yves
/
home-server
1
0
Fork 0
Code Issues 8 Pull Requests Releases Wiki Activity
home-server/tools/podman/Makefile

107 lines
4.5 KiB
Makefile
Raw Normal View History

WIP
2023-12-30 16:32:52 +01:00
# The home-server project produces a multi-purpose setup using Ansible.
# Copyright © 20182023 Y. Gablin, under the GPL-3.0-or-later license.
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
# REQUIRED: make, root-less podman, jq, ssh-keygen
SHELL := /usr/bin/env bash
env-management (dev/prod) + podman
2023-07-30 19:36:11 +02:00
# https://stackoverflow.com/a/23324703
ROOT_DIR := $(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
MY_IP := $(shell ip route | sed -nr 's/^default.* src ([^ ]+).*/\1/p')
NETWORK := 10.0.2.0
NET_BITS := 25# max 25 (no space between value and comment!)
FRONT_NAME := front-dev
FRONT_IP := 10.0.2.4
FRONT_SH_EXTRA := # empty, or must end with ;
FRONT_PODMAN_EXTRA :=
BACK_NAME := back-dev
BACK_IP := 10.0.2.3
BACK_SH_EXTRA := mkdir -p "${ROOT_DIR}/target/back.media/share/{p2p,video,my_CDs,my_MP3,photos}"; # empty, or must end with ;
BACK_PODMAN_EXTRA := -v "${ROOT_DIR}/target/back.media":/mnt/share
PODMAN_BUILD := podman build
PODMAN_RUN := podman run -d --privileged --cap-add=CAP_SYS_CHROOT --hostuser=${USER} --group-add=keep-groups -v "${ROOT_DIR}/target/shared_sockets:/run/shared_sockets:shared,U"
all:
printf "— front-dev | back-dev (implies front-dev): that container\n— rm: remove containers\n— rmi: remove images\n— clean: remove all (incl. Archlinux image)\n— ansible: install dev site\n"
rm:
podman stop back-dev; podman stop front-dev; podman rm back-dev; podman rm front-dev; rm -rf "${ROOT_DIR}/target"; true
rmi: rm
podman rmi back-img; podman rmi front-img; true
clean: rmi
podman rmi archlinux; true
ansible: back-dev
WIP
2023-12-30 16:32:52 +01:00
cd "${ROOT_DIR}/../.." && ansible-playbook -i env/dev -v site.yaml
env-management (dev/prod) + podman
2023-07-30 19:36:11 +02:00
front-img: Makefile front.Dockerfile id-dev.pub id-chroot.pub
ds=$$(find $^ -maxdepth 0 -printf %T@ | sort -t. -rn | awk -F. 'NR==1{print $$1}'); \
dt=$$(podman images --format=json | jq --arg name localhost/front-img:latest -r '.[] | select(.Names | length > 0) | select(.Names[0] == $$name) | .Created'); \
if [ -n "$$dt" ] && [ $$ds -gt $$dt ]; then \
podman stop front-dev; podman rm front-dev; podman rmi front-img; \
dt=; \
fi; \
if [ -z "$$dt" ]; then \
${PODMAN_BUILD} -t=front-img -f=front.Dockerfile "${ROOT_DIR}"; \
fi
front-dev: front-img
mkdir -p "${ROOT_DIR}/target"/front.{opt,srv}; \
${FRONT_SH_EXTRA} \
if ! podman ps | grep -qF localhost/front-img:latest; then \
rm -rf "${ROOT_DIR}/target/shared_sockets"; mkdir -m 1777 "${ROOT_DIR}/target/shared_sockets" 2>/dev/null; \
if podman ps -a | grep -qF localhost/front-img:latest; then \
podman start front-dev; \
else \
${PODMAN_RUN} --name front-dev -p 20022:22 \
--network=slirp4netns:allow_host_loopback=true,cidr=${NETWORK}/${NET_BITS},outbound_addr=${MY_IP},port_handler=slirp4netns --hostname=${FRONT_NAME} --add-host=${BACK_NAME}:${BACK_IP} \
-v "${ROOT_DIR}/target/front.opt:/opt" \
-v "${ROOT_DIR}/target/front.srv:/srv" \
${FRONT_PODMAN_EXTRA} localhost/front-img; \
fi; \
fi
back-img: Makefile back.Dockerfile id-dev.pub id-chroot
ds=$$(find $^ -maxdepth 0 -printf %T@ | sort -t. -rn | awk -F. 'NR==1{print $$1}'); \
dt=$$(podman images --format=json | jq --arg name localhost/back-img:latest -r '.[] | select(.Names | length > 0) | select(.Names[0] == $$name) | .Created'); \
if [ -n "$$dt" ] && [ $$ds -gt $$dt ]; then \
podman stop back-dev; podman rm back-dev; podman rmi back-img; \
dt=; \
fi; \
if [ -z "$$dt" ]; then \
${PODMAN_BUILD} -t=back-img -f=back.Dockerfile "${ROOT_DIR}"; \
fi
back-dev: front-dev back-img
mkdir -p "${ROOT_DIR}/target"/back.{opt,srv}; \
${BACK_SH_EXTRA} \
if ! podman ps | grep -qF localhost/back-img:latest; then \
if podman ps -a | grep -qF localhost/back-img:latest; then \
podman unshare podman mount front-dev; \
podman start back-dev; \
else \
set -x; \
frontDir="$$(podman unshare podman mount front-dev)"; \
#--cgroupns=container:front-dev \
${PODMAN_RUN} --name back-dev -p 10022:22 \
--network=slirp4netns:allow_host_loopback=true,cidr=${NETWORK}/${NET_BITS},outbound_addr=${MY_IP},port_handler=slirp4netns --hostname=${BACK_NAME} --add-host=${FRONT_NAME}:${FRONT_IP} \
--mount=type=bind,src="$${frontDir}",dst="/var/lib/machines/${FRONT_NAME}",bind-propagation=shared,relabel=shared \
-v "${ROOT_DIR}/target/back.opt:/opt" \
-v "${ROOT_DIR}/target/back.srv:/srv" \
${BACK_PODMAN_EXTRA} localhost/back-img; \
fi; \
fi
id-chroot:
ssh-keygen -t ed25519 -f "${ROOT_DIR}/id-chroot" -N ""
id-chroot.pub:
ssh-keygen -t ed25519 -f "${ROOT_DIR}/id-chroot" -N ""
.PHONY: all rm rmi clean ansible front-img front-dev back-img back-dev