Scripting Application Installation for Different Jail Managers

V

victort

I'm trying to think of the most practical way to create easy-to-install scripts for different jail managers. There are a number of jail managers, and each of them has their own template system.

IOcage has plugins
BastilleBSD has templates
Pot has templates
CBSD has templates

Each one of these require separately created files (Bastillefile CBSDfile etc...) to install applications inside a jail. I'm looking for a more practical way to do this that will work with all jail managers. I am also of the opinion that any necessary data MUST be mounted into the jail so it can be easily destroyed and recreated.

I'm open to ideas, as I don't want to focus one one single jail managers xyzFILE to do it.

My current idea is to have the user create the jail with any manager they so choose, then mount the necessary data points, enter the jail, fetch the install script, and run it. That way it can be done using any jail manager.

Or would it be better to stick with one that I like, and focus on the template system for it?
 
pkg(8) is jail-aware and can be executed within any running jail with the '-j' switch. That's also what all those jail managers are actually doing, as they are only wrapper scripts around the system tooling for jails...
 
What if you had a way to make a setup script easier (to copy into a jail that can be run)?

EDIT: NOTE: This script will only print instructions to STDOUT. Will not actually install a package or anything.

Save this to a file (./test.sh).
chmod u+x ./test.sh.
call: ./test.sh install ACME install ACME2 adduser JOHN ABC123 start ACME makedir /var/db

Bash: 
#!/bin/sh

# CONCEPTUAL: create a jail setup script "easier?".
# VER: 0.0

_pkg_bootstraped="False"                                           # Flag: bootstrap pkg repo only once.

print_it() {  #{{{
  # print_it
  # print something
  local _what="$1"


  if [ "${_what}" != "" ]; then
     echo "${_what}"
  fi
}
#}}}
make_dir() {  #{{{
  # make_dir
  # Make a directory
  local _where="$1"


  if [ "${_where}" != "" ]; then
     print_it "mkdir -p \"${_where}\""
  fi
}
#}}}
create_user() { #{{{
   # create_user
   # Creates a user.
   # NOTE: user will have a password the same as their login.
   local _usr="$1"
   if [ "${_usr}" != "" ]; then
     print_it "pw user add -n ${_usr} -d /home/${_usr} -G wheel -m -s /bin/tcsh -w yes"
     print_it "chmod 754 /home/${_usr}"
   fi
}
#}}}
add_key() { #{{{
  # add_key
  # Add a public key for a user
  local _usr="$1"
  local _key="$2"


  if [ "${_usr}" != "" ]; then
     print_it "mkdir -p /home/${_usr}/.ssh"
     print_it "touch /home/${_usr}/.ssh/authorized_keys"
     print_it "echo \"${_key}\" > /home/${_usr}/.ssh/authorized_keys"
     print_it "chown -R ${_usr}:${_usr} /home/${_usr}/.ssh"
     print_it "chmod 700 /home/${_usr}/.ssh"
     print_it "chmod 600 /home/${_usr}/.ssh/authorized_keys"
  fi
}
#}}}
service_start() {  #{{{
   # service_start
   # Enable and start a service.
   local _srv="$1"
   if [ "${_srv}" != "" ]; then
     echo "sysrc ${_srv}_enable=\"YES\""
     echo "service ${_srv} onestart"
   fi
}
#}}}
service_disable() { #{{{
   # service_disable
   # Disable a service.
   # EG:
   #  service_disable sendmail
   local _srv="$1"
   if [ "${_srv}" != "" ]; then
     print_it "service ${_srv} onedisable || true"
   fi
}
#}}}
pkg_bootstrap() { #{{{
  # pkg_bootstrap
  # Bootstrap the pkg repository
  if [ "${_pkg_bootstraped}" = "False" ] ; then
     print_it "# Bootstrap package repo"
     print_it "mkdir -p /usr/local/etc/pkg/repos"
     print_it "test -e /usr/local/etc/pkg/repos/FreeBSD.conf || \ "
     print_it "echo 'FreeBSD: { url: \"pkg+http://pkg.FreeBSD.org/${ABI}/quarterly\" }' \ "
     print_it " >/usr/local/etc/pkg/repos/FreeBSD.conf"
     print_it "ASSUME_ALWAYS_YES=yes pkg bootstrap"
     _pkg_bootstraped="True"
  fi
}
#}}}
pkg_install() { #{{{
   # pkg_install
   # Install a package
   local _pkg="$1"


   if [ "${_pkg}" != "" ]; then                         # Assert: do we have something to install.
     pkg_bootstrap                                # Make sure we can install pakages.
     print_it "pkg install -y ${_pkg}"
   fi
}
#}}}


for item in "$@"
do
   case "$item" in
     adduser) {
             echo "# Adding user: $2" ;
             create_user $2;
             add_key $2 $3;
             shift; } ;;
     start) {
             echo "# starting service: $2";
             service_start $2;
             shift; } ;;
     stop) {
             echo "# stopping service: $2";
             service_disable $2;
             shift; } ;;
     install) {
             echo "# installing package: $2";
             pkg_install $2;
             shift; } ;;
     makedir) {
             echo "# making directory: $2";
             make_dir $2;
             shift; } ;;
     help) {
             echo "`basename $0` USAGE:";
             echo "  adduser <username> <public-key>";
             echo "  start <service-name>";
             echo "  stop <service-name>";
             echo "  install <package-name>";
             echo "  makedir <directory>";
             shift; } ;;
     *) shift ;;
   esac
done
 
You must log in or register to reply here.
Back
Top