#!/bin/sh # Build Debian root filesystem OS="$1" # For example "debian" ARCH="$2" # For example "armhf" DIST="$3" # For example "buster" set -ex case "${OS}-${ARCH}" in debian-armhf) KERNEL=linux-image-armmp URL=http://deb.debian.org/debian SCRIPT=/usr/share/debootstrap/scripts/sid ;; debian-arm64) KERNEL=linux-image-arm64 URL=http://deb.debian.org/debian SCRIPT=/usr/share/debootstrap/scripts/sid ;; debian-i386) KERNEL=linux-image-686 URL=http://deb.debian.org/debian SCRIPT=/usr/share/debootstrap/scripts/sid ;; debian-amd64) KERNEL=linux-image-amd64 URL=http://deb.debian.org/debian SCRIPT=/usr/share/debootstrap/scripts/sid ;; ubuntu-armhf|ubuntu-arm64|ubuntu-amd64) KERNEL=linux-image-generic URL=http://ports.ubuntu.com/ubuntu-ports SCRIPT=/usr/share/debootstrap/scripts/gutsy ;; *) echo "Can't decide kernel package for \"${ARCH}\"" exit 1 ;; esac # Create fresh empty directory TMP=$(mktemp -d -p "${PWD}" tmp-XXXXXX) trap 'rm -rf "${TMP}"' EXIT INT TERM cd "${TMP}" # Build a Debian root filesystem (first stage) debootstrap \ --arch="${ARCH}" \ --verbose \ --variant=minbase \ --foreign \ --include=\ netbase,\ net-tools,\ systemd-sysv,\ u-boot-tools,\ initramfs-tools,\ openssh-server \ "${DIST}" \ debian \ "${URL}" \ "${SCRIPT}" # Randomly generated root password PASSWORD=$(pwgen -B -A 6 1) # Write apt sources config case "${OS}-${DIST}" in debian-sid) tee debian/tmp/sources.list <<- EOF deb http://deb.debian.org/debian ${DIST} main deb-src http://deb.debian.org/debian ${DIST} main EOF ;; debian-bullseye) tee debian/tmp/sources.list <<- EOF deb http://deb.debian.org/debian ${DIST} main deb-src http://deb.debian.org/debian ${DIST} main deb http://deb.debian.org/debian ${DIST}-updates main deb-src http://deb.debian.org/debian ${DIST}-updates main EOF ;; debian-*) tee debian/tmp/sources.list <<- EOF deb http://deb.debian.org/debian ${DIST} main deb-src http://deb.debian.org/debian ${DIST} main deb http://deb.debian.org/debian ${DIST}-updates main deb-src http://deb.debian.org/debian ${DIST}-updates main deb http://security.debian.org/debian-security ${DIST}/updates main deb-src http://security.debian.org/debian-security ${DIST}/updates main EOF ;; ubuntu-*) tee debian/tmp/sources.list <<- EOF deb http://ports.ubuntu.com/ubuntu-ports ${DIST} main universe deb-src http://ports.ubuntu.com/ubuntu-ports ${DIST} main universe deb http://ports.ubuntu.com/ubuntu-ports ${DIST}-updates main universe deb-src http://ports.ubuntu.com/ubuntu-ports ${DIST}-updates main universe deb http://ports.ubuntu.com/ubuntu-ports ${DIST}-security main universe deb-src http://ports.ubuntu.com/ubuntu-ports ${DIST}-security main universe EOF ;; esac cp -rv --preserve=mode ../2nd-stage-files/pre-2nd-stage-files/* debian cp -rv --preserve=mode ../2nd-stage-files/pre-2nd-stage-files-${ARCH}/* debian # Copy ARM emulation stuff cp -v /usr/bin/qemu-*-static debian/usr/bin || : # Build a Debian root filesystem (second stage) chroot debian /bin/sh -ex <<- EOF /debootstrap/debootstrap --second-stage /bin/mv /tmp/sources.list /etc/apt/sources.list /usr/bin/apt-get update /usr/bin/apt-get -y --no-install-recommends install ${KERNEL} /usr/bin/apt-get -y upgrade /usr/bin/apt-get clean /bin/rm -rf /var/lib/apt/lists/* /usr/bin/systemctl enable systemd-networkd.service /bin/rm -f /var/log/*.log /bin/echo root:${PASSWORD} | /usr/sbin/chpasswd /bin/sed -i "s/#*\s*PermitRootLogin .*/PermitRootLogin yes/" /etc/ssh/sshd_config EOF # Remove ARM emulation stuff again rm -v debian/usr/bin/qemu-*-static || : cp -rv --preserve=mode ../2nd-stage-files/post-2nd-stage-files/* debian # Set hostname echo "${OS}" > debian/etc/hostname # List all files find debian ! -type d -printf "/%P\n" | sort > files.txt cp files.txt "${ARTIFACTS_DIR:-/artifacts}/${OS}-${DIST}-${ARCH}-${PASSWORD}.bin.gz.files.txt" # Make a ext4 filesystem of this and put it into the image rm -f ext4.img fallocate -l 1874MiB ext4.img mkfs.ext4 -d debian ext4.img pigz ext4.img cp -v ext4.img.gz "${ARTIFACTS_DIR:-/artifacts}/${OS}-${DIST}-${ARCH}-${PASSWORD}.bin.gz"