define-alpine-the-sequel/alpine.ts

import {
  chmod,
  chown,
  copyFile,
  mkdir,
  opendir,
  symlink,
  writeFile,
} from "node:fs/promises";
import path from "node:path";
import { cwd } from "node:process";
import { Fstab } from "./fstab.js";
import { execFile, exists } from "./helpers/better-api.js";
import { PasswdEntry, readPasswd } from "./helpers/passwd.js";
import { logDebug } from "./helpers/logger.js";
import assert from "node:assert";
import { Persist } from "./persist.js";
import { writePasswd } from "./passwd.js";

export class Alpine {
  dir: string;
  private constructor({ dir }: { dir: string }) {
    this.dir = dir;
  }
  fstab: Fstab = new Fstab(this);
  persist: Persist = new Persist(this);
  packages: string[] = [];

  async mkdirP(dir: string): Promise<void> {
    await mkdir(this.path(dir), { recursive: true });
  }
  async writeFile(
    filePath: string,
    content: string,
    permissions?: { uid: number; gid: number }
  ): Promise<void> {
    const p = path.join(this.dir, filePath);
    await this.mkdirP(path.dirname(filePath));
    await writeFile(p, content);
    if (permissions) {
      await chown(p, permissions.uid, permissions.gid);
      await chmod(p, 0o600);
    }
  }
  async writeExecutable(filePath: string, content: string): Promise<void> {
    await this.writeFile(filePath, content);
    await chmod(this.path(filePath), 0o700);
  }
  async assertExists(path: string) {
    assert(await exists(this.path(path)));
  }
  path(p: string): string {
    return path.join(this.dir, p);
  }
  private getRelativeSymlink(
    target: string,
    filePath: string
  ): { target: string; filePath: string } {
    const realFilePath = path.join(this.dir, filePath);
    return {
      target: path.relative(
        path.dirname(realFilePath),
        path.join(this.dir, target)
      ),
      filePath: realFilePath,
    };
  }
  async symlink(_target: string, _filePath: string): Promise<void> {
    const { target, filePath } = this.getRelativeSymlink(_target, _filePath);
    await symlink(target, filePath);
  }

  readPasswd(): Promise<PasswdEntry[]> {
    return readPasswd(this.path("/etc/passwd"));
  }
  async userAdd(
    user: string,
    {
      system,
      homeDir,
      createHome,
    }: { system: boolean; homeDir?: string; createHome: boolean } = {
      system: false,
      homeDir: "",
      createHome: true,
    }
  ): Promise<PasswdEntry> {
    await execFile("useradd", [
      "--user-group",
      ...(system ? ["--system"] : []),
      ...(homeDir ? ["--home-dir", homeDir] : []),
      ...(createHome ? ["--create-home"] : []),
      "--root",
      this.dir,
      user,
    ]);
    const passwd = await this.readPasswd();
    const entry = passwd.find((e) => e.name === user);
    if (!entry) {
      throw new Error("fatal(userAdd): no encontré el usuario " + user);
    }
    return entry;
  }

  async actuallyInstallPackages(): Promise<void> {
    await this.installPackages(this.packages);
  }

  async installPackages(packages: string[]): Promise<void> {
    logDebug(
      "installPackages",
      await execFile("apk", [
        "add",
        "--clean-protected",
        "--root",
        this.dir,
        ...packages,
      ])
    );
  }
  async addPackages(packages: string[]): Promise<void> {
    this.packages = this.packages.concat(packages);
  }

  static async makeWorld({
    dir,
    packages,
  }: {
    dir: string;
    packages?: string[];
  }): Promise<Alpine> {
    const apkDir = path.join(dir, "/etc/apk");
    await mkdir(apkDir, { recursive: true });

    // hack
    {
      const cacheDir = path.join(cwd(), "cache");
      await mkdir("cache", { recursive: true });
      await symlink(cacheDir, path.join(apkDir, "cache"));
    }

    {
      const apkKeysDir = path.join(apkDir, "keys");
      const keysSrcDir = "alpine/keys";
      await mkdir(apkKeysDir, { recursive: true });
      for await (const { name } of await opendir(keysSrcDir))
        await copyFile(
          path.join(keysSrcDir, name),
          path.join(apkKeysDir, name)
        );
    }

    await writeFile(
      path.join(apkDir, "repositories"),
      [
        "https://dl-cdn.alpinelinux.org/alpine/v3.17/main",
        "https://dl-cdn.alpinelinux.org/alpine/v3.17/community",
      ].join("\n")
    );
    logDebug(
      "makeWorld",
      await execFile("apk", [
        "add",
        "--initdb",
        "--clean-protected",
        "--root",
        dir,
        ...["alpine-baselayout", "busybox", "libc-utils", "alpine-keys"],
        ...(packages || []),
      ])
    );

    const alpine = new Alpine({ dir });
    await alpine.fstab.write();
    await alpine.persist.write();
    await writePasswd(alpine);
    return alpine;
  }
}
correr el builder como root 2023-02-19 20:58:18 +00:00			`import {`
			`chmod,`
			`chown,`
			`copyFile,`
			`mkdir,`
			`opendir,`
			`symlink,`
			`writeFile,`
			`} from "node:fs/promises";`
runit 2023-01-16 15:14:20 +00:00			`import path from "node:path";`
			`import { cwd } from "node:process";`
forgejo 2023-02-08 14:46:33 +00:00			`import { Fstab } from "./fstab.js";`
correr el builder como root 2023-02-19 20:58:18 +00:00			`import { execFile, exists } from "./helpers/better-api.js";`
			`import { PasswdEntry, readPasswd } from "./helpers/passwd.js";`
permitir logear cosas de debug 2023-02-10 00:38:00 +00:00			`import { logDebug } from "./helpers/logger.js";`
correr el builder como root 2023-02-19 20:58:18 +00:00			`import assert from "node:assert";`
persistir forgejo fixes #6 2023-02-22 23:08:03 +00:00			`import { Persist } from "./persist.js";`
setear passwd en root fixes #11 2023-02-23 01:15:24 +00:00			`import { writePasswd } from "./passwd.js";`
runit 2023-01-16 15:14:20 +00:00
			`export class Alpine {`
			`dir: string;`
			`private constructor({ dir }: { dir: string }) {`
			`this.dir = dir;`
			`}`
forgejo 2023-02-08 14:46:33 +00:00			`fstab: Fstab = new Fstab(this);`
persistir forgejo fixes #6 2023-02-22 23:08:03 +00:00			`persist: Persist = new Persist(this);`
retrasar instalación de paquetes para instalarlos todos juntos (perf) (y refactor) asdfasdf 2023-02-20 18:20:37 +00:00			`packages: string[] = [];`
runit 2023-01-16 15:14:20 +00:00
grafana + arreglar permisos + romper cosas 2023-02-10 02:36:01 +00:00			`async mkdirP(dir: string): Promise<void> {`
correr el builder como root 2023-02-19 20:58:18 +00:00			`await mkdir(this.path(dir), { recursive: true });`
runit 2023-01-16 15:14:20 +00:00			`}`
grafana + arreglar permisos + romper cosas 2023-02-10 02:36:01 +00:00			`async writeFile(`
			`filePath: string,`
			`content: string,`
			`permissions?: { uid: number; gid: number }`
			`): Promise<void> {`
restringir permisos cuando se hace alpine.writeFile 2023-02-17 00:26:34 +00:00			`const p = path.join(this.dir, filePath);`
grafana + arreglar permisos + romper cosas 2023-02-10 02:36:01 +00:00			`await this.mkdirP(path.dirname(filePath));`
correr el builder como root 2023-02-19 20:58:18 +00:00			`await writeFile(p, content);`
restringir permisos cuando se hace alpine.writeFile 2023-02-17 00:26:34 +00:00			`if (permissions) {`
correr el builder como root 2023-02-19 20:58:18 +00:00			`await chown(p, permissions.uid, permissions.gid);`
			`await chmod(p, 0o600);`
restringir permisos cuando se hace alpine.writeFile 2023-02-17 00:26:34 +00:00			`}`
runit 2023-01-16 15:14:20 +00:00			`}`
			`async writeExecutable(filePath: string, content: string): Promise<void> {`
			`await this.writeFile(filePath, content);`
correr el builder como root 2023-02-19 20:58:18 +00:00			`await chmod(this.path(filePath), 0o700);`
			`}`
			`async assertExists(path: string) {`
			`assert(await exists(this.path(path)));`
runit 2023-01-16 15:14:20 +00:00			`}`
forgejo 2023-02-08 14:46:33 +00:00			`path(p: string): string {`
			`return path.join(this.dir, p);`
			`}`
runit 2023-01-16 15:14:20 +00:00			`private getRelativeSymlink(`
			`target: string,`
			`filePath: string`
			`): { target: string; filePath: string } {`
			`const realFilePath = path.join(this.dir, filePath);`
			`return {`
			`target: path.relative(`
			`path.dirname(realFilePath),`
			`path.join(this.dir, target)`
			`),`
			`filePath: realFilePath,`
			`};`
			`}`
			`async symlink(_target: string, _filePath: string): Promise<void> {`
			`const { target, filePath } = this.getRelativeSymlink(_target, _filePath);`
correr el builder como root 2023-02-19 20:58:18 +00:00			`await symlink(target, filePath);`
runit 2023-01-16 15:14:20 +00:00			`}`

grafana + arreglar permisos + romper cosas 2023-02-10 02:36:01 +00:00			`readPasswd(): Promise<PasswdEntry[]> {`
correr el builder como root 2023-02-19 20:58:18 +00:00			`return readPasswd(this.path("/etc/passwd"));`
grafana + arreglar permisos + romper cosas 2023-02-10 02:36:01 +00:00			`}`
retrasar instalación de paquetes para instalarlos todos juntos (perf) (y refactor) asdfasdf 2023-02-20 18:20:37 +00:00			`async userAdd(`
			`user: string,`
			`{`
			`system,`
			`homeDir,`
			`createHome,`
			`}: { system: boolean; homeDir?: string; createHome: boolean } = {`
			`system: false,`
			`homeDir: "",`
			`createHome: true,`
			`}`
			`): Promise<PasswdEntry> {`
			`await execFile("useradd", [`
			`"--user-group",`
			`...(system ? ["--system"] : []),`
			`...(homeDir ? ["--home-dir", homeDir] : []),`
			`...(createHome ? ["--create-home"] : []),`
			`"--root",`
			`this.dir,`
			`user,`
			`]);`
grafana + arreglar permisos + romper cosas 2023-02-10 02:36:01 +00:00			`const passwd = await this.readPasswd();`
forgejo 2023-02-08 14:46:33 +00:00			`const entry = passwd.find((e) => e.name === user);`
			`if (!entry) {`
			`throw new Error("fatal(userAdd): no encontré el usuario " + user);`
			`}`
			`return entry;`
			`}`

retrasar instalación de paquetes para instalarlos todos juntos (perf) (y refactor) asdfasdf 2023-02-20 18:20:37 +00:00			`async actuallyInstallPackages(): Promise<void> {`
			`await this.installPackages(this.packages);`
			`}`

			`async installPackages(packages: string[]): Promise<void> {`
permitir logear cosas de debug 2023-02-10 00:38:00 +00:00			`logDebug(`
retrasar instalación de paquetes para instalarlos todos juntos (perf) (y refactor) asdfasdf 2023-02-20 18:20:37 +00:00			`"installPackages",`
correr el builder como root 2023-02-19 20:58:18 +00:00			`await execFile("apk", [`
permitir logear cosas de debug 2023-02-10 00:38:00 +00:00			`"add",`
			`"--clean-protected",`
			`"--root",`
			`this.dir,`
			`...packages,`
			`])`
			`);`
runit 2023-01-16 15:14:20 +00:00			`}`
retrasar instalación de paquetes para instalarlos todos juntos (perf) (y refactor) asdfasdf 2023-02-20 18:20:37 +00:00			`async addPackages(packages: string[]): Promise<void> {`
			`this.packages = this.packages.concat(packages);`
			`}`
runit 2023-01-16 15:14:20 +00:00
			`static async makeWorld({`
			`dir,`
			`packages,`
			`}: {`
			`dir: string;`
			`packages?: string[];`
			`}): Promise<Alpine> {`
			`const apkDir = path.join(dir, "/etc/apk");`
correr el builder como root 2023-02-19 20:58:18 +00:00			`await mkdir(apkDir, { recursive: true });`
runit 2023-01-16 15:14:20 +00:00
			`// hack`
			`{`
			`const cacheDir = path.join(cwd(), "cache");`
			`await mkdir("cache", { recursive: true });`
correr el builder como root 2023-02-19 20:58:18 +00:00			`await symlink(cacheDir, path.join(apkDir, "cache"));`
runit 2023-01-16 15:14:20 +00:00			`}`

			`{`
			`const apkKeysDir = path.join(apkDir, "keys");`
			`const keysSrcDir = "alpine/keys";`
correr el builder como root 2023-02-19 20:58:18 +00:00			`await mkdir(apkKeysDir, { recursive: true });`
runit 2023-01-16 15:14:20 +00:00			`for await (const { name } of await opendir(keysSrcDir))`
correr el builder como root 2023-02-19 20:58:18 +00:00			`await copyFile(`
runit 2023-01-16 15:14:20 +00:00			`path.join(keysSrcDir, name),`
			`path.join(apkKeysDir, name)`
			`);`
			`}`

correr el builder como root 2023-02-19 20:58:18 +00:00			`await writeFile(`
runit 2023-01-16 15:14:20 +00:00			`path.join(apkDir, "repositories"),`
			`[`
			`"https://dl-cdn.alpinelinux.org/alpine/v3.17/main",`
			`"https://dl-cdn.alpinelinux.org/alpine/v3.17/community",`
			`].join("\n")`
			`);`
logear makeWorld 2023-02-10 00:43:54 +00:00			`logDebug(`
			`"makeWorld",`
correr el builder como root 2023-02-19 20:58:18 +00:00			`await execFile("apk", [`
logear makeWorld 2023-02-10 00:43:54 +00:00			`"add",`
			`"--initdb",`
			`"--clean-protected",`
			`"--root",`
			`dir,`
			`...["alpine-baselayout", "busybox", "libc-utils", "alpine-keys"],`
			`...(packages \|\| []),`
			`])`
			`);`
runit 2023-01-16 15:14:20 +00:00
forgejo 2023-02-08 14:46:33 +00:00			`const alpine = new Alpine({ dir });`
			`await alpine.fstab.write();`
persistir forgejo fixes #6 2023-02-22 23:08:03 +00:00			`await alpine.persist.write();`
setear passwd en root fixes #11 2023-02-23 01:15:24 +00:00			`await writePasswd(alpine);`
forgejo 2023-02-08 14:46:33 +00:00			`return alpine;`
runit 2023-01-16 15:14:20 +00:00			`}`
			`}`