* [pve-devel] [PATCH dab/dab-pve-appliances] add pmg 9.0 template
@ 2025-09-30 14:51 Stoiko Ivanov
2025-09-30 14:51 ` [pve-devel] [PATCH dab 1/1] add support for repositories, used only for template generation Stoiko Ivanov
` (3 more replies)
0 siblings, 4 replies; 9+ messages in thread
From: Stoiko Ivanov @ 2025-09-30 14:51 UTC (permalink / raw)
To: pve-devel
While preparing a template for the upcoming trixie based pmg 9.0,
one small issue was that we install with the pmg-no-subscription
repository but remove the sources.list entry before packaging the
container-template via sed.
With deb822 sources the sed-command would become unwieldy, so instead
add 'Install-Sources' to the dab.conf configuration parser, for
sources entries, which are present for template creation, but not added
to the resulting template.
The patches for dab-pve-appliances are split in 3 for easier review, to
see which changes were actually needed - they could/should be squashed
together when applying.
one remaining issue - is that `dhcp` as network-configuration does not
work. while this is currently a general issue, for the pmg template,
our use of ifupdown2 is specific - as ifupdown2 only uses the deprecated
and unavailable isc-dhcp-client for obtaining leases.
dab:
Stoiko Ivanov (1):
add support for repositories, used only for template generation
PVE/DAB.pm | 31 ++++++++++++++++++++++++++++---
dab | 6 ++++++
2 files changed, 34 insertions(+), 3 deletions(-)
dab-pve-appliances:
Stoiko Ivanov (3):
add template for trixie based pmg 9.0
pmg: trixie: purge ifupdown before installing ifupdown2
pmg: trixie: use pmg-repository only during installation
debian-13-trixie-pmg-9-64/Makefile | 49 +++++++++++++++++++++++
debian-13-trixie-pmg-9-64/dab.conf | 15 +++++++
debian-13-trixie-pmg-9-64/systemd-presets | 5 +++
3 files changed, 69 insertions(+)
create mode 100644 debian-13-trixie-pmg-9-64/Makefile
create mode 100644 debian-13-trixie-pmg-9-64/dab.conf
create mode 100644 debian-13-trixie-pmg-9-64/systemd-presets
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 9+ messages in thread* [pve-devel] [PATCH dab 1/1] add support for repositories, used only for template generation 2025-09-30 14:51 [pve-devel] [PATCH dab/dab-pve-appliances] add pmg 9.0 template Stoiko Ivanov @ 2025-09-30 14:51 ` Stoiko Ivanov 2025-09-30 15:20 ` [pve-devel] applied: " Thomas Lamprecht 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 1/3] add template for trixie based pmg 9.0 Stoiko Ivanov ` (2 subsequent siblings) 3 siblings, 1 reply; 9+ messages in thread From: Stoiko Ivanov @ 2025-09-30 14:51 UTC (permalink / raw) To: pve-devel One use-case are the proxmox-mail-gateway container templates, which ship the correct enterprise-repsitory entry. Currently the used entry is removed via `sed` during container creation. With deb822 sources the `sed` command would become a bit unwieldy, so just add the option to define sources which are only used for the container preparation Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com> --- PVE/DAB.pm | 31 ++++++++++++++++++++++++++++--- dab | 6 ++++++ 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/PVE/DAB.pm b/PVE/DAB.pm index f74d363..59397f2 100644 --- a/PVE/DAB.pm +++ b/PVE/DAB.pm @@ -222,7 +222,7 @@ sub read_config { chomp $res->{description}; } elsif ($rec =~ s/^([^:]+):\s*(.*\S)\s*\n//) { my ($key, $value) = (lc ($1), $2); - if ($key eq 'source' || $key eq 'mirror') { + if ($key eq 'source' || $key eq 'mirror' || $key eq 'install-source') { push @{$res->{$key}}, $value; } else { die "duplicate key '$key'\n" if defined ($res->{$key}); @@ -507,9 +507,33 @@ sub new { source => $url, comp => $ca, suite => $su, + keep => 1, }; } else { - die "syntax error in source spezification '$s'\n"; + die "syntax error in source specification '$s'\n"; + } + } + + foreach my $is (@{$config->{'install-source'}}) { + if ($is =~ m@^\s*((https?|ftp)://\S+)\s+(\S+)((\s+(\S+))+)$@) { + my ($url, $su, $components) = ($1, $3, $4); + $su =~ s/SUITE/$suite/; + $components =~ s/^\s+//; + $components =~ s/\s+$//; + my $ca; + foreach my $co (split (/\s+/, $components)) { + push @$ca, $co; + } + $ca = ['main'] if !$ca; + + push @$sources, { + source => $url, + comp => $ca, + suite => $su, + keep => 0, + }; + } else { + die "syntax error in install-source specification '$is'\n"; } } @@ -1380,7 +1404,8 @@ sub bootstrap { mkdir "$rootdir/etc/apt/sources.list.d"; my $origin = lc($suiteinfo->{origin}); my $keyring = $suiteinfo->{keyring} or die "missing keyring for origin '$origin'"; - my $uris = { map { $_->{source} => 1 } $self->{sources}->@* }; + my @keep_sources = grep { $_->{keep} } $self->{sources}->@*; + my $uris = { map { $_->{source} => 1 } @keep_sources }; for my $uri (keys $uris->%*) { my $sources = [ grep { $_->{source} eq $uri } $self->{sources}->@* ]; diff --git a/dab b/dab index d79afe6..c01c513 100755 --- a/dab +++ b/dab @@ -451,6 +451,12 @@ Note: SUITE is a variable and will be substituted. There are also reasonable defaults for Ubuntu. If you do not specify any source the defaults are used. +=item B<Install-Source:> I<URL [components]> + +Defines a source location used only during appliance creation. It is +not added to the sources.list entries in the resulting templates. Else behaves +like a B<Source:> entry. + =item B<Depends:> I<dependencies> Debian like package dependencies. This can be used to make sure that speific -- 2.39.5 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 9+ messages in thread
* [pve-devel] applied: [PATCH dab 1/1] add support for repositories, used only for template generation 2025-09-30 14:51 ` [pve-devel] [PATCH dab 1/1] add support for repositories, used only for template generation Stoiko Ivanov @ 2025-09-30 15:20 ` Thomas Lamprecht 0 siblings, 0 replies; 9+ messages in thread From: Thomas Lamprecht @ 2025-09-30 15:20 UTC (permalink / raw) To: pve-devel, Stoiko Ivanov On Tue, 30 Sep 2025 16:51:27 +0200, Stoiko Ivanov wrote: > One use-case are the proxmox-mail-gateway container templates, which > ship the correct enterprise-repsitory entry. > > Currently the used entry is removed via `sed` during container > creation. With deb822 sources the `sed` command would become a bit > unwieldy, so just add the option to define sources which are only > used for the container preparation > > [...] Applied, thanks! [1/1] add support for repositories, used only for template generation commit: 4af804657404dce64f526d242583ea812c3daa3d _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 9+ messages in thread
* [pve-devel] [PATCH dab-pve-appliances 1/3] add template for trixie based pmg 9.0 2025-09-30 14:51 [pve-devel] [PATCH dab/dab-pve-appliances] add pmg 9.0 template Stoiko Ivanov 2025-09-30 14:51 ` [pve-devel] [PATCH dab 1/1] add support for repositories, used only for template generation Stoiko Ivanov @ 2025-09-30 14:51 ` Stoiko Ivanov 2025-10-01 14:12 ` [pve-devel] applied: " Thomas Lamprecht 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 2/3] pmg: trixie: purge ifupdown before installing ifupdown2 Stoiko Ivanov 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 3/3] pmg: trixie: use pmg-repository only during installation Stoiko Ivanov 3 siblings, 1 reply; 9+ messages in thread From: Stoiko Ivanov @ 2025-09-30 14:51 UTC (permalink / raw) To: pve-devel copied from debian-12-bookworm-pmg-8-64, with the version number and codename adapted. Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com> --- debian-13-trixie-pmg-9-64/Makefile | 49 +++++++++++++++++++++++ debian-13-trixie-pmg-9-64/dab.conf | 15 +++++++ debian-13-trixie-pmg-9-64/systemd-presets | 5 +++ 3 files changed, 69 insertions(+) create mode 100644 debian-13-trixie-pmg-9-64/Makefile create mode 100644 debian-13-trixie-pmg-9-64/dab.conf create mode 100644 debian-13-trixie-pmg-9-64/systemd-presets diff --git a/debian-13-trixie-pmg-9-64/Makefile b/debian-13-trixie-pmg-9-64/Makefile new file mode 100644 index 0000000..9330588 --- /dev/null +++ b/debian-13-trixie-pmg-9-64/Makefile @@ -0,0 +1,49 @@ +BASEDIR:=$(shell dab basedir) + +CVD_FILES:=main.cvd bytecode.cvd daily.cvd safebrowsing.cvd + +all: info/init_ok ${CVD_FILES} + dab bootstrap --minimal + sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin yes/' ${BASEDIR}/etc/ssh/sshd_config + mkdir -p ${BASEDIR}/etc/systemd/system-preset + cp systemd-presets ${BASEDIR}/etc/systemd/system-preset/00-pve-template.preset + touch ${BASEDIR}/proxmox_install_mode + dab install \ + antiword \ + dbus \ + docx2txt \ + gpg \ + ifupdown2 \ + libcgi-pm-perl \ + libdbi-perl \ + libsasl2-modules \ + odt2txt \ + perl-openssl-defaults \ + poppler-utils \ + proxmox-mailgateway-container \ + tesseract-ocr \ + unrtf \ + ; + rm ${BASEDIR}/proxmox_install_mode + sed -i '/^deb.*\.proxmox\.com\/.*$$/d;$${/^$$/d;}' ${BASEDIR}/etc/apt/sources.list + cp ${CVD_FILES} ${BASEDIR}/var/lib/clamav/ + dab finalize --compressor zstd-max + +info/init_ok: dab.conf + dab init + touch $@ + +.PHONY: clean +clean: + dab clean + rm -f *~ + +.PHONY: dist-clean +dist-clean: clean + dab dist-clean + rm -f ${CVD_FILES} + +${CVD_FILES}: + curl -L --silent --show-error --fail --time-cond $@ --user-agent "CVDUPDATE/0.3.0 (9d591f58-b430-4d0c-99b2-febb1cee0872)" -o $@.tmp https://database.clamav.net/$@ + [ -f $@.tmp ] && mv $@.tmp $@ || true + if command -v sigtool > /dev/null ; then sigtool -i $@; else echo "skipping verification of $@"; fi diff --git a/debian-13-trixie-pmg-9-64/dab.conf b/debian-13-trixie-pmg-9-64/dab.conf new file mode 100644 index 0000000..a17a1f7 --- /dev/null +++ b/debian-13-trixie-pmg-9-64/dab.conf @@ -0,0 +1,15 @@ +Suite: trixie +CacheDir: ../cache +Source: http://ftp.debian.org/debian SUITE main contrib +Source: http://ftp.debian.org/debian SUITE-updates main contrib +Source: http://security.debian.org/debian-security SUITE-security main contrib +Source: http://download.proxmox.com/debian/pmg/ SUITE pmg-no-subscription +Architecture: amd64 +Name: proxmox-mail-gateway-9.0-standard +Version: 9.0-beta1 +Section: mail +Maintainer: Proxmox Support Team <support@proxmox.com> +Infopage: https://www.proxmox.com/en/proxmox-mail-gateway/overview +Description: Proxmox Mail Gateway 9.0 + A full featured mail proxy for spam and virus filtering, optimized for + container environment. diff --git a/debian-13-trixie-pmg-9-64/systemd-presets b/debian-13-trixie-pmg-9-64/systemd-presets new file mode 100644 index 0000000..2711b48 --- /dev/null +++ b/debian-13-trixie-pmg-9-64/systemd-presets @@ -0,0 +1,5 @@ +disable clamav-clamonacc.service +disable pg_basebackup@.timer +disable pg_basebackup@.timer +disable pg_dump@.timer +disable pg_receivewal@.service -- 2.39.5 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 9+ messages in thread
* [pve-devel] applied: [PATCH dab-pve-appliances 1/3] add template for trixie based pmg 9.0 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 1/3] add template for trixie based pmg 9.0 Stoiko Ivanov @ 2025-10-01 14:12 ` Thomas Lamprecht 0 siblings, 0 replies; 9+ messages in thread From: Thomas Lamprecht @ 2025-10-01 14:12 UTC (permalink / raw) To: pve-devel, Stoiko Ivanov On Tue, 30 Sep 2025 16:51:28 +0200, Stoiko Ivanov wrote: > copied from debian-12-bookworm-pmg-8-64, with the version number and > codename adapted. > > Applied, thanks! [1/3] add template for trixie based pmg 9.0 commit: cf1b19b03a81819b0a9f1576ff6b51b9a674fe90 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 9+ messages in thread
* [pve-devel] [PATCH dab-pve-appliances 2/3] pmg: trixie: purge ifupdown before installing ifupdown2 2025-09-30 14:51 [pve-devel] [PATCH dab/dab-pve-appliances] add pmg 9.0 template Stoiko Ivanov 2025-09-30 14:51 ` [pve-devel] [PATCH dab 1/1] add support for repositories, used only for template generation Stoiko Ivanov 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 1/3] add template for trixie based pmg 9.0 Stoiko Ivanov @ 2025-09-30 14:51 ` Stoiko Ivanov 2025-10-01 14:12 ` [pve-devel] applied: " Thomas Lamprecht 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 3/3] pmg: trixie: use pmg-repository only during installation Stoiko Ivanov 3 siblings, 1 reply; 9+ messages in thread From: Stoiko Ivanov @ 2025-09-30 14:51 UTC (permalink / raw) To: pve-devel without this there is not working networking in the resulting container: * ifupdown is in state 'ic' * `ifup` and `ifdown` do not exist on the system. Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com> --- debian-13-trixie-pmg-9-64/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/debian-13-trixie-pmg-9-64/Makefile b/debian-13-trixie-pmg-9-64/Makefile index 9330588..35dc127 100644 --- a/debian-13-trixie-pmg-9-64/Makefile +++ b/debian-13-trixie-pmg-9-64/Makefile @@ -8,6 +8,7 @@ all: info/init_ok ${CVD_FILES} mkdir -p ${BASEDIR}/etc/systemd/system-preset cp systemd-presets ${BASEDIR}/etc/systemd/system-preset/00-pve-template.preset touch ${BASEDIR}/proxmox_install_mode + dab exec apt purge -y ifupdown dab install \ antiword \ dbus \ -- 2.39.5 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 9+ messages in thread
* [pve-devel] applied: [PATCH dab-pve-appliances 2/3] pmg: trixie: purge ifupdown before installing ifupdown2 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 2/3] pmg: trixie: purge ifupdown before installing ifupdown2 Stoiko Ivanov @ 2025-10-01 14:12 ` Thomas Lamprecht 0 siblings, 0 replies; 9+ messages in thread From: Thomas Lamprecht @ 2025-10-01 14:12 UTC (permalink / raw) To: pve-devel, Stoiko Ivanov On Tue, 30 Sep 2025 16:51:29 +0200, Stoiko Ivanov wrote: > without this there is not working networking in the resulting > container: > * ifupdown is in state 'ic' > * `ifup` and `ifdown` do not exist on the system. > > Applied, thanks! [2/3] pmg: trixie: purge ifupdown before installing ifupdown2 commit: 21019c5bc636cdd140ea16f2c2ee0bf1d0383b55 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 9+ messages in thread
* [pve-devel] [PATCH dab-pve-appliances 3/3] pmg: trixie: use pmg-repository only during installation 2025-09-30 14:51 [pve-devel] [PATCH dab/dab-pve-appliances] add pmg 9.0 template Stoiko Ivanov ` (2 preceding siblings ...) 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 2/3] pmg: trixie: purge ifupdown before installing ifupdown2 Stoiko Ivanov @ 2025-09-30 14:51 ` Stoiko Ivanov 2025-10-01 14:12 ` [pve-devel] applied: " Thomas Lamprecht 3 siblings, 1 reply; 9+ messages in thread From: Stoiko Ivanov @ 2025-09-30 14:51 UTC (permalink / raw) To: pve-devel This patch depends on the changes for dab, which enable providing a debian repository only for installation, without it being added to the resulting container. this seemed a bit more elegant, than the sed-script for removing one deb822 entry in a file with multiple entries. Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com> --- debian-13-trixie-pmg-9-64/Makefile | 1 - debian-13-trixie-pmg-9-64/dab.conf | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/debian-13-trixie-pmg-9-64/Makefile b/debian-13-trixie-pmg-9-64/Makefile index 35dc127..ab0bc6a 100644 --- a/debian-13-trixie-pmg-9-64/Makefile +++ b/debian-13-trixie-pmg-9-64/Makefile @@ -26,7 +26,6 @@ all: info/init_ok ${CVD_FILES} unrtf \ ; rm ${BASEDIR}/proxmox_install_mode - sed -i '/^deb.*\.proxmox\.com\/.*$$/d;$${/^$$/d;}' ${BASEDIR}/etc/apt/sources.list cp ${CVD_FILES} ${BASEDIR}/var/lib/clamav/ dab finalize --compressor zstd-max diff --git a/debian-13-trixie-pmg-9-64/dab.conf b/debian-13-trixie-pmg-9-64/dab.conf index a17a1f7..019933e 100644 --- a/debian-13-trixie-pmg-9-64/dab.conf +++ b/debian-13-trixie-pmg-9-64/dab.conf @@ -3,7 +3,7 @@ CacheDir: ../cache Source: http://ftp.debian.org/debian SUITE main contrib Source: http://ftp.debian.org/debian SUITE-updates main contrib Source: http://security.debian.org/debian-security SUITE-security main contrib -Source: http://download.proxmox.com/debian/pmg/ SUITE pmg-no-subscription +Install-Source: http://download.proxmox.com/debian/pmg/ SUITE pmg-no-subscription Architecture: amd64 Name: proxmox-mail-gateway-9.0-standard Version: 9.0-beta1 -- 2.39.5 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 9+ messages in thread
* [pve-devel] applied: [PATCH dab-pve-appliances 3/3] pmg: trixie: use pmg-repository only during installation 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 3/3] pmg: trixie: use pmg-repository only during installation Stoiko Ivanov @ 2025-10-01 14:12 ` Thomas Lamprecht 0 siblings, 0 replies; 9+ messages in thread From: Thomas Lamprecht @ 2025-10-01 14:12 UTC (permalink / raw) To: pve-devel, Stoiko Ivanov On Tue, 30 Sep 2025 16:51:30 +0200, Stoiko Ivanov wrote: > This patch depends on the changes for dab, which enable providing a > debian repository only for installation, without it being added to the > resulting container. > > this seemed a bit more elegant, than the sed-script for removing > one deb822 entry in a file with multiple entries. > > [...] Applied, thanks! [3/3] pmg: trixie: use pmg-repository only during installation commit: 0da8df9c809290f23b96eff7f7cb8ad4fab43a82 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2025-10-01 14:13 UTC | newest] Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2025-09-30 14:51 [pve-devel] [PATCH dab/dab-pve-appliances] add pmg 9.0 template Stoiko Ivanov 2025-09-30 14:51 ` [pve-devel] [PATCH dab 1/1] add support for repositories, used only for template generation Stoiko Ivanov 2025-09-30 15:20 ` [pve-devel] applied: " Thomas Lamprecht 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 1/3] add template for trixie based pmg 9.0 Stoiko Ivanov 2025-10-01 14:12 ` [pve-devel] applied: " Thomas Lamprecht 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 2/3] pmg: trixie: purge ifupdown before installing ifupdown2 Stoiko Ivanov 2025-10-01 14:12 ` [pve-devel] applied: " Thomas Lamprecht 2025-09-30 14:51 ` [pve-devel] [PATCH dab-pve-appliances 3/3] pmg: trixie: use pmg-repository only during installation Stoiko Ivanov 2025-10-01 14:12 ` [pve-devel] applied: " Thomas Lamprecht
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox