297 lines
11 KiB
Bash
Executable File
297 lines
11 KiB
Bash
Executable File
#!/bin/bash
|
|
# Build a custom Void Linux live ISO with the installer baked in.
|
|
#
|
|
# Strategy:
|
|
# 1. Stage everything possible AS THE HOST USER (overlay, mklive clone, patches, xbps-static).
|
|
# 2. Run void-mklive's mklive.sh AS ROOT INSIDE A DOCKER CONTAINER.
|
|
# Avoids the user-namespace CAP_MKNOD/CAP_SYS_ADMIN walls.
|
|
#
|
|
# Requires (host): bash, git, curl, docker.
|
|
|
|
set -Eeuo pipefail
|
|
|
|
PROJECT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
|
|
CACHE_DIR="${CACHE_DIR:-$PROJECT_DIR/cache}"
|
|
OUT_DIR="${OUT_DIR:-$PROJECT_DIR/out}"
|
|
BUILD_DIR="${BUILD_DIR:-$PROJECT_DIR/build}"
|
|
INCLUDE_DIR="$BUILD_DIR/includes"
|
|
MKLIVE_DIR="$CACHE_DIR/void-mklive"
|
|
MKLIVE_REPO="${MKLIVE_REPO:-https://github.com/void-linux/void-mklive.git}"
|
|
MKLIVE_REF="${MKLIVE_REF:-master}"
|
|
PATCH_DIR="$PROJECT_DIR/iso/patches"
|
|
DOCKER_IMAGE="${DOCKER_IMAGE:-void-installer-builder:latest}"
|
|
DOCKER="${DOCKER:-docker}"
|
|
|
|
# shellcheck disable=SC1091
|
|
source "$PROJECT_DIR/config/install.conf"
|
|
|
|
SECRETS_FILE="${SECRETS_FILE:-$PROJECT_DIR/secrets.env}"
|
|
[[ -r "$SECRETS_FILE" ]] || { echo "missing $SECRETS_FILE"; exit 1; }
|
|
# shellcheck disable=SC1090
|
|
source "$SECRETS_FILE"
|
|
: "${USER_PASSWORD:?}"; : "${ROOT_PASSWORD:?}"
|
|
|
|
SSH_SRC_DIR="${SSH_SRC_DIR:-$HOME/.ssh}"
|
|
[[ -d "$SSH_SRC_DIR" ]] || { echo "no SSH dir at $SSH_SRC_DIR"; exit 1; }
|
|
|
|
command -v "$DOCKER" >/dev/null \
|
|
|| { echo "ERROR: '$DOCKER' not in PATH"; exit 1; }
|
|
"$DOCKER" info >/dev/null 2>&1 \
|
|
|| { echo "ERROR: '$DOCKER' daemon unreachable"; exit 1; }
|
|
|
|
mkdir -p "$CACHE_DIR" "$OUT_DIR" "$BUILD_DIR"
|
|
|
|
# 1) clone+patch mklive
|
|
if [[ ! -d "$MKLIVE_DIR/.git" ]]; then
|
|
echo ">>> cloning void-mklive"
|
|
git clone --depth=1 --branch "$MKLIVE_REF" "$MKLIVE_REPO" "$MKLIVE_DIR"
|
|
fi
|
|
if compgen -G "$PATCH_DIR/*.patch" >/dev/null; then
|
|
echo ">>> resetting + applying iso/patches/"
|
|
( cd "$MKLIVE_DIR" && git checkout -- . )
|
|
for p in "$PATCH_DIR"/*.patch; do
|
|
echo " $(basename "$p")"
|
|
( cd "$MKLIVE_DIR" && patch -p1 --silent < "$p" )
|
|
done
|
|
fi
|
|
|
|
# 2) xbps-static
|
|
XBPS_STATIC_DIR="$CACHE_DIR/xbps-static"
|
|
if [[ ! -x "$XBPS_STATIC_DIR/usr/bin/xbps-install.static" ]]; then
|
|
echo ">>> downloading xbps-static"
|
|
mkdir -p "$XBPS_STATIC_DIR"
|
|
curl -fsSL "https://repo-default.voidlinux.org/static/xbps-static-latest.x86_64-musl.tar.xz" \
|
|
| tar xJf - -C "$XBPS_STATIC_DIR"
|
|
fi
|
|
|
|
# 3) overlay
|
|
echo ">>> staging includes overlay at $INCLUDE_DIR"
|
|
rm -rf "$INCLUDE_DIR"
|
|
mkdir -p "$INCLUDE_DIR"
|
|
|
|
install -d -m 0755 "$INCLUDE_DIR/usr/local/share/installer/lib"
|
|
install -m 0644 "$PROJECT_DIR/config/install.conf" "$INCLUDE_DIR/usr/local/share/installer/install.conf"
|
|
# Default package list = stable-cinnamon profile (kept in /share for back-compat).
|
|
install -m 0644 "$PROJECT_DIR/config/profiles/stable-cinnamon/packages.list" \
|
|
"$INCLUDE_DIR/usr/local/share/installer/packages.list"
|
|
install -m 0755 "$PROJECT_DIR/installer/install.sh" "$INCLUDE_DIR/usr/local/share/installer/install.sh"
|
|
for f in "$PROJECT_DIR"/installer/lib/*.sh; do
|
|
install -m 0755 "$f" "$INCLUDE_DIR/usr/local/share/installer/lib/$(basename "$f")"
|
|
done
|
|
|
|
# Ship every profile so the live ISO can install any of them via PROFILE=<name>.
|
|
install -d -m 0755 "$INCLUDE_DIR/usr/local/share/installer/profiles"
|
|
cp -a "$PROJECT_DIR/config/profiles/." "$INCLUDE_DIR/usr/local/share/installer/profiles/"
|
|
|
|
install -d -m 0755 "$INCLUDE_DIR/usr/local/sbin"
|
|
ln -sf /usr/local/share/installer/install.sh "$INCLUDE_DIR/usr/local/sbin/install-void"
|
|
|
|
install -d -m 0700 "$INCLUDE_DIR/etc"
|
|
{
|
|
printf "USER_PASSWORD=%q\n" "$USER_PASSWORD"
|
|
printf "ROOT_PASSWORD=%q\n" "$ROOT_PASSWORD"
|
|
} > "$INCLUDE_DIR/etc/installer-secrets.env"
|
|
chmod 0600 "$INCLUDE_DIR/etc/installer-secrets.env"
|
|
|
|
install -d -m 0700 "$INCLUDE_DIR/etc/installer-ssh"
|
|
cp -a "$SSH_SRC_DIR"/. "$INCLUDE_DIR/etc/installer-ssh/"
|
|
find "$INCLUDE_DIR/etc/installer-ssh" -type f -exec chmod 0600 {} +
|
|
find "$INCLUDE_DIR/etc/installer-ssh" -type d -exec chmod 0700 {} +
|
|
|
|
install -d -m 0755 "$INCLUDE_DIR/etc/sv/installer"
|
|
cat > "$INCLUDE_DIR/etc/sv/installer/run" <<'SV_EOF'
|
|
#!/bin/sh
|
|
exec /sbin/agetty --autologin root --noclear tty1 linux
|
|
SV_EOF
|
|
chmod 0755 "$INCLUDE_DIR/etc/sv/installer/run"
|
|
|
|
install -d -m 0755 "$INCLUDE_DIR/etc/sv/agetty-tty1"
|
|
: > "$INCLUDE_DIR/etc/sv/agetty-tty1/down"
|
|
|
|
install -d -m 0755 "$INCLUDE_DIR/etc/runit/runsvdir/default"
|
|
ln -sf /etc/sv/installer "$INCLUDE_DIR/etc/runit/runsvdir/default/installer"
|
|
|
|
install -d -m 0700 "$INCLUDE_DIR/root"
|
|
cat > "$INCLUDE_DIR/root/.bash_profile" <<'PROFILE_EOF'
|
|
case "$(tty)" in
|
|
/dev/tty1)
|
|
if [ ! -f /tmp/.installer-done ]; then
|
|
touch /tmp/.installer-done
|
|
clear
|
|
echo
|
|
echo " Void Linux Installer (xps9700)"
|
|
echo " Press ENTER to start, or Ctrl-C within 5s for a shell."
|
|
sleep 5 || true
|
|
/usr/local/sbin/install-void || {
|
|
echo "Installer exited with $?. Dropping to shell."
|
|
exec /bin/bash
|
|
}
|
|
echo "Install complete. Type 'reboot' or 'poweroff'."
|
|
exec /bin/bash
|
|
fi
|
|
;;
|
|
esac
|
|
PROFILE_EOF
|
|
chmod 0644 "$INCLUDE_DIR/root/.bash_profile"
|
|
|
|
cat > "$INCLUDE_DIR/etc/motd" <<MOTD_EOF
|
|
|
|
Void Linux installer for $HOSTNAME (XPS 17 9700)
|
|
Run: install-void
|
|
Logs: /var/log/void-installer.log
|
|
|
|
MOTD_EOF
|
|
|
|
if [[ -n "${EXTRA_INCLUDE_DIR:-}" && -d "$EXTRA_INCLUDE_DIR" ]]; then
|
|
echo ">>> merging EXTRA_INCLUDE_DIR=$EXTRA_INCLUDE_DIR"
|
|
cp -a "$EXTRA_INCLUDE_DIR/." "$INCLUDE_DIR/"
|
|
fi
|
|
|
|
# 3b) Customizations overlay (themes / icons / wallpapers / dotfiles / vscode)
|
|
echo ">>> staging user customizations overlay"
|
|
OVERLAY="$INCLUDE_DIR/etc/installer-overlay"
|
|
install -d -m 0755 "$OVERLAY" "$OVERLAY/wallpapers" \
|
|
"$OVERLAY/themes" "$OVERLAY/icons" \
|
|
"$OVERLAY/skel" "$OVERLAY/vscode-user"
|
|
|
|
# Wallpapers from ~/Scaricati/pxfuel*.jpg (literal parens in filenames)
|
|
WP_SRC="${WALLPAPERS_SRC:-$HOME/Scaricati}"
|
|
shopt -s nullglob
|
|
for f in "$WP_SRC"/pxfuel*.jpg; do
|
|
install -m 0644 "$f" "$OVERLAY/wallpapers/$(basename "$f")"
|
|
done
|
|
shopt -u nullglob
|
|
echo " wallpapers: $(ls "$OVERLAY/wallpapers" | wc -l) file(s)"
|
|
|
|
# Theme: clone Gruvbox-GTK-Theme and run install.sh into a staging dir.
|
|
THEME_CACHE="$CACHE_DIR/gruvbox-gtk-theme"
|
|
if [[ ! -d "$THEME_CACHE/.git" ]]; then
|
|
git clone --depth=1 https://github.com/Fausto-Korpsvart/Gruvbox-GTK-Theme.git "$THEME_CACHE" || \
|
|
echo " (warning: could not clone theme repo)"
|
|
fi
|
|
THEME_BUILD="$CACHE_DIR/gruvbox-gtk-built"
|
|
if [[ -x "$THEME_CACHE/themes/install.sh" && ! -d "$THEME_BUILD" ]]; then
|
|
echo " building gruvbox themes -> $THEME_BUILD (via docker)"
|
|
install -d -m 0755 "$THEME_BUILD"
|
|
"$DOCKER" run --rm \
|
|
-v "$THEME_CACHE":/src \
|
|
-v "$THEME_BUILD":/out \
|
|
debian:stable-slim sh -c '
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
apt-get update -qq >/dev/null
|
|
apt-get install -y --no-install-recommends sassc bash >/dev/null
|
|
cd /src/themes && bash install.sh -d /out -t default -c dark -s standard
|
|
' || echo " (warning: theme build failed; continuing without)"
|
|
fi
|
|
if [[ -d "$THEME_BUILD" ]]; then
|
|
for d in "$THEME_BUILD"/Gruvbox-Dark*; do
|
|
[[ -d "$d" ]] && cp -a "$d" "$OVERLAY/themes/$(basename "$d")"
|
|
done
|
|
echo " themes: $(ls "$OVERLAY/themes" 2>/dev/null | wc -l) variant(s)"
|
|
fi
|
|
|
|
# Icons: clone gruvbox-plus-icon-pack
|
|
ICON_CACHE="$CACHE_DIR/gruvbox-plus-icons"
|
|
if [[ ! -d "$ICON_CACHE/.git" ]]; then
|
|
git clone --depth=1 https://github.com/SylEleuth/gruvbox-plus-icon-pack.git "$ICON_CACHE" || \
|
|
echo " (warning: could not clone icon repo)"
|
|
fi
|
|
if [[ -d "$ICON_CACHE/Gruvbox-Plus-Dark" ]]; then
|
|
cp -a "$ICON_CACHE/Gruvbox-Plus-Dark" "$OVERLAY/icons/Gruvbox-Plus-Dark"
|
|
echo " icons: Gruvbox-Plus-Dark deployed"
|
|
fi
|
|
|
|
# Bibata cursor — copied from host (no Void package).
|
|
BIBATA_SRC="${BIBATA_SRC:-/usr/share/icons/Bibata-Modern-Ice}"
|
|
if [[ -d "$BIBATA_SRC" ]]; then
|
|
cp -a "$BIBATA_SRC" "$OVERLAY/icons/Bibata-Modern-Ice"
|
|
echo " cursor: Bibata-Modern-Ice deployed"
|
|
else
|
|
echo " (warning: $BIBATA_SRC missing on host; cursor theme will be skipped)"
|
|
fi
|
|
|
|
# Dotfiles (skel)
|
|
DOTFILES_SRC="${DOTFILES_SRC:-$HOME}"
|
|
for f in .bashrc .bash_aliases .gitconfig; do
|
|
[[ -r "$DOTFILES_SRC/$f" ]] && install -m 0644 "$DOTFILES_SRC/$f" "$OVERLAY/skel/$f"
|
|
done
|
|
echo " dotfiles: $(ls -A "$OVERLAY/skel" 2>/dev/null | wc -l) file(s)"
|
|
|
|
# VS Code user config
|
|
VSCODE_SRC="${VSCODE_USER_SRC:-$HOME/.config/Code/User}"
|
|
if [[ -d "$VSCODE_SRC" ]]; then
|
|
for f in settings.json keybindings.json mcp.json tasks.json; do
|
|
[[ -r "$VSCODE_SRC/$f" ]] && install -m 0644 "$VSCODE_SRC/$f" "$OVERLAY/vscode-user/$f"
|
|
done
|
|
[[ -d "$VSCODE_SRC/snippets" ]] && cp -a "$VSCODE_SRC/snippets" "$OVERLAY/vscode-user/snippets"
|
|
# Copy the whole globalStorage so Copilot/extensions keep their state
|
|
# (note: GitHub OAuth tokens live in libsecret, NOT here — user re-signs once).
|
|
[[ -d "$VSCODE_SRC/globalStorage" ]] && cp -a "$VSCODE_SRC/globalStorage" "$OVERLAY/vscode-user/globalStorage"
|
|
echo " vscode-user: $(ls -A "$OVERLAY/vscode-user" 2>/dev/null | wc -l) item(s)"
|
|
fi
|
|
|
|
# VS Code extensions list (so first-login can re-install them).
|
|
if command -v code >/dev/null 2>&1; then
|
|
code --list-extensions > "$OVERLAY/vscode-extensions.txt" 2>/dev/null || true
|
|
echo " vscode extensions: $(wc -l < "$OVERLAY/vscode-extensions.txt" 2>/dev/null) listed"
|
|
fi
|
|
|
|
# Claude Code config + auth (~/.claude lives in $HOME on Linux).
|
|
CLAUDE_SRC="${CLAUDE_SRC:-$HOME/.claude}"
|
|
if [[ -d "$CLAUDE_SRC" ]]; then
|
|
cp -a "$CLAUDE_SRC" "$OVERLAY/claude"
|
|
echo " claude: ~/.claude bundled"
|
|
fi
|
|
CLAUDE_JSON="${CLAUDE_JSON:-$HOME/.claude.json}"
|
|
if [[ -r "$CLAUDE_JSON" ]]; then
|
|
install -m 0600 "$CLAUDE_JSON" "$OVERLAY/claude.json"
|
|
fi
|
|
|
|
# VS Code extensions list (host)
|
|
if command -v code >/dev/null 2>&1; then
|
|
code --list-extensions > "$OVERLAY/vscode-extensions.txt" 2>/dev/null || true
|
|
echo " vscode extensions: $(wc -l < "$OVERLAY/vscode-extensions.txt") to install"
|
|
fi
|
|
|
|
# First-login one-shot
|
|
[[ -r "$PROJECT_DIR/installer/first-login.sh" ]] && \
|
|
install -m 0755 "$PROJECT_DIR/installer/first-login.sh" "$OVERLAY/first-login.sh"
|
|
|
|
|
|
# 4) packages, output filename
|
|
ISO_PKGS=$(grep -vE '^\s*(#|$)' "$PROJECT_DIR/config/packages.live.list" | tr '\n' ' ')
|
|
TS="$(date -u +%Y%m%d)"
|
|
OUT_ISO="${OUTPUT_ISO:-$OUT_DIR/void-install-${HOSTNAME}-${TS}.iso}"
|
|
|
|
# 5) docker
|
|
echo ">>> building docker image $DOCKER_IMAGE (cached)"
|
|
# Force the legacy builder if buildx is missing (Docker 29 removed it from
|
|
# the default `docker build` path; users without docker-buildx-plugin
|
|
# detected on PATH will otherwise see "unknown command: docker buildx").
|
|
if "$DOCKER" buildx version >/dev/null 2>&1; then
|
|
"$DOCKER" build -t "$DOCKER_IMAGE" "$PROJECT_DIR/iso"
|
|
else
|
|
DOCKER_BUILDKIT=0 "$DOCKER" build -t "$DOCKER_IMAGE" "$PROJECT_DIR/iso"
|
|
fi
|
|
|
|
echo ">>> running mklive.sh inside docker — output: $OUT_ISO"
|
|
"$DOCKER" run --rm --privileged \
|
|
-v "$PROJECT_DIR:/work:rw" \
|
|
-v "$CACHE_DIR:/cache:rw" \
|
|
-e ARCH="$ARCH" \
|
|
-e REPO_URL="$REPO_URL" \
|
|
-e KEYMAP="$KEYMAP" \
|
|
-e LOCALE="$LOCALE" \
|
|
-e ISO_PKGS="$ISO_PKGS" \
|
|
-e ISO_TITLE="Void Installer ($HOSTNAME)" \
|
|
-e OUT_ISO_REL="${OUT_ISO#$PROJECT_DIR/}" \
|
|
-e BOOT_CMDLINE="${BOOT_CMDLINE:-}" \
|
|
-e HOST_UID="$(id -u)" \
|
|
-e HOST_GID="$(id -g)" \
|
|
"$DOCKER_IMAGE" \
|
|
bash /work/iso/_inner-build.sh
|
|
|
|
echo
|
|
echo ">>> ISO built: $OUT_ISO"
|
|
sha256sum "$OUT_ISO" | tee "${OUT_ISO}.sha256"
|