build improvements (#1886)

* build improvements * no workdir * kiosk fully working * setup profile prefs
2026-03-26 02:11:53 +00:00 · 2022-10-25 16:23:29 -06:00
parent 1cfd404321
commit 26d2152a36
7 changed files with 100 additions and 20 deletions
--- a/.github/workflows/backend.yaml
+++ b/.github/workflows/backend.yaml
@@ -119,22 +119,7 @@ jobs:
      run: ./check-environment.sh

    - name: Build backend
-      run: cargo build --release --target x86_64-unknown-linux-gnu --locked
-      working-directory: backend
-      if: ${{ matrix.target == 'x86_64' }}
-
-    - name: Build backend
-      run: |
-        docker run --rm \
-        -v "/home/runner/.cargo/registry":/root/.cargo/registry \
-        -v "$(pwd)":/home/rust/src \
-        -P start9/rust-arm-cross:aarch64 \
-        sh -c 'cd /home/rust/src/backend &&
-          rustup install ${{ env.RUST_VERSION }} &&
-          rustup override set ${{ env.RUST_VERSION }} &&
-          rustup target add aarch64-unknown-linux-gnu &&
-          cargo build --release --target ${{ matrix.target }}-unknown-linux-gnu --locked'
-      if: ${{ matrix.target == 'aarch64' }}
+      run: make ARCH=${{ matrix.target }} backend

    - name: 'Tar files to preserve file permissions'
      run: make ARCH=${{ matrix.target }} backend-${{ matrix.target }}.tar
--- a/backend/README.md
+++ b/backend/README.md
@@ -40,4 +40,3 @@ If you have questions about how various pieces of the backend system work. Open
 an issue and tag the following people

 - dr-bonez
- ProofOfKeags
--- a/backend/src/sound.rs
+++ b/backend/src/sound.rs
@@ -167,11 +167,14 @@ where

 impl Drop for SoundInterface {
    fn drop(&mut self) {
+        let use_beep = self.use_beep;
        let guard = self.guard.take();
        tokio::spawn(async move {
-            if let Err(e) = tokio::fs::write(&*UNEXPORT_FILE, "0").await {
-                tracing::error!("Failed to Unexport Sound Interface: {}", e);
-                tracing::debug!("{:?}", e);
+            if !use_beep {
+                if let Err(e) = tokio::fs::write(&*UNEXPORT_FILE, "0").await {
+                    tracing::error!("Failed to Unexport Sound Interface: {}", e);
+                    tracing::debug!("{:?}", e);
+                }
            }
            if let Some(guard) = guard {
                if let Err(e) = guard.unlock().await {
--- a/build/lib/proxy.pac
+++ b/build/lib/proxy.pac
@@ -0,0 +1,12 @@
+function FindProxyForURL(url, host)
+{
+  if (shExpMatch(host, "*.onion"))
+  {
+    return "SOCKS5 127.0.0.1:9050";
+  }
+  return "DIRECT";
+}
+
+function FindProxyForURLEx(url, host) {
+  return FindProxyForURL(url, host);
+}
--- a/build/lib/scripts/chroot-and-upgrade
+++ b/build/lib/scripts/chroot-and-upgrade
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+if [ "$UID" -ne 0 ]; then
+    >&2 echo 'Must be run as root'
+    exit 1
+fi
+
+echo 'Syncing...'
+
+rsync -a --delete --force --info=progress2 /media/embassy/embassyfs/current/ /media/embassy/next
+
+mount --bind /run /media/embassy/next/run
+mount --bind /dev /media/embassy/next/dev
+mount --bind /sys /media/embassy/next/sys
+mount --bind /proc /media/embassy/next/proc
+
+chroot /media/embassy/next
+
+umount /media/embassy/next/run
+umount /media/embassy/next/dev
+umount /media/embassy/next/sys
+umount /media/embassy/next/proc
+
+echo 'Upgrading...'
+
+touch /media/embassy/config/upgrade
+
+sync
+
+reboot
--- a/build/lib/scripts/enable-kiosk
+++ b/build/lib/scripts/enable-kiosk
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+# install dependencies
+apt update
+apt install --no-install-recommends -y xserver-xorg x11-xserver-utils xinit firefox-esr matchbox-window-manager libnss3-tools
+
+# create kiosk script
+cat > /home/start9/kiosk.sh << 'EOF'
+#!/bin/sh
+PROFILE=$(mktemp -d)
+if [ -f /usr/local/share/ca-certificates/embassy-root-ca.crt ]; then
+    certutil -A -n "Embassy Local Root CA" -t "TCu,Cuw,Tuw" -i /usr/local/share/ca-certificates/embassy-root-ca.crt -d $PROFILE
+fi
+cat >> $PROFILE/prefs.js << EOT
+user_pref("network.proxy.autoconfig_url", "file:///usr/lib/embassy/proxy.pac");
+user_pref("network.proxy.socks_remote_dns", true);
+user_pref("network.proxy.type", 2);
+user_pref("dom.securecontext.allowlist_onions", true);
+user_pref("dom.securecontext.whitelist_onions", true);
+user_pref("signon.rememberSignons", false);
+EOT
+matchbox-window-manager -use_titlebar yes &
+firefox-esr --kiosk http://$(hostname).local --profile $PROFILE
+rm -rf $PROFILE
+EOF
+chmod +x /home/start9/kiosk.sh
+sed -i 's/=console/=anybody/g' /etc/X11/Xwrapper.config
+
+# use kiosk if tty (not pts)
+if ! grep -q 'kiosk' /home/start9/.profile; then
+cat >> /home/start9/.profile << 'EOF'
+# Use kiosk for TTY
+if [[ "$(tty)" =~ ^/dev/tty ]]; then
+    exec startx "$HOME/kiosk.sh"
+fi
+EOF
+fi
+
+# enable autologin
+mkdir -p /etc/systemd/system/getty@tty1.service.d
+cat > /etc/systemd/system/getty@tty1.service.d/autologin.conf << 'EOF'
+[Service]
+ExecStart=
+ExecStart=-/sbin/agetty --autologin start9 --noclear %I $TERM
+EOF
+ln -fs /etc/systemd/system/autologin@.service /etc/systemd/system/getty.target.wants/getty@tty1.service
+
--- a/build/raspberry-pi/initialization.sh
+++ b/build/raspberry-pi/initialization.sh
@@ -37,6 +37,8 @@ systemctl stop tor

 systemctl enable embassyd.service embassy-init.service

+. /usr/lib/embassy/scripts/enable-kiosk
+
 sed -i 's/^/usb-storage.quirks=152d:0562:u,14cd:121c:u,0781:cfcb:u /g' /boot/cmdline.txt

 # making that *sudo docker stats* command fulfil its purpose by displaying all metrics