diff --git a/BUILD.sh b/BUILD.sh index dc2622f..4e6b0f0 100755 --- a/BUILD.sh +++ b/BUILD.sh @@ -1,5 +1,7 @@ #!/bin/sh +set -eo pipefail + hasunset=0 if [[ "$CLOUD_CONFIG_REPO" -eq "" ]]; then @@ -24,9 +26,28 @@ if [[ "$hasunset" -ne 0 ]]; then grep -E "^ENV" ./Dockerfile fi +cleanup_() { + if [[ "$GPG_PRIVATE_KEY" -ne "" ]]; then + rm ./bot-gpg-key.asc + fi +} + +trap cleanup_ INT TERM + +if [[ "$GPG_PRIVATE_KEY" -ne "" ]]; then + echo "$GPG_PRIVATE_KEY" > ./bot-gpg-key.asc +elif [[ ! -f ./bot-gpg-key.asc ]]; then + echo "GPG key not found. Terminating.." + exit -1 +fi + +IMAGE_TAG=$(git rev-parse --short HEAD) +IMAGE_NAME=${IMAGE_NAME:-bearcloud} + +echo "Image tag: $IMAGE_NAME:$IMAGE_TAG and $IMAGE_NAME:latest" echo "Additional arguments: $@" echo "Continue?" read -sudo docker build . $@ +sudo docker build -t "$IMAGE_NAME:$IMAGE_TAG" -t "$IMAGE_NAME:latest" $@ . diff --git a/Dockerfile b/Dockerfile index 93c6fab..4ff4089 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,20 +3,19 @@ FROM alpine:latest AS rootfs-builder ENV CLOUD_CONFIG_REPO=https://git.sfclub.cc/cloud/bearnet ENV CLOUD_CONFIG_REVISION=wish ENV CLOUD_GATEWAY_ADDRESS=10.0.0.119 - +RUN apk update && apk add alpine-make-vm-image make COPY /image /kitchen COPY ./scripts/orchestrate.py /kitchen/overlay/daemon/orchestrate.py COPY bot-gpg-key.asc /kitchen/overlay/root/gpg-key.asc -RUN sed -i "s/_REPO_/$CLOUD_CONFIG_REPO/g" /kitchen/overlay/daemon/update.sh \ - sed -i "s/_REVISION_/$CLOUD_CONFIG_REVISION/g" /kitchen/overlay/daemon/update.sh \ - sed -i "s/GATEWAY_ADDRESS/$CLOUD_GATEWAY_ADDRESS/g" /kitchen/overlay/etc/dhcp/dhclient.conf -RUN apk update && apk add alpine-make-vm-image \ - cd /kitchen && make build extract-kernel && mkdir /image && cp ./$IMAGE_NAME* /image +RUN sed -i "s#_REPO_#$CLOUD_CONFIG_REPO#g" /kitchen/overlay/daemon/update.sh && \ + sed -i "s#_REVISION_#$CLOUD_CONFIG_REVISION#g" /kitchen/overlay/daemon/update.sh && \ + sed -i "s#GATEWAY_ADDRESS#$CLOUD_GATEWAY_ADDRESS#g" /kitchen/overlay/etc/dhcp/dhclient.conf +RUN cd /kitchen && make build && mkdir /image && cp ./vm.raw /image FROM alpine:latest AS hypervisor ADD ./scripts/setup-hypervisor.sh /setup.sh # Download cloud hypervisor -RUN apk update && apk add bash curl jq tini && sh /setup.sh && rm /setup.sh && mkdir /app +RUN apk update && apk add bash curl jq tini linux-virt && sh /setup.sh && rm /setup.sh && mkdir /app COPY --from=rootfs-builder /image /image COPY ./scripts/entrypoint.sh /entrypoint.sh diff --git a/image/Makefile b/image/Makefile index 21895eb..6f7fc85 100644 --- a/image/Makefile +++ b/image/Makefile @@ -1,24 +1,8 @@ -# Alpine VM Image Builder -# ------------------------ -# Builds a bootable Alpine Linux disk image for Cloud Hypervisor direct boot. -# -# Usage: -# make build — generate GPG key + build qcow2 image -# make build-raw — build raw image (for Cloud Hypervisor direct boot) -# make extract-kernel — extract kernel + initramfs from image -# make clean — remove build artifacts -# -# Configurable variables (override on command line): -# IMAGE_SIZE Size of the disk image (default: 4G) -# ALPINE_BRANCH Alpine release branch (default: latest-stable) -# KERNEL_FLAVOR Kernel variant (default: virt) -# ALPINE_MIRROR APK mirror (default: http://dl-cdn.alpinelinux.org/alpine) - SHELL := /bin/sh # --- configurable ---------------------------------------------------- IMAGE_NAME = alpine-vm -IMAGE_SIZE ?= 4G +IMAGE_SIZE ?= 2G IMAGE_FORMAT = raw ALPINE_BRANCH ?= latest-stable KERNEL_FLAVOR ?= virt @@ -35,7 +19,7 @@ build: echo "ERROR: GPG key not found. Generate key first" >&2; \ exit 1; \ } - $(MAKE_VM_IMAGE) \ + alpine-make-vm-image \ --branch $(ALPINE_BRANCH) \ --image-format $(IMAGE_FORMAT) \ --image-size $(IMAGE_SIZE) \ @@ -44,29 +28,10 @@ build: --fs-skel-dir $(OVERLAY_DIR) \ --fs-skel-chown root:root \ --script-chroot \ - --packages "python3 py3-yaml py3-pydantic git curl gnupg docker docker-cli-buildx docker-cli-compose" \ + --packages "python3 py3-yaml py3-pydantic git curl gnupg docker docker-cli-buildx docker-cli-compose cronie" \ $(IMAGE_FILE) \ $(CONFIGURE_SH) @echo ">>> Image built: $(IMAGE_FILE)" @ls -lh $(IMAGE_FILE) -# Raw image (best for Cloud Hypervisor) -build-raw: - $(MAKE) build IMAGE_FORMAT=raw - -# --- kernel extraction ----------------------------------------------- - -extract-kernel: $(IMAGE_FILE) - @echo ">>> Extracting kernel and initramfs from $(IMAGE_FILE) ..." - @which guestmount >/dev/null 2>&1 || { \ - echo "ERROR: guestmount (libguestfs) required. Install: apk add libguestfs" >&2; \ - exit 1; \ - } - @mkdir -p $(IMAGE_NAME)-boot - guestmount -a $(IMAGE_FILE) -m /dev/sda --ro $(IMAGE_NAME)-boot - cp $(IMAGE_NAME)-boot/boot/vmlinuz-$(KERNEL_FLAVOR) vmlinuz - cp $(IMAGE_NAME)-boot/boot/initramfs-$(KERNEL_FLAVOR) initramfs - guestunmount $(IMAGE_NAME)-boot - rmdir $(IMAGE_NAME)-boot - -.PHONY: build build-raw build-no-gpg extract-kernel gpg-key gpg-fingerprint +.PHONY: build diff --git a/image/overlay/root/.ssh/authorized_keys b/image/overlay/root/.ssh/authorized_keys new file mode 100644 index 0000000..71250e2 --- /dev/null +++ b/image/overlay/root/.ssh/authorized_keys @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN6GbswtvLbhmju/vBunpfPaqpcIuESJSLoR+Sz0ujTs cardno:F1D0_013135A1 diff --git a/image/packages b/image/packages deleted file mode 100644 index eabf4f1..0000000 --- a/image/packages +++ /dev/null @@ -1,10 +0,0 @@ -python3 -py3-yaml -py3-pydantic -git -curl -gnupg -docker -docker-cli-buildx -docker-cli-compose -cronie \ No newline at end of file diff --git a/scripts/entrypoint.sh b/scripts/entrypoint.sh old mode 100644 new mode 100755 index 76421f0..39b738d --- a/scripts/entrypoint.sh +++ b/scripts/entrypoint.sh @@ -2,7 +2,7 @@ set -euo pipefail /usr/bin/cloud-hypervisor \ - --kernel /image/vmlinuz --initramfs /image/initramfs --disk path=/image/vm.raw \ + --kernel /boot/vmlinuz-virt --initramfs /boot/initramfs-virt --disk path=/image/vm.raw \ --cmdline "root=/dev/vda rootfstype=ext4 modules=ext4a rw console=hvc0" \ --cpus boot=${CPU_COUNT:-4} \ --memory size=${MEMORY:-4G},shared=on \ diff --git a/scripts/orchestrate.py b/scripts/orchestrate.py old mode 100644 new mode 100755 diff --git a/scripts/setup-hypervisor.sh b/scripts/setup-hypervisor.sh old mode 100644 new mode 100755