diff --git a/.gitignore b/.gitignore index e540866..cd059d2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ -debian -voyage -netboot +ansible-venv +*.retry +results +rootfs diff --git a/README.md b/README.md index d75735c..3b8b80d 100755 --- a/README.md +++ b/README.md @@ -1,21 +1,123 @@ pxe-server ========== -This repository contains PXE server that should help in installing, testing and -developing operating systems and firmware for PXE-capable platforms. +This repository contains PXE server (TFTP+NFS) that should help in installing, +testing and developing operating systems and firmware for PXE-capable +platforms. It was inspired by effort required to test PC Engines apu2 platform. +We use PXE server without DHCP, what may cause problems to BSD systems and is +subject of our further work on this project. Usage ----- +# pxe-server deployment + +## Ansible setup + +``` +virtualenv ansible-venv +source ansible-venv/bin/activate +pip install ansible +ansible-galaxy install angstwad.docker_ubuntu +ansible-galaxy install debops.apt_preferences +ssh-keygen -f ~/.ssh/ansible +ssh-add ~/.ssh/ansible +ssh-copy-id -i ~/.ssh/ansible @ +``` + +## Initial deployment + +### Rootfs components creation + ``` -git clone https://github.com/3mdeb/pxe-server.git -cd pxe-server -NFS_SRV_IP= ./init.sh +docker run --privileged --rm -v $HOME/.ansible:/root/.ansible \ +-v $HOME/.ccache:/home/debian/.ccache -v $PWD:/home/debian/scripts \ +-t -i 3mdeb/rootfs-builder ansible-playbook -i hosts \ +/home/debian/scripts/create-rootfs-components.yml ``` +### Rootfs preparation + +``` +docker run --privileged --rm -v $HOME/.ansible:/root/.ansible \ +-v $HOME/.ccache:/home/debian/.ccache -v $PWD:/home/debian/scripts \ +-t -i 3mdeb/rootfs-builder ansible-playbook -i hosts \ +/home/debian/scripts/prepare-rootfs.yml +``` + +### Deploy + +Following procedure assume deployment on clean Debian as target system: + +``` +ansible-playbook -i "," -b --ask-become-pass pxe-server.yml +``` + +### Tests + +`v1.0.0` tests results: + +| Description | Result | +| --- | --- | +| XEN1.2 Verify if IOMMU is enabled | PASS | +| XEN1.4 Verify if IOMMU is enabled on Xen Linux dev | PASS | +| XEN1.5 Verify if IOMMU is enabled on Xen dev | PASS | +| DEB1.1 Debian from iPXE 4.14.y | PASS | +| DEB1.5 Debian from iPXE 4.9.y | PASS | +| TCL1.1 Boot to Core 6.4 booted over iPXE | PASS | +| VOY1.1 Boot into Voyage installer | PASS | +| PFS1.1 pfSense 2.4.x install test | PASS | + + +### Performance + +``` +Tuesday 21 August 2018 17:47:35 +0200 (0:00:00.820) 0:05:09.644 ******** +=============================================================================== +apt ------------------------------------------------------------------- 136.75s +copy ------------------------------------------------------------------- 63.61s +docker ----------------------------------------------------------------- 51.06s +unarchive -------------------------------------------------------------- 36.18s +get_url ---------------------------------------------------------------- 10.50s +netboot ----------------------------------------------------------------- 4.56s +setup ------------------------------------------------------------------- 2.49s +file -------------------------------------------------------------------- 2.33s +mount ------------------------------------------------------------------- 0.91s +command ----------------------------------------------------------------- 0.82s +debops.apt_preferences -------------------------------------------------- 0.25s +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +total ----------------------------------------------------------------- 309.46s +Tuesday 21 August 2018 17:47:35 +0200 (0:00:00.820) 0:05:09.633 ******** +=============================================================================== +apt : Install essential packages --------------------------------------- 99.51s +Copy Debian rootfs ----------------------------------------------------- 59.49s +docker : Start 3mdeb/pxe-server Docker container ----------------------- 35.68s +Unarchive Debian rootfs ------------------------------------------------ 31.32s +apt : Remove cdrom repo ------------------------------------------------ 12.19s +docker : Install docker ------------------------------------------------ 10.67s +Get Voyage ------------------------------------------------------------- 10.50s +apt : Add trffic manager stable deb repo -------------------------------- 8.19s +apt : Add trffic manager stable deb-src repo ---------------------------- 6.65s +Unarchive Voyage -------------------------------------------------------- 4.86s +apt : Add Docker repo --------------------------------------------------- 4.47s +apt : Add Docker CE key to apt ------------------------------------------ 4.02s +docker : Install docker-py ---------------------------------------------- 3.88s +Gathering Facts --------------------------------------------------------- 2.49s +Copy Linux 4.14.y ------------------------------------------------------- 2.24s +Copy Linux 4.9.y -------------------------------------------------------- 1.88s +apt : Install apt-transport-https --------------------------------------- 1.73s +netboot : deploy menu.ipxe ---------------------------------------------- 1.43s +netboot : copy preseed.cfg ---------------------------------------------- 1.04s +Create /var/voyage ------------------------------------------------------ 1.01s +Playbook run took 0 days, 0 hours, 5 minutes, 9 seconds +``` + +==== + + `init.sh` downloads all necessary files, OS images, PXE and extracts them in proper directories. @@ -105,4 +207,3 @@ Requesting configuration that many times makes a little mess, so as a temporary workaround add a static IP for the `net0/eth0` interface on Your DHCP server. The IP address requested will remain the same and so the problems will be gone too. - diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..e209fcb --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,2 @@ +[defaults] +callback_whitelist = profile_tasks, profile_roles, timer diff --git a/apt-cacher/Dockerfile b/apt-cacher/Dockerfile new file mode 100644 index 0000000..a44a417 --- /dev/null +++ b/apt-cacher/Dockerfile @@ -0,0 +1,17 @@ +# +# Build: docker build -t apt-cacher . +# Run: docker run -d -p 3142:3142 --name apt-cacher-run apt-cacher +# +# and then you can run containers with: +# docker run -t -i --rm -e http_proxy http://dockerhost:3142/ debian bash +# +# Here, `dockerhost` is the IP address or FQDN of a host running the Docker daemon +# which acts as an APT proxy server. +FROM ubuntu + +VOLUME ["/var/cache/apt-cacher-ng"] +RUN apt-get update && apt-get install -y apt-cacher-ng + +RUN sed -i "s|\# PassThroughPattern: .* \# this would allow CONNECT to everything|PassThroughPattern: .* \# this would allow CONNECT to everything|g" /etc/apt-cacher-ng/acng.conf +EXPOSE 3142 +CMD chmod 777 /var/cache/apt-cacher-ng && /etc/init.d/apt-cacher-ng start && tail -f /var/log/apt-cacher-ng/* diff --git a/apt-cacher/build.sh b/apt-cacher/build.sh new file mode 100755 index 0000000..40c193e --- /dev/null +++ b/apt-cacher/build.sh @@ -0,0 +1 @@ +docker build -t apt-cacher . diff --git a/create-rootfs-components.yml b/create-rootfs-components.yml new file mode 100644 index 0000000..075b086 --- /dev/null +++ b/create-rootfs-components.yml @@ -0,0 +1,9 @@ +--- +- name: build rootfs, kernels and prepare chroot + hosts: localhost + connection: local + roles: + - { role: 'common', tags: 'rootfs_prepare' } + - { role: 'debootstrap', tags: 'rootfs_prepare' } + - { role: 'linux-kernel', version: "{{ linux_4_9 }}", config: "{{ apu_config }}", tags: 'rootfs_prepare' } + - { role: 'linux-kernel', version: "{{ linux_4_14 }}", config: "{{ apu_config }}", tags: 'rootfs_prepare' } diff --git a/deploy-meta-virtualization.yml b/deploy-meta-virtualization.yml new file mode 100644 index 0000000..d6d04d2 --- /dev/null +++ b/deploy-meta-virtualization.yml @@ -0,0 +1,29 @@ +--- +- hosts: all + user: debian + become: yes + become_user: root + become_method: su + roles: + - { role: 'common' } + - { role: 'docker' } + - { role: 'deploy_xen' } + + tasks: + - name: Mount nfsd + mount: + path: /proc/fs/nfsd + src: nfsd + fstype: nfsd + state: present + - name: Mount xen-image-minimal-genericx86-64.ext4 + mount: + path: /var/xen-dev + src: /var/xen-image-minimal-genericx86-64.ext4 + fstype: ext4 + state: present + - name: Restart server + command: /sbin/shutdown -r +1 + async: 0 + poll: 0 + ignore_errors: true diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..e7a7813 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,7 @@ +version: '3' +services: + apt-cacher: + image: apt-cacher + ports: + - "3142:3142" + container_name: apt-cacher-run diff --git a/hosts b/hosts new file mode 100644 index 0000000..86f2ad4 --- /dev/null +++ b/hosts @@ -0,0 +1,2 @@ +[rootfs_chroot] +/home/debian/scripts/rootfs diff --git a/prepare-rootfs.yml b/prepare-rootfs.yml new file mode 100644 index 0000000..d66f979 --- /dev/null +++ b/prepare-rootfs.yml @@ -0,0 +1,25 @@ +- name: chroot mount + hosts: localhost + connection: local + roles: + - { role: 'common', tags: 'rootfs_prepare' } + - { role: 'chroot_mount', tags: 'install_in_rootfs' } + +- name: intall kernels and all remaining packages + hosts: rootfs_chroot + connection: chroot + roles: + - { role: 'common', tags: 'install_in_rootfs' } + - { role: 'config', tags: 'install_in_rootfs' } + - { role: 'packages', tags: 'install_in_rootfs' } + - { role: 'linux-install', version: "{{ linux_4_9 }}", tags: 'install_in_rootfs' } + - { role: 'linux-install', version: "{{ linux_4_14 }}", tags: 'install_in_rootfs' } + - { role: 'chroot_cleanup', tags: 'install_in_rootfs' } + +- name: umount chroot and prepare artifacts + hosts: localhost + connection: local + roles: + - { role: 'chroot_umount', tags: 'install_in_rootfs' } + - { role: 'common', tags: 'install_in_rootfs' } + - { role: 'prepare_artifacts', tags: 'install_in_rootfs' } diff --git a/pxe-server.yml b/pxe-server.yml new file mode 100644 index 0000000..35cc811 --- /dev/null +++ b/pxe-server.yml @@ -0,0 +1,37 @@ +--- +- hosts: all + user: debian + become: yes + become_user: root + become_method: su + roles: + - { role: 'common' } + - { role: 'debops.apt_preferences' } + - { role: 'apt' } + - { role: 'docker' } + - { role: 'netboot' } + - { role: 'tinycoreos' } + - { role: 'deploy_artifacts' } + - { role: 'voyage' } + + tasks: + + - name: copy core.gz to /var/netboot + copy: + src: /tmp/core.gz + dest: /var/netboot/core.gz + remote_src: yes + + - name: Mount nfsd + mount: + path: /proc/fs/nfsd + src: nfsd + fstype: nfsd + state: present + + - name: Restart server + command: /sbin/shutdown -r +1 + async: 0 + poll: 0 + ignore_errors: true + diff --git a/roles/apt/tasks/main.yml b/roles/apt/tasks/main.yml new file mode 100644 index 0000000..242da5f --- /dev/null +++ b/roles/apt/tasks/main.yml @@ -0,0 +1,38 @@ +- name: Remove cdrom repo + apt_repository: + repo: deb cdrom:[Debian GNU/Linux 9.4.0 _Stretch_ - Official amd64 xfce-CD Binary-1 20180310-11:21]/ stretch main + state: absent + +- name: Add trffic manager stable deb repo + apt_repository: + repo: deb http://debian-archive.trafficmanager.net/debian/ stable main contrib non-free + state: present + +- name: Add trffic manager stable deb-src repo + apt_repository: + repo: deb-src http://debian-archive.trafficmanager.net/debian/ stable main contrib non-free + state: present + +- name: Install apt-transport-https + apt: + name: apt-transport-https + state: present +- name: Add Docker CE key to apt + apt_key: + url: https://download.docker.com/linux/debian/gpg + state: present + +- name: Add Docker repo + apt_repository: + repo: deb [arch=amd64] https://download.docker.com/linux/debian stretch stable + state: present + +- name: Install essential packages + apt: + name: "{{ item }}" + state: present + update_cache: yes + with_items: + - docker-ce + - python-pip + - gzip diff --git a/roles/chroot_cleanup/tasks/main.yml b/roles/chroot_cleanup/tasks/main.yml new file mode 100644 index 0000000..912e15c --- /dev/null +++ b/roles/chroot_cleanup/tasks/main.yml @@ -0,0 +1,2 @@ +- name: clean apt cache + command: apt clean diff --git a/roles/chroot_mount/tasks/main.yml b/roles/chroot_mount/tasks/main.yml new file mode 100644 index 0000000..421da59 --- /dev/null +++ b/roles/chroot_mount/tasks/main.yml @@ -0,0 +1,21 @@ +- name: mount /proc + mount: + path: "{{ rootfs_dir }}/proc" + src: /proc + opts: bind + fstype: proc + state: present +- name: mount /dev + mount: + path: "{{ rootfs_dir }}/dev" + src: /dev + opts: bind + fstype: devtmpfs + state: present +- name: mount /dev/pts + mount: + path: "{{ rootfs_dir }}/dev/pts" + src: /dev/pts + opts: bind + fstype: devpts + state: present diff --git a/roles/chroot_umount/tasks/main.yml b/roles/chroot_umount/tasks/main.yml new file mode 100644 index 0000000..d82c31f --- /dev/null +++ b/roles/chroot_umount/tasks/main.yml @@ -0,0 +1,18 @@ +- name: unmount /dev/pts + mount: + path: "{{ rootfs_dir }}/dev/pts" + src: /dev/pts + opts: bind + state: absent +- name: unmount /dev + mount: + path: "{{ rootfs_dir }}/dev/pts" + src: /dev/pts + opts: bind + state: absent +- name: unmount /proc + mount: + path: "{{ rootfs_dir }}/dev/pts" + src: /dev/pts + opts: bind + state: absent diff --git a/roles/common/vars/main.yml b/roles/common/vars/main.yml new file mode 100644 index 0000000..ef826e2 --- /dev/null +++ b/roles/common/vars/main.yml @@ -0,0 +1,8 @@ +release_version: "v1.1.1" +linux_4_9: "4.9.128" +linux_4_14: "4.14.71" +apu_config: "" +rootfs_tar_gz: "{{ results_dir }}/rootfs-{{ release_version }}.tar.gz" +rootfs_dir: "/home/debian/scripts/rootfs" +results_dir: "/home/debian/scripts/results" +xen_version: "4.11-amd64" diff --git a/roles/config/files/fstab b/roles/config/files/fstab new file mode 100644 index 0000000..43061d2 --- /dev/null +++ b/roles/config/files/fstab @@ -0,0 +1,2 @@ +/proc /proc proc defaults 0 0 +/sys /sys sysfs defaults 0 0 diff --git a/roles/config/files/issue b/roles/config/files/issue new file mode 100644 index 0000000..319563e --- /dev/null +++ b/roles/config/files/issue @@ -0,0 +1,2 @@ +Debian GNU/Linux 9 \n \l [root:debian] + diff --git a/roles/config/tasks/main.yml b/roles/config/tasks/main.yml new file mode 100644 index 0000000..308e88c --- /dev/null +++ b/roles/config/tasks/main.yml @@ -0,0 +1,16 @@ +- name: replace fstab + copy: + src: files/fstab + dest: /etc/fstab + +- name: replace issue + copy: + src: files/issue + dest: /etc/issue + +- name: change root password + shell: echo root:debian|chpasswd + +- name: configure hostname + hostname: + name: rootfs-{{ release_version }} diff --git a/roles/debootstrap/tasks/main.yml b/roles/debootstrap/tasks/main.yml new file mode 100644 index 0000000..73ddabb --- /dev/null +++ b/roles/debootstrap/tasks/main.yml @@ -0,0 +1,24 @@ +- name: check if "{{ rootfs_tar_gz }}" exist + stat: + path: "{{ rootfs_tar_gz }}" + register: rootfs_file + +- name: cleanup rootfs dir + file: + state: absent + path: "{{ rootfs_dir }}" + when: not rootfs_file.stat.exists + +- name: cleanup rootfs dir + file: + state: directory + path: "{{ rootfs_dir }}" + when: not rootfs_file.stat.exists + +- name: debootstrap first stage + command: debootstrap --foreign --include=python --arch amd64 sid {{ rootfs_dir }} http://deb.debian.org/debian + when: not rootfs_file.stat.exists + +- name: debootstrap second stage + command: chroot {{ rootfs_dir }} /debootstrap/debootstrap --second-stage + when: not rootfs_file.stat.exists diff --git a/roles/deploy_artifacts/tasks/main.yml b/roles/deploy_artifacts/tasks/main.yml new file mode 100644 index 0000000..495a4e6 --- /dev/null +++ b/roles/deploy_artifacts/tasks/main.yml @@ -0,0 +1,42 @@ +- name: Copy Debian rootfs + copy: + src: "results/rootfs-{{ release_version }}.tar.gz" + dest: /tmp/rootfs-{{ release_version }}.tar.gz + +- name: Copy Linux 4.9.y + copy: + src: "results/vmlinuz-{{ linux_4_9 }}" + dest: /var/netboot/kernels/vmlinuz-{{ linux_4_9 }} + +- name: Copy Linux 4.14.y + copy: + src: "results/vmlinuz-{{ linux_4_14 }}" + dest: /var/netboot/kernels/vmlinuz-{{ linux_4_14 }} + +- name: Copy Xen {{ xen_version }} + copy: + src: "results/xen-{{ xen_version }}" + dest: "/var/netboot/kernels/xen-{{ xen_version }}" + +- name: create Linux 4.14.y symlink + file: + src: vmlinuz-{{ linux_4_14 }} + dest: /var/netboot/kernels/vmlinuz-4.14.y + state: link + force: yes + +- name: create Linux 4.9.y symlink + file: + src: vmlinuz-{{ linux_4_9 }} + dest: /var/netboot/kernels/vmlinuz-4.9.y + state: link + force: yes + +- name: Unarchive Debian rootfs + unarchive: + src: /tmp/rootfs-{{ release_version }}.tar.gz + dest: /var + remote_src: yes + keep_newer: yes + group: debian + owner: debian diff --git a/roles/deploy_xen/tasks/main.yml b/roles/deploy_xen/tasks/main.yml new file mode 100644 index 0000000..0954d45 --- /dev/null +++ b/roles/deploy_xen/tasks/main.yml @@ -0,0 +1,21 @@ +- name: Copy Linux Xen dev + copy: + src: "results/vmlinuz-xen-dev" + dest: /var/netboot/kernels/vmlinuz-xen-dev + +- name: Copy Xen dev gz + copy: + src: "results/xen-dev.gz" + dest: /var/netboot/kernels/xen-dev.gz + +- name: Unarchive Xen dev gz + command: gunzip -f /var/netboot/kernels/xen-dev.gz + +- name: Copy xen-image-minimal-genericx86-64.ext4.gz + copy: + src: "results/xen-image-minimal-genericx86-64.ext4.gz" + dest: /var/xen-image-minimal-genericx86-64.ext4.gz + +- name: Unarchive xen-image-minimal-genericx86-64.ext4.gz + command: gunzip -f /var/xen-image-minimal-genericx86-64.ext4.gz + diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml new file mode 100644 index 0000000..c53e0fd --- /dev/null +++ b/roles/docker/tasks/main.yml @@ -0,0 +1,56 @@ + +- name: Install docker-py + pip: + name: docker-py + state: absent + +- name: Install stuptools + pip: + name: setuptools + +- name: Install docker + pip: + name: docker + +- name: add default user to docker group + user: + name: debian + groups: docker + append: yes + +- name: Start 3mdeb/pxe-server Docker container + docker_container: + name: pxe-server + state: started + image: 3mdeb/pxe-server:latest + pull: yes + command: bash /usr/local/bin/run.sh + restart: yes + restart_policy: always + privileged: yes + published_ports: + - "111:111/tcp" + - "2049:2049/tcp" + - "8000:8000/tcp" + - "627:627/tcp" + - "627:627/udp" + - "875:875/tcp" + - "875:875/udp" + - "892:892/tcp" + - "892:892/udp" + - "111:111/udp" + - "2049:2049/udp" + - "10053:10053/udp" + - "10053:10053/tcp" + - "32769:32769/tcp" + - "32769:32769/udp" + - "32765:32765/tcp" + - "32765:32765/udp" + - "32766:32766/tcp" + - "32766:32766/udp" + - "32767:32767/tcp" + - "32767:32767/udp" + volumes: + - /var/netboot:/srv/http + - /var/rootfs:/srv/nfs/debian + - /var/voyage:/srv/nfs/voyage diff --git a/roles/linux-install/tasks/main.yml b/roles/linux-install/tasks/main.yml new file mode 100644 index 0000000..498c97d --- /dev/null +++ b/roles/linux-install/tasks/main.yml @@ -0,0 +1,14 @@ +- name: check if /lib/modules/{{ version }} exist + stat: + path: "/lib/modules/{{ version }}" + register: mod_dir +- name: install Linux "{{ version }}" + apt: + deb: "{{ item }}" + with_items: + - linux-headers-{{ version }}_{{ version }}-1_amd64.deb + - linux-image-{{ version }}_{{ version }}-1_amd64.deb + - linux-image-{{ version }}-dbg_{{ version }}-1_amd64.deb + - linux-libc-dev_{{ version }}-1_amd64.deb + when: + - not mod_dir.stat.exists diff --git a/roles/linux-kernel/tasks/main.yml b/roles/linux-kernel/tasks/main.yml new file mode 100644 index 0000000..945bed7 --- /dev/null +++ b/roles/linux-kernel/tasks/main.yml @@ -0,0 +1,109 @@ +- name: check linux_headers + stat: + path: "{{ rootfs_dir }}/linux-headers-{{ version }}_{{ version }}-1_amd64.deb" + register: linux_headers +- name: check linux_image_dbg + stat: + path: "{{ rootfs_dir }}/linux-image-{{ version }}-dbg_{{ version }}-1_amd64.deb" + register: linux_image_dbg +- name: check linux_image + stat: + path: "{{ rootfs_dir }}/linux-image-{{ version }}_{{ version }}-1_amd64.deb" + register: linux_image +- name: check linux_libc + stat: + path: "{{ rootfs_dir }}/linux-libc-dev_{{ version }}-1_amd64.deb" + register: linux_libc +- name: check vmlinuz + stat: + path: "{{ results_dir }}/vmlinuz-{{ version }}" + register: vmlinuz +- name: check config + stat: + path: "{{ results_dir }}/config-{{ version }}" + register: config_ver + +- name: get Linux "{{ version }}" + get_url: + url: https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-{{ version }}.tar.gz + # TODO: nice would be remote checksum that can verify if package is fine + dest: "{{ rootfs_dir }}/linux-{{ version }}.tar.gz" + register: result + until: result is succeeded + retries: 3 + delay: 3 + when: + - not config_ver.stat.exists or not vmlinuz.stat.exists or not linux_libc.stat.exists or not linux_image.stat.exists or not linux_image_dbg.stat.exists or not linux_headers.stat.exists + +- name: decompress Linux "{{ version }}" + unarchive: + src: "{{ rootfs_dir }}/linux-{{ version }}.tar.gz" + dest: "{{ rootfs_dir }}" + creates: "{{ rootfs_dir }}/linux-{{ version }}" + when: + - not config_ver.stat.exists or not vmlinuz.stat.exists or not linux_libc.stat.exists or not linux_image.stat.exists or not linux_image_dbg.stat.exists or not linux_headers.stat.exists + +- name: make mrproper + command: make mrproper + args: + chdir: "{{ rootfs_dir }}/linux-{{ version }}" + when: + - not config_ver.stat.exists or not vmlinuz.stat.exists or not linux_libc.stat.exists or not linux_image.stat.exists or not linux_image_dbg.stat.exists or not linux_headers.stat.exists + +- name: copy kernel config + copy: + src: "{{ results_dir }}/config-{{ version }}" + dest: "{{ rootfs_dir }}/linux-{{ version }}/.config" + when: + - not config_ver.stat.exists or not vmlinuz.stat.exists or not linux_libc.stat.exists or not linux_image.stat.exists or not linux_image_dbg.stat.exists or not linux_headers.stat.exists + +- name: make olddefconfig + command: make olddefconfig + args: + chdir: "{{ rootfs_dir }}/linux-{{ version }}" + when: + - not config_ver.stat.exists or not vmlinuz.stat.exists or not linux_libc.stat.exists or not linux_image.stat.exists or not linux_image_dbg.stat.exists or not linux_headers.stat.exists + +- name: make deb-pkg + command: make -j{{ ansible_processor_vcpus }} deb-pkg bzImage + #command: make deb-pkg bzImage + args: + chdir: "{{ rootfs_dir }}/linux-{{ version }}" + creates: + - "{{ rootfs_dir }}/linux-headers-{{ version }}_{{ version }}-1_amd64.deb" + - "{{ rootfs_dir }}/linux-image-{{ version }}-dbg_{{ version }}-1_amd64.deb" + - "{{ rootfs_dir }}/linux-image-{{ version }}_{{ version }}-1_amd64.deb" + - "{{ rootfs_dir }}/linux-libc-dev_{{ version }}-1_amd64.deb" + ignore_errors: yes + when: + - not config_ver.stat.exists or not vmlinuz.stat.exists or not linux_libc.stat.exists or not linux_image.stat.exists or not linux_image_dbg.stat.exists or not linux_headers.stat.exists + +#TODO: this is for netboot/kernels directory +- name: copy bzImage to known location + copy: + src: "{{ rootfs_dir }}/linux-{{ version }}/arch/x86/boot/bzImage" + dest: "{{ results_dir }}/vmlinuz-{{ version }}" + when: + - not config_ver.stat.exists or not vmlinuz.stat.exists or not linux_libc.stat.exists or not linux_image.stat.exists or not linux_image_dbg.stat.exists or not linux_headers.stat.exists + +# TODO: save config for further commit to apu2-documentation +- name: copy .config to known location + copy: + src: "{{ rootfs_dir }}/linux-{{ version }}/.config" + dest: "{{ results_dir }}/config-{{ version }}" + when: + - not config_ver.stat.exists or not vmlinuz.stat.exists or not linux_libc.stat.exists or not linux_image.stat.exists or not linux_image_dbg.stat.exists or not linux_headers.stat.exists + +- name: remove everything except artifacts + file: + path: "{{ rootfs_dir }}/{{ item }}" + state: absent + with_items: + - linux-{{ version }} + - linux-{{ version }}.tar.gz + - linux-{{ version }}_{{ version }}-1_amd64.changes + - linux-{{ version }}_{{ version }}-1.debian.tar.gz + - linux-{{ version }}_{{ version }}-1.dsc + - linux-{{ version }}_{{ version }}.orig.tar.gz + when: + - not config_ver.stat.exists or not vmlinuz.stat.exists or not linux_libc.stat.exists or not linux_image.stat.exists or not linux_image_dbg.stat.exists or not linux_headers.stat.exists diff --git a/roles/netboot/files/preseed.cfg b/roles/netboot/files/preseed.cfg new file mode 100644 index 0000000..9f771c6 --- /dev/null +++ b/roles/netboot/files/preseed.cfg @@ -0,0 +1,48 @@ +d-i debian-installer/locale string en_US +d-i debian-installer/language string en +d-i debian-installer/country string US + +# Skip creation of a normal user account. +d-i passwd/make-user boolean false +d-i passwd/root-login boolean true +# printf "debian" | mkpasswd -s -m sha-512 +d-i passwd/root-password-crypted password $6$H/WJeEJc$0HnpUXUtjPR/RMpD3qxvb.OGJgTY425jnZn6a9X0YrhGXyEifkR5kTJ20zpv9etzI0k.a9j2G4jMUZjx1XCIH0 +d-i user-setup/allow-password-weak boolean true +d-i netcfg/choose_interface select auto +d-i netcfg/get_hostname string unassigned-hostname +d-i netcfg/get_domain string unassigned-domain +d-i mirror/country string manual +d-i mirror/http/hostname string ftp.pl.debian.org +d-i mirror/http/directory string /debian +d-i mirror/http/proxy string +d-i clock-setup/utc boolean true +d-i clock-setup/ntp boolean true +d-i time/zone string Europe/Warsaw +d-i partman/mount_style select uuid +d-i partman/confirm boolean true +d-i partman/choose_partition select finish +d-i partman/confirm_nooverwrite boolean true +d-i partman-auto/disk string /dev/disk/by-path/pci-0000:00:10.0-usb-0:1:1.0-scsi-0:0:0:0 +d-i partman-auto/method string regular +d-i partman-auto/choose_recipe select atomic +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true +d-i partman-auto-lvm/guided_size string max +d-i partman-partitioning/confirm_write_new_label boolean true + +d-i grub-installer/grub2_instead_of_grub_legacy boolean true +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666974 +d-i grub-installer/only_debian boolean false +d-i grub-installer/bootdev string /dev/disk/by-path/pci-0000:00:10.0-usb-0:1:1.0-scsi-0:0:0:0 +d-i pkgsel/update-policy select none +d-i pkgsel/include string openssh-server +d-i pkgsel/install-language-support boolean false +d-i finish-install/reboot_in_progress note + +d-i base-installer/install-recommends boolean false +popularity-contest popularity-contest/participate boolean false +tasksel tasksel/first multiselect minimal + +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852323 + SSH +d-i preseed/late_command string update-dev; in-target update-grub; in-target sh -c 'sed -i "s/^#PermitRootLogin.*\$/PermitRootLogin yes/g" /etc/ssh/sshd_config'; diff --git a/roles/netboot/files/preseed_ubuntu.cfg b/roles/netboot/files/preseed_ubuntu.cfg new file mode 100644 index 0000000..43b3b8a --- /dev/null +++ b/roles/netboot/files/preseed_ubuntu.cfg @@ -0,0 +1,54 @@ +d-i debian-installer/locale string en_US +d-i debian-installer/language string en +d-i debian-installer/country string US + +# Skip creation of a normal user account. +d-i passwd/make-user boolean false +d-i passwd/root-login boolean true +# printf "ubuntu" | mkpasswd -s -m sha-512 +d-i passwd/root-password-crypted password $6$KC5aQVTfAEj$cfUlQi1422C09If79rNXZjavnrUWcXz5EVYBJ77sX9sb8EZoKBWpNNAerBo.Rix/4s/oryqKsws9dL3IKrwLt1 +d-i user-setup/allow-password-weak boolean true +d-i netcfg/choose_interface select auto +d-i netcfg/get_hostname string unassigned-hostname +d-i netcfg/get_domain string unassigned-domain +d-i mirror/country string manual +d-i mirror/http/hostname string http://pl.archive.ubuntu.com +d-i mirror/http/directory string /ubuntu +d-i mirror/http/proxy string +d-i clock-setup/utc boolean true +d-i clock-setup/ntp boolean true +d-i time/zone string Europe/Warsaw +d-i partman/mount_style select uuid +d-i partman/confirm boolean true +d-i partman/choose_partition select finish +d-i partman/confirm_nooverwrite boolean true +d-i partman-auto/disk string /dev/disk/by-path/pci-0000:00:10.0-usb-0:1:1.0-scsi-0:0:0:0 +d-i partman-auto/method string regular +d-i partman-auto/choose_recipe select atomic +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true +d-i partman-auto-lvm/guided_size string max +d-i partman-partitioning/confirm_write_new_label boolean true + +d-i grub-installer/grub2_instead_of_grub_legacy boolean true +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666974 +d-i grub-installer/only_debian boolean false +d-i grub-installer/bootdev string /dev/disk/by-path/pci-0000:00:10.0-usb-0:1:1.0-scsi-0:0:0:0 +d-i pkgsel/update-policy select none +d-i pkgsel/include string openssh-server +d-i pkgsel/install-language-support boolean false +d-i finish-install/reboot_in_progress note + +# disable /home encryption +d-i user-setup/encrypt-home boolean false + +# https://ubuntuforums.org/showthread.php?t=2215103 +d-i preseed/early_command string umount /media || true + +d-i base-installer/install-recommends boolean false +popularity-contest popularity-contest/participate boolean false +tasksel tasksel/first multiselect minimal + +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852323 + SSH +d-i preseed/late_command string update-dev; in-target update-grub; in-target sh -c 'sed -i "s/^#*PermitRootLogin.*\$/PermitRootLogin yes/g" /etc/ssh/sshd_config'; diff --git a/roles/netboot/tasks/main.yml b/roles/netboot/tasks/main.yml new file mode 100644 index 0000000..c7c81e4 --- /dev/null +++ b/roles/netboot/tasks/main.yml @@ -0,0 +1,44 @@ +- name: copy preseed.cfg + copy: + src: files/preseed.cfg + dest: /var/netboot/preseed.cfg + +- name: copy preseed_ubuntu.cfg + copy: + src: files/preseed_ubuntu.cfg + dest: /var/netboot/preseed_ubuntu.cfg + +- name: deploy menu.ipxe + template: + src: templates/menu.ipxe.j2 + dest: /var/netboot/menu.ipxe + +- name: create kernels directory + file: + path: /var/netboot/kernels + state: directory + +- name: create Xen dev symlink + file: + src: xen-4.8-amd64 + dest: /var/netboot/kernels/xen-dev + state: link + #TODO: remove force after adding xen kernel + force: yes + +- name: create Linux dev symlink + file: + src: vmlinuz-4.14.y + dest: /var/netboot/kernels/vmlinuz-dev + state: link + #TODO: remove force after adding xen kernel + force: yes + +#Following kernels should be deployed to /var/netboot/kernels + +#TODO: obtain Xen kernel from debian - artifact of rootfs building +#TODO: obtain Debian with 4.9.y - artifact of rootfs building +#TODO: obtain Debian with 4.14.y - artifact of rootfs building + +#TODO: obtain Voyage Linux - have to be obtained from our cloud, since we do +#not support extraction from ISO diff --git a/roles/netboot/templates/menu.ipxe.j2 b/roles/netboot/templates/menu.ipxe.j2 new file mode 100644 index 0000000..b4f260c --- /dev/null +++ b/roles/netboot/templates/menu.ipxe.j2 @@ -0,0 +1,94 @@ +#!ipxe +# +:MENU +menu +item --gap -- ---------------- iPXE boot menu ---------------- +item shell ipxe shell +item xen Xen +item xen-dev Xen dev +item xen-linux-dev Xen Linux dev +item deb-netboot-dev Debian stable netboot dev +item deb-netboot-4.9.y Debian stable netboot 4.9.y +item deb-netboot-4.14.y Debian stable netboot 4.14.y +item deb-stable-netinst Debian stable netinst +item deb-i386-stable-netinst Debian i386 stable netinst +item voyage-netinst Voyage netinst 0.11.0 +item ubuntu-lts-netinst Ubuntu LTS netinst +item coreos-netinst Core OS netinst +item core-6.4 Core 6.4 +item --gap -- ------------ iPXE boot menu end ---------------- +choose --default boot --timeout 3000 target && goto ${target} + +:xen +kernel kernels/xen-{{ xen_version }} dom0_mem=512M loglvl=all guest_loglvl=all com1=115200,8n1 console=com1 +module kernels/vmlinuz-4.14.y console=hvc0 earlyprintk=xen nomodeset root=/dev/nfs rw ip=dhcp nfsroot={{ ansible_default_ipv4.address }}:/srv/nfs/debian,vers=3,udp nfsrootdebug +boot +goto MENU + +:xen-dev +kernel kernels/xen-dev dom0_mem=512M loglvl=all guest_loglvl=all com1=115200,8n1 console=com1 +module kernels/vmlinuz-xen-dev console=hvc0 earlyprintk=xen nomodeset root=/dev/nfs rw ip=dhcp nfsroot={{ ansible_default_ipv4.address }}:/srv/nfs/debian,vers=3,udp nfsrootdebug +boot +goto MENU + +:xen-linux-dev +kernel kernels/xen-{{ xen_version }} dom0_mem=512M loglvl=all guest_loglvl=all com1=115200,8n1 console=com1 +module kernels/vmlinuz-dev console=hvc0 earlyprintk=xen nomodeset root=/dev/nfs rw ip=dhcp nfsroot={{ ansible_default_ipv4.address }}:/srv/nfs/debian,vers=3,udp nfsrootdebug +boot +goto MENU + +:deb-netboot-dev +kernel kernels/vmlinuz-dev bootfile=http://{{ ansible_default_ipv4.address }}:8000/menu.ipxe root=/dev/nfs rw ip=dhcp nfsroot={{ ansible_default_ipv4.address }}:/srv/nfs/debian,vers=3,udp nfsrootdebug --- console=ttyS0,115200 earlyprint=serial,ttyS0,115200 +boot +goto MENU + +:deb-netboot-4.9.y +kernel kernels/vmlinuz-4.9.y bootfile=http://{{ ansible_default_ipv4.address }}:8000/menu.ipxe root=/dev/nfs rw ip=dhcp nfsroot={{ ansible_default_ipv4.address }}:/srv/nfs/debian,vers=3,udp nfsrootdebug --- console=ttyS0,115200 earlyprint=serial,ttyS0,115200 +boot +goto MENU + +:deb-netboot-4.14.y +kernel kernels/vmlinuz-4.14.y bootfile=http://{{ ansible_default_ipv4.address }}:8000/menu.ipxe root=/dev/nfs rw ip=dhcp nfsroot={{ ansible_default_ipv4.address }}:/srv/nfs/debian,vers=3,udp nfsrootdebug --- console=ttyS0,115200 earlyprint=serial,ttyS0,115200 +boot +goto MENU + +:deb-stable-netinst +kernel http://ftp.nl.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/linux bootfile=http://{{ ansible_default_ipv4.address }}:8000/menu.ipxe --- console=ttyS0,115200 earlyprint=serial,ttyS0,115200 initrd=http://ftp.nl.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz +initrd http://ftp.nl.debian.org/debian/dists/stable/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz +boot +goto MENU + +:deb-i386-stable-netinst +kernel http://ftp.nl.debian.org/debian/dists/stable/main/installer-i386/current/images/netboot/debian-installer/i386/linux bootfile=http://{{ ansible_default_ipv4.address }}:8000/menu.ipxe --- console=ttyS0,115200 earlyprint=serial,ttyS0,115200 initrd=http://ftp.nl.debian.org/debian/dists/stable/main/installer-i386/current/images/netboot/debian-installer/i386/initrd.gz +initrd http://ftp.nl.debian.org/debian/dists/stable/main/installer-i386/current/images/netboot/debian-installer/i386/initrd.gz +boot +goto MENU + +:ubuntu-lts-netinst +kernel http://archive.ubuntu.com/ubuntu/dists/xenial-updates/main/installer-amd64/current/images/hwe-netboot/ubuntu-installer/amd64/linux bootfile=http://{{ ansible_default_ipv4.address }}:8000/menu.ipxe --- console=ttyS0,115200 earlyprint=serial,ttyS0,115200 initrd=initrd.gz +initrd http://archive.ubuntu.com/ubuntu/dists/xenial-updates/main/installer-amd64/current/images/hwe-netboot/ubuntu-installer/amd64/initrd.gz +boot +goto MENU + +:coreos-netinst +set base-url http://stable.release.core-os.net/amd64-usr/current +kernel ${base-url}/coreos_production_pxe.vmlinuz initrd=coreos_production_pxe_image.cpio.gz coreos.first_boot=1 --- console=ttyS0,115200 coreos.autologin=ttyS0 earlyprint=serial,ttyS0,115200 +initrd ${base-url}/coreos_production_pxe_image.cpio.gz +boot +goto MENU + +:core-6.4 +kernel http://www.tinycorelinux.net/6.x/x86/archive/6.4/distribution_files/vmlinuz --- root=/dev/ram0 console=ttyS0,115200 earlyprint=serial,ttyS0,115200 +initrd http://{{ ansible_default_ipv4.address }}:8000/core.gz +boot +goto MENU + +:voyage-netinst +kernel kernels/voyage/vmlinuz bootfile=http://{{ ansible_default_ipv4.address }}:8000/menu.ipxe boot=live netboot=nfs root=/dev/nfs rw ip=dhcp nfsroot={{ ansible_default_ipv4.address }}:/srv/nfs/voyage --- console=ttyS0,115200 earlyprint=serial,ttyS0,115200 +initrd kernels/voyage/initrd.img +boot +goto MENU + +:shell +shell || +goto MENU diff --git a/roles/packages/tasks/main.yml b/roles/packages/tasks/main.yml new file mode 100644 index 0000000..ae22145 --- /dev/null +++ b/roles/packages/tasks/main.yml @@ -0,0 +1,42 @@ +- name: install packages + apt: + name: "{{ item }}" + state: present + with_items: + - apt-utils + - autoconf + - bc + - binutils + - bison + - build-essential + - ca-certificates + - cmake + - dialog + - dmidecode + - doxygen + - flex + - g++ + - gcc-multilib + - gdb + - gettext + - git + - iasl + - liblzma-dev + - locales + - m4 + - make + - makedev + - ncurses-dev + - nfs-common + - ntpdate + - python + - python-dev + - ssh + - sudo + - tmux + - vim + - wget + - wpasupplicant + - zlib1g-dev + - xen-system-amd64 + - xen-tools diff --git a/roles/prepare_artifacts/tasks/main.yml b/roles/prepare_artifacts/tasks/main.yml new file mode 100644 index 0000000..c63a04c --- /dev/null +++ b/roles/prepare_artifacts/tasks/main.yml @@ -0,0 +1,33 @@ +- name: check if "{{ rootfs_tar_gz }}" exist + stat: + path: "{{ rootfs_tar_gz }}" + register: rootfs_file +- name: check if "{{ results_dir }}/xen-{{ xen_version }}" exist + stat: + path: "{{ results_dir }}/xen-{{ xen_version }}" + register: xen_file +# for some reason archive return error, so we use tar directly An exception +# occurred during task execution. To see the full traceback, use -vvv. The +# error was: OSError: [Errno 2] No such file or directory: +# 'rootfs/sbin/runlevel' +# +# fatal: [localhost]: FAILED! => {"changed": false, "msg": "Error when +# writing tar.gz archive at rootfs-v1.0.0.tar.gz: [Errno 2] No such file or +# directory: 'rootfs/sbin/runlevel'"} +- name: compress rootfs + command: tar czvf "{{ rootfs_tar_gz }}" rootfs + args: + chdir: "{{ rootfs_dir }}/.." + when: not rootfs_file.stat.exists + +- name: preserver Xen kernel + copy: + src: "{{ rootfs_dir }}/boot/xen-{{ xen_version }}.gz" + dest: "{{ results_dir }}/xen-{{ xen_version }}.gz" + when: not xen_file.stat.exists + +- name: unarchive Xen kernel + command: gunzip -f "{{ results_dir }}/xen-{{ xen_version }}.gz" + args: + chdir: "{{ results_dir }}" + when: not xen_file.stat.exists diff --git a/roles/tinycoreos/files/inittab b/roles/tinycoreos/files/inittab new file mode 100644 index 0000000..aecc022 --- /dev/null +++ b/roles/tinycoreos/files/inittab @@ -0,0 +1,20 @@ +# /etc/inittab: init configuration for busybox init. +# Boot-time system configuration/initialization script. +# +::sysinit:/etc/init.d/rcS + +# /sbin/getty respawn shell invocations for selected ttys. +/dev/ttyS0::respawn:/sbin/getty -nl /sbin/autologin 115200 ttyS0 +#tty2::respawn:/sbin/getty 38400 tty2 +#tty3::respawn:/sbin/getty 38400 tty3 +#tty4::askfirst:/sbin/getty 38400 tty4 +#tty5::askfirst:/sbin/getty 38400 tty5 +#tty6::askfirst:/sbin/getty 38400 tty6 + +# Stuff to do when restarting the init +# process, or before rebooting. +::restart:/etc/init.d/rc.shutdown +::restart:/sbin/init +::ctrlaltdel:/sbin/reboot +::shutdown:/etc/init.d/rc.shutdown + diff --git a/roles/tinycoreos/files/securetty b/roles/tinycoreos/files/securetty new file mode 100644 index 0000000..688fdfd --- /dev/null +++ b/roles/tinycoreos/files/securetty @@ -0,0 +1,16 @@ +# /etc/securetty: List of terminals on which root is allowed to login. +# +console + +# For people with serial port consoles +ttyS0 + +# Standard consoles +tty1 +tty2 +tty3 +tty4 +tty5 +tty6 +tty7 + diff --git a/roles/tinycoreos/tasks/main.yml b/roles/tinycoreos/tasks/main.yml new file mode 100644 index 0000000..f76dc90 --- /dev/null +++ b/roles/tinycoreos/tasks/main.yml @@ -0,0 +1,45 @@ +- name: get Tiny Core Linux 6.4 initrd + get_url: + url: http://www.tinycorelinux.net/6.x/x86/archive/6.4/distribution_files/core.gz + dest: /tmp/core.gz + checksum: sha256:a0824dc1a65d0b5f1969fe72e03c682a1716df8eb5bb179d9baf6b8f28dc8e74 + +- name: unarchive core.gz + command: gunzip -f /tmp/core.gz + args: + chdir: /tmp + +- name: Create /tmp/cpio + file: + path: /tmp/cpio + state: directory + +- name: unarchive core cpio + command: cpio -i --file /tmp/core + args: + chdir: /tmp/cpio + +- name: copy etc/securetty + copy: + src: files/securetty + dest: /tmp/cpio/etc/securetty + +- name: copy etc/inittab + copy: + src: files/inittab + dest: /tmp/cpio/etc/inittab + +- name: Remove /tmp/core + file: + path: /tmp/core + state: absent + +- name: create core cpio + shell: find | cpio -o -H newc --file /tmp/core + args: + chdir: /tmp/cpio + +- name: archive core + command: gzip core + args: + chdir: /tmp diff --git a/roles/voyage/tasks/main.yml b/roles/voyage/tasks/main.yml new file mode 100644 index 0000000..91684a8 --- /dev/null +++ b/roles/voyage/tasks/main.yml @@ -0,0 +1,22 @@ +# TODO: because of iso_extract lack of support for directories, +# implementation of ISO extraction for Voyage would be to convolutes, we +# leaving it as it is +- name: Get Voyage + get_url: + url: https://cloud.3mdeb.com/index.php/s/rUZPwRHOjxpSxN4/download + dest: /tmp/voyage.tar.gz + checksum: sha256:86934186fde2cbc749b2e33d027977f1b3a0cf02f69c2ffc9446e620b3d6e5c6 + +- name: Create /var/voyage + file: + path: /var/voyage + state: directory + +- name: Unarchive Voyage + unarchive: + src: /tmp/voyage.tar.gz + dest: /var/voyage + remote_src: yes + keep_newer: yes + group: debian + owner: debian diff --git a/rootfs-builder/Dockerfile b/rootfs-builder/Dockerfile new file mode 100644 index 0000000..957f30f --- /dev/null +++ b/rootfs-builder/Dockerfile @@ -0,0 +1,34 @@ +FROM debian:stretch-backports + +MAINTAINER Piotr Król + +ARG HTTP_PROXY + +ENV http_proxy ${HTTP_PROXY} + +RUN \ + useradd -p locked -m debian && \ + apt-get -qq update && \ + apt-get -qqy -t stretch-backports install \ + ansible \ + bc \ + build-essential \ + ccache \ + debootstrap \ + kmod \ + libelf-dev \ + libssl-dev \ + lsb-release \ + python \ + unzip \ + tar \ + && apt-get clean + +ENV PATH="/usr/lib/ccache:${PATH}" +ENV ANSIBLE_CONFIG="/home/debian/scripts/ansible.cfg" +ENV CCACHE_DIR="/home/debian/.ccache" +RUN mkdir /home/debian/.ccache && \ + chown debian:debian /home/debian/.ccache +WORKDIR /home/debian/scripts +RUN sed -i "s|#http_proxy = http://proxy.yoyodyne.com:18023/|http_proxy=${HTTP_PROXY}|g" /etc/wgetrc +RUN echo "Acquire::http::Proxy \"${HTTP_PROXY}\";" > /etc/apt/apt.conf.d/99HttpProxy diff --git a/rootfs-builder/build.sh b/rootfs-builder/build.sh new file mode 100755 index 0000000..0c00d07 --- /dev/null +++ b/rootfs-builder/build.sh @@ -0,0 +1 @@ +docker build --build-arg HTTP_PROXY=http://$1:3142 -t 3mdeb/rootfs-builder:latest .