Initial commit

build.sh

@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+arch=x86_64
+arch_dash=`echo $arch | tr _ -`
+ver=17.01.4
+image=openwrt
+name=openwrt
+
+generic_rootfs=lede-${ver}-${arch_dash}-generic-rootfs.tar.gz
+lxc_rootfs=lede-${ver}-${arch_dash}-lxc-rootfs.tar.gz
+
+build_rootfs() {
+	fakeroot ./build_rootfs.sh $generic_rootfs $lxc_rootfs
+}
+
+build_metadata() {
+	stat=`stat -c %Y $lxc_rootfs`
+	date=`date -R -d "@${stat}"`
+
+	cat > metadata.yaml <<EOF
+architecture: "$arch"
+creation_date: $(date +%s)
+properties:
+ architecture: "$arch"
+ description: "OpenWrt $ver $arch ($date)"
+ os: "OpenWrt"
+ release: "$ver"
+templates:
+EOF
+}
+
+build_image() {
+	tar czf metadata.tar.gz metadata.yaml
+	lxc image import metadata.tar.gz $lxc_rootfs --alias $image
+}
+
+build_rootfs
+build_metadata
+build_image
+
+echo \# start
+echo lxc launch --config "raw.lxc=lxc.aa_profile=lxc-container-default-without-dev-mounting" --profile openwrt $image $name
+#lxc config
+echo \# set root password
+echo lxc exec $name passwd root
+#echo 'echo "148.251.78.235 downloads.openwrt.org"

build_rootfs.sh

@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+if [ $# -ne 2 ]; then
+	echo "Usage: $0 <src tar> <dst file>"
+	exit 1
+fi
+
+src_tar=$1
+dst_file=$2
+base=`basename $src_tar`
+dir=/tmp/build.$$
+export IPKG_INSTROOT=$dir
+
+unpack() {
+	mkdir $dir
+	cat $src_tar | (cd $dir && tar -xz)
+}
+
+pack() {
+	echo Pack rootfs
+	(cd $dir && tar -cz *) > $dst_file
+}
+
+pack_squashfs() {
+	echo Pack rootfs squashfs
+	mksquashfs $dir $dst_file
+}
+
+add_files() {
+	for f in $(cd files && find); do
+		src=files/$f
+		dst=$dir/$f
+		if test -d $src; then
+			test -d $dst || mkdir $dst
+		elif test -f $src; then
+			cp $src $dst
+			foo=$(dirname $f)
+			if [ "$foo" = "./etc/init.d" ]; then
+				echo Enabling $f
+				set +e
+				sh $dir/etc/rc.common $src enable
+				set -e
+			fi
+		fi
+	done
+}
+
+unpack
+add_files
+#pack
+pack_squashfs

files/etc/init.d/container_init

@@ -0,0 +1,47 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2018 Mikael Magnusson
+
+START=15
+
+log_output() {
+	logger -t container_init "$@"
+}
+
+boot() {
+	# Only execute for lxc containers
+	if [ "$container" != "lxc" ]; then
+		exit 0
+	fi
+
+	local disable_ipv6="$(uci_get firewall @defaults[0] disable_ipv6 false)"
+	case "$disable_ipv6" in
+		'0'|'no'|'off'|'false'|'disabled') disable_ipv6=false ;;
+		'1'|'yes'|'on'|'true'|'enabled') disable_ipv6=true ;;
+	esac
+
+	tables='filter nat mangle raw'
+	res=0
+	for table in $tables; do
+		iptables -n -t $table -L >/dev/null 2>/dev/null 
+		if ! grep $table /proc/net/ip_tables_names >/dev/null; then
+			log_output -p daemon.crit "ip $table load failed"
+			res=1
+		fi
+
+		if [ "$disable_ipv6" = "false" ]; then
+			ip6tables -n -t $table -L >/dev/null 2>/dev/null
+			if ! grep $table /proc/net/ip6_tables_names >/dev/null; then
+				log_output -p daemon.crit "ip6 $table load failed"
+				res=1
+			fi
+		fi
+	done
+	if [ "$res" == "0" ]; then
+		if [ "$disable_ipv6" = "false" ]; then
+			log_output -p daemon.info "ip and ip6 tables loaded successfully"
+		else
+			log_output -p daemon.info "ip tables loaded successfully"
+		fi
+	fi
+	exit $res
+}