dustin
/
basementhud
1
0
Fork 0
Code Pull Requests Releases Activity

Initial commit
basementhud/pipeline/head This commit looks good Details
fedora-pi-netboot/pipeline/head Build started... Details

buildroot
Dustin 2022-03-18 23:31:41 -05:00
commit 778fb9ec7b
47 changed files with 3099 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/_build

7
.vscode/settings.json vendored Normal file
View File

@ -0,0 +1,7 @@
{
"files.associations": {
"**/configs/*_defconfig": "properties",
"**/etc/fstab": "text",
"**/etc/pam.d/*": "raw"
}
}

0
Config.in Normal file
View File

31
Makefile Normal file
View File

@ -0,0 +1,31 @@
BUILDROOT_SRC ?= ~/src/buildroot
.PHONY: all
all: initramfs rootfs
.PHONY: rootfs
rootfs: _build/rootfs/.config
$(MAKE) -C _build/rootfs -j $(shell nproc)
.PHONY: initramfs
initramfs: _build/initramfs/.config
$(MAKE) -C _build/initramfs -j $(shell nproc)
.PHONY: publish
publish:
rsync -rtliO \
--delete \
_build/rootfs/images/rpi-firmware/ \
_build/rootfs/images/Image \
_build/rootfs/images/*.dtb \
_build/initramfs/images/rootfs.cpio.lz4 \
pxe0.pyrocufflink.blue:/var/lib/tftpboot/basementhud/
rsync -P --no-W \
_build/rootfs/images/rootfs.squashfs \
pxe0.pyrocufflink.blue:/var/lib/nbd/basementhud.squashfs
_build/rootfs/.config:
$(MAKE) -C $(BUILDROOT_SRC) O=${PWD}/_build/rootfs BR2_EXTERNAL=${PWD} basementhud_defconfig
_build/initramfs/.config:
$(MAKE) -C $(BUILDROOT_SRC) O=${PWD}/_build/initramfs BR2_EXTERNAL=${PWD} basementhud_initramfs_defconfig

32
README.md Normal file
View File

@ -0,0 +1,32 @@
# Network-Booted Heads-Up Display System
## Required Build Host Configuration
```sh
sudo dnf install -y \
ncurses-devel \
perl-ExtUtils-MakeMaker \
perl-FindBin \
perl-Thread-Queue \
--
```
```sh
git clone git://git.buildroot.net/buildroot ~/src/buildroot
```
## Build
### Build the Initramfs
```sh
make -C ~/src/buildroot O=${PWD}/_build/initramfs BR2_EXTERNAL=${PWD} basementhud_initramfs_defconfig
make -C _build/initramfs -j $(nproc)
```
### Build the Rootfs
```sh
make -C ~/src/buildroot O=${PWD}/_build/rootfs BR2_EXTERNAL=${PWD} basementhud_defconfig
make -C _build/rootfs -j $(nproc)
```

25
ci/Dockerfile Normal file
View File

@ -0,0 +1,25 @@
FROM registry.fedoraproject.org/fedora:30
ARG UID
ARG GID
RUN groupadd -g ${GID} jenkins \
&& useradd -u ${UID} -g ${GID} -m -d /var/lib/jenkins -l jenkins
RUN dnf install -y \
bc \
bzip2 \
cpio \
diffutils \
g++ \
gcc \
make \
ncurses-devel \
openssh-clients \
patch \
perl-ExtUtils-MakeMaker \
perl-Thread-Queue \
rsync \
wget \
which \
&& dnf clean all

84
ci/Jenkinsfile vendored Normal file
View File

@ -0,0 +1,84 @@
pipeline {
agent {
dockerfile {
dir 'ci'
args '''
-v /etc/ssh/ssh_known_hosts:/etc/ssh/ssh_known_hosts
'''
additionalBuildArgs '''\
--build-arg UID=$(id -u) \
--build-arg GID=$(id -g) \
'''
}
}
options {
buildDiscarder logRotator(numToKeepStr: '5')
disableConcurrentBuilds()
}
triggers {
pollSCM ''
}
parameters {
booleanParam \
name: 'Clean',
description: 'Clean the workspace and perform a full rebuild'
}
environment {
BUILDROOT_SRC = "${env.WORKSPACE}/buildroot"
}
stages {
stage('Prepare') {
steps {
script {
if (params.Clean) {
sh 'rm -rf _build'
}
}
checkout poll: false, scm: [
$class: 'GitSCM',
branches: [[name: '2022.02.x']],
doGenerateSubmoduleConfigurations: false,
userRemoteConfigs: [[url: 'git://git.buildroot.net/buildroot']],
extensions: [
[
$class: 'RelativeTargetDirectory',
relativeTargetDir: 'buildroot',
],
],
]
}
}
stage('Build') {
parallel {
stage('Build Initramfs') {
steps {
sh 'make initramfs'
}
}
stage('Build Rootfs') {
steps {
sh 'make rootfs'
}
}
}
}
stage('Publish') {
when {
branch 'master'
}
steps {
sshagent(['jenkins-pxe']) {
sh 'make publish'
}
}
}
}
}

1
cmdline.txt Normal file
View File

@ -0,0 +1 @@
audit=0 panic=5 console=ttyAMA0 root=nbd:pxe0.pyrocufflink.blue:basementhud sshkeys.root=http://rosalina.pyrocufflink.blue/~dustin/id_ed25519.pub

23
config.txt Normal file
View File

@ -0,0 +1,23 @@
# See http://buildroot.org/manual.html#rootfs-custom
# and http://elinux.org/RPiconfig for a description of config.txt syntax
start_file=start4.elf
fixup_file=fixup4.dat
kernel=Image
# To use an external initramfs file
initramfs rootfs.cpio.lz4
# Disable overscan assuming the display supports displaying the full resolution
# If the text shown on the screen disappears off the edge, comment this out
disable_overscan=1
dtoverlay=vc4-kms-v3d-pi4
dtoverlay=imx219
#dtoverlay=ov5647
dtoverlay=disable-bt
# enable 64bits support
arm_64bit=1

69
configs/basementhud_defconfig Normal file
View File

@ -0,0 +1,69 @@
BR2_aarch64=y
BR2_cortex_a72=y
BR2_ARM_FPU_VFPV4=y
BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_5_10=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_TARGET_GENERIC_HOSTNAME="localhost"
BR2_INIT_SYSTEMD=y
# BR2_TARGET_ENABLE_ROOT_LOGIN is not set
BR2_SYSTEM_DEFAULT_PATH="/bin:/sbin:/usr/bin:/usr/sbin"
BR2_ROOTFS_USERS_TABLES="$(BR2_EXTERNAL_basementhud_PATH)/rootfs/users"
BR2_ROOTFS_OVERLAY="$(BR2_EXTERNAL_basementhud_PATH)/rootfs/overlay"
BR2_ROOTFS_POST_BUILD_SCRIPT="$(BR2_EXTERNAL_basementhud_PATH)/rootfs/post-build.sh"
BR2_ROOTFS_POST_FAKEROOT_SCRIPT="$(BR2_EXTERNAL_basementhud_PATH)/rootfs/post-fakeroot.sh"
BR2_ROOTFS_POST_IMAGE_SCRIPT="$(BR2_EXTERNAL_basementhud_PATH)/rootfs/post-image.sh"
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_TARBALL=y
BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="$(call github,raspberrypi,linux,0b54dbda3cca2beb51e236a25738784e90853b64)/linux-0b54dbda3cca2beb51e236a25738784e90853b64.tar.gz"
BR2_LINUX_KERNEL_USE_CUSTOM_CONFIG=y
BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="$(BR2_EXTERNAL_basementhud_PATH)/rootfs/linux.config"
BR2_LINUX_KERNEL_DTS_SUPPORT=y
BR2_LINUX_KERNEL_INTREE_DTS_NAME="broadcom/bcm2711-rpi-4-b"
BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y
# BR2_PACKAGE_BUSYBOX is not set
BR2_PACKAGE_SED=y
BR2_PACKAGE_BTRFS_PROGS=y
BR2_PACKAGE_E2FSPROGS=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_V3D=y
BR2_PACKAGE_MESA3D_OPENGL_GLX=y
BR2_PACKAGE_XORG7=y
BR2_PACKAGE_XSERVER_XORG_SERVER=y
BR2_PACKAGE_XAPP_XINIT=y
BR2_PACKAGE_XAPP_XSET=y
BR2_PACKAGE_MATCHBOX=y
BR2_PACKAGE_RPI_FIRMWARE=y
BR2_PACKAGE_RPI_FIRMWARE_VARIANT_PI4=y
BR2_PACKAGE_RPI_FIRMWARE_CONFIG_FILE="$(BR2_EXTERNAL_basementhud_PATH)/config.txt"
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON_PIP=y
BR2_PACKAGE_PYTHON_PYDANTIC=y
BR2_PACKAGE_PYTHON_PYYAML=y
BR2_PACKAGE_CA_CERTIFICATES=y
BR2_PACKAGE_LIBCURL=y
BR2_PACKAGE_LIBCURL_CURL=y
# BR2_PACKAGE_LIBCURL_EXTRA_PROTOCOLS_FEATURES is not set
BR2_PACKAGE_CHRONY=y
BR2_PACKAGE_DHCPCD=y
# BR2_PACKAGE_IFUPDOWN_SCRIPTS is not set
BR2_PACKAGE_IPROUTE2=y
BR2_PACKAGE_NBD=y
BR2_PACKAGE_OPENSSH=y
BR2_PACKAGE_COREUTILS=y
BR2_PACKAGE_COREUTILS_INDIVIDUAL_BINARIES=y
BR2_PACKAGE_PROCPS_NG=y
BR2_PACKAGE_PSMISC=y
BR2_PACKAGE_RSYSLOG=y
# BR2_PACKAGE_SYSTEMD_PSTORE is not set
# BR2_PACKAGE_SYSTEMD_HOSTNAMED is not set
# BR2_PACKAGE_SYSTEMD_HWDB is not set
# BR2_PACKAGE_SYSTEMD_NETWORKD is not set
# BR2_PACKAGE_SYSTEMD_RESOLVED is not set
# BR2_PACKAGE_SYSTEMD_TIMEDATED is not set
# BR2_PACKAGE_SYSTEMD_TIMESYNCD is not set
BR2_PACKAGE_UTIL_LINUX_LOGIN=y
BR2_PACKAGE_LESS=y
BR2_TARGET_ROOTFS_SQUASHFS=y
BR2_TARGET_ROOTFS_SQUASHFS4_LZ4=y
# BR2_TARGET_ROOTFS_TAR is not set

18
configs/basementhud_initramfs_defconfig Normal file
View File

@ -0,0 +1,18 @@
BR2_aarch64=y
BR2_cortex_a72=y
BR2_ARM_FPU_VFPV4=y
BR2_TOOLCHAIN_BUILDROOT_MUSL=y
BR2_KERNEL_HEADERS_5_10=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_INIT_NONE=y
# BR2_TARGET_GENERIC_GETTY is not set
# BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW is not set
BR2_ROOTFS_OVERLAY="$(BR2_EXTERNAL_basementhud_PATH)/initramfs/overlay"
BR2_PACKAGE_BUSYBOX_CONFIG="$(BR2_EXTERNAL_basementhud_PATH)/initramfs/busybox.config"
# BR2_PACKAGE_IFUPDOWN_SCRIPTS is not set
BR2_PACKAGE_NBD=y
BR2_TARGET_ROOTFS_CPIO=y
BR2_TARGET_ROOTFS_CPIO_LZ4=y
# BR2_TARGET_ROOTFS_TAR is not set
BR2_PACKAGE_HOST_KMOD=y
BR2_PACKAGE_HOST_UTIL_LINUX=y

2
external.desc Normal file
View File

@ -0,0 +1,2 @@
name: basementhud
desc: Basement HUD System

0
external.mk Normal file
View File

1196
initramfs/busybox.config Normal file
View File

File diff suppressed because it is too large Load Diff

40
initramfs/overlay/sbin/init Executable file
View File

@ -0,0 +1,40 @@
#!/bin/sh -e
export PATH=/usr/sbin:/usr/bin:/sbin:/bin
mkdir -p /proc /run /sys
mount -t sysfs sysfs /sys
mount -t proc proc /proc
mount -t tmpfs tmpfs /run
# shellcheck disable=SC2046
set -- $(cat /proc/cmdline)
while [ $# -ge 1 ]; do
case "$1" in
root=nbd:*)
arg=${1#*:}
name=${arg#*:}
host=${arg%:*}
;;
esac
shift
done
for path in /sys/class/net/*; do
[ -e "${path}" ] || continue
ip link set "${path##*/}" up
done
sleep 5
udhcpc -q
@bd-client -N "${name}" -R -p "${host}" /dev/nbd0
mkdir -p /sysroot
mount -o ro -t squashfs /dev/nbd0 /sysroot || nbd-client -c /dev/nbd0
cd /sysroot
mount --move /proc /sysroot/proc
mount --move /sys /sysroot/sys
mount --move /dev /sysroot/dev
mount --move /run /sysroot/run
exec switch_root /sysroot /lib/systemd/systemd

1
initramfs/overlay/usr/sbin/@bd-client Symbolic link
View File

@ -0,0 +1 @@
nbd-client

39
initramfs/overlay/usr/share/udhcpc/default.script Executable file
View File

@ -0,0 +1,39 @@
#!/bin/sh
case "$1" in
deconfig|nak)
;;
renew|bound)
if [ -n "${ip}" ]; then
# shellcheck disable=SC2154 # interface is is an environment variable
ip addr add "${ip}"/"${mask:-32}" dev "${interface}"
fi
if [ -n "${staticroutes}" ]; then
# shellcheck disable=SC2086 # we WANT word splitting here!
set -- ${staticroutes}
ip route add "$1" via "$2" dev "${interface}"
elif [ -n "${router}" ]; then
for gw in ${router}; do
ip route add default via "${gw}" dev "${interface}"
done
fi
: > /etc/resolv.conf
if [ -n "${search}" ]; then
printf 'search %s\n' "${search}" >> /etc/resolv.conf
elif [ -n "${domain}" ]; then
printf 'search %s\n' "${domain}" >> /etc/resolv.conf
fi
if [ -n "${dns}" ]; then
for ns in ${dns}; do
printf 'nameserver %s\n' "${ns}" >> /etc/resolv.conf
done
fi
if [ -n "${ntpsrv}" ] && [ -x /usr/sbin/ntpd ]; then
for ts in ${ntpsrv}; do
/usr/sbin/ntpd -n -q -p "${ts}" || continue
break
done
fi
;;
esac

1163
rootfs/linux.config Normal file
View File

File diff suppressed because it is too large Load Diff

2
rootfs/overlay/etc/chrony.conf Normal file
View File

@ -0,0 +1,2 @@
sourcedir /run/chrony-dhcp
makestep 0.1 10

55
rootfs/overlay/etc/dhcpcd.conf Normal file
View File

@ -0,0 +1,55 @@
# A sample configuration for dhcpcd.
# See dhcpcd.conf(5) for details.
# Allow users of this group to interact with dhcpcd via the control socket.
#controlgroup wheel
# Inform the DHCP server of our hostname for DDNS.
#hostname
# Use the hardware address of the interface for the Client ID.
clientid
# or
# Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
# Some non-RFC compliant DHCP servers do not reply with this set.
# In this case, comment out duid and enable clientid above.
#duid
# Persist interface configuration when dhcpcd exits.
persistent
# vendorclassid is set to blank to avoid sending the default of
# dhcpcd-<version>:<os>:<machine>:<platform>
vendorclassid
# A list of options to request from the DHCP server.
option domain_name_servers, domain_name, domain_search
option classless_static_routes
# Respect the network MTU. This is applied to DHCP routes.
option interface_mtu
# Request a hostname from the network
option host_name
# Most distributions have NTP support.
option ntp_servers
# Rapid commit support.
# Safe to enable by default because it requires the equivalent option set
# on the server to actually work.
option rapid_commit
option log_servers
# A ServerID is required by RFC2131.
require dhcp_server_identifier
# Generate SLAAC address using the Hardware Address of the interface
#slaac hwaddr
# OR generate Stable Private IPv6 Addresses based from the DUID
slaac private
denyinterfaces dummy* veth* docker*
env NTP_CONF=/run/chrony-dhcp/dhcpcd.sources
env ntp_restart_cmd=/usr/bin/chronyc reload sources

4
rootfs/overlay/etc/fstab Normal file
View File

@ -0,0 +1,4 @@
tmpfs /var tmpfs mode=0755,noexec,nosuid,nodev 0 0
tmpfs /root tmpfs size=1M,mode=550 0 0
/dev/mmcblk0 /run/storage ext4 ro,noexec,nosuid,nodev 0 2
overlay /etc/ssh overlay ro,lowerdir=/etc/ssh:/run/storage/ssh,noexec,nodev,nosuid,x-systemd.requires-mounts-for=/run/storage 0 0

17
rootfs/overlay/etc/pam.d/xinit Normal file
View File

@ -0,0 +1,17 @@
#%PAM-1.0
auth substack system-auth
auth include postlogin
account required pam_nologin.so
account include system-auth
password include system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session include system-auth
session required pam_exec.so /usr/local/libexec/home-overlay.sh
session include postlogin
-session optional pam_ck_connector.so

6
rootfs/overlay/etc/rsyslog.conf Normal file
View File

@ -0,0 +1,6 @@
global(workDirectory="/var/lib/rsyslog")
module(load="imjournal"
StateFile="imjournal.state")
include(file="/etc/rsyslog.d/*.conf" mode="optional")
include(file="/run/rsyslog.d/*.conf" mode="optional")

7
rootfs/overlay/home/user/.xinitrc Normal file
View File

@ -0,0 +1,7 @@
#!/bin/sh
xset s off
xset -dpms
systemctl --user import-environment DISPLAY
systemctl --user start gui.target
exec matchbox-window-manager -use_titlebar no

31
rootfs/overlay/usr/lib/dhcpcd/dhcpcd-hooks/60-syslog Normal file
View File

@ -0,0 +1,31 @@
#!/bin/sh
gen_action() {
echo 'action('
echo ' type="omfwd"'
printf ' Target="%s"\n' "${1}"
echo ' Port="514"'
echo ' template="RSYSLOG_SyslogProtocol23Format"'
echo ')'
}
changed=false
if [ -n "${interface}" ] && [ -d /run/rsyslog.d ]; then
if [ -n "${new_log_servers}" ]; then
if [ "${new_log_servers}" != "${old_log_servers}" ]; then
echo '# Generated by dhcpcd' \
> /run/rsyslog.d/dhcpcd."${interface}".conf
for s in ${new_log_servers}; do
gen_action "${s}" >> /run/rsyslog.d/dhcpcd."${interface}".conf
done
fi
changed=true
elif [ -n "${old_log_servers}" ]; then
rm -f /run/rsyslog.d/dhcpcd."${interface}".conf
changed=true
fi
fi
if ${changed}; then
systemctl try-restart rsyslog
fi

25
rootfs/overlay/usr/lib/systemd/system-generators/fetch-sshkeys-generator Executable file
View File

@ -0,0 +1,25 @@
#!/bin/sh
enable_unit() {
mkdir -p "${normaldir}"/multi-user.target.wants
ln -s /lib/systemd/system/"$1" "${normaldir}"/multi-user.target.wants/
}
normaldir="$1"
# shellcheck disable=SC2034
earlydir="$2"
# shellcheck disable=SC2034
latedir="$3"
# shellcheck disable=SC2046
set -- $(cat /proc/cmdline)
while [ $# -ge 1 ]; do
case "$1" in
sshkeys.*=*)
arg=${1#*.}
user=${arg%=*}
enable_unit fetch-sshkeys@"${user}".service
;;
esac
shift
done

10
rootfs/overlay/usr/lib/systemd/system-preset/70-basementhud.preset Normal file
View File

@ -0,0 +1,10 @@
disable cups-lpd.socket
disable cups.service
disable cups.socket
disable cups.path
disable systemd-networkd.service
disable systemd-resolved.service
disable systemd-timesyncd.service
xinit@user.service

47
rootfs/overlay/usr/lib/systemd/system/chrony-wait.service Normal file
View File

@ -0,0 +1,47 @@
[Unit]
Description=Wait for chrony to synchronize system clock
Documentation=man:chronyc(1)
After=chrony.service
Requires=chrony.service
Before=time-sync.target
Wants=time-sync.target
[Service]
Type=oneshot
# Wait for chronyd to update the clock and the remaining
# correction to be less than 0.1 seconds
ExecStart=/usr/bin/chronyc -h 127.0.0.1,::1 waitsync 0 0.1 0.0 1
# Wait for at most 3 minutes
TimeoutStartSec=180
RemainAfterExit=yes
StandardOutput=null
CapabilityBoundingSet=
DevicePolicy=closed
DynamicUser=yes
IPAddressAllow=localhost
IPAddressDeny=any
LockPersonality=yes
MemoryDenyWriteExecute=yes
PrivateDevices=yes
PrivateUsers=yes
ProcSubset=pid
ProtectClock=yes
ProtectControlGroups=yes
ProtectHome=yes
ProtectHostname=yes
ProtectKernelLogs=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
ProtectProc=invisible
ProtectSystem=strict
RestrictAddressFamilies=AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
SystemCallArchitectures=native
SystemCallFilter=@system-service
SystemCallFilter=~@privileged @resources
UMask=0777
[Install]
WantedBy=multi-user.target

9
rootfs/overlay/usr/lib/systemd/system/copy-var.service Normal file
View File

@ -0,0 +1,9 @@
[Unit]
Description=Copy /var contents to writable storage
DefaultDependencies=no
After=var.mount
Before=local-fs.target
[Service]
Type=oneshot
ExecStart=/usr/libexec/copy-var.sh

2
rootfs/overlay/usr/lib/systemd/system/dhcpcd.service.d/before-network-online.conf Normal file
View File

@ -0,0 +1,2 @@
[Unit]
Before=network-online.target

2
rootfs/overlay/usr/lib/systemd/system/dhcpcd.service.d/pidfile.conf Normal file
View File

@ -0,0 +1,2 @@
[Service]
PIDFile=/run/dhcpcd/pid

10
rootfs/overlay/usr/lib/systemd/system/fetch-sshkeys@.service Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=Fetch SSH authorized_keys for %I
Wants=network-online.target
After=network-online.target
After=remote-fs.target
[Service]
Type=oneshot
ExecStart=/usr/libexec/fetch-sshkeys.sh
User=%I

1
rootfs/overlay/usr/lib/systemd/system/local-fs.target.requires/copy-var.service Symbolic link
View File

@ -0,0 +1 @@
../copy-var.service

13
rootfs/overlay/usr/lib/systemd/system/nbdtab-generator.service Normal file
View File

@ -0,0 +1,13 @@
[Unit]
Description=Generate nbdtab
DefaultDependencies=no
Before=sysinit.target
After=local-fs.target
ConditionPathExists=/etc/nbdtab
[Service]
Type=oneshot
ExecStart=/usr/libexec/nbdtab-generator.sh
[Install]
WantedBy=sysinit.target

2
rootfs/overlay/usr/lib/systemd/system/rsyslog.service.d/after-network-online.conf Normal file
View File

@ -0,0 +1,2 @@
[Unit]
After=network-online.target

21
rootfs/overlay/usr/lib/systemd/system/xinit@.service Normal file
View File

@ -0,0 +1,21 @@
[Unit]
Description=Start X.org for user %I
Wants=network-online.target
After=network-online.target
Wants=time-sync.target
After=time-sync.target
[Service]
Type=simple
User=%I
WorkingDirectory=~
PAMName=xinit
TTYPath=/dev/tty7
StandardInput=tty
StandardOutput=journal
StandardError=journal
ExecStart=/usr/bin/startx
Restart=always
[Install]
WantedBy=graphical.target

5
rootfs/overlay/usr/lib/systemd/user/gui.target Normal file
View File

@ -0,0 +1,5 @@
[Unit]
Description=Graphical User Interface
After=default.target
Wants=default.target
AllowIsolate=yes

1
rootfs/overlay/usr/lib/tmpfiles.d/chrony.conf Normal file
View File

@ -0,0 +1 @@
d /run/chrony-dhcp 0755 root root

1
rootfs/overlay/usr/lib/tmpfiles.d/rsyslog.conf Normal file
View File

@ -0,0 +1 @@
d /run/rsyslog.d 0755 root root -

23
rootfs/overlay/usr/libexec/copy-var.sh Executable file
View File

@ -0,0 +1,23 @@
#!/bin/sh
set -e
cleanup() {
if [ -n "${tmpdir}" ] && [ -d "${tmpdir}" ] && [ / != "${tmpdir}" ]; then
if mountpoint -q "${tmpdir}"; then
umount "${tmpdir}"
fi
rm -rf "${tmpdir}"
fi
unset tmpdir
}
tmpdir=$(TMPDIR=/run mktemp -d)
trap cleanup INT QUIT TERM EXIT
mount -o bind / "${tmpdir}"
cp -a "${tmpdir}"/var/. /var/
if [ -x "$(command -v selinuxenabled)" ] && selinuxenabled; then
restorecon -RF /var
fi

29
rootfs/overlay/usr/libexec/fetch-sshkeys.sh Executable file
View File

@ -0,0 +1,29 @@
#!/bin/sh -e
umask 0077
mkdir -p ~/.ssh
: > ~/.ssh/authorized_keys
fetch_keys() {
curl -fsSL "${1}" >> ~/.ssh/authorized_keys
}
# shellcheck disable=SC2046
set -- $(cat /proc/cmdline)
while [ $# -ge 1 ]; do
case "$1" in
sshkeys.*=*)
arg=${1#*.}
user=${arg%=*}
url=${arg#*=}
if [ "${user}" = "${USER}" ]; then
fetch_keys "${url}"
fi
;;
esac
shift
done
if [ -x "$(command -v selinuxenabled)" ] && selinuxenabled; then
restorecon -RF ~/.ssh
fi

29
rootfs/overlay/usr/libexec/nbdtab-generator.sh Executable file
View File

@ -0,0 +1,29 @@
#!/bin/sh
[ -f /etc/nbdtab ] || exit 0
# shellcheck disable=SC2046
set -- $(cat /proc/cmdline)
while [ $# -ge 1 ]; do
case "$1" in
root=nbd:*)
arg=${1#*:}
host=${arg%:*}
;;
esac
shift
done
[ -n "${host}" ] || exit 0
serial=$(sed -nr '/Serial/s/.*([0-9a-f]{8})/\1/p' /proc/cpuinfo)
if [ $? -ne 0 ]; then
serial=UNKNOWN-SERIAL
fi
sed \
-e s/@NBDHOST@/"${host}"/ \
-e s/@SERIAL@/"${serial}"/ \
/etc/nbdtab \
> /run/nbdtab
mount -o bind /run/nbdtab /etc/nbdtab

0
rootfs/overlay/var/lib/rsyslog/.keep Normal file
View File

6
rootfs/post-build.sh Executable file
View File

@ -0,0 +1,6 @@
#!/bin/sh
cp -puv "${BUILD_DIR}"/nbd-*/systemd/nbd@.service \
"${TARGET_DIR}"/usr/lib/systemd/system/
touch "${TARGET_DIR}"/usr/lib/clock-epoch

3
rootfs/post-fakeroot.sh Executable file
View File

@ -0,0 +1,3 @@
#!/bin/sh
rm -rfv "${TARGET_DIR}"/var/log/journal

5
rootfs/post-image.sh Executable file
View File

@ -0,0 +1,5 @@
#!/bin/sh
# shellcheck disable=SC2154
cp -v "${BR2_EXTERNAL_basementhud_PATH}"/cmdline.txt \
"${BINARIES_DIR}"/rpi-firmware/cmdline.txt

1
rootfs/users Normal file
View File

@ -0,0 +1 @@
user 1000 user 1000 * /home/user /bin/sh -