diff options
| author | unitexe <unitexe70@gmail.com> | 2026-01-11 00:28:02 -0600 |
|---|---|---|
| committer | unitexe <unitexe70@gmail.com> | 2026-01-11 00:40:28 -0600 |
| commit | a33937d31fbede0e9f7dd7055dcb6ae95d305d59 (patch) | |
| tree | df907cef30e832a5dae337047d2b1dabc5ad8648 /meta-unit-core/dynamic-layers/virtualization-layer | |
| parent | e99d9bb6788424ec7711d187985bb93b8b5c1175 (diff) | |
Rootless banner quadlet
Diffstat (limited to 'meta-unit-core/dynamic-layers/virtualization-layer')
6 files changed, 75 insertions, 22 deletions
diff --git a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/banner-quadlet/banner-quadlet.bb b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/banner-quadlet/banner-quadlet.bb new file mode 100644 index 0000000..67c2246 --- /dev/null +++ b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/banner-quadlet/banner-quadlet.bb @@ -0,0 +1,23 @@ +SUMMARY = "Banner quadlet" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${UNPACKDIR}/LICENSE;md5=a0e6886d263a557228f8d3c5bef21837" + +SRC_URI = "\ + file://banner.container \ + file://LICENSE \ +" + +RDEPENDS:${PN}:append = " podman" +RDEPENDS:${PN}:append = " add-user-svc" + +S = "${UNPACKDIR}" + +ROOTLESS_USER_NAME ?= "svc" + +do_install() { + install -D -m 0644 ${UNPACKDIR}/banner.container ${D}/home/${ROOTLESS_USER_NAME}/.config/containers/systemd/banner.container +} + +FILES:${PN} = "\ + /home/${ROOTLESS_USER_NAME}/.config/containers/systemd/banner.container \ +" diff --git a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/banner-quadlet/files/LICENSE b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/banner-quadlet/files/LICENSE new file mode 100644 index 0000000..9ec8d09 --- /dev/null +++ b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/banner-quadlet/files/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2025 Closed Circuit Consulting + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/banner-quadlet/files/banner.container b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/banner-quadlet/files/banner.container new file mode 100644 index 0000000..68478a8 --- /dev/null +++ b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-containers/banner-quadlet/files/banner.container @@ -0,0 +1,19 @@ +[Unit] +Description=Serves a custom ASCII banner +After=network-online.target +Wants=network-online.target + +[Container] +ContainerName=banner +Image=ghcr.io/closedcircuitconsulting/banner:0.1.0 +PublishPort=8093:8080 + +[Service] +Restart=on-failure +RestartSec=10s +RestartSteps=5 +RestartMaxDelaySec=1min +TimeoutStartSec=15min + +[Install] +WantedBy=multi-user.target default.target diff --git a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-extended/shadow/shadow_%.bbappend b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-extended/shadow/shadow_%.bbappend index cb2beaa..6b57651 100644 --- a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-extended/shadow/shadow_%.bbappend +++ b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-extended/shadow/shadow_%.bbappend @@ -1,5 +1,5 @@ # -# Support rootless podman for unitexe user. +# Support rootless podman for users. # # This is explained at: # https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md#etcsubuid-and-etcsubgid-configuration @@ -9,4 +9,9 @@ do_install:append() { echo "" >> ${D}${sysconfdir}/subuid echo "unitexe:100000:65536" >> ${D}${sysconfdir}/subgid echo "" >> ${D}${sysconfdir}/subgid + + echo "svc:200000:65536" >> ${D}${sysconfdir}/subuid + echo "" >> ${D}${sysconfdir}/subuid + echo "svc:200000:65536" >> ${D}${sysconfdir}/subgid + echo "" >> ${D}${sysconfdir}/subgid } diff --git a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-users/useradd/add-user-svc.bbappend b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-users/useradd/add-user-svc.bbappend new file mode 100644 index 0000000..6c79ab4 --- /dev/null +++ b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-users/useradd/add-user-svc.bbappend @@ -0,0 +1,4 @@ +inherit enable-linger +inherit set-xdg-env + +RDEPENDS:${PN}:append = " banner-quadlet" diff --git a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-users/useradd/add-user-unitexe.bbappend b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-users/useradd/add-user-unitexe.bbappend index 5fab9f0..23fe467 100644 --- a/meta-unit-core/dynamic-layers/virtualization-layer/recipes-users/useradd/add-user-unitexe.bbappend +++ b/meta-unit-core/dynamic-layers/virtualization-layer/recipes-users/useradd/add-user-unitexe.bbappend @@ -1,21 +1,2 @@ -do_install:append() { - # If linger is not enabled then rootless podman - # commands will complain with number of warnings. - # Enabling linger does two effects for systemd user units: - # 1. Units are automatically started after a reboot - # 2. Units are not automatically stopped after a log out - install -d ${D}${localstatedir}/lib/systemd/linger - touch ${D}${localstatedir}/lib/systemd/linger/${USER_TO_ADD_NAME} - - # Note: Use of .profile here assumes busybox shell. - # Podman uses these (if defined) for overriding - # default configuration file locations. This is - # explained here: - # https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md#user-configuration-files - cat > ${D}/home/${USER_TO_ADD_NAME}/.profile << 'EOF' -export XDG_RUNTIME_DIR=/run/user/$(id -u) -export XDG_CONFIG_HOME=$HOME/.config -EOF -} - -FILES:${PN}:append = " ${localstatedir}/lib/systemd/linger/${USER_TO_ADD_NAME}" +inherit enable-linger +inherit set-xdg-env |