checking in... working on ipxe still
This commit is contained in:
parent
dcceafc979
commit
7381cc3d39
8
.gitignore
vendored
8
.gitignore
vendored
@ -31,11 +31,11 @@
|
|||||||
# You should really generate local copies of these, as they're pretty private.
|
# You should really generate local copies of these, as they're pretty private.
|
||||||
extra/pre-build.d/etc/openvpn/client.conf
|
extra/pre-build.d/etc/openvpn/client.conf
|
||||||
overlay/etc/ssh/*
|
overlay/etc/ssh/*
|
||||||
overlay/home/bdisk
|
overlay/home/*
|
||||||
overlay/etc/systemd/system/multi-user.target.wants/openvpn@client.service
|
overlay/etc/systemd/system/multi-user.target.wants/openvpn@client.service
|
||||||
src/ipxe_local/ssl/keys
|
ssl/
|
||||||
src/ipxe_local/ssl/crts
|
!ssl/.keepme
|
||||||
src/ipxe_local/ssl/txt
|
!ssl/openssl.cnf
|
||||||
|
|
||||||
# and we DEFINITELY don't need these.
|
# and we DEFINITELY don't need these.
|
||||||
__pycache__/
|
__pycache__/
|
||||||
|
@ -1,9 +1,13 @@
|
|||||||
import os
|
import os
|
||||||
import shutil
|
import shutil
|
||||||
import jinja2
|
import jinja2
|
||||||
import gitpython
|
import git
|
||||||
|
import patch
|
||||||
|
|
||||||
|
|
||||||
|
def sslIPXE():
|
||||||
|
pass
|
||||||
|
|
||||||
def buildIPXE(conf):
|
def buildIPXE(conf):
|
||||||
build = conf['build']
|
build = conf['build']
|
||||||
bdisk = conf['bdisk']
|
bdisk = conf['bdisk']
|
||||||
@ -13,5 +17,27 @@ def buildIPXE(conf):
|
|||||||
patches_dir = ipxe_tpl + '/patches'
|
patches_dir = ipxe_tpl + '/patches'
|
||||||
srcdir = build['srcdir']
|
srcdir = build['srcdir']
|
||||||
ipxe_src = srcdir + '/ipxe'
|
ipxe_src = srcdir + '/ipxe'
|
||||||
ipxe_git_uri =
|
ipxe_git_uri = 'git://git.ipxe.org/ipxe.git'
|
||||||
|
patches_git_uri = 'https://github.com/eworm-de/ipxe.git'
|
||||||
|
print('Now building iPXE in {0}. Please wait...'.format(ipxe_src))
|
||||||
|
# Get the source and apply some cherrypicks
|
||||||
|
if os.path.isdir(ipxe_src):
|
||||||
|
shutil.rmtree(ipxe_src)
|
||||||
|
ipxe_repo = git.Repo.clone_from(ipxe_git_uri, ipxe_src)
|
||||||
|
patches = ipxe_repo.create_remote('eworm', patches_git_uri)
|
||||||
|
patches.fetch()
|
||||||
|
eiso_commit = '189652b03032305a2db860e76fb58e81e3420c4d'
|
||||||
|
nopie_commit = '58557055e51b2587ad3843af58075de916e5399b'
|
||||||
|
# patch files
|
||||||
|
#cwd = os.getcwd()
|
||||||
|
#os.chdir(ipxe_src + '/src')
|
||||||
|
for p in ('01.git-version.patch.j2', '02.banner.patch.j2'):
|
||||||
|
try:
|
||||||
|
patch = fromfile(p)
|
||||||
|
patch.apply(strip = 2, root = ipxe_src + '/src')
|
||||||
|
except:
|
||||||
pass
|
pass
|
||||||
|
#os.chdir(cwd)
|
||||||
|
# Patch using the files before applying the cherrypicks
|
||||||
|
ipxe_repo.git.cherry_pick('-n', eiso_commit)
|
||||||
|
ipxe_repo.git.cherry_pick('-n', nopie_commit)
|
||||||
|
@ -57,6 +57,11 @@ dev = r00t^2
|
|||||||
; 2.) ASCII *only*
|
; 2.) ASCII *only*
|
||||||
desc = j00 got 0wnz0r3d lulz.
|
desc = j00 got 0wnz0r3d lulz.
|
||||||
|
|
||||||
|
; What is your livedistro's URL?
|
||||||
|
; 0.) Should be a valid URI understood by minimal versions
|
||||||
|
; of curl.
|
||||||
|
uri = https://bdisk.square-r00t.net
|
||||||
|
|
||||||
; Should the root user have a password? IF THIS IS NOT SET,
|
; Should the root user have a password? IF THIS IS NOT SET,
|
||||||
; PASSWORD LOGIN WILL BE DISABLED!
|
; PASSWORD LOGIN WILL BE DISABLED!
|
||||||
; If you wish to have a blank password, use the string:
|
; If you wish to have a blank password, use the string:
|
||||||
@ -363,16 +368,21 @@ group = root
|
|||||||
; yes|no
|
; yes|no
|
||||||
; true|false
|
; true|false
|
||||||
; 1|0
|
; 1|0
|
||||||
|
; 1.) Requires actual git to be installed.
|
||||||
; If it is undefined, it is assumed to be no.
|
; If it is undefined, it is assumed to be no.
|
||||||
iso = yes
|
iso = yes
|
||||||
|
|
||||||
; Build a "mini-USB" image? Same concept as the ISO file but
|
; Build a "mini-USB" image? Same concept as the ISO file but
|
||||||
; this can be dd'd onto a USB thumbdrive for the same effect.
|
; this can be dd'd onto a USB thumbdrive for the same effect.
|
||||||
|
; 0.) Only accepts (case-insensitive):
|
||||||
|
; yes|no
|
||||||
|
; true|false
|
||||||
|
; 1|0
|
||||||
|
; 1.) Requires actual git to be installed.
|
||||||
|
; If it is undefined, it is assumed to be no.
|
||||||
usb = yes
|
usb = yes
|
||||||
|
|
||||||
; What URI should iPXE's EMBED script use? DO NOT USE A
|
; What URI should iPXE's EMBED script use?
|
||||||
; ',' (comma); instead, replace it with:
|
|
||||||
; %%COMMA%%
|
|
||||||
; If you require HTTP BASIC Authentication or HTTP Digest
|
; If you require HTTP BASIC Authentication or HTTP Digest
|
||||||
; Authentication (untested), you can format it via:
|
; Authentication (untested), you can format it via:
|
||||||
;
|
;
|
||||||
|
@ -130,6 +130,7 @@ iperf
|
|||||||
iperf3
|
iperf3
|
||||||
ipsec-tools
|
ipsec-tools
|
||||||
iptraf-ng
|
iptraf-ng
|
||||||
|
ipython
|
||||||
irssi
|
irssi
|
||||||
iso-codes
|
iso-codes
|
||||||
isomaster
|
isomaster
|
||||||
|
10
extra/templates/iPXE/patches/00-general.sed
Normal file
10
extra/templates/iPXE/patches/00-general.sed
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
## Enable IPv6 support
|
||||||
|
s/^#undef([[:space:]]*NET_PROTO_IPV6)/#define\1/g
|
||||||
|
## Enable HTTPS
|
||||||
|
s/^#undef([[:space:]]*DOWNLOAD_PROTO_HTTPS)/#define\1/g
|
||||||
|
s@^//(#define[[:space:]]*IMAGE_TRUST_CMD@\1@g
|
||||||
|
## Enable FTP
|
||||||
|
s/^#undef([[:space:]]*DOWNLOAD_PROTO_FTP)/#define\1/g
|
||||||
|
## Currently broken for EFI building
|
||||||
|
#s@^//(#define[[:space:]]*CONSOLE_CMD)@\1@g
|
||||||
|
#s@^//(#define[[:space:]]*IMAGE_PNG@\1@g
|
2
extra/templates/iPXE/patches/01-console.sed
Normal file
2
extra/templates/iPXE/patches/01-console.sed
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
## Currently broken on EFI systems
|
||||||
|
#s@^//(#define[[:space:]]*CONSOLE_VESAFB)@\1@g
|
32
extra/templates/iPXE/patches/01.git-version.patch.j2
Normal file
32
extra/templates/iPXE/patches/01.git-version.patch.j2
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
{# we can probably honestly not include this. regardless, it's handy. #}From 4c139ece028b5dd6c4e5f46ce2bf8134c390de90 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Christian Hesse <mail@eworm.de>
|
||||||
|
Date: Thu, 12 Feb 2015 08:59:37 +0100
|
||||||
|
Subject: [PATCH] git version
|
||||||
|
|
||||||
|
Signed-off-by: Christian Hesse <mail@eworm.de>
|
||||||
|
---
|
||||||
|
src/Makefile | 7 ++++---
|
||||||
|
1 file changed, 4 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/Makefile b/src/Makefile
|
||||||
|
index cf9cfd2..38ebb3d 100644
|
||||||
|
--- a/src/Makefile
|
||||||
|
+++ b/src/Makefile
|
||||||
|
@@ -194,10 +194,11 @@ VERSION_MINOR = 0
|
||||||
|
VERSION_PATCH = 0
|
||||||
|
EXTRAVERSION = +
|
||||||
|
MM_VERSION = $(VERSION_MAJOR).$(VERSION_MINOR)
|
||||||
|
-VERSION = $(MM_VERSION).$(VERSION_PATCH)$(EXTRAVERSION)
|
||||||
|
ifneq ($(wildcard ../.git),)
|
||||||
|
-GITVERSION := $(shell git describe --always --abbrev=1 --match "" 2>/dev/null)
|
||||||
|
-VERSION += ($(GITVERSION))
|
||||||
|
+GITVERSION := $(shell git describe --tags --long 2>/dev/null)
|
||||||
|
+VERSION = $(GITVERSION)
|
||||||
|
+else
|
||||||
|
+VERSION = $(MM_VERSION).$(VERSION_PATCH)$(EXTRAVERSION)
|
||||||
|
endif
|
||||||
|
version :
|
||||||
|
@$(ECHO) "$(VERSION)"
|
||||||
|
--
|
||||||
|
2.3.0
|
||||||
|
|
41
extra/templates/iPXE/patches/02.banner.patch.j2
Normal file
41
extra/templates/iPXE/patches/02.banner.patch.j2
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
From 4ec31ece6757e19be455faa383886562b8793db9 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Christian Hesse <mail@eworm.de>
|
||||||
|
Date: Thu, 12 Feb 2015 09:06:41 +0100
|
||||||
|
Subject: [PATCH] banner
|
||||||
|
|
||||||
|
Signed-off-by: Christian Hesse <mail@eworm.de>
|
||||||
|
---
|
||||||
|
src/usr/autoboot.c | 9 +++++++--
|
||||||
|
1 file changed, 7 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/usr/autoboot.c b/src/usr/autoboot.c
|
||||||
|
index 4bcb64d..74b5b77 100644
|
||||||
|
--- a/src/usr/autoboot.c
|
||||||
|
+++ b/src/usr/autoboot.c
|
||||||
|
@@ -67,6 +67,7 @@ static int ( * is_autoboot_device ) ( struct net_device *netdev );
|
||||||
|
#define NORMAL "\033[0m"
|
||||||
|
#define BOLD "\033[1m"
|
||||||
|
#define CYAN "\033[36m"
|
||||||
|
+#define BLUE "\033[34m"
|
||||||
|
|
||||||
|
/** The "scriptlet" setting */
|
||||||
|
const struct setting scriptlet_setting __setting ( SETTING_MISC, scriptlet ) = {
|
||||||
|
@@ -551,9 +552,13 @@ void ipxe ( struct net_device *netdev ) {
|
||||||
|
* do so.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
- printf ( NORMAL "\n\n" PRODUCT_NAME "\n" BOLD PRODUCT_SHORT_NAME " %s"
|
||||||
|
+ printf ( NORMAL "\n\n" PRODUCT_NAME "\n" BOLD PRODUCT_SHORT_NAME
|
||||||
|
NORMAL " -- " PRODUCT_TAG_LINE " -- "
|
||||||
|
- CYAN PRODUCT_URI NORMAL "\nFeatures:", product_version );
|
||||||
|
+ CYAN PRODUCT_URI NORMAL "\n"
|
||||||
|
+ BOLD "{{ bdisk['pname'] }}" BLUE "LiveDistro" NORMAL " -- {{ bdisk['desc'] }} -- "
|
||||||
|
+ BOLD BLUE "{{ bdisk['uri'] }}" NORMAL "\n"
|
||||||
|
+ "Version %s compiled on " __DATE__ ", " __TIME__ "\n"
|
||||||
|
+ "Features:", product_version );
|
||||||
|
for_each_table_entry ( feature, FEATURES )
|
||||||
|
printf ( " %s", feature->name );
|
||||||
|
printf ( "\n" );
|
||||||
|
--
|
||||||
|
2.3.0
|
||||||
|
|
33
extra/templates/iPXE/ssl/openssl.cnf
Normal file
33
extra/templates/iPXE/ssl/openssl.cnf
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
[ ca ]
|
||||||
|
default_ca = ca_default
|
||||||
|
|
||||||
|
[ ca_default ]
|
||||||
|
certificate = crts/ca.crt
|
||||||
|
private_key = keys/ca.key
|
||||||
|
serial = txt/ca.srl
|
||||||
|
database = txt/ca.idx
|
||||||
|
#new_certs_dir = signed
|
||||||
|
new_certs_dir = crts
|
||||||
|
#default_md = default
|
||||||
|
default_md = sha512
|
||||||
|
policy = policy_anything
|
||||||
|
preserve = yes
|
||||||
|
default_days = 90
|
||||||
|
unique_subject = no
|
||||||
|
|
||||||
|
[ policy_anything ]
|
||||||
|
countryName = optional
|
||||||
|
stateOrProvinceName = optional
|
||||||
|
localityName = optional
|
||||||
|
organizationName = optional
|
||||||
|
organizationalUnitName = optional
|
||||||
|
commonName = optional
|
||||||
|
emailAddress = optional
|
||||||
|
|
||||||
|
[ cross ]
|
||||||
|
basicConstraints = critical,CA:true
|
||||||
|
keyUsage = critical,cRLSign,keyCertSign
|
||||||
|
|
||||||
|
[ codesigning ]
|
||||||
|
keyUsage = digitalSignature
|
||||||
|
extendedKeyUsage = codeSigning
|
Loading…
Reference in New Issue
Block a user