#!/bin/bash
die() { echo "$@" >&2; exit 1; }
empty() { [ $(find "$1" -mindepth 1 | wc -l) -eq 0]; }
lxc=/lxc; root=rootfs; name=basic; rootfs=$lxc/$name/$root
[ $(id) -eq 0 ] || die "Must be run as root"
[ -d $lxc ] || die "$lxc must exist"
{ [ ! -d $lxc/$name ] && mkdir $lxc/$name; } || empty $lxc/$name || {
die "The $name container already exists"
}
# create ZFS dataset for container
zfs create data/lxc/$name || die "ZFS command failed; is $lxc a dataset?"
# clear LXC cache
rm -rf /var/cache/lxc
# create (download) standard Xenial container
lxc-create -n $name -d $rootfs -t ubuntu -- -r xenial || {
die "Failed to create container"
}
# Overwrite config with our standard config
cp -a /usr/share/dpch/basic.conf $lxc/$name/config || {
die "Failed to copy basic config"
}
# I am not sure the container now has an unprivileged root filesystem.
# We might need to chown everything (which is a pain) but hopefully (with the right config) it happened automatically.
# otherwise let's concoct a chown command
baseuser=100000; for u in `seq 0 999`; do
find $rootfs ! -type l -owner $u -exec chwon $(( u + baseuser )) "{}" \;
done
for g in `seq 0 999`; do
find $rootfs ! -type l -group $g -exec chgrp $(( g + baseuser )) "{}" \;
done
we can do better than that though
# next up make sure the container can run
mkdir $lxc/$name/home
# oh wait we're not using internal dhcp:
sed -i "s/dhcp/manual/" $rootfs/etc/network/interfaces
lxc-start -n $name -d || die "Infinite reasons for failure"
# install apache and mysql
lxc-attach -n $name -- apt-get update
lxc-attach -n $name -- apt-get -y upgrade
lxc-attach -n $name -- apt-get install -y apache php mysql
AND EVERYTHING ELSE THE DEFAULT SYSTEM MIGHT NEED?
# possibly copy config files from /usr/share/dpch/, but the site
# is not configured yet. A user does not exist.
lxc-stop -n $name
for d in mysql apachelogs mysqldumps; do
mkdir $lxc/$name/$d
done
mv $rootfs/var/lib/mysql/* $lxc/$name/mysql/
mv $rootfs/var/log/apache2/* $lxc/$name/apachelogs
# copy the upgraded base config
cp -a /usr/share/dpch/basic-lamp.conf $lxc/$name/config
# start the container and pray to the heavens
lxc-start -n $name -d || die "The heavens did not answer"
