niklas/amduat-api
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
amduat-api/notes/container-friendly build script.md
Carl Niklas Rydberg 1d552bd46a Added some notes that needs to be analyzed.
2026-01-17 00:19:49 +01:00

3.7 KiB
Raw Blame History

Perfect! Heres a container-friendly build script outline for creating your asl-auth-host bootable ISO on Linux Mint using a Debian container. It prepares the filesystem, overlays your binaries and scripts, sets up directories, and skips actual ZFS pool creation (you can mount ZFS later when booted).

#!/bin/bash
# build_asl_auth_host_iso.sh
# Container-friendly ASL-AUTH-HOST ISO builder
# Assumes running in Debian container

set -e
WORKDIR=/work
ISO_ROOT=$WORKDIR/iso_root
OVERLAY=$WORKDIR/overlay
OUTPUT=$WORKDIR/asl-auth-host.iso

# 1. Clean previous build
rm -rf $ISO_ROOT $OVERLAY $OUTPUT
mkdir -p $ISO_ROOT $OVERLAY

# 2. Bootstrap minimal Debian filesystem
echo "Bootstrapping minimal Debian filesystem..."
debootstrap --arch=amd64 bullseye $ISO_ROOT http://deb.debian.org/debian/
chroot $ISO_ROOT /bin/bash << 'EOF'
touch /etc/asl-bootstrap
apt-get update
apt-get install -y linux-image-amd64 initramfs-tools systemd-sysv \
                   ca-certificates curl xorriso isolinux syslinux-common
EOF

# 3. Set up overlay directory structure
echo "Setting up overlay structure..."
mkdir -p $OVERLAY/{bin,etc,var/lib/asl,var/log}
mkdir -p $OVERLAY/{usr/local/bin,run/asl}
8
# Place your binaries and scripts here
cp $WORKDIR/binaries/asl-auth-host $OVERLAY/bin/
cp $WORKDIR/binaries/asl-rescue $OVERLAY/bin/
cp $WORKDIR/scripts/* $OVERLAY/bin/

# 4. Copy overlay into ISO root
echo "Merging overlay into ISO root..."
cp -a $OVERLAY/* $ISO_ROOT/
chroot $ISO_ROOT /bin/bash << 'EOF'
dpkg -i /usr/local/debs/libasl-capture0_0.1.0-1_amd64.deb \
         /usr/local/debs/libasl-capture-dev_0.1.0-1_amd64.deb \
         /usr/local/debs/asl-tools_0.1.0-1_amd64.deb || true
apt-get install -f -y   # fix dependencies if needed
EOF

# 5. Create expected dataset structure for ASL (to mount ZFS later)
mkdir -p $ISO_ROOT/var/lib/asl/{common,personal}
mkdir -p $ISO_ROOT/var/lib/asl/pools

# 6. Optional: add bootloader configs (isolinux/syslinux)
echo "Setting up bootloader (minimal)..."
mkdir -p $ISO_ROOT/boot/isolinux
# Place isolinux.bin and isolinux.cfg here
# cp $WORKDIR/bootloader/isolinux.bin $ISO_ROOT/boot/isolinux/
# cp $WORKDIR/bootloader/isolinux.cfg $ISO_ROOT/boot/isolinux/

# 7. Build ISO
echo "Generating ISO..."
xorriso -as mkisofs \
  -iso-level 3 \
  -o $OUTPUT \
  -full-iso9660-filenames \
  -volid "ASL-AUTH-HOST" \
  -eltorito-boot boot/isolinux/isolinux.bin \
  -eltorito-catalog boot/isolinux/boot.cat \
  -no-emul-boot -boot-load-size 4 -boot-info-table \
  $ISO_ROOT

echo "ASL-AUTH-HOST ISO built successfully: $OUTPUT"

Key Points

  • Container-friendly: No ZFS creation inside the container. ZFS datasets (common, personal) are just directories; they can be mounted when booted.
  • Overlay: Your binaries (asl-auth-host, asl-rescue) and helper scripts go into /bin in the overlay.
  • Bootloader: Minimal setup; you can extend with isolinux/syslinux or GRUB.
  • ISO Output: Reproducible in a container, can copy to USB or VM for testing.

Next Steps

  1. Populate $WORKDIR/binaries/ with your compiled asl-auth-host and asl-rescue.
  2. Populate $WORKDIR/scripts/ with any helpers (like init scripts, mounting helpers).
  3. Add your isolinux.cfg or GRUB config to $WORKDIR/bootloader/.
  4. Run the container build. ISO will appear in /work/asl-auth-host.iso.

I can also draft a ready-to-use directory layout for the ISO and overlay, including placeholders for:

  • common and personal datasets
  • /var/lib/asl/index
  • /var/lib/asl/certs
  • /etc/asl-auth-host/config.yaml

…so you have a concrete blueprint to start placing your certificates and DAM/SOPS bundles.

Do you want me to draft that layout next?