File config.sh of Package OBS-Appliance-docker
#!/bin/bash
#======================================
# Functions...
#--------------------------------------
test -f /.kconfig && . /.kconfig
test -f /.profile && . /.profile
#======================================
# Greeting...
#--------------------------------------
echo "Configure image: [$kiwi_iname]..."
#======================================
# Activate services
#--------------------------------------
ifup lo
suseActivateDefaultServices
suseInsertService boot.device-mapper
suseInsertService boot.lvm
suseInsertService slpd
suseInsertService haveged
/sbin/chkconfig haveged on #has already systemd file ...
# OBS api
suseInsertService memcached
suseInsertService apache2
/sbin/chkconfig apache2 on #has already systemd file ...
suseInsertService mysql
suseInsertService obsapidelayed
# OBS backend
suseInsertService obssrcserver
suseInsertService obsrepserver
suseInsertService obsdispatcher
suseInsertService obspublisher
suseInsertService obsscheduler
suseInsertService obsservice
suseInsertService obssignd
suseInsertService obssigner
suseInsertService obswarden
suseInsertService obsdodup
suseInsertService obsdeltastore
# OBS worker
suseInsertService obsworker
# For OBS Appliance only:
suseInsertService obsapisetup
suseInsertService obsstoragesetup
#======================================
# SuSEconfig
#--------------------------------------
suseConfig
# setup initrd
# similar to kernel-obs-build package
# a longer list to have them also available for qemu cross builds where x86_64 kernel runs in eg. arm env.
# this list of modules where available on build workers of build.opensuse.org, so we stay compatible.
export KERNEL_MODULES="loop dm-mod dm-snapshot binfmt-misc fuse kqemu squashfs ext2 ext3 ext4 reiserfs nf_conntrack_ipv6 binfmt_misc virtio_pci virtio_mmio virtio_blk virtio-rng fat vfat nls_cp437 nls_iso8859-1 ibmvscsi ibmvscsic"
echo "force_drivers+=\"$KERNEL_MODULES\"" >/etc/dracut.conf.d/03-my-obs.conf
echo "options loop max_loop=64 lbs=0" > /etc/modprobe.d/50-obs.conf
mkdir -p /usr/lib/dracut/modules.d/80obs
cat > /usr/lib/dracut/modules.d/80obs/module-setup.sh <<EOF
#!/bin/bash
# called by dracut
check() {
return 0
}
# called by dracut
installkernel() {
hostonly='' instmods $KERNEL_MODULES
}
# called by dracut
install() {
inst_hook pre-udev 80 "\$moddir"/setup_obs.sh
}
EOF
chmod a+rx /usr/lib/dracut/modules.d/80obs/module-setup.sh
cat > /usr/lib/dracut/modules.d/80obs/setup_obs.sh <<EOF
#!/bin/sh
info "Loading kernel modules for OBS"
info " Loop..."
modprobe loop max_loop=64 lbs=0 || modprobe loop max_loop=64
info " binfmt misc..."
modprobe binfmt_misc
EOF
chmod a+rx /usr/lib/dracut/modules.d/80obs/setup_obs.sh
# manually load all modules to make sure they're available
for i in $KERNEL_MODULES; do
(
echo "info ' $i'"
echo "modprobe $i"
) >> /usr/lib/dracut/modules.d/80obs/setup_obs.sh
done
# enforce setup of time
sed -i -e 's/^NTPD_FORCE_SYNC_ON_STARTUP=.*/NTPD_FORCE_SYNC_ON_STARTUP="yes"/' /etc/sysconfig/ntp
# configure network
#cat >> /etc/sysconfig/network/config <<EOF
#
#NETCONFIG_MODULES_ORDER="dns-resolver dns-bind ntp-runtime"
#NETCONFIG_DNS_POLICY="auto"
#NETCONFIG_DNS_FORWARDER="resolver"
#NETCONFIG_NIS_SETDOMAINNAME="yes"
#NETCONFIG_NTP_POLICY="auto"
#EOF
# runlevel 3 as default
sed -i 's/^id:5:initdefault:/id:3:initdefault:/' /etc/inittab
# enable autosetup
sed -i 's,OBS_API_AUTOSETUP=.*,OBS_API_AUTOSETUP="yes",' /etc/sysconfig/obs-server
sed -i 's,OBS_STORAGE_AUTOSETUP=.*,OBS_STORAGE_AUTOSETUP="yes",' /etc/sysconfig/obs-*
sed -i 's,OBS_SETUP_WORKER_PARTITIONS=.*,OBS_SETUP_WORKER_PARTITIONS="use_obs_vg",' /etc/sysconfig/obs-*
# hardwired ntp server config, in case dhcp distribution of ntp config is not working
echo "" >> /etc/ntp.conf
echo "server ntp1" >> /etc/ntp.conf
#echo "multicastclient" >> /etc/ntp.conf
# bug ?
chown root.root /var/lib/empty
# disable predictable udev device names and use unpredictable ones to have them predictable again
# so our network gets actually setup. This file is usually written by YaST otherwise.
echo 'SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{type}=="1", KERNEL=="e*", NAME="eth0"' > /etc/udev/rules.d/70-persistent-net.rules
if [ ! -f /etc/sysconfig/network/if-cfg.eth0 ];then
cat <<EOF > /etc/sysconfig/network/ifcfg-eth0
BOOTPROTO='dhcp'
BROADCAST=''
ETHTOOL_OPTIONS=''
IPADDR=''
MTU=''
NAME=''
NETMASK=''
NETWORK=''
REMOTE_IPADDR=''
STARTMODE='auto'
DHCLIENT_SET_DEFAULT_ROUTE='yes'
EOF
ifup eth0
fi
# Only for OBS-Appliance*, not WorkerOnly
if true; then
# apache configuration
for i in passenger rewrite proxy proxy_http xforward headers ssl socache_shmcb; do
/usr/sbin/a2enmod $i
done
sed -i 's,APACHE_SERVER_FLAGS=.*,APACHE_SERVER_FLAGS="SSL",' /etc/sysconfig/apache2
# Enable xforward
sed -i 's,^#use_xforward:.*,use_xforward: true,' /srv/www/obs/api/config/options.yml
#======================
# Configure OBS backend
#----------------------
sed -i 's,.*our $serviceserve.*,our $serviceserver = "http://$hostname:5152";,' /usr/lib/obs/server/BSConfig.pm
sed -i 's,^our $repodownload.*,our $repodownload = "http://$hostname:82/";,' /usr/lib/obs/server/BSConfig.pm
sed -i 's,^OBS_RUN_DIR=.*,OBS_RUN_DIR="/srv/obs/run",' /etc/sysconfig/obs-server
sed -i 's,^OBS_LOG_DIR=.*,OBS_LOG_DIR="/srv/obs/log",' /etc/sysconfig/obs-server
# signing setup
sed -i 's,.*our $gpg_standard_key.*,our $gpg_standard_key = "/srv/obs/obs-default-gpg.asc";,' /usr/lib/obs/server/BSConfig.pm
sed -i 's,.*our $keyfile.*,our $keyfile = "/srv/obs/obs-default-gpg.asc";,' /usr/lib/obs/server/BSConfig.pm
sed -i 's,.*our $sign = .*,our $sign = "/usr/bin/sign";,' /usr/lib/obs/server/BSConfig.pm
sed -i 's,.*our $forceprojectkeys.*,our $forceprojectkeys = 1;,' /usr/lib/obs/server/BSConfig.pm
chmod 4755 /usr/bin/sign
#=======================
# Configure mysql database
#-----------------------
cat <<EOF > /etc/my.cnf.d/obs-server.cnf
# Genereated by kiwi's config.sh
[mysqld]
bind-address = 127.0.0.1
datadir = /srv/obs/MySQL
[mysqld_multi]
datadir = /srv/obs/MySQL
EOF
#======================================
# Fix user id values to unbreak updates
#--------------------------------------
obsrun_user=`getent passwd 103|cut -d: -f 1`
if [ -n "$obsrun_user" -a "$obsrun_user" != "obsrun" ]; then
usermod -u 942 "$obsrun_user" || exit 1 # move away conflicting uid user
usermod -u 103 obsrun || exit 1 # use fixed obsrun uid
fi
obsrun_user=`getent passwd 103|cut -d: -f 1`
if [ -n "$obsrun_user" -a "$obsrun_user" != "obsrun" ]; then
print "wrong user for id 103: $obsrun_user"
exit 1
fi
fi
#======================================
# Add Default Repositories
#--------------------------------------
zypper ar http://download.opensuse.org/distribution/leap/42.2/repo/oss/ openSUSE:Leap:42.2
zypper ar http://download.opensuse.org/update/leap/42.2/oss/ openSUSE:Leap:42.2:Update
zypper ar http://download.opensuse.org/repositories/openSUSE:/Tools/openSUSE_42.2/ openSUSE:Tools
zypper ar http://download.opensuse.org/repositories/OBS:/Server:/2.8/openSUSE_42.2/ OBS:Server:2.8
#======================================
# Import trusted keys
#--------------------------------------
cat > OBS.pubkey <<EOF
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.5 (GNU/Linux)
mQENBFEjZoUBCAC4PFLGczW3H6doqMRNXVCwhQ0Qexh47Af4NqsEzqE3yjfd7x02
ZANxqFbFWDnR1hZA6TcNbSWRgrku2DR7hAVUnkwZ1Ke+ZCC73hO4AYPMon+LNOy6
5BBf75Hogo9SKtEw4AVk8N6/H0P3p2G588A1zFnaEMRC66yAPn5CCvPMi4vY1XMZ
2obfGpLoD9TtWvh+YhdyuBz1MtgGIcxIUmjJAzYpEeEDYBdqpmyVPYbIaIgGyA5G
xnkHfjRMV5sRX7ooMO68JlFobVEiY8b/PpQUJs/5Kleq9+2X20tWq52XU539CXFh
3u0ujO0xLArhEOxQomjmzRSTRZFy0R5GNTexABEBAAG0KE9CUyBPQlMgUHJvamVj
dCA8T0JTQGJ1aWxkLm9wZW5zdXNlLm9yZz6JATwEEwECACYFAlEjZoUCGwMFCQQe
sAAGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRDoQgq4xcIZ588CB/0VXgoO4V1f
H79Ks7IEYandGIISBpd5DWGHaVOhv4UvS3KJVtj7hrWefL9eztR0csb3LpikkPJU
v7lO49a+8WfI1H0zseUBknBMJPAxxVBZtTjg1YqzFEvu56n0PGKJEtfCZyFNOf20
aQCjCgiqoJ7ksV3r+G/OGaDzHJOwX7tAh22vtt39qdwqcnRaOODWzBbuYZCZoGGH
VMXFiLYRXphf8NAVaqyGMApFC78OZiPKowr4B0GyY87dIqORBQEUx/WZokoy8BnI
JppPSvR8kvmPPJTRoumqrItupK3cxiIO9yqmCwyNf5lOjQByIh8c38zro6c3lCZF
yBdRcwqSzlxBiEYEExECAAYFAlEjZoUACgkQOzARt2udZSOC+QCeMXyfYqtIGXTE
U2qT0Jra0XLltHIAoIpzj6aiBdGDfGQQTBi/vCUF8SyB
=vCGk
-----END PGP PUBLIC KEY BLOCK-----
EOF
for i in /usr/lib/rpm/gnupg/keys/gpg-pubkey*asc OBS.pubkey; do
# importing can fail if it already exists
rpm --import $i || true
done
#======================================
# Umount kernel filesystems
#--------------------------------------
baseCleanMount
exit 0
