[molecules] Add Amazon EC2 EBS Sabayon filesystem images for amd64 and x86

molecules/sabayon-amd64-spinbase-amazon-ebs-image.spec

@@ -0,0 +1,12 @@
+# Use abs path, otherwise daily builds automagic won't work
+%import /sabayon/molecules/spinbase-amazon-ami-ebs-image.common
+
+# pre chroot command, example, for 32bit chroots on 64bit system, you always
+# have to append "linux32" this is useful for inner_chroot_script
+# prechroot:
+
+# Path to source ISO file (MANDATORY)
+source_iso: /sabayon/iso/Sabayon_Linux_SpinBase_DAILY_amd64.iso
+
+release_version: 9
+tar_name: Sabayon_Linux_SpinBase_9_amd64_Amazon_EBS_ext4_filesystem_image.tar.gz

molecules/sabayon-x86-spinbase-amazon-ebs-image.spec

@@ -0,0 +1,12 @@
+# Use abs path, otherwise daily builds automagic won't work
+%import /sabayon/molecules/spinbase-amazon-ami-ebs-image.common
+
+# pre chroot command, example, for 32bit chroots on 64bit system, you always
+# have to append "linux32" this is useful for inner_chroot_script
+prechroot: linux32
+
+# Path to source ISO file (MANDATORY)
+source_iso: /sabayon/iso/Sabayon_Linux_SpinBase_DAILY_x86.iso
+
+release_version: 9
+tar_name: Sabayon_Linux_SpinBase_9_x86_Amazon_EBS_ext4_filesystem_image.tar.gz

molecules/spinbase-amazon-ami-ebs-image.common

@@ -0,0 +1,95 @@
+# Define an alternative execution strategy, in this case, the value must be
+execution_strategy: iso_to_tar
+
+# Error script command, executed when something went wrong and molecule has
+# to terminate the execution
+# Variables exported:
+# LOOP_DEVICE = loop device (/dev/loopN) currently in use
+error_script: /sabayon/scripts/image_error_script.sh
+
+# Outer chroot script command, to be executed outside destination chroot before
+# before entering it (and before inner_chroot_script)
+outer_chroot_script: /sabayon/scripts/remaster_pre.sh
+
+# Inner chroot script command, to be executed inside destination chroot before
+# packing it
+inner_chroot_script: /sabayon/scripts/amazon_ebs_image_inner_chroot_script.sh
+
+# Inner chroot script command, to be executed inside destination chroot after
+# packages installation and removal
+inner_chroot_script_after: /sabayon/scripts/amazon_ebs_image_inner_chroot_script_after.sh
+
+# Outer chroot script command, to be executed outside destination chroot before
+# before entering it (and AFTER inner_chroot_script)
+outer_chroot_script_after: /sabayon/scripts/amazon_ebs_image_remaster_post.sh
+
+# Pre-tar building script. Hook called before tar file creation
+# Variables exported:
+# CHROOT_DIR = path pointing to the working chroot (the one that gets modified)
+# TAR_PATH = path pointing to the destination tar file
+# TAR_CHECKSUM_PATH = path pointing to the destination tar file checksum (md5)
+pre_tar_script: /sabayon/scripts/amazon_ebs_image_pre_tar_script.sh
+
+# Destination directory for the image path (MANDATORY)
+destination_tar_directory: /sabayon/images
+
+# Compression method (default is: gz). Supported compression methods: gz, bz2
+# compression_method: gz
+
+# Specify an alternative tar file name (tar file name will be automatically
+# produced otherwise)
+# tar_name:
+
+# Alternative ISO file mount command (default is: mount -o loop -t iso9660)
+# iso_mounter:
+
+# Alternative ISO umounter command (default is: umount)
+# iso_umounter:
+
+# Alternative squashfs file mount command (default is: mount -o loop -t squashfs)
+# squash_mounter:
+
+# Alternative ISO squashfs umount command (default is: umount)
+# squash_umounter:
+
+# List of packages that would be removed from chrooted system (comma separated)
+packages_to_remove:
+	app-admin/anaconda,
+	net-misc/networkmanager,
+	net-firewall/ufw,
+	sys-kernel/linux-sabayon,
+	sys-boot/grub:2
+
+# Custom shell call to packages removal (default is: equo remove)
+# custom_packages_remove_cmd:
+
+# List of packages that would be added from chrooted system (comma separated)
+packages_to_add:
+	app-admin/aws-rds-tools,
+	app-admin/aws-iam-tools,
+	app-admin/ec2-ami-tools,
+	app-admin/ec2-api-tools,
+	app-admin/eselect-bzimage,
+	sys-kernel/linux-ec2,
+	sys-process/atop
+
+# NOTE:
+# once dev-java/oracle-jre-bin is in Entropy, please
+# migrate to it (from oracle-jdk-bin), forcing dev-java/oracle-jre-bin
+# in the dependencies and unmasking icedtea and icedtea-bin
+
+# Custom shell call to packages add (default is: equo install)
+# custom_packages_add_cmd:
+
+# Custom command for updating repositories (default is: equo update)
+# repositories_update_cmd:
+
+# Determine whether repositories update should be run (if packages_to_add is set)
+# (default is: no), values are: yes, no.
+# execute_repositories_update: no
+
+# Directories to remove completely (comma separated)
+# paths_to_remove:
+
+# Directories to empty (comma separated)
+# paths_to_empty:

remaster/ec2_image/ebs.ec2.start

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+# Setup Amazon EC2 provided SSH key
+
+ssh_home=/home/ec2-user/.ssh
+if [ ! -d "${ssh_home}" ] ; then
+	mkdir -p "${ssh_home}"
+fi
+chmod 700 "${ssh_home}"
+chown ec2-user:users "${ssh_home}"
+
+tmp_file=$(mktemp)
+wget -q -O - http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > "${tmp_file}"
+if [ "${?}" = "0" ]; then
+	auth_key_file="${ssh_home}"/authorized_keys
+	cat "${tmp_file}" > "${auth_key_file}"
+	chown ec2-user:users "${auth_key_file}"
+	chmod 600 "${auth_key_file}"
+fi
+rm -f "${tmp_file}"
+
+# delete myself in a safe way
+( rm -f /etc/local.d/ebs.ec2.start )

scripts/amazon_ebs_image_inner_chroot_script.sh

@@ -0,0 +1,30 @@
+#!/bin/sh
+
+# make sure there is no stale pid file around that prevents entropy from running
+rm -f /var/run/entropy/entropy.lock
+
+export FORCE_EAPI=2
+equo update
+if [ "${?}" != "0" ]; then
+        sleep 1200 || exit 1
+        equo update || exit 1
+fi
+
+# disable all mirrors but GARR
+for repo_conf in /etc/entropy/repositories.conf /etc/entropy/repositories.conf.d/entropy_*; do
+	# skip .example files
+	if [[ "${repo_conf}" =~ .*\.example$ ]]; then
+		echo "skipping ${repo_conf}"
+		continue
+	fi
+	sed -n -e "/pkg.sabayon.org/p" -e "/garr.it/p" -e "/^branch/p" \
+		-e "/^product/p" -e "/^official-repository-id/p" -e "/^differential-update/p" \
+		-i "${repo_conf}"
+done
+
+# mask icedtea and icedtea-bin, waiting to have virtual/jre-1.7.0 and
+# dev-java/oracle-jre-bin in Entropy
+# Once there, remove this script and use "remaster_generic_inner_chroot_script.sh"
+# instead.
+equo mask "dev-java/icedtea-bin"
+equo mask "dev-java/icedtea"

scripts/amazon_ebs_image_inner_chroot_script_after.sh

@@ -0,0 +1,102 @@
+#!/bin/sh
+
+echo
+echo "Configuring AMI root filesystem"
+echo "Ext4 is the expected filesystem type"
+echo "/dev/sda1 is the expected root filesystem partition"
+echo "ec2-user is the expected user"
+echo
+
+/usr/sbin/env-update
+. /etc/profile
+
+# setup networking, make sure networkmanager is gone
+rc-update del NetworkManager boot
+rc-update del NetworkManager default
+# add eth0, should get dhcp by default already
+rc-update add net.eth0 default
+
+# drop other useless services
+rc-update del sabayonlive boot
+rc-update del x-setup boot
+
+# Enable ssh
+rc-update add sshd default
+
+# delete root password, only ssh allowed
+passwd -d root
+
+# create ec2-user
+useradd -d /home/ec2-user -k /etc/skel -g users -G wheel,disk,crontab -m ec2-user || exit 1
+
+# enable passwordless sudo for ec2-user
+echo -e "\n# molecule generated rule\nec2-user ALL=NOPASSWD: ALL" >> /etc/sudoers
+
+# setup UTC clock
+sed -i 's:clock=".*":clock="UTC":' /etc/conf.d/hwclock || exit 1
+
+# setup fstab
+echo "# molecule generated fstab
+/dev/sda1 / ext4 defaults 1 1
+none /dev/shm tmpfs defaults 0 0" > /etc/fstab
+
+# setup networking, reset /etc/conf.d/net
+echo > /etc/conf.d/net
+
+echo -5 | equo conf update
+mount -t proc proc /proc
+
+export ETP_NONINTERACTIVE=1
+
+# setup kernel
+eselect bzimage set 1 || exit 1
+
+rm -f /boot/grub/grub.{cfg,conf}*
+echo "
+default=0
+fallback=1
+timeout=3
+hiddenmenu
+
+title Sabayon Linux AMI (PV)
+root (hd0)
+kernel /boot/bzImage root=/dev/sda1 console=hvc0 rootfstype=ext4
+initrd /boot/Initrd
+" > /boot/grub/grub.conf
+
+# Generate list of installed packages
+equo query list installed -qv > /etc/sabayon-pkglist
+
+/lib/rc/bin/rc-depend -u
+
+echo "Vacuum cleaning client db"
+rm /var/lib/entropy/client/database/*/sabayonlinux.org -rf
+rm /var/lib/entropy/client/database/*/sabayon-weekly -rf
+equo rescue vacuum
+
+# restore original repositories.conf (all mirrors were filtered for speed)
+cp /etc/entropy/repositories.conf.example /etc/entropy/repositories.conf || exit 1
+for repo_conf in /etc/entropy/repositories.conf.d/entropy_*.example; do
+	new_repo_conf="${repo_conf%.example}"
+	cp "${repo_conf}" "${new_repo_conf}"
+done
+
+# cleanup log dir
+rm /var/lib/entropy/logs -rf
+
+# Generate openrc cache
+touch /lib/rc/init.d/softlevel
+/etc/init.d/savecache start
+/etc/init.d/savecache zap
+
+ldconfig
+ldconfig
+umount /proc
+
+
+# remove hw hash
+rm -f /etc/entropy/.hw.hash
+# remove entropy pid file
+rm -f /var/run/entropy/entropy.lock
+
+exit 0

scripts/amazon_ebs_image_pre_tar_script.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# Copy packages list outside tarball
+pkglist_file="${CHROOT_DIR}/etc/sabayon-pkglist"
+if [ -f "${pkglist_file}" ]; then
+	tar_dirname=$(dirname "${TAR_PATH}")
+	if [ -d "${tar_dirname}" ]; then
+		cp "${pkglist_file}" "${TAR_PATH}.pkglist"
+	fi
+fi

scripts/amazon_ebs_image_remaster_post.sh

@@ -0,0 +1,16 @@
+#!/bin/sh
+
+# execute parent script
+/sabayon/scripts/remaster_post.sh
+if [ "${?}" != "0" ]; then
+	exit 1
+fi
+
+# Setup provisioning script for Amazon EC2 to load at startup
+EC2_DIR="/sabayon/remaster/ec2_image"
+PROV_SCRIPT="ebs.ec2.start"
+cp -p "${EC2_DIR}/${PROV_SCRIPT}" "${CHROOT_DIR}/etc/local.d/"  || exit 1
+chown root:root "${CHROOT_DIR}/etc/local.d/${PROV_SCRIPT}" || exit 1
+chmod 744 "${CHROOT_DIR}/etc/local.d/${PROV_SCRIPT}" || exit 1
+
+exit 0

scripts/iso_build.sh

@@ -65,13 +65,17 @@ if [ "${ACTION}" = "weekly" ]; then
                 "Sabayon_Linux_DAILY_amd64_ForensicsXfce.iso"
                 "Sabayon_Linux_DAILY_x86_ForensicsXfce.iso"
 	)
-	REMASTER_OPENVZ_SPECS=(
+	REMASTER_TAR_SPECS=(
 		"sabayon-x86-spinbase-openvz-template.spec"
 		"sabayon-amd64-spinbase-openvz-template.spec"
+		"sabayon-x86-spinbase-amazon-ebs-image.spec"
+		"sabayon-amd64-spinbase-amazon-ebs-image.spec"
 	)
-	REMASTER_OPENVZ_SPECS_TAR=(
+	REMASTER_TAR_SPECS_TAR=(
 		"Sabayon_Linux_SpinBase_DAILY_x86_openvz.tar.gz"
 		"Sabayon_Linux_SpinBase_DAILY_amd64_openvz.tar.gz"
+		"Sabayon_Linux_SpinBase_DAILY_x86_Amazon_EBS_ext4_filesystem_image.tar.gz"
+		"Sabayon_Linux_SpinBase_DAILY_x86_Amazon_EBS_ext4_filesystem_image.tar.gz"
 	)
 elif [ "${ACTION}" = "daily" ]; then
 	ARM_SOURCE_SPECS=()
@@ -119,8 +123,8 @@ elif [ "${ACTION}" = "daily" ]; then
 		"Sabayon_Linux_ServerBase_DAILY_amd64.iso"
 		"Sabayon_Linux_ServerBase_DAILY_x86.iso"
 	)
-	REMASTER_OPENVZ_SPECS=()
-	REMASTER_OPENVZ_SPECS_TAR=()
+	REMASTER_TAR_SPECS=()
+	REMASTER_TAR_SPECS_TAR=()
 fi
 
 [[ -d "/sabayon/molecules/daily" ]] || mkdir -p /sabayon/molecules/daily
@@ -205,17 +209,17 @@ build_sabayon() {
 			remaster_specs+="${dst} "
 		done
 
-		for i in ${!REMASTER_OPENVZ_SPECS[@]}
+		for i in ${!REMASTER_TAR_SPECS[@]}
 		do
-			src="/sabayon/molecules/${REMASTER_OPENVZ_SPECS[i]}"
-			dst="/sabayon/molecules/daily/remaster/${REMASTER_OPENVZ_SPECS[i]}"
+			src="/sabayon/molecules/${REMASTER_TAR_SPECS[i]}"
+			dst="/sabayon/molecules/daily/remaster/${REMASTER_TAR_SPECS[i]}"
 			cp "${src}" "${dst}" -p || return 1
 			# tweak tar name
 			sed -i "s/^#.*tar_name/tar_name:/" "${dst}" || return 1
-			sed -i "s/tar_name.*/tar_name: ${REMASTER_OPENVZ_SPECS_TAR[i]}/" "${dst}" || return 1
+			sed -i "s/tar_name.*/tar_name: ${REMASTER_TAR_SPECS_TAR[i]}/" "${dst}" || return 1
 			# tweak release version
 			sed -i "s/release_version.*/release_version: ${CUR_DATE}/" "${dst}" || return 1
-			echo "${dst}: tar: ${REMASTER_OPENVZ_SPECS_TAR[i]} date: ${CUR_DATE}"
+			echo "${dst}: tar: ${REMASTER_TAR_SPECS_TAR[i]} date: ${CUR_DATE}"
 			remaster_specs+="${dst} "
 		done