1
0
forked from brl/citadel

Not used anymore

This commit is contained in:
Bruce Leidl 2019-01-07 15:37:42 -05:00
parent f9c9514f96
commit aafe29e2dd
3 changed files with 0 additions and 358 deletions

View File

@ -1,99 +0,0 @@
# How to make rootfs writable
1. Open Citadel terminal
2. Su to root
$ su
3. Remount root as read-write
# mount -o remount,rw /
# How to change timezone
1. Make rootfs writable
2. Run Setting application in Gnome, change timezone in Details -> Date & Time
# How to change Gnome lock screen passwd
1. Open Citadel terminal
2. Generate new password with openssl
$ openssl passwd
Password:
Verifying - Password:
sGYyWXqDuh64g
3. Su to root
$ su
4. Make rootfs writable
# mount -o remount,rw /
5. Copy new password hash into /etc/shadow
# vim /etc/shadow
# How to install image update
1. Open Citadel terminal
2. Su to root
3. Determine if current boot is from rootfsA or rootfsB. Make sure you don't overwrite the currently mounted rootfs partition!
# findmnt /
TARGET SOURCE FSTYPE OPTIONS
/ /dev/mapper/citadel-rootfsA ext2 rw,relatime,errors=continue,user_xattr
4. Locate the rootfs update image you want to install
# file /storage/user-data/primary-home/citadel-image-intel-corei7-64.ext2
/storage/user-data/primary-home/citadel-image-intel-corei7-64.ext2: Linux rev 1.0 ext2 filesystem data, UUID=d9dd20e9-9286-4c60-9dc3-37c68e36481c (large files)
5. Write to the correct partition with dd command.
# dd if=/storage/user-data/primary-home/citadel-image-intel-corei7-64.ext2 of=/dev/mapper/citadel-rootfsB bs=4M
255+1 records in
255+1 records out
1071823872 bytes (1.1 GB, 1022 MiB) copied, 3.01726 s, 355 MB/s
6. Sync just to be sure everything is flushed to disk, then reboot into new image.
# sync
# reboot
# How to have hardware graphics acceleration for applications
1. Open Citadel terminal
2. Su to root
3. Make rootfs writable
# mount -o remount,rw /
4. Enable /dev/dri/renderD128 bind mount in primary.nspawn file
# vim /etc/systemd/nspawn/primary.nspawn
# How to use Qemu?
1. Open Citadel terminal
2. Su to root
3. Make rootfs writable
# mount -o remount,rw /
4. Enable /dev/kvm bind mount in primary.nspawn file
# vim /etc/systemd/nspawn/primary.nspawn

View File

@ -1,70 +0,0 @@
#!/bin/bash
SCRIPT=$(realpath ${BASH_SOURCE})
IMAGES=$(realpath $(dirname ${SCRIPT})/../build/images/)
image_file() {
local fname=$(readlink -f ${IMAGES}/${1})
if [[ ! -f ${fname} ]]; then
>&2 printf "File ${fname} does not exist\n"
exit 1
fi
printf $fname
}
EFIBOOT=$(image_file systemd-bootx64.efi)
KERNEL=$(image_file bzImage)
ROOTFS=$(image_file citadel-image-intel-corei7-64.ext2)
APPIMG_ROOTFS=$(image_file ../appimg/appimg-rootfs.tar.xz)
HOWTO=$(image_file ../../docs/howto.md)
INSTALL_SH=$(image_file ../../scripts/install.sh)
KERNEL_CMDLINE="add_efi_memmap intel_iommu=off cryptomgr.notests rcupdate.rcu_expedited=1 rcu_nocbs=0-64 tsc=reliable no_timer_check noreplace-smp i915.fastboot=1 quiet splash"
INSTALLPACK=/tmp/installpack
BOOTPATH=${INSTALLPACK}/boot
make_loader_conf() {
echo "default bootA"
echo "timeout 5"
}
make_boot_conf() {
echo "title Subgraph OS (Citadel) [Root Partition ${1}]"
echo "linux /bzImage"
echo "options LABEL=Boot root=/dev/mapper/citadel-rootfs${1} ${KERNEL_CMDLINE}"
}
setup_boot() {
mkdir -p ${BOOTPATH}/EFI/BOOT
mkdir -p ${BOOTPATH}/loader/entries
cp ${EFIBOOT} ${BOOTPATH}/EFI/BOOT/bootx64.efi
cp ${KERNEL} ${BOOTPATH}/bzImage
make_loader_conf > ${BOOTPATH}/loader/loader.conf
make_boot_conf 'A' > ${BOOTPATH}/loader/entries/bootA.conf
make_boot_conf 'B' > ${BOOTPATH}/loader/entries/bootB.conf
}
rm -rf /tmp/installpack
mkdir -p /tmp/installpack/components
setup_boot
cp ${ROOTFS} /tmp/installpack/components/citadel-image-rootfs.ext2
cp ${APPIMG_ROOTFS} /tmp/installpack/components/
cp ${HOWTO} /tmp/installpack/components/
cp ${INSTALL_SH} /tmp/installpack
chmod +x /tmp/installpack/install.sh
(
echo "Date : $(date)"
echo "Git : $(git rev-parse HEAD)"
pushd /tmp/installpack > /dev/null
echo
echo " $(sha256sum components/citadel-image-rootfs.ext2)"
echo " $(sha256sum components/appimg-rootfs.tar.xz)"
popd > /dev/null
) > /tmp/installpack/build.info
tar -C /tmp -cvf installpack.tar installpack
#rm -rf /tmp/installpack

View File

@ -1,189 +0,0 @@
#!/bin/bash
set -e
set -u
blkdev_info() {
local model=$(< /sys/block/${1}/device/model)
local size=$(printf "%sG" $(( $(</sys/block/${1}/size) >> 21 )))
printf " Device: /dev/${1}\n"
printf " Size: ${size}\n"
printf " Model: ${model}\n"
}
errormsg() {
printf "Failed: ${1}\n"
exit 1
}
info() {
printf "[+] ${1}\n"
}
passphrase=""
ask_passphrase() {
local p1 p2
for i in {1..3}
do
read -s -p "Enter passphrase for disk encryption: " p1
echo
read -s -p " Confirm passphrase: " p2
echo
if [[ ${p1} != ${p2} ]]; then
printf "THe passphrases did not match\n"
elif [[ -z ${p1} ]] ; then
printf "Passphrase cannot be empty\n"
else
passphrase=${p1}
return
fi
done
errormsg "Too many attempts, Unable to set disk encryption passphrase"
}
confirm_device() {
if [[ ! -b ${1} ]]; then
errormsg "No block device '${1}' found"
fi
local base=$(basename ${1})
if [[ ! -e /sys/block/${base}/device ]]; then
errormsg "Unable to find device path /sys/block/${base}/device"
fi
printf "Are you sure you want to overwrite this device\n\n%s\n\n" "$(blkdev_info ${base})"
read -p "Type YES (uppercase) to continue: " confirm
if [[ ${confirm} != "YES" ]]; then
echo "Install not confirmed, exiting."
exit 1
fi
}
LUKS_UUID="683a17fc-4457-42cc-a946-cde67195a101"
partition_device() {
local PARTED="parted -a optimal ${1}"
${PARTED} -s mklabel gpt
${PARTED} mkpart boot fat32 0% 512MiB
${PARTED} set 1 boot on
${PARTED} mkpart data ext4 512MiB 100%
${PARTED} set 2 lvm on
}
setup_luks() {
# /dev/sdb2
local TARGET_LVM=${1}2
printf "${passphrase}" | cryptsetup -q --uuid=${LUKS_UUID} luksFormat ${TARGET_LVM} -
printf "${passphrase}" | cryptsetup open --type luks --key-file - ${TARGET_LVM} luks-install
}
setup_lvm() {
pvcreate -ff --yes /dev/mapper/luks-install
vgcreate --yes citadel /dev/mapper/luks-install
lvcreate --yes --size 2g --name rootfsA citadel
lvcreate --yes --size 2g --name rootfsB citadel
lvcreate --yes --extents 100%VG --name storage citadel
}
setup_disk() {
[[ $# -ne 1 ]] && usage
confirm_device ${1}
ask_passphrase
info "Deactivating device ${1}"
blkdeactivate ${1} >> install.log 2>&1
info "Partitioning device ${1}"
partition_device ${1} >> install.log 2>&1
info "Setting up LUKS disk encryption on partition ${1}2"
setup_luks ${1} >> install.log 2>&1
info "Creating LVM volumes inside LUKS volume"
setup_lvm >> install.log 2>&1
info "Creating vfat filesystem on EFI system partition ${1}1"
mkfs.vfat -F 32 ${1}1 >> install.log 2>&1
info "Creating btrfs filesystem on storage volume"
mkfs.btrfs /dev/mapper/citadel-storage >> install.log 2>&1
lsblk -o NAME,SIZE,TYPE,FSTYPE ${1} >> install.log
}
unmount_disk() {
info "Closing LVM volumes"
vgchange -an citadel >> install.log 2>&1
info "Closing LUKS volume"
cryptsetup luksClose luks-install
}
install() {
local MNT="install-mnt"
mkdir -p install-mnt
info "Mounting EFI system partition ${1}1"
mount ${1}1 install-mnt
info "Installing boot tree to EFI system partition"
cp -R boot/* install-mnt
info "Unmounting EFI system partition"
umount ${1}1
local PRIMARY_APPIMG="${MNT}/appimg"
local PRIMARY_HOME="${MNT}/user-data/primary-home"
local PRIMARY_REALM="${MNT}/realms/realm-main"
info "Mounting storage partition"
mount /dev/mapper/citadel-storage ${MNT}
mkdir -p ${PRIMARY_APPIMG}
info "Creating new btrfs subvolume for base appimg"
btrfs subvolume create ${MNT}/appimg/base.appimg
info "Installing base appimg tree"
tar -C ${PRIMARY_APPIMG}/base.appimg -xf components/appimg-rootfs.tar.xz
mkdir -p ${PRIMARY_HOME}
cp components/howto.md ${PRIMARY_HOME}
cp ${PRIMARY_APPIMG}/base.appimg/home/user/{.bashrc,.profile} ${PRIMARY_HOME}
chown -R 1000:1000 ${PRIMARY_HOME}
info "Creating main realm"
mkdir -p ${PRIMARY_REALM}
btrfs subvolume snapshot ${PRIMARY_APPIMG}/base.appimg ${PRIMARY_REALM}/rootfs
ln -s realm-main ${MNT}/realms/default.realm
ln -s /storage/user-data/primary-home ${PRIMARY_REALM}/home
info "Creating shared directory"
mkdir ${MNT}/realms/Shared
chown 1000:1000 ${MNT}/realms/Shared
info "Unmounting storage partition"
umount /dev/mapper/citadel-storage
info "Writing citadel image to rootfsA partition"
dd if=components/citadel-image-rootfs.ext2 of=/dev/mapper/citadel-rootfsA bs=4M >> install.log 2>&1
#info "Writing citadel image to rootfsB partition"
#dd if=components/citadel-image-rootfs.ext2 of=/dev/mapper/citadel-rootfsB bs=4M >> install.log 2>&1
}
usage() {
printf "Usage:\n"
printf "\t\t./install.sh [<block device>]\n\n"
exit 1
}
if [[ $# -eq 0 ]]; then
usage
fi
setup_disk ${1}
install ${1}
unmount_disk
sync
info "Install completed successfully"