diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..514057d --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,45 @@ +name: Image Build CI + +on: + workflow_dispatch: {} + +permissions: + contents: write + +jobs: + build: + runs-on: ubuntu-latest + env: + filename: build-${{ github.run_number }} + steps: + - uses: actions/checkout@v3 + - name: Build the Docker image + run: | + docker build \ + --build-arg APT_SOURCE=http://azure.archive.ubuntu.com \ + -t labstrap . + - name: Get base image + run: | + wget --progress=dot:giga \ + -O ~/input.tar.gz \ + http://download.proxmox.com/images/system/ubuntu-20.04-standard_20.04-1_amd64.tar.gz + - name: Build it! + run: | + docker run --rm -i --name=labstrap --privileged \ + -e GITHUB_RUN_NUMBER \ + -v "$PWD":/srv:ro \ + -v $HOME/rootfs:/target \ + -v $HOME/input.tar.gz:/input.tar.gz:ro \ + labstrap + - name: Pack it! + run: | + . ./variables + sudo tar caf ${{ env.filename }}.tar.zst -C $HOME/rootfs $TAR_FLAGS . + sha256sum ${{ env.filename }}.tar.zst > ${{ env.filename }}-sha256.txt + - name: Upload it! + uses: softprops/action-gh-release@v1 + with: + tag_name: auto-build-ubuntu2004 + files: | + ${{ env.filename }}.tar.zst + ${{ env.filename }}-sha256.txt diff --git a/Dockerfile b/Dockerfile index 189b2d8..3aad536 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,12 @@ FROM ubuntu:20.04 -RUN sed -Ei 's/(archive|security)\.ubuntu\.com/mirrors.ustc.edu.cn/g' /etc/apt/sources.list && \ +ARG APT_SOURCE=https://mirrors.ustc.edu.cn +ENV APT_SOURCE=$APT_SOURCE + +RUN sed -Ei "s,https?://(archive|security)\.ubuntu\.com,$APT_SOURCE,g" /etc/apt/sources.list && \ apt-get update && \ apt-get -y upgrade && \ - apt-get -y install --no-install-recommends rsync && \ + apt-get -y install --no-install-recommends libcap2-bin rsync && \ apt-get clean CMD ["/bin/bash", "/srv/labstrap"] diff --git a/labstrap b/labstrap index 8cc0350..88e0af5 100755 --- a/labstrap +++ b/labstrap @@ -7,6 +7,7 @@ SRC="$BASE/rootfs" DST=/target INPUT=/input.tar.gz cd "$BASE" +. ./variables run() { chroot "$DST" "$@" @@ -32,23 +33,37 @@ if test "$(ls -1A "$DST" | wc -l)" -ne 0; then exit 1 fi -tar axf "$INPUT" -C "$DST" - -mount -t tmpfs none "$DST/dev" -chmod 755 "$DST/dev" -mknod -m0666 "$DST/dev/null" c 1 3 -mknod -m0666 "$DST/dev/random" c 1 8 -mknod -m0666 "$DST/dev/urandom" c 1 9 -mknod -m0666 "$DST/dev/zero" c 1 5 -ln -sf /proc/self/fd/0 "$DST/dev/stdin" -ln -sf /proc/self/fd/1 "$DST/dev/stdout" -ln -sf /proc/self/fd/2 "$DST/dev/stderr" -mkdir -p "$DST/dev/pts" -mount -t devpts none "$DST/dev/pts" -mount -t proc proc "$DST/proc" -mount -t tmpfs none "$DST/run" -mount -t sysfs sys "$DST/sys" -mount -t tmpfs none "$DST/tmp" +tar axf "$INPUT" -C "$DST" $TAR_FLAGS + +mount_all() { + mount -t tmpfs none "$DST/dev" + chmod 755 "$DST/dev" + mknod -m0666 "$DST/dev/null" c 1 3 + mknod -m0666 "$DST/dev/random" c 1 8 + mknod -m0666 "$DST/dev/urandom" c 1 9 + mknod -m0666 "$DST/dev/zero" c 1 5 + ln -sf /proc/self/fd/0 "$DST/dev/stdin" + ln -sf /proc/self/fd/1 "$DST/dev/stdout" + ln -sf /proc/self/fd/2 "$DST/dev/stderr" + mkdir -p "$DST/dev/pts" + mount -t devpts none "$DST/dev/pts" + mount -t proc proc "$DST/proc" + mount -t tmpfs none "$DST/run" + mount -t sysfs sys "$DST/sys" + mount -t tmpfs none "$DST/tmp" +} + +umount_all() { + umount "$DST/dev/pts" + umount "$DST/dev" + umount "$DST/proc" + umount "$DST/run" + umount "$DST/sys" + umount "$DST/tmp" +} + +mount_all +trap umount_all EXIT # Preliminary cleanup run sh -c 'dpkg --get-selections | cut -f1 | xargs apt-mark auto' @@ -65,11 +80,12 @@ add_package \ fcitx-table-wubi fcitx-ui-qimpanel fcitx-config-gtk \ fcitx-frontend-all fcitx-frontend-gtk2 fcitx-frontend-gtk3 fcitx-frontend-qt5 \ firefox fonts-droid-fallback firefox-locale-zh-hans language-pack-zh-hans texmaker \ - mate-tweak ubuntu-mate-core ubuntu-minimal vlab-vnc xserver-xorg slick-greeter ubuntu-mate-wallpapers \ + mate-tweak ubuntu-mate-core ubuntu-minimal xserver-xorg slick-greeter ubuntu-mate-wallpapers \ caja-open-terminal libncurses5 \ bash-completion command-not-found cron curl dnsutils htop manpages-dev net-tools ssh usrmerge vim wget \ indicator-application indicator-session indicator-datetime indicator-notifications \ - ssl-cert lrzsz + ssl-cert lrzsz \ + vlab-vnc vlab-earlyoom # Regional settings (time & language) ln -sf /usr/share/zoneinfo/Asia/Shanghai "$DST/etc/localtime" @@ -106,14 +122,25 @@ run systemctl enable vlab-startup.service add_file /etc/ssh/ # Vlab version info +VLAB_VERSION="$(date +%y%m%d)" +if [ -n "$GITHUB_RUN_NUMBER" ]; then + VLAB_VERSION="$VLAB_VERSION-gh-$GITHUB_RUN_NUMBER" +fi FILE="$DST"/etc/vlab_version -echo "VLAB_DISTRO=ubuntu" >> "$FILE" -echo "VLAB_VERSION=$(date +%y%m%d)" >> "$FILE" +echo "VLAB_DISTRO=ubuntu" > "$FILE" +echo "VLAB_VERSION=$VLAB_VERSION" >> "$FILE" chmod 444 "$FILE" # Networking (for systemd-nspawn testing environment) run systemctl enable systemd-networkd +# Prevent containers from thrusting I/O +run systemctl disable man-db.timer +run systemctl disable apt-daily-upgrade.timer + +# Fix ping capabilities +setcap cap_net_raw=ep "$DST/usr/bin/ping" + # Cleanup remove_package -o 'APT::AutoRemove::SuggestsImportant=false' apparmor dosfstools ed postfix strace tcpdump \ telnet ufw usrmerge wpasupplicant pulseaudio cups cups-browsed cups-client cups-common cups-core-drivers \ @@ -125,10 +152,3 @@ rm -rf "$DST/var/lib/apt/lists"/* "$DST/var/lib/dpkg"/*-old rm -rf "$DST/var/cache"/* rm "$DST/etc/resolv.conf" rm -rf "$DST/etc/ssh"/ssh_host_*_key{,.pub} - -umount "$DST/dev/pts" -umount "$DST/dev" -umount "$DST/proc" -umount "$DST/run" -umount "$DST/sys" -umount "$DST/tmp" diff --git a/variables b/variables new file mode 100644 index 0000000..2d2b3f0 --- /dev/null +++ b/variables @@ -0,0 +1,4 @@ +#!/bin/sh + +# PVE/Storage/Plugin.pm: our @COMMON_TAR_FLAGS +TAR_FLAGS="--one-file-system -p --sparse --numeric-owner --acls --xattrs --xattrs-include=*" \ No newline at end of file