Compare commits
10 Commits
d5b80b6a03
...
dd614142a6
| Author | SHA1 | Date | |
|---|---|---|---|
|
dd614142a6 | ||
|
|
8234e06861
|
||
|
|
c2b410a908
|
||
|
|
8e2eac5865
|
||
|
|
70b4cca0c1
|
||
|
|
33f2fa4a2a
|
||
|
|
273f5cd2ad
|
||
|
|
3b131ed462
|
||
|
|
e57607b3be
|
||
|
|
8df79dfc4f
|
@ -7,12 +7,21 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
|
||||
############## Setup #########################
|
||||
|
||||
function cleanup {
|
||||
sync
|
||||
kill_gpg_agent
|
||||
stop_jails
|
||||
unmount_folders
|
||||
remove_memory_devices
|
||||
for f in "${folders[@]}"; do
|
||||
>&2 echo "Deleting $f"
|
||||
log "Deleting $f"
|
||||
rm -rf "$f"
|
||||
done
|
||||
}
|
||||
folders=()
|
||||
jails=()
|
||||
memorydevices=()
|
||||
mountedfolders=()
|
||||
gpgagents=()
|
||||
for sig in EXIT INT QUIT HUP TERM; do
|
||||
trap "set +e; cleanup" "$sig"
|
||||
done
|
||||
@ -112,31 +121,21 @@ Mkc=
|
||||
|
||||
function precheck {
|
||||
# Checks to run before building the image
|
||||
if [ $(id -u) -ne 0 ]; then
|
||||
die 1 "Must run as root."
|
||||
fi
|
||||
|
||||
if ! grep -q 'linux.ko' <<<"$(kldstat)"; then
|
||||
die 1 "Need linux kernel module for building initramfs."
|
||||
fi
|
||||
|
||||
for bin in gpg sha256; do
|
||||
for bin in gpg sha256 mkfs.ext4; do
|
||||
if ! command -V "$bin" &> /dev/null; then
|
||||
die 1 "Need $bin installed."
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
function make_chroot {
|
||||
bsdtar -C "$chroot" -xpf "${download_directory}/${ALPINE_TARBALL}"
|
||||
|
||||
# Steal the DNS info from the host
|
||||
(umask 022 && resolvconf -l > "${chroot}/etc/resolv.conf")
|
||||
|
||||
# Enter the jail
|
||||
# install mkinitfs
|
||||
sudo jail -c path="$chroot" ip4=inherit ip6=inherit host=inherit allow.raw_sockets=true command=/bin/sh
|
||||
|
||||
# Remove the resolv.conf file since it should get populated via dhcp
|
||||
rm "${chroot}/etc/resolv.conf"
|
||||
}
|
||||
|
||||
function download_alpine {
|
||||
if [ "$LOCAL_DEV" == "true" ] && [ -e "${NETIZEN_CACHE}/${ALPINE_TARBALL}" ]; then
|
||||
# Cache for local development to avoid stressing alpine servers
|
||||
@ -152,24 +151,132 @@ function download_alpine {
|
||||
sha256 -c "$ALPINE_SHA256" "${download_directory}/${ALPINE_TARBALL}"
|
||||
|
||||
local keyring="$work_directory/keyring"
|
||||
gpg --no-default-keyring --keyring "$keyring" --trust-model always --import <<<"$ALPINE_KEY"
|
||||
gpg --no-default-keyring --keyring "$keyring" --trust-model always --verify <(cat <<<"$ALPINE_SIGNATURE") "${download_directory}/${ALPINE_TARBALL}"
|
||||
local gpghome="$work_directory/gpghome"
|
||||
(umask 077 && mkdir "$gpghome")
|
||||
GNUPGHOME="$gpghome" gpg --no-default-keyring --keyring "$keyring" --trust-model always --import <<<"$ALPINE_KEY"
|
||||
gpgagents+=("$gpghome")
|
||||
GNUPGHOME="$gpghome" gpg --no-default-keyring --keyring "$keyring" --trust-model always --verify <(cat <<<"$ALPINE_SIGNATURE") "${download_directory}/${ALPINE_TARBALL}"
|
||||
}
|
||||
|
||||
function make_chroot {
|
||||
bsdtar -C "$chroot" -xpf "${download_directory}/${ALPINE_TARBALL}"
|
||||
|
||||
# Steal the DNS info from the host
|
||||
(umask 022 && resolvconf -l > "${chroot}/etc/resolv.conf")
|
||||
|
||||
# Enter the jail
|
||||
# install mkinitfs
|
||||
jid=$(jail -c -i path="$chroot" ip4=inherit ip6=inherit host=inherit allow.raw_sockets=true persist)
|
||||
jails+=("$jid")
|
||||
|
||||
jexec "$jid" apk add --no-cache mkinitfs docker linux-virt
|
||||
jexec "$jid" apk add --no-cache --repository 'http://dl-cdn.alpinelinux.org/alpine/edge/testing' refind
|
||||
module_name=$(jexec "$jid" ls /lib/modules/)
|
||||
jexec "$jid" mkinitfs -c /etc/mkinitfs/mkinitfs.conf -b / "$module_name"
|
||||
jexec "$jid" mkdir /boot/efi
|
||||
jexec "$jid" cp -r /usr/share/refind /boot/efi/boot
|
||||
jexec "$jid" cp /boot/efi/boot/refind_x64.efi /boot/efi/boot/bootx64.efi
|
||||
(umask 022 && tee "${chroot}/boot/refind_linux.conf" <<EOF
|
||||
"Boot normal" "rw root=vda2 console=ttyS0,115200"
|
||||
EOF
|
||||
)
|
||||
# (umask 022 && tee "${chroot}/boot/refind_linux.conf" <<EOF
|
||||
# "Boot normal" "rw root=PARTLABEL=DIB console=ttyS0,115200"
|
||||
# EOF
|
||||
# )
|
||||
# Open shell to look/experiment
|
||||
# jexec "$jid" /bin/sh
|
||||
|
||||
# Remove the resolv.conf file since it should get populated via dhcp
|
||||
rm "${chroot}/etc/resolv.conf"
|
||||
}
|
||||
|
||||
function make_image {
|
||||
dd if=/dev/zero of="$image_file" bs=1 count=0 seek=10G
|
||||
local image_device
|
||||
# image_device=$(mdconfig -a -t vnode -f "$image_file")
|
||||
image_device=$(mdconfig -f "$image_file")
|
||||
memorydevices+=("$image_device")
|
||||
|
||||
efi_partition="${image_device}p1"
|
||||
data_partition="${image_device}p2"
|
||||
|
||||
gpart create -s gpt "$image_device"
|
||||
gpart add -t efi -l efi -a4k -s500m "$image_device"
|
||||
newfs_msdos "${efi_partition}"
|
||||
gpart add -t linux-data -l DIB -a4k "$image_device"
|
||||
mkfs.ext4 "/dev/${data_partition}"
|
||||
|
||||
mount -t ext2fs "/dev/${data_partition}" "${mount_directory}"
|
||||
mountedfolders+=("$mount_directory")
|
||||
boot_directory="${mount_directory}/boot"
|
||||
mkdir -p "$boot_directory"
|
||||
mount_msdosfs "/dev/${efi_partition}" "${boot_directory}"
|
||||
mountedfolders+=("$boot_directory")
|
||||
}
|
||||
|
||||
function kill_gpg_agent {
|
||||
for f in "${gpgagents[@]}"; do
|
||||
log "Killing gpg-agent $f"
|
||||
GNUPGHOME="$f" gpgconf --kill gpg-agent
|
||||
done
|
||||
gpgagents=()
|
||||
}
|
||||
|
||||
function stop_jails {
|
||||
for f in "${jails[@]}"; do
|
||||
log "Stopping jail $f"
|
||||
jail -r "$f"
|
||||
done
|
||||
jails=()
|
||||
}
|
||||
|
||||
function unmount_folders {
|
||||
for (( idx=${#mountedfolders[@]}-1 ; idx>=0 ; idx-- )) ; do
|
||||
log "Unmounting folder ${mountedfolders[idx]}"
|
||||
umount -f "${mountedfolders[idx]}"
|
||||
done
|
||||
mountedfolders=()
|
||||
}
|
||||
|
||||
function remove_memory_devices {
|
||||
for f in "${memorydevices[@]}"; do
|
||||
log "Removing memory device $f"
|
||||
mdconfig -d -u "$f"
|
||||
done
|
||||
memorydevices=()
|
||||
}
|
||||
|
||||
function main {
|
||||
precheck
|
||||
|
||||
work_directory=$(mktemp -d -t dib)
|
||||
mkdir "$DIR/work_directory"
|
||||
work_directory="$DIR/work_directory"
|
||||
# work_directory=$(mktemp -d -t dib)
|
||||
folders+=("$work_directory")
|
||||
|
||||
download_directory="${work_directory}/downloads"
|
||||
mkdir "$download_directory"
|
||||
download_alpine
|
||||
|
||||
chroot="${work_directory}/chroot"
|
||||
mkdir "$chroot"
|
||||
image_directory="${work_directory}/images"
|
||||
mount_directory="${work_directory}/mount"
|
||||
mkdir "$image_directory" "$mount_directory"
|
||||
image_file="$image_directory/dib.img"
|
||||
make_image
|
||||
|
||||
chroot="${mount_directory}"
|
||||
# mkdir "$chroot"
|
||||
log "Building chroot in $chroot"
|
||||
make_chroot
|
||||
|
||||
kill_gpg_agent
|
||||
stop_jails
|
||||
unmount_folders
|
||||
remove_memory_devices
|
||||
|
||||
log "Copying final image to $DIR"
|
||||
cp "$image_file" "$DIR"
|
||||
}
|
||||
|
||||
main
|
||||
|
||||
@ -34,6 +34,7 @@ ifconfig bridge0 addm tap1
|
||||
# -s virtual PCI slots
|
||||
# -P force guest CPU to exit when PAUSE instruction detected
|
||||
set +e
|
||||
disk_image=$(readlink -f "$DIR/../scripts/build_image/dib.img")
|
||||
bhyve \
|
||||
-c 1 \
|
||||
-m 1024M \
|
||||
@ -44,7 +45,7 @@ bhyve \
|
||||
-u \
|
||||
-s 0,hostbridge \
|
||||
-s 31,lpc \
|
||||
-s 4:0,virtio-blk,/vm/docker/disk0.img \
|
||||
-s "4:0,virtio-blk,$disk_image" \
|
||||
-s 5:0,virtio-net,tap1,mac=58:9c:fc:09:c3:ba \
|
||||
-s 6:0,virtio-rnd \
|
||||
-s "7:0,virtio-9p,docker=$DOCKERDIR" \
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user