build: add LXC/LXD support

Signed-off-by: nachoparker <nacho@ownyourbits.com>

bin/ncp/CONFIG/nc-nextcloud.sh

@@ -19,11 +19,9 @@ install()
   # During build, this step is run before ncp.sh. Avoid executing twice
   [[ -f /usr/lib/systemd/system/nc-provisioning.service ]] && return 0
 
-  source /usr/local/etc/library.sh # sets PHPVER RELEASE
-
   # Optional packets for Nextcloud and Apps
   apt-get update
-  $APTINSTALL lbzip2 iputils-ping jq
+  $APTINSTALL lbzip2 iputils-ping jq wget
   $APTINSTALL -t $RELEASE php-smbclient exfat-fuse exfat-utils                  # for external storage
   $APTINSTALL -t $RELEASE php${PHPVER}-exif                                     # for gallery
   $APTINSTALL -t $RELEASE php${PHPVER}-gmp                                      # for bookmarks
@@ -56,6 +54,16 @@ install()
   echo "maxmemory $REDIS_MEM" >> $REDIS_CONF
   echo 'vm.overcommit_memory = 1' >> /etc/sysctl.conf
 
+  if is_lxc; then
+    # Otherwise it fails to start in Buster LXC container
+    mkdir -p /etc/systemd/system/redis-server.service.d
+    cat > /etc/systemd/system/redis-server.service.d/lxc_fix.conf <<'EOF'
+[Service]
+ReadOnlyDirectories=
+EOF
+    systemctl daemon-reload
+  fi
+
   chown redis: "$REDIS_CONF"
   usermod -a -G redis www-data
 

bin/ncp/SYSTEM/nc-swapfile.sh

@@ -47,8 +47,7 @@ configure()
 
 install()
 {
-  apt-get update
-  DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends dphys-swapfile
+  apt_install dphys-swapfile
 }
 
 

Vagrantfile → build/Vagrantfile

@@ -26,7 +26,7 @@ Vagrant.configure("2") do |config|
     BRANCH=master
     #BRANCH=devel  # uncomment to install devel
     apt-get update
-    DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends git
+    DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends git ca-certificates
 
     # install
     git clone -b "$BRANCH" https://github.com/nextcloud/nextcloudpi.git /tmp/nextcloudpi

batch.sh → build/batch.sh

@@ -8,12 +8,9 @@
 #
 
 set -e
-
-version=$(git describe --tags --always)
-version=${version%-*-*}
+source build/buildlib.sh          # initializes $IMGNAME
 
 ## BUILDING
-source buildlib.sh          # initializes $IMGNAME
 
 [[ "$FTPPASS" == "" ]] && {
   echo -e "\e[1mNo FTPPASS variable found, FTP won't work.\nYou can ^C to cancel now\e[0m"
@@ -29,27 +26,28 @@ sleep 5
 rm -f ncp-web/wizard.cfg
 
 # Raspbian
-./build-SD-rpi.sh
+#build/build-SD-rpi.sh
 IMG="$( ls -1t tmp/*.img | head -1 )"
-./build-SD-berryboot.sh "$IMG"
+#build/build-SD-berryboot.sh "$IMG"
 
 # Armbian
-./build-SD-armbian.sh odroidxu4 OdroidHC2
-./build-SD-armbian.sh rockpro64 RockPro64
-./build-SD-armbian.sh rock64 Rock64
-./build-SD-armbian.sh bananapi Bananapi
-./build-SD-armbian.sh odroidhc4 OdroidHC4
-./build-SD-armbian.sh odroidc4 OdroidC4
-./build-SD-armbian.sh odroidc2 OdroidC2
-#./build-SD-armbian.sh orangepizeroplus2-h5 OrangePiZeroPlus2
+build/build-SD-armbian.sh odroidxu4 OdroidHC2
+exit 0
+build/build-SD-armbian.sh rockpro64 RockPro64
+build/build-SD-armbian.sh rock64 Rock64
+build/build-SD-armbian.sh bananapi Bananapi
+build/build-SD-armbian.sh odroidhc4 OdroidHC4
+build/build-SD-armbian.sh odroidc4 OdroidC4
+build/build-SD-armbian.sh odroidc2 OdroidC2
+#build/build-SD-armbian.sh orangepizeroplus2-h5 OrangePiZeroPlus2
 
 # VM
-./build-VM.sh
+build/build-VM.sh
 
 # Docker
-./build-docker.sh x86
-./build-docker.sh armhf
-./build-docker.sh arm64
+build/build-docker.sh x86
+build/build-docker.sh armhf
+build/build-docker.sh arm64
 
 [[ "$FTPPASS" == "" ]] && exit
 

build/build-LXC.sh

@@ -0,0 +1,72 @@
+#!/bin/bash
+
+# Batch creation of NextCloudPi LXC image
+#
+# Copyleft 2021 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+#
+
+set -e
+source build/buildlib.sh
+
+#CLEAN=0                    # Pass this envvar to skip cleaning download cache
+IMG="NextCloudPi_LXC_$( date  "+%m-%d-%y" ).img"
+IMG=tmp/"$IMG"
+
+TAR=output/"$( basename "$IMG" .img ).tar.bz2"
+
+test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
+
+##############################################################################
+
+## preparations
+
+test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
+set -e
+prepare_dirs                   # tmp cache output
+
+## BUILD NCP
+
+echo -e "\e[1m\n[ Build NCP ]\e[0m"
+
+# TODO sudo
+sudo lxc-destroy ncp -f
+sudo lxc-create -n ncp -t download -B btrfs -- --dist debian --release buster --arch amd64 # TODO vars for distro and stuff 
+sudo cp lxc_config /var/lib/lxc/ncp/config
+sudo lxc-start -n ncp
+sudo lxc-attach -n ncp --clear-env -- bash -c 'while [ "$(systemctl is-system-running 2>/dev/null)" != "running" ] && [ "$(systemctl is-system-running 2>/dev/null)" != "degraded" ]; do :; done'
+sudo lxc-attach -n ncp --clear-env -- bash /build/install.sh
+sudo lxc-attach -n ncp --clear-env -- poweroff
+
+exit 0 # TODO
+
+## pack
+pack_image "$IMG" "$TAR"
+
+## test
+#set_static_IP "$IMG" "$IP"
+#test_image    "$IMG" "$IP" # TODO fix tests
+
+# upload
+create_torrent "$TAR"
+upload_ftp "$( basename "$TAR" .tar.bz2 )"
+
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA

build/build-LXD.sh

@@ -0,0 +1,74 @@
+#!/bin/bash
+
+# Batch creation of NextCloudPi LXD image
+#
+# Copyleft 2021 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+#
+
+set -e
+source build/buildlib.sh
+
+#CLEAN=0                    # Pass this envvar to skip cleaning download cache
+IMG="NextCloudPi_LXD_$( date  "+%m-%d-%y" ).img"
+IMG=tmp/"$IMG"
+
+TAR=output/"$( basename "$IMG" .img ).tar.bz2"
+
+test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
+
+##############################################################################
+
+## preparations
+
+test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
+set -e
+prepare_dirs                   # tmp cache output
+
+## BUILD NCP
+
+echo -e "\e[1m\n[ Build NCP ]\e[0m"
+
+lxc delete -f ncp
+lxc launch images:debian/buster ncp -c security.privileged=true # TODO this is privileged
+lxc config device add ncp buildcode disk source=`pwd` path=/build
+lxc exec ncp -- bash -c 'while [ "$(systemctl is-system-running 2>/dev/null)" != "running" ] && [ "$(systemctl is-system-running 2>/dev/null)" != "degraded" ]; do :; done'
+lxc exec ncp -- bash -c 'CODE_DIR=/build bash /build/install.sh'
+lxc config device remove ncp buildcode
+lxc publish ncp -f --alias ncp:${version}
+lxc export ncp "$TAR"
+
+# TODO set up auto testing
+
+exit 0 # TODO
+
+## pack
+pack_image "$IMG" "$TAR"
+
+## test
+#set_static_IP "$IMG" "$IP"
+#test_image    "$IMG" "$IP" # TODO fix tests
+
+# upload
+create_torrent "$TAR"
+upload_ftp "$( basename "$TAR" .tar.bz2 )"
+
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA

build-SD-armbian.sh → build/build-SD-armbian.sh

@@ -17,10 +17,11 @@ IMG="NextCloudPi_${BNAME}_$( date  "+%m-%d-%y" ).img"
 IMG=tmp/"$IMG"
 TAR=output/"$( basename "$IMG" .img ).tar.bz2"
 
+set -e
+source build/buildlib.sh
+
 test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
 
-set -e
-source buildlib.sh
 source etc/library.sh # sets RELEASE
 
 prepare_dirs                   # tmp cache output
@@ -32,7 +33,7 @@ prepare_dirs                   # tmp cache output
 # add NCP modifications
 mkdir -p armbian/userpatches armbian/userpatches/overlay
 rm -f ncp-web/{wizard.cfg,ncp-web.cfg}
-cp armbian.sh armbian/userpatches/customize-image.sh
+cp build/armbian/armbian.sh armbian/userpatches/customize-image.sh
 rsync -Aax --delete --exclude-from .gitignore --exclude *.img --exclude *.bz2 . armbian/userpatches/overlay/
 
 # GENERATE IMAGE

build-SD-berryboot.sh → build/build-SD-berryboot.sh

@@ -8,13 +8,13 @@
 # Usage: ./build-SD-berryboot.sh <img>
 #
 
+set -e
+source build/buildlib.sh
+
 SRC="$1"
 IMG="NextCloudPi_RPi_Berryboot_$( date  "+%m-%d-%y" ).img"
 TAR=output/"$( basename "$IMG" .img ).tar.bz2"
 
-set -e
-source buildlib.sh
-
 test -f "$TAR" && { echo "$TAR already exists. Skipping... "; exit 0; }
 
 [[ -f "$SRC" ]] || { echo "$SRC not found"; exit 1; }

build-SD-rpi.sh → build/build-SD-rpi.sh

@@ -9,7 +9,7 @@
 #
 
 set -e
-source buildlib.sh
+source build/buildlib.sh
 
 URL="https://downloads.raspberrypi.org/raspios_lite_arm64/images/raspios_lite_arm64-2020-08-24/2020-08-20-raspios-buster-arm64-lite.zip"
 SIZE=3G                     # Raspbian image size
@@ -50,6 +50,9 @@ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
     # mark the image as an image build
     touch /.ncp-image
 
+    # allow oldstable
+    apt-get update --allow-releaseinfo-change
+
     # As of 10-2018 this upgrades raspi-kernel and messes up wifi and BTRFS
     #apt-get upgrade -y
     #apt-get dist-upgrade -y

build-docker.sh → build/build-docker.sh

@@ -6,8 +6,7 @@
 
 set -e
 
-version=$(git describe --tags --always)
-version=${version%-*-*}
+source build/buildlib.sh
 release=$(jq -r .release < etc/ncp.cfg)
 
 function docker_build() { DOCKER_BUILDKIT=1 docker build --progress=plain . "$@"; }

buildlib.sh → build/buildlib.sh

@@ -10,6 +10,9 @@
 
 DBG=x
 
+version=$(git describe --tags --always)
+version=${version%-*-*}
+
 # $IMG    is the source image
 # $IP     is the IP of the QEMU images
 # $IMGOUT will contain the name of the generated image

build/lxc_config

@@ -0,0 +1,31 @@
+# Template used to create this container: /usr/share/lxc/templates/lxc-download
+# Parameters passed to the template: --dist debian --release buster --arch amd64
+# Template script checksum (SHA-1): 1ad14dde73ae69ed485f71e26793af87573947d4
+# For additional config options, please look at lxc.container.conf(5)
+
+# Uncomment the following line to support nesting containers:
+#lxc.include = /usr/share/lxc/config/nesting.conf
+# (Be aware this has security implications)
+
+
+# Distribution configuration
+lxc.include = /usr/share/lxc/config/common.conf
+lxc.arch = linux64
+
+# Container specific configuration
+lxc.rootfs.path = btrfs:/var/lib/lxc/ncp/rootfs
+lxc.uts.name = ncp
+
+# Network configuration
+#lxc.net.0.type = empty
+lxc.net.0.type = veth
+lxc.net.0.link = lxcbr0
+lxc.net.0.flags = up
+lxc.net.0.hwaddr = 00:16:3e:2d:5d:80
+
+# Mounts
+lxc.mount.entry = /media/DATA/src/nextcloudpi build none bind,create=dir 0 0
+
+# Moar privileges (TODO review)
+#lxc.apparmor.profile = unconfined
+#lxc.cgroup2.devices.allow = a