Initial commit

2026-01-15 14:58:31 -06:00 · 2022-06-19 21:31:48 +02:00
commit cbe7fd719f
14 changed files with 1905 additions and 0 deletions
--- a/build/Dockerfile
+++ b/build/Dockerfile
@@ -0,0 +1,9 @@
+FROM lamw/vibauthor
+
+# Copy all files to the container
+COPY . letsencrypt-esxi
+
+# Run VIB build script
+RUN /bin/bash letsencrypt-esxi/build/create_vib.sh
+
+CMD ["/bin/bash"]
--- a/build/README.md
+++ b/build/README.md
@@ -0,0 +1,88 @@
+# Build w2c-letsencrypt-esxi VIB & Offline Bundle
+
+The `build.sh` bash script includes the commands needed to generate the VIB and Offline Bundle files. It relies on the [lamw/vibauthor](https://hub.docker.com/r/lamw/vibauthor/) Docker container and uses the files in this repository.
+
+After copying all files to the container, `create_vib.sh` runs in the container to actually build the ESXi bundle.
+
+Here is a sample output of the script:
+
+```bash
+/bin/bash ./build.sh
+
+Untagged: letsencrypt-esxi:latest
+Deleted: sha256:3009ff3662db9c3b60157bc0fff1a0c936ec6e301103c5efc50eca113c744b5f
+Deleted: sha256:daff819de772ed33d7de07701d8235453872365586a49c503f5194555424cda1
+Deleted: sha256:e0f946d4136a08d7d87bbce58af17226b019cbd97f3fec018861f155ded84257
+Sending build context to Docker daemon  1.261MB
+Step 1/4 : FROM lamw/vibauthor
+ ---> a673ffe4ba43
+Step 2/4 : COPY . letsencrypt-esxi
+ ---> 6197d7c06029
+Step 3/4 : RUN /bin/bash letsencrypt-esxi/build/create_vib.sh
+ ---> Running in 3f6f149cfed4
+WARNING: extensibility rules check failed, but was ignored because of --force.
+VIB (web-wack-creations_bootbank_w2c-letsencrypt-esxi_1.0.0-0.0.0) failed a check of extensibility rules for acceptance level 'community': [u'(line 23: col 0) Element vib failed to validate content'].
+Successfully created w2c-letsencrypt-esxi.vib.
+Successfully created w2c-letsencrypt-esxi-offline-bundle.zip.
+**** Info for VIB: w2c-letsencrypt-esxi.vib ****
+VIB Format:             2.0.0
+VIB ID:                 web-wack-creations_bootbank_w2c-letsencrypt-esxi_1.0.0-0.0.0
+VIB Type:               bootbank
+Name:                   w2c-letsencrypt-esxi
+Version:                1.0.0-0.0.0
+Vendor:                 web-wack-creations
+Summary:                [Fling] Let's Encrypt for ESXi
+Description:            Let's Encrypt for ESXi
+Creation Date:          2022-05-29 15:03:02+00:00
+Provides:
+        w2c-letsencrypt-esxi = 1.0.0-0.0.0
+Depends:
+Conflicts:
+Replaces:
+        w2c-letsencrypt-esxi << 1.0.0-0.0.0
+Software Tags:          []
+MaintenanceMode:        remove/update: False, installation: False
+Signed:                 False
+AcceptanceLevel:        community
+LiveInstallAllowed:     True
+LiveRemoveAllowed:      True
+CimomRestart:           False
+StatelessReady:         True
+Overlay:                False
+Payloads:
+  Name            Type        Boot Size        Checksums
+  payload1        vgz         0    26555       sha-256 5df898d1217a9167e2e9f7d8e8d2e2a21bcd1acad0f7b74fa9d793c85e728bf3
+                                               sha-1 76834e1ea72f6e306d10a411eccc777faa2e8ddf
+Removing intermediate container 3f6f149cfed4
+ ---> f2f14c706557
+Step 4/4 : CMD ["/bin/bash"]
+ ---> Running in fc567d964e69
+Removing intermediate container fc567d964e69
+ ---> 5c3b069e2f7a
+Successfully built 5c3b069e2f7a
+Successfully tagged letsencrypt-esxi:latest
+```
+
+Upon success, there should be a new directory named `artifacts` which contains the resulting VIB and Offline Bundle files.
+
+```bash
+ls -l ../artifacts
+
+-rw-r--r-- 1 root root 30K May 29 15:04 w2c-letsencrypt-esxi-offline-bundle.zip
+-rw-r--r-- 1 root root 28K May 29 15:04 w2c-letsencrypt-esxi.vib
+```
+
+## Possible Pitfalls
+
+As the [lamw/vibauthor](https://hub.docker.com/r/lamw/vibauthor/) container builds on CentOS 6, Docker requires a specific `vsyscall` setting to be set in the kernel of the host system that might no longer be the case if a more recent Linux kernel is used. E.g., on a recent version of Debian, running the container will result in a SegFault due to [bug 852620](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852620). If you encounter this problem, it can be [fixed](https://salsa.debian.org/kernel-team/linux/commit/74f87b226a1267b837d98a5d46824f9b5629962e) by setting `vsyscall=emulate`:
+
+`vi /etc/default/grub`
+
+```bash
+GRUB_CMDLINE_LINUX_DEFAULT="quiet vsyscall=emulate"
+```
+
+```bash
+update-grub
+reboot
+```
--- a/build/build.sh
+++ b/build/build.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+#
+# Copyright (c) Johannes Feichtner <johannes@web-wack.at>
+#
+# Script to build letsencrypt-esxi VIB using VIB Author
+
+LOCALDIR=$(dirname "$(readlink -f "$0")")
+cd "${LOCALDIR}/.." || exit
+
+docker rmi -f letsencrypt-esxi 2> /dev/null
+rm -rf artifacts
+docker build -t letsencrypt-esxi -f build/Dockerfile .
+docker run -i -v "${PWD}"/artifacts:/artifacts letsencrypt-esxi sh << COMMANDS
+cp letsencrypt-esxi/build/w2c-letsencrypt-esxi* /artifacts
+COMMANDS
--- a/build/create_vib.sh
+++ b/build/create_vib.sh
@@ -0,0 +1,95 @@
+#!/bin/bash
+#
+# Copyright (c) Johannes Feichtner <johannes@web-wack.at>
+#
+# Script to build letsencrypt-esxi VIB using VIB Author
+
+LOCALDIR=$(dirname "$(readlink -f "$0")")
+TEMP_DIR=/tmp/letsencrypt-esxi-$$
+
+# Ensure prerequisites are installed
+git version > /dev/null 2>&1
+if [ $? -eq 1 ]; then
+  echo "git not installed, exiting..."
+  exit 1
+fi
+
+vibauthor --version > /dev/null 2>&1
+if [ $? -eq 1 ]; then
+  echo "vibauthor not installed, exiting .."
+  exit 1
+fi
+
+# Define VIB metadata
+cd "${LOCALDIR}" || exit
+
+VIB_DATE=$(date --date="$(git log -n1 --format="%cd" --date="iso")" '+%Y-%m-%dT%H:%I:%S')
+VIB_TAG=$(git describe --tags --abbrev=0 --match '[0-9]*.[0-9]*.[0-9]*' 2> /dev/null || echo 0.0.1)
+
+# Setting up VIB spec confs
+VIB_DESC_FILE=${TEMP_DIR}/descriptor.xml
+VIB_PAYLOAD_DIR=${TEMP_DIR}/payloads/payload1
+
+# Create letsencrypt-esxi temp dir
+mkdir -p ${TEMP_DIR}
+# Create VIB spec payload directory
+mkdir -p ${VIB_PAYLOAD_DIR}
+
+# Create letsencrypt-esxi VIB descriptor.xml
+cat > ${VIB_DESC_FILE} << __W2C__
+<vib version="5.0">
+  <type>bootbank</type>
+  <name>w2c-letsencrypt-esxi</name>
+  <version>${VIB_TAG}-0.0.0</version>
+  <vendor>web-wack-creations</vendor>
+  <summary>Let's Encrypt for ESXi</summary>
+  <description>Let's Encrypt for ESXi</description>
+  <release-date>${VIB_DATE}</release-date>
+  <urls>
+    <url key="letsencrypt-esxi">https://github.com/w2c/letsencrypt-esxi</url>
+  </urls>
+  <relationships>
+    <depends/>
+    <conflicts/>
+    <replaces/>
+    <provides/>
+    <compatibleWith/>
+  </relationships>
+  <software-tags/>
+  <system-requires>
+    <maintenance-mode>false</maintenance-mode>
+  </system-requires>
+  <file-list>
+  </file-list>
+  <acceptance-level>community</acceptance-level>
+  <live-install-allowed>true</live-install-allowed>
+  <live-remove-allowed>true</live-remove-allowed>
+  <cimom-restart>false</cimom-restart>
+  <stateless-ready>true</stateless-ready>
+  <overlay>false</overlay>
+  <payloads>
+    <payload name="payload1" type="vgz"></payload>
+  </payloads>
+</vib>
+__W2C__
+
+# Create target directory
+BIN_DIR=${VIB_PAYLOAD_DIR}/opt/w2c-letsencrypt
+INIT_DIR=${VIB_PAYLOAD_DIR}/etc/init.d
+mkdir -p ${BIN_DIR} ${INIT_DIR}
+
+# Copy files to the corresponding locations
+cp ../* ${BIN_DIR} 2>/dev/null
+cp ../w2c-letsencrypt ${INIT_DIR}
+
+# Ensure that shell scripts are executable
+chmod +x ${INIT_DIR}/w2c-letsencrypt ${BIN_DIR}/renew.sh
+
+# Create letsencrypt-esxi VIB + offline bundle
+vibauthor -C -t ${TEMP_DIR} -v w2c-letsencrypt-esxi.vib -O w2c-letsencrypt-esxi-offline-bundle.zip -f
+
+# Show some details about what we have just created
+vibauthor -i -v w2c-letsencrypt-esxi.vib
+
+# Remove letsencrypt-esxi temp dir
+rm -rf ${TEMP_DIR}