2019-12-17 20:41:16 +00:00
|
|
|
# See https://wiki.debian.org/RaspberryPi3 for known issues and more details.
|
2022-01-01 22:37:27 +00:00
|
|
|
# image.yml based on revision: __GITCOMMIT__
|
2019-12-17 20:41:16 +00:00
|
|
|
|
|
|
|
steps:
|
|
|
|
- mkimg: "{{ output }}"
|
2021-12-06 06:11:02 +00:00
|
|
|
size: 2000M
|
2019-12-17 20:41:16 +00:00
|
|
|
|
|
|
|
- mklabel: msdos
|
|
|
|
device: "{{ output }}"
|
|
|
|
|
|
|
|
- mkpart: primary
|
|
|
|
fs-type: 'fat32'
|
|
|
|
device: "{{ output }}"
|
2021-02-19 10:41:43 +00:00
|
|
|
start: 4MiB
|
2022-10-30 23:00:57 +00:00
|
|
|
end: 512MiB
|
2022-11-02 09:41:08 +00:00
|
|
|
tag: tag-firmware
|
2019-12-17 20:41:16 +00:00
|
|
|
|
|
|
|
- mkpart: primary
|
|
|
|
device: "{{ output }}"
|
2022-10-30 23:00:57 +00:00
|
|
|
start: 512MiB
|
2019-12-17 20:41:16 +00:00
|
|
|
end: 100%
|
2022-11-02 09:29:53 +00:00
|
|
|
tag: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
|
|
|
|
- kpartx: "{{ output }}"
|
|
|
|
|
|
|
|
- mkfs: vfat
|
2022-11-02 09:41:08 +00:00
|
|
|
partition: tag-firmware
|
2019-12-17 20:41:16 +00:00
|
|
|
label: RASPIFIRM
|
|
|
|
|
|
|
|
- mkfs: ext4
|
2022-11-02 09:29:53 +00:00
|
|
|
partition: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
label: RASPIROOT
|
|
|
|
|
2022-11-02 09:29:53 +00:00
|
|
|
- mount: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
|
2022-11-02 09:41:08 +00:00
|
|
|
- mount: tag-firmware
|
2022-11-02 09:29:53 +00:00
|
|
|
mount-on: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
dirname: '/boot/firmware'
|
|
|
|
|
2022-11-02 09:29:53 +00:00
|
|
|
- unpack-rootfs: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
|
2021-01-14 06:55:55 +00:00
|
|
|
- qemu-debootstrap: __RELEASE__
|
2019-12-17 20:41:16 +00:00
|
|
|
mirror: http://deb.debian.org/debian
|
2022-11-02 09:29:53 +00:00
|
|
|
target: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
arch: __ARCH__
|
|
|
|
components:
|
|
|
|
- main
|
2022-10-12 16:25:53 +01:00
|
|
|
- __FIRMWARE_COMPONENT__
|
2022-10-31 00:04:23 +00:00
|
|
|
- __FIRMWARE_COMPONENT_OLD__
|
2019-12-17 20:41:16 +00:00
|
|
|
unless: rootfs_unpacked
|
|
|
|
|
2020-04-05 02:56:51 +01:00
|
|
|
- create-file: /etc/apt/sources.list
|
2021-08-28 04:25:38 +01:00
|
|
|
contents: |+
|
2022-10-31 00:04:23 +00:00
|
|
|
deb http://deb.debian.org/debian __RELEASE__ main __FIRMWARE_COMPONENT__ __FIRMWARE_COMPONENT_OLD__
|
2022-06-19 14:20:07 +01:00
|
|
|
deb http://deb.debian.org/debian __RELEASE__-updates main __FIRMWARE_COMPONENT__ __FIRMWARE_COMPONENT_OLD__
|
2022-10-31 00:04:23 +00:00
|
|
|
deb http://security.debian.org/debian-security __SECURITY_SUITE__ main __FIRMWARE_COMPONENT__ __FIRMWARE_COMPONENT_OLD__
|
2021-08-28 03:01:30 +01:00
|
|
|
__BACKPORTS__
|
2021-08-28 04:25:38 +01:00
|
|
|
|
2020-04-05 02:56:51 +01:00
|
|
|
unless: rootfs_unpacked
|
|
|
|
|
2021-04-30 18:23:21 +01:00
|
|
|
- copy-file: /etc/initramfs-tools/hooks/rpi-resizerootfs
|
|
|
|
src: rootfs/etc/initramfs-tools/hooks/rpi-resizerootfs
|
|
|
|
perm: 0755
|
|
|
|
unless: rootfs_unpacked
|
|
|
|
|
|
|
|
- copy-file: /etc/initramfs-tools/scripts/local-bottom/rpi-resizerootfs
|
|
|
|
src: rootfs/etc/initramfs-tools/scripts/local-bottom/rpi-resizerootfs
|
|
|
|
perm: 0755
|
|
|
|
unless: rootfs_unpacked
|
|
|
|
|
2019-12-17 20:41:16 +00:00
|
|
|
- apt: install
|
|
|
|
packages:
|
2021-04-27 14:13:14 +01:00
|
|
|
- ca-certificates
|
2019-12-17 20:41:16 +00:00
|
|
|
- dosfstools
|
2020-10-27 01:19:09 +00:00
|
|
|
- iw
|
2021-04-27 14:13:14 +01:00
|
|
|
- parted
|
|
|
|
- ssh
|
2019-12-17 20:41:16 +00:00
|
|
|
- wpasupplicant
|
2021-12-08 20:18:14 +00:00
|
|
|
- __SYSTEMD_TIMESYNCD__
|
2019-12-17 20:41:16 +00:00
|
|
|
- __LINUX_IMAGE__
|
2021-08-28 04:20:39 +01:00
|
|
|
- __RASPI_FIRMWARE__
|
|
|
|
- __WIRELESS_FIRMWARE__
|
2022-11-02 09:29:53 +00:00
|
|
|
tag: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
unless: rootfs_unpacked
|
|
|
|
|
2022-11-02 09:29:53 +00:00
|
|
|
- cache-rootfs: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
unless: rootfs_unpacked
|
|
|
|
|
|
|
|
- shell: |
|
|
|
|
echo "__HOST__-$(date +%Y%m%d)" > "${ROOT?}/etc/hostname"
|
|
|
|
|
|
|
|
# Allow root logins locally with no password
|
|
|
|
sed -i 's,root:[^:]*:,root::,' "${ROOT?}/etc/shadow"
|
|
|
|
|
2020-08-15 06:06:18 +01:00
|
|
|
install -m 644 -o root -g root rootfs/etc/fstab "${ROOT?}/etc/fstab"
|
2019-12-17 20:41:16 +00:00
|
|
|
|
2020-08-15 06:06:18 +01:00
|
|
|
install -m 644 -o root -g root rootfs/etc/network/interfaces.d/eth0 "${ROOT?}/etc/network/interfaces.d/eth0"
|
2020-08-15 06:15:43 +01:00
|
|
|
install -m 600 -o root -g root rootfs/etc/network/interfaces.d/wlan0 "${ROOT?}/etc/network/interfaces.d/wlan0"
|
2019-12-17 20:41:16 +00:00
|
|
|
|
2020-08-15 06:06:18 +01:00
|
|
|
install -m 755 -o root -g root rootfs/usr/local/sbin/rpi-set-sysconf "${ROOT?}/usr/local/sbin/rpi-set-sysconf"
|
|
|
|
install -m 644 -o root -g root rootfs/etc/systemd/system/rpi-set-sysconf.service "${ROOT?}/etc/systemd/system/"
|
|
|
|
install -m 644 -o root -g root rootfs/boot/firmware/sysconf.txt "${ROOT?}/boot/firmware/sysconf.txt"
|
2019-12-17 20:41:16 +00:00
|
|
|
mkdir -p "${ROOT?}/etc/systemd/system/basic.target.requires/"
|
|
|
|
ln -s /etc/systemd/system/rpi-set-sysconf.service "${ROOT?}/etc/systemd/system/basic.target.requires/rpi-set-sysconf.service"
|
|
|
|
|
2021-04-30 18:23:21 +01:00
|
|
|
# Resize script is now in the initrd for first boot; no need to ship it.
|
|
|
|
rm -f "${ROOT?}/etc/initramfs-tools/hooks/rpi-resizerootfs"
|
|
|
|
rm -f "${ROOT?}/etc/initramfs-tools/scripts/local-bottom/rpi-resizerootfs"
|
2019-12-17 20:41:16 +00:00
|
|
|
|
2021-02-18 17:31:23 +00:00
|
|
|
install -m 644 -o root -g root rootfs/etc/systemd/system/rpi-reconfigure-raspi-firmware.service "${ROOT?}/etc/systemd/system/"
|
2019-12-17 20:41:16 +00:00
|
|
|
mkdir -p "${ROOT?}/etc/systemd/system/multi-user.target.requires/"
|
2021-02-18 17:31:23 +00:00
|
|
|
ln -s /etc/systemd/system/rpi-reconfigure-raspi-firmware.service "${ROOT?}/etc/systemd/system/multi-user.target.requires/rpi-reconfigure-raspi-firmware.service"
|
2021-07-02 19:01:17 +01:00
|
|
|
__FIX_FIRMWARE_PKG_NAME__
|
2021-02-18 17:31:23 +00:00
|
|
|
|
|
|
|
install -m 644 -o root -g root rootfs/etc/systemd/system/rpi-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/"
|
2019-12-17 20:41:16 +00:00
|
|
|
ln -s /etc/systemd/system/rpi-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/multi-user.target.requires/rpi-generate-ssh-host-keys.service"
|
2019-12-06 15:09:31 +00:00
|
|
|
rm -f "${ROOT?}"/etc/ssh/ssh_host_*_key*
|
2021-04-13 22:58:25 +01:00
|
|
|
|
2021-08-28 03:01:30 +01:00
|
|
|
__EXTRA_ROOT_SHELL_CMDS__
|
2022-11-02 09:29:53 +00:00
|
|
|
root-fs: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
|
|
|
|
# Copy the relevant device tree files to the boot partition
|
2022-11-02 09:29:53 +00:00
|
|
|
- chroot: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
shell: |
|
|
|
|
install -m 644 -o root -g root __DTB__ /boot/firmware/
|
|
|
|
|
|
|
|
# Clean up archive cache (likely not useful) and lists (likely outdated) to
|
|
|
|
# reduce image size by several hundred megabytes.
|
2022-11-02 09:29:53 +00:00
|
|
|
- chroot: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
shell: |
|
|
|
|
apt-get clean
|
|
|
|
rm -rf /var/lib/apt/lists
|
|
|
|
|
|
|
|
# Modify the kernel commandline we take from the firmware to boot from
|
2021-10-21 15:47:55 +01:00
|
|
|
# the partition labeled raspiroot instead of forcing it to mmcblk0p2.
|
|
|
|
# Also insert the serial console right before the root= parameter.
|
2021-02-18 17:31:23 +00:00
|
|
|
#
|
|
|
|
# These changes will be overwritten after the hardware is probed
|
2021-10-21 15:35:40 +01:00
|
|
|
# after dpkg reconfigures raspi-firmware (upon first boot), so make
|
|
|
|
# sure we don't lose label-based booting.
|
2022-11-02 09:29:53 +00:00
|
|
|
- chroot: tag-root
|
2019-12-17 20:41:16 +00:00
|
|
|
shell: |
|
2021-10-21 15:47:55 +01:00
|
|
|
sed -i 's/root=/console=__SERIAL_CONSOLE__ root=/' /boot/firmware/cmdline.txt
|
2021-10-21 15:32:55 +01:00
|
|
|
sed -i 's#root=/dev/mmcblk0p2#root=LABEL=RASPIROOT#' /boot/firmware/cmdline.txt
|
2021-12-08 20:59:12 +00:00
|
|
|
sed -i 's/^#ROOTPART=.*/ROOTPART=LABEL=RASPIROOT/' /etc/default/raspi*-firmware
|
2019-12-17 20:41:16 +00:00
|
|
|
|
2021-08-28 03:01:30 +01:00
|
|
|
__EXTRA_CHROOT_SHELL_CMDS__
|
2019-12-17 20:41:16 +00:00
|
|
|
|
|
|
|
# TODO(https://github.com/larswirzenius/vmdb2/issues/24): remove once vmdb
|
|
|
|
# clears /etc/resolv.conf on its own.
|
|
|
|
- shell: |
|
|
|
|
rm "${ROOT?}/etc/resolv.conf"
|
2022-11-02 09:29:53 +00:00
|
|
|
root-fs: tag-root
|
2021-05-29 00:48:39 +01:00
|
|
|
|
2021-06-08 17:57:34 +01:00
|
|
|
# Clear /etc/machine-id and /var/lib/dbus/machine-id, as both should
|
2021-06-08 17:51:12 +01:00
|
|
|
# be auto-generated upon first boot. From the manpage
|
|
|
|
# (machine-id(5)):
|
2021-05-29 00:48:39 +01:00
|
|
|
#
|
|
|
|
# For normal operating system installations, where a custom image is
|
|
|
|
# created for a specific machine, /etc/machine-id should be
|
|
|
|
# populated during installation.
|
|
|
|
#
|
|
|
|
# Note this will also trigger ConditionFirstBoot=yes for systemd.
|
2021-08-23 19:48:17 +01:00
|
|
|
# On Buster, /etc/machine-id should be an emtpy file, not an absent file
|
|
|
|
# On Bullseye, /etc/machine-id should not exist in an image
|
2022-11-02 09:29:53 +00:00
|
|
|
- chroot: tag-root
|
2021-05-29 00:48:39 +01:00
|
|
|
shell: |
|
2021-06-08 17:57:34 +01:00
|
|
|
rm -f /etc/machine-id /var/lib/dbus/machine-id
|
2021-11-20 03:09:52 +00:00
|
|
|
__TOUCH_MACHINE_ID__
|
2022-01-01 22:37:27 +00:00
|
|
|
|
|
|
|
# Create /etc/raspi-image-id to know, from what commit the image was built
|
2022-11-02 09:29:53 +00:00
|
|
|
- chroot: tag-root
|
2022-01-01 22:37:27 +00:00
|
|
|
shell: |
|
2022-01-13 23:19:57 +00:00
|
|
|
echo "image based on revision: __GITCOMMIT__ and build on __BUILDTIME__ (UTC)" > "/etc/raspi-image-id"
|