checking in... working on ipxe still

This commit is contained in:
brent s. 2016-11-29 03:16:44 -05:00
parent dcceafc979
commit 7381cc3d39
9 changed files with 165 additions and 10 deletions

8
.gitignore vendored
View File

@ -31,11 +31,11 @@
# You should really generate local copies of these, as they're pretty private.
extra/pre-build.d/etc/openvpn/client.conf
overlay/etc/ssh/*
overlay/home/bdisk
overlay/home/*
overlay/etc/systemd/system/multi-user.target.wants/openvpn@client.service
src/ipxe_local/ssl/keys
src/ipxe_local/ssl/crts
src/ipxe_local/ssl/txt
ssl/
!ssl/.keepme
!ssl/openssl.cnf

# and we DEFINITELY don't need these.
__pycache__/

View File

@ -1,9 +1,13 @@
import os
import shutil
import jinja2
import gitpython
import git
import patch


def sslIPXE():
pass

def buildIPXE(conf):
build = conf['build']
bdisk = conf['bdisk']
@ -13,5 +17,27 @@ def buildIPXE(conf):
patches_dir = ipxe_tpl + '/patches'
srcdir = build['srcdir']
ipxe_src = srcdir + '/ipxe'
ipxe_git_uri =
pass
ipxe_git_uri = 'git://git.ipxe.org/ipxe.git'
patches_git_uri = 'https://github.com/eworm-de/ipxe.git'
print('Now building iPXE in {0}. Please wait...'.format(ipxe_src))
# Get the source and apply some cherrypicks
if os.path.isdir(ipxe_src):
shutil.rmtree(ipxe_src)
ipxe_repo = git.Repo.clone_from(ipxe_git_uri, ipxe_src)
patches = ipxe_repo.create_remote('eworm', patches_git_uri)
patches.fetch()
eiso_commit = '189652b03032305a2db860e76fb58e81e3420c4d'
nopie_commit = '58557055e51b2587ad3843af58075de916e5399b'
# patch files
#cwd = os.getcwd()
#os.chdir(ipxe_src + '/src')
for p in ('01.git-version.patch.j2', '02.banner.patch.j2'):
try:
patch = fromfile(p)
patch.apply(strip = 2, root = ipxe_src + '/src')
except:
pass
#os.chdir(cwd)
# Patch using the files before applying the cherrypicks
ipxe_repo.git.cherry_pick('-n', eiso_commit)
ipxe_repo.git.cherry_pick('-n', nopie_commit)

View File

@ -57,6 +57,11 @@ dev = r00t^2
; 2.) ASCII *only*
desc = j00 got 0wnz0r3d lulz.

; What is your livedistro's URL?
; 0.) Should be a valid URI understood by minimal versions
; of curl.
uri = https://bdisk.square-r00t.net

; Should the root user have a password? IF THIS IS NOT SET,
; PASSWORD LOGIN WILL BE DISABLED!
; If you wish to have a blank password, use the string:
@ -363,16 +368,21 @@ group = root
; yes|no
; true|false
; 1|0
; 1.) Requires actual git to be installed.
; If it is undefined, it is assumed to be no.
iso = yes

; Build a "mini-USB" image? Same concept as the ISO file but
; this can be dd'd onto a USB thumbdrive for the same effect.
; 0.) Only accepts (case-insensitive):
; yes|no
; true|false
; 1|0
; 1.) Requires actual git to be installed.
; If it is undefined, it is assumed to be no.
usb = yes

; What URI should iPXE's EMBED script use? DO NOT USE A
; ',' (comma); instead, replace it with:
; %%COMMA%%
; What URI should iPXE's EMBED script use?
; If you require HTTP BASIC Authentication or HTTP Digest
; Authentication (untested), you can format it via:
;

View File

@ -130,6 +130,7 @@ iperf
iperf3
ipsec-tools
iptraf-ng
ipython
irssi
iso-codes
isomaster

View File

@ -0,0 +1,10 @@
## Enable IPv6 support
s/^#undef([[:space:]]*NET_PROTO_IPV6)/#define\1/g
## Enable HTTPS
s/^#undef([[:space:]]*DOWNLOAD_PROTO_HTTPS)/#define\1/g
s@^//(#define[[:space:]]*IMAGE_TRUST_CMD@\1@g
## Enable FTP
s/^#undef([[:space:]]*DOWNLOAD_PROTO_FTP)/#define\1/g
## Currently broken for EFI building
#s@^//(#define[[:space:]]*CONSOLE_CMD)@\1@g
#s@^//(#define[[:space:]]*IMAGE_PNG@\1@g

View File

@ -0,0 +1,2 @@
## Currently broken on EFI systems
#s@^//(#define[[:space:]]*CONSOLE_VESAFB)@\1@g

View File

@ -0,0 +1,32 @@
{# we can probably honestly not include this. regardless, it's handy. #}From 4c139ece028b5dd6c4e5f46ce2bf8134c390de90 Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Thu, 12 Feb 2015 08:59:37 +0100
Subject: [PATCH] git version

Signed-off-by: Christian Hesse <mail@eworm.de>
---
src/Makefile | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/Makefile b/src/Makefile
index cf9cfd2..38ebb3d 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -194,10 +194,11 @@ VERSION_MINOR = 0
VERSION_PATCH = 0
EXTRAVERSION = +
MM_VERSION = $(VERSION_MAJOR).$(VERSION_MINOR)
-VERSION = $(MM_VERSION).$(VERSION_PATCH)$(EXTRAVERSION)
ifneq ($(wildcard ../.git),)
-GITVERSION := $(shell git describe --always --abbrev=1 --match "" 2>/dev/null)
-VERSION += ($(GITVERSION))
+GITVERSION := $(shell git describe --tags --long 2>/dev/null)
+VERSION = $(GITVERSION)
+else
+VERSION = $(MM_VERSION).$(VERSION_PATCH)$(EXTRAVERSION)
endif
version :
@$(ECHO) "$(VERSION)"
--
2.3.0

View File

@ -0,0 +1,41 @@
From 4ec31ece6757e19be455faa383886562b8793db9 Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Thu, 12 Feb 2015 09:06:41 +0100
Subject: [PATCH] banner

Signed-off-by: Christian Hesse <mail@eworm.de>
---
src/usr/autoboot.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/usr/autoboot.c b/src/usr/autoboot.c
index 4bcb64d..74b5b77 100644
--- a/src/usr/autoboot.c
+++ b/src/usr/autoboot.c
@@ -67,6 +67,7 @@ static int ( * is_autoboot_device ) ( struct net_device *netdev );
#define NORMAL "\033[0m"
#define BOLD "\033[1m"
#define CYAN "\033[36m"
+#define BLUE "\033[34m"
/** The "scriptlet" setting */
const struct setting scriptlet_setting __setting ( SETTING_MISC, scriptlet ) = {
@@ -551,9 +552,13 @@ void ipxe ( struct net_device *netdev ) {
* do so.
*
*/
- printf ( NORMAL "\n\n" PRODUCT_NAME "\n" BOLD PRODUCT_SHORT_NAME " %s"
+ printf ( NORMAL "\n\n" PRODUCT_NAME "\n" BOLD PRODUCT_SHORT_NAME
NORMAL " -- " PRODUCT_TAG_LINE " -- "
- CYAN PRODUCT_URI NORMAL "\nFeatures:", product_version );
+ CYAN PRODUCT_URI NORMAL "\n"
+ BOLD "{{ bdisk['pname'] }}" BLUE "LiveDistro" NORMAL " -- {{ bdisk['desc'] }} -- "
+ BOLD BLUE "{{ bdisk['uri'] }}" NORMAL "\n"
+ "Version %s compiled on " __DATE__ ", " __TIME__ "\n"
+ "Features:", product_version );
for_each_table_entry ( feature, FEATURES )
printf ( " %s", feature->name );
printf ( "\n" );
--
2.3.0

View File

@ -0,0 +1,33 @@
[ ca ]
default_ca = ca_default

[ ca_default ]
certificate = crts/ca.crt
private_key = keys/ca.key
serial = txt/ca.srl
database = txt/ca.idx
#new_certs_dir = signed
new_certs_dir = crts
#default_md = default
default_md = sha512
policy = policy_anything
preserve = yes
default_days = 90
unique_subject = no

[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = optional
emailAddress = optional

[ cross ]
basicConstraints = critical,CA:true
keyUsage = critical,cRLSign,keyCertSign

[ codesigning ]
keyUsage = digitalSignature
extendedKeyUsage = codeSigning