checking in... working on ipxe still
This commit is contained in:
parent
dcceafc979
commit
7381cc3d39
8
.gitignore
vendored
8
.gitignore
vendored
@ -31,11 +31,11 @@
|
||||
# You should really generate local copies of these, as they're pretty private.
|
||||
extra/pre-build.d/etc/openvpn/client.conf
|
||||
overlay/etc/ssh/*
|
||||
overlay/home/bdisk
|
||||
overlay/home/*
|
||||
overlay/etc/systemd/system/multi-user.target.wants/openvpn@client.service
|
||||
src/ipxe_local/ssl/keys
|
||||
src/ipxe_local/ssl/crts
|
||||
src/ipxe_local/ssl/txt
|
||||
ssl/
|
||||
!ssl/.keepme
|
||||
!ssl/openssl.cnf
|
||||
|
||||
# and we DEFINITELY don't need these.
|
||||
__pycache__/
|
||||
|
@ -1,9 +1,13 @@
|
||||
import os
|
||||
import shutil
|
||||
import jinja2
|
||||
import gitpython
|
||||
import git
|
||||
import patch
|
||||
|
||||
|
||||
def sslIPXE():
|
||||
pass
|
||||
|
||||
def buildIPXE(conf):
|
||||
build = conf['build']
|
||||
bdisk = conf['bdisk']
|
||||
@ -13,5 +17,27 @@ def buildIPXE(conf):
|
||||
patches_dir = ipxe_tpl + '/patches'
|
||||
srcdir = build['srcdir']
|
||||
ipxe_src = srcdir + '/ipxe'
|
||||
ipxe_git_uri =
|
||||
pass
|
||||
ipxe_git_uri = 'git://git.ipxe.org/ipxe.git'
|
||||
patches_git_uri = 'https://github.com/eworm-de/ipxe.git'
|
||||
print('Now building iPXE in {0}. Please wait...'.format(ipxe_src))
|
||||
# Get the source and apply some cherrypicks
|
||||
if os.path.isdir(ipxe_src):
|
||||
shutil.rmtree(ipxe_src)
|
||||
ipxe_repo = git.Repo.clone_from(ipxe_git_uri, ipxe_src)
|
||||
patches = ipxe_repo.create_remote('eworm', patches_git_uri)
|
||||
patches.fetch()
|
||||
eiso_commit = '189652b03032305a2db860e76fb58e81e3420c4d'
|
||||
nopie_commit = '58557055e51b2587ad3843af58075de916e5399b'
|
||||
# patch files
|
||||
#cwd = os.getcwd()
|
||||
#os.chdir(ipxe_src + '/src')
|
||||
for p in ('01.git-version.patch.j2', '02.banner.patch.j2'):
|
||||
try:
|
||||
patch = fromfile(p)
|
||||
patch.apply(strip = 2, root = ipxe_src + '/src')
|
||||
except:
|
||||
pass
|
||||
#os.chdir(cwd)
|
||||
# Patch using the files before applying the cherrypicks
|
||||
ipxe_repo.git.cherry_pick('-n', eiso_commit)
|
||||
ipxe_repo.git.cherry_pick('-n', nopie_commit)
|
||||
|
@ -57,6 +57,11 @@ dev = r00t^2
|
||||
; 2.) ASCII *only*
|
||||
desc = j00 got 0wnz0r3d lulz.
|
||||
|
||||
; What is your livedistro's URL?
|
||||
; 0.) Should be a valid URI understood by minimal versions
|
||||
; of curl.
|
||||
uri = https://bdisk.square-r00t.net
|
||||
|
||||
; Should the root user have a password? IF THIS IS NOT SET,
|
||||
; PASSWORD LOGIN WILL BE DISABLED!
|
||||
; If you wish to have a blank password, use the string:
|
||||
@ -363,16 +368,21 @@ group = root
|
||||
; yes|no
|
||||
; true|false
|
||||
; 1|0
|
||||
; 1.) Requires actual git to be installed.
|
||||
; If it is undefined, it is assumed to be no.
|
||||
iso = yes
|
||||
|
||||
; Build a "mini-USB" image? Same concept as the ISO file but
|
||||
; this can be dd'd onto a USB thumbdrive for the same effect.
|
||||
; 0.) Only accepts (case-insensitive):
|
||||
; yes|no
|
||||
; true|false
|
||||
; 1|0
|
||||
; 1.) Requires actual git to be installed.
|
||||
; If it is undefined, it is assumed to be no.
|
||||
usb = yes
|
||||
|
||||
; What URI should iPXE's EMBED script use? DO NOT USE A
|
||||
; ',' (comma); instead, replace it with:
|
||||
; %%COMMA%%
|
||||
; What URI should iPXE's EMBED script use?
|
||||
; If you require HTTP BASIC Authentication or HTTP Digest
|
||||
; Authentication (untested), you can format it via:
|
||||
;
|
||||
|
@ -130,6 +130,7 @@ iperf
|
||||
iperf3
|
||||
ipsec-tools
|
||||
iptraf-ng
|
||||
ipython
|
||||
irssi
|
||||
iso-codes
|
||||
isomaster
|
||||
|
10
extra/templates/iPXE/patches/00-general.sed
Normal file
10
extra/templates/iPXE/patches/00-general.sed
Normal file
@ -0,0 +1,10 @@
|
||||
## Enable IPv6 support
|
||||
s/^#undef([[:space:]]*NET_PROTO_IPV6)/#define\1/g
|
||||
## Enable HTTPS
|
||||
s/^#undef([[:space:]]*DOWNLOAD_PROTO_HTTPS)/#define\1/g
|
||||
s@^//(#define[[:space:]]*IMAGE_TRUST_CMD@\1@g
|
||||
## Enable FTP
|
||||
s/^#undef([[:space:]]*DOWNLOAD_PROTO_FTP)/#define\1/g
|
||||
## Currently broken for EFI building
|
||||
#s@^//(#define[[:space:]]*CONSOLE_CMD)@\1@g
|
||||
#s@^//(#define[[:space:]]*IMAGE_PNG@\1@g
|
2
extra/templates/iPXE/patches/01-console.sed
Normal file
2
extra/templates/iPXE/patches/01-console.sed
Normal file
@ -0,0 +1,2 @@
|
||||
## Currently broken on EFI systems
|
||||
#s@^//(#define[[:space:]]*CONSOLE_VESAFB)@\1@g
|
32
extra/templates/iPXE/patches/01.git-version.patch.j2
Normal file
32
extra/templates/iPXE/patches/01.git-version.patch.j2
Normal file
@ -0,0 +1,32 @@
|
||||
{# we can probably honestly not include this. regardless, it's handy. #}From 4c139ece028b5dd6c4e5f46ce2bf8134c390de90 Mon Sep 17 00:00:00 2001
|
||||
From: Christian Hesse <mail@eworm.de>
|
||||
Date: Thu, 12 Feb 2015 08:59:37 +0100
|
||||
Subject: [PATCH] git version
|
||||
|
||||
Signed-off-by: Christian Hesse <mail@eworm.de>
|
||||
---
|
||||
src/Makefile | 7 ++++---
|
||||
1 file changed, 4 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/Makefile b/src/Makefile
|
||||
index cf9cfd2..38ebb3d 100644
|
||||
--- a/src/Makefile
|
||||
+++ b/src/Makefile
|
||||
@@ -194,10 +194,11 @@ VERSION_MINOR = 0
|
||||
VERSION_PATCH = 0
|
||||
EXTRAVERSION = +
|
||||
MM_VERSION = $(VERSION_MAJOR).$(VERSION_MINOR)
|
||||
-VERSION = $(MM_VERSION).$(VERSION_PATCH)$(EXTRAVERSION)
|
||||
ifneq ($(wildcard ../.git),)
|
||||
-GITVERSION := $(shell git describe --always --abbrev=1 --match "" 2>/dev/null)
|
||||
-VERSION += ($(GITVERSION))
|
||||
+GITVERSION := $(shell git describe --tags --long 2>/dev/null)
|
||||
+VERSION = $(GITVERSION)
|
||||
+else
|
||||
+VERSION = $(MM_VERSION).$(VERSION_PATCH)$(EXTRAVERSION)
|
||||
endif
|
||||
version :
|
||||
@$(ECHO) "$(VERSION)"
|
||||
--
|
||||
2.3.0
|
||||
|
41
extra/templates/iPXE/patches/02.banner.patch.j2
Normal file
41
extra/templates/iPXE/patches/02.banner.patch.j2
Normal file
@ -0,0 +1,41 @@
|
||||
From 4ec31ece6757e19be455faa383886562b8793db9 Mon Sep 17 00:00:00 2001
|
||||
From: Christian Hesse <mail@eworm.de>
|
||||
Date: Thu, 12 Feb 2015 09:06:41 +0100
|
||||
Subject: [PATCH] banner
|
||||
|
||||
Signed-off-by: Christian Hesse <mail@eworm.de>
|
||||
---
|
||||
src/usr/autoboot.c | 9 +++++++--
|
||||
1 file changed, 7 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/usr/autoboot.c b/src/usr/autoboot.c
|
||||
index 4bcb64d..74b5b77 100644
|
||||
--- a/src/usr/autoboot.c
|
||||
+++ b/src/usr/autoboot.c
|
||||
@@ -67,6 +67,7 @@ static int ( * is_autoboot_device ) ( struct net_device *netdev );
|
||||
#define NORMAL "\033[0m"
|
||||
#define BOLD "\033[1m"
|
||||
#define CYAN "\033[36m"
|
||||
+#define BLUE "\033[34m"
|
||||
|
||||
/** The "scriptlet" setting */
|
||||
const struct setting scriptlet_setting __setting ( SETTING_MISC, scriptlet ) = {
|
||||
@@ -551,9 +552,13 @@ void ipxe ( struct net_device *netdev ) {
|
||||
* do so.
|
||||
*
|
||||
*/
|
||||
- printf ( NORMAL "\n\n" PRODUCT_NAME "\n" BOLD PRODUCT_SHORT_NAME " %s"
|
||||
+ printf ( NORMAL "\n\n" PRODUCT_NAME "\n" BOLD PRODUCT_SHORT_NAME
|
||||
NORMAL " -- " PRODUCT_TAG_LINE " -- "
|
||||
- CYAN PRODUCT_URI NORMAL "\nFeatures:", product_version );
|
||||
+ CYAN PRODUCT_URI NORMAL "\n"
|
||||
+ BOLD "{{ bdisk['pname'] }}" BLUE "LiveDistro" NORMAL " -- {{ bdisk['desc'] }} -- "
|
||||
+ BOLD BLUE "{{ bdisk['uri'] }}" NORMAL "\n"
|
||||
+ "Version %s compiled on " __DATE__ ", " __TIME__ "\n"
|
||||
+ "Features:", product_version );
|
||||
for_each_table_entry ( feature, FEATURES )
|
||||
printf ( " %s", feature->name );
|
||||
printf ( "\n" );
|
||||
--
|
||||
2.3.0
|
||||
|
33
extra/templates/iPXE/ssl/openssl.cnf
Normal file
33
extra/templates/iPXE/ssl/openssl.cnf
Normal file
@ -0,0 +1,33 @@
|
||||
[ ca ]
|
||||
default_ca = ca_default
|
||||
|
||||
[ ca_default ]
|
||||
certificate = crts/ca.crt
|
||||
private_key = keys/ca.key
|
||||
serial = txt/ca.srl
|
||||
database = txt/ca.idx
|
||||
#new_certs_dir = signed
|
||||
new_certs_dir = crts
|
||||
#default_md = default
|
||||
default_md = sha512
|
||||
policy = policy_anything
|
||||
preserve = yes
|
||||
default_days = 90
|
||||
unique_subject = no
|
||||
|
||||
[ policy_anything ]
|
||||
countryName = optional
|
||||
stateOrProvinceName = optional
|
||||
localityName = optional
|
||||
organizationName = optional
|
||||
organizationalUnitName = optional
|
||||
commonName = optional
|
||||
emailAddress = optional
|
||||
|
||||
[ cross ]
|
||||
basicConstraints = critical,CA:true
|
||||
keyUsage = critical,cRLSign,keyCertSign
|
||||
|
||||
[ codesigning ]
|
||||
keyUsage = digitalSignature
|
||||
extendedKeyUsage = codeSigning
|
Loading…
Reference in New Issue
Block a user