sigh. efi doesn't boot on the mini. also, switch to pygpgme instead of gnupg module. it's so broken. i'm sick of it.
This commit is contained in:
parent
fca944f30a
commit
78fecbded4
@ -31,7 +31,8 @@ if __name__ == '__main__':
|
|||||||
build.displayStats(fulliso)
|
build.displayStats(fulliso)
|
||||||
if conf['build']['ipxe']:
|
if conf['build']['ipxe']:
|
||||||
bSSL.sslPKI(conf)
|
bSSL.sslPKI(conf)
|
||||||
iso = ipxe.buildIPXE(conf)
|
ipxe.buildIPXE(conf)
|
||||||
|
iso = ipxe.genISO(conf)
|
||||||
if iso:
|
if iso:
|
||||||
for x in iso.keys():
|
for x in iso.keys():
|
||||||
if x != 'name':
|
if x != 'name':
|
||||||
|
@ -353,6 +353,7 @@ def genISO(conf):
|
|||||||
# UNTESTED. TODO.
|
# UNTESTED. TODO.
|
||||||
# I think i want to also get rid of: -boot-load-size 4,
|
# I think i want to also get rid of: -boot-load-size 4,
|
||||||
# -boot-info-table, ... possiblyyy -isohybrid-gpt-basedat...
|
# -boot-info-table, ... possiblyyy -isohybrid-gpt-basedat...
|
||||||
|
# https://wiki.archlinux.org/index.php/Unified_Extensible_Firmware_Interface#Remove_UEFI_boot_support_from_Optical_Media
|
||||||
cmd = ['/usr/bin/xorriso',
|
cmd = ['/usr/bin/xorriso',
|
||||||
'-as', 'mkisofs',
|
'-as', 'mkisofs',
|
||||||
'-iso-level', '3',
|
'-iso-level', '3',
|
||||||
@ -391,7 +392,7 @@ def genISO(conf):
|
|||||||
iso['Main']['fmt'] = 'Hybrid ISO'
|
iso['Main']['fmt'] = 'Hybrid ISO'
|
||||||
return(iso)
|
return(iso)
|
||||||
|
|
||||||
def signIMG(file, conf):
|
def signIMG(path, conf):
|
||||||
if conf['build']['gpg']:
|
if conf['build']['gpg']:
|
||||||
# If we enabled GPG signing, we need to figure out if we
|
# If we enabled GPG signing, we need to figure out if we
|
||||||
# are using a personal key or the automatically generated one.
|
# are using a personal key or the automatically generated one.
|
||||||
@ -410,16 +411,17 @@ def signIMG(file, conf):
|
|||||||
keyid = gpg.list_keys(True)[0]['keyid']
|
keyid = gpg.list_keys(True)[0]['keyid']
|
||||||
print('{0}: [BUILD] Signing {1} with {2}...'.format(
|
print('{0}: [BUILD] Signing {1} with {2}...'.format(
|
||||||
datetime.datetime.now(),
|
datetime.datetime.now(),
|
||||||
file,
|
path,
|
||||||
keyid))
|
keyid))
|
||||||
# TODO: remove this warning when upstream python-gnupg fixes
|
# TODO: remove this warning when upstream python-gnupg fixes
|
||||||
print('\t\t\t If you see a "ValueError: Unknown status message: \'KEY_CONSIDERED\'" error, ' +
|
print('\t\t\t If you see a "ValueError: Unknown status message: \'KEY_CONSIDERED\'" error, ' +
|
||||||
'it can be safely ignored.')
|
'it can be safely ignored.')
|
||||||
print('\t\t\t If this is taking a VERY LONG time, try installing haveged and starting it. ' +
|
print('\t\t\t If this is taking a VERY LONG time, try installing haveged and starting it. ' +
|
||||||
'This can be done safely in parallel with the build process.')
|
'This can be done safely in parallel with the build process.')
|
||||||
with open(file, 'rb') as fh:
|
data_in = open(path, 'rb')
|
||||||
gpg.sign_file(fh, keyid = keyid, detach = True,
|
gpg.sign_file(data_in, keyid = keyid, detach = True,
|
||||||
clearsign = False, output = '{0}.sig'.format(file))
|
clearsign = False, output = '{0}.sig'.format(path))
|
||||||
|
data_in.close()
|
||||||
|
|
||||||
def displayStats(iso):
|
def displayStats(iso):
|
||||||
for i in iso['name']:
|
for i in iso['name']:
|
||||||
|
@ -18,48 +18,23 @@ def buildIPXE(conf):
|
|||||||
tempdir = conf['build']['tempdir']
|
tempdir = conf['build']['tempdir']
|
||||||
templates_dir = build['basedir'] + '/extra/templates'
|
templates_dir = build['basedir'] + '/extra/templates'
|
||||||
ipxe_tpl = templates_dir + '/iPXE'
|
ipxe_tpl = templates_dir + '/iPXE'
|
||||||
patches_dir = tempdir + '/patches'
|
|
||||||
srcdir = build['srcdir']
|
srcdir = build['srcdir']
|
||||||
embedscript = build['dlpath'] + '/EMBED'
|
embedscript = build['dlpath'] + '/EMBED'
|
||||||
ipxe_src = srcdir + '/ipxe'
|
ipxe_src = srcdir + '/ipxe'
|
||||||
ipxe_git_uri = 'git://git.ipxe.org/ipxe.git'
|
ipxe_git_uri = 'git://git.ipxe.org/ipxe.git'
|
||||||
#patches_git_uri = 'https://github.com/eworm-de/ipxe.git' # DO WE EVEN NEED THIS ANYMORE THO
|
|
||||||
print('{0}: [IPXE] Prep/fetch sources...'.format(
|
print('{0}: [IPXE] Prep/fetch sources...'.format(
|
||||||
datetime.datetime.now()))
|
datetime.datetime.now()))
|
||||||
# Get the source and apply some cherrypicks
|
# Get the source
|
||||||
if os.path.isdir(ipxe_src):
|
if os.path.isdir(ipxe_src):
|
||||||
shutil.rmtree(ipxe_src)
|
shutil.rmtree(ipxe_src)
|
||||||
ipxe_repo = git.Repo.clone_from(ipxe_git_uri, ipxe_src)
|
ipxe_repo = git.Repo.clone_from(ipxe_git_uri, ipxe_src)
|
||||||
# Generate patches
|
# Generate patches
|
||||||
#os.makedirs(patches_dir, exist_ok = True) # needed?
|
|
||||||
os.makedirs(img_path, exist_ok = True)
|
|
||||||
tpl_loader = jinja2.FileSystemLoader(ipxe_tpl)
|
tpl_loader = jinja2.FileSystemLoader(ipxe_tpl)
|
||||||
env = jinja2.Environment(loader = tpl_loader)
|
env = jinja2.Environment(loader = tpl_loader)
|
||||||
#patches = ipxe_repo.create_remote('eworm', patches_git_uri) # needed?
|
|
||||||
#patches.fetch() # needed?
|
|
||||||
# TODO: per http://ipxe.org/download#uefi, it builds efi *binaries* now.
|
|
||||||
# we can probably skip the commit patching from eworm and the iso/eiso
|
|
||||||
# (and even usb) generation, and instead use the same method we use in genISO
|
|
||||||
#eiso_commit = '189652b03032305a2db860e76fb58e81e3420c4d' # needed?
|
|
||||||
#nopie_commit = '58557055e51b2587ad3843af58075de916e5399b' # needed?
|
|
||||||
# patch files needed?
|
|
||||||
# for p in ('01.git-version.patch', '02.banner.patch'):
|
|
||||||
# try:
|
|
||||||
# tpl = env.get_template('patches/{0}.j2'.format(p))
|
|
||||||
# tpl_out = tpl.render(bdisk = bdisk)
|
|
||||||
# with open('{0}/{1}'.format(patches_dir, p), 'w+') as f:
|
|
||||||
# f.write(tpl_out)
|
|
||||||
# patchfile = patch.fromfile(patches_dir + '/' + p)
|
|
||||||
# patchfile.apply(strip = 2, root = ipxe_src + '/src')
|
|
||||||
# except:
|
|
||||||
# pass
|
|
||||||
tpl = env.get_template('EMBED.j2')
|
tpl = env.get_template('EMBED.j2')
|
||||||
tpl_out = tpl.render(ipxe = ipxe)
|
tpl_out = tpl.render(ipxe = ipxe)
|
||||||
with open(embedscript, 'w+') as f:
|
with open(embedscript, 'w+') as f:
|
||||||
f.write(tpl_out)
|
f.write(tpl_out)
|
||||||
# Patch using the files before applying the cherrypicks needed?
|
|
||||||
# ipxe_repo.git.cherry_pick('-n', eiso_commit)
|
|
||||||
# ipxe_repo.git.cherry_pick('-n', nopie_commit)
|
|
||||||
# Feature enabling
|
# Feature enabling
|
||||||
# In config/general.h
|
# In config/general.h
|
||||||
with open('{0}/src/config/general.h'.format(ipxe_src), 'r') as f:
|
with open('{0}/src/config/general.h'.format(ipxe_src), 'r') as f:
|
||||||
@ -90,15 +65,12 @@ def buildIPXE(conf):
|
|||||||
# Now we make!
|
# Now we make!
|
||||||
cwd = os.getcwd()
|
cwd = os.getcwd()
|
||||||
os.chdir(ipxe_src + '/src')
|
os.chdir(ipxe_src + '/src')
|
||||||
# TODO: split this into logic to only create the selected images.
|
|
||||||
# Command to build the .efi file
|
|
||||||
modenv = os.environ.copy()
|
modenv = os.environ.copy()
|
||||||
modenv['EMBED'] = embedscript
|
modenv['EMBED'] = embedscript
|
||||||
#modenv['TRUST'] = ipxe_ssl_ca # TODO: test these
|
#modenv['TRUST'] = ipxe_ssl_ca # TODO: test these
|
||||||
#modenv['CERT'] = '{0},{1}'.format(ipxe_ssl_ca, ipxe_ssl_crt) # TODO: test these
|
#modenv['CERT'] = '{0},{1}'.format(ipxe_ssl_ca, ipxe_ssl_crt) # TODO: test these
|
||||||
#modenv['PRIVKEY'] = ipxe_ssl_ckey # TODO: test these
|
#modenv['PRIVKEY'] = ipxe_ssl_ckey # TODO: test these
|
||||||
build_cmd = {}
|
build_cmd = {}
|
||||||
# This build include the USB image.
|
|
||||||
build_cmd['base'] = ['/usr/bin/make',
|
build_cmd['base'] = ['/usr/bin/make',
|
||||||
'all',
|
'all',
|
||||||
'EMBED={0}'.format(embedscript)]
|
'EMBED={0}'.format(embedscript)]
|
||||||
@ -110,11 +82,6 @@ def buildIPXE(conf):
|
|||||||
'bin-i386-efi/ipxe.efi',
|
'bin-i386-efi/ipxe.efi',
|
||||||
'bin-x86_64-efi/ipxe.efi',
|
'bin-x86_64-efi/ipxe.efi',
|
||||||
'EMBED={0}'.format(embedscript)]
|
'EMBED={0}'.format(embedscript)]
|
||||||
# Command to build the actual mini image needed?
|
|
||||||
# build_cmd['iso'] = ['/usr/bin/make',
|
|
||||||
# 'bin/ipxe.liso',
|
|
||||||
# 'bin/ipxe.eiso',
|
|
||||||
# 'EMBED={0}'.format(embedscript)]
|
|
||||||
# Now we call the commands.
|
# Now we call the commands.
|
||||||
DEVNULL = open(os.devnull, 'w')
|
DEVNULL = open(os.devnull, 'w')
|
||||||
if os.path.isfile(build['dlpath'] + '/ipxe.log'):
|
if os.path.isfile(build['dlpath'] + '/ipxe.log'):
|
||||||
@ -127,52 +94,16 @@ def buildIPXE(conf):
|
|||||||
subprocess.call(build_cmd['base'], stdout = f, stderr = subprocess.STDOUT, env=modenv)
|
subprocess.call(build_cmd['base'], stdout = f, stderr = subprocess.STDOUT, env=modenv)
|
||||||
subprocess.call(build_cmd['undi'], stdout = f, stderr = subprocess.STDOUT, env=modenv)
|
subprocess.call(build_cmd['undi'], stdout = f, stderr = subprocess.STDOUT, env=modenv)
|
||||||
subprocess.call(build_cmd['efi'], stdout = f, stderr = subprocess.STDOUT, env=modenv)
|
subprocess.call(build_cmd['efi'], stdout = f, stderr = subprocess.STDOUT, env=modenv)
|
||||||
#if mini:
|
|
||||||
# subprocess.call(build_cmd['iso'], stdout = f, stderr = subprocess.STDOUT, env=modenv)
|
|
||||||
print('{0}: [IPXE] Built iPXE image(s) successfully.'.format(datetime.datetime.now()))
|
print('{0}: [IPXE] Built iPXE image(s) successfully.'.format(datetime.datetime.now()))
|
||||||
os.chdir(cwd)
|
os.chdir(cwd)
|
||||||
# move the files to the results dir
|
|
||||||
# TODO: grab ipxe.pxe here too.
|
|
||||||
# if mini: # needed?
|
|
||||||
# os.rename('{0}/src/bin/ipxe.eiso'.format(ipxe_src), emini_file)
|
|
||||||
# os.rename('{0}/src/bin/ipxe.iso'.format(ipxe_src), mini_file)
|
|
||||||
# Get size etc. of build results
|
|
||||||
iso = {}
|
|
||||||
stream = {}
|
|
||||||
iso['name'] = []
|
|
||||||
for t in ('usb'): # TODO: do this programmatically based on config
|
|
||||||
if t == 'usb':
|
|
||||||
imgname = 'USB'
|
|
||||||
iso['name'].append(t)
|
|
||||||
iso[t] = {}
|
|
||||||
shasum = False
|
|
||||||
shasum = hashlib.sha256()
|
|
||||||
if t == 'mini':
|
|
||||||
isopath = mini_file
|
|
||||||
stream = False
|
|
||||||
if os.path.isfile(isopath):
|
|
||||||
with open(isopath, 'rb') as f:
|
|
||||||
while True:
|
|
||||||
stream = f.read(65536) # 64kb chunks
|
|
||||||
if not stream:
|
|
||||||
break
|
|
||||||
shasum.update(stream)
|
|
||||||
iso[t]['sha'] = shasum.hexdigest()
|
|
||||||
iso[t]['file'] = isopath
|
|
||||||
iso[t]['size'] = humanize.naturalsize(os.path.getsize(isopath))
|
|
||||||
iso[t]['type'] = 'iPXE {0}'.format(imgname)
|
|
||||||
if t == 'usb':
|
|
||||||
iso[t]['fmt'] = 'Image'
|
|
||||||
elif t == 'mini':
|
|
||||||
iso[t]['fmt'] = 'ISO'
|
|
||||||
return(iso)
|
|
||||||
|
|
||||||
def genISO(conf):
|
def genISO(conf):
|
||||||
build = conf['build']
|
build = conf['build']
|
||||||
bdisk = conf['bdisk']
|
bdisk = conf['bdisk']
|
||||||
ipxe = conf['ipxe']
|
ipxe = conf['ipxe']
|
||||||
arch = build['arch']
|
arch = build['arch']
|
||||||
ver = build['ver']
|
ver = bdisk['ver']
|
||||||
|
isodir = build['isodir']
|
||||||
isofile = '{0}-{1}-{2}.mini.iso'.format(bdisk['uxname'], bdisk['ver'], build['buildnum'])
|
isofile = '{0}-{1}-{2}.mini.iso'.format(bdisk['uxname'], bdisk['ver'], build['buildnum'])
|
||||||
isopath = '{0}/{1}'.format(isodir, isofile)
|
isopath = '{0}/{1}'.format(isodir, isofile)
|
||||||
tempdir = build['tempdir']
|
tempdir = build['tempdir']
|
||||||
@ -186,7 +117,7 @@ def genISO(conf):
|
|||||||
tpl_loader = jinja2.FileSystemLoader(templates_dir)
|
tpl_loader = jinja2.FileSystemLoader(templates_dir)
|
||||||
env = jinja2.Environment(loader = tpl_loader)
|
env = jinja2.Environment(loader = tpl_loader)
|
||||||
bootdir = tempdir + '/ipxe_mini'
|
bootdir = tempdir + '/ipxe_mini'
|
||||||
efiboot_img = bootdir + '/efiboot.efi'
|
efiboot_img = bootdir + '/EFI/BOOT/mini.efi'
|
||||||
innerefi64 = '{0}/src/bin-x86_64-efi/ipxe.efi'.format(ipxe_src)
|
innerefi64 = '{0}/src/bin-x86_64-efi/ipxe.efi'.format(ipxe_src)
|
||||||
efi = False
|
efi = False
|
||||||
# this shouldn't be necessary... if it is, we can revisit this in the future. see "Inner dir" below.
|
# this shouldn't be necessary... if it is, we can revisit this in the future. see "Inner dir" below.
|
||||||
@ -198,7 +129,8 @@ def genISO(conf):
|
|||||||
print('{0}: [IPXE] UEFI support for Mini ISO...'.format(datetime.datetime.now()))
|
print('{0}: [IPXE] UEFI support for Mini ISO...'.format(datetime.datetime.now()))
|
||||||
if os.path.isdir(bootdir):
|
if os.path.isdir(bootdir):
|
||||||
shutil.rmtree(bootdir)
|
shutil.rmtree(bootdir)
|
||||||
# Inner dir (efiboot.img file)
|
os.makedirs('{0}/EFI/BOOT'.format(bootdir), exist_ok = True) # EFI
|
||||||
|
# Inner dir (efiboot.efi file)
|
||||||
sizetotal = 65536 # 64K wiggle room. increase this if we add IA64.
|
sizetotal = 65536 # 64K wiggle room. increase this if we add IA64.
|
||||||
sizetotal += os.path.getsize(innerefi64)
|
sizetotal += os.path.getsize(innerefi64)
|
||||||
print("{0}: [IPXE] Creating EFI ESP image {1} ({2})...".format(
|
print("{0}: [IPXE] Creating EFI ESP image {1} ({2})...".format(
|
||||||
@ -220,7 +152,6 @@ def genISO(conf):
|
|||||||
subprocess.call(cmd)
|
subprocess.call(cmd)
|
||||||
# Outer dir
|
# Outer dir
|
||||||
os.makedirs('{0}/boot'.format(bootdir), exist_ok = True) # kernel(s)
|
os.makedirs('{0}/boot'.format(bootdir), exist_ok = True) # kernel(s)
|
||||||
os.makedirs('{0}/EFI/BOOT'.format(bootdir), exist_ok = True) # EFI
|
|
||||||
os.makedirs('{0}/loader/entries'.format(bootdir), exist_ok = True) # EFI
|
os.makedirs('{0}/loader/entries'.format(bootdir), exist_ok = True) # EFI
|
||||||
os.makedirs('{0}/isolinux'.format(bootdir), exist_ok = True) # BIOS
|
os.makedirs('{0}/isolinux'.format(bootdir), exist_ok = True) # BIOS
|
||||||
# we reuse the preloader.efi from full ISO build
|
# we reuse the preloader.efi from full ISO build
|
||||||
@ -266,7 +197,7 @@ def genISO(conf):
|
|||||||
'-boot-info-table',
|
'-boot-info-table',
|
||||||
'-isohybrid-mbr', '{0}/root.{1}/usr/lib/syslinux/bios/isohdpfx.bin'.format(chrootdir, arch[0]),
|
'-isohybrid-mbr', '{0}/root.{1}/usr/lib/syslinux/bios/isohdpfx.bin'.format(chrootdir, arch[0]),
|
||||||
'-eltorito-alt-boot',
|
'-eltorito-alt-boot',
|
||||||
'-e', 'efiboot.img',
|
'-e', 'efiboot.efi',
|
||||||
'-no-emul-boot',
|
'-no-emul-boot',
|
||||||
'-isohybrid-gpt-basdat',
|
'-isohybrid-gpt-basdat',
|
||||||
'-output', isopath,
|
'-output', isopath,
|
||||||
@ -275,6 +206,7 @@ def genISO(conf):
|
|||||||
# UNTESTED. TODO.
|
# UNTESTED. TODO.
|
||||||
# I think i want to also get rid of: -boot-load-size 4,
|
# I think i want to also get rid of: -boot-load-size 4,
|
||||||
# -boot-info-table, ... possiblyyy -isohybrid-gpt-basedat...
|
# -boot-info-table, ... possiblyyy -isohybrid-gpt-basedat...
|
||||||
|
# https://wiki.archlinux.org/index.php/Unified_Extensible_Firmware_Interface#Remove_UEFI_boot_support_from_Optical_Media
|
||||||
cmd = ['/usr/bin/xorriso',
|
cmd = ['/usr/bin/xorriso',
|
||||||
'-as', 'mkisofs',
|
'-as', 'mkisofs',
|
||||||
'-iso-level', '3',
|
'-iso-level', '3',
|
||||||
|
@ -3,5 +3,5 @@ PROMPT 0
|
|||||||
TIMEOUT 10
|
TIMEOUT 10
|
||||||
|
|
||||||
LABEL ipxe
|
LABEL ipxe
|
||||||
KERNEL ipxe.lkrn
|
KERNEL boot/ipxe.krn
|
||||||
|
|
@ -1,3 +1,3 @@
|
|||||||
title {{ bdisk['pname'] }} iPXE (netboot)
|
title {{ bdisk['pname'] }} iPXE (netboot)
|
||||||
efi /efiboot.img
|
efi /EFI/BOOT/efiboot.efi
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user