From cc595adee396dac8c4ebdd1658d60f1de062451e Mon Sep 17 00:00:00 2001 From: Waqar Ahmed Date: Sun, 9 May 2021 18:51:54 +0500 Subject: [PATCH] Add apt cacher proxy configuration bits --- .gitignore | 1 + change_branches.sh | 12 + chroot.sh | 21 + conf/build.manifest | 14 + conf/reference-files/etc/group | 1 + conf/reference-files/etc/passwd | 1 + conf/tn/etc/apt-cacher-ng/acng.conf | 563 ++++++++++++++++++++++++++ conf/tn/etc/locale.gen | 501 +++++++++++++++++++++++ scale_build/bootstrap/bootstrapdir.py | 11 + scale_build/image/update.py | 15 +- scale_build/utils/paths.py | 1 + update.sh | 4 + 12 files changed, 1144 insertions(+), 1 deletion(-) create mode 100755 change_branches.sh create mode 100755 chroot.sh create mode 100644 conf/tn/etc/apt-cacher-ng/acng.conf create mode 100644 conf/tn/etc/locale.gen create mode 100755 update.sh diff --git a/.gitignore b/.gitignore index 431e81e7..716dd1e3 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ dist/ scale_build.egg-info/ scale_build/__pycache__/ venv-* +conf/tn/root/* diff --git a/change_branches.sh b/change_branches.sh new file mode 100755 index 00000000..9101c742 --- /dev/null +++ b/change_branches.sh @@ -0,0 +1,12 @@ +#!/bin/sh + + +branch="master" +cd /mnt/evo/build + +for i in "truenas" "truenas_files" "middlewared"; do + echo "\nupdating $i" + git -C sources/"$i" fetch origin + git -C sources/"$i" checkout "$branch" + git -C sources/"$i" reset --hard origin/"$branch" +done diff --git a/chroot.sh b/chroot.sh new file mode 100755 index 00000000..6a0e0891 --- /dev/null +++ b/chroot.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +umount -f ./tmp/b/proc +umount -f ./tmp/b/sys +umount -f ./tmp/b/packages +rm -rf ./tmp/b +mkdir ./tmp/b +unsquashfs -f -d ./tmp/b ./tmp/cache/basechroot-package.squashfs +mkdir -p ./tmp/b/proc ./tmp/b/sys ./tmp/b/packages +mount proc ./tmp/b/proc -t proc +mount sysfs ./tmp/b/sys -t sysfs +mount --bind ./tmp/pkgdir ./tmp/b/packages + +echo "Setup basechroot directory for chroot successfully" + +chroot ./tmp/b bash + +echo "Cleaning up mounts" +umount -f ./tmp/b/proc +umount -f ./tmp/b/sys +umount -f ./tmp/b/packages diff --git a/conf/build.manifest b/conf/build.manifest index 602b414d..4ad4748c 100644 --- a/conf/build.manifest +++ b/conf/build.manifest @@ -102,6 +102,8 @@ base-packages: install_recommends: true - name: nslcd install_recommends: true +- name: apt-cacher-ng + install_recommends: true - name: nvidia-container-toolkit install_recommends: true - name: nvidia-smi @@ -136,6 +138,18 @@ base-packages: install_recommends: true - name: openzfs-zfs-initramfs install_recommends: true +- name: build-essential + install_recommends: true +- name: locales + install_recommends: true +- name: debootstrap + install_recommends: true +- name: xorriso + install_recommends: true +- name: squashfs-tools + install_recommends: true +- name: unzip + install_recommends: true - name: nvme-cli install_recommends: true - name: convmv diff --git a/conf/reference-files/etc/group b/conf/reference-files/etc/group index a7dc0636..a8946ee0 100644 --- a/conf/reference-files/etc/group +++ b/conf/reference-files/etc/group @@ -78,6 +78,7 @@ libvirt-qemu:x:64055:libvirt-qemu haproxy:x:130: uuidd:x:131: i2c:x:132: +apt-cacher-ng:x:180: sgx:x:133: _ssh:x:134: ntpsec:x:135: diff --git a/conf/reference-files/etc/passwd b/conf/reference-files/etc/passwd index 3d458ffd..f48fb2b6 100644 --- a/conf/reference-files/etc/passwd +++ b/conf/reference-files/etc/passwd @@ -47,6 +47,7 @@ webdav:x:666:666:WebDAV Anonymous User:/var/empty:/usr/sbin/nologin libvirt-qemu:x:64055:106:Libvirt Qemu,,,:/var/lib/libvirt:/usr/sbin/nologin haproxy:x:126:130::/var/lib/haproxy:/usr/sbin/nologin uuidd:x:127:131::/run/uuidd:/usr/sbin/nologin +apt-cacher-ng:x:180:180::/var/cache/apt-cacher-ng:/usr/sbin/nologin ntpsec:x:128:135::/nonexistent:/usr/sbin/nologin tss:x:129:136:TPM software stack,,,:/var/lib/tpm:/bin/false iperf3:x:130:137::/nonexistent:/usr/sbin/nologin diff --git a/conf/tn/etc/apt-cacher-ng/acng.conf b/conf/tn/etc/apt-cacher-ng/acng.conf new file mode 100644 index 00000000..1933331b --- /dev/null +++ b/conf/tn/etc/apt-cacher-ng/acng.conf @@ -0,0 +1,563 @@ +# +# IMPORTANT NOTE: +# +# THIS FILE IS MAYBE JUST ONE OF MANY CONFIGURATION FILES IN THIS DIRECTORY. +# SETTINGS MADE IN OTHER FILES CAN OVERRIDE VALUES THAT YOU CHANGE HERE. GO +# LOOK FOR OTHER CONFIGURATION FILES! CHECK THE MANUAL AND INSTALLATION NOTES +# (like README.Debian) FOR MORE DETAILS! +# + +# This is a configuration file for apt-cacher-ng, a smart caching proxy for +# software package downloads. It's supposed to be in a directory specified by +# the -c option of apt-cacher-ng, see apt-cacher-ng(8) for details. +# RULES: +# - letter case in variable names does not matter +# - names and values are separated by colon or equals sign +# - for boolean variables, zero means false, non-zero means true +# - "default value" means built-in (!) defaults, i.e. something which the +# program uses if the option is not set here or in other config files. +# That value might be explicitly mentioned in the description. Where it is +# not, there is no reason to assume any of the examples to be the default +# value! In doubt, use acngtool to query the value of the particular variable. + +# Storage directory for downloaded data and related maintenance activity. +# +# Note: When the value for CacheDir is changed, change the file +# /lib/systemd/system/apt-cacher-ng.service too +# +# CacheDir: /var/cache/apt-cacher-ng +CacheDir: /mnt/evo/apt-cacher-ng + +# Log file directory, can be set empty to disable logging +# +LogDir: /var/log/apt-cacher-ng + +# A place to look for additional configuration and resource files if they are not +# found in the configuration directory +# +SupportDir: /usr/lib/apt-cacher-ng + +# TCP server port for incoming http (or HTTP proxy) connections. +# Can be set to 9999 to emulate apt-proxy. Value of 0 turns off TCP server +# (SocketPath must be set in this case). +# +# Port:3142 + +# Addresses or hostnames to listen on. Multiple addresses must be separated by +# spaces. Each entry must be an exact local address which is associated with a +# local interface. DNS resolution is performed using getaddrinfo(3) for all +# available protocols (IPv4, IPv6, ...). Using a protocol specific format will +# create binding(s) only on protocol specific socket(s), e.g. 0.0.0.0 will +# listen only to IPv4. +# +# Default: listens on all interfaces and protocols +# +# BindAddress: localhost 192.168.7.254 publicNameOnMainInterface + +# The specification of another HTTP proxy which shall be used for downloads. +# It can include user name and password but see the manual for limitations. +# +# Default: uses direct connection +# +# Proxy: http://www-proxy.example.net:3128 +# Proxy: https://username:proxypassword@proxy.example.net:3129 + +# Repository remapping. See manual for details. +# In this example, some backends files might be generated during package +# installation using information collected on the system. +# Examples: +Remap-debrep: file:deb_mirror*.gz /debian ; file:backends_debian # Debian Archives +Remap-uburep: file:ubuntu_mirrors /ubuntu ; file:backends_ubuntu # Ubuntu Archives +Remap-cygwin: file:cygwin_mirrors /cygwin # ; file:backends_cygwin # incomplete, please create this file or specify preferred mirrors here +Remap-sfnet: file:sfnet_mirrors # ; file:backends_sfnet # incomplete, please create this file or specify preferred mirrors here +Remap-alxrep: file:archlx_mirrors /archlinux # ; file:backend_archlx # Arch Linux +Remap-fedora: file:fedora_mirrors # Fedora Linux +Remap-epel: file:epel_mirrors # Fedora EPEL +Remap-slrep: file:sl_mirrors # Scientific Linux +Remap-gentoo: file:gentoo_mirrors.gz /gentoo ; file:backends_gentoo # Gentoo Archives +Remap-secdeb: security.debian.org ; security.debian.org deb.debian.org/debian-security + +# Virtual page accessible in a web browser to see statistics and status +# information, i.e. under http://localhost:3142/acng-report.html +# NOTE: This option must be configured to run maintenance jobs (even when used +# via acngtool in cron scripts). The AdminAuth option can be used to restrict +# access to sensitive areas on that page. +# +# Default: not set, should be set by the system administrator +# +ReportPage: acng-report.html + +# Socket file for accessing through local UNIX socket instead of TCP/IP. Can be +# used with inetd (via bridge tool in.acng from apt-cacher-ng package), is also +# used internally for administrative purposes. +# +# Default: /run/apt-cacher-ng/socket +# +# SocketPath: /var/run/apt-cacher-ng/socket + +# If set to 1, makes log files be written to disk on every new line. Default +# is 0, buffers are flushed after the client disconnects. Technically, +# it's a convenience alias for the Debug option, see below for details. +# +# UnbufferLogs: 0 + +# Enables extended client information in log entries. When set to 0, only +# activity type, time and transfer sizes are logged. +# +# VerboseLog: 1 + +# Don't detach from the starting console. +# +# ForeGround: 0 + +# Store the pid of the daemon process in the specified text file. +# Default: disabled +# +# PidFile: /var/run/apt-cacher-ng/pid + +# Forbid outgoing connections and work without an internet connection or +# respond with 503 error where it's not possible. +# +# Offlinemode: 0 + +# Forbid downloads from locations that are directly specified in the user +# request, i.e. all downloads must be processed by the preconfigured remapping +# backends (see above). +# +# ForceManaged: 0 + +# Days before considering an unreferenced file expired (to be deleted). +# WARNING: if the value is set too low and particular index files are not +# available for some days (mirror downtime) then there is a risk of removal of +# still useful package files. +# +ExThreshold: 4 + +# If the expiration is run daily, it sometimes does not make much sense to do +# it because the expected changes (i.e. removal of expired files) don't justify +# the extra processing time or additional downloads for expiration operation +# itself. This discrepancy might be especially worse if the local client +# installations are small or are rarely updated but the daily changes of +# the remote archive metadata are heavy. +# +# The following option enables a possible trade-off: the expiration run is +# suppressed until a certain amount of data has been downloaded through +# apt-cacher-ng since the last expiration execution (which might indicate that +# packages were replaced with newer versions). +# +# The number can have a suffix (k,K,m,M for Kb,KiB,Mb,MiB) +# +# ExStartTradeOff: 500m + +# Stop expiration when a critical problem appears, issue like a failed update +# of an index file in the preparation step. +# +# WARNING: don't set this option to zero or empty without considering possible +# consequences like a sudden and complete cache data loss. +# +# ExAbortOnProblems: 1 + +# Number of failed nightly expiration runs which are considered acceptable and +# do not trigger an error notification to the admin (e.g. via daily cron job) +# before the (day) count is reached. Might be useful with whacky internet +# connections. +# +# Default: a guessed value, 1 if ExThreshold is 5 or more, 0 otherwise. +# +# ExSuppressAdminNotification: 1 + +# Modify file names to work around limitations of some file systems. +# WARNING: experimental feature, subject to change +# +# StupidFs: 0 + +# Experimental feature for apt-listbugs: pass-through SOAP requests and +# responses to/from bugs.debian.org. +# Default: guessed value, true unless ForceManaged is enabled +# +# ForwardBtsSoap: 1 + +# There is a small in-memory cache for DNS resolution data, expired by +# this timeout (in seconds). Internal caching is disabled if set to a value +# less than zero. +# +# DnsCacheSeconds: 1800 + +############################################################################### +# +# WARNING: don't modify thread and file matching parameters without a clear +# idea of what is happening behind the scene! +# +# Max. count of connection threads kept ready (for faster response in the +# future). Should be a sane value between 0 and average number of connections, +# and depend on the amount of spare RAM. +# MaxStandbyConThreads: 8 +# +# Hard limit of active thread count for incoming connections, i.e. operation +# is refused when this value is reached (below zero = unlimited). +# MaxConThreads: -1 +# +# Timeout for a forced disconnect in cases where a client connection is about +# to be closed but remote refuses to confirm the disconnect request. Setting +# this to a lower value mitigates the effects of resource starvation in case of +# a DOS attack but increases the risk of failing to flush the remaining portion +# of data. +# DisconnectTimeout: 15 + +# By default, if a remote suddenly reconnects, ACNG tries at least two times to +# redownload from the same or different location (if known). +# DlMaxRetries: 2 + +# Pigeonholing files (like static vs. volatile contents) is done by (extended) +# regular expressions. +# +# The following patterns are available for the purposes detailed, where +# the latter takes precedence over the former: +# - «PFilePattern» for static data that doesn't change silently on the server. +# - «VFilePattern» for volatile data that may change like every hour. Files +# that match both PFilePattern and VfilePattern will be treated as volatile. +# - Static data with file names that match VFilePattern may be overriden being +# treated as volatile by making it match the special static data pattern, +# «SPfilePattern». +# - «SVfilePattern» or the "special volatile data" pattern is for the +# convenience of specifying any exceptions to matches with SPfilePattern, +# for cases where data must still be treated as volatile. +# - «WfilePattern» specifies a "whitelist pattern" for the regular expiration +# job, telling it to keep the files even if they are not referenced by +# others, like crypto signatures with which clients begin their downloads. +# +# There are two versions. The pattern variables mentioned above should not be +# set without good reason, because they would override the built-in defaults +# (that might impact updates to future versions of apt-cacher-ng). There are +# also versions of those patterns ending with Ex, which may be modified by the +# local administrator. They are evaluated in addition to the regular patterns +# at runtime. +# +# To see examples of the expected syntax, run: apt-cacher-ng -p debug=1 +# +# PfilePatternEx: +# VfilePatternEx: +# SPfilePatternEx: +# SVfilePatternEx: +# WfilePatternEx: +# +############################################################################### + +# A bitmask type value declaring the loging verbosity and behavior of the error +# log writing. Non-zero value triggers at least faster log file flushing. +# +# Some higher bits only working with a special debug build of apt-cacher-ng, +# see the manual for details. +# +# WARNING: this can write significant amount of data into apt-cacher.err logfile. +# +# Default: 0 +# +# Debug:3 + +# Usually, general purpose proxies like Squid expose the IP address of the +# client user to the remote server using the X-Forwarded-For HTTP header. This +# behaviour can be optionally turned on with the Expose-Origin option. +# +# ExposeOrigin: 0 + +# When logging the originating IP address, trust the information supplied by +# the client in the X-Forwarded-For header. +# +# LogSubmittedOrigin: 0 + +# The version string reported to the peer, to be displayed as HTTP client (and +# version) in the logs of the mirror. +# +# WARNING: Expect side effects! Some archives use this header to guess +# capabilities of the client (i.e. allow redirection and/or https links) and +# change their behaviour accordingly but ACNG might not support the expected +# features. +# +# Default: +# +# UserAgent: Yet Another HTTP Client/1.2.3p4 + +# In some cases the Import and Expiration tasks might create fresh volatile +# data for internal use by reconstructing them using patch files. This +# by-product might be recompressed with bzip2 and with some luck the resulting +# file becomes identical to the *.bz2 file on the server which can be used by +# APT when requesting a complete version of this file. +# The downside of this feature is higher CPU load on the server during +# the maintenance tasks, and the outcome might have not much value in a LAN +# where all clients update their data often and regularly and therefore usually +# don't need the full version of the index file. +# +# RecompBz2: 0 + +# Network timeout for outgoing connections, in seconds. +# +# NetworkTimeout: 40 + +# Fast fallback timeout, in seconds. This is the time to wait before +# alternative target addresses for a client connection are tried, which can be +# usefull for quick fallback to IPv4 in case of whacky IPv6 configuration. +# +# FastTimeout = 4 + +# Sometimes it makes sense to not store the data in cache and just return the +# package data to client while it comes in. The following DontCache* parameters +# can enable this behaviour for certain URL types. The tokens are extended +# regular expressions which the URLs are evaluated against. +# +# DontCacheRequested is applied to the URL as it comes in from the client. +# Example: exclude packages built with kernel-package for x86 +# DontCacheRequested: linux-.*_10\...\.Custo._i386 +# Example usecase: exclude popular private IP ranges from caching +# DontCacheRequested: 192.168.0 ^10\..* 172.30 +# +# DontCacheResolved is applied to URLs after mapping to the target server. If +# multiple backend servers are specified then it's only matched against the +# download link for the FIRST possible source (due to implementation limits). +# +# Example usecase: all Ubuntu stuff comes from a local mirror (specified as +# backend), don't cache it again: +# DontCacheResolved: ubuntumirror.local.net +# +# DontCache directive sets (overrides) both, DontCacheResolved and +# DontCacheRequested. Provided for convenience, see those directives for +# details. +# +# Example: +# DontCache: .*.local.university.int + +# Default permission set of freshly created files and directories, as octal +# numbers (see chmod(1) for details). +# Can by limited by the umask value (see umask(2) for details) if it's set in +# the environment of the starting shell, e.g. in apt-cacher-ng init script or +# in its configuration file. +# +# DirPerms: 00755 +# FilePerms: 00664 + +# It's possible to use use apt-cacher-ng as a regular web server with a limited +# feature set, i.e. directory browsing, downloads of any files, Content-Type +# based on /etc/mime.types, but without sorting, CGI execution, index page +# redirection and other funny things. +# To get this behavior, mappings between virtual directories and real +# directories on the server must be defined with the LocalDirs directive. +# Virtual and real directories are separated by spaces, multiple pairs are +# separated by semi-colons. Real directories must be absolute paths. +# NOTE: Since the names of that key directories share the same namespace as +# repository names (see Remap-...) it is administrator's job to avoid conflicts +# between them or explicitly create them. +# +# LocalDirs: woo /data/debarchive/woody ; hamm /data/debarchive/hamm +LocalDirs: acng-doc /usr/share/doc/apt-cacher-ng + +# Precache a set of files referenced by specified index files. This can be used +# to create a partial mirror usable for offline work. There are certain limits +# and restrictions on the path specification, see manual and the cache control +# web site for details. A list of (maybe) relevant index files could be +# retrieved via "apt-get --print-uris update" on a client machine. +# +# Example: +# PrecacheFor: debrep/dists/unstable/*/source/Sources* debrep/dists/unstable/*/binary-amd64/Packages* + +# Arbitrary set of data to append to request headers sent over the wire. Should +# be a well formated HTTP headers part including newlines (DOS style) which +# can be entered as escape sequences (\r\n). +# +# RequestAppendix: X-Tracking-Choice: do-not-track\r\n + +# Specifies the IP protocol families to use for remote connections. Order does +# matter, first specified are considered first. Possible combinations: +# v6 v4 +# v4 v6 +# v6 +# v4 +# Default: use native order of the system's TCP/IP stack, influenced by the +# BindAddress value. +# +# ConnectProto: v6 v4 + +# Regular expiration algorithm finds package files which are no longer listed +# in any index file and removes them of them after a safety period. +# This option allows to keep more versions of a package in the cache after +# the safety period is over. +# +# KeepExtraVersions: 0 + +# Optionally uses TCP access control provided by libwrap, see hosts_access(5) +# for details. Daemon name is apt-cacher-ng. +# +# Default: guessed on startup by looking for explicit mention of apt-cacher-ng +# in /etc/hosts.allow or /etc/hosts.deny files. +# +# UseWrap: 0 + +# If many machines from the same local network attempt to update index files +# (apt-get update) at nearly the same time, the known state of these index file +# is temporarily frozen and multiple requests receive the cached response +# without contacting the remote server again. This parameter (in seconds) +# specifies the length of this period before these (volatile) files are +# considered outdated. +# Setting this value too low transfers more data and increases remote server +# load, setting this too high (more than a couple of minutes) increases the +# risk of delivering inconsistent responses to the clients. +# +# FreshIndexMaxAge: 27 + +# Usually the users are not allowed to specify custom TCP ports of remote +# mirrors in the requests, only the default HTTP port can be used (as +# workaround, proxy administrator can create Remap- rules with custom ports). +# This restriction can be disabled by specifying a list of allowed ports or 0 +# for any port. +# +# AllowUserPorts: 80 + +# Normally the HTTP redirection responses are forwarded to the original caller +# (i.e. APT) which starts a new download attempt from the new URL. This +# solution is ok for client configurations with proxy mode but doesn't work +# well with configurations using URL prefixes in sources.list. To work around +# this the server can restart its own download with a redirection URL, +# configured with the following option. The downside is that this might be used +# to circumvent download source policies by malicious users. +# The RedirMax option specifies how many such redirects the server is allowed +# to follow per request, 0 disables the internal redirection. +# Default: guessed on startup, 0 if ForceManaged is used and 5 otherwise. +# +# RedirMax: 5 + +# There some broken HTTP servers and proxy servers in the wild which don't +# support the If-Range header correctly and return incorrect data when the +# contents of a (volatile) file changed. Setting VfileUseRangeOps to zero +# disables Range-based requests while retrieving volatile files, using +# If-Modified-Since and requesting the complete file instead. Setting it to +# a negative value removes even If-Modified-Since headers. +# +# VfileUseRangeOps: 1 + +# Allow data pass-through mode for certain hosts when requested by the client +# using a CONNECT request. This is particularly useful to allow access to SSL +# sites (https proxying). The string is a regular expression which should cover +# the server name with port and must be correctly formated and terminated. +# Examples: +# PassThroughPattern: private-ppa\.launchpad\.net:443$ +# PassThroughPattern: .* # this would allow CONNECT to everything +# +# Default: ^(bugs\.debian\.org|changelogs\.ubuntu\.com):443$ +# PassThroughPattern: ^(bugs\.debian\.org|changelogs\.ubuntu\.com):443$ + +# It's possible that an evil client requests a volatile file but does not +# retrieve the response and keeps the connection effectively stuck over +# many hours, blocking the particular file for other download attempts (which +# leads to not reporting file changes on server side to other users). The work +# around is the use of alternative file descriptors inside of apt-cacher-ng, +# however this might cost some extra download traffic due to worse cache usage. +# The ResponseFreezeDetectTime value specifies when a file descriptor in the +# mentioned state is to be considered defect and will require special handling. +# Default time is 500 seconds. +# +# ResponseFreezeDetectTime: 500 + +# Keep outgoing connections alive and reuse them for later downloads from +# the same server as long as possible. +# +# ReuseConnections: 1 + +# Maximum number of requests sent in a batch to remote servers before the first +# response is expected. Using higher values can greatly improve average +# throughput depending on network latency and the implementation of remote +# servers. Makes most sense when also enabled on the client side, see apt.conf +# documentation for details. +# +# Default: 10 if ReuseConnections is set, 1 otherwise +# +# PipelineDepth: 10 + +# Path to the system directory containing trusted CA certificates used for +# outgoing connections, see OpenSSL documentation for details. +# +# CApath: /etc/ssl/certs +# +# Path to a single trusted trusted CA certificate used for outgoing +# connections, see OpenSSL documentation for details. +# +# CAfile: + +# There are different ways to detect that an upstream proxy is broken and turn +# off its use and connect directly. The first is through a custom command - +# when it returns successfully, the proxy is used, otherwise not and the +# command will be rerun only after a specified period. +# Another way is to try to connect to the proxy first and detect a connection +# timeout. The connection will then be made without HTTP proxy for the life +# time of the particular download stream and it may also affect other other +# parallel downloads. +# NOTE: this operation modes are still experimental and are subject to change! +# Unwanted side effects may occur with multiple simultaneous user connections +# or with specific per-repository proxy settings. +# +# Shell command, default: not set. Executed with the default shell and +# permissions of the apt-cacher-ng's process user. Examples: +# /bin/ip route | grep -q 192.168.117 +# /usr/sbin/arp | grep -q 00:22:1f:51:8e:c1 +# +# OptProxyCheckCommand: ... +# +# Check intervall, in seconds. +# +# OptProxyCheckInterval: 99 +# +# Conection timeout in seconds, default: negative, means disabled. +# +# OptProxyTimeout: -1 + +# It's possible to limit the processing speed of download agents to set an +# overall download speed limit. Unit: KiB/s, Default: unlimited. +# +# MaxDlSpeed: 500 + +# In special corner cases, download clients attempt to download random chunks +# of a files headers, i.e. the first kilobytes. The "don't get client stuck" +# policy converts this usually to a 200 response starting the body from the +# beginning but that confuses some clients. When this option is set to a +# certain value, this modifies the behaviour and allows to start a file +# download where the distance between available data and the specified range +# lies within that bounds. This can look like random lag for the user but +# should be harmless apart from that. +# +# MaxInresponsiveDlSize: 64000 + +# In mobile environments having an adhoc connection with a redirection to some +# id verification side, this redirect might damage the cache since the data is +# involuntarily stored as package data. There is a mechanism which attempts to +# detect a such situation and mitigate the mentioned effects by not storing the +# data and also dropping the DNS cache. The trigger is the occurrence of a +# specific SUBSTRING in the content type field of the final download target +# (i.e. the auth web site) and at least one followed redirection. +# +# BadRedirDetectMime: text/html + +# When a BUS signal is received (typically on IO errors), a shell command can be +# executed before the daemon is terminated. +# Example: +# BusAction: ls -l /proc/$PPID/ | mail -s SIGBUS! root + +# Only set this value for debugging purposes. It disables SSL security checks +# like strict host verification. 0 means no, any other value can have +# differrent meaning in the future. +# +# NoSSLChecks: 0 + +# Setting this value means: on file downloads from/via cache, tag relevant +# files. And when acngtool runs the shrink command, it will look at the day +# when the file was retrieved from cache last time (and not when it was +# originally downloaded). +# +# TrackFileUse: 0 + +# Controls preallocation of file system space where this feature is supported. +# This might reduce disk fragmentation and therefore improve later read +# performance. However, write performance can be reduced which could be +# exploited by malicious users. +# The value defines a size limit of how much to report to the OS as expected +# file size (starting from the beginning of the file). +# Set to zero to disable this feature completely. Default: one megabyte +# +# ReserveSpace: 1048576 diff --git a/conf/tn/etc/locale.gen b/conf/tn/etc/locale.gen new file mode 100644 index 00000000..a7d06a74 --- /dev/null +++ b/conf/tn/etc/locale.gen @@ -0,0 +1,501 @@ +# This file lists locales that you wish to have built. You can find a list +# of valid supported locales at /usr/share/i18n/SUPPORTED, and you can add +# user defined locales to /usr/local/share/i18n/SUPPORTED. If you change +# this file, you need to rerun locale-gen. + + +# aa_DJ ISO-8859-1 +# aa_DJ.UTF-8 UTF-8 +# aa_ER UTF-8 +# aa_ER@saaho UTF-8 +# aa_ET UTF-8 +# af_ZA ISO-8859-1 +# af_ZA.UTF-8 UTF-8 +# agr_PE UTF-8 +# ak_GH UTF-8 +# am_ET UTF-8 +# an_ES ISO-8859-15 +# an_ES.UTF-8 UTF-8 +# anp_IN UTF-8 +# ar_AE ISO-8859-6 +# ar_AE.UTF-8 UTF-8 +# ar_BH ISO-8859-6 +# ar_BH.UTF-8 UTF-8 +# ar_DZ ISO-8859-6 +# ar_DZ.UTF-8 UTF-8 +# ar_EG ISO-8859-6 +# ar_EG.UTF-8 UTF-8 +# ar_IN UTF-8 +# ar_IQ ISO-8859-6 +# ar_IQ.UTF-8 UTF-8 +# ar_JO ISO-8859-6 +# ar_JO.UTF-8 UTF-8 +# ar_KW ISO-8859-6 +# ar_KW.UTF-8 UTF-8 +# ar_LB ISO-8859-6 +# ar_LB.UTF-8 UTF-8 +# ar_LY ISO-8859-6 +# ar_LY.UTF-8 UTF-8 +# ar_MA ISO-8859-6 +# ar_MA.UTF-8 UTF-8 +# ar_OM ISO-8859-6 +# ar_OM.UTF-8 UTF-8 +# ar_QA ISO-8859-6 +# ar_QA.UTF-8 UTF-8 +# ar_SA ISO-8859-6 +# ar_SA.UTF-8 UTF-8 +# ar_SD ISO-8859-6 +# ar_SD.UTF-8 UTF-8 +# ar_SS UTF-8 +# ar_SY ISO-8859-6 +# ar_SY.UTF-8 UTF-8 +# ar_TN ISO-8859-6 +# ar_TN.UTF-8 UTF-8 +# ar_YE ISO-8859-6 +# ar_YE.UTF-8 UTF-8 +# as_IN UTF-8 +# ast_ES ISO-8859-15 +# ast_ES.UTF-8 UTF-8 +# ayc_PE UTF-8 +# az_AZ UTF-8 +# az_IR UTF-8 +# be_BY CP1251 +# be_BY.UTF-8 UTF-8 +# be_BY@latin UTF-8 +# bem_ZM UTF-8 +# ber_DZ UTF-8 +# ber_MA UTF-8 +# bg_BG CP1251 +# bg_BG.UTF-8 UTF-8 +# bhb_IN.UTF-8 UTF-8 +# bho_IN UTF-8 +# bho_NP UTF-8 +# bi_VU UTF-8 +# bn_BD UTF-8 +# bn_IN UTF-8 +# bo_CN UTF-8 +# bo_IN UTF-8 +# br_FR ISO-8859-1 +# br_FR.UTF-8 UTF-8 +# br_FR@euro ISO-8859-15 +# brx_IN UTF-8 +# bs_BA ISO-8859-2 +# bs_BA.UTF-8 UTF-8 +# byn_ER UTF-8 +# ca_AD ISO-8859-15 +# ca_AD.UTF-8 UTF-8 +# ca_ES ISO-8859-1 +# ca_ES.UTF-8 UTF-8 +# ca_ES@euro ISO-8859-15 +# ca_ES@valencia UTF-8 +# ca_FR ISO-8859-15 +# ca_FR.UTF-8 UTF-8 +# ca_IT ISO-8859-15 +# ca_IT.UTF-8 UTF-8 +# ce_RU UTF-8 +# chr_US UTF-8 +# cmn_TW UTF-8 +# crh_UA UTF-8 +# cs_CZ ISO-8859-2 +# cs_CZ.UTF-8 UTF-8 +# csb_PL UTF-8 +# cv_RU UTF-8 +# cy_GB ISO-8859-14 +# cy_GB.UTF-8 UTF-8 +# da_DK ISO-8859-1 +# da_DK.UTF-8 UTF-8 +# de_AT ISO-8859-1 +# de_AT.UTF-8 UTF-8 +# de_AT@euro ISO-8859-15 +# de_BE ISO-8859-1 +# de_BE.UTF-8 UTF-8 +# de_BE@euro ISO-8859-15 +# de_CH ISO-8859-1 +# de_CH.UTF-8 UTF-8 +# de_DE ISO-8859-1 +# de_DE.UTF-8 UTF-8 +# de_DE@euro ISO-8859-15 +# de_IT ISO-8859-1 +# de_IT.UTF-8 UTF-8 +# de_LI.UTF-8 UTF-8 +# de_LU ISO-8859-1 +# de_LU.UTF-8 UTF-8 +# de_LU@euro ISO-8859-15 +# doi_IN UTF-8 +# dsb_DE UTF-8 +# dv_MV UTF-8 +# dz_BT UTF-8 +# el_CY ISO-8859-7 +# el_CY.UTF-8 UTF-8 +# el_GR ISO-8859-7 +# el_GR.UTF-8 UTF-8 +# el_GR@euro ISO-8859-7 +# en_AG UTF-8 +# en_AU ISO-8859-1 +# en_AU.UTF-8 UTF-8 +# en_BW ISO-8859-1 +# en_BW.UTF-8 UTF-8 +# en_CA ISO-8859-1 +# en_CA.UTF-8 UTF-8 +# en_DK ISO-8859-1 +# en_DK.ISO-8859-15 ISO-8859-15 +# en_DK.UTF-8 UTF-8 +# en_GB ISO-8859-1 +# en_GB.ISO-8859-15 ISO-8859-15 +en_GB.UTF-8 UTF-8 +# en_HK ISO-8859-1 +# en_HK.UTF-8 UTF-8 +# en_IE ISO-8859-1 +# en_IE.UTF-8 UTF-8 +# en_IE@euro ISO-8859-15 +# en_IL UTF-8 +# en_IN UTF-8 +# en_NG UTF-8 +# en_NZ ISO-8859-1 +# en_NZ.UTF-8 UTF-8 +# en_PH ISO-8859-1 +# en_PH.UTF-8 UTF-8 +# en_SC.UTF-8 UTF-8 +# en_SG ISO-8859-1 +# en_SG.UTF-8 UTF-8 +# en_US ISO-8859-1 +# en_US.ISO-8859-15 ISO-8859-15 +en_US.UTF-8 UTF-8 +# en_ZA ISO-8859-1 +# en_ZA.UTF-8 UTF-8 +# en_ZM UTF-8 +# en_ZW ISO-8859-1 +# en_ZW.UTF-8 UTF-8 +# eo UTF-8 +# es_AR ISO-8859-1 +# es_AR.UTF-8 UTF-8 +# es_BO ISO-8859-1 +# es_BO.UTF-8 UTF-8 +# es_CL ISO-8859-1 +# es_CL.UTF-8 UTF-8 +# es_CO ISO-8859-1 +# es_CO.UTF-8 UTF-8 +# es_CR ISO-8859-1 +# es_CR.UTF-8 UTF-8 +# es_CU UTF-8 +# es_DO ISO-8859-1 +# es_DO.UTF-8 UTF-8 +# es_EC ISO-8859-1 +# es_EC.UTF-8 UTF-8 +# es_ES ISO-8859-1 +# es_ES.UTF-8 UTF-8 +# es_ES@euro ISO-8859-15 +# es_GT ISO-8859-1 +# es_GT.UTF-8 UTF-8 +# es_HN ISO-8859-1 +# es_HN.UTF-8 UTF-8 +# es_MX ISO-8859-1 +# es_MX.UTF-8 UTF-8 +# es_NI ISO-8859-1 +# es_NI.UTF-8 UTF-8 +# es_PA ISO-8859-1 +# es_PA.UTF-8 UTF-8 +# es_PE ISO-8859-1 +# es_PE.UTF-8 UTF-8 +# es_PR ISO-8859-1 +# es_PR.UTF-8 UTF-8 +# es_PY ISO-8859-1 +# es_PY.UTF-8 UTF-8 +# es_SV ISO-8859-1 +# es_SV.UTF-8 UTF-8 +# es_US ISO-8859-1 +# es_US.UTF-8 UTF-8 +# es_UY ISO-8859-1 +# es_UY.UTF-8 UTF-8 +# es_VE ISO-8859-1 +# es_VE.UTF-8 UTF-8 +# et_EE ISO-8859-1 +# et_EE.ISO-8859-15 ISO-8859-15 +# et_EE.UTF-8 UTF-8 +# eu_ES ISO-8859-1 +# eu_ES.UTF-8 UTF-8 +# eu_ES@euro ISO-8859-15 +# eu_FR ISO-8859-1 +# eu_FR.UTF-8 UTF-8 +# eu_FR@euro ISO-8859-15 +# fa_IR UTF-8 +# ff_SN UTF-8 +# fi_FI ISO-8859-1 +# fi_FI.UTF-8 UTF-8 +# fi_FI@euro ISO-8859-15 +# fil_PH UTF-8 +# fo_FO ISO-8859-1 +# fo_FO.UTF-8 UTF-8 +# fr_BE ISO-8859-1 +# fr_BE.UTF-8 UTF-8 +# fr_BE@euro ISO-8859-15 +# fr_CA ISO-8859-1 +# fr_CA.UTF-8 UTF-8 +# fr_CH ISO-8859-1 +# fr_CH.UTF-8 UTF-8 +# fr_FR ISO-8859-1 +# fr_FR.UTF-8 UTF-8 +# fr_FR@euro ISO-8859-15 +# fr_LU ISO-8859-1 +# fr_LU.UTF-8 UTF-8 +# fr_LU@euro ISO-8859-15 +# fur_IT UTF-8 +# fy_DE UTF-8 +# fy_NL UTF-8 +# ga_IE ISO-8859-1 +# ga_IE.UTF-8 UTF-8 +# ga_IE@euro ISO-8859-15 +# gd_GB ISO-8859-15 +# gd_GB.UTF-8 UTF-8 +# gez_ER UTF-8 +# gez_ER@abegede UTF-8 +# gez_ET UTF-8 +# gez_ET@abegede UTF-8 +# gl_ES ISO-8859-1 +# gl_ES.UTF-8 UTF-8 +# gl_ES@euro ISO-8859-15 +# gu_IN UTF-8 +# gv_GB ISO-8859-1 +# gv_GB.UTF-8 UTF-8 +# ha_NG UTF-8 +# hak_TW UTF-8 +# he_IL ISO-8859-8 +# he_IL.UTF-8 UTF-8 +# hi_IN UTF-8 +# hif_FJ UTF-8 +# hne_IN UTF-8 +# hr_HR ISO-8859-2 +# hr_HR.UTF-8 UTF-8 +# hsb_DE ISO-8859-2 +# hsb_DE.UTF-8 UTF-8 +# ht_HT UTF-8 +# hu_HU ISO-8859-2 +# hu_HU.UTF-8 UTF-8 +# hy_AM UTF-8 +# hy_AM.ARMSCII-8 ARMSCII-8 +# ia_FR UTF-8 +# id_ID ISO-8859-1 +# id_ID.UTF-8 UTF-8 +# ig_NG UTF-8 +# ik_CA UTF-8 +# is_IS ISO-8859-1 +# is_IS.UTF-8 UTF-8 +# it_CH ISO-8859-1 +# it_CH.UTF-8 UTF-8 +# it_IT ISO-8859-1 +# it_IT.UTF-8 UTF-8 +# it_IT@euro ISO-8859-15 +# iu_CA UTF-8 +# ja_JP.EUC-JP EUC-JP +# ja_JP.UTF-8 UTF-8 +# ka_GE GEORGIAN-PS +# ka_GE.UTF-8 UTF-8 +# kab_DZ UTF-8 +# kk_KZ PT154 +# kk_KZ.RK1048 RK1048 +# kk_KZ.UTF-8 UTF-8 +# kl_GL ISO-8859-1 +# kl_GL.UTF-8 UTF-8 +# km_KH UTF-8 +# kn_IN UTF-8 +# ko_KR.EUC-KR EUC-KR +# ko_KR.UTF-8 UTF-8 +# kok_IN UTF-8 +# ks_IN UTF-8 +# ks_IN@devanagari UTF-8 +# ku_TR ISO-8859-9 +# ku_TR.UTF-8 UTF-8 +# kw_GB ISO-8859-1 +# kw_GB.UTF-8 UTF-8 +# ky_KG UTF-8 +# lb_LU UTF-8 +# lg_UG ISO-8859-10 +# lg_UG.UTF-8 UTF-8 +# li_BE UTF-8 +# li_NL UTF-8 +# lij_IT UTF-8 +# ln_CD UTF-8 +# lo_LA UTF-8 +# lt_LT ISO-8859-13 +# lt_LT.UTF-8 UTF-8 +# lv_LV ISO-8859-13 +# lv_LV.UTF-8 UTF-8 +# lzh_TW UTF-8 +# mag_IN UTF-8 +# mai_IN UTF-8 +# mai_NP UTF-8 +# mfe_MU UTF-8 +# mg_MG ISO-8859-15 +# mg_MG.UTF-8 UTF-8 +# mhr_RU UTF-8 +# mi_NZ ISO-8859-13 +# mi_NZ.UTF-8 UTF-8 +# miq_NI UTF-8 +# mjw_IN UTF-8 +# mk_MK ISO-8859-5 +# mk_MK.UTF-8 UTF-8 +# ml_IN UTF-8 +# mn_MN UTF-8 +# mni_IN UTF-8 +# mr_IN UTF-8 +# ms_MY ISO-8859-1 +# ms_MY.UTF-8 UTF-8 +# mt_MT ISO-8859-3 +# mt_MT.UTF-8 UTF-8 +# my_MM UTF-8 +# nan_TW UTF-8 +# nan_TW@latin UTF-8 +# nb_NO ISO-8859-1 +# nb_NO.UTF-8 UTF-8 +# nds_DE UTF-8 +# nds_NL UTF-8 +# ne_NP UTF-8 +# nhn_MX UTF-8 +# niu_NU UTF-8 +# niu_NZ UTF-8 +# nl_AW UTF-8 +# nl_BE ISO-8859-1 +# nl_BE.UTF-8 UTF-8 +# nl_BE@euro ISO-8859-15 +# nl_NL ISO-8859-1 +# nl_NL.UTF-8 UTF-8 +# nl_NL@euro ISO-8859-15 +# nn_NO ISO-8859-1 +# nn_NO.UTF-8 UTF-8 +# nr_ZA UTF-8 +# nso_ZA UTF-8 +# oc_FR ISO-8859-1 +# oc_FR.UTF-8 UTF-8 +# om_ET UTF-8 +# om_KE ISO-8859-1 +# om_KE.UTF-8 UTF-8 +# or_IN UTF-8 +# os_RU UTF-8 +# pa_IN UTF-8 +# pa_PK UTF-8 +# pap_AW UTF-8 +# pap_CW UTF-8 +# pl_PL ISO-8859-2 +# pl_PL.UTF-8 UTF-8 +# ps_AF UTF-8 +# pt_BR ISO-8859-1 +# pt_BR.UTF-8 UTF-8 +# pt_PT ISO-8859-1 +# pt_PT.UTF-8 UTF-8 +# pt_PT@euro ISO-8859-15 +# quz_PE UTF-8 +# raj_IN UTF-8 +# ro_RO ISO-8859-2 +# ro_RO.UTF-8 UTF-8 +# ru_RU ISO-8859-5 +# ru_RU.CP1251 CP1251 +# ru_RU.KOI8-R KOI8-R +# ru_RU.UTF-8 UTF-8 +# ru_UA KOI8-U +# ru_UA.UTF-8 UTF-8 +# rw_RW UTF-8 +# sa_IN UTF-8 +# sah_RU UTF-8 +# sat_IN UTF-8 +# sc_IT UTF-8 +# sd_IN UTF-8 +# sd_IN@devanagari UTF-8 +# se_NO UTF-8 +# sgs_LT UTF-8 +# shn_MM UTF-8 +# shs_CA UTF-8 +# si_LK UTF-8 +# sid_ET UTF-8 +# sk_SK ISO-8859-2 +# sk_SK.UTF-8 UTF-8 +# sl_SI ISO-8859-2 +# sl_SI.UTF-8 UTF-8 +# sm_WS UTF-8 +# so_DJ ISO-8859-1 +# so_DJ.UTF-8 UTF-8 +# so_ET UTF-8 +# so_KE ISO-8859-1 +# so_KE.UTF-8 UTF-8 +# so_SO ISO-8859-1 +# so_SO.UTF-8 UTF-8 +# sq_AL ISO-8859-1 +# sq_AL.UTF-8 UTF-8 +# sq_MK UTF-8 +# sr_ME UTF-8 +# sr_RS UTF-8 +# sr_RS@latin UTF-8 +# ss_ZA UTF-8 +# st_ZA ISO-8859-1 +# st_ZA.UTF-8 UTF-8 +# sv_FI ISO-8859-1 +# sv_FI.UTF-8 UTF-8 +# sv_FI@euro ISO-8859-15 +# sv_SE ISO-8859-1 +# sv_SE.ISO-8859-15 ISO-8859-15 +# sv_SE.UTF-8 UTF-8 +# sw_KE UTF-8 +# sw_TZ UTF-8 +# szl_PL UTF-8 +# ta_IN UTF-8 +# ta_LK UTF-8 +# tcy_IN.UTF-8 UTF-8 +# te_IN UTF-8 +# tg_TJ KOI8-T +# tg_TJ.UTF-8 UTF-8 +# th_TH TIS-620 +# th_TH.UTF-8 UTF-8 +# the_NP UTF-8 +# ti_ER UTF-8 +# ti_ET UTF-8 +# tig_ER UTF-8 +# tk_TM UTF-8 +# tl_PH ISO-8859-1 +# tl_PH.UTF-8 UTF-8 +# tn_ZA UTF-8 +# to_TO UTF-8 +# tpi_PG UTF-8 +# tr_CY ISO-8859-9 +# tr_CY.UTF-8 UTF-8 +# tr_TR ISO-8859-9 +# tr_TR.UTF-8 UTF-8 +# ts_ZA UTF-8 +# tt_RU UTF-8 +# tt_RU@iqtelif UTF-8 +# ug_CN UTF-8 +# uk_UA KOI8-U +# uk_UA.UTF-8 UTF-8 +# unm_US UTF-8 +# ur_IN UTF-8 +# ur_PK UTF-8 +# uz_UZ ISO-8859-1 +# uz_UZ.UTF-8 UTF-8 +# uz_UZ@cyrillic UTF-8 +# ve_ZA UTF-8 +# vi_VN UTF-8 +# wa_BE ISO-8859-1 +# wa_BE.UTF-8 UTF-8 +# wa_BE@euro ISO-8859-15 +# wae_CH UTF-8 +# wal_ET UTF-8 +# wo_SN UTF-8 +# xh_ZA ISO-8859-1 +# xh_ZA.UTF-8 UTF-8 +# yi_US CP1255 +# yi_US.UTF-8 UTF-8 +# yo_NG UTF-8 +# yue_HK UTF-8 +# yuw_PG UTF-8 +# zh_CN GB2312 +# zh_CN.GB18030 GB18030 +# zh_CN.GBK GBK +# zh_CN.UTF-8 UTF-8 +# zh_HK BIG5-HKSCS +# zh_HK.UTF-8 UTF-8 +# zh_SG GB2312 +# zh_SG.GBK GBK +# zh_SG.UTF-8 UTF-8 +# zh_TW BIG5 +# zh_TW.EUC-TW EUC-TW +# zh_TW.UTF-8 UTF-8 +# zu_ZA ISO-8859-1 +# zu_ZA.UTF-8 UTF-8 diff --git a/scale_build/bootstrap/bootstrapdir.py b/scale_build/bootstrap/bootstrapdir.py index a37c91bf..be9baf00 100644 --- a/scale_build/bootstrap/bootstrapdir.py +++ b/scale_build/bootstrap/bootstrapdir.py @@ -60,6 +60,17 @@ def setup_impl(self): # We need to have gnupg installed before adding apt mirrors because apt-key needs it run(['chroot', self.chroot_basedir, 'apt', 'install', '-y', 'gnupg']) + self.logger.debug('Setting up apt-cacher') + os.makedirs(os.path.join(self.chroot_basedir, 'etc/apt/apt.conf.d'), exist_ok=True) + with open(os.path.join(self.chroot_basedir, 'etc/apt/apt.conf.d/02proxy'), 'w') as f: + f.write('Acquire::http::Proxy "http://192.168.0.3:3142";\n') + + self.logger.debug('Adding ssh key to authorized file') + os.makedirs(os.path.join(self.chroot_basedir, 'root/.ssh'), exist_ok=True) + with open(os.path.join(self.chroot_basedir, 'root/.ssh/authorized_keys'), 'a+') as f: + f.write('''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClkokvZ7Rq75GcOvP65xlubdkMY3Ob81cNrsVg7dDJ/xJ5dmWDvEIpBelTskKDUyBrpcteq6RkmAomNvRe0M4I80syELRtlJULtfKBuA5bM0DXAd1+3kjVAi/VqH+7fNKxbMMZN1u3MaCbW31S3Hk3WMIYbZnkgfXmXauPfA6bWf6pKmpAVIezfUqbEaQRktbDzPb4G0pZmZs8N4hf8dxWnaRn0BRhRx/EUpCtgE+A0ESy1ZTN7SpsSlTYeqUx+PphSURnY+oNmwLR1ZsKqRiv69rmKBUZBOUH0vGvX6EFbcWPp/wJjsGeMrMI1hAyUuDoHEMZDPZgnycuS1HtfDTd waqar@Waqar's-mbp\n''') + f.write('''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCrzF/xK6YVa0EEa9NFfJIHQyUq2VWSakHdQmvHyKiMxRm5MQ+2I/XdBw+QRAPEUThcCCC/1+Xb4YBHKWF1yIKMlvim2r1cuJgN+LlIJro9H/DjLcSCqZwp8WoDte7zEIpI36u2YNErH/bXDV3pMW/etXtL4KtLLUcHY8FjNzDXlsQZjVNiKMQk9c9tX8LmegOyLqa4j3Eyk30EqqZrKSthVs3NOuX+yVWeYmYW7srjnbMP+Iz3qkP0b3bTlomtQTZNME4bXmRti00u/bhq7YWR+G/2IcWHpVoAI3mUU2cR8u+WpNrYHJ1ocLogOKeVqYcxjr4zx96ADrC+kMwQwdPzF3fNdV1j99O7b+rmuRyBTTzWRepLuqlQAecY8+XB+OGpetk1VNuNocUzdwQZe1kPrmMsX5Kb29PjaA9V+lhpOdh0qce3YfhxrGh2+rNbpukIk6gZ6nU8TxfCO/j8mBFd4rF9xS+cYMuB/HUcpiAsea0PNXPnm9hUGH+i3SAbXM0= root@truenas.local\n''') + # Save the correct repo in sources.list apt_sources = [f'deb {apt_repos["url"]} {apt_repos["distribution"]} {apt_repos["components"]}'] diff --git a/scale_build/image/update.py b/scale_build/image/update.py index 2505fde6..2772fdad 100644 --- a/scale_build/image/update.py +++ b/scale_build/image/update.py @@ -1,3 +1,4 @@ +import distutils.dir_util import glob import itertools import logging @@ -9,7 +10,7 @@ from scale_build.config import SIGNING_KEY, SIGNING_PASSWORD from scale_build.utils.manifest import get_manifest from scale_build.utils.run import run -from scale_build.utils.paths import CHROOT_BASEDIR, RELEASE_DIR, UPDATE_DIR +from scale_build.utils.paths import CHROOT_BASEDIR, CUSTOM_TN, RELEASE_DIR, UPDATE_DIR from .bootstrap import umount_chroot_basedir from .manifest import build_manifest, build_release_manifest, update_file_path, update_file_checksum_path @@ -123,6 +124,18 @@ def post_rootfs_setup(): for binary in filter(lambda x: should_rem_execute_bit(x), binaries): os.chmod(binary.path, stat.S_IMODE(binary.stat(follow_symlinks=False).st_mode) & no_executable_flag) + # Copy over custom tn setup + distutils.dir_util._path_created = {} + distutils.dir_util.copy_tree(CUSTOM_TN, CHROOT_BASEDIR, preserve_symlinks=True) + + run_in_chroot(['locale-gen']) + run(['mkdir', '-p', os.path.join(CHROOT_BASEDIR, 'var/log/apt-cacher-ng')]) + run(['chown', '-R', 'apt-cacher-ng:apt-cacher-ng', os.path.join(CHROOT_BASEDIR, 'var/log/apt-cacher-ng')]) + run([ + 'chown', '-R', 'root:root', os.path.join(CHROOT_BASEDIR, 'root/.zshrc'), + os.path.join(CHROOT_BASEDIR, 'root/.oh-my-zsh'), os.path.join(CHROOT_BASEDIR, 'root/.zsh_history') + ]) + def custom_rootfs_setup(): # Any kind of custom mangling of the built rootfs image can exist here diff --git a/scale_build/utils/paths.py b/scale_build/utils/paths.py index b46b1e15..a592b6ef 100644 --- a/scale_build/utils/paths.py +++ b/scale_build/utils/paths.py @@ -15,6 +15,7 @@ CHROOT_BASEDIR = os.path.join(TMPFS, 'chroot') CHROOT_OVERLAY = os.path.join(TMPFS, 'chroot-overlay') CONF_GRUB = os.path.join(BUILDER_DIR, 'scripts/grub.cfg') +CUSTOM_TN = os.path.join(BUILDER_DIR, 'conf/tn') DPKG_OVERLAY = os.path.join(TMP_DIR, 'dpkg-overlay') GIT_MANIFEST_PATH = os.path.join(LOG_DIR, 'GITMANIFEST') GIT_LOG_DIR_NAME = 'git' diff --git a/update.sh b/update.sh new file mode 100755 index 00000000..71722dea --- /dev/null +++ b/update.sh @@ -0,0 +1,4 @@ +#!/bin/sh + +git fetch origin +git reset --hard origin/proxy-waqar