opnsense-tools/build/common.sh

#!/bin/sh

# Copyright (c) 2014 Franco Fichtner <franco@opnsense.org>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.

set -e

# important build settings
export PRODUCT_NAME="OPNsense"

# build directories
export STAGEDIR="/usr/local/stage"
export PACKAGESDIR="/tmp/packages"
export IMAGESDIR="/tmp/images"
export SETSDIR="/tmp/sets"

# code reositories
export TOOLSDIR="/usr/tools"
export PORTSDIR="/usr/ports"
export COREDIR="/usr/core"
export SRCDIR="/usr/src"

# misc. foo
export CPUS=`sysctl kern.smp.cpus | awk '{ print $2 }'`
export ARCH=${ARCH:-"`uname -m`"}
export TARGETARCH=${ARCH}
export TARGET_ARCH=${ARCH}

# target files
export ISOPATH="${IMAGESDIR}/${PRODUCT_NAME}-LiveCD-${ARCH}-`date '+%Y%m%d-%H%M'`.iso"
export MEMSTICKPATH="${IMAGESDIR}/${PRODUCT_NAME}-memstick-${ARCH}-`date '+%Y%m%d-%H%M'`.img"
export MEMSTICKSERIALPATH="${IMAGESDIR}/${PRODUCT_NAME}-memstick-serial-${ARCH}-`date '+%Y%m%d-%H%M'`.img"

# must clear lingering configs to be safe
rm -f /etc/make.conf

# print environment to showcase all of our variables
env

git_clear()
{
	# Reset the git repository into a known state by
	# enforcing a hard-reset to HEAD (so you keep your
	# selected commit, but no manual changes) and all
	# unknown files are cleared (so it looks like a
	# freshly cloned repository).

	echo -n ">>> Resetting ${1}... "

	git -C ${1} reset --hard HEAD
	git -C ${1} clean -xdqf .
}

git_describe()
{
	VERSION=$(git -C ${1} describe --abbrev=0)
	REVISION=$(git -C ${1} rev-list ${VERSION}.. --count)
	COMMENT=$(git -C ${1} rev-list HEAD --max-count=1 | cut -c1-9)
	if [ "${REVISION}" != "0" ]; then
		# must construct full version string manually
		VERSION=${VERSION}_${REVISION}
	fi

	export REPO_VERSION=${VERSION}
	export REPO_COMMENT=${COMMENT}
}

setup_chroot()
{
	echo ">>> Setting up chroot in ${1}"

	cp /etc/resolv.conf ${1}/etc
	mount -t devfs devfs ${1}/dev
	chroot ${1} /etc/rc.d/ldconfig start
}

setup_base()
{
	echo ">>> Setting up world in ${1}"

	# XXX The installer is hardwired to copy
	# /home and will bail if it can't be found!
	mkdir -p ${1}/home

	(cd ${1} && tar -Jxpf ${SETSDIR}/base-*.txz)
}

setup_kernel()
{
	echo ">>> Setting up kernel in ${1}"

	(cd ${1} && tar -Jxpf ${SETSDIR}/kernel-*.txz)
}

setup_packages()
{
	echo ">>> Setting up packages in ${1}..."

	mkdir -p ${1}/${PACKAGESDIR}
	cp ${PACKAGESDIR}/* ${1}/${PACKAGESDIR}

	# opnsense has all required ports embedded as dependencies
	pkg -c ${1} add ${PACKAGESDIR}/opnsense-*.txz

	rm -r ${1}/${PACKAGESDIR}
}

setup_platform()
{
	echo ">>> Setting up platform in ${1}..."

	# XXX clean this up:
	mkdir -p ${1}/cf/conf
	chroot ${1} /bin/ln -s /cf/conf /conf
	touch ${1}/cf/conf/trigger_initial_wizard
	echo cdrom > ${1}/usr/local/etc/platform

	# Set sane defaults via rc.conf(5)
	cat > ${1}/etc/rc.conf <<EOF
tmpmfs="YES"
tmpsize="128m"
EOF

	DEFAULT_PW=`cat ${1}/usr/local/etc/inc/globals.inc | grep factory_shipped_password | cut -d'"' -f4`
	echo ">>> Setting up initial root password: ${DEFAULT_PW}"
	chroot ${1} /bin/sh -s <<EOF
echo ${DEFAULT_PW} | pw usermod -n root -h 0
EOF
}

setup_mtree()
{
	echo ">>> Creating mtree summary of files present..."

	cat > ${1}/tmp/installed_filesystem.mtree.exclude <<EOF
./dev
./tmp
EOF
	chroot ${1} /bin/sh -s <<EOF
/usr/sbin/mtree -c -k uid,gid,mode,size,sha256digest -p / -X /tmp/installed_filesystem.mtree.exclude > /tmp/installed_filesystem.mtree
/bin/chmod 600 /tmp/installed_filesystem.mtree
/bin/mv /tmp/installed_filesystem.mtree /etc/
/bin/rm /tmp/installed_filesystem.mtree.exclude
EOF
}

setup_stage()
{
	# might have been a chroot
	umount ${1}/dev 2> /dev/null || true
	# remove base system files
	rm -rf ${1} 2> /dev/null ||
	    (chflags -R noschg ${1}; rm -rf ${1} 2> /dev/null)
	# revive directory for next run
	mkdir -p ${1}
}
build: add common file to avoid duplication 2014-11-09 11:04:44 +01:00			`#!/bin/sh`

build: update email address 2014-12-09 09:13:49 +01:00			`# Copyright (c) 2014 Franco Fichtner <franco@opnsense.org>`
build: add common file to avoid duplication 2014-11-09 11:04:44 +01:00			`#`
			`# Redistribution and use in source and binary forms, with or without`
			`# modification, are permitted provided that the following conditions`
			`# are met:`
			`#`
			`# 1. Redistributions of source code must retain the above copyright`
			`# notice, this list of conditions and the following disclaimer.`
build: minor whitespace cleanup 2014-11-09 11:06:26 +01:00			`#`
build: add common file to avoid duplication 2014-11-09 11:04:44 +01:00			`# 2. Redistributions in binary form must reproduce the above copyright`
			`# notice, this list of conditions and the following disclaimer in the`
			`# documentation and/or other materials provided with the distribution.`
			`#`
			# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
			`# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE`
			`# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE`
			`# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE`
			`# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL`
			`# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS`
			`# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)`
			`# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT`
			`# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY`
			`# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF`
			`# SUCH DAMAGE.`

			`set -e`

build: proper iso name 2014-11-15 21:12:09 +01:00			`# important build settings`
			`export PRODUCT_NAME="OPNsense"`

build: add a first bootable iso :) 2014-11-09 13:14:07 +01:00			`# build directories`
			`export STAGEDIR="/usr/local/stage"`
build: add a ports builder using pkgng While there, break down the old ports list into a cleaner format and fixup most entries for the new ports tree. 2014-11-15 08:55:43 +01:00			`export PACKAGESDIR="/tmp/packages"`
build: add a first bootable iso :) 2014-11-09 13:14:07 +01:00			`export IMAGESDIR="/tmp/images"`
			`export SETSDIR="/tmp/sets"`

			`# code reositories`
build: add a ports builder using pkgng While there, break down the old ports list into a cleaner format and fixup most entries for the new ports tree. 2014-11-15 08:55:43 +01:00			`export TOOLSDIR="/usr/tools"`
			`export PORTSDIR="/usr/ports"`
build: overlay core.git into iso for now 2014-11-15 11:06:04 +01:00			`export COREDIR="/usr/core"`
build: add a first bootable iso :) 2014-11-09 13:14:07 +01:00			`export SRCDIR="/usr/src"`

			`# misc. foo`
build: add common file to avoid duplication 2014-11-09 11:04:44 +01:00			export CPUS=`sysctl kern.smp.cpus \| awk '{ print $2 }'`
build: hook up opnsense_SMP.10 for kernel build 2014-11-15 15:54:43 +01:00			export ARCH=${ARCH:-"`uname -m`"}
			`export TARGETARCH=${ARCH}`
			`export TARGET_ARCH=${ARCH}`
build: add common file to avoid duplication 2014-11-09 11:04:44 +01:00
build: proper iso name 2014-11-15 21:12:09 +01:00			`# target files`
			export ISOPATH="${IMAGESDIR}/${PRODUCT_NAME}-LiveCD-${ARCH}-`date '+%Y%m%d-%H%M'`.iso"
build: add memstick image(s) 2014-12-11 13:56:30 +01:00			export MEMSTICKPATH="${IMAGESDIR}/${PRODUCT_NAME}-memstick-${ARCH}-`date '+%Y%m%d-%H%M'`.img"
			export MEMSTICKSERIALPATH="${IMAGESDIR}/${PRODUCT_NAME}-memstick-serial-${ARCH}-`date '+%Y%m%d-%H%M'`.img"
build: proper iso name 2014-11-15 21:12:09 +01:00
build: add versioning support for core 2014-12-11 15:23:35 +01:00			`# must clear lingering configs to be safe`
			`rm -f /etc/make.conf`

build: minor whitespace cleanup 2014-11-09 11:06:26 +01:00			`# print environment to showcase all of our variables`
build: add common file to avoid duplication 2014-11-09 11:04:44 +01:00			`env`

			`git_clear()`
			`{`
			`# Reset the git repository into a known state by`
			`# enforcing a hard-reset to HEAD (so you keep your`
			`# selected commit, but no manual changes) and all`
			`# unknown files are cleared (so it looks like a`
			`# freshly cloned repository).`

			`echo -n ">>> Resetting ${1}... "`

			`git -C ${1} reset --hard HEAD`
			`git -C ${1} clean -xdqf .`
			`}`
build: add a clean script to deal with object/stage dir removal 2014-11-09 11:15:01 +01:00
build: add versioning support for core 2014-12-11 15:23:35 +01:00			`git_describe()`
			`{`
			`VERSION=$(git -C ${1} describe --abbrev=0)`
			`REVISION=$(git -C ${1} rev-list ${VERSION}.. --count)`
build/core: embed version info into post-install phase ... so we can get rid of keeping a stale version file in core.git. 2014-12-20 12:14:23 +01:00			`COMMENT=$(git -C ${1} rev-list HEAD --max-count=1 \| cut -c1-9)`
build: add versioning support for core 2014-12-11 15:23:35 +01:00			`if [ "${REVISION}" != "0" ]; then`
			`# must construct full version string manually`
			`VERSION=${VERSION}_${REVISION}`
			`fi`

			`export REPO_VERSION=${VERSION}`
			`export REPO_COMMENT=${COMMENT}`
			`}`

build: setup_stage needs to know about chroot, so... ... refactor chroot foo into setup_chroot. Everybody is happy, right? 2014-12-20 22:34:42 +01:00			`setup_chroot()`
			`{`
			`echo ">>> Setting up chroot in ${1}"`

			`cp /etc/resolv.conf ${1}/etc`
			`mount -t devfs devfs ${1}/dev`
			`chroot ${1} /etc/rc.d/ldconfig start`
			`}`

build: add a first bootable iso :) 2014-11-09 13:14:07 +01:00			`setup_base()`
			`{`
			`echo ">>> Setting up world in ${1}"`

build: iso boot fixes 2014-11-15 11:29:03 +01:00			`# XXX The installer is hardwired to copy`
			`# /home and will bail if it can't be found!`
			`mkdir -p ${1}/home`

build: install needs new code too 2014-12-12 09:18:35 +01:00			`(cd ${1} && tar -Jxpf ${SETSDIR}/base-*.txz)`
build: add a first bootable iso :) 2014-11-09 13:14:07 +01:00			`}`

			`setup_kernel()`
			`{`
			`echo ">>> Setting up kernel in ${1}"`

build: install needs new code too 2014-12-12 09:18:35 +01:00			`(cd ${1} && tar -Jxpf ${SETSDIR}/kernel-*.txz)`
build: add a first bootable iso :) 2014-11-09 13:14:07 +01:00			`}`

build: install packages on final iso 2014-11-15 10:55:32 +01:00			`setup_packages()`
			`{`
			`echo ">>> Setting up packages in ${1}..."`

			`mkdir -p ${1}/${PACKAGESDIR}`
			`cp ${PACKAGESDIR}/* ${1}/${PACKAGESDIR}`

build: add an opnsense package that holds all the dependencies Makes it super-easy to manage package updates... Later we'll add the actual core.git contents. 2014-11-15 15:17:35 +01:00			`# opnsense has all required ports embedded as dependencies`
			`pkg -c ${1} add ${PACKAGESDIR}/opnsense-*.txz`
build: install packages on final iso 2014-11-15 10:55:32 +01:00
			`rm -r ${1}/${PACKAGESDIR}`
			`}`

build: overlay core.git into iso for now 2014-11-15 11:06:04 +01:00			`setup_platform()`
			`{`
build: fill the opnsense package with repo content 2014-12-09 17:11:54 +01:00			`echo ">>> Setting up platform in ${1}..."`
build: overlay core.git into iso for now 2014-11-15 11:06:04 +01:00
build: replace varmfs/etcmfs and set default password 2014-12-10 21:27:02 +01:00			`# XXX clean this up:`
build: create a symlink for now 2014-12-11 14:30:39 +01:00			`mkdir -p ${1}/cf/conf`
			`chroot ${1} /bin/ln -s /cf/conf /conf`
build: create directories core.git doesn't have anymore 2014-12-09 17:06:45 +01:00			`touch ${1}/cf/conf/trigger_initial_wizard`
build: advertise platform type here for now 2014-12-10 17:13:01 +01:00			`echo cdrom > ${1}/usr/local/etc/platform`
build: replace varmfs/etcmfs and set default password 2014-12-10 21:27:02 +01:00
			`# Set sane defaults via rc.conf(5)`
			`cat > ${1}/etc/rc.conf <<EOF`
			`tmpmfs="YES"`
			`tmpsize="128m"`
			`EOF`

			DEFAULT_PW=`cat ${1}/usr/local/etc/inc/globals.inc \| grep factory_shipped_password \| cut -d'"' -f4`
			`echo ">>> Setting up initial root password: ${DEFAULT_PW}"`
			`chroot ${1} /bin/sh -s <<EOF`
			`echo ${DEFAULT_PW} \| pw usermod -n root -h 0`
			`EOF`
build: overlay core.git into iso for now 2014-11-15 11:06:04 +01:00			`}`

build: rewrite mtree generation for final bsdinstaller stage 2014-11-16 16:20:27 +01:00			`setup_mtree()`
			`{`
			`echo ">>> Creating mtree summary of files present..."`

			`cat > ${1}/tmp/installed_filesystem.mtree.exclude <<EOF`
			`./dev`
			`./tmp`
			`EOF`
			`chroot ${1} /bin/sh -s <<EOF`
			`/usr/sbin/mtree -c -k uid,gid,mode,size,sha256digest -p / -X /tmp/installed_filesystem.mtree.exclude > /tmp/installed_filesystem.mtree`
			`/bin/chmod 600 /tmp/installed_filesystem.mtree`
			`/bin/mv /tmp/installed_filesystem.mtree /etc/`
			`/bin/rm /tmp/installed_filesystem.mtree.exclude`
			`EOF`
			`}`

build: add a clean script to deal with object/stage dir removal 2014-11-09 11:15:01 +01:00			`setup_stage()`
			`{`
build: introduce jailed ports build 2014-12-20 22:31:37 +01:00			`# might have been a chroot`
			`umount ${1}/dev 2> /dev/null \|\| true`
			`# remove base system files`
			`rm -rf ${1} 2> /dev/null \|\|`
			`(chflags -R noschg ${1}; rm -rf ${1} 2> /dev/null)`
			`# revive directory for next run`
			`mkdir -p ${1}`
build: add a clean script to deal with object/stage dir removal 2014-11-09 11:15:01 +01:00			`}`