diff options
38 files changed, 952 insertions, 182 deletions
@@ -112,7 +112,7 @@ GCE-debug: clean prepare @set -e @echo "It's not like I'm building this specially for you or anything!" mkdir -p build/config/includes.chroot/etc/cloud/cloud.cfg.d - cp tools/cloud-init/GCE/99-debug-user.chroot build/config/hooks/live/ + cp tools/cloud-init/99-debug-user.chroot build/config/hooks/live/ cp tools/cloud-init/GCE/90_dpkg.cfg build/config/includes.chroot/etc/cloud/cloud.cfg.d/ cp tools/cloud-init/cloud-init.list.chroot build/config/package-lists/ cp -f tools/cloud-init/GCE/config.boot.default-debug build/config/includes.chroot/opt/vyatta/etc/config.boot.default @@ -133,6 +133,20 @@ AWS: clean prepare cd .. @scripts/copy-image +.PHONY: openstack +.ONESHELL: +openstack: clean prepare + @set -e + @echo "It's not like I'm building this specially for you or anything!" + mkdir -p build/config/includes.chroot/etc/cloud/cloud.cfg.d + cp tools/cloud-init/openstack/90_dpkg.cfg build/config/includes.chroot/etc/cloud/cloud.cfg.d/ + cp tools/cloud-init/cloud-init.list.chroot build/config/package-lists/ + cp -f tools/cloud-init/openstack/config.boot.default build/config/includes.chroot/opt/vyatta/etc/ + cd $(build_dir) + lb build 2>&1 | tee build.log + cd .. + @scripts/copy-image + .PHONY: oracle .ONESHELL: oracle: clean prepare @@ -141,9 +155,41 @@ oracle: clean prepare mkdir -p build/config/includes.chroot/etc/cloud/cloud.cfg.d cp tools/cloud-init/OCI/90_dpkg.cfg build/config/includes.chroot/etc/cloud/cloud.cfg.d/ cp tools/cloud-init/cloud-init.list.chroot build/config/package-lists/ + cp -f tools/cloud-init/OCI/config.boot.default build/config/includes.chroot/opt/vyatta/etc/ cd $(build_dir) @../scripts/build-oracle-image +.PHONY: PACKET +.ONESHELL: +PACKET: clean prepare + @set -e + @echo "It's not like I'm building this specially for you or anything!" + mkdir -p build/config/includes.chroot/etc/cloud/cloud.cfg.d + cp tools/cloud-init/99-disable-networking.chroot build/config/hooks/live/ + cp tools/cloud-init/PACKET/90_dpkg.cfg build/config/includes.chroot/etc/cloud/cloud.cfg.d/ + cp tools/cloud-init/cloud-init.list.chroot build/config/package-lists/ + cp -f tools/cloud-init/PACKET/config.boot.default build/config/includes.chroot/opt/vyatta/etc/ + cd $(build_dir) + lb build 2>&1 | tee build.log + cd .. + @scripts/copy-image + +.PHONY: PACKET-debug +.ONESHELL: +PACKET-debug: clean prepare + @set -e + @echo "It's not like I'm building this specially for you or anything!" + mkdir -p build/config/includes.chroot/etc/cloud/cloud.cfg.d + cp tools/cloud-init/99-debug-user.chroot build/config/hooks/live/ + cp tools/cloud-init/99-disable-networking.chroot build/config/hooks/live/ + cp tools/cloud-init/PACKET/90_dpkg.cfg build/config/includes.chroot/etc/cloud/cloud.cfg.d/ + cp tools/cloud-init/cloud-init.list.chroot build/config/package-lists/ + cp -f tools/cloud-init/PACKET/config.boot.default-debug build/config/includes.chroot/opt/vyatta/etc/config.boot.default + cd $(build_dir) + lb build 2>&1 | tee build.log + cd .. + @scripts/copy-image + .PHONY: clean .ONESHELL: clean: @@ -68,7 +68,7 @@ $ sudo debootstrap jessie vyos-chroot $ sudo chroot vyos-chroot $ echo "deb http://archive.debian.org/debian/ jessie-backports main" >> /etc/apt/sources.list -$ apt-get update +$ apt-get update -o Acquire::Check-Valid-Until=false ``` **NOTE:** We recommend to use the Docker build method @@ -272,6 +272,9 @@ In packages that originate from VyOS the master branch is kept in sync with last legacy package is gone, we will switch to using the `master` branch and retire `current`. -For branch naming we switched to use constellations: -* `crux` +Post-1.2.0 branches are named after constellations sorted by from smallest to largest. +There are 88 of them, here's the [complete list](https://en.wikipedia.org/wiki/IAU_designated_constellations_by_area). + +* 1.2.0: `crux` (Southern Cross) +* Future 1.3.0: `equuleus` * ... diff --git a/data/defaults.json b/data/defaults.json index cd110951..5e6515d9 100644 --- a/data/defaults.json +++ b/data/defaults.json @@ -5,7 +5,7 @@ "debian_distribution": "buster", "vyos_mirror": "http://dev.packages.vyos.net/repositories/current", "vyos_branch": "current", - "kernel_version": "4.19.40", + "kernel_version": "4.19.54", "kernel_flavor": "amd64-vyos", "additional_repositories": [], "custom_packages": [] diff --git a/data/kernel_version b/data/kernel_version deleted file mode 100644 index 51333a00..00000000 --- a/data/kernel_version +++ /dev/null @@ -1 +0,0 @@ -4.19.40-amd64-vyos diff --git a/data/live-build-config/hooks/live/17-gen_initramfs.chroot b/data/live-build-config/hooks/live/17-gen_initramfs.chroot index 6ecf4be7..87b53bd6 100755 --- a/data/live-build-config/hooks/live/17-gen_initramfs.chroot +++ b/data/live-build-config/hooks/live/17-gen_initramfs.chroot @@ -5,4 +5,8 @@ echo I: Create initramfs if it does not exist. # Kernel complains about non available nls_ascii module when booting from USB pendrive echo "nls_ascii" >> /etc/initramfs-tools/modules -update-initramfs -c -u -k `ls /boot | grep vmlinuz- | sed 's/vmlinuz-//g'` +if [ -e /boot/initrd.img-* ]; then + rm -f /boot/initrd.img-* +fi + +update-initramfs -c -k `ls /boot | grep vmlinuz- | sed 's/vmlinuz-//g'` diff --git a/data/live-build-config/hooks/live/18-enable-disable_services.chroot b/data/live-build-config/hooks/live/18-enable-disable_services.chroot index d4d89ba8..787510e0 100755 --- a/data/live-build-config/hooks/live/18-enable-disable_services.chroot +++ b/data/live-build-config/hooks/live/18-enable-disable_services.chroot @@ -38,3 +38,4 @@ systemctl disable tftpd-hpa.service systemctl disable strongswan.service systemctl disable frr.service systemctl disable salt-minion.service +systemctl disable nginx.service diff --git a/data/live-build-config/hooks/live/30-frr-configs.chroot b/data/live-build-config/hooks/live/30-frr-configs.chroot index d3cfbce5..3380ef8c 100755 --- a/data/live-build-config/hooks/live/30-frr-configs.chroot +++ b/data/live-build-config/hooks/live/30-frr-configs.chroot @@ -26,11 +26,9 @@ eigrpd=no babeld=no sharpd=no pbrd=no -bfdd=no +bfdd=yes staticd=yes -""" -daemons_conf = """ vtysh_enable=yes zebra_options=" -s 90000000 --daemon -A 127.0.0.1 -M snmp -n" bgpd_options=" --daemon -A 127.0.0.1 -M snmp -M rpki" @@ -50,18 +48,12 @@ staticd_options=" --daemon -A 127.0.0.1" bfdd_options=" --daemon -A 127.0.0.1" watchfrr_enable=no -watchfrr_options=(-d -r /usr/sbin/servicebBfrrbBrestartbB%s -s /usr/sbin/servicebBfrrbBstartbB%s -k /usr/sbin/servicebBfrrbBstopbB%s -b bB) - valgrind_enable=no -valgrind=/usr/bin/valgrind """ with open("/etc/frr/daemons", "w") as f: f.write(daemons) -with open("/etc/frr/daemons.conf", "w") as f: - f.write(daemons_conf) - # Create empty daemon configs so that they start properly for name in ["zebra.conf", "bgpd.conf", "ospfd.conf", "ospf6d.conf", "ripd.conf", "ripngd.conf"]: open(os.path.join("/etc/frr", name), 'a').close() diff --git a/data/live-build-config/package-lists/vyos-utils.list.chroot b/data/live-build-config/package-lists/vyos-utils.list.chroot index 8c0a8cd4..ee2073fb 100644 --- a/data/live-build-config/package-lists/vyos-utils.list.chroot +++ b/data/live-build-config/package-lists/vyos-utils.list.chroot @@ -24,3 +24,6 @@ iotop aptitude localepurge bgpq3 +libnss-myhostname +ssl-cert +nginx-light diff --git a/data/package-lists/vyos-dev.list.chroot b/data/package-lists/vyos-dev.list.chroot index f3305f30..dd1de5f3 100644 --- a/data/package-lists/vyos-dev.list.chroot +++ b/data/package-lists/vyos-dev.list.chroot @@ -1,3 +1,4 @@ gdb strace apt-rdepends +vyos-smoketest diff --git a/docker/Dockerfile b/docker/Dockerfile index 69c76ddb..041a9260 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -129,9 +129,12 @@ RUN apt-get update && apt-get install -y \ # Packages needed for vyatta-iproute RUN apt-get update && apt-get install -y \ + iptables-dev \ libatm1-dev \ + libcap-dev \ libdb-dev \ - iptables-dev + libelf-dev \ + libselinux1-dev # Packages needed for vyatta-webgui RUN apt-get update && apt-get install -y \ @@ -309,6 +312,5 @@ RUN echo "$(opam env --root=/opt/opam --set-root)" >> /etc/skel/.bashrc # Cleanup RUN rm -rf /tmp/* -COPY pkg-build.sh /usr/local/bin/pkg-build.sh COPY entrypoint.sh /usr/local/bin/entrypoint.sh ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] diff --git a/docker/Dockerfile-arm64 b/docker/Dockerfile-arm64 new file mode 100644 index 00000000..9625058b --- /dev/null +++ b/docker/Dockerfile-arm64 @@ -0,0 +1,343 @@ +# Copyright (C) 2018 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# in order to easy exprort images built to "external" world +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# Must be run with --privileged flag, recommended to run the container with a +# volume mapped in order to easy export images + +FROM multiarch/debian-debootstrap:arm64-jessie-slim +LABEL authors="VyOS Maintainers <maintainers@vyos.io>" + +ENV DEBIAN_FRONTEND noninteractive + +COPY no--check-valid-until /etc/apt/apt.conf.d/ +RUN echo "deb http://archive.debian.org/debian jessie main" \ + > /etc/apt/sources.list + +# Standard shell should be bash not dash +RUN echo "dash dash/sh boolean false" | debconf-set-selections && \ + dpkg-reconfigure dash + +RUN apt-get update && apt-get install -y \ + dialog \ + apt-utils \ + locales + +RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen +ENV LANG en_US.utf8 + +RUN apt-get update && apt-get install -y \ + vim \ + git \ + curl \ + make \ + sudo \ + mc \ + pbuilder \ + devscripts \ + squashfs-tools \ + autoconf \ + automake \ + dpkg-dev \ + genisoimage \ + lsb-release \ + fakechroot \ + libtool \ + libapt-pkg-dev \ + parted \ + kpartx \ + quilt \ + python3-lxml \ + python3-setuptools \ + python3-nose \ + python3-coverage \ + python3-sphinx \ + python3-pystache \ + pkg-config \ + debhelper \ + jq + +# +# Setup Debian Jessie Backports repository +# +COPY no--check-valid-until /etc/apt/apt.conf.d/ +RUN echo "deb http://archive.debian.org/debian/ jessie-backports main" \ + > /etc/apt/sources.list.d/jessie-backports.list + +RUN apt-get update && apt-get install -y -t jessie-backports \ + python3-git \ + python3-pip + +RUN echo "deb http://deb.debian.org/debian buster main" \ + > /etc/apt/sources.list.d/buster.list + +RUN apt-get update && apt-get install -y \ + golang \ + gosu + +RUN rm -f /etc/apt/sources.list.d/buster.list + +# Package needed for mdns-repeater +RUN apt-get update && apt-get install -y -t jessie-backports \ + dh-systemd + +# +# Remove Debian Jessie Backports repository +# +RUN rm -f /etc/apt/sources.list.d/jessie-backports.list \ + /etc/apt/apt.conf.d/no--check-valid-until + +# +# Building libvyosconf requires a full configured OPAM/OCaml setup +# +RUN apt-get update && apt-get install -y \ + libffi-dev \ + libpcre3-dev + +RUN curl https://raw.githubusercontent.com/ocaml/opam/2.0.2/shell/install.sh --output /tmp/opam_install.sh && \ + sed -i 's/read BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \ + opam init --root=/opt/opam --comp=4.07.0 --disable-sandboxing + +RUN eval $(opam env --root=/opt/opam --set-root) && \ + opam install -y \ + oasis + +RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ + fileutils \ + lwt \ + lwt_ppx \ + lwt_log \ + ocplib-endian \ + ounit \ + pcre \ + ppx_deriving_yojson \ + sha \ + toml \ + xml-light \ + batteries \ + ocaml-protoc \ + ctypes-foreign \ + menhir + +RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ + ctypes + +# Build VyConf which is required to build libvyosconfig +RUN eval $(opam env --root=/opt/opam --set-root) && \ + opam pin add vyconf https://github.com/vyos/vyconf.git#51d79a3f -y + +# Build libvyosconfig +RUN eval $(opam env --root=/opt/opam --set-root) && \ + git clone https://github.com/vyos/libvyosconfig.git && \ + cd libvyosconfig && git checkout 9a80a5d3 && \ + dpkg-buildpackage -uc -us -tc -b && \ +dpkg -i ../libvyosconfig0_*_arm64.deb + +# Packages needed for vyatta-cfg +RUN apt-get update && apt-get install -y \ + libglib2.0-dev \ + libperl-dev \ + libboost-filesystem-dev + +# Packages needed for vyatta-iproute +RUN apt-get update && apt-get install -y \ + libatm1-dev \ + libdb-dev \ + iptables-dev + +# Packages needed for vyatta-webgui +RUN apt-get update && apt-get install -y \ + libexpat1-dev \ + subversion + +# Packages needed for pmacct +RUN apt-get update && apt-get install -y \ + libpcap-dev \ + libpq-dev \ + libmysqlclient-dev \ + libgeoip-dev \ + librabbitmq-dev \ + libjansson-dev \ + librdkafka-dev \ + libnetfilter-log-dev + +# Pavkages needed for wireguard +RUN apt-get update && apt-get install -y \ + libmnl-dev + +# Packages needed for kernel +RUN apt-get update && apt-get install -y \ + kernel-package \ + libncurses5-dev \ + flex \ + bison \ + libelf-dev + +# Packages needed for vyos-accel-ppp +RUN apt-get update && apt-get install -y \ + cdbs \ + cmake \ + liblua5.1-dev + +# Prerequisites for building rtrlib +# see http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html +RUN apt-get update && apt-get install -y \ + doxygen \ + libssh-dev \ + libssl-dev + +# Build rtrlib release 0.6.3 +RUN export RTRLIB_VERSION="0.6.3" && \ + wget -P /tmp https://github.com/rtrlib/rtrlib/archive/v${RTRLIB_VERSION}.tar.gz && \ + tar xf /tmp/v${RTRLIB_VERSION}.tar.gz -C /tmp && \ + cd /tmp/rtrlib-${RTRLIB_VERSION} && dpkg-buildpackage -uc -us -tc -b && \ + dpkg -i ../librtr*_arm64.deb ../librtr*_all.deb + +# +# Setup VyOS Debian repository +# +COPY vyos-dev.key /tmp/vyos-dev.key +RUN apt-key add /tmp/vyos-dev.key +RUN echo "deb http://dev.packages.vyos.net/repositories/current/debian/ current main" \ + > /etc/apt/sources.list.d/vyos.list + +# Packages needed to build frr itself +# libyang-dev packages are hsoted on dev.packages.vyos.net see +# https://github.com/FRRouting/frr/blob/master/doc/developer/building-libyang.rst +# for more info +RUN apt-get update && apt-get install -y \ + libyang-dev \ + libyang0.16 \ + chrpath \ + install-info \ + libjson-c-dev \ + libpython3-dev \ + python3-dev \ + python3-pytest \ + texinfo + +# +# Cleanup VyOS Debian Repository +# +RUN rm -f /etc/apt/sources.list.d/vyos.list + +# Packages needed for conntrack-tools +RUN apt-get update && apt-get install -y \ + libnetfilter-conntrack-dev \ + libnetfilter-cthelper0-dev \ + libnetfilter-cttimeout-dev \ + libnetfilter-queue-dev + +# Packages needed for hvinfo +RUN apt-get update && apt-get install -y \ + gnat \ + gprbuild + +# Packages needed for vyos-1x +RUN apt-get update && apt-get install -y \ + whois + +# Packages needed for ipaddrcheck +RUN apt-get update && apt-get install -y \ + check + +# As there is no Debian Jessie/Stretch package for libcidr available but this +# is required for ipaddrcheck we have to build it from source +RUN git clone https://github.com/wikimedia/analytics-libcidr.git && \ + cd analytics-libcidr && \ + git checkout 026c611d90a1 && \ + dpkg-buildpackage -uc -us -tc -b && \ + dpkg -i ../libcidr*.deb + +# Packages needed for lldpd +RUN apt-get update && apt-get install -y \ + libbsd-dev \ + libevent-dev + +# Packages needed for vyatta-quagga +RUN apt-get update && apt-get install -y \ + libpam-dev \ + libcap-dev \ + libsnmp-dev \ + gawk + +# Packages needed for vyos-strongswan +RUN apt-get update && apt-get install -y \ + libkrb5-dev \ + libssl-dev \ + libxml2-dev \ + systemd \ + libcurl4-openssl-dev \ + libgcrypt20-dev \ + libgmp3-dev \ + libldap2-dev \ + libsqlite3-dev \ + dh-apparmor \ + gperf \ + libsystemd-dev \ + python3-stdeb \ + python-setuptools + +# Packages needed for vyos-opennhrp +RUN apt-get update && apt-get install -y \ + libc-ares-dev + +# Packages needed for ddclient +RUN apt-get update && apt-get install -y \ + xmlto + +# Packages needed for keepalived +RUN apt-get update && apt-get install -y \ + libnl-3-200 \ + libnl-3-dev \ + libnl-nf-3-200 \ + libnl-nf-3-dev \ + libipset-dev \ + libnl-genl-3-200 \ + libnl-genl-3-dev \ + libpopt-dev + +# Packages needed for net-snmp +RUN apt-get update && apt-get install -y \ + python-all \ + python2.7-dev \ + libmysqld-dev + +# Update live-build +RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list && \ + apt-get update && apt-get install -y -t stretch \ + live-build && \ + rm -f /etc/apt/sources.list.d/stretch.list && \ + apt-get update && \ + rm -rf /var/lib/apt/lists/* + +# Install packer +RUN export LATEST="$(curl -s https://checkpoint-api.hashicorp.com/v1/check/packer | \ + jq -r -M '.current_version')"; \ + echo "url https://releases.hashicorp.com/packer/"$LATEST"/packer_"$LATEST"_linux_arm.zip" |\ + curl -K- | gzip -d > /usr/bin/packer && \ + chmod +x /usr/bin/packer + +# Allow password-less 'sudo' for all users in group 'sudo' +RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \ + chmod a+s /usr/sbin/useradd /usr/sbin/groupadd /usr/sbin/gosu /usr/sbin/usermod + +# Ensure sure all users have access to our OCAM installation +RUN echo "$(opam env --root=/opt/opam --set-root)" >> /etc/skel/.bashrc + +# Cleanup +RUN rm -rf /tmp/* + +COPY entrypoint.sh /usr/local/bin/entrypoint.sh +ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] diff --git a/docker/Dockerfile-armhf b/docker/Dockerfile-armhf new file mode 100644 index 00000000..71b5b8bf --- /dev/null +++ b/docker/Dockerfile-armhf @@ -0,0 +1,345 @@ +# Copyright (C) 2018 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# in order to easy exprort images built to "external" world +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# Must be run with --privileged flag, recommended to run the container with a +# volume mapped in order to easy export images + +FROM multiarch/debian-debootstrap:armhf-jessie-slim +LABEL authors="VyOS Maintainers <maintainers@vyos.io>" + +ENV DEBIAN_FRONTEND noninteractive + +COPY no--check-valid-until /etc/apt/apt.conf.d/ +RUN echo "deb http://deb.debian.org/debian jessie main" \ + > /etc/apt/sources.list \ + && echo "deb http://security.debian.org/debian-security jessie/updates main" \ + >> /etc/apt/sources.list + +# Standard shell should be bash not dash +RUN echo "dash dash/sh boolean false" | debconf-set-selections && \ + dpkg-reconfigure dash + +RUN apt-get update && apt-get install -y \ + dialog \ + apt-utils \ + locales + +RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen +ENV LANG en_US.utf8 + +RUN apt-get update && apt-get install -y \ + vim \ + git \ + curl \ + make \ + sudo \ + mc \ + pbuilder \ + devscripts \ + squashfs-tools \ + autoconf \ + automake \ + dpkg-dev \ + genisoimage \ + lsb-release \ + fakechroot \ + libtool \ + libapt-pkg-dev \ + parted \ + kpartx \ + quilt \ + python3-lxml \ + python3-setuptools \ + python3-nose \ + python3-coverage \ + python3-sphinx \ + python3-pystache \ + pkg-config \ + debhelper \ + jq + +# +# Setup Debian Jessie Backports repository +# +COPY no--check-valid-until /etc/apt/apt.conf.d/ +RUN echo "deb http://archive.debian.org/debian/ jessie-backports main" \ + > /etc/apt/sources.list.d/jessie-backports.list + +RUN apt-get update && apt-get install -y -t jessie-backports \ + python3-git \ + python3-pip + +RUN echo "deb http://deb.debian.org/debian buster main" \ + > /etc/apt/sources.list.d/buster.list + +RUN apt-get update && apt-get install -y \ + golang \ + gosu + +RUN rm -f /etc/apt/sources.list.d/buster.list + +# Package needed for mdns-repeater +RUN apt-get update && apt-get install -y -t jessie-backports \ + dh-systemd + +# +# Remove Debian Jessie Backports repository +# +RUN rm -f /etc/apt/sources.list.d/jessie-backports.list \ + /etc/apt/apt.conf.d/no--check-valid-until + +# +# Building libvyosconf requires a full configured OPAM/OCaml setup +# +RUN apt-get update && apt-get install -y \ + libffi-dev \ + libpcre3-dev + +RUN curl https://raw.githubusercontent.com/ocaml/opam/2.0.2/shell/install.sh --output /tmp/opam_install.sh && \ + sed -i 's/read BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \ + opam init --root=/opt/opam --comp=4.07.0 --disable-sandboxing + +RUN eval $(opam env --root=/opt/opam --set-root) && \ + opam install -y \ + oasis + +RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ + fileutils \ + lwt \ + lwt_ppx \ + lwt_log \ + ocplib-endian \ + ounit \ + pcre \ + ppx_deriving_yojson \ + sha \ + toml \ + xml-light \ + batteries \ + ocaml-protoc \ + ctypes-foreign \ + menhir + +RUN eval $(opam env --root=/opt/opam --set-root) && opam install -y \ + ctypes + +# Build VyConf which is required to build libvyosconfig +RUN eval $(opam env --root=/opt/opam --set-root) && \ + opam pin add vyconf https://github.com/vyos/vyconf.git#51d79a3f -y + +# Build libvyosconfig +RUN eval $(opam env --root=/opt/opam --set-root) && \ + git clone https://github.com/vyos/libvyosconfig.git && \ + cd libvyosconfig && git checkout 9a80a5d3 && \ + dpkg-buildpackage -uc -us -tc -b && \ + dpkg -i ../libvyosconfig0_*_armhf.deb + +# Packages needed for vyatta-cfg +RUN apt-get update && apt-get install -y \ + libglib2.0-dev \ + libperl-dev \ + libboost-filesystem-dev + +# Packages needed for vyatta-iproute +RUN apt-get update && apt-get install -y \ + libatm1-dev \ + libdb-dev \ + iptables-dev + +# Packages needed for vyatta-webgui +RUN apt-get update && apt-get install -y \ + libexpat1-dev \ + subversion + +# Packages needed for pmacct +RUN apt-get update && apt-get install -y \ + libpcap-dev \ + libpq-dev \ + libmysqlclient-dev \ + libgeoip-dev \ + librabbitmq-dev \ + libjansson-dev \ + librdkafka-dev \ + libnetfilter-log-dev + +# Pavkages needed for wireguard +RUN apt-get update && apt-get install -y \ + libmnl-dev + +# Packages needed for kernel +RUN apt-get update && apt-get install -y \ + kernel-package \ + libncurses5-dev \ + flex \ + bison \ + libelf-dev + +# Packages needed for vyos-accel-ppp +RUN apt-get update && apt-get install -y \ + cdbs \ + cmake \ + liblua5.1-dev + +# Prerequisites for building rtrlib +# see http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html +RUN apt-get update && apt-get install -y \ + doxygen \ + libssh-dev \ + libssl-dev + +# Build rtrlib release 0.6.3 +RUN export RTRLIB_VERSION="0.6.3" && \ + wget -P /tmp https://github.com/rtrlib/rtrlib/archive/v${RTRLIB_VERSION}.tar.gz && \ + tar xf /tmp/v${RTRLIB_VERSION}.tar.gz -C /tmp && \ + cd /tmp/rtrlib-${RTRLIB_VERSION} && dpkg-buildpackage -uc -us -tc -b && \ + dpkg -i ../librtr*_armhf.deb ../librtr*_all.deb + +# +# Setup VyOS Debian repository +# +COPY vyos-dev.key /tmp/vyos-dev.key +RUN apt-key add /tmp/vyos-dev.key +RUN echo "deb http://dev.packages.vyos.net/repositories/current/debian/ current main" \ + > /etc/apt/sources.list.d/vyos.list + +# Packages needed to build frr itself +# libyang-dev packages are hsoted on dev.packages.vyos.net see +# https://github.com/FRRouting/frr/blob/master/doc/developer/building-libyang.rst +# for more info +RUN apt-get update && apt-get install -y \ + libyang-dev \ + libyang0.16 \ + chrpath \ + install-info \ + libjson-c-dev \ + libpython3-dev \ + python3-dev \ + python3-pytest \ + texinfo + +# +# Cleanup VyOS Debian Repository +# +RUN rm -f /etc/apt/sources.list.d/vyos.list + +# Packages needed for conntrack-tools +RUN apt-get update && apt-get install -y \ + libnetfilter-conntrack-dev \ + libnetfilter-cthelper0-dev \ + libnetfilter-cttimeout-dev \ + libnetfilter-queue-dev + +# Packages needed for hvinfo +RUN apt-get update && apt-get install -y \ + gnat \ + gprbuild + +# Packages needed for vyos-1x +RUN apt-get update && apt-get install -y \ + whois + +# Packages needed for ipaddrcheck +RUN apt-get update && apt-get install -y \ + check + +# As there is no Debian Jessie/Stretch package for libcidr available but this +# is required for ipaddrcheck we have to build it from source +RUN git clone https://github.com/wikimedia/analytics-libcidr.git && \ + cd analytics-libcidr && \ + git checkout 026c611d90a1 && \ + dpkg-buildpackage -uc -us -tc -b && \ + dpkg -i ../libcidr*.deb + +# Packages needed for lldpd +RUN apt-get update && apt-get install -y \ + libbsd-dev \ + libevent-dev + +# Packages needed for vyatta-quagga +RUN apt-get update && apt-get install -y \ + libpam-dev \ + libcap-dev \ + libsnmp-dev \ + gawk + +# Packages needed for vyos-strongswan +RUN apt-get update && apt-get install -y \ + libkrb5-dev \ + libssl-dev \ + libxml2-dev \ + systemd \ + libcurl4-openssl-dev \ + libgcrypt20-dev \ + libgmp3-dev \ + libldap2-dev \ + libsqlite3-dev \ + dh-apparmor \ + gperf \ + libsystemd-dev \ + python3-stdeb \ + python-setuptools + +# Packages needed for vyos-opennhrp +RUN apt-get update && apt-get install -y \ + libc-ares-dev + +# Packages needed for ddclient +RUN apt-get update && apt-get install -y \ + xmlto + +# Packages needed for keepalived +RUN apt-get update && apt-get install -y \ + libnl-3-200 \ + libnl-3-dev \ + libnl-nf-3-200 \ + libnl-nf-3-dev \ + libipset-dev \ + libnl-genl-3-200 \ + libnl-genl-3-dev \ + libpopt-dev + +# Packages needed for net-snmp +RUN apt-get update && apt-get install -y \ + python-all \ + python2.7-dev \ + libmysqld-dev + +# Update live-build +RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list && \ + apt-get update && apt-get install -y -t stretch \ + live-build && \ + rm -f /etc/apt/sources.list.d/stretch.list && \ + apt-get update && \ + rm -rf /var/lib/apt/lists/* + +# Install packer +RUN export LATEST="$(curl -s https://checkpoint-api.hashicorp.com/v1/check/packer | \ + jq -r -M '.current_version')"; \ + echo "url https://releases.hashicorp.com/packer/"$LATEST"/packer_"$LATEST"_linux_arm.zip" |\ + curl -K- | gzip -d > /usr/bin/packer && \ + chmod +x /usr/bin/packer + +# Allow password-less 'sudo' for all users in group 'sudo' +RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \ + chmod a+s /usr/sbin/useradd /usr/sbin/groupadd /usr/sbin/gosu /usr/sbin/usermod + +# Ensure sure all users have access to our OCAM installation +RUN echo "$(opam env --root=/opt/opam --set-root)" >> /etc/skel/.bashrc + +# Cleanup +RUN rm -rf /tmp/* + +COPY entrypoint.sh /usr/local/bin/entrypoint.sh +ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] diff --git a/docker/pkg-build.sh b/docker/pkg-build.sh deleted file mode 100755 index 598917a1..00000000 --- a/docker/pkg-build.sh +++ /dev/null @@ -1,55 +0,0 @@ -if [ -z "$1" ]; then - RELEASE=`echo $GIT_BRANCH | sed 's/origin\//* /g' |sed -n 's/^\* \(.*\)$/\1/p'` -else - RELEASE="$1" -fi - -if [ "$RELEASE" == "master" ]; then - RELEASE="current" -fi - -if [ -n "$1" ]; then - RELEASE="$1" -fi - -ARCH=`dpkg --print-architecture` -VYOS_REPO_PATH="/home/sentrium/web/dev.packages.vyos.net/public_html/repositories/$RELEASE/vyos/" - -exit_code () { -rc=$? -if [[ $rc != 0 ]] ; then - exit $rc -fi -} - -echo $RELEASE - -ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no khagen@dev.packages.vyos.net -t "bash --login -c 'mkdir -p ~/VyOS/$RELEASE/$ARCH'" -exit_code - -scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no ../*.deb khagen@dev.packages.vyos.net:~/VyOS/$RELEASE/$ARCH/ -exit_code - -for PACKAGE in `ls ../*.deb`; -do - PACKAGE=`echo $PACKAGE| cut -d'/' -f 2` - SUBSTRING=`echo $PACKAGE| cut -d'_' -f 1` - if [[ "$PACKAGE" == *_all* ]]; then - ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no khagen@dev.packages.vyos.net -t "uncron-add 'reprepro -v -b ${VYOS_REPO_PATH} remove ${RELEASE} ${SUBSTRING}'" - exit_code - else - ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no khagen@dev.packages.vyos.net -t "uncron-add 'reprepro -v -b ${VYOS_REPO_PATH} -A $ARCH remove $RELEASE $SUBSTRING'" - exit_code - fi - ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no khagen@dev.packages.vyos.net -t "uncron-add 'reprepro -v -b ${VYOS_REPO_PATH} deleteunreferenced'" - exit_code - if [[ "$PACKAGE" == *_all* ]]; then - ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no khagen@dev.packages.vyos.net -t "uncron-add 'reprepro -v -b ${VYOS_REPO_PATH} includedeb $RELEASE ~/VyOS/$RELEASE/$ARCH/$PACKAGE'" - exit_code - else - ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no khagen@dev.packages.vyos.net -t "uncron-add 'reprepro -v -b ${VYOS_REPO_PATH} -A $ARCH includedeb $RELEASE ~/VyOS/$RELEASE/$ARCH/$PACKAGE'" - exit_code - fi -done - -rm -f ../*.deb diff --git a/docs/1u-diy-atom-c3000/1u_vyos_back.jpg b/docs/1u-diy-atom-c3000/1u_vyos_back.jpg Binary files differdeleted file mode 100644 index cd00c11c..00000000 --- a/docs/1u-diy-atom-c3000/1u_vyos_back.jpg +++ /dev/null diff --git a/docs/1u-diy-atom-c3000/1u_vyos_front.jpg b/docs/1u-diy-atom-c3000/1u_vyos_front.jpg Binary files differdeleted file mode 100644 index 3d135d56..00000000 --- a/docs/1u-diy-atom-c3000/1u_vyos_front.jpg +++ /dev/null diff --git a/docs/1u-diy-atom-c3000/1u_vyos_front_open_1.jpg b/docs/1u-diy-atom-c3000/1u_vyos_front_open_1.jpg Binary files differdeleted file mode 100644 index d90d565e..00000000 --- a/docs/1u-diy-atom-c3000/1u_vyos_front_open_1.jpg +++ /dev/null diff --git a/docs/1u-diy-atom-c3000/1u_vyos_front_open_2.jpg b/docs/1u-diy-atom-c3000/1u_vyos_front_open_2.jpg Binary files differdeleted file mode 100644 index 6d112463..00000000 --- a/docs/1u-diy-atom-c3000/1u_vyos_front_open_2.jpg +++ /dev/null diff --git a/docs/1u-diy-atom-c3000/1u_vyos_front_open_3.jpg b/docs/1u-diy-atom-c3000/1u_vyos_front_open_3.jpg Binary files differdeleted file mode 100644 index 198ba3ce..00000000 --- a/docs/1u-diy-atom-c3000/1u_vyos_front_open_3.jpg +++ /dev/null diff --git a/docs/1u-diy-atom-c3000/README.md b/docs/1u-diy-atom-c3000/README.md deleted file mode 100644 index 698faae3..00000000 --- a/docs/1u-diy-atom-c3000/README.md +++ /dev/null @@ -1,38 +0,0 @@ -Ínitially I wanted to replace Cisco and Ubiquity devices with VyOS but did not -want to run a full blown Hypervisor at that locations. Instead I opted to get -one of the new Intel Atom C3000 CPUs to spawn VyOS on it. - -## Shopping Card - -* 1x Supermicro CSE-505-203B (19" 1U chassis, inkl. 200W PSU) -* 1x Supermicro MCP-260-00085-0B (I/O Shield for A2SDi-2C-HLN4F) -* 1x Supermicro A2SDi-2C-HLN4F (Intel Atom C3338, 2C/2T, 4MB cache, Quad LAN with - Intel C3000 SoC 1GbE) -* 1x Crucial CT4G4DFS824A (4GB DDR4 RAM 2400 MT/s, PC4-19200) -* 1x SanDisk Ultra Fit 32GB (USB-A 3.0 SDCZ43-032G-G46 mass storage for OS) -* 1x Supermicro MCP-320-81302-0B (optional FAN tray) - -### Optional -If you wan't to get additional ethernet ports or even 10GE connectivity -the following optional parts will be required: - -* 1x Supermicro RSC-RR1U-E8 (Riser Card) -* 1x Supermicro MCP-120-00063-0N (Riser Card Bracket) - -Latest VyOS rolling releases boot without any problem on this board. You also -receive a nice IPMI interface realized with an ASPEED AST2400 BMC (no information -about [OpenBMC](https://www.openbmc.org/)) so far on this motherboard. - -## Pictures - -![CSE-505-203B Front][505_case_front] -![CSE-505-203B Open 1][505_case_open_1] -![CSE-505-203B Open 2][505_case_open_2] -![CSE-505-203B Open 3][505_case_open_3] -![CSE-505-203B Back][505_case_back] - -[505_case_back]: 1u_vyos_back.jpg "CSE-505-203B Back" -[505_case_front]: 1u_vyos_front.jpg "CSE-505-203B Front" -[505_case_open_1]: 1u_vyos_front_open_1.jpg "CSE-505-203B Open 1" -[505_case_open_2]: 1u_vyos_front_open_2.jpg "CSE-505-203B Open 2" -[505_case_open_3]: 1u_vyos_front_open_3.jpg "CSE-505-203B Open 3" diff --git a/docs/README.md b/docs/README.md deleted file mode 100644 index c0de03e0..00000000 --- a/docs/README.md +++ /dev/null @@ -1,6 +0,0 @@ -A brief documentation about VyOS can be found at -https://github.com/vyos-documentation or rendered at https://vyos.readthedocs.org - -Another landing spot would be the old Wiki at http://wiki.vyos.net. - -Build instructions for a 1U DIY VyOS bare metal router is [here](1u-diy-atom-c3000/README.md) diff --git a/scripts/build-config b/scripts/build-config index a12ecdc4..dd74a50e 100755 --- a/scripts/build-config +++ b/scripts/build-config @@ -67,7 +67,7 @@ options = { 'architecture': ('Image target architecture (amd64 or i386 or armhf)', lambda: build_defaults['architecture'], lambda x: x in ['amd64', 'i386', 'armhf']), 'build-by': ('Builder identifier (e.g. jrandomhacker@example.net)', get_default_build_by, None), 'debian-mirror': ('Debian repository mirror for ISO build', lambda: build_defaults['debian_mirror'], None), - 'debian-security-mirror': ('Debian security updated mirror', lambda: build_defaults['debian_security_mirror'], None), + 'debian-security-mirror': ('Debian security updates mirror', lambda: build_defaults['debian_security_mirror'], None), 'pbuilder-debian-mirror': ('Debian repository mirror for pbuilder env bootstrap', lambda: build_defaults['debian_mirror'], None), 'vyos-mirror': ('VyOS package mirror', lambda: build_defaults["vyos_mirror"], None), 'build-type': ('Build type, release or development', lambda: 'development', lambda x: x in ['release', 'development']), diff --git a/scripts/build-kernel b/scripts/build-kernel deleted file mode 100755 index e58d2d5a..00000000 --- a/scripts/build-kernel +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash -if [ ! -f "Makefile" ]; then - echo "Makefile missing, This script needs to be executed inside the vyos-kernel package directory" - exit 1 -fi - -if grep -Fxq "KBUILD_OUTPUT" Makefile; then - echo "Wrong Makefile?, This script needs to be executed inside the vyos-kernel package directory" - exit 1 -fi - - -# newer Kernel versions come with a "# SPDX-License-Identifier: GPL-2.0" identifier -# as the first line in the file - use compatible approach with grep rather then sed -VERSION=$(grep "^VERSION" Makefile | grep -Eo '[0-9]{1,4}') -PATCHLEVEL=$(grep "^PATCHLEVEL" Makefile | grep -Eo '[0-9]{1,4}') -SUBLEVEL=$(grep "^SUBLEVEL" Makefile | grep -Eo '[0-9]{1,4}') -ARCH=$(dpkg --print-architecture) - -case "$ARCH" in - amd64) - make x86_64_vyos_defconfig - TARGETS="kernel_headers kernel_image" - # the following targets are not supported for Linux Kernels > 4.14 as - # they have been removed from the Makefile (commits 18afab8c1d3c2 & - # 22cba31bae9dc). - if [ ${PATCHLEVEL} -lt 14 ]; then - TARGETS+=" kernel_manual kernel_doc" - fi - CONCURRENCY_LEVEL=4 LOCALVERSION="" make-kpkg --rootcmd fakeroot --initrd --append_to_version -amd64-vyos --revision=$VERSION.$PATCHLEVEL.$SUBLEVEL-1+vyos1+current1 -j$(cat /proc/cpuinfo | grep processor | wc -l) ${TARGETS} - ;; - - armhf) - make armhf_vyos_defconfig - ;; -esac diff --git a/scripts/build-oracle-image b/scripts/build-oracle-image index 61f8ddee..e2066fc7 100755 --- a/scripts/build-oracle-image +++ b/scripts/build-oracle-image @@ -57,7 +57,7 @@ dateymd=$(date +%Y%m%d) PARTED=/sbin/parted OUTPUT=disk.raw OUTPUTQCOW2=VyOS-"$dateymd".qcow2 -IMAGE_SIZE=2 +IMAGE_SIZE=10 qemu-img create -f raw ${OUTPUT} ${IMAGE_SIZE}G ${PARTED} -s ${OUTPUT} mktable msdos diff --git a/scripts/build-packages b/scripts/build-packages index c57dd822..5abd1ea6 100755 --- a/scripts/build-packages +++ b/scripts/build-packages @@ -98,7 +98,10 @@ def clone_package(pkg, log): First cleanup any possible leftovers from previous builds """ - if args.clean: + if args.keep: + log.debug("Keep possibly modified package '{}'".format(pkg['path'])) + return False + elif args.clean: # delete repository from disk if os.path.isdir(pkg['path']): log.debug("Cleaning '{}'".format(pkg['path'])) @@ -186,7 +189,12 @@ vyos_packages = ['vyatta-bash', 'vyatta-conntrack-sync', 'vyos-xe-guest-utilities', 'vyos-netplug', - 'eventwatchd'] + 'pmacct', + 'ddclient', + 'igmpproxy', + 'eventwatchd', + 'live-boot', + 'conntrack-tools'] # Special packages mean packages which are located no in the VyOS namespace # or require fancy build instructions @@ -239,7 +247,6 @@ pkg_special.append( add_package('net-snmp', custombuild_cmd=net_snmp_build_cmd) # Linux (VyOS) Kernel # kernel_build_cmd = "make x86_64_vyos_defconfig && " \ - "echo $(make kernelversion)-amd64-vyos > " + repo_root + "/data/kernel_version && " \ "sed -i 's/\"kernel_version\": \"[0-9].[0-9][0-9].[0-9]*\"/\"kernel_version\": \"'$(make kernelversion)'\"/' " + repo_root + "/data/defaults.json && " \ "make bindeb-pkg LOCALVERSION='-amd64-vyos' KDEB_PKGVERSION=$(make kernelversion)-1 -j $(getconf _NPROCESSORS_ONLN)" pkg_special.append( add_package('vyos-kernel', branch='linux-vyos-4.19.y', custombuild_cmd=kernel_build_cmd) ) @@ -249,7 +256,7 @@ pkg_special.append( add_package('vyos-kernel', branch='linux-vyos-4.19.y', custo # # WireGuard Kernel Module # -wireguard_build_cmd = "echo 'src/wireguard.ko /lib/modules/'$(cat " + repo_root + "/data/defaults.json | jq '.kernel_version' | tr -d \\\") > debian/wireguard-modules.install && " \ +wireguard_build_cmd = "echo 'src/wireguard.ko /lib/modules/'$(cat " + repo_root + "/data/defaults.json | jq '.kernel_version' | tr -d \\\")-amd64-vyos/extra > debian/wireguard-modules.install && " \ "KERNELDIR=" + repo_root + "/packages/vyos-kernel dpkg-buildpackage -b -us -uc -tc -j" + str(os.cpu_count()) pkg_special.append( add_package('vyos-wireguard', custombuild_cmd=wireguard_build_cmd) ) @@ -258,8 +265,8 @@ pkg_special.append( add_package('vyos-wireguard', custombuild_cmd=wireguard_buil # # Accell-PPP Package and Kernel Module # -accel_ppp_build_cmd = "echo 'lib/modules/'$(cat " + repo_root + "/data/defaults.json | jq '.kernel_version' | tr -d \\\")'/extra/*.ko' > debian/vyos-accel-ppp-ipoe-kmod.install && " \ - "sed -i 's#[0-9].[0-9][0-9].[0-9]*-amd64-vyos#'$(cat " + repo_root + "/data/defaults.json | jq '.kernel_version' | tr -d \\\")'#g' debian/rules && " \ +accel_ppp_build_cmd = "echo 'lib/modules/'$(cat " + repo_root + "/data/defaults.json | jq '.kernel_version' | tr -d \\\")-amd64-vyos/extra/*.ko > debian/vyos-accel-ppp-ipoe-kmod.install && " \ + "sed -i 's#[0-9].[0-9][0-9].[0-9]*-amd64-vyos#'$(cat " + repo_root + "/data/defaults.json | jq '.kernel_version' | tr -d \\\")'-amd64-vyos#g' debian/rules && " \ "KERNELDIR=" + repo_root + "/packages/vyos-kernel dpkg-buildpackage -b -us -uc -tc -j" + str(os.cpu_count()) pkg_special.append( add_package('vyos-accel-ppp', custombuild_cmd=accel_ppp_build_cmd) ) @@ -272,11 +279,14 @@ pkg_build = [] if __name__ == '__main__': parser = argparse.ArgumentParser() + exclusive = parser.add_mutually_exclusive_group(required=False) + exclusive.add_argument('-c', '--clean', action='store_true', help='Re-clone required Git repositories') + exclusive.add_argument('-k', '--keep', action='store_true', help='Keep modified Git repositories') + exclusive.add_argument('-f', '--fetch', action='store_true', help='Fetch sources only, no build') + parser.add_argument('-v', '--verbose', action='count', default=0, help='Increase logging verbosity for each occurance') - parser.add_argument('-c', '--clean', action='store_true', help='Re-clone required Git repositories') parser.add_argument('-l', '--list-packages', action='store_true', help='List all packages to build') parser.add_argument('-b', '--build', nargs='+', help='Whitespace separated list of packages to build') - parser.add_argument('-f', '--fetch', action='store_true', help='Fetch sources only, no build') parser.add_argument('-p', '--parallel', action='store_true', help='Build on all CPUs') parser.add_argument('--blacklist', nargs='+', help='Do not build/report packages when calling --list') diff --git a/scripts/live-build-config b/scripts/live-build-config index 7141df00..9855467d 100755 --- a/scripts/live-build-config +++ b/scripts/live-build-config @@ -35,7 +35,8 @@ util.check_build_config() lb_config_tmpl = """ lb config noauto \ --architectures {{architecture}} \ - --bootappend-live "boot=live components hostname=vyos username=live nopersistence noautologin nonetworking union=overlay console=tty0 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0" \ + --bootappend-live "boot=live components hostname=vyos username=live nopersistence noautologin nonetworking union=overlay console=ttyS0,115200 console=tty0 net.ifnames=0 biosdevname=0" \ + --bootappend-live-failsafe "live components memtest noapic noapm nodma nomce nolapic nomodeset nosmp nosplash vga=normal console=ttyS0,115200 console=tty0 net.ifnames=0 biosdevname=0" \ --linux-flavours {{kernel_flavor}} \ --linux-packages linux-image-{{kernel_version}} \ --bootloader syslinux,grub-efi \ diff --git a/scripts/make-version-file b/scripts/make-version-file index 95574722..4df2cb6c 100755 --- a/scripts/make-version-file +++ b/scripts/make-version-file @@ -43,7 +43,16 @@ build_timestamp = now.strftime("%Y%m%d%H%M") build_date = now.strftime("%a %d %b %Y %H:%M UTC") # Assign a (hopefully) unique identifier to the build (UUID) -build_id = str(uuid.uuid4()) +build_uuid = str(uuid.uuid4()) + +# Initialize Git object from our repository +repo = git.Repo('.') + +# Retrieve the Git commit ID of the repository, 14 charaters will be sufficient +build_git = repo.head.object.hexsha[:14] +# If somone played around with the source tree and the build is "dirty", mark it +if repo.is_dirty(): + build_git += "-dirty" # Create a build version if build_config['build_type'] == 'development': @@ -52,7 +61,6 @@ if build_config['build_type'] == 'development': with open('data/versions') as f: version_mapping = json.load(f) - repo = git.Repo('.') git_branch = repo.active_branch.name branch_version = version_mapping[git_branch] @@ -68,10 +76,10 @@ version_data = { 'version': version, 'built_by': build_config['build_by'], 'built_on': build_date, - 'build_id': build_id + 'build_uuid': build_uuid, + 'build_git': build_git } - os.makedirs(os.path.join(defaults.CHROOT_INCLUDES_DIR, 'usr/share/vyos'), exist_ok=True) with open(os.path.join(defaults.CHROOT_INCLUDES_DIR, 'usr/share/vyos/version.json'), 'w') as f: json.dump(version_data, f) diff --git a/scripts/template.ovf b/scripts/template.ovf index 87237bf7..88ea5562 100644 --- a/scripts/template.ovf +++ b/scripts/template.ovf @@ -1,5 +1,5 @@ -<?xml version='1.0' encoding='UTF-8'?> -<ovf:Envelope xmlns:ovf="http://schemas.dmtf.org/ovf/envelope/1" xmlns="http://schemas.dmtf.org/ovf/envelope/1" xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData" xmlns:vssd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_VirtualSystemSettingData" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:vmw="http://www.vmware.com/schema/ovf"> +<?xml version="1.0" encoding="UTF-8"?> +<ovf:Envelope xmlns="http://schemas.dmtf.org/ovf/envelope/1" xmlns:ovf="http://schemas.dmtf.org/ovf/envelope/1" xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData" xmlns:vmw="http://www.vmware.com/schema/ovf" xmlns:vssd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_VirtualSystemSettingData" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <References> <File ovf:href="vyos_vmware_image.vmdk" ovf:id="file1" ovf:size="{{vmdk_file_size}}"/> </References> @@ -39,22 +39,22 @@ <ProductSection ovf:required="false"> <Info>VyOS is a Linux-based network operating system that provides software-based network routing, firewall, and VPN functionality.</Info> <Product>VyOS</Product> - <Vendor>VyOS maintainers and contributors</Vendor> + <Vendor>Sentrium S.L.</Vendor> <Version>{{version}}</Version> <ProductUrl>https://www.vyos.io</ProductUrl> <VendorUrl>https://sentrium.io/</VendorUrl> <AppUrl/> <Category>Appliance user Settings</Category> - <Property ovf:key="password" ovf:type="string" ovf:userConfigurable="true" ovf:value="" ovf:qualifiers="MinLen(8)" ovf:password="true"> + <Property ovf:key="password" ovf:password="true" ovf:qualifiers="MinLen(8)" ovf:type="string" ovf:userConfigurable="true" ovf:value=""> <Label ovf:msgid="Password.label">Password</Label> - <Description ovf:msgid="Password.description">The password for the appliance 'vyos' account. Passwords must be at least 8 characters in length.</Description> + <Description ovf:msgid="Password.description">The password for the appliance 'vyos' account. Passwords must be at least 8 characters in length.</Description> </Property> - <Property ovf:key="public-keys" ovf:type="string" ovf:value="" ovf:userConfigurable="true"> + <Property ovf:key="public-keys" ovf:type="string" ovf:userConfigurable="true" ovf:value=""> <Label>Public key</Label> - <Description>The public ssh key for the appliance 'vyos' account.</Description> + <Description>The public ssh key for the appliance 'vyos' account.</Description> </Property> <Category>Appliance IPv4 Network Settings</Category> - <Property ovf:key="local-hostname" ovf:type="string" ovf:userConfigurable="true" ovf:value="" ovf:qualifiers="MinLen(0),MaxLen(65535)"> + <Property ovf:key="local-hostname" ovf:qualifiers="MinLen(0),MaxLen(65535)" ovf:type="string" ovf:userConfigurable="true" ovf:value=""> <Label>Hostname</Label> <Description>The host name for this virtual machine.</Description> </Property> @@ -87,11 +87,11 @@ <Info/> <Annotation>VyOS</Annotation> </AnnotationSection> - <OperatingSystemSection ovf:id="100" ovf:version="1" vmw:osType="debian8_64Guest"> - <Info>Guest Operating System</Info> - <Description>VyOS</Description> + <OperatingSystemSection ovf:id="96" ovf:version="6" vmw:osType="debian8_64Guest"> + <Info>The operating system installed</Info> + <Description>Debian GNU/Linux 8 (64-bit)</Description> </OperatingSystemSection> - <VirtualHardwareSection ovf:transport="com.vmware.guestInfo" ovf:required="false"> + <VirtualHardwareSection ovf:required="false" ovf:transport="com.vmware.guestInfo"> <Info>Virtual Hardware Requirements</Info> <System> <vssd:ElementName>Virtual Hardware Family</vssd:ElementName> @@ -148,7 +148,7 @@ </Item> <Item> <rasd:Address xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">0</rasd:Address> - <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">SCSI Controller 0</rasd:ElementName> + <rasd:ElementName xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">SCSI Controller 0 - VMware Paravirtual SCSI</rasd:ElementName> <rasd:InstanceID xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData">3</rasd:InstanceID> <rasd:ResourceSubType>VirtualSCSI</rasd:ResourceSubType> <rasd:ResourceType>6</rasd:ResourceType> @@ -195,6 +195,8 @@ <rasd:ResourceSubType>vmxnet3</rasd:ResourceSubType> <rasd:ResourceType>10</rasd:ResourceType> </ovf:Item> + <vmw:Config ovf:required="false" vmw:key="cpuHotAddEnabled" vmw:value="true"/> + <vmw:Config ovf:required="false" vmw:key="memoryHotAddEnabled" vmw:value="true"/> </VirtualHardwareSection> </VirtualSystem> </ovf:Envelope> diff --git a/tools/cloud-init/GCE/99-debug-user.chroot b/tools/cloud-init/99-debug-user.chroot index 7b72f898..7b72f898 100755 --- a/tools/cloud-init/GCE/99-debug-user.chroot +++ b/tools/cloud-init/99-debug-user.chroot diff --git a/tools/cloud-init/99-disable-networking.chroot b/tools/cloud-init/99-disable-networking.chroot new file mode 100755 index 00000000..e576c8a5 --- /dev/null +++ b/tools/cloud-init/99-disable-networking.chroot @@ -0,0 +1,3 @@ +#!/bin/bash +systemctl disable networking +/usr/sbin/update-rc.d -f networking remove diff --git a/tools/cloud-init/GCE/config.boot.default b/tools/cloud-init/GCE/config.boot.default index a0cc398f..cac26936 100644 --- a/tools/cloud-init/GCE/config.boot.default +++ b/tools/cloud-init/GCE/config.boot.default @@ -1,4 +1,5 @@ system { + host-name vyos syslog { global { facility all { diff --git a/tools/cloud-init/GCE/config.boot.default-debug b/tools/cloud-init/GCE/config.boot.default-debug index 9514e893..a51c3f4d 100644 --- a/tools/cloud-init/GCE/config.boot.default-debug +++ b/tools/cloud-init/GCE/config.boot.default-debug @@ -10,6 +10,7 @@ service { } } system { + host-name vyos syslog { global { facility all { diff --git a/tools/cloud-init/OCI/config.boot.default b/tools/cloud-init/OCI/config.boot.default index 296c690a..de724f0b 100644 --- a/tools/cloud-init/OCI/config.boot.default +++ b/tools/cloud-init/OCI/config.boot.default @@ -1,4 +1,14 @@ system { + host-name vyos + login { + user vyos { + authentication { + encrypted-password "*" + plaintext-password "" + } + level admin + } + } syslog { global { facility all { @@ -16,7 +26,7 @@ system { } console { device ttyS0 { - speed 115200 + speed 9600 } } config-management { diff --git a/tools/cloud-init/PACKET/90_dpkg.cfg b/tools/cloud-init/PACKET/90_dpkg.cfg new file mode 100644 index 00000000..4f7bbd8c --- /dev/null +++ b/tools/cloud-init/PACKET/90_dpkg.cfg @@ -0,0 +1,8 @@ +# to update this file, run dpkg-reconfigure cloud-init +datasource_list: [ Ec2 ] +datasource: + Ec2: + metadata_urls: ["https://metadata.packet.net"] + max_wait: 120 + timeout: 50 + strict_id: false diff --git a/tools/cloud-init/PACKET/config.boot.default b/tools/cloud-init/PACKET/config.boot.default new file mode 100644 index 00000000..b56a94aa --- /dev/null +++ b/tools/cloud-init/PACKET/config.boot.default @@ -0,0 +1,31 @@ +system { + host-name vyos + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } + ntp { + server "0.pool.ntp.org" + server "1.pool.ntp.org" + server "2.pool.ntp.org" + } + console { + device ttyS1 { + speed 115200 + } + } + config-management { + commit-revisions 100 + } +} + +interfaces { + loopback lo { + } +} diff --git a/tools/cloud-init/PACKET/config.boot.default-debug b/tools/cloud-init/PACKET/config.boot.default-debug new file mode 100644 index 00000000..660f1d0f --- /dev/null +++ b/tools/cloud-init/PACKET/config.boot.default-debug @@ -0,0 +1,42 @@ +interfaces { + ethernet eth0 { + address dhcp + } +} +service { + ssh { + port 8022 + client-keepalive-interval 180 + } +} +system { + host-name vyos + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } + ntp { + server "0.pool.ntp.org" + server "1.pool.ntp.org" + server "2.pool.ntp.org" + } + console { + device ttyS1 { + speed 115200 + } + } + config-management { + commit-revisions 100 + } +} + +interfaces { + loopback lo { + } +} diff --git a/tools/cloud-init/azure/config.boot.default b/tools/cloud-init/azure/config.boot.default index 296c690a..32025974 100644 --- a/tools/cloud-init/azure/config.boot.default +++ b/tools/cloud-init/azure/config.boot.default @@ -1,4 +1,5 @@ system { + host-name vyos syslog { global { facility all { diff --git a/tools/cloud-init/openstack/90_dpkg.cfg b/tools/cloud-init/openstack/90_dpkg.cfg new file mode 100644 index 00000000..a740b314 --- /dev/null +++ b/tools/cloud-init/openstack/90_dpkg.cfg @@ -0,0 +1,8 @@ +# to update this file, run dpkg-reconfigure cloud-init +datasource_list: [ NoCloud, ConfigDrive, OpenNebula, DigitalOcean, AltCloud, MAAS, OpenStack, CloudSigma, SmartOS, None ] +disable_ec2_metadata: true +datasource: + OpenStack: + max_wait: 6 + timeout: 3 + retries: 2 diff --git a/tools/cloud-init/openstack/config.boot.default b/tools/cloud-init/openstack/config.boot.default new file mode 100644 index 00000000..de724f0b --- /dev/null +++ b/tools/cloud-init/openstack/config.boot.default @@ -0,0 +1,40 @@ +system { + host-name vyos + login { + user vyos { + authentication { + encrypted-password "*" + plaintext-password "" + } + level admin + } + } + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } + ntp { + server "0.pool.ntp.org" + server "1.pool.ntp.org" + server "2.pool.ntp.org" + } + console { + device ttyS0 { + speed 9600 + } + } + config-management { + commit-revisions 100 + } +} + +interfaces { + loopback lo { + } +} |
