LXCMinimalCTs/CT-Build/Debian.yaml

image:
  distribution: "debian"

source:
  downloader: debootstrap
  #InitDownloadREPO  
  url: http://deb.debian.org/debian
  keyserver: keyring.debian.org

  variant: minbase

targets:
  lxc:
    #create-message: |-
    #  You just created a {{ image.description }} container.

    config:
    - type: all
      before: 5
      content: |-
        lxc.include = LXC_TEMPLATE_CONFIG/debian.common.conf

    - type: user
      before: 5
      content: |-
        lxc.include = LXC_TEMPLATE_CONFIG/debian.userns.conf

    - type: all
      after: 4
      content: |-
        lxc.include = LXC_TEMPLATE_CONFIG/common.conf

    - type: user
      after: 4
      content: |-
        lxc.include = LXC_TEMPLATE_CONFIG/userns.conf
    - type: all
      content: |-
        lxc.arch = {{ image.architecture_personality }}

files:
- path: /etc/hostname
  generator: hostname

- path: /etc/hosts
  generator: hosts

- path: /etc/resolvconf/resolv.conf.d/original
  generator: remove

- path: /etc/resolvconf/resolv.conf.d/tail
  generator: remove

- path: /etc/machine-id
  generator: dump

- path: /var/lib/dbus/machine-id
  generator: remove

- path: /etc/network/interfaces
  generator: dump
  content: |-
    # This file describes the network interfaces available on your system
    # and how to activate them. For more information, see interfaces(5).

    # The loopback network interface
    auto lo
    iface lo inet loopback

    auto eth0
    iface eth0 inet dhcp

    source /etc/network/interfaces.d/*
  types:
  - container

- path: /etc/sudoers.d/imgbuilder
  generator: dump
  content: |-
   Defaults  env_keep += "XZ_DEFAULTS"
   jenkins ALL=(root:root)NOPASSWD:/bin/chown,/home/jenkins/workspace/*/*/*/*/*/*/*/*/distrobuilder,/home/jenkins/workspace/*/*/distrobuilder,/home/jenkins/workspace/*/distrobuilder
  variants:
  - imgbuilder

#Unattended-Upgrade configuration
- path: /etc/apt/apt.conf.d/50unattended-upgrades
  generator: dump
  content: |-
   Unattended-Upgrade::Origins-Pattern {

   };

   Dpkg::Options {
     "--force-confdef";
     "--force-confold";
   };

   Unattended-Upgrade::Package-Blacklist {
     "mysql$";
     "mariadb$";
   };

   Unattended-Upgrade::AutoFixInterruptedDpkg "true";
   Unattended-Upgrade::MinimalSteps "false";
   Unattended-Upgrade::InstallOnShutdown "false";
   Unattended-Upgrade::Remove-Unused-Kernel-Packages "true";
   Unattended-Upgrade::Remove-Unused-Dependencies "true";
   //Unattended-Upgrade::Automatic-Reboot "true";
   //Unattended-Upgrade::Automatic-Reboot-WithUsers "true";
   //Unattended-Upgrade::Automatic-Reboot-Time "02:00";
   Unattended-Upgrade::SyslogEnable "true";

- path: /etc/apt/apt.conf.d/20auto-upgrades
  generator: dump
  content: |-
   APT::Periodic::Update-Package-Lists "1";
   APT::Periodic::Download-Upgradeable-Packages "1";
   APT::Periodic::AutocleanInterval "3";
   APT::Periodic::Unattended-Upgrade "1";
   

packages:
  manager: apt
  update: true
  cleanup: true
  sets:
  #Minimal pkgs
  - packages:
    - dialog
    - ifupdown
    - init
    - iproute2
    - iputils-ping
    - isc-dhcp-client
    - locales
    - netbase
    - net-tools
    - openssh-client
    - procps
    - unattended-upgrades
    - bash-completion
    action: install  



  repositories:
  - name: sources.list
    url: |-
      deb http://deb.debian.org/debian {{ image.release }} main contrib
      deb http://deb.debian.org/debian {{ image.release }}-updates main contrib
      deb http://security.debian.org {{ image.release }}-security main contrib


actions:
- trigger: post-unpack
  action: |-
    #!/bin/sh
    #Disable apt Recommends and Suggests
    echo 'APT::Install-Recommends "false";' > /etc/apt/apt.conf.d/01Recommends
    echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/01Suggests
    #ProxyCacheSetting
    echo '#CacheServer not set' > /etc/apt/apt.conf.d/01prox
- trigger: post-packages
  action: |-
    #!/bin/sh
    set -eux

    # Disable networkd (unused)
    systemctl mask systemd-networkd.service
    systemctl mask systemd-networkd.socket
    systemctl mask systemd-networkd-wait-online.service

    # Make sure the locale is built and functional
    echo en_US.UTF-8 UTF-8 >> /etc/locale.gen
    locale-gen en_US.UTF-8 UTF-8
    update-locale LANG=en_US.UTF-8

    # Cleanup underlying /run
    mount -o bind / /mnt
    rm -rf /mnt/run/*
    umount /mnt
    
    #Set TimeZone
    echo "Europe/Amsterdam" > /etc/timezone
    rm /etc/localtime
    ln -s /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime

    # Cleanup temporary shadow paths
    rm /etc/*-

mappings:
  architecture_map: debian