julian/backup-bootc-image
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: julian/backup-bootc-image:cf0700348bc1b19d4cd04a1b599c221b8e9743f3
Branches Tags
julian/backup-bootc-image:main julian/backup-bootc-image:renovate/configure
...
compare: julian/backup-bootc-image:main
Branches Tags
julian/backup-bootc-image:main julian/backup-bootc-image:renovate/configure

3 Commits
cf0700348b ... main

Author SHA1 Message Date
Julian Wefers 4165798a02 remove backup user from dockerfile 2026-06-02 17:40:22 +02:00
Julian Wefers 2757744ec9 add btop, borgbackup 2026-05-31 15:43:25 +02:00
Julian Wefers 54d983ef3a sudo build needs host network (rootful podman) 2026-05-31 15:22:37 +02:00
3 changed files with 19 additions and 15 deletions
Expand all files Collapse all files
Containerfile
+2 -9
View File
@@ -10,15 +10,8 @@ RUN echo 'keepcache=True' >> /etc/dnf/dnf.conf
RUN --mount=type=cache,target=/var/cache/libdnf5 <<EOF RUN --mount=type=cache,target=/var/cache/libdnf5 <<EOF
# dnf install -y kernel-devel-$(uname -r | awk -F'-' '{print $1}') # dnf install -y kernel-devel-$(uname -r | awk -F'-' '{print $1}')
dnf install -y https://zfsonlinux.org/fedora/zfs-release-3-1$(rpm --eval "%{dist}").noarch.rpm dnf install -y https://zfsonlinux.org/fedora/zfs-release-3-1$(rpm --eval "%{dist}").noarch.rpm
dnf install -y zfs dnf install -y zfs btop borgbackup
dnf clean all && rm -rf /run/dnf && rm -rf /tmp/*
EOF EOF
RUN useradd -m -d /var/home/backup -G wheel backup
ARG PASSWORD
RUN echo "backup:${PASSWORD}" | chpasswd
RUN mkdir /backups && chown backup:backup /backups
COPY --chown=root:root --chmod=600 id_ed25519.pub /root/.ssh/authorized_keys
COPY --chown=backup:backup --chmod=600 id_ed25519.pub /var/home/backup/.ssh/authorized_keys
RUN bootc container lint RUN bootc container lint
commands.sh
+2 -2
View File
@@ -2,14 +2,13 @@ REPO="gitea.wefers.page/julian/backup-server"
TAG="latest" TAG="latest"
build() { build() {
read -srp "Desired password for user 'backup' in resulting container image: " password
# ABSOLUTELY DO NOT USE --squash, as ostree NEEDS the layers # ABSOLUTELY DO NOT USE --squash, as ostree NEEDS the layers
sudo buildah build \ sudo buildah build \
-t ${REPO}:${TAG} \ -t ${REPO}:${TAG} \
--build-arg PASSWORD="${password}" \
--pull \ --pull \
--layers \ --layers \
--format oci \ --format oci \
--network=host \
. .
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
@@ -31,6 +30,7 @@ mkImage() {
-it \ -it \
--privileged \ --privileged \
--pull=newer \ --pull=newer \
--network=host \
--security-opt label=type:unconfined_t \ --security-opt label=type:unconfined_t \
-v ./config.toml:/config.toml:ro \ -v ./config.toml:/config.toml:ro \
-v ./output:/output \ -v ./output:/output \
config.toml
+15 -4
View File
@@ -1,3 +1,18 @@
[customizations]
hostname = "backupserver"
[[customizations.user]]
name = "backup"
description = "Default user account"
password = "$6$CHO2$3rN8eviE2t50lmVyBYihTgVRHcaecmeCk31L..."
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGPAWtzq2/cuv+zPzdDSCe/5pc0HRCxmwFiI5Fu3sEok julian@local"
home = "/srv/widget/"
shell = "/usr/bin/bash"
groups = ["widget", "users", "wheel"]
uid = 1200
gid = 1200
expiredate = 12345
[customizations.iso] [customizations.iso]
volume_id = "JuliansBackupServer" volume_id = "JuliansBackupServer"
application_id = "JuliansBackupServer" application_id = "JuliansBackupServer"
@@ -19,10 +34,6 @@ lang en_US
keyboard de keyboard de
timezone Europe/Berlin timezone Europe/Berlin
network --device=enp1s0 --bootproto=static --ip=192.168.178.3 --netmask=255.255.255.0 --gateway=192.168.178.1 --nameserver=1192.168.178.8 network --device=enp1s0 --bootproto=static --ip=192.168.178.3 --netmask=255.255.255.0 --gateway=192.168.178.1 --nameserver=1192.168.178.8
# Basic partitioning
clearpart --all --initlabel --disklabel=gpt --drives=sda
reqpart --add-boot
part / --grow --fstype ext4
# Here's where we reference the container image to install - notice the kickstart # Here's where we reference the container image to install - notice the kickstart
# has no `%packages` section! What's being installed here is a container image. # has no `%packages` section! What's being installed here is a container image.