From b70eff4b6e8763d8b4fd1b0184a58ceb8ea0000c Mon Sep 17 00:00:00 2001 From: Fabian Arrotin Date: Jun 22 2020 14:06:55 +0000 Subject: Added some instructions for jekyll container with rootless podman Signed-off-by: Fabian Arrotin --- diff --git a/README.md b/README.md index e452aea..a2c0c20 100644 --- a/README.md +++ b/README.md @@ -6,72 +6,47 @@ Community effort to redesign CentOS websites using ## Installation This section describes the steps you need to follow in order to render the -final site using jekyll in Fedora 31. +final site using jekyll in Fedora 31/CentOS 8, with rootless container. +Let's assume the following (so feel free to update): -1. Clone this repository: + * git_upstream="https://git.stg.centos.org/centos/centos.org.git" + * git_directory="$HOME/git/" # where you'll git clone git repo - ]$ git clone https://git.stg.centos.org/centos/centos.org.git +Let's first clone git repo and ensure that some files in container will be owned by jekyll : +``` +test -d ${git_directory} || mkdir -p ${git_directory} +pushd ${git_directory} +test -d centos.org || git clone ${git_upstream} -1. Download jekyll container: +for i in .jekyll-cache vendor vendor/bundle _site ; do + podman unshare mkdir -p ${git_directory}/centos.org/${i} + podman unshare chown -R 1000:1000 ${git_directory}/centos.org/${i} +done +podman unshare chown -R 1000:1000 ${git_directory}/centos.org/Gemfile.lock +popd +``` - ]$ podman pull jekyll/jekyll +Let's now for the first time launch jekyll : -2. Create an alias to run jekyll container by adding the following line to -`~/.bashrc`: +``` +podman images |grep -q jekyll || podman run --volume="${git_directory}/centos.org:/srv/jekyll:z" --volume="${git_directory}/centos.org/vendor/bundle:/usr/local/bundle:z" --rm -it jekyll/jekyll bundle update +``` - ]$ alias jekyll='podman run --volume="$PWD:/srv/jekyll:z" --volume="$PWD/vendor/bundle:/usr/local/bundle:z" -p 4000:4000/tcp --rm -it jekyll/jekyll jekyll' +If that works, you'll have everything you need. You can then render/build the website (under _site directory) like this : +``` +podman run --volume="${git_directory}/centos.org:/srv/jekyll:z" --volume="${git_directory}/centos.org/vendor/bundle:/usr/local/bundle:z" --rm -it jekyll/jekyll jekyll build +``` -3. Reload the `./bashrc` file: +If you want to also edit file and have jekyll automatically rebuild the site when files are added/updated, you can run with with --watch +``` +podman run --volume="${git_directory}/centos.org:/srv/jekyll:z" volume="${git_directory}/centos.org/vendor/bundle:/usr/local/bundle:z" --rm -it jekyll/jekyll jekyll build --watch - ]$ source ~/.bashrc +``` -4. Update directory permissions using the container user namespace uid (1000) -and gid (1000). This is necessary for jekyll inside the container to be able of -writing in the host filesystem through the specified volumes: +Viewing website locally (so point browser to http://localhost:4000 : +``` +podman run --volume="${git_directory}/centos.org:/srv/jekyll:z" volume="${git_directory}/centos.org/vendor/bundle:/usr/local/bundle:z" -p 4000:4000/tcp --rm -it jekyll/jekyll jekyll serve - ]$ podman unshare chown 1000:1000 centos.org +``` - The permissions must be applied to all the files and directories jekyll reads - and writes to (e.g., `_site` for the final site, `vendor/bundle` for bundle - cache, `.jekyll-cache`, etc.). Once the files permission have been changed - this way you will see them using a high number (e.g., 100999). This number is - the subordinate uid and gid the host uses to related to container user - namespace uid and gid (e.g., 1000). -5. Create the `vendor/bundle` directory inside the `centos-jekyll-site` -directory: - - ]$ podman unshare mkdir -p vendor/bundle - -At this point you should be able to run the following: - - ]$ jekyll -v - ruby 2.6.5p114 (2019-10-01 revision 67812) [x86_64-linux-musl] - jekyll 4.0.0 - -The first time you run jekyll it takes some time downloading all the gems and -dependencies it needs. After this first download, it behaves like a regular -command. - -# Accessing the final site - -To access the final site you need to be inside the repository directory -structure, where the `Gemfile` is, and run the following: - - ]$ jekyll serve - -Then visit the site accessing to http://127.0.0.1:4000 in your host. - -# Making changes - -Operations like editing, copying, creating, moving and removing files owned by -by jekyll container user namespace uid and gid must be executed using `podman -unshare [arg]`. Otherwise, you may have permission issues. For -example, to edit jekyll main configuration, run the following command: - - ]$ podman unshare nvim _config.yml - -## Additional resources - -* https://github.com/envygeeks/jekyll-docker/blob/master/README.md -* https://www.redhat.com/sysadmin/rootless-podman-makes-sense