Skip to content

feat: add LXC container support for local relay testing#884

Open
hpk42 wants to merge 5 commits intomainfrom
hpk/lxcdeploy
Open

feat: add LXC container support for local relay testing#884
hpk42 wants to merge 5 commits intomainfrom
hpk/lxcdeploy

Conversation

@hpk42
Copy link
Contributor

@hpk42 hpk42 commented Mar 5, 2026
edited
Loading

Add cmdeploy "lxc-test" command to run cmdeploy against local containers, with supplementary lxc-start, lxc-stop and lxc-status subcommands.

See doc/source/lxc.rst for full documentation including prerequisites, DNS setup, TLS handling, DNS-free testing, and known limitations. I also pre-rendered it here: https://merlinux.eu/tmp/lx/lxc.html

Apart from adding lxc-specific docs, tests, and implementation files in the cmdeploy/lxc directory, this PR adds the --ssh-config option to cmdeploy run/dns/status/test commands and pyinfra invocations, and also to sshexec (Execnet) handling. This allows for the host to need no DNS entries for a relay, and route all resolution through ssh-config. This is used by the "lxc-test" command, which performs a completely local setup -- again, see docs for more details.

Some utilities for reading "deploy version" via git etc were centralized in the cmdeploy/utils.py file of helpers so that both lxc and non-lxc code can use it uniformly.

While working on DNS/SSH things i also unified all zone-file handling to use actual BIND format as it is easy enough to parse back.

related PRS:

chatmail/core#7926 to let core tests run against local lxc containers.

chatmail/chatmail-turn#11 to make chatmail-turn work in lxc containers

disclaimer: several rounds of LLM code/text generation were interweaved with manual editing and constraining/refactoring prompts during the work on this PR. I reviewed and tested changes multiple times, and eventually did several edits/refactorings by hand before asking for review.

@hpk42 hpk42 temporarily deployed to staging.chatmail.at/doc/relay/ March 5, 2026 20:02 — with GitHub Actions Inactive
@hpk42 hpk42 changed the title [WIP] feat: add LXC container support for local chatmail development [WIP] feat: add LXC container support for local relay testing Mar 5, 2026
@hpk42 hpk42 temporarily deployed to staging.chatmail.at/doc/relay/ March 5, 2026 20:26 — with GitHub Actions Inactive
@hpk42 hpk42 had a problem deploying to staging-ipv4.testrun.org March 5, 2026 20:26 — with GitHub Actions Error
@hpk42 hpk42 had a problem deploying to staging2.testrun.org March 5, 2026 20:26 — with GitHub Actions Error
@hpk42 hpk42 temporarily deployed to staging.chatmail.at/doc/relay/ March 5, 2026 20:34 — with GitHub Actions Inactive
@hpk42 hpk42 had a problem deploying to staging2.testrun.org March 5, 2026 20:34 — with GitHub Actions Error
@hpk42 hpk42 temporarily deployed to staging.chatmail.at/doc/relay/ March 5, 2026 20:43 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging-ipv4.testrun.org March 5, 2026 20:43 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging2.testrun.org March 5, 2026 20:43 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging2.testrun.org March 6, 2026 09:01 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging.chatmail.at/doc/relay/ March 6, 2026 09:01 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging-ipv4.testrun.org March 6, 2026 09:01 — with GitHub Actions Inactive
@hpk42
feat: add LXC container support for local chatmail development
7edb4e8 
Add cmdeploy "lxc-test" command to run cmdeploy against local containers,
with supplementary lxc-start, lxc-stop and lxc-status subcommands.
See doc/source/lxc.rst for full documentation including prerequisites,
DNS setup, TLS handling, DNS-free testing, and known limitations.

Apart from adding lxc-specific docs, tests, and implementation files in the cmdeploy/lxc directory,
this PR adds the --ssh-config option to cmdeploy run/dns/status/test commands and pyinfra invocations,
and also to sshexec (Execnet) handling.  This allows for the host to need no DNS entries for a relay,
and route all resolution through ssh-config.  This is used by the "lxc-test" command, which performs
a completely local setup -- again, see docs for more details.

While working on DNS/SSH things i also unified all zone-file handling
to use actual BIND format as it is easy enough to parse back.
@hpk42 hpk42 temporarily deployed to staging-ipv4.testrun.org March 6, 2026 09:06 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging.chatmail.at/doc/relay/ March 6, 2026 09:06 — with GitHub Actions Inactive
@hpk42 hpk42 had a problem deploying to staging2.testrun.org March 6, 2026 09:06 — with GitHub Actions Error
@hpk42 hpk42 temporarily deployed to staging.chatmail.at/doc/relay/ March 6, 2026 09:25 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging2.testrun.org March 6, 2026 09:25 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging-ipv4.testrun.org March 6, 2026 09:25 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging.chatmail.at/doc/relay/ March 6, 2026 09:52 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging-ipv4.testrun.org March 6, 2026 09:52 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging2.testrun.org March 6, 2026 09:52 — with GitHub Actions Inactive
@hpk42 hpk42 had a problem deploying to staging2.testrun.org March 6, 2026 09:59 — with GitHub Actions Error
@hpk42 hpk42 temporarily deployed to staging-ipv4.testrun.org March 6, 2026 09:59 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging.chatmail.at/doc/relay/ March 6, 2026 09:59 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging.chatmail.at/doc/relay/ March 6, 2026 10:02 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging2.testrun.org March 6, 2026 10:02 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging-ipv4.testrun.org March 6, 2026 10:02 — with GitHub Actions Inactive
@hpk42 hpk42 changed the title [WIP] feat: add LXC container support for local relay testing feat: add LXC container support for local relay testing Mar 6, 2026
@hpk42 hpk42 temporarily deployed to staging2.testrun.org March 6, 2026 11:11 — with GitHub Actions Inactive
@hpk42 hpk42 temporarily deployed to staging-ipv4.testrun.org March 6, 2026 11:11 — with GitHub Actions Inactive
link2xt
link2xt reviewed Mar 6, 2026
View reviewed changes
cmdeploy/src/cmdeploy/dns.py
line = raw_line.strip()
if not line or line.startswith(";"):
continue
parts = line.split(None, 4)
Copy link
Contributor

@link2xt link2xt Mar 6, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

try:
    name, ttl, _in, type, rdata = line.split(None, 4)
except ValueError:
    raise ValueError(f"Bad zone record line")
name = name.rstrip(".")
yield name, ttl, type.upper(), rdata

link2xt
link2xt reviewed Mar 6, 2026
View reviewed changes
doc/source/lxc.rst
``chatmail-turn`` discovers its listen addresses by enumerating globally routable IPs but
LXC containers only have private RFC 1918 addresses (``10.x.x.x``),
so the address list is empty and the server exits immediately.
`PR #11 on chatmail-turn <https://github.com/chatmail/chatmail-turn/pull/11>`_
Copy link
Contributor

@link2xt link2xt Mar 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is merged, so we probably only need to tag a release there (CI builds the binaries) and then it can be updated to remove this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@link2xt link2xt link2xt left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hpk42 @link2xt