...
 
Commits (2)
  • Nolan's avatar
    Fix amd64 booting. · c30810b3
    Nolan authored
    Adjust partition labels so initrd and root see the same ones for
    /boot.
    
    Plant a spacer file in the imgfs at build time that can be deleted at
    runtime to make space for writing apikey.
    
    Use "force" when remounting /boot read-write, because the hfs+ FS that
    grub-mkrescue creates has a journal, which Linux won't mount
    read-write otherwise.
    c30810b3
  • Nolan's avatar
    Detect errors when building _SRC targets. · 91f4d4a2
    Nolan authored
    91f4d4a2
......@@ -164,7 +164,9 @@ $(KERNEL_SRC):
wget -qO- $(KERNEL_URL) | xz -cd | \
tee >(tar --strip-components=1 -x -C $(KERNELDIR)) | \
gpg2 --no-default-keyring --keyring $(SIGDIR)/pubring.gpg \
--verify $(SIGDIR)/linux-$(KERNEL_VERSION).tar.sign -
--verify $(SIGDIR)/linux-$(KERNEL_VERSION).tar.sign - && \
[ `echo "$${PIPESTATUS[@]}" | tr -s ' ' + | bc` -eq 0 ] || \
( rm -rf $(KERNELDIR) && false )
KERNEL_PATCH := $(KERNELDIR)/.config
kernel_patch: $(KERNEL_PATCH)
......@@ -211,7 +213,10 @@ $(UBOOT_SRC):
@mkdir -p $(UBOOTDIR)
wget -qO- $(UBOOT_URL) | tee >(tar --strip-components=1 -xj -C $(UBOOTDIR)) | \
gpg2 --no-default-keyring --keyring $(SIGDIR)/pubring.gpg \
--verify $(SIGDIR)/u-boot-$(UBOOT_VERSION).tar.bz2.sig -
--verify $(SIGDIR)/u-boot-$(UBOOT_VERSION).tar.bz2.sig - && \
[ `echo "$${PIPESTATUS[@]}" | tr -s ' ' + | bc` -eq 0 ] || \
( rm -rf $(UBOOTDIR) && false )
UBOOT_PATCH := $(UBOOTDIR)/.config
uboot_patch: $(UBOOT_PATCH)
......@@ -555,7 +560,9 @@ $(PC_IMG): $(IMG_DEPS)
cp -r $(filter-out $(IMGFSDIR)/%, $(IMG_DEPS)) $(IMGFSDIR)
mkdir -p $(IMGFSDIR)/boot/grub
cp $(IMGFSDIR)/grub.cfg $(IMGFSDIR)/boot/grub/
grub-mkrescue -o $(PC_IMG) $(IMGFSDIR)
dd if=/dev/zero of=$(IMGFSDIR)/SPACER bs=4096 count=1024 #HACK to make room for apikey
grub-mkrescue -volid $(subst LABEL=,,$(BOOT_MNT)) -o $(PC_IMG) $(IMGFSDIR)
@rm $(IMGFSDIR)/SPACER
PHONY += pc_img_clean
pc_img_clean:
......@@ -589,7 +596,7 @@ else ifeq ($(ARCH), amd64)
qemu-run: $(PC_IMG)
@echo -e "\nctrl-a x to exit qemu\n"
qemu-system-x86_64 -enable-kvm -nographic -m 2048 \
-hda build/amd64/images/pcimage.bin
-hda $(PC_IMG)
endif
PHONY += qemu-run
......
......@@ -75,17 +75,18 @@ else
fi
docker run --rm -d --net=host \
--cap-add=NET_ADMIN --cap-add=SYS_ADMIN --device=/dev/net/tun \
$MOUNT -v /boot/pairingkey:/pairingkey --name zerotier zerotier /start private
$MOUNT -v /boot/pairingkey:/pairingkey:ro --name zerotier zerotier /start private
x="`docker exec zerotier python3 /zerotier_allow.py private`"
ZTIF="${x%% *}"
BOOTSTRAP_IPV6="${x##* }"
#Start registration container if needed.
if [ ! -s /boot/apikey ]; then
mount -oremount,rw /boot
mount -oremount,rw,force /boot
rm -f /boot/SPACER
touch /boot/apikey
docker run --rm -v /boot/apikey:/apikey \
-v /boot/pairingkey:/pairingkey \
-v /boot/pairingkey:/pairingkey:ro \
--name registration registration \
python3 ./register.py "https://boundery.me" $BOOTSTRAP_IPV6 &
fi
......