Commit Graph

61 Commits

Author SHA1 Message Date
nl6720
ebc45ab2b6 Order pacman-init.service before archlinux-keyring-wkd-sync.service
archlinux-keyring-wkd-sync.service needs an initialized pacman keyring to work.

Add BindsTo=etc-pacman.d-gnupg.mount to stop pacman-init.service if the mount unit suddenly enters inactive state.
2022-09-01 09:41:00 +03:00
nl6720
a7d807f871 configs/: use the C.UTF-8 locale
The glibc 2.35-6 package ships with the C.UTF-8 locale included.
This means there is now a UTF-8 locale available by default and en_US.UTF-8, which requires editing /etc/locale.gen and running locale-gen, is not needed anymore.

Implements #175.
2022-06-09 08:27:50 +03:00
nl6720
7a2fc4572f configs/*: add VMware and Hyper-V guest packages and enable their services
* open-vm-tools package, vmtoolsd.service and vmware-vmblock-fuse.service for VMware.
* hyperv package, hv_fcopy_daemon.service, hv_kvp_daemon.service and hv_vss_daemon.service for Hyper-V.

Related to #118.
2022-04-30 12:07:36 +03:00
nl6720
bcd8a0bbf7 configs/releng/airootfs/etc/xdg/reflector/reflector.conf: use mirrors that support both IPv4 & IPv6
This ensures that IPv6-only systems get working mirrors.
2022-04-28 17:52:40 +03:00
nl6720
f4794aa0ff configs/releng/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount: use ramfs
When using tmpfs, it is possible that parts of it end up getting put in swap space (only if there is one).
This may not be desired, so use ramfs instead.
2022-04-06 18:10:37 +03:00
nl6720
3121df9457 Revert "Merge remote-tracking branch 'origin/merge-requests/239'"
People get scared by it. See https://gitlab.archlinux.org/archlinux/archiso/-/merge_requests/239#note_61954.

This reverts commit b5011af3f4, reversing
changes made to 07d8035624.
2022-04-04 15:20:52 +03:00
nl6720
4be1dafd48 Merge remote-tracking branch 'origin/merge-requests/239'
* origin/merge-requests/239:
  add needed files

See merge request !239
2022-03-31 19:49:30 +03:00
Kristian Klausen
fef1a5fc58 configs/releng: Improve motd
Fix #167
2022-03-29 18:56:50 +02:00
Alexander Epaneshnikov
3758214b10 add needed files
this fixes #167
2022-03-29 19:31:14 +03:00
nl6720
40b149c9d5 configs/{baseline,releng}/: disable systemd-gpt-auto-generator
When booting the ISO, you can observe a message that systemd-gpt-auto-generator has failed:

    systemd-gpt-auto-generator[197]: Reading EFI variable /sys/firmware/efi/efivars/LoaderDevicePartUUID-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f.
    systemd-gpt-auto-generator[197]: open("/sys/firmware/efi/efivars/LoaderDevicePartUUID-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f") failed: No such file or directory
    systemd-gpt-auto-generator[197]: EFI loader partition unknown, exiting.
    systemd-gpt-auto-generator[197]: (The boot loader did not set EFI variable LoaderDevicePartUUID.)
    systemd-gpt-auto-generator[197]: Failed to open device: No such device

Seeing as it started to appear relatively recently, it may be a systemd bug.
Since we do not want any GPT partition automounting in the live environment anyway, systemd-gpt-auto-generator can simply be disabled.

Fixes #164.
2022-03-25 17:38:10 +02:00
nl6720
5cad5f24c8 configs/releng/airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf: update ExecStart
Update the drop-in to more closely match getty@.service of systemd 250.

Use example from https://wiki.archlinux.org/title/getty#Virtual_console
2022-01-28 11:03:05 +02:00
nl6720
f00a94a4a9 configs/*/airootfs/etc/systemd/network/20-ethernet.network: add a comment to document why an interface name glob is used
This documents the changes made in !177 inside the .network files themselves.

Related to #142.
2022-01-22 19:17:34 +02:00
nl6720
df8cc9723d configs/releng/airootfs/etc/mkinitcpio.conf: remove archiso_shutdown
The archiso_shutdown hook has been obsolete since mkinitcpio 16.
https://lists.archlinux.org/pipermail/arch-dev-public/2013-December/025742.html

Related to mkinitcpio/mkinitcpio-archiso#8.
2021-12-02 14:49:10 +02:00
nl6720
ea2719d5b3 configs/*/airootfs/etc/ssh/sshd_config: update to openssh 8.7p1-1
Update /etc/ssh/sshd_config to match upstream changes.
The only modification remains "PermitRootLogin yes".
2021-08-25 00:24:17 +03:00
David Runge
26eb71e2ef Remove SPDX license identifier from releng configs
configs/releng/*:
Remove the SPDX license identifier comment from the configuration files in the profile, as they are not eligible for
copyright.
2021-07-29 20:42:11 +02:00
nl6720
ba9c9de694 configs/*/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf: document why the drop-in file exists
Related to #142.

Add missing `ExecStart=` to baseline's /etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf.
2021-07-27 13:06:59 +03:00
nl6720
8f6d85b807 configs/releng/airootfs/etc/systemd/network/: move RouteMetric= from [DHCPv6] to [IPv6AcceptRA]
systemd moved the option. See 8ebafba9f9 .
Implements #123.

Document in comments why the route metrics need to be set (because of https://github.com/systemd/systemd/issues/17698 ) and use the same metric values as NetworkManager. https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c

Additionally remove RouteMetric from configs/baseline/airootfs/etc/systemd/network/20-ethernet.network.
There is only one networkd configuration file in baseline, meaning, there are no other routes.
2021-07-27 13:06:59 +03:00
nl6720
bea9b6a87f Update ArchWiki article URLs
Use the new, prettier short URLs.
2021-06-18 21:17:47 +03:00
nl6720
16eb3267f8 configs/releng/airootfs/etc/systemd/network/: match by globbing the interface name instead of matching the type
Type=ether matches virtual Ethernet interfaces (veth*) which may break networking inside containers.

Fixes https://bugs.archlinux.org/task/70892 .

Partially reverts 8a521d0bfa .
2021-05-29 15:31:02 +03:00
nl6720
734c02f65f configs/releng/airootfs/etc/systemd/system/pacman-init.service: don't hardcode the keyrings
If the keyring is not specified, pacman-key will simply use all keyrings from /usr/share/pacman/keyrings/.

Fixes #133.
2021-05-12 10:24:35 +03:00
nl6720
d0ee19ca69 configs/*: add VM guest packages and enable their services
* virtualbox-guest-utils-nox package and vboxservice.service for VirtualBox.
* qemu-guest-agent package and qemu-guest-agent.service for QEMU & libvirt.

Implements #118.
2021-05-11 21:47:12 +03:00
David Runge
c25c96d6d1 Revert "configs/releng: improve UX"
This reverts commit 8b6f3545e3.
2021-03-30 22:40:37 +02:00
nl6720
fdb3d7ba5d configs/releng: improve UX
Implements #90
2021-03-30 21:09:44 +02:00
David Runge
e992345182 Reduce amount of checked mirrors
configs/releng/airootfs/etc/xdg/reflector/reflector.conf:
Reduce the amount mirrors that reflector checks from 70 to 20.
This significantly reduces the time it takes to end up with an up-to-date mirrorlist during boot with the releng
profile.

Fixes #92
2021-03-29 21:00:06 +02:00
nl6720
2c00a12c26 configs/releng: add and enable ModemManager
ModemManager's mmcli is the simplest way to connect with WWAN modems.

Mention mmcli in MOTD.

Implements #110.
2021-03-26 17:19:31 +02:00
nl6720
b0ff2a2143 configs/releng: start DHCP client for mobile broadband
Add /etc/systemd/network/20-wwan.network

Related to #110.
2021-03-26 12:28:07 +02:00
nl6720
af4de829e9 configs/releng: rename 20-wireless.network to 20-wlan.network
The file is limited to Wi-Fi (Type=wlan in networkd configuration).
2021-03-26 12:18:08 +02:00
nl6720
4532e23d10 Update configs/releng/airootfs/etc/systemd/network/20-{ethernet,wireless}.network
* Match the device type instead of the interface name.
* Replace DHCP section with DHCPv4/DHCPv6. systemd split the sections.
2021-03-26 11:35:20 +02:00
Kristian Klausen
07a514a143 Remove haveged
haveged was added 8 years ago[1] to increase entropy and presumably to
prevent entropy starvation.

A few things has changed since, most notable:
* the kernel actively tries to add entropy (jitter entropy)[2][3][4][5]
* /dev/random no longer blocks after CRNG initialization[6][7]

[1] d7e790d ("Initialize pacman keyring on bootup")
[2] 3f2dc2798b
[3] 50ee7529ec
[4] https://lore.kernel.org/lkml/alpine.DEB.2.21.1909290010500.2636@nanos.tec.linutronix.de/T/
[5] https://lwn.net/Articles/800509/
[6] 30c08efec8
[7] https://lwn.net/Articles/808575/

Fix #98
2021-02-16 16:33:06 +00:00
nl6720
b522e24979 configs/releng: move locale-gen from customize_airootfs.sh to a pacman hook
This finally removes customize_airootfs.sh from releng.

Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
2021-01-31 11:34:56 +02:00
nl6720
e1e88ba913 config/releng: remove pacman hooks specific to ISO build process from airootfs after they run
This works around https://bugs.archlinux.org/task/49347 .
Leaving the hooks in the airootfs image will result in it being run when pacstrap is run in the live environment. This should not happen as they are intended for the ISO build process only.

Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/91 .
2021-01-31 09:55:25 +02:00
nl6720
eda261b408 configs/releng: move the mirror uncommenting sed command from customize_airootfs.sh to a pacman hook
After pacman-mirrorlist is installed, /etc/pacman.d/hooks/uncomment-mirrors.hook will run a sed command which uncomments all Server lines in /etc/pacman.d/mirrorlist.
This brings us another step closer to the complete removal of customize_airootfs.sh.

Related to https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
2021-01-27 00:07:45 +02:00
Michael Vorburger
d6c3df1495 enable SSH server in releng profile 2021-01-23 15:54:31 +00:00
Michael Vorburger
8df661f9a6 add cloud-init to releng 2021-01-23 15:54:31 +00:00
Alexander Epaneshnikov
7f3298a300 implement accessibility support in archiso
this fixes #67
2020-10-29 12:30:37 +00:00
nl6720
cf3445e948 Add modconf to HOOKS array in mkinitcpio.conf
The default mkinitcpio.conf includes modconf in HOOKS.
2020-10-29 13:36:27 +02:00
nl6720
fb34c8f153 Do not rename the initramfs image
This is a breaking change. archweb, archiso-manager and various documentation must be updated.

* https://github.com/archlinux/archweb/blob/master/templates/releng/archlinux.ipxe
* https://github.com/pierres/archiso-manager/blob/master/Makefile
2020-09-27 20:54:10 +03:00
nl6720
9405a56915 configs/releng: remove custom reflector.service and use the service provided by the package
archiso specific options are placed in a /etc/systemd/system/reflector.service.d/archiso.conf drop-in.
2020-09-27 19:55:38 +03:00
nl6720
d317d74a79 archiso/mkarchiso: create an empty /etc/machine-id
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/42 .
2020-08-18 21:27:52 +03:00
nl6720
a667814cb4 releng: place custom sshd_config in airootfs
Properly track the file instead of modifying it on-the-fly with customize_airootfs.sh.
See https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
2020-07-30 15:53:46 +03:00
David Runge
65c3bcaa1a Use latest synced mirrors instead of age
configs/releng/airootfs/etc/systemd/system/reflector.service:
Use the 70 mirrors synced most recently (--latest) instead of a specific time since last sync (--age).
According to FS#67399 using 1hour as sync age is too short, as it sometimes leads to empty list.
2020-07-30 12:06:57 +02:00
nl6720
aabf517cb1 Build initramfs images only once
Place custom mkinitcpio.conf in airootfs.
Use a custom mkinitcpio preset to specify generated image file path.
2020-07-29 18:19:42 +03:00
nl6720
2eb07a3ce6 Remove unnecessary files from releng's airootfs
configs/releng/airootfs/etc/fstab:
/etc/fstab shipped by the filesystem package has only comments. There is no reason to replace it with an empty file.

configs/releng/airootfs/etc/systemd/system/default.target:
There is no harm in booting to graphical.target. releng does not enable (or even install) any service that has {Required,Wanted}By=graphical.target.
2020-07-29 18:10:25 +03:00
David Runge
b18881f511 Add license and basic documentation
LICENSE:
Add GPL-3.0 license.

{{archiso,configs}/*,.editorconfig,.gitlab-ci.yml}:
Add SPDX license identifier.

Makefile:
Add SPDX license identifier.
Install the `run_archiso.sh` script as global executable `run_archiso`.
Use -D and -t flags to install to install files more generically (without a previous call to install the directory).

README.rst:
Add README outlining the project's scope, how to build images from the profiles and how to test.

AUTHORS.rst:
Add list of all direct contributors to the repository.

CONTRIBUTING.rst:
Add basic contribution guidelines, explaining the linter and the license in use.

Closes #7
Closes #3
2020-07-29 14:27:48 +02:00
nl6720
796ac31655 Set root user's shell and password with custom /etc/passwd and /etc/shadow
Correct shadow file permissions from build.sh.
2020-07-20 13:39:41 +03:00
nl6720
9906475575 Remove lynx usage in configs/releng/build.sh
/usr/local/bin/Installation_guide:
Add a convenience script which opens the installation guide in lynx.

/etc/motd:
Provide a message with minimal instructions for connecting to internet and inform about the Installation_guide convenience script.
2020-07-11 17:08:44 +03:00
nl6720
422311a30c Remove unneded ReadOnlyPaths from reflector.service
configs/releng/airootfs/etc/systemd/system/reflector.service:
Remove references to a nonexistent file.
2020-07-11 16:31:17 +03:00
nl6720
783bd352bc Allow systemd-networkd-wait-online to succeed with one interface
It is enough if one network interface is online, there is no need to wait for all of them.
Without this, when connecting with Wi-Fi and leaving Ethernet disconnected, the network-online.target will get unnecessarily delayed.
2020-06-30 20:53:00 +03:00
nl6720
7baf4bf135 Move choose-mirror script to /usr/local/bin/
/etc/systemd/scripts/ is not a standard directory.

Run shellchek on the choose-mirror script.
2020-06-30 18:10:55 +03:00
nl6720
77ed5a391d Add reflector and enable reflector.service
reflector.service will update pacman's mirrorlist after a network connection is established in the live system.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/26 .
2020-06-30 18:09:44 +03:00