# vim: ft=zsh noet ts=4 sts=4 sw=4 typeset -gA site_containers_mountpoints=( init /home/ccx/bzr/container-user-init ccx-bzr /home/ccx/bzr ccx-development /home/ccx/development ccx-git /home/ccx/git ccx-git-recombee /home/ccx/git/recombee audio /mnt/volumes/audio video /mnt/volumes/video photos /mnt/volumes/photos ) confz_site_containers_usersvc_simple_check() { checkvars containers_dir svscan_dir user uid gid image_name defvar container_name "$vars[image_name]" defvar mount_ro init local userdir bindroot flags mtp local -a fstab mnt_dirs_extra userdir=$vars[containers_dir]/user/$vars[user] bindroot=$userdir/$vars[container_name]/root if (($+vars[mount_ro])); then flags=$'\tnone\tbind,ro,nosuid,nodev\t0 0' for mtp in ${=vars[mount_ro]}; do mnt_dirs_extra+=( $mtp ) fstab+=( $site_containers_mountpoints[$mtp]$'\t'$bindroot/mnt/$mtp$flags ) done fi if (($+vars[mount_rw])); then flags=$'\tnone\tbind,rw,nosuid,nodev\t0 0' for mtp in ${=vars[mount_rw]}; do mnt_dirs_extra+=( $mtp ) fstab+=( $site_containers_mountpoints[$mtp]$'\t'$bindroot/mnt/$mtp$flags ) done fi if (($#mnt_dirs_extra)); then unify mnt_dirs_extra "$mnt_dirs_extra" unify fstab_extra ${(F)fstab} fi require container_service_generic \ :image_name :container_name :containers_dir :svscan_dir :user \ \?mnt_dirs_extra \?fstab_extra local chome=$userdir/$vars[container_name]/home/$vars[user] if ! [[ -d $chome/run ]]; then require fs_l filename=$chome/run destination=/mnt/init require fs_o filename=$chome/run owner=$uid:$gid fi } confz_site_containers_user_check() { checkvars containers_dir svscan_dir user local display container bind bind_dir bindroot chome uid gid local -a fstab bind=$'\tnone\tbind,nosuid,nodev\t0 0' uid="${${(s.:.)"$(getent passwd $vars[user])"}[3]}" \ gid="${${(s.:.)"$(getent group $vars[user])"}[3]}" \ for display in 5 6 7 8; do require container_service_xsession \ display_number=$display image_name=alpine-xsession \ :containers_dir :svscan_dir :user done local -a generic=( alpine-{browsers,ssh} void-signal void-telegram void-games # nix-signal ) for container in $generic; do require site_containers_usersvc_simple \ :containers_dir :svscan_dir :user uid=$uid gid=$gid \ image_name=$container done for container in weechat senpai profanity gomuks mail; do require site_containers_usersvc_simple \ :containers_dir :svscan_dir :user uid=$uid gid=$gid \ container_name=$container image_name=alpine-$container done require site_containers_usersvc_simple \ :containers_dir :svscan_dir :user uid=$uid gid=$gid \ container_name=simplex image_name=alpine-haskell require site_containers_usersvc_simple \ :containers_dir :svscan_dir :user uid=$uid gid=$gid \ mount_rw="ccx-bzr ccx-git" \ container_name=spark image_name=alpine-dev-spark # void-recombee-browser require site_containers_usersvc_simple \ :containers_dir :svscan_dir :user uid=$uid gid=$gid \ image_name=void-browsers container_name=void-recombee-browser container=alpine-sndio bindroot=$vars[containers_dir]/user/$vars[user]/$container/root require container_service_alsa \ image_name=$container \ :containers_dir :svscan_dir :user container=void-mpd bindroot=$vars[containers_dir]/user/$vars[user]/$container/root require container_service_generic \ image_name=$container \ :containers_dir :svscan_dir :user \ mnt_dirs_extra=audio \ fstab_extra=/mnt/volumes/audio$'\t'$bindroot/mnt/audio$'\tnone\tbind,ro,nosuid,nodev\t0 0' container=alpine-dev bindroot=$vars[containers_dir]/user/$vars[user]/$container/root fstab=( ) # bind-mounts for alpine-dev for bind_dir in /home/$vars[user]/{bzr,development,git}; do fstab+=( $bind_dir$'\t'$bindroot/${bind_dir#/}$bind ) done require container_service_generic \ image_name=$container fstab_extra=${(F)fstab} \ :containers_dir :svscan_dir :user container=alpine-recombee chome=$vars[containers_dir]/user/$vars[user]/$container/home bindroot=$vars[containers_dir]/user/$vars[user]/$container/root # bind-mounts for alpine-recombee require fs_d filename=$chome/$vars[user]/git require fs_o filename=$chome/$vars[user]/git owner=$uid:$gid require fs_d filename=$chome/$vars[user]/git/recombee require fs_o filename=$chome/$vars[user]/git/recombee owner=$uid:$gid fstab=( /home/$vars[user]/git/recombee$'\t'$bindroot/home/$vars[user]/git/recombee$bind ) require container_service_generic \ image_name=$container fstab_extra=${(F)fstab} \ :containers_dir :svscan_dir :user } confz_site_container_services_check() { defvar containers_dir /mnt/volumes/containers defvar svscan_dir /run/service require site_containers_user user=ccx :containers_dir :svscan_dir require container_service_sysroot :containers_dir :svscan_dir \ image_name=alpine-dev } confz_site_container_alpine_check() { checkvars containers_dir svscan_dir image_name packages defvar arch x86_64 defvar repositories 'main community' # abduco lives in community require container_alpine_image \ :containers_dir :arch :image_name :repositories \?release require container_alpine_packages_installed \ :containers_dir :svscan_dir :image_name :packages } confz_site_container_void_musl_check() { checkvars containers_dir svscan_dir image_name packages defvar arch x86_64-musl defvar repository current/musl require container_void_image \ :containers_dir :arch :repository :image_name require container_void_packages_installed \ :containers_dir :svscan_dir :image_name :packages } confz_site_container_void_glibc_check() { checkvars containers_dir svscan_dir image_name packages defvar arch x86_64 defvar repository current require container_void_image \ xbps_install_executable=xbps-install.static \ :containers_dir :arch :repository :image_name require container_void_packages_installed \ :containers_dir :svscan_dir :image_name :packages } confz_site_container_void_glibc_nonfree_check() { checkvars containers_dir svscan_dir image_name packages defvar arch x86_64 defvar repository current require container_void_image \ xbps_install_executable=xbps-install.static \ :containers_dir :arch :repository :image_name require container_void_packages_installed \ :containers_dir :svscan_dir :image_name packages=void-repo-nonfree require container_void_packages_installed \ :containers_dir :svscan_dir :image_name :packages } confz_site_container_nix_check() { checkvars containers_dir svscan_dir image_name packages defvar system x86_64-linux defvar repository current/musl require container_nix_image_from_release \ :containers_dir :repository :image_name :svscan_dir :system require container_nix_packages_installed \ :containers_dir :svscan_dir :image_name :packages require container_nix_bin_linked :containers_dir :image_name } confz_site_container_debian_puppetserver_check() { checkvars containers_dir svscan_dir image_name defvar arch amd64 defvar suite bullseye # Debian 11 defvar packages puppetserver require container_debian_image \ :containers_dir :image_name :svscan_dir :arch :suite \?root require container_puppet_apt_repo \ :containers_dir :image_name :svscan_dir :arch :suite require container_debian_packages_installed_with_fakeroot \ :containers_dir :svscan_dir :image_name :packages } confz_site_container_images_check() { checkvars containers_dir svscan_dir local -a alpine_core=( s6 s6-{rc,linux-utils,portable-utils} execline ncurses-terminfo zsh tree strace ) local -a alpine_community=( $alpine_core abduco rxvt-unicode-terminfo ) local -a alpine_x11=( $alpine_community fontconfig rxvt-unicode sxiv terminus-font unifont wmctrl xauth xbindkeys xclip xdotool xdpyinfo xev xrandr xrdb ) local -a alpine_terminal=( $alpine_community tmux strace vis # man-db ) local -a alpine_dev_core=( $alpine_terminal vim ripgrep delta bat git make patch rsync ) require site_container_alpine :containers_dir :svscan_dir \ image_name=alpine-sndio \ packages="$alpine_community sndio alsa-utils strace tmux" require site_container_alpine :containers_dir :svscan_dir \ image_name=alpine-ssh packages="$alpine_community openssh dropbear" local -a alpine_weechat=( $alpine_community weechat weechat-matrix weechat-python weechat-perl weechat-spell aspell aspell-utils git perl-pod-parser # for multiline.pl ) require site_container_alpine :containers_dir :svscan_dir \ image_name=alpine-weechat packages="$alpine_weechat" require site_container_alpine :containers_dir :svscan_dir \ repositories="main community testing" \ image_name=alpine-senpai \ packages="$alpine_terminal senpai senpai-doc man-db" require site_container_alpine :containers_dir :svscan_dir \ repositories="main community testing" \ image_name=alpine-profanity packages="$alpine_terminal profanity" require site_container_alpine :containers_dir :svscan_dir \ repositories="main community testing" \ image_name=alpine-gomuks packages="$alpine_terminal gomuks" require site_container_alpine :containers_dir :svscan_dir \ repositories="main community testing" \ image_name=alpine-haskell \ packages="$alpine_terminal stack git make" local -a alpine_mail=( $alpine_terminal make patch mandoc elinks w3m lynx {neomutt,mblaze,notmuch,slrn}{,-doc} py3-{setuptools,pip,wheel} # Python 3 / venv py3-{cryptography,urllib3,certifi,distro,python-gssapi} # offlineimap3 py3-{notmuch,urwid{,trees},twisted,magic,gpgme} # alot git msmtp ) require site_container_alpine :containers_dir :svscan_dir \ repositories="main community testing" \ image_name=alpine-mail packages="$alpine_mail" local -a alpine_dev_spark=( $alpine_dev_core postgresql14 py3-psycopg2 py3-wheel py3-pip openssh breezy rsync ) require site_container_alpine :containers_dir :svscan_dir \ repositories="main community" \ image_name=alpine-dev-spark \ packages="$alpine_dev_spark" local -a alpine_browsers=( $alpine_x11 firefox font-noto lxappearance mupdf mupdf-x11 p7zip qutebrowser rsync vimb visurf w3m coreutils # cat -s in ff-mkprofile ) require site_container_alpine :containers_dir :svscan_dir \ image_name=alpine-browsers packages="$alpine_browsers" local -a alpine_recombee=( $alpine_community mandoc man-pages mandoc-apropos git zsh-vcs vim vis tmux htop openssh python3 ipython py3-pip py3-wheel python3-dev libffi{,-dev} # for compiling cffi py3-cffi py3-cryptography py3-pynacl ruby ruby-bundler ruby-json # for puppet ruby-bigdecimal ruby-rdoc # for gitlab make patch ripgrep bat # delta colordiff jq weechat weechat-python py3-websocket-client # for wee-slack weechat-spell aspell aspell-utils py3-feedparser # for weemustfeed.py rsync tree # broot gnupg pass go # for DC/OS CLI file strace gdb task py3-cffi # for taskwarrior/bugwarrior sfeed sfeed-doc lynx elinks w3m curl # alternative RSS/ATOM processor drill ldns-tools # for drill musl-utils # for getent notmuch mblaze notmuch-doc mblaze-doc notmuch-vim py3-notmuch py3-gpgme # for alot ncurses-dev # for building sfeed from source socat gawk # postgresql-dev # for developing pg_cgroup ) require site_container_alpine :containers_dir :svscan_dir \ release=v3.13 image_name=alpine-recombee packages="$alpine_recombee" local -a void_core=( abduco s6 s6-{rc,linux-utils,portable-utils} execline ncurses-base rxvt-unicode-terminfo zsh coreutils which grep gawk sed strace htop procps-ng vis ) local -a void_x11=( $void_core xauth xdg-utils file # for xdg-open rxvt-unicode # xorg-fonts font-misc-misc dejavu-fonts-ttf terminus-font ) require site_container_void_musl :containers_dir :svscan_dir \ image_name=void-mpd packages="$void_core sndio sox mpd mpc ncmpcpp" require site_container_void_musl :containers_dir :svscan_dir \ image_name=void-telegram packages="$void_x11 sndio sox telegram-desktop sxiv" require site_container_void_musl :containers_dir :svscan_dir \ image_name=void-browsers packages="$void_x11 sndio sox firefox" require site_container_void_glibc :containers_dir :svscan_dir \ image_name=void-signal \ packages="$void_x11 htop xdg-utils mesa-demos Signal-Desktop" require site_container_void_glibc_nonfree :containers_dir :svscan_dir \ image_name=void-games \ packages="$void_core dwarffortress adom" local -a nix_core=( s6 s6-{rc,linux-utils,portable-utils} execline # ncurses # version stripping doesn't work for this ATM zsh abduco rxvt-unicode ) # require site_container_nix :containers_dir :svscan_dir \ # image_name=nix-signal packages="$nix_core signal-desktop" require site_container_debian_puppetserver :containers_dir :svscan_dir \ image_name=rcm-puppetserver local -a alpine_xsession=( $alpine_community 9base dmenu fluxbox font-arabic-misc font-cursor-misc font-daewoo-misc font-dec-misc font-isas-misc font-jis-misc font-micro-misc font-misc-cyrillic font-misc-ethiopic font-misc-meltho font-misc-misc font-mutt-misc font-noto font-schumacher-misc font-sony-misc font-sun-misc font-terminus-nerd fontforge fontforge-python3 gvncviewer htop i3lock i3wm man-db man-pages multitail ncurses plan9port py3-cairo redshift rxvt-unicode rxvt-unicode-doc scrot setxkbmap sxiv terminus-font tmux unifont vis wmctrl xautolock xclip xdotool xdpyinfo xev xinput xpra xrandr xset ) require site_container_alpine :containers_dir :svscan_dir \ image_name=alpine-xsession \ packages="$alpine_xsession" } confz_site_containers_check() { defvar containers_dir /mnt/volumes/containers defvar svscan_dir /run/service require site_container_images :containers_dir :svscan_dir require site_container_services :containers_dir :svscan_dir } confz_container_sysroot_rundir_check() { checkvars container_root container_name tmp_dir require fs_contentnl filename=$vars[tmp_dir]/run/init \ content=$'#!/bin/sh\nexec sleep 3600' require fs_m filename=$vars[tmp_dir]/run/init mode=755 }