heads' build system

heads.blend 13KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506
  1. #!/usr/bin/env zsh
  2. # Copyright (c) 2016-2018 Dyne.org Foundation
  3. #
  4. # heads.blend is written and maintained by Ivan J. <parazyd@dyne.org>
  5. #
  6. # This source code is free software: you can redistribute it and/or modify
  7. # it under the terms of the GNU General Public License as published by
  8. # the Free Software Foundation, either version 3 of the License, or
  9. # (at your option) any later version.
  10. #
  11. # This software is distributed in the hope that it will be useful,
  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14. # GNU General Public License for more details.
  15. #
  16. # You should have received a copy of the GNU General Public License
  17. # along with this source code. If not, see <http://www.gnu.org/licenses/>.
  18. ## libdevuansdk build script for heads
  19. source "$R/../config"
  20. blend_preinst() {
  21. fn blend_preinst
  22. req=(strapdir blend)
  23. ckreq || return 1
  24. notice "executing $blend_name preinst"
  25. add-user luther luther
  26. cat <<EOF | sudo tee ${strapdir}/preinst >/dev/null
  27. #!/bin/sh
  28. apt --yes --force-yes purge initramfs-tools
  29. apt --yes --force-yes --purge autoremove
  30. rm -rf /var/lib/initramfs-tools
  31. rm -rf /usr/share/initramfs-tools
  32. EOF
  33. chroot-script -d preinst || zerr
  34. }
  35. blend_postinst() {
  36. fn blend_postinst
  37. req=(strapdir)
  38. ckreq || return 1
  39. notice "executing $blend_name postinst"
  40. nopackage=(tomb tbb ttdnsd wmutils)
  41. for app in $nopackage; do
  42. blend_install_${app} || zerr
  43. done || zerr
  44. notice "grabbing rootfs-overlay"
  45. pushd "$strapdir"
  46. sudo git clone "$rootfs_overlay" || zerr
  47. sudo mv -v rootfs-overlay/.git . || zerr
  48. sudo cp -rv rootfs-overlay/* . || zerr
  49. sudo rm -rf rootfs-overlay
  50. popd
  51. blend_fixpax || zerr
  52. blend_finalize || zerr
  53. }
  54. build_kernel_${arch}() {
  55. fn build_kernel_${arch}
  56. req=(R arch strapdir)
  57. req+=(kernel_heads_git kernel_heads_version kernel_heads_flavor)
  58. ckreq || return 1
  59. func "override libdevuansdk's build_kernel_${arch}"
  60. [[ -d $strapdir/usr/src/linux-heads ]] || {
  61. notice "cloning linux-heads..."
  62. sudo mkdir -p "$strapdir/usr/src/linux-heads"
  63. sudo git clone -b "$kernel_heads_branch" "$kernel_heads_git" \
  64. "$strapdir/usr/src/linux-heads" || zerr
  65. }
  66. notice "compiling linux-heads"
  67. pushd "$strapdir/usr/src/linux-heads" || zerr
  68. #sudo git pull origin master
  69. sudo cp -f "$R/../extra/heads-${arch}.config" .config
  70. popd
  71. cat <<EOF | sudo tee ${strapdir}/install-linux-heads >/dev/null
  72. #!/bin/sh
  73. cd /usr/src/linux-heads
  74. make oldconfig || exit 1
  75. make ${MAKEOPTS} || exit 1
  76. make modules_install || exit 1
  77. make install || exit 1
  78. ## here we setup only what's needed to build kernel modules without the entire
  79. ## kernel sources. inspired by alpine linux once again <3
  80. _abi_release="${kernel_heads_version}-${kernel_heads_flavor}"
  81. dir="/usr/src/linux-headers-\${_abi_release}"
  82. mkdir "\$dir" || exit 1
  83. cp .config "\$dir"/.config || exit 1
  84. cp localversion-unofficial_grsec "\$dir"/localversion-unofficial_grsec || exit 1
  85. make -j1 O="\$dir" scripts
  86. rm -f "\$dir"/Makefile "\$dir"/source
  87. ## copy the needed stuff from real sources
  88. find . -path './include/*' -prune \
  89. -o -path './scripts/*' -prune -o -type f \
  90. \( -name 'Makefile*' -o -name 'Kconfig*' \
  91. -o -name 'Kbuild*' -o -name '*.sh' \
  92. -o -name '*.pl' -o -name '*.lds' \) \
  93. -print | cpio -pdm "\$dir" || exit 1
  94. cp -a scripts include "\$dir" || exit 1
  95. find \$(find arch -name include -type d -print) -type f \
  96. | cpio -pdm "\$dir"
  97. install -Dm644 Module.symvers "\$dir"/Module.symvers
  98. mkdir -p "/lib/modules/\${_abi_release}"
  99. rm -f \
  100. /lib/modules/\${_abi_release}/build \
  101. /lib/modules/\${_abi_release}/source
  102. ln -sv \
  103. /usr/src/linux-headers-\${_abi_release} \
  104. /lib/modules/\${_abi_release}/build
  105. ln -sv \
  106. /usr/src/linux-headers-\${_abi_release} \
  107. /lib/modules/\${_abi_release}/source
  108. cd ..
  109. rm -rf linux-heads
  110. ## this cuts the barebone sources to 42MB
  111. ## which is somewhat acceptable
  112. cd "\$dir"
  113. find arch -mindepth 1 -maxdepth 1 -type d | grep -E -v 'x86|arm' | xargs rm -rf
  114. find include -mindepth 1 -maxdepth 1 -type d \
  115. | grep -E 'scsi|net|dt-bindings|sound|media|drm|trace|video' | xargs rm -rf
  116. rm -rf include/linux/mfd
  117. rm -rf drivers Documentation fs sound net tools firmware
  118. EOF
  119. chroot-script -d install-linux-heads || zerr
  120. sudo chmod 755 "$strapdir/boot"
  121. }
  122. ##{{{ iso_prepare_strap()
  123. iso_prepare_strap() {
  124. # noop because we don't need live-boot anymore.
  125. fn iso_prepare_strap "(override)"
  126. return
  127. }
  128. ##}}}
  129. ##{{{ iso_setup_isolinux()
  130. iso_setup_isolinux() {
  131. fn iso_setup_isolinux "(override)"
  132. req=(workdir strapdir)
  133. ckreq || return 1
  134. notice "setting up isolinux"
  135. pushd "$workdir"
  136. sudo mkdir -p binary/{live,isolinux}
  137. sudo cp $strapdir/boot/vmlinuz* binary/live/vmlinuz
  138. pushd "$R/../initramfs"
  139. sudo su -c "make ARCH=$arch" || zerr
  140. popd
  141. sudo cp "$R/../initramfs/initramfs.cpio.gz" binary/live/initramfs.cpio.gz || zerr
  142. sudo cp "$R"/extra/syslinux/isolinux.bin binary/isolinux || zerr
  143. sudo cp "$R"/extra/syslinux/*.c32 binary/isolinux || zerr
  144. }
  145. ##}}}
  146. ##{{{ iso_write_isolinux_cfg()
  147. iso_write_isolinux_cfg() {
  148. fn iso_write_isolinux_cfg "(override)"
  149. req=(workdir arch)
  150. ckreq || return 1
  151. ## shamelessly stolen from katolaz minimal live :p
  152. ## hope you don't mind
  153. notice "writing isolinux configuration"
  154. sudo cp -f "$R/../extra/splash.png" "$workdir/binary/isolinux/splash.png"
  155. cat <<EOF | sudo tee ${workdir}/binary/isolinux/isolinux.cfg >/dev/null
  156. default /isolinux/vesamenu.c32
  157. prompt 0
  158. timeout 30
  159. menu hshift 6
  160. menu width 64
  161. menu title heads boot menu
  162. menu background /isolinux/splash.png
  163. menu color title * #00ffffff #ff000000 none
  164. menu color border * #00000000 #00000000 none
  165. menu color sel 1;7;37;30 #ff000000 #ffffffff none
  166. menu color unsel 1;30;37 #ffffffff #ff000000 none
  167. menu color hotsel 1;7;37;40 #ffffffff #76a1d0ff *
  168. menu color tabmsg 1;30;37 #ffffffff #ff000000 none
  169. menu color cmdline 1;30;37 #ffffffff #ff000000 none
  170. menu color help 37;40 #ffdddd00 #00000000 none
  171. menu vshift 16
  172. menu rows 4
  173. #menu helpmsgrow 15
  174. #menu cmdlinerow 25
  175. #menu timeoutrow 26
  176. #menu tabmsgrow 14
  177. menu tabmsg Press ENTER to boot or TAB to edit a menu entry
  178. label live-${arch}
  179. menu label heads live (${arch}/openbox)
  180. linux /live/vmlinuz
  181. append initrd=/live/initramfs.cpio.gz verbose net.ifnames=0
  182. label live-${arch}
  183. menu label heads live (${arch}/awesomewm)
  184. linux /live/vmlinuz
  185. append initrd=/live/initramfs.cpio.gz verbose net.ifnames=0 awesome
  186. endtext
  187. EOF
  188. }
  189. ##}}}
  190. ##{{{ conf_print_sourceslist()
  191. conf_print_sourceslist() {
  192. fn conf_print_sourceslist "(override)"
  193. cat <<EOF
  194. ## package repositories
  195. deb http://pkgmaster.devuan.org/merged beowulf main
  196. deb http://pkgmaster.devuan.org/merged beowulf-updates main
  197. deb http://pkgmaster.devuan.org/merged beowulf-security main
  198. deb http://pkgmaster.devuan.org/devuan experimental main
  199. #deb-src http://pkgmaster.devuan.org/merged beowulf main
  200. #deb-src http://pkgmaster.devuan.org/merged beowulf-updates main
  201. #deb-src http://pkgmaster.devuan.org/merged beowulf-security main
  202. #deb-src http://pkgmaster.devuan.org/devuan experimental main
  203. EOF
  204. }
  205. ##}}}
  206. ## {{{ blend_fixpax()
  207. blend_fixpax() {
  208. fn blend_fixpax
  209. req=(strapdir)
  210. ckreq || return 1
  211. ## XXX: not really a fix, rather a hack
  212. notice "fixing up pax markings"
  213. cat <<EOF | sudo tee ${strapdir}/fixpax >/dev/null
  214. #!/bin/sh
  215. bins="
  216. /usr/lib/thunderbird/thunderbird
  217. /usr/lib/thunderbird/thunderbird-bin
  218. /usr/local/lib/tor-browser/firefox
  219. /usr/local/lib/tor-browser/plugin-container
  220. /usr/bin/surf
  221. /usr/bin/python2.7
  222. /usr/bin/python3.5
  223. /usr/bin/python3.5m
  224. "
  225. for i in \${bins}; do
  226. test -f "\${i}" && {
  227. paxctl -c "\${i}"
  228. paxctl -m "\${i}"
  229. }
  230. done || return 0
  231. EOF
  232. chroot-script fixpax
  233. }
  234. ## }}}
  235. ## {{{ blend_install_tomb()
  236. blend_install_tomb() {
  237. fn blend_install_tomb
  238. req=(strapdir tomb_version tomb_url)
  239. req+=(gtomb_version gtomb_url)
  240. ckreq || return 1
  241. notice "cloning tomb gits"
  242. sudo git clone "$tomb_url" "$strapdir/root/tomb" || zerr
  243. sudo git clone "$gtomb_url" "$strapdir/root/gtomb" || zerr
  244. notice "installing tomb in $strapdir"
  245. cat <<EOF | sudo tee ${strapdir}/install-tomb >/dev/null
  246. #!/bin/sh
  247. cd /root/tomb
  248. git checkout ${tomb_version}
  249. make install
  250. cd extras/kdf-keys
  251. make
  252. make install
  253. cd /root/gtomb
  254. cp gtomb /usr/local/bin/gtomb
  255. chmod 755 /usr/local/bin/gtomb
  256. cd ..
  257. rm -rf tomb
  258. rm -rf gtomb
  259. EOF
  260. chroot-script install-tomb || zerr
  261. }
  262. ## }}}
  263. ## {{{ blend_install_wmutils()
  264. blend_install_wmutils() {
  265. fn blend_install_wmutils
  266. req=(strapdir wmutils_version wmutils_url)
  267. ckreq || return 1
  268. notice "cloning wmutils..."
  269. sudo git clone "$wmutils_url" "$strapdir/root/wmutils" || zerr
  270. notice "installing tomb in $strapdir"
  271. cat <<EOF | sudo tee ${strapdir}/install-wmutils >/dev/null
  272. #!/bin/sh
  273. cd /root/wmutils
  274. git checkout ${tomb_version}
  275. make
  276. make install
  277. cd ..
  278. rm -rf wmutils
  279. EOF
  280. chroot-script install-wmutils || zerr
  281. }
  282. ## }}}
  283. ## {{{ blend_install_musl()
  284. blend_install_musl() {
  285. fn blend_install_musl
  286. req=(strapdir musl_version musl_url)
  287. ckreq || return 1
  288. notice "cloning musl gits"
  289. sudo git clone "$musl_url" "$strapdir/root/musl" || zerr
  290. notice "installing musl in $strapdir"
  291. cat <<EOF | sudo tee ${strapdir}/install-musl >/dev/null
  292. #!/bin/sh
  293. cd /root/musl
  294. git checkout ${musl_version}
  295. ./configure && \
  296. make ${MAKEOPTS} && make install || exit 1
  297. cd ..
  298. rm -rf musl
  299. EOF
  300. chroot-script install-musl || zerr
  301. }
  302. ## }}}
  303. ## {{{ blend_install_ttdnsd()
  304. blend_install_ttdnsd() {
  305. fn blend_install_ttndsd
  306. req=(strapdir ttdnsd_version ttdnsd_url)
  307. ckreq || return 1
  308. notice "installing ttdnsd in $strapdir"
  309. notice "cloning ttdnsd"
  310. sudo mkdir -p "$strapdir/root/ttdnsd"
  311. sudo git clone "$ttdnsd_url" "$strapdir/root/ttdnsd/ttdnsd"
  312. notice "installing ttdnsd in $strapdir"
  313. cat <<EOF | sudo tee ${strapdir}/install-ttdnsd >/dev/null
  314. #!/bin/sh
  315. cd /root/ttdnsd/ttdnsd
  316. dpkg-buildpackage || return 1
  317. cd ..
  318. dpkg -i *.deb || return 1
  319. cd /root
  320. rm -rf ttdnsd
  321. EOF
  322. chroot-script -d install-ttdnsd || zerr
  323. }
  324. ## }}}
  325. ## {{{ blend_install_tbb()
  326. blend_install_tbb() {
  327. fn blend_install_tbb
  328. req=(strapdir tbb_version tbb_url)
  329. ckreq || return 1
  330. notice "downloading Tor Browser Bundle..."
  331. sudo curl -L -o "$strapdir/root/tbb.txz" "$tbb_url" || zerr
  332. notice "installing Tor Browser Bundle in $strapdir"
  333. cat <<EOF | sudo tee ${strapdir}/install-tbb
  334. #!/bin/sh
  335. cd /root
  336. tar xvf tbb.txz
  337. cd tor-browser_en-US/Browser
  338. execs="\$(find . -executable)"
  339. find . -type f | xargs chmod 644
  340. echo "\${execs}" | xargs chmod 755
  341. cp -fv TorBrowser/Tor/libstdc++.so.6 .
  342. rm -rv TorBrowser/Tor TorBrowser/Docs
  343. rm -fv TorBrowser/Data/Browser/profile.default/extensions/tor-launcher@torproject.org.xpi
  344. mkdir -p TorBrowser/Data/Browser/Caches
  345. TBBVER="\$(sed -n 's/^Version=\(.*\)$/\1/p' application.ini)"
  346. cd - >/dev/null
  347. LOCALLIB=/usr/local/lib
  348. TBBLOCAL="\${LOCALLIB}/tor-browser"
  349. TBBEXT=/usr/local/share/tor-browser-extensions
  350. TBBETC=/etc/tor-browser/profile
  351. mkdir -p "\${LOCALLIB}" "\${TBBEXT}" "\${TBBETC}"
  352. mv -v tor-browser_en-US/Browser "\${TBBLOCAL}"
  353. chmod 755 \${TBBLOCAL}
  354. rm -rf tor-browser_en-US tbb.txz
  355. mv -v \${TBBLOCAL}/TorBrowser/Data/Browser/profile.default/extensions/* \${TBBEXT}
  356. rm -r \${TBBLOCAL}/TorBrowser/Data/Browser/profile.default/extensions
  357. rsync -a --exclude extensions \${TBBLOCAL}/TorBrowser/Data/Browser/profile.default/ \
  358. \${TBBETC}/
  359. sed -i '/extensions\.torlauncher\.default_bridge\./d' \${TBBETC}/preferences/extension-overrides.js
  360. mkdir -p \${TBBETC}/extensions
  361. for ext in \${TBBEXT}/*; do
  362. ln -vs "\$ext" \${TBBETC}/extensions/
  363. done
  364. find \${TBBETC} -type d | xargs chmod 755
  365. EOF
  366. chroot-script install-tbb || zerr
  367. }
  368. ## }}}
  369. ## {{{ blend_finalize()
  370. blend_finalize() {
  371. fn blend_finalize
  372. req=(strapdir)
  373. ckreq || return 1
  374. ## XXX: torbirdy like this until we run an amprolla instance
  375. sudo cp "$R/../extra/torbirdy_0.1.4.deb" "$strapdir/torbirdy.deb"
  376. cat <<EOF | sudo tee ${strapdir}/finalize >/dev/null
  377. #!/bin/sh
  378. ## rootless xorg # XXX: not anymore; investigate
  379. groupadd wheel
  380. #apt install --no-install-recommends xserver-xorg-legacy
  381. chown -v :input /usr/bin/Xorg
  382. chmod -v g+s /usr/bin/Xorg
  383. for i in input video audio users netdev plugdev wheel sudo; do
  384. gpasswd -a luther \${i}
  385. done
  386. sed 's/^allowed_users=.*/allowed_users=anybody/' -i /etc/X11/Xwrapper.config
  387. echo "needs_root_rights=yes" >> /etc/X11/Xwrapper.config
  388. ## shells
  389. chsh -s /bin/zsh luther
  390. chsh -s /bin/zsh root
  391. ## perms
  392. chown -R 1000:1000 /home/luther
  393. chmod 0440 /etc/sudoers.d/heads
  394. sed -i -e 's/02755/02750/g' /etc/init.d/tor # Fix permissions for ControlSocket
  395. ## torbirdy (XXX: amp)
  396. ar x torbirdy.deb
  397. tar xvf data.tar.gz
  398. rm -f control.tar.gz data.tar.gz debian-binary torbirdy.deb
  399. ln -s /usr/share/xul-ext/torbirdy /usr/lib/thunderbird/extensions/castironthunderbirdclub@torproject.org
  400. ## misc
  401. rm -rf /usr/local/share/zsh/site-functions
  402. #adduser --system --quiet --group clearnet # for a clearnet browser
  403. sed -i -e 's/devuan/heads/' /etc/hosts
  404. update-alternatives --install /usr/bin/x-www-browser x-www-browser /usr/local/bin/tor-browser 99
  405. sed -e 's/#LID_SLEEP=.*/LID_SLEEP=true/' -i /etc/default/acpi-support
  406. rc-update add wicd default
  407. rc-udpate add acpid default
  408. rc-update add ferm default
  409. rc-update add tor default
  410. rc-update add ttdnsd default
  411. rc-update del htpdate default
  412. ## cleanup
  413. apt-get --yes --force-yes purge ${finalize_purge_packages}
  414. apt-get --yes --force-yes --purge autoremove
  415. apt-get clean
  416. rm -f /var/log/bootstrap.log
  417. rm -f /var/log/dpkg.log
  418. rm -f /var/log/alternatives.log
  419. rm -f /var/log/fontconfig.log
  420. rm -rf /var/log/apt
  421. rm -rf /var/log/fsck
  422. rm -rf /var/log/ConsoleKit
  423. rm -rf /var/lib/polkit-1
  424. updatedb
  425. EOF
  426. chroot-script -d finalize || zerr
  427. }
  428. ## }}}