starlingx/tools
Code Issues Proposed changes
tools/debian-mirror-tools/config/debian/common/base-bullseye.yaml
Hongxu Jia 5e6e1f64d1 debian: do not generate PXE tarball 
Due to commit [LAT: upgrade to 20220403 to add hook to
customize iso] applied, the PXE files has been installed
to ISO image, it is not necessary to generate PXE tarball
again

Story: 2008846
Task: 44920

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Change-Id: I72edd0d263204c586799322863334daa3169bd50
2022-04-06 09:55:41 +08:00

121 lines
4.5 KiB
YAML
Raw Blame History

---
name: starlingx
machine: intel-x86-64
image_type:
- iso
- ostree-repo
- ustart
debootstrap-mirror: http://deb.debian.org/debian
package_feeds: []
package_type: external-debian
wic:
OSTREE_WKS_BOOT_SIZE: ''
OSTREE_WKS_EFI_SIZE: --size=32M
OSTREE_WKS_ROOT_SIZE: ''
OSTREE_WKS_FLUX_SIZE: ''
OSTREE_FLUX_PART: fluxdata
gpg:
gpg_path: /tmp/.lat_gnupg_root
ostree:
gpgid: Wind-River-Linux-Sample
gpgkey: $OECORE_NATIVE_SYSROOT/usr/share/genimage/rpm_keys/RPM-GPG-PRIVKEY-Wind-River-Linux-Sample
gpg_password: windriver
grub:
BOOT_GPG_NAME: SecureBootCore
BOOT_GPG_PASSPHRASE: SecureCore
BOOT_KEYS_DIR: $OECORE_NATIVE_SYSROOT/usr/share/bootfs/boot_keys
BOOT_GPG_KEY: $OECORE_NATIVE_SYSROOT/usr/share/bootfs/boot_keys/BOOT-GPG-PRIVKEY-SecureBootCore
BOOT_SINGED_SHIM: $OECORE_TARGET_SYSROOT/boot/efi/EFI/BOOT/bootx64.efi
BOOT_SINGED_SHIMTOOL: $OECORE_TARGET_SYSROOT/boot/efi/EFI/BOOT/mmx64.efi
BOOT_SINGED_GRUB: $OECORE_TARGET_SYSROOT/boot/efi/EFI/BOOT/grubx64.efi
BOOT_EFITOOL: $OECORE_TARGET_SYSROOT/boot/efi/EFI/BOOT/LockDown.efi
BOOT_GRUB_CFG: $OECORE_TARGET_SYSROOT/boot/efi/EFI/BOOT/grub.cfg
BOOT_NOSIG_GRUB: $OECORE_TARGET_SYSROOT/boot/efi/EFI/BOOT/bootx64-nosig.efi
EFI_SECURE_BOOT: enable
packages: []
external-packages: []
include-default-packages: '0'
rootfs-pre-scripts:
- |
# The StarlingX customize pacakges includes:
# - ostree 2019.1
export PATH=/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
chroot $IMAGE_ROOTFS bash << SCRIPT_ENDOF
set -e
apt update
apt install -y --no-install-recommends linux-image-5.10.0-6-amd64-unsigned grub-common
apt install -y --allow-downgrades --allow-unauthenticated --no-install-recommends ostree ostree-boot libostree-1-1 ostree-upgrade-mgr
apt install --no-install-recommends -y ifupdown
apt install -y bc vim uuid-runtime
SCRIPT_ENDOF
- |
export PATH=/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
chroot $IMAGE_ROOTFS bash << SCRIPT_ENDOF
groupadd nobody
SCRIPT_ENDOF
- |-
# FIXME: Temporary - Centos kickstarts set initial view of this file
mkdir -p -m 0775 $IMAGE_ROOTFS/etc/platform
cat << SCRIPT_ENDOF > $IMAGE_ROOTFS/etc/platform/platform.conf
nodetype=controller
subfunction=controller,worker
system_type=All-in-one
security_profile=standard
management_interface=lo
SCRIPT_ENDOF
rootfs-post-scripts:
- |-
# Remove user admin whether it exists or not
export PATH=/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
chroot $IMAGE_ROOTFS deluser admin || true
- |-
# Set password 'root' to root"
export PATH=/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
chroot $IMAGE_ROOTFS usermod -p '$6$hEv/K.fPeg/$ezIWhJPrMG3WtdEwqQRdyBwdYmPZkqW2PONFAcDd6TqWliYc9dHAwW4MFTlLanVH3/clE0/34FheDMpbAqZVG.' root;
- |-
# Set bash as default shell
ln -snf --relative $IMAGE_ROOTFS/bin/bash $IMAGE_ROOTFS/bin/sh
- |-
# Allow root ssh login
export PATH=/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
chroot $IMAGE_ROOTFS sed -i 's/^[#[:space:]]*PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
- |-
# Setup the sysadmin user and force the user to change the password
# on first login.
# Lock the root account
export PATH=/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
chroot $IMAGE_ROOTFS useradd sysadmin -m --shell /bin/bash -G sudo --password 4SuW8cnXFyxsk
chroot $IMAGE_ROOTFS chage -d 0 sysadmin
chroot $IMAGE_ROOTFS passwd -l root
- |-
# FIXME: Temporary - Centos kickstarts set initial view of this file
echo "localhost" > $IMAGE_ROOTFS/etc/hostname
- |-
# FIXME: Temporary - Anaconda/kickstarts set up initial view of /etc/fstab
mkdir -p $IMAGE_ROOTFS/opt/platform-backup
mkdir -p $IMAGE_ROOTFS/scratch
mkdir -p $IMAGE_ROOTFS/var/log
echo -e "LABEL=platform_backup\t/opt/platform-backup\text4\tdefaults\t1 2" >> $IMAGE_ROOTFS/etc/fstab
echo -e "/dev/mapper/cgts--vg-scratch--lv\t/scratch\text4\tdefaults\t1 2" >> $IMAGE_ROOTFS/etc/fstab
echo -e "/dev/mapper/cgts--vg-log--lv\t/var/log\text4\tdefaults\t1 2" >> $IMAGE_ROOTFS/etc/fstab
environments:
- NO_RECOMMENDATIONS="1"
- DEBIAN_FRONTEND=noninteractive
ostree:
ostree_use_ab: '0'
ostree_osname: debian
ostree_skip_boot_diff: '2'
ostree_remote_url: ''
ostree_extra_install_args: 'inststx=1'
OSTREE_GRUB_USER: root
OSTREE_GRUB_PW_FILE: $OECORE_NATIVE_SYSROOT/usr/share/bootfs/boot_keys/ostree_grub_pw
OSTREE_FDISK_BLM: 2506
OSTREE_FDISK_BSZ: 512
OSTREE_FDISK_RSZ: 20480
OSTREE_FDISK_VSZ: 20480
OSTREE_FDISK_FSZ: 32
OSTREE_CONSOLE: console=ttyS0,115200 console=tty1
system:
- contains:
- /localdisk/deploy/lat-initramfs.yaml
View Git Blame Copy Permalink