Poudriere in a jail: Difference between revisions

From TykWiki
Jump to navigationJump to search
No edit summary
No edit summary
 
Line 53: Line 53:
<pre>
<pre>
sudo poudriere jail -c -j freebsd_10_3_amd64 -v 10.3-RELEASE
sudo poudriere jail -c -j freebsd_10_3_amd64 -v 10.3-RELEASE
</pre>
* Create (one or more) ports tree. I name the default tree "default" and if I want to experiment with, say, one of the quarterly ports trees, I'd name it as such.
<pre>
sudo poudriere ports -c -p default
</pre>
</pre>

Latest revision as of 13:49, 3 August 2016

  • Create a normal ezjail
  • Create a ZFS dataset for the jail
$ sudo zfs create -o jailed=on tyktank/poudriere
  • Change settings in ezjail config
export jail_poudriere_tyknet_dk_zfs_datasets="tyktank/poudriere"
export jail_poudriere_tyknet_dk_parameters="children.max=100 allow.mount allow.mount.tmpfs allow.mount.devfs allow.mount.procfs allow.mount.zfs allow.mount.nullfs allow.raw_sockets allow.socket_af allow.sysvipc allow.chflags enforce_statfs=1 ip6=inherit ip4=inherit"
  • Add needed kld modules to rc.conf (and load them manually)
kld_list="zfs aesni geom_mirror tmpfs linux linprocfs nullfs procfs fdescfs"
  • Install needed ports
$ sudo portmaster www/nginx ports-mgmt/poudriere
  • Create key and cert for signing packages
$ sudo mkdir -p /usr/local/etc/ssl/{keys,certs}
$ sudo chmod 0600 /usr/local/etc/ssl/keys
$ sudo openssl genrsa -out /usr/local/etc/ssl/keys/poudriere.key 4096
$ sudo openssl rsa -in /usr/local/etc/ssl/keys/poudriere.key -pubout -out /usr/local/etc/ssl/certs/poudriere.crt
  • Create /usr/local/etc/poudriere.conf with the following contents:
ZPOOL=tyktank
ZROOTFS=/poudriere
FREEBSD_HOST=ftp://ftp.dk.freebsd.org
RESOLV_CONF=/etc/resolv.conf
BASEFS=/usr/local/poudriere
USE_PORTLINT=no
USE_TMPFS=yes
DISTFILES_CACHE=/usr/ports/distfiles
PKG_REPO_SIGNING_KEY=/usr/local/etc/pki/poudriere/poudriere.key
NOLINUX=yes
BUILDER_HOSTNAME=poudriere.tyknet.dk

# https://gist.github.com/gynter/86ed7a6cae20927d6ef0
USE_MASTERMNT_HASH=yes
  • The last line is not a default setting but one that is neccesary due to path length restrictions combined with jails. To make it work apply the patch in the link above.
  • Create one or more jails for the versions you need to build for
sudo poudriere jail -c -j freebsd_10_3_amd64 -v 10.3-RELEASE
  • Create (one or more) ports tree. I name the default tree "default" and if I want to experiment with, say, one of the quarterly ports trees, I'd name it as such.
sudo poudriere ports -c -p default