331 lines
8.3 KiB
Bash
331 lines
8.3 KiB
Bash
#!/usr/bin/env zsh
|
|
# Copyright (c) 2017-2018 Dyne.org Foundation
|
|
#
|
|
# decode.blend is written and maintained by Ivan J. <parazyd@dyne.org>
|
|
#
|
|
# This source code is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This software is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this source code. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
## libdevuansdk build script for decode-os
|
|
|
|
source "$R/../config"
|
|
|
|
blend_bootstrap_setup() {
|
|
fn blend_bootstrap_setup "(override)"
|
|
req=(strapdir)
|
|
ckreq || return 1
|
|
|
|
sudo cp -v "$R/../extra/deb.torproject.org.asc" "$strapdir"
|
|
cat <<EOF | sudo tee ${strapdir}/blend-bootstrap-setup >/dev/null
|
|
#!/bin/sh
|
|
echo " * Adding deb.torproject.org repo key to apt..."
|
|
cat /deb.torproject.asc | apt-key add -
|
|
rm -f /deb.torproject.asc
|
|
EOF
|
|
chroot-script -d blend-bootstrap-setup || zerr
|
|
}
|
|
|
|
blend_preinst() {
|
|
fn blend_preinst
|
|
req=(strapdir)
|
|
ckreq || return 1
|
|
|
|
notice "executing $blend_name preinst"
|
|
|
|
add-user decode decode
|
|
}
|
|
|
|
blend_postinst() {
|
|
fn blend_postinst
|
|
req=(strapdir)
|
|
ckreq || return 1
|
|
|
|
notice "executing $blend_name postinst"
|
|
|
|
nopackage=(musl tomb golang tordam stem netdata zenroom chainspace)
|
|
for app in $nopackage; do
|
|
blend_install_${app} || zerr
|
|
done || zerr
|
|
|
|
notice "copying rootfs overlays"
|
|
rootfs_overlay_path="$R/../rootfs-overlay"
|
|
sudo rsync -raX "${rootfs_overlay_path}/common/" "${strapdir}"
|
|
if [[ -n "$vmsdk_version" ]]; then
|
|
_sdk="vm"
|
|
elif [[ -n "$armsdk_version" ]]; then
|
|
_sdk="arm"
|
|
elif [[ -n "$livesdk_version" ]]; then
|
|
_sdk="live"
|
|
fi
|
|
sudo rsync -raX "${rootfs_overlay_path}/${_sdk}/" "${strapdir}"
|
|
|
|
blend_finalize || zerr
|
|
}
|
|
|
|
## {{{ blend_install_musl()
|
|
blend_install_musl() {
|
|
fn blend_install_musl
|
|
req=(strapdir musl_version musl_url)
|
|
ckreq || return 1
|
|
|
|
notice "cloning musl gits"
|
|
sudo git clone "$musl_url" "$strapdir/root/musl" || zerr
|
|
|
|
notice "installing musl in $strapdir"
|
|
|
|
cat <<EOF | sudo tee ${strapdir}/install-musl >/dev/null
|
|
#!/bin/sh
|
|
cd /root/musl
|
|
git checkout ${musl_version}
|
|
./configure && \
|
|
make ${MAKEOPTS} && make install || exit 1
|
|
cd ..
|
|
rm -rf musl
|
|
EOF
|
|
chroot-script install-musl || zerr
|
|
}
|
|
## }}}
|
|
## {{{ blend_install_tomb()
|
|
blend_install_tomb() {
|
|
fn blend_install_tomb
|
|
req=(strapdir tomb_version tomb_url)
|
|
ckreq || return 1
|
|
|
|
notice "cloning tomb gits"
|
|
sudo git clone "$tomb_url" "$strapdir/root/tomb" || zerr
|
|
|
|
notice "installing tomb in $strapdir"
|
|
cat <<EOF | sudo tee ${strapdir}/install-tomb >/dev/null
|
|
#!/bin/sh
|
|
cd /root/tomb
|
|
git checkout ${tomb_version}
|
|
make install
|
|
|
|
cd extras/kdf-keys
|
|
make && make install || exit 1
|
|
|
|
cd /root
|
|
rm -rf tomb
|
|
EOF
|
|
chroot-script install-tomb || zerr
|
|
}
|
|
## }}}
|
|
## {{{ blend_install_golang()
|
|
blend_install_golang() {
|
|
fn blend_install_golang
|
|
req=(strapdir golang_url)
|
|
ckreq || return 1
|
|
|
|
notice "installing golang in $strapdir"
|
|
cat <<EOF | sudo tee ${strapdir}/install-golang >/dev/null
|
|
#!/bin/sh
|
|
cd /usr/local
|
|
wget ${golang_url} || exit 1
|
|
tar xf $(basename ${golang_url})
|
|
rm -f $(basename ${golang_url})
|
|
|
|
ln -snvf /usr/local/go/bin/go /usr/local/bin/go
|
|
ln -snvf /usr/local/go/bin/gofmt /usr/local/bin/gofmt
|
|
EOF
|
|
chroot-script install-golang || zerr
|
|
}
|
|
## }}}
|
|
## {{{ blend_install_tordam()
|
|
blend_install_tordam() {
|
|
fn blend_install_tordam
|
|
req=(strapdir tordam_url)
|
|
ckreq || return 1
|
|
|
|
notice "installing tor-dam in $strapdir"
|
|
cat <<EOF | sudo tee ${strapdir}/install-tordam >/dev/null
|
|
#!/bin/sh
|
|
cd /home/decode
|
|
sudo -u decode go get -v -u ${tordam_url}
|
|
cd /home/decode/go/src/github.com/decodeproject/tor-dam
|
|
|
|
# A random password for the Tor Controlport auth
|
|
torpass="\$(echo "\$(shuf -n 2 /usr/share/dict/words --random-source=/dev/urandom | tr '\n' '-')")"
|
|
sed -i python/damhs.py -e "s/topkek/\${torpass}/"
|
|
sed -i python/damauth.py -e "s/topkek/\${torpass}/"
|
|
make install
|
|
make -C contrib install-init
|
|
|
|
torpass="\$(sudo -u debian-tor tor --hash-password "\${torpass}")"
|
|
sed -e 's/User tor/User debian-tor/' < contrib/torrc > /etc/tor/torrc
|
|
sed -e 's/HashedControlPassword .*//' -i /etc/tor/torrc
|
|
echo "HashedControlPassword \${torpass}" >> /etc/tor/torrc
|
|
EOF
|
|
chroot-script -d install-tordam || zerr
|
|
}
|
|
## }}}
|
|
## {{{ blend_install_netdata()
|
|
blend_install_netdata() {
|
|
fn blend_install_netdata
|
|
req=(strapdir netdata_version netdata_url)
|
|
ckreq || return 1
|
|
|
|
notice "downloading netdata tarball"
|
|
sudo wget -O "$strapdir/root/netdata.tgz" "$netdata_url" || zerr
|
|
|
|
notice "installing netdata in $strapdir"
|
|
cat <<EOF | sudo tee ${strapdir}/install-netdata >/dev/null
|
|
#!/bin/sh
|
|
cd /root
|
|
tar xvf netdata.tgz || exit 1
|
|
cd netdata-${netdata_version}
|
|
./netdata-installer.sh --dont-wait --dont-start-it || exit 1
|
|
cd ..
|
|
rm -rf netdata.tgz netdata-${netdata_version}
|
|
EOF
|
|
chroot-script install-netdata || zerr
|
|
}
|
|
## }}}
|
|
## {{{ blend_install_stem()
|
|
blend_install_stem() {
|
|
fn blend_install_stem
|
|
req=(strapdir stem_version stem_url)
|
|
ckreq || return 1
|
|
|
|
notice "installing stem tor library"
|
|
sudo git clone "$stem_url" "$strapdir/root/stem" || zerr
|
|
|
|
notice "installing stem in $strapdir"
|
|
cat <<EOF | sudo tee ${strapdir}/install-stem >/dev/null
|
|
#!/bin/sh
|
|
cd /root/stem
|
|
git checkout ${stem_version}
|
|
python3 setup.py install || exit 1
|
|
cd ..
|
|
rm -rf stem
|
|
EOF
|
|
chroot-script install-stem || zerr
|
|
}
|
|
## }}}
|
|
## {{{ blend_install_zenroom()
|
|
blend_install_zenroom() {
|
|
fn blend_install_zenroom
|
|
req=(strapdir zenroom_url)
|
|
ckreq || return 1
|
|
|
|
notice "installing zenroom"
|
|
sudo wget -O "$strapdir/usr/local/bin/zenroom" "$zenroom_url" || zerr
|
|
sudo chmod +x "$strapdir/usr/local/bin/zenroom"
|
|
}
|
|
## }}}
|
|
## {{{ blend_install_chainspace()
|
|
blend_install_chainspace() {
|
|
fn blend_install_chainspace
|
|
req=(strapdir chainspace_url chainspacedist_url)
|
|
ckreq || return 1
|
|
|
|
local p="$strapdir/home/decode/chainspace"
|
|
|
|
notice "installing chainspace"
|
|
sudo git clone "$chainspace_url" "$p" || zerr
|
|
pushd "${p}"
|
|
sudo wget ${chainspacedist_url} || zerr
|
|
sudo tar xvf $(basename $chainspacedist_url) || zerr
|
|
popd
|
|
sudo chown -R 1000:1000 "$strapdir/home/decode"
|
|
|
|
cat <<EOF | sudo tee "${strapdir}/install-chainspace"
|
|
#!/bin/sh
|
|
paxctl -c /usr/bin/python*
|
|
paxctl -m /usr/bin/python*
|
|
|
|
pip install petlib
|
|
pip install bplib
|
|
cd /home/decode/chainspace
|
|
pip install -e ./chainspacecontract
|
|
pip install -e ./chainspaceapi
|
|
|
|
rm -f /install-chainspace
|
|
EOF
|
|
chroot-script -d install-chainspace
|
|
}
|
|
## }}}
|
|
|
|
## {{{ blend_finalize()
|
|
blend_finalize() {
|
|
fn blend_finalize
|
|
req=(strapdir)
|
|
ckreq || return 1
|
|
|
|
cat <<EOF | sudo tee ${strapdir}/finalize >/dev/null
|
|
#!/bin/sh
|
|
|
|
chsh -s /bin/bash decode
|
|
for i in users ; do
|
|
gpasswd -a decode \$i
|
|
done
|
|
|
|
sed -e 's/UsePAM yes/UsePAM no/' -i /etc/ssh/sshd_config
|
|
|
|
rc-update del redis-server default
|
|
rc-update add dam-dir default
|
|
rc-update add dam-client default
|
|
|
|
## misc
|
|
sed -i -e 's/devuan/decode/' /etc/hosts
|
|
echo decode > /etc/hostname
|
|
mkdir -p /var/lib/tor
|
|
chown -R debian-tor:debian-tor /var/lib/tor
|
|
rm -rf /var/lib/tor/hidden_service
|
|
|
|
## cleanup
|
|
apt-get --yes --force-yes purge ${finalize_purge_packages}
|
|
apt-get --yes --force-yes autoremove
|
|
apt-get clean
|
|
apt-get update
|
|
|
|
cleanupfiles="
|
|
/var/log/bootstrap.log
|
|
/var/log/dpkg.log
|
|
/var/log/alternatives.log
|
|
/var/log/fontconfig.log
|
|
/var/log/apt
|
|
/var/log/fsck
|
|
/var/log/ConsoleKit
|
|
/var/lib/polkit-1
|
|
/usr/local/share/zsh/site-functions
|
|
"
|
|
echo "\$cleanupfiles" | xargs rm -rf
|
|
|
|
updatedb
|
|
EOF
|
|
|
|
chroot-script -d finalize || zerr
|
|
}
|
|
## }}}
|
|
## {{{ conf_print_sorceslist()
|
|
conf_print_sourceslist() {
|
|
fn conf_print_sourceslist "(override)"
|
|
|
|
cat <<EOF
|
|
## package repositories
|
|
deb http://pkgmaster.devuan.org/merged ascii main
|
|
deb http://pkgmaster.devuan.org/merged ascii-updates main
|
|
deb http://pkgmaster.devuan.org/merged ascii-security main
|
|
deb http://deb.torproject.org/torproject.org stretch main
|
|
deb http://deb.torproject.org/torproject.org tor-experimental-0.4.0.x-stretch main
|
|
|
|
## source repositories
|
|
#deb-src http://pkgmaster.devuan.org/merged ascii main
|
|
#deb-src http://pkgmaster.devuan.org/merged ascii-updates main
|
|
#deb-src http://pkgmaster.devuan.org/merged ascii-security main
|
|
#deb-src http://deb.torproject.org/torproject.org stretch main
|
|
#deb-src http://deb.torproject.org/torproject.org tor-experimental-0.4.0.x-stretch main
|
|
EOF
|
|
}
|
|
## }}}
|