initial commit

author: Wojtek Kosior <koszko@koszko.org> 2022-11-21 13:55:12 +0100
committer: Wojtek Kosior <koszko@koszko.org> 2022-11-21 13:55:12 +0100
commit: 9bc697b85a69af4d1a270aa5272db150c98bed42 (patch)
tree: 93d3d1172ef9fc6de8dad6e56e8226146722029e /guix-container.sh
download: koszko-org-server-9bc697b85a69af4d1a270aa5272db150c98bed42.tar.gz
koszko-org-server-9bc697b85a69af4d1a270aa5272db150c98bed42.zip
1 files changed, 167 insertions, 0 deletions
diff --git a/guix-container.sh b/guix-container.sh
new file mode 100755
index 0000000..04781e8
--- /dev/null
+++ b/guix-container.sh
@@ -0,0 +1,167 @@
+#!/bin/sh
+
+# SPDX-License-Identifier: CC0-1.0
+
+# Copyright (C) 2022 Wojtek Kosior <koszko@koszko.org>
+#
+# Available under the terms of Creative Commons Zero v1.0 Universal.
+
+### BEGIN INIT INFO
+# Provides:          guix-container
+# Required-Start:    $local_fs $remote_fs $syslog
+# Required-Stop:     $local_fs $remote_fs $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start Wojtek's Guix container with various services
+### END INIT INFO
+
+set -e
+
+. /lib/lsb/init-functions
+
+if [ 0 != $(id -u) ]; then
+    log_action_msg "Script '$0' must be run as root"
+    exit 1
+fi
+
+PIDFILE=/run/guix-container.pid
+EXECUTABLE=/usr/local/bin/guix-container
+LOG_DIR=/var/log/guix-container
+MAX_CONTAINER_SPINUP_WAIT=60
+
+ACTION="$1"
+shift
+
+OPTIND=1
+while getopts qe:p:l:L: OPTION_LETTER ; do
+    case "$OPTION_LETTER" in
+        p)  PIDFILE="$OPTARG"    ;;
+        e)  EXECUTABLE="$OPTARG" ;;
+        l)  LOG_DIR="$OPTARG" ;;
+        w)  MAX_CONTAINER_SPINUP_WAIT="$OPTARG" ;;
+    esac
+done
+
+GUILE_PID=
+SUCCESS=
+QUIET_EXIT=
+
+is_running() {
+    test -e "$PIDFILE" && test -n "$(ps -o pid= --pid $(cat "$PIDFILE"))"
+    return $?
+}
+
+network_rip() {
+    ip link delete veth-guix-out 2>/dev/null || true
+    ip netns delete guix-container-ns 2>/dev/null || true
+}
+
+stop() {
+    network_rip
+    /sbin/start-stop-daemon                                                 \
+        --stop --signal TERM --pidfile "$PIDFILE"  --remove-pidfile --quiet \
+        --retry 60  2>/dev/null || true
+}
+
+onexit() {
+    if [ -z "$SUCCESS" ]; then
+        if [ "x$ACTION" = "xstart" -a -n "$GUILE_PID" ]; then
+            stop
+            kill $GUILE_PID >/dev/null || true
+        fi
+        if [ -z "$QUIET_EXIT" ]; then
+            log_failure_msg
+        fi
+    else
+        if [ -z "$QUIET_EXIT" ]; then
+            log_success_msg
+        fi
+    fi
+}
+
+start() {
+    KOSZKO_SIDELOAD_REAL=/var/www/koszko.org/html
+    KOSZKO_SIDELOAD_INSIDE=/srv/http/koszko.org
+    HTTP_DIR_SHARE_OPT=--share="$KOSZKO_SIDELOAD_REAL"="$KOSZKO_SIDELOAD_INSIDE"
+
+    mkdir -p "$(dirname "$LOG_DIR")"
+    mkdir --mode=700 -p "$LOG_DIR"
+
+    "$EXECUTABLE" $HTTP_DIR_SHARE_OPT        \
+                  > "$LOG_DIR"/stdout.log    \
+                  2> "$LOG_DIR"/stderr.log &
+
+    GUILE_PID=$!
+    WAIT_TIME=0
+    SHEPHERD_PID=
+
+    while [ $WAIT_TIME -lt "$MAX_CONTAINER_SPINUP_WAIT" ]; do
+        sleep 1
+        WAIT_TIME=$((WAIT_TIME + 1))
+        SHEPHERD_PID=$(ps -o pid= --ppid $GUILE_PID || true)
+        if [ -n "$SHEPHERD_PID" ]; then
+            mkdir -p "$(dirname "$PIDFILE")"
+            printf '%s' $SHEPHERD_PID > "$PIDFILE"
+            break
+        fi
+    done
+
+    if [ -z "$SHEPHERD_PID" ]; then
+        exit 1
+    fi
+
+    network_rip
+
+    ip netns attach guix-container-ns $SHEPHERD_PID
+    ip link add veth-guix-out type veth peer name veth-guix-in
+    ip link set veth-guix-in netns guix-container-ns
+
+    ip link set veth-guix-out up
+    ip addr add 10.207.87.1/24 dev veth-guix-out
+
+    ip netns exec guix-container-ns ip link set lo up
+    ip netns exec guix-container-ns ip link set veth-guix-in up
+    ip netns exec guix-container-ns ip addr add 10.207.87.2/24 dev veth-guix-in
+}
+
+trap onexit EXIT
+
+case "$ACTION" in
+    start)
+        if is_running; then
+            log_daemon_msg "Guix container" "already running"
+            log_warning_msg
+            QUIET_EXIT=1
+        else
+            log_daemon_msg "Guix container" "starting"
+            start
+        fi
+        ;;
+    stop)
+        log_daemon_msg "Guix container" "stopping"
+        stop
+        ;;
+    restart)
+        QUIET_EXIT=1
+        "$0" stop "$@"
+        "$0" start "$@"
+        ;;
+    reload|force-reload)
+        QUIET_EXIT=1
+        "$0" stop "$@"
+        "$0" start "$@"
+        ;;
+    status)
+        status_of_proc -p "$PIDFILE" "$EXECUTABLE" "Guix container"
+        QUIET_EXIT=1
+        ;;
+    *)
+        log_action_msg "Usage: $0 {start|stop|status|restart|reload|force-reload}"
+        QUIET_EXIT=1
+        exit 2
+        ;;
+esac
+
+SUCCESS=1
+
+exit 0
author	Wojtek Kosior <koszko@koszko.org>	2022-11-21 13:55:12 +0100
committer	Wojtek Kosior <koszko@koszko.org>	2022-11-21 13:55:12 +0100
commit	9bc697b85a69af4d1a270aa5272db150c98bed42 (patch)
tree	93d3d1172ef9fc6de8dad6e56e8226146722029e /guix-container.sh
download	koszko-org-server-9bc697b85a69af4d1a270aa5272db150c98bed42.tar.gz koszko-org-server-9bc697b85a69af4d1a270aa5272db150c98bed42.zip