app-emulation/lxd: Import the tree's LXD ebuild (DO NOT USE IT!)

The ebuild drops iptables support bluntly as I personally nftables. LXD networking commands won't work without iptables so far. Package-Manager: Portage-2.3.62, Repoman-2.3.12 Manifest-Sign-Key: 00EFD31F1B60D5DBADB831C1C0ECE6960E54475B Signed-off-by: Nils Freydank <holgersson@posteo.de>
2019-03-20 12:31:09 +01:00 · 2019-03-20 12:31:09 +01:00 · f5dab2b2c7
parent 1afb34c235
commit f5dab2b2c7
9 changed files with 414 additions and 0 deletions
--- a/app-emulation/lxd/Manifest
+++ b/app-emulation/lxd/Manifest
@ -0,0 +1,22 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+DIST lxd-3.10.tar.gz 27057432 BLAKE2B b5a5c3cd4f1045419c806510aab21c3bcde8c8687ede808b1b832e2a0caba0ff3af5d79367141b29e84c0bd3bcf6958d917bc813700220e238cd21933963009b SHA512 25ed7675af7b6861d754607b19485e329ae344befac06fe33f326e34030755359bea6f574c414849b85f034533fd5dccb95a326ae0ad9e44b8ea366f7ee44d04
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCAB9FiEEcg3s4uUa4XE72XWQvF3CmYqtKyEFAlySJHVfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcy
+MERFQ0UyRTUxQUUxNzEzQkQ5NzU5MEJDNURDMjk5OEFBRDJCMjEACgkQvF3CmYqt
+KyF/BQ/8CMQYZ3yc8m2Hfbo6z2gmHWak77WVuGhX9lvw2AfdiXJF+o89FRWfDkNY
+kV/72xcmDCx1TNZrS3QZKiM2kAcoslXP7FO8degh+EFTADUm/d8MnhfKYjqsgIgm
+hkWPTak5oNehlNyQBOyYFOtxSu8eMKfoI8Jtlm5y2XAiij54Z+aGyF1Yk0E6+W8G
+qX4HvOgx3UfHkADO6bO5rW+M+HmMTUXktxoEHQuOGd1cBIGHQJHOIIvo9xIazgT9
+fZItYIBNqws3SsxUJgv23j+BP7Cwfv7C69cgktu5wFC2d+gffuFCGCtgZQSH8OJ1
+66L4MTMx4RYFs6ecJeZnXXW+VtbvmQ8Qb1m+RBec4ECugTukY2XN7Jg9mfNfqgOG
+iNuSNKZc3AwweojcVc/h85eOapnvpp8TUQPqpygF4B5v01sfJi9viiD7U3Cr1pXh
+In4r3UG1947tyULVbIuIo/E8kuz4c/LEOksndXsMJZiiOWenw2tl4nDEkq2iI3xE
+vVso3dhPx6kztFSNINVNOLrso5TSWOXtHyCiIjYtiqrTlQZ5y8yWT16ewMN/wNta
+F2GdrU4+49UFW/UwP4Hx9CHq2qH/2L50XBmnIAUH1Q2g0yr+87/tNpSQh1tjNHBT
+pstdsXstcV4/dIhc87Q/dpZjYB5SfwPHHdO52e9OvrZlyluW0VI=
+=tR3G
+-----END PGP SIGNATURE-----
--- a/app-emulation/lxd/files/de-translation-newline-1.patch
+++ b/app-emulation/lxd/files/de-translation-newline-1.patch
@ -0,0 +1,11 @@
+--- /po/de.po	2018-06-27 19:57:56.759130047 -0500
+++ /po/de.po	2018-06-27 20:01:09.694634346 -0500
+@@ -167,7 +167,7 @@
+ "###\n"
+ "### Each property is represented by a single line:\n"
+ "### An example would be:\n"
+-"###  description: My custom image"
+"###  description: My custom image\n"
+ msgstr ""
+ "### Dies ist eine Darstellung der Eigenschaften eines Images in yaml.\n"
+ "### Jede Zeile die mit '# beginnt wird ignoriert.\n"
--- a/app-emulation/lxd/files/lxd.confd
+++ b/app-emulation/lxd/files/lxd.confd
@ -0,0 +1,24 @@
+# Group which owns the shared socket
+LXD_OPTIONS+=" --group lxd"
+
+
+
+# Enable cpu profiling into the specified file
+#LXD_OPTIONS+=" --cpuprofile /tmp/lxc_cpu_profile"
+
+# Enable memory profiling into the specified file
+#LXD_OPTIONS+=" --memprofile /tmp/lxc_mem_profile"
+
+
+
+# Enables debug mode
+#LXD_OPTIONS+=" --debug"
+
+# For debugging, print a complete stack trace every n seconds
+#LXD_OPTIONS+=" --print-goroutines 5"
+
+# Enables verbose mode
+#LXD_OPTIONS+=" --verbose"
+
+# Logfile to log to
+#LXD_OPTIONS+=" --logfile /var/log/lxd/lxd.log"
--- a/app-emulation/lxd/files/lxd.initd
+++ b/app-emulation/lxd/files/lxd.initd
@ -0,0 +1,46 @@
+#!/sbin/openrc-run
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+DAEMON=/usr/sbin/lxd
+PIDFILE=/run/lxd.pid
+
+extra_commands="stopall"
+
+depend() {
+    need net
+    use lxcfs
+}
+
+start() {
+    ebegin "Starting lxd service"
+
+    start-stop-daemon --start \
+		      --pidfile ${PIDFILE} \
+		      --exec ${DAEMON} \
+		      --background \
+		      --make-pidfile \
+		      -- \
+		      ${LXD_OPTIONS}
+
+    eend $?
+}
+
+stop() {
+    if [ "$RC_GOINGDOWN" = "YES" ] || [ "$RC_REBOOT" = "YES" ]; then
+	stopall
+    else
+	ebegin "Stopping lxd service (but not containers)"
+	start-stop-daemon --stop --quiet -R TERM/45 -p ${PIDFILE}
+	eend $?
+    fi
+}
+
+stopall() {
+    ebegin "Stopping lxd service and containers"
+    if "${DAEMON}" shutdown; then
+	/etc/init.d/lxd zap
+	rm -f ${PIDFILE}
+    fi
+    eend $?
+}
--- a/app-emulation/lxd/files/lxd.service
+++ b/app-emulation/lxd/files/lxd.service
@ -0,0 +1,10 @@
+[Unit]
+Description=Container hypervisor based on LXC
+
+[Service]
+ExecStart=/usr/sbin/lxd --group lxd
+KillMode=process
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
--- a/app-emulation/lxd/files/ptbr-translation-newline.patch
+++ b/app-emulation/lxd/files/ptbr-translation-newline.patch
@ -0,0 +1,19 @@
+--- /po/pt_BR.po.orig	2018-10-13 23:27:01.523645894 -0500
+++ /po/pt_BR.po	2018-10-13 23:28:04.730644762 -0500
+@@ -95,7 +95,6 @@
+ "###\n"
+ "### Note that the name is shown but cannot be changed"
+ msgstr ""
+-"\n"
+ "### Esta é uma representação em yaml da configuração.\n"
+ "### Qualquer linha começando com '#' será ignorada.\n"
+ "###\n"
+@@ -112,7 +111,7 @@
+ "###     type: disk\n"
+ "### ephemeral: false\n"
+ "###\n"
+-"### Observe que o nome é exibido mas não pode ser modificado\n"
+"### Observe que o nome é exibido mas não pode ser modificado"
+ 
+ #: lxc/config_metadata.go:63
+ msgid ""
--- a/app-emulation/lxd/lxd-3.10-r1.ebuild
+++ b/app-emulation/lxd/lxd-3.10-r1.ebuild
@ -0,0 +1,239 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+DESCRIPTION="Fast, dense and secure container management"
+HOMEPAGE="https://linuxcontainers.org/lxd/introduction/"
+
+LICENSE="Apache-2.0 BSD BSD-2 LGPL-3 MIT MPL-2.0"
+SLOT="0"
+KEYWORDS="~amd64"
+
+IUSE="+daemon +ipv6 +dnsmasq nls test tools"
+
+inherit autotools bash-completion-r1 linux-info systemd user
+
+SRC_URI="https://linuxcontainers.org/downloads/${PN}/${P}.tar.gz"
+
+DEPEND="
+	dev-lang/tcl
+	>=dev-lang/go-1.9.4
+	dev-libs/libuv
+	dev-libs/protobuf
+	nls? ( sys-devel/gettext )
+	test? (
+		app-misc/jq
+		net-misc/curl
+		sys-devel/gettext
+	)
+"
+
+RDEPEND="
+	daemon? (
+		app-arch/xz-utils
+		>=app-emulation/lxc-2.0.7[seccomp]
+		dev-libs/libuv
+		dev-libs/lzo
+		dev-util/xdelta:3
+		dnsmasq? (
+			net-dns/dnsmasq[dhcp,ipv6?]
+		)
+		net-libs/libnfnetlink
+		net-libs/libnsl:0=
+		net-misc/rsync[xattr]
+		sys-apps/iproute2[ipv6?]
+		sys-fs/fuse
+		sys-fs/lxcfs
+		sys-fs/squashfs-tools
+		virtual/acl
+	)
+"
+
+CONFIG_CHECK="
+	~BRIDGE
+	~DUMMY
+	~IP6_NF_NAT
+	~IP6_NF_TARGET_MASQUERADE
+	~IPV6
+	~IP_NF_NAT
+	~IP_NF_TARGET_MASQUERADE
+	~MACVLAN
+	~NETFILTER_XT_MATCH_COMMENT
+	~NET_IPGRE
+	~NET_IPGRE_DEMUX
+	~NET_IPIP
+	~NF_NAT_MASQUERADE_IPV4
+	~NF_NAT_MASQUERADE_IPV6
+	~VXLAN
+"
+
+ERROR_BRIDGE="BRIDGE: needed for network commands"
+ERROR_DUMMY="DUMMY: needed for network commands"
+ERROR_IP6_NF_NAT="IP6_NF_NAT: needed for network commands"
+ERROR_IP6_NF_TARGET_MASQUERADE="IP6_NF_TARGET_MASQUERADE: needed for network commands"
+ERROR_IPV6="IPV6: needed for network commands"
+ERROR_IP_NF_NAT="IP_NF_NAT: needed for network commands"
+ERROR_IP_NF_TARGET_MASQUERADE="IP_NF_TARGET_MASQUERADE: needed for network commands"
+ERROR_MACVLAN="MACVLAN: needed for network commands"
+ERROR_NETFILTER_XT_MATCH_COMMENT="NETFILTER_XT_MATCH_COMMENT: needed for network commands"
+ERROR_NET_IPGRE="NET_IPGRE: needed for network commands"
+ERROR_NET_IPGRE_DEMUX="NET_IPGRE_DEMUX: needed for network commands"
+ERROR_NET_IPIP="NET_IPIP: needed for network commands"
+ERROR_NF_NAT_MASQUERADE_IPV4="NF_NAT_MASQUERADE_IPV4: needed for network commands"
+ERROR_NF_NAT_MASQUERADE_IPV6="NF_NAT_MASQUERADE_IPV6: needed for network commands"
+ERROR_VXLAN="VXLAN: needed for network commands"
+
+EGO_PN="github.com/lxc/lxd"
+
+src_prepare() {
+	eapply_user
+	eapply "${FILESDIR}/de-translation-newline-1.patch"
+	eapply "${FILESDIR}/ptbr-translation-newline.patch"
+
+	cd "${S}/dist/dqlite" || die "Can't cd to dqlite dir"
+	eautoreconf
+}
+
+src_configure() {
+	export GOPATH="${S}/dist"
+	cd "${GOPATH}/sqlite" || die "Can't cd to sqlite dir"
+	econf --enable-replication --disable-amalgamation --disable-tcl --libdir="${EPREFIX}/usr/lib/lxd"
+
+	cd "${GOPATH}/dqlite" || die "Can't cd to dqlite dir"
+	PKG_CONFIG_PATH="${GOPATH}/sqlite/" econf --libdir=${EPREFIX}/usr/lib/lxd
+}
+
+src_compile() {
+	export GOPATH="${S}/dist"
+
+	cd "${GOPATH}/sqlite" || die "Can't cd to sqlite dir"
+	emake
+
+	cd "${GOPATH}/dqlite" || die "Can't cd to dqlite dir"
+	emake CFLAGS="-I${GOPATH}/sqlite" LDFLAGS="-L${GOPATH}/sqlite"
+
+	# We don't use the Makefile here because it builds targets with the
+	# assumption that `pwd` is in a deep gopath namespace, which we're not.
+	# It's simpler to manually call "go install" than patching the Makefile.
+	cd "${S}"
+	go install -v -x ${EGO_PN}/lxc || die "Failed to build the client"
+
+	if use daemon; then
+
+		# LXD depends on a patched, bundled sqlite with replication
+		# capabilities.
+		export CGO_CFLAGS="-I${GOPATH}/sqlite/ -I${GOPATH}/dqlite/include/"
+		export CGO_LDFLAGS="-L${GOPATH}/sqlite/.libs/ -L${GOPATH}/dqlite/.libs/ -Wl,-rpath,${EPREFIX}/usr/lib/lxd"
+		export LD_LIBRARY_PATH="${GOPATH}/sqlite/.libs/:${GOPATH}/dqlite/.libs/"
+
+		go install -v -x -tags libsqlite3 ${EGO_PN}/lxd || die "Failed to build the daemon"
+	fi
+
+	if use tools; then
+		go install -v -x ${EGO_PN}/fuidshift || die "Failed to build fuidshift"
+		go install -v -x ${EGO_PN}/lxc-to-lxd || die "Failed to build lxc-to-lxd"
+		go install -v -x ${EGO_PN}/lxd-benchmark || die "Failed to build lxd-benchmark"
+		go install -v -x ${EGO_PN}/lxd-p2c || die "Failed to build lxd-p2c"
+	fi
+
+	use nls && emake build-mo
+}
+
+src_test() {
+	if use daemon; then
+		export GOPATH="${S}/dist"
+		# This is mostly a copy/paste from the Makefile's "check" rule, but
+		# patching the Makefile to work in a non "fully-qualified" go namespace
+		# was more complicated than this modest copy/paste.
+		# Also: sorry, for now a network connection is needed to run tests.
+		# Will properly bundle test dependencies later.
+		go get -v -x github.com/rogpeppe/godeps
+		go get -v -x github.com/remyoudompheng/go-misc/deadcode
+		go get -v -x github.com/golang/lint/golint
+		go test -v ${EGO_PN}/lxd
+	else
+		einfo "No tests to run for client-only builds"
+	fi
+}
+
+src_install() {
+	local bindir="dist/bin"
+	dobin ${bindir}/lxc
+	if use daemon; then
+
+		export GOPATH="${S}/dist"
+		cd "${GOPATH}/sqlite" || die "Can't cd to sqlite dir"
+		emake DESTDIR="${D}" install
+
+		cd "${GOPATH}/dqlite" || die "Can't cd to dqlite dir"
+		emake DESTDIR="${D}" install
+
+		# Must only install libs
+		rm "${D}/usr/bin/sqlite3" || die "Can't remove custom sqlite3 binary"
+		rm -r "${D}/usr/include" || die "Can't remove include directory"
+
+		cd "${S}" || die "Can't cd to \${S}"
+		dosbin ${bindir}/lxd
+	fi
+
+	if use tools; then
+		dobin ${bindir}/fuidshift
+		dobin ${bindir}/lxc-to-lxd
+		dobin ${bindir}/lxd-benchmark
+		dobin ${bindir}/lxd-p2c
+	fi
+
+	if use nls; then
+		domo po/*.mo
+	fi
+
+	if use daemon; then
+		newinitd "${FILESDIR}"/${PN}.initd lxd
+		newconfd "${FILESDIR}"/${PN}.confd lxd
+
+		systemd_newunit "${FILESDIR}"/${PN}.service ${PN}.service
+	fi
+
+	newbashcomp scripts/bash/lxd-client lxc
+
+	dodoc AUTHORS doc/*
+}
+
+pkg_postinst() {
+	elog
+	elog "Consult https://wiki.gentoo.org/wiki/LXD for more information,"
+	elog "including a Quick Start."
+
+	# The messaging below only applies to daemon installs
+	use daemon || return 0
+
+	# The control socket will be owned by (and writeable by) this group.
+	enewgroup lxd
+
+	# Ubuntu also defines an lxd user but it appears unused (the daemon
+	# must run as root)
+
+	elog
+	elog "Though not strictly required, some features are enabled at run-time"
+	elog "when the relevant helper programs are detected:"
+	elog "- sys-apps/apparmor"
+	elog "- sys-fs/btrfs-progs"
+	elog "- sys-fs/lvm2"
+	elog "- sys-fs/zfs"
+	elog "- sys-process/criu"
+	elog
+	elog "Since these features can't be disabled at build-time they are"
+	elog "not USE-conditional."
+	elog
+	elog "Be sure to add your local user to the lxd group."
+	elog
+	elog "Networks with bridge.mode=fan are unsupported due to requiring"
+	elog "a patched kernel and iproute2."
+}
+
+# TODO:
+# - man page, I don't see cobra generating it
+# - maybe implement LXD_CLUSTER_UPDATE per
+#     https://discuss.linuxcontainers.org/t/lxd-3-5-has-been-released/2656
+#     EM I'm not convinced it's a good design.
--- a/app-emulation/lxd/metadata.xml
+++ b/app-emulation/lxd/metadata.xml
@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+	<pkgmetadata>
+	<maintainer type="person">
+		<email>holgersson@posteo.de</email>
+		<name>Nils Freydank</name>
+	</maintainer>
+	<maintainer type="person">
+		<email>stasibear@gentoo.org</email>
+		<name>Erik Mackdanz</name>
+	</maintainer>
+	<maintainer type="person">
+		<email>vdupras@gentoo.org</email>
+		<name>Virgil Dupras</name>
+	</maintainer>
+	<maintainer type="project">
+		<email>virtualization@gentoo.org</email>
+		<name>Gentoo Virtualization Project</name>
+	</maintainer>
+	<longdescription>
+		By combining the speed and density of containers with
+		the security of traditional virtual machines, LXD is
+		the next-generation of container hypervisor for Linux
+		from Canonical.
+	</longdescription>
+	<upstream>
+		<remote-id type="github">lxc/lxd</remote-id>
+	</upstream>
+	<use>
+		<flag name="daemon">
+			Build the system daemon, not just the client tool
+		</flag>
+		<flag name="dnsmasq">
+			Depend on dnsmasq to provide DHCP and DNS
+		</flag>
+		<flag name="tools">
+			Build and install optional tools
+		</flag>
+	</use>
+</pkgmetadata>
--- a/profiles/use.local.desc
+++ b/profiles/use.local.desc
@ -0,0 +1,3 @@
+app-emulation/lxd:daemon - Build the system daemon, not just the client tool
+app-emulation/lxd:dnsmasq - Depend on dnsmasq to provide DHCP and DNS
+app-emulation/lxd:tools - Build and install optional tools