config 7.25 KB
Newer Older
amnesia's avatar
amnesia committed
1
#! /bin/sh
2
# automatically run by "lb config"
amnesia's avatar
amnesia committed
3

4 5
set -x

6 7
. "$(dirname $0)/scripts/utils.sh"

8 9
# we require building from git
if ! git rev-parse --is-inside-work-tree; then
Tails developers's avatar
Typos.  
Tails developers committed
10
    echo "${PWD} is not a Git tree. Exiting."
11 12 13
    exit 1
fi

14 15 16
. config/amnesia
if [ -e config/amnesia.local ] ; then
   . config/amnesia.local
amnesia's avatar
amnesia committed
17
fi
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62

# get git branch or tag so we can set the basename appropriately, i.e.:
# * if we build from a tag: tails-$ARCH-$TAG.iso
# * otherwise:              tails-$ARCH-$BRANCH-$VERSION-$TIME-$COMMIT.iso
GIT_BRANCH="$(git_current_branch)"
if [ -n "${GIT_BRANCH}" ]; then
    CLEAN_GIT_BRANCH=$(echo "$GIT_BRANCH" | sed 's,/,_,g')
    GIT_SHORT_ID="$(git_current_commit --short)"
    BUILD_BASENAME="tails-${LB_ARCHITECTURE}-${CLEAN_GIT_BRANCH}-${AMNESIA_VERSION}-${AMNESIA_NOW}-${GIT_SHORT_ID}"
else
    if git_on_a_tag; then
        CLEAN_GIT_TAG=$(git_current_tag | tr '/-' '_~')
	BUILD_BASENAME="tails-${LB_ARCHITECTURE}-${CLEAN_GIT_TAG}"
    else
	# this shouldn't reasonably happen (e.g. only if you checkout a
        # tag, remove the tag and then build)
	fatal "Neither a Git branch nor a tag, exiting."
    fi
fi

GIT_BASE_BRANCH=$(base_branch) \
    || fatal "GIT_BASE_BRANCH could not be guessed."

if [ "${TAILS_MERGE_BASE_BRANCH}" = 1 ] && \
       ! git_on_a_tag && [ "$GIT_BRANCH" != "$GIT_BASE_BRANCH" ] ; then
    GIT_BASE_BRANCH_COMMIT=$(git_base_branch_head)
    [ -n "${GIT_BASE_BRANCH_COMMIT}" ] \
        || fatal "Base branch's top commit could not be guessed."

    echo "Merging base branch origin/${GIT_BASE_BRANCH}"
    echo "(at commit ${GIT_BASE_BRANCH_COMMIT})..."
    git merge --no-edit "origin/${GIT_BASE_BRANCH}" \
	|| fatal "Failed to merge base branch."
    git submodule update --init

    # Adjust BUILD_BASENAME to embed the base branch name and its top commit
    CLEAN_GIT_BASE_BRANCH=$(echo "$GIT_BASE_BRANCH" | sed 's,/,_,g')
    GIT_BASE_BRANCH_SHORT_ID=$(git_base_branch_head --short)
    [ -n "${GIT_BASE_BRANCH_SHORT_ID}" ] \
        || fatal "Base branch's top commit short ID could not be guessed."
    BUILD_BASENAME="${BUILD_BASENAME}+${CLEAN_GIT_BASE_BRANCH}"
    BUILD_BASENAME="${BUILD_BASENAME}@${GIT_BASE_BRANCH_SHORT_ID}"
fi

# save variables that lb build needs
63 64
mkdir -p tmp
echo "BUILD_BASENAME='${BUILD_BASENAME}'" > tmp/build_environment
amnesia's avatar
amnesia committed
65

66 67
# sanity checks
if grep -qs -E '^Pin:\s+release\s+.*a=' config/chroot_apt/preferences ; then
anonym's avatar
anonym committed
68
    echo "Found unsupported a= syntax in config/chroot_apt/preferences,"
69 70 71
    echo "use n= instead. Exiting."
    exit 1
fi
72 73 74 75 76 77
if grep -qs -E '^Pin:\s+release\s+.*o=Debian Backports' \
	config/chroot_apt/preferences ; then
    echo "Found unsupported 'o=Debian Backports' syntax,"
    echo "in config/chroot_apt/preferences. Use o=Debian instead. Exiting."
    exit 1
fi
78 79 80 81
if [ $(dpkg --print-architecture) != amd64 ] ; then
    echo "Only amd64 build systems are supported"
    exit 1
fi
82

83
# init variables
84
RUN_LB_CONFIG="lb config noauto"
amnesia's avatar
amnesia committed
85

86
# init config/ with defaults for the target distribution
87
$RUN_LB_CONFIG --distribution stretch ${@}
amnesia's avatar
amnesia committed
88

89
# set up everything for time-based snapshots:
90
apt-snapshots-serials prepare-build
91

92 93
DEBIAN_MIRROR="$(apt-mirror debian)"
DEBIAN_SECURITY_MIRROR="$(apt-mirror debian-security)"
94 95
TORPROJECT_MIRROR="$(apt-mirror torproject)"

96 97 98 99
[ -n "$DEBIAN_MIRROR" ]          || exit 1
[ -n "$DEBIAN_SECURITY_MIRROR" ] || exit 1
[ -n "$TORPROJECT_MIRROR" ]      || exit 1

100 101 102 103 104 105
perl -pi \
     -E \
       "s|^(deb(?:-src)?\s+)https?://ftp[.]us[.]debian[.]org/debian/?(\s+)|\$1$DEBIAN_MIRROR\$2| ; \
        s|^(deb(?:-src)?\s+)https?://deb[.]torproject[.]org/torproject[.]org/?(\s+)|\$1$TORPROJECT_MIRROR\$2|" \
    config/chroot_sources/*.chroot \
    || exit 1
106

amnesia's avatar
amnesia committed
107
# set Amnesia's general options
108
$RUN_LB_CONFIG \
109
   --verbose \
110
   --apt-recommends false \
111
   --architecture amd64 \
Tails developers's avatar
Tails developers committed
112
   --backports false \
113
   --binary-images iso \
114
   --binary-indices false \
115 116 117 118
   --cache          false \
   --cache-indices  false \
   --cache-packages false \
   --cache-stages   false \
119
   --checksums none \
amnesia's avatar
amnesia committed
120
   --bootappend-live "${AMNESIA_APPEND}" \
Cyril Brulebois's avatar
Cyril Brulebois committed
121
   --bootstrap debootstrap \
122
   --bootstrap-config tails-build-jessie \
123
   --archive-areas "main contrib non-free" \
124
   --includes none \
125
   --iso-application="The Amnesic Incognito Live System" \
126
   --iso-publisher="https://tails.boum.org/" \
amnesia's avatar
amnesia committed
127
   --iso-volume="TAILS ${AMNESIA_FULL_VERSION}" \
128
   --linux-flavours amd64 \
amnesia's avatar
amnesia committed
129
   --memtest none \
130 131 132 133 134
   --mirror-binary              "$DEBIAN_MIRROR" \
   --mirror-bootstrap           "$DEBIAN_MIRROR" \
   --mirror-chroot              "$DEBIAN_MIRROR" \
   --mirror-binary-security     "$DEBIAN_SECURITY_MIRROR" \
   --mirror-chroot-security     "$DEBIAN_SECURITY_MIRROR" \
135
   --packages-lists="standard" \
136
   --tasks="standard" \
intrigeri's avatar
intrigeri committed
137
   --linux-packages="linux-image-${KERNEL_VERSION}" \
138
   --syslinux-menu vesamenu \
T(A)ILS developers's avatar
T(A)ILS developers committed
139
   --syslinux-splash data/splash.png \
amnesia's avatar
amnesia committed
140
   --syslinux-timeout 4 \
141
   --initramfs=live-boot \
amnesia's avatar
amnesia committed
142 143
   ${@}

144 145 146 147 148 149 150 151
install -d config/chroot_local-includes/etc/amnesia/

# environment
TAILS_WIKI_SUPPORTED_LANGUAGES="$(ikiwiki-supported-languages ikiwiki.setup)"
[ -n "$TAILS_WIKI_SUPPORTED_LANGUAGES" ] || exit 16
echo "TAILS_WIKI_SUPPORTED_LANGUAGES='${TAILS_WIKI_SUPPORTED_LANGUAGES}'" \
   >> config/chroot_local-includes/etc/amnesia/environment

amnesia's avatar
amnesia committed
152
# version
153
echo "${AMNESIA_FULL_VERSION}" > config/chroot_local-includes/etc/amnesia/version
amnesia's avatar
amnesia committed
154
if git rev-list HEAD 2>&1 >/dev/null; then
155 156
   git rev-list HEAD | head -n 1 >> config/chroot_local-includes/etc/amnesia/version
fi
157 158
echo "live-build: `dpkg-query -W -f='${Version}\n' live-build`" \
   >> config/chroot_local-includes/etc/amnesia/version
159 160 161 162 163
# os-release
cat >> config/chroot_local-includes/etc/os-release <<EOF
TAILS_PRODUCT_NAME="Tails"
TAILS_VERSION_ID="$AMNESIA_VERSION"
EOF
164 165 166
if echo "$AMNESIA_VERSION" | grep -qs -E '~(alpha|beta|rc)[0-9]*$' ; then
    echo 'TAILS_CHANNEL="alpha"' >> config/chroot_local-includes/etc/os-release
fi
167 168

# changelog
169
cp debian/changelog config/chroot_local-includes/usr/share/doc/amnesia/Changelog
170

171 172 173 174 175 176
# create readahead-list from squashfs.sort
if [ -e config/binary_rootfs/squashfs.sort ]; then
    mkdir -p config/chroot_local-includes/usr/share/amnesia
    sort -k2 -n -r config/binary_rootfs/squashfs.sort |
        cut -d' ' -f1 > config/chroot_local-includes/usr/share/amnesia/readahead-list
fi
177 178 179

# custom APT sources
tails-custom-apt-sources > config/chroot_sources/tails.chroot
Cyril Brulebois's avatar
Cyril Brulebois committed
180

181 182 183 184 185 186 187 188
# tails-transform-mirror-url and its dependencies
install -m 0755 \
   submodules/mirror-pool-dispatcher/bin/tails-transform-mirror-url \
   config/chroot_local-includes/usr/local/bin/
install -m 0755 -d config/chroot_local-includes/usr/local/lib/nodejs
install -m 0755 \
   submodules/mirror-pool-dispatcher/lib/js/mirror-dispatcher.js \
   config/chroot_local-includes/usr/local/lib/nodejs/
189

190 191 192 193 194 195
# gnome-shell-extension-florence-indicator
rm -rf \
   config/chroot_local-includes/usr/share/gnome-shell/extensions/florenceIndicator@UshakovVasilii_Github.yahoo.com
cp -a submodules/gnome-shell-extension-florence-indicator/florenceIndicator@UshakovVasilii_Github.yahoo.com/ \
   config/chroot_local-includes/usr/share/gnome-shell/extensions/

Cyril Brulebois's avatar
Cyril Brulebois committed
196
# custom debootstrap script, setting some APT magic to log downloads:
197 198 199 200 201 202
patch \
    --follow-symlinks \
    --output=/usr/share/debootstrap/scripts/tails-build-jessie \
    /usr/share/debootstrap/scripts/jessie \
    data/debootstrap/scripts/jessie.patch
sed -i "s,%%topdir%%,$(pwd)," /usr/share/debootstrap/scripts/tails-build-jessie