Browse Source

introduce libvirt packages to the install and a libvirt packer/vagrant build option for testing

add disk selection override to bypass interactive query

update gvm/golang version
Casey DeLorme 2 years ago
parent
commit
d59cf25674
9 changed files with 308 additions and 28 deletions
  1. 11 10
      arch.sh
  2. 18 0
      libvirt/Vagrantfile
  3. 82 0
      libvirt/packer.json
  4. 1 0
      libvirt/upload/.gitignore
  5. 168 0
      notes/libvirt.md
  6. 16 1
      readme.md
  7. 6 4
      setup/install.sh
  8. 6 12
      todo.md
  9. 0 1
      virtualbox/packer.json

+ 11 - 10
arch.sh

@@ -78,7 +78,7 @@ PACKAGES="${PACKAGES} nftables iptables dnsmasq rsync dhcpcd inetutils net-tools
 [ -d "/sys/class/net/${active_network_device}/wireless" ] && PACKAGES="${PACKAGES} connman wpa_supplicant iwd"
 [ -d "/sys/class/net/${active_network_device}/wireless" ] && PACKAGES="${PACKAGES} connman wpa_supplicant iwd"
 
 
 # programming packages
 # programming packages
-PACKAGES="${PACKAGES} pkgfile pkgconf bison gcc gcc-libs cmake ccache ncurses xmlstarlet jq git mercurial subversion bzr patchelf packer vagrant"
+PACKAGES="${PACKAGES} pkgfile pkgconf bison gcc gcc-libs cmake ccache ncurses xmlstarlet jq git mercurial subversion bzr patchelf packer vagrant libvirt qemu libguestfs virt-install edk2-ovmf"
 
 
 # multimedia dependencies
 # multimedia dependencies
 PACKAGES="${PACKAGES} mesa lib32-mesa dbus polkit giflib lib32-giflib mpg123 lib32-mpg123 v4l-utils lib32-v4l-utils lame libwebp libid3tag libvorbis vorbis-tools faac x264 x265 libpng12 lib32-libpng12 pulseaudio libpulse lib32-libpulse openal lib32-openal opencl-icd-loader lib32-opencl-icd-loader libva lib32-libva gst-plugins-base-libs lib32-gst-plugins-base-libs graphicsmagick imagemagick joyutils evtest libexif ffmpeg lxsession yt-dlp wine-staging winetricks fcitx5 fcitx5-mozc fcitx5-configtool fcitx5-gtk fcitx5-qt"
 PACKAGES="${PACKAGES} mesa lib32-mesa dbus polkit giflib lib32-giflib mpg123 lib32-mpg123 v4l-utils lib32-v4l-utils lame libwebp libid3tag libvorbis vorbis-tools faac x264 x265 libpng12 lib32-libpng12 pulseaudio libpulse lib32-libpulse openal lib32-openal opencl-icd-loader lib32-opencl-icd-loader libva lib32-libva gst-plugins-base-libs lib32-gst-plugins-base-libs graphicsmagick imagemagick joyutils evtest libexif ffmpeg lxsession yt-dlp wine-staging winetricks fcitx5 fcitx5-mozc fcitx5-configtool fcitx5-gtk fcitx5-qt"
@@ -96,7 +96,7 @@ PACKAGES="${PACKAGES} openbox gtk3 lib32-gtk3 feh hsetroot archlinux-xdg-menu pi
 PACKAGES="${PACKAGES} fontconfig ttf-bitstream-vera ttf-droid ttf-dejavu ttf-liberation ttf-hanazono ttf-font-awesome"
 PACKAGES="${PACKAGES} fontconfig ttf-bitstream-vera ttf-droid ttf-dejavu ttf-liberation ttf-hanazono ttf-font-awesome"
 
 
 # GUI software
 # GUI software
-PACKAGES="${PACKAGES} rxvt-unicode urxvt-perls virtualbox-host-dkms virtualbox xarchiver gparted psensor hardinfo steam discord mpv openshot gimp krita firefox obs-studio dia mednafen mame ppsspp lutris sublime-text evince viewnior"
+PACKAGES="${PACKAGES} rxvt-unicode urxvt-perls xarchiver gparted psensor hardinfo steam discord mpv openshot gimp krita firefox obs-studio dia mednafen mame ppsspp lutris sublime-text evince viewnior virt-manager virtualbox virtualbox-host-modules-arch"
 
 
 # conditional GPU packages
 # conditional GPU packages
 if [ $(lspci | grep -i "vga" | grep -ci "amd") -gt 0 ]; then
 if [ $(lspci | grep -i "vga" | grep -ci "amd") -gt 0 ]; then
@@ -216,7 +216,7 @@ if [[ -n "$username" && -n "$password" ]]; then
 	fi
 	fi
 
 
 	# add user to standard groups
 	# add user to standard groups
-	usermod -aG users,sudo,adm,input,audio,video,disk,storage,lp,vboxusers $username
+	usermod -aG users,sudo,adm,input,audio,video,disk,storage,lp,vboxuser $username
 
 
 	# generate postgres user and user database
 	# generate postgres user and user database
 	systemctl start postgresql
 	systemctl start postgresql
@@ -232,7 +232,7 @@ if [[ -n "$username" && -n "$password" ]]; then
 	# install gvm loading from ~/.bash_profile, and the latest go version
 	# install gvm loading from ~/.bash_profile, and the latest go version
 	su $username -c "if [ ! -d ~/.gvm ]; then GVM_NO_UPDATE_PROFILE=1 bash < <(curl -Ls https://raw.githubusercontent.com/moovweb/gvm/master/binscripts/gvm-installer 2> /dev/null); fi"
 	su $username -c "if [ ! -d ~/.gvm ]; then GVM_NO_UPDATE_PROFILE=1 bash < <(curl -Ls https://raw.githubusercontent.com/moovweb/gvm/master/binscripts/gvm-installer 2> /dev/null); fi"
 	su $username -c 'grep "gvm" ~/.bash_profile &> /dev/null || echo -e "\n# load gvm\n! which gvm &> /dev/null && . ~/.gvm/scripts/gvm" >> ~/.bash_profile'
 	su $username -c 'grep "gvm" ~/.bash_profile &> /dev/null || echo -e "\n# load gvm\n! which gvm &> /dev/null && . ~/.gvm/scripts/gvm" >> ~/.bash_profile'
-	su $username -c ". ~/.gvm/scripts/gvm && gvm install go1.17.3 -B && gvm use go1.17.3 --default"
+	su $username -c ". ~/.gvm/scripts/gvm && gvm install go1.17.6 -B && gvm use go1.17.6 --default"
 
 
 	# configure user-space transmission
 	# configure user-space transmission
 	if [ ! -f "/etc/systemd/system/transmission.service.d/local.conf" ]; then
 	if [ ! -f "/etc/systemd/system/transmission.service.d/local.conf" ]; then
@@ -249,16 +249,17 @@ ln -sf /usr/local/bin/disk-maintenance /etc/cron.weekly/disk-maintenance
 ln -sf /usr/bin/vim /usr/local/bin/vi
 ln -sf /usr/bin/vim /usr/local/bin/vi
 
 
 # enable services for next reboot
 # enable services for next reboot
+which connman &> /dev/null && systemctl enable connman
+which acpid &> /dev/null && systemctl enable acpid
+which tlp &> /dev/null && systemctl enable tlp
+systemctl enable postgresql
+systemctl enable bluetooth
 systemctl enable nftables
 systemctl enable nftables
+systemctl enable libvirtd
 systemctl enable dnsmasq
 systemctl enable dnsmasq
+systemctl enable cronie
 systemctl enable ntpd
 systemctl enable ntpd
 systemctl enable sshd
 systemctl enable sshd
-systemctl enable bluetooth
-systemctl enable postgresql
-systemctl enable cronie
-which tlp &> /dev/null && systemctl enable tlp
-which connman &> /dev/null && systemctl enable connman
-which acpid &> /dev/null && systemctl enable acpid
 
 
 # attempt to enable dhcp on active network devices on reboot
 # attempt to enable dhcp on active network devices on reboot
 export active_network_device=$(ip addr | awk '/state UP/ {print $2}' | sed 's/.$//')
 export active_network_device=$(ip addr | awk '/state UP/ {print $2}' | sed 's/.$//')

+ 18 - 0
libvirt/Vagrantfile

@@ -0,0 +1,18 @@
+ENV['VAGRANT_DEFAULT_PROVIDER'] = 'libvirt'
+
+Vagrant.configure("2") do |config|
+	config.vm.box_url = 'file://' + File.dirname(__FILE__) + '/dist/arch-desktop.box'
+	config.vm.box = 'arch-desktop'
+	config.vm.boot_timeout = 1
+	config.vm.graceful_halt_timeout = 1
+	config.vm.synced_folder '.', '/vagrant', disabled: true
+	config.ssh.insert_key = false
+
+	config.vm.provider :libvirt do |v|
+		v.memory = 2048
+		v.cpus = 2
+		v.driver = "kvm"
+		v.machine_arch = 'x86_64'
+		v.loader = '/usr/share/ovmf/x64/OVMF.fd'
+	end
+end

+ 82 - 0
libvirt/packer.json

@@ -0,0 +1,82 @@
+{
+	"variables": {
+        "iso_url": "https://mirrors.kernel.org/archlinux/iso/{{isotime \"2006.01\"}}.01/archlinux-{{isotime \"2006.01\"}}.01-x86_64.iso",
+        "iso_checksum_url": "https://mirrors.kernel.org/archlinux/iso/{{isotime \"2006.01\"}}.01/sha1sums.txt",
+		"efi_bios": "/usr/share/ovmf/x64/OVMF.fd",
+		"root_password": "arch",
+		"username": "vagrant",
+		"password": "vagrant"
+	},
+	"builders": [
+		{
+			"headless": true,
+			"type": "qemu",
+			"iso_url": "{{ user `iso_url` }}",
+      		"iso_checksum": "file:{{ user `iso_checksum_url` }}",
+			"vm_name": "arch-desktop",
+			"format": "qcow2",
+			"accelerator": "kvm",
+			"output_directory": "dist/arch-desktop",
+			"firmware": "{{ user `efi_bios` }}",
+			"memory": 1024,
+			"disk_size": "20G",
+			"disk_interface": "virtio",
+			"net_device": "virtio-net",
+			"ssh_username": "root",
+			"ssh_password": "{{user `root_password`}}",
+			"ssh_timeout": "20m",
+			"shutdown_command": "systemctl poweroff",
+			"boot_wait": "5s",
+			"boot_command": [
+				"<enter><wait60s>",
+				"printf \"{{user `root_password`}}\\n{{user `root_password`}}\\n\" | passwd<enter>",
+				"systemctl is-active --quiet sshd.service || systemctl start sshd.service<enter>"
+			]
+		}
+	],
+	"provisioners": [
+		{
+			"type": "shell-local",
+			"command": "rm -rf upload/arch-desktop.tar && tar cf upload/arch-desktop.tar ../install ../arch.sh ../setup"
+		},
+		{
+			"type": "file",
+			"source": "upload",
+			"destination": "upload"
+		},
+		{
+			"type": "shell",
+			"inline": [
+				"mv upload/arch-desktop.tar .",
+				"tar xf arch-desktop.tar",
+				"rm -rf upload",
+				"rm arch-desktop.tar"
+			]
+		},
+		{
+			"type": "shell-local",
+			"command": "rm -rf upload/arch-desktop.tar"
+		},
+		{
+			"type": "shell",
+			"skip_clean": true,
+			"environment_vars": [
+				"DEBUG=y",
+				"enable_hibernation=y",
+				"hostname=vagrant",
+				"disk=vda",
+				"root_password={{user `root_password`}}",
+				"username={{user `username`}}",
+				"password={{user `password`}}"
+			],
+			"script": "../setup/install.sh"
+		}
+	],
+	"post-processors": [
+		{
+			"type": "vagrant",
+			"compression_level": 9,
+			"output": "dist/arch-desktop.box"
+		}
+	]
+}

+ 1 - 0
libvirt/upload/.gitignore

@@ -0,0 +1 @@
+arch-desktop.tar

+ 168 - 0
notes/libvirt.md

@@ -0,0 +1,168 @@
+
+# libvirt
+
+I would rather not be beholden to Oracle so one of my goals is to transition away from `virtualbox` and towards the messy combination of `libvirt`, `kvm`, `qemu`, and ovmf uefi (eg. `edk2-ovmf`).
+
+A first-attempt went fairly well, but in addition to adding four separate packages to replace two, it also seems to introduce platform-dependent paths and extra plugins required per-tool.  _These are just the expenses of using open sourced code without first-party integration support._
+
+In addition to lacking integration support, it also lacks decent documentation as you'll be scouring dozens of sources and praying what you are reading is up to date.
+
+
+## packages
+
+You'll need all of these packages:
+
+- libvirt
+- qemu
+- libguestfs
+- virt-install
+- edk2-ovmf
+
+_The `edk2-ovmf` will install a UEFI disk image to `/usr/share/ovmf/x64/OVMF.fd`, and both the package and path may vary depending on which linux distribution you are using._
+
+
+## vagrant
+
+For vagrant to work you will need to add a plugin:
+
+	vagrant plugin install vagrant-libvirt
+
+_After this it will be able to communicate with qemu/kvm._
+
+A `Vagrantfile` may look like this:
+
+	ENV['VAGRANT_DEFAULT_PROVIDER'] = 'libvirt'
+
+	Vagrant.configure("2") do |config|
+		config.vm.box_url = 'file://' + File.dirname(__FILE__) + '/dist/arch-desktop.box'
+		config.vm.box = 'arch-desktop'
+		config.vm.boot_timeout = 1
+		config.vm.graceful_halt_timeout = 1
+		config.vm.synced_folder '.', '/vagrant', disabled: true
+		config.ssh.insert_key = false
+
+		config.vm.provider :libvirt do |v|
+			v.memory = 2048
+			v.cpus = 2
+			v.driver = "kvm"
+			v.machine_arch = 'x86_64'
+			v.loader = '/usr/share/ovmf/x64/OVMF.fd'
+		end
+	end
+
+
+## libvirt
+
+Libvirt needs to run as a service:
+
+	systemctl enable libvirtd.service
+
+_This service requires some control of the network and so you'll have to ensure your network utility does not have a dnsproxy._
+
+For example if using `connman` then you need to add `/etc/systemd/system/connman.service.d/disable_dns_proxy.conf` with:
+
+	[Service]
+	ExecStart=
+	ExecStart=/usr/bin/connmand -n --nodnsproxy
+
+Finally, you need to create a polkit policy at `/etc/polkit-1/rules.d/50-libvirt.rules` for users to operate it:
+
+	polkit.addRule(function(action, subject) {
+	    if (action.id == "org.libvirt.unix.manage" &&
+	        subject.isInGroup("sudo")) {
+	            return polkit.Result.YES;
+	    }
+	});
+
+_This example allows only users with `sudo` group access to do so, but you could use looser restrictions._
+
+
+## packer
+
+While packer does work without much effort, it does require you to point to the host path of OVMF:
+
+	{
+		"variables": {
+			"iso_url": "https://mirrors.kernel.org/archlinux/iso/{{isotime \"2006.01\"}}.01/archlinux-{{isotime \"2006.01\"}}.01-x86_64.iso",
+			"iso_checksum_url": "https://mirrors.kernel.org/archlinux/iso/{{isotime \"2006.01\"}}.01/sha1sums.txt",
+			"efi_bios": "/usr/share/ovmf/x64/OVMF.fd",
+			"root_password": "arch",
+			"username": "vagrant",
+			"password": "vagrant"
+		},
+		"builders": [
+			{
+				"headless": true,
+				"type": "qemu",
+				"iso_url": "{{ user `iso_url` }}",
+	      		"iso_checksum": "file:{{ user `iso_checksum_url` }}",
+				"vm_name": "arch-desktop",
+				"format": "qcow2",
+				"accelerator": "kvm",
+				"output_directory": "dist/arch-desktop",
+				"firmware": "{{ user `efi_bios` }}",
+				"memory": 1024,
+				"disk_size": "20G",
+				"disk_interface": "virtio",
+				"net_device": "virtio-net",
+				"ssh_username": "root",
+				"ssh_password": "{{user `root_password`}}",
+				"ssh_timeout": "20m",
+				"shutdown_command": "systemctl poweroff",
+				"boot_wait": "5s",
+				"boot_command": [
+					"<enter><wait90s>",
+					"printf \"{{user `root_password`}}\\n{{user `root_password`}}\\n\" | passwd<enter>",
+					"systemctl start sshd.service<enter>"
+				]
+			}
+		],
+		"provisioners": [
+			{
+				"type": "file",
+				"source": "arch.sh",
+				"destination": "arch.sh"
+			},
+			{
+				"type": "file",
+				"source": "install",
+				"destination": "install"
+			},
+			{
+				"type": "shell",
+				"skip_clean": true,
+				"expect_disconnect": true,
+				"environment_vars": [
+					"DEBUG=y",
+					"enable_hibernation=y",
+					"disk=vda",
+					"root_password={{user `root_password`}}",
+					"username={{user `username`}}",
+					"password={{user `password`}}"
+				],
+				"script": "setup/install.sh"
+			}
+		],
+		"post-processors": [
+			{
+				"type": "vagrant",
+				"compression_level": 9,
+				"output": "dist/arch-desktop.img"
+			}
+		]
+	}
+
+
+## conclusion
+
+It works, but it's not as simple nor well integrated.
+
+To begin with you need 4-6 packages to get things working.  Whether this is better or worse than a single monolithic package is debatable, but more packages means more complexity in terms of knowing what you need to get started.
+
+With regards to packer support, it works relatively well actually.  The few problems I ran into were related to disk names based on the types of disk drivers specified.
+
+With vagrant you need to install an extra plugin.  Further, I have been unable to get vagrant to launch a GUI regardless of the `graphics_type` or `video_type` used.
+
+It also requires significantly more work to clear when testing a new build.  Apparently vagrant box is not linked to virsh (eg. libvirt cli) storage, so you have to delete the image in root storage using `virsh` or `virt-manager`, and while it is possible to establish userspace storage that's even more undocumented complexity that I haven't had time to get working.
+
+Overall, it's nice to have a purely open sourced build option, but it's way more complicated with less documentation and fewer integrations.

+ 16 - 1
readme.md

@@ -25,12 +25,27 @@ You can build locally using [`packer`](https://www.vagrantup.com/), and [`vagran
 
 
 _The image produced will take up over 5GB, and any time you rebuild you may need to run `vagrant box remove arch-desktop` to ensure it updates the image._
 _The image produced will take up over 5GB, and any time you rebuild you may need to run `vagrant box remove arch-desktop` to ensure it updates the image._
 
 
-The first supported VM system is [`virtualbox`](https://www.virtualbox.org/), and can be tested like this:
+The first supported VM system is [`virtualbox`](virtualbox/), and can be built like this:
 
 
 	cd virtualbox
 	cd virtualbox
 	packer build packer.json
 	packer build packer.json
 	vagrant up
 	vagrant up
 
 
+The second supported system is [`libvirt`](libvirt/), and can be built like this:
+
+	cd libvirt
+	packer build packer.json
+	vagrant plugin install vagrant-libvirt
+	vagrant up
+
+_This assumes you have `libvirt`, `kvm`, `qemu`, `virt-install`, and `edk2-ovmf` packages installed and running on your host._
+
+_If you encounter issues with temporary directory space during post-processing you may need to set `TMPDIR` to a path on your main disk._
+
+When using `libvirt` with vagrant, you will want to launch `virt-manager` to open the graphical interface (_no combination of `graphics_type` or `video_type` seemed to launch a GUI and instead just crashed with errors_).
+
+Additionally, when testing a fresh build you may need to use `virt-manager` to delete the former `arch-desktop` image from the storage pool in addition to removing it from vagrant (eg. `vagrant box remove arch-desktop libvirt`), since `vagrant box` does not appear to be connected.
+
 
 
 ## usage
 ## usage
 
 

+ 6 - 4
setup/install.sh

@@ -40,10 +40,12 @@ timedatectl set-ntp true
 timedatectl status
 timedatectl status
 
 
 # if more than one disk exists ask which to use:
 # if more than one disk exists ask which to use:
-export disk=$(lsblk -l | grep disk | awk '{if (!$7) print $1;}')
-if [ $(echo "$disk" | wc -l) -gt 1 ]; then
-	echo -e "multiple disks found:\n$disk"
-	read -p "please enter the name of the disk you want to use: " disk
+if [ -z "$disk" ]; then
+	export disk=$(lsblk -l | grep disk | awk '{if (!$7) print $1;}')
+	if [ $(echo "$disk" | wc -l) -gt 1 ]; then
+		echo -e "multiple disks found:\n$disk"
+		read -p "please enter the name of the disk you want to use: " disk
+	fi
 fi
 fi
 
 
 # make sure the disk exists or terminate
 # make sure the disk exists or terminate

+ 6 - 12
todo.md

@@ -1,26 +1,20 @@
 
 
 # todo
 # todo
 
 
-Major working update plus plans for big changes.
+Transitioning to Sway/Wayland for desktop environment.
 
 
+_Expect iterative changes over the following months while fine-tuning happens on real hardware._
 
 
-## libvirt
 
 
-Create a `libvirt` branch to test this setup process!
-
-Create `libvirt/` and write up the libvirt/kvm/qemu/ovmf-uefi implementation again!
-
-Copy the files back to my laptop to test it there, since I already have libvirt setup.
-
-I'll need to get back to a working state with the packer.json and Vagrantfile for libvirt as well, thankfully I kept the branch and diffs!
+## sway
 
 
-https://bbs.archlinux.org/viewtopic.php?id=238615
+Create a `sway` branch to test building a minimal install with a brand new window manager and removing xorg packages!
 
 
+Disable all GUI packages to build a "minimal" install.
 
 
+We'll take that image and triple check package dependency chains for sway and applications to run on it
 
 
-## sway
 
 
-Create a `sway` branch to test building a minimal install with a brand new window manager and removing xorg packages!
 
 
 This will likely require significant refinement, as I'll need to test configurations on real hardware to validate multi-monitor behavior.
 This will likely require significant refinement, as I'll need to test configurations on real hardware to validate multi-monitor behavior.
 
 

+ 0 - 1
virtualbox/packer.json

@@ -61,7 +61,6 @@
 		{
 		{
 			"type": "shell",
 			"type": "shell",
 			"skip_clean": true,
 			"skip_clean": true,
-			"expect_disconnect": true,
 			"environment_vars": [
 			"environment_vars": [
 				"DEBUG=y",
 				"DEBUG=y",
 				"enable_hibernation=y",
 				"enable_hibernation=y",