From e5b04002a18a6391fd20e02d65e4878901e509e4 Mon Sep 17 00:00:00 2001
From: CoreOS Admin <core@core.cherished.me>
Date: Sun, 26 Feb 2023 19:50:13 +0800
Subject: [PATCH] First Commit

---
 podmanctl | 141 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 141 insertions(+)
 create mode 100755 podmanctl

diff --git a/podmanctl b/podmanctl
new file mode 100755
index 0000000..53caf03
--- /dev/null
+++ b/podmanctl
@@ -0,0 +1,141 @@
+#!/bin/bash
+
+# --------------------------------------------------------- bash settings
+set -o xtrace
+set -u
+set -e
+
+# --------------------------------------------------------- usage
+usage () {
+  printf "Usage: podmanctl [${COMMANDS}] [<options>] <project> [<project>...]\n"
+  printf "  Options:\n"
+  printf "    -e <additional_environment_vars>\n"
+}
+
+# --------------------------------------------------------- command
+COMMANDS="restore|backup|create|run|stop|remove|clean|start"
+
+if [[ "$1" =~ ^(${COMMANDS})$ ]]; then
+  COMMAND="${1}"
+  shift
+else
+  COMMAND="project"
+fi
+
+# --------------------------------------------------------- args
+ARGS_ENV=""
+while getopts ':e:' OPT; do
+  case $OPT in
+    e) ARGS_ENV="${ARGS_ENV} --env ${OPTARG}";;
+    \?) usage; exit 1;;
+  esac
+done
+shift $((OPTIND -1))
+
+# arg checks
+if [[ $# -lt 1 ]]; then
+  printf "Project name argument missing\n"
+  usage
+  exit 2
+fi
+for PROJECT in $*; do
+  echo $PROJECT
+  if [[ ! -r ${PROJECT} ]]; then
+    printf "Project spec file '${PROJECT}' missing or not readable. Skipping\n"
+    continue
+  fi
+
+exit
+
+# --------------------------------------------------------- project vars
+RUNTIME="podman"
+ROOTDIR="$(realpath /root)"
+NETWORK="${PROJECT}-net"
+ENVFILE="${ROOTDIR}/${PROJECT}-env.conf"
+PODNAME="${PROJECT}-pod"
+REGADDR="cor.cherished.me/cherished.me"
+
+# project check
+if [[ ! -r $ENVFILE ]] then
+  printf "Environment file ${ENVFILE} not found or readable.\n"
+  usage
+  exit 2;
+fi
+if [[ ! "$(stat -L -c "%A" "${ROOTDIR}" |cut -c8-10 )" = "---" ]] then
+  printf "Error: ${ROOTDIR} is world readable\n"
+  usage
+  exit 3;
+fi
+
+# --------------------------------------------------------- stop pod service
+systemctl list-units --full -all \
+  |grep -Fq "podman-${PODNAME}.service" \
+  && systemctl stop podman-${PODNAME}.service
+
+# --------------------------------------------------------- network
+podman network exists ${NETWORK} \
+  || podman network create ${NETWORK}
+SUBNET="$(podman network inspect ${NETWORK} \
+  |grep -w "\"subnet\":" |sed 's/[\":,a-z,A-Z ]//g')"
+SUBNET_PREFIX="${SUBNET%\.0/24}"
+#printf "${SUBNET_PREFIX}" > "${PROJECT}-subnet"
+
+# --------------------------------------------------------- proxy network
+podman network exists proxy-net \
+  || podman network create proxy-net
+PROXY_SUBNET="$(podman network inspect proxy-net \
+  |grep -w "\"subnet\":" |sed 's/[\":,a-z,A-Z ]//g')"
+PROXY_SUBNET_PREFIX="${PROXY_SUBNET%\.0/24}"
+#printf "${PROXY_SUBNET_PREFIX}" > "proxy-subnet"
+
+# --------------------------------------------------------- spec var runtime
+if [[ $COMMAND = "run" ]]; then
+  SPEC_RUN="${RUNTIME} run -d"
+else
+  SPEC_RUN="${RUNTIME} create"
+fi
+
+# --------------------------------------------------------- spec vars
+SPEC_IP="--ip ${SUBNET_PREFIX}"
+SPEC_POD="--pod ${PODNAME}"
+SPEC_DNS="--dns ${SUBNET_PREFIX}.254"
+SPEC_ENV="--env-file ${ENVFILE}"
+SPEC_ENV="${SPEC_ENV} --env SUBNET=${SUBNET}"
+SPEC_ENV="${SPEC_ENV} ${ARGS_ENV}"
+SPEC_NAME="--name ${PROJECT}"
+SPEC_INFRA_NAME="--infra-name ${PROJECT}-infra"
+SPEC_IMAGE="${REGADDR}/${PROJECT}"
+SPEC_CONFIG="--volume ${ROOTDIR}"
+SPEC_SUBNET="--subnet ${SUBNET}"
+SPEC_LABELS="--label io.containers.autoupdate=registry"
+SPEC_VOLUME="--volume ${PROJECT}"
+SPEC_NETWORK="--network ${NETWORK}"
+SPEC_NETWORK_PREFIX="${SPEC_NETWORK}:ip=${SUBNET_PREFIX}"
+SPEC_PROXY_NET="--network proxy-net"
+SPEC_PROXY_NET_PREFIX="${SPEC_PROXY_NET}:ip=${PROXY_SUBNET_PREFIX}"
+SPEC_HOSTS=""
+SPEC_PUBLISH=""
+SPEC_ALIAS="--network-alias "
+
+# --------------------------------------------------------- create pod
+podman pod create --replace \
+  ${SPEC_NAME}-pod \
+  ${SPEC_INFRA_NAME}
+
+# --------------------------------------------------------- run containers
+source ${PROJECT}
+
+# --------------------------------------------------------- services create and start
+(cd /etc/systemd/system && \
+  podman generate systemd \
+    --name \
+    --stop-timeout=70 \
+    --pod-prefix=podman \
+    --restart-sec=5 \
+    --container-prefix=podman \
+    --files ${PODNAME} \
+) && systemctl daemon-reload \
+  && systemctl enable podman-${PODNAME}
+
+
+done