build: add LXC/LXD support

Signed-off-by: nachoparker <[email protected]>

.gitignore

@@ -1,13 +1,13 @@
 .*.swp
-qemu-raspbian-network/
-archive/
-output/
-cache/
-torrent/
-armbian/
-raspbian_root
-raspbian_boot
-ncp-web/wizard.cfg
-ncp-web/ncp-web.cfg
-docker-armhf/qemu-arm-static
-.vagrant/
+/qemu-raspbian-network/
+/archive/
+/output/
+/cache/
+/torrent/
+/armbian/
+/raspbian_root
+/raspbian_boot
+/ncp-web/wizard.cfg
+/ncp-web/ncp-web.cfg
+/docker-armhf/qemu-arm-static
+/.vagrant/

bin/ncp-provisioning.sh

@@ -2,6 +2,8 @@
 
 # this script runs at startup to provide an unique random passwords for each instance
 
+source /usr/local/etc/library.sh
+
 ## redis provisioning
 
 CFG=/var/www/nextcloud/config/config.php
@@ -14,7 +16,7 @@ REDISPASS="$( grep "^requirepass" /etc/redis/redis.conf | cut -f2 -d' ' )"
   echo Provisioning Redis password
   sed -i -E "s|^requirepass .*|requirepass $REDISPASS|" /etc/redis/redis.conf
   chown redis:redis /etc/redis/redis.conf
-  [[ "$DOCKERBUILD" != 1 ]] && systemctl restart redis
+  is_docker || systemctl restart redis
 }
 
 ### If there exists already a configuration adjust the password

bin/ncp/CONFIG/nc-nextcloud.sh

@@ -19,11 +19,9 @@ install()
   # During build, this step is run before ncp.sh. Avoid executing twice
   [[ -f /usr/lib/systemd/system/nc-provisioning.service ]] && return 0
 
-  source /usr/local/etc/library.sh # sets PHPVER RELEASE
-
   # Optional packets for Nextcloud and Apps
   apt-get update
-  $APTINSTALL lbzip2 iputils-ping jq
+  $APTINSTALL lbzip2 iputils-ping jq wget
   $APTINSTALL -t $RELEASE php-smbclient exfat-fuse exfat-utils                  # for external storage
   $APTINSTALL -t $RELEASE php${PHPVER}-exif                                     # for gallery
   $APTINSTALL -t $RELEASE php${PHPVER}-gmp                                      # for bookmarks
@@ -56,6 +54,16 @@ install()
   echo "maxmemory $REDIS_MEM" >> $REDIS_CONF
   echo 'vm.overcommit_memory = 1' >> /etc/sysctl.conf
 
+  if is_lxc; then
+    # Otherwise it fails to start in Buster LXC container
+    mkdir -p /etc/systemd/system/redis-server.service.d
+    cat > /etc/systemd/system/redis-server.service.d/lxc_fix.conf <<'EOF'
+[Service]
+ReadOnlyDirectories=
+EOF
+    systemctl daemon-reload
+  fi
+
   chown redis: "$REDIS_CONF"
   usermod -a -G redis www-data
 

bin/ncp/NETWORKING/letsencrypt.sh

@@ -35,7 +35,7 @@ install()
   rm -f /etc/cron.d/certbot
   mkdir -p /etc/letsencrypt/live
 
-  [[ "$DOCKERBUILD" == 1 ]] && {
+  is_docker && {
     # execute before lamp stack
     cat > /etc/services-available.d/009letsencrypt <<EOF
 #!/bin/bash
@@ -125,7 +125,7 @@ EOF
     rm -rf $ncdir/.well-known
 
     # Update configuration
-    [[ "$DOCKERBUILD" == 1 ]] && update-rc.d letsencrypt enable
+    is_docker && update-rc.d letsencrypt enable
 
     return 0
   }

bin/ncp/SYSTEM/nc-swapfile.sh

@@ -47,8 +47,7 @@ configure()
 
 install()
 {
-  apt-get update
-  DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends dphys-swapfile
+  apt_install dphys-swapfile
 }
 
 

Vagrantfile → build/Vagrantfile

@@ -26,7 +26,7 @@ Vagrant.configure("2") do |config|
     BRANCH=master
     #BRANCH=devel  # uncomment to install devel
     apt-get update
-    DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends git
+    DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends git ca-certificates
 
     # install
     git clone -b "$BRANCH" https://github.com/nextcloud/nextcloudpi.git /tmp/nextcloudpi

armbian.sh → build/armbian/armbian.sh

@@ -32,25 +32,16 @@ touch /.ncp-image
 # install NCP
 echo -e "\nInstalling NextCloudPi"
 
-mkdir -p /usr/local/etc/ncp-config.d/
-cp etc/ncp-config.d/nc-nextcloud.cfg /usr/local/etc/ncp-config.d/
-cp etc/library.sh /usr/local/etc/
-cp etc/ncp.cfg /usr/local/etc/
-
 hostname -F /etc/hostname # fix 'sudo resolve host' errors
-install_app    lamp.sh
-install_app    bin/ncp/CONFIG/nc-nextcloud.sh
-run_app_unsafe bin/ncp/CONFIG/nc-nextcloud.sh
-rm /usr/local/etc/ncp-config.d/nc-nextcloud.cfg    # armbian overlay is ro
-install_app    ncp.sh
-run_app_unsafe bin/ncp/CONFIG/nc-init.sh
-run_app_unsafe post-inst.sh
 
-cd -
+CODE_DIR="$(pwd)" bash install.sh
+run_app_unsafe post-inst.sh
 
 # disable SSH by default, it can be enabled through ncp-web
 systemctl disable ssh
 
+cd -
+
 
 # License
 #

batch.sh → build/batch.sh

@@ -8,12 +8,9 @@
 #
 
 set -e
-
-version=$(git describe --tags --always)
-version=${version%-*-*}
+source build/buildlib.sh          # initializes $IMGNAME
 
 ## BUILDING
-source buildlib.sh          # initializes $IMGNAME
 
 [[ "$FTPPASS" == "" ]] && {
   echo -e "\e[1mNo FTPPASS variable found, FTP won't work.\nYou can ^C to cancel now\e[0m"
@@ -29,27 +26,27 @@ sleep 5
 rm -f ncp-web/wizard.cfg
 
 # Raspbian
-./build-SD-rpi.sh
+build/build-SD-rpi.sh
 IMG="$( ls -1t tmp/*.img | head -1 )"
-./build-SD-berryboot.sh "$IMG"
+build/build-SD-berryboot.sh "$IMG"
 
 # Armbian
-./build-SD-armbian.sh odroidxu4 OdroidHC2
-./build-SD-armbian.sh rockpro64 RockPro64
-./build-SD-armbian.sh rock64 Rock64
-./build-SD-armbian.sh bananapi Bananapi
-./build-SD-armbian.sh odroidhc4 OdroidHC4
-./build-SD-armbian.sh odroidc4 OdroidC4
-./build-SD-armbian.sh odroidc2 OdroidC2
-#./build-SD-armbian.sh orangepizeroplus2-h5 OrangePiZeroPlus2
+build/build-SD-armbian.sh odroidxu4 OdroidHC2
+build/build-SD-armbian.sh rockpro64 RockPro64
+build/build-SD-armbian.sh rock64 Rock64
+build/build-SD-armbian.sh bananapi Bananapi
+build/build-SD-armbian.sh odroidhc4 OdroidHC4
+build/build-SD-armbian.sh odroidc4 OdroidC4
+build/build-SD-armbian.sh odroidc2 OdroidC2
+#build/build-SD-armbian.sh orangepizeroplus2-h5 OrangePiZeroPlus2
 
 # VM
-./build-VM.sh
+build/build-VM.sh
 
 # Docker
-./build-docker.sh x86
-./build-docker.sh armhf
-./build-docker.sh arm64
+build/build-docker.sh x86
+build/build-docker.sh armhf
+build/build-docker.sh arm64
 
 [[ "$FTPPASS" == "" ]] && exit
 

build/build-LXC.sh

@@ -0,0 +1,72 @@
+#!/bin/bash
+
+# Batch creation of NextCloudPi LXC image
+#
+# Copyleft 2021 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+#
+
+set -e
+source build/buildlib.sh
+
+#CLEAN=0                    # Pass this envvar to skip cleaning download cache
+IMG="NextCloudPi_LXC_$( date  "+%m-%d-%y" ).img"
+IMG=tmp/"$IMG"
+
+TAR=output/"$( basename "$IMG" .img ).tar.bz2"
+
+test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
+
+##############################################################################
+
+## preparations
+
+test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
+set -e
+prepare_dirs                   # tmp cache output
+
+## BUILD NCP
+
+echo -e "\e[1m\n[ Build NCP ]\e[0m"
+
+# TODO sudo
+sudo lxc-destroy ncp -f
+sudo lxc-create -n ncp -t download -B btrfs -- --dist debian --release buster --arch amd64 # TODO vars for distro and stuff 
+sudo cp lxc_config /var/lib/lxc/ncp/config
+sudo lxc-start -n ncp
+sudo lxc-attach -n ncp --clear-env -- bash -c 'while [ "$(systemctl is-system-running 2>/dev/null)" != "running" ] && [ "$(systemctl is-system-running 2>/dev/null)" != "degraded" ]; do :; done'
+sudo lxc-attach -n ncp --clear-env -- bash /build/install.sh
+sudo lxc-attach -n ncp --clear-env -- poweroff
+
+exit 0 # TODO
+
+## pack
+pack_image "$IMG" "$TAR"
+
+## test
+#set_static_IP "$IMG" "$IP"
+#test_image    "$IMG" "$IP" # TODO fix tests
+
+# upload
+create_torrent "$TAR"
+upload_ftp "$( basename "$TAR" .tar.bz2 )"
+
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA

build/build-LXD.sh

@@ -0,0 +1,75 @@
+#!/bin/bash
+
+# Batch creation of NextCloudPi LXD image
+#
+# Copyleft 2021 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+#
+
+set -e
+source build/buildlib.sh
+
+#CLEAN=0                    # Pass this envvar to skip cleaning download cache
+IMG="NextCloudPi_LXD_$( date  "+%m-%d-%y" ).img"
+IMG=tmp/"$IMG"
+
+TAR=output/"$( basename "$IMG" .img ).tar.bz2"
+
+test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
+
+##############################################################################
+
+## preparations
+
+test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
+set -e
+prepare_dirs                   # tmp cache output
+
+## BUILD NCP
+
+echo -e "\e[1m\n[ Build NCP ]\e[0m"
+
+lxc delete -f ncp 2>/dev/null || true
+lxc launch images:debian/buster ncp -c security.privileged=true # TODO this is privileged
+lxc config device add ncp buildcode disk source="$(pwd)" path=/build
+lxc exec ncp -- bash -c 'while [ "$(systemctl is-system-running 2>/dev/null)" != "running" ] && [ "$(systemctl is-system-running 2>/dev/null)" != "degraded" ]; do :; done'
+lxc exec ncp -- bash -c 'CODE_DIR=/build bash /build/install.sh'
+lxc exec ncp -- bash -c 'source /build/etc/library.sh; run_app_unsafe /build/post-inst.sh'
+lxc config device remove ncp buildcode
+lxc publish ncp -f --alias ncp:"${version}"
+lxc export ncp "$TAR"
+
+# TODO set up auto testing
+
+exit 0 # TODO
+
+## pack
+pack_image "$IMG" "$TAR"
+
+## test
+#set_static_IP "$IMG" "$IP"
+#test_image    "$IMG" "$IP" # TODO fix tests
+
+# upload
+create_torrent "$TAR"
+upload_ftp "$( basename "$TAR" .tar.bz2 )"
+
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA

build-SD-armbian.sh → build/build-SD-armbian.sh

@@ -17,10 +17,11 @@ IMG="NextCloudPi_${BNAME}_$( date  "+%m-%d-%y" ).img"
 IMG=tmp/"$IMG"
 TAR=output/"$( basename "$IMG" .img ).tar.bz2"
 
+set -e
+source build/buildlib.sh
+
 test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
 
-set -e
-source buildlib.sh
 source etc/library.sh # sets RELEASE
 
 prepare_dirs                   # tmp cache output
@@ -32,7 +33,7 @@ prepare_dirs                   # tmp cache output
 # add NCP modifications
 mkdir -p armbian/userpatches armbian/userpatches/overlay
 rm -f ncp-web/{wizard.cfg,ncp-web.cfg}
-cp armbian.sh armbian/userpatches/customize-image.sh
+cp build/armbian/armbian.sh armbian/userpatches/customize-image.sh
 rsync -Aax --delete --exclude-from .gitignore --exclude *.img --exclude *.bz2 . armbian/userpatches/overlay/
 
 # GENERATE IMAGE

build-SD-berryboot.sh → build/build-SD-berryboot.sh

@@ -8,13 +8,13 @@
 # Usage: ./build-SD-berryboot.sh <img>
 #
 
+set -e
+source build/buildlib.sh
+
 SRC="$1"
 IMG="NextCloudPi_RPi_Berryboot_$( date  "+%m-%d-%y" ).img"
 TAR=output/"$( basename "$IMG" .img ).tar.bz2"
 
-set -e
-source buildlib.sh
-
 test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
 
 [[ -f "$SRC" ]] || { echo "$SRC not found"; exit 1; }