summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xbuild.sh48
-rwxr-xr-xbuild_rootfs.sh53
-rwxr-xr-xfiles/etc/init.d/container_init47
3 files changed, 148 insertions, 0 deletions
diff --git a/build.sh b/build.sh
new file mode 100755
index 0000000..93ad201
--- /dev/null
+++ b/build.sh
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+arch=x86_64
+arch_dash=`echo $arch | tr _ -`
+ver=17.01.4
+image=openwrt
+name=openwrt
+
+generic_rootfs=lede-${ver}-${arch_dash}-generic-rootfs.tar.gz
+lxc_rootfs=lede-${ver}-${arch_dash}-lxc-rootfs.tar.gz
+
+build_rootfs() {
+ fakeroot ./build_rootfs.sh $generic_rootfs $lxc_rootfs
+}
+
+build_metadata() {
+ stat=`stat -c %Y $lxc_rootfs`
+ date=`date -R -d "@${stat}"`
+
+ cat > metadata.yaml <<EOF
+architecture: "$arch"
+creation_date: $(date +%s)
+properties:
+ architecture: "$arch"
+ description: "OpenWrt $ver $arch ($date)"
+ os: "OpenWrt"
+ release: "$ver"
+templates:
+EOF
+}
+
+build_image() {
+ tar czf metadata.tar.gz metadata.yaml
+ lxc image import metadata.tar.gz $lxc_rootfs --alias $image
+}
+
+build_rootfs
+build_metadata
+build_image
+
+echo \# start
+echo lxc launch --config "raw.lxc=lxc.aa_profile=lxc-container-default-without-dev-mounting" --profile openwrt $image $name
+#lxc config
+echo \# set root password
+echo lxc exec $name passwd root
+#echo 'echo "148.251.78.235 downloads.openwrt.org"
diff --git a/build_rootfs.sh b/build_rootfs.sh
new file mode 100755
index 0000000..ec61ef9
--- /dev/null
+++ b/build_rootfs.sh
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+if [ $# -ne 2 ]; then
+ echo "Usage: $0 <src tar> <dst file>"
+ exit 1
+fi
+
+src_tar=$1
+dst_file=$2
+base=`basename $src_tar`
+dir=/tmp/build.$$
+export IPKG_INSTROOT=$dir
+
+unpack() {
+ mkdir $dir
+ cat $src_tar | (cd $dir && tar -xz)
+}
+
+pack() {
+ echo Pack rootfs
+ (cd $dir && tar -cz *) > $dst_file
+}
+
+pack_squashfs() {
+ echo Pack rootfs squashfs
+ mksquashfs $dir $dst_file
+}
+
+add_files() {
+ for f in $(cd files && find); do
+ src=files/$f
+ dst=$dir/$f
+ if test -d $src; then
+ test -d $dst || mkdir $dst
+ elif test -f $src; then
+ cp $src $dst
+ foo=$(dirname $f)
+ if [ "$foo" = "./etc/init.d" ]; then
+ echo Enabling $f
+ set +e
+ sh $dir/etc/rc.common $src enable
+ set -e
+ fi
+ fi
+ done
+}
+
+unpack
+add_files
+#pack
+pack_squashfs
diff --git a/files/etc/init.d/container_init b/files/etc/init.d/container_init
new file mode 100755
index 0000000..386dcbd
--- /dev/null
+++ b/files/etc/init.d/container_init
@@ -0,0 +1,47 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2018 Mikael Magnusson
+
+START=15
+
+log_output() {
+ logger -t container_init "$@"
+}
+
+boot() {
+ # Only execute for lxc containers
+ if [ "$container" != "lxc" ]; then
+ exit 0
+ fi
+
+ local disable_ipv6="$(uci_get firewall @defaults[0] disable_ipv6 false)"
+ case "$disable_ipv6" in
+ '0'|'no'|'off'|'false'|'disabled') disable_ipv6=false ;;
+ '1'|'yes'|'on'|'true'|'enabled') disable_ipv6=true ;;
+ esac
+
+ tables='filter nat mangle raw'
+ res=0
+ for table in $tables; do
+ iptables -n -t $table -L >/dev/null 2>/dev/null
+ if ! grep $table /proc/net/ip_tables_names >/dev/null; then
+ log_output -p daemon.crit "ip $table load failed"
+ res=1
+ fi
+
+ if [ "$disable_ipv6" = "false" ]; then
+ ip6tables -n -t $table -L >/dev/null 2>/dev/null
+ if ! grep $table /proc/net/ip6_tables_names >/dev/null; then
+ log_output -p daemon.crit "ip6 $table load failed"
+ res=1
+ fi
+ fi
+ done
+ if [ "$res" == "0" ]; then
+ if [ "$disable_ipv6" = "false" ]; then
+ log_output -p daemon.info "ip and ip6 tables loaded successfully"
+ else
+ log_output -p daemon.info "ip tables loaded successfully"
+ fi
+ fi
+ exit $res
+}