peach-img-builder/raspi_base.yayml

158 lines
5.0 KiB
Plaintext

# NOTE: this is a special yaml which is just used for making an image for testing the peach-config testing script
# the point is to make an image that is all ready to go, except for running peach-config
# to allow for quick testing
steps:
- mkimg: "{{ output }}"
size: 2000M
- mklabel: msdos
device: "{{ output }}"
- mkpart: primary
fs-type: 'fat32'
device: "{{ output }}"
start: 0%
end: 20%
tag: /boot
- mkpart: primary
device: "{{ output }}"
start: 20%
end: 100%
tag: /
- kpartx: "{{ output }}"
- mkfs: vfat
partition: /boot
label: RASPIFIRM
- mkfs: ext4
partition: /
label: RASPIROOT
- mount: /
- mount: /boot
mount-on: /
dirname: '/boot/firmware'
- unpack-rootfs: /
- qemu-debootstrap: buster
mirror: http://deb.debian.org/debian
target: /
arch: arm64
components:
- main
- contrib
- non-free
unless: rootfs_unpacked
- create-file: /etc/apt/sources.list
trailing-newline: '1'
contents: |
deb http://deb.debian.org/debian buster main contrib non-free
deb http://deb.debian.org/debian-security buster/updates main contrib non-free
# Backports are _not_ enabled by default.
# Enable them by uncommenting the following line:
# deb http://deb.debian.org/debian buster-backports main contrib non-free
unless: rootfs_unpacked
- chroot: /
shell: |
apt-get update
unless: rootfs_unpacked
- apt: install
packages:
- ssh
- parted
- dosfstools
- wireless-tools
- wpasupplicant
- raspi3-firmware
- linux-image-arm64
- firmware-brcm80211
tag: /
unless: rootfs_unpacked
- cache-rootfs: /
unless: rootfs_unpacked
- shell: |
echo "rpi3-$(date +%Y%m%d)" > "${ROOT?}/etc/hostname"
# Allow root logins locally with no password
sed -i 's,root:[^:]*:,root::,' "${ROOT?}/etc/shadow"
install -m 644 -o root -g root rootfs/etc/fstab "${ROOT?}/etc/fstab"
#not needed for peach
install -m 644 -o root -g root rootfs/etc/network/interfaces.d/eth0 "${ROOT?}/etc/network/interfaces.d/eth0"
#install -m 600 -o root -g root rootfs/etc/network/interfaces.d/wlan0 "${ROOT?}/etc/network/interfaces.d/wlan0"
install -m 755 -o root -g root rootfs/usr/local/sbin/rpi-set-sysconf "${ROOT?}/usr/local/sbin/rpi-set-sysconf"
install -m 644 -o root -g root rootfs/etc/systemd/system/rpi-set-sysconf.service "${ROOT?}/etc/systemd/system/"
install -m 644 -o root -g root rootfs/boot/firmware/sysconf.txt "${ROOT?}/boot/firmware/sysconf.txt"
mkdir -p "${ROOT?}/etc/systemd/system/basic.target.requires/"
ln -s /etc/systemd/system/rpi-set-sysconf.service "${ROOT?}/etc/systemd/system/basic.target.requires/rpi-set-sysconf.service"
install -m 755 -o root -g root rootfs/usr/sbin/rpi-resizerootfs "${ROOT?}/usr/sbin/rpi-resizerootfs"
install -m 644 -o root -g root rootfs/etc/systemd/system/rpi-resizerootfs.service "${ROOT?}/etc/systemd/system/"
mkdir -p "${ROOT?}/etc/systemd/system/systemd-remount-fs.service.requires/"
ln -s /etc/systemd/system/rpi-resizerootfs.service "${ROOT?}/etc/systemd/system/systemd-remount-fs.service.requires/rpi-resizerootfs.service"
install -m 644 -o root -g root rootfs/etc/systemd/system/rpi-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/"
mkdir -p "${ROOT?}/etc/systemd/system/multi-user.target.requires/"
ln -s /etc/systemd/system/rpi-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/multi-user.target.requires/rpi-generate-ssh-host-keys.service"
rm -f "${ROOT?}"/etc/ssh/ssh_host_*_key*
root-fs: /
# Copy the relevant device tree files to the boot partition
- chroot: /
shell: |
install -m 644 -o root -g root /usr/lib/linux-image-*-arm64/broadcom/bcm*rpi*.dtb /boot/firmware/
# Clean up archive cache (likely not useful) and lists (likely outdated) to
# reduce image size by several hundred megabytes.
- chroot: /
shell: |
apt-get clean
rm -rf /var/lib/apt/lists
# Modify the kernel commandline we take from the firmware to boot from
# the partition labeled raspiroot instead of forcing it to mmcblk0p2
- chroot: /
shell: |
ls -aR /boot
sed -i 's/.dev.mmcblk0p2/LABEL=RASPIROOT/' /boot/firmware/cmdline.txt
# BEGINNING OF PEACH CONFIG
- shell: |
echo "This debian/peach base image was configured as a basic image for testing peach-config on $(date +%Y%m%d) with peach-img-builder version 0.1.0" > "${ROOT?}/srv/peach-img-provenance.log"
root-fs: /
- apt: install
packages:
- git
- python3
- python3-pip
- wget
- gnupg2
- sudo
tag: /
- chroot: /
shell: |
/usr/sbin/useradd -m -p $(echo pc | openssl passwd -1 -stdin) -g sudo -s /bin/bash peachtest
# END OF PEACH CONFIG
# TODO(https://github.com/larswirzenius/vmdb2/issues/24): remove once vmdb
# clears /etc/resolv.conf on its own.
- shell: |
rm "${ROOT?}/etc/resolv.conf"
root-fs: /