30 Commits

Author SHA1 Message Date
bc8807ae7d Use UID in systemd container name 2020-08-07 17:11:40 -04:00
1c82f6ad0a Fix hostnames for install 2020-08-07 16:41:10 -04:00
bbce49bb1c Put Firefox config in the right place 2020-08-07 16:09:39 -04:00
2fe3f2f092 Fix qemu options for better performance 2020-08-07 16:09:31 -04:00
442c0efa10 Add python3-venv dependency for nilmdb build 2020-08-07 16:09:15 -04:00
da37396f65 Fix hostname resolution in systemd container 2020-08-07 15:14:47 -04:00
054e91006e Fix isolinux preseed argument 2020-08-07 15:09:24 -04:00
1dd5c6ab8d Switch from Chome to Firefox 2020-08-07 15:04:20 -04:00
bbb4a2201d Fix UUID related issues with casper boot 2020-08-07 13:58:54 -04:00
6c659f213a Start porting to Ubuntu 20.04.1 2020-08-07 12:29:31 -04:00
5b2ac4ba8b Switch to 16.04.1 2016-07-26 18:10:35 -04:00
3a0b0e8114 Update README 2016-07-26 18:10:07 -04:00
b3bcec51f8 Ensure that we have a current kernel package installed
If no upgrades were available, the existing package needs to be
reinstalled, because the images in /boot were erased as part of the
original live CD build process, and we rely on them being present to
fix up the ISO later.
2016-07-26 18:09:28 -04:00
6d16d6dc0e Add nasty Ubiquity hacks to force username, set password
Username is fixed, but password can still be changed.
Also forces encryption off, since it won't work with an existing
/home dir.
2016-07-03 02:09:18 -04:00
0c439a1643 Check user before creating it
Just so that customize-inner.sh is idempotent
2016-07-03 02:06:52 -04:00
00ef92be05 Fix bug 2016-07-03 00:42:54 -04:00
1f5afcc566 Grab ISO from parent directory if it's there 2016-07-03 00:23:49 -04:00
f4f36e3c16 Small bugfixes and tweaks 2016-07-03 00:20:52 -04:00
5626b1723a Set up Chromium 2016-07-03 00:20:39 -04:00
06169b9894 Generate a user to use both on the LiveCD and installed system
It takes some finagling to get this to work everywhere, but this seems
to do the trick.  Note that this means we need to set
UBIQUITY_AUTOMATIC=1, which has some other side effects, but nothing
too bad (mostly related to not being able to go backwards in the
ubiquity installer).
2016-07-03 00:19:40 -04:00
4845ce82bf Use apt instead of apt-get; remove try_install 2016-07-03 00:17:01 -04:00
7d88ead0c5 Fix preseed file 2016-07-02 15:02:43 -04:00
8b4fe416fe Fill in a dummy /etc/hosts in enter.sh 2016-07-02 15:02:39 -04:00
eaa16f87b1 Add stuff to /etc/hosts after install or LiveCD boot
Also regenerate SSH keys at LiveCD boot, but not at install, so that
they don't change after booting a live system.
2016-07-01 17:28:07 -04:00
5988e64b8e Forgot to install SSH server 2016-07-01 16:22:20 -04:00
26215d6ac8 Add scripts to backup/restore FS directory
This lets you save the state of things to more quickly test other
changes

(for example, run customize-inner, then backup, then run the
standalone_install scripts)
2016-07-01 16:17:29 -04:00
7402ca0073 Stretch background image 2016-06-28 16:14:31 -04:00
f8c1018925 Install language packages to avoid prompt after install 2016-06-28 16:14:21 -04:00
2fd0460dc1 Fix qemu options so a full install really works 2016-06-28 16:14:01 -04:00
b693071019 Merge branch 'wattsworth' 2016-06-28 13:20:29 -04:00
20 changed files with 312 additions and 406 deletions

9
.gitignore vendored
View File

@@ -1,9 +1,2 @@
fs tmp-*
fs-*
iso
iso-*
mnt
mnt-*
*.iso *.iso
disk.img
disk.img-*

View File

@@ -1,41 +1,44 @@
Nilmbuntu
=========
Tools to customize an Ubuntu Live CD. Many parts of this will end up Tools to customize an Ubuntu Live CD. Many parts of this will end up
being version-specific. The host machine must be running systemd, being version-specific. The host machine must be running systemd,
since the image is executed inside a systemd-nspawn container. since the image is executed inside a systemd-nspawn container.
Set up host machine, which must be running a recent systemd: Set up host machine:
sudo apt-get install squashfs-tools xorriso isolinux systemd-container iptables sudo apt install squashfs-tools xorriso isolinux systemd-container iptables
sudo systemctl start systemd-networkd sudo systemctl start systemd-networkd
Choose a config: Choose a config:
export BUILD_CONFIG=16.04 export BUILD_CONFIG=20.04.1
Download and extract the original ISO: Download and extract the original ISO:
./extractiso.sh ./extractiso.sh
Apply customizations, both to the outer ISO and the inner image. Apply customizations, both to the outer ISO and the inner image.
This will also run customizer-inner.sh inside a container: This will also run customizer-inner.sh inside a container:
./customize.sh ./customize.sh
(Optional) Run and enter a shell in the container, for manual customization: (Optional) Run and enter a shell in the container, for manual customization:
./enter.sh ./enter.sh
Build the new ISO: Build the new ISO:
./buildiso.sh ./buildiso.sh
Boot the ISO in QEMU with a blank HDD, to test and install: Boot the ISO in QEMU with a blank HDD, to test and install:
./run.sh -c ./run.sh -c
Boot QEMU with the same HDD image as above, to test an "installed" system: Boot QEMU with the same HDD image as above, to test an "installed" system:
./run.sh -d ./run.sh -d
Remove everything but the ISOs: Remove everything but the ISOs:
./cleanup.sh ./cleanup.sh

7
backup.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
. config || exit 0
set -e
echo Backing up filesystem...
sudo rsync -a --delete ${FS} ${FS}.backup

View File

@@ -15,27 +15,21 @@ fi
set -x set -x
set -e set -e
INITRD=${FS}/initrd.img INITRD=${FS}/boot/initrd.img
VMLINUZ=$(readlink -f ${FS}/vmlinuz) VMLINUZ=${FS}/boot/vmlinuz
VMLINUZ_EFI=${VMLINUZ}.efi.signed
if ! [ "$1" == "justiso" ] ; then if ! [ "$1" == "justiso" ] ; then
if ! [ -r ${INITRD} -a -r ${VMLINUZ} ] ; then
if ! [ -r ${INITRD} -a -r ${VMLINUZ} -a -r ${VMLINUZ_EFI} ] ; then
set +x set +x
echo "== Missing kernel and/or initrd. Either upgrade or reinstall" echo "== Missing kernel and/or initrd. Either upgrade or reinstall"
echo "== the kernel inside the image to get the right files." echo "== the kernel inside the image to get the right files."
exit 1 exit 1
fi fi
# Recompress initrd if changed # Copy kernel and initrd
if [ ${INITRD} -nt ${ISO}/casper/initrd.lz ] ; then cp ${INITRD} ${ISO}/casper/initrd
sh -c "zcat ${INITRD} | lzma > ${ISO}/casper/initrd.lz"
fi
# Get kernel and signed EFI kernel
cp ${VMLINUZ} ${ISO}/casper/vmlinuz cp ${VMLINUZ} ${ISO}/casper/vmlinuz
cp ${VMLINUZ_EFI} ${ISO}/casper/vmlinuz.efi
# manifests # manifests
chmod +w ${ISO}/casper/filesystem.manifest chmod +w ${ISO}/casper/filesystem.manifest
@@ -51,7 +45,7 @@ if ! [ "$1" == "justiso" ] ; then
fi fi
# md5sums # md5sums
rm -f md5sum.txt rm -f ${ISO}/md5sum.txt
find ${ISO} -type f -print0 \ find ${ISO} -type f -print0 \
| xargs -0 md5sum \ | xargs -0 md5sum \
| sed -e "s, ${ISO}, .," \ | sed -e "s, ${ISO}, .," \

2
config
View File

@@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
if [ -z "$BUILD_CONFIG" ] ; then if [ -z "$BUILD_CONFIG" ] ; then
export BUILD_CONFIG=16.04 export BUILD_CONFIG=20.04.1
echo "No BUILD_CONFIG set -- assuming $BUILD_CONFIG" echo "No BUILD_CONFIG set -- assuming $BUILD_CONFIG"
fi fi

View File

@@ -1,7 +1,7 @@
# -*- sh -*- # -*- sh -*-
# output image # output image
VERSION="16.04" VERSION="20.04.1"
OUTPUT="nilmbuntu-${VERSION}.iso" OUTPUT="nilmbuntu-${VERSION}.iso"
# original ISO # original ISO

View File

@@ -1,307 +0,0 @@
#!/bin/bash
if [ "$IN_CHROOT" != "1" ] ; then
echo This is supposed to run inside the chroot, oops
exit 1
fi
set -e
set -x
try_install() {
# try to install packages, but ignore failure
for pkg in "$@"; do
if ! apt-get -y install "$pkg" ; then
echo ---- WARNING: Failed to install package: $pkg
fi
done
}
# Set up live username and hostname
cat >/etc/casper.conf <<"EOF"
export USERNAME="ubuntu"
export USERFULLNAME="Live session user"
export HOST="nilmbuntu"
export BUILD_SYSTEM="Ubuntu"
export FLAVOUR="NILMbuntu"
EOF
# Upgrade packages and remove old kernels
apt-get update
apt-get -y dist-upgrade
apt-get -y --purge autoremove
for VER in $(ls --sort=version /lib/modules/ | head -n -1) ; do
apt-get -y --purge remove "linux-.*$VER"
done
# Disable upgrade popups
sed -i -s -e 's/Prompt=.*/Prompt=never/g' \
/etc/update-manager/release-upgrades || true
# Set up & install postfix for local mail delivery
debconf-set-selections <<"EOF"
postfix postfix/mailname string localdomain
postfix postfix/main_mailer_type select Local only
EOF
apt-get -y install postfix
# Required packages
apt-get -y install \
python3 \
python2.7 \
python2.7-dev \
python-setuptools \
python-pip \
cython \
git \
build-essential \
python-cherrypy3 \
python-decorator \
python-simplejson \
python-requests \
python-dateutil \
python-tz \
python-progressbar \
python-psutil \
python-numpy \
python-nose \
python-coverage \
apache2 \
libapache2-mod-wsgi \
python-scipy \
python-daemon
# Install other useful but optional stuff
try_install \
curl \
devscripts \
dlocate \
emacs \
emacs-goodies-el \
gcc-arm-none-eabi \
gdb-arm-none-eabi \
gddrescue \
gnuplot \
help2man \
ipython \
libnewlib-arm-none-eabi \
libstdc++-arm-none-eabi-newlib \
texlive \
mailutils \
moreutils \
mutt \
network-manager-openvpn-gnome \
octave \
octave-missing-functions \
octave-signal \
openocd \
openssl \
openvpn \
python-matplotlib \
screen \
silversearcher-ag \
subversion \
tcpdump \
zip
# Set up timezone to America/New_York for the live CD
ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime
dpkg-reconfigure -f noninteractive tzdata
# Put some default desktop shortcuts in place
DESKTOP=/etc/skel/Desktop
mkdir -p $DESKTOP
cp /usr/share/applications/exo-terminal-emulator.desktop $DESKTOP || true
cp /usr/share/applications/exo-web-browser.desktop $DESKTOP || true
chmod +x $DESKTOP/*
# Custom background image (which was already copied in by customize.sh)
XML=/etc/xdg/xdg-xubuntu/xfce4/xfconf/xfce-perchannel-xml
sed -i -s -e 's/xubuntu-wallpaper.png/nilmbuntu.png/g' $XML/xfce4-desktop.xml
# Configure Firefox with our default homepage
HOMEPAGE="http://www.wattsworth.net/"
cat >/etc/firefox/syspref.js <<EOF
pref("browser.startup.homepage", "${HOMEPAGE}");
pref("extensions.ubufox@ubuntu.com.custom_homepage", "${HOMEPAGE}");
pref("browser.startup.homepage_override.mstone", "ignore");
EOF
# NilmDB setup below...
# # Create nilmdb user to run the database
# adduser --system --group --shell /bin/bash --disabled-password nilmdb
# cp -rv /etc/skel/.??* /home/nilmdb
# chown -R nilmdb:nilmdb /home/nilmdb
# # Create WSGI scripts
# cat > /home/nilmdb/nilmdb.wsgi <<"EOF"
# import nilmdb.server
# application = nilmdb.server.wsgi_application("/home/nilmdb/db","/nilmdb")
# EOF
# cat > /home/nilmdb/nilmrun.wsgi <<"EOF"
# import nilmrun.server
# application = nilmrun.server.wsgi_application("/nilmrun")
# EOF
# #### Edit apache config
# # Create apache config by hacking up the default one. Might be a better way
# # to do this, and it'll probably break on new versions, but...
# APACHE_VER=$(dpkg -s apache2 | grep ^Version | cut -d ' ' -f 2)
# if dpkg --compare-versions $APACHE_VER ge 2.4 ; then
# DEF=/etc/apache2/sites-available/000-default.conf
# NEED_PERMISSIONS=1
# else
# DEF=/etc/apache2/sites-available/default
# NEED_PERMISSIONS=0
# fi
# # Cut out any existing NilmDB stuff
# perl -ne 'print unless /## NilmDB start/../## NilmDB end/' $DEF > $DEF.orig
# # Copy everything up to the first </VirtualHost> line
# perl -ne 'print unless m-^[^#]*</VirtualHost>-..1' $DEF.orig > $DEF
# # Add the NilmDB config
# cat >>$DEF <<"EOF"
# ## NilmDB start
# WSGIScriptAlias /nilmdb /home/nilmdb/nilmdb.wsgi
# WSGIDaemonProcess nilmdb-procgroup threads=32 user=nilmdb group=nilmdb
# <Location /nilmdb>
# WSGIProcessGroup nilmdb-procgroup
# WSGIApplicationGroup nilmdb-appgroup
# </Location>
# WSGIScriptAlias /nilmrun /home/nilmdb/nilmrun.wsgi
# WSGIDaemonProcess nilmrun-procgroup threads=32 user=nilmdb group=nilmdb
# <Location /nilmrun>
# WSGIProcessGroup nilmrun-procgroup
# WSGIApplicationGroup nilmrun-appgroup
# </Location>
# EOF
# if [ $NEED_PERMISSIONS == 1 ] ; then
# cat >>$DEF <<"EOF"
# <Directory /home/nilmdb>
# Options All
# AllowOverride All
# Require all granted
# </Directory>
# EOF
# fi
# cat >>$DEF <<"EOF"
# ## NilmDB end
# EOF
# # Copy everything including and after the first </VirtualHost> line
# perl -ne 'print if m-^[^#]*</VirtualHost>-..1' $DEF.orig >> $DEF
# #### Done editing apache config
# # Create nilmdb capture, processing, and cleanup files
# cat > /home/nilmdb/capture.sh <<"EOF"
# #!/bin/bash -e
# # Don't run capture if we're running off a live CD
# if grep -q boot=casper /proc/cmdline ; then
# echo "Skipping capture, because this is a live CD."
# exit 0
# fi
# echo "Starting capture in background..."
# nilm-pipewatch --daemon --lock "/tmp/nilmdb-capture.lock" --timeout 30 \
# "ethstream -a 192.168.1.209 -n 6 -r 8000" \
# "nilm-insert -m 10 -r 8000 --live /data/raw"
# EOF
# cat > /home/nilmdb/process.sh <<"EOF"
# #!/bin/bash -e
# # Ensure only one copy of this code runs at a time:
# LOCKFILE="/tmp/nilmdb-process.lock"
# exec 99>"$LOCKFILE"
# flock -n -x 99 || exit 0
# trap 'rm -f "$LOCKFILE"' 0
# nilm-sinefit -c 4 /data/raw /data/sinefit
# nilm-prep -c 1 -r 0 /data/raw /data/sinefit /data/prep-a
# nilm-prep -c 2 -r 120 /data/raw /data/sinefit /data/prep-b
# nilm-prep -c 3 -r 240 /data/raw /data/sinefit /data/prep-c
# nilm-decimate-auto /data/raw "/data/prep*"
# nilm-cleanup --yes /home/nilmdb/cleanup.cfg
# EOF
# cat > /home/nilmdb/cleanup.cfg <<"EOF"
# [/data/prep-*]
# keep = 1y
# [/data/raw]
# keep = 2w
# [/data/sinefit]
# keep = 1y
# decimated = false
# EOF
# # Set up crontab
# cat > /home/nilmdb/crontab <<"EOF"
# SHELL=/bin/bash
# PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
# # Run capture and processing scripts every 5 minutes
# */5 * * * * chronic /home/nilmdb/capture.sh
# */5 * * * * chronic /home/nilmdb/process.sh
# # Try to run nilmdb-fsck on boot. It should hopefully run before
# # apache opens the database, and apache will return errors to clients
# # until nilmdb-fsck is done.
# @reboot chronic nilmdb-fsck --fix --no-data /home/nilmdb/db
# EOF
# crontab -u nilmdb /home/nilmdb/crontab
# # Fix permissions
# chown -R nilmdb:nilmdb /home/nilmdb
# chmod +x /home/nilmdb/{capture,process}.sh
# # Fetch and build everything. Put it in the nilmdb dir
# echo "machine git.jim.sh login nilm password nilm" > /home/nilmdb/.netrc
# GIT=https://git.jim.sh/jim/lees
# rm -rf /home/nilmdb/git
# mkdir /home/nilmdb/git
# chown nilmdb:nilmdb /home/nilmdb/.netrc /home/nilmdb/git
# REPOS="nilmdb nilmtools nilmrun ethstream"
# # check it out as nilmdb, so the .netrc gets used
# for repo in $REPOS; do
# sudo -i -u nilmdb git clone $GIT/$repo.git git/$repo
# done
# # build as root, because we need to do that for the install
# for repo in $REPOS; do
# make -C /home/nilmdb/git/$repo install
# done
# # fix up all permissions in git dir, so nilmdb user can play with it later
# chown -R nilmdb:nilmdb /home/nilmdb/git
# # Create the initial database and streams by running the standalone
# # server as nilmdb, making the right nilmtool calls, and killing it.
# sudo -i -u nilmdb nilmdb-server -a 127.0.0.1 -p 18646 -d /home/nilmdb/db &
# SERVERPID=$!
# trap "kill -9 $SERVERPID" 0
# for i in $(seq 1 120) ; do
# sleep 1
# echo waiting for nilmdb to start $i
# if nilmtool -u http://127.0.0.1:18646/ info ; then
# break
# fi
# done
# nilmtool -u http://127.0.0.1:18646/ destroy -R "/data/*" || true
# nilmtool -u http://127.0.0.1:18646/ create /data/raw uint16_6
# nilmtool -u http://127.0.0.1:18646/ create /data/sinefit float32_3
# nilmtool -u http://127.0.0.1:18646/ create /data/prep-a float32_8
# nilmtool -u http://127.0.0.1:18646/ create /data/prep-b float32_8
# nilmtool -u http://127.0.0.1:18646/ create /data/prep-c float32_8
# kill $SERVERPID
# wait
# trap "" 0

View File

@@ -13,48 +13,21 @@ sed -i -s -e \
# out the distro name in dialogs, and I think casper might use it too # out the distro name in dialogs, and I think casper might use it too
echo "NILMbuntu $VERSION" > ${ISO}/.disk/info echo "NILMbuntu $VERSION" > ${ISO}/.disk/info
# Set up preseed file # Set up preseed file by appending preseed.cfg to the Xubuntu
cp ${ISO}/preseed/xubuntu.seed ${ISO}/preseed/nilmbuntu.seed # default one
cat >> ${ISO}/preseed/nilmbuntu.seed <<"EOF" cat ${ISO}/preseed/xubuntu.seed files/preseed.cfg > ${ISO}/preseed/nilmbuntu.seed
# Commands to run on successful install:
# - Regenerate SSH host keys
# - Remove "quiet splash" from grub command line
# Ubiquity doesn't actually use preseed/late_command, so we do it
# in ubiquity/success_command (which needs things mounted)
ubiquity ubiquity/success_command string \
echo "success_command running" >/target/var/log/installer/postinst.log; \
for i in /dev /dev/pts /dev/shm /sys /sys/kernel/security /proc /cdrom; do \
mount --bind $i /target/$i; done; \
sed -i -e 's/quiet splash//g' /target/etc/default/grub; \
chroot /target update-grub \
>>/target/var/log/installer/postinst.log 2>&1; \
rm -f /target/etc/ssh/ssh_host_*; \
chroot /target dpkg-reconfigure openssh-server \
>>/target/var/log/installer/postinst.log 2>&1; \
for i in /dev/pts /dev/shm /dev /sys/kernel/security /sys /proc /cdrom; do \
umount /target/$i; done; \
echo "success_command done" >>/target/var/log/installer/postinst.log
# Default user. Ubiquity should let them change this.
# (To skip the dialog completely, maybe set a password?)
d-i passwd/user-fullname string NILM User
d-i passwd/username string nilm
#d-i passwd/user-password password nilm
#d-i passwd/user-password-again password nilm
d-i user-setup/allow-password-weak boolean true
d-i passwd/auto-login boolean true
EOF
# Set up isolinux how we want by editing its config # Set up isolinux how we want by editing its config
TRY="Boot ^NILMbuntu ${VERSION}" TRY="Boot ^NILMbuntu ${VERSION}"
cp splash.png ${ISO}/isolinux/splash.png cp files/splash.png ${ISO}/isolinux/splash.png
perl -n -i \ perl -n -i \
-e '$n=1 if /^label/; $n=2 if /^label live-install/; next if $n==2;' \ -e '$n=1 if /^label/; $n=2 if /^label live-install/; next if $n==2;' \
-e "s/menu label.*(Try|NILM).*/menu label $TRY/g;" \ -e "s/menu label.*Try Xubuntu without installing/menu label $TRY/g;" \
-e "s,preseed/.*[.]seed,preseed/nilmbuntu.seed,g;" \ -e "s,preseed/.*[.]seed,preseed/nilmbuntu.seed,g;" \
-e "s/ quiet splash//g;" \ -e "s/ quiet splash//g;" \
-e "print;" \ -e "print;" \
${ISO}/isolinux/txt.cfg ${ISO}/isolinux/txt.cfg
sed -i -s -e "s/^menu margin .*/menu margin 2/g;" ${ISO}/isolinux/menu.cfg
sed -i -s -e "s/^ui gfxboot/# ui gfxboot/g;" ${ISO}/isolinux/isolinux.cfg sed -i -s -e "s/^ui gfxboot/# ui gfxboot/g;" ${ISO}/isolinux/isolinux.cfg
# Set up grub similarly # Set up grub similarly
@@ -62,18 +35,17 @@ TRY="Boot NILMbuntu ${VERSION}"
perl -n -i \ perl -n -i \
-e "next if /menuentry \"Install/../^}$/;" \ -e "next if /menuentry \"Install/../^}$/;" \
-e "next if /menuentry \"OEM install/../^}$/;" \ -e "next if /menuentry \"OEM install/../^}$/;" \
-e "s/menuentry \"(Try|NILM).*\" \{/menuentry \"${TRY}\" {/g;" \ -e "s/Try Xubuntu without installing/${TRY}/g;" \
-e "s,preseed/.*[.]seed,preseed/nilmbuntu.seed,g;" \ -e "s,preseed/.*[.]seed,preseed/nilmbuntu.seed,g;" \
-e "s/ quiet splash//g;" \ -e "s/ quiet splash//g;" \
-e "print;" \ -e "print;" \
${ISO}/boot/grub/{grub,loopback}.cfg ${ISO}/boot/grub/{grub,loopback}.cfg
sudo install -D -m 0644 files/fallback_dns.conf ${FS}/etc/systemd/resolved.conf.d/fallback_dns.conf
if ! [ "$1" == "skip" ] ; then if ! [ "$1" == "skip" ] ; then
# Run the customize-inner.sh script inside the chroot # Run the customize-inner.sh script inside the chroot
sudo cp nilmbuntu.png ${FS}/usr/share/xfce4/backdrops/nilmbuntu.png ./enter.sh "cd /root ; files/customize-inner.sh"
sudo cp customize-inner.sh ${FS}/root/customize-inner.sh
sudo chmod +x ${FS}/root/customize-inner.sh
./enter.sh "cd /root ; ./customize-inner.sh"
fi fi

View File

@@ -13,8 +13,8 @@ fi
# both). Instead let's execute systemd-nspawn in a transient systemd # both). Instead let's execute systemd-nspawn in a transient systemd
# unit, then enter it using machinectl. # unit, then enter it using machinectl.
UNIT=nilmbuntu-run-$VERSION UNIT=nilmbuntu-run-$NONPRIV_UID-$VERSION
MACH=nilmbuntu-$VERSION MACH=nilmbuntu-$NONPRIV_UID-$VERSION
setup_networking() { setup_networking() {
# We use a virtual ethernet adapter -- this requires that # We use a virtual ethernet adapter -- this requires that
@@ -26,10 +26,10 @@ setup_networking() {
# However, the current systemd-networkd from Debian is broken and # However, the current systemd-networkd from Debian is broken and
# won't enable masquerading -- so do it manually # won't enable masquerading -- so do it manually
IFACE=$(ip -4 route list default | head -1 | awk '{print $5}') # IFACE=$(ip -4 route list default | head -1 | awk '{print $5}')
echo 1 > /proc/sys/net/ipv4/ip_forward # echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -D POSTROUTING -o $IFACE -j MASQUERADE >/dev/null || true # iptables -t nat -D POSTROUTING -o $IFACE -j MASQUERADE >/dev/null || true
iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE # iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE
} }
kill_container() { kill_container() {
@@ -99,19 +99,14 @@ run() {
set -e set -e
rsync -avP --delete files/ ${FS}/root/files/
setup_networking setup_networking
start_container start_container
run "resolvconf --disable-updates" run "cat /etc/hosts.nilm >>/etc/hosts 2>/dev/null || true"
run "echo 'nameserver 8.8.8.8' > /run/resolvconf/resolv.conf"
run "hostnamectl --transient set-hostname nilmbuntu" run "hostnamectl --transient set-hostname nilmbuntu"
#run "dbus-uuidgen > /var/lib/dbus/machine-id"
#run "dpkg-divert --local --rename --add /sbin/initctl"
#run "ln -sf /bin/true /sbin/initctl"
#run "dpkg-divert --local --rename --add /usr/sbin/update-grub"
#run "ln -sf /bin/true /usr/sbin/update-grub"
set +e set +e
if [ -z "$1" ] ; then if [ -z "$1" ] ; then
run "exec bash" run "exec bash"
@@ -124,20 +119,15 @@ echo "Cleaning up..."
# Manually clean up some things that show up after booting an image # Manually clean up some things that show up after booting an image
# and installing packages. This doesn't get everything, but what's # and installing packages. This doesn't get everything, but what's
# left should be fine. # left should be fine.
run "apt-get clean" run "apt clean"
run "dpkg --clear-avail"
run "> /etc/machine-id" run "> /etc/machine-id"
run "rm -f /core /boot/grub/grubenv" run "rm -f /core /boot/grub/grubenv"
run "rm -f /var/lib/systemd/random-seed" run "rm -f /var/lib/systemd/random-seed"
run "rm -f /var/lib/ubuntu-drivers-common/last_gfx_boot" run "rm -f /var/lib/ubuntu-drivers-common/last_gfx_boot"
run "rm -f /var/lib/NetworkManager/*" run "rm -f /var/lib/NetworkManager/*"
run "rm -f /root/.bash_history" run "rm -f /root/.bash_history"
run "rm -rf /root/files"
#run "rm /sbin/initctl"
#run "dpkg-divert --rename --remove /sbin/initctl"
#run "rm /usr/sbin/update-grub"
#run "dpkg-divert --rename --remove /usr/sbin/update-grub"
#run "rm /var/lib/dbus/machine-id"
#run "> /etc/resolv.conf"
kill_container kill_container

View File

@@ -17,7 +17,13 @@ set -e
# download it if it doesn't exist # download it if it doesn't exist
if ! [ -e ${ORIG} ] ; then if ! [ -e ${ORIG} ] ; then
mkdir -p $(dirname ${ORIG}) mkdir -p $(dirname ${ORIG})
wget -O "${ORIG}" "${ORIGURL}" if [ -e $(dirname ${ORIG})/../$(basename ${ORIG}) ] ; then
# grab from parent directory
cp $(dirname ${ORIG})/../$(basename ${ORIG}) ${ORIG}
else
# grab from web
wget -O "${ORIG}" "${ORIGURL}"
fi
fi fi
# mount it # mount it

18
files/casper.conf Normal file
View File

@@ -0,0 +1,18 @@
export USERNAME="nilm"
export USERFULLNAME="NILM User"
export HOST="nilmbuntu-live"
export BUILD_SYSTEM="Ubuntu"
export FLAVOUR="NILMbuntu"
# Do the inital user setup even though UID 1000 already exists.
# This also needs to be set in /etc/environment, for ubiquity,
# but we do that in preseed/early_command so that it only shows
# up in the LiveCD image.
export OVERRIDE_SYSTEM_USER=true
# The ISO has a UUID stored in /.disk/casper-uuid-generic, which
# won't match the new UUID that update-initramfs put in /conf/uuid.conf,
# so it won't find the live media at casper boot.
# Easiest way to avoid this is to set a blank UUID, so that the
# UUID checks are skipped.
export UUID=""

135
files/customize-inner.sh Executable file
View File

@@ -0,0 +1,135 @@
#!/bin/bash
if [ "$IN_CHROOT" != "1" ] ; then
echo This is supposed to run inside the chroot, oops
exit 1
fi
set -e
set -x
# Move stuff to the right places
install -D -m 0644 files/nilmbuntu.png /usr/share/xfce4/backdrops/nilmbuntu.png
install -D -m 0644 files/casper.conf /etc/casper.conf
install -D -m 0644 files/hosts.nilm /etc/hosts.nilm
# Copy hosts for now (although it will get overwritten at boot)
cat /etc/hosts.nilm >> /etc/hosts
# Upgrade packages
apt update
apt -y dist-upgrade
apt -y --purge autoremove
# Remove old kernels, and reinstall the latest one (to make sure
# it's present in /boot)
LATEST_KERNEL=$(ls --sort=version /lib/modules/ | tail -n 1)
for VER in $(ls --sort=version /lib/modules/) ; do
if [ $VER != $LATEST_KERNEL ] ; then
apt -y --purge remove "linux-.*$VER"
fi
done
apt -y --reinstall install linux-image-${LATEST_KERNEL}
# Disable upgrade popups
sed -i -s -e 's/Prompt=.*/Prompt=never/g' \
/etc/update-manager/release-upgrades || true
# Set up & install postfix for local mail delivery
debconf-set-selections <<"EOF"
postfix postfix/mailname string localdomain
postfix postfix/main_mailer_type select Local only
EOF
apt -y install postfix
# Required packages
apt -y install \
python3 \
python3-venv \
python3-pip \
git \
build-essential \
apache2 \
libapache2-mod-wsgi
# Install other useful stuff
apt -y install \
adb \
avrdude \
curl \
debconf-utils \
devscripts \
dfu-programmer \
dlocate \
emacs \
emacs-goodies-el \
esptool \
firefox \
flashrom \
gddrescue \
gnuplot \
help2man \
ipython3 \
libnewlib-arm-none-eabi \
libreoffice \
libstdc++-arm-none-eabi-newlib \
texlive \
mailutils \
moreutils \
mutt \
octave \
octave-missing-functions \
octave-signal \
openocd \
openssh-server \
openssl \
openvpn \
screen \
silversearcher-ag \
tcpdump \
zip
# Install the packages required for en_US language support
# This avoids a prompt and package download at first install
apt -y install $(/usr/bin/check-language-support -l en_US)
# Set up timezone to America/New_York for the live CD
ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime
dpkg-reconfigure -f noninteractive tzdata
# Put some default desktop shortcuts in place
DESKTOP=/etc/skel/Desktop
mkdir -p $DESKTOP
cp /usr/share/applications/exo-terminal-emulator.desktop $DESKTOP || true
cp /usr/share/applications/exo-web-browser.desktop $DESKTOP || true
chmod +x $DESKTOP/*
# Custom background image
XML=/etc/xdg/xdg-xubuntu/xfce4/xfconf/xfce-perchannel-xml/xfce4-desktop.xml
BG=/usr/share/xfce4/backdrops/nilmbuntu.png
apt -y install xmlstarlet
xmlstarlet ed -L -u "//property[@name='image-path']/@value" -v "$BG" $XML
xmlstarlet ed -L -u "//property[@name='image-style']/@value" -v "3" $XML
# Make Firefox nicer
install -D -m 0644 files/syspref.js /etc/firefox/syspref.js
# Create NILM user. This should happen after anything that we put in
# /etc/skel, since files get copied from there. Note that this user
# is the same as what we have in the preseed file and casper.conf
if ! getent passwd nilm ; then
adduser --gecos "NILM User" --disabled-password nilm
fi
# Make sure locate databases are up-to-date
/etc/cron.daily/mlocate
/etc/cron.daily/dlocate
# Make sure initramfs was regenerated with casper changes.
# Manipulate some config files to avoid host stuff leaking through.
echo 'RESUME=none' > /etc/initramfs-tools/conf.d/resume
mv /etc/crypttab /etc/crypttab-old
CASPER_GENERATE_UUID=1 update-initramfs -u
rm /etc/initramfs-tools/conf.d/resume
mv /etc/crypttab-old /etc/crypttab

2
files/fallback_dns.conf Normal file
View File

@@ -0,0 +1,2 @@
[Resolve]
FallbackDNS=1.1.1.1 9.9.9.10 8.8.8.8 2606:4700:4700::1111 2620:fe::10 2001:4860:4860::8888

2
files/hosts.nilm Normal file
View File

@@ -0,0 +1,2 @@
127.0.2.1 nilm.primary
127.0.2.2 nilm.secondary

View File

Before

Width:  |  Height:  |  Size: 589 KiB

After

Width:  |  Height:  |  Size: 589 KiB

58
files/preseed.cfg Normal file
View File

@@ -0,0 +1,58 @@
# Commands to run at casper boot:
# - Regenerate SSH keys
# - Append /etc/hosts.nilm to /etc/hosts
#
# And the following hacks, which could also run in customize-inner.sh,
# but doing them here ensures that they'll only be present during the
# LiveCD session
# - Append some stuff to /etc/enviroment that's needed for Ubiquity to
# create the initial user properly, when we've already created it.
# - Hack Ubiquity to prevent changing the username, and to set
# a default password
d-i preseed/early_command string \
echo "early_command running" ; \
chroot /root sh -c "rm -f /etc/ssh/ssh_host_*" ; \
chroot /root sh -c "dpkg-reconfigure openssh-server" ; \
cat /root/etc/hosts.nilm >> /root/etc/hosts ; \
echo OVERRIDE_SYSTEM_USER=1 >> /root/etc/environment ; \
sed -i \
-e 's@id="login_encrypt">@id="login_encrypt"><property name="sensitive">False</property>@g' \
-e 's@id="fullname">@id="fullname"><property name="sensitive">False</property>@g' \
-e 's@id="username">@id="username"><property name="sensitive">False</property>@g' \
-e 's@"visibility">False@"visibility">True@g' \
-e 's@id="password">@id="password"><property name="text">nilm</property>@g' \
-e 's@id="verified_password">@id="verified_password"><property name="text">nilm</property>@g' \
/root/usr/share/ubiquity/gtk/stepUserInfo.ui ; \
echo "early_command done"
# chroot /root sh -c "echo UBIQUITY_AUTOMATIC=1 >> /etc/environment"
# Commands to run on successful install:
# (Ubiquity doesn't actually use preseed/late_command, so we do it
# in ubiquity/success_command (which needs things mounted))
# - Remove "quiet splash" from grub command line
# - Append /etc/hosts.nilm to /etc/hosts
ubiquity ubiquity/success_command string \
echo "success_command running" >/target/var/log/installer/postinst.log; \
mount --bind /dev /target/dev ; \
in-target sh -c "sed -i -e 's/quiet splash//g' /etc/default/grub" ; \
in-target sh -c "update-grub >>/var/log/installer/postinst.log 2>&1" ; \
in-target sh -c "cat /etc/hosts.nilm >> /etc/hosts " ; \
umount /target/dev ; \
echo "success_command done" >>/target/var/log/installer/postinst.log
ubiquity ubiquity/use_nonfree boolean true
# Default user. Ubiquity should let them change this.
# (To skip the dialog completely, set the first 4, and put
# UBIQUITY_AUTOMATIC in /etc/environment in early_command above)
d-i passwd/user-fullname string NILM User
d-i passwd/username string nilm
#d-i passwd/user-password password nilm
#d-i passwd/user-password-again password nilm
d-i user-setup/allow-password-weak boolean true
d-i user-setup/force-encrypt-home boolean false
d-i user-setup/encrypt-home boolean false
d-i passwd/auto-login boolean true
d-i netcfg/get_hostname seen true
d-i netcfg/get_hostname string nilmbuntu

View File

Before

Width:  |  Height:  |  Size: 1.1 KiB

After

Width:  |  Height:  |  Size: 1.1 KiB

16
files/syspref.js Normal file
View File

@@ -0,0 +1,16 @@
pref("browser.aboutwelcome.enabled", false);
pref("datareporting.policy.firstRunURL", "");
pref("network.trr.mode", 5);
pref("toolkit.telemetry.reportingpolicy.firstRun", false);
pref("browser.startup.homepage_override.mstone", "ignore");
pref("trailhead.firstrun.didSeeAboutWelcome", true);
pref("browser.newtabpage.activity-stream.default.sites","https://www.google.com/");
pref("browser.newtabpage.activity-stream.feeds.asrouterfeed", false);
pref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false);
pref("browser.newtabpage.activity-stream.feeds.section.highlights", false);
pref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
pref("browser.newtabpage.activity-stream.feeds.snippets", false);
pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
pref("browser.newtabpage.pinned", "[{\"url\":\"https://www.wattsworth.net\",\"label\":\"Wattsworth\"},{\"url\":\"http://nilm.primary\",\"label\":\"Local NILM\"}]");
pref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts", false);

7
restore.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
. config || exit 0
set -e
echo Restoring filesystem...
sudo rsync -a --delete ${FS}.backup ${FS}

20
run.sh
View File

@@ -46,20 +46,30 @@ set -e
set -x set -x
cfg="" cfg=""
cfg+=" -nodefaults"
cfg+=" -drive file=${DISK},media=disk,format=raw,if=virtio"
cfg+=" -enable-kvm"
cfg+=" -m 2048"
cfg+=" -usb"
cfg+=" -device usb-tablet"
cfg+=" -nic user"
cfg+=" -vga virtio"
#cfg+=" -vnc :0"
case $boot in case $boot in
c) c)
echo "booting CD with empty disk" echo "booting CD with empty disk"
rm -f ${DISK} rm -f ${DISK}
dd if=/dev/zero "of=${DISK}" bs=1M count=0 seek=10240 dd if=/dev/zero "of=${DISK}" bs=1M count=0 seek=30720
cfg+=" -drive file=${iso},index=1,media=cdrom" cfg+=" -drive file=${iso},media=cdrom,if=none,id=cd"
cfg+=" -drive file=${DISK},index=0,media=disk,format=raw" cfg+=" -device virtio-scsi-pci -device scsi-cd,drive=cd"
cfg+=" -boot d" cfg+=" -boot d"
;; ;;
d) d)
echo "booting disk with no CD" echo "booting disk with no CD"
cfg+=" -drive file=${DISK},index=0,media=disk,format=raw"
cfg+=" -boot c" cfg+=" -boot c"
;; ;;
esac esac
qemu-system-x86_64 -enable-kvm -m 2048 -vga vmware $cfg qemu-system-x86_64 $cfg