~sircmpwn/builds.sr.ht

builds.sr.ht/images/netbsd/genimg -rwxr-xr-x 3.2 KiB View raw
4a7a4327Drew DeVault Use joinedload on jobs page 3 days ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
#!/bin/sh -eux
echo "$netbsd_dist" >/dev/null # fail on -u if release unset
echo "$pkgsrc_dist" >/dev/null # fail on -u if release unset
arch="${1:-amd64}"

cleanup() {
	sync || true
	umount -R /mnt/dev/pts || true
	umount -R /mnt/dev || true
	umount -R /mnt/kern || true
	umount -R /mnt/proc || true
	umount -R /mnt/tmp || true
	umount /mnt || true
	vndconfig -u vnd0 || true
}

mkdir -p workdir
trap cleanup EXIT

mkdir -p "$arch"
# This is really noisy/breaks terminals, hence redirecting to /dev/null
# TODO: consider just downloading the sets & configuring the bootloader
# manually
anita \
	--workdir=workdir \
	--sets=kern-GENERIC,base,etc,comp,xbase,xcomp \
	--disk-size=8G \
	--persist \
	--structured-log \
	install "$netbsd_dist" >/dev/null

vndconfig -c vnd0 workdir/wd0.img

mount /dev/vnd0a /mnt
mount -t null /dev /mnt/dev
mount -t null /dev/pts /mnt/dev/pts
mount -t null /kern /mnt/kern
mount -t null /proc /mnt/proc
mount -t null /tmp /mnt/tmp

run_root() {
	chroot /mnt /usr/bin/env \
		PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/pkg/bin:/usr/pkg/sbin \
		/bin/sh -c "$*"
}

sed -e 's/timeout=5/timeout=0/g' -i /mnt/boot.cfg

run_root useradd -mG wheel build
sed -e 's;build.*;build::1000:100::0:0:,,,:/home/build:/bin/sh;g' \
	-i /mnt/etc/master.passwd

echo "nameserver 1.1.1.1" >/mnt/etc/resolv.conf
cat <<EOF >/mnt/etc/ifconfig.vioif0
up
10.0.2.15 netmask 255.255.255.0
EOF
echo 
cat <<EOF >>/mnt/etc/rc.conf
hostname=build
defaultroute="10.0.2.2"
resize_root=YES
EOF

cat <<EOF >/mnt/etc/fstab
/dev/ld0a		/	ffs	rw		 1 1
/dev/ld0b		none	swap	sw,dp		 0 0
kernfs		/kern	kernfs	rw
ptyfs		/dev/pts	ptyfs	rw
procfs		/proc	procfs	rw
/dev/cd0a		/cdrom	cd9660	ro,noauto
tmpfs		/var/shm	tmpfs	rw,-m1777,-sram%25
EOF

sed -e 's/#PermitEmptyPasswords no/PermitEmptyPasswords yes/' \
	-i /mnt/etc/ssh/sshd_config
sed -e 's/UsePam yes/UsePam no/' \
	-i /mnt/etc/ssh/sshd_config

sed -e 's/sshd=NO/sshd=YES/g' -i /mnt/etc/defaults/rc.conf

if ! [ -e pkgsrc.tar.gz ]
then
	ftp "$pkgsrc_dist"
fi

tar -xzf pkgsrc.tar.gz -C /mnt/usr
pkgsrc_build() {
	pkg="$1"
	run_root "cd /usr/pkgsrc/$pkg && make"
	run_root "cd /usr/pkgsrc/$pkg && make install"
	run_root "cd /usr/pkgsrc/$pkg && make clean clean-depends"
}

# pkgin is not supported for NetBSD-current
if [ -n "${pkgin_dist:-}" ]
then
	pkgsrc_build pkgtools/pkgin
	echo "$pkgin_dist" >/mnt/usr/pkg/etc/pkgin/repositories.conf
	run_root pkgin update
	# TODO: Remove bash
	run_root pkgin -y install sudo gnupg git-base mercurial \
		moreutils mozilla-rootcerts bash
else
	# TODO: Remove bash
	for pkg in security/sudo security/gnupg devel/git-base misc/moreutils \
		security/mozilla-rootcerts shells/bash devel/mercurial
	do
		pkgsrc_build "$pkg"
	done
fi
run_root chown -R build /usr/pkgsrc/
run_root /usr/pkg/sbin/mozilla-rootcerts install

cat <<"EOF" >/mnt/home/build/.profile
PATH=$HOME/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R7/bin:/usr/pkg/bin
PATH=${PATH}:/usr/pkg/sbin:/usr/games:/usr/local/bin:/usr/local/sbin
export PATH
export ENV=$HOME/.env
EOF

printf '%s\n' "%wheel ALL=(ALL) NOPASSWD: ALL" >> /mnt/usr/pkg/etc/sudoers

rm /mnt/etc/motd
touch /mnt/firstboot

cleanup
trap : EXIT

qemu-img convert -f raw -O qcow2 workdir/wd0.img "$arch"/root.img.qcow2
qemu-img resize "$arch"/root.img.qcow2 16G
rm workdir/wd0.img