Commit Graph

46 Commits

Author SHA1 Message Date
Diederik de Haas 55246ca61a
Replace '/boot' tag with 'tag-firmware'
This was the initial trigger for the tag-rename 'operation' as it caused
confusion (with me) as it was also a mislabeled tag, so remove the
ambiguity by renaming it to 'tag-firmware'.
2022-11-04 13:45:49 +01:00
Diederik de Haas a7d78af8a3
Replace '/' tag with 'tag-root'
Using path identifiers for tag names causes ambiguity as it's not
(immediately) clear whether a reference to it is a path or a tagname.
This causes hard to read/interpret log files and can lead to subtle and
hard to detect bugs.

The same tag can refer to different things based on the context
(partition/device/mountpoint/etc), so just use the 'tag-' prefix.

On the previous 'mount: /' step, I also added that it's to be mounted on
"dirname: '/'" to make it (more) explicit.
And removed it again as it seems you need to specify both 'dirname' AND
'mount-on' or neither. See https://bugs.debian.org/1023321
2022-11-04 13:45:49 +01:00
Ansgar 105c2a7621
add __RELEASE__-updates to sources.list
Closes: #62
2022-11-01 23:54:06 +01:00
Diederik de Haas b81aa80301
Enlarge firmware partition to 508MB
The firmware partition holds a copy of the initramfs and the kernel and
over the years we have seen a steady increase in its sizes.
Resizing the firmware partition later on is cumbersome as the root
partition follows directly, so it's better to make the firmware
partition not too small. A size of 508MB should be enough to accommodate
4-5 kernels+initramfs, which seems desirable.
2022-11-01 23:51:45 +01:00
Diederik de Haas 05bb2b3557
Switch to MiB units for partition sizes.
Previously one had to calculate how large the /boot/firmware partition
would be, but expressing it directly in MiB units is much clearer.

This also has the benefit that the /boot/firmware partition's size would
not change if the total image size would be changed.
Such a change should be a deliberate decision and not some side-effect.
As that 'side-effect' did happen since first submitting this patch,
revert the /boot/firmware partition's size back to 300MB.

Signed-off-by: Diederik de Haas <didi.debian@cknow.org>
2022-11-01 23:51:35 +01:00
Diederik de Haas 0f80bfa650
Remove unneeded apt-get update step.
Vmdb2 already does more then enough 'apt-get update', so no need to add
one ourselves.

Signed-off-by: Diederik de Haas <didi.debian@cknow.org>
2022-11-01 16:50:40 +01:00
Diederik de Haas dc7558eb3f
Re-add 'non-free' to sources till all firmware is moved
The wireless firmware is in the firmware-brcm80211 package, but that is
still in 'non-free', so add 'non-free' back to the sources until all
the needed firmware packages are in 'non-free-firmware'.

https://salsa.debian.org/kernel-team/firmware-nonfree/-/merge_requests/36
is where the move to non-free-firmware is proposed, but not yet merged.
2022-10-31 01:32:47 +01:00
Gunnar Wolf 1ffce8e6bb For Bookworm, use the new non-free-firmware section instead of non-free 2022-10-12 10:25:53 -05:00
Diederik de Haas 1211f8af04
Add buildtime to raspi-image-id in the image itself
When the image was build also determines which package versions got
installed in the generated image and could help explain why a user has
problems with the downloaded image.

Signed-off-by: Diederik de Haas <didi.debian@cknow.org>
2022-01-14 00:19:57 +01:00
Anton Gladky afe64f3b1f
Add git commit information into the image. Fixes #43 2022-01-13 23:49:27 +01:00
Cyril Brulebois 773d24900d Fix buster builds.
Regression introduced in f89f71560d2ca1bd60d97dbb26b89782657d56ae:
the sed call modifies /etc/default/raspi-firmware, which used to be
/etc/default/raspi3-firmware; while not ideal, working on
/etc/default/raspi*-firmware shouldn't interfere on unrelated files.
2021-12-08 21:59:12 +01:00
Cyril Brulebois 96ac1dcec7 Install systemd-timesyncd explicitly (fixes: #58).
It used to be pulled this way (up to Bullseye), via systemd:

    Depends: […] systemd-timesyncd | time-daemon […]

Starting with Bookworm, this was downgraded to:

    Recommends: […] systemd-timesyncd | time-daemon

Install it all the time: NTP support is important on Raspberry Pi
devices, which usually don't feature an RTC.

But be careful since Buster had systemd itself provide that feature (no
separate systemd-timesyncd package yet).

Thanks, David Tomaschik!
2021-12-08 21:38:36 +01:00
Cyril Brulebois 53b35993c7 Merge branch 'pythonize' 2021-12-08 20:49:34 +01:00
Gunnar Wolf 2ef7490999 Bumping up original image to 2GB, as we are hitting ENOSPC while building 2021-12-06 00:11:02 -06:00
Cyril Brulebois 7bcb42a2ba Merge branch 'master' into pythonize
Let's catch up with the recent changes (boot-consistency merge, mainly).

Conflicts:
	Makefile
	raspi_master.yaml
2021-11-20 14:01:01 +01:00
Cyril Brulebois 592c0df22e Adjust /etc/machine-id logic for buster.
Commit 26a7de63b0 in master:
/etc/machine-id needs to exist and be empty on buster, while bullseye
needs this file not to exist at all. For now, treat both bullseye and
bookworm the same way.
2021-11-20 04:09:52 +01:00
Cyril Brulebois 6251ebfbe0 Move the console= parameter for the serial console.
See https://salsa.debian.org/raspi-team/image-specs/-/issues/57 for
detailed background.

Summary, e.g. on the Pi 4:
 - fresh build and first boot means:
    console=ttyS1,115200 console=tty0
 - after dpkg-reconfigure raspi-firmware has run, with the default
   settings:
    console=tty0 console=ttyS1,115200

Having some consistency across boots seems desirable (esp. when the Pi
fails to boot and the hints are on a serial console which might not be
wired), so insert the console= parameter for the serial console right
before the root= parameter.

Currently, the /etc/kernel/postinst.d/z50-raspi-firmware hook uses:

    ${pre_cmdline} root=$ROOTPART […]

and console= parameters are inserted via ${pre_cmdline}, so inserting
the serial console before root= should get us the same results.
2021-10-21 16:59:14 +02:00
Cyril Brulebois f89f71560d Make label-based booting persistent (see: #996915).
Without this, the block device holding the root filesystem would be
resolved at the first boot when reconfiguring raspi-firmware (e.g.
/dev/mmcblk1p2) which would then make the system fail to boot if it
ever shows up under a different name (e.g. /dev/mmcblk0p2).

Set ROOTPART parameter explicitly to stick to label-based booting.
2021-10-21 16:35:43 +02:00
Cyril Brulebois 46ead8a58d Improve pattern when replacing root=/dev/mmcblk0p2 in cmdline.txt
Let's make it clear what we are replacing.
2021-10-21 16:34:32 +02:00
Diederik de Haas 26a7de63b0
Fix machine-id mechanism for Buster.
The logic wrt /etc/machine-id changed between Buster and Bullseye.
While on Bullseye the file should not exist, on Buster the file must
exist, but be empty, in order to generate a new machine-id on first
boot.
It seems that /var/lib/dbus/machine-id is a symlink to /etc/machine-id
on Buster, while a separate file on Bullseye, so nothing needs to be
done with that file/symlink.

Signed-off-by: Diederik de Haas <didi.debian@cknow.org>
2021-09-09 00:28:05 +02:00
Cyril Brulebois 1410839911 Add an empty line before __EXTRA_CHROOT_SHELL_CMDS__
This means the generated recipes are getting two empty lines if there
are no such commands (that's the case for everyone right now), but this
emphasizes the existence of this placeholder, the same way as for its
__EXTRA_ROOT_SHELL_CMDS__ twin.
2021-08-28 06:08:27 +02:00
Cyril Brulebois b339942ca4 Fix missing trailing newline in sources.list
Re-implement MR #49 by Diederik de Haas.
2021-08-28 06:07:45 +02:00
Cyril Brulebois 433100f5cb Standardize firmware handling.
Group raspi-firmware and firmware-brcm80211 together, and make the
firmware package a regular list item in the master YAML file (making
editors happy about it).

Of course, this means that in all generated recipes, linux-image and
raspi*-firmware switch places.
2021-08-28 06:07:45 +02:00
Cyril Brulebois 4483f4cdfb Generate recipes using a Python script instead of multiplying sed calls.
This is a proof of concept rather than an ideal, final situation.

It can be used this way:

    for v in 1 2 3 4 ; do
      for s in buster bullseye; do
        ./generate-recipe.py $v $s
      done
    done

and it has been verified to produce very similar results compared to the
existing many-sed approach.

Differences are as follows:
 - Missing newline after some backports stanza, due to the removal of
   the other APT line. There's already MR#51 that aims at fixing some
   newline-related issues anyway, so this can be addressed separately.
 - Less schizophrenia in the generated sources.list for buster/4, as we
   are now only showing a reason for enabling the backports, instead
   of starting by explaining why backports are disabled by default.
 - Dropping APT::Default-Release = buster in the buster/4 case, which
   is no longer needed as we are pulling things from buster-backports
   rather than pulling them from unstable (see 57e90df103).
 - No longer trying to fix the firmware package name by throwing a
   broken sed at rpi-reconfigure-raspi-firmware.service in the buster/4
   case: the syntax was buggy and fixing it would have made us try to
   replace raspi-firmware with raspi-firmware/buster-backports, while
   the correct thing to do is to not touch it in the first place
   (raspi-firmware is the correct name for the firmware package, pulled
   from buster-backports).

As a side effect, this transforms the existing __EXTRA_SHELL_CMDS__ into
a slightly more explicit __EXTRA_ROOT_SHELL_CMDS__ which now has its
__EXTRA_CHROOT_SHELL_CMDS__ twin. That's the entry point that was
missing and made 45cb5619d4 necessary in the past.
2021-08-28 06:07:45 +02:00
Gunnar Wolf feb61f3361 Fix rpi-generate-ssh-host-keys.service to use the correct package name in buster 2021-07-02 13:01:22 -05:00
Gunnar Wolf 5aadb0116a Ugh, pointed to wrong directory (should be /var/lib/dbus). Fixed. 2021-06-08 11:57:34 -05:00
Gunnar Wolf 75698b0feb Clearing machine-id requires also removing the info from /var/lib/bus/ 2021-06-08 11:51:34 -05:00
Diederik de Haas 8af1ec6cc6
Add 'ca-certificates' to installed packages.
This is needed to use Debian repos served over https, but also a LOT of
other programs, like reportbug, which want to communicate securely.

Also sorted the list of packages alphabatically as I couldn't find a
reason for the current order and then a logical sort order is better.

Signed-off-by: Diederik de Haas <didi.debian@cknow.org>
2021-06-04 23:23:23 +02:00
Gunnar Wolf 99c34cc1d6 Remove /etc/machine-id so that it gets generated upon the (real) first boot 2021-05-28 18:48:39 -05:00
Andres Salomon 0f23b8e378 rpi-resizerootfs: switch the root filesystem resizing away from a systemd oneshot service
Switch away from using a systemd service for the initial root resize.
Instead, we resize the root partition and filesystem in the initrd.

To simplify things, the initrd script will check whether it should resize
the partition on every boot. It does this by checking if the entire disk
(ignoring an empty 4MB) is in use.  However, the scripts themselves are
deleted from the system after the initrd is generated. After the image
is installed, the resize script should exist only in the initrd. When the
kernel gets upgraded (eg, for a security update) or a new initrd is generated
due to a package install, the new initrd will not contain the resize script.
At that point, nothing will remain from the image's initial resize
bootstrapping process.

This process (but not the scripts) is similar to what cloud-initramfs-growroot
does. However, that particular package has an indirect dependency on Python,
and we don't necessarily want that overhead in our images just for resizing.
2021-05-10 14:08:07 -04:00
Gunnar Wolf 41ee2c55a7 Use security.d.o for the security mirror 2021-05-07 13:35:05 -05:00
Gunnar Wolf e826d97050 Enable security updates for Bullseye images 2021-05-07 12:58:56 -05:00
Gunnar Wolf 6779ca8ad0 Blacklist vc4 module for Bullseye on RPi4, as it leads to serial console corruption 2021-04-13 16:58:25 -05:00
Diederik de Haas 1b802e100b Start first partition at 4MiB for proper alignment.
See
https://www.gnu.org/software/parted/manual/html_node/mkpart.html#FOOT2
which then points to Arnd Bergmann's article on LWN:
https://lwn.net/Articles/428584/

Signed-off-by: Diederik de Haas <didi.debian@cknow.org>
2021-02-19 11:41:43 +01:00
Gunnar Wolf a146c3a7f7 Fixes to almost-ensure there is a working serial console
Why almost? Because Rpi0w uses ttyS1 instead of ttyAMA0 desipte being part of the RPi1 family...
...But it will work fine for the _second_ boot onwards, if things go according to plan.
For all other RPi models, it should work from the first boot on.
2021-02-18 11:31:23 -06:00
Gunnar Wolf 791dfacde6 Merge remote-tracking branch 'diedrik/replace-wltools-with-iw' into bullseye 2021-02-07 14:28:40 -06:00
Diederik de Haas d82cb7bbfd Replace deprecated wireless-tools with iw.
In https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963896 the
wireless-tools package is orphaned, after it has been deprecated
upstream for a while now.
2021-01-26 13:20:23 +01:00
Gunnar Wolf 89ef824285 Don't use the transition firmware package when building for bullseye 2021-01-25 14:27:26 -06:00
Gunnar Wolf 85126a9503 Enable the build of Bullseye targets as well 2021-01-14 00:55:55 -06:00
Gunnar Wolf 7de811f115 Add a configuration file for wireless networking 2020-08-15 00:15:43 -05:00
PeterLawler dd3b33419c rootfs subdirectory 2020-08-15 05:06:18 +00:00
Gunnar Wolf 0cf508221f Merge branch 'liw/shquote' into 'master'
Fix: quote expansion of $ROOT in case it has problematic characters

See merge request raspi-team/image-specs!3
2020-05-24 21:55:02 +00:00
Gunnar Wolf aad5a5a489 non-free must be enabled for updated raspi3-firmware on armel to be pulled in :-Þ 2020-04-24 11:00:10 -05:00
Gunnar Wolf 3cdd8af08d Enable stable-proposed-updates for building images for RPi 0/1 families 2020-04-10 00:22:30 -05:00
Gunnar Wolf f1445d5f28 Replace a pending "chroot" section by "create-file" 2020-04-04 20:03:16 -06:00
Gunnar Wolf 7288c11f0e Added a Makefile driving a raspi_master recipe
This is instead of maintaining separate recipes for 0w, 2 and 3 hardware
2019-12-17 17:41:16 -03:00