| Version 32 (modified by , 10 years ago) ( diff ) |
|---|
Nodefactory based on FreeBSD-10
Scope
- based on FreeBSD-10.1 (until release use 10-STABLE
- ubound replaces bind
- implement latest version of lvrouted (auto update default route)
- update captive portal
- cleanup packages
- possibly replace thttpd (light version of apache?)
A. Setup a FreeBSD host
Warning: 1) Make sure /usr is at least 5GB in size, as building images requires quite some space. 2) Make sure you install the 32bit i386 release of FreeBSD also when your system does support amd64, as cross compiling can give some nasty surprises. Tip: use a separate hard disk, mounted on /usr/obj to speed up the compilation process.
Get yourself a fresh i386 freebsd host with ports and subversion installed as follows:
A.1. Run the basic CD installer
The procedure below has been tested with 10.0 (standard developer install - no ports -, e.g. with default partitioning will fit our needs). Installing FreeBSD is outside the scope of this document, take a look into the FreeBSD handbook Chapter 2 Installing FreeBSD if you do not know the details.
After installation and reboot apply update:
build# freebsd-update fetch build# freebsd-update install build# reboot
Please do mind that all commands below need to be executed as root, because of the many mounts and unmounts done in various phases. It maybe convenient to permit ssh root login (modify /etc/ssh/sshd_config accordingly).
Internet connection is required.
Set correct date/time, e.g: build# ntpdate 0.nl.pool.ntp.org
(You may also wish to add ntpd_enable="YES" to /etc/rc.conf)
A.2 Install Subversion and Ports
Subversion is installed as a package:
build# pkg install subversion
Tip: The package management tool is not yet installed on your system. So answer yes to the prompt: "Do you want to fetch and install it now? [y/N]:"
Check out a copy of the ports tree (this will take a couple of minutes).
build# svn checkout https://svn0.eu.FreeBSD.org/ports/head /usr/ports
Certificate information ...... answer p to prompt: (R)eject, accept (t)emporarily or accept (p)ermanently?
Alternatively use portsnap:
build# portsnap fetch extract
A.3 set some useful variables
Alter the shell configuration file:/root/.cshrc:
Ensure ftp is set to passive mode, to avoid potential firewall issues: build# echo 'setenv FTP_PASSIVE_MODE YES' >> /root/.cshrc Set a default password for the images that you will produce build# echo 'setenv CFG_ROOT_PASSWORD DefaultPassword12!' >> /root/.cshrc Define your nanobsd (svn) working directory: NOTE: All commands at later stages will refer to this so you better get it right! build# echo 'setenv R /root/nanobsd' >> /root/.cshrc
Next load your file (or login again): build# source /root/.cshrc
A.4. install lvrouted port
Warning: to be sorted out! To compile lvrouted you need ocaml support, without X11, without TOOLBOX:
build# make -C /usr/ports/lang/ocaml-nox11 install clean BATCH=YES build# make -C /usr/ports/devel/ocaml-findlib install clean WITHOUT="TOOLBOX X11 TK" BATCH=YES
(??? build# make -C /usr/ports/devel/autoconf259 install clean BATCH=YES build# make -C /usr/ports/devel/autoheader259 install clean BATCH=YES build# make -C /usr/ports/dns/bind-tools/ install clean BATCH=yes #(required for nagios-plugins in FreeBSD10)
checkout latest version of lvrouted (12878):
build# svn checkout http://svn.wirelessleiden.nl/svn/node-config/other/lvrouted/trunk /usr/local/share/lvrouted
run the release.sh script to produce the tar 'release' file (lvrouted-12878.tar.gz):
build# cd /usr/local/share/lvrouted/ build# tools/release.sh
Note: you may wish to verify the SHA256 en filesize in $R/ports/net/lvrouted/distinfo
A.5. OPTIONAL, every developer has his own preferences, these are mine
build# make -C /usr/ports/editors/vim-lite install clean BATCH=yes build# make -C /usr/ports/security/sudo install clean BATCH=yes build# make -C /usr/ports/sysutils/screen install clean BATCH=yes
A.6. get latest sources
build# svn co svn://svn0.eu.FreeBSD.org/base/stable/10 /usr/src
B. Build environment
B.1 Download the environment from the Wireless Leiden svn repository
build# svn checkout https://svn.wirelessleiden.nl/svn/code/hybrid/branches/releng-10/nanobsd $R build# cd $R
Note: Certificate information ...... answer p to prompt: (R)eject, accept (t)emporarily or accept (p)ermanently?
If svn is not found: svn is in /usr/local/bin, alternatively log out and in, or use rehash in a csh shell to make it available.
B.2. Compile all required packages using
build# $R/tools/package-build.sh
This will take quite some time, depending on your hardware of course. Packages are created in /root/nanobsd/pkg/All:
build#:~/nanobsd/pkg/All # ls autoconf-2.69.txz isc-dhcp42-server-4.2.7.txz pftop-0.7_2.txz autoconf-wrapper-20131203.txz libffi-3.0.13_1.txz pkg-1.3.6.txz automake-1.14.txz libidn-1.28_1.txz pkgconf-0.9.6_1.txz automake-wrapper-20131203.txz libtasn1-4.0.txz py27-Babel-1.3_2.txz bash-static-4.3.24.txz libtool-2.4.2_3.txz py27-Jinja2-2.7.3.txz bison-2.7.1,1.txz lzo2-2.08.txz py27-MarkupSafe-0.23.txz ca_root_nss-3.16.3.txz m4-1.4.17_1,1.txz py27-pytz-2014.4,1.txz curl-7.37.1_2.txz mtr-nox11-0.85_1.txz py27-setuptools27-5.5.1.txz dnsmasq-2.71_1,1.txz nagios-plugins-2.0.3_1,1.txz py27-yaml-3.11.txz easy-rsa-2.2.0.m.txz net-snmp-5.7.2_16.txz python-2.7_2,2.txz fping-3.10.txz nettle-2.7.1.txz python2-2_3.txz gettext-0.18.3.1_1.txz nmap-6.46.txz python27-2.7.8_3.txz gmake-3.82_1.txz nrpe-2.15_3.txz screen-4.2.1_3.txz gmake-lite-3.82.txz openvpn-2.3.4.txz sixxs-aiccu-20070115_4.txz gmp-5.1.3_2.txz p11-kit-0.20.3_1.txz sudo-1.8.10.p3_1.txz gnutls-3.2.16_3.txz p5-Locale-gettext-1.05_3.txz thttpd-2.25b_5.txz help2man-1.43.3_1.txz patch-2.7.1.txz tinyproxy-1.8.3_1,1.txz iftop-0.17.txz pcre-8.34_2.txz trousers-tddl-0.3.10_7.txz indexinfo-0.2.txz pen-0.18.0.txz ucspi-tcp-0.88_2.txz iperf-2.0.5.txz perl5-5.16.3_11.txz vim-lite-7.4.398.txz
B.3. Set your favorite root password to be used in the image
Note: you can skip this step if you are satisfied with the default password set in step A.3 above.
$ setenv CFG_ROOT_PASSWORD `dd if=/dev/random bs=10k count=10 |\ tr -cd '[a-zA-Z0-9]' | cut -c -15` $ echo $CFG_ROOT_PASSWORD
If you like a simple password, substitute the
`dd if=/dev/random bs=10k count=10 | tr -cd '[a-zA-Z0-9]' | cut -c -15`with your password.
B.4 Build nanobsd (make sure to prepare some coffee;-) )
$ sh /usr/src/tools/tools/nanobsd/nanobsd.sh -c $R/cfg/nanobsd.wleiden
Note 1: Take a coffee of go for a hike, this normally takes 2 - 8 hours depending on the machine configuration. If you like to save some power use the script provided by Rick (http://rickvanderzwet.nl/svn/personal/misc/power-saver). This script is mainly used on a home server for building FreeBSD world and kernels. As soon it is done it can shutdown if not being used anymore. The system has Wake-On-Lan support and can thus be activated again from remote.
Note 2: even this little script got flags, check the output of
sh /usr/src/tools/tools/nanobsd/nanobsd.sh -h-b suppress builds (both kernel and world) -k suppress buildkernel -w suppress buildworld -c specify config file ...
Note 3: The geometry of the cf card is defined in the nanobsd configuration file $R/cfg/nanobsd.wleiden The 'default' values are for a Peak 1 GB card. They also work on an Alix2D3 board with a 1 GB PCEngines 'blanc' cf card and 1 or 2 GB Transcend cf cards although those geometries are different. There are issues with Soekris boards, depending on BIOS version.
