-
Notifications
You must be signed in to change notification settings - Fork 0
/
run.sh
executable file
·129 lines (111 loc) · 2.55 KB
/
run.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
#!/bin/bash
HOST_NETWORKING=""
while getopts ":hn:rv:x" opt; do
case $opt in
n)
NAME=$OPTARG
;;
x)
USE_X11_FORWARDING=1
;;
r)
REMOVE_AFTER_EXIT=1
;;
v)
VOLUMES+="-v $OPTARG "
;;
h)
HOST_NETWORKING+="--net host "
;;
*)
exit 1
;;
esac
done
shift $((OPTIND - 1))
if [ ! -d "$1" ]; then
echo "first argument is not a directory"
exit 1
fi
SHARED_SYS_CERTS_MOUNT=""
SHARED_SYS_CERTS="/etc/pki/ca-trust/source/anchors"
if [ -d "$SHARED_SYS_CERTS" ]; then
SHARED_SYS_CERTS_MOUNT="--volume /etc/pki/ca-trust/source/anchors:/etc/pki/ca-trust/source/anchors:ro"
fi
EXPOSED_PORTS=""
EXPOSE_PORTS=$(awk -F= '{print $1}' "$1"/ports.conf)
for EXPOSE_PORT in $EXPOSE_PORTS; do
EXPOSED_PORT=$EXPOSE_PORT
while true; do
if command -v ss >/dev/null; then
if ! ss -tulpn | grep "$EXPOSED_PORT" >/dev/null 2>&1; then
break
fi
elif command -v lsof >/dev/null; then
if ! lsof -i -P -n | grep "$EXPOSED_PORT" >/dev/null 2>&1; then
break
fi
fi
((EXPOSED_PORT++))
done
EXPOSED_PORTS+="--publish $EXPOSED_PORT:$EXPOSE_PORT "
echo "Publishing $EXPOSE_PORT under $EXPOSED_PORT"
done
X11_FORWARDING_ARGS=""
if ! test -z $USE_X11_FORWARDING; then
if command -v xhost >/dev/null; then
xhost + local:
fi
X11_FORWARDING_ARGS="--env DISPLAY --volume=/tmp/.X11-unix:/tmp/.X11-unix:rw "
if command -v nvidia-ctk>/dev/null; then
X11_FORWARDING_ARGS+="--device nvidia.com/gpu=all "
else
if [ -d /dev/dri ]; then
X11_FORWARDING_ARGS+="--device /dev/dri "
fi
fi
fi
if test -z $NAME; then
NAME="$(basename $1)"
fi
if command -v loginctl>/dev/null; then
PID_1_COMM=""
if command -v ps >/dev/null; then
PID_1_COMM=$(ps -p 1 -o comm=)
elif test -d /proc; then
PID_1_COMM=$(cat /proc/1/comm)
else
echo "could not determine comm of pid 1"
fi
if [ ! "$PID_1_COMM" = "systemd" ]; then
loginctl enable-linger "$(id -u)"
fi
fi
RUN_ARGS=""
if ! test -z "$2"; then
RUN_ARGS="$2"
fi
REMOVE_AFTER_EXIT_ARGS=""
if ! test -z $REMOVE_AFTER_EXIT; then
REMOVE_AFTER_EXIT_ARGS+="--rm "
if [ -t 1 ]; then
REMOVE_AFTER_EXIT_ARGS+="--interactive --tty "
fi
else
REMOVE_AFTER_EXIT_ARGS+="--detach "
fi
IMAGE_NAME=$(basename $1)
set -x
podman run \
$REMOVE_AFTER_EXIT_ARGS \
$EXPOSED_PORTS \
$SHARED_SYS_CERTS_MOUNT \
--security-opt label=disable \
--security-opt seccomp=unconfined \
$VOLUMES \
$HOST_NETWORKING \
--device /dev/fuse:rw \
$X11_FORWARDING_ARGS \
--name "$NAME" \
--hostname "$NAME" \
"$IMAGE_NAME" $RUN_ARGS