heads' build system

heads.blend 14KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523
  1. #!/usr/bin/env zsh
  2. # Copyright (c) 2016-2018 Dyne.org Foundation
  3. #
  4. # heads.blend is written and maintained by Ivan J. <parazyd@dyne.org>
  5. #
  6. # This source code is free software: you can redistribute it and/or modify
  7. # it under the terms of the GNU General Public License as published by
  8. # the Free Software Foundation, either version 3 of the License, or
  9. # (at your option) any later version.
  10. #
  11. # This software is distributed in the hope that it will be useful,
  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14. # GNU General Public License for more details.
  15. #
  16. # You should have received a copy of the GNU General Public License
  17. # along with this source code. If not, see <http://www.gnu.org/licenses/>.
  18. ## libdevuansdk build script for heads
  19. source "$R/../config"
  20. blend_preinst() {
  21. fn blend_preinst
  22. req=(strapdir blend)
  23. ckreq || return 1
  24. notice "executing $blend_name preinst"
  25. add-user luther luther
  26. cat <<EOF | sudo tee ${strapdir}/preinst >/dev/null
  27. #!/bin/sh
  28. apt --yes --force-yes purge initramfs-tools
  29. apt --yes --force-yes --purge autoremove
  30. rm -rf /var/lib/initramfs-tools
  31. rm -rf /usr/share/initramfs-tools
  32. EOF
  33. chroot-script -d preinst || zerr
  34. }
  35. blend_postinst() {
  36. fn blend_postinst
  37. req=(strapdir)
  38. ckreq || return 1
  39. notice "executing $blend_name postinst"
  40. nopackage=(musl tomb tbb ttdnsd)
  41. for app in $nopackage; do
  42. blend_install_${app} || zerr
  43. done || zerr
  44. notice "grabbing rootfs-overlay"
  45. pushd "$strapdir"
  46. sudo git clone "$rootfs_overlay" || zerr
  47. sudo mv -v rootfs-overlay/.git . || zerr
  48. sudo cp -rv rootfs-overlay/* . || zerr
  49. sudo rm -rf rootfs-overlay
  50. popd
  51. blend_fixpax || zerr
  52. blend_finalize || zerr
  53. }
  54. build_kernel_${arch}() {
  55. fn build_kernel_${arch}
  56. req=(R arch strapdir)
  57. req+=(kernel_heads_git kernel_heads_version kernel_heads_flavor)
  58. ckreq || return 1
  59. func "override libdevuansdk's build_kernel_${arch}"
  60. [[ -d $strapdir/usr/src/linux-heads ]] || {
  61. notice "cloning linux-heads..."
  62. sudo mkdir -p "$strapdir/usr/src/linux-heads"
  63. sudo git clone -b "$kernel_heads_branch" "$kernel_heads_git" \
  64. "$strapdir/usr/src/linux-heads" || zerr
  65. }
  66. notice "compiling linux-heads"
  67. pushd "$strapdir/usr/src/linux-heads" || zerr
  68. #sudo git pull origin master
  69. sudo cp -f "$R/../extra/heads-${arch}.config" .config
  70. popd
  71. cat <<EOF | sudo tee ${strapdir}/install-linux-heads >/dev/null
  72. #!/bin/sh
  73. cd /usr/src/linux-heads
  74. make oldconfig || exit 1
  75. make ${MAKEOPTS} || exit 1
  76. make modules_install || exit 1
  77. make install || exit 1
  78. ## here we setup only what's needed to build kernel modules without the entire
  79. ## kernel sources. inspired by alpine linux once again <3
  80. _abi_release="${kernel_heads_version}-${kernel_heads_flavor}"
  81. dir="/usr/src/linux-headers-\${_abi_release}"
  82. mkdir "\$dir" || exit 1
  83. cp .config "\$dir"/.config || exit 1
  84. cp localversion-unofficial_grsec "\$dir"/localversion-unofficial_grsec || exit 1
  85. make -j1 O="\$dir" scripts
  86. rm -f "\$dir"/Makefile "\$dir"/source
  87. ## copy the needed stuff from real sources
  88. find . -path './include/*' -prune \
  89. -o -path './scripts/*' -prune -o -type f \
  90. \( -name 'Makefile*' -o -name 'Kconfig*' \
  91. -o -name 'Kbuild*' -o -name '*.sh' \
  92. -o -name '*.pl' -o -name '*.lds' \) \
  93. -print | cpio -pdm "\$dir" || exit 1
  94. cp -a scripts include "\$dir" || exit 1
  95. find \$(find arch -name include -type d -print) -type f \
  96. | cpio -pdm "\$dir"
  97. install -Dm644 Module.symvers "\$dir"/Module.symvers
  98. mkdir -p "/lib/modules/\${_abi_release}"
  99. rm -f \
  100. /lib/modules/\${_abi_release}/build \
  101. /lib/modules/\${_abi_release}/source
  102. ln -sv \
  103. /usr/src/linux-headers-\${_abi_release} \
  104. /lib/modules/\${_abi_release}/build
  105. ln -sv \
  106. /usr/src/linux-headers-\${_abi_release} \
  107. /lib/modules/\${_abi_release}/source
  108. cd ..
  109. rm -rf linux-heads
  110. ## this cuts the barebone sources to 42MB
  111. ## which is somewhat acceptable
  112. cd "\$dir"
  113. find arch -mindepth 1 -maxdepth 1 -type d | grep -E -v 'x86|arm' | xargs rm -rf
  114. find include -mindepth 1 -maxdepth 1 -type d \
  115. | grep -E 'scsi|net|dt-bindings|sound|media|drm|trace|video' | xargs rm -rf
  116. rm -rf include/linux/mfd
  117. rm -rf drivers Documentation fs sound net tools firmware
  118. EOF
  119. chroot-script -d install-linux-heads || zerr
  120. sudo chmod 755 "$strapdir/boot"
  121. }
  122. ##{{{ iso_prepare_strap()
  123. iso_prepare_strap() {
  124. # noop because we don't need live-boot anymore.
  125. fn iso_prepare_strap "(override)"
  126. return
  127. }
  128. ##}}}
  129. ##{{{ iso_setup_isolinux()
  130. iso_setup_isolinux() {
  131. fn iso_setup_isolinux "(override)"
  132. req=(workdir strapdir)
  133. ckreq || return 1
  134. notice "setting up isolinux"
  135. pushd "$workdir"
  136. sudo mkdir -p binary/{live,isolinux}
  137. sudo cp $strapdir/boot/vmlinuz* binary/live/vmlinuz
  138. pushd "$R/../initramfs"
  139. sudo su -c 'make' || zerr
  140. popd
  141. sudo cp "$R/../initramfs/initramfs.cpio.gz" binary/live/initramfs.cpio.gz || zerr
  142. sudo cp "$R"/extra/syslinux/isolinux.bin binary/isolinux || zerr
  143. sudo cp "$R"/extra/syslinux/*.c32 binary/isolinux || zerr
  144. }
  145. ##}}}
  146. ##{{{ iso_write_isolinux_cfg()
  147. iso_write_isolinux_cfg() {
  148. fn iso_write_isolinux_cfg "(override)"
  149. req=(workdir arch)
  150. ckreq || return 1
  151. ## shamelessly stolen from katolaz minimal live :p
  152. ## hope you don't mind
  153. notice "writing isolinux configuration"
  154. sudo cp -f "$R/../extra/splash.png" "$workdir/binary/isolinux/splash.png"
  155. cat <<EOF | sudo tee ${workdir}/binary/isolinux/isolinux.cfg >/dev/null
  156. default /isolinux/vesamenu.c32
  157. prompt 0
  158. timeout 30
  159. menu hshift 6
  160. menu width 64
  161. menu title heads boot menu
  162. menu background /isolinux/splash.png
  163. menu color title * #00ffffff #ff000000 none
  164. menu color border * #00000000 #00000000 none
  165. menu color sel 1;7;37;30 #ff000000 #ffffffff none
  166. menu color unsel 1;30;37 #ffffffff #ff000000 none
  167. menu color hotsel 1;7;37;40 #ffffffff #76a1d0ff *
  168. menu color tabmsg 1;30;37 #ffffffff #ff000000 none
  169. menu color cmdline 1;30;37 #ffffffff #ff000000 none
  170. menu color help 37;40 #ffdddd00 #00000000 none
  171. menu vshift 16
  172. menu rows 4
  173. #menu helpmsgrow 15
  174. #menu cmdlinerow 25
  175. #menu timeoutrow 26
  176. #menu tabmsgrow 14
  177. menu tabmsg Press ENTER to boot or TAB to edit a menu entry
  178. label live-${arch}
  179. menu label heads live (${arch}/openbox)
  180. linux /live/vmlinuz
  181. append initrd=/live/initramfs.cpio.gz verbose net.ifnames=0
  182. label live-${arch}-nopermakey
  183. menu label heads live (${arch}/openbox) (nopermakey)
  184. linux /live/vmlinuz
  185. append initrd=/live/initramfs.cpio.gz verbose net.ifnames=0 nopermakey
  186. label live-${arch}
  187. menu label heads live (${arch}/awesomewm)
  188. linux /live/vmlinuz
  189. append initrd=/live/initramfs.cpio.gz verbose net.ifnames=0 awesome
  190. label live-${arch}-nopermakey
  191. menu label heads live (${arch}/awesomewm) (nopermakey)
  192. linux /live/vmlinuz
  193. append initrd=/live/initramfs.cpio.gz verbose net.ifnames=0 nopermakey awesome
  194. endtext
  195. EOF
  196. }
  197. ##}}}
  198. ##{{{ conf_print_sourceslist()
  199. conf_print_sourceslist() {
  200. fn conf_print_sourceslist "(override)"
  201. cat <<EOF
  202. ## package repositories
  203. deb http://pkgmaster.devuan.org/merged beowulf main
  204. deb http://pkgmaster.devuan.org/merged beowulf-updates main
  205. deb http://pkgmaster.devuan.org/merged beowulf-security main
  206. deb http://pkgmaster.devuan.org/devuan experimental main
  207. #deb-src http://pkgmaster.devuan.org/merged beowulf main
  208. #deb-src http://pkgmaster.devuan.org/merged beowulf-updates main
  209. #deb-src http://pkgmaster.devuan.org/merged beowulf-security main
  210. #deb-src http://pkgmaster.devuan.org/devuan experimental main
  211. EOF
  212. }
  213. ##}}}
  214. ## {{{ blend_fixpax()
  215. blend_fixpax() {
  216. fn blend_fixpax
  217. req=(strapdir)
  218. ckreq || return 1
  219. ## XXX: not really a fix, rather a hack
  220. notice "fixing up pax markings"
  221. cat <<EOF | sudo tee ${strapdir}/fixpax >/dev/null
  222. #!/bin/sh
  223. bins="
  224. /usr/lib/thunderbird/thunderbird
  225. /usr/lib/thunderbird/thunderbird-bin
  226. /usr/local/lib/tor-browser/firefox
  227. /usr/local/lib/tor-browser/plugin-container
  228. /usr/bin/surf
  229. /usr/bin/python2.7
  230. /usr/bin/python3.5
  231. /usr/bin/python3.5m
  232. "
  233. for i in \${bins}; do
  234. test -f "\${i}" && {
  235. paxctl -c "\${i}"
  236. paxctl -m "\${i}"
  237. }
  238. done || return 0
  239. EOF
  240. chroot-script fixpax
  241. }
  242. ## }}}
  243. ## {{{ blend_install_gradm()
  244. blend_install_gradm() {
  245. fn blend_install_gradm
  246. req=(gradm_version gradm_url strapdir)
  247. ckreq || return 1
  248. notice "grabbing gradm ${gradm_version}"
  249. sudo curl -L -o "$strapdir/root/gradm.tgz" "$gradm_url" || zerr
  250. notice "compiling..."
  251. cat <<EOF | sudo tee ${strapdir}/install-gradm >/dev/null
  252. #!/bin/sh
  253. cd /root
  254. tar xvf gradm.tgz
  255. cd gradm
  256. make ${MAKEOPTS}
  257. make install
  258. cd ..
  259. rm -rf gradm*
  260. EOF
  261. chroot-script install-gradm || zerr
  262. }
  263. ## }}}
  264. ## {{{ blend_install_tomb()
  265. blend_install_tomb() {
  266. fn blend_install_tomb
  267. req=(strapdir tomb_version tomb_url)
  268. req+=(gtomb_version gtomb_url)
  269. ckreq || return 1
  270. notice "cloning tomb gits"
  271. sudo git clone "$tomb_url" "$strapdir/root/tomb" || zerr
  272. sudo git clone "$gtomb_url" "$strapdir/root/gtomb" || zerr
  273. notice "installing tomb in $strapdir"
  274. cat <<EOF | sudo tee ${strapdir}/install-tomb >/dev/null
  275. #!/bin/sh
  276. cd /root/tomb
  277. git checkout ${tomb_version}
  278. make install
  279. cd extras/kdf-keys
  280. make
  281. make install
  282. cd /root/gtomb
  283. cp gtomb /usr/local/bin/gtomb
  284. chmod 755 /usr/local/bin/gtomb
  285. cd ..
  286. rm -rf tomb
  287. rm -rf gtomb
  288. EOF
  289. chroot-script install-tomb || zerr
  290. }
  291. ## }}}
  292. ## {{{ blend_install_musl()
  293. blend_install_musl() {
  294. fn blend_install_musl
  295. req=(strapdir musl_version musl_url)
  296. ckreq || return 1
  297. notice "cloning musl gits"
  298. sudo git clone "$musl_url" "$strapdir/root/musl" || zerr
  299. notice "installing musl in $strapdir"
  300. cat <<EOF | sudo tee ${strapdir}/install-musl >/dev/null
  301. #!/bin/sh
  302. cd /root/musl
  303. git checkout ${musl_version}
  304. ./configure && \
  305. make ${MAKEOPTS} && make install || exit 1
  306. cd ..
  307. rm -rf musl
  308. EOF
  309. chroot-script install-musl || zerr
  310. }
  311. ## }}}
  312. ## {{{ blend_install_ttdnsd()
  313. blend_install_ttdnsd() {
  314. fn blend_install_ttndsd
  315. req=(strapdir ttdnsd_version ttdnsd_url)
  316. ckreq || return 1
  317. notice "installing ttdnsd in $strapdir"
  318. notice "cloning ttdnsd"
  319. sudo mkdir -p "$strapdir/root/ttdnsd"
  320. sudo git clone "$ttdnsd_url" "$strapdir/root/ttdnsd/ttdnsd"
  321. notice "installing ttdnsd in $strapdir"
  322. cat <<EOF | sudo tee ${strapdir}/install-ttdnsd >/dev/null
  323. #!/bin/sh
  324. cd /root/ttdnsd/ttdnsd
  325. dpkg-buildpackage || return 1
  326. cd ..
  327. dpkg -i *.deb || return 1
  328. cd /root
  329. rm -rf ttdnsd
  330. EOF
  331. chroot-script -d install-ttdnsd || zerr
  332. }
  333. ## }}}
  334. ## {{{ blend_install_tbb()
  335. blend_install_tbb() {
  336. fn blend_install_tbb
  337. req=(strapdir tbb_version tbb_url)
  338. ckreq || return 1
  339. notice "downloading Tor Browser Bundle..."
  340. sudo curl -L -o "$strapdir/root/tbb.txz" "$tbb_url" || zerr
  341. notice "installing Tor Browser Bundle in $strapdir"
  342. cat <<EOF | sudo tee ${strapdir}/install-tbb
  343. #!/bin/sh
  344. cd /root
  345. tar xvf tbb.txz
  346. cd tor-browser_en-US/Browser
  347. execs="\$(find . -executable)"
  348. find . -type f | xargs chmod 644
  349. echo "$execs" | xargs chmod 755
  350. cp -fv TorBrowser/Tor/libstdc++.so.6 .
  351. rm -rv TorBrowser/Tor TorBrowser/Docs
  352. rm -fv TorBrowser/Data/Browser/profile.default/extensions/tor-launcher@torproject.org.xpi
  353. mkdir -p TorBrowser/Data/Browser/Caches
  354. TBBVER="\$(sed -n 's/^Version=\(.*\)$/\1/p' application.ini)"
  355. cd - >/dev/null
  356. LOCALLIB=/usr/local/lib
  357. TBBLOCAL="\${LOCALLIB}/tor-browser"
  358. TBBEXT=/usr/local/share/tor-browser-extensions
  359. TBBETC=/etc/tor-browser/profile
  360. mkdir -p "\${LOCALLIB}" "\${TBBEXT}" "\${TBBETC}"
  361. mv -v tor-browser_en-US/Browser "\${TBBLOCAL}"
  362. chmod 755 \${TBBLOCAL}
  363. rm -rf tor-browser_en-US tbb.txz
  364. mv -v \${TBBLOCAL}/TorBrowser/Data/Browser/profile.default/extensions/* \${TBBEXT}
  365. rm -r \${TBBLOCAL}/TorBrowser/Data/Browser/profile.default/extensions
  366. rsync -a --exclude extensions \${TBBLOCAL}/TorBrowser/Data/Browser/profile.default/ \
  367. \${TBBETC}/
  368. sed -i '/extensions\.torlauncher\.default_bridge\./d' \${TBBETC}/preferences/extension-overrides.js
  369. mkdir -p \${TBBETC}/extensions
  370. for ext in \${TBBEXT}/*; do
  371. ln -vs "\$ext" \${TBBETC}/extensions/
  372. done
  373. EOF
  374. chroot-script install-tbb || zerr
  375. }
  376. ## }}}
  377. ## {{{ blend_finalize()
  378. blend_finalize() {
  379. fn blend_finalize
  380. req=(strapdir)
  381. ckreq || return 1
  382. ## XXX: torbirdy like this until we run an amprolla instance
  383. sudo cp "$R/../extra/torbirdy_0.1.4.deb" "$strapdir/torbirdy.deb"
  384. cat <<EOF | sudo tee ${strapdir}/finalize >/dev/null
  385. #!/bin/sh
  386. ## rootless xorg # XXX: not anymore; investigate
  387. groupadd wheel
  388. #apt install --no-install-recommends xserver-xorg-legacy
  389. chown -v :input /usr/bin/Xorg
  390. chmod -v g+s /usr/bin/Xorg
  391. for i in input video audio users netdev plugdev wheel; do
  392. gpasswd -a luther \${i}
  393. done
  394. echo "needs_root_rights=yes" >> /etc/X11/Xwrapper.config
  395. ## shells
  396. chsh -s /bin/zsh luther
  397. chsh -s /bin/zsh root
  398. ## perms
  399. chown -R 1000:1000 /home/luther
  400. chmod 0440 /etc/sudoers.d/heads
  401. ## torbirdy (XXX: amp)
  402. ar x torbirdy.deb
  403. tar xvf data.tar.gz
  404. rm -f control.tar.gz data.tar.gz debian-binary torbirdy.deb
  405. ln -s /usr/share/xul-ext/torbirdy /usr/lib/thunderbird/extensions/castironthunderbirdclub@torproject.org
  406. ## misc
  407. rm -rf /usr/local/share/zsh/site-functions
  408. #adduser --system --quiet --group clearnet # for a clearnet browser
  409. sed -i -e 's/devuan/heads/' /etc/hosts
  410. #gpg --recv-keys 0xB876CB44FA1B0274
  411. update-alternatives --install /usr/bin/x-www-browser x-www-browser /usr/local/bin/tor-browser 99
  412. sed -e 's/=false/=true/' -i /etc/default/macchanger
  413. sed -e 's/#LID_SLEEP=.*/LID_SLEEP=true/' -i /etc/default/acpi-support
  414. update-rc.d lightdm defaults
  415. update-rc.d wicd defaults
  416. update-rc.d acpid defaults
  417. update-rc.d ferm defaults
  418. update-rc.d tor defaults
  419. update-rc.d ttdnsd defaults
  420. update-rc.d htpdate remove
  421. ## cleanup
  422. apt-get --yes --force-yes purge ${finalize_purge_packages}
  423. apt-get --yes --force-yes autoremove
  424. apt-get clean
  425. rm -f /var/log/bootstrap.log
  426. rm -f /var/log/dpkg.log
  427. rm -f /var/log/alternatives.log
  428. rm -f /var/log/fontconfig.log
  429. rm -rf /var/log/apt
  430. rm -rf /var/log/fsck
  431. rm -rf /var/log/ConsoleKit
  432. rm -rf /var/lib/polkit-1
  433. ### kill foreign manpages
  434. #rm -rf /usr/share/man/??
  435. #rm -rf /usr/share/man/??_*
  436. #rm -rf /usr/share/locale
  437. updatedb
  438. EOF
  439. chroot-script -d finalize || zerr
  440. }
  441. ## }}}