almet/dangerzone
1
0
Fork 0
mirror of https://github.com/freedomofpress/dangerzone.git synced 2025-04-29 02:12:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

Add script for building an alpine iso, one that actually boots

Browse source
This commit is contained in:
Micah Lee 2021-06-28 14:31:26 -07:00
parent c467831c3d
commit 4561ddb47b
No known key found for this signature in database
GPG key ID: 403C2657CD994F73
4 changed files with 83 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
rip_docker/vm-image-builder/README.md
View file

@ -11,3 +11,9 @@ docker run \
``` ```
This will create a VM image file called `vm/dangerzone.qcow2`. This will create a VM image file called `vm/dangerzone.qcow2`.
To build an ISO image:
```sh
docker run -v $(pwd):/build alpine:latest /build/build-iso.sh
```

59
rip_docker/vm-image-builder/build-iso.sh Executable file
View file

@ -0,0 +1,59 @@
#!/bin/sh
# Following: https://wiki.alpinelinux.org/wiki/How_to_make_a_custom_ISO_image_with_mkimage
# Install dependencies
apk update
apk add alpine-sdk build-base apk-tools alpine-conf busybox fakeroot syslinux xorriso squashfs-tools sudo
apk add mtools dosfstools grub-efi
apk add p7zip
# Create a new user
adduser build -D -G abuild
echo "%abuild ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/abuild
cat << EOF > /home/build/go.sh
#!/bin/sh
cd /home/build
# Create signing keys
abuild-keygen -i -a -n
# Setup aports
wget https://gitlab.alpinelinux.org/alpine/aports/-/archive/master/aports-master.tar.gz
tar -xf aports-master.tar.gz
mv aports-master aports
cp /build/mkimg.dangerzone.sh aports/scripts/
chmod +x aports/scripts/mkimg.dangerzone.sh
# Make the iso
cd aports/scripts
sh mkimage.sh --tag v3.14 \
--outdir /build/vm \
--arch x86_64 \
--repository http://dl-cdn.alpinelinux.org/alpine/v3.14/main \
--repository http://dl-cdn.alpinelinux.org/alpine/v3.14/community \
--profile dangerzone
EOF
chmod +x /home/build/go.sh
# Set up the vm dir
rm -r /build/vm
mkdir -p /build/vm
chmod 777 /build/vm
# Start the build
sudo -u build /home/build/go.sh
# Fix permissions
chmod 755 /build/vm
chmod 644 /build/vm/*
chown root:root /build/vm/*
# Extract vmlinuz and initramfs
cd /build/vm
7z x alpine-dangerzone-v3.14-x86_64.iso boot/vmlinuz-virt
7z x alpine-dangerzone-v3.14-x86_64.iso boot/initramfs-virt
mv boot/* .
rm -r boot

12
rip_docker/vm-image-builder/mkimg.dangerzone.sh Normal file
View file

@ -0,0 +1,12 @@
profile_dangerzone() {
profile_standard
profile_abbrev="dangerzone"
title="Dangerzone"
desc="Copied from virt but with extra apks"
arch="aarch64 armv7 x86 x86_64"
kernel_addons=
kernel_flavors="virt"
kernel_cmdline="console=tty0 console=ttyS0,115200"
syslinux_serial="0 115200"
apks="$apks podman openssh"
}

12
rip_docker/vm-image-builder/run-vm.sh
View file

@ -11,10 +11,10 @@ $VPNKIT --ethernet=$VPNKIT_SOCK &
echo $! > $PIDFILE echo $! > $PIDFILE
trap 'test -f $PIDFILE && kill `cat $PIDFILE` && rm $PIDFILE' EXIT trap 'test -f $PIDFILE && kill `cat $PIDFILE` && rm $PIDFILE' EXIT
sleep 1 if ! [ -f $ROOT/disk.img ]; then
echo "[] Making disk image"
# echo "[] Making disk image" mkfile 1g $ROOT/disk.img
# mkfile 1g $ROOT/disk.img fi
echo "[] Starting VM" echo "[] Starting VM"
$HYPERKIT \ $HYPERKIT \
@ -23,9 +23,9 @@ $HYPERKIT \
-c 2 \ -c 2 \
-s 0:0,hostbridge -s 31,lpc \ -s 0:0,hostbridge -s 31,lpc \
-l com1,stdio \ -l com1,stdio \
-s 3:0,ahci-cd,$ROOT/dangerzone.raw \ -s 3:0,ahci-cd,$ROOT/alpine-dangerzone-v3.14-x86_64.iso \
-s 2:0,virtio-vpnkit,path=$VPNKIT_SOCK \ -s 2:0,virtio-vpnkit,path=$VPNKIT_SOCK \
-U 9efa82d7-ebd5-4287-b1cc-ac4160a39fa7 \ -U 9efa82d7-ebd5-4287-b1cc-ac4160a39fa7 \
-f kexec,$ROOT/vmlinuz-virt,$ROOT/initramfs-virt,"earlyprintk=serial console=ttyS0 modules=loop,squashfs,sd-mod,usb-storage" -f kexec,$ROOT/vmlinuz-virt,$ROOT/initramfs-virt,"earlyprintk=serial console=ttyS0 modules=loop,squashfs,sd-mod,usb-storage"
# -s 4:0,virtio-blk,$ROOT/disk.img \ # -s 4:0,virtio-blk,$ROOT/disk.img \