Squashed commit of the following:

- Bump basic OS to Alpine 3.9
 - Restructure repo and add layer versioning
 - Use JSON for all metadata
 - Merge abuild branch (but without abuild)
This commit is contained in:
Disassembler 2019-02-26 20:24:02 +01:00
parent b4f5979354
commit ce325cf3d0
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
226 changed files with 1252 additions and 3232 deletions

View File

@ -1,13 +0,0 @@
### Steps to reproduce
1.
2.
3.
### Expected behaviour
### Observed behaviour
### Additional data (ticket URL, log, timestamp, stack trace etc.)

2
.gitmodules vendored
View File

@ -1,3 +1,3 @@
[submodule "app-vmmgr"] [submodule "app-vmmgr"]
path = app-vmmgr path = vmmgr
url = ssh://git@gitlab.dasm.cz:2222/Spotter-Cluster/vmmgr.git url = ssh://git@gitlab.dasm.cz:2222/Spotter-Cluster/vmmgr.git

View File

@ -11,7 +11,7 @@ In case you're setting up a VMWare virtual machine, select OS type *Other Linux
## Virtual Machine creation ## Virtual Machine creation
Download **Alpine Virtual 3.8.0 x86_64** from <https://alpinelinux.org/downloads/> and boot from it. At the login prompt, use the root user without password to log in. Download **Alpine Virtual 3.9.0 x86_64** from <https://alpinelinux.org/downloads/> and boot from it. At the login prompt, use the root user without password to log in.
``` ```
# Set up interfaces (leave the default choices) # Set up interfaces (leave the default choices)
@ -19,8 +19,8 @@ setup-interfaces
ifup eth0 ifup eth0
# Download and launch the setup script # Download and launch the setup script
wget dl.dasm.cz/alpine.sh wget dl.dasm.cz/_vm.sh
sh alpine.sh sh _vm.sh
``` ```
The script will perform installation and configuration of Alpine linux, LXC and the whole VMMgr platform. Virtual machine is protected by LUKS-on-LVM disk encryption. The encryption password, which is simultaneously also a password for VMMgr web administration interface, will be asked for at the beginning of the script execution. Root access is disabled. The script will perform installation and configuration of Alpine linux, LXC and the whole VMMgr platform. Virtual machine is protected by LUKS-on-LVM disk encryption. The encryption password, which is simultaneously also a password for VMMgr web administration interface, will be asked for at the beginning of the script execution. Root access is disabled.
@ -31,7 +31,7 @@ After the script finishes and shuts down the virtual machine, remove CD/DVD driv
### First time setup ### First time setup
Follow the VM creation steps as above, but comment the line disabling the root login in *alpine.sh* file before its execution. After the script finishes and HDD size is adjusted, add serial port in the virtual machine settings and set it to use Unix socket or named pipe (eg. `\\.\pipe\alpine`). Then start the VM and connect to the serial port using *screen*, *PuTTY* or any other terminal client. Follow the VM creation steps as above, but comment the line disabling the root login in *_vm.sh* file before its execution. After the script finishes and HDD size is adjusted, add serial port in the virtual machine settings and set it to use Unix socket or named pipe (eg. `\\.\pipe\alpine`). Then start the VM and connect to the serial port using *screen*, *PuTTY* or any other terminal client.
``` ```
# Install git and OpenSSH client # Install git and OpenSSH client
@ -48,7 +48,7 @@ Assign the newly generated key to your GitLab account
git clone --recurse-submodules ssh://git@gitlab.dasm.cz:2222/Spotter-Cluster/Spotter-Cluster.git git clone --recurse-submodules ssh://git@gitlab.dasm.cz:2222/Spotter-Cluster/Spotter-Cluster.git
# Install the build toolchain # Install the build toolchain
Spotter-Cluster/zz-build/install-toolchain.sh Spotter-Cluster/_build/install-toolchain.sh
``` ```
After the script finishes, it is possible to connect via SSH (provided you have personal key in `authorized_keys`) as the toolchain sets up also *openssh-server*. The serial connection will work only until disconnected. If it should work indefinitely, run After the script finishes, it is possible to connect via SSH (provided you have personal key in `authorized_keys`) as the toolchain sets up also *openssh-server*. The serial connection will work only until disconnected. If it should work indefinitely, run
@ -61,7 +61,7 @@ kill -1 1
### Building the packages ### Building the packages
There are 3 distinct packaging systems. There are 3 distinct packaging systems.
1. Just a plain tar for basic OS setup used by *alpine.sh* installation script. 1. Just a plain tar for basic OS setup used by *_vm.sh* installation script.
2. Abuild for the native Alpine linux packages (APK) used for LXC, ACME client and VMMgr packaging. 2. Abuild for the native Alpine linux packages (APK) used for LXC, ACME client and VMMgr packaging.
3. `lxc-build`/`lxc-pack` for LXC images building and packaging. 3. `lxc-build`/`lxc-pack` for LXC images building and packaging.
@ -73,15 +73,8 @@ vi /srv/build/repokey.rsa
# Or generate a new pair # Or generate a new pair
echo '/srv/build/repokey.rsa' | abuild-keygen echo '/srv/build/repokey.rsa' | abuild-keygen
# Supply lxc-pack signing key
vi /srv/build/packages.key
# Or generate a new pair
openssl ecparam -genkey -name secp384r1 -out /srv/build/packages.key
openssl ec -in /srv/build/packages.key -pubout -out /srv/build/packages.pub
# Build all packages # Build all packages
Spotter-Cluster/zz-build/build-all.sh Spotter-Cluster/_build/build-all.sh
``` ```
The full build process takes considerable amount of time, so it is advised to have a persistent build VM. The full build process takes considerable amount of time, so it is advised to have a persistent build VM.
@ -95,6 +88,7 @@ The full build process takes considerable amount of time, so it is advised to ha
| CKAN Datapusher | ckan-datapusher | 8004 | 8080 (HTTP) | - | | CKAN Datapusher | ckan-datapusher | 8004 | 8080 (HTTP) | - |
| Crisis Cleanup | crisiscleanup | 8005 | 8080 (HTTP) | cc | | Crisis Cleanup | crisiscleanup | 8005 | 8080 (HTTP) | cc |
| CTS | cts | 8006 | 8080 (HTTP) | cts | | CTS | cts | 8006 | 8080 (HTTP) | cts |
| EcoGIS | ecogis | 8020 | 8080 (HTTP) | ecogis |
| FrontlineSMS | frontlinesms | 8018 | 8080 (HTTP) | sms | | FrontlineSMS | frontlinesms | 8018 | 8080 (HTTP) | sms |
| GNU Health | gnuhealth | 8008 | 8080 (HTTP) | gh | | GNU Health | gnuhealth | 8008 | 8080 (HTTP) | gh |
| KanBoard | kanboard | 8009 | 8080 (HTTP) | kb | | KanBoard | kanboard | 8009 | 8080 (HTTP) | kb |

107
_build/build-all.sh Executable file
View File

@ -0,0 +1,107 @@
#!/bin/sh
set -ev
cd $(realpath $(dirname "${0}"))
# Build basic.tar
cd ../_vm
tar cpf /srv/build/_vm.tar *
# Build native apps
cd ../acme-sh
abuild -F
cd ../vmmgr
abuild -F
cd ..
# Build runtimes
lxc-build alpine3.8
lxc-build alpine3.8-php5.6
lxc-build alpine3.8-nodejs8
lxc-build alpine3.8-ruby2.4
lxc-build alpine3.9
lxc-build alpine3.9-java8
lxc-build alpine3.9-php7.2
lxc-build alpine3.9-python2.7
lxc-build alpine3.9-python3.6
lxc-build alpine3.9-nodejs10
lxc-build alpine3.9-ruby2.4
lxc-build alpine3.9-tomcat8
# Build services
lxc-build activemq
lxc-build mariadb
lxc-build postgres
lxc-build rabbitmq
lxc-build redis
lxc-build solr
# Build applications
lxc-build ckan-datapusher
lxc-build ckan
lxc-build crisiscleanup
lxc-build cts
lxc-build ecogis
lxc-build frontlinesms
lxc-build gnuhealth
lxc-build kanboard
lxc-build mifosx
lxc-build motech
lxc-build odoo
lxc-build opendatakit
lxc-build opendatakit-build
lxc-build openmapkit
lxc-build pandora
lxc-build sahana-shared
lxc-build sahana
lxc-build sahana-demo
lxc-build sambro
lxc-build seeddms
lxc-build sigmah
lxc-build ushahidi
# Pack runtimes
lxc-pack alpine3.8
lxc-pack alpine3.8-php5.6
lxc-pack alpine3.8-nodejs8
lxc-pack alpine3.8-ruby2.4
lxc-pack alpine3.9
lxc-pack alpine3.9-java8
lxc-pack alpine3.9-php7.2
lxc-pack alpine3.9-python2.7
lxc-pack alpine3.9-python3.6
lxc-pack alpine3.9-nodejs10
lxc-pack alpine3.9-ruby2.4
lxc-pack alpine3.9-tomcat8
# Pack services
lxc-pack activemq
lxc-pack mariadb
lxc-pack postgres
lxc-pack rabbitmq
lxc-pack redis
lxc-pack solr
# Pack applications
lxc-pack ckan-datapusher
lxc-pack ckan
lxc-pack crisiscleanup
lxc-pack cts
lxc-pack ecogis
lxc-pack frontlinesms
lxc-pack gnuhealth
lxc-pack kanboard
lxc-pack mifosx
lxc-pack motech
lxc-pack odoo
lxc-pack opendatakit
lxc-pack opendatakit-build
lxc-pack openmapkit
lxc-pack pandora
lxc-pack sahana-shared
lxc-pack sahana
lxc-pack sahana-demo
lxc-pack sambro
lxc-pack seeddms
lxc-pack sigmah
lxc-pack ushahidi

View File

@ -17,19 +17,18 @@ cp root/.config/htop/htoprc /root/.config/htop/htoprc
rc-update add sshd boot rc-update add sshd boot
service sshd start service sshd start
# Prepare build toolchain # Prepare abuild toolchain
adduser root abuild adduser root abuild
cp etc/abuild.conf /etc/abuild.conf cp etc/abuild.conf /etc/abuild.conf
cp usr/bin/abuild /usr/bin/abuild
# Prepare LXC build toolchain
cp usr/bin/fix-apk /usr/bin/fix-apk cp usr/bin/fix-apk /usr/bin/fix-apk
cp usr/bin/lxc-build /usr/bin/lxc-build cp usr/bin/lxc-build /usr/bin/lxc-build
cp usr/bin/lxc-pack /usr/bin/lxc-pack cp usr/bin/lxc-pack /usr/bin/lxc-pack
mkdir -p /srv/build/lxc
# Supply /srv/build/repokey.rsa # Supply abuild key
# echo '/srv/build/repokey.rsa' | abuild-keygen # echo '/srv/build/repokey.rsa' | abuild-keygen
# Supply /srv/build/packages.key # Supply LXC build key
# openssl ecparam -genkey -name secp384r1 -out /srv/build/packages.key # openssl ecparam -genkey -name secp384r1 -out /srv/build/packages.key
# openssl ec -in /srv/build/packages.key -pubout -out /srv/build/packages.pub # openssl ec -in /srv/build/packages.key -pubout -out /srv/build/packages.pub

View File

@ -109,10 +109,12 @@ class LXCImage:
self.set_cwd(line.split()[1]) self.set_cwd(line.split()[1])
elif line.startswith('HALT'): elif line.startswith('HALT'):
self.set_halt(line.split()[1]) self.set_halt(line.split()[1])
# Add the final layer which can be treated as ephemeral # Add the final layer which will be treated as ephemeral
self.add_layer('{}/delta0'.format(self.name)) self.add_layer('{}/delta0'.format(self.name))
def rebuild_config(self): def rebuild_config(self):
if not self.name:
return
if len(self.layers) == 1: if len(self.layers) == 1:
rootfs = self.layers[0] rootfs = self.layers[0]
else: else:
@ -148,10 +150,24 @@ class LXCImage:
subprocess.run([cmd]+self.layers, check=True) subprocess.run([cmd]+self.layers, check=True)
def copy_files(self, src, dst): def copy_files(self, src, dst):
src = os.path.join(self.build_dir, src)
dst = os.path.join(self.layers[-1], dst) dst = os.path.join(self.layers[-1], dst)
if src.startswith('http://') or src.startswith('https://'):
self.unpack_http_archive(src, dst)
else:
src = os.path.join(self.build_dir, src)
copy_tree(src, dst) copy_tree(src, dst)
def unpack_http_archive(self, src, dst):
xf = 'xzf'
if src.endswith('.bz2'):
xf = 'xjf'
elif src.endswith('.xz'):
xf = 'xJf'
with subprocess.Popen(['wget', src, '-O', '-'], stdout=subprocess.PIPE) as wget:
with subprocess.Popen(['tar', xf, '-', '-C', dst], stdin=wget.stdout) as tar:
wget.stdout.close()
tar.wait()
def add_mount(self, type, src, dst): def add_mount(self, type, src, dst):
self.mounts.append('lxc.mount.entry = {} {} none bind,create={} 0 0'.format(src, dst, type.lower())) self.mounts.append('lxc.mount.entry = {} {} none bind,create={} 0 0'.format(src, dst, type.lower()))
self.rebuild_config() self.rebuild_config()
@ -187,7 +203,7 @@ def copy_tree(src, dst):
shutil.copystat(src, dst) shutil.copystat(src, dst)
if __name__ == '__main__': if __name__ == '__main__':
if len(sys.argv) != 2: if len(sys.argv) != 2 or sys.argv[1] in ('-h', '--help'):
print('Usage: lxc-build <buildpath>\n where the buildpath can be either specific lxcfile or a directory containing one') print('Usage: lxc-build <buildpath>\n where the buildpath can be either specific lxcfile or a directory containing one')
else: else:
i = LXCImage(sys.argv[1]) i = LXCImage(sys.argv[1])

View File

@ -11,24 +11,28 @@ from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.serialization import load_pem_private_key from cryptography.hazmat.primitives.serialization import load_pem_private_key
BUILD_ROOT = '/srv/build/lxc' PKG_ROOT = '/srv/build/lxc'
PRIVATE_KEY = '/srv/build/packages.key' PRIVATE_KEY = '/srv/build/packages.key'
LXC_ROOT = '/var/lib/lxc' LXC_ROOT = '/var/lib/lxc'
def pack(pkg_file): def pack(path):
if os.path.isdir(pkg_file): # Determine correct metadata file and package name
pkg_file = os.path.join(pkg_file, 'pkg') path = os.path.realpath(path)
# Prepare metadata if os.path.isdir(path):
meta = {} meta_dir = path
with open(pkg_file) as f: meta_file = os.path.join(meta_dir, 'meta')
for line in f: else:
line = [l.strip() for l in line.split(':', 1)] meta_dir = os.path.dirname(path)
meta[line[0]] = line[1] meta_file = path
meta['deps'] = meta['deps'].split() pkg_name = os.path.basename(meta_dir)
pkg_name = meta['pkg']
del meta['pkg']
tar_path = os.path.join(BUILD_ROOT, '{}.tar'.format(pkg_name)) # Load metadata
with open(meta_file) as f:
meta = json.load(f)
# Prepare package file names
os.makedirs(PKG_ROOT, 0o755, True)
tar_path = os.path.join(PKG_ROOT, '{}_{}-{}.tar'.format(pkg_name, meta['version'], meta['release']))
xz_path = '{}.xz'.format(tar_path) xz_path = '{}.xz'.format(tar_path)
# Remove old package # Remove old package
@ -40,11 +44,10 @@ def pack(pkg_file):
# Create archive # Create archive
print('Archiving', meta['lxcpath']) print('Archiving', meta['lxcpath'])
subprocess.run(['tar', '--xattrs', '-cpf', tar_path, os.path.join(LXC_ROOT, meta['lxcpath'])], cwd='/') subprocess.run(['tar', '--xattrs', '-cpf', tar_path, os.path.join(LXC_ROOT, meta['lxcpath'])], cwd='/')
if '/' not in meta['lxcpath']: # Add install/upgrade/uninstall scripts
# If lxcpath doesn't point to layer but is a full-featured container, pack also scripts scripts = ('install', 'install.sh', 'upgrade', 'upgrade.sh', 'uninstall', 'uninstall.sh')
print('Archiving install/upgrade/uninstall scripts and related files') scripts = [s for s in scripts if os.path.exists(os.path.join(meta_dir, s))]
cwd = os.path.dirname(os.path.abspath(pkg_file)) subprocess.run(['tar', '--transform', 's|^|srv/{}/|'.format(pkg_name), '-rpf', tar_path] + scripts, cwd=meta_dir)
subprocess.run(['tar', '--transform', 's|^|srv/{}/|'.format(pkg_name), '-rpf', tar_path, 'install', 'install.sh', 'upgrade', 'upgrade.sh', 'uninstall', 'uninstall.sh'], cwd=cwd)
# Compress the tarball with xz (LZMA2) # Compress the tarball with xz (LZMA2)
print('Compressing', tar_path, '({:.2f} MB)'.format(os.path.getsize(tar_path)/1048576)) print('Compressing', tar_path, '({:.2f} MB)'.format(os.path.getsize(tar_path)/1048576))
subprocess.run(['xz', '-9', tar_path]) subprocess.run(['xz', '-9', tar_path])
@ -53,7 +56,7 @@ def pack(pkg_file):
# Register package # Register package
print('Registering package') print('Registering package')
packages = {} packages = {}
packages_file = os.path.join(BUILD_ROOT, 'packages') packages_file = os.path.join(PKG_ROOT, 'packages')
if os.path.exists(packages_file): if os.path.exists(packages_file):
with open(packages_file, 'r') as f: with open(packages_file, 'r') as f:
packages = json.load(f) packages = json.load(f)
@ -63,13 +66,13 @@ def pack(pkg_file):
with open(packages_file, 'w') as f: with open(packages_file, 'w') as f:
json.dump(packages, f, sort_keys=True, indent=4) json.dump(packages, f, sort_keys=True, indent=4)
# Sign packages # Sign packages file
print('Signing packages') print('Signing packages')
with open(PRIVATE_KEY, 'rb') as f: with open(PRIVATE_KEY, 'rb') as f:
priv_key = load_pem_private_key(f.read(), None, default_backend()) priv_key = load_pem_private_key(f.read(), None, default_backend())
with open(os.path.join(BUILD_ROOT, 'packages'), 'rb') as f: with open(os.path.join(PKG_ROOT, 'packages'), 'rb') as f:
data = f.read() data = f.read()
with open(os.path.join(BUILD_ROOT, 'packages.sig'), 'wb') as f: with open(os.path.join(PKG_ROOT, 'packages.sig'), 'wb') as f:
f.write(priv_key.sign(data, ec.ECDSA(hashes.SHA512()))) f.write(priv_key.sign(data, ec.ECDSA(hashes.SHA512())))
def hash_file(file_path): def hash_file(file_path):
@ -83,7 +86,7 @@ def hash_file(file_path):
return sha512.hexdigest() return sha512.hexdigest()
if __name__ == '__main__': if __name__ == '__main__':
if len(sys.argv) != 2: if len(sys.argv) != 2 or sys.argv[1] in ('-h', '--help'):
print('Usage: lxc-pack <pkgfile>') print('Usage: lxc-pack <buildpath>\n where the buildpath can be either specific meta file or a directory containing one')
else: else:
pack(sys.argv[1]) pack(sys.argv[1])

View File

@ -14,8 +14,8 @@ echo
# Set up repositories # Set up repositories
cat <<EOF >/etc/apk/repositories cat <<EOF >/etc/apk/repositories
http://dl-cdn.alpinelinux.org/alpine/v3.8/main http://dl-cdn.alpinelinux.org/alpine/v3.9/main
http://dl-cdn.alpinelinux.org/alpine/v3.8/community http://dl-cdn.alpinelinux.org/alpine/v3.9/community
EOF EOF
# Install disk management tools # Install disk management tools
@ -84,9 +84,10 @@ chroot /mnt setup-timezone -z Europe/Prague
# Install basic system # Install basic system
apk --no-cache add apache2-utils gettext apk --no-cache add apache2-utils gettext
wget https://dl.dasm.cz/basic.tar -O - | tar xf - -C /mnt wget https://dl.dasm.cz/_vm.tar -O - | tar xf - -C /mnt
chroot /mnt apk --no-cache add ca-certificates curl bridge e2fsprogs-extra gettext iptables kbd-misc libressl postfix nginx util-linux acme-sh@vm lxc@vm vmmgr@vm chroot /mnt apk --no-cache add ca-certificates curl bridge e2fsprogs-extra gettext iptables kbd-misc libressl lxc postfix nginx util-linux acme-sh@vm vmmgr@vm
chroot /mnt newaliases chroot /mnt newaliases
mkdir /mnt/var/log/lxc
for SERVICE in cgroups consolefont crond iptables networking nginx ntpd postfix swap urandom vmmgr; do for SERVICE in cgroups consolefont crond iptables networking nginx ntpd postfix swap urandom vmmgr; do
ln -s /etc/init.d/${SERVICE} /mnt/etc/runlevels/boot ln -s /etc/init.d/${SERVICE} /mnt/etc/runlevels/boot
done done

3
_vm/etc/apk/repositories Normal file
View File

@ -0,0 +1,3 @@
http://dl-cdn.alpinelinux.org/alpine/v3.9/main
http://dl-cdn.alpinelinux.org/alpine/v3.9/community
@vm https://dl.dasm.cz/spotter-abuild

View File

@ -1,24 +1,28 @@
# Contributor: Disassembler <disassembler@dasm.cz> # Contributor: Disassembler <disassembler@dasm.cz>
# Maintainer: Disassembler <disassembler@dasm.cz> # Maintainer: Disassembler <disassembler@dasm.cz>
pkgname=acme-sh pkgname=acme-sh
pkgver=2.7.9 pkgver=2.8.0
pkgrel=0 pkgrel=0
pkgdesc="A pure Unix shell script implementing ACME client protocol" pkgdesc="A pure Unix shell ACME protocol client"
url="https://github.com/Neilpang/acme.sh" url="https://github.com/Neilpang/acme.sh"
arch="noarch" arch="noarch"
license="GPL" license="GPL"
_commit=4f59a821d33281ff5a3090cbe8de47c5f0ae10ce _commit=f62a4a0c0ccf6cd73b5746dd8b8790ce3c512833
source="${pkgname}-${pkgver}.tar.gz::https://github.com/Neilpang/acme.sh/archive/${_commit}.tar.gz" source="${pkgname}-${pkgver}.tar.gz::https://github.com/Neilpang/acme.sh/archive/${_commit}.tar.gz"
builddir="${srcdir}/acme.sh-${_commit}" builddir="${srcdir}/acme.sh-${_commit}"
options="!check" options="!check"
build() {
return 0
}
package() { package() {
mkdir -p ${pkgdir}/usr/bin mkdir -p ${pkgdir}/usr/bin
mkdir -p ${pkgdir}/etc/acme.sh.d mkdir -p ${pkgdir}/etc/acme.sh.d
mkdir -p ${pkgdir}/etc/periodic/daily mkdir -p ${pkgdir}/etc/periodic/daily
sed 's|$HOME/.$PROJECT_NAME|/etc/acme.sh.d|' ${builddir}/acme.sh > ${pkgdir}/usr/bin/acme.sh sed 's|$HOME/.$PROJECT_NAME|/etc/acme.sh.d|' ${builddir}/acme.sh > ${pkgdir}/usr/bin/acme.sh
chmod +x ${pkgdir}/usr/bin/acme.sh chmod +x ${pkgdir}/usr/bin/acme.sh
cp source/acme-sh ${pkgdir}/etc/periodic/daily/ cp ${startdir}/source/acme-sh ${pkgdir}/etc/periodic/daily/
} }
sha512sums="93d38007c0c8187217ac220b09180c3a367a9b518d0bb777a58900de134f1afde54e6643c42426e18f65a18de0d77b0c685396b9c33198b927f0ce2b5da778d1 acme-sh-2.7.9.tar.gz" sha512sums="399385c03954fb8c6c9be740ad46ed307ab1b902f88f4e7134fd837e4d189b387811469158fc05f1f8894f4622e5bbbec15ab4ef8eb433dd6dbfda585e7b25b7 acme-sh-2.8.0.tar.gz"

View File

@ -10,5 +10,3 @@ chown -R 61616:61616 /srv/activemq/data
# Create service # Create service
cp etc/init.d/activemq /etc/init.d/activemq cp etc/init.d/activemq /etc/init.d/activemq
rc-update -u rc-update -u
exit 0

View File

@ -1,6 +1,6 @@
IMAGE activemq IMAGE activemq
LAYER shared/alpine LAYER shared/alpine3.9
LAYER shared/java LAYER shared/alpine3.9-java8
LAYER activemq/activemq LAYER activemq/activemq
RUN EOF RUN EOF

9
activemq/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "ActiveMQ",
"desc-en": "ActiveMQ",
"lxcpath": "activemq",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.9-java8"]
}

View File

@ -1,4 +0,0 @@
pkg: activemq
lxcpath: activemq
version: 0.0.1
deps: java

View File

@ -4,5 +4,3 @@ set -ev
# Remove service # Remove service
rm -f /etc/init.d/activemq rm -f /etc/init.d/activemq
rc-update -u rc-update -u
exit 0

View File

@ -1,6 +1,6 @@
IMAGE build IMAGE build
LAYER shared/alpine LAYER shared/alpine3.8
LAYER shared/nodejs LAYER shared/alpine3.8-nodejs8
RUN EOF RUN EOF
apk --no-cache add nodejs apk --no-cache add nodejs

9
alpine3.8-nodejs8/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s běhovým prostředím pro Node.js 8",
"desc-en": "Basic LXC layer with Node.js 8 runtime environment",
"lxcpath": "shared/alpine3.8-nodejs8",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.8"]
}

8
alpine3.8-php5.6/lxcfile Normal file
View File

@ -0,0 +1,8 @@
IMAGE build
LAYER shared/alpine3.8
LAYER shared/alpine3.8-php5.6
RUN EOF
apk --no-cache add nginx php5 php5-ctype php5-fpm php5-gd php5-json php5-mcrypt php5-opcache
ln -s /usr/bin/php5 /usr/bin/php
EOF

9
alpine3.8-php5.6/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s běhovým prostředím pro PHP 5",
"desc-en": "Basic LXC layer with PHP 5 runtime environment",
"lxcpath": "shared/alpine3.8-php5.6",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.8"]
}

View File

@ -1,6 +1,6 @@
IMAGE build IMAGE build
LAYER shared/alpine LAYER shared/alpine3.8
LAYER shared/ruby LAYER shared/alpine3.8-ruby2.4
RUN EOF RUN EOF
# Install Ruby runtime dependencies # Install Ruby runtime dependencies

9
alpine3.8-ruby2.4/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s běhovým prostředím pro Ruby 2.4",
"desc-en": "Basic LXC layer with Ruby 2.4 runtime environment",
"lxcpath": "shared/alpine3.8-ruby2.4",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.8"]
}

13
alpine3.8/lxcfile Normal file
View File

@ -0,0 +1,13 @@
IMAGE build
LAYER shared/alpine3.8
COPY https://github.com/gliderlabs/docker-alpine/raw/rootfs/library-3.8/x86_64/versions/library-3.8/x86_64/rootfs.tar.xz
RUN EOF
# Add edge/testing repository
echo '@em http://dl-cdn.alpinelinux.org/alpine/edge/main' >>/etc/apk/repositories
echo '@et http://dl-cdn.alpinelinux.org/alpine/edge/testing' >>/etc/apk/repositories
echo '@ec http://dl-cdn.alpinelinux.org/alpine/edge/community' >>/etc/apk/repositories
# Install s6 supervisor
apk --no-cache add libxml2 libxslt s6@em
EOF

9
alpine3.8/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s Alpine linuxem",
"desc-en": "Basic LXC layer with Alpine linux",
"lxcpath": "shared/alpine3.8",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": []
}

View File

@ -1,6 +1,6 @@
IMAGE build IMAGE build
LAYER shared/alpine LAYER shared/alpine3.9
LAYER shared/java LAYER shared/alpine3.9-java8
RUN EOF RUN EOF
apk --no-cache add openjdk8-jre-base apk --no-cache add openjdk8-jre-base

9
alpine3.9-java8/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s běhovým prostředím pro Javu",
"desc-en": "Basic LXC layer with Java runtime environment",
"lxcpath": "shared/alpine3.9-java8",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.9"]
}

View File

@ -0,0 +1,7 @@
IMAGE build
LAYER shared/alpine3.9
LAYER shared/alpine3.9-nodejs10
RUN EOF
apk --no-cache add nodejs
EOF

9
alpine3.9-nodejs10/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s běhovým prostředím pro Node.js 10",
"desc-en": "Basic LXC layer with Node.js 10 runtime environment",
"lxcpath": "shared/alpine3.9-nodejs10",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.9"]
}

View File

@ -1,6 +1,6 @@
IMAGE build IMAGE build
LAYER shared/alpine LAYER shared/alpine3.9
LAYER shared/php LAYER shared/alpine3.9-php7.2
RUN EOF RUN EOF
apk --no-cache add nginx php7 php7-ctype php7-fpm php7-gd php7-json php7-mbstring php7-mcrypt php7-opcache php7-session apk --no-cache add nginx php7 php7-ctype php7-fpm php7-gd php7-json php7-mbstring php7-mcrypt php7-opcache php7-session

9
alpine3.9-php7.2/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s běhovým prostředím pro PHP 7",
"desc-en": "Basic LXC layer with PHP 7 runtime environment",
"lxcpath": "shared/alpine3.9-php7.2",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.9"]
}

View File

@ -0,0 +1,7 @@
IMAGE build
LAYER shared/alpine3.9
LAYER shared/alpine3.9-python2.7
RUN EOF
apk --no-cache add python2
EOF

9
alpine3.9-python2.7/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s běhovým prostředím pro python 2",
"desc-en": "Basic LXC layer with python 2 runtime environment",
"lxcpath": "shared/alpine3.9-python2.7",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.9"]
}

View File

@ -1,7 +1,6 @@
IMAGE build IMAGE build
LAYER shared/alpine LAYER shared/alpine3.9
LAYER shared/libxml LAYER shared/alpine3.9-python3.6
LAYER shared/python3
RUN EOF RUN EOF
apk --no-cache add python3 apk --no-cache add python3

9
alpine3.9-python3.6/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s běhovým prostředím pro python 3",
"desc-en": "Basic LXC layer with python 3 runtime environment",
"lxcpath": "shared/alpine3.9-python3.6",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.9"]
}

33
alpine3.9-ruby2.4/lxcfile Normal file
View File

@ -0,0 +1,33 @@
IMAGE build
LAYER shared/alpine3.9
LAYER shared/alpine3.9-ruby2.4
RUN EOF
# Install Ruby runtime dependencies
apk --no-cache add gdbm libressl readline zlib
# Install Ruby build dependencies
apk --no-cache add --virtual .deps build-base autoconf gdbm-dev libressl-dev linux-headers readline-dev zlib-dev
# Download and unpack Ruby
mkdir -p /usr/src/ruby
wget http://cache.ruby-lang.org/pub/ruby/2.4/ruby-2.4.5.tar.xz -O - | tar xJf - -C /usr/src/ruby --strip-components=1
# Compile and install Ruby
cd /usr/src/ruby
autoconf
./configure --build=x86_64-linux-musl --disable-install-doc --enable-shared
make -j $(getconf _NPROCESSORS_ONLN)
make install
# Install RubyGems and Bundler
mkdir -p /usr/local/etc
echo -e 'install: --no-document\nupdate: --no-document' >/usr/local/etc/gemrc
gem update --system
# Cleanup
apk --no-cache del .deps
cd /root
rm -r /usr/src/ruby
rm -rf /root/.gem
EOF

9
alpine3.9-ruby2.4/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s běhovým prostředím pro Ruby 2.4",
"desc-en": "Basic LXC layer with Ruby 2.4 runtime environment",
"lxcpath": "shared/alpine3.9-ruby2.4",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.9"]
}

View File

@ -1,11 +1,11 @@
IMAGE build IMAGE build
LAYER shared/alpine LAYER shared/alpine3.9
LAYER shared/java LAYER shared/alpine3.9-java8
LAYER shared/tomcat LAYER shared/alpine3.9-tomcat8
RUN EOF RUN EOF
# Install Tomcat 8 # Install Tomcat 8
wget http://mirror.hosting90.cz/apache/tomcat/tomcat-8/v8.0.53/bin/apache-tomcat-8.0.53.tar.gz -O - | tar xzf - -C /srv wget https://archive.apache.org/dist/tomcat/tomcat-8/v8.0.53/bin/apache-tomcat-8.0.53.tar.gz -O - | tar xzf - -C /srv
mv /srv/apache-tomcat-8.0.53 /srv/tomcat mv /srv/apache-tomcat-8.0.53 /srv/tomcat
# Make catalina.sh available globally # Make catalina.sh available globally

9
alpine3.9-tomcat8/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s JSP a servlet kontejnerem Tomcat 8",
"desc-en": "Basic LXC layer with Tomcat 8 JSP and servlet container",
"lxcpath": "shared/alpine3.9-tomcat8",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.9-java8"]
}

View File

@ -1,5 +1,6 @@
IMAGE build IMAGE build
LAYER shared/alpine LAYER shared/alpine3.9
COPY https://github.com/gliderlabs/docker-alpine/raw/rootfs/library-3.9/x86_64/versions/library-3.9/x86_64/rootfs.tar.xz
RUN EOF RUN EOF
# Add edge/testing repository # Add edge/testing repository
@ -8,5 +9,5 @@ RUN EOF
echo '@ec http://dl-cdn.alpinelinux.org/alpine/edge/community' >>/etc/apk/repositories echo '@ec http://dl-cdn.alpinelinux.org/alpine/edge/community' >>/etc/apk/repositories
# Install s6 supervisor # Install s6 supervisor
apk --no-cache add s6@em apk --no-cache add libxml2 libxslt s6
EOF EOF

9
alpine3.9/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Základní LXC vrstva s Alpine linuxem",
"desc-en": "Basic LXC layer with Alpine linux",
"lxcpath": "shared/alpine3.9",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": []
}

View File

@ -1,43 +0,0 @@
# Contributor: Disassembler <disassembler@dasm.cz>
# Maintainer: Disassembler <disassembler@dasm.cz>
pkgname=lxc
pkgver=3.0.3
pkgrel=0
pkgdesc="Userspace interface for the Linux kernel containment features"
url="https://linuxcontainers.org/lxc/"
arch="x86_64"
license="GPL"
options="suid !check"
makedepends="automake autoconf bsd-compat-headers libcap-dev libseccomp-dev libtool linux-headers"
_commit=b8ab4849432cd64d789a757e385d1d324d88a61d
source="${pkgname}-${pkgver}.tar.gz::https://github.com/lxc/lxc/archive/${_commit}.tar.gz"
builddir="${srcdir}/${pkgname}-${_commit}"
build() {
cd ${builddir}
./autogen.sh
./configure \
--prefix=/usr \
--sysconfdir=/etc \
--localstatedir=/var \
--disable-apparmor \
--with-distro=alpine \
--disable-werror
make
}
package() {
cd ${builddir}
make DESTDIR=${pkgdir} install
rm -rf ${pkgdir}/usr/include/
rm -rf ${pkgdir}/usr/lib/liblxc.a
rm -rf ${pkgdir}/usr/lib/liblxc.la
rm -rf ${pkgdir}/usr/lib/pkgconfig/
rm -rf ${pkgdir}/usr/share/doc/
rm -rf ${pkgdir}/usr/share/lxc/selinux/
rm -rf ${pkgdir}/usr/share/lxc/templates/
rm -rf ${pkgdir}/usr/share/man/
mkdir -p ${pkgdir}/var/log/lxc/
}
sha512sums="ef62f93799a14ba0e1b2fdbb4f69f8b531aef8eeecf537e2a08be3f30147484729bd41fa65e9ea5519c1c1f0e6f8940aac41ca5b749f89529a5b970e4ea0095c lxc-3.0.3.tar.gz"

@ -1 +0,0 @@
Subproject commit be5e95d5c0389ef024359cf4885a0a5792363c05

View File

@ -1,4 +0,0 @@
pkg: alpine
lxcpath: shared/alpine
version: 0.0.1
deps:

View File

@ -1,4 +0,0 @@
pkg: java
lxcpath: shared/java
version: 0.0.1
deps: alpine

View File

@ -1,7 +0,0 @@
IMAGE build
LAYER shared/alpine
LAYER shared/libxml
RUN EOF
apk --no-cache add libxml2 libxslt
EOF

View File

@ -1,4 +0,0 @@
pkg: libxml
lxcpath: shared/libxml
version: 0.0.1
deps: alpine

View File

@ -1,4 +0,0 @@
pkg: nodejs
lxcpath: shared/nodejs
version: 0.0.1
deps: alpine

View File

@ -1,4 +0,0 @@
pkg: php
lxcpath: shared/php
version: 0.0.1
deps: alpine

View File

@ -1,8 +0,0 @@
IMAGE build
LAYER shared/alpine
LAYER shared/libxml
LAYER shared/python2
RUN EOF
apk --no-cache add python2
EOF

View File

@ -1,4 +0,0 @@
pkg: python2
lxcpath: shared/python2
version: 0.0.1
deps: libxml

View File

@ -1,4 +0,0 @@
pkg: python3
lxcpath: shared/python3
version: 0.0.1
deps: libxml

View File

@ -1,4 +0,0 @@
pkg: ruby
lxcpath: shared/ruby
version: 0.0.1
deps: alpine

View File

@ -1,4 +0,0 @@
pkg: tomcat
lxcpath: shared/tomcat
version: 0.0.1
deps: java

View File

@ -1,3 +0,0 @@
http://dl-cdn.alpinelinux.org/alpine/v3.8/main
http://dl-cdn.alpinelinux.org/alpine/v3.8/community
@vm https://dl.dasm.cz/spotter-abuild

View File

@ -1 +0,0 @@
NTPD_OPTS="-N -p tik.cesnet.cz -p tak.cesnet.cz"

View File

@ -15,5 +15,3 @@ rc-update -u
# Install config update script # Install config update script
cp srv/ckan-datapusher/update-conf.sh /srv/ckan-datapusher/update-conf.sh cp srv/ckan-datapusher/update-conf.sh /srv/ckan-datapusher/update-conf.sh
exit 0

View File

@ -1,7 +1,6 @@
IMAGE ckan-datapusher IMAGE ckan-datapusher
LAYER shared/alpine LAYER shared/alpine3.9
LAYER shared/libxml LAYER shared/alpine3.9-python2.7
LAYER shared/python2
LAYER ckan-datapusher/ckan-datapusher LAYER ckan-datapusher/ckan-datapusher
RUN EOF RUN EOF

9
ckan-datapusher/meta Normal file
View File

@ -0,0 +1,9 @@
{
"desc-cs": "Služba datového skladu pro extrakci dat",
"desc-en": "Data store data extraction service",
"lxcpath": "ckan-datapusher",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.9-python2.7"]
}

View File

@ -1,4 +0,0 @@
pkg: ckan-datapusher
lxcpath: ckan-datapusher
version: 0.0.1
deps: python2

View File

@ -4,5 +4,3 @@ set -ev
# Remove service # Remove service
rm -f /etc/init.d/ckan-datapusher rm -f /etc/init.d/ckan-datapusher
rc-update -u rc-update -u
exit 0

View File

@ -64,5 +64,3 @@ cp srv/ckan/update-conf.sh /srv/ckan/update-conf.sh
# Register application # Register application
vmmgr register-app ckan "${CKAN_ADMIN_USER}" "${CKAN_ADMIN_PWD}" vmmgr register-app ckan "${CKAN_ADMIN_USER}" "${CKAN_ADMIN_PWD}"
exit 0

View File

@ -1,7 +1,6 @@
IMAGE ckan IMAGE ckan
LAYER shared/alpine LAYER shared/alpine3.9
LAYER shared/libxml LAYER shared/alpine3.9-python2.7
LAYER shared/python2
LAYER ckan/ckan LAYER ckan/ckan
RUN EOF RUN EOF
@ -31,6 +30,7 @@ RUN EOF
pip install -e 'git+https://github.com/aptivate/ckanext-datasetthumbnail#egg=ckanext_datasetthumbnail' pip install -e 'git+https://github.com/aptivate/ckanext-datasetthumbnail#egg=ckanext_datasetthumbnail'
pip install -e 'git+https://github.com/datagvat/ckanext-dgvat_xls#egg=ckanext_dgvat_xls' pip install -e 'git+https://github.com/datagvat/ckanext-dgvat_xls#egg=ckanext_dgvat_xls'
pip install -r /srv/ckan/src/ckanext-spatial/pip-requirements.txt pip install -r /srv/ckan/src/ckanext-spatial/pip-requirements.txt
pip install -r /srv/ckan/src/ckanext-geoview/pip-requirements.txt
pip install -r /srv/ckan/src/ckanext-dgvat-xls/requirements.txt pip install -r /srv/ckan/src/ckanext-dgvat-xls/requirements.txt
# Create OS user # Create OS user

10
ckan/meta Normal file
View File

@ -0,0 +1,10 @@
{
"title": "CKAN",
"desc-cs": "Datový sklad",
"desc-en": "Data store",
"lxcpath": "ckan",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.9-python2.7", "ckan-datapusher", "postgres", "redis", "solr"]
}

View File

@ -1,7 +0,0 @@
pkg: ckan
title: CKAN
lxcpath: ckan
desc: Datový sklad
host: ckan
version: 0.0.1
deps: python2 ckan-datapusher postgres redis solr

View File

@ -23,4 +23,5 @@ lxc-attach redis -- redis-cli -n 0 flushdb
rm -rf /srv/solr/data/ckan rm -rf /srv/solr/data/ckan
[ ! -z ${START_SOLR} ] && service solr start [ ! -z ${START_SOLR} ] && service solr start
exit 0 # Unregister application
vmmgr unregister-app ckan

View File

@ -41,5 +41,3 @@ cp srv/crisiscleanup/update-conf.sh /srv/crisiscleanup/update-conf.sh
# Register application # Register application
vmmgr register-app crisiscleanup "${CRISISCLEANUP_ADMIN_EMAIL}" "${CRISISCLEANUP_ADMIN_PWD}" vmmgr register-app crisiscleanup "${CRISISCLEANUP_ADMIN_EMAIL}" "${CRISISCLEANUP_ADMIN_PWD}"
exit 0

View File

@ -1,8 +1,7 @@
IMAGE crisiscleanup IMAGE crisiscleanup
LAYER shared/alpine LAYER shared/alpine3.8
LAYER shared/ruby LAYER shared/alpine3.8-ruby2.4
LAYER shared/nodejs LAYER shared/alpine3.8-nodejs8
LAYER shared/libxml
LAYER crisiscleanup/crisiscleanup LAYER crisiscleanup/crisiscleanup
FIXLAYER /usr/bin/fix-apk FIXLAYER /usr/bin/fix-apk
@ -19,7 +18,7 @@ RUN EOF
# Clone CrisisCleanup # Clone CrisisCleanup
git clone --depth 1 https://github.com/CrisisCleanup/crisiscleanup /srv/crisiscleanup git clone --depth 1 https://github.com/CrisisCleanup/crisiscleanup /srv/crisiscleanup
# Hackfix ruby dependency version # Hackfix ruby dependency versions
sed -i 's/2\.4\.4/2.4.5/' /srv/crisiscleanup/Gemfile sed -i 's/2\.4\.4/2.4.5/' /srv/crisiscleanup/Gemfile
# Install Ruby and NodeJS dependencies # Install Ruby and NodeJS dependencies

10
crisiscleanup/meta Normal file
View File

@ -0,0 +1,10 @@
{
"title": "Crisis Cleanup",
"desc-cs": "Mapování následků katastrof",
"desc-en": "Disaster relief mapping",
"lxcpath": "crisiscleanup",
"version": "0.0.1",
"release": "0",
"license": "GPL",
"depends": ["alpine3.9-ruby2.4", "alpine3.9-nodejs10", "postgres"]
}

View File

@ -1,7 +0,0 @@
pkg: crisiscleanup
title: Crisis Cleanup
lxcpath: crisiscleanup
desc: Mapování následků katastrof
host: cc
version: 0.0.1
deps: ruby nodejs libxml postgres

View File

@ -10,4 +10,5 @@ rc-update -u
echo 'DROP DATABASE IF EXISTS crisiscleanup; DROP ROLE IF EXISTS crisiscleanup;' | lxc-attach -u 5432 -g 5432 postgres -- psql echo 'DROP DATABASE IF EXISTS crisiscleanup; DROP ROLE IF EXISTS crisiscleanup;' | lxc-attach -u 5432 -g 5432 postgres -- psql
[ ! -z ${STOP_POSTGRES} ] && service postgres stop [ ! -z ${STOP_POSTGRES} ] && service postgres stop
exit 0 # Unregister application
vmmgr unregister-app crisiscleanup

View File

@ -46,5 +46,3 @@ cp srv/cts/update-conf.sh /srv/cts/update-conf.sh
# Register application # Register application
vmmgr register-app cts "${CTS_ADMIN_EMAIL}" "${CTS_ADMIN_PWD}" vmmgr register-app cts "${CTS_ADMIN_EMAIL}" "${CTS_ADMIN_PWD}"
exit 0

View File

@ -1,7 +1,6 @@
IMAGE cts IMAGE cts
LAYER shared/alpine LAYER shared/alpine3.9
LAYER shared/libxml LAYER shared/alpine3.9-python2.7
LAYER shared/python2
LAYER cts/cts LAYER cts/cts
RUN EOF RUN EOF

Some files were not shown because too many files have changed in this diff Show More