##// END OF EJS Templates
code cleanup and even more spliting
Jan Wagner -
r70:94ac6dc790aa
parent child
Show More
@@ -0,0 +1,1
1 spoof warn
@@ -1,29 +1,29
1 1 #
2 2 # Setup APT repositories
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Use proxy inside chroot
9 9 if [ -z "$APT_PROXY" ] ; then
10 10 install_readonly files/apt/10proxy $R/etc/apt/apt.conf.d/10proxy
11 sed -i -e "s/\"\"/\"${APT_PROXY}\"/" $R/etc/apt/apt.conf.d/10proxy
11 sed -i "s/\"\"/\"${APT_PROXY}\"/" $R/etc/apt/apt.conf.d/10proxy
12 12 fi
13 13
14 14 # Pin package flash-kernel to repositories.collabora.co.uk
15 15 install_readonly files/apt/flash-kernel $R/etc/apt/preferences.d/flash-kernel
16 16
17 17 # Upgrade collabora package index and install collabora keyring
18 18 echo "deb https://repositories.collabora.co.uk/debian ${RELEASE} rpi2" >$R/etc/apt/sources.list
19 19 chroot_exec apt-get -qq -y update
20 20 chroot_exec apt-get -qq -y --force-yes install collabora-obs-archive-keyring
21 21
22 22 # Set up initial sources.list
23 23 install_readonly files/apt/sources.list $R/etc/apt/sources.list
24 sed -i -e "s/\/ftp.debian.org\//\/${APT_SERVER}\//" $R/etc/apt/sources.list
25 sed -i -e "s/ jessie/ ${RELEASE}/" $R/etc/apt/sources.list
24 sed -i "s/\/ftp.debian.org\//\/${APT_SERVER}\//" $R/etc/apt/sources.list
25 sed -i "s/ jessie/ ${RELEASE}/" $R/etc/apt/sources.list
26 26
27 27 # Upgrade package index and update all installed packages and changed dependencies
28 28 chroot_exec apt-get -qq -y update
29 29 chroot_exec apt-get -qq -y -u dist-upgrade
@@ -1,58 +1,58
1 1 #
2 2 # Setup Locales and keyboard settings
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Set up timezone
9 9 echo ${TIMEZONE} >$R/etc/timezone
10 10 chroot_exec dpkg-reconfigure -f noninteractive tzdata
11 11
12 12 # Set up default locale and keyboard configuration
13 13 if [ "$ENABLE_MINBASE" = false ] ; then
14 14 # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug
15 15 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957
16 16 # ... so we have to set locales manually
17 17 if [ "$DEFLOCAL" = "en_US.UTF-8" ] ; then
18 18 chroot_exec echo "locales locales/locales_to_be_generated multiselect ${DEFLOCAL} UTF-8" | debconf-set-selections
19 19 else
20 20 # en_US.UTF-8 should be available anyway : https://www.debian.org/doc/manuals/debian-reference/ch08.en.html#_the_reconfiguration_of_the_locale
21 21 chroot_exec echo "locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8, ${DEFLOCAL} UTF-8" | debconf-set-selections
22 chroot_exec sed -i "/en_US.UTF-8/s/^#//" /etc/locale.gen
22 sed -i "/en_US.UTF-8/s/^#//" $R/etc/locale.gen
23 23 fi
24 24
25 chroot_exec sed -i "/${DEFLOCAL}/s/^#//" /etc/locale.gen
25 sed -i "/${DEFLOCAL}/s/^#//" $R/etc/locale.gen
26 26 chroot_exec echo "locales locales/default_environment_locale select ${DEFLOCAL}" | debconf-set-selections
27 27 chroot_exec locale-gen
28 28 chroot_exec update-locale LANG=${DEFLOCAL}
29 29
30 30 # Keyboard configuration, if requested
31 31 if [ "$XKB_MODEL" != "" ] ; then
32 chroot_exec sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKB_MODEL}\"/" /etc/default/keyboard
32 sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKB_MODEL}\"/" $R/etc/default/keyboard
33 33 fi
34 34 if [ "$XKB_LAYOUT" != "" ] ; then
35 chroot_exec sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKB_LAYOUT}\"/" /etc/default/keyboard
35 sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKB_LAYOUT}\"/" $R/etc/default/keyboard
36 36 fi
37 37 if [ "$XKB_VARIANT" != "" ] ; then
38 chroot_exec sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKB_VARIANT}\"/" /etc/default/keyboard
38 sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKB_VARIANT}\"/" $R/etc/default/keyboard
39 39 fi
40 40 if [ "$XKB_OPTIONS" != "" ] ; then
41 chroot_exec sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKB_OPTIONS}\"/" /etc/default/keyboard
41 sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKB_OPTIONS}\"/" $R/etc/default/keyboard
42 42 fi
43 43 chroot_exec dpkg-reconfigure -f noninteractive keyboard-configuration
44 44
45 45 # Set up font console
46 46 case "${DEFLOCAL}" in
47 47 *UTF-8)
48 chroot_exec sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' /etc/default/console-setup
48 sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' $R/etc/default/console-setup
49 49 ;;
50 50 *)
51 chroot_exec sed -i 's/^CHARMAP.*/CHARMAP="guess"/' /etc/default/console-setup
51 sed -i 's/^CHARMAP.*/CHARMAP="guess"/' $R/etc/default/console-setup
52 52 ;;
53 53 esac
54 54 chroot_exec dpkg-reconfigure -f noninteractive console-setup
55 else
55 else # ENABLE_MINBASE=true
56 56 # Set POSIX default locales
57 57 install_readonly files/locales/locale $R/etc/default/locale
58 58 fi
@@ -1,122 +1,122
1 1 #
2 2 # Build and Setup RPi2 Kernel
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Fetch and build latest raspberry kernel
9 9 if [ "$BUILD_KERNEL" = true ] ; then
10 10 # Fetch current raspberrypi kernel sources
11 11 git -C $R/usr/src clone --depth=1 https://github.com/raspberrypi/linux
12 12
13 13 # Load default raspberry kernel configuration
14 14 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- bcm2709_defconfig
15 15
16 16 # Calculate optimal number of kernel building threads
17 17 if [ "KERNEL_THREADS" = 1 ] ; then
18 18 if [ -f /proc/cpuinfo ] ; then
19 19 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
20 20 fi
21 21 fi
22 22
23 23 # Cross compile kernel and modules
24 24 make -C $R/usr/src/linux -j${KERNEL_THREADS} ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- zImage modules dtbs
25 25
26 26 # Install kernel modules
27 27 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_MOD_PATH=../../.. modules_install
28 28
29 29 # Install kernel headers
30 30 if [ "$KERNEL_HEADERS" = true ]; then
31 31 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_HDR_PATH=../.. headers_install
32 32 fi
33 33
34 34 # Copy and rename compiled kernel to boot directory
35 35 mkdir $R/boot/firmware/
36 36 $R/usr/src/linux/scripts/mkknlimg $R/usr/src/linux/arch/arm/boot/zImage $R/boot/firmware/kernel7.img
37 37
38 38 # Copy dts and dtb device definitions
39 39 mkdir $R/boot/firmware/overlays/
40 40 cp $R/usr/src/linux/arch/arm/boot/dts/*.dtb $R/boot/firmware/
41 41 cp $R/usr/src/linux/arch/arm/boot/dts/overlays/*.dtb* $R/boot/firmware/overlays/
42 42 cp $R/usr/src/linux/arch/arm/boot/dts/overlays/README $R/boot/firmware/overlays/
43 43
44 44 # Remove kernel sources
45 45 if [ "$KERNEL_RMSRC" = true ]; then
46 46 rm -fr $R/usr/src/linux
47 47 fi
48 48
49 49 # Install raspberry bootloader and flash-kernel
50 50 chroot_exec apt-get -qq -y --no-install-recommends install raspberrypi-bootloader-nokernel
51 else
51 else # BUILD_KERNEL=false
52 52 # Kernel installation
53 53 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-${COLLABORA_KERNEL} raspberrypi-bootloader-nokernel
54 54
55 55 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
56 56 chroot_exec apt-get -qq -y install flash-kernel
57 57
58 58 VMLINUZ="$(ls -1 $R/boot/vmlinuz-* | sort | tail -n 1)"
59 59 [ -z "$VMLINUZ" ] && exit 1
60 60 cp $VMLINUZ $R/boot/firmware/kernel7.img
61 61 fi
62 62
63 63 # Set up firmware boot cmdline
64 64 if [ "$ENABLE_SPLITFS" = true ] ; then
65 65 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1 ${CMDLINE}"
66 66 else
67 67 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1 ${CMDLINE}"
68 68 fi
69 69
70 70 # Set up serial console support (if requested)
71 71 if [ "$ENABLE_CONSOLE" = true ] ; then
72 72 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
73 73 fi
74 74
75 75 # Set up IPv6 networking support
76 76 if [ "$ENABLE_IPV6" = false ] ; then
77 77 CMDLINE="${CMDLINE} ipv6.disable=1"
78 78 fi
79 79
80 80 echo "${CMDLINE}" >$R/boot/firmware/cmdline.txt
81 81
82 82 # Set up firmware config
83 83 install_readonly files/boot/config.txt $R/boot/firmware/config.txt
84 84
85 85 # Load snd_bcm2835 kernel module at boot time
86 86 if [ "$ENABLE_SOUND" = true ] ; then
87 87 echo "snd_bcm2835" >>$R/etc/modules
88 88 fi
89 89
90 90 # Set smallest possible GPU memory allocation size: 16MB (no X)
91 91 if [ "$ENABLE_MINGPU" = true ] ; then
92 92 echo "gpu_mem=16" >>$R/boot/firmware/config.txt
93 93 fi
94 94
95 95 # Create symlinks
96 96 ln -sf firmware/config.txt $R/boot/config.txt
97 97 ln -sf firmware/cmdline.txt $R/boot/cmdline.txt
98 98
99 99 # Prepare modules-load.d directory
100 100 mkdir -p $R/lib/modules-load.d/
101 101
102 102 # Load random module on boot
103 103 if [ "$ENABLE_HWRANDOM" = true ] ; then
104 104 cat <<EOM >$R/lib/modules-load.d/rpi2.conf
105 105 bcm2708_rng
106 106 EOM
107 107 fi
108 108
109 109 # Prepare modprobe.d directory
110 110 mkdir -p $R/etc/modprobe.d/
111 111
112 112 # Blacklist sound modules
113 113 install_readonly files/modprobe.d/raspi-blacklist.conf $R/etc/modprobe.d/raspi-blacklist.conf
114 114
115 115 # Create default fstab
116 116 install_readonly files/mount/fstab $R/etc/fstab
117 117 if [ "$ENABLE_SPLITFS" = true ] ; then
118 118 sed -i 's/mmcblk0p2/sda1/' $R/etc/fstab
119 119 fi
120 120
121 121 # Avoid swapping and increase cache sizes
122 122 install_readonly files/sysctl.d/81-rpi-vm.conf $R/etc/sysctl.d/81-rpi-vm.conf
@@ -1,69 +1,68
1 1 #
2 2 # Setup Networking
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Set up IPv4 hosts
9 9 install_readonly files/network/hostname $R/etc/hostname
10 sed -i -e "s/^rpi2-jessie/${HOSTNAME}/" $R/etc/hostname
10 sed -i "s/^rpi2-jessie/${HOSTNAME}/" $R/etc/hostname
11 11
12 12 install_readonly files/network/hosts $R/etc/hosts
13 sed -i -e "s/rpi2-jessie/${HOSTNAME}/" $R/etc/hosts
13 sed -i "s/rpi2-jessie/${HOSTNAME}/" $R/etc/hosts
14 14
15 15 if [ "$NET_ADDRESS" != "" ] ; then
16 16 NET_IP=$(echo ${NET_ADDRESS} | cut -f 1 -d'/')
17 17 sed -i "s/^127.0.1.1/${NET_IP}/" $R/etc/hosts
18 18 fi
19 19
20 20 # Set up IPv6 hosts
21 21 if [ "$ENABLE_IPV6" = true ] ; then
22 22 cat <<EOM >>$R/etc/hosts
23 23
24 24 ::1 localhost ip6-localhost ip6-loopback
25 25 ff02::1 ip6-allnodes
26 26 ff02::2 ip6-allrouters
27 27 EOM
28 28 fi
29 29
30 30 # Place hint about network configuration
31 31 install_readonly files/network/interfaces $R/etc/network/interfaces
32 32
33 33 if [ "$ENABLE_DHCP" = true ] ; then
34 # Enable systemd-networkd DHCP configuration for interface eth0
35 install_readonly files/network/eth.network $R/etc/systemd/network/eth.network
34 # Enable systemd-networkd DHCP configuration for interface eth0
35 install_readonly files/network/eth.network $R/etc/systemd/network/eth.network
36 36
37 # Set DHCP configuration to IPv4 only
37 # Set DHCP configuration to IPv4 only
38 38 if [ "$ENABLE_IPV6" = false ] ; then
39 39 sed -i "s/^DHCP=yes/DHCP=v4/" $R/etc/systemd/network/eth.network
40 40 fi
41
41 42 else # ENABLE_DHCP=false
42 43 cat <<EOM >$R/etc/systemd/network/eth.network
43 44 [Match]
44 45 Name=eth0
45 46
46 47 [Network]
47 48 DHCP=no
48 49 Address=${NET_ADDRESS}
49 50 Gateway=${NET_GATEWAY}
50 51 DNS=${NET_DNS_1}
51 52 DNS=${NET_DNS_2}
52 53 Domains=${NET_DNS_DOMAINS}
53 54 NTP=${NET_NTP_1}
54 55 NTP=${NET_NTP_2}
55 56 EOM
56 57 fi
57 58
58 59 # Enable systemd-networkd service
59 60 chroot_exec systemctl enable systemd-networkd
60 61
61 62 # Enable network stack hardening
62 63 if [ "$ENABLE_HARDNET" = true ] ; then
63 64 install_readonly files/sysctl.d/82-rpi-net-hardening.conf $R/etc/sysctl.d/82-rpi-net-hardening.conf
64 65
65 # Enable resolver warnings about spoofed addresses
66 cat <<EOM >>$R/etc/host.conf
67 spoof warn
68 EOM
66 # Enable resolver warnings about spoofed addresses
67 install_readonly files/network/host.conf $R/etc/host.conf
69 68 fi
@@ -1,44 +1,44
1 1 #
2 2 # Setup Firewall
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 if [ "$ENABLE_IPTABLES" = true ] ; then
9 9 # Create iptables configuration directory
10 10 mkdir -p "$R/etc/iptables"
11 11
12 12 # Create iptables systemd service
13 13 install_readonly files/iptables/iptables.service $R/etc/systemd/system/iptables.service
14 14
15 15 # Create flush-table script called by iptables service
16 16 install_exec files/iptables/flush-iptables.sh $R/etc/iptables/flush-iptables.sh
17 17
18 18 # Create iptables rule file
19 19 install_readonly files/iptables/iptables.rules $R/etc/iptables/iptables.rules
20 20
21 21 # Reload systemd configuration and enable iptables service
22 22 chroot_exec systemctl daemon-reload
23 23 chroot_exec systemctl enable iptables.service
24 24
25 25 if [ "$ENABLE_IPV6" = true ] ; then
26 26 # Create ip6tables systemd service
27 27 install_readonly files/iptables/ip6tables.service $R/etc/systemd/system/ip6tables.service
28 28
29 29 # Create ip6tables file
30 30 install_exec files/iptables/flush-ip6tables.sh $R/etc/iptables/flush-ip6tables.sh
31 31
32 32 install_readonly files/iptables/ip6tables.rules $R/etc/iptables/ip6tables.rules
33 33
34 34 # Reload systemd configuration and enable iptables service
35 35 chroot_exec systemctl daemon-reload
36 36 chroot_exec systemctl enable ip6tables.service
37 37 fi
38 38 fi
39 39
40 # Remove SSHD related iptables rules
41 40 if [ "$ENABLE_SSHD" = false ] ; then
42 sed -e '/^#/! {/SSH/ s/^/# /}' -i $R/etc/iptables/iptables.rules 2> /dev/null
43 sed -e '/^#/! {/SSH/ s/^/# /}' -i $R/etc/iptables/ip6tables.rules 2> /dev/null
41 # Remove SSHD related iptables rules
42 sed -i "/^#/! {/SSH/ s/^/# /}" $R/etc/iptables/iptables.rules 2> /dev/null
43 sed -i "/^#/! {/SSH/ s/^/# /}" $R/etc/iptables/ip6tables.rules 2> /dev/null
44 44 fi
@@ -1,31 +1,32
1 1 #
2 2 # Setup users and security settings
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Generate crypt(3) password string
9 9 ENCRYPTED_PASSWORD=`mkpasswd -m sha-512 ${PASSWORD}`
10 10
11 11 # Set up default user
12 12 if [ "$ENABLE_USER" = true ] ; then
13 13 chroot_exec adduser --gecos pi --add_extra_groups --disabled-password pi
14 14 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_PASSWORD}" pi
15 15 fi
16 16
17 17 # Set up root password or not
18 18 if [ "$ENABLE_ROOT" = true ]; then
19 19 chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root
20 20
21 21 if [ "$ENABLE_ROOT_SSH" = true ]; then
22 sed -i 's|[#]*PermitRootLogin.*|PermitRootLogin yes|g' $R/etc/ssh/sshd_config
22 sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin yes|g" $R/etc/ssh/sshd_config
23 23 fi
24 24 else
25 # Set no root password to disable root login
25 26 chroot_exec usermod -p \'!\' root
26 27 fi
27 28
28 29 # Enable serial console systemd style
29 30 if [ "$ENABLE_CONSOLE" = true ] ; then
30 31 chroot_exec systemctl enable serial-getty\@ttyAMA0.service
31 32 fi
@@ -1,13 +1,13
1 1 #
2 2 # Setup Logging
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Disable rsyslog
9 9 if [ "$ENABLE_RSYSLOG" = false ]; then
10 sed -i 's|[#]*ForwardToSyslog=yes|ForwardToSyslog=no|g' $R/etc/systemd/journald.conf
10 sed -i "s|[#]*ForwardToSyslog=yes|ForwardToSyslog=no|g" $R/etc/systemd/journald.conf
11 11 chroot_exec systemctl disable rsyslog
12 12 chroot_exec apt-get purge -q -y --force-yes rsyslog
13 13 fi
@@ -1,352 +1,353
1 1 #!/bin/sh
2 2
3 3 ########################################################################
4 4 # rpi2-gen-image.sh ver2a 12/2015
5 5 #
6 6 # Advanced debian "jessie" bootstrap script for RPi2
7 7 #
8 8 # This program is free software; you can redistribute it and/or
9 9 # modify it under the terms of the GNU General Public License
10 10 # as published by the Free Software Foundation; either version 2
11 11 # of the License, or (at your option) any later version.
12 12 #
13 13 # some parts based on rpi2-build-image:
14 14 # Copyright (C) 2015 Ryan Finnie <ryan@finnie.org>
15 15 # Copyright (C) 2015 Luca Falavigna <dktrkranz@debian.org>
16 16 ########################################################################
17 17
18 18 # Load utility functions
19 19 . ./functions.sh
20 20
21 # Introduce settings
21 22 set -e
22 23 echo -n -e "\n#\n# RPi2 Bootstrap Settings\n#\n"
23 24 set -x
24 25
25 26 # Debian release
26 27 RELEASE=${RELEASE:=jessie}
27 28 COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2}
28 29
29 30 # Build settings
30 31 BASEDIR=$(pwd)/images/${RELEASE}
31 32 BUILDDIR=${BASEDIR}/build
32 33
33 34 # General settings
34 35 HOSTNAME=${HOSTNAME:=rpi2-${RELEASE}}
35 36 PASSWORD=${PASSWORD:=raspberry}
36 37 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
37 38 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
38 39 EXPANDROOT=${EXPANDROOT:=true}
39 40
40 41 # Keyboard settings
41 42 XKB_MODEL=${XKB_MODEL:=""}
42 43 XKB_LAYOUT=${XKB_LAYOUT:=""}
43 44 XKB_VARIANT=${XKB_VARIANT:=""}
44 45 XKB_OPTIONS=${XKB_OPTIONS:=""}
45 46
46 47 # Network settings (DHCP)
47 48 ENABLE_DHCP=${ENABLE_DHCP:=true}
48 49
49 50 # Network settings (static)
50 51 # only used on ENABLE_DHCP=false
51 52 NET_ADDRESS=${NET_ADDRESS:=""}
52 53 NET_GATEWAY=${NET_GATEWAY:=""}
53 54 NET_DNS_1=${NET_DNS_1:=""}
54 55 NET_DNS_2=${NET_DNS_2:=""}
55 56 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
56 57 NET_NTP_1=${NET_NTP_1:=""}
57 58 NET_NTP_2=${NET_NTP_2:=""}
58 59
59 60 # APT settings
60 61 APT_PROXY=${APT_PROXY:=""}
61 62 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
62 63
63 64 # Feature settings
64 65 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
65 66 ENABLE_IPV6=${ENABLE_IPV6:=true}
66 67 ENABLE_SSHD=${ENABLE_SSHD:=true}
67 68 ENABLE_SOUND=${ENABLE_SOUND:=true}
68 69 ENABLE_DBUS=${ENABLE_DBUS:=true}
69 70 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
70 71 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
71 72 ENABLE_XORG=${ENABLE_XORG:=false}
72 73 ENABLE_WM=${ENABLE_WM:=""}
73 74 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
74 75 ENABLE_USER=${ENABLE_USER:=true}
75 76 ENABLE_ROOT=${ENABLE_ROOT:=false}
76 77 ENABLE_ROOT_SSH=${ENABLE_ROOT_SSH:=false}
77 78
78 79 # Advanced settings
79 80 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
80 81 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
81 82 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
82 83 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
83 84 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
84 85 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
85 86
86 87 # Kernel compilation settings
87 88 BUILD_KERNEL=${BUILD_KERNEL:=false}
88 89 KERNEL_THREADS=${KERNEL_THREADS:=1}
89 90 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
90 91 KERNEL_RMSRC=${KERNEL_RMSRC:=true}
91 92
92 93 # Image chroot path
93 94 R=${BUILDDIR}/chroot
94 95 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
95 96
96 97 # Packages required for bootstrapping
97 98 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git-core"
98 99
99 100 # Missing packages that need to be installed
100 101 MISSING_PACKAGES=""
101 102
102 103 # Packages required in the chroot build environment
103 104 APT_INCLUDES=${APT_INCLUDES:=""}
104 105 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,ca-certificates,debian-archive-keyring,dialog,sudo"
105 106
106 107 set +x
107 108
108 109 # Are we running as root?
109 110 if [ "$(id -u)" -ne "0" ] ; then
110 111 echo "this script must be executed with root privileges"
111 112 exit 1
112 113 fi
113 114
114 115 # Add packages required for kernel cross compilation
115 116 if [ "$BUILD_KERNEL" = true ] ; then
116 117 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
117 118 fi
118 119
119 120 # Check if all required packages are installed
120 121 for package in $REQUIRED_PACKAGES ; do
121 122 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
122 123 MISSING_PACKAGES="$MISSING_PACKAGES $package"
123 124 fi
124 125 done
125 126
126 127 # Ask if missing packages should get installed right now
127 128 if [ -n "$MISSING_PACKAGES" ] ; then
128 129 echo "the following packages needed by this script are not installed:"
129 130 echo "$MISSING_PACKAGES"
130 131
131 132 echo -n "\ndo you want to install the missing packages right now? [y/n] "
132 133 read confirm
133 134 if [ "$confirm" != "y" ] ; then
134 135 exit 1
135 136 fi
136 137 fi
137 138
138 139 # Make sure all required packages are installed
139 140 apt-get -qq -y install ${REQUIRED_PACKAGES}
140 141
141 142 # Don't clobber an old build
142 143 if [ -e "$BUILDDIR" ]; then
143 144 echo "directory $BUILDDIR already exists, not proceeding"
144 145 exit 1
145 146 fi
146 147
147 148 set -x
148 149
149 150 # Call "cleanup" function on various signals and errors
150 151 trap cleanup 0 1 2 3 6
151 152
152 153 # Set up chroot directory
153 154 mkdir -p $R
154 155
155 156 # Add required packages for the minbase installation
156 157 if [ "$ENABLE_MINBASE" = true ] ; then
157 158 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools"
158 159 else
159 160 APT_INCLUDES="${APT_INCLUDES},locales,keyboard-configuration,console-setup"
160 161 fi
161 162
162 163 # Add parted package, required to get partprobe utility
163 164 if [ "$EXPANDROOT" = true ] ; then
164 165 APT_INCLUDES="${APT_INCLUDES},parted"
165 166 fi
166 167
167 168 # Add dbus package, recommended if using systemd
168 169 if [ "$ENABLE_DBUS" = true ] ; then
169 170 APT_INCLUDES="${APT_INCLUDES},dbus"
170 171 fi
171 172
172 173 # Add iptables IPv4/IPv6 package
173 174 if [ "$ENABLE_IPTABLES" = true ] ; then
174 175 APT_INCLUDES="${APT_INCLUDES},iptables"
175 176 fi
176 177
177 178 # Add openssh server package
178 179 if [ "$ENABLE_SSHD" = true ] ; then
179 180 APT_INCLUDES="${APT_INCLUDES},openssh-server"
180 181 fi
181 182
182 183 # Add alsa-utils package
183 184 if [ "$ENABLE_SOUND" = true ] ; then
184 185 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
185 186 fi
186 187
187 188 # Add rng-tools package
188 189 if [ "$ENABLE_HWRANDOM" = true ] ; then
189 190 APT_INCLUDES="${APT_INCLUDES},rng-tools"
190 191 fi
191 192
192 193 if [ "$ENABLE_USER" = true ]; then
193 194 APT_INCLUDES="${APT_INCLUDES},sudo"
194 195 fi
195 196
196 197 # Add fbturbo video driver
197 198 if [ "$ENABLE_FBTURBO" = true ] ; then
198 199 # Enable xorg package dependencies
199 200 ENABLE_XORG=true
200 201 fi
201 202
202 203 # Add user defined window manager package
203 204 if [ -n "$ENABLE_WM" ] ; then
204 205 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
205 206
206 207 # Enable xorg package dependencies
207 208 ENABLE_XORG=true
208 209 fi
209 210
210 211 # Add xorg package
211 212 if [ "$ENABLE_XORG" = true ] ; then
212 213 APT_INCLUDES="${APT_INCLUDES},xorg"
213 214 fi
214 215
215 216 ## Main bootstrap
216 217 for i in bootstrap.d/*.sh; do
217 218 head -n 3 $i
218 219 . $i
219 220 done
220 221
221 222 ## Custom bootstrap scripts
222 223 if [ -d "custom.d" ]; then
223 224 for i in custom.d/*.sh; do
224 225 . $i
225 226 done
226 227 fi
227 228
228 229 # Invoke custom scripts
229 230 if [ -n "${CHROOT_SCRIPTS}" ]; then
230 231 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
231 232 LANG=C chroot $R bash -c 'for SCRIPT in /chroot_scripts/*; do if [ -f $SCRIPT -a -x $SCRIPT ]; then $SCRIPT; fi done;'
232 233 rm -rf "${R}/chroot_scripts"
233 234 fi
234 235
235 236 ## Cleanup
236 237 chroot_exec apt-get -y clean
237 238 chroot_exec apt-get -y autoclean
238 239 chroot_exec apt-get -y autoremove
239 240
240 241 # Unmount mounted filesystems
241 242 umount -l $R/proc
242 243 umount -l $R/sys
243 244
244 245 # Clean up files
245 246 rm -f $R/etc/apt/sources.list.save
246 247 rm -f $R/etc/resolvconf/resolv.conf.d/original
247 248 rm -rf $R/run
248 249 mkdir -p $R/run
249 250 rm -f $R/etc/*-
250 251 rm -f $R/root/.bash_history
251 252 rm -rf $R/tmp/*
252 253 rm -f $R/var/lib/urandom/random-seed
253 254 [ -L $R/var/lib/dbus/machine-id ] || rm -f $R/var/lib/dbus/machine-id
254 255 rm -f $R/etc/machine-id
255 256 rm -fr $R/etc/apt/apt.conf.d/10proxy
256 257 rm -f $R/etc/resolv.conf
257 258
258 259 # Calculate size of the chroot directory in KB
259 260 CHROOT_SIZE=$(expr `du -s $R | awk '{ print $1 }'`)
260 261
261 262 # Calculate the amount of needed 512 Byte sectors
262 263 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
263 264 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
264 265 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS})
265 266
266 267 # The root partition is EXT4
267 268 # This means more space than the actual used space of the chroot is used.
268 269 # As overhead for journaling and reserved blocks 20% are added.
269 270 ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 20) \* 1024 \/ 512)
270 271
271 272 # Calculate required image size in 512 Byte sectors
272 273 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS})
273 274
274 275 # Prepare date string for image file name
275 276 DATE="$(date +%Y-%m-%d)"
276 277
277 278 # Prepare image file
278 279 if [ "$ENABLE_SPLITFS" = true ] ; then
279 280 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=${TABLE_SECTORS}
280 281 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS}
281 282 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=${TABLE_SECTORS}
282 283 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=0 seek=${ROOT_SECTORS}
283 284 # Write partition tables
284 285 sfdisk -q -L -f "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" <<EOM
285 286 unit: sectors
286 287
287 288 1 : start= ${TABLE_SECTORS}, size= ${FRMW_SECTORS}, Id= c, bootable
288 289 2 : start= 0, size= 0, Id= 0
289 290 3 : start= 0, size= 0, Id= 0
290 291 4 : start= 0, size= 0, Id= 0
291 292 EOM
292 293 sfdisk -q -L -f "$BASEDIR/${DATE}-debian-${RELEASE}-root.img" <<EOM
293 294 unit: sectors
294 295
295 296 1 : start= ${TABLE_SECTORS}, size= ${ROOT_SECTORS}, Id=83
296 297 2 : start= 0, size= 0, Id= 0
297 298 3 : start= 0, size= 0, Id= 0
298 299 4 : start= 0, size= 0, Id= 0
299 300 EOM
300 301 # Set up temporary loop devices
301 302 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-frmw.img)"
302 303 ROOT_LOOP="$(losetup -o 1M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-root.img)"
303 304 else
304 305 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
305 306 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
306 307 # Write partition table
307 308 sfdisk -q -f "$BASEDIR/${DATE}-debian-${RELEASE}.img" <<EOM
308 309 unit: sectors
309 310
310 311 1 : start= ${TABLE_SECTORS}, size= ${FRMW_SECTORS}, Id= c, bootable
311 312 2 : start= ${ROOT_OFFSET}, size= ${ROOT_SECTORS}, Id=83
312 313 3 : start= 0, size= 0, Id= 0
313 314 4 : start= 0, size= 0, Id= 0
314 315 EOM
315 316 # Set up temporary loop devices
316 317 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
317 318 ROOT_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
318 319 fi
319 320
320 321 # Build filesystems
321 322 mkfs.vfat "$FRMW_LOOP"
322 323 mkfs.ext4 "$ROOT_LOOP"
323 324
324 325 # Mount the temporary loop devices
325 326 mkdir -p "$BUILDDIR/mount"
326 327 mount "$ROOT_LOOP" "$BUILDDIR/mount"
327 328
328 329 mkdir -p "$BUILDDIR/mount/boot/firmware"
329 330 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
330 331
331 332 # Copy all files from the chroot to the loop device mount point directory
332 333 rsync -a "$R/" "$BUILDDIR/mount/"
333 334
334 335 # Unmount all temporary loop devices and mount points
335 336 cleanup
336 337
337 338 # Create block map file(s) of image(s)
338 339 if [ "$ENABLE_SPLITFS" = true ] ; then
339 340 # Create block map files for "bmaptool"
340 341 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img"
341 342 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-root.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-root.img"
342 343
343 344 # Image was successfully created
344 345 echo "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img ($(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
345 346 echo "$BASEDIR/${DATE}-debian-${RELEASE}-root.img ($(expr ${TABLE_SECTORS} + ${ROOT_SECTORS} \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
346 347 else
347 348 # Create block map file for "bmaptool"
348 349 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}.img"
349 350
350 351 # Image was successfully created
351 352 echo "$BASEDIR/${DATE}-debian-${RELEASE}.img ($(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
352 353 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant