Commit e6af82a8 authored by intrigeri's avatar intrigeri
Browse files

Merge remote-tracking branch 'origin/bugfix/12081-vagrant-basebox-20170105' into devel

Fix-committed: #12081
parents 3b95ba1b 1a594210
......@@ -21,10 +21,10 @@ require_relative 'lib/tails_build_settings'
ENV['VAGRANT_DEFAULT_PROVIDER'] = 'libvirt'
Vagrant.configure("2") do |config|
config.vm.box = 'tails-builder-amd64-jessie-20160226'
config.vm.box = 'tails-builder-amd64-jessie-20170105'
config.vm.box_url = "http://dl.amnesia.boum.org/tails/project/vagrant/#{config.vm.box}.box"
config.vm.box_download_checksum_type = "sha256"
config.vm.box_download_checksum = 'a63298b7cae7cbc2ad3e2c01763a11b29ee8ac879398e007ae22857da5b2c6de'
config.vm.box_download_checksum = '4600eaffa300123c6a1cff8a1b69f1366a62c2f502ef059c9196d7ae5e5fff8b'
config.vm.provision "shell", inline: <<-EOF
sudo http_proxy='#{ENV['http_proxy']}' /vagrant/provision/setup-tails-builder
EOF
......
......@@ -7,6 +7,7 @@ set -u
ARCHITECTURE="amd64"
DISTRIBUTION="jessie"
MIRROR="http://ftp.us.debian.org/debian"
USERNAME="vagrant"
PASSWORD="vagrant"
SIZE="20G"
......@@ -16,27 +17,33 @@ TARGET_NAME="tails-builder-${ARCHITECTURE}-${DISTRIBUTION}-${DATE_STAMP}"
TARGET_IMG="${TARGET_NAME}.qcow2"
TARGET_BOX="${TARGET_NAME}.box"
sudo vmdebootstrap \
--arch "${ARCHITECTURE}" \
--distribution "${DISTRIBUTION}" \
--image "${TARGET_IMG}" \
--convert-qcow2 \
--enable-dhcp \
--grub \
--hostname "${HOSTNAME}" \
--log-level "debug" \
--mbr \
--mirror "http://ftp.us.debian.org/debian" \
--owner "${SUDO_USER:-${USER}}" \
--kernel-package "linux-image-${ARCHITECTURE}" \
--package "ca-certificates" \
--package "wget" \
--root-password="${PASSWORD}" \
--size "${SIZE}" \
--sudo \
--user "${USERNAME}/${PASSWORD}" \
--customize "$(pwd)/customize.sh" \
--verbose
sudo ARCHITECTURE="${ARCHITECTURE}" \
DISTRIBUTION="${DISTRIBUTION}" \
MIRROR="${MIRROR}" \
vmdebootstrap \
--arch "${ARCHITECTURE}" \
--distribution "${DISTRIBUTION}" \
--image "${TARGET_IMG}" \
--convert-qcow2 \
--enable-dhcp \
--grub \
--hostname "${HOSTNAME}" \
--log-level "debug" \
--mbr \
--mirror "${MIRROR}" \
--owner "${SUDO_USER:-${USER}}" \
--kernel-package "linux-image-${ARCHITECTURE}" \
--package "ca-certificates" \
--package "wget" \
--package "grub2" \
--package "openssh-server" \
--package "curl" \
--root-password="${PASSWORD}" \
--size "${SIZE}" \
--sudo \
--user "${USERNAME}/${PASSWORD}" \
--customize "$(pwd)/customize.sh" \
--verbose
/usr/share/vagrant-plugins/vagrant-libvirt/tools/create_box.sh \
"${TARGET_IMG}" "${TARGET_BOX}"
......
......@@ -28,8 +28,16 @@ APT::Install-Recommends "false";
APT::Install-Suggests "false";
EOF
echo "I: Installing extra dependencies..."
apt-get -y install grub2 openssh-server curl
echo "I: Adding custom APT sources..."
echo "deb ${MIRROR} ${DISTRIBUTION}-backports main" > \
"/etc/apt/sources.list.d/${DISTRIBUTION}-backports.list"
apt-get update
echo "I: Upgrading to the backported kernel..."
apt-get -y purge 'linux-image-*'
apt-get -y install -t "${DISTRIBUTION}-backports" "linux-image-${ARCHITECTURE}"
echo "I: Configuring GRUB..."
sed -i 's,^GRUB_TIMEOUT=5,GRUB_TIMEOUT=1,g' /etc/default/grub
echo "I: Disable DNS checks to speed-up SSH logins..."
......
......@@ -127,9 +127,3 @@ done
apt-get -y autoremove
apt-get -y clean
perl /usr/lib/apt-cacher-ng/expire-caller.pl || echo "The clean-up of apt-cacher-ng's cache failed: this is not fatal and most likely just means that some disk space could not be reclaimed -- in order to fix that situation you need to manually investigate /var/log/apt-cacher-ng/main_*.html " >&2
# XXX: Remove this once we generate a basebox > 20160226
if grep -q "^AcceptEnv" /etc/ssh/sshd_config; then
sed -i 's/^AcceptEnv/#AcceptEnv/' /etc/ssh/sshd_config
systemctl reload ssh.service
fi
......@@ -55,6 +55,19 @@ Debian Stretch, and one of Tails' repos until [[!debbug 823395]] is fixed:
sudo apt-get update
If you run Debian Stable we strongly recommend installing the
backported Linux kernel. The builder virtual machine will use that
version, and in our experience the larger the discrepancy between
kernel versions on host and guest, the more problems. So:
sudo tee /etc/apt/sources.list.d/jessie-backports.list <<EOF
deb http://ftp.us.debian.org/debian/ jessie-backports main
deb-src http://ftp.us.debian.org/debian/ jessie-backports main
EOF
sudo apt-get update
sudo apt-get install -t jessie-backports linux-image-amd64
Now we can install all the dependencies:
sudo apt-get install \
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment