# The home-server project produces a multi-purpose setup using Ansible. # Copyright © 2018–2023 Y. Gablin, under the GPL-3.0-or-later license. # Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing. # REQUIRED: make, root-less podman, jq, ssh-keygen SHELL := /usr/bin/env bash # https://stackoverflow.com/a/23324703 ROOT_DIR := $(shell dirname $(realpath $(firstword $(MAKEFILE_LIST)))) MY_IP := $(shell ip route | sed -nr 's/^default.* src ([^ ]+).*/\1/p') NETWORK := 10.0.2.0 NET_BITS := 25# max 25 (no space between value and comment!) FRONT_NAME := front-dev FRONT_IP := 10.0.2.4 FRONT_SH_EXTRA := # empty, or must end with ; FRONT_PODMAN_EXTRA := BACK_NAME := back-dev BACK_IP := 10.0.2.3 BACK_SH_EXTRA := mkdir -p "${ROOT_DIR}/target/back.media/share/{p2p,video,my_CDs,my_MP3,photos}"; # empty, or must end with ; BACK_PODMAN_EXTRA := -v "${ROOT_DIR}/target/back.media":/mnt/share PODMAN_BUILD := podman build PODMAN_RUN := podman run -d --privileged --cap-add=CAP_SYS_CHROOT --hostuser=${USER} --group-add=keep-groups -v "${ROOT_DIR}/target/shared_sockets:/run/shared_sockets:shared,U" all: printf "— front-dev | back-dev (implies front-dev): that container\n— rm: remove containers\n— rmi: remove images\n— clean: remove all (incl. Archlinux image)\n— ansible: install dev site\n" rm: podman stop back-dev; podman stop front-dev; podman rm back-dev; podman rm front-dev; rm -rf "${ROOT_DIR}/target"; true rmi: rm podman rmi back-img; podman rmi front-img; true clean: rmi podman rmi archlinux; true ansible: back-dev cd "${ROOT_DIR}/../.." && ansible-playbook -i env/dev -v site.yaml front-img: Makefile front.Dockerfile id-dev.pub id-chroot.pub ds=$$(find $^ -maxdepth 0 -printf %T@ | sort -t. -rn | awk -F. 'NR==1{print $$1}'); \ dt=$$(podman images --format=json | jq --arg name localhost/front-img:latest -r '.[] | select(.Names | length > 0) | select(.Names[0] == $$name) | .Created'); \ if [ -n "$$dt" ] && [ $$ds -gt $$dt ]; then \ podman stop front-dev; podman rm front-dev; podman rmi front-img; \ dt=; \ fi; \ if [ -z "$$dt" ]; then \ ${PODMAN_BUILD} -t=front-img -f=front.Dockerfile "${ROOT_DIR}"; \ fi front-dev: front-img mkdir -p "${ROOT_DIR}/target"/front.{opt,srv}; \ ${FRONT_SH_EXTRA} \ if ! podman ps | grep -qF localhost/front-img:latest; then \ rm -rf "${ROOT_DIR}/target/shared_sockets"; mkdir -m 1777 "${ROOT_DIR}/target/shared_sockets" 2>/dev/null; \ if podman ps -a | grep -qF localhost/front-img:latest; then \ podman start front-dev; \ else \ ${PODMAN_RUN} --name front-dev -p 20022:22 \ --network=slirp4netns:allow_host_loopback=true,cidr=${NETWORK}/${NET_BITS},outbound_addr=${MY_IP},port_handler=slirp4netns --hostname=${FRONT_NAME} --add-host=${BACK_NAME}:${BACK_IP} \ -v "${ROOT_DIR}/target/front.opt:/opt" \ -v "${ROOT_DIR}/target/front.srv:/srv" \ ${FRONT_PODMAN_EXTRA} localhost/front-img; \ fi; \ fi back-img: Makefile back.Dockerfile id-dev.pub id-chroot ds=$$(find $^ -maxdepth 0 -printf %T@ | sort -t. -rn | awk -F. 'NR==1{print $$1}'); \ dt=$$(podman images --format=json | jq --arg name localhost/back-img:latest -r '.[] | select(.Names | length > 0) | select(.Names[0] == $$name) | .Created'); \ if [ -n "$$dt" ] && [ $$ds -gt $$dt ]; then \ podman stop back-dev; podman rm back-dev; podman rmi back-img; \ dt=; \ fi; \ if [ -z "$$dt" ]; then \ ${PODMAN_BUILD} -t=back-img -f=back.Dockerfile "${ROOT_DIR}"; \ fi back-dev: front-dev back-img mkdir -p "${ROOT_DIR}/target"/back.{opt,srv}; \ ${BACK_SH_EXTRA} \ if ! podman ps | grep -qF localhost/back-img:latest; then \ if podman ps -a | grep -qF localhost/back-img:latest; then \ podman unshare podman mount front-dev; \ podman start back-dev; \ else \ set -x; \ frontDir="$$(podman unshare podman mount front-dev)"; \ #--cgroupns=container:front-dev \ ${PODMAN_RUN} --name back-dev -p 10022:22 \ --network=slirp4netns:allow_host_loopback=true,cidr=${NETWORK}/${NET_BITS},outbound_addr=${MY_IP},port_handler=slirp4netns --hostname=${BACK_NAME} --add-host=${FRONT_NAME}:${FRONT_IP} \ --mount=type=bind,src="$${frontDir}",dst="/var/lib/machines/${FRONT_NAME}",bind-propagation=shared,relabel=shared \ -v "${ROOT_DIR}/target/back.opt:/opt" \ -v "${ROOT_DIR}/target/back.srv:/srv" \ ${BACK_PODMAN_EXTRA} localhost/back-img; \ fi; \ fi id-chroot: ssh-keygen -t ed25519 -f "${ROOT_DIR}/id-chroot" -N "" id-chroot.pub: ssh-keygen -t ed25519 -f "${ROOT_DIR}/id-chroot" -N "" .PHONY: all rm rmi clean ansible front-img front-dev back-img back-dev