diff --git a/base/fcos.bu b/base/fcos.bu deleted file mode 100644 index e6d2395..0000000 --- a/base/fcos.bu +++ /dev/null @@ -1,8 +0,0 @@ -variant: fcos -version: 1.4.0 -ignition: - config: - merge: - - local: base.ign - - local: base-examples.ign - - local: local.ign diff --git a/common.mk b/common.mk index ba49109..7de4370 100644 --- a/common.mk +++ b/common.mk @@ -50,6 +50,9 @@ endif ifeq ($(BUTANE_BLOCKLIST),) export BUTANE_BLOCKLIST := $(shell tmp=$$(mktemp /tmp/butane-blocklist-XXXXXX); cp $(TOP_LEVEL_DIR)/butane.blocklist "$$tmp"; echo "$$tmp") endif +ifeq ($(BUTANE_START_TS),) +export BUTANE_START_TS := $(shell mktemp /tmp/butane-start-ts-XXXXXX) +endif endif # Name of the current project, derived from the current working directory. @@ -109,7 +112,7 @@ I_KNOW_WHAT_I_AM_DOING ?= # List of all ignition files corresponding to the dependencies # Here, we inject the "base" project as a dependency. It can therefore be assumed to always be embeddable in project's butane specs. -DEPENDENCIES_IGNITION_FILES := $(shell for dep in base $(DEPENDENCIES); do echo $(TOP_LEVEL_DIR)/$$dep/$$dep.ign $(TOP_LEVEL_DIR)/$$dep/$$dep-examples.ign; done) +DEPENDENCIES_IGNITION_FILES := $(shell for dep in $$(if [ "$(PROJECT_NAME)" != "base" ]; then echo base; fi) $(DEPENDENCIES); do echo $(TOP_LEVEL_DIR)/$$dep/$$dep.ign $(TOP_LEVEL_DIR)/$$dep/$$dep-examples.ign; done) # User and group IDs to own the project files and directories. PROJECT_UID ?= 0 @@ -142,7 +145,7 @@ dryrun: QUADLET_UNIT_DIRS="$$PWD" /usr/lib/systemd/system-generators/podman-system-generator -dryrun > /dev/null # Create the base directories needed for installation. -$(TARGET_CHROOT)/etc/containers/systemd $(TARGET_CHROOT)/etc/systemd/system $(TARGET_CHROOT)/etc/tmpfiles.d $(TARGET_CHROOT)/etc/sysctl.d: +$(TARGET_CHROOT)/etc/containers/systemd $(TARGET_CHROOT)/etc/systemd/system $(TARGET_CHROOT)/etc/tmpfiles.d $(TARGET_CHROOT)/etc/sysctl.d $(TARGET_CHROOT)/etc/profile.d: install -D -d -m 0755 -o root -g root $@ # Create the directory to store quadlet configuration files. @@ -319,42 +322,44 @@ tail-logs: pre-requisites done; \ run journalctl "$${journalctl_args[@]}" -# Ensure that required variables are set before building Butane specifications. -butane-prerequisites: +# Build the Butane specifications, suitable for Fedora CoreOS, including those of the dependencies of this project. +$(PROJECT_NAME).bu $(PROJECT_NAME)-examples.bu &: @if [ -z "$(TARGET_CHROOT)" ]; then \ echo "TARGET_CHROOT is not set!"; exit 1; \ fi; \ if [ -z "$(BUTANE_BLOCKLIST)" ]; then \ echo "BUTANE_BLOCKLIST is not set!"; exit 1; \ + fi; \ + if [ -z "$(BUTANE_START_TS)" ]; then \ + echo "BUTANE_START_TS is not set!"; exit 1; \ fi - -# Build the Butane specifications (configuration files) suitable for Fedora CoreOS. -# In order to avoid duplications in the ignition files, a blocklist is updated, containing file paths as they are added to the chroot. -$(PROJECT_NAME).bu: YQ_FILES := $(shell if [ -f "overlay.bu" ]; then echo "- overlay.bu"; else echo "-"; fi) -$(PROJECT_NAME).bu: butane-prerequisites install-config - $(TOP_LEVEL_DIR)/generate-butane-spec.sh $(TARGET_CHROOT) $(BUTANE_BLOCKLIST) $(SYSTEMD_MAIN_UNIT_NAMES) $(SYSTEMD_TIMER_NAMES) | yq eval-all '. as $$item ireduce ({}; . *+ $$item)' $(YQ_FILES) > $(PROJECT_NAME).bu - @(cat $(TOP_LEVEL_DIR)/butane.blocklist; echo; for file in $$(find "$$TARGET_CHROOT"); do echo "$${file#$$TARGET_CHROOT}"; done) | sort -u | grep -v -E '^$$' > "$(BUTANE_BLOCKLIST)" - -# Build the Butane specifications (example files) suitable for Fedora CoreOS. -# In order to avoid duplications in the ignition files, a blocklist is updated, containing file paths as they are added to the chroot. -$(PROJECT_NAME)-examples.bu: butane-prerequisites install-examples - $(TOP_LEVEL_DIR)/generate-butane-spec.sh $(TARGET_CHROOT) $(BUTANE_BLOCKLIST) > $(PROJECT_NAME)-examples.bu - @(cat $(TOP_LEVEL_DIR)/butane.blocklist; echo; for file in $$(find "$$TARGET_CHROOT"); do echo "$${file#$$TARGET_CHROOT}"; done) | sort -u | grep -v -E '^$$' > "$(BUTANE_BLOCKLIST)" - -# Build the Butane specifications + Ignition files suitable for Fedora CoreOS of the dependencies of this project. -butane-pre:: butane-prerequisites @run() { echo $$*; "$$@"; }; \ set -Eeuo pipefail; \ - for dep in base $(DEPENDENCIES); do \ - if [[ "$$dep" == "$(PROJECT_NAME)" ]]; then \ - # Avoid building the current project as its own dependency. \ - continue; \ - fi ; \ - run $(MAKE) -C $(TOP_LEVEL_DIR)/$$dep $$dep.ign $$dep-examples.ign ; \ - done + if [ $(PROJECT_NAME).bu -ot "$(BUTANE_START_TS)" ] || [ $(PROJECT_NAME)-examples.bu -ot "$(BUTANE_START_TS)" ]; then \ + for dep in base $(DEPENDENCIES); do \ + if [[ "$$dep" == "$(PROJECT_NAME)" ]]; then \ + # Avoid building the current project as its own dependency. \ + continue; \ + fi ; \ + if [ $(BUTANE_START_TS) -ot "$(TOP_LEVEL_DIR)/$$dep/$$dep.ign" ] && [ $(BUTANE_START_TS) -ot "$(TOP_LEVEL_DIR)/$$dep/$$dep-examples.ign" ]; then \ + # Dependency is up-to-date. \ + continue; \ + fi ; \ + run $(MAKE) -C $(TOP_LEVEL_DIR)/$$dep $$dep.ign $$dep-examples.ign ; \ + done; \ + run make install-config; \ + YQ_FILES="$$(if [ -f "overlay.bu" ]; then echo "- overlay.bu"; else echo "-"; fi)"; \ + echo "generate-butane-spec.sh $(TARGET_CHROOT) > $(PROJECT_NAME).bu"; \ + $(TOP_LEVEL_DIR)/generate-butane-spec.sh $(TARGET_CHROOT) $(BUTANE_BLOCKLIST) $(SYSTEMD_MAIN_UNIT_NAMES) $(SYSTEMD_TIMER_NAMES) | yq eval-all '. as $$item ireduce ({}; . *+ $$item)' $$YQ_FILES > $(PROJECT_NAME).bu; \ + (cat $(TOP_LEVEL_DIR)/butane.blocklist; echo; for file in $$(find "$$TARGET_CHROOT"); do echo "$${file#$$TARGET_CHROOT}"; done) | sort -u | grep -v -E '^$$' > "$(BUTANE_BLOCKLIST)"; \ + run make install-examples; \ + echo "generate-butane-spec.sh $(TARGET_CHROOT) > $(PROJECT_NAME)-examples.bu"; \ + $(TOP_LEVEL_DIR)/generate-butane-spec.sh $(TARGET_CHROOT) $(BUTANE_BLOCKLIST) > $(PROJECT_NAME)-examples.bu; \ + (cat $(TOP_LEVEL_DIR)/butane.blocklist; echo; for file in $$(find "$$TARGET_CHROOT"); do echo "$${file#$$TARGET_CHROOT}"; done) | sort -u | grep -v -E '^$$' > "$(BUTANE_BLOCKLIST)"; \ + fi +.PHONY: $(PROJECT_NAME).bu $(PROJECT_NAME)-examples.bu # Generate the current project's Ignition files from the Butane specs. -$(PROJECT_NAME).ign $(PROJECT_NAME)-examples.ign: butane-pre $(PROJECT_NAME).ign $(PROJECT_NAME)-examples.ign: %.ign: %.bu butane --strict -o $@ $< @@ -365,11 +370,9 @@ butane: fcos.ign $(TOP_LEVEL_DIR)/local.ign: $(TOP_LEVEL_DIR)/local.bu butane --strict -o $@ $< -# Build the ignition files of the dependencies of this project. -$(DEPENDENCIES_IGNITION_FILES): - $(MAKE) -C $(dir $@) $(notdir $@) -# The file might exist already, declare it as phony and let the child Makefile handle it. -.PHONY: $(DEPENDENCIES_IGNITION_FILES) +.INTERMEDIATE: fcos.bu +fcos.bu: %.bu: Makefile $(TOP_LEVEL_DIR)/default-butane-spec.sh + $(TOP_LEVEL_DIR)/default-butane-spec.sh $(PROJECT_NAME) $(DEPENDENCIES) > $@ # Generate the final Fedora CoreOS ignition file by merging the Butane spec with the local and project-specific ignition files, as well as those of the dependencies. fcos.ign: fcos.bu $(TOP_LEVEL_DIR)/local.ign $(PROJECT_NAME).ign $(PROJECT_NAME)-examples.ign $(DEPENDENCIES_IGNITION_FILES) @@ -487,4 +490,4 @@ clean: clean-pre pre-requisites .PHONY: tail-logs butane help fcos-vm clean-vm console units units-pre remove-vm .PHONY: clean-pre clean-post install-pre install-post uninstall-pre uninstall-post .PHONY: install-files install-files-pre install-files-post install-actions -.PHONY: install-actions-pre install-actions-post butane-prerequisites butane-pre +.PHONY: install-actions-pre install-actions-post diff --git a/default-butane-spec.sh b/default-butane-spec.sh new file mode 100755 index 0000000..67a81e5 --- /dev/null +++ b/default-butane-spec.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +set -Eeuo pipefail + +cat <<'EOF' +variant: fcos +version: 1.4.0 +ignition: + config: + merge: +EOF +for dep in "$@"; do + echo " - local: ${dep}.ign" + echo " - local: ${dep}-examples.ign" +done +echo " - local: local.ign" diff --git a/gitea/fcos.bu b/gitea/fcos.bu deleted file mode 100644 index 75c43aa..0000000 --- a/gitea/fcos.bu +++ /dev/null @@ -1,13 +0,0 @@ -variant: fcos -version: 1.4.0 -ignition: - config: - merge: - - local: base.ign - - local: traefik.ign - - local: traefik-examples.ign - - local: postgresql.ign - - local: postgresql-examples.ign - - local: gitea.ign - - local: gitea-examples.ign - - local: local.ign diff --git a/keycloak/fcos.bu b/keycloak/fcos.bu deleted file mode 100644 index 13ff8fb..0000000 --- a/keycloak/fcos.bu +++ /dev/null @@ -1,13 +0,0 @@ -variant: fcos -version: 1.4.0 -ignition: - config: - merge: - - local: base.ign - - local: traefik.ign - - local: traefik-examples.ign - - local: postgresql.ign - - local: postgresql-examples.ign - - local: keycloak.ign - - local: keycloak-examples.ign - - local: local.ign diff --git a/local.bu.template b/local.bu.template index 6414590..a9cfa17 100644 --- a/local.bu.template +++ b/local.bu.template @@ -2,7 +2,7 @@ variant: fcos version: 1.4.0 passwd: users: - - name: core + - name: john ssh_authorized_keys: - ssh-ed25519 REDACTED user@host # mkpasswd --method=yescrypt -s diff --git a/miniflux/fcos.bu b/miniflux/fcos.bu deleted file mode 100644 index b60b885..0000000 --- a/miniflux/fcos.bu +++ /dev/null @@ -1,13 +0,0 @@ -variant: fcos -version: 1.4.0 -ignition: - config: - merge: - - local: base.ign - - local: traefik.ign - - local: traefik-examples.ign - - local: postgresql.ign - - local: postgresql-examples.ign - - local: miniflux.ign - - local: miniflux-examples.ign - - local: local.ign diff --git a/nextcloud/Makefile b/nextcloud/Makefile index f8a19bc..d4ae997 100644 --- a/nextcloud/Makefile +++ b/nextcloud/Makefile @@ -8,26 +8,14 @@ DEPENDENCIES = postgresql traefik PROJECT_UID = 10008 PROJECT_GID = 10000 -# Additional Nextcloud directories and files -TARGET_FILES += $(TARGET_CHROOT)/var/lib/quadlets/nextcloud/redis -$(TARGET_CHROOT)/var/lib/quadlets/nextcloud/redis: - install -m 0700 -o $(PROJECT_UID) -g $(PROJECT_GID) -d $@ - -TARGET_FILES += $(TARGET_CHROOT)/var/lib/quadlets/nextcloud/data -TARGET_FILES += $(TARGET_CHROOT)/var/lib/quadlets/nextcloud/config -$(TARGET_CHROOT)/var/lib/quadlets/nextcloud/data $(TARGET_CHROOT)/var/lib/quadlets/nextcloud/config: - install -m 0700 -o $(PROJECT_UID) -g $(PROJECT_GID) -d $@ - -$(TARGET_CHROOT)/etc/quadlets/nextcloud/www.conf: config/www.conf - install -m 0755 -o $(PROJECT_UID) -g $(PROJECT_GID) -D $< $@ +TOP_LEVEL_DIR := .. +include $(TOP_LEVEL_DIR)/common.mk +# Additional Nextcloud directories and files TARGET_FILES += $(TARGET_CHROOT)/etc/quadlets/nextcloud/collabora-seccomp-profile.json $(TARGET_CHROOT)/etc/quadlets/nextcloud/collabora-seccomp-profile.json: curl -sSfL -o $@ https://raw.githubusercontent.com/CollaboraOnline/online/refs/heads/main/docker/cool-seccomp-profile.json -TOP_LEVEL_DIR := .. -include $(TOP_LEVEL_DIR)/common.mk - .PHONY: test test-set-nextcloud-major NEXTCLOUD_MAJOR_START ?= 25 diff --git a/nextcloud/fcos.bu b/nextcloud/fcos.bu deleted file mode 100644 index 40b9fe3..0000000 --- a/nextcloud/fcos.bu +++ /dev/null @@ -1,11 +0,0 @@ -variant: fcos -version: 1.4.0 -ignition: - config: - merge: - - local: base.ign - - local: nextcloud.ign - - local: nextcloud-examples.ign - - local: postgresql.ign - - local: postgresql-examples.ign - - local: local.ign diff --git a/nextcloud/log b/nextcloud/log new file mode 100644 index 0000000..a93e7b0 --- /dev/null +++ b/nextcloud/log @@ -0,0 +1,8 @@ +generate-butane-spec.sh /tmp/butane-chroot-bz7yOt > base.bu +generate-butane-spec.sh /tmp/butane-chroot-bz7yOt > base-examples.bu +generate-butane-spec.sh /tmp/butane-chroot-bz7yOt > postgresql.bu +generate-butane-spec.sh /tmp/butane-chroot-bz7yOt > postgresql-examples.bu +generate-butane-spec.sh /tmp/butane-chroot-bz7yOt > traefik.bu +generate-butane-spec.sh /tmp/butane-chroot-bz7yOt > traefik-examples.bu +generate-butane-spec.sh /tmp/butane-chroot-bz7yOt > nextcloud.bu +generate-butane-spec.sh /tmp/butane-chroot-bz7yOt > nextcloud-examples.bu diff --git a/nextcloud/tmpfiles.d/nextcloud.conf b/nextcloud/tmpfiles.d/nextcloud.conf index de3ed4e..f481116 100644 --- a/nextcloud/tmpfiles.d/nextcloud.conf +++ b/nextcloud/tmpfiles.d/nextcloud.conf @@ -1,3 +1,6 @@ d$ /run/quadlets/nextcloud 0700 10008 10000 - f+$ /run/quadlets/nextcloud/redis-session.ini 0600 10008 10000 - d$ /var/lib/virtiofs/data/nextcloud 0700 10008 10000 - +d$ /var/lib/quadlets/nextcloud/data 0700 10008 10000 - +d$ /var/lib/quadlets/nextcloud/config 0700 10008 10000 - +d$ /var/lib/quadlets/nextcloud/redis 0700 10008 10000 - diff --git a/nginx/fcos.bu b/nginx/fcos.bu deleted file mode 100644 index 3a7fc83..0000000 --- a/nginx/fcos.bu +++ /dev/null @@ -1,9 +0,0 @@ -variant: fcos -version: 1.4.0 -ignition: - config: - merge: - - local: base.ign - - local: nginx.ign - - local: nginx-examples.ign - - local: local.ign diff --git a/postgresql/fcos.bu b/postgresql/fcos.bu deleted file mode 100644 index fd4a364..0000000 --- a/postgresql/fcos.bu +++ /dev/null @@ -1,9 +0,0 @@ -variant: fcos -version: 1.4.0 -ignition: - config: - merge: - - local: base.ign - - local: postgresql.ign - - local: postgresql-examples.ign - - local: local.ign diff --git a/qemu-user-static/fcos.bu b/qemu-user-static/fcos.bu deleted file mode 100644 index d9e4ae0..0000000 --- a/qemu-user-static/fcos.bu +++ /dev/null @@ -1,9 +0,0 @@ -variant: fcos -version: 1.4.0 -ignition: - config: - merge: - - local: base.ign - - local: qemu-user-static.ign - - local: qemu-user-static-examples.ign - - local: local.ign diff --git a/vaultwarden/fcos.bu b/vaultwarden/fcos.bu deleted file mode 100644 index cd8f01f..0000000 --- a/vaultwarden/fcos.bu +++ /dev/null @@ -1,13 +0,0 @@ -variant: fcos -version: 1.4.0 -ignition: - config: - merge: - - local: base.ign - - local: traefik.ign - - local: traefik-examples.ign - - local: postgresql.ign - - local: postgresql-examples.ign - - local: vaultwarden.ign - - local: vaultwarden-examples.ign - - local: local.ign