2023-10-28 20:37:09 +00:00
|
|
|
# Copyright (C) 2023 Umorpha Systems
|
|
|
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
|
|
2023-12-06 23:46:11 +00:00
|
|
|
# Entrypoint/config ############################################################
|
|
|
|
|
|
2023-12-14 05:34:15 +00:00
|
|
|
SHELL = bash -euE -o pipefail
|
2023-12-25 20:37:13 +00:00
|
|
|
osi-tools = $(CURDIR)/osi-tools
|
|
|
|
|
PATH := $(osi-tools):$(PATH)
|
2023-10-28 20:37:09 +00:00
|
|
|
|
2023-10-31 23:18:47 +00:00
|
|
|
all: $(patsubst %.sh,%.rootfs.img,$(wildcard images/*.sh))
|
2023-10-28 20:37:09 +00:00
|
|
|
.PHONY: all
|
|
|
|
|
|
2023-10-31 23:18:47 +00:00
|
|
|
.SECONDARY:
|
|
|
|
|
.DELETE_ON_ERROR:
|
|
|
|
|
|
2023-11-10 06:39:29 +00:00
|
|
|
# Nothing here is parallel-unsafe, but it just makes the output (and
|
|
|
|
|
# especially `sudo` prompts) hard to read.
|
|
|
|
|
.NOTPARALLEL:
|
|
|
|
|
|
2023-12-08 03:37:52 +00:00
|
|
|
define NL
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
endef
|
|
|
|
|
|
2023-12-06 23:46:11 +00:00
|
|
|
# Dependency magic #############################################################
|
|
|
|
|
|
|
|
|
|
# Files that modules depend on
|
2023-12-11 20:14:08 +00:00
|
|
|
|
2023-12-08 03:37:52 +00:00
|
|
|
build-deps/modules/umorpha-bootstrap.sh = bin/umorpha-install
|
|
|
|
|
build-deps/modules/umorpha-bootstrap.sh += bin/umorpha-mount
|
2023-12-11 20:14:08 +00:00
|
|
|
|
2023-12-08 03:37:52 +00:00
|
|
|
secret-deps/modules/service-gitea.sh = secrets/gitea-infomaniak-clientid.txt
|
|
|
|
|
secret-deps/modules/service-gitea.sh += secrets/gitea-infomaniak-clientsecret.txt
|
|
|
|
|
|
2023-12-15 18:46:37 +00:00
|
|
|
build-deps/modules/service-bookstack.sh = modules/0001-Oidc-Properly-query-the-UserInfo-Endpoint.patch
|
2023-12-11 20:14:08 +00:00
|
|
|
secret-deps/modules/service-bookstack.sh = secrets/bookstack-app-key.txt
|
|
|
|
|
secret-deps/modules/service-bookstack.sh += secrets/bookstack-infomaniak-mailaddr.txt
|
|
|
|
|
secret-deps/modules/service-bookstack.sh += secrets/bookstack-infomaniak-mailpassword.txt
|
|
|
|
|
secret-deps/modules/service-bookstack.sh += secrets/bookstack-infomaniak-clientid.txt
|
|
|
|
|
secret-deps/modules/service-bookstack.sh += secrets/bookstack-infomaniak-clientsecret.txt
|
|
|
|
|
|
2023-12-08 03:37:52 +00:00
|
|
|
# Group that should own the secret
|
2023-12-11 20:14:08 +00:00
|
|
|
|
2023-12-08 03:37:52 +00:00
|
|
|
group/gitea-infomaniak-clientid.txt = gitea
|
|
|
|
|
group/gitea-infomaniak-clientsecret.txt = gitea
|
2023-10-31 23:18:47 +00:00
|
|
|
|
2023-12-11 20:14:08 +00:00
|
|
|
group/bookstack-app-key.txt = bookstack
|
|
|
|
|
group/bookstack-infomaniak-mailaddr.txt = bookstack
|
|
|
|
|
group/bookstack-infomaniak-mailpassword.txt = bookstack
|
|
|
|
|
group/bookstack-infomaniak-clientid.txt = bookstack
|
|
|
|
|
group/bookstack-infomaniak-clientsecret.txt = bookstack
|
|
|
|
|
|
2023-12-06 23:46:11 +00:00
|
|
|
# Automatic dependencies
|
2023-12-14 05:34:15 +00:00
|
|
|
deps.mk: images $(wildcard images/*.sh) $(wildcard modules/*.sh) Makefile
|
|
|
|
|
{ \
|
|
|
|
|
echo '# variables: module -> module'; \
|
|
|
|
|
grep -H load_module modules/*.sh|sed -E 's,(.*):.*/(.*)"$$,build-deps/\1 += modules/\2 $$(build-deps/modules/\2),'; \
|
|
|
|
|
echo '# variables: image -> module'; \
|
|
|
|
|
grep -H -o -e '--module=\S*' -- images/*.sh | sed -E 's,images/([^:]*).sh:--module=(.*),build-deps/images/\1.rootfs.img += \2 $$(build-deps/\2),'; \
|
|
|
|
|
echo '# concrete: image -> build-deps'; \
|
|
|
|
|
$(foreach f,$(patsubst %.sh,%.rootfs.img,$(filter-out %.secrets.sh,$(wildcard images/*.sh))),echo '$f: $$(build-deps/$f)'; \$(NL) ) \
|
|
|
|
|
echo '# concrete: secrets -> secret-deps'; \
|
|
|
|
|
$(foreach f,$(patsubst %.sh,%.rootfs.img,$(filter-out %.secrets.sh,$(wildcard images/*.sh))),echo '$(patsubst %.rootfs.img,%.secrets.sh,$f): $$(foreach d,$$(build-deps/$f),$$(secret-deps/$$d))'; \$(NL) ) \
|
|
|
|
|
echo '# concrete: image -> package'; \
|
2023-12-14 08:49:07 +00:00
|
|
|
grep -H -o -e '--package-file=\S*' -- images/*.sh | sed -E 's,images/([^:]*).sh:--package-file=(.*),images/\1.rootfs.img: \2,'; \
|
2023-12-14 05:34:15 +00:00
|
|
|
} >$@
|
2023-10-28 20:37:09 +00:00
|
|
|
-include deps.mk
|
|
|
|
|
|
2023-12-06 23:46:11 +00:00
|
|
|
# Generic pattern rules ########################################################
|
|
|
|
|
|
2023-12-25 20:37:13 +00:00
|
|
|
images/%.rootfs.img: images/%.sh $(osi-tools)/osi-mk
|
2023-10-28 20:37:09 +00:00
|
|
|
rm -f $@
|
|
|
|
|
$< $@
|
2023-10-28 22:12:25 +00:00
|
|
|
chmod 444 $@
|
|
|
|
|
|
2023-10-31 23:18:47 +00:00
|
|
|
images/%.gpt.img: images/%.rootfs.img bin/umorpha-install
|
|
|
|
|
rm -f $@
|
|
|
|
|
truncate --size=3G $@
|
2023-11-09 21:55:25 +00:00
|
|
|
sudo bin/umorpha-install images/$*.rootfs.img $@
|
2023-10-31 23:18:47 +00:00
|
|
|
|
2023-11-08 05:07:45 +00:00
|
|
|
images/%.bootstrap.iso: images/%.rootfs.img images/bootstrap.rootfs.img bin/mkbootstrapiso
|
|
|
|
|
bin/mkbootstrapiso $< $@
|
|
|
|
|
|
2023-12-14 05:34:15 +00:00
|
|
|
images/%.secrets.sh: Makefile
|
2023-12-08 03:37:52 +00:00
|
|
|
{ \
|
|
|
|
|
echo '#!/bin/sh'; \
|
|
|
|
|
echo 'install -m755 -d /etc/umorpha-secrets'; \
|
2023-12-14 05:34:15 +00:00
|
|
|
$(foreach f,$(sort $(filter secrets/%,$^)),val=$$(cat $f); echo "install -m640 --group=$(group/$(notdir $f)) /dev/stdin /etc/umorpha-secrets/$(notdir $f) <<<$${val@Q}"; \$(NL) ) \
|
2023-12-08 03:37:52 +00:00
|
|
|
} >$@
|
|
|
|
|
|
2023-11-14 02:07:10 +00:00
|
|
|
pkg/%.pkg.tar.zst: pkg/%/PKGBUILD
|
2023-12-14 08:06:28 +00:00
|
|
|
rm -rf -- $(<D)/src $(<D)/pkg
|
2023-11-14 02:07:10 +00:00
|
|
|
cd $(<D) && PKGDEST=$(abspath $(@D)) makepkg --syncdeps --rmdeps
|
|
|
|
|
ln -sf $*-$$(cd $(<D) && makepkg --printsrcinfo|awk 'BEGIN{arch=x86_64} /pkgver =/{pkgver=$$3} /pkgrel =/{pkgrel=$$3} /arch = any/{arch=$$3} END{print pkgver "-" pkgrel "-" arch}').pkg.tar.zst $@
|
|
|
|
|
|
2023-11-13 04:52:10 +00:00
|
|
|
qemu-bios = qemu-system-x86_64
|
|
|
|
|
qemu-bios += -accel kvm
|
|
|
|
|
qemu-bios += -m 2G
|
|
|
|
|
qemu-bios += -net user,hostfwd=tcp::8022-:22,hostfwd=tcp::8080-:80 -net nic
|
|
|
|
|
|
|
|
|
|
qemu-uefi = $(qemu-bios) -drive if=pflash,format=raw,readonly=on,file=/usr/share/ovmf/x64/OVMF.fd
|
|
|
|
|
|
|
|
|
|
run-bios/%.img: images/%.img
|
|
|
|
|
cp --reflink -- $< $<.tmp
|
|
|
|
|
chmod 644 $<.tmp
|
|
|
|
|
$(qemu-bios) -drive media=disk,if=virtio,format=raw,file=$<.tmp
|
|
|
|
|
run-bios/%.iso: images/%.iso
|
|
|
|
|
truncate --size=3G $<.tmp
|
|
|
|
|
$(qemu-bios) -drive media=disk,if=virtio,format=raw,file=$<.tmp -cdrom $<
|
|
|
|
|
.PHONY: run-bios/%
|
|
|
|
|
|
|
|
|
|
run-uefi/%.img: images/%.img
|
|
|
|
|
cp --reflink -- $< $<.tmp
|
|
|
|
|
chmod 644 $<.tmp
|
|
|
|
|
$(qemu-uefi) -drive media=disk,if=virtio,format=raw,file=$<.tmp
|
|
|
|
|
.PHONY: run-ueif/%
|
2023-10-28 20:37:09 +00:00
|
|
|
|
2023-12-08 03:37:52 +00:00
|
|
|
deploy/%: images/%.bootstrap.iso images/%.secrets.sh vultr/%.sh
|
2023-11-04 02:28:14 +00:00
|
|
|
vultr/$*.sh
|
|
|
|
|
.PHONY: deploy/%
|
|
|
|
|
|
2023-12-06 23:46:11 +00:00
|
|
|
# Specific rules ###############################################################
|
2023-10-31 23:18:47 +00:00
|
|
|
|
2023-12-25 20:37:13 +00:00
|
|
|
osi-tools/osi-mk:
|
|
|
|
|
git submodule update --init $(@D)
|
|
|
|
|
|
2023-11-14 02:07:10 +00:00
|
|
|
pkg/grub-2_2.12rc1-5-x86_64.pkg.tar.zst:
|
2023-11-13 04:52:10 +00:00
|
|
|
wget -O $@ https://archlinux.org/packages/core/x86_64/grub/download/
|
