2014-12-21 08:16:42 +01:00
|
|
|
About the OPNsense tools
|
|
|
|
========================
|
|
|
|
|
2015-07-09 14:32:50 +02:00
|
|
|
In conjunction with src.git, ports.git, core.git and plugins.git they
|
2017-01-01 14:42:54 +01:00
|
|
|
create sets, packages and images for the OPNsense project.
|
2014-12-21 08:16:42 +01:00
|
|
|
|
|
|
|
Setting up a build system
|
|
|
|
=========================
|
2014-11-16 17:28:27 +01:00
|
|
|
|
2023-07-20 12:55:48 +02:00
|
|
|
Install [FreeBSD](https://www.freebsd.org/) 13.2-RELEASE for amd64
|
2020-07-23 15:23:08 +02:00
|
|
|
on a machine with at least 25GB of hard disk (UFS works better than ZFS)
|
|
|
|
and at least 4GB of RAM to successfully build all standard images.
|
|
|
|
All tasks require a root user. Do the following to grab the repositories
|
|
|
|
(overwriting standard ports and src):
|
2014-11-16 17:28:27 +01:00
|
|
|
|
|
|
|
# pkg install git
|
|
|
|
# cd /usr
|
2014-12-21 08:40:00 +01:00
|
|
|
# git clone https://github.com/opnsense/tools
|
2015-05-16 13:55:11 +02:00
|
|
|
# cd tools
|
2017-08-05 12:43:02 +02:00
|
|
|
# make update
|
2014-11-16 17:28:27 +01:00
|
|
|
|
2021-08-19 10:15:55 +02:00
|
|
|
Note that the OPNsense repositories can also be setup in a non-/usr directory
|
|
|
|
by setting ROOTDIR. For example:
|
|
|
|
|
|
|
|
# mkdir -p /tmp/opnsense
|
|
|
|
# cd /tmp/opnsense
|
|
|
|
# git clone https://github.com/opnsense/tools
|
|
|
|
# cd tools
|
|
|
|
# env ROOTDIR=/tmp/opnsense make update
|
|
|
|
|
2015-05-16 13:55:11 +02:00
|
|
|
TL;DR
|
|
|
|
=====
|
|
|
|
|
2017-04-10 09:37:26 +02:00
|
|
|
# make dvd
|
2015-05-16 13:55:11 +02:00
|
|
|
|
2017-10-23 09:55:24 +02:00
|
|
|
If successful, a dvd image can be found under:
|
|
|
|
|
|
|
|
# make print-IMAGESDIR
|
2015-05-16 13:55:11 +02:00
|
|
|
|
|
|
|
Detailed build steps and options
|
|
|
|
================================
|
2014-11-16 17:28:27 +01:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
How to specify build options on the command line
|
|
|
|
------------------------------------------------
|
|
|
|
|
2014-11-16 17:28:27 +01:00
|
|
|
The build is broken down into individual stages: base,
|
2018-10-25 07:55:19 +02:00
|
|
|
kernel, ports, plugins and core can be built separately and
|
|
|
|
repeatedly without affecting the other stages. All stages
|
|
|
|
can be reinvoked and continue building without cleaning the
|
|
|
|
previous progress. A final stage assembles all five stages
|
|
|
|
into a target image.
|
2014-11-16 17:28:27 +01:00
|
|
|
|
2015-05-16 11:35:18 +02:00
|
|
|
All build steps are invoked via make(1):
|
2014-11-16 17:28:27 +01:00
|
|
|
|
2015-05-16 11:35:18 +02:00
|
|
|
# make step OPTION="value"
|
2014-11-16 17:28:27 +01:00
|
|
|
|
2016-12-26 11:08:46 +01:00
|
|
|
Available early build options are:
|
|
|
|
|
2021-02-02 09:21:41 +01:00
|
|
|
* SETTINGS: the name of the requested local configuration
|
2021-02-02 13:38:01 +01:00
|
|
|
* CONFIGDIR: read configuration from other directory and override SETTINGS
|
2016-12-26 11:08:46 +01:00
|
|
|
|
2015-05-16 11:35:18 +02:00
|
|
|
Available build options are:
|
2015-05-12 14:54:52 +02:00
|
|
|
|
2021-01-20 16:51:37 +01:00
|
|
|
* ABI: a custom ABI (defaults to SETTINGS)
|
2017-01-05 18:02:21 +01:00
|
|
|
* ADDITIONS: a list of packages/plugins to add to images
|
2016-07-17 15:38:10 +02:00
|
|
|
* ARCH: the target architecture if not native
|
2021-02-02 13:38:01 +01:00
|
|
|
* COMSPEED: serial speed, e.g. "115200" (default)
|
2022-01-04 09:50:44 +01:00
|
|
|
* DEBUG: build a debug kernel with additional object information
|
2019-05-07 10:02:53 +02:00
|
|
|
* DEVICE: loads device-specific modifications, e.g. "A10" (default)
|
2016-12-26 11:08:46 +01:00
|
|
|
* KERNEL: the kernel config to use, e.g. SMP (default)
|
2016-02-02 21:09:59 +01:00
|
|
|
* MIRRORS: a list of mirrors to prefetch sets from
|
2015-05-16 11:35:18 +02:00
|
|
|
* NAME: "OPNsense" (default)
|
2016-02-01 18:07:20 +01:00
|
|
|
* PRIVKEY: the private key for signing sets
|
|
|
|
* PUBKEY: the public key for signing sets
|
2021-02-10 11:11:31 +01:00
|
|
|
* SUFFIX: the suffix of top package name (default is empty)
|
2021-02-02 13:38:01 +01:00
|
|
|
* TYPE: the base name of the top package to be installed
|
2021-02-02 13:48:49 +01:00
|
|
|
* UEFI: use amd64 hybrid images for said images, e.g. "vga vm"
|
2015-05-16 11:35:18 +02:00
|
|
|
* VERSION: a version tag (if applicable)
|
2022-02-23 13:11:36 +01:00
|
|
|
* ZFS: ZFS pool name to create for VM images, e.g. "zpool"
|
2015-05-12 14:54:52 +02:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
How to specify build options via configuration file
|
|
|
|
---------------------------------------------------
|
|
|
|
|
2021-07-26 22:28:27 +02:00
|
|
|
The configuration file is required at "CONFIGDIR/build.conf".
|
2021-02-01 16:35:18 +01:00
|
|
|
Its contents can be modified to adapt a non-standard build environment
|
2021-07-26 22:28:27 +02:00
|
|
|
and to avoid excessive Makefile arguments.
|
|
|
|
|
|
|
|
A local override exists as "CONFIGDIR/build.conf.local" and is
|
|
|
|
parsed first to allow more flexible overrides. Use with care.
|
2016-12-23 16:27:48 +01:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
How to run individual or composite build steps
|
|
|
|
----------------------------------------------
|
|
|
|
|
2017-10-23 09:55:24 +02:00
|
|
|
Kernel, base, packages and release sets are stored under:
|
|
|
|
|
|
|
|
# make print-SETSDIR
|
|
|
|
|
|
|
|
All final images are stored under:
|
2017-08-27 06:28:55 +02:00
|
|
|
|
2017-10-23 09:55:24 +02:00
|
|
|
# make print-IMAGESDIR
|
2017-08-27 06:28:55 +02:00
|
|
|
|
|
|
|
Build the userland binaries, bootloader and administrative files:
|
2014-11-16 17:28:27 +01:00
|
|
|
|
2015-05-16 11:35:18 +02:00
|
|
|
# make base
|
2014-11-16 17:28:27 +01:00
|
|
|
|
|
|
|
Build the kernel and loadable kernel modules:
|
|
|
|
|
2015-05-16 11:35:18 +02:00
|
|
|
# make kernel
|
2014-11-16 17:28:27 +01:00
|
|
|
|
2015-02-21 08:24:57 +01:00
|
|
|
Build all the third-party ports:
|
2014-11-16 17:28:27 +01:00
|
|
|
|
2015-05-16 11:35:18 +02:00
|
|
|
# make ports
|
2014-11-16 17:28:27 +01:00
|
|
|
|
2015-07-09 14:32:50 +02:00
|
|
|
Build additional plugins if needed:
|
|
|
|
|
|
|
|
# make plugins
|
|
|
|
|
2015-07-17 17:56:54 +02:00
|
|
|
Wrap up our core as a package:
|
|
|
|
|
|
|
|
# make core
|
|
|
|
|
2017-04-10 09:37:26 +02:00
|
|
|
A dvd live image is created using:
|
2014-11-16 17:28:27 +01:00
|
|
|
|
2017-04-10 09:37:26 +02:00
|
|
|
# make dvd
|
2014-11-16 17:37:26 +01:00
|
|
|
|
2017-04-10 09:37:26 +02:00
|
|
|
A serial memstick live image is created using:
|
2014-12-11 14:16:06 +01:00
|
|
|
|
2016-05-05 16:50:04 +02:00
|
|
|
# make serial
|
|
|
|
|
2017-04-10 09:37:26 +02:00
|
|
|
A vga memstick live image is created using:
|
2016-05-05 16:50:04 +02:00
|
|
|
|
2016-07-11 07:53:52 +02:00
|
|
|
# make vga
|
2014-12-11 14:16:06 +01:00
|
|
|
|
2017-04-10 09:37:26 +02:00
|
|
|
A flash card full disk image is created using:
|
2015-04-27 12:12:40 +02:00
|
|
|
|
2015-05-16 11:35:18 +02:00
|
|
|
# make nano
|
2015-04-27 12:12:40 +02:00
|
|
|
|
2017-04-10 09:37:26 +02:00
|
|
|
A virtual machine full disk image is created using:
|
2016-05-20 16:12:11 +02:00
|
|
|
|
|
|
|
# make vm
|
|
|
|
|
2022-02-17 15:32:21 +01:00
|
|
|
A special embedded device image based on vm variety:
|
|
|
|
|
|
|
|
# make factory
|
|
|
|
|
2021-04-09 11:24:36 +02:00
|
|
|
Release sets can be built as follows although the result is
|
|
|
|
an unpredictable set of images depending on the previous
|
|
|
|
build states:
|
2017-08-27 06:28:55 +02:00
|
|
|
|
2021-04-09 11:24:36 +02:00
|
|
|
# make release
|
|
|
|
|
|
|
|
However, the release target is necessary for the following
|
|
|
|
target which includes sanity checks, proper clearing of the
|
|
|
|
images directory and core package version alignment:
|
|
|
|
|
|
|
|
# make distribution
|
2017-08-27 06:28:55 +02:00
|
|
|
|
2016-07-18 07:16:57 +02:00
|
|
|
Cross-building for other architecures
|
2017-08-27 06:28:55 +02:00
|
|
|
-------------------------------------
|
2016-07-18 07:16:57 +02:00
|
|
|
|
2019-04-28 12:55:20 +02:00
|
|
|
This feature is currently experimental and requires installation
|
|
|
|
of packages for cross building / user mode emulation and additional
|
|
|
|
boot files to be installed as prompted by the build system.
|
2016-07-18 07:16:57 +02:00
|
|
|
|
2019-04-28 12:55:20 +02:00
|
|
|
A cross-build on the operating system sources is executed by
|
|
|
|
specifying the target architecture and custom kernel:
|
2016-07-18 07:16:57 +02:00
|
|
|
|
2019-05-07 08:18:36 +02:00
|
|
|
# make base kernel DEVICE=BANANAPI
|
2016-07-18 07:16:57 +02:00
|
|
|
|
2019-04-28 12:55:20 +02:00
|
|
|
In order to speed up building of using an emulated packages build,
|
|
|
|
the xtools set can be created like so:
|
2017-01-21 01:24:37 +01:00
|
|
|
|
2019-05-07 08:18:36 +02:00
|
|
|
# make xtools DEVICE=BANANAPI
|
2016-07-18 08:38:36 +02:00
|
|
|
|
2019-04-28 12:55:20 +02:00
|
|
|
The xtools set is then used during the packages build similar to
|
|
|
|
the distfiles set.
|
2016-07-18 08:38:36 +02:00
|
|
|
|
2019-05-07 08:18:36 +02:00
|
|
|
# make packages DEVICE=BANANAPI
|
2017-09-03 10:39:52 +02:00
|
|
|
|
|
|
|
The final image is built using:
|
|
|
|
|
2019-05-07 08:18:36 +02:00
|
|
|
# make arm-<size> DEVICE=BANANAPI
|
2019-04-28 12:55:20 +02:00
|
|
|
|
2019-05-07 13:57:59 +02:00
|
|
|
Currently available device are: BANANAPI and RPI2.
|
2017-09-03 10:39:52 +02:00
|
|
|
|
2015-05-22 10:27:16 +02:00
|
|
|
About other scripts and tweaks
|
|
|
|
==============================
|
2014-11-16 17:37:26 +01:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Device-specific settings
|
|
|
|
------------------------
|
|
|
|
|
2016-05-06 07:16:47 +02:00
|
|
|
Device-specific settings can be found and added in the
|
|
|
|
device/ directory. Of special interest are hooks into
|
|
|
|
the build process for required non-default settings for
|
2023-07-25 17:51:21 +02:00
|
|
|
image builds. The .conf files are shell scripts that can
|
2016-05-06 07:16:47 +02:00
|
|
|
define hooks in the form of e.g.:
|
|
|
|
|
|
|
|
serial_hook()
|
|
|
|
{
|
2016-05-21 11:09:29 +02:00
|
|
|
# ${1} is the target file system root
|
|
|
|
touch ${1}/my_custom_file
|
2016-05-06 07:16:47 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
These hooks are available for all image types, namely
|
2017-04-10 09:37:26 +02:00
|
|
|
dvd, nano, serial, vga and vm. Device-specific hooks
|
2016-05-21 20:18:54 +02:00
|
|
|
are loaded after config-specific hooks and both of them
|
|
|
|
can coexist in a given build.
|
2016-05-06 07:16:47 +02:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Updating the code repositories
|
|
|
|
------------------------------
|
|
|
|
|
|
|
|
Updating all or individual repositories can be done as follows:
|
|
|
|
|
2023-08-09 08:20:08 +02:00
|
|
|
# make update[-<repo1>[,...]] [VERSION=git.tag]
|
2017-08-27 06:28:55 +02:00
|
|
|
|
2019-12-23 07:13:45 +01:00
|
|
|
Available update options are: core, plugins, ports, portsref, src, tools
|
2017-08-27 06:28:55 +02:00
|
|
|
|
2023-08-09 08:20:08 +02:00
|
|
|
VERSION can be used to update to the matching git tag instead of HEAD.
|
|
|
|
|
2021-01-27 16:22:47 +01:00
|
|
|
Regression tests and ports audit
|
|
|
|
--------------------------------
|
2017-08-27 06:28:55 +02:00
|
|
|
|
2014-12-28 12:01:16 +01:00
|
|
|
Before building images, you can run the regression tests
|
|
|
|
to check the integrity of your core.git modifications plus
|
|
|
|
generate output for the style checker:
|
|
|
|
|
2016-05-23 23:44:10 +02:00
|
|
|
# make test
|
2014-12-21 08:07:32 +01:00
|
|
|
|
2021-01-27 16:22:47 +01:00
|
|
|
To check the binary packages from ports against the upstream
|
|
|
|
vulnerability database run the following:
|
|
|
|
|
|
|
|
# make audit
|
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Advanced package builds
|
|
|
|
-----------------------
|
|
|
|
|
2018-09-20 08:50:07 +02:00
|
|
|
Package sets ready for web server deployment are automatically
|
2023-07-25 17:51:21 +02:00
|
|
|
generated and modified by ports, plugins and core steps. The
|
2018-10-25 07:55:19 +02:00
|
|
|
build automatically caches temporary build dependencies to avoid
|
|
|
|
spurious rebuilds. These packages are later discarded to provide
|
|
|
|
a slim runtime set only.
|
2014-12-21 08:07:32 +01:00
|
|
|
|
2018-09-20 08:50:07 +02:00
|
|
|
If signing keys are available, the packages set will be signed
|
|
|
|
twice, first embedded into repository metadata (inside) and
|
|
|
|
then again as a flat file (outside) to ensure integrity.
|
2015-04-27 12:12:40 +02:00
|
|
|
|
2018-09-20 08:50:07 +02:00
|
|
|
For faster ports building it may be of use to cache all distribution
|
|
|
|
files before running the actual build:
|
2016-01-20 17:45:36 +01:00
|
|
|
|
|
|
|
# make distfiles
|
|
|
|
|
2018-09-20 08:50:07 +02:00
|
|
|
For targeted rebuilding of already built packages the following
|
|
|
|
works:
|
2017-01-12 08:22:37 +01:00
|
|
|
|
2018-09-20 08:50:07 +02:00
|
|
|
# make ports-<packagename>[,...]
|
|
|
|
# make plugins-<packagename>[,...]
|
|
|
|
# make core-<packagename>[,...]
|
2017-01-12 08:22:37 +01:00
|
|
|
|
2018-09-20 08:50:07 +02:00
|
|
|
Please note that reissuing ports builds will clear plugins and
|
2021-04-06 14:07:15 +02:00
|
|
|
core progress. However, following option apply to PORTSENV:
|
|
|
|
|
2021-07-06 08:42:12 +02:00
|
|
|
* BATCH=no Developer mode with shell after each build failure
|
2021-04-06 14:07:15 +02:00
|
|
|
* DEPEND=no Do not tamper with plugins or core packages
|
2024-02-14 08:49:16 +01:00
|
|
|
* MISMATCH=no Rebuild packages that have a version mismatch
|
2021-04-06 14:07:15 +02:00
|
|
|
* PRUNE=no Do not check ports integrity prior to rebuild
|
|
|
|
|
|
|
|
The defaults for these ports options are set to "yes". A sample
|
|
|
|
invoke is as follows:
|
|
|
|
|
2021-06-24 09:04:48 +02:00
|
|
|
# make ports-curl PORTSENV="DEPEND=no PRUNE=no"
|
|
|
|
|
|
|
|
Both ports and plugins builds allow to override the current list
|
|
|
|
derived from their respective configuration files, i.e.:
|
|
|
|
|
|
|
|
# make ports PORTSLIST="security/openssl"
|
|
|
|
# make plugins PLUGINSLIST="devel/debug"
|
2017-08-27 06:28:55 +02:00
|
|
|
|
2023-07-25 17:51:21 +02:00
|
|
|
Acquiring precompiled sets from the mirrors or another local directory
|
2021-01-18 11:50:37 +01:00
|
|
|
---------------------------------------------------------------------
|
2017-01-12 08:22:37 +01:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Compiled sets can be prefetched from a mirror if they exist,
|
|
|
|
while removing any previously available set:
|
2016-01-31 12:02:39 +01:00
|
|
|
|
2021-01-18 11:50:37 +01:00
|
|
|
# make prefetch-<option>[,...] [VERSION=<full_version>]
|
2016-01-31 17:42:43 +01:00
|
|
|
|
2021-01-18 11:50:37 +01:00
|
|
|
If another build configuration is used locally that is compatible,
|
|
|
|
the sets can be cloned from there as well:
|
2016-01-31 17:42:43 +01:00
|
|
|
|
2021-01-18 11:50:37 +01:00
|
|
|
# make clone-<option>[,...] TO=<major_version>
|
|
|
|
|
|
|
|
Available prefetch or clone options are:
|
|
|
|
|
|
|
|
* base: select matching base set
|
|
|
|
* distfiles: select matching distfiles set (clone only)
|
|
|
|
* kernel: select matching kernel set
|
|
|
|
* packages: select matching packages set
|
2016-01-31 12:02:39 +01:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Using signatures to verify integrity
|
|
|
|
------------------------------------
|
2015-04-27 12:12:40 +02:00
|
|
|
|
2016-07-02 10:58:02 +02:00
|
|
|
Signing for all sets can be redone or applied to a previous run
|
|
|
|
that did not sign by invoking:
|
|
|
|
|
2020-01-22 22:20:54 +01:00
|
|
|
# make sign-base,kernel,packages
|
2016-07-02 10:58:02 +02:00
|
|
|
|
2016-10-06 23:40:57 +02:00
|
|
|
A verification of all available set signatures is done via:
|
|
|
|
|
|
|
|
# make verify
|
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Nano image size adjustment
|
|
|
|
--------------------------
|
|
|
|
|
2016-12-03 10:40:24 +01:00
|
|
|
Nano images can be adjusted in size using an argument as follows:
|
2016-12-02 21:23:24 +01:00
|
|
|
|
|
|
|
# make nano-<size>
|
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Virtual machine images
|
|
|
|
----------------------
|
|
|
|
|
2016-05-20 16:12:11 +02:00
|
|
|
Virtual machine images come in varying disk formats and sizes.
|
2017-08-27 06:28:55 +02:00
|
|
|
For this reason they are not included in our binary releases.
|
|
|
|
The default format is vmdk with 20G and 1G swap. If you want
|
2016-05-20 16:12:11 +02:00
|
|
|
to change that you can manually alter the invoke using:
|
|
|
|
|
2023-07-25 11:27:12 +02:00
|
|
|
# make vm-<format>[,<size>[,<swap>[,<extras>]]]
|
2016-05-20 16:12:11 +02:00
|
|
|
|
|
|
|
Available virtual machine disk formats are:
|
|
|
|
|
|
|
|
* qcow: Qemu, KVM (legacy format)
|
|
|
|
* qcow2: Qemu, KVM (not backwards-compatible)
|
|
|
|
* raw: Unformatted (sector by sector)
|
|
|
|
* vhd: VirtualPC, Hyper-V, Xen (dynamic size)
|
|
|
|
* vhdf: Azure, VirtualPC, Hyper-V, Xen (fixed size)
|
|
|
|
* vmdk: VMWare, VirtualBox (dynamic size)
|
|
|
|
|
|
|
|
The swap argument is either its size or set to "off" to disable.
|
|
|
|
|
2023-07-25 11:27:12 +02:00
|
|
|
The extras argument can be any extras.conf hook in case the
|
|
|
|
default "vm" hook is not desirable.
|
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Clearing individual build step progress
|
|
|
|
---------------------------------------
|
2014-12-30 15:49:57 +01:00
|
|
|
|
|
|
|
A couple of build machine cleanup helpers are available
|
|
|
|
via the clean script:
|
|
|
|
|
2015-05-17 19:48:27 +02:00
|
|
|
# make clean-<option>[,...]
|
2014-12-30 15:49:57 +01:00
|
|
|
|
2016-01-31 17:42:43 +01:00
|
|
|
Available clean options are:
|
2014-12-30 15:49:57 +01:00
|
|
|
|
2017-09-03 10:39:52 +02:00
|
|
|
* arm: remove arm image
|
2016-05-20 16:12:11 +02:00
|
|
|
* base: remove base set
|
|
|
|
* distfiles: remove distfiles set
|
2017-04-10 09:37:26 +02:00
|
|
|
* dvd: remove dvd image
|
2016-07-05 09:33:20 +02:00
|
|
|
* core: remove core from packages set
|
2016-05-21 12:18:23 +02:00
|
|
|
* images: remove all images
|
2016-05-20 16:12:11 +02:00
|
|
|
* kernel: remove kernel set
|
2017-08-05 13:18:52 +02:00
|
|
|
* logs: remove all logs
|
2016-01-20 17:45:36 +01:00
|
|
|
* nano: remove nano image
|
2016-07-19 08:39:00 +02:00
|
|
|
* obj: remove all object directories
|
2016-05-20 16:12:11 +02:00
|
|
|
* packages: remove packages set
|
2016-07-05 09:33:20 +02:00
|
|
|
* plugins: remove plugins from packages set
|
|
|
|
* ports: alias for "packages" option
|
2016-05-20 16:12:11 +02:00
|
|
|
* release: remove release set
|
2016-05-05 16:55:44 +02:00
|
|
|
* serial: remove serial image
|
2016-05-21 12:18:23 +02:00
|
|
|
* sets: remove all sets
|
2016-05-20 16:12:11 +02:00
|
|
|
* src: reset kernel/base build directory
|
|
|
|
* stage: reset main staging area
|
2016-07-11 07:53:52 +02:00
|
|
|
* vga: remove vga image
|
2016-05-20 16:12:11 +02:00
|
|
|
* vm: remove vm image
|
2016-07-18 08:38:36 +02:00
|
|
|
* xtools: remove xtools set
|
2015-05-22 10:27:16 +02:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
How the port tree is synced with its upstream repository
|
|
|
|
--------------------------------------------------------
|
|
|
|
|
2015-05-22 10:27:16 +02:00
|
|
|
The ports tree has a few of our modifications and is sometimes a
|
2021-08-02 10:51:18 +02:00
|
|
|
bit ahead of FreeBSD. In order to keep the local changes, a
|
2017-08-27 06:28:55 +02:00
|
|
|
skimming script is used to review and copy upstream changes:
|
2015-05-22 10:27:16 +02:00
|
|
|
|
|
|
|
# make skim[-<option>]
|
|
|
|
|
|
|
|
Available options are:
|
|
|
|
|
|
|
|
* used: review and copy upstream changes
|
|
|
|
* unused: copy unused upstream changes
|
|
|
|
* (none): all of the above
|
2015-12-26 10:21:42 +01:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Rebasing the file lists for the base sets
|
|
|
|
-----------------------------------------
|
|
|
|
|
|
|
|
In case base files changed, the base package list and obsoleted
|
2015-12-26 10:21:42 +01:00
|
|
|
files need to be regenerated. This is done using:
|
|
|
|
|
|
|
|
# make rebase
|
2016-02-28 23:16:37 +01:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Switching to the build jail for inspection
|
|
|
|
------------------------------------------
|
|
|
|
|
2016-02-28 23:16:37 +01:00
|
|
|
Shall any debugging be needed inside the build jail, the following
|
|
|
|
command will use chroot(8) to enter the active build jail:
|
|
|
|
|
2016-05-21 10:53:24 +02:00
|
|
|
# make chroot[-<subdir>]
|
2016-05-23 23:07:39 +02:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Boot images in the native bhyve(8) hypervisor
|
|
|
|
---------------------------------------------
|
|
|
|
|
2016-05-23 23:07:39 +02:00
|
|
|
There's also the posh way to boot a final image using bhyve(8):
|
|
|
|
|
|
|
|
# make boot-<image>
|
2016-07-19 08:39:00 +02:00
|
|
|
|
2021-07-05 10:26:52 +02:00
|
|
|
Please note that login is only possible via the Nano and Serial images.
|
2017-08-27 06:28:55 +02:00
|
|
|
|
2021-07-26 13:51:23 +02:00
|
|
|
Booting VM images will not work for types other than "raw".
|
|
|
|
|
2021-01-07 14:31:21 +01:00
|
|
|
Generating a make.conf for use in running OPNsense
|
|
|
|
--------------------------------------------------
|
|
|
|
|
|
|
|
A ports tree in a running OPNsense can be used to build packages
|
|
|
|
not published on the mirrors. To generate the make.conf contents
|
|
|
|
for standalone use on the host use:
|
|
|
|
|
|
|
|
# make make.conf
|
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
Reading and modifying version numbers of build sets and images
|
|
|
|
--------------------------------------------------------------
|
|
|
|
|
2016-09-22 18:37:56 +02:00
|
|
|
Normally the build scripts will pick up version numbers based
|
|
|
|
on commit tags or given version tags or a date-type string.
|
|
|
|
Should it not fit your needs, you can change the name using:
|
|
|
|
|
2016-10-05 00:35:27 +02:00
|
|
|
# make rename-<set>[,<another_set>] VERSION=<new_name>
|
2016-09-22 18:37:56 +02:00
|
|
|
|
2017-08-27 06:28:55 +02:00
|
|
|
The available targets are: base, distfiles, dvd, kernel, nano,
|
|
|
|
packages, serial, vga and vm.
|
2016-09-22 18:37:56 +02:00
|
|
|
|
2018-11-02 08:49:52 +01:00
|
|
|
The current state of the associated build repositories checked
|
|
|
|
out on the system can be printed using:
|
2016-12-22 09:41:57 +01:00
|
|
|
|
2018-11-02 08:49:52 +01:00
|
|
|
# make info
|
2016-12-22 09:41:57 +01:00
|
|
|
|
2019-07-02 08:26:40 +02:00
|
|
|
Repositories that have signing keys can show the current
|
|
|
|
fingerprint using:
|
|
|
|
|
|
|
|
# make fingerprint
|
|
|
|
|
2016-07-19 08:39:00 +02:00
|
|
|
Last but not least, in case build variables needs to be inspected,
|
|
|
|
they can be printed selectively using:
|
|
|
|
|
|
|
|
# make print-<variable1>[,<variable2>]
|
2017-08-27 06:37:47 +02:00
|
|
|
|
2018-06-28 18:27:23 +02:00
|
|
|
Compressing images
|
|
|
|
------------------
|
|
|
|
|
2018-06-28 18:33:04 +02:00
|
|
|
Images are compressed using bzip2(1) for distribution. This can
|
|
|
|
be invoked manually using:
|
2018-06-28 18:27:23 +02:00
|
|
|
|
|
|
|
# make compress-<image1>[,<image2>]
|
|
|
|
|
2017-08-27 06:37:47 +02:00
|
|
|
Composite build steps
|
|
|
|
---------------------
|
|
|
|
|
2017-09-26 08:18:26 +02:00
|
|
|
A fully contained nightly build for the system is invoked using:
|
2017-08-27 06:37:47 +02:00
|
|
|
|
|
|
|
# make nightly
|
|
|
|
|
2023-11-08 08:58:52 +01:00
|
|
|
When nightly builds are being run you can get a brief report of
|
|
|
|
the latest one for each build step or select a build step to either
|
|
|
|
view the file or watch it run in real time:
|
|
|
|
|
|
|
|
# make watch[-<step>]
|
|
|
|
|
2019-02-24 19:16:22 +01:00
|
|
|
To allow the nightly build to build both release and development packages
|
|
|
|
use:
|
|
|
|
|
2021-01-22 13:37:46 +01:00
|
|
|
# make nightly EXTRABRANCH=master
|
2019-02-24 19:16:22 +01:00
|
|
|
|
2017-10-23 09:55:24 +02:00
|
|
|
Nightly builds are the only builds that write and archive logs under:
|
|
|
|
|
|
|
|
# make print-LOGSDIR
|
|
|
|
|
2018-09-20 08:50:07 +02:00
|
|
|
with ./latest containing the last nightly build run. Older logs are
|
|
|
|
archived and available for a whole week for retrospective analysis.
|
2017-09-26 08:18:26 +02:00
|
|
|
|
2018-03-14 10:06:45 +01:00
|
|
|
To push sets and images to a remote location use the upload target:
|
|
|
|
|
2018-09-20 08:50:07 +02:00
|
|
|
# make upload-<set>[,...]
|
2018-03-14 10:06:45 +01:00
|
|
|
|
2018-03-15 08:46:57 +01:00
|
|
|
To pull sets and images from a remote location use the download target:
|
|
|
|
|
2018-09-20 08:50:07 +02:00
|
|
|
# make download-<set>[,...]
|
2018-03-15 08:46:57 +01:00
|
|
|
|
|
|
|
Logs can be downloaded as well for local inspection. Note that download
|
2018-03-17 21:17:16 +01:00
|
|
|
like prefetch will purge all locally existing targets. Use SERVER to
|
|
|
|
specify the remote end, e.g. SERVER=user@does.not.exist
|
2018-03-15 08:46:57 +01:00
|
|
|
|
2018-09-13 21:24:44 +02:00
|
|
|
Additionally, UPLOADDIR can be used to specify a remote location. At
|
|
|
|
this point only "logs" upload cleares and creates directories on the fly.
|
|
|
|
|
2018-09-17 02:26:13 +02:00
|
|
|
If you want to script interactive prompts you may use the confirm target
|
|
|
|
to operate yes or no questions before an action:
|
|
|
|
|
|
|
|
# make info confirm dvd
|
|
|
|
|
2023-04-17 10:41:23 +02:00
|
|
|
To add arbitrary plugins from an external location into an image you can
|
|
|
|
use the following:
|
|
|
|
|
|
|
|
# make custom-<image> ADDITIONS="an-existing-plugin path/to/extra/plugin"
|
|
|
|
|
2019-01-18 08:55:05 +01:00
|
|
|
Last but not least, a rebuild of OPNsense core and plugins on package
|
2017-09-26 08:18:26 +02:00
|
|
|
sets is invoked using:
|
|
|
|
|
2019-01-18 08:55:05 +01:00
|
|
|
# make hotfix[-<step>]
|
2017-09-26 08:18:26 +02:00
|
|
|
|
2024-02-16 09:48:42 +01:00
|
|
|
The default hotfix run is a non-destructive rebuild pass for missing
|
|
|
|
plugins and core packages which also signs the packages. You can also
|
|
|
|
do a full rebuild using "core" or "plugins" or "core,plugins" or
|
|
|
|
"plugins,core" step. The "ports" step, however, will automatically
|
|
|
|
rebuild mismatching and missing ports.
|
2024-02-15 13:29:50 +01:00
|
|
|
|
|
|
|
Any other argument (or list of arguments separated by comma) will be
|
2024-02-16 09:48:42 +01:00
|
|
|
treated as individual ports to be rebuilt.
|