Compare commits
	
		
			No commits in common. "19bc500bf13a255c26950c8167448afa22730c29" and "1b8275894e3e6516be7f18185372ea8e955b613f" have entirely different histories.
		
	
	
		
			19bc500bf1
			...
			1b8275894e
		
	
		
							
								
								
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							|  | @ -20,7 +20,3 @@ raspi_1_trixie.yaml | |||
| raspi_2_trixie.yaml | ||||
| raspi_3_trixie.yaml | ||||
| raspi_4_trixie.yaml | ||||
| *.log | ||||
| *.img.xz | ||||
| *.img.gz | ||||
| *.img | ||||
|  |  | |||
|  | @ -33,11 +33,10 @@ Debian Bullseye (11) or higher system: | |||
| * time | ||||
| * vmdb2 (>= 0.17) | ||||
| * python3 | ||||
| * zerofree (because of [#1021341](https://bugs.debian.org/1021341)) | ||||
| 
 | ||||
| To install these (as root): | ||||
| ```shell | ||||
|    apt install -y vmdb2 dosfstools qemu-utils qemu-user-static debootstrap binfmt-support time kpartx bmap-tools python3 zerofree | ||||
|    apt install -y vmdb2 dosfstools qemu-utils qemu-user-static debootstrap binfmt-support time kpartx bmap-tools python3 | ||||
|    apt install -y fakemachine | ||||
| ``` | ||||
| 
 | ||||
|  | @ -117,7 +116,7 @@ Alternatively, if you don't have `bmap-tools` installed, you can use | |||
| `dd` with the compressed image: | ||||
| 
 | ||||
| ```shell | ||||
| xzcat raspi_3_bullseye.img.xz | dd of=/dev/mmcblk0 bs=64k oflag=dsync status=progress | ||||
| xzcat raspi_3_bullseye.img | dd of=/dev/mmcblk0 bs=64k oflag=dsync status=progress | ||||
| ``` | ||||
| 
 | ||||
| Or with the uncompressed image: | ||||
|  |  | |||
										
											Binary file not shown.
										
									
								
							
										
											Binary file not shown.
										
									
								
							|  | @ -40,6 +40,10 @@ elif version in ['3', '4']: | |||
|     linux = 'linux-image-arm64' | ||||
|     dtb = '/usr/lib/linux-image-*-arm64/broadcom/bcm*rpi*.dtb' | ||||
| 
 | ||||
| # APT and default firmware (name + handling) | ||||
| raspi_firmware = 'raspi-firmware' | ||||
| fix_firmware = False | ||||
| 
 | ||||
| # Bookworm introduced the 'non-free-firmware' component¹; before that, | ||||
| # raspi-firmware was in 'non-free' | ||||
| # | ||||
|  | @ -63,8 +67,7 @@ if version != '2': | |||
| else: | ||||
|     bluetooth_firmware = '' | ||||
| 
 | ||||
| # Pi 4 on buster required some backports. Let's keep variables around, ready to | ||||
| # be used whenever we need to pull specific things from backports. | ||||
| # Pi 4 on buster requires some backports: | ||||
| backports_enable = False | ||||
| backports_suite = '%s-backports' % suite | ||||
| 
 | ||||
|  | @ -81,6 +84,9 @@ if version == '4': | |||
|         "sed -i 's/cma=64M //' /boot/firmware/cmdline.txt", | ||||
|     ] | ||||
| 
 | ||||
| # XXX: The disparity between suite seems to be a bug, pick a naming | ||||
| # and stick to it! | ||||
| # | ||||
| # Hostname: | ||||
| hostname = 'rpi_%s' % version | ||||
| 
 | ||||
|  | @ -90,6 +96,12 @@ extra_root_shell_cmds = [] | |||
| 
 | ||||
| ### The following prepares substitutions based on variables set earlier | ||||
| 
 | ||||
| # Commands to fix the firmware name in the systemd unit: | ||||
| if fix_firmware: | ||||
|     fix_firmware_cmds = ['sed -i s/raspi-firmware/raspi3-firmware/ ${ROOT?}/etc/systemd/system/rpi-reconfigure-raspi-firmware.service'] | ||||
| else: | ||||
|     fix_firmware_cmds = [] | ||||
| 
 | ||||
| # Enable backports with a reason, or add commented-out entry: | ||||
| if backports_enable: | ||||
|     backports_stanza = """ | ||||
|  | @ -104,6 +116,12 @@ else: | |||
| # deb http://deb.debian.org/debian %s main %s | ||||
| """ % (backports_suite, firmware_component) | ||||
| 
 | ||||
| # Buster requires an existing, empty /etc/machine-id file: | ||||
| touch_machine_id = 'echo "uninitialized" > /etc/machine-id' | ||||
| 
 | ||||
| # Buster shipped timesyncd directly into systemd: | ||||
| systemd_timesyncd = 'systemd-timesyncd' | ||||
| 
 | ||||
| gitcommit = subprocess.getoutput("git show -s --pretty='format:%C(auto)%h (%s, %ad)' --date=short ") | ||||
| buildtime = subprocess.getoutput("date --utc +'%Y-%m-%d %H:%M'") | ||||
| 
 | ||||
|  | @ -138,13 +156,17 @@ with open('raspi_master.yaml', 'r') as in_file: | |||
|             .replace('__FIRMWARE_COMPONENT_OLD__', firmware_component_old) \ | ||||
|             .replace('__LINUX_IMAGE__', linux) \ | ||||
|             .replace('__DTB__', dtb) \ | ||||
|             .replace('__SYSTEMD_TIMESYNCD__', systemd_timesyncd) \ | ||||
|             .replace('__RASPI_FIRMWARE__', raspi_firmware) \ | ||||
|             .replace('__WIRELESS_FIRMWARE__', wireless_firmware) \ | ||||
|             .replace('__BLUETOOTH_FIRMWARE__', bluetooth_firmware) \ | ||||
|             .replace('__SERIAL_CONSOLE__', serial) \ | ||||
|             .replace('__HOST__', hostname) \ | ||||
|             .replace('__TOUCH_MACHINE_ID__', touch_machine_id) \ | ||||
|             .replace('__GITCOMMIT__', gitcommit) \ | ||||
|             .replace('__BUILDTIME__', buildtime) | ||||
| 
 | ||||
|         out_text = align_replace(out_text, '__FIX_FIRMWARE_PKG_NAME__', fix_firmware_cmds) | ||||
|         out_text = align_replace(out_text, '__EXTRA_ROOT_SHELL_CMDS__', extra_root_shell_cmds) | ||||
|         out_text = align_replace(out_text, '__EXTRA_CHROOT_SHELL_CMDS__', extra_chroot_shell_cmds) | ||||
|         out_text = align_replace(out_text, '__BACKPORTS__', backports_stanza.splitlines()) | ||||
|  |  | |||
|  | @ -1,199 +0,0 @@ | |||
| --- | ||||
| # See https://wiki.debian.org/RaspberryPi3 for known issues and more details. | ||||
| # image.yml based on revision: ff7fdbf (Switch from qemu-debootstrap to debootstrap., 2024-01-01) | ||||
| 
 | ||||
| steps: | ||||
|   - mkimg: "{{ output }}" | ||||
|     size: 2500M | ||||
| 
 | ||||
|   - mklabel: msdos | ||||
|     device: "{{ output }}" | ||||
| 
 | ||||
|   - mkpart: primary | ||||
|     fs-type: 'fat32' | ||||
|     device: "{{ output }}" | ||||
|     start: 4MiB | ||||
|     end: 512MiB | ||||
|     tag: tag-firmware | ||||
| 
 | ||||
|   - mkpart: primary | ||||
|     device: "{{ output }}" | ||||
|     start: 512MiB | ||||
|     end: 100% | ||||
|     tag: tag-root | ||||
| 
 | ||||
|   - kpartx: "{{ output }}" | ||||
| 
 | ||||
|   - mkfs: vfat | ||||
|     partition: tag-firmware | ||||
|     label: RASPIFIRM | ||||
| 
 | ||||
|   - mkfs: ext4 | ||||
|     partition: tag-root | ||||
|     label: RASPIROOT | ||||
| 
 | ||||
|   - mount: tag-root | ||||
| 
 | ||||
|   - mount: tag-firmware | ||||
|     mount-on: tag-root | ||||
|     dirname: '/boot/firmware' | ||||
| 
 | ||||
|   - unpack-rootfs: tag-root | ||||
| 
 | ||||
|   - debootstrap: bookworm | ||||
|     require_empty_target: false | ||||
|     mirror: http://deb.debian.org/debian | ||||
|     target: tag-root | ||||
|     arch: arm64 | ||||
|     components: | ||||
|       - main | ||||
|       - non-free-firmware | ||||
|       - non-free | ||||
|     unless: rootfs_unpacked | ||||
| 
 | ||||
|   - create-file: /etc/apt/sources.list | ||||
|     contents: |+ | ||||
|       deb http://deb.debian.org/debian bookworm main non-free-firmware non-free | ||||
|       deb http://deb.debian.org/debian bookworm-updates main non-free-firmware non-free | ||||
|       deb http://security.debian.org/debian-security bookworm-security main non-free-firmware non-free | ||||
|       # Backports are _not_ enabled by default. | ||||
|       # Enable them by uncommenting the following line: | ||||
|       deb http://deb.debian.org/debian bookworm-backports main non-free-firmware | ||||
| 
 | ||||
|   - create-file: /etc/apt/preferences.d/hibbian.pref | ||||
|     contents: |+ | ||||
|       Package: * | ||||
|       Pin: release o=Hibbian | ||||
|       Pin-Priority: 600 | ||||
| 
 | ||||
|   - create-file: /etc/apt/preferences.d/hibbian.pref | ||||
|     contents: |+ | ||||
|       Package: linux-image | ||||
|       Pin: release o=Debian Backports | ||||
|       Pin-Priority: 500 | ||||
| 
 | ||||
|   - create-file: /etc/apt/sources.list.d/hibbian.list | ||||
|     contents: |+ | ||||
|       deb http://repo.hibbian.org/hibbian bookworm-hibbian-unstable main non-free-firmware non-free | ||||
| 
 | ||||
|   - copy-file: /etc/apt/trusted.gpg.d/hibbian-archive-keyring.gpg | ||||
|     src: etc/apt/trusted.gpg.d/hibbian-archive-keyring.gpg | ||||
|     perm: 0755 | ||||
| 
 | ||||
|   - copy-file: /etc/initramfs-tools/hooks/rpi-resizerootfs | ||||
|     src: rootfs/etc/initramfs-tools/hooks/rpi-resizerootfs | ||||
|     perm: 0755 | ||||
|     unless: rootfs_unpacked | ||||
| 
 | ||||
|   - copy-file: /etc/initramfs-tools/scripts/local-bottom/rpi-resizerootfs | ||||
|     src: rootfs/etc/initramfs-tools/scripts/local-bottom/rpi-resizerootfs | ||||
|     perm: 0755 | ||||
|     unless: rootfs_unpacked | ||||
| 
 | ||||
|   - apt: install | ||||
|     packages: | ||||
|       - ca-certificates | ||||
|       - dosfstools | ||||
|       - iw | ||||
|       - parted | ||||
|       - openssh-server | ||||
|       - network-manager | ||||
|       - systemd-timesyncd | ||||
|       - linux-image-arm64 | ||||
|       - raspi-firmware | ||||
|       - firmware-brcm80211 | ||||
|       - bluez-firmware | ||||
|       - base-files | ||||
|       - linbpq | ||||
|       - sudo | ||||
|       - vim-nox | ||||
|       - net-tools | ||||
|     tag: tag-root | ||||
| 
 | ||||
|   - cache-rootfs: tag-root | ||||
|     unless: rootfs_unpacked | ||||
| 
 | ||||
|   - shell: | | ||||
|       echo "hibbian-$(date +%Y%m%d)" > "${ROOT?}/etc/hostname" | ||||
| 
 | ||||
|       # Allow root logins locally with no password | ||||
|       sed -i 's,root:[^:]*:,root::,' "${ROOT?}/etc/shadow" | ||||
| 
 | ||||
|       install -m 644 -o root -g root rootfs/etc/fstab "${ROOT?}/etc/fstab" | ||||
| 
 | ||||
|       install -m 644 -o root -g root rootfs/etc/network/interfaces.d/eth0 "${ROOT?}/etc/network/interfaces.d/eth0" | ||||
|       install -m 600 -o root -g root rootfs/etc/network/interfaces.d/wlan0 "${ROOT?}/etc/network/interfaces.d/wlan0" | ||||
| 
 | ||||
|       install -m 755 -o root -g root rootfs/usr/local/sbin/rpi-set-sysconf "${ROOT?}/usr/local/sbin/rpi-set-sysconf" | ||||
|       install -m 644 -o root -g root rootfs/etc/systemd/system/rpi-set-sysconf.service "${ROOT?}/etc/systemd/system/" | ||||
|       install -m 644 -o root -g root rootfs/boot/firmware/sysconf.txt "${ROOT?}/boot/firmware/sysconf.txt" | ||||
|       mkdir -p "${ROOT?}/etc/systemd/system/basic.target.requires/" | ||||
|       ln -s /etc/systemd/system/rpi-set-sysconf.service "${ROOT?}/etc/systemd/system/basic.target.requires/rpi-set-sysconf.service" | ||||
| 
 | ||||
|       # Resize script is now in the initrd for first boot; no need to ship it. | ||||
|       rm -f "${ROOT?}/etc/initramfs-tools/hooks/rpi-resizerootfs" | ||||
|       rm -f "${ROOT?}/etc/initramfs-tools/scripts/local-bottom/rpi-resizerootfs" | ||||
| 
 | ||||
|       install -m 644 -o root -g root rootfs/etc/systemd/system/rpi-reconfigure-raspi-firmware.service "${ROOT?}/etc/systemd/system/" | ||||
|       mkdir -p "${ROOT?}/etc/systemd/system/multi-user.target.requires/" | ||||
|       ln -s /etc/systemd/system/rpi-reconfigure-raspi-firmware.service "${ROOT?}/etc/systemd/system/multi-user.target.requires/rpi-reconfigure-raspi-firmware.service" | ||||
| 
 | ||||
|       install -m 644 -o root -g root rootfs/etc/systemd/system/rpi-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/" | ||||
|       ln -s /etc/systemd/system/rpi-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/multi-user.target.requires/rpi-generate-ssh-host-keys.service" | ||||
|       rm -f "${ROOT?}"/etc/ssh/ssh_host_*_key* | ||||
| 
 | ||||
|     root-fs: tag-root | ||||
| 
 | ||||
|   # Copy the relevant device tree files to the boot partition | ||||
|   - chroot: tag-root | ||||
|     shell: | | ||||
|       install -m 644 -o root -g root /usr/lib/linux-image-*-arm64/broadcom/bcm*rpi*.dtb /boot/firmware/ | ||||
| 
 | ||||
|   # Clean up archive cache (likely not useful) and lists (likely outdated) to | ||||
|   # reduce image size by several hundred megabytes. | ||||
|   - chroot: tag-root | ||||
|     shell: | | ||||
|       apt-get clean | ||||
|       rm -rf /var/lib/apt/lists | ||||
| 
 | ||||
|   # Modify the kernel commandline we take from the firmware to boot from | ||||
|   # the partition labeled raspiroot instead of forcing it to mmcblk0p2. | ||||
|   # Also insert the serial console right before the root= parameter. | ||||
|   # | ||||
|   # These changes will be overwritten after the hardware is probed | ||||
|   # after dpkg reconfigures raspi-firmware (upon first boot), so make | ||||
|   # sure we don't lose label-based booting. | ||||
|   - chroot: tag-root | ||||
|     shell: | | ||||
|       sed -i 's/root=/console=ttyS1,115200 root=/' /boot/firmware/cmdline.txt | ||||
|       sed -i 's#root=/dev/mmcblk0p2#root=LABEL=RASPIROOT#' /boot/firmware/cmdline.txt | ||||
|       sed -i 's/^#ROOTPART=.*/ROOTPART=LABEL=RASPIROOT/' /etc/default/raspi*-firmware | ||||
| 
 | ||||
|       sed -i 's/cma=64M //' /boot/firmware/cmdline.txt | ||||
| 
 | ||||
|   # TODO(https://github.com/larswirzenius/vmdb2/issues/24): remove once vmdb | ||||
|   # clears /etc/resolv.conf on its own. | ||||
|   - shell: | | ||||
|       rm "${ROOT?}/etc/resolv.conf" | ||||
|     root-fs: tag-root | ||||
| 
 | ||||
|   # Clear /etc/machine-id and /var/lib/dbus/machine-id, as both should | ||||
|   # be auto-generated upon first boot. From the manpage | ||||
|   # (machine-id(5)): | ||||
|   # | ||||
|   #   For normal operating system installations, where a custom image is | ||||
|   #   created for a specific machine, /etc/machine-id should be | ||||
|   #   populated during installation. | ||||
|   # | ||||
|   # Note this will also trigger ConditionFirstBoot=yes for systemd. | ||||
|   # On Buster, /etc/machine-id should be an emtpy file, not an absent file | ||||
|   # On Bullseye, /etc/machine-id should not exist in an image | ||||
|   - chroot: tag-root | ||||
|     shell: | | ||||
|       rm -f /etc/machine-id /var/lib/dbus/machine-id | ||||
|       echo "uninitialized" > /etc/machine-id | ||||
| 
 | ||||
|   # Create /etc/raspi-image-id to know, from what commit the image was built | ||||
|   - chroot: tag-root | ||||
|     shell: | | ||||
|       echo "image based on revision: ff7fdbf (Switch from qemu-debootstrap to debootstrap., 2024-01-01) and built in 2024 with love from Hibby" > "/etc/raspi-image-id" | ||||
|  | @ -40,8 +40,7 @@ steps: | |||
| 
 | ||||
|   - unpack-rootfs: tag-root | ||||
| 
 | ||||
|   - debootstrap: __RELEASE__ | ||||
|     require_empty_target: false | ||||
|   - qemu-debootstrap: __RELEASE__ | ||||
|     mirror: http://deb.debian.org/debian | ||||
|     target: tag-root | ||||
|     arch: __ARCH__ | ||||
|  | @ -78,9 +77,9 @@ steps: | |||
|       - parted | ||||
|       - ssh | ||||
|       - wpasupplicant | ||||
|       - systemd-timesyncd | ||||
|       - __SYSTEMD_TIMESYNCD__ | ||||
|       - __LINUX_IMAGE__ | ||||
|       - raspi-firmware | ||||
|       - __RASPI_FIRMWARE__ | ||||
|       - __WIRELESS_FIRMWARE__ | ||||
|       - __BLUETOOTH_FIRMWARE__ | ||||
|     tag: tag-root | ||||
|  | @ -113,6 +112,7 @@ steps: | |||
|       install -m 644 -o root -g root rootfs/etc/systemd/system/rpi-reconfigure-raspi-firmware.service "${ROOT?}/etc/systemd/system/" | ||||
|       mkdir -p "${ROOT?}/etc/systemd/system/multi-user.target.requires/" | ||||
|       ln -s /etc/systemd/system/rpi-reconfigure-raspi-firmware.service "${ROOT?}/etc/systemd/system/multi-user.target.requires/rpi-reconfigure-raspi-firmware.service" | ||||
|       __FIX_FIRMWARE_PKG_NAME__ | ||||
| 
 | ||||
|       install -m 644 -o root -g root rootfs/etc/systemd/system/rpi-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/" | ||||
|       ln -s /etc/systemd/system/rpi-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/multi-user.target.requires/rpi-generate-ssh-host-keys.service" | ||||
|  | @ -168,7 +168,7 @@ steps: | |||
|   - chroot: tag-root | ||||
|     shell: | | ||||
|       rm -f /etc/machine-id /var/lib/dbus/machine-id | ||||
|       echo "uninitialized" > /etc/machine-id | ||||
|       __TOUCH_MACHINE_ID__ | ||||
| 
 | ||||
|   # Create /etc/raspi-image-id to know, from what commit the image was built | ||||
|   - chroot: tag-root | ||||
|  |  | |||
		Loading…
	
		Reference in a new issue