README.md 2.46 KB
Newer Older
mh's avatar
mh committed
1 2 3 4 5 6 7
# Base images

Base images are minimal container images built from distribution packages,
which can be verified using the RPM signatures.

They are the base for all our other images.

mh's avatar
mh committed
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
## Using

### sendmail

Our base images ship with a `/usr/sbin/sendmail` binary that is intended to
forward emails submitted via stdin to a relay host using (authenticated) SMTP.

It expects a json file at `/etc/sendmail.json` with for example:

```json
{
  "smtp_server": "smtp.example.com:587",
  "smtp_user": "userone",
  "smtp_pass": "pwd"
}
```

It can be configured by setting the following ENV variable: `SENDMAIL_CONFIG`.

See [upstream](https://git.autistici.org/ai3/tools/sendmail-go) for background.

mh's avatar
mh committed
29 30 31
## Building

Builds are done using buildah and should be running as an unprivileged user.
mh's avatar
mh committed
32 33 34

## Bootstrapping

tr's avatar
tr committed
35 36 37 38
To get our base image started, so we can later use it to build newer versions
of our image using the supplied `{centos,fedora}/build.sh` script, we can use
a container from the different projects. These commands will dump a tar file
of the built config that can then be pushed to a registry.
mh's avatar
mh committed
39

mh's avatar
mh committed
40 41
Additionally, you want to rebootstrap the buildah image.

tr's avatar
tr committed
42
### Fedora
mh's avatar
mh committed
43

44
```Bash
mh's avatar
mh committed
45
$ podman run -it -v $(pwd)/fedora:/data:Z fedora:34 bash -c ' \
mh's avatar
mh committed
46
     dnf install -y buildah podman findutils \
47 48
  && cd /data \
  && export STORAGE_DRIVER=vfs \
mh's avatar
mh committed
49 50
  && buildah unshare ./buildah-script.sh 34 00 123 \
  && buildah push "fedora:34.00.123" "docker-archive:/data/fedora-33.00.tar:34.00.123"'
mh's avatar
mh committed
51 52
```

tr's avatar
tr committed
53
### CentOS
mh's avatar
mh committed
54

mh's avatar
mh committed
55 56 57 58 59 60 61 62 63 64 65 66 67 68 69
#### 8

```bash
podman run  -it -v $(pwd)/centos:/data:Z centos:8 bash -c '
     cp /data/glei.repo /etc/yum.repos.d/ \
  && cp /data/RPM-GPG-KEY-glei /etc/pki/rpm-gpg/RPM-GPG-KEY-glei \
  && yum install -y buildah podman \
  && cd /data \
  && export STORAGE_DRIVER=vfs \
  && buildah unshare ./buildah-script.sh 8 00 123 \
&& buildah push "localhost/centos:8.00.123" docker-archive:/data/centos-8.00.tar:8.00.123'
```

#### 7

70
```Bash
mh's avatar
mh committed
71
$ podman run -it -v $(pwd)/centos:/data:Z registry.centos.org/centos/centos:7 bash -c '
mh's avatar
mh committed
72 73 74 75
     cp /data/glei.repo /etc/yum.repos.d/ \
  && cp /data/RPM-GPG-KEY-glei /etc/pki/rpm-gpg/RPM-GPG-KEY-glei \
  && yum install -y buildah podman \
  && cd /data \
76
  && export STORAGE_DRIVER=vfs \
mh's avatar
mh committed
77 78 79
  && buildah unshare ./buildah-script.sh 7 00 123 \
  && buildah push "localhost/centos:7.00.123" docker-archive:/data/centos-7.00.tar:7.00.123'
```
qua's avatar
qua committed
80 81 82 83 84


### Quirks

* While the package `tzdata` is installed, most of the time-zone data has been deleted to save space. If you need them, reinstall the package.