Browse Source

Use mmdebstrap instead of debootstrap

So we also install security updates. And now we don't need sudo to do
the debootstrap.
master
meskio 1 year ago
parent
commit
829ac0f2ea
Signed by: meskio
GPG Key ID: 52B8F5AC97A2DA86
  1. 7
      base_image.run
  2. 10
      playbook.yml

7
base_image.run

@ -1,16 +1,11 @@
#!/bin/bash -x
ROOTPATH="rootfs"
PATH=$PATH:/usr/sbin
image="debian"
sudo debootstrap --variant=minbase stable ${ROOTPATH}
sudo tar -c -C ${ROOTPATH} . | docker import -c 'CMD ["bash"]' - ${image}
mmdebstrap --variant=minbase stable - | docker import -c 'CMD ["bash"]' - ${image}
docker tag ${image} {{ registry_domain }}/${image}
docker tag ${image} {{ registry }}/${image}
docker push {{ registry }}/${image}
sudo rm -rf ${ROOTPATH}
update_images ${image}

10
playbook.yml

@ -46,8 +46,7 @@
- docker.io
- docker-registry
- nginx
- sudo
- debootstrap
- mmdebstrap
- jq
state: latest
@ -102,13 +101,6 @@
- delete keyring
- import openpgp keys
- name: give laminar sudo rights
# FIXME: will be nice to give more granular access
lineinfile:
dest: /etc/sudoers
regexp: '^laminar '
line: 'laminar ALL=(ALL) NOPASSWD: ALL'
- name: create the repos folder for laminar jobs
file:
path: "{{ laminar_home }}/repos"

Loading…
Cancel
Save