debvm-create: move functionality into support files

The benefit of this change is that we don't have to escape that much. As
a consequence, it becomes easier to put more code into the customization
hooks, which have access to installed package versions. Thus we can
reduce the use of DEBVER and thus improve working with snapshot.d.o.

5 files changed, 90 insertions, 23 deletions

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d7f2aee..29e0783 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -5,14 +5,14 @@ shellcheck:
     - apt-get update
     - apt-get dist-upgrade --yes
     - apt-get --no-install-recommends --yes install shellcheck
-    - shellcheck -P tests bin/* tests/*.sh
+    - shellcheck -P tests bin/* share/*.sh tests/*.sh
 
 codespell:
   script:
     - apt-get update
     - apt-get dist-upgrade --yes
     - apt-get --no-install-recommends --yes install codespell
-    - codespell bin/* tests/*.sh
+    - codespell bin/* share/*.sh tests/*.sh
 
 release_test:
   parallel:
diff --git a/bin/debvm-create b/bin/debvm-create
index 0dc619b..9d637b1 100755
--- a/bin/debvm-create
+++ b/bin/debvm-create
@@ -97,6 +97,8 @@ SSHKEY=
 SUITE=unstable
 VMNAME=testvm
 
+SHARE_DIR="${0%/*}/../share"
+
 nth_arg() {
 	shift "$1"
 	printf "%s" "$1"
@@ -255,14 +257,7 @@ fi
 if test "$DEBVER" -ge 9; then
 	INCLUDE_PACKAGES="$INCLUDE_PACKAGES,libnss-resolve"
 fi
-if test "$DEBVER" -le 11; then
-	set -- '--customize-hook=chroot "$1" systemctl enable systemd-resolved.service' "$@"
-fi
-if test "$DEBVER" -le 9; then
-	set -- '--customize-hook=ln -fs ../run/systemd/resolve/resolv.conf "$1/etc/resolv.conf"' "$@"
-elif test "$DEBVER" -le 11; then
-	set -- '--customize-hook=ln -fs ../run/systemd/resolve/stub-resolv.conf "$1/etc/resolv.conf"' "$@"
-fi
+set -- "--customize-hook=$SHARE_DIR/customize-resolved.sh" "$@"
 
 # construct mmdebstrap options as $@:
 set -- \
@@ -285,15 +280,7 @@ set -- \
 set -- '--customize-hook=chroot "$1" passwd --delete root' "$@"
 
 # dhcp on all network interfaces
-SYSD_NET_MATCH='Name=en*\n'
-test "$DEBVER" -le 8 && SYSD_NET_MATCH="${SYSD_NET_MATCH}Name=eth*\\n"
-SYSD_NET_NET='DHCP=yes\n'
-# This anchor is included by default since bullseye. Fails DNSSEC validation when missing.
-test "$DEBVER" -le 11 && SYSD_NET_NET="${SYSD_NET_NET}DNSSECNegativeTrustAnchors=home.arpa\\n"
-set -- \
-	'--customize-hook=chroot "$1" systemctl enable systemd-networkd.service' \
-	"--customize-hook=printf \"[Match]\\n$SYSD_NET_MATCH\\n[Network]\\n$SYSD_NET_NET"'\n[DHCP]\nUseDomains=yes\n" > "$1/etc/systemd/network/20-wired.network"' \
-	"$@"
+set -- "--customize-hook=$SHARE_DIR/customize-networkd.sh" "$@"
 
 # add ssh key for root
 if test -n "$SSHKEY"; then
@@ -320,10 +307,7 @@ if test "$DEBVER" -ge 12; then
 	set -- --hook-dir=/usr/share/mmdebstrap/hooks/merged-usr "$@"
 fi
 
-set -- \
-	'--customize-hook=mkdir "$1/etc/systemd/system/serial-getty@.service.d"' \
-	"--customize-hook=sed -n -e '1i[Service]' -e '1iExecStart=' -e 's,^ExecStart=-/sbin/agetty ,&-a root ,p'"' "$1/lib/systemd/system/serial-getty@.service" > "$1/etc/systemd/system/serial-getty@.service.d/autologin.conf"' \
-	"$@"
+set -- "--customize-hook=$SHARE_DIR/customize-autologin.sh" "$@"
 
 # suite target mirror
 set -- "$@" "$SUITE" "$IMAGE" "deb $MIRROR $SUITE main"
diff --git a/share/customize-autologin.sh b/share/customize-autologin.sh
new file mode 100755
index 0000000..5592a03
--- /dev/null
+++ b/share/customize-autologin.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+# Copyright 2022 Helmut Grohne <helmut@subdivi.de>
+# SPDX-License-Identifier: MIT
+#
+# This is a mmdebstrap customize hook that configures automatic root login on a
+# serial console.
+
+set -eu
+
+TARGET=$1
+
+UNIT=serial-getty@.service
+
+mkdir "$TARGET/etc/systemd/system/$UNIT.d"
+
+(
+	echo '[Service]'
+	echo 'ExecStart='
+	sed -n 's,^ExecStart=-/sbin/agetty ,&-a root ,p' "$TARGET/lib/systemd/system/$UNIT"
+) > "$TARGET/etc/systemd/system/$UNIT.d/autologin.conf"
diff --git a/share/customize-networkd.sh b/share/customize-networkd.sh
new file mode 100755
index 0000000..c89aae2
--- /dev/null
+++ b/share/customize-networkd.sh
@@ -0,0 +1,37 @@
+#!/bin/sh
+# Copyright 2022 Helmut Grohne <helmut@subdivi.de>
+# SPDX-License-Identifier: MIT
+#
+# This is a mmdebstrap customize hook that enables and configures
+# systemd-networkd on various Debian releases.
+
+set -eu
+
+TARGET=$1
+
+SYSTEMD_VERSION=$(dpkg-query --root "$TARGET" -f '${Version}' -W systemd)
+
+if test "${MMDEBSTRAP_MODE:-}" = chrootless; then
+	systemctl --root "$TARGET" enable systemd-networkd.service
+else
+	chroot "$TARGET" systemctl enable systemd-networkd.service
+fi
+
+{
+	echo '[Match]'
+	echo 'Name=en*'
+	if dpkg --compare-versions "$SYSTEMD_VERSION" lt 220-7~; then
+		echo 'Name=eth*'
+	fi
+
+	echo '[Network]'
+	echo 'DHCP=yes'
+
+	if dpkg --compare-versions "$SYSTEMD_VERSION" lt 249; then
+		# This anchor is included by default since bullseye. Fails DNSSEC
+		# validation when missing.
+		echo 'DNSSECNegativeTrustAnchors=home.arpa'
+	fi
+	echo '[DHCP]'
+	echo 'UseDomains=yes'
+} >"$TARGET/etc/systemd/network/20-wired.network"
diff --git a/share/customize-resolved.sh b/share/customize-resolved.sh
new file mode 100755
index 0000000..e8fe248
--- /dev/null
+++ b/share/customize-resolved.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+# Copyright 2022 Helmut Grohne <helmut@subdivi.de>
+# SPDX-License-Identifier: MIT
+#
+# This is a mmdebstrap customize hook that enables systemd-resolved on various
+# Debian releases.
+
+set -eu
+
+TARGET=$1
+
+LIBNSS_RESOLVE_VERSION=$(dpkg-query --root "$TARGET" -f '${Version}' -W libnss-resolve 2>/dev/null) || :
+
+if dpkg --compare-versions "$LIBNSS_RESOLVE_VERSION" lt 251.3-2~exp1; then
+	if test "${MMDEBSTRAP_MODE:-}" = chrootless; then
+		systemctl --root "$TARGET" enable systemd-resolved.service
+	else
+		chroot "$TARGET" systemctl enable systemd-resolved.service
+	fi
+
+	if test -z "$LIBNSS_RESOLVE_VERSION"; then
+		ln -fs ../run/systemd/resolve/resolv.conf "$TARGET/etc/resolv.conf"
+	else
+		ln -fs ../run/systemd/resolve/stub-resolv.conf "$TARGET/etc/resolv.conf"
+	fi
+fi