Add script for building an alpine iso, one that actually boots

2025-04-29 02:12:36 +02:00 · 2021-06-28 14:31:26 -07:00 · 2021-06-28 14:31:26 -07:00 · 4561ddb47b
commit 4561ddb47b
parent c467831c3d
4 changed files with 83 additions and 6 deletions
--- a/rip_docker/vm-image-builder/README.md
+++ b/rip_docker/vm-image-builder/README.md
@ -11,3 +11,9 @@ docker run \
 ```

 This will create a VM image file called `vm/dangerzone.qcow2`.
+
+To build an ISO image:
+
+```sh
+docker run -v $(pwd):/build alpine:latest /build/build-iso.sh
+```
--- a/rip_docker/vm-image-builder/build-iso.sh
+++ b/rip_docker/vm-image-builder/build-iso.sh
@ -0,0 +1,59 @@
+#!/bin/sh
+
+# Following: https://wiki.alpinelinux.org/wiki/How_to_make_a_custom_ISO_image_with_mkimage
+
+# Install dependencies
+apk update
+apk add alpine-sdk build-base apk-tools alpine-conf busybox fakeroot syslinux xorriso squashfs-tools sudo
+apk add mtools dosfstools grub-efi
+apk add p7zip
+
+# Create a new user
+adduser build -D -G abuild
+echo "%abuild ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/abuild
+
+cat << EOF > /home/build/go.sh
+#!/bin/sh
+
+cd /home/build
+
+# Create signing keys
+abuild-keygen -i -a -n
+
+# Setup aports
+wget https://gitlab.alpinelinux.org/alpine/aports/-/archive/master/aports-master.tar.gz
+tar -xf aports-master.tar.gz
+mv aports-master aports
+cp /build/mkimg.dangerzone.sh aports/scripts/
+chmod +x aports/scripts/mkimg.dangerzone.sh
+
+# Make the iso
+cd aports/scripts
+sh mkimage.sh --tag v3.14 \
+    --outdir /build/vm \
+    --arch x86_64 \
+    --repository http://dl-cdn.alpinelinux.org/alpine/v3.14/main \
+    --repository http://dl-cdn.alpinelinux.org/alpine/v3.14/community \
+    --profile dangerzone
+EOF
+chmod +x /home/build/go.sh
+
+# Set up the vm dir
+rm -r /build/vm
+mkdir -p /build/vm
+chmod 777 /build/vm
+
+# Start the build
+sudo -u build /home/build/go.sh
+
+# Fix permissions
+chmod 755 /build/vm
+chmod 644 /build/vm/*
+chown root:root /build/vm/*
+
+# Extract vmlinuz and initramfs
+cd /build/vm
+7z x alpine-dangerzone-v3.14-x86_64.iso boot/vmlinuz-virt
+7z x alpine-dangerzone-v3.14-x86_64.iso boot/initramfs-virt
+mv boot/* .
+rm -r boot
--- a/rip_docker/vm-image-builder/mkimg.dangerzone.sh
+++ b/rip_docker/vm-image-builder/mkimg.dangerzone.sh
@ -0,0 +1,12 @@
+profile_dangerzone() {
+	profile_standard
+	profile_abbrev="dangerzone"
+	title="Dangerzone"
+	desc="Copied from virt but with extra apks"
+	arch="aarch64 armv7 x86 x86_64"
+	kernel_addons=
+	kernel_flavors="virt"
+	kernel_cmdline="console=tty0 console=ttyS0,115200"
+	syslinux_serial="0 115200"
+    apks="$apks podman openssh"
+}
--- a/rip_docker/vm-image-builder/run-vm.sh
+++ b/rip_docker/vm-image-builder/run-vm.sh
@ -11,10 +11,10 @@ $VPNKIT --ethernet=$VPNKIT_SOCK &
 echo $! > $PIDFILE
 trap 'test -f $PIDFILE && kill `cat $PIDFILE` && rm $PIDFILE' EXIT

-sleep 1
-
-# echo "[] Making disk image"
-# mkfile 1g $ROOT/disk.img
+if ! [ -f $ROOT/disk.img ]; then
+    echo "[] Making disk image"
+    mkfile 1g $ROOT/disk.img
+fi

 echo "[] Starting VM"
 $HYPERKIT \
@ -23,7 +23,7 @@ $HYPERKIT \
    -c 2 \
    -s 0:0,hostbridge -s 31,lpc \
    -l com1,stdio \
-    -s 3:0,ahci-cd,$ROOT/dangerzone.raw \
+    -s 3:0,ahci-cd,$ROOT/alpine-dangerzone-v3.14-x86_64.iso \
    -s 2:0,virtio-vpnkit,path=$VPNKIT_SOCK \
    -U 9efa82d7-ebd5-4287-b1cc-ac4160a39fa7 \
    -f kexec,$ROOT/vmlinuz-virt,$ROOT/initramfs-virt,"earlyprintk=serial console=ttyS0 modules=loop,squashfs,sd-mod,usb-storage"