Skip to content

Instantly share code, notes, and snippets.

@julp
Created August 29, 2016 16:34
Show Gist options
  • Save julp/0a1f88deb4858666e4e0d498ea5f9b18 to your computer and use it in GitHub Desktop.
Save julp/0a1f88deb4858666e4e0d498ea5f9b18 to your computer and use it in GitHub Desktop.
[FreeBSD] Create or update jails
#!/bin/sh
set -e
FROM="binaries"
# use vnet ? Default: use if available
VNET=`sysctl -n kern.features.vimage`
MIRROR="ftp.freebsd.org/pub/FreeBSD/releases/"
# default cache directory
BIN_CACHE_DIR="${HOME}/.binjailcache/$(uname -r)"
# force "base" as minimal sets to install
SET_TO_INSTALL="base"
[ -s /usr/local/etc/binjail.conf ] && . /usr/local/etc/binjail.conf
: ${JAILS_ROOT:='/var/jails'}
usage()
{
echo "Usage: `basename $0`"
exit 2
}
# log(prefix, color, message)
log()
{
printf "[ \033[%d;01m%s\033[0m ] %s: %s\n" $2 $1 `basename $0` "${3}"
}
# info(message)
info()
{
log 'OK' 32 "${1}"
}
# err(message)
err()
{
log 'ERR' 31 "${1}"
}
# shared_install_steps(name)
shared_install_steps()
{
chroot "${JAILS_ROOT}/${1}" /bin/sh << EOC
# put here any command you'd need, paths are relative to the jail's root
ln -sf dev/null kernel
mkdir -p usr/ports
tzsetup -s Europe/Paris
touch etc/fstab
# newaliases # TODO: assurer la résolution d'abord
# TODO: resolv.conf
# /etc/rc.conf
echo 'hostname="`/bin/hostname`"' >> etc/rc.conf
echo 'sendmail_enable="NO"' >> etc/rc.conf
echo 'syslogd_flags="-ss"' >> etc/rc.conf
# /etc/csh.login
echo 'setenv LANG fr_FR.UTF-8' >> etc/csh.login
echo 'setenv MM_CHARSET UTF-8' >> etc/csh.login
EOC
}
# install_jail_precheck(name)
install_jail_precheck()
{
if [ -e "${JAILS_ROOT}/${1}" ]; then
err "jail \"${1}\" already exists"
exit 1
fi
mkdir -p "${JAILS_ROOT}/${1}"
return 0
}
# install_jail_from_sources(name)
install_jail_from_sources()
{
install_jail_precheck "${1}"
make -C /usr/src -j`sysctl -n hw.ncpu` buildworld NO_CLEAN=YES
make -C /usr/src installworld DESTDIR="${JAILS_ROOT}/${1}"
make -C /usr/src/etc distribution DESTDIR="${JAILS_ROOT}/${1}"
shared_install_steps "${1}"
}
# install_jail_from_binaries(name)
install_jail_from_binaries()
{
local line set s
install_jail_precheck "${1}"
# fetch, check and extract sets
mkdir -p "${BIN_CACHE_DIR}"
for s in "${SET_TO_INSTALL}"; do
if [ ! -f "${BIN_CACHE_DIR}/${s}.txz" ]; then
fetch -o "${BIN_CACHE_DIR}/${s}.txz" "ftp://${MIRROR}/$(uname -m)/$(uname -r)/${s}.txz"
fi
done
fetch -qo - "ftp://${MIRROR}/$(uname -m)/$(uname -r)/MANIFEST" | while read line; do
set=$(echo "$line" | cut -d. -f 1)
cksum=$(echo "$line" | cut -f 2)
if eval echo " ${line} " | grep -q " ${set} "; then
if [ -f "${BIN_CACHE_DIR}/${set}.txz" ]; then
if ! eval sha256 -qc "${cksum}" "${BIN_CACHE_DIR}/${set}.txz" > /dev/null; then
err "checksum failed for ${set}"
rm -f "${BIN_CACHE_DIR}/${set}.txz"
exit 1
fi
fi
fi
done
for set in $SET_TO_INSTALL; do
tar -xJf "${BIN_CACHE_DIR}/${set}.txz" -C "${JAILS_ROOT}/${1}"
done
shared_install_steps "${1}"
}
generate_conf_for_jail()
{
#
}
# update_jail_from_sources(name)
update_jail_from_sources()
{
make -C /usr/src -j`sysctl -n hw.ncpu` buildworld NO_CLEAN=YES
mergemaster -p -D "${JAILS_ROOT}/${1}"
make -C /usr/src installworld DESTDIR="${JAILS_ROOT}/${1}"
mergemaster -iF --run-updates=always -D "${JAILS_ROOT}/${1}"
}
# update_jail_from_binaries(name)
update_jail_from_binaries()
{
[ -f /etc/freebsd-update_for_jails.conf ] || ( grep -ve '#' -e '^$' -we Components -we BackupKernel /etc/freebsd-update.conf ; echo 'Components world' ; echo 'BackupKernel no' ) > /etc/freebsd-update_for_jails.conf
freebsd-update -b "${JAILS_ROOT}/${1}" -f /etc/freebsd-update_for_jails.conf fetch install
}
newopts=""
for var in "$@" ; do
case "$var" in
--install)
ACTION="install"
;;
--update)
ACTION="update"
;;
--binary)
FROM="binaries"
;;
--source)
FROM="sources"
;;
--*)
usage
;;
*)
newopts="${newopts} ${var}"
;;
esac
done
# getopt stuffs and arguments checking
set -- $newopts
unset var newopts
while getopts 'a' COMMAND_LINE_ARGUMENT ; do
case "${COMMAND_LINE_ARGUMENT}" in
a)
;;
*)
usage
;;
esac
done
shift $(( $OPTIND - 1 ))
[ $# -eq 0 ] && usage
[ -z "${ACTION}" ] && usage
for var in "$@" ; do
eval "${ACTION}_jail_from_${FROM}" "${var}"
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment