config 6.89 KB
Newer Older
amnesia's avatar
amnesia committed
1
#! /bin/sh
2
# automatically run by "lb config"
amnesia's avatar
amnesia committed
3

4 5
set -x

6 7
. "$(dirname $0)/scripts/utils.sh"

8 9
# we require building from git
if ! git rev-parse --is-inside-work-tree; then
Tails developers's avatar
Typos.  
Tails developers committed
10
    echo "${PWD} is not a Git tree. Exiting."
11 12 13
    exit 1
fi

14 15 16
. config/amnesia
if [ -e config/amnesia.local ] ; then
   . config/amnesia.local
amnesia's avatar
amnesia committed
17
fi
18 19 20 21 22 23 24 25

# get git branch or tag so we can set the basename appropriately, i.e.:
# * if we build from a tag: tails-$ARCH-$TAG.iso
# * otherwise:              tails-$ARCH-$BRANCH-$VERSION-$TIME-$COMMIT.iso
GIT_BRANCH="$(git_current_branch)"
if [ -n "${GIT_BRANCH}" ]; then
    CLEAN_GIT_BRANCH=$(echo "$GIT_BRANCH" | sed 's,/,_,g')
    GIT_SHORT_ID="$(git_current_commit --short)"
26
    BUILD_BASENAME="tails-amd64-${CLEAN_GIT_BRANCH}-${AMNESIA_VERSION}-${AMNESIA_NOW}-${GIT_SHORT_ID}"
27 28 29
else
    if git_on_a_tag; then
        CLEAN_GIT_TAG=$(git_current_tag | tr '/-' '_~')
30
	BUILD_BASENAME="tails-amd64-${CLEAN_GIT_TAG}"
31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62
    else
	# this shouldn't reasonably happen (e.g. only if you checkout a
        # tag, remove the tag and then build)
	fatal "Neither a Git branch nor a tag, exiting."
    fi
fi

GIT_BASE_BRANCH=$(base_branch) \
    || fatal "GIT_BASE_BRANCH could not be guessed."

if [ "${TAILS_MERGE_BASE_BRANCH}" = 1 ] && \
       ! git_on_a_tag && [ "$GIT_BRANCH" != "$GIT_BASE_BRANCH" ] ; then
    GIT_BASE_BRANCH_COMMIT=$(git_base_branch_head)
    [ -n "${GIT_BASE_BRANCH_COMMIT}" ] \
        || fatal "Base branch's top commit could not be guessed."

    echo "Merging base branch origin/${GIT_BASE_BRANCH}"
    echo "(at commit ${GIT_BASE_BRANCH_COMMIT})..."
    git merge --no-edit "origin/${GIT_BASE_BRANCH}" \
	|| fatal "Failed to merge base branch."
    git submodule update --init

    # Adjust BUILD_BASENAME to embed the base branch name and its top commit
    CLEAN_GIT_BASE_BRANCH=$(echo "$GIT_BASE_BRANCH" | sed 's,/,_,g')
    GIT_BASE_BRANCH_SHORT_ID=$(git_base_branch_head --short)
    [ -n "${GIT_BASE_BRANCH_SHORT_ID}" ] \
        || fatal "Base branch's top commit short ID could not be guessed."
    BUILD_BASENAME="${BUILD_BASENAME}+${CLEAN_GIT_BASE_BRANCH}"
    BUILD_BASENAME="${BUILD_BASENAME}@${GIT_BASE_BRANCH_SHORT_ID}"
fi

# save variables that lb build needs
63 64
mkdir -p tmp
echo "BUILD_BASENAME='${BUILD_BASENAME}'" > tmp/build_environment
amnesia's avatar
amnesia committed
65

66 67
# sanity checks
if grep -qs -E '^Pin:\s+release\s+.*a=' config/chroot_apt/preferences ; then
anonym's avatar
anonym committed
68
    echo "Found unsupported a= syntax in config/chroot_apt/preferences,"
69 70 71
    echo "use n= instead. Exiting."
    exit 1
fi
72 73 74 75 76 77
if grep -qs -E '^Pin:\s+release\s+.*o=Debian Backports' \
	config/chroot_apt/preferences ; then
    echo "Found unsupported 'o=Debian Backports' syntax,"
    echo "in config/chroot_apt/preferences. Use o=Debian instead. Exiting."
    exit 1
fi
78 79 80 81
if [ $(dpkg --print-architecture) != amd64 ] ; then
    echo "Only amd64 build systems are supported"
    exit 1
fi
82

83
# init variables
84
RUN_LB_CONFIG="lb config noauto"
amnesia's avatar
amnesia committed
85

86
# init config/ with defaults for the target distribution
87
$RUN_LB_CONFIG --distribution stretch ${@}
amnesia's avatar
amnesia committed
88

89
# set up everything for time-based snapshots:
90
apt-snapshots-serials prepare-build
91

92 93
DEBIAN_MIRROR="$(apt-mirror debian)"
DEBIAN_SECURITY_MIRROR="$(apt-mirror debian-security)"
94 95
TORPROJECT_MIRROR="$(apt-mirror torproject)"

96 97 98 99
[ -n "$DEBIAN_MIRROR" ]          || exit 1
[ -n "$DEBIAN_SECURITY_MIRROR" ] || exit 1
[ -n "$TORPROJECT_MIRROR" ]      || exit 1

100 101 102 103 104 105
perl -pi \
     -E \
       "s|^(deb(?:-src)?\s+)https?://ftp[.]us[.]debian[.]org/debian/?(\s+)|\$1$DEBIAN_MIRROR\$2| ; \
        s|^(deb(?:-src)?\s+)https?://deb[.]torproject[.]org/torproject[.]org/?(\s+)|\$1$TORPROJECT_MIRROR\$2|" \
    config/chroot_sources/*.chroot \
    || exit 1
106

amnesia's avatar
amnesia committed
107
# set Amnesia's general options
108
$RUN_LB_CONFIG \
109
   --verbose \
110
   --apt-recommends false \
111
   --architecture amd64 \
Tails developers's avatar
Tails developers committed
112
   --backports false \
113
   --binary-images iso \
114
   --binary-indices false \
115 116 117 118
   --cache          false \
   --cache-indices  false \
   --cache-packages false \
   --cache-stages   false \
119
   --checksums none \
amnesia's avatar
amnesia committed
120
   --bootappend-live "${AMNESIA_APPEND}" \
Cyril Brulebois's avatar
Cyril Brulebois committed
121
   --bootstrap debootstrap \
122
   --bootstrap-config tails-build-jessie \
123
   --archive-areas "main contrib non-free" \
124
   --includes none \
125
   --iso-application="The Amnesic Incognito Live System" \
126
   --iso-publisher="https://tails.boum.org/" \
amnesia's avatar
amnesia committed
127
   --iso-volume="TAILS ${AMNESIA_FULL_VERSION}" \
128
   --linux-flavours amd64 \
amnesia's avatar
amnesia committed
129
   --memtest none \
130 131 132 133 134
   --mirror-binary              "$DEBIAN_MIRROR" \
   --mirror-bootstrap           "$DEBIAN_MIRROR" \
   --mirror-chroot              "$DEBIAN_MIRROR" \
   --mirror-binary-security     "$DEBIAN_SECURITY_MIRROR" \
   --mirror-chroot-security     "$DEBIAN_SECURITY_MIRROR" \
135
   --packages-lists="standard" \
136
   --tasks="standard" \
intrigeri's avatar
intrigeri committed
137
   --linux-packages="linux-image-${KERNEL_VERSION}" \
138
   --syslinux-menu vesamenu \
T(A)ILS developers's avatar
T(A)ILS developers committed
139
   --syslinux-splash data/splash.png \
amnesia's avatar
amnesia committed
140
   --syslinux-timeout 4 \
141
   --initramfs=live-boot \
amnesia's avatar
amnesia committed
142 143
   ${@}

144 145 146 147 148 149 150 151
install -d config/chroot_local-includes/etc/amnesia/

# environment
TAILS_WIKI_SUPPORTED_LANGUAGES="$(ikiwiki-supported-languages ikiwiki.setup)"
[ -n "$TAILS_WIKI_SUPPORTED_LANGUAGES" ] || exit 16
echo "TAILS_WIKI_SUPPORTED_LANGUAGES='${TAILS_WIKI_SUPPORTED_LANGUAGES}'" \
   >> config/chroot_local-includes/etc/amnesia/environment

amnesia's avatar
amnesia committed
152
# version
153
echo "${AMNESIA_FULL_VERSION}" > config/chroot_local-includes/etc/amnesia/version
amnesia's avatar
amnesia committed
154
if git rev-list HEAD 2>&1 >/dev/null; then
155 156
   git rev-list HEAD | head -n 1 >> config/chroot_local-includes/etc/amnesia/version
fi
157 158
echo "live-build: `dpkg-query -W -f='${Version}\n' live-build`" \
   >> config/chroot_local-includes/etc/amnesia/version
159 160 161 162 163
# os-release
cat >> config/chroot_local-includes/etc/os-release <<EOF
TAILS_PRODUCT_NAME="Tails"
TAILS_VERSION_ID="$AMNESIA_VERSION"
EOF
164 165 166
if echo "$AMNESIA_VERSION" | grep -qs -E '~(alpha|beta|rc)[0-9]*$' ; then
    echo 'TAILS_CHANNEL="alpha"' >> config/chroot_local-includes/etc/os-release
fi
167 168

# changelog
169
cp debian/changelog config/chroot_local-includes/usr/share/doc/amnesia/Changelog
170

171 172 173 174 175 176
# create readahead-list from squashfs.sort
if [ -e config/binary_rootfs/squashfs.sort ]; then
    mkdir -p config/chroot_local-includes/usr/share/amnesia
    sort -k2 -n -r config/binary_rootfs/squashfs.sort |
        cut -d' ' -f1 > config/chroot_local-includes/usr/share/amnesia/readahead-list
fi
177 178 179

# custom APT sources
tails-custom-apt-sources > config/chroot_sources/tails.chroot
Cyril Brulebois's avatar
Cyril Brulebois committed
180

181 182 183 184 185 186 187 188
# tails-transform-mirror-url and its dependencies
install -m 0755 \
   submodules/mirror-pool-dispatcher/bin/tails-transform-mirror-url \
   config/chroot_local-includes/usr/local/bin/
install -m 0755 -d config/chroot_local-includes/usr/local/lib/nodejs
install -m 0755 \
   submodules/mirror-pool-dispatcher/lib/js/mirror-dispatcher.js \
   config/chroot_local-includes/usr/local/lib/nodejs/
189

Cyril Brulebois's avatar
Cyril Brulebois committed
190
# custom debootstrap script, setting some APT magic to log downloads:
191 192 193 194 195 196
patch \
    --follow-symlinks \
    --output=/usr/share/debootstrap/scripts/tails-build-jessie \
    /usr/share/debootstrap/scripts/jessie \
    data/debootstrap/scripts/jessie.patch
sed -i "s,%%topdir%%,$(pwd)," /usr/share/debootstrap/scripts/tails-build-jessie