commit 32dfb090786e6b08ff0ddc93c98b364f8f3bf4f8 Author: Mark Riedesel Date: Mon Nov 18 11:44:46 2024 -0600 initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2dbe21e --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +archiso diff --git a/.woodpecker.yaml b/.woodpecker.yaml new file mode 100644 index 0000000..025ab69 --- /dev/null +++ b/.woodpecker.yaml @@ -0,0 +1,16 @@ +when: + - event: [manual, cron] + +steps: + - name: build + secrets: [registry_user, registry_password] + image: archlinux:base-devel + commands: + - ./build-iso + - eval $(grep iso_ archiso/profiledef.sh) + - ISO_FILE="$iso_name-$iso_version-x86_64.iso" + - echo $ISO_FILE + - | + curl --user ${REGISTRY_USER}:${REGISTRY_PASSWORD} + --upload-file $ISO_FILE + ${CI_FORGE_URL}/api/packages/${CI_REPO_OWNER}/generic/$ISO_FILE diff --git a/build-iso b/build-iso new file mode 100755 index 0000000..2333a8d --- /dev/null +++ b/build-iso @@ -0,0 +1,93 @@ +#!/usr/bin/env bash +set -e + +kernel=linux-lts +config=releng +working_dir=$PWD +build_dir=${working_dir}/archiso + +pkg_add=( + "$kernel-headers" + ansible + zfs-dkms +) + +function as_root { + if [ $(id -u) == 0 ]; then + $@ + else + sudo "$@" + fi +} + +function install_archiso { + if ! type mkarchiso >/dev/null 2>&1; then + as_root pacman -S archiso --noconfirm + fi +} + +function prepare { + install_archiso + [ -d "$build_dir" ] && as_root rm -rf "$build_dir" + cp -r "/usr/share/archiso/configs/${config}" $build_dir +} + +function replace_kernel_paths { + for file in "${@}"; do + sed -i "s/vmlinuz-linux/vmlinuz-$kernel/" "$file" + sed -i "s/initramfs-linux.img/initramfs-$kernel.img/" "$file" + echo "replaced kernel paths: $file" + done +} + +function add_packages { + sed -i "s/^linux$/$kernel/" "$build_dir/packages.x86_64" + for pkg in "${pkg_add[@]}"; do + echo "add package: $pkg" + echo "$pkg" >> "$build_dir/packages.x86_64" + done + preset_path="$build_dir/airootfs/etc/mkinitcpio.d/$kernel.preset" + mv "$build_dir/airootfs/etc/mkinitcpio.d/linux.preset" "$preset_path" + replace_kernel_paths "$preset_path" +} + +function boot_config { + replace_kernel_paths "$build_dir"/syslinux/*.cfg + replace_kernel_paths "$build_dir"/efiboot/loader/entries/*.conf +} + +function pacman_config { + echo -e "\n[archzfs]\nServer = https://zxcvfdsa.com/archzfs/\$repo/\$arch" >> "$build_dir"/pacman.conf +} + +function iso_config { + profile="$build_dir"/profiledef.sh + sed -i "s/iso_name=\"archlinux\"/iso_name=\"archlinux-klowner\"/" "$profile" +} + +function pubkey_config { + root_ssh_dir="$build_dir"/airootfs/root/.ssh + mkdir $root_ssh_dir + chmod 700 $root_ssh_dir + authorized_keys="$root_ssh_dir"/authorized_keys + for key in $PWD/keys/*.pub; do + echo "add authorized key: ${key##*/}" + cat "$key" >> "$authorized_keys" + done + chmod 600 "$authorized_keys" +} + +function build_iso { + temp_dir=$(as_root mktemp -d) + as_root chmod 755 "$temp_dir" + as_root mkarchiso -v -w "$temp_dir/archiso" -o "$build_dir"/out "$build_dir" && echo "ISO build complete" + as_root rm -rf "$temp_dir" +} + +prepare +add_packages +boot_config +pacman_config +iso_config +pubkey_config +build_iso diff --git a/keys/id_ed25519_ansible.pub b/keys/id_ed25519_ansible.pub new file mode 100644 index 0000000..a3c52ae --- /dev/null +++ b/keys/id_ed25519_ansible.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAe6iofwtrKOfMpOcI0g0UFLfculiBShLTeM/ucez8ND Ansible infrastructure key