From 14c27de10398bfb91c127bd31a991d685619b195 Mon Sep 17 00:00:00 2001 From: Mikael Magnusson Date: Fri, 16 Feb 2018 23:09:31 +0100 Subject: Initial commit --- build.sh | 48 +++++++++++++++++++++++++++++++++++++ build_rootfs.sh | 53 +++++++++++++++++++++++++++++++++++++++++ files/etc/init.d/container_init | 47 ++++++++++++++++++++++++++++++++++++ 3 files changed, 148 insertions(+) create mode 100755 build.sh create mode 100755 build_rootfs.sh create mode 100755 files/etc/init.d/container_init diff --git a/build.sh b/build.sh new file mode 100755 index 0000000..93ad201 --- /dev/null +++ b/build.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +set -e + +arch=x86_64 +arch_dash=`echo $arch | tr _ -` +ver=17.01.4 +image=openwrt +name=openwrt + +generic_rootfs=lede-${ver}-${arch_dash}-generic-rootfs.tar.gz +lxc_rootfs=lede-${ver}-${arch_dash}-lxc-rootfs.tar.gz + +build_rootfs() { + fakeroot ./build_rootfs.sh $generic_rootfs $lxc_rootfs +} + +build_metadata() { + stat=`stat -c %Y $lxc_rootfs` + date=`date -R -d "@${stat}"` + + cat > metadata.yaml < " + exit 1 +fi + +src_tar=$1 +dst_file=$2 +base=`basename $src_tar` +dir=/tmp/build.$$ +export IPKG_INSTROOT=$dir + +unpack() { + mkdir $dir + cat $src_tar | (cd $dir && tar -xz) +} + +pack() { + echo Pack rootfs + (cd $dir && tar -cz *) > $dst_file +} + +pack_squashfs() { + echo Pack rootfs squashfs + mksquashfs $dir $dst_file +} + +add_files() { + for f in $(cd files && find); do + src=files/$f + dst=$dir/$f + if test -d $src; then + test -d $dst || mkdir $dst + elif test -f $src; then + cp $src $dst + foo=$(dirname $f) + if [ "$foo" = "./etc/init.d" ]; then + echo Enabling $f + set +e + sh $dir/etc/rc.common $src enable + set -e + fi + fi + done +} + +unpack +add_files +#pack +pack_squashfs diff --git a/files/etc/init.d/container_init b/files/etc/init.d/container_init new file mode 100755 index 0000000..386dcbd --- /dev/null +++ b/files/etc/init.d/container_init @@ -0,0 +1,47 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2018 Mikael Magnusson + +START=15 + +log_output() { + logger -t container_init "$@" +} + +boot() { + # Only execute for lxc containers + if [ "$container" != "lxc" ]; then + exit 0 + fi + + local disable_ipv6="$(uci_get firewall @defaults[0] disable_ipv6 false)" + case "$disable_ipv6" in + '0'|'no'|'off'|'false'|'disabled') disable_ipv6=false ;; + '1'|'yes'|'on'|'true'|'enabled') disable_ipv6=true ;; + esac + + tables='filter nat mangle raw' + res=0 + for table in $tables; do + iptables -n -t $table -L >/dev/null 2>/dev/null + if ! grep $table /proc/net/ip_tables_names >/dev/null; then + log_output -p daemon.crit "ip $table load failed" + res=1 + fi + + if [ "$disable_ipv6" = "false" ]; then + ip6tables -n -t $table -L >/dev/null 2>/dev/null + if ! grep $table /proc/net/ip6_tables_names >/dev/null; then + log_output -p daemon.crit "ip6 $table load failed" + res=1 + fi + fi + done + if [ "$res" == "0" ]; then + if [ "$disable_ipv6" = "false" ]; then + log_output -p daemon.info "ip and ip6 tables loaded successfully" + else + log_output -p daemon.info "ip tables loaded successfully" + fi + fi + exit $res +} -- cgit v1.2.3