devices.allow = c 254:0 rwm
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksa
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksa# mounts point
273b30f33fe1a753893887c8eb94f8078cc96928Eugen Kuksalxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksalxc.mount.entry=run run tmpfs nodev,noexec,nosuid,relatime,size=1m,mode=0755 0 0
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksalxc.mount.entry=none dev/pts devpts gid=5,mode=620 0 0
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksa
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen KuksaEOF
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksa
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksa    return 0
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksa}
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksa
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksadie() {
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksa    echo "$@" >&2
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksa    exit 1
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksa}
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksa
9ade3006d75c25cfa77d51526e4a6cdd2370be5cEugen Kuksausage() {
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa    echo "Usage: $(basename $0) [-h|--help] -p|--path <path> -n|--name <name>" >&2
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa}
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksausage_err() {
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa    usage
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa    exit 1
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa}
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksaoptarg_check() {
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa    if [ -z "$2" ]; then
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa        usage_err "option '$1' requires an argument"
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa    fi
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa}
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksadefault_path=@LXCPATH@
81a6387a4ab56a24194ecbabd6609c6bcca568b7Tim Reddehase
7c0f71e3e6e26af2cc91112fdbe3905879bfd893Tim Reddehasewhile [ $# -gt 0 ]; do
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        opt="$1"
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        shift
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        case "$opt" in
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        -h|--help)
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        usage
7c0f71e3e6e26af2cc91112fdbe3905879bfd893Tim Reddehase        exit 0
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksa        ;;
1f3a52128a4c9a5830936e25b071ce6a81fec1beEugen Kuksa        -n|--name)
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        optarg_check $opt "$1"
b7fe8f3179594e2ebccf6ee9f562e9c2e17aab96Eugen Kuksa        name=$1
7c0f71e3e6e26af2cc91112fdbe3905879bfd893Tim Reddehase        shift
7c0f71e3e6e26af2cc91112fdbe3905879bfd893Tim Reddehase        ;;
7c0f71e3e6e26af2cc91112fdbe3905879bfd893Tim Reddehase        -p|--path)
d11de492e18415f91e383e1567beb4e1385d5938Tim Reddehase        optarg_check $opt "$1"
7c0f71e3e6e26af2cc91112fdbe3905879bfd893Tim Reddehase        path=$1
7c0f71e3e6e26af2cc91112fdbe3905879bfd893Tim Reddehase        shift
7c0f71e3e6e26af2cc91112fdbe3905879bfd893Tim Reddehase        ;;
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase            --)
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase        break;;
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase        --*=*)
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase            # split --myopt=foo=bar into --myopt foo=bar
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase            set -- ${opt%=*} ${opt#*=} "$@"
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase        ;;
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase        -?)
23f0ab4a423943eb59109df37074ef0c330d07c0Tim Reddehase        usage_err "unknown option '$opt'"
7c0f71e3e6e26af2cc91112fdbe3905879bfd893Tim Reddehase        ;;
cc3ee169b3cbf177eaf03e9a590ff9e30c338bd2Tim Reddehase        -*)
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        # split opts -abc into -a -b -c
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        set -- $(echo "${opt#-}" | sed 's/\(.\)/ -\1/g') "$@"
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        ;;
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase            *)
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        usage
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        exit 1
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        ;;
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase        esac
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehasedone
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase[ -z "$name" ] && usage_err
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehaseif [ -z "${path}" ]; then
503ccb65bd740225668eb51be966d60fb4ae29e1Tim Reddehase    path="${default_path}/${name}"
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksafi
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksa
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksarootfs=`awk -F= '$1 ~ /^lxc.rootfs/ { print $2 }' "$path/config" 2>/dev/null`
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksaif [ -z "$rootfs" ]; then
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksa    rootfs="${path}/rootfs"
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksafi
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksa
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksainstall_alpine "$rootfs" || die "Failed to install rootfs for $name"
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksaconfigure_alpine "$rootfs" "$name" || die "Failed to configure $name"
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksacopy_configuration "$path" "$rootfs" "$name"
575f7ed30e509f1a650d73927f607e7b5b11a6dbEugen Kuksa