###########################################################
##                BUILD.CONF SAMPLE FILE                 ##
###########################################################
#
# This file is used to define various variables/settings
# used by the build script. 
#
# It is well-commented, and uses INI syntax.
# See https://wiki.python.org/moin/ConfigParserExamples
# for some advanced features if you would like to use
# them.
# Blank lines are ignored. Section integrity is important.
# #- and ;-prefixed lines are comments and are not parsed.
# If restrictions on input are present, they will be
# given in a numerical list.

#---------------------------------------------------------#
# This section controls some aspects about the live
#	environment itself.
#---------------------------------------------------------#
[bdisk]

; The name of the project. If you roll your own and don't
;	want it called the default, here's where you change it.
; 0.) Alphanumeric only
; 1.) 8 characters total or less
; 2.) No whitespace
; 3.) ASCII *only*
; 4.) Will be converted to uppercase if it isn't already
name = BDISK

; This is used for filenames, etc.
; I highly recommend it be the same as 'name', but
;	lowercase.
; 0.) Alphanumeric only
; 1.) No whitespace
; 2.) ASCII *only*
; 3.) Will be converted to lowercase if it isn't already
uxname = bdisk

; This string is used for "pretty-printing" of the name.
; 0.) Can contain whitespace
; 1.) Can be mixed-case, uppercase, or lowercase
; 2.) ASCII *only*
pname = BDisk

; What version is this?
; If we don't have a version specified here, we'll
; try to guess based on the current git commit in build:basedir.
; 0.) No whitespace
ver = 

; Your/your organization's name.
; The same rules as 'pname' apply:
; 0.) Can contain whitespace
; 1.) Can be mixed-case, uppercase, or lowercase
; 2.) ASCII *only*
dev = r00t^2

; Your email address.
; This is only used for commit messages (sync:git),
; or GPG-signing the releases (see the associated build
; section items).
email = bts@square-r00t.net

; What this distribution/project is used for.
; 0.) Can contain whitespace
; 1.) Can be mixed-case, uppercase, or lowercase
; 2.) ASCII *only*
desc = j00 got 0wnz0r3d lulz.

; What is your livedistro's URL?
; 0.) Should be a valid URI understood by minimal versions
;	of curl.
uri = https://bdisk.square-r00t.net

; Should the root user have a password? IF THIS IS NOT SET,
; PASSWORD LOGIN WILL BE DISABLED! If you wish to have a
; blank password, use the string:
;	BLANK
; Do NOT use a plaintext password here. You will need to
; generate a salted and hashed string in a shadow-compatible
; format. If you need help generating one, see docs/HOWTO.hashgen.
; If an assistance script is available, the path will be given
;	(i.e. extras/bin/hashgen.py).
;
; Note that if you want an automatic login, this is NOT where it
; would be set. It should instead be controlled via:
;	overlay/etc/systemd/system/getty@ttyN.service.d/autologin.conf
; In the following format:
;	[Service]
;	Type=idle
;	ExecStart=
;	ExecStart=-/usr/bin/agetty --autologin <USERNAME> --noclear %I 38400 linux
;(where N is the TTY number). Alternatively, if booting to a GUI, it
; can be set as according to that GUI (e.g. for LXDE,
; 	overlay/etc/lxdm/lxdm.conf, "autologin=<USERNAME>")
; 0.) MUST be a salted SHA512 string in shadow format
; 1.) ALL $'s (there should be three of them) MUST be escaped with a second $.
;	e.g.:  $6$aBcDeFgHiJ$ZxYw.... would become $$6$$aBcDeFgHiJ$$ZxYw...
root_password =

; Should we create a non-root user on the image?
; Note that this user has full sudo access.
; 0.) Only accepts (case-insensitive):
;	yes|no
;	true|false
;	1|0
; If it is undefined, it is assumed to be no.
user = yes


#---------------------------------------------------------#
# This section controls aspects about bdisk:user.
# Only used if bdisk:user set to True/yes/etc.
#---------------------------------------------------------#
[user]

; What username should we use for the live system?
; Standard *nix username rules apply:
;	0.) ASCII only
;	1.) 32 characters or less
;	2.) Alphanumeric only
;	3.) Lowercase only
;	4.) No whitespace
;	5.) Cannot start with a number
username = ${bdisk:uxname}

; What comment/description should be used for the user?
; See passwd(5) if you need details on this.
; 0.) ASCII only
name = Default user

; What password should be set for the user, if any?
; See bdisk:root_password for how to generate this.
; DO NOT PUT A PLAINTEXT PASSWORD HERE.
password =

#---------------------------------------------------------#
# This section controls some aspects about the host
#	and things like filesystem paths, etc.
#---------------------------------------------------------#
[build]

; What is the mirror for your bootstrap tarball?
; It is *highly* recommended you use an Arch Linux tarball
; as the build process is highly specialized to this.
; 0.) No whitespace
; 1.) Must be accessible remotely (no local file paths)
mirror = mirror.us.leaseweb.net

; What is the protocol for the bootstrap mirror?
; 0.) Must be one of:
; 	http, https, ftp
mirrorproto = https

; What is the path to the tarball directory?
; 0.) Must be a complete path
; 	(e.g. /dir1/subdir1/subdir2/
; 1.) No whitespace
mirrorpath = /archlinux/iso/latest/

; What is the filename for the tarball found in the above?
; If left blank, we will use the sha1 checksum file to try
; to guess the most recent file.
mirrorfile = 

; What is the path to a sha1 checksum file?
; 0.) No whitespace
; 1.) Must be the full path
; 2.) Don't include the mirror domain or protocol
mirrorchksum = ${mirrorpath}sha1sums.txt

; Optional GPG checking.
; If the file has a GPG signature file,
; we can use it for extra checking.
; If it's blank, GPG checking will be disabled.
; If you specify just '.sig' (or use the default
; and don't actually specify a mirrorfile),
; we'll try to guess based on the file from the sha1
; checksums. Note that this must evaluate to a full
; URL (e.g.:
;	${mirrorproto}://${mirror}${mirrorpath}somefile.sig)
; 0.) No whitespace (if specified)
; 1.) Must be the full path
mirrorgpgsig =

; What is a valid key ID that should be used to
; verify the tarballs?
; 0.) Only used if mirrorgpgsig is set
; 1.) Should be in the "shortform"
;	(e.g. 7F2D434B9741E8AC)
gpgkey = 7F2D434B9741E8AC

; What is a valid keyserver we should use
; to fetch gpgkey?
; 0.) Only used if mirrorgpgsig is set
; 1.) The default (blank) is probably fine.
;     If you don't specify a personal GPG config
;     (under the gpg section), then you'll definitely probably
;     want to leave this blank.
; 2.) If set, make sure you use a valid URI (e.g.:
;     hkp://pgp.mit.edu )
gpgkeyserver =

; Should we sign our release files? (See the GPG section)
; 0.) Only accepts (case-insensitive):
;	yes|no
;	true|false
;	1|0
gpg = no

; Where should we save the bootstrap tarballs?
; 0.) No whitespace
; 1.) Will be created if it doesn't exist
dlpath = /var/tmp/${bdisk:uxname}

; Where should the bootstrap tarballs extract to and the
; chroots be built?
; 0.) No whitespace
; 1.) Will be created if it doesn't exist
chrootdir = /var/tmp/chroots

; Where is the base of the BDisk project located?
; In other words, if you cloned BDisk from git,
; what is BDisk's working tree directory?
; 0.) No whitespace
; 1.) Must exist and be populated with the BDisk's files
basedir = /opt/dev/bdisk

; This is the output directory of the ISO files when
; done building. This should not be checked into git.
; (The files will be very big!)
; 0.) No whitespace
; 1.) Will be created if it doesn't exist
isodir = ${dlpath}/iso

; This is a directory where we should save extra
; source code we download (if we need it).
; 0.) No whitespace
; 1.) Will be created if it doesn't exist, and is needed
srcdir = ${dlpath}/src

; What directory should we use for staging?
; 0.) No whitespace
; 1.) Will be created if it doesn't exist
prepdir = ${dlpath}/temp

; Where should we stage the boot files?
; This should not be the same dir as other options!
; The default is recommended.
; 0.) No whitespace
; 1.) Will be created if it doesn't exist
archboot = ${prepdir}/${bdisk:name}

; What directory/path should we use as a base 
; directory for mountpoints?
; 0.) No whitespace
; 1.) Will be created if it doesn't exist
mountpt = /mnt/${bdisk:uxname}

; Should we build a multiarch image? That is to say, the
; same ISO file can be used for both i686 and x86_64.
; 0.) Only accepts (case-insensitive):
;	yes/true (buld both i686, x86_64 in same image)
;	no/false (build separate images, both arch's)
;	i686	 (ONLY build i686 architecture)
;	x86_64	 (ONLY build x86_64 architecture)
; If it is undefined, it is assumed to be no.
multiarch = yes

; Would you like to enable iPXE functionality?
; Note that this has no bearing on the 'sync' sections,
; so one can build e.g. only http files.
; 0.) Only accepts (case-insensitive):
;	yes|no
;	true|false
;	1|0
; If it is undefined, it is assumed to be no.
ipxe =

; This option should only be enabled if you are on a fairly
; powerful, multicore system with plenty of RAM. It will
; speed the build process along, but will have some
; seriously adverse effects if your system can't handle it.
; Most modern systems should be fine with leaving it enabled.
; 0.) Only accepts (case-insensitive):
;	yes|no
;	true|false
;	1|0
; If it is undefined, it is assumed to be no.
i_am_a_racecar = yes


#---------------------------------------------------------#
# This section controls settings for signing our release
#	files. This is only used if build:gpg is
#       yes/true/etc.
#---------------------------------------------------------#
[gpg]

; What is a valid key ID that we should use to
; *sign* our release files?
; 0.) You will be prompted for a passphrase if your
;     key has one/you don't have an open and authorized
;     gpg-agent session. Make sure you have a working
;     pinentry configuration set up!
; 1.) If you leave this blank we will use the key
;     we generate automatically earlier in the build
;     process.
; 2.) We will generate one if this is blank and you
;     have selected sign as yes.
mygpgkey =

; What directory should we use for the above GPG key?
; Make sure it contains your private key.
mygpghome =


#---------------------------------------------------------#
# This section controls what we should do with the
#	resulting build and how to handle uploads, if we
#	choose to use those features.
#---------------------------------------------------------#
[sync]

; Should we generate/prepare HTTP files?
; This is mostly only useful if you plan on using iPXE.
; However, it can also include the built ISO file(s).
; 0.) Only accepts (case-insensitive):
;	yes|no
;	true|false
;	1|0
; If it is undefined, it is assumed to be no.
http = no

; Should we generate/prepare TFTP files?
; This is mostly only useful if you plan on using more
; traditional (non-iPXE) setups and regualar PXE bootstrapping
; into iPXE.
; 0.) Only accepts (case-insensitive):
;	yes|no
;	true|false
;	1|0
; If it is undefined, it is assumed to be no.
tftp = no

; Enable automatic Git pushing for any changes done to the
; project itself? If you don't have upstream write access,
; you'll want to set this to False.
; 0.) Only accepts (case-insensitive):
;	yes|no
;	true|false
;	1|0
; If it is undefined, it is assumed to be no.
git = no

; Enable rsync pushing for the ISO (and other files, if
; you choose- useful for iPXE over HTTP(S)).
rsync = no


#---------------------------------------------------------#
# This section controls details about HTTP file preparation/
#	generation. Only used if sync:http = True (or
#	'yes', etc.)
#---------------------------------------------------------#
[http]

; This directory is where to build an HTTP webroot.
; 0.) No whitespace
; 1.) If blank, HTTP preparation/generation will not be done
; 2.) If specified, it will be created if it doesn't exist
; 3.) If it does exist, it will be deleted first- MAKE SURE
;     you do not store files here that you want to keep.
path = ${build:dlpath}/http

; What user and group, if applicable, should the HTTP files
; be owned as? This is most likely going to be either 'http',
; 'nginx', or 'apache'.
; 0.) No whitespace
; 1.) User must exist on system
; 2.) If path is blank, they will not be used
user = http
group = http


#---------------------------------------------------------#
# This section controls details about TFTP file
#	preparation/generation. Only used if
#	sync:tftp = True (or 'yes', etc.)
#---------------------------------------------------------#
[tftp]

; The directory where we want to build a TFTP root.
; 0.) No whitespace
; 1.) If blank, TFTP preparation/generation will not be done
; 2.) If specified, it will be created if it doesn't exist
; 3.) If it does exist, it will be deleted first- MAKE SURE
;     you do not store files here that you want to keep.
path = ${build:dlpath}/tftpboot

; What user and group, if applicable, should the TFTP files
; be owned as? This is most likely going to be either 'tftp'
; or 'root'.
; 0.) No whitespace
; 1.) User must exist on system
; 2.) If sync:tftp is blank, they will not be used
user = root
group = root


#---------------------------------------------------------#
# This section controls aspects of iPXE building. Only used
#	if build:ipxe = True (or 'yes', etc.)
#---------------------------------------------------------#
[ipxe]

; Build a "mini-ISO"; that is, an ISO file that can be used
; to bootstrap an iPXE environment (so you don't need to set
; up a traditional PXE environment on your LAN). We'll still
; build a full standalone ISO no matter what.
; 0.) Only accepts (case-insensitive):
;	yes|no
;	true|false
;	1|0
; 1.) Requires actual git to be installed.
; If it is undefined, it is assumed to be no.
iso = no

; What URI should iPXE's EMBED script use?
; If you require HTTP BASIC Authentication or HTTP Digest
; Authentication (untested), you can format it via:
;
;	https://user:password@domain.tld/page.php
;
; This currently does not work for HTTPS with self-signed
; certificates.
; 0.) REQUIRED if iso and/or usb is set to True/yes/etc.
; 1.) Must be a valid URI understood by minimal versions
;	of curl.
uri = https://bdisk.square-r00t.net

; Directory to hold SSL results, if we are generating
; keys, certificates, etc.
ssldir = ${build:dlpath}/ssl

; Path to the (root) CA certificate file iPXE should use.
; Note that you can use your own CA to sign existing certs.
; See http://ipxe.org/crypto for more info. This is handy if
; you run a third-party/"Trusted" root-CA-signed certificate
; for the HTTPS target.
; 0.) No whitespace
; 1.) Must be in PEM/X509 format
; 2.) REQUIRED if iso and/or usb is set to True/yes/etc.
; 3.) If it exists, a matching key (ssl_cakey) MUST be
;     specified
; 4.) HOWEVER, if left blank/doesn't exist, one will be
; 	automatically generated
ssl_ca = ${ssldir}/ca.crt

; Path to the (root) CA key file iPXE should use.
; 0.) No whitespace
; 1.) Must be in PEM/X509 format
; 2.) REQUIRED if iso and/or usb is set to True/yes/etc.
; 3.) If left blank or it doesn't exist (and ssl_ca is also
; 	blank), one will be automatically generated
; 4.) MUST match ssl_ca if specified/exists
; 5.) MUST NOT be passphrase-protected
ssl_cakey = ${ssldir}/ca.key

; Path to the CLIENT certificate iPXE should use.
; 0.) No whitespace
; 1.) Must be in PEM/X509 format
; 2.) REQUIRED if iso and/or usb is set to True/yes/etc.
; 3.) If specified/existent, a matching CA cert (ssl_ca)
; 	and key (ssl_cakey) MUST be specified
; 4.) HOWEVER, if left blank/nonexistent, one will be generated
; 5.) MUST be signed by ssl_ca/ssl_ca if specified
ssl_crt = ${ssldir}/main.crt

; Path to the CLIENT key iPXE should use.
; 0.) No whitespace
; 1.) Must be in PEM/X509 format
; 2.) REQUIRED if iso and/or usb is set to True/yes/etc.
; 4.) If left blank/nonexistent (and ssl_ca is also blank),
;	one will be automatically generated
ssl_key = ${ssldir}/main.key


#---------------------------------------------------------#
# This section controls aspects of rsync pushing. Only used
# if sync:rsync = True (or 'yes', etc.)
#---------------------------------------------------------#
[rsync]

; This is the rsync destination host.
host = 

; This is the remote user we should use when performing the
; rsync push.
user = 

; This is the remote destination path we should use for
;	pushing via rsync.
; 0.) No whitespace
; 1.) The path MUST exist on the remote host
; 2.) The path MUST be writable by rsync:user
; RECOMMENDED: you'll probably want to set http:(user|group)
;	to what it'll need to be on the destination.
path = 

; Should we rsync over the ISO files too, or just the boot
; files?
; 0.) Only accepts (case-insensitive):
;	yes|no
;	true|false
;	1|0
iso = yes