Commit Graph

49 Commits

Author SHA1 Message Date
nl6720
e785ee2cee
configs/releng/airootfs/etc/mkinitcpio.conf: remove archiso_shutdown
The archiso_shutdown hook has been obsolete since mkinitcpio 16.
https://lists.archlinux.org/pipermail/arch-dev-public/2013-December/025742.html

Related to mkinitcpio/mkinitcpio-archiso#8.
2021-12-02 14:49:10 +02:00
nl6720
56dc96ee12
configs/*/airootfs/etc/ssh/sshd_config: update to openssh 8.7p1-1
Update /etc/ssh/sshd_config to match upstream changes.
The only modification remains "PermitRootLogin yes".
2021-08-25 00:24:17 +03:00
David Runge
00a1e8e7d2
Remove SPDX license identifier from releng configs
configs/releng/*:
Remove the SPDX license identifier comment from the configuration files in the profile, as they are not eligible for
copyright.
2021-07-29 20:42:11 +02:00
nl6720
8fa110e9d7
configs/*/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf: document why the drop-in file exists
Related to #142.

Add missing `ExecStart=` to baseline's /etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf.
2021-07-27 13:06:59 +03:00
nl6720
c6a1ccca4f
configs/releng/airootfs/etc/systemd/network/: move RouteMetric= from [DHCPv6] to [IPv6AcceptRA]
systemd moved the option. See 8ebafba9f9 .
Implements #123.

Document in comments why the route metrics need to be set (because of https://github.com/systemd/systemd/issues/17698 ) and use the same metric values as NetworkManager. https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/main/src/core/devices/nm-device.c

Additionally remove RouteMetric from configs/baseline/airootfs/etc/systemd/network/20-ethernet.network.
There is only one networkd configuration file in baseline, meaning, there are no other routes.
2021-07-27 13:06:59 +03:00
nl6720
6e1ca35e59
Update ArchWiki article URLs
Use the new, prettier short URLs.
2021-06-18 21:17:47 +03:00
nl6720
3b2618ff84
configs/releng/airootfs/etc/systemd/network/: match by globbing the interface name instead of matching the type
Type=ether matches virtual Ethernet interfaces (veth*) which may break networking inside containers.

Fixes https://bugs.archlinux.org/task/70892 .

Partially reverts 8a521d0bfa .
2021-05-29 15:31:02 +03:00
nl6720
d0d4fa56cb
configs/releng/airootfs/etc/systemd/system/pacman-init.service: don't hardcode the keyrings
If the keyring is not specified, pacman-key will simply use all keyrings from /usr/share/pacman/keyrings/.

Fixes #133.
2021-05-12 10:24:35 +03:00
nl6720
bd2b861aa3
configs/*: add VM guest packages and enable their services
* virtualbox-guest-utils-nox package and vboxservice.service for VirtualBox.
* qemu-guest-agent package and qemu-guest-agent.service for QEMU & libvirt.

Implements #118.
2021-05-11 21:47:12 +03:00
David Runge
c8599788f0
Revert "configs/releng: improve UX"
This reverts commit 8b6f3545e3.
2021-03-30 22:40:37 +02:00
nl6720
8b6f3545e3
configs/releng: improve UX
Implements #90
2021-03-30 21:09:44 +02:00
David Runge
d178183c2e
Reduce amount of checked mirrors
configs/releng/airootfs/etc/xdg/reflector/reflector.conf:
Reduce the amount mirrors that reflector checks from 70 to 20.
This significantly reduces the time it takes to end up with an up-to-date mirrorlist during boot with the releng
profile.

Fixes #92
2021-03-29 21:00:06 +02:00
nl6720
d86f8606dc
configs/releng: add and enable ModemManager
ModemManager's mmcli is the simplest way to connect with WWAN modems.

Mention mmcli in MOTD.

Implements #110.
2021-03-26 17:19:31 +02:00
nl6720
2c9eabd53f
configs/releng: start DHCP client for mobile broadband
Add /etc/systemd/network/20-wwan.network

Related to #110.
2021-03-26 12:28:07 +02:00
nl6720
edfb50ab6c
configs/releng: rename 20-wireless.network to 20-wlan.network
The file is limited to Wi-Fi (Type=wlan in networkd configuration).
2021-03-26 12:18:08 +02:00
nl6720
8a521d0bfa
Update configs/releng/airootfs/etc/systemd/network/20-{ethernet,wireless}.network
* Match the device type instead of the interface name.
* Replace DHCP section with DHCPv4/DHCPv6. systemd split the sections.
2021-03-26 11:35:20 +02:00
Kristian Klausen
03ac49f64e Remove haveged
haveged was added 8 years ago[1] to increase entropy and presumably to
prevent entropy starvation.

A few things has changed since, most notable:
* the kernel actively tries to add entropy (jitter entropy)[2][3][4][5]
* /dev/random no longer blocks after CRNG initialization[6][7]

[1] d7e790d ("Initialize pacman keyring on bootup")
[2] 3f2dc2798b
[3] 50ee7529ec
[4] https://lore.kernel.org/lkml/alpine.DEB.2.21.1909290010500.2636@nanos.tec.linutronix.de/T/
[5] https://lwn.net/Articles/800509/
[6] 30c08efec8
[7] https://lwn.net/Articles/808575/

Fix #98
2021-02-16 16:33:06 +00:00
nl6720
f9a7b206a5
configs/releng: move locale-gen from customize_airootfs.sh to a pacman hook
This finally removes customize_airootfs.sh from releng.

Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
2021-01-31 11:34:56 +02:00
nl6720
a46c74087f
config/releng: remove pacman hooks specific to ISO build process from airootfs after they run
This works around https://bugs.archlinux.org/task/49347 .
Leaving the hooks in the airootfs image will result in it being run when pacstrap is run in the live environment. This should not happen as they are intended for the ISO build process only.

Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/91 .
2021-01-31 09:55:25 +02:00
nl6720
4f4047a3f8
configs/releng: move the mirror uncommenting sed command from customize_airootfs.sh to a pacman hook
After pacman-mirrorlist is installed, /etc/pacman.d/hooks/uncomment-mirrors.hook will run a sed command which uncomments all Server lines in /etc/pacman.d/mirrorlist.
This brings us another step closer to the complete removal of customize_airootfs.sh.

Related to https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
2021-01-27 00:07:45 +02:00
Michael Vorburger
833cbd5e72 enable SSH server in releng profile 2021-01-23 15:54:31 +00:00
Michael Vorburger
9b03e0b08a add cloud-init to releng 2021-01-23 15:54:31 +00:00
Alexander Epaneshnikov
6a39300b0f implement accessibility support in archiso
this fixes #67
2020-10-29 12:30:37 +00:00
nl6720
6820f2cb69
Add modconf to HOOKS array in mkinitcpio.conf
The default mkinitcpio.conf includes modconf in HOOKS.
2020-10-29 13:36:27 +02:00
nl6720
136152e672
Do not rename the initramfs image
This is a breaking change. archweb, archiso-manager and various documentation must be updated.

* https://github.com/archlinux/archweb/blob/master/templates/releng/archlinux.ipxe
* https://github.com/pierres/archiso-manager/blob/master/Makefile
2020-09-27 20:54:10 +03:00
nl6720
9544bbfdf1
configs/releng: remove custom reflector.service and use the service provided by the package
archiso specific options are placed in a /etc/systemd/system/reflector.service.d/archiso.conf drop-in.
2020-09-27 19:55:38 +03:00
nl6720
e6455b885b
archiso/mkarchiso: create an empty /etc/machine-id
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/42 .
2020-08-18 21:27:52 +03:00
nl6720
0ada52d47f
releng: place custom sshd_config in airootfs
Properly track the file instead of modifying it on-the-fly with customize_airootfs.sh.
See https://gitlab.archlinux.org/archlinux/archiso/-/issues/21 .
2020-07-30 15:53:46 +03:00
David Runge
a96330699f
Use latest synced mirrors instead of age
configs/releng/airootfs/etc/systemd/system/reflector.service:
Use the 70 mirrors synced most recently (--latest) instead of a specific time since last sync (--age).
According to FS#67399 using 1hour as sync age is too short, as it sometimes leads to empty list.
2020-07-30 12:06:57 +02:00
nl6720
ff0c13f90c
Build initramfs images only once
Place custom mkinitcpio.conf in airootfs.
Use a custom mkinitcpio preset to specify generated image file path.
2020-07-29 18:19:42 +03:00
nl6720
a5886ad71e
Remove unnecessary files from releng's airootfs
configs/releng/airootfs/etc/fstab:
/etc/fstab shipped by the filesystem package has only comments. There is no reason to replace it with an empty file.

configs/releng/airootfs/etc/systemd/system/default.target:
There is no harm in booting to graphical.target. releng does not enable (or even install) any service that has {Required,Wanted}By=graphical.target.
2020-07-29 18:10:25 +03:00
David Runge
e264b44682
Add license and basic documentation
LICENSE:
Add GPL-3.0 license.

{{archiso,configs}/*,.editorconfig,.gitlab-ci.yml}:
Add SPDX license identifier.

Makefile:
Add SPDX license identifier.
Install the `run_archiso.sh` script as global executable `run_archiso`.
Use -D and -t flags to install to install files more generically (without a previous call to install the directory).

README.rst:
Add README outlining the project's scope, how to build images from the profiles and how to test.

AUTHORS.rst:
Add list of all direct contributors to the repository.

CONTRIBUTING.rst:
Add basic contribution guidelines, explaining the linter and the license in use.

Closes #7
Closes #3
2020-07-29 14:27:48 +02:00
nl6720
6689537563
Set root user's shell and password with custom /etc/passwd and /etc/shadow
Correct shadow file permissions from build.sh.
2020-07-20 13:39:41 +03:00
nl6720
550aca7124
Remove lynx usage in configs/releng/build.sh
/usr/local/bin/Installation_guide:
Add a convenience script which opens the installation guide in lynx.

/etc/motd:
Provide a message with minimal instructions for connecting to internet and inform about the Installation_guide convenience script.
2020-07-11 17:08:44 +03:00
nl6720
f44e91c631
Remove unneded ReadOnlyPaths from reflector.service
configs/releng/airootfs/etc/systemd/system/reflector.service:
Remove references to a nonexistent file.
2020-07-11 16:31:17 +03:00
nl6720
1b2a7b58ce
Allow systemd-networkd-wait-online to succeed with one interface
It is enough if one network interface is online, there is no need to wait for all of them.
Without this, when connecting with Wi-Fi and leaving Ethernet disconnected, the network-online.target will get unnecessarily delayed.
2020-06-30 20:53:00 +03:00
nl6720
511ca9d95d
Move choose-mirror script to /usr/local/bin/
/etc/systemd/scripts/ is not a standard directory.

Run shellchek on the choose-mirror script.
2020-06-30 18:10:55 +03:00
nl6720
3c33e84c3e
Add reflector and enable reflector.service
reflector.service will update pacman's mirrorlist after a network connection is established in the live system.
Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/26 .
2020-06-30 18:09:44 +03:00
nl6720
ff926f72a1
Set timezone from outside chroot 2020-06-30 06:25:43 +03:00
nl6720
3720627e88
Enable systemd units with symlinks instead of doing it via systemctl in chroot 2020-06-30 06:25:43 +03:00
nl6720
d11737ffe8
Use drop-in files for journald and logind configuration 2020-06-30 06:25:43 +03:00
David Runge
9e004aebf1
IPv6 DHCP
configs/releng/airootfs/etc/systemd/network/20-{ethernet,wirless}.network:
Making sure that systemd-networkd enables DHCP capabilities also for
IPv6 ('DHCP=yes' and unsetting IPv6AcceptRA - see `man 5
systemd.network` for further information).

Closes #23
2020-06-29 16:58:19 +02:00
David Runge
3ed5dd510d
Enabling iwd
configs/releng/airootfs/etc/systemd/system/multi-user.target.wants/iwd.service:
Adding a symlink to /usr/lib/systemd/system/iwd.service to enable iwd in
airootfs (and thus on the image).

Closes #18
2020-06-24 00:19:53 +02:00
David Runge
372a6f9b2f
Numerical prefix for systemd-networkd configuration
Adding a numerical prefix ('20-') to the ethernet.network and
wireless.network configuration files for systemd-networkd.
This way overriding them can become more predictable e.g. by providing
files with a '30-' prefix.

Closes #13
2020-06-23 21:10:17 +02:00
David Runge
0d67870667
Replacing dhcpcd with systemd-networkd and systemd-resolved
configs/releng/airootfs/etc/udev/rules.d/81-dhcpcd.rules:
Removing the udev rule for starting dhcpcd@.service on interfaces of the
form eth* and en*.

configs/releng/airootfs/etc/systemd/network/{ethernet,wireless}.network:
Adding default DHCP configurations for en*, eth*, wlp* and wlan*
interfaces.

configs/releng/airootfs/etc/resolv.conf:
Adding a symlink from /run/systemd/resolve/stub-resolv.conf to
/etc/resolv.conf (in airootfs).

configs/releng/airootfs/root/customize_airootfs.sh:
Adding systemd-networkd and systemd-resolved to the list of services
that are being enabled during airootfs customization.
2020-05-31 21:41:57 +02:00
Eli Schwartz via arch-releng
39bd71c25c Install broadcom-wl to the release ISO
Fixes FS#58239

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
2018-04-16 19:29:57 -03:00
Gerardo Exequiel Pozzi
49bd7ce4bd [configs/releng] Remove unused 'arch' user
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@gmail.com>
2015-04-19 17:31:17 -03:00
Thomas Bächler
8e1cb0670e releng: Add an empty machine-id in airootfs
This makes systemd generate a machine-id on early boot and prevents it from thinking we need
any "first boot" setup. We really don't want systemd thinking that, since we carefully prepared
our root file system.

This also ensures every live environment has a unique machine id.
2014-09-02 20:28:04 +02:00
Gerardo Exequiel Pozzi
604b182af5 [archiso] Rename root-image to airootfs
Two purposes:
 * systemd filename friendly: "-" is used for "/" and must be escaped with "\x20"
 * ISO9660 filename friendly: "-" is replaced with "_"
2014-06-28 00:35:50 -03:00