2022-06-14 23:42:32 +00:00
|
|
|
"""
|
|
|
|
This script builds a Debian container to test the server setup.
|
|
|
|
|
|
|
|
Requirements:
|
|
|
|
* python3
|
|
|
|
* podman
|
|
|
|
* buildah
|
|
|
|
|
|
|
|
On SELinux systems, you have to run the following to be able to run containers with systemd inside (taken from `man podman run`):
|
|
|
|
`sudo setsebool -P container_manage_cgroup true`
|
|
|
|
|
|
|
|
Run this script simply as a Python script:
|
|
|
|
`python3 test_container.py`
|
|
|
|
|
|
|
|
You will need to edit the file `.env`.
|
|
|
|
Enter anything for the `SECRET_KEY` and `SECURITY_PASSWORD_SALT` (only for testing!).
|
|
|
|
Then set `SERVER_NAME=127.0.0.1:8080`.
|
|
|
|
|
|
|
|
The script will throw some errors related to systemd.
|
|
|
|
This is the case on `systemctl reboot` for example.
|
|
|
|
These errors should not be relevant.
|
|
|
|
They occur because of building an image and not running commands in a live server / container.
|
|
|
|
|
|
|
|
After running the script, visit `http://127.0.0.1:8080` in your browser.
|
|
|
|
|
|
|
|
If you want to clean up after testing with the container, run the following:
|
|
|
|
`podman kill advlabdb`
|
|
|
|
`podman rm advlabdb`
|
|
|
|
`podman rmi advlabdb`
|
|
|
|
`podman rmi systemd_debian`
|
|
|
|
"""
|
|
|
|
|
2022-07-03 15:45:24 +00:00
|
|
|
import subprocess # nosec 404
|
2022-06-14 23:42:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
def run(command, **kwargs):
|
2022-07-03 15:45:24 +00:00
|
|
|
return subprocess.run(command, shell=True, **kwargs) # nosec B602
|
2022-06-14 23:42:32 +00:00
|
|
|
|
|
|
|
|
|
|
|
def update_system(container_name):
|
|
|
|
return run(f"buildah run {container_name} -- apt update && apt dist-upgrade -y && apt autoremove -y")
|
|
|
|
|
|
|
|
|
|
|
|
def run_a(command):
|
|
|
|
return run(f"buildah run advlabdb -- {command}")
|
|
|
|
|
|
|
|
|
|
|
|
def main():
|
|
|
|
print("<> Remove old Buildah containers")
|
|
|
|
run("buildah rm -a")
|
|
|
|
|
|
|
|
if run("podman image exists systemd_debian").returncode != 0:
|
|
|
|
print("<> Build debian image with systemd")
|
|
|
|
run("buildah from --name tmp docker.io/library/debian:latest")
|
|
|
|
update_system("tmp")
|
|
|
|
run("buildah run tmp -- apt install -y systemd systemd-sysv fish neovim fd-find ripgrep")
|
|
|
|
run("buildah config --cmd /sbin/init con")
|
|
|
|
print("<> Commit debian image with systemd")
|
|
|
|
run("buildah commit --rm tmp systemd_debian")
|
|
|
|
|
|
|
|
if run("podman container exists advlabdb").returncode == 0:
|
|
|
|
print("<> Remove old advlabdb container")
|
|
|
|
run("podman kill advlabdb")
|
|
|
|
run("podman rm advlabdb")
|
|
|
|
|
|
|
|
print("<> Build advlabdb image")
|
|
|
|
run("buildah from --name advlabdb localhost/systemd_debian:latest")
|
|
|
|
print("<> Root setup")
|
|
|
|
update_system("advlabdb")
|
|
|
|
run_a("apt install sudo python3 git -y")
|
|
|
|
run_a("sudo useradd admin")
|
|
|
|
run_a("sudo usermod -aG sudo admin")
|
|
|
|
run_a("mkhomedir_helper admin")
|
|
|
|
print("Enter new admin user password:")
|
|
|
|
run_a("sudo passwd admin")
|
|
|
|
|
|
|
|
print("<> Admin setup")
|
|
|
|
run("buildah config --workingdir /home/admin -u admin advlabdb")
|
|
|
|
run_a("git clone https://gitlab.rlp.net/mobitar/advlabdb.git")
|
|
|
|
run("buildah config --workingdir /home/admin/advlabdb advlabdb")
|
|
|
|
run_a("cp -v advlabdb/scripts/setup/advlabdb.conf.template advlabdb/scripts/setup/advlabdb.conf")
|
|
|
|
run_a("cp -v .env.template .env")
|
|
|
|
run_a("nvim .env")
|
|
|
|
run_a("python3 advlabdb/scripts/setup/server_setup.py")
|
|
|
|
run_a("/home/admin/.local/bin/poetry run python3 -m advlabdb.scripts.setup.init_database")
|
|
|
|
|
|
|
|
run("buildah config -u root advlabdb")
|
|
|
|
|
|
|
|
if run("podman image exists advlabdb").returncode == 0:
|
|
|
|
print("<> Remove old image")
|
|
|
|
run("podman rmi advlabdb")
|
|
|
|
|
|
|
|
print("<> Commit image advlabdb")
|
|
|
|
run("buildah commit --rm advlabdb advlabdb")
|
|
|
|
|
|
|
|
print("<> Start container")
|
|
|
|
run("podman run -dit --name advlabdb -p 8080:80 advlabdb:latest")
|
|
|
|
|
|
|
|
print("<> Done! Now visit http://127.0.0.1:8080")
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
main()
|