diff --git a/rip_docker/vm-image-builder/README.md b/rip_docker/vm-image-builder/README.md index 725c40a..3ad1b7f 100644 --- a/rip_docker/vm-image-builder/README.md +++ b/rip_docker/vm-image-builder/README.md @@ -11,3 +11,9 @@ docker run \ ``` This will create a VM image file called `vm/dangerzone.qcow2`. + +To build an ISO image: + +```sh +docker run -v $(pwd):/build alpine:latest /build/build-iso.sh +``` diff --git a/rip_docker/vm-image-builder/build-iso.sh b/rip_docker/vm-image-builder/build-iso.sh new file mode 100755 index 0000000..b996fcf --- /dev/null +++ b/rip_docker/vm-image-builder/build-iso.sh @@ -0,0 +1,59 @@ +#!/bin/sh + +# Following: https://wiki.alpinelinux.org/wiki/How_to_make_a_custom_ISO_image_with_mkimage + +# Install dependencies +apk update +apk add alpine-sdk build-base apk-tools alpine-conf busybox fakeroot syslinux xorriso squashfs-tools sudo +apk add mtools dosfstools grub-efi +apk add p7zip + +# Create a new user +adduser build -D -G abuild +echo "%abuild ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/abuild + +cat << EOF > /home/build/go.sh +#!/bin/sh + +cd /home/build + +# Create signing keys +abuild-keygen -i -a -n + +# Setup aports +wget https://gitlab.alpinelinux.org/alpine/aports/-/archive/master/aports-master.tar.gz +tar -xf aports-master.tar.gz +mv aports-master aports +cp /build/mkimg.dangerzone.sh aports/scripts/ +chmod +x aports/scripts/mkimg.dangerzone.sh + +# Make the iso +cd aports/scripts +sh mkimage.sh --tag v3.14 \ + --outdir /build/vm \ + --arch x86_64 \ + --repository http://dl-cdn.alpinelinux.org/alpine/v3.14/main \ + --repository http://dl-cdn.alpinelinux.org/alpine/v3.14/community \ + --profile dangerzone +EOF +chmod +x /home/build/go.sh + +# Set up the vm dir +rm -r /build/vm +mkdir -p /build/vm +chmod 777 /build/vm + +# Start the build +sudo -u build /home/build/go.sh + +# Fix permissions +chmod 755 /build/vm +chmod 644 /build/vm/* +chown root:root /build/vm/* + +# Extract vmlinuz and initramfs +cd /build/vm +7z x alpine-dangerzone-v3.14-x86_64.iso boot/vmlinuz-virt +7z x alpine-dangerzone-v3.14-x86_64.iso boot/initramfs-virt +mv boot/* . +rm -r boot diff --git a/rip_docker/vm-image-builder/mkimg.dangerzone.sh b/rip_docker/vm-image-builder/mkimg.dangerzone.sh new file mode 100644 index 0000000..8ad16cb --- /dev/null +++ b/rip_docker/vm-image-builder/mkimg.dangerzone.sh @@ -0,0 +1,12 @@ +profile_dangerzone() { + profile_standard + profile_abbrev="dangerzone" + title="Dangerzone" + desc="Copied from virt but with extra apks" + arch="aarch64 armv7 x86 x86_64" + kernel_addons= + kernel_flavors="virt" + kernel_cmdline="console=tty0 console=ttyS0,115200" + syslinux_serial="0 115200" + apks="$apks podman openssh" +} diff --git a/rip_docker/vm-image-builder/run-vm.sh b/rip_docker/vm-image-builder/run-vm.sh index a175fa7..5bbb22e 100755 --- a/rip_docker/vm-image-builder/run-vm.sh +++ b/rip_docker/vm-image-builder/run-vm.sh @@ -11,10 +11,10 @@ $VPNKIT --ethernet=$VPNKIT_SOCK & echo $! > $PIDFILE trap 'test -f $PIDFILE && kill `cat $PIDFILE` && rm $PIDFILE' EXIT -sleep 1 - -# echo "[] Making disk image" -# mkfile 1g $ROOT/disk.img +if ! [ -f $ROOT/disk.img ]; then + echo "[] Making disk image" + mkfile 1g $ROOT/disk.img +fi echo "[] Starting VM" $HYPERKIT \ @@ -23,9 +23,9 @@ $HYPERKIT \ -c 2 \ -s 0:0,hostbridge -s 31,lpc \ -l com1,stdio \ - -s 3:0,ahci-cd,$ROOT/dangerzone.raw \ + -s 3:0,ahci-cd,$ROOT/alpine-dangerzone-v3.14-x86_64.iso \ -s 2:0,virtio-vpnkit,path=$VPNKIT_SOCK \ -U 9efa82d7-ebd5-4287-b1cc-ac4160a39fa7 \ -f kexec,$ROOT/vmlinuz-virt,$ROOT/initramfs-virt,"earlyprintk=serial console=ttyS0 modules=loop,squashfs,sd-mod,usb-storage" - # -s 4:0,virtio-blk,$ROOT/disk.img \ +# -s 4:0,virtio-blk,$ROOT/disk.img \