From 229d29fee6304c05361525e258a3b3e160bc19e5 Mon Sep 17 00:00:00 2001 From: Ana Custura Date: Wed, 21 Jan 2026 16:15:21 +0000 Subject: [PATCH 1/6] Download instead of build dendrite packages --- ansible/group_vars/all.yml | 2 +- ansible/install-chat.yml | 68 ++++++++++---------------------------- 2 files changed, 19 insertions(+), 51 deletions(-) diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 641772e..e9768ea 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -1,5 +1,5 @@ butter_language: en -butter_name: butter-box +butter_name: butterbox go_version: "1.24.6" go_arch_map: x86_64: "amd64" diff --git a/ansible/install-chat.yml b/ansible/install-chat.yml index 0440297..9fbe6b0 100644 --- a/ansible/install-chat.yml +++ b/ansible/install-chat.yml @@ -14,64 +14,32 @@ update_cache: yes when: not ( is_vmdb2 | bool ) - # install Go -# # - name: Download Go tarball -# get_url: -# url: "https://go.dev/dl/go{{ go_version }}.linux-{{ go_arch_map[ansible_architecture] }}.tar.gz" -# dest: /tmp/go.tar.gz -# mode: '0644' -# -# - name: Extract Go to /usr/local -# unarchive: -# src: /tmp/go.tar.gz -# dest: /usr/local -# remote_src: yes -# creates: /usr/local/go -# -# - name: Ensure Go path is in .profile -# lineinfile: -# path: "/home/{{ butter_user }}/.profile" -# line: 'PATH=$PATH:/usr/local/go/bin' -# insertafter: EOF -# state: present -# create: yes -# -# - name: Remove existing dendrite directory if it exists -# file: -# path: "/home/{{ butter_user }}/dendrite" -# state: absent -# -# - name: Clone dendrite repo -# git: -# repo: https://github.com/matrix-org/dendrite -# dest: "/home/{{ butter_user }}/dendrite" -# version: v0.13.7 -# force: yes -# update: no -# depth: 1 -# -# - name: Build dendrite -# command: /usr/local/go/bin/go build -o bin/ ./cmd/... -# args: -# chdir: "/home/{{ butter_user }}/dendrite" -# -# - - - name: copy Dendrite dir to target - copy: - src: "dendrite/" - dest: "/home/{{ butter_user }}/dendrite" + - name: Create dendrite directories + file: + path: "/home/{{ butter_user }}/dendrite/bin" + state: directory owner: "{{ butter_user }}" group: "{{ butter_user }}" + mode: "0755" + + - name: Download pre-built dendrite archive + get_url: + url: "https://guardianproject.dev/api/packages/butter/generic/dendrite/latest/dendrite-{{ go_arch_map[ansible_architecture] }}.tar.gz" + dest: /tmp + mode: '0644' + + - name: Untar dendrite + unarchive: + src: "/tmp/dendrite-{{ go_arch_map[ansible_architecture] }}.tar.gz" + dest: "/home/{{ butter_user }}/dendrite/bin" + remote_src: yes + extra_opts: [--strip-components=2] - name: Ensure butter_user owns Dendrite directory file: path: "/home/{{ butter_user }}/dendrite" state: directory recurse: yes - owner: "{{ butter_user }}" - group: "{{ butter_user }}" - mode: "0755" - name: Generate Matrix signing key command: ./bin/generate-keys --private-key matrix_key.pem From d816bea2d2fee2756fd8ec3f3736e29ec87e2e49 Mon Sep 17 00:00:00 2001 From: Ana Custura Date: Wed, 21 Jan 2026 16:21:00 +0000 Subject: [PATCH 2/6] Use pre-built keanu assets --- ansible/install-keanu-weblite.yml | 48 ++++++++----------------------- 1 file changed, 12 insertions(+), 36 deletions(-) diff --git a/ansible/install-keanu-weblite.yml b/ansible/install-keanu-weblite.yml index bb3c288..8f21c39 100644 --- a/ansible/install-keanu-weblite.yml +++ b/ansible/install-keanu-weblite.yml @@ -3,37 +3,28 @@ hosts: all become: true tasks: - - name: Install Node.js 22 (needed for matrix-js-sdk) - shell: | - curl -fsSL https://deb.nodesource.com/setup_22.x | bash - - apt-get install -y nodejs - args: - executable: /bin/bash - - name: Ensure previous keanu-weblite temp directory is removed file: path: /tmp/keanu-weblite state: absent - delegate_to: localhost - - name: Clone keanu-weblite repository (dev branch) - git: - repo: https://gitlab.com/keanuapp/keanuapp-weblite.git - dest: /tmp/keanu-weblite - version: dev - depth: 1 - delegate_to: localhost + - name: Download pre-built keanu archive + get_url: + url: "https://guardianproject.dev/api/packages/butter/generic/keanu-weblite/latest/keanu-weblite-main.tar.gz" + dest: /tmp + mode: '0644' - - name: Run npm install - shell: npm install - args: - chdir: /tmp/keanu-weblite - delegate_to: localhost + - name: Untar keanu-weblite + unarchive: + src: "/tmp/keanu-weblite-main.tar.gz" + dest: "/var/www/html/chat" + remote_src: yes + extra_opts: [--strip-components=1] - name: Download keanu-weblite config file get_url: url: "{{ config_base_url }}/keanu-weblite-config.json" - dest: /tmp/keanu-weblite/src/assets/config.json + dest: /var/www/html/chat/config.json mode: '0644' delegate_to: localhost @@ -44,20 +35,6 @@ replace: "{{ butter_name }}" delegate_to: localhost - - name: Run npm build with legacy OpenSSL option - shell: | - export NODE_OPTIONS=--openssl-legacy-provider - npm run build - args: - chdir: /tmp/keanu-weblite - delegate_to: localhost - - - name: Copy build output to /var/www/html/chat - become: true - copy: - src: /tmp/keanu-weblite/dist/ - dest: /var/www/html/chat/ - - name: Set permissions for /var/www/html/chat become: true file: @@ -72,4 +49,3 @@ name: lighttpd state: restarted when: not (is_vmdb2 | bool) - From 63944f40237934389f8bc63ae486b1284caeeb4f Mon Sep 17 00:00:00 2001 From: Ana Custura Date: Thu, 22 Jan 2026 16:11:27 +0000 Subject: [PATCH 3/6] Update keanu branch to dev --- ansible/install-keanu-weblite.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/install-keanu-weblite.yml b/ansible/install-keanu-weblite.yml index 8f21c39..2398312 100644 --- a/ansible/install-keanu-weblite.yml +++ b/ansible/install-keanu-weblite.yml @@ -10,7 +10,7 @@ - name: Download pre-built keanu archive get_url: - url: "https://guardianproject.dev/api/packages/butter/generic/keanu-weblite/latest/keanu-weblite-main.tar.gz" + url: "https://guardianproject.dev/api/packages/butter/generic/keanu-weblite/latest/keanu-weblite-dev.tar.gz" dest: /tmp mode: '0644' From 8e4c55a82eed4dc62b42a13d4aec3ea86ebeb8d8 Mon Sep 17 00:00:00 2001 From: Ana Custura Date: Thu, 22 Jan 2026 16:25:29 +0000 Subject: [PATCH 4/6] Ensure /var/www/chat directory exists --- ansible/install-keanu-weblite.yml | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/ansible/install-keanu-weblite.yml b/ansible/install-keanu-weblite.yml index 2398312..3d50f3c 100644 --- a/ansible/install-keanu-weblite.yml +++ b/ansible/install-keanu-weblite.yml @@ -3,21 +3,25 @@ hosts: all become: true tasks: - - name: Ensure previous keanu-weblite temp directory is removed - file: - path: /tmp/keanu-weblite - state: absent - - name: Download pre-built keanu archive get_url: url: "https://guardianproject.dev/api/packages/butter/generic/keanu-weblite/latest/keanu-weblite-dev.tar.gz" dest: /tmp mode: '0644' + - name: Create keanu-weblite web directory + file: + path: "/var/www/html/chat" + state: directory + owner: www-data + group: www-data + mode: '0755' + recurse: yes + - name: Untar keanu-weblite unarchive: - src: "/tmp/keanu-weblite-main.tar.gz" - dest: "/var/www/html/chat" + src: "/tmp/keanu-weblite-dev.tar.gz" + dest: "/var/www/html/chat/" remote_src: yes extra_opts: [--strip-components=1] @@ -26,14 +30,12 @@ url: "{{ config_base_url }}/keanu-weblite-config.json" dest: /var/www/html/chat/config.json mode: '0644' - delegate_to: localhost - name: Replace REPLACEME with butter_name in config.json replace: - path: /tmp/keanu-weblite/src/assets/config.json + path: /var/www/html/chat/config.json regexp: 'REPLACEME' replace: "{{ butter_name }}" - delegate_to: localhost - name: Set permissions for /var/www/html/chat become: true From 92b589ee671ef8070b1b8fe504daf02a4b1cb9cd Mon Sep 17 00:00:00 2001 From: Ana Custura Date: Fri, 23 Jan 2026 13:24:19 +0000 Subject: [PATCH 5/6] Revert to building keanu-weblite to override default config --- ansible/install-chat.yml | 4 +- ansible/install-keanu-weblite.yml | 62 +++++++++++++++++++++---------- 2 files changed, 44 insertions(+), 22 deletions(-) diff --git a/ansible/install-chat.yml b/ansible/install-chat.yml index 9fbe6b0..4e887a8 100644 --- a/ansible/install-chat.yml +++ b/ansible/install-chat.yml @@ -168,11 +168,11 @@ - name: Copy public room script template: src: templates/create_public_room.sh.j2 - dest: /home/pi/create_public_room.sh + dest: "/home/{{ butter_user }}/create_public_room.sh" mode: '0755' - name: Run the create_public_room.sh script - command: /home/pi/create_public_room.sh + command: "/home/{{ butter_user }}/create_public_room.sh" register: room_creation ignore_errors: false diff --git a/ansible/install-keanu-weblite.yml b/ansible/install-keanu-weblite.yml index 3d50f3c..bb3c288 100644 --- a/ansible/install-keanu-weblite.yml +++ b/ansible/install-keanu-weblite.yml @@ -3,39 +3,60 @@ hosts: all become: true tasks: - - name: Download pre-built keanu archive - get_url: - url: "https://guardianproject.dev/api/packages/butter/generic/keanu-weblite/latest/keanu-weblite-dev.tar.gz" - dest: /tmp - mode: '0644' + - name: Install Node.js 22 (needed for matrix-js-sdk) + shell: | + curl -fsSL https://deb.nodesource.com/setup_22.x | bash - + apt-get install -y nodejs + args: + executable: /bin/bash - - name: Create keanu-weblite web directory + - name: Ensure previous keanu-weblite temp directory is removed file: - path: "/var/www/html/chat" - state: directory - owner: www-data - group: www-data - mode: '0755' - recurse: yes + path: /tmp/keanu-weblite + state: absent + delegate_to: localhost - - name: Untar keanu-weblite - unarchive: - src: "/tmp/keanu-weblite-dev.tar.gz" - dest: "/var/www/html/chat/" - remote_src: yes - extra_opts: [--strip-components=1] + - name: Clone keanu-weblite repository (dev branch) + git: + repo: https://gitlab.com/keanuapp/keanuapp-weblite.git + dest: /tmp/keanu-weblite + version: dev + depth: 1 + delegate_to: localhost + + - name: Run npm install + shell: npm install + args: + chdir: /tmp/keanu-weblite + delegate_to: localhost - name: Download keanu-weblite config file get_url: url: "{{ config_base_url }}/keanu-weblite-config.json" - dest: /var/www/html/chat/config.json + dest: /tmp/keanu-weblite/src/assets/config.json mode: '0644' + delegate_to: localhost - name: Replace REPLACEME with butter_name in config.json replace: - path: /var/www/html/chat/config.json + path: /tmp/keanu-weblite/src/assets/config.json regexp: 'REPLACEME' replace: "{{ butter_name }}" + delegate_to: localhost + + - name: Run npm build with legacy OpenSSL option + shell: | + export NODE_OPTIONS=--openssl-legacy-provider + npm run build + args: + chdir: /tmp/keanu-weblite + delegate_to: localhost + + - name: Copy build output to /var/www/html/chat + become: true + copy: + src: /tmp/keanu-weblite/dist/ + dest: /var/www/html/chat/ - name: Set permissions for /var/www/html/chat become: true @@ -51,3 +72,4 @@ name: lighttpd state: restarted when: not (is_vmdb2 | bool) + From 41e5269ae7943d5ef0254dd1a5b17dc1bb460b2c Mon Sep 17 00:00:00 2001 From: Ana Custura Date: Fri, 23 Jan 2026 15:14:05 +0000 Subject: [PATCH 6/6] Add basic recipe for an amd64 machine --- vmdb2-recipes/amd64_trixie.yaml | 179 ++++++++++++++++++++++++++++++++ 1 file changed, 179 insertions(+) create mode 100644 vmdb2-recipes/amd64_trixie.yaml diff --git a/vmdb2-recipes/amd64_trixie.yaml b/vmdb2-recipes/amd64_trixie.yaml new file mode 100644 index 0000000..d5e15ac --- /dev/null +++ b/vmdb2-recipes/amd64_trixie.yaml @@ -0,0 +1,179 @@ +--- +# See https://wiki.debian.org/RaspberryPi3 for known issues and more details. +# image.yml based on revision: ff7fdbf (Switch from qemu-debootstrap to debootstrap., 2024-01-01) + +steps: + - mkimg: "{{ output }}" + size: 3100M + + - mklabel: gpt + device: "{{ output }}" + +############ efi + - mkpart: primary + fs-type: 'fat32' + device: "{{ output }}" + start: 1MiB + end: 132MiB + tag: efi + + - set_part_flag: "{{ output }}" + tag: efi + flag: boot + state: enabled + + - set_part_flag: "{{ output }}" + tag: efi + flag: esp + state: enabled + +############ bios grub + - mkpart: primary + device: "{{ output }}" + start: 132MiB + end: 133MiB + tag: bios_grub + + - set_part_flag: "{{ output }}" + tag: bios_grub + flag: bios_grub + state: enabled +############ live + - mkpart: primary + device: "{{ output }}" + start: 133MiB + end: 100% + tag: tag-root + + - set_part_flag: "{{ output }}" + tag: tag-root + flag: legacy_boot + state: enabled + + - kpartx: "{{ output }}" + + - mkfs: vfat + partition: efi + label: EFI + options: -F32 + + - mkfs: ext4 + partition: tag-root + label: boot + + - mount: tag-root + + - shell: | + dd bs=440 count=1 conv=notrunc if=/usr/lib/syslinux/mbr/gptmbr.bin of="{{ output }}" + root-fs: tag-root + + - unpack-rootfs: tag-root + + - debootstrap: trixie + require_empty_target: false + mirror: http://deb.debian.org/debian + target: tag-root + components: + - main + - non-free-firmware + - non-free + unless: rootfs_unpacked + + - create-file: /etc/apt/sources.list + contents: |+ + deb http://deb.debian.org/debian trixie main non-free-firmware non-free + deb http://deb.debian.org/debian trixie-updates main non-free-firmware non-free + deb http://security.debian.org/debian-security trixie-security main non-free-firmware non-free + + unless: rootfs_unpacked + + - apt: install + packages: + - avahi-daemon + - curl + - udisks2 + - wget + - dhcpcd + - python3 + - lighttpd + - unzip + - sudo + - systemd-timesyncd + - ca-certificates + - dosfstools + - iw + - parted + - ssh + - wpasupplicant + - systemd + - systemd-sysv + - init-system-helpers + - syslinux + - linux-image-amd64 + tag: tag-root + unless: rootfs_unpacked + + - cache-rootfs: tag-root + unless: rootfs_unpacked + + - shell: | + echo "butterbox" > "${ROOT?}/etc/hostname" + + # Allow root logins locally with no password + sed -i 's,root:[^:]*:,root::,' "${ROOT?}/etc/shadow" + + install -m 644 -o root -g root image-specs/rootfs/etc/fstab "${ROOT?}/etc/fstab" + + install -m 644 -o root -g root image-specs/rootfs/etc/network/interfaces.d/eth0 "${ROOT?}/etc/network/interfaces.d/eth0" + install -m 600 -o root -g root image-specs/rootfs/etc/network/interfaces.d/wlan0 "${ROOT?}/etc/network/interfaces.d/wlan0" + root-fs: tag-root + + # Clean up archive cache (likely not useful) and lists (likely outdated) to + # reduce image size by several hundred megabytes. + - chroot: tag-root + shell: | + apt-get clean + rm -rf /var/lib/apt/lists + + - grub: bios + tag: tag-root + console: serial +# + - grub: uefi + tag: tag-root + efi: efi + console: serial + + - shell: | + rm "${ROOT?}/etc/resolv.conf" + root-fs: tag-root + + # Clear /etc/machine-id and /var/lib/dbus/machine-id, as both should + # be auto-generated upon first boot. From the manpage + # (machine-id(5)): + # + # For normal operating system installations, where a custom image is + # created for a specific machine, /etc/machine-id should be + # populated during installation. + # + # Note this will also trigger ConditionFirstBoot=yes for systemd. + # On Buster, /etc/machine-id should be an emtpy file, not an absent file + # On Bullseye, /etc/machine-id should not exist in an image + - chroot: tag-root + shell: | + rm -f /etc/machine-id /var/lib/dbus/machine-id + echo "uninitialized" > /etc/machine-id + echo "LABEL=BOOT / ext4 rw 0 1" > /etc/fstab + + + - virtual-filesystems: tag-root + + - ansible: tag-root + playbook: ../ansible/main.yml + config_file: ../ansible/ansible.cfg + extra_vars: + butter_language: en + butter_name: butterbox + tags: base,usb,matrix,keanu,website + butter_user: "amd" + ap_mode_supported: "false"