diff options
| -rw-r--r-- | .INSTALL | 35 | ||||
| -rw-r--r-- | .SRCINFO | 17 | ||||
| -rw-r--r-- | PKGBUILD | 39 | ||||
| -rw-r--r-- | rserve-sandbox-docker.conf | 25 | ||||
| -rw-r--r-- | rserve-sandbox-docker.service | 45 | ||||
| -rwxr-xr-x | run.sh | 169 |
6 files changed, 330 insertions, 0 deletions
diff --git a/.INSTALL b/.INSTALL new file mode 100644 index 000000000000..e146f6a99da6 --- /dev/null +++ b/.INSTALL @@ -0,0 +1,35 @@ +post_install() { + # Add rserve user and group. + getent group rserve &>/dev/null || groupadd -r rserve >/dev/null + getent passwd rserve &>/dev/null || useradd -m -d /home/rserve \ +-s /bin/false -r -g rserve rserve >/dev/null + # Exec the chmod just like in the Makefile. + chmod 750 /home/rserve + + # Add rsd user and group. + getent group rsd &>/dev/null || groupadd -r rsd >/dev/null + getent passwd rsd &>/dev/null || useradd -s /bin/false \ +-r -g rsd rsd >/dev/null + + # This is explained in the Arch Wiki. It seems that anyone belonging to the + # docker group has root capablities, so creating a separate user to run + # Docker is necessary in my opinion. + gpasswd -a rsd docker >/dev/null + + chown -R rsd:rsd /opt/rserve-sandbox-docker + + echo "" + echo "" + echo "You can start and enable \ +rserve-sandbox-docker.service to run the server." + echo "" + echo "" +} + +pre_remove() { + echo "" + echo "" + echo "UNIMPLEMENTED" + echo "" + echo "" +} diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..b8a5704d3cfe --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,17 @@ +pkgbase = rserve-sandbox-docker + pkgdesc = Docker spec for running Rserve in a sandbox + pkgver = r23.845f51c + pkgrel = 1 + url = https://github.com/frnmst/rserve-sandbox + install = .INSTALL + arch = x86_64 + license = BSD + makedepends = git + makedepends = sed + depends = r + depends = docker + source = git://github.com/frnmst/rserve-sandbox#branch=distro-package + md5sums = SKIP + +pkgname = rserve-sandbox-docker + diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..9e127cd2e50e --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,39 @@ +# Maintainer: Franco Masotti <franco dot masotti at student dot unife dot it> +# Contributor: Franco Masotti <franco dot masotti at student dot unife dot it> +pkgname=rserve-sandbox-docker +pkgver=r23.845f51c +pkgrel=1 +pkgdesc="Docker spec for running Rserve in a sandbox" +arch=('x86_64') +url="https://github.com/frnmst/rserve-sandbox" +license=('BSD') +depends=('r' + 'docker') +makedepends=('git' + 'sed') +install=.INSTALL +source=('git://github.com/frnmst/rserve-sandbox#branch=distro-package') +md5sums=('SKIP') + +pkgver () { + cd ${srcdir}/rserve-sandbox + ( set -o pipefail + git describe --long 2>/dev/null | sed 's/\([^-]*-g\)/r\1/;s/-/./g' || + printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)" + ) +} + +package() { + cd ${srcdir} + install -d ${pkgdir}/opt/${pkgname} + install -d ${pkgdir}/usr/bin + install -D -m644 rserve-sandbox/Makefile ${pkgdir}/opt/${pkgname}/Makefile + install -D -m644 rserve-sandbox/Dockerfile.in ${pkgdir}/opt/${pkgname}/Dockerfile.in + install -D -m644 rserve-sandbox/Rserv.conf ${pkgdir}/opt/${pkgname}/Rserv.conf + install -D -m644 rserve-sandbox/Rserv.sh ${pkgdir}/opt/${pkgname}/Rserv.sh + install -D -m644 rserve-sandbox/LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" + install -D -m755 ${startdir}/run.sh ${pkgdir}/opt/${pkgname}/run.sh + install -D -m644 ${startdir}/${pkgname}.service "${pkgdir}/usr/lib/systemd/system/${pkgname}.service" + install -D -m644 ${startdir}/${pkgname}.conf "${pkgdir}/usr/lib/tmpfiles.d/${pkgname}.conf" + ln -s /opt/${pkgname}/run.sh ${pkgdir}/usr/bin/${pkgname} +} diff --git a/rserve-sandbox-docker.conf b/rserve-sandbox-docker.conf new file mode 100644 index 000000000000..3eb79760cfb2 --- /dev/null +++ b/rserve-sandbox-docker.conf @@ -0,0 +1,25 @@ +# +# rserve-sandbox-docker.conf +# +# Copyright (C) 2016 frnmst (Franco Masotti) <franco.masotti@student.unife.it> +# +# This file is part of cplint-installer. +# +# cplint-installer is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cplint-installer is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cplint-installer. If not, see <http://www.gnu.org/licenses/>. +# +# + +# To be placed in /usr/lib/tmpfiles.d/rserve-sandbox-docker.conf + +f /run/rserve-sandbox-docker.pid 0755 rsd rsd - diff --git a/rserve-sandbox-docker.service b/rserve-sandbox-docker.service new file mode 100644 index 000000000000..9e5173a756ab --- /dev/null +++ b/rserve-sandbox-docker.service @@ -0,0 +1,45 @@ +# +# rserve-sandbox-docker.service +# +# Copyright (C) 2016 frnmst (Franco Masotti) <franco.masotti@student.unife.it> +# +# This file is part of cplint-installer. +# +# cplint-installer is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cplint-installer is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cplint-installer. If not, see <http://www.gnu.org/licenses/>. +# +# + +# To be placed in /usr/lib/systemd/system/rserve-sandbox-docker.service + +[Unit] +Description=Docker spec for running Rserve in a sandbox +Documentation=https://github.com/JanWielemaker/rserve-sandbox https://github.com/JanWielemaker/rserve_client +Requires=docker.service +After=docker.service + +[Service] +# Run ExecStartPre with root permissions. +PermissionsStartOnly=true +ExecStartPre=/usr/bin/systemd-tmpfiles --create rserve-sandbox-docker.conf +ExecStart=/usr/bin/rserve-sandbox-docker -s +ExecStop=/usr/bin/rserve-sandbox-docker -k +Type=forking +PIDFile=/run/rserve-sandbox-docker.pid +User=rsd +Group=rsd + +[Install] +Also=docker.service +WantedBy=default.target + diff --git a/run.sh b/run.sh new file mode 100755 index 000000000000..b4e56810b964 --- /dev/null +++ b/run.sh @@ -0,0 +1,169 @@ +#!/usr/bin/env sh + +# +# run.sh +# +# Copyright (C) 2016 frnmst (Franco Masotti) <franco.masotti@student.unife.it> +# +# This file is part of cplint-installer. +# +# cplint-installer is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cplint-installer is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cplint-installer. If not, see <http://www.gnu.org/licenses/>. +# +# + +pkg_dir="/opt/rserve-sandbox-docker" +pid_file="/run/rserve-sandbox-docker.pid" +user="rsd" +group="rsd" +docker_image_name="rserve" + +help() +{ + cat<<-EOF +rsd [OPTION] +Docker spec for running Rserve in a sandbox + +The first time rserve-sandbox-docker is executed, +a docker image will be downloaded. This operation might take a while. + +Only a single option is permitted. + -h print this help + -k kill rsd + -s start rsd + +Exit status: + 0 if OK, + 1 some error occurred. + +Full documentation at: <https://github.com/frnmst/rserve-sandbox> +EOF +} + +# Kill ideas (deprecated). + # This addresses only docker containers available to rsd:rsd. + # Simple solution. + + + # More complex solution requires deleting all containers (running and + # stopped) matching rserve-sandbox-docker + # If this is not done, the hard disk might get full quickly. + # Something like the following might be useful. + # + # containers="$(docker ps -a -f status=exited \ +#--format \"{{.ID}}\\t{{.Image}}\" | grep rserve-sandbox-docker)" + # echo "$containers" | awk '{print $1} | xargs docker rm + + # Or simply add rm option to the makefile + +initialize() +{ + # Check if rserve image does not exist. + if [ -z "$(docker images -q "$docker_image_name")" ]; then + printf "This might take a while\n" + make image + fi +} + +startd() +{ + local pid="" + + { + ( + cd "$pkg_dir" + initialize && make run + ) & + pid="$!" + } 1>/dev/null 2>/dev/null + + write_pid_file "$pid" +} + +# +# shared_functions.sh +# +# Copyright (C) 2016 frnmst (Franco Masotti) <franco.masotti@student.unife.it> +# +# This file is part of cplint-installer. +# +# cplint-installer is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# cplint-installer is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with cplint-installer. If not, see <http://www.gnu.org/licenses/>. +# +# + +# This file is used by the various run.sh. + +check_running_user_and_group() +{ + if [ "$(id -un)" = "$user" ] && [ "$(id -gn)" = "$group" ]; then + : + else + printf "User must be "$user"\n" + printf "Group must be "$group"\n" + return 1 + fi +} + +write_pid_file() +{ + local pid="$1" + + if [ -n "$pid" ]; then + printf "Server running with pid $pid\n" + printf "$pid\n" > "$pid_file" + else + printf "Server error\n" + return 1 + fi +} + +killd() +{ + # kill action only if process exists. + if [ -f "$pid_file" ]; then + pid=$(cat "$pid_file") + ps -q $pid > /dev/null + if [ $? -eq 0 ]; then + kill -s SIGTERM $pid + fi + fi +} + +option_parser() +{ + getopts ":hks" opt "$@" + case "$opt" in + h) help ;; + k) killd ;; + s) startd ;; + ?) help; return 1 ;; + esac +} + +main() +{ + check_running_user_and_group && option_parser "$@" +} + +main "$@" |