From b3835c64eacc6e663f948295cb3fa38c6ccaf97d Mon Sep 17 00:00:00 2001 From: Adam Dodman Date: Tue, 6 Feb 2018 01:36:23 +0000 Subject: [PATCH] Initial Commit --- AlpineBaseNotes.md | 66 ++++++++++++++++++++++++++++++++++++++++++++++ Readme.md | 8 ++++++ alpinelinux.conf | 5 ++++ alpinelinux.gpg | 53 +++++++++++++++++++++++++++++++++++++ builder_commands | 37 ++++++++++++++++++++++++++ drone-agent.start | 2 ++ drone-compose.yml | 14 ++++++++++ motd.sh | 18 +++++++++++++ 8 files changed, 203 insertions(+) create mode 100644 AlpineBaseNotes.md create mode 100644 Readme.md create mode 100644 alpinelinux.conf create mode 100644 alpinelinux.gpg create mode 100644 builder_commands create mode 100644 drone-agent.start create mode 100644 drone-compose.yml create mode 100644 motd.sh diff --git a/AlpineBaseNotes.md b/AlpineBaseNotes.md new file mode 100644 index 0000000..733d2cc --- /dev/null +++ b/AlpineBaseNotes.md @@ -0,0 +1,66 @@ +# To create an alpine base image: + +Spin up a new VM: + - 512MB RAW Disk image (hence called alpine.img) + - Virtio Network bridge + - ISO of Alpine Virtual ed. attached + +Inside the VM: + - Add the following to /etc/network/interfaces: + + + auto lo + iface lo inet loopback + + auto eth0 + iface eth0 inet dhcp + hostname alpine + + - `/etc/init.d/networking restart` + - Run `setup-alpine`: + - gb + - gb + - alpine + - eth0 + - dhcp + - no + - [Enter twice] + - UTC + - none + - 1 + - openssh + - busybox + - sda + - sys + - y + + + - `passwd -d root` + - `poweroff` + +Make sure the VM is stopped. + +Run `virt-sysprep -a alpine.img` + +Run `xz -k -verbose -T4 --best --block-size=16777216 alpine.img` + +Create the index file as below. <> Shows commands to generate the required data. Replace version as needed. + + ``` + [alpine-37] + name=Alpine 3.7 + osinfo=alpine + arch=x86_64 + file=alpine.img.xz + checksum= + format=raw + size= + compressed_size= + expand=/dev/sda3 + ``` + +Sign the index file: + `gpg --clearsign --armor index` + + +Upload the generated `index.asc` and `alpine.img.xz` files to a web server. diff --git a/Readme.md b/Readme.md new file mode 100644 index 0000000..68d1e67 --- /dev/null +++ b/Readme.md @@ -0,0 +1,8 @@ +# Alpine Drone Agent builder + +Create a VM for setting a drone build agent. + +Put alpinelinux.\* into /etc/xdg/virt-builder/repos.d/ + +Put your credentials into dronecfg, then +Run with `virt-builder --size 10G --format qcow2 --commands-from-file builder-commands` diff --git a/alpinelinux.conf b/alpinelinux.conf new file mode 100644 index 0000000..a92eaf5 --- /dev/null +++ b/alpinelinux.conf @@ -0,0 +1,5 @@ +# Put this file in /etc/xdg/virt-builder/repos.d to use the Alpine base images + +[Alpine] +uri=https://adam-ant.co.uk/builder/index.asc +gpgkey=file:///etc/xdg/virt-builder/repos.d/alpinelinux.gp diff --git a/alpinelinux.gpg b/alpinelinux.gpg new file mode 100644 index 0000000..56441d3 --- /dev/null +++ b/alpinelinux.gpg @@ -0,0 +1,53 @@ +# Put this file in /etc/xdg/virt-builder/repos.d to use the Alpine base images + +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFeFdVUBEAC6uEuw0aWkcBducFNV2US3baRMmvspWlz4Lt1RJg5HNNA1R++V +XSwvSG8UFshtU50PVf8qGd7pN4h4Ei+Sr+MYoriG9zK9g2/ba3Q7R7EU3SgjiaWT +lZHaBdjjPvNydkR/7gFTSI4NAezycEkoE/oR2igDHnnM35XoBm1O2UwYmVjapLgN +6tP4YvPc4qTJNgDnkDXj4DE1Rr0Ybg/k5Fz8o+zlK8MB4W9ejK5XfyP1dIE7/tAp +Fjvwn5RY/BEvIz+jNP1HVTOtTIODlPxsJDGG1PwQc/xCT41IRqcVxDLhi0EFp3OJ +uucJAzPiKsB8zQhvt/FiFILBxMTWLCpoudI/B4gbFtMWlcsYksFWMiCB+pl33vij +xNOsi+ZHY6dR8rPcH6ChjKxeO4EUlUYAQXof3Wx5zJRUwYwN5IkYMnF4c1BXwifz +krvs9z4BVPd1TPYszY50CZPovU+NblJqUfvNVOZpalsJS+HYoOEsVuDK3r5uwupP +cMCOZf4RnyF3Sqfo1w50G0D0FvVmpgfoh4rD6d0YQ2Qn2jBoXlKP0SRUHkkEz28P +XtvN/JZb7YCEjzSG8Kh7/E4E3Z80ZRpxLrHjYJRtexdfsjmJ9G3ypNy4/dvJWsH9 +eGTXEUHZxPN6ZrPLGjsiNOkEKaaMXtsBCLiF3bAz0yA4lTKJfbZqOcpsCwARAQAB +tCFBZGFtIERvZG1hbiA8YWRhbS5kb2RtYW5AZ214LmNvbT6JAj0EEwEIACcFAleF +dVUCGwMFCRLMAwAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQeCaxCIlbhqpv +yA//bWHSr1PhoDc+ht1XsZZ/7Ycf9/E0Hw18DeYeKWCFafKswclbPYH80fpxzOQG +gaqux4xswniCDcn64mdYMguH+uRbAy7W/yVKvv05o3FCzMvVqUNaR0ovW+8JZ4DP +H82p6JHvtvlRrOnpnSIYLXe4L3RBwqFc9tET9/VLuYPUyv9uQfsC8E3w6tnu0Q1G +x6z+5RdFZayucimo1CuZxreW8w+Y/b+rygpu0Y7y99q2PL9DjjxF9OYgfsO5eKLq +CiLUkoPNunjtUbUVooJqTso+9oRr34yw7qKQdi2wGWcPEy2drN0RYA1umc4xyyl3 +Lq5EPoiUv4BuukazB8C/fjl19OIPvke3OAcsZ9lXwEGlgIKormylmu17mjSFizoB +o0UjwjkET2Fprdf5qZbiaQsi0XNloVufoK662jGin3vLtPqPSB9+FvtK0eSgI94f +JKGQDWFtRdiTtRQeSb2X2O5PvbKLqKue+c4vNzt9Q32mIwo556xrYMqPjo8gFHqu +GOmEl6oIX/w7jrfoglflTe5o1Hdd2j6uyh8c+HYARo8uxB+HpaeoikXhSA9qXyUh +Y+Y7sZ8m0LIhrnFPVvgf0eJ+i6GEtQijOo/OIDzubs4nkhSMJzLLs7YrahVmsRub +QZAih5RAo7CeTOeAMHI23M5D96VmqlHG/xFW6qoLEAI8Hhi5Ag0EV4V1VQEQAN7z +Z27n5msWE/OsF4GnZtDAu0qj2dqkDWmp92UURnPfnRnqkig2aK/qu+c6rlJZhvjV +MgNxsyjMD9tYm4Wyx8EvIe1EHyDrb9bd/hkSGneshLVpsLxlw1zIbvNmNEeD2yHB +URuTkt8PV06WlPk6SqB4VW3y1f27ggvF5Jv7IPtlTBaCZIaq9iTpEd+JmHTxjx+E +OdnUxSPJFOHA2esTGUCdMEMI45GV8SXHpOrQI1KYqQjXIc7EAl/JfSwi3etLCweL +OP7Q8lSNSfedLFiGBpqZnqXNNQkIgRJPI67BmLrUnKdKDtS7eoaHb0Dyr9gyWmiU +dLe3JkWz/Alocqpts14wTpDHPyPZHf2Abq1qNgMxoDdBOm5L4qR7zXkEgxiOphyT +fgnXHtP5akNWM+3YzfmWu1SnG6AIMUmOAg9br213ibJM8JWcYT4/QN0xxc2egEuZ +sOh7HYDO9VdX22ixNscAOboeuNNpbnRT1lFNBSqR5h7Ei44Nk0Gil/ZWIvxPqqLu +30rY/5Yf+JAPVIB4h2ji5f3iRgkByAB8mXN9ls559m/SySswx/1nvGLrdcG7n9nn +wlScp9Doogw+EzKYDJJtt4P3iu7GNcaVYQw0ioAA8OeB1WtMXHS7PQVENF+LDAHK +KD7zACa4gvDX1o+4R+wf7Bo8h/zWUTXjp9QJ+u83ABEBAAGJAiUEGAEIAA8FAleF +dVUCGwwFCRLMAwAACgkQeCaxCIlbhqpEPA/7Bnz6HnUUK7fNkjET0LtkflETOwtE +ZARCL9MFkvjezoOYoTvrkwWPA3B53n36ysFCUiylNeEWx6gNgSWgILkPQeGZEZiE +dMcmZBfaYOyfbocfnt06ahMmbtmus5WhC92zu9ej+VXe3zLlmt0BmrwF0Ei5ynGM +CPGDBCrq5pbQmQ5YHxoXaPKEyEM3Wh5fl2aiD+vn0YHXdk8CziFtTWnTv3kDL+68 +4UPv1Uel9xE4hNIu9xMW4cthXCi+fPomSoME/S3qpsKQFmv+y3I1+dP/xoSCqZbY +5bKVnC22Bkei511hhid0dtCDn3jcf8N9N3OotSzt2g7SaMLNwN66vE/g0OU57l7/ +YH76ZNDs7dowFCIs/va0qEr0d3HzY1kS4oSTJPSNLfClEBuQqxIpZdM0DofuIfoX +3bWDc2QNc0A87lju1rrQbrN3IpgYEmsGTSu/DAlJ0kSZ+UHV1znLXLV1rdLcd2na +lCxg0q4Lk54sIMXS99Tc+Hw9krqMk0AiMTwqMj+9c3KuNKZcXzjhUU5Q7Lvs5ijM +MOtmHcRpgnWrdrbnOI24bUkqjG0fN2F1Ux4dZqDyHGQPQNURafGpndMIuCbInrww +HIP7arIt2VHrdmKD3QwlYdCyTlv5aY0SCHBDzJrIJB5m2V5ehv/OAyyFvqod28kg +3ya6/GAAIAeCGnw= +=jF2v +-----END PGP PUBLIC KEY BLOCK----- diff --git a/builder_commands b/builder_commands new file mode 100644 index 0000000..1e8a5a8 --- /dev/null +++ b/builder_commands @@ -0,0 +1,37 @@ +# Enable the community repo +edit /etc/apk/repositories:'s/^#\(.*community\)/\1/g' + +# Setup the new MOTD +run motd.sh + +# Disallow root login +root-password disabled +edit /etc/ssh/sshd_config:'/^PermitRootLogin yes/d' + +# Set up the docker user +update +install docker +install sudo +install shadow +run-command adduser -D -G docker docker +run-command { echo changeme; echo changeme; } | passwd docker +run-command echo changeme | chage -d 0 docker +run-command echo 'docker ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers.d/docker-nopasswd +chmod 0640:/etc/sudoers.d/* + +# Install docker +install docker +run-command rc-update add docker boot +run-command service docker start + +# Install docker-compose +install python +install py-pip +run-command pip install docker-compose +uninstall py-pip + +# Set up pruning docker every 15 minutes. Useful for build agents +run-command rc-update add crond +run-command echo '*/15 * * * * docker system prune -a -f --filter until=10m' | crontab -u docker - + +# Install the drone-agent starters diff --git a/drone-agent.start b/drone-agent.start new file mode 100644 index 0000000..08b9ae3 --- /dev/null +++ b/drone-agent.start @@ -0,0 +1,2 @@ +#! /bin/sh +docker-compose -f /etc/drone-compose.yml up --force-recreate -d diff --git a/drone-compose.yml b/drone-compose.yml new file mode 100644 index 0000000..4a4a4a4 --- /dev/null +++ b/drone-compose.yml @@ -0,0 +1,14 @@ +version: '3.1' + +# Run this on a dedicated box only! +# It WILL make a mess of the docker daemon + +services: + agent: + image: drone/agent:0.8.4 + container_name: drone-agent + command: agent + restart: always + volumes: + - /var/run/docker.sock:/var/run/docker.sock + env_file: /etc/dronecfg diff --git a/motd.sh b/motd.sh new file mode 100644 index 0000000..f32314e --- /dev/null +++ b/motd.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +source /etc/os-release + +cat << EOF > /etc/motd + +$PRETTY_NAME ($VERSION_ID) Docker Host + +Built as a CI runner for Docker-based CI platforms + such as Drone-CI https://github.com/drone/drone + +See the Alpine Wiki for how-to guides and +general information about administrating +Alpine systems and development. +See + +EOF +