mirror of
https://github.com/Start9Labs/start-os.git
synced 2026-03-30 12:11:56 +00:00
consolidate and streamline build (#2469)
* consolidate and streamline build * fix workflow syntax * fix workflow syntax * fix workflow syntax * fix workflow syntax * fix build scripts * only build platform-specific system images * fix build script * more build fixes * fix * fix compat build for x86 * wat * checkout * Prevent rebuild of compiled artifacts * Update startos-iso.yaml * Update startos-iso.yaml * fix raspi build * handle missing platform better * reduce arm vcpus * remove arch and platform from fe config, add to patch db --------- Co-authored-by: Matt Hill <mattnine@protonmail.com>
This commit is contained in:
Aiden McClelland
@@ -1,5 +0,0 @@
|
||||
openresolv
|
||||
dhcpcd5
|
||||
firewalld
|
||||
nginx
|
||||
nginx-common
|
||||
@@ -1,60 +0,0 @@
|
||||
avahi-daemon
|
||||
avahi-utils
|
||||
bash-completion
|
||||
beep
|
||||
bmon
|
||||
btrfs-progs
|
||||
ca-certificates
|
||||
cifs-utils
|
||||
containerd.io
|
||||
cryptsetup
|
||||
curl
|
||||
dmidecode
|
||||
docker-ce
|
||||
docker-ce-cli
|
||||
docker-compose-plugin
|
||||
dosfstools
|
||||
e2fsprogs
|
||||
ecryptfs-utils
|
||||
exfatprogs
|
||||
flashrom
|
||||
gdb
|
||||
grub-common
|
||||
heaptrack
|
||||
htop
|
||||
httpdirfs
|
||||
iotop
|
||||
iw
|
||||
jq
|
||||
libavahi-client3
|
||||
libyajl2
|
||||
linux-cpupower
|
||||
lm-sensors
|
||||
lshw
|
||||
lvm2
|
||||
magic-wormhole
|
||||
man-db
|
||||
ncdu
|
||||
net-tools
|
||||
network-manager
|
||||
nvme-cli
|
||||
nyx
|
||||
openssh-server
|
||||
podman
|
||||
postgresql
|
||||
psmisc
|
||||
qemu-guest-agent
|
||||
rsync
|
||||
samba-common-bin
|
||||
smartmontools
|
||||
sqlite3
|
||||
squashfs-tools
|
||||
sudo
|
||||
systemd
|
||||
systemd-resolved
|
||||
systemd-sysv
|
||||
systemd-timesyncd
|
||||
tor
|
||||
util-linux
|
||||
vim
|
||||
wireless-tools
|
||||
@@ -11,8 +11,8 @@ cat << "ASCII"
|
||||
ASCII
|
||||
printf " %s (%s %s)\n" "$(uname -o)" "$(uname -r)" "$(uname -m)"
|
||||
printf " $(start-cli --version | sed 's/StartOS CLI /StartOS v/g') - $(start-cli git-info)"
|
||||
if [ -n "$(cat /usr/lib/embassy/ENVIRONMENT.txt)" ]; then
|
||||
printf " ~ $(cat /usr/lib/embassy/ENVIRONMENT.txt)\n"
|
||||
if [ -n "$(cat /usr/lib/startos/ENVIRONMENT.txt)" ]; then
|
||||
printf " ~ $(cat /usr/lib/startos/ENVIRONMENT.txt)\n"
|
||||
else
|
||||
printf "\n"
|
||||
fi
|
||||
|
||||
@@ -72,7 +72,7 @@ user_pref("messaging-system.rsexperimentloader.enabled", false);
|
||||
user_pref("network.allow-experiments", false);
|
||||
user_pref("network.captive-portal-service.enabled", false);
|
||||
user_pref("network.connectivity-service.enabled", false);
|
||||
user_pref("network.proxy.autoconfig_url", "file:///usr/lib/embassy/proxy.pac");
|
||||
user_pref("network.proxy.autoconfig_url", "file:///usr/lib/startos/proxy.pac");
|
||||
user_pref("network.proxy.socks_remote_dns", true);
|
||||
user_pref("network.proxy.type", 2);
|
||||
user_pref("signon.rememberSignons", false);
|
||||
@@ -91,11 +91,11 @@ EOT
|
||||
while ! curl "http://localhost" > /dev/null; do
|
||||
sleep 1
|
||||
done
|
||||
while ! /usr/lib/embassy/scripts/check-monitor; do
|
||||
while ! /usr/lib/startos/scripts/check-monitor; do
|
||||
sleep 15
|
||||
done
|
||||
(
|
||||
while /usr/lib/embassy/scripts/check-monitor; do
|
||||
while /usr/lib/startos/scripts/check-monitor; do
|
||||
sleep 15
|
||||
done
|
||||
killall firefox-esr
|
||||
|
||||
@@ -13,7 +13,7 @@ fi
|
||||
>&2 echo ' sudo rm /usr/local/bin/apt'
|
||||
>&2 echo
|
||||
>&2 echo 'Otherwise, what you probably want to do is run:'
|
||||
>&2 echo ' sudo /usr/lib/embassy/scripts/chroot-and-upgrade'
|
||||
>&2 echo ' sudo /usr/lib/startos/scripts/chroot-and-upgrade'
|
||||
>&2 echo 'You can run apt in this context to add packages to your system.'
|
||||
>&2 echo 'When you are done with your changes, type "exit" and the device will reboot into a system with the changes applied.'
|
||||
>&2 echo 'This is still NOT RECOMMENDED if you don'"'"'t know what you are doing, but at least isn'"'"'t guaranteed to break things.'
|
||||
|
||||
@@ -14,7 +14,7 @@ while [ -n "$1" ]; do
|
||||
done
|
||||
|
||||
if [ ${#TO_INSTALL[@]} -ne 0 ]; then
|
||||
/usr/lib/embassy/scripts/chroot-and-upgrade << EOF
|
||||
/usr/lib/startos/scripts/chroot-and-upgrade << EOF
|
||||
apt-get update && apt-get install -y ${TO_INSTALL[@]}
|
||||
EOF
|
||||
fi
|
||||
@@ -1,121 +0,0 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
SYSTEMCTL=systemctl
|
||||
if [ -n "$DPKG_MAINTSCRIPT_PACKAGE" ]; then
|
||||
SYSTEMCTL=deb-systemd-helper
|
||||
fi
|
||||
|
||||
if [ -f /usr/sbin/grub-probe ]; then
|
||||
mv /usr/sbin/grub-probe /usr/sbin/grub-probe-default
|
||||
ln -s /usr/lib/embassy/scripts/grub-probe-eos /usr/sbin/grub-probe
|
||||
fi
|
||||
|
||||
cp /usr/lib/embassy/scripts/embassy-initramfs-module /etc/initramfs-tools/scripts/embassy
|
||||
|
||||
if ! grep overlay /etc/initramfs-tools/modules > /dev/null; then
|
||||
echo overlay >> /etc/initramfs-tools/modules
|
||||
fi
|
||||
|
||||
update-initramfs -u -k all
|
||||
|
||||
if [ -f /etc/default/grub ]; then
|
||||
sed -i '/\(^\|#\)GRUB_CMDLINE_LINUX=/c\GRUB_CMDLINE_LINUX="boot=embassy"' /etc/default/grub
|
||||
fi
|
||||
|
||||
# change timezone
|
||||
rm -f /etc/localtime
|
||||
ln -s /usr/share/zoneinfo/Etc/UTC /etc/localtime
|
||||
|
||||
# switch to systemd-resolved & network-manager
|
||||
echo "#" > /etc/network/interfaces
|
||||
if ! [ -f /etc/resolv.conf ]; then
|
||||
rm -f /etc/resolv.conf
|
||||
echo "nameserver 8.8.8.8" > /etc/resolv.conf # Google DNS Fallback
|
||||
fi
|
||||
if ! [ -f /run/systemd/resolve/stub-resolv.conf ]; then
|
||||
mkdir -p /run/systemd/resolve
|
||||
cp /etc/resolv.conf /run/systemd/resolve/stub-resolv.conf
|
||||
fi
|
||||
ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
|
||||
cat << EOF > /etc/NetworkManager/NetworkManager.conf
|
||||
[main]
|
||||
plugins=ifupdown,keyfile
|
||||
dns=systemd-resolved
|
||||
|
||||
[ifupdown]
|
||||
managed=true
|
||||
EOF
|
||||
$SYSTEMCTL enable systemd-resolved.service
|
||||
$SYSTEMCTL enable systemd-networkd-wait-online.service
|
||||
$SYSTEMCTL enable ssh.service
|
||||
$SYSTEMCTL disable wpa_supplicant.service
|
||||
|
||||
$SYSTEMCTL disable docker.service
|
||||
$SYSTEMCTL disable postgresql.service
|
||||
$SYSTEMCTL disable tor.service
|
||||
$SYSTEMCTL disable bluetooth.service
|
||||
$SYSTEMCTL disable hciuart.service
|
||||
$SYSTEMCTL disable triggerhappy.service
|
||||
|
||||
$SYSTEMCTL mask sleep.target
|
||||
$SYSTEMCTL mask suspend.target
|
||||
$SYSTEMCTL mask hibernate.target
|
||||
$SYSTEMCTL mask hybrid-sleep.target
|
||||
|
||||
if which gsettings > /dev/null; then
|
||||
gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-timeout '0'
|
||||
gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-battery-timeout '0'
|
||||
fi
|
||||
|
||||
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
|
||||
sed -i 's/Restart=on-failure/Restart=always/g' /lib/systemd/system/tor@default.service
|
||||
sed -i 's/ExecStart=\/usr\/bin\/dockerd/ExecStart=\/usr\/bin\/dockerd --exec-opt native.cgroupdriver=systemd/g' /lib/systemd/system/docker.service
|
||||
sed -i '/\(^\|#\)entries-per-entry-group-max=/c\entries-per-entry-group-max=128' /etc/avahi/avahi-daemon.conf
|
||||
sed -i '/\(^\|#\)Storage=/c\Storage=persistent' /etc/systemd/journald.conf
|
||||
sed -i '/\(^\|#\)Compress=/c\Compress=yes' /etc/systemd/journald.conf
|
||||
sed -i '/\(^\|#\)SystemMaxUse=/c\SystemMaxUse=1G' /etc/systemd/journald.conf
|
||||
sed -i '/\(^\|#\)ForwardToSyslog=/c\ForwardToSyslog=no' /etc/systemd/journald.conf
|
||||
sed -i '/^\s*#\?\s*issue_discards\s*=\s*/c\issue_discards = 1' /etc/lvm/lvm.conf
|
||||
mkdir -p /etc/docker
|
||||
cat > /etc/docker/daemon.json << EOF
|
||||
{
|
||||
"storage-driver": "overlay2"
|
||||
}
|
||||
EOF
|
||||
podman network create -d bridge --subnet 172.18.0.1/24 --opt com.docker.network.bridge.name=br-start9 start9
|
||||
mkdir -p /etc/nginx/ssl
|
||||
|
||||
# fix to suppress docker warning, fixed in 21.xx release of docker cli: https://github.com/docker/cli/pull/2934
|
||||
mkdir -p /root/.docker
|
||||
touch /root/.docker/config.json
|
||||
|
||||
cat << EOF > /etc/tor/torrc
|
||||
SocksPort 0.0.0.0:9050
|
||||
SocksPolicy accept 127.0.0.1
|
||||
SocksPolicy accept 172.18.0.0/16
|
||||
SocksPolicy reject *
|
||||
ControlPort 9051
|
||||
CookieAuthentication 1
|
||||
EOF
|
||||
|
||||
rm -rf /var/lib/tor/*
|
||||
ln -sf /usr/lib/embassy/scripts/tor-check.sh /usr/bin/tor-check
|
||||
|
||||
echo "fs.inotify.max_user_watches=1048576" > /etc/sysctl.d/97-embassy.conf
|
||||
|
||||
# Old pi was set with this locale, because of pg we are now stuck with including that locale
|
||||
locale-gen en_GB en_GB.UTF-8
|
||||
echo "locales locales/locales_to_be_generated multiselect en_GB.UTF-8 UTF-8" | debconf-set-selections
|
||||
update-locale LANGUAGE
|
||||
rm "/etc/locale.gen"
|
||||
dpkg-reconfigure --frontend noninteractive locales
|
||||
|
||||
groupadd embassy
|
||||
|
||||
ln -s /usr/lib/embassy/scripts/dhclient-exit-hook /etc/dhcp/dhclient-exit-hooks.d/embassy
|
||||
|
||||
rm -f /etc/motd
|
||||
ln -sf /usr/lib/embassy/motd /etc/update-motd.d/00-embassy
|
||||
chmod -x /etc/update-motd.d/*
|
||||
chmod +x /etc/update-motd.d/00-embassy
|
||||
Reference in New Issue
Block a user