Last active
October 18, 2018 01:47
-
-
Save CalebEverett/aef682acf6988bbc44d9d8196f222355 to your computer and use it in GitHub Desktop.
Bash Script to Launch LXC Container
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # variables | |
| CONTAINER=mycontainer | |
| IMAGE=ubuntu-daily:xenial | |
| PORT=8080 | |
| PROFILES=default | |
| FOLDER=app | |
| REPO=https://github.com/CalebEverett/hello-lxd.git | |
| RUN_USER=app | |
| RUN_USER_UID=1444 | |
| CONTAINER_ROOT_UID=$(cat /etc/subgid | grep lxd | cut -d : -f 2) | |
| function wait_bar () { | |
| for i in {1..10} | |
| do | |
| printf '= %.0s' {1..$i} | |
| sleep $1s | |
| done | |
| } | |
| # create the container if it doesn't exist | |
| if [ ! -e /var/lib/lxd/containers/$CONTAINER ] | |
| then | |
| lxc launch --verbose $IMAGE $CONTAINER | |
| wait_bar 0.5 | |
| echo container $CONTAINER started | |
| else | |
| echo container $CONTAINER already created | |
| fi | |
| # apply profiles | |
| lxc profile apply $CONTAINER $PROFILES | |
| # delete ubuntu user | |
| if [ ! -z $(lxc exec $CONTAINER -- getent passwd | grep ubuntu) ] | |
| then | |
| lxc exec $CONTAINER -- userdel -r ubuntu | |
| fi | |
| # create running user | |
| if [ -z $(lxc exec $CONTAINER -- getent passwd | grep $RUN_USER) ] | |
| then | |
| lxc exec $CONTAINER -- useradd -u $RUN_USER_UID -s /usr/sbin/nologin $RUN_USER | |
| fi | |
| #install node | |
| if [ -z $(lxc exec $CONTAINER -- which node) ] | |
| then | |
| printf "\n\n*** Installing node ***" | |
| lxc exec $CONTAINER -- /bin/bash -c 'curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash -' | |
| lxc exec $CONTAINER -- apt-get install -y nodejs | |
| echo Node $(lxc exec $CONTAINER -- node -v) installed | |
| else | |
| echo Node $(lxc exec $CONTAINER -- node -v) already installed | |
| fi | |
| #install git | |
| if [ -z $(lxc exec $CONTAINER -- which git) ] | |
| then | |
| printf "\n\n*** Installing git ***" | |
| lxc exec $CONTAINER -- apt-get install -y git | |
| echo $(lxc exec $CONTAINER -- git --version) installed | |
| else | |
| echo $(lxc exec $CONTAINER -- git --version) already installed | |
| fi | |
| # redirect 80 to $PORT | |
| if [[ -z $(lxc exec $CONTAINER -- cat /etc/ufw/before.rules | grep PREROUTING) ]] | |
| then | |
| lxc exec $CONTAINER -- /bin/bash -c "sed -i '/# ufw-before-forward/ a\ | |
| #\n\ | |
| # redirect 80 to $PORT\n\ | |
| *nat\n\ | |
| :PREROUTING ACCEPT [0:0]\n\ | |
| -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port $PORT\n\ | |
| COMMIT' /etc/ufw/before.rules" | |
| lxc exec $CONTAINER -- ufw enable | |
| lxc exec $CONTAINER -- ufw allow $PORT/tcp | |
| fi | |
| #mount $FOLDER directory if developing | |
| if [[ $FOLDER && $PROFILES == *"default"* ]] | |
| then | |
| printf "\n\n*** Mounting shared folder ***\n" | |
| if [ ! -d ./$FOLDER ]; then mkdir ./$FOLDER; fi | |
| if [[ -z $(lxc config device list $CONTAINER | grep $FOLDER) ]] | |
| then | |
| lxc config device add $CONTAINER $FOLDER disk path=/usr/src/$FOLDER source=$(pwd)/$FOLDER | |
| sudo chown -R $((CONTAINER_ROOT_UID + RUN_USER_UID)):$((CONTAINER_ROOT_UID + $RUN_USER_UID)) ./$FOLDER | |
| sudo setfacl -R -m d:u:$USER:xwr,u:$USER:xwr,d:g:$USER:xwr,g:$USER:xwr ./$FOLDER | |
| sudo chown -R $((CONTAINER_ROOT_UID + RUN_USER_UID)):$((CONTAINER_ROOT_UID + $RUN_USER_UID)) ./$FOLDER | |
| echo $(pwd)/$FOLDER mounted at /usr/src/$FOLDER | |
| else | |
| echo Directory $(pwd)/$FOLDER already mounted | |
| fi | |
| fi | |
| #clone repo and install modules | |
| if [ $REPO ] | |
| then | |
| if [[ -z $(lxc exec $CONTAINER -- cat /usr/src/$FOLDER/package.json) ]] | |
| then | |
| lxc exec $CONTAINER -- git clone -q $REPO /usr/src/$FOLDER | |
| lxc exec $CONTAINER --env HOME=/usr/src/$FOLDER -- npm install | |
| lxc exec $CONTAINER -- chown -R $RUN_USER:$RUN_USER /usr/src/$FOLDER/node_modules | |
| fi | |
| fi | |
| # build and run as a service if production | |
| if [[ $PROFILES == *"pro"* ]] | |
| then | |
| if [[ $(lxc exec $CONTAINER -- /bin/bash -c 'if [ ! -f /etc/systemd/system/$CONTAINER.service ]; then echo 0; fi') ]] | |
| then | |
| printf "\n\n*** Creating service file ***" | |
| lxc exec $CONTAINER -- /bin/bash -c "cat <<-EOF > /etc/systemd/system/$CONTAINER.service | |
| [Unit] | |
| Description=$CONTAINER | |
| [Service] | |
| WorkingDirectory=/usr/src/$FOLDER | |
| ExecStart=/usr/bin/node /usr/src/$FOLDER/index.js | |
| Restart=always | |
| RestartSec=10 | |
| StandardOutput=syslog | |
| StandardError=syslog | |
| SyslogIdentifier=$CONTAINER | |
| User=$RUN_USER | |
| Environment=HOME=/usr/src/$FOLDER | |
| Environment=NODE_ENV=production | |
| Environment=PORT=$PORT | |
| [Install] | |
| WantedBy=multi-user.target | |
| EOF" | |
| lxc exec $CONTAINER -- systemctl enable $CONTAINER.service | |
| sleep 3.0s | |
| lxc exec $CONTAINER -- systemctl start $CONTAINER.service | |
| fi | |
| fi | |
| printf "\n" && lxc list $CONTAINER | |
| # start app for dev | |
| if [[ $PROFILES == *"default"* && -z $(lxc exec $CONTAINER -- ps aux | grep /usr/src/$FOLDER/index.js) ]] | |
| then | |
| google-chrome $(lxc exec $CONTAINER -- bash -c "ifconfig | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' | head -n 1") | |
| lxc exec $CONTAINER --env HOME=/usr/src/$FOLDER --env PORT=$PORT -- node index.js | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment