Latest development (#1)

* Update install.bu * Update create-ipxe-iso.sh * Update coreos-install.ipxe * Update create-ipxe-iso.sh * temporary sample * triggering action * Update docker-image.yml * Automate ignition file generation from butane * restores previous butane * Automate ignition file generation from butane * Tries to keep var partition * Automate ignition file generation from butane * Adds compose files for apps * Automate ignition file generation from butane * Update coreos-install.ipxe * Automate ignition file generation from butane * Update coreos.bu * Automate ignition file generation from butane * Update coreos-install.ipxe * Automate ignition file generation from butane * Upgrades version * Automate ignition file generation from butane * Adds vim and docker compose * Automate ignition file generation from butane * Update coreos-install.ipxe * Automate ignition file generation from butane * Update README.md * Automate ignition file generation from butane * Automates containers creation * Automate ignition file generation from butane * UID and GID in NFS * Automate ignition file generation from butane * remove binding * Automate ignition file generation from butane * Update coreos.bu * Automate ignition file generation from butane * adds guid * group * removes pcloud due to issues * fixes uid and guid * Fixes group and user * Automate ignition file generation from butane * fixes port * Automate ignition file generation from butane * mariadb install and enable (prototype) * Automate ignition file generation from butane * removes mariadb, changes guid to 1000 * Automate ignition file generation from butane * fixes * Automate ignition file generation from butane * fixes z2mqtt permission, adds dialout group * Automate ignition file generation from butane * no need to create dialout (ignition would fail * Automate ignition file generation from butane * testing group without name * Automate ignition file generation from butane * removing due to coreos bug: coreos/fedora-coreos-tracker#155 * Automate ignition file generation from butane * depends * Automate ignition file generation from butane * jellyfin folders * Automate ignition file generation from butane * rename * Automate ignition file generation from butane * removes old option * Automate ignition file generation from butane * password not needed anymore (was temporary) * Automate ignition file generation from butane * new github action for multiple butane files * fixes paths * action * fixes action * Automate ignition file generation from butane * Splits butane into multiple configs * fixes butane * Fixes remote butanes * Automate ignition file generation from butane
UnconventionalMindset · Dec 12, 2022 · db3cf00 · db3cf00
1 parent 4424d4a
commit db3cf00
Show file tree

Hide file tree

Showing 19 changed files with 467 additions and 253 deletions.
diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
@@ -1,4 +1,4 @@
-name: Docker Buton to Ignite
+name: Docker Butane to Ignite
 
 on:
   push:
@@ -16,12 +16,12 @@ jobs:
     - uses: actions/checkout@v3
     - name: Build the Docker image
       run: |
-        rm -f coreos.ign
-        rm -f install.ign
-        docker run -i --rm quay.io/coreos/butane:release --pretty --strict < coreos.bu > coreos.ign
-        docker run -i --rm quay.io/coreos/butane:release --pretty --strict < install.bu > install.ign
-        docker run -i --rm quay.io/coreos/ignition-validate:release - < coreos.ign
-        docker run -i --rm quay.io/coreos/ignition-validate:release - < install.ign
+        for entry in "butane"/*
+        do
+          filename=$(basename $entry .bu)
+          docker run -i --rm quay.io/coreos/butane:release --pretty --strict < butane/$filename.bu > ignition/$filename.ign
+          docker run -i --rm quay.io/coreos/ignition-validate:release - < ignition/$filename.ign
+        done
         git config --global user.name 'UnconventionalMindset'
         git config --global user.email '[email protected]'
         git commit --allow-empty -am "Automate ignition file generation from butane"

diff --git a/README.md b/README.md
@@ -4,4 +4,3 @@
 
 - [x] Github action to convert Butane to Ignite.
 - [x] Creation of ISO image that automatically install Fedora Core OS using the `coreos.ign` present in this repo from its url. Used for provisioning in my Proxmox.
-Current script to embed the ignite to the iso is here: https://gist.github.com/UnconventionalMindset/632f3892e2149ac826af90892d0cca13
diff --git a/apps/hass/docker-compose.yml b/apps/hass/docker-compose.yml
@@ -0,0 +1,17 @@
+---
+version: "3"
+services:
+  homeassistant:
+    image: lscr.io/linuxserver/homeassistant:latest
+    container_name: hass
+    network_mode: host
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/Zurich
+    volumes:
+      - /var/mnt/shared/apps/docker/homeassistant/config:/config
+    # ports:
+    #   - 8123:8123
+    restart: unless-stopped
+    privileged: true
diff --git a/apps/jellyfin/docker-compose.yml b/apps/jellyfin/docker-compose.yml
@@ -0,0 +1,22 @@
+---
+version: "3.3"
+services:
+  jellyfin:
+    image: lscr.io/linuxserver/jellyfin:latest
+    container_name: jellyfin
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/Zurich
+      - JELLYFIN_PublishedServerUrl=192.168.31.200 #optional
+    volumes:
+      - /var/mnt/shared/apps/docker/jellyfin/config:/config
+      - /var/mnt/shared/apps/files/series:/data/tvshows
+      - /var/mnt/shared/apps/files/films:/data/movies
+    ports:
+      - 8096:8096
+      - 8920:8920
+      - 7359:7359/udp
+      - 1901:1900/udp
+    restart: unless-stopped
+    privileged: true
diff --git a/apps/mosquitto/docker-compose.yml b/apps/mosquitto/docker-compose.yml
@@ -0,0 +1,15 @@
+services:
+  mosquitto:
+    container_name: mosquitto
+    image: eclipse-mosquitto:2
+    volumes:
+      - /var/mnt/shared/apps/docker/mosquitto/config/:/mosquitto/config/:rw
+      - /var/mnt/shared/apps/docker/mosquitto/log/:/mosquitto/log/
+      - /var/mnt/shared/apps/docker/mosquitto/data/:/mosquitto/data/
+    ports:
+      - 1883:1883
+      - 9002:9001
+    privileged: true
+
+volumes:
+  data: ~
diff --git a/apps/zigbee2mqtt/docker-compose.yml b/apps/zigbee2mqtt/docker-compose.yml
@@ -0,0 +1,19 @@
+version: '3.8'
+services:
+  zigbee2mqtt:
+    container_name: zigbee2mqtt
+    image: koenkk/zigbee2mqtt
+    restart: unless-stopped
+    user: 1000:1000
+    depends_on:
+      - mosquitto
+    volumes:
+      - /var/mnt/shared/apps/docker/z2mqtt/config:/app/data
+      - /run/udev:/run/udev:ro
+    ports:
+      # Frontend port
+      - 8080:8080
+    environment:
+      - TZ=Europe/Zurich
+    devices:
+      - /dev/serial/by-id/usb-ITead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_22fe32bb2286ec118b52631719c2d21c-if00-port0:/dev/ttyUSB0
diff --git a/butane/apps.bu b/butane/apps.bu
@@ -0,0 +1,109 @@
+variant: fcos
+version: 1.4.0
+storage:
+  files:
+    - path: /var/home/core/download-apps-docker-composes.sh
+      overwrite: true
+      contents:
+        inline: |
+          #!/usr/bin/bash
+          git clone --filter=blob:none --branch dev --no-checkout --depth 1 --sparse https://github.com/UnconventionalMindset/coreos-setup.git /var/home/core/coreos-setup
+          cd /var/home/core/coreos-setup
+          git sparse-checkout set apps
+          git checkout
+          mkdir /etc/docker/compose/
+          mv /var/home/core/coreos-setup/apps/* /etc/docker/compose/
+          rm -rf /var/home/core/coreos-setup
+    - path: /var/home/core/deploy-stack.sh
+      overwrite: true
+      contents:
+        inline: |
+          #!/usr/bin/bash
+          composes=($(ls /etc/docker/compose/))
+          for (( i = 0; i < ${#composes[@]} ; i++ )); do
+            systemctl start docker-compose@${composes[$i]}
+          done
+
+systemd:
+  units:
+    - name: download-apps-docker-composes.service
+      enabled: true
+      contents: |
+        [Unit]
+        Description=Downloads apps docker composes
+        Wants=network-online.target
+        After=network-online.target
+        ConditionPathExists=!/var/lib/%N.stamp
+
+        [Service]
+        Type=oneshot
+        RemainAfterExit=yes
+        ExecStart=/usr/bin/bash /var/home/core/download-apps-docker-composes.sh
+        ExecStart=/bin/touch /var/lib/%N.stamp
+
+        [Install]
+        WantedBy=multi-user.target
+    - name: [email protected]
+      contents: |
+        [Unit]
+        Description=%i service with docker compose
+        PartOf=docker.service
+        Wants=network-online.target docker.service rpm-ostree-install-docker-compose.service
+        After=network-online.target rpm-ostree-install-docker-compose.service
+
+        [Service]
+        Type=oneshot
+        RemainAfterExit=true
+        WorkingDirectory=/etc/docker/compose/%i
+        ExecStart=/usr/bin/docker-compose up -d --remove-orphans
+        ExecStop=/usr/bin/docker-compose down
+
+        [Install]
+        WantedBy=multi-user.target
+    - name: deploy-stack.service
+      enabled: true
+      contents: |
+        [Unit]
+        Description=Deploy stack with docker compose
+        Wants=network-online.target docker.service rpm-ostree-install-docker-compose.service download-apps-docker-composes.service
+        After=network-online.target rpm-ostree-install-docker-compose.service download-apps-docker-composes.service
+
+        [Service]
+        Type=oneshot
+        RemainAfterExit=true
+        ExecStart=/usr/bin/bash /var/home/core/deploy-stack.sh
+
+        [Install]
+        WantedBy=multi-user.target
+    - name: docker.portainer.service
+      enabled: true
+      contents: |-
+        [Unit]
+        Description=Portainer Admin Container
+        After=docker.service var-mnt-shared.mount
+        Requires=docker.service network.target network-online.target
+
+        [Service]
+        Type=oneshot
+        RemainAfterExit=yes
+        TimeoutStartSec=0
+        ExecStartPre=-/usr/bin/docker stop %n
+        ExecStartPre=-/usr/bin/docker rm %n
+        ExecStartPre=/usr/bin/docker pull portainer/portainer-ce:latest
+        ExecStart=-/usr/bin/mkdir -p /mnt/shared/apps/docker/portainer
+        # Privileged mode is required for binding to local socket to work due to SELINUX (https://github.com/portainer/portainer/issues/849)
+        ExecStart=/usr/bin/docker run \
+          --privileged=true \
+          -d \
+          -p 9000:9000 \
+          --name %n \
+          --restart always \
+          -v /var/run/docker.sock:/var/run/docker.sock \
+          -v /mnt/shared/apps/docker/portainer:/data \
+          portainer/portainer-ce:latest \
+            --templates https://raw.githubusercontent.com/UnconventionalMindset/portainer/main/template.json \
+            --admin-password-file /data/.secrets/portainer_pass
+        ExecStop=/usr/bin/docker stop -t 15 %n
+
+        [Install]
+        WantedBy=multi-user.target
diff --git a/butane/coreos.bu b/butane/coreos.bu
@@ -0,0 +1,75 @@
+variant: fcos
+version: 1.4.0
+ignition:
+  config:
+    merge:
+      - source: https://raw.githubusercontent.com/UnconventionalMindset/coreos-setup/dev/ignition/apps.ign
+      - source: https://raw.githubusercontent.com/UnconventionalMindset/coreos-setup/dev/ignition/install-programs.ign
+      - source: https://raw.githubusercontent.com/UnconventionalMindset/coreos-setup/dev/ignition/network.ign
+      - source: https://raw.githubusercontent.com/UnconventionalMindset/coreos-setup/dev/ignition/nfs.ign
+      - source: https://raw.githubusercontent.com/UnconventionalMindset/coreos-setup/dev/ignition/users_and_groups.ign
+
+storage:
+  files:
+    - path: /etc/profile.d/systemd-pager.sh
+      mode: 0644
+      contents:
+        inline: |
+          # Tell systemd to not use a pager when printing information
+          export SYSTEMD_PAGER=cat
+    - path: /etc/sysctl.d/20-silence-audit.conf
+      mode: 0644
+      contents:
+        inline: |
+          # Raise console message logging level from DEBUG (7) to WARNING (4)
+          # to hide audit messages from the interactive console
+          kernel.printk=4
+
+systemd:
+  units:
+    - name: [email protected]
+      dropins:
+      - name: autologin-core.conf
+        contents: |
+          [Service]
+          # Override Execstart in main unit
+          ExecStart=
+          # Add new Execstart with `-` prefix to ignore failure
+          ExecStart=-/usr/sbin/agetty --autologin core --noclear %I $TERM
+          TTYVTDisallocate=no
+    - name: failure.service
+      enabled: true
+      contents: |
+        [Service]
+        Type=oneshot
+        ExecStart=/usr/bin/false
+        RemainAfterExit=yes
+
+        [Install]
+        WantedBy=multi-user.target
+    - name: etcd-member.service
+      enabled: true
+      contents: |
+        [Unit]
+        Description=Run a single node etcd
+        After=network-online.target
+        Wants=network-online.target
+
+        [Service]
+        ExecStartPre=mkdir -p /var/lib/etcd
+        ExecStartPre=-/bin/podman kill etcd
+        ExecStartPre=-/bin/podman rm etcd
+        ExecStartPre=-/bin/podman pull quay.io/coreos/etcd
+        ExecStart=/bin/podman run --name etcd --net=host \
+                    --volume /var/lib/etcd:/etcd-data:z  \
+                    quay.io/coreos/etcd:latest /usr/local/bin/etcd              \
+                            --data-dir /etcd-data --name node1                  \
+                            --initial-advertise-peer-urls http://127.0.0.1:2380 \
+                            --listen-peer-urls http://127.0.0.1:2380            \
+                            --advertise-client-urls http://127.0.0.1:2379       \
+                            --listen-client-urls http://127.0.0.1:2379          \
+                            --initial-cluster node1=http://127.0.0.1:2380
+        ExecStop=/bin/podman stop etcd
+
+        [Install]
+        WantedBy=multi-user.target
diff --git a/butane/install-programs.bu b/butane/install-programs.bu
@@ -0,0 +1,64 @@
+variant: fcos
+version: 1.4.0
+storage:
+  files:
+    # Set vim as default editor
+    # We use `zz-` as prefix to make sure this is processed last in order to
+    # override any previously set defaults.
+    - path: /etc/profile.d/zz-default-editor.sh
+      overwrite: true
+      contents:
+        inline: |
+          export EDITOR=vim
+systemd:
+  units:
+    # Installing vim as a layered package with rpm-ostree
+    - name: rpm-ostree-install-vim.service
+      enabled: true
+      contents: |
+        [Unit]
+        Description=Layer vim with rpm-ostree
+        Wants=network-online.target
+        After=network-online.target
+        # We run before `zincati.service` to avoid conflicting rpm-ostree
+        # transactions.
+        Before=zincati.service rpm-ostree-install-docker-compose.service
+        ConditionPathExists=!/var/lib/%N.stamp
+
+        [Service]
+        Type=oneshot
+        RemainAfterExit=yes
+        # `--allow-inactive` ensures that rpm-ostree does not return an error
+        # if the package is already installed. This is useful if the package is
+        # added to the root image in a future Fedora CoreOS release as it will
+        # prevent the service from failing.
+        ExecStart=/usr/bin/rpm-ostree install --apply-live --allow-inactive vim
+        ExecStart=/bin/touch /var/lib/%N.stamp
+
+        [Install]
+        WantedBy=multi-user.target
+    # Installing docker-compose as a layered package with rpm-ostree
+    - name: rpm-ostree-install-docker-compose.service
+      enabled: true
+      contents: |
+        [Unit]
+        Description=Layer docker-compose with rpm-ostree
+        Wants=network-online.target
+        After=network-online.target
+        # We run before `zincati.service` to avoid conflicting rpm-ostree
+        # transactions.
+        Before=zincati.service
+        ConditionPathExists=!/var/lib/%N.stamp
+
+        [Service]
+        Type=oneshot
+        RemainAfterExit=yes
+        # `--allow-inactive` ensures that rpm-ostree does not return an error
+        # if the package is already installed. This is useful if the package is
+        # added to the root image in a future Fedora CoreOS release as it will
+        # prevent the service from failing.
+        ExecStart=/usr/bin/rpm-ostree install --apply-live --allow-inactive docker-compose
+        ExecStart=/bin/touch /var/lib/%N.stamp
+
+        [Install]
+        WantedBy=multi-user.target
diff --git a/install.bu → butane/install.bu b/install.bu → butane/install.bu
@@ -5,5 +5,5 @@ storage:
     - path: /etc/coreos/installer.d/custom.yaml
       contents:
         inline: |
-          ignition-url: https://raw.githubusercontent.com/UnconventionalMindset/coreos-setup/main/coreos.ign
+          ignition-url: https://raw.githubusercontent.com/UnconventionalMindset/coreos-setup/dev/ignition/coreos.ign
           dest-device: /dev/sda
Original file line number	Diff line number	Diff line change
Expand Up		@@ -4,4 +4,3 @@

		- [x] Github action to convert Butane to Ignite.
		- [x] Creation of ISO image that automatically install Fedora Core OS using the `coreos.ign` present in this repo from its url. Used for provisioning in my Proxmox.
		Current script to embed the ignite to the iso is here: https://gist.github.com/UnconventionalMindset/632f3892e2149ac826af90892d0cca13