diff --git a/ansible/delta-chat.yml b/ansible/delta-chat.yml deleted file mode 100644 index 5f17f0b..0000000 --- a/ansible/delta-chat.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: Install madmail/deltachat - hosts: all - become: true - tasks: - - name: Create madmail directory - file: - path: "/home/{{ butter_user }}/madmail" - state: directory - owner: "{{ butter_user }}" - group: "{{ butter_user }}" - mode: "0755" - - - name: Download pre-built madmail archive - get_url: - url: "https://github.com/themadorg/madmail/releases/download/v0.12.7/madmail-linux-{{ go_arch_map[ansible_architecture] }}.tar.gz" - dest: "/tmp/madmail-linux-{{ go_arch_map[ansible_architecture] }}.tar.gz" - mode: '0644' - - - name: Untar madmail - unarchive: - src: "/tmp/madmail-linux-{{ go_arch_map[ansible_architecture] }}.tar.gz" - dest: "/home/{{ butter_user }}/madmail" - remote_src: yes - #extra_opts: [--strip-components=1] - - - name: Ensure butter_user owns madmail directory - file: - path: "/home/{{ butter_user }}/madmail" - state: directory - recurse: yes diff --git a/ansible/install-usb-viewer.yml b/ansible/install-usb-viewer.yml index 8f84caa..820dc5f 100644 --- a/ansible/install-usb-viewer.yml +++ b/ansible/install-usb-viewer.yml @@ -36,7 +36,7 @@ - name: Install udev rule copy: - src: "templates/99-usb-butter.rules" + src: "{{ vmdb2_config_base_dir }}/99-usb-butter.rules" dest: "/etc/udev/rules.d/99-usb-butter.rules" - name: Install udev trigger script diff --git a/ansible/main.yml b/ansible/main.yml index 7687838..770412c 100644 --- a/ansible/main.yml +++ b/ansible/main.yml @@ -4,8 +4,6 @@ - "base" - "ap" - "matrix" -- import_playbook: delta-chat.yml - tags: "delta-chat" - import_playbook: install-rasp-ap.yml tags: "ap" when: ap_mode_supported | bool diff --git a/ansible/templates/99-usb-butter.rules b/ansible/templates/99-usb-butter.rules deleted file mode 100644 index 4f378a1..0000000 --- a/ansible/templates/99-usb-butter.rules +++ /dev/null @@ -1,11 +0,0 @@ -# Using udev to mount newly attached usb drives doesn't work. -# https://unix.stackexchange.com/a/507150/223286 -# So, we depend on udisks to mount the disk. *Then* we want to -# to setup the symlink and lighttpd config with our script. -# We can run the script immediately because it waits for the disk -# to be mounted. - -# Mount newly inserted drives, creating the directory if it doesn't exist -ACTION=="add", KERNEL=="sd[a-z][1-9]", ENV{ID_BUS}=="usb", TAG+="systemd", ENV{SYSTEMD_WANTS}+="udisks2-mount@%k.service", ENV{SYSTEMD_WANTS}+="serve-usb@%k.service" - -# When the disk is `unmounted, the symlink will just point to a now-empty directory. diff --git a/vmdb2-recipes/amd64_trixie_kanglam.yaml b/vmdb2-recipes/amd64_trixie_kanglam.yaml deleted file mode 100644 index f13c328..0000000 --- a/vmdb2-recipes/amd64_trixie_kanglam.yaml +++ /dev/null @@ -1,178 +0,0 @@ ---- -# See https://wiki.debian.org/RaspberryPi3 for known issues and more details. -# image.yml based on revision: ff7fdbf (Switch from qemu-debootstrap to debootstrap., 2024-01-01) - -steps: - - mkimg: "{{ output }}" - size: 3100M - - - mklabel: gpt - device: "{{ output }}" - -############ efi - - mkpart: primary - fs-type: 'fat32' - device: "{{ output }}" - start: 1MiB - end: 132MiB - tag: efi - - - set_part_flag: "{{ output }}" - tag: efi - flag: boot - state: enabled - - - set_part_flag: "{{ output }}" - tag: efi - flag: esp - state: enabled - -############ bios grub - - mkpart: primary - device: "{{ output }}" - start: 132MiB - end: 133MiB - tag: bios_grub - - - set_part_flag: "{{ output }}" - tag: bios_grub - flag: bios_grub - state: enabled -############ live - - mkpart: primary - device: "{{ output }}" - start: 133MiB - end: 100% - tag: tag-root - - - set_part_flag: "{{ output }}" - tag: tag-root - flag: legacy_boot - state: enabled - - - kpartx: "{{ output }}" - - - mkfs: vfat - partition: efi - label: EFI - options: -F32 - - - mkfs: ext4 - partition: tag-root - label: boot - - - mount: tag-root - - - shell: | - dd bs=440 count=1 conv=notrunc if=/usr/lib/syslinux/mbr/gptmbr.bin of="{{ output }}" - root-fs: tag-root - - - unpack-rootfs: tag-root - - - debootstrap: trixie - require_empty_target: false - mirror: http://deb.debian.org/debian - target: tag-root - components: - - main - - non-free-firmware - - non-free - unless: rootfs_unpacked - - - create-file: /etc/apt/sources.list - contents: |+ - deb http://deb.debian.org/debian trixie main non-free-firmware non-free - deb http://deb.debian.org/debian trixie-updates main non-free-firmware non-free - deb http://security.debian.org/debian-security trixie-security main non-free-firmware non-free - - unless: rootfs_unpacked - - - apt: install - packages: - - avahi-daemon - - curl - - udisks2 - - wget - - dhcpcd - - python3 - - lighttpd - - unzip - - sudo - - systemd-timesyncd - - ca-certificates - - dosfstools - - iw - - parted - - ssh - - wpasupplicant - - systemd - - systemd-sysv - - init-system-helpers - - syslinux - - linux-image-amd64 - tag: tag-root - unless: rootfs_unpacked - - - cache-rootfs: tag-root - unless: rootfs_unpacked - - - shell: | - echo "kanglam" > "${ROOT?}/etc/hostname" - - # Allow root logins locally with no password - sed -i 's,root:[^:]*:,root::,' "${ROOT?}/etc/shadow" - - install -m 644 -o root -g root image-specs/rootfs/etc/fstab "${ROOT?}/etc/fstab" - - install -m 644 -o root -g root image-specs/rootfs/etc/network/interfaces.d/eth0 "${ROOT?}/etc/network/interfaces.d/eth0" - install -m 600 -o root -g root image-specs/rootfs/etc/network/interfaces.d/wlan0 "${ROOT?}/etc/network/interfaces.d/wlan0" - root-fs: tag-root - - # Clean up archive cache (likely not useful) and lists (likely outdated) to - # reduce image size by several hundred megabytes. - - chroot: tag-root - shell: | - apt-get clean - rm -rf /var/lib/apt/lists - - - grub: bios - tag: tag-root - console: serial -# - - grub: uefi - tag: tag-root - efi: efi - console: serial - - - shell: | - rm "${ROOT?}/etc/resolv.conf" - root-fs: tag-root - - # Clear /etc/machine-id and /var/lib/dbus/machine-id, as both should - # be auto-generated upon first boot. From the manpage - # (machine-id(5)): - # - # For normal operating system installations, where a custom image is - # created for a specific machine, /etc/machine-id should be - # populated during installation. - # - # Note this will also trigger ConditionFirstBoot=yes for systemd. - # On Buster, /etc/machine-id should be an emtpy file, not an absent file - # On Bullseye, /etc/machine-id should not exist in an image - - chroot: tag-root - shell: | - rm -f /etc/machine-id /var/lib/dbus/machine-id - echo "uninitialized" > /etc/machine-id - echo "LABEL=BOOT / ext4 rw 0 1" > /etc/fstab - - - virtual-filesystems: tag-root - - - ansible: tag-root - playbook: ../ansible/main.yml - config_file: ../ansible/ansible.cfg - extra_vars: - butter_language: en - butter_name: kanglam - tags: base,usb,matrix,keanu,website - butter_user: "amd" - ap_mode_supported: "false" diff --git a/vmdb2-recipes/kanglam_pi4.yaml b/vmdb2-recipes/kanglam_pi4.yaml deleted file mode 100644 index 4cc244e..0000000 --- a/vmdb2-recipes/kanglam_pi4.yaml +++ /dev/null @@ -1,197 +0,0 @@ ---- -# See https://wiki.debian.org/RaspberryPi3 for known issues and more details. -# image.yml based on revision: ff7fdbf (Switch from qemu-debootstrap to debootstrap., 2024-01-01) - -steps: - - mkimg: "{{ output }}" - size: 3100M - - - mklabel: msdos - device: "{{ output }}" - - - mkpart: primary - fs-type: 'fat32' - device: "{{ output }}" - start: 4MiB - end: 512MiB - tag: tag-firmware - - - mkpart: primary - device: "{{ output }}" - start: 512MiB - end: 100% - tag: tag-root - - - kpartx: "{{ output }}" - - - mkfs: vfat - partition: tag-firmware - label: RASPIFIRM - - - mkfs: ext4 - partition: tag-root - label: RASPIROOT - - - mount: tag-root - - - mount: tag-firmware - mount-on: tag-root - dirname: '/boot/firmware' - - - unpack-rootfs: tag-root - - - debootstrap: trixie - require_empty_target: false - mirror: http://deb.debian.org/debian - target: tag-root - arch: arm64 - components: - - main - - non-free-firmware - - non-free - unless: rootfs_unpacked - - - create-file: /etc/apt/sources.list - contents: |+ - deb http://deb.debian.org/debian trixie main non-free-firmware non-free - deb http://deb.debian.org/debian trixie-updates main non-free-firmware non-free - deb http://security.debian.org/debian-security trixie-security main non-free-firmware non-free - # Backports are _not_ enabled by default. - # Enable them by uncommenting the following line: - # deb http://deb.debian.org/debian trixie-backports main non-free-firmware - - unless: rootfs_unpacked - - - copy-file: /etc/initramfs-tools/hooks/rpi-resizerootfs - src: image-specs/rootfs/etc/initramfs-tools/hooks/rpi-resizerootfs - perm: 0755 - unless: rootfs_unpacked - - - copy-file: /etc/initramfs-tools/scripts/local-bottom/rpi-resizerootfs - src: image-specs/rootfs/etc/initramfs-tools/scripts/local-bottom/rpi-resizerootfs - perm: 0755 - unless: rootfs_unpacked - - - apt: install - packages: - - avahi-daemon - - curl - - udisks2 - - wget - - dhcpcd - - dnsmasq - - python3 - - lighttpd - - unzip - - sudo - - systemd-timesyncd - - ca-certificates - - dosfstools - - iw - - parted - - ssh - - wpasupplicant - - systemd-timesyncd - - linux-image-arm64 - - raspi-firmware - - firmware-brcm80211 - - bluez-firmware - tag: tag-root - unless: rootfs_unpacked - - - cache-rootfs: tag-root - unless: rootfs_unpacked - - - shell: | - echo "kanglam" > "${ROOT?}/etc/hostname" - sed -i "s,root:[^:]*:,root::," "${ROOT?}/etc/shadow" - - - install -m 644 -o root -g root image-specs/rootfs/etc/fstab "${ROOT?}/etc/fstab" - - install -m 644 -o root -g root image-specs/rootfs/etc/network/interfaces.d/eth0 "${ROOT?}/etc/network/interfaces.d/eth0" - install -m 600 -o root -g root image-specs/rootfs/etc/network/interfaces.d/wlan0 "${ROOT?}/etc/network/interfaces.d/wlan0" - - install -m 755 -o root -g root image-specs/rootfs/usr/local/sbin/rpi-set-sysconf "${ROOT?}/usr/local/sbin/rpi-set-sysconf" - install -m 644 -o root -g root image-specs/rootfs/etc/systemd/system/rpi-set-sysconf.service "${ROOT?}/etc/systemd/system/" - install -m 644 -o root -g root image-specs/rootfs/boot/firmware/sysconf.txt "${ROOT?}/boot/firmware/sysconf.txt" - mkdir -p "${ROOT?}/etc/systemd/system/basic.target.requires/" - ln -s /etc/systemd/system/rpi-set-sysconf.service "${ROOT?}/etc/systemd/system/basic.target.requires/rpi-set-sysconf.service" - - # Resize script is now in the initrd for first boot; no need to ship it. - rm -f "${ROOT?}/etc/initramfs-tools/hooks/rpi-resizerootfs" - rm -f "${ROOT?}/etc/initramfs-tools/scripts/local-bottom/rpi-resizerootfs" - - install -m 644 -o root -g root image-specs/rootfs/etc/systemd/system/rpi-reconfigure-raspi-firmware.service "${ROOT?}/etc/systemd/system/" - mkdir -p "${ROOT?}/etc/systemd/system/multi-user.target.requires/" - ln -s /etc/systemd/system/rpi-reconfigure-raspi-firmware.service "${ROOT?}/etc/systemd/system/multi-user.target.requires/rpi-reconfigure-raspi-firmware.service" - - install -m 644 -o root -g root image-specs/rootfs/etc/systemd/system/rpi-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/" - ln -s /etc/systemd/system/rpi-generate-ssh-host-keys.service "${ROOT?}/etc/systemd/system/multi-user.target.requires/rpi-generate-ssh-host-keys.service" - rm -f "${ROOT?}"/etc/ssh/ssh_host_*_key* - - root-fs: tag-root - - # Copy the relevant device tree files to the boot partition - - chroot: tag-root - shell: | - install -m 644 -o root -g root /usr/lib/linux-image-*-arm64/broadcom/bcm*rpi*.dtb /boot/firmware/ - - # Clean up archive cache (likely not useful) and lists (likely outdated) to - # reduce image size by several hundred megabytes. - - chroot: tag-root - shell: | - apt-get clean - rm -rf /var/lib/apt/lists - - # Modify the kernel commandline we take from the firmware to boot from - # the partition labeled raspiroot instead of forcing it to mmcblk0p2. - # Also insert the serial console right before the root= parameter. - # - # These changes will be overwritten after the hardware is probed - # after dpkg reconfigures raspi-firmware (upon first boot), so make - # sure we don't lose label-based booting. - - chroot: tag-root - shell: | - sed -i 's/root=/console=ttyS1,115200 root=/' /boot/firmware/cmdline.txt - sed -i 's#root=/dev/mmcblk0p2#root=LABEL=RASPIROOT#' /boot/firmware/cmdline.txt - sed -i 's/^#ROOTPART=.*/ROOTPART=LABEL=RASPIROOT/' /etc/default/raspi*-firmware - - sed -i 's/cma=64M //' /boot/firmware/cmdline.txt - - # TODO(https://github.com/larswirzenius/vmdb2/issues/24): remove once vmdb - # clears /etc/resolv.conf on its own. - - shell: | - rm "${ROOT?}/etc/resolv.conf" - root-fs: tag-root - - # Clear /etc/machine-id and /var/lib/dbus/machine-id, as both should - # be auto-generated upon first boot. From the manpage - # (machine-id(5)): - # - # For normal operating system installations, where a custom image is - # created for a specific machine, /etc/machine-id should be - # populated during installation. - # - # Note this will also trigger ConditionFirstBoot=yes for systemd. - # On Buster, /etc/machine-id should be an emtpy file, not an absent file - # On Bullseye, /etc/machine-id should not exist in an image - - chroot: tag-root - shell: | - rm -f /etc/machine-id /var/lib/dbus/machine-id - echo "uninitialized" > /etc/machine-id - - # Create /etc/raspi-image-id to know, from what commit the image was built - - chroot: tag-root - shell: | - echo "image based on revision: ff7fdbf (Switch from qemu-debootstrap to debootstrap., 2024-01-01) and build on 2025-10-27 20:22 (UTC)" > "/etc/raspi-image-id" - - - virtual-filesystems: tag-root - - - ansible: tag-root - playbook: ../ansible/main.yml - config_file: ../ansible/ansible.cfg - extra_vars: - butter_language: bo - butter_name: kanglam - diff --git a/vmdb2-recipes/run_build_amd64.sh b/vmdb2-recipes/run_build_amd64.sh deleted file mode 100755 index 7b4d103..0000000 --- a/vmdb2-recipes/run_build_amd64.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -GIT_BRANCH=$(git branch --show-current 2>/dev/null) -GIT_TAG=$(git tag 2>/dev/null | head -n1) -BUILD_DATE=$(date +"%d%m%y") -SUFFIX="${GIT_BRANCH}_${GIT_TAG}_${BUILD_DATE}" -time vmdb2 --rootfs-tarball=64_$SUFFIX.tar.gz --output 64_butter_$SUFFIX.img --log 64_butter_$SUFFIX.log amd64_trixie.yaml -tar cvfz 64_butter_$SUFFIX.img.tar.gz 64_butter_$SUFFIX.img -#curl -H "Authorization: token" $CHURN_SECRET -X PUT --upload-file raspi4_butter_$SUFFIX.img.tar.gz https://guardianproject.dev/api/packages/butter/generic/churn/latest/raspi4_butter_$SUFFIX.img.tar.gz -#rm *img *tar.gz diff --git a/vmdb2-recipes/run_build_amd64_kanglam.sh b/vmdb2-recipes/run_build_amd64_kanglam.sh deleted file mode 100755 index 14c468f..0000000 --- a/vmdb2-recipes/run_build_amd64_kanglam.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -GIT_BRANCH=$(git branch --show-current 2>/dev/null) -GIT_TAG=$(git tag 2>/dev/null | head -n1) -BUILD_DATE=$(date +"%d%m%y") -SUFFIX="${GIT_BRANCH}_${GIT_TAG}_${BUILD_DATE}" -time vmdb2 --rootfs-tarball=64_$SUFFIX.tar.gz --output 64_butter_$SUFFIX.img --log 64_butter_$SUFFIX.log amd64_trixie_kanglam.yaml -tar cvfz 64_butter_$SUFFIX.img.tar.gz 64_butter_$SUFFIX.img -#curl -H "Authorization: token" $CHURN_SECRET -X PUT --upload-file raspi4_butter_$SUFFIX.img.tar.gz https://guardianproject.dev/api/packages/butter/generic/churn/latest/raspi4_butter_$SUFFIX.img.tar.gz -#rm *img *tar.gz diff --git a/vmdb2-recipes/run_build_raspi4.sh b/vmdb2-recipes/run_build_raspi4.sh deleted file mode 100755 index e0a9a07..0000000 --- a/vmdb2-recipes/run_build_raspi4.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -GIT_BRANCH=$(git branch --show-current 2>/dev/null) -GIT_TAG=$(git tag 2>/dev/null | head -n1) -BUILD_DATE=$(date +"%d%m%y") -SUFFIX="${GIT_BRANCH}_${GIT_TAG}_${BUILD_DATE}" -time vmdb2 --rootfs-tarball=raspi4_$SUFFIX.tar.gz --output raspi4_butter_NOAP_$SUFFIX.img --log raspi4_butter_$SUFFIX.log raspi_4_trixie.yaml -tar cvfz raspi4_butter_NOAP_$SUFFIX.img.tar.gz raspi4_butter_NOAP_$SUFFIX.img -#curl -H "Authorization: token" $CHURN_SECRET -X PUT --upload-file raspi4_butter_$SUFFIX.img.tar.gz https://guardianproject.dev/api/packages/butter/generic/churn/latest/raspi4_butter_$SUFFIX.img.tar.gz -#rm *img *tar.gz diff --git a/vmdb2-recipes/run_build_raspi4_kanglam.sh b/vmdb2-recipes/run_build_raspi4_kanglam.sh deleted file mode 100755 index f27ff92..0000000 --- a/vmdb2-recipes/run_build_raspi4_kanglam.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -GIT_BRANCH=$(git branch --show-current 2>/dev/null) -GIT_TAG=$(git tag 2>/dev/null | head -n1) -BUILD_DATE=$(date +"%d%m%y") -SUFFIX="${GIT_BRANCH}_${GIT_TAG}_${BUILD_DATE}" -time vmdb2 --rootfs-tarball=raspi4_$SUFFIX.tar.gz --output raspi4_butter_$SUFFIX.img --log raspi4_butter_$SUFFIX.log kanglam_pi4.yaml -tar cvfz raspi4_butter_$SUFFIX.img.tar.gz raspi4_butter_$SUFFIX.img -#curl -H "Authorization: token" $CHURN_SECRET -X PUT --upload-file raspi4_butter_$SUFFIX.img.tar.gz https://guardianproject.dev/api/packages/butter/generic/churn/latest/raspi4_butter_$SUFFIX.img.tar.gz -#rm *img *tar.gz