commit 5d1cfc63a935949841fd6909346d5aac5a06bd05 Author: Denis Knauf Date: Tue May 26 11:35:37 2020 +0200 source init diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..b5fc999 --- /dev/null +++ b/Makefile @@ -0,0 +1,103 @@ +SHELL = /bin/sh +.SUFFIXES: + +INSTALL = /usr/bin/install + +MNAME := octoprint +MACHINES_DIR := /var/lib/machines +MDIR := $(MACHINES_DIR)/$(MNAME) +TDIR := $(MACHINES_DIR)/$(MNAME)-template +DEVPTN := '/dev/ttyUSB*' + +OP = systemd-nspawn --machine=$(MNAME) --hostname=$(MNAME) --directory="$(MDIR)" --tmpfs=/run --tmpfs=/run/lock + +all: + @echo Nothing to do. + @echo run 'sudo make install' +.PHONY: all + +/usr/bin/systemd-nspawn: + apt install -y systemd-container + +/etc/cron-apt/action.d /usr/sbin/cron-apt: + apt install -y cron-apt + +/etc/cron-apt/action.d/6-upgrade: /etc/cron-apt/action.d + +/etc/cron-apt/action.d/6-upgrade $(MDIR)/etc/cron-apt/action.d/6-upgrade: src/cron-apt-6-upgrade + $(INSTALL) -o root -g root -m 644 $< $@ + +/usr/sbin/debootstrap: + apt install -y debootstrap + touch "$@" + +/etc/systemd/system/octoprint-container@.service: src/octoprint-container@.service + $(INSTALL) -o root -g root -m 0644 $< $@ +/etc/systemd/system/multi-user.target.wants/octoprint-container@.service: /etc/systemd/system/octoprint-container@.service + ln -fs $< $@ + +$(MDIR): /usr/sbin/debootstrap + rm -rf "$@".tmp + debootstrap --include=systemd-container stable "$@".tmp + touch "$@".tmp + mv "$@".tmp "$@" + +$(MDIR)/usr/bin/pip3: $(MDIR) + $(OP) apt install -y python3-pip + touch "$@" +$(MDIR)/usr/bin/ffmpeg: $(MDIR) + $(OP) apt install -y ffmpeg + touch "$@" +$(MDIR)/usr/sbin/cron-apt: $(MDIR) + $(OP) apt install -y cron-apt + touch "$@" +$(MDIR)/usr/bin/nullmailer-send: $(MDIR) + $(OP) apt install -y nullmailer + touch "$@" +$(MDIR)/usr/local/bin/octoprint: $(MDIR)/usr/bin/pip3 + $(OP) pip3 install octoprint + touch "$@" + +install_octoprint: $(MDIR) /usr/bin/systemd-nspawn $(addprefix $(MDIR),/usr/bin/pip3 /usr/bin/ffmpeg /usr/local/bin/octoprint) + $(OP) sh -c 'getent passwd octoprint >/dev/null || useradd -mrUd /var/lib/octoprint -G dialout octoprint' +.PHONY: install_octoprint + +$(MDIR)/usr/local/libexec/octoprint-init: src/octoprint-init $(MDIR)/usr/local/libexec + $(INSTALL) -o root -g root -m 0755 $< $@ +$(MDIR)/etc/systemd/system/octoprint-init.service: src/octoprint-init.service $(MDIR) + $(INSTALL) -o root -g root -m 0755 $< $@ +$(MDIR)/etc/systemd/system/multi-user.target.wants/octoprint-init.service: $(MDIR)/etc/systemd/system/octoprint-init.service + ln -fs $< $@ + +$(MDIR)/etc/systemd/system/octoprint.service: src/octoprint.service + $(INSTALL) -o root -g root -m 0644 $< $@ + +TDIR_DIRS = $(addprefix $(TDIR),/dev /media /opt /etc /mnt /usr /usr/lib \ + /local /home /srv /run /boot /tmp /root /var /var/backups /var/opt \ + /var/lib /var/local /var/spool /var/spool/cron /var/spool/rsyslog \ + /var/spool/mail /var/log /var/cache /var/tmp /var/mail /proc /sys) + +$(TDIR_DIRS): $(dir $@) + $(INSTALL) -o root -g root -m 0755 -d $@ +$(MDIR)/usr/local/libexec: + $(INSTALL) -o root -g root -m 0755 -d $@ +$(TDIR): + $(INSTALL) -o root -g root -m 0755 -d $@ + +##### install*: ##### + +install_system: /usr/bin/systemd-nspawn /usr/sbin/cron-apt /etc/cron-apt/action.d/6-upgrade +.PHONY: install_system +install_container: install_octoprint \ + /etc/systemd/system/octoprint-container@.service \ + $(MDIR)/usr/local/libexec/octoprint-init \ + $(MDIR)/etc/systemd/system/octoprint-init.service \ + $(MDIR)/etc/systemd/system/multi-user.target.wants/octoprint-init.service \ + $(MDIR)/etc/systemd/system/octoprint.service \ + $(MDIR)/etc/cron-apt/action.d/6-upgrade +.PHONY: install_container +install_template: $(TDIR_DIRS) +.PHONY: install_template +install: install_system install_container install_template + systemctl daemon-reload +.PHONY: install diff --git a/hexopi.sh b/hexopi.sh new file mode 100644 index 0000000..20f4f81 --- /dev/null +++ b/hexopi.sh @@ -0,0 +1,203 @@ +#!/usr/bin/env sh +# SPDX-License-Identifier: GPL-3.0 +# Denis Kanuf + +die() { + >&2 printf '\e[1;31mdied: %s\e[0m\n' "$*" + exit 1 +} + +l() { + >&2 printf '\e[1m%s\e[0m\n' "$*" +} + +d() { + >&2 printf '\e[1;34m# %s\e[0m\n' "$*" + "$@" || die "$*" +} + +MNAME=octoprint +MDIR=/var/lib/machines/$MNAME +TDIR=/var/lib/machines/$MNAME-template +DEVPTN='/dev/ttyUSB*' +LICENSE="$(cat < +EOF +)" + +alias OP='d systemd-nspawn --machine=$MNAME --hostname=$MNAME --directory="$MDIR" --tmpfs=/run --tmpfs=/run/lock' + +t_mkdir() { + for d + do + d install -d "$TDIR/$d" + done +} + +############################################################################### + +ho_install() { +d apt install -y systemd-container debootstrap cron-apt dnsmasq + +d dd of=/etc/cron-apt/action.d/6-upgrade <&2 echo "not a container for running octoprint - no device" + exit 0 +elif [ -e "/dev/$device" ] +then + > /local/env echo OCTOPRINT_HOST=0.0.0.0 + >>/local/env echo OCTOPRINT_PORT=$((2000+${device#*USB})) + install -o octoprint -g octoprint -m 700 -d /var/lib/octoprint + /usr/bin/systemctl enable --no-block --now octoprint.service + /usr/bin/systemctl disable octoprint-init.service +else + >&2 echo "Device not found: $device" + exit 1 +fi +} + +############################################################################### + +case "$1" in +install) ho_install ;; +list) ho_list ;; +install_env) ho_environment ;; +*) + >&2 echo "Usage: $0 install" + exit 1 + ;; +esac diff --git a/src/50-octoprint-container.rules b/src/50-octoprint-container.rules new file mode 100644 index 0000000..cfb3ce4 --- /dev/null +++ b/src/50-octoprint-container.rules @@ -0,0 +1 @@ +SUBSYSTEMS=="usb", KERNEL=="ttyUSB*", ACTION=="add", TAG+="systemd", ENV{SYSTEMD_WANTS}+="octoprint-container@%k.service" ENV{SYSTEMD_ALIAS}+="/dev/%k" diff --git a/src/cron-apt-6-upgrade b/src/cron-apt-6-upgrade new file mode 100644 index 0000000..68b3528 --- /dev/null +++ b/src/cron-apt-6-upgrade @@ -0,0 +1 @@ +safe-upgrade -y diff --git a/src/octoprint-container@.service b/src/octoprint-container@.service new file mode 100644 index 0000000..56527f2 --- /dev/null +++ b/src/octoprint-container@.service @@ -0,0 +1,52 @@ +# SPDX-License-Identifier: GPL-3.0 +# Denis Kanuf +# Based on systemd-nspawn@.service + +[Unit] +Description=OctoPrint Container for %i +Documentation=man:systemd-nspawn(1) +PartOf=machines.target +Before=machines.target +After=network.target systemd-resolved.service +RequiresMountsFor=/var/lib/machines +BindTo=dev-%i.device + +[Service] +ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest \ + --settings=override \ + --directory=/var/lib/machines/octoprint@ttyUSB0 --template=/var/lib/machines/octoprint-template \ + --overlay=/var/lib/machines/octoprint/etc:/var/lib/machines/octoprint@%i/etc:/etc \ + --bind-ro=/var/lib/machines/octoprint/usr:/usr --bind=/dev/%i --machine=%i --hostname=%i +KillMode=mixed +Type=notify +RestartForceExitStatus=133 +SuccessExitStatus=133 +WatchdogSec=3min +Slice=machine.slice +Delegate=yes +TasksMax=16384 + +# Enforce a strict device policy, similar to the one nspawn configures when it +# allocates its own scope unit. Make sure to keep these policies in sync if you +# change them! +DevicePolicy=closed +DeviceAllow=/dev/net/tun rwm +DeviceAllow=char-pts rw + +# nspawn itself needs access to /dev/loop-control and /dev/loop, to implement +# the --image= option. Add these here, too. +DeviceAllow=/dev/loop-control rw +DeviceAllow=block-loop rw +DeviceAllow=block-blkext rw + +# nspawn can set up LUKS encrypted loopback files, in which case it needs +# access to /dev/mapper/control and the block devices /dev/mapper/*. +DeviceAllow=/dev/mapper/control rw +DeviceAllow=block-device-mapper rw + +# octoprint needs access to serial-interfaces. +DeviceAllow=/dev/%i rw +DeviceAllow=char-ttyUSB rw + +[Install] +WantedBy=machines.target diff --git a/src/octoprint-init b/src/octoprint-init new file mode 100644 index 0000000..30d1e4f --- /dev/null +++ b/src/octoprint-init @@ -0,0 +1,23 @@ +#!/usr/bin/env sh +# SPDX-License-Identifier: GPL-3.0 +# Denis Kanuf + +device=$(hostname) + +if [ "$device" = "${device#ttyUSB}" ] +then + >&2 echo "not a container for running octoprint - no device" + exit 0 + +elif [ -e "/dev/$device" ] +then + > /local/env echo OCTOPRINT_HOST=0.0.0.0 + >>/local/env echo OCTOPRINT_PORT=$((2000+${device#*USB})) + install -o octoprint -g octoprint -m 700 -d /var/lib/octoprint + /usr/bin/systemctl enable --no-block --now octoprint.service + /usr/bin/systemctl disable octoprint-init.service + +else + >&2 echo "Device not found: $device" + exit 1 +fi diff --git a/src/octoprint-init.service b/src/octoprint-init.service new file mode 100644 index 0000000..a220e0c --- /dev/null +++ b/src/octoprint-init.service @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: GPL-3.0 +# Denis Kanuf + +[Unit] +Description=Initialize Octoprint 3d-printer web interface +Before=octoprint.service + +[Service] +Type=oneshot +ExecStart=/usr/local/libexec/octoprint-init + +[Install] +WantedBy=multi-user.target diff --git a/src/octoprint.service b/src/octoprint.service new file mode 100644 index 0000000..b7fbcd2 --- /dev/null +++ b/src/octoprint.service @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: GPL-3.0 +# Denis Kanuf + +[Unit] +Description=OctoPrint 3D-printer web interface +After=octoprint-init.service + +[Service] +EnvironmentFile=/local/env +EnvironmentFile=-/env +ExecStart=/usr/local/bin/octoprint serve --host=${OCTOPRINT_HOST} --port=${OCTOPRINT_PORT} +User=octoprint +Group=octoprint + +[Install] +WantedBy=multi-user.target