Compare commits
98 Commits
before-swi
...
master
Author | SHA1 | Date |
---|---|---|
Les De Ridder | acd19b3df7 | |
Les De Ridder | a65f137eb6 | |
Les De Ridder | 8c30f40e0b | |
Les De Ridder | 7bca128200 | |
Les De Ridder | 50a96f0a1c | |
Les De Ridder | c354ddb1af | |
Les De Ridder | 2a88f2bc4a | |
Les De Ridder | 87cbffb98f | |
Les De Ridder | 2b0ffcf98c | |
Les De Ridder | 8402b06c2f | |
Les De Ridder | 854a0e29bb | |
Les De Ridder | 2d09abb977 | |
Les De Ridder | 1c8648b890 | |
Les De Ridder | f78465d118 | |
Les De Ridder | 721c7f0d56 | |
Manfred Touron | b9b3aa2f57 | |
Manfred Touron | cb108cf4ed | |
Mikkel Oscar Lyderik | 122793eeba | |
Manfred Touron | e8dd2b6cc7 | |
Manfred Touron | 5d41da94c0 | |
Manfred Touron | 6e7d7e138c | |
Manfred Touron | a16def9eac | |
Manfred Touron | 1544da8a63 | |
Manfred Touron | d52bbeb534 | |
Manfred Touron | 70aa5855f9 | |
Manfred Touron | 226376e15e | |
Sebastien Rannou | 3e23c375a3 | |
Sebastien Rannou | 70552c5dbd | |
Sebastien Rannou | 1ffa6757fd | |
Sebastien Rannou | 10d364c568 | |
Sebastien Rannou | 904e177799 | |
Sebastien Rannou | 6e64443f27 | |
Manfred Touron | edd132d2a3 | |
Manfred Touron | dadfad4dd0 | |
Manfred Touron | fe57be2d86 | |
Manfred Touron | a12c6136c4 | |
Manfred Touron | 49609bce15 | |
Manfred Touron | 9ae32d1579 | |
Manfred Touron | d36a1b0ed8 | |
Lukas Schauer | 83aa4c93af | |
Manfred Touron | 598506016d | |
Manfred Touron | 15282c2e6d | |
Manfred Touron | 17cb401832 | |
Manfred Touron | 8fe9a1b3d0 | |
Manfred Touron | c889456ef8 | |
Manfred Touron | 3d6172bb91 | |
Manfred Touron | 71d1ba427f | |
Sebastien Rannou | 9f4613804f | |
Manfred Touron | 0b5ef27c4e | |
Manfred Touron | 1e1e0988c6 | |
Manfred Touron | b62f0599e4 | |
Sebastien Rannou | 1011c3daf5 | |
Sebastien Rannou | 121a239439 | |
Manfred Touron | f94c1eec25 | |
Manfred Touron | 5dfb1c118b | |
Sebastien Rannou | 6328f98aad | |
Sebastien Rannou | f759c205ce | |
Manfred Touron | 7aa288b7df | |
Manfred Touron | c8c2055ffa | |
Manfred Touron | 21db560f3c | |
Manfred Touron | 671e2b6126 | |
Manfred Touron | c210053c8d | |
Manfred Touron | 9c4dce36ca | |
Manfred Touron | e820f8f441 | |
Manfred Touron | 5dd8f50d05 | |
Manfred Touron | c2e638b605 | |
Manfred Touron | 4f4d2e3c51 | |
Manfred Touron | 22588c52d9 | |
Manfred Touron | 4c2e0d963c | |
Manfred Touron | 13aaf46f7d | |
Manfred Touron | 5c43757900 | |
Sebastien Rannou | 1756e6c545 | |
Manfred Touron | e8c228e255 | |
Sebastien Rannou | 946b35c26c | |
Sébastien Rannou | 35bc5bab72 | |
Sebastien Rannou | 5ead98b92f | |
Sebastien Rannou | 8439ad3c13 | |
Sebastien Rannou | 0f6d8ebc25 | |
Sebastien Rannou | d6e1e0c65f | |
Sebastien Rannou | 3f7eef085d | |
Sebastien Rannou | 6a04a73c4f | |
Sebastien Rannou | deb9a1aad1 | |
Manfred Touron | 21b5ddacfd | |
Manfred Touron | dadeaac518 | |
Manfred Touron | 0ce6fd7f3c | |
Manfred Touron | 7a6529bdab | |
Manfred Touron | 13f24bd302 | |
Manfred Touron | dda0d1c0c3 | |
Manfred Touron | f901ee051d | |
Manfred Touron | e5eee126cb | |
Sylvain Laurent | e238491064 | |
Gergely Imreh | 030208efa0 | |
Gergely Imreh | 3bab67e38d | |
Manfred Touron | 924b961dc3 | |
Manfred Touron | 4d1bd4b677 | |
Manfred Touron | e249217c48 | |
Manfred Touron | df23cfb601 | |
Manfred Touron | 29c0f3e7a6 |
|
@ -1,10 +1,12 @@
|
|||
rootfs-target/
|
||||
*~
|
||||
.*~
|
||||
*#
|
||||
.#*
|
||||
rootfs-*.tar.gz
|
||||
source.tar.gz
|
||||
source.tar.xz
|
||||
sd*.raw*
|
||||
rootfs-target.device/
|
||||
rootfs*
|
||||
*/*.tar
|
||||
*/*.built
|
||||
.docker-container.built
|
||||
docker-rules.mk
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
language: bash
|
||||
|
||||
script:
|
||||
- make travis
|
|
@ -0,0 +1,79 @@
|
|||
FROM derjudge/archlinux
|
||||
MAINTAINER lesderid <les@lesderid.net>
|
||||
|
||||
# Environment
|
||||
ENV SCW_BASE_IMAGE armbuild/scw-archlinux:2014-12-02
|
||||
|
||||
# Update the keyring
|
||||
RUN pacman -Sy --noconfirm archlinux-keyring
|
||||
|
||||
# Force openssl upgrade first (bad symbol issue)
|
||||
RUN pacman -Sy --noconfirm --force openssl
|
||||
|
||||
|
||||
# Install packages
|
||||
RUN pacman -Sy --noconfirm \
|
||||
bash-completion \
|
||||
bc \
|
||||
binutils \
|
||||
cronie \
|
||||
curl \
|
||||
dnsutils \
|
||||
fakeroot \
|
||||
htop \
|
||||
iptables \
|
||||
lsb-release \
|
||||
mg \
|
||||
nbd \
|
||||
ntp \
|
||||
openbsd-netcat \
|
||||
openssh \
|
||||
rsync \
|
||||
rsyslog \
|
||||
screen \
|
||||
socat \
|
||||
sudo \
|
||||
tmux \
|
||||
vim \
|
||||
wget
|
||||
|
||||
|
||||
# Locales
|
||||
RUN sed 's/^\([^#]\)/#\1/' -i /etc/locale.gen \
|
||||
&& sed 's/^#en_US.UTF-8/en_US.UTF-8/;s/^#en_GB.UTF-8/en_GB.UTF-8/' -i /etc/locale.gen \
|
||||
&& echo LANG=en_GB.UTF-8 > /etc/locale.conf \
|
||||
&& locale-gen
|
||||
|
||||
|
||||
# Patch rootfs
|
||||
RUN curl -Lkq http://j.mp/scw-skeleton | FLAVORS=common,docker-based,systemd bash -e
|
||||
ADD ./patches/etc/ /etc/
|
||||
ADD ./patches/usr/ /usr/
|
||||
|
||||
|
||||
# Systemd
|
||||
RUN systemctl enable \
|
||||
scw-fetch-ssh-keys \
|
||||
scw-sync-kernel-modules \
|
||||
scw-generate-ssh-keys \
|
||||
scw-gen-machine-id.service \
|
||||
ntpdate.service \
|
||||
sshd.service \
|
||||
serial-getty@ttyS0.service \
|
||||
&& systemctl mask \
|
||||
getty@tty1.service
|
||||
|
||||
|
||||
# packages upgrade
|
||||
RUN pacman --noconfirm -Suy
|
||||
|
||||
|
||||
# Remove root password
|
||||
RUN passwd -d root
|
||||
|
||||
|
||||
# Cleanup
|
||||
RUN pacman-db-upgrade \
|
||||
&& pacman -Sc --noconfirm \
|
||||
&& rm -rf /var/cache/pacman/pkg \
|
||||
&& pacman-db-upgrade
|
3
LICENSE
3
LICENSE
|
@ -1,6 +1,6 @@
|
|||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2014 Online Labs
|
||||
Copyright (c) 2014-2015 Scaleway
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
|
@ -19,4 +19,3 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
NAME = archlinux
|
||||
VERSION = latest
|
||||
VERSION_ALIASES = 2014-12-02
|
||||
TITLE = Arch Linux
|
||||
DESCRIPTION = A simple, lightweight distribution
|
||||
SOURCE_URL = https://github.com/lesderid/image-archlinux
|
||||
VENDOR_URL = https://www.archlinux.org/
|
||||
|
||||
IMAGE_VOLUME_SIZE = 50G
|
||||
IMAGE_BOOTSCRIPT = latest
|
||||
IMAGE_NAME = ArchLinux
|
||||
|
||||
|
||||
## Image tools (https://github.com/scaleway/image-tools)
|
||||
all: docker-rules.mk
|
||||
docker-rules.mk:
|
||||
wget -qO - https://j.mp/scw-builder | bash
|
||||
-include docker-rules.mk
|
|
@ -0,0 +1,44 @@
|
|||
# Arch Linux image on Scaleway
|
||||
|
||||
[![Build Status](https://travis-ci.org/lesderid/image-archlinux.svg?branch=master)](https://travis-ci.org/lesderid/image-archlinux)
|
||||
|
||||
Scripts to build an Arch Linux (x86_64) image on Scaleway
|
||||
|
||||
This image is built using [Image Tools](https://github.com/scaleway/image-tools) and is based on the official [Ubuntu](https://github.com/scaleway/image-ubuntu) image.
|
||||
|
||||
![](https://d11xdyzr0div58.cloudfront.net/static/logos/archlinux-logo-dark-scalable.518881f04ca9.svg)
|
||||
|
||||
---
|
||||
|
||||
**This image is meant to be used on a VC1 server.**
|
||||
|
||||
We use the Docker's building system and convert it at the end to a disk image that will boot on real servers without Docker. Note that the image is still runnable as a Docker container for debug or for inheritance.
|
||||
|
||||
[More info](https://github.com/scaleway/image-tools#docker-based-builder)
|
||||
|
||||
---
|
||||
|
||||
## Building
|
||||
|
||||
Build and add the image to [your account](https://cloud.scaleway.com/#/images):
|
||||
|
||||
$ make image_on_local
|
||||
|
||||
Full list of commands available at: [scaleway/image-tools](https://github.com/scaleway/image-tools/#commands)
|
||||
|
||||
## Testing
|
||||
|
||||
To test your image, run:
|
||||
|
||||
$ scw run --tmp-ssh-key --name="archlinux" <IMAGE_ID>
|
||||
|
||||
---
|
||||
|
||||
## Links
|
||||
|
||||
- [Community: Add Archlinux ARM image](https://community.cloud.online.net/t/need-feedback-add-arch-linux-arm-image/243?u=manfred)
|
||||
- [Community: New linux distributions (Debian, CoreOS, CentOS, Fedora, Arch Linux, ...)](https://community.cloud.online.net/t/official-new-linux-distributions-debian-coreos-centos-fedora-arch-linux/229?u=manfred)
|
||||
|
||||
---
|
||||
|
||||
A project by [![Scaleway](https://avatars1.githubusercontent.com/u/5185491?v=3&s=42)](https://www.scaleway.com/) and lesderid
|
|
@ -1,81 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
. ../lib.sh # Include library
|
||||
|
||||
# Image
|
||||
DISTRIB="archlinux"
|
||||
ARCH=${ARCH:-"armhf"}
|
||||
TARGET=${TARGET:-"rootfs-target"}
|
||||
CLEAN_PATHS="/root/.bash_history /root/.history /etc/resolv.conf /etc/ssh/*_key*"
|
||||
PKGS_INCLUDE=${PKGS_INCLUDE:-"cronie,curl,iptables,dhcpcd,less,man,nano,nbd,ntp,openssh,wget,vim"}
|
||||
# MIRROR=${MIRROR:-"http://mirror.cloud.online.net/ubuntu-ports/"}
|
||||
VERSION=${VERSION:-"latest"}
|
||||
LOCALES="en_US.UTF-8,fr_FR.UTF-8"
|
||||
S3_URL=s3://test-images/archlinux/
|
||||
|
||||
# Required
|
||||
NAME=${NAME:-"rootfs-$ARCH-$DISTRIB"}
|
||||
build_image() {
|
||||
# TODO Mirror
|
||||
sudo wget -O source.tar.gz \
|
||||
http://os.archlinuxarm.org/os/ArchLinuxARM-armv7-$VERSION.tar.gz
|
||||
sudo mkdir -p "$TARGET"
|
||||
sudo tar -C "$TARGET" -xzf source.tar.gz
|
||||
}
|
||||
|
||||
patch_image() {
|
||||
# prepare chroot
|
||||
sudo umount $TARGET/{sys,dev,proc} || true
|
||||
sudo mount -t proc proc $TARGET/proc
|
||||
sudo mount -t sysfs sys $TARGET/sys
|
||||
sudo mount -o bind /dev $TARGET/dev
|
||||
do_in_target 'sed s/root:[^:]\+:/root:x:/ -i /etc/shadow'
|
||||
sudo mkdir -p $TARGET/run/systemd/resolve
|
||||
sudo cp /etc/resolv.conf $TARGET/run/systemd/resolve/resolv.conf
|
||||
|
||||
patch_target common-patches
|
||||
patch_target archlinux-latest/patches
|
||||
|
||||
# TODO Get ssh keys from config
|
||||
sudo mkdir -p $TARGET/root/.ssh
|
||||
sudo cp -va /root/.ssh/authorized_keys $TARGET/root/.ssh
|
||||
|
||||
echo $LOCALES | sed 's/,/\n/' | while read loc; do
|
||||
do_in_target "sed -e s/^\#${loc}/${loc}/ -i /etc/locale.gen"
|
||||
done
|
||||
do_in_target locale-gen
|
||||
|
||||
pkgs_pacman=`echo $PKGS_INCLUDE | tr ',' ' '`
|
||||
do_in_target "pacman -Sy --noconfirm $pkgs_pacman"
|
||||
do_in_target "systemctl enable sshd.service"
|
||||
|
||||
# clean chroot
|
||||
sudo rm -f $TARGET/run/systemd/resolve/resolv.conf
|
||||
sudo umount $TARGET/{sys,dev,proc} || true
|
||||
}
|
||||
|
||||
upgrade_image() {
|
||||
sudo umount $TARGET/{sys,dev,proc} || true
|
||||
sudo mount -t proc proc $TARGET/proc
|
||||
sudo mount -t sysfs sys $TARGET/sys
|
||||
sudo mount -o bind /dev $TARGET/dev
|
||||
|
||||
sudo cp /etc/resolv.conf $TARGET/run/systemd/resolve/resolv.conf
|
||||
|
||||
do_in_target "pacman --noconfirm -Suy"
|
||||
|
||||
sudo rm -f $TARGET/run/systemd/resolve/resolv.conf
|
||||
|
||||
sudo umount $TARGET/{sys,dev,proc} || true
|
||||
}
|
||||
|
||||
clean_image() {
|
||||
# FIXME: clean package achives
|
||||
clean_target $CLEAN_PATHS
|
||||
# FIXME: reload package index
|
||||
}
|
||||
|
||||
|
||||
if [ "${1}" != "--source-only" ]; then
|
||||
cli $@
|
||||
fi
|
|
@ -1,22 +0,0 @@
|
|||
#!/bin/sh
|
||||
# description "executable which retrieves server metadata (TEXT)"
|
||||
# author "Online Labs Cloud Team <cloud-team@labs.online.net>"
|
||||
|
||||
CODE=0
|
||||
while [ $CODE -ne 200 ]
|
||||
do
|
||||
METADATA_URL=${METADATA_URL:-"http://169.254.42.42/conf"}
|
||||
RESPONSE=$(curl --silent --write-out "\n%{http_CODE}\n" $METADATA_URL)
|
||||
CODE=$(echo "$RESPONSE" | sed -n '$p')
|
||||
BODY=$(echo "$RESPONSE" | sed '$d')
|
||||
|
||||
test $CODE -eq 200 && break
|
||||
sleep 5
|
||||
done
|
||||
|
||||
if [ "$#" -ne 1 ]; then
|
||||
echo "$BODY"
|
||||
else
|
||||
key="$1"
|
||||
echo "$BODY" | grep "^$key=" | cut -d= -f2 | sed "s/^['\"]//;s/['\"]$//"
|
||||
fi
|
|
@ -1,15 +0,0 @@
|
|||
#!/bin/sh
|
||||
# description "executable which retrieves server metadata (JSON)"
|
||||
# author "Online Labs Cloud Team <cloud-team@labs.online.net>"
|
||||
|
||||
CODE=0
|
||||
while [ $CODE -ne 200 ]
|
||||
do
|
||||
RESPONSE=$(curl --silent --write-out "\n%{http_CODE}\n" http://169.254.42.42/conf?format=json)
|
||||
CODE=$(echo "$RESPONSE" | sed -n '$p')
|
||||
BODY=$(echo "$RESPONSE" | sed '$d')
|
||||
test $CODE -eq 200 && break
|
||||
sleep 5
|
||||
done
|
||||
|
||||
echo "$BODY"
|
|
@ -1,74 +0,0 @@
|
|||
#!/bin/sh
|
||||
# Thanks to the LTSP project
|
||||
# If the root /dev/nbd0 device is unmounted on shutdown then nbd read
|
||||
# errors occur, and if it isn't, then # the nbd-server process on the server
|
||||
# doesn't terminate.
|
||||
# Called by init scripts on reboot or shutdown.
|
||||
|
||||
case "$RUNLEVEL" in
|
||||
0)
|
||||
key="o"
|
||||
command="poweroff -f"
|
||||
;;
|
||||
6)
|
||||
key="b"
|
||||
command="reboot -d -f -i"
|
||||
;;
|
||||
*)
|
||||
echo "nbd-disconnect should only be called by initscripts on reboot/shutdown." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
disconnect() {
|
||||
# Stop trapping
|
||||
trap - 0 HUP INT QUIT KILL SEGV PIPE TERM
|
||||
|
||||
# ltsp-client-core.upstart needs "console output" to show stderr
|
||||
echo "nbd-disconnect executing: " >&2
|
||||
# Cache the command in order to use it after nbd-client disconnects
|
||||
$command --version >/dev/null 2>&1
|
||||
nbd-client -d "$root"
|
||||
$command
|
||||
|
||||
# Hopefully this should never be reached
|
||||
echo "$key" > /proc/sysrq-trigger
|
||||
}
|
||||
|
||||
# Disconnect swap nbd devices first
|
||||
while read device etc; do
|
||||
case "$device" in
|
||||
/dev/nbd[0-9])
|
||||
swapoff "$device"
|
||||
nbd-client -d "$device"
|
||||
;;
|
||||
/dev/mapper/swap[0-9])
|
||||
nbd_device=$(cryptsetup status "$device" | awk '/device:/{print $2}')
|
||||
swapoff "$device"
|
||||
cryptsetup remove "$device"
|
||||
case "$nbd_device" in
|
||||
/dev/nbd[1-9])
|
||||
nbd-client -d "$nbd_device"
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
esac
|
||||
done < /proc/swaps
|
||||
|
||||
# If we're not using an nbd root, exit
|
||||
unset root
|
||||
for param in $(cat /proc/cmdline); do
|
||||
case "$param" in
|
||||
root=/dev/nbd[0-9])
|
||||
root="${param#root=}"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
test -n "$root" || exit 0
|
||||
|
||||
trap "disconnect" 0 HUP INT QUIT KILL SEGV PIPE TERM
|
||||
sync
|
||||
# Give up to 5 seconds for other services to be called.
|
||||
# If they finish before that time, process termination will start, and the trap
|
||||
# will be called.
|
||||
sleep 5
|
|
@ -1,70 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
METADATA_CACHE=`mktemp -u`
|
||||
|
||||
get_metadata() {
|
||||
if [ ! -f $METADATA_CACHE ]; then
|
||||
/usr/local/bin/oc-metadata > $METADATA_CACHE
|
||||
fi
|
||||
}
|
||||
|
||||
get_value() {
|
||||
# Get value from metadata
|
||||
key="$1"
|
||||
grep "^$key=" "$METADATA_CACHE" | cut -d= -f2 | sed "s/^['\"]//;s/['\"]$//"
|
||||
}
|
||||
|
||||
get_nbd_client_conf() {
|
||||
keys=$(get_value VOLUMES)
|
||||
|
||||
cat <<EOF
|
||||
# If you don't want to reconfigure this package after installing, uncomment
|
||||
# the following line:
|
||||
#AUTO_GEN="n"
|
||||
# If you don't want the init script to kill nbd-client devices that aren't
|
||||
# specified in this configuration file, set the following to "false":
|
||||
KILLALL="false"
|
||||
# Note that any statical settings in this file will be preserved
|
||||
# regardless of the setting of AUTO_GEN, so its use is only recommended
|
||||
# if you set things in a dynamical way (e.g., through a database)
|
||||
EOF
|
||||
conf_id=0
|
||||
for key in $keys; do
|
||||
# Do not include the rootfs in nbd configuration file. It has been mounted
|
||||
# from the initramfs, we won't want it to be disconnected when
|
||||
# /etc/rc6.d/K34nbd-client is executed.
|
||||
test $key -eq 0 && continue
|
||||
|
||||
|
||||
# NBD_TYPE[x]=r => raw (no other setup than to run the client)
|
||||
cat <<EOF
|
||||
#
|
||||
NBD_TYPE[$conf_id]=r
|
||||
NBD_DEVICE[$conf_id]=/dev/nbd$key
|
||||
NBD_HOST[$conf_id]=$(get_value VOLUMES_${key}_EXPORT_URI | sed 's|nbd://\(.*\):.*|\1|')
|
||||
NBD_PORT[$conf_id]=$(get_value VOLUMES_${key}_EXPORT_URI | sed 's|nbd://.*:\(.*\)|\1|')
|
||||
EOF
|
||||
conf_id=$((conf_id + 1))
|
||||
|
||||
done
|
||||
}
|
||||
|
||||
nbd_clients_connection() {
|
||||
/etc/init.d/nbd-client start
|
||||
|
||||
keys=$(get_value VOLUMES)
|
||||
for key in $keys; do
|
||||
test $key -eq 0 && continue
|
||||
NBD_DEVICE=/dev/nbd$key
|
||||
until nbd-client -c $NBD_DEVICE
|
||||
do
|
||||
/etc/init.d/nbd-client start
|
||||
sleep 5
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
get_metadata
|
||||
get_nbd_client_conf > /etc/nbd-client
|
||||
nbd_clients_connection
|
||||
rm $METADATA_CACHE
|
|
@ -1,29 +0,0 @@
|
|||
#!/bin/sh
|
||||
# description "synchronizes kernel module"
|
||||
# author "Online Labs Cloud Team <cloud-team@labs.online.net>"
|
||||
|
||||
DIR=/lib/modules
|
||||
mkdir -p $DIR
|
||||
TMP_DIR=`mktemp -d -p $DIR`
|
||||
KVERSION=`uname -r`
|
||||
TIMEOUT=10
|
||||
|
||||
clean() {
|
||||
rm -rf "$TMP_DIR" 2>/dev/null
|
||||
}
|
||||
trap 'clean' INT TERM EXIT
|
||||
|
||||
if [ ! -d $DIR/${KVERSION} ]
|
||||
then
|
||||
wget --timeout=${TIMEOUT} --quiet --no-check-certificate -r --no-parent \
|
||||
--reject "index.html*" --reject "robots.txt" \
|
||||
--no-host-directories --cut-dirs 3 --directory-prefix \
|
||||
$TMP_DIR http://mirror.cloud.online.net/kernel/${KVERSION}/modules/${KVERSION}/
|
||||
|
||||
if [ $? -eq 0 ]
|
||||
then
|
||||
mkdir -p $DIR/${KVERSION}
|
||||
mv $TMP_DIR/${KVERSION} $DIR
|
||||
fi
|
||||
fi
|
||||
|
118
images/lib.sh
118
images/lib.sh
|
@ -1,118 +0,0 @@
|
|||
# Declares helpers for image building
|
||||
|
||||
set -e
|
||||
[ "$DEBUG" = "1" ] && set -x
|
||||
|
||||
|
||||
prepare_nbd_volume() {
|
||||
device=$1
|
||||
if ! `mountpoint -q "$TARGET"`; then
|
||||
sudo mkfs.ext4 "$device"
|
||||
sudo mkdir -p "$TARGET.device"
|
||||
sudo mount "$device" "$TARGET.device"
|
||||
rsync -aHAX "$TARGET/" "$TARGET.device"
|
||||
fi
|
||||
}
|
||||
|
||||
require_debootstrap() {
|
||||
type -P debootstrap >/dev/null && return
|
||||
sudo apt-get update
|
||||
sudo apt-get -y install debootstrap
|
||||
}
|
||||
|
||||
clean_workspace() {
|
||||
sudo rm -rf $TARGET/* $TARGET/.??*
|
||||
}
|
||||
|
||||
debootstrap() {
|
||||
if [ ! -d "$TARGET.debootstrap" ]; then
|
||||
sudo debootstrap \
|
||||
--arch="$ARCH" \
|
||||
--variant="$VARIANT" \
|
||||
--components="$COMPONENTS" \
|
||||
--include="$PKGS_INCLUDE" \
|
||||
"$VERSION" \
|
||||
"$TARGET.debootstrap" \
|
||||
"$MIRROR" \
|
||||
"$SCRIPT"
|
||||
fi
|
||||
rsync -aHAX "$TARGET.debootstrap/" "$TARGET/"
|
||||
}
|
||||
|
||||
upgrade_debs() {
|
||||
do_in_target "apt-get update"
|
||||
do_in_target "apt-get -y upgrade"
|
||||
}
|
||||
|
||||
secondstage() {
|
||||
# This step could be done directly by removing
|
||||
# do_in_target /debootstrap/debootstrap --second-stage
|
||||
echo "Not needed anymore (removed the --foreign option)"
|
||||
}
|
||||
|
||||
patch_target() {
|
||||
patches_dir=../$1
|
||||
for file in $(find "$patches_dir" -type f | sed -n "s|^$patches_dir/||p"); do
|
||||
sudo mkdir -p "$TARGET/$(dirname $file)"
|
||||
sudo cp "$patches_dir/$file" "$TARGET/$file"
|
||||
done
|
||||
}
|
||||
|
||||
clean_target() {
|
||||
clean_paths=$1
|
||||
for path in $clean_paths; do
|
||||
if [ -e "$TARGET/$path" ]; then
|
||||
sudo rm -rf "$TARGET/$path"
|
||||
fi
|
||||
done
|
||||
for file in $(find "$TARGET/var/log" -type f); do
|
||||
echo | sudo tee $file
|
||||
done
|
||||
find "$TARGET" \( -name "*~" -or -name ".??*~" -or -name "#*#" -or -name ".#*" \) -delete
|
||||
}
|
||||
|
||||
archive_target() {
|
||||
sudo tar -C "$TARGET" -czf "$NAME.tar.gz" .
|
||||
}
|
||||
|
||||
do_in_target() {
|
||||
sudo chroot "$TARGET" su - root -c "$@"
|
||||
}
|
||||
|
||||
push_to_s3() {
|
||||
edit_date=$(stat -c %Y "$TARGET")
|
||||
s3cmd put --acl-public "$NAME.tar.gz" "$S3_URL/$NAME-${edit_date}.tar.gz"
|
||||
s3cmd put --acl-public "$NAME.tar.gz" "$S3_URL/$NAME-latest.tar.gz"
|
||||
s3cmd ls "s3://rescue-images/rescue/"
|
||||
# s3cmd cp --acl-public "s3://rescue-images/rescue/$NAME-${edit_date}.tar.gz" "s3://rescue-images/rescue/$NAME-latest.tar.gz"
|
||||
}
|
||||
|
||||
cli() {
|
||||
case $1 in
|
||||
"tarball")
|
||||
build_image
|
||||
patch_image
|
||||
upgrade_image
|
||||
clean_image
|
||||
archive_target
|
||||
push_to_s3
|
||||
exit 0
|
||||
;;
|
||||
"image")
|
||||
NBD_DEVICE=${2:-"/dev/nbd1"}
|
||||
build_image
|
||||
patch_image
|
||||
upgrade_image
|
||||
clean_image
|
||||
prepare_nbd_volume $NBD_DEVICE
|
||||
sync
|
||||
exit 0
|
||||
;;
|
||||
"build_image"|"patch_image"|"archive_target"|"prepare_nbd_volume"|"upgrade_image"|"clean_image"|"push_to_s3")
|
||||
eval $@
|
||||
exit 0
|
||||
;;
|
||||
esac
|
||||
echo >&2 "usage: [DEBUG=1] $0 (tarball|image)"
|
||||
exit 1
|
||||
}
|
|
@ -0,0 +1,53 @@
|
|||
####################################################
|
||||
# This is the configuration file for localepurge(8).
|
||||
####################################################
|
||||
# Comment this to enable localepurge.
|
||||
# NO COMMENT IT IF YOU ARE NOT SURE WHAT ARE YOU DOING
|
||||
# THIS APP DO NOT ASK FOR CONFIRMATION
|
||||
|
||||
#NEEDSCONFIGFIRST
|
||||
|
||||
####################################################
|
||||
# Uncommenting this string enables removal of localized
|
||||
# man pages based on the configuration information for
|
||||
# locale files defined below:
|
||||
|
||||
MANDELETE
|
||||
|
||||
####################################################
|
||||
# Uncommenting this string causes localepurge to simply delete
|
||||
# locales which have newly appeared on the system without
|
||||
# bothering you about it:
|
||||
|
||||
#DONTBOTHERNEWLOCALE
|
||||
|
||||
#####################################################
|
||||
# Commenting out this string enables faster but less
|
||||
# accurate calculation of freed disk space:
|
||||
|
||||
#QUICKNDIRTYCALC
|
||||
|
||||
####################################################
|
||||
# Uncommenting this string enables display of freed disk
|
||||
# space if localepurge has purged any superfluous data:
|
||||
|
||||
SHOWFREEDSPACE
|
||||
|
||||
#####################################################
|
||||
# Commenting out this string disables verbose output:
|
||||
|
||||
#VERBOSE
|
||||
|
||||
#####################################################
|
||||
# You like Colors?
|
||||
|
||||
#NOCOLOR
|
||||
|
||||
#####################################################
|
||||
# You can use the -v -d -nc options in command line.
|
||||
|
||||
#####################################################
|
||||
# Following locales won't be deleted from this system
|
||||
# for example:
|
||||
en_US
|
||||
en_US.UTF-8
|
|
@ -3,7 +3,7 @@
|
|||
# - http://support.ntp.org/bin/view/Support/GettingStarted
|
||||
# - https://wiki.archlinux.org/index.php/Network_Time_Protocol_daemon
|
||||
|
||||
server ntp.int.cloud.online.net
|
||||
server ntp.int.scaleway.com
|
||||
|
||||
# Associate to public NTP pool servers; see http://www.pool.ntp.org/
|
||||
server 0.arch.pool.ntp.org
|
|
@ -0,0 +1,2 @@
|
|||
# default nameserver
|
||||
nameserver 8.8.8.8
|
|
@ -0,0 +1,133 @@
|
|||
# $OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $
|
||||
|
||||
# This is the sshd server system-wide configuration file. See
|
||||
# sshd_config(5) for more information.
|
||||
|
||||
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
|
||||
|
||||
# The strategy used for options in the default sshd_config shipped with
|
||||
# OpenSSH is to specify options with their default value where
|
||||
# possible, but leave them commented. Uncommented options override the
|
||||
# default value.
|
||||
|
||||
#Port 22
|
||||
#AddressFamily any
|
||||
#ListenAddress 0.0.0.0
|
||||
#ListenAddress ::
|
||||
|
||||
# The default requires explicit activation of protocol 1
|
||||
#Protocol 2
|
||||
|
||||
# HostKey for protocol version 1
|
||||
#HostKey /etc/ssh/ssh_host_key
|
||||
# HostKeys for protocol version 2
|
||||
#HostKey /etc/ssh/ssh_host_rsa_key
|
||||
#HostKey /etc/ssh/ssh_host_dsa_key
|
||||
#HostKey /etc/ssh/ssh_host_ecdsa_key
|
||||
#HostKey /etc/ssh/ssh_host_ed25519_key
|
||||
|
||||
# Lifetime and size of ephemeral version 1 server key
|
||||
#KeyRegenerationInterval 1h
|
||||
#ServerKeyBits 1024
|
||||
|
||||
# Ciphers and keying
|
||||
#RekeyLimit default none
|
||||
|
||||
# Logging
|
||||
# obsoletes QuietMode and FascistLogging
|
||||
#SyslogFacility AUTH
|
||||
#LogLevel INFO
|
||||
|
||||
# Authentication:
|
||||
|
||||
#LoginGraceTime 2m
|
||||
PermitRootLogin without-password
|
||||
#StrictModes yes
|
||||
#MaxAuthTries 6
|
||||
#MaxSessions 10
|
||||
|
||||
#RSAAuthentication yes
|
||||
#PubkeyAuthentication yes
|
||||
|
||||
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
|
||||
# but this is overridden so installations will only check .ssh/authorized_keys
|
||||
AuthorizedKeysFile .ssh/authorized_keys
|
||||
|
||||
#AuthorizedPrincipalsFile none
|
||||
|
||||
#AuthorizedKeysCommand none
|
||||
#AuthorizedKeysCommandUser nobody
|
||||
|
||||
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
|
||||
#RhostsRSAAuthentication no
|
||||
# similar for protocol version 2
|
||||
#HostbasedAuthentication no
|
||||
# Change to yes if you don't trust ~/.ssh/known_hosts for
|
||||
# RhostsRSAAuthentication and HostbasedAuthentication
|
||||
#IgnoreUserKnownHosts no
|
||||
# Don't read the user's ~/.rhosts and ~/.shosts files
|
||||
#IgnoreRhosts yes
|
||||
|
||||
# To disable tunneled clear text passwords, change to no here!
|
||||
#PasswordAuthentication yes
|
||||
#PermitEmptyPasswords no
|
||||
|
||||
# Change to no to disable s/key passwords
|
||||
ChallengeResponseAuthentication no
|
||||
|
||||
# Kerberos options
|
||||
#KerberosAuthentication no
|
||||
#KerberosOrLocalPasswd yes
|
||||
#KerberosTicketCleanup yes
|
||||
#KerberosGetAFSToken no
|
||||
|
||||
# GSSAPI options
|
||||
#GSSAPIAuthentication no
|
||||
#GSSAPICleanupCredentials yes
|
||||
|
||||
# Set this to 'yes' to enable PAM authentication, account processing,
|
||||
# and session processing. If this is enabled, PAM authentication will
|
||||
# be allowed through the ChallengeResponseAuthentication and
|
||||
# PasswordAuthentication. Depending on your PAM configuration,
|
||||
# PAM authentication via ChallengeResponseAuthentication may bypass
|
||||
# the setting of "PermitRootLogin without-password".
|
||||
# If you just want the PAM account and session checks to run without
|
||||
# PAM authentication, then enable this but set PasswordAuthentication
|
||||
# and ChallengeResponseAuthentication to 'no'.
|
||||
UsePAM yes
|
||||
|
||||
#AllowAgentForwarding yes
|
||||
#AllowTcpForwarding yes
|
||||
#GatewayPorts no
|
||||
#X11Forwarding no
|
||||
#X11DisplayOffset 10
|
||||
#X11UseLocalhost yes
|
||||
#PermitTTY yes
|
||||
PrintMotd no # pam does that
|
||||
#PrintLastLog yes
|
||||
#TCPKeepAlive yes
|
||||
#UseLogin no
|
||||
UsePrivilegeSeparation sandbox # Default for new installations.
|
||||
PermitUserEnvironment no
|
||||
#Compression delayed
|
||||
#ClientAliveInterval 0
|
||||
#ClientAliveCountMax 3
|
||||
UseDNS no
|
||||
#PidFile /run/sshd.pid
|
||||
#MaxStartups 10:30:100
|
||||
#PermitTunnel no
|
||||
#ChrootDirectory none
|
||||
#VersionAddendum none
|
||||
|
||||
# no default banner path
|
||||
#Banner none
|
||||
|
||||
# override default of no subsystems
|
||||
Subsystem sftp /usr/lib/ssh/sftp-server
|
||||
|
||||
# Example of overriding settings on a per-user basis
|
||||
#Match User anoncvs
|
||||
# X11Forwarding no
|
||||
# AllowTcpForwarding no
|
||||
# PermitTTY no
|
||||
# ForceCommand cvs server
|
|
@ -0,0 +1,8 @@
|
|||
[Match]
|
||||
Name=eth0
|
||||
|
||||
[Network]
|
||||
DHCP=yes
|
||||
DNS=10.1.31.38
|
||||
DNS=10.1.31.39
|
||||
Domains=scaleway.com
|
|
@ -0,0 +1,6 @@
|
|||
# Scaleway's DNS
|
||||
|
||||
[Resolve]
|
||||
DNS=10.1.31.38
|
||||
FallbackDNS=8.8.8.8 8.8.4.4
|
||||
LLMNR=no
|
|
@ -0,0 +1,35 @@
|
|||
# This file is part of systemd.
|
||||
#
|
||||
# systemd is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU Lesser General Public License as published by
|
||||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
[Unit]
|
||||
Description=Serial Getty on %I
|
||||
Documentation=man:agetty(8) man:systemd-getty-generator(8)
|
||||
Documentation=http://0pointer.de/blog/projects/serial-console.html
|
||||
BindsTo=dev-%i.device
|
||||
After=dev-%i.device systemd-user-sessions.service plymouth-quit-wait.service
|
||||
After=rc-local.service
|
||||
|
||||
# If additional gettys are spawned during boot then we should make
|
||||
# sure that this is synchronized before getty.target, even though
|
||||
# getty.target didn't actually pull it in.
|
||||
Before=getty.target
|
||||
IgnoreOnIsolate=yes
|
||||
|
||||
[Service]
|
||||
ExecStart=-/sbin/agetty --keep-baud %I 9600 vt102
|
||||
Type=idle
|
||||
Restart=always
|
||||
UtmpIdentifier=%I
|
||||
TTYPath=/dev/%I
|
||||
TTYReset=yes
|
||||
TTYVHangup=yes
|
||||
KillMode=process
|
||||
IgnoreSIGPIPE=no
|
||||
SendSIGHUP=yes
|
||||
|
||||
[Install]
|
||||
WantedBy=getty.target
|
|
@ -0,0 +1,23 @@
|
|||
# This file is part of systemd.
|
||||
#
|
||||
# systemd is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU Lesser General Public License as published by
|
||||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
|
||||
[Unit]
|
||||
Description=Network Name Resolution
|
||||
Documentation=man:systemd-resolved.service(8)
|
||||
After=NetworkManager-wait-online.service
|
||||
|
||||
[Service]
|
||||
Type=notify
|
||||
Restart=always
|
||||
RestartSec=0
|
||||
ExecStart=/usr/lib/systemd/systemd-resolved
|
||||
CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_SETPCAP CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER
|
||||
ProtectSystem=full
|
||||
ProtectHome=yes
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,18 @@
|
|||
# Fetch Scaleway metadata
|
||||
|
||||
fetch_scw_metadata()
|
||||
{
|
||||
metadata_host_name=$(/usr/local/bin/oc-metadata --cached HOSTNAME)
|
||||
if [ "x$metadata_host_name" != "x" ]; then
|
||||
echo $metadata_host_name > /etc/hostname
|
||||
sed "/^127.0.1.1[ \t].*$/ s/.*$/127.0.1.1\t$metadata_host_name/" -i /etc/hosts
|
||||
sed "/^127.0.0.1[ \t]localhost/ s/localhost.*$/localhost $metadata_host_name/" -i /etc/hosts
|
||||
export new_host_name="${metadata_host_name}"
|
||||
hostname $metadata_host_name
|
||||
echo dhclient-exit-hooks.d/hostname: Dynamic Hostname = ${metadata_host_name}
|
||||
fi
|
||||
}
|
||||
|
||||
if $if_up; then
|
||||
fetch_scw_metadata
|
||||
fi
|
|
@ -0,0 +1,36 @@
|
|||
#!/bin/bash
|
||||
|
||||
METADATA_CACHE=`mktemp -u`
|
||||
|
||||
get_metadata() {
|
||||
if [ ! -f $METADATA_CACHE ]; then
|
||||
/usr/local/bin/oc-metadata --cached > $METADATA_CACHE
|
||||
fi
|
||||
}
|
||||
|
||||
get_value() {
|
||||
# Get value from metadata
|
||||
key="$1"
|
||||
grep "^$key=" "$METADATA_CACHE" | cut -d= -f2 | sed "s/^['\"]//;s/['\"]$//"
|
||||
}
|
||||
|
||||
add_volumes() {
|
||||
keys=$(get_value VOLUMES)
|
||||
for key in $keys
|
||||
do
|
||||
test $key -eq 0 && continue
|
||||
host=$(get_value VOLUMES_${key}_EXPORT_URI | sed 's|nbd://\(.*\):.*|\1|')
|
||||
port=$(get_value VOLUMES_${key}_EXPORT_URI | sed 's|nbd://.*:\(.*\)|\1|')
|
||||
device=/dev/nbd$key
|
||||
xnbd-client -c $device && continue
|
||||
for i in {1..3}
|
||||
do
|
||||
xnbd-client --connect $device $host $port --blocksize 4096 && break
|
||||
sleep 5
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
get_metadata
|
||||
add_volumes
|
||||
rm $METADATA_CACHE
|
|
@ -0,0 +1,15 @@
|
|||
#!/bin/sh
|
||||
# Thanks to the LTSP project
|
||||
# If the root /dev/nbd0 device is unmounted on reboot then nbd read
|
||||
# errors occur, and if it isn't, then # the nbd-server process on the server
|
||||
# doesn't terminate.
|
||||
# Called by init scripts on reboot.
|
||||
|
||||
NBD_CLIENT=/usr/local/sbin/xnbd-client
|
||||
|
||||
disconnect() {
|
||||
$NBD_CLIENT -d "/dev/nbd0"
|
||||
echo b > /proc/sysrq-trigger
|
||||
}
|
||||
|
||||
disconnect
|
|
@ -0,0 +1,45 @@
|
|||
#!/bin/bash
|
||||
|
||||
ROOT_DEVICE="/dev/nbd0"
|
||||
|
||||
umount_nbd_devices() {
|
||||
for device in $(mount | cut -d " " -f 1 | grep /dev/nbd)
|
||||
do
|
||||
test $device = $ROOT_DEVICE && continue
|
||||
umount $device 2>/dev/null
|
||||
if [ $? -eq 1 ]
|
||||
then
|
||||
echo -n "umount of $device failed! Data loss may occur! will continue in 10 seconds..."
|
||||
sleep 1
|
||||
for i in 9 8 7 6 5 4 3 2 1
|
||||
do
|
||||
echo -n $i" "
|
||||
sleep 1
|
||||
done
|
||||
echo "ok, going on..."
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
swapoff_nbd_devices() {
|
||||
for device in $(grep '^/dev/nb' /proc/swaps | cut -d ' ' -f1)
|
||||
do
|
||||
swapoff $device 2> /dev/null
|
||||
done
|
||||
|
||||
}
|
||||
|
||||
disconnect_devices() {
|
||||
for device in $(ls /dev/nbd*)
|
||||
do
|
||||
test $device = $ROOT_DEVICE && continue
|
||||
if xnbd-client -c $device 2> /dev/null
|
||||
then
|
||||
xnbd-client -d $device
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
umount_nbd_devices
|
||||
swapoff_nbd_devices
|
||||
disconnect_devices
|
Loading…
Reference in New Issue