* Drop default NetworkManager configuration
NetworkManager will automatically connect using the global defaults.
Also Supervisor today will create a profiles once the user configures
the network explicitly.
* Create system-connection directory
* Add tempio host package
tempio is a template helper using Go's template engine and sprig
functions.
* Use tempio to generate rauc manifest
* Use tempio to generate rauc system.conf
* Use shell functions for install hooks
* Use post-install hook to initialize GRUB2 bootloader env
Unfortunately the boot name to be updated (RAUC_SLOT_BOOTNAME) is not
available when updating the "boot" slot. Instead, initialize the boot
slot in a kernel post-install slot.
* Add AArch64/ARM64 EFI boot support (for QEMU and some boards)
* Allow GRUB to load cmdline.txt-like
* Enable qcow2/vmdk disk images
Co-authored-by: Stefan Agner <stefan@agner.ch>
* Use LSI Logic SCSI controller in vmdk descriptor as well
For some reason, the vmdk disk format's descriptor contains the
controller type as well. By default, qemu-img sets it to "ide", which
seems not optimal especially for VMware's ESXi. Set adapter type to
commonly supported "lsilogic".
* Move ova image generation to hdd-image.sh
* Bump buildroot
* buildroot 3c5f87185d...5ffdf6ccc5 (1):
> package/e2fsprogs: Create y2038 capable file systems by default
* Use inode size of 256 bytes for overlayfs
By default older versions of mkfs.ext4 create file systems with inode
size of 128 bytes. This does not allow for 64-bit timestamps, which
leads to y2038 compatibility warnings. Use 256 bytes inodes.
* Use skopeo to download container images
Separate container download from image build. This will allow to share
the downloaded images between multiple builds.
We won't store the Supervisor container with the version tag, just with
the latest tag. This allows to simplify the procedure a bit. It seems
there is no downside to this approach.
* Use official Docker in Docker images to build data partition
Instead of building our own Debian based image let's use the official
Docker in Docker image. This avoids building an image for the hassio
data partition and speeds up build as well.
This calls mount commands using sudo to mount the data partition as part
of the buildroot build now. This is not much different from before as
mount has been called as root inside the container, essentially equates
to the same "isolation" level.
* Use image digest as part of the file name
The landing page has no version information in the tag. To avoid
potentially source caching issues, use the digest as part of the file
name.
Other compression methods remove the original image file at compression.
Add the -m (move) command to zip to do the same when compressing with
zip. This saves some space in the builds image/release directory.
* Add squashfs with LZ4 and LZO compression to Barebox
* Add squashfs with LZO compression to U-Boot
* Use squashfs for Linux kernel partition
Generate a squashfs image with LZO compression for the Linux kernel
partition. Adjust the boot scripts to be file system independent commands
to boot from squashfs.
In the past file system extents have been deactivated to get better
performance in U-Boot. However, the performance issue has been addressed
with commit d5aee659f217 ("fs: ext4: cache extent data") in U-Boot. The
performance should be equal to regular files using no extents.
Enabling extents has an advantage however: Files are stored more
efficently, especially relatively large files like a kernel image. The
impact is not all that big (~100KiB), but worthwhile nonetheless.
* Start ha-cli on tty1 instead of a getty
Instead of starting a getty start the ha-cli directly. This will show
the banner right on startup with the important information such as IP
address of the instance or the URL to reach it.
* Use default shell as root shell instead of HA CLI
Instead of using the ha-cli.sh script as login shell use the regular
shell. Amongst other things, this allows to run VS Code devcontainers
remotely via SSH or using scp. The HA CLI is still available using the
`ha` command.
* Fix issue with latest shellcheck version
The latest shellcheck versions use a new error number for non-POSIX
string replacement. Change to ignore this new error number.
* Ignore shellcheck issue about not following sourced files
Newer shellcheck versions also warn when shellcheck does not follow
sourcing of files with known path:
Not following: ./meta was not specified as input (see shellcheck -x).
We check those files separately so ignore this error for the two scripts
affected.
Virtual Disk images are often used on Windows and/or Mac platforms where
xz is not a widely known file ending and also not supported by dafault.
Use zip which is much better known.
Keep using xz for boards since those are not meant to be extracted by
users but directly used in Etcher. Also keep using xz for qcow2, since
qcow2 is mostly used on Linux platforms where xz is available by default
and zip usually needs an extra package.
Use sparse files instead of files written full of zeros. This speeds up
the image generation process significantly. It also makes sure that
virtual disk image formats are minimal in size.
Note: qemu-img automatically generates sparse files when detecting a
block full of zeros. But this is applied on the write side, after image
convertion: The disk image format itself still thinks the whole image
is allocated, leading to larger image than necessary. Also some output
format seem to regonize chunks of zero and create sparse files themself.
With this change, the raw source image file is a sparse file. This is
regocnized by qemu-img at read time (see block/file-posix.c), and leads
to "native" sparse files in the output format.
Some numbers
- qcow2 1.8G -> 862M (same on-disk size)
- vdi 15G -> 888M (same on-disk size)
- vhdx 30G -> 1.1G (918M -> 861M on-disk size)
- vmdk 1.8G -> 866M (about the same on-disk size)
Obviously this also affects the compressed size. But because there are
still lots of zeros, the difference in compressed size is not that big.
* Change HASSOS_ID from hassos to haos
Use a rauc install-check hook to make this update compatible with OS
releases using hassos in the compatible string.
* Use home-assistant as organization in CPE_NAME
Align with Home Assistant core which uses home-assistant with a dash as
organization in CPE_NAME.
The e2scrub utilities only make sense on system which use LVM. They
come with e2fsprogs and can't be disabled currently. Drop them manually
in our post-build script.
* Add development build version part to version number
Add third part in the version number to indicate development builds.
Generate a default version number based on the date, e.g.
"5.6.dev20201124".
* Add GitHub Action workflow for development builds
Add another GitHub workflow for development builds. Make it triggered
only for now. The version number is generated by the workflow and
passed to all builds to make sure all builds have the same development
build version.
* Add documentation
* Add resolved.conf to disable stub resolver and DNSSEC
There are Add-Ons which try to bind port 53 on all interfaces including
127.0.0.53. Disable the stub resolver to make them continue working. We
don't need the resolver currently anyway.
Also disable DNSSEC to make sure the baords can access a NTP time server
even when their time is incorrect (since DNSSEC validation may fail).
This is a known chicken-egg problem with systemd-resolved/systemd-timesyncd
and might be addressed in a future version, with what we can reenable
DNSSEC:
https://github.com/systemd/systemd/issues/5873
* Make sure resolve gets added only once to nsswitch.conf
Only add resolve to nsswitch.conf if not already present.
* Update buildroot-patches for 2020.11-rc1 buildroot
* Update buildroot to 2020.11-rc1
Signed-off-by: Stefan Agner <stefan@agner.ch>
* Don't rely on sfdisk --list-free output
The --list-free (-F) argument does not allow machine readable mode. And
it seems that the output format changes over time (different spacing,
using size postfixes instead of raw blocks).
Use sfdisk json output and calculate free partition space ourselfs. This
works for 2.35 and 2.36 and is more robust since we rely on output which
is meant for scripts to parse.
* Migrate defconfigs for Buildroot 2020.11-rc1
In particular, rename BR2_TARGET_UBOOT_BOOT_SCRIPT(_SOURCE) to
BR2_PACKAGE_HOST_UBOOT_TOOLS_BOOT_SCRIPT(_SOURCE).
* Rebase/remove systemd patches for systemd 246
* Drop apparmor/libapparmor from buildroot-external
* hassos-persists: use /run as directory for lockfiles
The U-Boot tools use /var/lock by default which is not created any more
by systemd by default (it is under tmpfiles legacy.conf, which we no
longer install).
* Disable systemd-update-done.service
The service is not suited for pure read-only systems. In particular the
service needs to be able to write a file in /etc and /var. Remove the
service. Note: This is a static service and cannot be removed using
systemd-preset.
* Disable apparmor.service for now
The service loads all default profiles. Some might actually cause
problems. E.g. the profile for ping seems not to match our setup for
/etc/resolv.conf:
[85503.634653] audit: type=1400 audit(1605286002.684:236): apparmor="DENIED" operation="open" profile="ping" name="/run/resolv.conf" pid=27585 comm="ping" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
Drop AVAHI and use systemd-resolved to announce hostname via mDNS
and LLMNR. Also continue to offer the _workstation._tcp.local service
since it is used by the CoreDNS mDNS plug-in.
Currently the Microsoft Reserved Partition GUID is used for this FAT32
formatted partition. This GUID is a rather Microsoft Windows specific
GUID and not commonly used on Linux.
On Linux systems partitions of this type do not get automatically
mounted (see /usr/lib/udev/rules.d/80-udisks2.rules). However, since
this partition contains some files user commonly need to adjust
(config.txt, cmdline.txt) it would be good if the partition does get
mounted.
Use Microsoft Basic Data instead, which is used by default for FAT32
partition (even by Linux partitioning tools such as gparted). Tested
on ASUS Tinker Board and RPi4.
Aligning partitions (and hence file system structures) to higher level
then 512 byte sectors is common practise and highly recommended for flash
backed block devices. It makes sure that the underlaying flash translation
layer (FTL) does not amplify writes due to missalignment of its erase
block size. Use a 1MiB boundary which is what a modern fdisk is doing.
Before this change:
# fdisk /dev/mmcblk0
Welcome to fdisk (util-linux 2.35.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Command (m for help): p
Disk /dev/mmcblk0: 14.57 GiB, 15634268160 bytes, 30535680 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x48617373
Device Boot Start End Sectors Size Id Type
/dev/mmcblk0p1 * 16384 65537 49154 24M c W95 FAT32 (LBA)
/dev/mmcblk0p2 65539 1228814 1163276 568M 5 Extended
/dev/mmcblk0p3 1228816 1425425 196610 96M 83 Linux
/dev/mmcblk0p4 1425427 30535679 29110253 13.9G 83 Linux
/dev/mmcblk0p5 65540 114693 49154 24M 83 Linux
/dev/mmcblk0p6 114695 638984 524290 256M 83 Linux
/dev/mmcblk0p7 638986 688139 49154 24M 83 Linux
/dev/mmcblk0p8 688141 1212430 524290 256M 83 Linux
/dev/mmcblk0p9 1212432 1228814 16383 8M 83 Linux
After this change:
# fdisk /dev/mmcblk0
Welcome to fdisk (util-linux 2.35.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Command (m for help): p
Disk /dev/mmcblk0: 14.57 GiB, 15634268160 bytes, 30535680 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x48617373
Device Boot Start End Sectors Size Id Type
/dev/mmcblk0p1 * 16384 65535 49152 24M c W95 FAT32 (LBA)
/dev/mmcblk0p2 65536 1239039 1173504 573M 5 Extended
/dev/mmcblk0p3 1241088 1437695 196608 96M 83 Linux
/dev/mmcblk0p4 1439744 30535679 29095936 13.9G 83 Linux
/dev/mmcblk0p5 67584 116735 49152 24M 83 Linux
/dev/mmcblk0p6 118784 643071 524288 256M 83 Linux
/dev/mmcblk0p7 645120 694271 49152 24M 83 Linux
/dev/mmcblk0p8 696320 1220607 524288 256M 83 Linux
/dev/mmcblk0p9 1222656 1239039 16384 8M 83 Linux
See also:
https://unix.stackexchange.com/questions/248939/how-to-achieve-optimal-alignment-for-emmc-partitionhttp://3gfp.com/wp/2014/07/formatting-sd-cards-for-speed-and-lifetime/
