commit: 12e6e498ef9c722f38f4356f317050d50023eae8 Author: Joonas Niilola <juippis <AT> gentoo <DOT> org> AuthorDate: Sun Dec 15 07:18:00 2024 +0000 Commit: Joonas Niilola <juippis <AT> gentoo <DOT> org> CommitDate: Sun Dec 15 07:23:19 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=12e6e498
app-containers/incus: add 6.8 - add 'qemu' use flag to pull all necessary dependencies to allow managing qemu-based virtual machines in incus, - add new env.d file to set INCUS_EDK2_PATH so OVMF files are found when using virtual machines, - allow selecting between iptables and nftables. All possible changes are synced to the LTS release upon new LTS version release. Closes: https://bugs.gentoo.org/944335 Closes: https://bugs.gentoo.org/946184 Closes: https://bugs.gentoo.org/945768 Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org> app-containers/incus/Manifest | 2 + app-containers/incus/incus-6.8.ebuild | 228 ++++++++++++++++++++++++++++++++++ app-containers/incus/metadata.xml | 1 + 3 files changed, 231 insertions(+) diff --git a/app-containers/incus/Manifest b/app-containers/incus/Manifest index 4606bb6665bf..4c40e7c663b7 100644 --- a/app-containers/incus/Manifest +++ b/app-containers/incus/Manifest @@ -2,3 +2,5 @@ DIST incus-6.0.2.tar.xz 11197324 BLAKE2B fa15816ea05865ce48f7cb668c3138d2d186a18 DIST incus-6.0.2.tar.xz.asc 833 BLAKE2B bcdeb0d2a3684dcdcb620166865523a2e9eb595f0e7760f05a06ea0608dc4fc7111b75206fe62a63cfd90a0d0ec79206404994e53770d5e35a639a67e1ad753c SHA512 18587ddc7b7cb41418ee0e7a43875663e71c9d39a505fd55bc29fe83717b5d5cdc876c46912561610735ddf80462631716354a943a272ae5ccf0ee495aff1c1c DIST incus-6.7.tar.xz 11313960 BLAKE2B c55ec6c584eeb6123d707b628ff27f96f6555ad5d17a720c55cc69cfb2abee9c6692544fba63ec2c63c5c8cb0d68baf0c9fadc2bb538dfce20362097fa3809ee SHA512 4b7e9af926d6132f63cbc53466d98691b2fb182a1900cf4ac5964df8678829da0241c4a468cfe3e49d448ecb25d2e8b1be0f52ac71c176a87d554fcd59ab5f97 DIST incus-6.7.tar.xz.asc 833 BLAKE2B 6c72ca10f20f55607b1059bf908e4b36d81b499c2b6e329855c8769cafe9def44bf8cc6a320718150192daf6e820f6e42beb1b9e7a90f794b9c906734b0ba742 SHA512 dd6d55f8f3e8538f8050fce0124bbab1495978ad1ccee954a3d38cc1bb33c0a8f9f6a7f673e7e0942e9bc732a2acdbcb71245c110eb091ef0b53015ef05e9d74 +DIST incus-6.8.tar.xz 11403916 BLAKE2B 09d8e2a8619a040550600234d7fe2e65eea8c6a7054e0b790f3774721ad5de982dee5d0151f8141cda0f5c6b9d63e18b1c4964e4027bf9470ed44a28d482f999 SHA512 c7b0cc22014f482981777f3cef3b0064c02b46c7ced4e8572fd9548eec45a0d87ac868e94ab8d2af80eb24986db64a930ac578c8555e2759022cad559b74ac5c +DIST incus-6.8.tar.xz.asc 833 BLAKE2B 77b937177b4239da27478ff7826c633d34ee3b5e02e988387fdc63ff43fad307786c27dee2c3cefb8c4129ce8777fad3361c2e2a86152d202c55231d4105d7a8 SHA512 3111e196da18d362c2e60482e313da888ba6ffba1b5ae134bf9d7e89951ebf6d2b2af922d78ee6fd2e9b51bffea5ccadd0d11bf0a3527d07d8351733ce66f2e3 diff --git a/app-containers/incus/incus-6.8.ebuild b/app-containers/incus/incus-6.8.ebuild new file mode 100644 index 000000000000..607f1c8b3147 --- /dev/null +++ b/app-containers/incus/incus-6.8.ebuild @@ -0,0 +1,228 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info optfeature systemd toolchain-funcs verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://linuxcontainers.org/incus/introduction/ https://github.com/lxc/incus"; +SRC_URI="https://linuxcontainers.org/downloads/incus/${P}.tar.xz + verify-sig? ( https://linuxcontainers.org/downloads/incus/${P}.tar.xz.asc )" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0/stable" +KEYWORDS="~amd64 ~arm64" +IUSE="apparmor fuidshift nls qemu" + +DEPEND="acct-group/incus + acct-group/incus-admin + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + >=dev-libs/cowsql-1.15.6 + dev-libs/lzo + >=dev-libs/raft-0.22.1:=[lz4] + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + || ( + net-firewall/iptables + net-firewall/nftables + ) + fuidshift? ( !app-containers/lxd ) + net-firewall/ebtables + sys-apps/iproute2 + sys-fs/fuse:* + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl + qemu? ( + app-cdr/cdrtools + app-emulation/qemu[spice,usbredir,virtfs] + sys-apps/gptfdisk + )" +BDEPEND=">=dev-lang/go-1.21 + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/incus + /usr/bin/incus-agent + /usr/bin/incus-benchmark + /usr/bin/incus-migrate + /usr/bin/lxc-to-incus + /usr/sbin/fuidshift + /usr/sbin/incusd + /usr/sbin/lxd-to-incus" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +src_unpack() { + verify-sig_src_unpack + go-module_src_unpack +} + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/incus:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2/OvmfX64:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + internal/server/instance/drivers/edk2/driver_edk2.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + internal/server/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/incus-0.4.service "${T}"/incus.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/incus.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in incus-benchmark incus-simplestreams incus-user incus lxc-to-incus lxd-to-incus ; do + ego install -v -x "${S}/cmd/${k}" + done + + if use fuidshift ; then + ego install -v -x "${S}/cmd/fuidshift" + fi + + ego install -v -x -tags libsqlite3 "${S}"/cmd/incusd + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/cmd/incus-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/cmd/incus-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + + if tc-is-cross-compiler ; then + local bindir="_dist/bin/linux_${GOARCH}" + else + local bindir="_dist/bin" + fi + + newsbin "${FILESDIR}"/incus-startup-0.4.sh incus-startup + + # Admin tools + for l in incusd incus-user lxd-to-incus ; do + dosbin ${bindir}/${l} + done + + # User tools + for m in incus-agent incus-benchmark incus-migrate incus-simplestreams incus lxc-to-incus ; do + dobin ${bindir}/${m} + done + + # fuidshift, should be moved under admin tools at some point + if use fuidshift ; then + dosbin ${bindir}/fuidshift + fi + + newconfd "${FILESDIR}"/incus-6.0.confd incus + newinitd "${FILESDIR}"/incus-6.0.initd incus + newinitd "${FILESDIR}"/incus-user-0.4.initd incus-user + + systemd_dounit "${T}"/incus.service + systemd_newunit "${FILESDIR}"/incus-0.4.socket incus.socket + systemd_newunit "${FILESDIR}"/incus-startup-0.4.service incus-startup.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.service incus-user.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.socket incus-user.socket + + if ! tc-is-cross-compiler; then + # Generate and install shell completion files. + mkdir -p "${D}"/usr/share/{bash-completion/completions/,fish/vendor_completions.d/,zsh/site-functions/} || die + "${bindir}"/incus completion bash > "${D}"/usr/share/bash-completion/completions/incus || die + "${bindir}"/incus completion fish > "${D}"/usr/share/fish/vendor_completions.d/incus.fish || die + "${bindir}"/incus completion zsh > "${D}"/usr/share/zsh/site-functions/_incus || die + else + ewarn "Shell completion files not installed! Install them manually with incus completion --help" + fi + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo + + # Incus needs INCUS_EDK2_PATH in env to find OVMF files for virtual machines, #946184 + newenvd - 90incus <<- _EOF_ + INCUS_EDK2_PATH=${EPREFIX}/usr/share/edk2-ovmf + _EOF_ +} + +pkg_postinst() { + elog + elog "Please see" + elog " https://wiki.gentoo.org/wiki/Incus"; + elog " https://wiki.gentoo.org/wiki/Incus#Migrating_from_LXD"; + elog + optfeature "OCI container images support" app-containers/skopeo app-containers/umoci + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full incus-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the incus group." + elog +} diff --git a/app-containers/incus/metadata.xml b/app-containers/incus/metadata.xml index ca40c46198bd..1dd049fe8831 100644 --- a/app-containers/incus/metadata.xml +++ b/app-containers/incus/metadata.xml @@ -11,6 +11,7 @@ </maintainer> <use> <flag name="fuidshift">Install the fuidshift binary - currently conflicts with app-containers/lxd</flag> + <flag name="qemu">Pull dependencies needed to manage QEMU-based virtual machines with Incus</flag> </use> <longdescription> Incus is a modern, secure and powerful system container and virtual machine manager.
