##################################################### ## BUILD.CONF SAMPLE FILE ## ##################################################### # # This file is used to define various variables/settings used by the build script. # # This should be an alpha-numeric string less than 8 characters. No spaces, etc. # Used for metainfo DISTNAME="BDISK" # This should be the lowercase format of ${DISTNAME} but it can be different. # Used for filenames etc. so no spaces UXNAME="bdisk" # Used for "pretty-formatted" version of the project. It can contain spaces etc. PNAME="BDisk" # Your/your organization's name DISTPUB="r00t^2" # What's this distro used for? DISTDESC="j00 got 0wnz0r3d lulz." # This should be the directory of the root of the project, e.g. the git's project/working directory. # This can be left as-is as long as you're running everything from the project directory root. BASEDIR="$(pwd)" # This is the output directory of the ISO files when done building. This also should not be checked into git. ISODIR="${BASEDIR}/iso" # Where source code is kept. SRCDIR="${BASEDIR}/extrasrc" # Where we mount for chroots etc. MOUNTPT="/mnt/${UXNAME}" # This is where an http webroot can be specified. Very useful for PXE setups # (the resulting kernel/initrd can be set to boot from HTTP initiated by PXE). # These files will be generated whether you use them or not, so it's recommended to keep this a sane path. HTTPDIR="${BASEDIR}/http" # This is the root for where tftp files should be put for PXE booting. TFTPDIR="${BASEDIR}/tftpboot" # This is the user and group your web daemon will use. The webroot is automatically chowned. HTTPUSR="http" HTTPGRP="http" # This is the user and group that your tftp files should be chowned as. TFTPUSR="root" TFTPGRP="root" # If set to "no", build separate ISOs for different hardware structures. # E.g. a separate i686 and x86_64 ISO. Note that it's TOTALLY supported to # build a dual-architecture ISO (and is the default), it's just that it tends to be over 700MB # (and thus doesn't fit on a normal CD. Still fits on DVDs and USBs though!) MULTIARCH="yes" # If you would like to build an iPXE-enabled *mini* ISO *in addition to* the ful ISO, # set this to "yes". Otherwise, just build the full ISO. BUILDMINI="no" # What URI should iPXE's EMBED script use? # Only used if BUILDMINI is set to yes. # DO NOT USE A ',' (comma); instead, replace it with: # %%COMMA%% # If you require HTTP BASIC Authentication or HTTP Digest Authentication (untested), you can # format it via the following: # https://user:password@domain.tld/page.php # This currently does not work for HTTPS with self-signed certificates. IPXE_URI="https://bdisk.square-r00t.net" # Path to the (root) CA certificate file (in PEM/X509 format) iPXE should use. # If one is not specified, one will be generated. # Only used if BUILDMINI is set to yes. # Please properly escape any spaces or other funky characters. # Note that you can use your own CA to sign existing certs. See http://ipxe.org/crypto for # more info. This is handy if you run a third-party/"Trusted" root-CA-signed certificate # for the HTTPS target. # Requires IPXE_SSL_CAKEY if specified. IPXE_SSL_CA="" # Path to the (root) CA key file (in PEM/X509 format) iPXE should use. # If one is not specified, one will be generated. # Only used if BUILDMINI is set to yes. # Please properly escape any spaces or other funky characters. # Requires IPXE_SSL_CA if specified. IPXE_SSL_CAKEY="" # Path to the CLIENT certificate (in PEM/X509). If one is not specified, one will be generated. # Only used if BUILDMINI is set to yes. # Please properly escape any spaces or other funky characters. # Requires IPXE_SSL_KEY if specified. IPXE_SSL_CRT="" # Path to the CLIENT key (in PEM/X509). If one is not specified, one will be generated. # Only used if BUILDMINI is set to yes. # Please properly escape any spaces or other funky characters. # Requires IPXE_SSL_CRT if specified. IPXE_SSL_KEY="" # Set to "yes" to enable pushing new changes to a git repo/committing to a local repo GIT="no" # If this is set, use rsync to copy the http and iso files. This is the rsync destination host. # This is *great* for iPXE. RSYNC_HOST="" # Only used if RSYNC_HOST is set. The destination directory on the destination host to copy files to. RSYNC_DEST="${BASEDIR}" # Where the log should go, and how it should be prefixed. # Note that the code appends, rather than replaces, logs- hence the timestamp in EPOCH time format. LOGFILE="${BASEDIR}/logs/$(date +%s)" # What should the regular username be? (Can be automatically logged in on boot; see below) REGUSR="${UXNAME}" # Should the REGUSR have a password? IF THIS IS NOT SET, PASSWORD LOGIN WILL BE DISABLED! # If you wish to have a blank password, use the string '{[BLANK]}'. # You MUST USE SINGLE-QUOTES, OR ESCAPE SHELL-EXPANDED CHARACTERS (e.g. $,*,etc.) # Do NOT use a plaintext password here. You will need to generate a salted and hashed string # in a shadow-compatible format. # Debian can do this with the mkpasswd utility (it's in Arch's AUR as debian-whois-mkpasswd): # mkpasswd --method=sha-512 --salt=aBcDeFgHiJ PASSWORD # (If a salt is not provided, one will be automatically generated. That is is the suggested method.) # Or perl: # perl -e 'print crypt("PASSWORD","\$6\$aBcDeFgHiJ\$") . "\n"' # Or python: # python -c "import crypt, getpass, pwd; print crypt.crypt('PASSWORD', '\$6\$aBcDeFgHiJ\$')" # Or grub-crypt, even: # /sbin/grub-crypt --sha-512 # The end-product should look something like this: # $6$aBcDeFgHiJ$Yh342vFH7MOjPNu9InFymD1Dd42i5cFsr1cTWdpKGNIkbRGR/ZKQDRPJ1ZeeGb7y894Tfh3iWZIJKu3phlsqQ1 # # Note that if you want an automatic login, this is *not* where it would be set. # It should instead be controlled via overlay/etc/systemd/system/getty@ttyN.service.d/autologin.conf # In the following format: # [Service] # Type=idle # ExecStart= # ExecStart=-/usr/bin/agetty --autologin --noclear %I 38400 linux # (where N is the TTY number). Alternatively, if booting to a GUI, it can be set as according # to that GUI (e.g. for LXDE, overlay/etc/lxdm/lxdm.conf, "autologin=") REGUSR_PASS='' # Same exact thing as REGUSR_PASS, but for the root password (i.e. if no password hash is # specified, password login will be disabled, etc.). ROOT_PASS='' # Do we have enough horsepower on the build system to jack up the resources we throw at building? # Enabling this will give absolute CPU preference to building the kernels and do make-time # enhancements/optimizations (i.e. use the maximum number of CPU cores detected). # I wouldn't enable this unless you have a dedicated build-box that isn't running much else. I_AM_A_RACECAR="no" # ________________________________________________________________________________________________ ## RECOMMENDED DEFALTS ## # The following should not be changed unless you are ABSOLUTELY, 100% SURE and COMPLETELY POSITIVE # about what you are doing!!! # This can be used to override automatic distro-detection. # If you DO set this, be sure that you have a matching profile in # ${BASEDIR}/lib/prereqs//meta !! HOST_DIST="" # This used to be defined statically, but is now dynamically appended. Please don't alter this # unless you renamed the chroot directory paths. CHROOTDIR="${BASEDIR}/" CHROOTDIR32="${CHROOTDIR}root.i686" CHROOTDIR64="${CHROOTDIR}root.x86_64" # This is a directory we use for staging. It definitely should not be checked into git. # It used to be defined statically (e.g. BUILDDIR="${BASEDIR}/build"), # but is now dynamically appended. Please don't alter this unless you renamed the chroot directory paths. BUILDDIR="${BASEDIR}/build" # More staging. TEMPDIR="${BASEDIR}/temp" # This is where we stage the boot files. ARCHBOOT="${TEMPDIR}/${DISTNAME}" # Lockfile for checking for concurrent/failed builds LOCKFILE="${BASEDIR}/lockfile.lck" ## VARIABLE PROCESSING ## # In order to make cleaner code, we need to make sure we can standardize some input. # Don't even think about touching these unless you know what you're doing. # MULTIARCH if [ -z "${MULTIARCH}" ]; then MULTIARCH="y" fi MULTIARCH=${MULTIARCH:0:1} MULTIARCH=$(echo ${MULTIARCH} | tr [[:upper:]] [[:lower:]]) # OPTIMIZATIONS? if [ -z "${I_AM_A_RACECAR}" ]; then I_AM_A_RACECAR="n" fi I_AM_A_RACECAR=${I_AM_A_RACECAR:0:1} I_AM_A_RACECAR=$(echo ${I_AM_A_RACECAR} | tr [[:upper:]] [[:lower:]]) # BUILD MINI? if [ -z "${BUILDMINI}" ]; then BUILDMINI="n" fi BUILDMINI=${BUILDMINI:0:1} BUILDMINI=$(echo ${BUILDMINI} | tr [[:upper:]] [[:lower:]])