diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..55cc14d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,16 @@ +FROM debian:bookworm-slim + +# detect DOCKER_BUILD condition/situation in install script +ENV DOCKER_BUILD true + +# pre install sudo +RUN apt update && apt install sudo && rm -rf /var/lib/apt/lists/* + +# Install dependencies +COPY ./install-dependencies.sh / +RUN /install-dependencies.sh \ + && rm -rf /var/lib/apt/lists/* + +WORKDIR /opt/workbench-script + +ENTRYPOINT sh ./deploy-workbench.sh diff --git a/deploy-workbench.sh b/deploy-workbench.sh index 7996c09..113230c 100755 --- a/deploy-workbench.sh +++ b/deploy-workbench.sh @@ -197,7 +197,15 @@ create_persistence_partition() { tmp_rw_mount="/tmp/${rw_img_name}" ${SUDO} umount -f -l "${tmp_rw_mount}" >/dev/null 2>&1 || true mkdir -p "${tmp_rw_mount}" - ${SUDO} mount "$(pwd)/${rw_img_path}" "${tmp_rw_mount}" + # detect relative path, else absolute path + # TODO solve this situation better + # thanks https://unix.stackexchange.com/questions/256434/check-if-shell-variable-contains-an-absolute-path + if [ "${rw_img_path}" = "${rw_img_path#/}" ]; then + mount_rw_img_path="$(pwd)/${rw_img_path}" + else + mount_rw_img_path="${rw_img_path}" + fi + ${SUDO} mount "${mount_rw_img_path}" "${tmp_rw_mount}" ${SUDO} mkdir -p "${tmp_rw_mount}" if [ ! -f "settings.ini" ]; then ${SUDO} cp -v settings.ini.example settings.ini @@ -324,14 +332,12 @@ END echo 'Install requirements' # Install debian requirements +# TODO converge more here with install-dependencies.sh apt-get install -y --no-install-recommends \ sudo locales keyboard-configuration console-setup qrencode \ python-is-python3 python3 python3-dev python3-pip pipenv \ dmidecode smartmontools hwinfo pciutils lshw nfs-common < /dev/null -# Install lshw B02.19 utility using backports (DEPRECATED in Debian 12) -#apt install -y -t ${VERSION_CODENAME}-backports lshw < /dev/null - echo 'Install sanitize requirements' # Install sanitize debian requirements @@ -432,8 +438,10 @@ if [ -z "${DEBUG:-}" ]; then fi # cleanup bash history -history -c - +# https://stackoverflow.com/questions/3199893/howto-detect-bash-from-shell-script +if [ "\${BASH_VERSION}" ]; then + history -c +fi CHROOT } @@ -474,32 +482,6 @@ prepare_chroot_env() { prepare_app } - -# thanks https://willhaley.com/blog/custom-debian-live-environment/ -install_requirements() { - # Install requirements - eval "${decide_if_update_str}" && decide_if_update - image_deps='debootstrap - squashfs-tools - xorriso - mtools - dosfstools' - # secureboot: - # -> extra src https://wiki.debian.org/SecureBoot/ - # -> extra src https://wiki.debian.org/SecureBoot/VirtualMachine - # -> extra src https://wiki.debian.org/GrubEFIReinstall - bootloader_deps='isolinux - syslinux-efi - grub-pc-bin - grub-efi-amd64-bin - ovmf - shim-signed - grub-efi-amd64-signed' - ${SUDO} apt-get install -y \ - ${image_deps} \ - ${bootloader_deps} -} - # thanks https://willhaley.com/blog/custom-debian-live-environment/ create_base_dirs() { mkdir -p "${ISO_PATH}" @@ -524,7 +506,7 @@ detect_user() { echo "ERROR: this script needs root or sudo permissions (current user is not part of sudo group)" exit 1 # detect user with sudo or already on sudo src https://serverfault.com/questions/568627/can-a-program-tell-it-is-being-run-under-sudo/568628#568628 - elif [ ! "\${userid}" = 0 ] || [ -n "\${SUDO_USER}" ]; then + elif [ ! "\${userid}" = 0 ] || [ -n "\${SUDO_USER:-}" ]; then SUDO='sudo' # jump to current dir where the script is so relative links work cd "\$(dirname "\${0}")" @@ -533,7 +515,7 @@ detect_user() { # detect pure root elif [ "\${userid}" = 0 ]; then SUDO='' - ISO_PATH="/opt/workbench" + ISO_PATH="/opt/workbench-script/iso" fi } END @@ -554,7 +536,7 @@ main() { create_base_dirs - install_requirements + echo 'Assuming that you already executed ./install-dependencies.sh' prepare_chroot_env diff --git a/docker-compose.yaml b/docker-compose.yaml index e4cb34a..2fac0b3 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,17 +1,13 @@ services: build-iso: - build: - context: . - dockerfile: docker/Dockerfile.build - #this is needed for mount + init: true + build: . + # this is needed to mount inside docker privileged: true + # uncomment next two lines to test this + environment: + - DEBUG=true volumes: - - type: bind - source: . - target: /var/opt - read_only: true - - type: bind - source: ./iso - target: /var/opt/iso - read_only: false + - .:/opt/workbench-script:ro + - ./iso:/opt/workbench-script/iso:rw diff --git a/docker/Dockerfile.build b/docker/Dockerfile.build deleted file mode 100644 index 921e31e..0000000 --- a/docker/Dockerfile.build +++ /dev/null @@ -1,28 +0,0 @@ -FROM debian:bookworm-slim - -# Install dependencies -RUN apt-get update && apt-get install -y \ - smartmontools \ - lshw \ - hwinfo \ - dmidecode \ - python3 \ - pipenv \ - sudo \ - debootstrap \ - && rm -rf /var/lib/apt/lists/* - - -WORKDIR /var/opt - -#allow sudo so that deploy-workbench.sh runs -RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo -RUN echo "docker ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers - -RUN chown -R docker /var/opt/iso - -ENV USER=docker -USER docker - -COPY ./deploy-workbench.sh ./ -ENTRYPOINT sh deploy-workbench.sh diff --git a/install-dependencies.sh b/install-dependencies.sh index ae00ba0..b081021 100755 --- a/install-dependencies.sh +++ b/install-dependencies.sh @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (c) 2024 Pedro +# Copyright (c) 2024 pangea.org AssociaciĆ³ Pangea - Coordinadora ComunicaciĆ³ per a la CooperaciĆ³ # SPDX-License-Identifier: AGPL-3.0-or-later set -e @@ -9,18 +9,52 @@ set -u set -x main() { - sudo apt update && \ - apt install -y \ - smartmontools \ - lshw \ - hwinfo \ - dmidecode \ - inxi \ - python3 \ - pipenv \ - sudo \ - debootstrap \ - qemu-system + sudo apt update + + # system dependencies + host_deps='sudo' + # thanks https://stackoverflow.com/questions/23513045/how-to-check-if-a-process-is-running-inside-docker-container + if [ ! "${DOCKER_BUILD}" ]; then + host_deps="${host_deps} qemu-system" + fi + + # workbench deploy/builder image dependencies + image_deps='debootstrap + squashfs-tools + xorriso + mtools + dosfstools' + + # workbench deploy/builder bootloader dependencies + # thanks https://willhaley.com/blog/custom-debian-live-environment/ + # secureboot: + # -> extra src https://wiki.debian.org/SecureBoot/ + # -> extra src https://wiki.debian.org/SecureBoot/VirtualMachine + # -> extra src https://wiki.debian.org/GrubEFIReinstall + bootloader_deps='isolinux + syslinux-efi + syslinux-common + grub-pc-bin + grub-efi-amd64-bin + ovmf + shim-signed + grub-efi-amd64-signed' + + # workbench-script client dependencies + client_deps='smartmontools + lshw + hwinfo + dmidecode + inxi + python3 + pipenv' + + # install all + sudo apt install --no-install-recommends -y \ + ${host_deps} \ + ${image_deps} \ + ${bootloader_deps} \ + ${client_deps} } main "${@}"