diff --git a/tilo/build.sh b/tilo/build.sh index b2a9e63..36c0752 100755 --- a/tilo/build.sh +++ b/tilo/build.sh @@ -1,5 +1,7 @@ #!/bin/sh +set -e + #get latest non patch release candidate kernel and busybox version busybox_latest="$(curl -s "https://api.github.com/repos/mirror/busybox/tags" | jq -r '.[0].name' | tr "_" ".")" kernel_latest="$(curl -s "https://api.github.com/repos/torvalds/linux/tags" | jq -r '.[] .name' | awk '$0 !~/-/' | head -n1 | cut -c2-4)" @@ -21,7 +23,7 @@ wget "$kernel_url/linux-$kernel_latest.tar.xz" tar -xf linux-$kernel_latest.tar.xz cd linux-$kernel_latest make defconfig - make -j 8 || exit + make -j 8 cd .. @@ -30,40 +32,11 @@ tar -xf busybox-$busybox_latest.tar.bz2 cd busybox-$busybox_latest make defconfig sed 's/^.*CONFIG_STATIC[^_].*$/CONFIG_STATIC=y/g' -i .config - make -j$(nproc) || exit - cd .. + make -j$(nproc) + cd .. cd .. cp src/linux-$kernel_latest/arch/x86/boot/bzImage ./ -mkdir initrd -cd initrd - - mkdir -p bin dev proc sys - cd bin - cp ../../src/busybox-$busybox_latest/busybox ./ - for prog in $(./busybox --list); do - ln -s /bin/busybox ./$prog - done - - cd .. - - echo '#!/bin/sh' > init - echo 'mount -t sysfs sysfs /sys' >> init - echo 'mount -t proc proc /proc' >> init - echo 'mount -t devtmpfs udev /dev' >> init - echo 'sysctl -w kernel.printk="2 4 1 7"' >> init - echo 'clear' >> init - #todo: recompile to check if this fixes ctrl +c issues - echo '::respawn:-/bin/sh' >> init - #echo '/bin/sh' >> init - - chmod -R 777 . - - find . | cpio -o -H newc > ../initrd.img - -cd .. - - diff --git a/tilo/initrd.sh b/tilo/initrd.sh new file mode 100755 index 0000000..e8d6e13 --- /dev/null +++ b/tilo/initrd.sh @@ -0,0 +1,63 @@ +#!/bin/sh + +set -e + +#extract the version of the compiled busybox :) +busybox_ver="$(find ./src/ -type d -maxdepth 1 -name "busy*" | cut -d- -f2)" + +mkdir initrd +cd initrd + +mkdir -p bin dev proc sys etc usr + +#Add busybox programs + cd bin + cp ../../src/busybox-$busybox_ver/busybox ./ + for prog in $(./busybox --list); do + ln -s /bin/busybox ./$prog + done + cd .. + + +#Create initial init +cat <init +#!/bin/sh +mount -t sysfs sysfs /sys +mount -t proc proc /proc +mount -t devtmpfs udev /dev +exec /bin/init +clear +EOF + +#Create busybox initrd +echo "tty1::respawn:-/bin/sh" > ./etc/inittab + +#Create resolv.conf +echo "nameserver 1.1.1.1" > ./etc/resolv.conf + +#Add curl + certificates for tls support + + #Add static curl binary + ver="$(curl -s "https://api.github.com/repos/stunnel/static-curl/tags" | jq -r '.[0].name' | tr "_" ".")" + rel="$(curl -s "https://api.github.com/repos/stunnel/static-curl/releases" | jq -r '.[0].name' | tr "_" ".")" + wget "https://github.com/stunnel/static-curl/releases/download/$rel/curl-linux-x86_64-musl-$ver.tar.xz" + tar xf curl-linux-x86_64-musl-$ver.tar.xz -C ./bin/ + rm curl-linux-x86_64-musl-$ver.tar.xz + + + #Add certificates + ##very ugly way to extract the certs, but hey it just works :) + container="$(podman run -d alpine:edge /bin/sh -c "apk add ca-certificates && update-ca-certificates && sleep 90")" + sleep 10 #make sure that the cmds are finished (except sleep ofc) + podman cp $container:/etc/ssl/ ./etc/ + podman container rm -f $container + + +#give perms to files, #todo: find a better way someday +#prevents errors like "can't open /dev/tty1: no such file " +chmod -R 777 . + +#Add all the files to a img +find . | cpio -o -H newc > ../initrd.img + +cd ..