tilo: build the system

.gitea/workflows/ipxe.yaml

@@ -1,6 +1,5 @@
 name: build ipxe
 on:
-  push:
   schedule:
     - cron: '0 2 * * SUN'
 jobs:

ipxe/netboot.ipxe

@@ -1 +1,21 @@
 #!ipxe
+
+#Init networking
+dhcp
+
+#Print useful information for debugging
+echo root-path is ${root-path}
+echo filaneme is ${filename}
+echo MAC address is ${net0/mac}
+echo IP address is ${ip}
+
+#Provisioner uses the following pattern: /boot/{mac}
+set server http://${root-path}/boot/${mac:hexhyp}
+echo Server is ${server}
+sleep 5
+
+# Download the correct bootscript or continue normal boot
+chain  ${server} 
+echo should not be reached
+exit
+

tilo/build.sh

@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+#get latest non patch release candidate kernel and busybox version
+busybox_latest="$(curl -s "https://api.github.com/repos/mirror/busybox/tags" | jq -r '.[0].name' | tr "_" ".")"
+kernel_latest="$(curl -s "https://api.github.com/repos/torvalds/linux/tags" | jq -r '.[] .name' | awk '$0 !~/-/' | head -n1 | cut -c2-4)"
+
+#backups for when hitting ratelimits during testing :)
+#kernel_latest="6.7"
+#busybox_latest="1.36.0"
+
+echo "Using kernel version: $kernel_latest"
+echo "Using busybox version: $busybox_latest"
+
+kernel_major="$(echo "$kernel_latest" | cut -c1)"
+kernel_url="https://mirrors.edge.kernel.org/pub/linux/kernel/v$kernel_major.x"
+
+mkdir -p src
+cd src 
+
+wget "$kernel_url/linux-$kernel_latest.tar.xz"
+tar -xf linux-$kernel_latest.tar.xz
+cd linux-$kernel_latest
+	make defconfig
+	make -j 8
+
+cd ..
+
+wget https://busybox.net/downloads/busybox-$busybox_latest.tar.bz2
+tar -xf busybox-$busybox_latest.tar.bz2
+cd busybox-$busybox_latest
+	make defconfig
+	sed 's/^.*CONFIG_STATIC[^_].*$/CONFIG_STATIC=y/g' -i .config
+	make -j$(nproc) 
+  cd ..
+
+cd ..
+
+cp src/linux-$kernel_latest/arch/x86/boot/bzImage ./
+
+

tilo/initrd.sh

@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+#extract the version of the compiled busybox :)
+busybox_ver="$(find  ./src/ -type d -maxdepth 1 -name "busy*" | cut -d- -f2)"
+
+mkdir initrd
+cd initrd
+	
+mkdir -p bin dev proc sys etc usr
+
+#Add busybox programs
+	cd bin
+		cp ../../src/busybox-$busybox_ver/busybox ./
+		for prog in $(./busybox --list); do
+			ln -s /bin/busybox ./$prog
+		done
+	cd ..
+
+
+#Create initial init 
+cat <<EOF >init
+#!/bin/sh
+mount -t sysfs sysfs /sys
+mount -t proc proc /proc
+mount -t devtmpfs udev /dev
+exec /bin/init
+clear
+EOF
+
+#Create busybox initrd
+echo "tty1::respawn:-/bin/sh" > ./etc/inittab
+
+#Create resolv.conf
+echo "nameserver 1.1.1.1" > ./etc/resolv.conf
+
+#Add curl + certificates for tls support
+
+ #Add static curl binary 
+  ver="$(curl -s "https://api.github.com/repos/stunnel/static-curl/tags" | jq -r '.[0].name' | tr "_" ".")"
+  rel="$(curl -s "https://api.github.com/repos/stunnel/static-curl/releases" | jq -r '.[0].name' | tr "_" ".")"
+  wget "https://github.com/stunnel/static-curl/releases/download/$rel/curl-linux-x86_64-musl-$ver.tar.xz"
+  tar xf curl-linux-x86_64-musl-$ver.tar.xz -C ./bin/
+  rm curl-linux-x86_64-musl-$ver.tar.xz
+
+ 
+  #Add certificates
+  ##very ugly way to extract the certs, but hey it just works :) 
+  container="$(podman run -d alpine:edge /bin/sh -c "apk add ca-certificates && update-ca-certificates && sleep 90")"
+  sleep 10 #make sure that the cmds are finished (except sleep ofc)
+  podman cp $container:/etc/ssl/ ./etc/
+  podman container rm -f $container
+
+
+#give perms to files, #todo: find a better way someday
+#prevents errors like "can't open /dev/tty1: no such file "
+chmod -R 777 .
+
+#Add all the files to a img
+find . | cpio -o -H newc > ../initrd.img
+
+cd ..