niklas/amduat-api
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
amduat-api/notes/container-friendly build script.md

108 lines
3.7 KiB
Markdown
Raw Normal View History

Added some notes that needs to be analyzed.
2026-01-17 00:19:49 +01:00
Perfect! Heres a **container-friendly build script outline** for creating your `asl-auth-host` bootable ISO on Linux Mint using a Debian container. It **prepares the filesystem, overlays your binaries and scripts, sets up directories**, and skips actual ZFS pool creation (you can mount ZFS later when booted).
---
```bash
#!/bin/bash
# build_asl_auth_host_iso.sh
# Container-friendly ASL-AUTH-HOST ISO builder
# Assumes running in Debian container
set -e
WORKDIR=/work
ISO_ROOT=$WORKDIR/iso_root
OVERLAY=$WORKDIR/overlay
OUTPUT=$WORKDIR/asl-auth-host.iso
# 1. Clean previous build
rm -rf $ISO_ROOT $OVERLAY $OUTPUT
mkdir -p $ISO_ROOT $OVERLAY
# 2. Bootstrap minimal Debian filesystem
echo "Bootstrapping minimal Debian filesystem..."
debootstrap --arch=amd64 bullseye $ISO_ROOT http://deb.debian.org/debian/
chroot $ISO_ROOT /bin/bash << 'EOF'
touch /etc/asl-bootstrap
apt-get update
apt-get install -y linux-image-amd64 initramfs-tools systemd-sysv \
ca-certificates curl xorriso isolinux syslinux-common
EOF
# 3. Set up overlay directory structure
echo "Setting up overlay structure..."
mkdir -p $OVERLAY/{bin,etc,var/lib/asl,var/log}
mkdir -p $OVERLAY/{usr/local/bin,run/asl}
8
# Place your binaries and scripts here
cp $WORKDIR/binaries/asl-auth-host $OVERLAY/bin/
cp $WORKDIR/binaries/asl-rescue $OVERLAY/bin/
cp $WORKDIR/scripts/* $OVERLAY/bin/
# 4. Copy overlay into ISO root
echo "Merging overlay into ISO root..."
cp -a $OVERLAY/* $ISO_ROOT/
chroot $ISO_ROOT /bin/bash << 'EOF'
dpkg -i /usr/local/debs/libasl-capture0_0.1.0-1_amd64.deb \
/usr/local/debs/libasl-capture-dev_0.1.0-1_amd64.deb \
/usr/local/debs/asl-tools_0.1.0-1_amd64.deb || true
apt-get install -f -y # fix dependencies if needed
EOF
# 5. Create expected dataset structure for ASL (to mount ZFS later)
mkdir -p $ISO_ROOT/var/lib/asl/{common,personal}
mkdir -p $ISO_ROOT/var/lib/asl/pools
# 6. Optional: add bootloader configs (isolinux/syslinux)
echo "Setting up bootloader (minimal)..."
mkdir -p $ISO_ROOT/boot/isolinux
# Place isolinux.bin and isolinux.cfg here
# cp $WORKDIR/bootloader/isolinux.bin $ISO_ROOT/boot/isolinux/
# cp $WORKDIR/bootloader/isolinux.cfg $ISO_ROOT/boot/isolinux/
# 7. Build ISO
echo "Generating ISO..."
xorriso -as mkisofs \
-iso-level 3 \
-o $OUTPUT \
-full-iso9660-filenames \
-volid "ASL-AUTH-HOST" \
-eltorito-boot boot/isolinux/isolinux.bin \
-eltorito-catalog boot/isolinux/boot.cat \
-no-emul-boot -boot-load-size 4 -boot-info-table \
$ISO_ROOT
echo "ASL-AUTH-HOST ISO built successfully: $OUTPUT"
```
---
### ✅ Key Points
* **Container-friendly**: No ZFS creation inside the container. ZFS datasets (`common`, `personal`) are just directories; they can be mounted when booted.
* **Overlay**: Your binaries (`asl-auth-host`, `asl-rescue`) and helper scripts go into `/bin` in the overlay.
* **Bootloader**: Minimal setup; you can extend with isolinux/syslinux or GRUB.
* **ISO Output**: Reproducible in a container, can copy to USB or VM for testing.
---
### Next Steps
1. Populate `$WORKDIR/binaries/` with your compiled `asl-auth-host` and `asl-rescue`.
2. Populate `$WORKDIR/scripts/` with any helpers (like init scripts, mounting helpers).
3. Add your `isolinux.cfg` or GRUB config to `$WORKDIR/bootloader/`.
4. Run the container build. ISO will appear in `/work/asl-auth-host.iso`.
---
I can also **draft a ready-to-use directory layout** for the ISO and overlay, including placeholders for:
* `common` and `personal` datasets
* `/var/lib/asl/index`
* `/var/lib/asl/certs`
* `/etc/asl-auth-host/config.yaml`
…so you have a concrete blueprint to start placing your certificates and DAM/SOPS bundles.
Do you want me to draft that layout next?
Reference in a new issue Copy permalink