generation: Add generation scripts.

Final objective: clearly separate the generation and installation stage. This scripts generate and sign an initramfs image. Parameters MUST be set to fit the target machine.

generation: Add generation scripts.
Final objective: clearly separate the generation and installation stage. This scripts generate and sign an initramfs image. Parameters MUST be set to fit the target machine.
df79460f · Ophélie Gagnard · c434893f · df79460f · df79460f · df79460f
Commit df79460f authored Sep 28, 2022 by Ophélie Gagnard
5 changed files
--- a/generation/00env.sh
+++ b/generation/00env.sh
+# This file is sourced by some other scripts in this directory
+
+# get the root of the git repository (requires git to be installed)
+GIT_ROOT=`git rev-parse --show-toplevel`
+PROJECT_DIR=$GIT_ROOT
+
+### TO BE MODIFIED BY USERS ###
+## Packages
+MCA_PACKAGE_NAME=mca--static
+FLB_PACKAGE_NAME=fluent-bit
+MCA_VERSION=0.2h+0.1i+1.0.279+dep-1
+FLB_VERSION=1.9.7+1.0.279+dep-1
+
+SIGNING_KEY_NAME=db.key
+
+### DO NOT MODIFY ###
+# used mainly in dracut.module/configure
+MCA_NAME_AND_VERSION=${MCA_PACKAGE_NAME}_${MCA_VERSION}
+FLB_NAME_AND_VERSION=${FLB_PACKAGE_NAME}_${FLB_VERSION}
+
+# used mainly in installation/dependencies.sh and installation/remove-dependencies.sh
+APT_UTILITY_PACKAGES="sudo wget tree"
+APT_SPECIFIC_PACKAGES="dracut-core dracut dracut-network"
+
+MCA_PACKAGE_FILE=${MCA_NAME_AND_VERSION}_amd64.deb
+FLB_PACKAGE_FILE=${FLB_NAME_AND_VERSION}_amd64.deb
+URL_PATTERN="https://download.opensuse.org/repositories/home:VIFIBnexedi/Debian_11/amd64/"
+MCA_PACKAGE_URL=${URL_PATTERN}/${MCA_PACKAGE_FILE}
+FLB_PACKAGE_URL=${URL_PATTERN}/${FLB_PACKAGE_FILE}
+
+# used mainly in installation/install.sh and installation/uninstall.sh
+EFI_PARTITION_MOUNT_POINT=/boot/efi/
+RELATIVE_EFI_IMAGE_DIR=/EFI/Linux/
+EFI_IMAGE_DIR=${EFI_PARTITION_MOUNT_POINT}/${RELATIVE_EFI_IMAGE_DIR}
+EFI_PARITITON_MOUNT_POINT=$(realpath -m "$EFI_PARTITION_MOUNT_POINT")
+RELATIVE_EFI_IMAGE_DIR=$(realpath -m "$RELATIVE_EFI_IMAGE_DIR")
+EFI_IMAGE_DIR=$(realpath -m "$EFI_IMAGE_DIR")
+dracut_output_file=dracut-output
+
+# used mainly in uefi-keys/make_keys.sh
+CERT_DIR=uefi-keys/public-certificates
+KEYS_DIR=uefi-keys/private-keys
+PUBLIC_CERT_DIR=${PROJECT_DIR}/${CERT_DIR}/${SERVER_GROUP}
+PRIVATE_KEYS_DIR=${PROJECT_DIR}/${KEYS_DIR}/${SERVER_GROUP}
+PUBLIC_CERT_DIR=$(realpath -m "$PUBLIC_CERT_DIR")
+PRIVATE_KEYS_DIR=$(realpath -m "$PRIVATE_KEYS_DIR")
--- a/generation/10install-dependencies.sh
+++ b/generation/10install-dependencies.sh
+#!/bin/bash
+
+set -e
+
+# get the root of the git repository (requires git to be installed)
+GIT_ROOT=`git rev-parse --show-toplevel`
+cd "$GIT_ROOT"/generation
+
+# define useful variables
+source 00env.sh
+
+# useful tools
+apt -y install sudo wget tree
+git config --local user.email "ophelie.gagnard@nexedi.com"
+git config --local user.name "Ophelie Gagnard"
+
+# building initramfs
+apt -y install dracut-core dracut dracut-network sbsigntool
+rm -f *"$MCA_PACKAGE_NAME"*
+rm -f *"$FLB_PACKAGE_NAME"*
+apt -y remove "$MCA_PACKAGE_NAME" "$FLB_PACKAGE_NAME"
+wget "$MCA_PACKAGE_URL"
+wget "$FLB_PACKAGE_URL"
+apt -y install ./"$MCA_PACKAGE_FILE"
+apt -y install ./"$FLB_PACKAGE_FILE"
+
+MCA_CONF_PATH="/opt/${MCA_PACKAGE_NAME}/etc"
+CONF_REGEX="s|%WENDELIN_URL%|${WENDELIN_URL}|g;s|%WENDELIN_PWD%|${WENDELIN_PWD}|g;s|%WENDELIN_REFERENCE%|${WENDELIN_REFERENCE}|g"
+sed "$CONF_REGEX" "${MCA_CONF_PATH}/flb.conf.in" > "${MCA_CONF_PATH}/flb.conf"
+echo "Created ${MCA_CONF_PATH}/flb.conf from template ${MCA_CONF_PATH}/flb.conf.in"
--- a/generation/20generate-image.sh
+++ b/generation/20generate-image.sh
+#!/bin/bash
+## To run this script successfully, you MUST have sourced the target machine's specific environment file
+## or have exported ALL the required variables. (See subdirectories of this directory.)
+## This script assumes to be run by the root user (with /sbin in the path).
+
+required_variables="
+CERT_NAME
+SERVER_GROUP
+WENDELIN_URL
+WENDELIN_PWD
+WENDELIN_REFERENCE
+DEFAULT_INTERFACE
+DEFAULT_IP
+FORMATTED_NETMASK
+TARGET_HOSTNAME
+EFI_PARTITION_MOUNT_POINT
+ROOT_PARTITION_ID
+"
+for variable in $required_variables; do
+	if [ ! -v "$variable" ]; then
+		echo "ERROR: $variable is undefined, please export all required variables."
+		echo "Required variables (and their value):"
+		for v in $required_variables; do
+			echo $v=${!v}
+		done
+		exit 1
+	fi
+done
+
+set -e
+
+# get the root of the git repository (requires git to be installed)
+GIT_ROOT=`git rev-parse --show-toplevel`
+cd $GIT_ROOT
+
+# define useful variables
+source generation/00env.sh
+
+get_partition_path () {
+	# Return the path of the desired partition.
+	# Exit and display an error if it finds 0 or several results.
+	#
+	# This function should be called ith exactly one argument: the desired partition type.
+	# Its behavior is undefined otherwise.
+
+	desired_partitions=$(fdisk -l | grep "$1")
+
+	desired_partition_count=$(echo -e "$desired_partitions" | wc | awk '{print $1}')
+	if [ -z "$desired_partitions" ]; then
+		echo -e "No partition of type $1 (shouldbe 1). Exiting."
+		exit
+	elif [ "$desired_partition_count" -ne 1 ]; then
+		echo -e "$desired_partition_count partitions of type $1 (should be 1). Exiting."
+		exit
+	else
+		echo -e "$desired_partitions" | awk '{print $1}'
+	fi
+}
+
+get_partition_id () {
+	desired_partition_path=$(get_partition_path "$1")
+	echo -e "$(findmnt -fn -o UUID "$desired_partition_path")"
+}
+
+get_default_interface () {
+	default_results=$(ip route | grep default | wc | awk '{print $1}')
+	if [ "$default_results" -ne 1 ]; then
+		echo -e "$default_results default result(s) (should be 1). Exiting."
+		exit
+	else
+		echo -e "$(ip route | grep default | sed 's|.*dev \([^ ]*\).*|\1|g')"
+	fi
+}
+
+get_default_router () {
+	default_results=$(ip route | grep default | wc | awk '{print $1'})
+	if [ "$default_results" -ne 1 ]; then
+		echo -e "$defaults_results default result(s) (should be 1). Exiting."
+		exit
+	else
+		echo -e "$(ip route | grep default | sed 's|.*via \([^ ]*\).*|\1|g')"
+	fi
+}
+
+get_default_ip () {
+	default_interface=$(get_default_interface)
+	interface_results=$(ip route | grep -v default | grep "$default_interface" | wc | awk '{print $1}')
+	if [ "$interface_results" -ne 1 ]; then
+		echo -e "$interface_results results for \"${default_interface}\" (should be 1). Exiting."
+		exit
+	else
+		echo -e "$(ip route | grep -v default | grep "$default_interface" | sed 's|.*src \([^ ]*\).*|\1|g')"
+	fi
+}
+
+get_default_netmask () {
+	default_interface=$(get_default_interface)
+	interface_results=$(ip route | grep -v default | grep "$default_interface" | wc | awk '{print $1}')
+	if [ "$interface_results" -ne 1 ]; then
+		echo -e "$interface_results results for \"${default_interface}\" (should be 1). Exiting."
+		exit
+	else
+		echo -e "$(ip route | grep -v default | grep "$default_interface" | sed 's|^\([^ ]*\).*|\1|g')"
+	fi
+}
+
+int_to_generic_netmask () {
+	# get the mask size: the number right after the "/" (ex: <ipv4>/24 -> 24)
+	#mask_length=$(get_default_netmask | awk -F / '{print $2}')
+	mask_length=$1
+	mask=""
+	for i in {0..3}; do
+	#while [ $mask_length -gt 0 ]; do
+		if [ ${mask_length} -ge 8 ]; then
+			mask=${mask}255
+		elif [ ${mask_length} -eq 0 ]; then
+			mask=${mask}0
+		else
+			mask=${mask}$((256-2**(8-${mask_length})))
+		fi
+		if [ $i -ne 3 ]; then
+			mask=${mask}.
+		fi
+		mask_length=$((mask_length-8))
+	done
+	echo -e "${mask}"
+}
+
+
+# Install the module
+cd dracut.module
+./configure
+make uninstall clean
+make install
+cd -
+
+# Generation of dracut.module/dracut.conf
+dracut_conf_regex="s|%PROJECT_DIR%|${PROJECT_DIR}|g;s|%PUBLIC_CERT_DIR%|${PUBLIC_CERT_DIR}|g;s|%PRIVATE_KEYS_DIR%|${PRIVATE_KEYS_DIR}|g;s|%CERT_NAME%|${CERT_NAME}|;s|%SIGNING_KEY_NAME%|${SIGNING_KEY_NAME}|g;s|%ROOT_PARTITION_ID%|${ROOT_PARTITION_ID}|g;s|%DEFAULT_INTERFACE%|${DEFAULT_INTERFACE}|g;s|%DEFAULT_ROUTER%|${DEFAULT_ROUTER}|g;s|%DEFAULT_IP%|${DEFAULT_IP}|g;s|%FORMATTED_NETMASK%|${FORMATTED_NETMASK}|g;s|%TARGET_HOSTNAME%|${TARGET_HOSTNAME}|g"
+cd dracut.module
+sed "${dracut_conf_regex}" dracut.conf.in > dracut.conf
+cd -
+
+uefi_image_name=echo "$(tr '[:upper:]' '[:lower:]' $(uname -s))-$(uname -r)_${MCA_NAME_AND_VERSION}_${FLB_NAME_AND_VERSION}"
+
+# Create an initramfs image
+rm -f "$dracut_output_file"
+dracut -c ./dracut.module/dracut.conf "$uefi_image_name" --force |& tee -a "$dracut_output_file"
+
+# Set the image as a boot option
+efibootmgr -b "$default_bootnum" --create --disk "$EFI_PARTITION_MOUNT_POINT" --label "test_deploy" --loader "${RELATIVE_EFI_IMAGE_DIR}/$uefi_image_name"
+
+echo New initramfs image: "${EFI_IMAGE_DIR}/$uefi_image_name"
--- a/generation/douai/capri009-env.sh
+++ b/generation/douai/capri009-env.sh
+## Server dependent variables
+# note: all commented variables MUST be defined but their values MUST NOT be committed
+
+# sometimes .cer works, sometimes .crt works... it dependes on the UEFI?
+export CERT_NAME=db.crt
+export SERVER_GROUP=douai
+#export WENDELIN_URL=
+#export WENDELIN_PWD=
+#export WENDELIN_REFERENCE=
+#export DEFAULT_INTERFACE=
+#export DEFAULT_ROUTER=
+#export DEFAULT_IP=
+#export FORMATTED_NETMASK=
+#export TARGET_HOSTNAME=
+#export EFI_PARTITION_MOUNT_POINT=
+#export ROOT_PARTITION_ID=
--- a/generation/get-information.sh
+++ b/generation/get-information.sh
+#!/bin/bash
+## This script MUST be run on the TARGET machine in order to provide relevant information.
+## This script assumes to be run by the root user (with /sbin in the path).
+
+set -e
+
+# get the root of the git repository (requires git to be installed)
+GIT_ROOT=`git rev-parse --show-toplevel`
+cd $GIT_ROOT
+
+# define useful variables
+source generation/00env.sh
+
+get_partition_path () {
+	# Return the path of the desired partition.
+	# Exit and display an error if it finds 0 or several results.
+	#
+	# This function should be called ith exactly one argument: the desired partition type.
+	# Its behavior is undefined otherwise.
+
+	desired_partitions=$(fdisk -l | grep "$1")
+
+	desired_partition_count=$(echo -e "$desired_partitions" | wc | awk '{print $1}')
+	if [ -z "$desired_partitions" ]; then
+		echo -e "No partition of type $1 (shouldbe 1). Exiting."
+		exit
+	elif [ "$desired_partition_count" -ne 1 ]; then
+		echo -e "$desired_partition_count partitions of type $1 (should be 1). Exiting."
+		exit
+	else
+		echo -e "$desired_partitions" | awk '{print $1}'
+	fi
+}
+
+get_partition_id () {
+        desired_partition_path=$(get_partition_path "$1")
+        echo -e "$(findmnt -fn -o UUID "$desired_partition_path")"
+}
+
+get_default_interface () {
+	default_results=$(ip route | grep default | wc | awk '{print $1}')
+	if [ "$default_results" -ne 1 ]; then
+		echo -e "$default_results default result(s) (should be 1). Exiting."
+		exit
+	else
+		echo -e "$(ip route | grep default | sed 's|.*dev \([^ ]*\).*|\1|g')"
+	fi
+}
+
+get_default_router () {
+	default_results=$(ip route | grep default | wc | awk '{print $1'})
+	if [ "$default_results" -ne 1 ]; then
+		echo -e "$defaults_results default result(s) (should be 1). Exiting."
+		exit
+	else
+		echo -e "$(ip route | grep default | sed 's|.*via \([^ ]*\).*|\1|g')"
+	fi
+}
+
+get_default_ip () {
+	default_interface=$(get_default_interface)
+	interface_results=$(ip route | grep -v default | grep "$default_interface" | wc | awk '{print $1}')
+	if [ "$interface_results" -ne 1 ]; then
+		echo -e "$interface_results results for \"${default_interface}\" (should be 1). Exiting."
+		exit
+	else
+		echo -e "$(ip route | grep -v default | grep "$default_interface" | sed 's|.*src \([^ ]*\).*|\1|g')"
+	fi
+}
+
+get_default_netmask () {
+	default_interface=$(get_default_interface)
+	interface_results=$(ip route | grep -v default | grep "$default_interface" | wc | awk '{print $1}')
+	if [ "$interface_results" -ne 1 ]; then
+		echo -e "$interface_results results for \"${default_interface}\" (should be 1). Exiting."
+		exit
+	else
+		echo -e "$(ip route | grep -v default | grep "$default_interface" | sed 's|^\([^ ]*\).*|\1|g')"
+	fi
+}
+
+int_to_generic_netmask () {
+	# get the mask size: the number right after the "/" (ex: <ipv4>/24 -> 24)
+	mask_length=$1
+	mask=""
+	for i in {0..3}; do
+		if [ ${mask_length} -ge 8 ]; then
+			mask=${mask}255
+		elif [ ${mask_length} -eq 0 ]; then
+			mask=${mask}0
+		else
+			mask=${mask}$((256-2**(8-${mask_length})))
+		fi
+		if [ $i -ne 3 ]; then
+			mask=${mask}.
+		fi
+		mask_length=$((mask_length-8))
+	done
+	echo -e "${mask}"
+}
+
+# Get information about the network
+DEFAULT_INTERFACE=$(get_default_interface)
+DEFAULT_ROUTER=$(get_default_router)
+DEFAULT_IP=$(get_default_ip)
+default_netmask=$(get_default_netmask)
+default_netmask_number=$(echo -e "${default_netmask}" | awk -F / '{print $2}')
+FORMATTED_NETMASK=$(int_to_generic_netmask "${default_netmask_number}")
+TARGET_HOSTNAME=$(hostname)
+
+# Get information about the partition layout
+root_partition_type="Linux filesystem"
+efi_partition_type="EFI System"
+EFI_PARTITION_MOUNT_POINT=$(get_partition_path "$efi_partition_type")
+ROOT_PARTITION_ID=$(get_partition_id "$root_partition_type")
+
+echo "export DEFAULT_INTERFACE=\"$DEFAULT_INTERFACE\""
+echo "export DEFAULT_ROUTER=\"$DEFAULT_ROUTER\""
+echo "export DEFAULT_IP=\"$DEFAULT_IP\""
+echo "export FORMATTED_NETMASK=\"$FORMATTED_NETMASK\""
+echo "export TARGET_HOSTNAME=\"$TARGET_HOSTNAME\""
+echo "export EFI_PARTITION_MOUNT_POINT=\"$EFI_PARTITION_MOUNT_POINT\""
+echo "export ROOT_PARTITION_ID=\"$ROOT_PARTITION_ID\""