niklas/amduat-api
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
amduat-api/notes/container-friendly build script.md
Carl Niklas Rydberg 1d552bd46a Added some notes that needs to be analyzed.
2026-01-17 00:19:49 +01:00

108 lines
3.7 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Perfect! Heres a **container-friendly build script outline** for creating your `asl-auth-host` bootable ISO on Linux Mint using a Debian container. It **prepares the filesystem, overlays your binaries and scripts, sets up directories**, and skips actual ZFS pool creation (you can mount ZFS later when booted).
---
```bash
#!/bin/bash
# build_asl_auth_host_iso.sh
# Container-friendly ASL-AUTH-HOST ISO builder
# Assumes running in Debian container
set -e
WORKDIR=/work
ISO_ROOT=$WORKDIR/iso_root
OVERLAY=$WORKDIR/overlay
OUTPUT=$WORKDIR/asl-auth-host.iso
# 1. Clean previous build
rm -rf $ISO_ROOT $OVERLAY $OUTPUT
mkdir -p $ISO_ROOT $OVERLAY
# 2. Bootstrap minimal Debian filesystem
echo "Bootstrapping minimal Debian filesystem..."
debootstrap --arch=amd64 bullseye $ISO_ROOT http://deb.debian.org/debian/
chroot $ISO_ROOT /bin/bash << 'EOF'
touch /etc/asl-bootstrap
apt-get update
apt-get install -y linux-image-amd64 initramfs-tools systemd-sysv \
ca-certificates curl xorriso isolinux syslinux-common
EOF
# 3. Set up overlay directory structure
echo "Setting up overlay structure..."
mkdir -p $OVERLAY/{bin,etc,var/lib/asl,var/log}
mkdir -p $OVERLAY/{usr/local/bin,run/asl}
8
# Place your binaries and scripts here
cp $WORKDIR/binaries/asl-auth-host $OVERLAY/bin/
cp $WORKDIR/binaries/asl-rescue $OVERLAY/bin/
cp $WORKDIR/scripts/* $OVERLAY/bin/
# 4. Copy overlay into ISO root
echo "Merging overlay into ISO root..."
cp -a $OVERLAY/* $ISO_ROOT/
chroot $ISO_ROOT /bin/bash << 'EOF'
dpkg -i /usr/local/debs/libasl-capture0_0.1.0-1_amd64.deb \
/usr/local/debs/libasl-capture-dev_0.1.0-1_amd64.deb \
/usr/local/debs/asl-tools_0.1.0-1_amd64.deb || true
apt-get install -f -y # fix dependencies if needed
EOF
# 5. Create expected dataset structure for ASL (to mount ZFS later)
mkdir -p $ISO_ROOT/var/lib/asl/{common,personal}
mkdir -p $ISO_ROOT/var/lib/asl/pools
# 6. Optional: add bootloader configs (isolinux/syslinux)
echo "Setting up bootloader (minimal)..."
mkdir -p $ISO_ROOT/boot/isolinux
# Place isolinux.bin and isolinux.cfg here
# cp $WORKDIR/bootloader/isolinux.bin $ISO_ROOT/boot/isolinux/
# cp $WORKDIR/bootloader/isolinux.cfg $ISO_ROOT/boot/isolinux/
# 7. Build ISO
echo "Generating ISO..."
xorriso -as mkisofs \
-iso-level 3 \
-o $OUTPUT \
-full-iso9660-filenames \
-volid "ASL-AUTH-HOST" \
-eltorito-boot boot/isolinux/isolinux.bin \
-eltorito-catalog boot/isolinux/boot.cat \
-no-emul-boot -boot-load-size 4 -boot-info-table \
$ISO_ROOT
echo "ASL-AUTH-HOST ISO built successfully: $OUTPUT"
```
---
### ✅ Key Points
* **Container-friendly**: No ZFS creation inside the container. ZFS datasets (`common`, `personal`) are just directories; they can be mounted when booted.
* **Overlay**: Your binaries (`asl-auth-host`, `asl-rescue`) and helper scripts go into `/bin` in the overlay.
* **Bootloader**: Minimal setup; you can extend with isolinux/syslinux or GRUB.
* **ISO Output**: Reproducible in a container, can copy to USB or VM for testing.
---
### Next Steps
1. Populate `$WORKDIR/binaries/` with your compiled `asl-auth-host` and `asl-rescue`.
2. Populate `$WORKDIR/scripts/` with any helpers (like init scripts, mounting helpers).
3. Add your `isolinux.cfg` or GRUB config to `$WORKDIR/bootloader/`.
4. Run the container build. ISO will appear in `/work/asl-auth-host.iso`.
---
I can also **draft a ready-to-use directory layout** for the ISO and overlay, including placeholders for:
* `common` and `personal` datasets
* `/var/lib/asl/index`
* `/var/lib/asl/certs`
* `/etc/asl-auth-host/config.yaml`
…so you have a concrete blueprint to start placing your certificates and DAM/SOPS bundles.
Do you want me to draft that layout next?
Reference in a new issue View git blame Copy permalink