From b2079707327bf9cad0733dddcaa6db7f526e4975 Mon Sep 17 00:00:00 2001 From: Manawyrm Date: Fri, 30 Jun 2023 13:58:30 +0200 Subject: [PATCH] Add x86 version --- .../workflows/{main.yml => raspberrypi.yml} | 1 + .github/workflows/x86.yml | 48 ++++++++++ build_x86.sh | 87 +++++++++++++++++++ .../boot/kioskbrowser.ini | 0 kiosk_skeleton/build.sh | 10 ++- x86_skeleton/setup.sh | 22 +++++ 6 files changed, 165 insertions(+), 3 deletions(-) rename .github/workflows/{main.yml => raspberrypi.yml} (97%) create mode 100644 .github/workflows/x86.yml create mode 100755 build_x86.sh rename {raspberry_pi_skeleton => kiosk_skeleton}/boot/kioskbrowser.ini (100%) create mode 100755 x86_skeleton/setup.sh diff --git a/.github/workflows/main.yml b/.github/workflows/raspberrypi.yml similarity index 97% rename from .github/workflows/main.yml rename to .github/workflows/raspberrypi.yml index 36d1d79..6dc4823 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/raspberrypi.yml @@ -40,6 +40,7 @@ jobs: uses: softprops/action-gh-release@v1 if: startsWith(github.ref, 'refs/tags/') with: + append_body: true body_path: ./raspikiosk.version files: | ./raspikiosk.img.gz diff --git a/.github/workflows/x86.yml b/.github/workflows/x86.yml new file mode 100644 index 0000000..0d47476 --- /dev/null +++ b/.github/workflows/x86.yml @@ -0,0 +1,48 @@ +name: CI + +on: + create: { } + push: { } + pull_request: { } + +permissions: + contents: write + +jobs: + build: + runs-on: [ubuntu-latest] + + outputs: + pkgfile: ${{ steps.pkgname.outputs.pkgfile }} + + steps: + - name: Check out repo + uses: actions/checkout@v2 + + - name: Install dependencies + run: | + sudo apt update -qq + sudo apt install -yqq libguestfs-tools qemu-utils qemu-system-x86 ovmf qemu-block-extra qemu-user-static binfmt-support rsync sudo wget xz-utils pigz mount dosfstools libarchive-tools + + - name: Build firmware + run: | + ./build_x86.sh + + - name: Compress firmware + run: | + pigz -4 x86kiosk.img + + - name: Debug info + run: | + ls -lAh . + + - name: Release build artifacts + uses: softprops/action-gh-release@v1 + if: startsWith(github.ref, 'refs/tags/') + with: + append_body: true + body_path: ./x86kiosk.version + files: | + ./x86kiosk.img.gz + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/build_x86.sh b/build_x86.sh new file mode 100755 index 0000000..29221c2 --- /dev/null +++ b/build_x86.sh @@ -0,0 +1,87 @@ +#!/bin/bash + +# *sigh*, some docker containers don't seem to have sbin in their PATH +export PATH=$PATH:/usr/sbin + +SCRIPT_DIR="$(dirname "$(realpath "$0")")" +BUILD_DIR="${SCRIPT_DIR}/work/root/" + +# cleanup any previous build attempts +umount -fl "${BUILD_DIR}" || true +rm -rf "${BUILD_DIR}" || true +mkdir -p "${BUILD_DIR}" +rm x86kiosk.img || true + +truncate -s 10G x86kiosk.img + +PARTLAYOUT=$(cat <<-END +label: gpt +label-id: 3BC7D7CD-4BF8-4E92-AAEB-2ACD5F8D05AA +device: x86kiosk.img +unit: sectors +first-lba: 34 +last-lba: 20971486 +sector-size: 512 + +x86kiosk.img1 : start= 2048, size= 2095105, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=9C99F1BB-11A8-4BB5-82C2-555D7A38F85C, name="EFI system partition" +x86kiosk.img2 : start= 2099200, size= 18870272, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=93A9AB2C-BC29-4C6C-B6DD-1B4EDDED9A1E, name="Linux filesystem" +END +) +echo "${PARTLAYOUT}" | sfdisk x86kiosk.img + +# Setup loop device for x86 image (with partition scanning) +ld=$(sudo losetup -P --show -f x86kiosk.img) + +# Create filesystems +mkfs.ext4 "${ld}p2" +mkfs.fat -F 32 "${ld}p1" + +# Mount partitions +sudo mount "${ld}p2" "${BUILD_DIR}" +sudo mkdir "${BUILD_DIR}/boot" +sudo mount "${ld}p1" "${BUILD_DIR}/boot" + +# Debootstrap debian +sudo debootstrap --include=linux-image-amd64,grub-efi,sudo --arch amd64 bookworm "${BUILD_DIR}" http://deb.debian.org/debian/ + +# Copy the skeleton files +sudo rsync -a "${SCRIPT_DIR}/x86_skeleton/." "${BUILD_DIR}" +sudo rsync -a "${SCRIPT_DIR}/kiosk_skeleton/." "${BUILD_DIR}/kiosk_skeleton" + +# Create fstab +fat_uuid=$(lsblk -no UUID "${ld}p1") +ext_uuid=$(lsblk -no UUID "${ld}p2") + +echo "UUID=${fat_uuid} /boot vfat ro,defaults 0 2" | sudo tee "${BUILD_DIR}/etc/fstab" +echo "UUID=${ext_uuid} / ext4 ro,defaults,noatime 0 1" | sudo tee -a "${BUILD_DIR}/etc/fstab" + +# Include git repo version info +echo -n "AnotterKiosk repository version: " > "${BUILD_DIR}/version-info" +git describe --abbrev=4 --dirty --always --tags >> "${BUILD_DIR}/version-info" +echo >> "${BUILD_DIR}/version-info" + +# Mount system partitions (from the build host) +sudo mount proc -t proc -o nosuid,noexec,nodev "${BUILD_DIR}/proc/" +sudo mount sys -t sysfs -o nosuid,noexec,nodev,ro "${BUILD_DIR}/sys/" +sudo mount devpts -t devtmpfs -o mode=0755,nosuid "${BUILD_DIR}/dev/" + +# and then actually install everything. +sudo chroot "${BUILD_DIR}" /setup.sh +sudo chroot "${BUILD_DIR}" /kiosk_skeleton/build.sh + +sudo rm -r "${BUILD_DIR}/kiosk_skeleton" + +cp "${BUILD_DIR}/version-info" x86kiosk.version + +sudo umount -fl "${BUILD_DIR}/proc" +sudo umount -fl "${BUILD_DIR}/sys" +sudo umount -fl "${BUILD_DIR}/dev" + +sudo umount "${BUILD_DIR}/proc" +sudo umount "${BUILD_DIR}/sys" +sudo umount "${BUILD_DIR}/dev" + +sudo umount "${BUILD_DIR}/boot" +sudo umount "${BUILD_DIR}" + +sudo losetup -D "${ld}" diff --git a/raspberry_pi_skeleton/boot/kioskbrowser.ini b/kiosk_skeleton/boot/kioskbrowser.ini similarity index 100% rename from raspberry_pi_skeleton/boot/kioskbrowser.ini rename to kiosk_skeleton/boot/kioskbrowser.ini diff --git a/kiosk_skeleton/build.sh b/kiosk_skeleton/build.sh index 9987e1e..a96cecd 100755 --- a/kiosk_skeleton/build.sh +++ b/kiosk_skeleton/build.sh @@ -22,21 +22,25 @@ chown -hR www-data:www-data /var/www/html/ mkdir -p /home/pi/.config/chromium/ chown -hR 1000:1000 /home/pi/.config/chromium/ - +mkdir -p /home/pi/.cache +chown -hR 1000:1000 /home/pi/.cache mkdir -p /home/pi/.pki/ chown -hR 1000:1000 /home/pi/.pki/ - mkdir -p /home/pi/.ssh chown -hR 1000:1000 /home/pi/.ssh mkdir -p /root/.ssh -# FIXME: readonly in /etc/fstab +mkdir -p /var/lib/lightdm +mkdir -p /var/lib/dhcpcd +mkdir -p /var/lib/nginx + echo "tmpfs /dev/shm tmpfs mode=0777 0 0" >> /etc/fstab echo "tmpfs /tmp tmpfs mode=1777 0 0" >> /etc/fstab echo "tmpfs /run tmpfs mode=0755,nosuid,nodev 0 0" >> /etc/fstab echo "tmpfs /var/log tmpfs defaults,noatime,nosuid,mode=0755,size=100m 0 0" >> /etc/fstab echo "tmpfs /var/lib/lightdm tmpfs defaults,noatime,nosuid,size=30m 0 0" >> /etc/fstab echo "tmpfs /var/lib/dhcpcd tmpfs defaults,noatime,nosuid,size=30m 0 0" >> /etc/fstab +echo "tmpfs /var/lib/nginx tmpfs defaults,noatime,nosuid,size=30m 0 0" >> /etc/fstab echo "tmpfs /home/pi/.cache tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000 0 0" >> /etc/fstab echo "tmpfs /home/pi/.config/chromium/ tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000 0 0" >> /etc/fstab echo "tmpfs /home/pi/.pki/ tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000 0 0" >> /etc/fstab diff --git a/x86_skeleton/setup.sh b/x86_skeleton/setup.sh new file mode 100755 index 0000000..f6f523b --- /dev/null +++ b/x86_skeleton/setup.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +echo "deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list +apt update +apt install -y polkitd locales zstd dhcpcd wpa_supplicant +locale-gen en_US.UTF-8 + +apt install -y firmware-amd-graphics firmware-iwlwifi firmware-brcm80211 firmware-atheros firmware-misc-nonfree firmware-realtek + +echo "grub-efi-amd64 grub2/force_efi_extra_removable boolean true" | debconf-set-selections +update-grub +grub-install --target=x86_64-efi --efi-directory=/boot --removable --bootloader-id=AnotterKiosk + +useradd -U -m -s /bin/bash -u 1000 -G audio,video,users,input,adm,dialout,plugdev,render pi + +systemctl enable dhcpcd + +rm /etc/resolv.conf +echo "nameserver 8.8.8.8" > /etc/resolv.conf +echo "nameserver 2001:4860:4860::8888" >> /etc/resolv.conf +echo "nameserver 8.8.4.4" >> /etc/resolv.conf +echo "nameserver 2001:4860:4860::8844" >> /etc/resolv.conf