153 lines
4.7 KiB
Bash
Executable File
153 lines
4.7 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
state="$(cat $__object/parameter/state)"
|
|
template="$(cat $__object/parameter/template)"
|
|
ip4_addr="$(cat $__object/parameter/bridge)|$(cat $__object/parameter/ip)"
|
|
interfaces="none:none"
|
|
defaultrouter="none"
|
|
vnet="off"
|
|
jail_zfs_dataset="$(cat $__object/parameter/jail_zfs_dataset)"
|
|
devfs_ruleset="$(cat $__object/parameter/devfs_ruleset)"
|
|
allow_socket_af="$(cat $__object/parameter/allow_socket_af)"
|
|
mount_procfs="$(cat $__object/parameter/mount_procfs)"
|
|
mount_linprocfs="$(cat $__object/parameter/mount_linprocfs)"
|
|
|
|
if [ "X$state" = "Xabsent" ]; then
|
|
cat <<EOF
|
|
iocage stop $__object_id || true
|
|
iocage destroy -f $__object_id || true
|
|
rm -f /iocage/jails/$__object_id
|
|
EOF
|
|
else
|
|
cat <<EOF
|
|
get_property_zfs () {
|
|
zfs get -H -o value \$1 "\$2"
|
|
}
|
|
|
|
get_property_iocage () {
|
|
get_property_zfs "org.freebsd.iocage:\$1" "/iocage/jails/\$2"
|
|
}
|
|
|
|
create_new=0
|
|
if [ ! -d /iocage/jails/"$__object_id" ]; then
|
|
echo "Jail $__object_id does not exist, going to create."
|
|
create_new=1
|
|
else
|
|
base=\$(get_property_zfs origin "/iocage/jails/$__object_id")
|
|
current_template=\$(get_property_zfs org.freebsd.iocage:tag "\$base")
|
|
if [ "X\$current_template" != "X$template" ]; then
|
|
echo "Jail $__object_id has base \$current_template, which is not $template. " >&2
|
|
create_new=1
|
|
fi
|
|
fi
|
|
|
|
if [ \$create_new -eq 0 ]; then
|
|
if [ "off" == "\$(get_property_iocage jail_zfs "$__object_id")" ]; then
|
|
current_jail_zfs_dataset=""
|
|
else
|
|
current_jail_zfs_dataset="\$(get_property_iocage jail_zfs_dataset "$__object_id")"
|
|
fi
|
|
fi
|
|
|
|
configure=0
|
|
if [ \$create_new -eq 1 ]; then
|
|
configure=1
|
|
elif [ "X$vnet" != "X\$(get_property_iocage vnet "$__object_id")" ]; then
|
|
configure=1
|
|
elif [ "X$ip4_addr" != "X\$(get_property_iocage ip4_addr "$__object_id")" ]; then
|
|
configure=1
|
|
elif [ "X$interfaces" != "X\$(get_property_iocage interfaces "$__object_id")" ]; then
|
|
configure=1
|
|
elif [ "X$defaultrouter" != "X\$(get_property_iocage defaultrouter "$__object_id")" ]; then
|
|
configure=1
|
|
elif [ "X$mount_procfs" != "X\$(get_property_iocage mount_procfs "$__object_id")" ]; then
|
|
configure=1
|
|
elif [ "X$devfs_ruleset" != "X\$(get_property_iocage devfs_ruleset "$__object_id")" ]; then
|
|
configure=1
|
|
elif [ "X$allow_socket_af" != "X\$(get_property_iocage allow_socket_af "$__object_id")" ]; then
|
|
configure=1
|
|
elif [ "X$jail_zfs_dataset" != "X\$current_jail_zfs_dataset" ]; then
|
|
configure=1
|
|
fi
|
|
|
|
if [ \$create_new -eq 1 ]; then
|
|
echo "Creating jail $__object_id" >&2
|
|
|
|
iocage stop $__object_id || true
|
|
iocage destroy -f $__object_id || true
|
|
# Without VNETs, we should not need this.
|
|
# TODO(riso): Use nicer path
|
|
# /root/cdist/ioc deconfigure $__object_id
|
|
|
|
rm -f /iocage/jails/$__object_id
|
|
|
|
iocage clone $template tag=$__object_id
|
|
iocage set boot=on $__object_id
|
|
UUID=\$(iocage list | grep " $__object_id " | awk "{ print \\\$2; }")
|
|
rm -f /iocage/jails/$__object_id
|
|
ln -s /iocage/jails/\$UUID /iocage/jails/$__object_id
|
|
else
|
|
UUID=\$(iocage list | grep " $__object_id " | awk "{ print \\\$2; }")
|
|
echo "Jail $__object_id already exists, UUID=\$UUID" >&2
|
|
fi
|
|
|
|
ROOT="/iocage/jails/\$UUID/root"
|
|
FSTAB="/iocage/jails/\$UUID/fstab"
|
|
rm -f \$FSTAB.new
|
|
touch \$FSTAB.new
|
|
cat $__object/parameter/mount 2>/dev/null | \\
|
|
while read mount; do
|
|
src=\$(echo \$mount | awk -F: "{ print \\\$1; }")
|
|
dst_rel=\$(echo \$mount | awk -F: "{ print \\\$2; }")
|
|
dst="/iocage/jails/\$UUID/root/\$dst_rel"
|
|
mkdir -p "\$dst"
|
|
echo "\$src \$dst nullfs rw 0 0" >>\$FSTAB.new
|
|
done
|
|
if [ $mount_linprocfs -eq 1 ]; then
|
|
echo "linproc /iocage/jails/\$UUID/root/compat/linux/proc linprocfs rw 0 0" >>\$FSTAB.new
|
|
fi
|
|
|
|
fstab_changed=0
|
|
if diff -q \$FSTAB \$FSTAB.new >/dev/null; then
|
|
# pass
|
|
else
|
|
configure=1
|
|
fstab_changed=1
|
|
fi
|
|
|
|
if [ \$configure -eq 1 ]; then
|
|
echo "Configuring jail $__object_id." >&2
|
|
iocage stop $__object_id || true
|
|
|
|
iocage set vnet="$vnet" $__object_id
|
|
iocage set interfaces="$interfaces" $__object_id
|
|
iocage set hostname="$__object_id" $__object_id
|
|
iocage set ip4_addr="$ip4_addr" $__object_id
|
|
iocage set defaultrouter="$defaultrouter" $__object_id
|
|
iocage set mount_procfs="$mount_procfs" $__object_id
|
|
iocage set devfs_ruleset="$devfs_ruleset" $__object_id
|
|
iocage set allow_socket_af="$allow_socket_af" $__object_id
|
|
if [ -n "$jail_zfs_dataset" ]; then
|
|
iocage set jail_zfs=on $__object_id
|
|
iocage set jail_zfs_dataset="$jail_zfs_dataset" $__object_id
|
|
else
|
|
iocage set jail_zfs=off $__object_id
|
|
fi
|
|
|
|
if [ \$fstab_changed -eq 1 ]; then
|
|
umount -afF \$FSTAB || true
|
|
mv \$FSTAB.new \$FSTAB
|
|
fi
|
|
|
|
iocage start $__object_id || true
|
|
|
|
# Iocage creates new mac address, but arp can have an old mac cached.
|
|
# TODO(riso): Is this true without VNETs?
|
|
arp -d -a
|
|
else
|
|
echo "Jail $__object_id is already configured." >&2
|
|
fi
|
|
rm -f \$FSTAB.new
|
|
EOF
|
|
fi
|