-
Notifications
You must be signed in to change notification settings - Fork 1
/
build.sh
executable file
·230 lines (191 loc) · 8.14 KB
/
build.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
#!/bin/bash
set -e
mkosi_output='mkosi.output'
mkosi_rootfs="$mkosi_output/image"
mkosi_cache='mkosi.cache'
mnt_image="$(pwd)/mnt_image"
image_dir='images'
date=$(date +%Y%m%d)
image_name=asahi-rocky-${date}-1
mkosi_supported_version=20
# this has to match the volume_id in installer_data.json
# "volume_id": "0x2abf9f91"
EFI_UUID=2ABF-9F91
BOOT_UUID=$(uuidgen)
ROOT_UUID=$(uuidgen)
if [ "$(whoami)" != 'root' ]; then
echo "You must be root to run this script"
exit
elif [[ -n $SUDO_USER ]] && [[ $SUDO_USER != 'root' ]]; then
echo "You must run this script as root and not with sudo"
exit
fi
[ ! -d $mnt_image ] && mkdir $mnt_image
[ ! -d $mkosi_output ] && mkdir $mkosi_output
[ ! -d $mkosi_cache ] && mkdir $mkosi_cache
[ ! -d $image_dir/$image_name ] && mkdir -p $image_dir/$image_name
check_mkosi() {
mkosi_cmd=$(command -v mkosi || true)
[[ -z $mkosi_cmd ]] && echo 'mkosi is not installed...exiting' && exit
mkosi_version=$(mkosi --version | awk '{print $2}' | sed 's/\..*$//')
if [[ $mkosi_version -ne $mkosi_supported_version ]]; then
echo "mkosi path: $mkosi_cmd"
echo "mkosi version: $mkosi_version"
echo -e "\nthis project was built with mkosi version $mkosi_supported_version"
echo "please install that version to continue"
exit
fi
}
mkosi_create_rootfs() {
umount_image
mkosi clean
mkosi
}
mount_image() {
# get last modified image
image_path=$(find $image_dir -maxdepth 1 -type d | grep -E /asahi-rocky-[0-9]{8}-[0-9] | sort | tail -1)
[[ -z $image_path ]] && echo -n "image not found in $image_dir\nexiting..." && exit
for img in root.img boot.img esp; do
[[ ! -e $image_path/$img ]] && echo -e "$image_path/$img not found\nexiting..." && exit
done
[[ -z "$(findmnt -n $mnt_image)" ]] && mount -o loop $image_path/root.img $mnt_image
[[ -z "$(findmnt -n $mnt_image/boot)" ]] && mount -o loop $image_path/boot.img $mnt_image/boot
[[ -z "$(findmnt -n $mnt_image/boot/efi)" ]] && mount --bind $image_path/esp/ $mnt_image/boot/efi/
# we need this since we're using set -e
return 0
}
umount_image() {
if [ ! "$(findmnt -n $mnt_image)" ]; then
return
fi
[[ -n "$(findmnt -n $mnt_image/boot/efi)" ]] && umount $mnt_image/boot/efi
[[ -n "$(findmnt -n $mnt_image/boot)" ]] && umount $mnt_image/boot
[[ -n "$(findmnt -n $mnt_image)" ]] && umount $mnt_image
}
# ./build.sh mount
# ./build.sh umount
# ./build chroot
# to mount, unmount, or chroot into an image (that was previously created by this script)
if [[ $1 == 'mount' ]]; then
echo "### Mounting to $mnt_image"
mount_image
exit
elif [[ $1 == 'umount' ]] || [[ $1 == 'unmount' ]]; then
echo "### Umounting from $mnt_image"
umount_image # if $mnt_image is mounted, then unmount it
exit
elif [[ $1 == 'remount' ]]; then
echo "### Remounting $mnt_image"
umount_image
mount_image
exit
elif [[ $1 == 'chroot' ]]; then
mount_image
echo "### Chrooting into $mnt_image"
arch-chroot $mnt_image
exit
elif [[ -n $1 ]]; then
echo "$1 isn't a recogized option"
exit
fi
make_image() {
# if $mnt_image is mounted, then unmount it
umount_image
echo "## Making image $image_name"
echo '### Cleaning up'
rm -f $mkosi_rootfs/var/cache/dnf/*
rm -rf $image_dir/$image_name/*
[[ -f mkosi.rootfs.vmlinuz ]] && rm -f mkosi.rootfs.vmlinuz
############# create boot.img #############
echo '### Calculating boot image size'
size=$(du -B M -s $mkosi_rootfs/boot | cut -dM -f1)
echo "### Boot Image size: $size MiB"
size=$(($size + ($size / 8) + 64))
echo "### Boot Padded size: $size MiB"
truncate -s ${size}M $image_dir/$image_name/boot.img
############# create root.img #############
echo '### Calculating root image size'
size=$(du -B M -s --exclude=$mkosi_rootfs/boot $mkosi_rootfs | cut -dM -f1)
echo "### Root Image size: $size MiB"
size=$(($size + ($size / 8) + 64))
echo "### Root Padded size: $size MiB"
truncate -s ${size}M $image_dir/$image_name/root.img
###### create ext4 filesystem on boot.img ######
echo '### Creating ext4 filesystem on boot.img '
mkfs.ext4 -U $BOOT_UUID -L rl_boot -b 4096 images/$image_name/boot.img
###### create ext4 filesystem on root.img ######
echo '### Creating ext4 filesystem on root.img '
mkfs.ext4 -U $ROOT_UUID -L rl_root -b 4096 $image_dir/$image_name/root.img
echo '### Loop mounting root.img'
mount -o loop $image_dir/$image_name/root.img $mnt_image
echo '### Loop mounting boot.img'
mkdir -p $mnt_image/boot
mount -o loop $image_dir/$image_name/boot.img $mnt_image/boot
echo '### Copying files'
rsync -aHAX --exclude '/tmp/*' --exclude '/boot/*' --exclude '/home/*' --exclude '/efi' $mkosi_rootfs/ $mnt_image
echo "rsync -aHAX $mkosi_rootfs/boot/ $mnt_usb/boot"
rsync -aHAX $mkosi_rootfs/boot/ $mnt_image/boot
echo '### Setting pre-defined uuid for efi vfat partition in /etc/fstab'
sed -i "s/EFI_UUID_PLACEHOLDER/$EFI_UUID/" $mnt_image/etc/fstab
echo '### Setting uuid for boot partition in /etc/fstab'
sed -i "s/BOOT_UUID_PLACEHOLDER/$BOOT_UUID/" $mnt_image/etc/fstab
echo '### Setting uuid for ext4 partition in /etc/fstab'
sed -i "s/ROOT_UUID_PLACEHOLDER/$ROOT_UUID/" $mnt_image/etc/fstab
# remove resolv.conf symlink -- this causes issues with arch-chroot
rm -f $mnt_image/etc/resolv.conf
echo -e '\n### Generating GRUB config'
arch-chroot $mnt_image grub2-editenv create
sed -i "s/ROOT_UUID_PLACEHOLDER/$ROOT_UUID/" $mnt_image/etc/kernel/cmdline
sed -i "s/BOOT_UUID_PLACEHOLDER/$BOOT_UUID/" $mnt_image/boot/efi/EFI/rocky/grub.cfg
# /etc/grub.d/30_uefi-firmware creates a uefi grub boot entry that doesn't work on this platform
chroot $mnt_image chmod -x /etc/grub.d/30_uefi-firmware
arch-chroot $mnt_image grub2-mkconfig -o /boot/grub2/grub.cfg
echo '### Creating BLS (/boot/loader/entries/) entry'
arch-chroot $mnt_image /image.creation/create.bls.entry
echo -e '\n### Running update-m1n1'
rm -f $mnt_image/boot/.builder
mkdir -p $mnt_image/boot/efi/m1n1
arch-chroot $mnt_image update-m1n1 /boot/efi/m1n1/boot.bin
echo "### Enabling system services"
arch-chroot $mnt_image systemctl enable NetworkManager sshd systemd-resolved
echo "### Disabling systemd-firstboot"
chroot $mnt_image rm -f /usr/lib/systemd/system/sysinit.target.wants/systemd-firstboot.service
# selinux will be set to enforcing on the first boot via asahi-firstboot.service
# set to permissive here to ensure the system performs an initial boot
echo '### Setting selinux to permissive'
sed -i 's/^SELINUX=.*$/SELINUX=permissive/' $mnt_image/etc/selinux/config
echo -e '\n### Creating EFI system partition tree'
mkdir -p $image_dir/$image_name/esp/
rsync -aHAX $mnt_image/boot/efi/ $image_dir/$image_name/esp/
###### post-install cleanup ######
echo -e '\n### Cleanup'
rm -rf $mnt_image/boot/efi/*
rm -rf $mnt_image/boot/lost+found
rm -f $mnt_image/init
rm -f $mnt_image/etc/machine-id
rm -f $mnt_image/etc/kernel/{entry-token,install.conf}
rm -rf $mnt_image/image.creation
rm -f $mnt_image/etc/dracut.conf.d/initial-boot.conf
rm -f $mnt_image/var/lib/systemd/random-seed
sed -i '/GRUB_DISABLE_OS_PROBER=true/d' $mnt_image/etc/default/grub
chroot $mnt_image ln -s ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
# not sure how/why a $mnt_image/root/asahi-rocky-builder directory is being created
# remove it like this to account for it being named something different
find $mnt_image/root/ -maxdepth 1 -mindepth 1 -type d | grep -Ev '/\..*$' | xargs rm -rf
echo -e '\n### Unmounting volumes'
umount $mnt_image/boot
umount $mnt_image
echo -e '\n### Compressing'
rm -f $image_dir/$image_name.zip
pushd $image_dir/$image_name > /dev/null
zip -r ../$image_name.zip .
popd > /dev/null
echo '### Done'
}
check_mkosi
if [[ $(command -v getenforce) ]] && [[ "$(getenforce)" = "Enforcing" ]]; then
setenforce 0
trap 'setenforce 1; exit;' EXIT SIGHUP SIGINT SIGTERM SIGQUIT SIGABRT
fi
mkosi_create_rootfs
make_image