source: hybrid/branches/releng-10/nanobsd/cfg/nanobsd.wleiden.apu@ 12993

Last change on this file since 12993 was 12993, checked in by ed, 10 years ago

Unoubound is by default in Freebsd 10 local DNS resolver instead of BIND

File size: 11.7 KB
Line 
1## Dit is een NanoBSD configuratie-template voor WirelessLeiden.
2## Instellingen weergegeven binnen dit bestand gelden als
3## standaard binnen de organisatie.
4## Tweaked for use with 2Gb SDcard, more VAR and TMP space in Alix.APU1C
5
6# Little hack to allow proper secify of KERNL/PKG location
7if [ -n "$NANO_CFG_FILE" ]; then
8 NANO_CONF_DIR=$(cd $(dirname $NANO_CFG_FILE); pwd -P)
9else
10 NANO_CONF_DIR=$(cd $(dirname $2); pwd -P)
11fi
12
13# object naam in /usr/obj/nanobsd.{obj}
14NANO_NAME=wleiden-hybrid
15NANO_SRC=/usr/src # nanobsd source tree
16NANO_KERNEL=$NANO_CONF_DIR/kernel.wleiden.apu # naam van het kernel configuratiebestand
17NANO_IMAGES=2 # aantal nanobsd code slices/installs (1/2)
18
19NANO_CONFSIZE=8192 # volume van de config slice, default 2048 (512bs)
20NANO_DATASIZE=0 # volume van de data slice, 0 = not configured
21NANO_CODESIZE=889200 # 434Mb voor / (889200*1024*1024/512)
22NANO_RAM_TMPVARSIZE=81920 # 40Mb Voor /Var en /Tmp(40*1024*1024/512)
23
24NANO_DRIVE=da0 # Naam van de SD card
25
26#XXX: Eeks, fixed packages, needs building a hook to allow building the package
27# of the shelfs if needed, copy to right directory, done. With only input needed
28# a list of ports in the format like net/net-snmp
29NANO_PACKAGE_DIR=$NANO_CONF_DIR/../pkg/All
30NANO_PACKAGE_LIST="*"
31
32
33# Wireless Leiden ports from $WL_PORTSDIR are copied OVER $PORTSDIR
34PORTSDIR='/usr/ports'
35WL_PORTSDIR="$NANO_CONF_DIR/../ports/"
36
37# Dirty quirk to allow comments in part below
38PACKAGE_LIST=`cat <<EOF | sed -e 's/#.*$//g' | xargs
39benchmarks/iperf
40devel/py-yaml
41dns/dnsmasq
42ftp/curl
43lang/python2
44lang/python
45net/ladvd
46net-mgmt/iftop
47net-mgmt/net-snmp
48net/mtr
49net/isc-dhcp42-server
50net/pen
51ports-mgmt/pkg
52security/sudo
53security/ca_root_nss
54sysutils/screen
55sysutils/ucspi-tcp
56www/apache24
57www/tinyproxy
58
59# Extra WL ports
60net/lvrouted
61`
62# Package target
63PKG_MAKE_ARGS="PACKAGES=$(dirname $NANO_PACKAGE_DIR) BATCH=yes PACKAGE_BUILDING=yes"
64
65PKG_MAKE_CONF="
66# www/py-cherrypy - include apache templating
67# net-mgmt/net-snmp - no perl please (size)
68# net-mgmt/nagios-plugins - no threading (single CPU)
69# shells/bash-static - logging via syslog
70# net/mtr - no X11 (no screen)
71OPTIONS_SET= APACHE FPING SYSLOG
72OPTIONS_UNSET= PERL PERL_EMBEDDED X11
73"
74
75##NANO_PACKAGE_LIST=
76
77# Warning: set to 1 to debug make build errors
78# Number of recurrent parrallel make builds
79if `grep -q 'acpi0: <PRLS PRLS_OEM> on motherboard' /var/run/dmesg.boot`; then
80 # Mac OS X Parallels virtual machine
81 NANO_PMAKE="make -B"
82else
83 # Default 2 times number of CPU's inside machine
84 NANO_PARALLEL_MAKE=`expr $(sysctl -n hw.ncpu) \* 2`
85 NANO_PMAKE="make -j ${NANO_PARALLEL_MAKE}"
86fi
87
88# Starting from soekris bios version 1.31 upwards boot0sio does not seems work
89# anymore, but boot0 does (weird)
90NANO_BOOTLOADER="boot/boot0"
91
92# Strip down to a more acceptable size
93# hints from http://people.freebsd.org/~phk/nanobsd/soekris_4x26/make.soekris_4x26.conf (46MB)
94NANO_PRUNE="$NANO_PRUNE usr/share/examples"
95NANO_PRUNE="$NANO_PRUNE usr/share/syscons"
96NANO_PRUNE="$NANO_PRUNE usr/share/calendar"
97# NB! usr/share/misc contains termcap, vi(1) etc fails to work without it.
98# NANOBSD_PRUNE += usr/share/misc
99NANO_PRUNE="$NANO_PRUNE usr/share/pcvt"
100NANO_PRUNE="$NANO_PRUNE usr/share/me"
101NANO_PRUNE="$NANO_PRUNE usr/share/doc"
102
103
104
105
106
107# Opties parsed gedurende build & install world
108# Also check man 3 src.conf for details
109# Some flags are misleading, e.g. could only be installworld (e.g.), for details:
110# http://phk.freebsd.dk/misc/build_options/
111# For details on make options also check:
112# /usr/src/share/mk/bsd.own.mk
113CONF_COMMON='
114# Specific enabled options
115#WITHOUT_ACPI=YES # geen advanced configuration power interface
116#WITHOUT_BIND=YES # geen bind tools, dns/named geinstalleerd
117#WITHOUT_CXX=YES # Set to not build g++(1) and related libraries.
118#WITHOUT_GROFF=YES # Set to not build groff(1).
119#WITHOUT_INET6=YES # geen ondersteuning inet versie 6 architectuur
120#WITHOUT_INFO=YES # geen info bestanden, readable online docs
121#WITHOUT_IPFILTER=YES # geen ip filtering geinstalleerd
122#WITHOUT_KLDLOAD=YES # do not allow loading of kernel modules
123#WITHOUT_MAILWRAPPER=YES # geen mailwrapper bij gebruik sendmail
124#WITHOUT_MAN=YES # geen handleidingen gecompileerd
125#WITHOUT_MISC=YES # geen misc sub directory
126#WITHOUT_MODULES=YES # geen ondersteuning toevoegen modules
127#WITHOUT_PAM=YES # geen ondersteuning pa modules
128#WITHOUT_PF=YES # geen packet filtering geinstalleerd
129#WITHOUT_SHARE=YES # geen share sub directory
130#WITHOUT_USB=YES # geen ondersteuning usb modules
131# Specific disabled options
132WITHOUT_ATM=YES # geen ondersteuning Asynchronous Transfer Mode
133WITHOUT_AUDIT=YES # geen event auditing / audit trails
134WITHOUT_AUTHPF=YES # geen authenticating gateway user shell
135WITHOUT_BLUETOOTH=YES # geen ondersteuning Bluetooth modules
136WITHOUT_CALENDAR=YES # geen calendar reminder service gecompileerd
137WITHOUT_CDDL=YES # Set to not build code licensed under Sun CDDL. (also ZFS)
138WITHOUT_CPP=YES # Set to not build cpp(1).
139WITHOUT_CVS=YES # geen cvs tools geinstalleerd
140WITHOUT_DICT=YES # geen dictionary ondersteuning
141WITHOUT_EXAMPLES=YES # geen voorbeeld configuratiebestanden
142WITHOUT_FORTRAN=YES # geen ondersteuning fortran compilers
143WITHOUT_GAMES=YES # geen games gecompileerd
144WITHOUT_GCOV=YES # geen gcov test coverage program
145WITHOUT_GDB=YES # geen gnu debugger gecompileerd
146WITHOUT_GPIB=YES # geen ondersteuning gpib kaarten
147WITHOUT_HTML=YES # geen html help bestanden gecompileerd
148WITHOUT_I4B=YES # geen ondersteuning voor isdn
149WITHOUT_IPX=YES # geen ondersteuning ipx protocols
150WITHOUT_KERBEROS=YES # geen ondersteuning Kerberos authenticatie
151WITHOUT_LOCALES=YES # geen ondersteuning lokalisatie
152WITHOUT_LPR=YES # geen ondersteuning print services
153WITHOUT_NIS=YES # geen ondersteuning network information system
154WITHOUT_PROFILE=YES # Set to avoid compiling profiled libraries.
155WITHOUT_RCMDS=YES # geen ondersteuning rcmds,
156WITHOUT_RESCUE=YES # geen rescue bestanden gecompileerd
157WITHOUT_SENDMAIL=YES # geen sendmail geinstalleerd
158WITHOUT_SHAREDOCS=YES # geen share/docs directories
159WITHOUT_SYSCONS=YES # geen syscon devices gecompileerd
160'
161
162CONF_BUILD="
163${CONF_COMMON}
164"
165
166CONF_INSTALL="
167${CONF_COMMON}
168WITHOUT_TOOLCHAIN=YES # geen freebsd toolchain
169"
170
171
172# Flash disks arrived, sandisk 1g seems to match the geometry of the (blanc) cards
173#FlashDevice sandisk 1g # nanobsd flashdevice entry
174#FlashDevice sandisk 512mb # nanobsd flashdevice entry
175#FlashDevice transcend 2g # nanobsd flashdevice entry
176# Calculated value of PEAK hardware 1GB CF card
177# C/H/S phys 1954/16/63, logical 977/32/63
178# Mediasize is calculated as C*H*S*512
179
180# Using logical values reported by Alix APU board
181# values for PCEngines blanc 2 GB cards
182# C/H/S phys 945/64/63, logical 983/32/63
183# drive 0x000f2ab0: PCHS=0/0/0 translation=lba LCHS=945/64/63 s=3813376
184NANO_MEDIASIZE=`expr 1952448512 / 512`
185NANO_HEADS=64
186NANO_SECTS=63
187
188
189# Version tagging
190cust_version_tag() (
191 VERSION_FILE="${NANO_WORLDDIR}/tools/wl-release.txt"
192 (
193 echo "Generated by `id -un`@`hostname -f` at `date`"
194 echo ""
195 echo "=== CONFIG specifics ==="
196 svn info ${NANO_CONF_DIR}/../ || exit 0
197 svn diff ${NANO_CONF_DIR}/../ || exit 0
198 echo "=== BEGIN CONFIG specifics ==="
199 ) > $VERSION_FILE
200)
201
202# Takes a very long time (10+) minutes to generate this file on an ALIX board,
203# not practical for quick debugging and configuration.
204cust_openvpn_dhparam() (
205 DHFILE=${NANO_WORLDDIR}/etc/easy-rsa-keys/dh1024.pem
206 mkdir -p `dirname $DHFILE`
207 openssl dhparam -out $DHFILE 1024
208)
209
210
211
212# Assuming we are running a safe envirionment where snooping could occur during or after the build
213cust_set_root_password() (
214 if [ -n "${CFG_ROOT_PASSWORD}" ]; then
215 pprint 2 "Set root password using CFG_ROOT_PASSWORD variable"
216 chroot ${NANO_WORLDDIR} sh -c "echo '${CFG_ROOT_PASSWORD}' | pw usermod -h 0 -u root"
217 else
218 pprint 2 "Root password is <blank>, no password provided at variable CFG_ROOT_PASSWORD"
219 fi
220)
221
222
223
224# EXPERIMENTAL patch like envirionment
225# Using '*-nanobsd.patch' files to only specify the bare differences between the base/default file to
226# keep us as close as possible to the base OS
227# Patches are applied to the directory they live in
228#cust_apply_nanobsd_patches() (
229# for PATCHFILE in `find ${NANO_WORLDDIR} -regex '.*-nanobsd\.patch$'`; do
230# cd `dirname ${PATCHFILE}`
231# patch -t -N -p0 -i `basename ${PATCHFILE}`
232# #XX: What to with installed patch files? Delete them for the time beeing
233# rm -v ${PATCHFILE}
234#done
235
236
237
238#)
239
240
241
242# Customize ntpd
243cust_ntpd() (
244 chroot ${NANO_WORLDDIR} sh -c "ln -fs /usr/local/etc/ntp.drift /var/db/ntp.drift"
245)
246
247
248# Enable Serial TTYs and boot serial at 115200 baud
249cust_serial_ttys() (
250 chroot ${NANO_WORLDDIR} sed -i '' -e '/ttyv[0-9]/s/on /off/' -e '/ttyu0/s/off/on/' -e '/ttyu0/s/dialup/ansi/' /etc/ttys
251 echo '-h -s115200' > ${NANO_WORLDDIR}/boot.config
252)
253
254
255
256# Install files from specific relative location
257cust_install_files () (
258 cd ${NANO_CONF_DIR}/../files
259 find . -print | grep -v -e /CVS -e .svn | cpio -dumpv ${NANO_WORLDDIR}
260)
261
262
263# Make tools available for root by default
264cust_root_bin_to_tools() {
265 ln -s /tools ${NANO_WORLDDIR}/root/bin
266}
267
268
269# Prune no needed directories of image
270cust_nano_prune () (
271 cd ${NANO_WORLDDIR}
272 for ENTRY in ${NANO_PRUNE}; do
273 rm -vfR ${ENTRY}
274 done
275)
276
277# We actually do need an seperate /tmp, so undo the symlinking done in
278# setup_nanobsd()
279late_cust_unset_common_var_and_tmp() (
280 cd ${NANO_WORLDDIR}
281 rm tmp
282 mkdir -m 1777 tmp
283)
284
285
286# Fill /cfg wmth custom files, based on 'create_i386_diskimage ( )'
287last_nano_fill_cfg () (
288 # Variables to be used
289 IMG=${NANO_DISKIMGDIR}/${NANO_IMGNAME}
290 MNT=${MAKEOBJDIRPREFIX}/_.mnt
291
292 # Mount '/cfg' slize in image
293 MD=`mdconfig -a -t vnode -f ${IMG}`
294 mount /dev/${MD}s3 ${MNT}
295
296 # Location of '/cfg' directory
297 cd ${NANO_CONF_DIR}/../cfg-files
298 find . -print | grep -v -e /CVS -e .svn | cpio -dumpv ${MNT}
299
300
301 # Leave in nice end state
302 umount ${MNT}
303 mdconfig -d -u ${MD}
304) > ${MAKEOBJDIRPREFIX}/_.fc 2>&1
305
306last_nano_disk_usage () (
307 # Variables to be used
308 IMG=${NANO_DISKIMGDIR}/${NANO_IMGNAME}
309 MNT=${MAKEOBJDIRPREFIX}/_.mnt
310
311 # Mount root slize
312 MD=`mdconfig -a -t vnode -f ${IMG}`
313 mount /dev/${MD}s1a ${MNT}
314
315 # Show disk usage (percent free) inc header
316 pprint 2 $(df -h | head -1)
317 pprint 2 "$(df -h | grep /dev/${MD})"
318
319 # Leave in nice end state
320 umount ${MNT}
321 mdconfig -d -u ${MD}
322)
323
324last_orders () (
325 last_nano_fill_cfg
326 last_nano_disk_usage
327)
328
329# Ugly hack to 'escaping' pprint from inside a customize_cmd to output
330# instead of a file
331exec 3>/dev/stdout
332# Progress Print
333# Print $2 at level $1
334pprint() {
335 if [ "$1" -le $PPLEVEL ]; then
336 printf "%.${1}s %s\n" "#####" "$2" 1>&3
337 fi
338}
339
340# Cust macro`s gestart in onderstaande volgorde
341# XXX: Determine size before installing all find of additions to see how much
342# base we are actually using ## du -h -d 0
343customize_cmd cust_pkgng
344customize_cmd cust_install_files
345customize_cmd cust_ntpd
346customize_cmd cust_serial_ttys
347customize_cmd cust_version_tag
348customize_cmd cust_root_bin_to_tools
349customize_cmd cust_allow_ssh_root
350customize_cmd cust_openvpn_dhparam
351customize_cmd cust_nano_prune
352customize_cmd cust_set_root_password
353#customize_cmd cust_apply_nanobsd_patches
354late_customize_cmd late_cust_unset_common_var_and_tmp
355
356# Standard overwrite
357if [ -r "$NANO_CONF_DIR/nanobsd.local" ]; then
358 . $NANO_CONF_DIR/nanobsd.local
359fi
360
361# Extra config if existing is not suffient
362if [ -n "$EXTRA_NANOBSD_CONFIG" ]; then
363 for FILE in $EXTRA_NANOBSD_CONFIG; do
364 # File relative to config directory
365 if [ "`echo $FILE | cut -c1`" != "/" ]; then
366 FILE=$NANO_CONF_DIR/$FILE
367 fi
368 pprint 1 "Loading $FILE"
369 . $FILE || exit 1
370 done
371fi
Note: See TracBrowser for help on using the repository browser.