brammp/LXCMinimalCTs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Inital commit

Browse Source
This commit is contained in:
Bram Prieshof
2023-11-18 02:02:18 +01:00
commit b4287386a9
7 changed files with 876 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

264
CT-Build/Debian.yaml Normal file
View File

@@ -0,0 +1,264 @@
image:
distribution: "debian"
source:
downloader: debootstrap
#InitDownloadREPO
url: http://deb.debian.org/debian
keyserver: keys.openpgp.org
keys:
# Debian 12 Bookworm release key
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEY865UxYJKwYBBAHaRw8BAQdAd7Z0srwuhlB6JKFkcf4HU4SSS/xcRfwEQWzr
crf6AEq0SURlYmlhbiBTdGFibGUgUmVsZWFzZSBLZXkgKDEyL2Jvb2t3b3JtKSA8
ZGViaWFuLXJlbGVhc2VAbGlzdHMuZGViaWFuLm9yZz6IlgQTFggAPhYhBE1k/sEZ
wgKQZ9bnkfjSWFuHg9SBBQJjzrlTAhsDBQkPCZwABQsJCAcCBhUKCQgLAgQWAgMB
Ah4BAheAAAoJEPjSWFuHg9SBSgwBAP9qpeO5z1s5m4D4z3TcqDo1wez6DNya27QW
WoG/4oBsAQCEN8Z00DXagPHbwrvsY2t9BCsT+PgnSn9biobwX7bDDg==
=5NZE
-----END PGP PUBLIC KEY BLOCK-----
#Debian 11 bullseye release key
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGAoEk4BEADG6NQ0Ex5gy0OlnGlFZsTpiZV2LiUhACFj6ZHVEYQQNWgEgRnZ
uZeAXbTnFywzrJUYhx51pNjxfoViN/4Jyn2oMrmaBEuDxEwhVZDsMTzb9dx0MNnm
jMr45z/4EGjln07tFzes+J+0eVizJOWehQ40IEwyCZIG9QOfsC1e1estm0KLZKWb
4gTihGFSahM4zeD6XlZ8krTlkWV9i7+oatCkNziuOTf8+ZXEqoNm/dJxG6pGWcal
o+DiTE3l4HCFr6MZoiCoWVaKYn1jtIUeioDVW8zPalt3VcPmjvYb6ZNHhFK8d3DD
V17wv7TFJIOn1j2n82jzbDZwQAWIA6iKPjXDJJqmv4qcZ5a5l8qirhjZhQEemftY
sGBLTjx9ANfPcDFoQ69ojDw34Nchig2nJ+7ut9h5mjeB9QmOx10HDposRaZq8yPC
hFpheHNlKwh9PYba0Z9Vb3mI04ywkw1oGc6YQD/VGhoGiMembzEK110DsCcZenD5
dOWHug5LF7QTH+120eG4Qt0RcPLqI33+3FUOjzOQubw0QATYs8Dw2E36LVOUx1yr
tDqjJs/ZXfr+LCfaZRshvYfcl3soHCXxVqEwoXUmxJK741RS4ej8w79clniZPMLc
68XpFZ7qsKoKBHeoG1l8XvuAp9EpW4vujsehEwRudn1SNoc5fTFG9k8qlQARAQAB
tElEZWJpYW4gU3RhYmxlIFJlbGVhc2UgS2V5ICgxMS9idWxsc2V5ZSkgPGRlYmlh
bi1yZWxlYXNlQGxpc3RzLmRlYmlhbi5vcmc+iQJUBBMBCgA+FiEEpChSlfx7GoFg
AGKpYFxm8A1sl5MFAmAoEk4CGwMFCQ8JnAAFCwkIBwIGFQoJCAsCBBYCAwECHgEC
F4AACgkQYFxm8A1sl5OtbBAAuI9V8uztBX+gZhvI7LYRZkuWzmNa/qiDGHAF6DIA
OYKqCZUDSrkF9qsIkeeZdEP7hLoIo6TkprvF5iLFTfzFWPT1VR9E/itBBzEZa2Vr
gT0ye8gYrsRdNkso2vqZQd3muDJvg9UrT37+Nt0eOpFAfc3JYfqwjhVIngiNLwjG
TC5oinEesdDCgqxo8Z6e6NyMLdDtS4W26q7GxcuG5YcBoYi3pjxJx8ZGsNHqEe6R
vU3YGahEgWWY80xCRarm8RVYgfU4LZfm6D4o1ZO3B2UmK6+TgkTjYWzC/yMrcbK4
lyumB36OCSg8byrJ3qUN7zKKU0DIxPqFFCLxxhYxf4QrMPik0BTgloWntP2VFLUo
3DxJQKAqQULr+H/WEgbsgAuU8U0VLTlj9sCXn0iN0pHzNaEJJ4sz5mdIWOdJJobk
biQT+xAGwfoKDff9l9fu82p569sK9U+omHMuDfxTT0X13U/6d2m5nIFwf1MitshU
8frYxuZs3Lp0Qi1Xsqtwc/wrIDt5c0M4wluypuz//eRLLwsMn6KEl1/Be/RebHSb
FKOA2tdsc/hfABsVQCFpRHgBmpLfL/5Qwd/K7dKKpuh/7pV4B1cNgviKwMFhhR2e
GzTfbXqxytnYmJkV++bKLtX1SkNx1TBb4lqICzdFOV5QjtjPBVZR7Ugx7sp7yZn4
bw2JAjMEEAEIAB0WIQRyA2MOLI5yclFoT+vFzl3CxULNWQUCYCgSfgAKCRDFzl3C
xULNWR3gD/wLYa1UBOMszWu/BTLt42QHcd6onTTboP4S9w1Gs/ak5iQiEN45CVVL
bJ5wS1iaeuMZ85fOtcEvJ9KqMvwvGXlsCD/+O0QJJbEpeJpHarj4ZtxaL659ipci
qeSIQAsAb6/9SKZZ7HGQFD6DAF9kzV9HpKnNvE8BGQ8I38Ez9lfRiQuD16r4cqNg
S076Z1AoQU8ES5N8VO5v1fbAHsyLq9ZToE28BKGU4o59Fj5uqpfDrm0DrnSn053j
UK942IGmIwKtUAn/j2sG9mcow47xjifVTKuMXyNGDM30n6ITRtiTaZsUZGIw/yKM
3ZosuxobxvJoef8B43MpEHYV/xZHYxegT3xlu5h8FlUQrr/WR7FtT7Awlapm6llI
a/2G0nrPhQlX5nN5gJiKO92rOvKM4wTadBjL41jfYZb5EE44T51hCpJUB1g2GSQk
UpYM/MgcNfqmq7+7bAxinej/iCzhziv925mUOhIGhAUEYCZMFI4tIEVFFAUb4pi1
CtXo3V8DJRu5TkuETwDdK+FfBU2e3q7b0q/CTHdHfD8T7VuTaYm01meCqWG8HS3h
2OSgtWrUgDBDKAU3O83KK7n6K+SAXW1iOaUzW9GErZnYqlEOMJVQn1pU+txUAAdT
fQy05mUvCUvHo5VOcC3wybU5HCZJ3cWe6HCOviBheeIysa+iSvBAU4kCMwQQAQoA
HRYhBApVt8USIzlChux0w1OUR53TUkxRBQJgNqemAAoJEFOUR53TUkxRYSUP/Rt9
FTybIXwOW6FE3LPF7GvEWX//loxKRhiBSQ8Fwmkdchz3iJSAcZ8HgcISMH5P77Ip
8U9z8GAucy46Bi7tsaisWOUVxu5gvh6zLui7PkCRubIxcCxA+JjX5oZm3LSy49s1
SEC/o0MB4TRwpqRfuEots6H0Z9eHzvJKjoeX9Ku7SjfSSRWY3TWMMIjQBATRZGcT
mgA3iJ4/9dFmBGsYhQq1WsY7bCmCahemAmAkdCxkB3hr8BA1Dm/GHgL0++txJhjC
FwKj89yh+Or8l/C95qptS2uAxioDM9952DUm65oWtApsFs8VpcJxSdApmWmH4s8/
B/ESPKv7apLq3BSgLy4UA4FdFz+XS9xw3GItcPunzGZQfI6Dd5jPUMwYYqcr1cVB
2vTiQB//smNjWq2skWTKBtjk2xpPOMCKC5mdGI467RT8HpDMcKWUbg1kaPqCCzpQ
9NJQuk+M9+jw78MELtUGVi8wIZSZCjR2zXduenyVUWmQTHSNfS2R3iWsYH6m7fL2
iA9j4Zi7sEjffGbLkQfQqH+c4XBDWNzJnC+/jQeWKG++zcYtEHv0mk37agw2qB9H
QdTO2xGJcfNF+dervAj1O2fvasOMj9aptRZVpKVMs25zbkplBR5mqPXven+SraDO
Qb5fppcPrKPt88G3e+dBuBzElOXBWpIsMJuvutFniHUEEBYIAB0WIQTKYZ1lpyp7
rfyW0oAZZBiq63TIoQUCYDaonAAKCRAZZBiq63TIoR41AQCLcs+WlaZTZ0rg/cWh
vApi12mZpXQC60bxvmrtTyHH4AEA2pJLfGVHOualRCNbeGEYjfC0WiC+EYCC3NBV
e18slw8=
=7Dni
-----END PGP PUBLIC KEY BLOCK-----
variant: minbase
targets:
lxc:
#create-message: |-
# You just created a {{ image.description }} container.
config:
- type: all
before: 5
content: |-
lxc.include = LXC_TEMPLATE_CONFIG/debian.common.conf
- type: user
before: 5
content: |-
lxc.include = LXC_TEMPLATE_CONFIG/debian.userns.conf
- type: all
after: 4
content: |-
lxc.include = LXC_TEMPLATE_CONFIG/common.conf
- type: user
after: 4
content: |-
lxc.include = LXC_TEMPLATE_CONFIG/userns.conf
- type: all
content: |-
lxc.arch = {{ image.architecture_personality }}
files:
- path: /etc/hostname
generator: hostname
- path: /etc/hosts
generator: hosts
- path: /etc/resolvconf/resolv.conf.d/original
generator: remove
- path: /etc/resolvconf/resolv.conf.d/tail
generator: remove
- path: /etc/machine-id
generator: dump
- path: /var/lib/dbus/machine-id
generator: remove
- path: /etc/network/interfaces
generator: dump
content: |-
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
source /etc/network/interfaces.d/*
types:
- container
- path: /etc/sudoers.d/imgbuilder
generator: dump
content: |-
Defaults env_keep += "XZ_DEFAULTS"
jenkins ALL=(root:root)NOPASSWD:/bin/chown,/home/jenkins/workspace/*/*/*/*/*/*/*/*/distrobuilder,/home/jenkins/workspace/*/*/distrobuilder,/home/jenkins/workspace/*/distrobuilder
variants:
- imgbuilder
#Unattended-Upgrade configuration
- path: /etc/apt/apt.conf.d/50unattended-upgrades
generator: dump
content: |-
Unattended-Upgrade::Origins-Pattern {
};
Dpkg::Options {
"--force-confdef";
"--force-confold";
};
Unattended-Upgrade::Package-Blacklist {
"mysql$";
"mariadb$";
};
Unattended-Upgrade::AutoFixInterruptedDpkg "true";
Unattended-Upgrade::MinimalSteps "false";
Unattended-Upgrade::InstallOnShutdown "false";
Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";
//Unattended-Upgrade::Automatic-Reboot "true";
//Unattended-Upgrade::Automatic-Reboot-WithUsers "true";
//Unattended-Upgrade::Automatic-Reboot-Time "02:00";
Unattended-Upgrade::SyslogEnable "true";
- path: /etc/apt/apt.conf.d/20auto-upgrades
generator: dump
content: |-
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "3";
APT::Periodic::Unattended-Upgrade "1";
packages:
manager: apt
update: true
cleanup: true
sets:
#Minimal pkgs
- packages:
- dialog
- ifupdown
- init
- iproute2
- iputils-ping
- isc-dhcp-client
- locales
- netbase
- net-tools
- openssh-client
- procps
- unattended-upgrades
- bash-completion
action: install
repositories:
- name: sources.list
url: |-
deb http://deb.debian.org/debian {{ image.release }} main contrib
deb http://deb.debian.org/debian {{ image.release }}-updates main contrib
deb http://security.debian.org {{ image.release }}-security main contrib
actions:
- trigger: post-unpack
action: |-
#!/bin/sh
#Disable apt Recommends and Suggests
echo 'APT::Install-Recommends "false";' > /etc/apt/apt.conf.d/01Recommends
echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/01Suggests
#ProxyCacheSetting
echo '#CacheServer not set' > /etc/apt/apt.conf.d/01prox
- trigger: post-packages
action: |-
#!/bin/sh
set -eux
# Disable networkd (unused)
systemctl mask systemd-networkd.service
systemctl mask systemd-networkd.socket
systemctl mask systemd-networkd-wait-online.service
# Make sure the locale is built and functional
echo en_US.UTF-8 UTF-8 >> /etc/locale.gen
locale-gen en_US.UTF-8 UTF-8
update-locale LANG=en_US.UTF-8
# Cleanup underlying /run
mount -o bind / /mnt
rm -rf /mnt/run/*
umount /mnt
#Set TimeZone
echo "Europe/Amsterdam" > /etc/timezone
rm /etc/localtime
ln -s /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime
# Cleanup temporary shadow paths
rm /etc/*-
mappings:
architecture_map: debian