-
Notifications
You must be signed in to change notification settings - Fork 39
Expand file tree
/
Copy pathqualcomm-linux-debian-rootfs.yaml
More file actions
379 lines (350 loc) · 11.6 KB
/
qualcomm-linux-debian-rootfs.yaml
File metadata and controls
379 lines (350 loc) · 11.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
{{- $xfcedesktop := or .xfcedesktop "false" }}
{{- $localdebs := or .localdebs "none" }}
{{- $aptlocalrepo := or .aptlocalrepo "none" }}
{{- $kernelpackage := or .kernelpackage "linux-image-arm64" }}
{{- $buildid := or .buildid "" }}
architecture: arm64
actions:
- action: debootstrap
description: Bootstrap initial filesystem
# NB: not currently configurable
suite: trixie
components:
- main
- contrib
- non-free
- non-free-firmware
mirror: http://deb.debian.org/debian
variant: minbase
{{- if ne $aptlocalrepo "none" }}
- action: run
description: Setup bind mount of local APT repository
chroot: false
command: |
set -eux
mkdir -v "${ROOTDIR}/media/apt-local-repo"
mount --bind {{$aptlocalrepo}} "${ROOTDIR}/media/apt-local-repo"
- action: run
description: Setup APT sources for local APT repository
chroot: true
command: |
set -eux
cat >/etc/apt/sources.list.d/apt-local-repo.sources <<EOF
Types: deb
URIs: file:///media/apt-local-repo
Suites: /
Trusted: true
EOF
{{- end }}
# after debootstrap, only a basic etc/apt/sources.list is created; add more
# modern etc/apt/sources.list.d/debian.sources; sources.list is removed after
# applying all overlays, and followed by an APT update and full-upgrade
- action: overlay
description: Create Debian APT sources
source: overlays/apt-sources
- action: overlay
description: Add Debian backports APT configuration
source: overlays/backports
{{- if .overlays }}
{{- range $overlay := split "," .overlays }}
- action: overlay
description: Apply overlay {{$overlay}}
source: overlays/{{$overlay}}
{{- end }}
{{- end }}
- action: run
description: Remove old APT sources and upgrade packages
chroot: true
command: |
set -eux
# remove old style, incomplete sources, superseded in apt-sources overlay
rm -vf /etc/apt/sources.list
# install ca-certificates early to make sure https APT sources are
# properly picked up
apt -y install ca-certificates
# APT update and upgrade to pickup changes from overlays
apt -y update
apt -y full-upgrade
- action: apt
description: Install foundational packages
recommends: true
packages:
# Android Debug Bridge (daemon)
- adbd
# bluetooth
- bluez
# vfat tools, notably fsck.fat for the ESP
- dosfstools
# ext4 tools, notably e2fsck for the root filesystem
- e2fsprogs
# fwupd tools, enable OTA EFI firmware capsule updates
- fwupd
# defaults to "systemd-sysv"; perhaps not needed
- init
# Bluetooth audio support in PipeWire
- libspa-0.2-bluetooth
# libcamera support in PipeWire
- libspa-0.2-libcamera
# Ethernet, Wi-Fi, WWAN; built-in DHCP client
- network-manager
# standard networking files (/etc/hosts, /etc/services etc.)
- netbase
# audio
- pipewire
# Qualcomm Remote Filesystem Service; needed for WiFi on
# some ath10k devices such as on RB1
- rmtfs
# TFTP server implementation for the QRTR protocol; needed for WiFi on
# some ath10k devices such as on RB1
- tqftpserv
# dynamic device nodes handling
- udev
# database of radio emission regulations; needed for WiFi
- wireless-regdb
# WPA / WPA2 / WPA3 client support
- wpasupplicant
- action: run
description: Set hostname to "debian"
chroot: true
command: |
set -eux
echo debian >/etc/hostname
# /etc/hosts is created by netbase
sed -i "1s/^/127.0.1.1 debian\n/" /etc/hosts
- action: run
description: Add a "debian" user, add it to sudoers and various groups
chroot: true
command: |
set -eux
# pre-emptively create a sudo group if sudo isn't installed
getent group sudo >/dev/null 2>&1 || groupadd --system sudo
# some useful groups for desktop scenarios, but also to run payloads
# from the serial console, over SSH, or in containers - where the desktop
# session has not updated ACLs to the device nodes
useradd --create-home --shell /bin/bash --user-group \
--groups adm,audio,render,sudo,users,video debian
# set password to "debian"
echo debian:debian | chpasswd
# password must be changed on first login
chage --lastday 0 debian
# add to sudoers
mkdir -v --mode 755 --parents /etc/sudoers.d
# subshell to override umask
(
umask 226
echo "debian ALL=(ALL) NOPASSWD:ALL" >/etc/sudoers.d/90-debos
)
# See: https://github.com/qualcomm-linux/qcom-deb-images/issues/193
- action: run
description: Configure sudo to use !fqdn
command: |
set -eux
echo "Defaults !fqdn" > ${ROOTDIR}/etc/sudoers.d/disable-fqdn
# NB: Recommends pull in way too many packages, and we don't need to follow
# Recommends reaching outside of this Priority level
- action: apt
description: Install packages of priority "important" (only from Debian)
recommends: false
packages:
- ?origin(Debian) ?priority(important)
# NB: Recommends pull in way too many packages, and we don't need to follow
# Recommends reaching outside of this Priority level
- action: apt
description: Install packages of priority "standard" (only from Debian)
recommends: false
packages:
- ?origin(Debian) ?priority(standard)
# TODO remove Priority: standard packages from this list?
- action: apt
description: Install a comfortable package set
recommends: true
packages:
- alsa-utils
- clinfo
- device-tree-compiler
- docker.io
- i2c-tools
- locales
- mesa-opencl-icd
- mesa-utils-bin
# convenience networking commands (arp, ifconfig, route etc.)
- net-tools
- openssh-client
# lspci
- pciutils
- rfkill
- sudo
# lsusb
- usbutils
# media-ctl
- v4l-utils
- vim
- vulkan-tools
- wget
- action: run
description: Add default user to docker group
chroot: true
command: |
set -eux
usermod -a -G docker debian
{{- if eq $xfcedesktop "true" }}
# this should ideally be task-xfce-desktop, but this pulls too many apps;
# instead, curate from the Depends and Recommends of task-xfce-desktop and
# task-desktop recursively; also, disable Recommends
- action: apt
description: Install Xfce desktop
recommends: false
packages:
# preempt these dependencies as to avoid pulling all backends
- xserver-xorg-input-libinput
- xserver-xorg-video-fbdev
- xserver-xorg-input-all-
- xserver-xorg-video-all-
- xserver-xorg
- plymouth-label- # we probably don't need a boot splash
# nm-connection-editor below depends on polkit-1-auth-agent, and APT
# picks up ukui-polkit as a random Provides; select mate-polkit instead
- mate-polkit
# from task-xfce-desktop
- xfce4
- lightdm
- light-locker
- xfce4-terminal
- tango-icon-theme
- network-manager-applet
- nm-connection-editor
- synaptic
# from task-desktop
- desktop-base
- xdg-utils
- fonts-symbola
- avahi-daemon
- libnss-mdns
# browser
- chromium
# bluetooth settings
- blueman
# audio: wireplumber for session integration, pipewire-pulse for chromium
# and xfce4-pulseaudio-plugin, and pavucontrol as referenced from the
# xfce pulse panel applet
- pavucontrol
- pipewire-pulse
- wireplumber
# camera: mostly supported through pipewire, but pull the qcam app
# and cam CLI tool from libcamera-tools; also install libcamera
# gstreamer plugins for for gstreamer based apps; ideally, cam and
# qcam would be packaged separately as to allow pulling the CLI
# version outside of the desktop list. libcamera-v4l2 provides a
# LD_PRELOAD library for compatiblity with apps relying on v4l2
# (similar to pipewire and pulse situation)
- gstreamer1.0-libcamera
- libcamera-tools
- libcamera-v4l2
{{- end }}
- action: run
description: Set default locale
chroot: true
command: |
set -eux
if which locale-gen >/dev/null 2>&1; then
echo en_US.UTF-8 UTF-8 >>/etc/locale.gen
locale-gen en_US.UTF-8 UTF-8
update-locale LANG=en_US.UTF-8
fi
{{- if ne $buildid "" }}
- action: run
description: Set build ID and flavor in /etc/buildinfo
chroot: true
command: |
set -eux
touch /etc/buildinfo
chmod 644 /etc/buildinfo
echo "BUILD_ID={{$buildid}}" >>/etc/buildinfo
{{- if eq $xfcedesktop "true" }}
echo "VARIANT_ID=xfce" >>/etc/buildinfo
{{- else }}
echo "VARIANT_ID=console" >>/etc/buildinfo
{{- end }}
{{- end }}
# usually these packages are pulled by Pre-Depends/Depends/Recommends of
# Debian's linux-image, but kernel packages generated with the upstream
# deb-pkg target don't have these dependencies, so install these before
# installing kernels; this is a separate step because of the Pre-Depends
- action: apt
description: Install kernel dependencies
recommends: true
packages:
- apparmor
- initramfs-tools
- kmod
- linux-base
- action: apt
description: Install kernel and firmware packages
recommends: true
packages:
- firmware-atheros
- firmware-qcom-soc
- {{$kernelpackage}}
# this is currently needed on boards such as RB1 which are using Android
# bootloader to check the boot count of the boot_a/boot_b partitions
- action: apt
description: Support boards chainloading from Android bootloader
recommends: true
packages:
# marks the current Android boot partition as booted successfully
- qbootctl
{{- if ne $localdebs "none" }}
- action: overlay
description: Overlay local debs directory {{ $localdebs }} to /root/
source: {{ $localdebs }}
destination: /root/
- action: run
description: Install local debs from /root/
chroot: yes
command: |
set -eux
apt -y install /root/*.deb
# no need to keep these
rm -vf /root/*.deb
{{- end }}
{{- if ne $aptlocalrepo "none" }}
- action: run
description: Remove bind mount of local APT repository
chroot: false
command: |
set -eux
umount "${ROOTDIR}/media/apt-local-repo"
rmdir -v "${ROOTDIR}/media/apt-local-repo"
- action: run
description: APT update without local APT repository
chroot: true
command: |
set -eux
rm -v /etc/apt/sources.list.d/apt-local-repo.sources
apt update
{{- end }}
- action: run
description: Create DTBs tarball
chroot: false
command: |
set -eux
# find the highest kernel version installed; kernels are backwards
# compatible with older dtbs, so it would make sense to take dtbs from
# the oldest available kernel as to allow all kernels to boot, but if
# this image has pulled a more recent kernel, it's probably to gain
# support for new hardware which would happen through new or updated dtbs
# only in that new kernel, so use the latest dtbs
latest_kernel="$(
ls -d "$ROOTDIR"/usr/lib/linux-image-* | sort -V | tail -1)"
# transform pathnames to strip the leading ./
tar \
-C "${latest_kernel}" \
--transform='s|^\./||' \
-cvzf "$ARTIFACTDIR/dtbs.tar.gz" \
.
- action: pack
description: Create root filesystem tarball
file: rootfs.tar.gz
compression: gz
# Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries.
# SPDX-License-Identifier: BSD-3-Clause