Add x86 version

.github/workflows/raspberrypi.yml

@@ -40,6 +40,7 @@ jobs:
         uses: softprops/action-gh-release@v1
         if: startsWith(github.ref, 'refs/tags/')
         with:
+          append_body: true
           body_path: ./raspikiosk.version
           files: |
             ./raspikiosk.img.gz

.github/workflows/x86.yml

@@ -0,0 +1,48 @@
+name: CI
+
+on:
+  create: { }
+  push: { }
+  pull_request: { }
+
+permissions:
+  contents: write
+
+jobs:
+  build:
+    runs-on: [ubuntu-latest]
+
+    outputs:
+      pkgfile: ${{ steps.pkgname.outputs.pkgfile }}
+
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@v2
+
+      - name: Install dependencies
+        run: |
+          sudo apt update -qq
+          sudo apt install -yqq libguestfs-tools qemu-utils qemu-system-x86 ovmf qemu-block-extra qemu-user-static binfmt-support rsync sudo wget xz-utils pigz mount dosfstools libarchive-tools
+          
+      - name: Build firmware
+        run: |
+          ./build_x86.sh
+
+      - name: Compress firmware
+        run: |
+          pigz -4 x86kiosk.img
+
+      - name: Debug info
+        run: |
+          ls -lAh .
+
+      - name: Release build artifacts
+        uses: softprops/action-gh-release@v1
+        if: startsWith(github.ref, 'refs/tags/')
+        with:
+          append_body: true
+          body_path: ./x86kiosk.version
+          files: |
+            ./x86kiosk.img.gz
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

build_x86.sh

@@ -0,0 +1,87 @@
+#!/bin/bash
+
+# *sigh*, some docker containers don't seem to have sbin in their PATH
+export PATH=$PATH:/usr/sbin
+
+SCRIPT_DIR="$(dirname "$(realpath "$0")")"
+BUILD_DIR="${SCRIPT_DIR}/work/root/"
+
+# cleanup any previous build attempts
+umount -fl "${BUILD_DIR}" || true
+rm -rf "${BUILD_DIR}" || true
+mkdir -p "${BUILD_DIR}"
+rm x86kiosk.img || true
+
+truncate -s 10G x86kiosk.img
+
+PARTLAYOUT=$(cat <<-END
+label: gpt
+label-id: 3BC7D7CD-4BF8-4E92-AAEB-2ACD5F8D05AA
+device: x86kiosk.img
+unit: sectors
+first-lba: 34
+last-lba: 20971486
+sector-size: 512
+
+x86kiosk.img1 : start=        2048, size=     2095105, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=9C99F1BB-11A8-4BB5-82C2-555D7A38F85C, name="EFI system partition"
+x86kiosk.img2 : start=     2099200, size=    18870272, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, uuid=93A9AB2C-BC29-4C6C-B6DD-1B4EDDED9A1E, name="Linux filesystem"
+END
+)
+echo "${PARTLAYOUT}" | sfdisk x86kiosk.img
+
+# Setup loop device for x86 image (with partition scanning)
+ld=$(sudo losetup -P --show -f x86kiosk.img)
+
+# Create filesystems
+mkfs.ext4 "${ld}p2"
+mkfs.fat -F 32 "${ld}p1"
+
+# Mount partitions
+sudo mount "${ld}p2" "${BUILD_DIR}"
+sudo mkdir "${BUILD_DIR}/boot"
+sudo mount "${ld}p1" "${BUILD_DIR}/boot"
+
+# Debootstrap debian
+sudo debootstrap --include=linux-image-amd64,grub-efi,sudo --arch amd64 bookworm "${BUILD_DIR}" http://deb.debian.org/debian/
+
+# Copy the skeleton files
+sudo rsync -a "${SCRIPT_DIR}/x86_skeleton/." "${BUILD_DIR}"
+sudo rsync -a "${SCRIPT_DIR}/kiosk_skeleton/." "${BUILD_DIR}/kiosk_skeleton"
+
+# Create fstab
+fat_uuid=$(lsblk -no UUID "${ld}p1")
+ext_uuid=$(lsblk -no UUID "${ld}p2")
+
+echo "UUID=${fat_uuid}  /boot           vfat    ro,defaults          0       2" | sudo tee "${BUILD_DIR}/etc/fstab"
+echo "UUID=${ext_uuid}  /               ext4    ro,defaults,noatime  0       1" | sudo tee -a "${BUILD_DIR}/etc/fstab"
+
+# Include git repo version info
+echo -n "AnotterKiosk repository version: " > "${BUILD_DIR}/version-info"
+git describe --abbrev=4 --dirty --always --tags >> "${BUILD_DIR}/version-info"
+echo >> "${BUILD_DIR}/version-info"
+
+# Mount system partitions (from the build host)
+sudo mount proc -t proc -o nosuid,noexec,nodev "${BUILD_DIR}/proc/"
+sudo mount sys -t sysfs -o nosuid,noexec,nodev,ro "${BUILD_DIR}/sys/"
+sudo mount devpts -t devtmpfs -o mode=0755,nosuid "${BUILD_DIR}/dev/"
+
+# and then actually install everything.
+sudo chroot "${BUILD_DIR}" /setup.sh
+sudo chroot "${BUILD_DIR}" /kiosk_skeleton/build.sh
+
+sudo rm -r "${BUILD_DIR}/kiosk_skeleton"
+
+cp "${BUILD_DIR}/version-info" x86kiosk.version
+
+sudo umount -fl "${BUILD_DIR}/proc"
+sudo umount -fl "${BUILD_DIR}/sys"
+sudo umount -fl "${BUILD_DIR}/dev"
+
+sudo umount "${BUILD_DIR}/proc"
+sudo umount "${BUILD_DIR}/sys"
+sudo umount "${BUILD_DIR}/dev"
+
+sudo umount "${BUILD_DIR}/boot"
+sudo umount "${BUILD_DIR}"
+
+sudo losetup -D "${ld}"

kiosk_skeleton/build.sh

@@ -22,21 +22,25 @@ chown -hR www-data:www-data /var/www/html/
 
 mkdir -p /home/pi/.config/chromium/
 chown -hR 1000:1000 /home/pi/.config/chromium/
-
+mkdir -p /home/pi/.cache
+chown -hR 1000:1000 /home/pi/.cache
 mkdir -p /home/pi/.pki/
 chown -hR 1000:1000 /home/pi/.pki/
-
 mkdir -p /home/pi/.ssh
 chown -hR 1000:1000 /home/pi/.ssh
 mkdir -p /root/.ssh
 
-# FIXME: readonly in /etc/fstab
+mkdir -p /var/lib/lightdm
+mkdir -p /var/lib/dhcpcd
+mkdir -p /var/lib/nginx
+
 echo "tmpfs		/dev/shm	tmpfs	mode=0777	0	0" >> /etc/fstab
 echo "tmpfs		/tmp		tmpfs	mode=1777	0	0" >> /etc/fstab
 echo "tmpfs		/run		tmpfs	mode=0755,nosuid,nodev	0	0" >> /etc/fstab
 echo "tmpfs		/var/log	tmpfs		defaults,noatime,nosuid,mode=0755,size=100m    0 0" >> /etc/fstab
 echo "tmpfs		/var/lib/lightdm	tmpfs	defaults,noatime,nosuid,size=30m    0 0" >> /etc/fstab
 echo "tmpfs		/var/lib/dhcpcd	tmpfs	defaults,noatime,nosuid,size=30m    0 0" >> /etc/fstab
+echo "tmpfs		/var/lib/nginx	tmpfs	defaults,noatime,nosuid,size=30m    0 0" >> /etc/fstab
 echo "tmpfs		/home/pi/.cache tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000  0       0" >> /etc/fstab
 echo "tmpfs		/home/pi/.config/chromium/ tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000  0       0" >> /etc/fstab
 echo "tmpfs		/home/pi/.pki/ tmpfs mode=0755,nosuid,nodev,uid=1000,gid=1000  0       0" >> /etc/fstab

x86_skeleton/setup.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+echo "deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list
+apt update
+apt install -y polkitd locales zstd dhcpcd wpa_supplicant
+locale-gen en_US.UTF-8
+
+apt install -y firmware-amd-graphics firmware-iwlwifi firmware-brcm80211 firmware-atheros firmware-misc-nonfree firmware-realtek
+
+echo "grub-efi-amd64 grub2/force_efi_extra_removable boolean true" | debconf-set-selections
+update-grub
+grub-install --target=x86_64-efi --efi-directory=/boot --removable --bootloader-id=AnotterKiosk 
+
+useradd -U -m -s /bin/bash -u 1000 -G audio,video,users,input,adm,dialout,plugdev,render pi
+
+systemctl enable dhcpcd
+
+rm /etc/resolv.conf
+echo "nameserver 8.8.8.8" > /etc/resolv.conf
+echo "nameserver 2001:4860:4860::8888" >> /etc/resolv.conf
+echo "nameserver 8.8.4.4" >> /etc/resolv.conf
+echo "nameserver 2001:4860:4860::8844" >> /etc/resolv.conf