Skip to content

Instantly share code, notes, and snippets.

@bay-systems

bay-systems/mmdebstrap-bw1

Last active May 9, 2023 06:29
Show Gist options
  • Save bay-systems/50de9ed5dfba254f8464a08f46b27252 to your computer and use it in GitHub Desktop.
Save bay-systems/50de9ed5dfba254f8464a08f46b27252 to your computer and use it in GitHub Desktop.
Download ZIP
Bash script to create Debian 12 "bookworm" mmdebstrap container and import into systemd-containerd
Raw
mmdebstrap-bw1
#!/bin/bash -e
#
# This script creates an mmdebstrap .tar and imports it into systemd-nspawn
# where it can be managed by machinectl
#
# On the host machine you should run:
# systemctl enable systemd-networkd; systemctl start systemd-networkd
#
# Then start the container:
# machinectl start bw1
#
# To access the container:
# machinectl login bw1
# - or -
# machinectl shell bw1
#
# Systemd should automatically create virtual ethernet interfaces on the host
# and the container and assign IP addresses to them.
#
# The container should automatically resolve via mDNS on the host (with an
# IPv6 address):
# e.g.: ping bw1
#
# This config below uses an apt-cacher-ng proxy at 192.168.0.10
# It installs openssh-server, ansible, rsync, and vim on the container
#
# If you want to ssh in to the container as root edit /etc/ssh/sshd_config
# on the container and use:
# PermitRootLogin yes
#
# Dhya dhya@bay.systems Mon, 08 May 2023 23:29:36 -0700
#
user="foo"
pass="bar"
groups="adm,staff,sudo"
sources_list="# For information about how to configure apt package sources,
# see the sources.list(5) manual.
deb http://deb.debian.org/debian/ bookworm main contrib non-free
deb-src http://deb.debian.org/debian/ bookworm main contrib non-free
deb http://deb.debian.org/debian/ bookworm-proposed-updates main contrib non-free
deb-src http://deb.debian.org/debian/ bookworm-proposed-updates main contrib non-free
deb http://deb.debian.org/debian/ bookworm-updates main contrib non-free
deb-src http://deb.debian.org/debian/ bookworm-updates main contrib non-free
deb http://security.debian.org/debian-security bookworm-security main contrib non-free
deb-src http://security.debian.org/debian-security bookworm-security main contrib non-free"
apt_proxy='Acquire::http::Proxy::deb.debian.org \"http://192.168.0.10:3142/\";'
NAME="bw1"
mmdebstrap \
--aptopt='Acquire::http { Proxy "http://192.168.0.10:3142"; }' \
--include=dbus-broker,systemd-container,systemd-resolved,openssh-server,ansible,rsync,sudo \
--customize-hook='chroot "$1" apt -y purge ifupdown nano vim-tiny vim-common' \
--customize-hook='chroot "$1" systemctl enable systemd-networkd systemd-resolved' \
--customize-hook='echo '"${NAME}"' > "$1/etc/hostname"' \
--customize-hook='printf "127.0.0.1\tlocalhost\n127.0.1.1\t'"${NAME}"'\n\n::1\tlocalhost ip6-localhost ip6-loopback\nff02::1\tip6-allnodes\nff02::2\tip6-allrouters" > "$1/etc/hosts"' \
--customize-hook='printf "'"${sources_list}"'" > "$1/etc/apt/sources.list"' \
--customize-hook='printf "'"${apt_proxy}"'" > "$1/etc/apt/apt.conf.d/02proxy"' \
--customize-hook='chroot "$1" useradd -s /bin/bash -m -G '"${groups}"' '"${user}"'' \
--customize-hook='echo '"${user}":"${pass}"' | chroot "$1" chpasswd' \
--customize-hook='sed -E -i "s/^%sudo ALL=\(ALL:ALL\) ALL/%sudo ALL=\(ALL:ALL\) NOPASSWD:ALL/" "$1/etc/sudoers"' \
--customize-hook='chroot "$1" apt -y install vim' \
--customize-hook='chroot "$1" rm -rf /etc/network' \
bookworm ${NAME}.tar
printf "\nFinished creating ${NAME} container: ${NAME}.tar\n"
sudo machinectl import-tar ${NAME}.tar ${NAME}
printf "\nFinished importing ${NAME}.tar"
echo It can be started with \'machinectl start $NAME\'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment