=Automated Android App Builds= Goal: Get a compiled apk of [[https://github.com/asteroidos/AsteroidOSSync|AsteroidOS Sync]] from the latest git commit. I wanted to do this without untracked software clutter on my main machine, so I decided to do it in a systemd-nspawn container on my home server. The container and build turned out better than I expected, so I went ahead with automating the whole setup to check daily for new commits, building the app if there is a new commit, and dumping it in a folder outside of the container. ==Setting up systemd-nspawn== Arch makes this step super easy with the `arch-install-scripts` package: {{{class="prettyprint" # pacstrap -icd container/ base --ignore linux base-devel }}} * `-i`: Avoid auto-confirmation of package selections * `-c`: Use the package cache on the host rather than the target * `-d`: Allow installation to a non-mountpoint directory * `container/`: Path to your desired container location * `base --ignore linux base-devel`: Install the base and base-devel groups, ignoring the `linux` package. The kernel is not necessary inside this container, so might as well save the bandwidth This will get you a container with the latest packages ready to spin up. After that, all you need to do is: {{{class="prettyprint" # systemd-nspawn -bD container/ }}} This will boot the container and leave you at a login prompt. For Arch, root will be passwordless. Start here, and configure your new container for what you need. For my setup, I created an unprivileged user, added my `~/.bashrc` and `~/.vimrc`, and installed the android-sdk package from the AUR. Next, we need to automate bringing the new container up with a systemd service. Easiest way to get a service ready for a systemd-nspawn is to use the existing systemd-nspawn@.service, and tweak it for this specific use. To get a copy of this unit and start editing it right away, run `systemctl edit --full systemd-nspawn@containername.service`. This is the end product of my unit: {{{class="prettyprint" # /etc/systemd/system/systemd-nspawn@asteroid.service # This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. [Unit] Description=Container %i Documentation=man:systemd-nspawn(1) PartOf=machines.target Before=machines.target After=network.target [Service] ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest -U --settings=override --machine=%i -D /storage/containers/asteroid/sync-app/ --bind=/storage/containers/asteroid/output:/home/thurstylark/output KillMode=mixed Type=notify RestartForceExitStatus=133 SuccessExitStatus=133 Slice=machine.slice Delegate=yes TasksMax=16384 # Enforce a strict device policy, similar to the one nspawn configures # when it allocates its own scope unit. Make sure to keep these # policies in sync if you change them! DevicePolicy=closed DeviceAllow=/dev/net/tun rwm DeviceAllow=char-pts rw # nspawn itself needs access to /dev/loop-control and /dev/loop, to # implement the --image= option. Add these here, too. DeviceAllow=/dev/loop-control rw DeviceAllow=block-loop rw DeviceAllow=block-blkext rw [Install] WantedBy=machines.target }}} The only things changed from the original are all in `ExecStart=`: * `-D /storage/containers/asteroid/sync-app/`: Boot the nspawn from a directory instead of from an image, and the path to that directory * `--bind=/storage/containers/asteroid/output:/home/thurstylark/output`: Create a bind mount between the host and the container. The format is `/host/dir:/container/dir` where `/container/dir` is specified with `/` at the root of the container, not of the host. * Removed `--network-veth` to use the networking from the host instead of creating a virtual ethernet link. Check the systemd-nspawn manpage for more info. ===Reference=== * https://wiki.archlinux.org/index.php/Systemd-nspawn ---- (wip)