forked from aparcar/openwrt-metabuilder
-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathmeta
216 lines (190 loc) · 6.7 KB
/
meta
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
#!/usr/bin/env bash
#
# based on /~https://github.com/openwrt/packages/blob/master/.travis_do.sh
ROOT_DIR="$PWD" # where the script is
DISTRO="${DISTRO:-openwrt}" # the folder where to store created files
VERSION="${VERSION:-19.07.3}" # default version
IB_VERSION="${IB_VERSION:-$VERSION}" # ImageBuilder version if different to distro version
BASE_URL="${BASE_URL:-https://downloads.cdn.openwrt.org}" # download imagebuilders
BASE_PATH="$DISTRO/$VERSION/$TARGET" # structure for storing stuff
# If /dev/shm is mounted noexec, then <Use/Avoid> building in RAM
if [ $(mktemp -p /dev/shm/ 2>/dev/null) ] \
&& [ x"$(mount | grep '/dev/shm type tmpfs' | grep -q 'noexec'; echo $?)" == x"0" ]
then
# Avoid: /dev/shm: tmpfs mounted with noexec
IB_DIR="$ROOT_DIR/imagebuilder/$BASE_PATH"
else
# Use: tmpfs yields faster buildtimes
IB_DIR="/dev/shm/imagebuilder/$BASE_PATH"
fi
BIN_DIR="${BIN_DIR:-$ROOT_DIR/bin/$BASE_PATH}" # where to store created images
IB="imagebuilder" # search sha256sums for this string to find imagebuilder
BUILD_KEY="${BUILD_KEY:-$ROOT_DIR/key-build}"
ARIA2C="$(which aria2c)"
set -e
set_targets_url() {
if [ x"$IB_VERSION" != x"snapshots" ]; then
TARGETS_URL="$BASE_URL/releases/$IB_VERSION/targets/$TARGET"
else
TARGETS_URL="$BASE_URL/snapshots/targets/$TARGET"
fi
echo TARGETS_URL="${TARGETS_URL}"
}
# parse the sha256sums file to determine the ImageBuilder name
get_ib_archive_name() {
if [ -e "$IB_DIR/sha256sums" ] ; then
grep -- "$IB" "$IB_DIR/sha256sums" | awk '{print $2}' | sed -e "s/*//g"
else
false
fi
}
# return the architecture of the ImageBuilder based on .config contents
get_ib_arch() {
[ -d "$IB_DIR" ] && {
(cd "$IB_DIR" &&
grep CONFIG_TARGET_ARCH_PACKAGES .config | cut -d= -f2 | tr -d \"
)
} || echo "unknown"
}
meta_setup() {
# LEDE Build System (LEDE GnuPG key for unattended build jobs)
gpg --import "$ROOT_DIR/keys/626471F1.asc"
echo '54CC74307A2C6DC9CE618269CD84BCED626471F1:6:' | gpg --import-ownertrust
# LEDE Release Builder (17.01 "Reboot" Signing Key)
gpg --import $ROOT_DIR/keys/D52BBB6B.asc
echo 'B09BE781AE8A0CD4702FDCD3833C6010D52BBB6B:6:' | gpg --import-ownertrust
# OpenWrt Release Builder (18.06 Signing Key)
gpg --import $ROOT_DIR/keys/17E1CE16.asc
echo '6768C55E79B032D77A28DA5F0F20257417E1CE16:6:' | gpg --import-ownertrust
# OpenWrt Release Builder (21.01 Signing Key)
gpg --import $ROOT_DIR/keys/8F681580.asc
echo '667205E379BAF348863A5C6688CA59E88F681580:6:' | gpg --import-ownertrust
touch "$ROOT_DIR/.meta_setup"
}
download() {
mkdir -p "$IB_DIR"
[ -h $(echo $TARGET | cut -d/ -f2) ] \
&& rm $(echo $TARGET | cut -d/ -f2) \
|| : # always re-symlink
if [ -n "${REFRESH}" ]; then
if [ -e ${IB_DIR}/openwrt-imagebuilder-*.tar.xz ]; then
echo "Refresh: OpenWrt IB found and removed: ${IB_DIR}"
echo "Refresh: $(basename ${IB_DIR}/openwrt-imagebuilder-*.tar.xz)"
rm -rf "${IB_DIR}" && mkdir -p "$IB_DIR"
else
echo "Refresh: No IB found: ${IB_DIR}"
fi
fi
ln -s "$IB_DIR" .
cd "$IB_DIR" || exit
echo "download checksums and signature"
if [ x"$ARIA2C" == "x" ]; then
which wget 2>&1>/dev/null
if [ $? -eq 0 ]; then
wget "$TARGETS_URL/sha256sums" -O sha256sums
wget "$TARGETS_URL/sha256sums.gpg" -O sha256sums.asc
else
die "please install wget or aria2c for downloading"
fi
else
aria2c "$TARGETS_URL/sha256sums" -o sha256sums --force-save=true
aria2c "$TARGETS_URL/sha256sums.gpg" -o sha256sums.asc --force-save=true
fi
echo "verifying sha256sums signature"
gpg --verify sha256sums.asc
echo "verified sha256sums signature."
if ! grep -- "$IB" sha256sums > sha256sums.small ; then
die "can not find $IB file in sha256sums. Is \$IB out of date?"
fi
touch sha256sums.current
# if missing, outdated or invalid, download again
if [ "$(cat sha256sums.small)" != "$(cat sha256sums.current)" ] ; then
local ib_archive_name
ib_archive_name="$(get_ib_archive_name)"
echo "sha256 doesn't match or ImageBuilder file wasn't downloaded yet."
echo "remove outdated ImageBuilder files"
find . ! -name 'sha256sums.*' -type f -exec rm -f {} +
echo "download ImageBuilder: $TARGETS_URL/$ib_archive_name"
if [ x"$ARIA2C" == "x" ]; then
wget "$TARGETS_URL/$ib_archive_name" -O "$ib_archive_name"
else
aria2c "$TARGETS_URL/$ib_archive_name" -o "$ib_archive_name" \
--force-save=true --summary-interval=1
fi
xz --threads=$(grep ^processor /proc/cpuinfo | wc -l) \
--decompress --stdout "$IB_DIR/$ib_archive_name" \
| tar x --strip=1 --overwrite
# add Makefile which support package_list and manifest
# also modify Makefile based on DISTRO and VERSION
# if REPOS is defined, add them
[ -n "$REPOS" ] && custom_repos
# check again and fail here if the file is still bad
echo "Checking sha256sum a second time"
if ! sha256sum -c ./sha256sums.small ; then
die "ImageBuilder can not be verified!"
fi
mv sha256sums.small sha256sums.current
if [ -n "$KEEP_IB_TAR" ]; then
:
elif [ -d "$IB_DIR/$ib_archive_name" ]; then
rm -rf "$IB_DIR/$ib_archive_name"
fi
fi
# copy BUILD_KEY to imagebuilder folder to sign images
[ -e "$BUILD_KEY" ] && ln -sf "$BUILD_KEY" "$IB_DIR/key-build"
[ -e "$BUILD_KEY.ucert" ] && ln -sf "$BUILD_KEY.ucert" "$IB_DIR/key-build.ucert"
if [ x"$ARIA2C" == "x" ]; then
wget "https://download.massmesh.org/public.key" -O "219c9f583cf3bbb6"
else
aria2c "https://download.massmesh.org/public.key" -o "219c9f583cf3bbb6" \
--force-save=true --summary-interval=1
fi
mv 219c9f583cf3bbb6 keys/
echo "ImageBuilder is up-to-date"
}
custom_repos() {
# ability to add custom repositories
echo "$REPOS" >> "$IB_DIR/repositories.conf"
sed -i \
-e "s/{{ pkg_arch }}/$(get_ib_arch)/" \
-e "s#{{ target }}#$TARGET#" \
-e "s/{{ ib_version }}/${IB_VERSION:-$VERSION}/" \
-e "s/{{ version }}/$VERSION/" \
"$IB_DIR/repositories.conf"
}
increase_rootfs_part() {
PROFILE_TYPE=$(basename $PROFILE_PATH)
if [ x"$PROFILE_TYPE" == x"meshnode" ]; then
echo "Increasing rootfs partition from 104M to 512M"
pushd "$IB_DIR"
sed -i \
's/CONFIG_TARGET_ROOTFS_PARTSIZE=.*$/CONFIG_TARGET_ROOTFS_PARTSIZE=512/1' \
.config
popd
fi
}
die() {
echo $1
exit 1
}
# setup this meta script if not already done
[ ! -d "$ROOT_DIR/.meta_setup" ] && meta_setup
set_targets_url
# check if required vars a given
[ -n "$TARGET" ] || die "missing \$TARGET"
# check if local state is up to date
[ -n "$NO_DOWNLOAD" ] || download 1>&2
# will stop here if command is download
[ "$1" != "download" ] || exit 0
# increase the rootfs partition if meshnode
increase_rootfs_part
# run `make image` and pass variables
(cd "$IB_DIR" &&
make "$1" \
PROFILE="$PROFILE" \
PACKAGES="$PACKAGES" \
BIN_DIR="$BIN_DIR" \
EXTRA_IMAGE_NAME="$EXTRA_IMAGE_NAME" \
DISABLED_SERVICES="$DISABLED_SERVICES" \
FILES="$FILES"
)