#!/bin/bash BINHOST_NAME=amd64/xx.x/x86-64 _BINHOST_NAME=$(echo ${BINHOST_NAME}|sed -e 's:/:_:g') TMPFILE="/root/.tmp-binhost-${_BINHOST_NAME}-update-$(date +%s)" LOCKFILE="/root/.tmp-binhost-${_BINHOST_NAME}-lock" EMAIL_FROM=binhost@milou.amd64.dev.gentoo.org EMAIL_TO=gentoo-binhost-autobuilds@lists.gentoo.org NSPAWNS_x8664_23=" binhost-amd64-x86-64-kde-23 binhost-amd64-x86-64-gnome-23 binhost-amd64-x86-64-openrc-23 binhost-amd64-x86-64-server-23 " NSPAWNS_x8664v3_23=" binhost-amd64-x86-64-v3-kde-23 binhost-amd64-x86-64-v3-gnome-23 binhost-amd64-x86-64-v3-openrc-23 binhost-amd64-x86-64-v3-server-23 " NSPAWN_NAMES=" ${NSPAWNS_x8664_23} ${NSPAWNS_x8664v3_23} " UPLOAD_USER=amd64 UPLOAD_KEY=/root/.ssh/id_ed25519 TMPFS_SIZE=48 send_email() { local subject="[binhost ${BINHOST_NAME}] $1" local message=$2 local logfile=$3 local body if [ -n "${logfile}" ]; then url=$(xz -c "${logfile}" | curl -F "_=<-" https://paste.gentoo.zip) body=$(printf '%b\n\n\n' "${message}"; tail -n 500 "${logfile}"; printf '\n\n\nFull build log at %s (download: %s)\n' "${logfile}" "${url}") else body=${message} fi printf 'From: %s\r\nTo: %s\r\nSubject: %s\r\n\r\n%b' \ "${EMAIL_FROM}" "${EMAIL_TO}" "${subject}" "${body}" | \ /usr/sbin/sendmail -f "${EMAIL_FROM}" ${EMAIL_TO//,/ } } upsync_binpackages() { # parameter 1: a PKGDIR on the local host # parameter 2: the target dir in the mirroring system, should be of the # form arch/profileversion/name (e.g., amd64/17.0/x32 ) echo Upsyncing binpackages from $1 to $2 local SSH_CMD=( ssh -i ${UPLOAD_KEY} -o UserKnownHostsFile=/dev/null -o VerifyHostKeyDNS=yes -o StrictHostKeyChecking=no -o IPQoS=cs0 ) local RSYNC_OPTS=( -e "${SSH_CMD[*]}" --archive --delete --delete-after --omit-dir-times --delay-updates --mkpath --stats ) rsync "${RSYNC_OPTS[@]}" "$1"/* "${UPLOAD_USER}@releng-incoming.gentoo.org:/release/weekly/binpackages/$2/" } verify_dnssec() { which dig >/dev/null || { echo "net-dns/bind-tools is needed to verify DNSSEC is working" exit 1 } if ! dig +noall +comments dev.gentoo.org. IN SSHFP | egrep -q '^;; flags: [ a-z]+\'; then echo "DNSSEC does not appear to be working. Bailing out" exit 1 fi if ! grep -q '^options\>.*\' /etc/resolv.conf; then echo "DNSSEC is not enabled in /etc/resolv.conf" exit 1 fi } if [[ -f ${LOCKFILE} ]] ; then echo "lockfile ${LOCKFILE} exists, aborting" exit 111 fi touch ${LOCKFILE} || exit 112 verify_dnssec echo Starting run at $(date -u) > ${TMPFILE} echo Syncing host &>> ${TMPFILE} emerge --sync -q &>> ${TMPFILE} anyfail=0 exec {BASH_XTRACEFD}>> ${TMPFILE} set -x nspawn_command=(systemd-nspawn --bind /var/cache/distfiles --bind-ro /var/db/repos/gentoo --tmpfs=/var/tmp:mode=1777,size=${TMPFS_SIZE}g) for n in ${NSPAWN_NAMES} ; do machinedir=/var/lib/machines/${n} echo Machine ${n} &>> ${TMPFILE} echo &>> ${TMPFILE} cd ${machinedir}/etc/binhost &>> ${TMPFILE} git reset --hard &>> ${TMPFILE} git pull &>> ${TMPFILE} cd /root &>> ${TMPFILE} "${nspawn_command[@]}" -M ${n} /root/bin/run-update &>> ${TMPFILE} ret=$? let "anyfail+=${ret}" if [[ ${ret} = 0 ]]; then builder=/etc/$(readlink ${machinedir}/etc/binhost.this)/portage echo "Starting variant builds for ${machinedir}/${builder}..." &>> ${TMPFILE} for variant in ${machinedir}/${builder}/variants/*; do [[ -d ${variant} ]] || break echo "Variant: ${variant}" &>> ${TMPFILE} "${nspawn_command[@]}" --ephemeral --bind ${machinedir}/var/cache/binpkgs:/var/cache/binpkgs -M ${n} /root/bin/run-update ${variant##*/} &>> ${TMPFILE} let "anyfail+=$?" done fi done set +x cp ${TMPFILE} /var/lib/machines/binhost-amd64-x86-64-kde-23/var/cache/binpkgs/last-build.log upsync_binpackages /var/lib/machines/binhost-amd64-x86-64-kde-23/var/cache/binpkgs amd64/23.0/x86-64 &>> ${TMPFILE} upsync_binpackages /var/lib/machines/binhost-amd64-x86-64-v3-kde-23/var/cache/binpkgs amd64/23.0/x86-64-v3 &>> ${TMPFILE} if [[ ${anyfail} -gt 0 ]] ; then send_email "Update failed" "Binhost ${BINHOST_NAME} update failed in at least one nspawn" ${TMPFILE} fi rm ${LOCKFILE}