├── .gitignore
├── LICENSE
├── Makefile
├── README.md
├── build
    ├── arm.sh
    ├── audit.sh
    ├── base.sh
    ├── boot.sh
    ├── chroot.sh
    ├── clean.sh
    ├── clone.sh
    ├── common.sh
    ├── compress.sh
    ├── confirm.sh
    ├── connect.sh
    ├── core.sh
    ├── distfiles.sh
    ├── download.sh
    ├── dvd.sh
    ├── fingerprint.sh
    ├── info.sh
    ├── kernel.sh
    ├── list.sh
    ├── make.conf.sh
    ├── nano.sh
    ├── options.sh
    ├── packages.sh
    ├── plugins.sh
    ├── ports.sh
    ├── prefetch.sh
    ├── print.sh
    ├── rebase.sh
    ├── release.sh
    ├── rename.sh
    ├── serial.sh
    ├── sign.sh
    ├── skim.sh
    ├── sync.sh
    ├── test.sh
    ├── tests.sh
    ├── update.sh
    ├── upload.sh
    ├── verify.sh
    ├── vga.sh
    ├── vm.sh
    └── xtools.sh
├── composite
    ├── custom.sh
    ├── distribution.sh
    ├── factory.sh
    ├── hotfix.sh
    ├── nightly.sh
    ├── pkgver.sh
    └── watch.sh
├── config
    └── 25.1
    │   ├── SMP
    │   ├── SMP-ARM
    │   ├── aux.conf
    │   ├── base.obsolete.amd64
    │   ├── base.plist.amd64
    │   ├── build.conf
    │   ├── extras.conf
    │   ├── kernel.debug
    │   ├── kernel.default
    │   ├── make.conf
    │   ├── plugins.conf
    │   ├── ports.conf
    │   ├── skim.conf
    │   └── src.conf
├── device
    ├── A10.conf
    ├── ARM64.conf
    ├── R4S.conf
    ├── ROCKPRO64.conf
    └── RPI.conf
└── scripts
    ├── parse_ports_log.py
    ├── pkg_fingerprint.sh
    └── pkg_sign.sh


/.gitignore:
--------------------------------------------------------------------------------
1 | /config/*/build.conf.local
2 | /config/*/plugins.conf.local
3 | /config/*/repo.key
4 | /config/*/repo.pub
5 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | Copyright (c) 2014-2025 Franco Fichtner <franco@opnsense.org>
 2 | Copyright (c) 2015-2017 The FreeBSD Foundation
 3 | Copyright (c) 2004-2011 Scott Ullrich <sullrich@gmail.com>
 4 | All rights reserved.
 5 | 
 6 | Redistribution and use in source and binary forms, with or without
 7 | modification, are permitted provided that the following conditions are met:
 8 | 
 9 | 1. Redistributions of source code must retain the above copyright notice, this
10 |    list of conditions and the following disclaimer.
11 | 
12 | 2. Redistributions in binary form must reproduce the above copyright notice,
13 |    this list of conditions and the following disclaimer in the documentation
14 |    and/or other materials provided with the distribution.
15 | 
16 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
20 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
22 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
23 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 | 


--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
  1 | # Copyright (c) 2015-2025 Franco Fichtner <franco@opnsense.org>
  2 | #
  3 | # Redistribution and use in source and binary forms, with or without
  4 | # modification, are permitted provided that the following conditions
  5 | # are met:
  6 | #
  7 | # 1. Redistributions of source code must retain the above copyright
  8 | #    notice, this list of conditions and the following disclaimer.
  9 | #
 10 | # 2. Redistributions in binary form must reproduce the above copyright
 11 | #    notice, this list of conditions and the following disclaimer in the
 12 | #    documentation and/or other materials provided with the distribution.
 13 | #
 14 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 15 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 16 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 17 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 18 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 19 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 20 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 21 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 22 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 23 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 24 | # SUCH DAMAGE.
 25 | 
 26 | STEPS=		audit arm base boot chroot clean clone compress confirm \
 27 | 		connect core distfiles download dvd fingerprint info \
 28 | 		kernel list make.conf nano options packages plugins ports \
 29 | 		prefetch print rebase release rename serial sign skim \
 30 | 		sync test tests update upload verify vga vm xtools
 31 | SCRIPTS=	custom distribution factory hotfix nightly pkgver watch
 32 | 
 33 | .PHONY:		${STEPS} ${SCRIPTS}
 34 | 
 35 | PAGER?=		less
 36 | 
 37 | .MAKE.JOB.PREFIX?=	# tampers with some of our make invokes
 38 | 
 39 | all:
 40 | 	@cat ${.CURDIR}/README.md | ${PAGER}
 41 | 
 42 | lint-steps:
 43 | .for STEP in common ${STEPS}
 44 | 	@sh -n ${.CURDIR}/build/${STEP}.sh
 45 | .endfor
 46 | 
 47 | lint-composite:
 48 | .for SCRIPT in ${SCRIPTS}
 49 | 	@sh -n ${.CURDIR}/composite/${SCRIPT}.sh
 50 | .endfor
 51 | 
 52 | lint: lint-steps lint-composite
 53 | 
 54 | # Special vars to load early build.conf settings:
 55 | 
 56 | ROOTDIR?=	/usr
 57 | 
 58 | TOOLSDIR?=	${ROOTDIR}/tools
 59 | TOOLSBRANCH?=	master
 60 | 
 61 | _OS!=	uname -r
 62 | _OS:=	${_OS:C/-.*//}
 63 | 
 64 | .if defined(CONFIGDIR)
 65 | _CONFIGDIR=	${CONFIGDIR}
 66 | .elif defined(SETTINGS)
 67 | _CONFIGDIR=	${TOOLSDIR}/config/${SETTINGS}
 68 | .elif !defined(CONFIGDIR)
 69 | __CONFIGDIR!=	find -s ${TOOLSDIR}/config -name "build.conf" -type f
 70 | .for DIR in ${__CONFIGDIR}
 71 | . if exists(${DIR}) && empty(_CONFIGDIR)
 72 | _CONFIGOS!=	grep '^OS?*=' ${DIR}
 73 | .  if ${_CONFIGOS:[2]} == ${_OS}
 74 | _CONFIGDIR=	${DIR:C/\/build\.conf$//}
 75 | .  endif
 76 | . endif
 77 | .endfor
 78 | .endif
 79 | 
 80 | .if empty(_CONFIGDIR)
 81 | .error Found no configuration matching OS version "${_OS}"
 82 | .endif
 83 | 
 84 | .-include "${_CONFIGDIR}/build.conf.local"
 85 | .include "${_CONFIGDIR}/build.conf"
 86 | 
 87 | _ARCH!=		uname -p
 88 | _VERSION!=	date '+%Y%m%d%H%M'
 89 | 
 90 | # Bootstrap the build options if not set:
 91 | 
 92 | ABI?=		${_CONFIGDIR:C/^.*\///}
 93 | ADDITIONS?=	# empty
 94 | ARCH?=		${_ARCH}
 95 | COMSPEED?=	115200
 96 | DEBUG?=		# empty
 97 | DEVICE?=	A10
 98 | KERNEL?=	SMP
 99 | NAME?=		OPNsense
100 | SUFFIX?=	# empty
101 | TESTS?=		# empty
102 | TYPE?=		${NAME:tl}
103 | UEFI?=		arm dvd serial vga vm
104 | VERSION?=	${_VERSION}
105 | ZFS?=		# empty
106 | 
107 | GITBASE?=	https://github.com/opnsense
108 | MIRRORS?=	https://opnsense.c0urier.net \
109 | 		https://mirrors.nycbug.org/pub/opnsense \
110 | 		https://mirror.wdc1.us.leaseweb.net/opnsense \
111 | 		https://mirror.sfo12.us.leaseweb.net/opnsense \
112 | 		https://mirror.fra10.de.leaseweb.net/opnsense \
113 | 		https://mirror.ams1.nl.leaseweb.net/opnsense
114 | SERVER?=	user@does.not.exist
115 | UPLOADDIR?=	.
116 | 
117 | STAGEDIRPREFIX?=/usr/obj
118 | 
119 | EXTRABRANCH?=	# empty
120 | 
121 | COREBRANCH?=	stable/${ABI}
122 | COREVERSION?=	# empty
123 | COREDIR?=	${ROOTDIR}/core
124 | COREENV?=	CORE_PHP=${PHP} CORE_ABI=${ABI} CORE_PYTHON=${PYTHON}
125 | 
126 | PLUGINSBRANCH?=	stable/${ABI}
127 | PLUGINSDIR?=	${ROOTDIR}/plugins
128 | PLUGINSENV?=	PLUGIN_PHP=${PHP} PLUGIN_ABI=${ABI} PLUGIN_PYTHON=${PYTHON}
129 | 
130 | PORTSBRANCH?=	master
131 | PORTSDIR?=	${ROOTDIR}/ports
132 | PORTSENV?=	# empty
133 | 
134 | PORTSREFURL?=	https://git.FreeBSD.org/ports.git
135 | PORTSREFDIR?=	${ROOTDIR}/freebsd-ports
136 | PORTSREFBRANCH?=main
137 | 
138 | SRCBRANCH?=	stable/${ABI}
139 | SRCDIR?=	${ROOTDIR}/src
140 | 
141 | # A couple of meta-targets for easy use and ordering:
142 | 
143 | kernel ports distfiles: base
144 | .if !empty(TESTS)
145 | base: tests
146 | .endif
147 | audit plugins: ports
148 | core: plugins
149 | packages test: core
150 | arm dvd nano serial vga vm: kernel core
151 | sets: kernel distfiles packages
152 | images: dvd nano serial vga vm
153 | release: dvd nano serial vga
154 | 
155 | # Expand target arguments for the script append:
156 | 
157 | .for TARGET in ${.TARGETS}
158 | _TARGET=	${TARGET:C/\-.*//}
159 | .if ${_TARGET} != ${TARGET}
160 | .if ${SCRIPTS:M${_TARGET}}
161 | ${_TARGET}_ARGS+=	${TARGET:C/^[^\-]*(\-|\$)//}
162 | .else
163 | ${_TARGET}_ARGS+=	${TARGET:C/^[^\-]*(\-|\$)//:S/,/ /g}
164 | .endif
165 | ${TARGET}: ${_TARGET}
166 | .endif
167 | .endfor
168 | 
169 | .if "${VERBOSE}" != ""
170 | VERBOSE_FLAGS=	-x
171 | .else
172 | VERBOSE_HIDDEN=	@
173 | .endif
174 | 
175 | .for _VERSION in ABI APACHE DEBUG LUA PERL PHP PYTHON RUBY SSL VERSION ZFS
176 | VERSIONS+=	PRODUCT_${_VERSION}=${${_VERSION}}
177 | .endfor
178 | 
179 | # Expand build steps to launch into the selected
180 | # script with the proper build options set:
181 | 
182 | .for STEP in ${STEPS}
183 | ${STEP}: lint-steps
184 | 	@echo ">>> Executing build step ${STEP} on ${_CONFIGDIR:C/.*\///}" >&2
185 | 	${VERBOSE_HIDDEN} cd ${.CURDIR}/build && \
186 | 	    sh ${VERBOSE_FLAGS} ./${.TARGET}.sh -a ${ARCH} -F ${KERNEL} \
187 | 	    -n ${NAME} -v "${VERSIONS}" -s ${_CONFIGDIR} \
188 | 	    -S ${SRCDIR} -P ${PORTSDIR} -p ${PLUGINSDIR} -T ${TOOLSDIR} \
189 | 	    -C ${COREDIR} -R ${PORTSREFDIR} -t ${TYPE} -k "${PRIVKEY}" \
190 | 	    -K "${PUBKEY}" -l "${SIGNCHK}" -L "${SIGNCMD}" -d ${DEVICE} \
191 | 	    -m ${MIRRORS:Ox:[1]} -o "${STAGEDIRPREFIX}" -c ${COMSPEED} \
192 | 	    -b ${SRCBRANCH} -B ${PORTSBRANCH} -e ${PLUGINSBRANCH} \
193 | 	    -g ${TOOLSBRANCH} -E ${COREBRANCH} -G ${PORTSREFBRANCH} \
194 | 	    -H "${COREENV}" -u "${UEFI:tl}" -U "${SUFFIX}" \
195 | 	    -V "${ADDITIONS}" -O "${GITBASE}"  -r "${SERVER}" \
196 | 	    -h "${PLUGINSENV}" -I "${UPLOADDIR}" -D "${EXTRABRANCH}" \
197 | 	    -A "${PORTSREFURL}" -J "${PORTSENV}" ${${STEP}_ARGS}
198 | .endfor
199 | 
200 | .for SCRIPT in ${SCRIPTS}
201 | ${SCRIPT}: lint-composite
202 | 	${VERBOSE_HIDDEN} cd ${.CURDIR} && \
203 | 	    sh ${VERBOSE_FLAGS} ./composite/${SCRIPT}.sh ${${SCRIPT}_ARGS}
204 | .endfor
205 | 
206 | .if "${_OS}" != "${OS}"
207 | .error Expected OS version ${OS} for ${_CONFIGDIR}; to continue anyway set OS=${_OS}
208 | .endif
209 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | About the OPNsense tools
  2 | ========================
  3 | 
  4 | In conjunction with src.git, ports.git, core.git and plugins.git they
  5 | create sets, packages and images for the OPNsense project.
  6 | 
  7 | Setting up a build system
  8 | =========================
  9 | 
 10 | Install [FreeBSD](https://www.freebsd.org/) 14.2-RELEASE for amd64
 11 | on a machine with at least 40GB of hard disk and at least 8GB of RAM
 12 | to successfully build all standard images.  All tasks require a root
 13 | user.  Do the following to grab the repositories (overwriting standard
 14 | ports and src):
 15 | 
 16 |     # pkg install git
 17 |     # cd /usr
 18 |     # git clone https://github.com/opnsense/tools
 19 |     # cd tools
 20 |     # make update
 21 | 
 22 | Note that the OPNsense repositories can also be setup in a non-/usr directory
 23 | by setting ROOTDIR.  For example:
 24 | 
 25 |     # mkdir -p /tmp/opnsense
 26 |     # cd /tmp/opnsense
 27 |     # git clone https://github.com/opnsense/tools
 28 |     # cd tools
 29 |     # env ROOTDIR=/tmp/opnsense make update
 30 | 
 31 | TL;DR
 32 | =====
 33 | 
 34 |     # make dvd
 35 | 
 36 | If successful, a dvd image can be found under:
 37 | 
 38 |     # make print-IMAGESDIR
 39 | 
 40 | Detailed build steps and options
 41 | ================================
 42 | 
 43 | How to specify build options on the command line
 44 | ------------------------------------------------
 45 | 
 46 | The build is broken down into individual stages: base,
 47 | kernel, ports, plugins and core can be built separately and
 48 | repeatedly without affecting the other stages.  All stages
 49 | can be reinvoked and continue building without cleaning the
 50 | previous progress.  A final stage assembles all five stages
 51 | into a target image.
 52 | 
 53 | All build steps are invoked via make(1):
 54 | 
 55 |     # make step OPTION="value"
 56 | 
 57 | Available early build options are:
 58 | 
 59 | * SETTINGS:	the name of the requested local configuration
 60 | * CONFIGDIR:	read configuration from other directory and override SETTINGS
 61 | 		(make sure to use an absolute path when specifying)
 62 | 
 63 | Available build options are:
 64 | 
 65 | * ABI:		a custom ABI (defaults to SETTINGS)
 66 | * ADDITIONS:	a list of packages/plugins to add to images
 67 | * ARCH:		the target architecture if not native
 68 | * COMSPEED:	serial speed, e.g. "115200" (default)
 69 | * DEBUG:	build a debug kernel with additional object information
 70 | * DEVICE:	loads device-specific modifications, e.g. "A10" (default)
 71 | * KERNEL:	the kernel config to use, e.g. SMP (default)
 72 | * MIRRORS:	a list of mirrors to prefetch sets from
 73 | * NAME:		"OPNsense" (default)
 74 | * PRIVKEY:	the private key for signing sets
 75 | * PUBKEY:	the public key for signing sets
 76 | * SUFFIX:	the suffix of top package name (default is empty)
 77 | * TYPE:		the base name of the top package to be installed
 78 | * UEFI:		use amd64 hybrid images for said images, e.g. "vga vm"
 79 | * VERSION:	a version tag (if applicable)
 80 | * ZFS:		ZFS pool name to create for VM images, e.g. "zpool"
 81 | 
 82 | How to specify build options via configuration file
 83 | ---------------------------------------------------
 84 | 
 85 | The configuration file is required at "CONFIGDIR/build.conf".
 86 | Its contents can be modified to adapt a non-standard build environment
 87 | and to avoid excessive Makefile arguments.
 88 | 
 89 | A local override exists as "CONFIGDIR/build.conf.local" and is
 90 | parsed first to allow more flexible overrides.  Use with care.
 91 | 
 92 | How to run individual or composite build steps
 93 | ----------------------------------------------
 94 | 
 95 | Kernel, base, packages and release sets are stored under:
 96 | 
 97 |     # make print-SETSDIR
 98 | 
 99 | All final images are stored under:
100 | 
101 |     # make print-IMAGESDIR
102 | 
103 | Build the userland binaries, bootloader and administrative files:
104 | 
105 |     # make base
106 | 
107 | Build the kernel and loadable kernel modules:
108 | 
109 |     # make kernel
110 | 
111 | Build all the third-party ports:
112 | 
113 |     # make ports
114 | 
115 | Build additional plugins if needed:
116 | 
117 |     # make plugins
118 | 
119 | Wrap up our core as a package:
120 | 
121 |     # make core
122 | 
123 | A dvd live image is created using:
124 | 
125 |     # make dvd
126 | 
127 | A serial memstick live image is created using:
128 | 
129 |     # make serial
130 | 
131 | A vga memstick live image is created using:
132 | 
133 |     # make vga
134 | 
135 | A flash card full disk image is created using:
136 | 
137 |     # make nano
138 | 
139 | A virtual machine full disk image is created using:
140 | 
141 |     # make vm
142 | 
143 | A special embedded device image based on vm variety:
144 | 
145 |     # make factory
146 | 
147 | Release sets can be built as follows although the result is
148 | an unpredictable set of images depending on the previous
149 | build states:
150 | 
151 |     # make release
152 | 
153 | However, the release target is necessary for the following
154 | target which includes sanity checks, proper clearing of the
155 | images directory and core package version alignment:
156 | 
157 |     # make distribution
158 | 
159 | Cross-building for other architecures
160 | -------------------------------------
161 | 
162 | This feature is currently experimental and requires installation
163 | of packages for cross building / user mode emulation and additional
164 | boot files to be installed as prompted by the build system.
165 | 
166 | A cross-build on the operating system sources is executed by
167 | specifying the target architecture and custom kernel:
168 | 
169 |     # make base kernel DEVICE=BANANAPI
170 | 
171 | In order to speed up building of using an emulated packages build,
172 | the xtools set can be created like so:
173 | 
174 |     # make xtools DEVICE=BANANAPI
175 | 
176 | The xtools set is then used during the packages build similar to
177 | the distfiles set.
178 | 
179 |     # make packages DEVICE=BANANAPI
180 | 
181 | The final image is built using:
182 | 
183 |     # make arm-<size> DEVICE=BANANAPI
184 | 
185 | Currently available device are: BANANAPI and RPI2.
186 | 
187 | About other scripts and tweaks
188 | ==============================
189 | 
190 | Device-specific settings
191 | ------------------------
192 | 
193 | Device-specific settings can be found and added in the
194 | device/ directory.  Of special interest are hooks into
195 | the build process for required non-default settings for
196 | image builds.  The .conf files are shell scripts that can
197 | define hooks in the form of e.g.:
198 | 
199 |     serial_hook()
200 |     {
201 |         # ${1} is the target file system root
202 |         touch ${1}/my_custom_file
203 |     }
204 | 
205 | These hooks are available for all image types, namely
206 | dvd, nano, serial, vga and vm.  Device-specific hooks
207 | are loaded after config-specific hooks and both of them
208 | can coexist in a given build.
209 | 
210 | Updating the code repositories
211 | ------------------------------
212 | 
213 | Updating all or individual repositories can be done as follows:
214 | 
215 |     # make update[-<repo1>[,...]] [VERSION=git.tag]
216 | 
217 | Available update options are: core, plugins, ports, portsref, src, tools
218 | 
219 | VERSION can be used to update to the matching git tag instead of HEAD.
220 | 
221 | Regression tests and ports audit
222 | --------------------------------
223 | 
224 | Before building images, you can run the regression tests
225 | to check the integrity of your core.git modifications plus
226 | generate output for the style checker:
227 | 
228 |     # make test
229 | 
230 | To check the binary packages from ports against the upstream
231 | vulnerability database run the following:
232 | 
233 |     # make audit
234 | 
235 | Advanced package builds
236 | -----------------------
237 | 
238 | Package sets ready for web server deployment are automatically
239 | generated and modified by ports, plugins and core steps.  The
240 | build automatically caches temporary build dependencies to avoid
241 | spurious rebuilds.  These packages are later discarded to provide
242 | a slim runtime set only.
243 | 
244 | If signing keys are available, the packages set will be signed
245 | twice, first embedded into repository metadata (inside) and
246 | then again as a flat file (outside) to ensure integrity.
247 | 
248 | For faster ports building it may be of use to cache all distribution
249 | files before running the actual build:
250 | 
251 |     # make distfiles
252 | 
253 | For targeted rebuilding of already built packages the following
254 | works:
255 | 
256 |     # make ports-<packagename>[,...]
257 |     # make plugins-<packagename>[,...]
258 |     # make core-<packagename>[,...]
259 | 
260 | Please note that reissuing ports builds will clear plugins and
261 | core progress.  However, following option apply to PORTSENV:
262 | 
263 | * BATCH=no	Developer mode with shell after each build failure
264 | * DEPEND=no	Do not tamper with plugins or core packages
265 | * MISMATCH=no	Rebuild packages that have a version mismatch
266 | * PRUNE=no	Do not check ports integrity prior to rebuild
267 | 
268 | The defaults for these ports options are set to "yes".  A sample
269 | invoke is as follows:
270 | 
271 |     # make ports-curl PORTSENV="DEPEND=no PRUNE=no"
272 | 
273 | Both ports and plugins builds allow to override the current list
274 | derived from their respective configuration files, i.e.:
275 | 
276 |     # make ports PORTSLIST="security/openssl"
277 |     # make plugins PLUGINSLIST="devel/debug"
278 | 
279 | Acquiring precompiled sets from the mirrors or another local directory
280 | ---------------------------------------------------------------------
281 | 
282 | Compiled sets can be prefetched from a mirror if they exist,
283 | while removing any previously available set:
284 | 
285 |     # make prefetch-<option>[,...] [VERSION=<full_version>]
286 | 
287 | If another build configuration is used locally that is compatible,
288 | the sets can be cloned from there as well:
289 | 
290 |     # make clone-<option>[,...] TO=<major_version>
291 | 
292 | Available prefetch or clone options are:
293 | 
294 | * base:		select matching base set
295 | * distfiles:	select matching distfiles set (clone only)
296 | * kernel:	select matching kernel set
297 | * packages:	select matching packages set
298 | 
299 | Using signatures to verify integrity
300 | ------------------------------------
301 | 
302 | Signing for all sets can be redone or applied to a previous run
303 | that did not sign by invoking:
304 | 
305 |     # make sign-base,kernel,packages
306 | 
307 | A verification of all available set signatures is done via:
308 | 
309 |     # make verify
310 | 
311 | Nano image size adjustment
312 | --------------------------
313 | 
314 | Nano images can be adjusted in size using an argument as follows:
315 | 
316 |     # make nano-<size>
317 | 
318 | Virtual machine images
319 | ----------------------
320 | 
321 | Virtual machine images come in varying disk formats and sizes.
322 | For this reason they are not included in our binary releases.
323 | The default format is vmdk with 20G and 1G swap.  If you want
324 | to change that you can manually alter the invoke using:
325 | 
326 |     # make vm-<format>[,<size>[,<swap>[,<extras>]]]
327 | 
328 | Available virtual machine disk formats are:
329 | 
330 | * qcow:		Qemu, KVM (legacy format)
331 | * qcow2:	Qemu, KVM (not backwards-compatible)
332 | * raw:		Unformatted (sector by sector)
333 | * vhd:		VirtualPC, Hyper-V, Xen (dynamic size)
334 | * vhdf:		Azure, VirtualPC, Hyper-V, Xen (fixed size)
335 | * vmdk:		VMWare, VirtualBox (dynamic size)
336 | 
337 | The swap argument is either its size or set to "off" to disable.
338 | 
339 | The extras argument can be any extras.conf hook in case the
340 | default "vm" hook is not desirable.
341 | 
342 | Clearing individual build step progress
343 | ---------------------------------------
344 | 
345 | A couple of build machine cleanup helpers are available
346 | via the clean script:
347 | 
348 |     # make clean-<option>[,...]
349 | 
350 | Available clean options are:
351 | 
352 | * arm:		remove arm image
353 | * base:		remove base set
354 | * distfiles:	remove distfiles set
355 | * dvd:		remove dvd image
356 | * core:		remove core from packages set
357 | * images:	remove all images
358 | * kernel:	remove kernel set
359 | * logs:		remove all logs
360 | * nano:		remove nano image
361 | * obj:		remove all object directories
362 | * packages:	remove packages set
363 | * plugins:	remove plugins from packages set
364 | * ports:	alias for "packages" option
365 | * release:	remove release set
366 | * serial:	remove serial image
367 | * sets:		remove all sets
368 | * src:		reset kernel/base build directory
369 | * stage:	reset main staging area
370 | * vga:		remove vga image
371 | * vm:		remove vm image
372 | * xtools:	remove xtools set
373 | 
374 | How the port tree is updated via its upstream repository
375 | --------------------------------------------------------
376 | 
377 | The ports tree has a few of our modifications and is sometimes a
378 | bit ahead of FreeBSD.  In order to keep the local changes, a
379 | skimming script is used to review and copy upstream changes:
380 | 
381 |     # make skim[-<option>]
382 | 
383 | Available options are:
384 | 
385 | * used:		review and copy upstream changes
386 | * unused:	copy unused upstream changes
387 | * (none):	all of the above
388 | 
389 | Syncing a ports branch for custom package builds
390 | ------------------------------------------------
391 | 
392 | When maintaining branches the master branch holds updates that
393 | we want to cherry-pick to another branch.  To ease the process
394 | the sync step can deal with the complexity involved:
395 | 
396 |     # make sync-category/port[,category/port[,...]]
397 | 
398 | Rebasing the file lists for the base sets
399 | -----------------------------------------
400 | 
401 | In case base files changed, the base package list and obsoleted
402 | files need to be regenerated.  This is done using:
403 | 
404 |     # make rebase
405 | 
406 | Switching to the build jail for inspection
407 | ------------------------------------------
408 | 
409 | Shall any debugging be needed inside the build jail, the following
410 | command will use chroot(8) to enter the active build jail:
411 | 
412 |     # make chroot[-<subdir>]
413 | 
414 | Boot images in the native bhyve(8) hypervisor
415 | ---------------------------------------------
416 | 
417 | There's also the posh way to boot a final image using bhyve(8):
418 | 
419 |     # make boot-<image>
420 | 
421 | Please note that login is only possible via the Nano and Serial images.
422 | 
423 | Booting VM images will not work for types other than "raw".
424 | 
425 | Generating a make.conf for use in running OPNsense
426 | --------------------------------------------------
427 | 
428 | A ports tree in a running OPNsense can be used to build packages
429 | not published on the mirrors.  To generate the make.conf contents
430 | for standalone use on the host use:
431 | 
432 |     # make make.conf
433 | 
434 | Reading and modifying version numbers of build sets and images
435 | --------------------------------------------------------------
436 | 
437 | Normally the build scripts will pick up version numbers based
438 | on commit tags or given version tags or a date-type string.
439 | Should it not fit your needs, you can change the name using:
440 | 
441 |     # make rename-<set>[,<another_set>] VERSION=<new_name>
442 | 
443 | The available targets are: base, distfiles, dvd, kernel, nano,
444 | packages, serial, vga and vm.
445 | 
446 | The current state of the associated build repositories checked
447 | out on the system can be printed using:
448 | 
449 |     # make info
450 | 
451 | Repositories that have signing keys can show the current
452 | fingerprint using:
453 | 
454 |     # make fingerprint
455 | 
456 | Last but not least, in case build variables needs to be inspected,
457 | they can be printed selectively using:
458 | 
459 |     # make print-<variable1>[,<variable2>]
460 | 
461 | Compressing images
462 | ------------------
463 | 
464 | Images are compressed using bzip2(1) for distribution.  This can
465 | be invoked manually using:
466 | 
467 |     # make compress-<image1>[,<image2>]
468 | 
469 | Composite build steps
470 | ---------------------
471 | 
472 | A fully contained nightly build for the system is invoked using:
473 | 
474 |     # make nightly
475 | 
476 | When nightly builds are being run you can get a brief report of
477 | the latest one for each build step or select a build step to either
478 | view the file or watch it run in real time:
479 | 
480 |     # make watch[-<step>]
481 | 
482 | To allow the nightly build to build both release and development packages
483 | use:
484 | 
485 |     # make nightly EXTRABRANCH=master
486 | 
487 | Nightly builds are the only builds that write and archive logs under:
488 | 
489 |     # make print-LOGSDIR
490 | 
491 | with ./latest containing the last nightly build run.  Older logs are
492 | archived and available for a whole week for retrospective analysis.
493 | 
494 | To push sets and images to a remote location use the upload target:
495 | 
496 |     # make upload-<set>[,...]
497 | 
498 | To pull sets and images from a remote location use the download target:
499 | 
500 |     # make download-<set>[,...]
501 | 
502 | Logs can be downloaded as well for local inspection.  Note that download
503 | like prefetch will purge all locally existing targets.  Use SERVER to
504 | specify the remote end, e.g. SERVER=user@does.not.exist
505 | 
506 | Additionally, UPLOADDIR can be used to specify a remote location.  At
507 | this point only "logs" upload cleares and creates directories on the fly.
508 | 
509 | If you want to script interactive prompts you may use the confirm target
510 | to operate yes or no questions before an action:
511 | 
512 |     # make info confirm dvd
513 | 
514 | To add arbitrary plugins from an external location into an image you can
515 | use the following:
516 | 
517 |     # make custom-<image> ADDITIONS="an-existing-plugin path/to/extra/plugin"
518 | 
519 | Last but not least, a rebuild of OPNsense core and plugins on package
520 | sets is invoked using:
521 | 
522 |     # make hotfix[-<step>]
523 | 
524 | The default hotfix run is a non-destructive rebuild pass for missing
525 | plugins and core packages which also signs the existing packages.
526 | 
527 | You can also do a full rebuild using "core" or "plugins".  The "ports"
528 | step, however, will automatically rebuild mismatching and missing ports.
529 | 
530 | Any other argument (or list of arguments separated by comma) will be
531 | treated as individual packages to be rebuilt by their matching steps.
532 | 


--------------------------------------------------------------------------------
/build/arm.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2017-2025 Franco Fichtner <franco@opnsense.org>
  4 | # Copyright (c) 2015-2017 The FreeBSD Foundation
  5 | #
  6 | # Redistribution and use in source and binary forms, with or without
  7 | # modification, are permitted provided that the following conditions
  8 | # are met:
  9 | #
 10 | # 1. Redistributions of source code must retain the above copyright
 11 | #    notice, this list of conditions and the following disclaimer.
 12 | #
 13 | # 2. Redistributions in binary form must reproduce the above copyright
 14 | #    notice, this list of conditions and the following disclaimer in the
 15 | #    documentation and/or other materials provided with the distribution.
 16 | #
 17 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 18 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 20 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 21 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 22 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 23 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 24 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 25 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 26 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 27 | # SUCH DAMAGE.
 28 | 
 29 | set -e
 30 | 
 31 | SELF=arm
 32 | 
 33 | . ./common.sh
 34 | 
 35 | if [ ${PRODUCT_ARCH} != aarch64 ]; then
 36 | 	echo ">>> Cannot build arm image with arch ${PRODUCT_ARCH}"
 37 | 	exit 1
 38 | fi
 39 | 
 40 | check_image ${SELF} ${@}
 41 | 
 42 | ARMSIZE="3G"
 43 | 
 44 | if [ -n "${1}" ]; then
 45 | 	ARMSIZE=${1}
 46 | fi
 47 | 
 48 | ARMIMG="${IMAGESDIR}/${PRODUCT_RELEASE}-arm-${PRODUCT_ARCH}${PRODUCT_DEVICE+"-${PRODUCT_DEVICE}"}.img"
 49 | ARMLABEL="${PRODUCT_NAME}_ARM"
 50 | 
 51 | sh ./clean.sh ${SELF}
 52 | 
 53 | setup_stage ${STAGEDIR}
 54 | 
 55 | truncate -s ${ARMSIZE} ${ARMIMG}
 56 | 
 57 | DEV=$(mdconfig -a -t vnode -f ${ARMIMG} -x 63 -y 255)
 58 | 
 59 | ARM_FAT_SIZE=${ARM_FAT_SIZE:-"50m -b 1m"}
 60 | 
 61 | gpart create -s MBR ${DEV}
 62 | gpart add -t '!12' -a 512k -s ${ARM_FAT_SIZE} ${DEV}
 63 | gpart set -a active -i 1 ${DEV}
 64 | newfs_msdos -L msdosboot -F 16 /dev/${DEV}s1
 65 | gpart add -t freebsd ${DEV}
 66 | gpart create -s bsd ${DEV}s2
 67 | gpart add -t freebsd-ufs -a 64k /dev/${DEV}s2
 68 | newfs -U -L ${ARMLABEL} /dev/${DEV}s2a
 69 | mount /dev/${DEV}s2a ${STAGEDIR}
 70 | 
 71 | setup_base ${STAGEDIR}
 72 | setup_kernel ${STAGEDIR}
 73 | setup_xtools ${STAGEDIR}
 74 | setup_packages ${STAGEDIR}
 75 | setup_extras ${STAGEDIR} ${SELF}
 76 | setup_entropy ${STAGEDIR}
 77 | setup_xbase ${STAGEDIR}
 78 | 
 79 | cat > ${STAGEDIR}/etc/fstab << EOF
 80 | # Device		Mountpoint	FStype	Options		Dump	Pass#
 81 | /dev/ufs/${ARMLABEL}	/		ufs	rw		1	1
 82 | /dev/msdosfs/MSDOSBOOT	/boot/msdos	msdosfs	rw,noatime	0	0
 83 | EOF
 84 | 
 85 | mkdir -p ${STAGEDIR}/boot/msdos
 86 | mount_msdosfs /dev/${DEV}s1 ${STAGEDIR}/boot/msdos
 87 | 
 88 | arm_mount()
 89 | {
 90 | 	mount /dev/${DEV}s2a ${STAGEDIR}
 91 | 	mount_msdosfs /dev/${DEV}s1 ${STAGEDIR}/boot/msdos
 92 | }
 93 | 
 94 | arm_unmount()
 95 | {
 96 | 	sync
 97 | 	umount ${STAGEDIR}/boot/msdos
 98 | 	umount ${STAGEDIR}
 99 | }
100 | 
101 | arm_install_uboot
102 | 
103 | if [ -n "${PRODUCT_UEFI}" -a -z "${PRODUCT_UEFI%%*"${SELF}"*}" ]; then
104 | 	setup_efiboot ${STAGEDIR}/efiboot.img ${STAGEDIR}/boot/loader.efi
105 | 	cp -r ${STAGEDIR}/efiboot.img.d/efi ${STAGEDIR}/boot/msdos/efi
106 | fi
107 | 
108 | echo -n ">>> Building arm image... "
109 | 
110 | arm_unmount
111 | mdconfig -d -u ${DEV}
112 | 
113 | echo "done"
114 | 
115 | sign_image ${ARMIMG}
116 | 


--------------------------------------------------------------------------------
/build/audit.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2022 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=audit
31 | 
32 | . ./common.sh
33 | 
34 | PORTSLIST=$(list_packages "${PORTSLIST}" ${CONFIGDIR}/ports.conf)
35 | 
36 | setup_stage ${STAGEDIR}
37 | setup_base ${STAGEDIR}
38 | setup_chroot ${STAGEDIR}
39 | extract_packages ${STAGEDIR}
40 | install_packages ${STAGEDIR} pkg
41 | lock_packages ${STAGEDIR}
42 | 
43 | for PKG in $(cd ${STAGEDIR}; find .${PACKAGESDIR}/All -type f); do
44 | 	PKGORIGIN=$(pkg -c ${STAGEDIR} info -F ${PKG} | \
45 | 	    grep ^Origin | awk '{ print $3; }')
46 | 
47 | 	for PORT in ${PORTSLIST}; do
48 | 		PORT=${PORT%%@*}
49 | 		if [ "${PORT}" = "${PKGORIGIN}" ]; then
50 | 			${ENV_FILTER} chroot ${STAGEDIR} /bin/sh -s << EOF
51 | echo -n "Auditing ${PORT}... "
52 | STATUS=ok
53 | pkg add -f ${PKG} 2> /dev/null > /dev/null
54 | AUDIT=\$(pkg audit -F | grep is.vulnerable | tr -d :)
55 | if [ -n "\${AUDIT}" ]; then
56 | 	echo "\${AUDIT}" >> /report
57 | 	STATUS=vulnerable
58 | fi
59 | pkg remove -qya > /dev/null
60 | echo \${STATUS}
61 | EOF
62 | 		fi
63 | 	done
64 | done
65 | 
66 | if [ -f ${STAGEDIR}/report ]; then
67 | 	echo ">>> The following vulnerable packages exist:"
68 | 	sort -u ${STAGEDIR}/report
69 | 	exit 1
70 | else
71 | 	echo ">>> No vulnerable packages have been found."
72 | fi
73 | 


--------------------------------------------------------------------------------
/build/base.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2014-2022 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | set -e
 29 | 
 30 | SELF=base
 31 | 
 32 | . ./common.sh
 33 | 
 34 | BASESET=$(find_set base)
 35 | 
 36 | if [ -f "${BASESET}" -a -z "${1}" ]; then
 37 | 	echo ">>> Reusing base set: ${BASESET}"
 38 | 	exit 0
 39 | fi
 40 | 
 41 | git_branch ${SRCDIR} ${SRCBRANCH} SRCBRANCH
 42 | git_version ${SRCDIR}
 43 | 
 44 | BASESET=${SETSDIR}/base-${PRODUCT_VERSION}-${PRODUCT_ARCH}${PRODUCT_DEVICE+"-${PRODUCT_DEVICE}"}.txz
 45 | 
 46 | MAKE_ARGS="
 47 | TARGET_ARCH=${PRODUCT_ARCH}
 48 | TARGET=${PRODUCT_TARGET}
 49 | SRCCONF=${CONFIGDIR}/src.conf
 50 | WITHOUT_DEBUG_FILES=yes
 51 | __MAKE_CONF=
 52 | ${MAKE_ARGS_DEV}
 53 | "
 54 | 
 55 | ${ENV_FILTER} make -s -C${SRCDIR} -j${CPUS} buildworld ${MAKE_ARGS}
 56 | if [ "${1}" = "build" ]; then
 57 | 	exit 0
 58 | fi
 59 | ${ENV_FILTER} make -s -C${SRCDIR}/release obj ${MAKE_ARGS}
 60 | 
 61 | # reset the distribution directory
 62 | BASE_DISTDIR="$(make -C${SRCDIR}/release -v DISTDIR ${MAKE_ARGS})/${SELF}"
 63 | BASE_OBJDIR="$(make -C${SRCDIR}/release -v .OBJDIR ${MAKE_ARGS})"
 64 | setup_stage "${BASE_OBJDIR}/${BASE_DISTDIR}"
 65 | 
 66 | # remove older object archives, too
 67 | BASE_OBJ=$(make -C${SRCDIR}/release -v .OBJDIR ${MAKE_ARGS})/base.txz
 68 | rm -f ${BASE_OBJ}
 69 | 
 70 | ${ENV_FILTER} make -s -C${SRCDIR}/release base.txz ${MAKE_ARGS}
 71 | 
 72 | sh ./clean.sh ${SELF}
 73 | 
 74 | setup_stage ${STAGEDIR} work
 75 | setup_set ${STAGEDIR}/work ${BASE_OBJ}
 76 | 
 77 | # needs to be in obsolete file list for control purposes
 78 | mkdir -p ${STAGEDIR}/work/usr/local/opnsense/version
 79 | touch ${STAGEDIR}/work/usr/local/opnsense/version/base
 80 | touch ${STAGEDIR}/work/usr/local/opnsense/version/base.arch
 81 | touch ${STAGEDIR}/work/usr/local/opnsense/version/base.hash
 82 | touch ${STAGEDIR}/work/usr/local/opnsense/version/base.mtree
 83 | touch ${STAGEDIR}/work/usr/local/opnsense/version/base.obsolete
 84 | touch ${STAGEDIR}/work/usr/local/opnsense/version/base.size
 85 | 
 86 | echo -n ">>> Generating obsolete file list... "
 87 | 
 88 | (cd ${STAGEDIR}/work; find . ! -type d) | sed -e 's/^\.//g' | \
 89 |     sort > ${STAGEDIR}/setdiff.new
 90 | 
 91 | : > ${STAGEDIR}/setdiff.old
 92 | if [ -f ${CONFIGDIR}/base.plist.${PRODUCT_ARCH} ]; then
 93 | 	cp ${CONFIGDIR}/base.plist.${PRODUCT_ARCH} ${STAGEDIR}/setdiff.old
 94 | fi
 95 | 
 96 | : > ${STAGEDIR}/setdiff.tmp
 97 | if [ -f ${CONFIGDIR}/base.obsolete.${PRODUCT_ARCH} ]; then
 98 | 	diff -u ${CONFIGDIR}/base.obsolete.${PRODUCT_ARCH} \
 99 | 	    ${STAGEDIR}/setdiff.new | grep '^-/' | \
100 | 	    cut -b 2- > ${STAGEDIR}/setdiff.tmp
101 | fi
102 | 
103 | (cat ${STAGEDIR}/setdiff.tmp; diff -u ${STAGEDIR}/setdiff.old \
104 |     ${STAGEDIR}/setdiff.new | grep '^-/' | cut -b 2-) | \
105 |     sort -u > ${STAGEDIR}/obsolete
106 | 
107 | echo "done"
108 | 
109 | setup_version ${STAGEDIR} ${STAGEDIR}/work ${SELF} ${STAGEDIR}/obsolete
110 | generate_set ${STAGEDIR}/work ${BASESET}
111 | generate_signature ${BASESET}
112 | 


--------------------------------------------------------------------------------
/build/boot.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2016-2021 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | MEM=3092
31 | SELF=boot
32 | 
33 | . ./common.sh
34 | 
35 | if [ -z "${1}" ]; then
36 | 	echo ">>> No image given."
37 | 	exit 1
38 | fi
39 | 
40 | IMAGE=$(find_image "${1}")
41 | 
42 | if [ ! -f "${IMAGE}" ]; then
43 | 	echo ">>> No image found."
44 | 	exit 1
45 | fi
46 | 
47 | AHCI=ahci-hd; if [ "${1}" = "dvd" ]; then AHCI=ahci-cd;fi
48 | 
49 | setup_stage ${STAGEDIR}
50 | 
51 | TARGET=${STAGEDIR}/image.img
52 | SPARE=${STAGEDIR}/disk.img
53 | 
54 | if [ -z "${IMAGE%%*.bz2}" ]; then
55 | 	echo -n ">>> Uncompressing image ${IMAGE}... "
56 | 	bunzip2 -c ${IMAGE} > ${TARGET}
57 | 	echo "done"
58 | else
59 | 	cp ${IMAGE} ${TARGET}
60 | fi
61 | 
62 | truncate -s +5G ${TARGET}
63 | truncate -s 10G ${SPARE}
64 | 
65 | echo ">>> Booting image ${IMAGE}:"
66 | 
67 | BRGDEV=bridge0
68 | TAPLAN=tap0
69 | TAPWAN=tap1
70 | PHYDEV=em0
71 | 
72 | if ! ifconfig ${BRGDEV}; then BRGDEV=$(ifconfig bridge create); fi
73 | if ! ifconfig ${TAPLAN}; then TAPLAN=$(ifconfig tap create); fi
74 | if ! ifconfig ${TAPWAN}; then TAPWAN=$(ifconfig tap create); fi
75 | 
76 | ifconfig ${BRGDEV} addm ${TAPWAN} addm ${PHYDEV} up || true
77 | ifconfig ${TAPWAN} up
78 | 
79 | kldstat -qm vmm || kldload vmm
80 | bhyveload -m ${MEM} -d ${TARGET} vm0
81 | while bhyve -c 1 -m ${MEM} -AHP \
82 |     -s 0,hostbridge \
83 |     -s 1:0,virtio-net,${TAPLAN} \
84 |     -s 1:1,virtio-net,${TAPWAN} \
85 |     -s 2:0,${AHCI},${TARGET} \
86 |     -s 3:0,ahci-hd,${SPARE} \
87 |     -s 31,lpc -l com1,stdio \
88 |     vm0; do
89 | 	bhyvectl --destroy --vm=vm0
90 | 	bhyveload -m ${MEM} -d ${TARGET} vm0
91 | done
92 | bhyvectl --destroy --vm=vm0
93 | 


--------------------------------------------------------------------------------
/build/chroot.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2016-2017 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=chroot
31 | 
32 | . ./common.sh
33 | 
34 | echo ">>> Changing root directory to ${STAGEDIR}/${1}..."
35 | 
36 | ${ENV_FILTER} chroot ${STAGEDIR}/${1} /bin/csh
37 | 


--------------------------------------------------------------------------------
/build/clean.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2014-2025 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | set -e
 29 | 
 30 | SELF=clean
 31 | 
 32 | . ./common.sh
 33 | 
 34 | for ARG in ${@}; do
 35 | 	case ${ARG} in
 36 | 	arm)
 37 | 		echo ">>> Removing arm image"
 38 | 		rm -f ${IMAGESDIR}/*-arm-${PRODUCT_ARCH}-${PRODUCT_DEVICE}.img*
 39 | 		;;
 40 | 	aux|tests|xtools)
 41 | 		echo ">>> Removing ${ARG} set"
 42 | 		rm -f ${SETSDIR}/${ARG}-*-${PRODUCT_ARCH}.*
 43 | 		;;
 44 | 	base)
 45 | 		echo ">>> Removing base set"
 46 | 		rm -f ${SETSDIR}/base-*-${PRODUCT_ARCH}${PRODUCT_DEVICE+"-${PRODUCT_DEVICE}"}.*
 47 | 		;;
 48 | 	core)
 49 | 		echo ">>> Removing core from packages set"
 50 | 		setup_stage ${STAGEDIR}
 51 | 		setup_base ${STAGEDIR}
 52 | 		if extract_packages ${STAGEDIR}; then
 53 | 			remove_packages ${STAGEDIR} ${PRODUCT_CORES}
 54 | 			bundle_packages ${STAGEDIR} '' core
 55 | 		fi
 56 | 		;;
 57 | 	distfiles)
 58 | 		echo ">>> Removing distfiles set"
 59 | 		rm -f ${SETSDIR}/distfiles-*.tar
 60 | 		;;
 61 | 	dvd)
 62 | 		echo ">>> Removing dvd image"
 63 | 		rm -f ${IMAGESDIR}/*-dvd-${PRODUCT_ARCH}.iso*
 64 | 		;;
 65 | 	hotfix)
 66 | 		echo ">>> Removing plugins and core from packages set"
 67 | 		setup_stage ${STAGEDIR}
 68 | 		setup_base ${STAGEDIR}
 69 | 		if extract_packages ${STAGEDIR}; then
 70 | 			remove_packages ${STAGEDIR} ${PRODUCT_CORES} \
 71 | 			    ${PRODUCT_PLUGINS}
 72 | 			bundle_packages ${STAGEDIR} '' plugins core
 73 | 		fi
 74 | 		;;
 75 | 	images)
 76 | 		setup_stage ${IMAGESDIR}
 77 | 		;;
 78 | 	kernel)
 79 | 		echo ">>> Removing kernel set"
 80 | 		rm -f ${SETSDIR}/kernel-*-${PRODUCT_ARCH}${PRODUCT_DEVICE+"-${PRODUCT_DEVICE}"}.*
 81 | 		;;
 82 | 	logs)
 83 | 		setup_stage ${LOGSDIR}
 84 | 		;;
 85 | 	nano)
 86 | 		echo ">>> Removing nano image"
 87 | 		rm -f ${IMAGESDIR}/*-nano-${PRODUCT_ARCH}.img*
 88 | 		;;
 89 | 	obj)
 90 | 		if [ -d ${STAGEDIRPREFIX} ]; then
 91 | 			for DIR in $(find ${STAGEDIRPREFIX} \
 92 | 			    -type d -name "dev"); do
 93 | 				setup_stage $(dirname ${DIR}) || true
 94 | 			done
 95 | 		fi
 96 | 		for DIR in $(find /usr/obj -type d -depth 1); do
 97 | 			setup_stage ${DIR}
 98 | 			rm -rf ${DIR}
 99 | 		done
100 | 		;;
101 | 	packages)
102 | 		echo ">>> Removing packages including aux set"
103 | 		rm -f ${SETSDIR}/aux-*-${PRODUCT_ARCH}.*
104 | 		rm -f ${SETSDIR}/packages-*-${PRODUCT_ARCH}.*
105 | 		;;
106 | 	plugins)
107 | 		echo ">>> Removing plugins from packages set"
108 | 		setup_stage ${STAGEDIR}
109 | 		setup_base ${STAGEDIR}
110 | 		if extract_packages ${STAGEDIR}; then
111 | 			remove_packages ${STAGEDIR} ${PRODUCT_PLUGINS}
112 | 			bundle_packages ${STAGEDIR} '' plugins
113 | 		fi
114 | 		;;
115 | 	ports)
116 | 		echo ">>> Removing packages set"
117 | 		rm -f ${SETSDIR}/packages-*-${PRODUCT_ARCH}.*
118 | 		;;
119 | 	release)
120 | 		echo ">>> Removing release set"
121 | 		rm -f ${SETSDIR}/release-*-${PRODUCT_ARCH}.tar
122 | 		;;
123 | 	serial)
124 | 		echo ">>> Removing serial image"
125 | 		rm -f ${IMAGESDIR}/*-serial-${PRODUCT_ARCH}.img*
126 | 		;;
127 | 	sets)
128 | 		setup_stage ${SETSDIR}
129 | 		;;
130 | 	stage)
131 | 		setup_stage ${STAGEDIR}
132 | 		;;
133 | 	src)
134 | 		setup_stage /usr/obj${SRCDIR}
135 | 		;;
136 | 	vga)
137 | 		echo ">>> Removing vga image"
138 | 		rm -f ${IMAGESDIR}/*-vga-${PRODUCT_ARCH}.img*
139 | 		;;
140 | 	vm)
141 | 		echo ">>> Removing vm image"
142 | 		rm -f ${IMAGESDIR}/*-vm-${PRODUCT_ARCH}.*
143 | 		;;
144 | 	esac
145 | done
146 | 


--------------------------------------------------------------------------------
/build/clone.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2021-2024 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=clone
31 | 
32 | . ./common.sh
33 | 
34 | if [ -z "${TO}" ]; then
35 | 	echo ">>> Missing target, please set TO=xx.x"
36 | 	exit 1
37 | fi
38 | 
39 | if [ ${TO} = ${PRODUCT_ABI} ]; then
40 | 	echo ">>> Wrong target, please correct TO=xx.x"
41 | 	exit 1
42 | fi
43 | 
44 | for ARG in ${@}; do
45 | 	case ${ARG} in
46 | 	aux|base|distfiles|kernel|packages)
47 | 		SRC=$(find_set ${ARG})
48 | 		if [ -f "${SRC}" ]; then
49 | 			DST=$(echo ${SRC} | sed "s:/${PRODUCT_ABI}/:/${TO}/:")
50 | 			echo -n ">>> Cloning ${DST}... "
51 | 			rm -f $(dirname ${DST})/${ARG}-*
52 | 			cp ${SRC} ${DST}
53 | 			if [ -f ${SRC}.sig ]; then
54 | 				cp ${SRC}.sig ${DST}.sig
55 | 			fi
56 | 			echo "done"
57 | 		fi
58 | 		;;
59 | 	esac
60 | done
61 | 
62 | 


--------------------------------------------------------------------------------
/build/compress.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2018-2021 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=compress
31 | 
32 | . ./common.sh
33 | 
34 | for ARG in ${@}; do
35 | 	case ${ARG} in
36 | 	arm|dvd|nano|serial|vga|vm)
37 | 		for IMAGE in $(find ${IMAGESDIR} -name \
38 | 		    "*-${ARG}-*" \! -name "*.bz2" \! -name "*.sig"); do
39 | 			echo -n ">>> Compressing ${ARG} image... "
40 | 			bzip2 ${IMAGE}
41 | 			echo "done"
42 | 		done
43 | 		;;
44 | 	esac
45 | done
46 | 


--------------------------------------------------------------------------------
/build/confirm.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2018 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=confirm
31 | 
32 | . ./common.sh
33 | 
34 | read -p "Proceed with this action? [y/N]: " YN
35 | 
36 | case ${YN} in
37 | [yY])
38 | 	;;
39 | *)
40 | 	exit 1
41 | 	;;
42 | esac
43 | 


--------------------------------------------------------------------------------
/build/connect.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2022 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=connect
31 | 
32 | . ./common.sh
33 | 
34 | echo ">>> Connecting to ${PRODUCT_SERVER}..."
35 | 
36 | ssh ${PRODUCT_SERVER}
37 | 


--------------------------------------------------------------------------------
/build/core.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2014-2023 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=core
31 | 
32 | . ./common.sh
33 | 
34 | if check_packages ${SELF} ${@}; then
35 | 	echo ">>> Step ${SELF} is up to date"
36 | 	exit 0
37 | fi
38 | 
39 | git_branch ${COREDIR} ${COREBRANCH} COREBRANCH
40 | 
41 | setup_stage ${STAGEDIR}
42 | setup_base ${STAGEDIR}
43 | setup_chroot ${STAGEDIR}
44 | 
45 | extract_packages ${STAGEDIR}
46 | remove_packages ${STAGEDIR} ${@}
47 | install_packages ${STAGEDIR} pkg git
48 | lock_packages ${STAGEDIR}
49 | 
50 | if [ -n "${COREVERSION}" ]; then
51 | 	CORE_PKGVERSION="CORE_PKGVERSION=${COREVERSION}"
52 | fi
53 | 
54 | for BRANCH in ${EXTRABRANCH} ${COREBRANCH}; do
55 | 	setup_copy ${STAGEDIR} ${COREDIR}
56 | 	git_reset ${STAGEDIR}${COREDIR} ${BRANCH}
57 | 
58 | 	CORE_ARGS="CORE_ARCH=${PRODUCT_ARCH} ${COREENV}"
59 | 	if [ ${BRANCH} = ${COREBRANCH} ]; then
60 | 		CORE_ARGS="${CORE_ARGS} ${CORE_PKGVERSION}"
61 | 	fi
62 | 
63 | 	CORE_NAME=$(make -C ${STAGEDIR}${COREDIR} ${CORE_ARGS} -v CORE_NAME)
64 | 	CORE_DEPS=$(make -C ${STAGEDIR}${COREDIR} ${CORE_ARGS} -v CORE_DEPENDS)
65 | 	CORE_VERS=$(make -C ${STAGEDIR}${COREDIR} ${CORE_ARGS} -v CORE_PKGVERSION)
66 | 
67 | 	for REMOVED in ${@}; do
68 | 		if [ ${REMOVED} = ${CORE_NAME} ]; then
69 | 			# make sure a subsequent build of the
70 | 			# same package goes through by removing
71 | 			# it while it may have been rebuilt on
72 | 			# another branch
73 | 			remove_packages ${STAGEDIR} ${REMOVED}
74 | 		fi
75 | 	done
76 | 
77 | 	if search_packages ${STAGEDIR} ${CORE_NAME} ${CORE_VERS}; then
78 | 		# already built
79 | 		continue
80 | 	fi
81 | 
82 | 	install_packages ${STAGEDIR} ${CORE_DEPS}
83 | 	custom_packages ${STAGEDIR} ${COREDIR} \
84 | 	    "${CORE_ARGS}" ${CORE_NAME} ${CORE_VERS}
85 | done
86 | 
87 | bundle_packages ${STAGEDIR} ${SELF}
88 | 


--------------------------------------------------------------------------------
/build/distfiles.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2015-2025 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | set -e
 29 | 
 30 | SELF=distfiles
 31 | 
 32 | . ./common.sh
 33 | 
 34 | PORTSLIST=$(list_packages "${PORTSLIST}" ${CONFIGDIR}/aux.conf ${CONFIGDIR}/ports.conf)
 35 | 
 36 | git_branch ${SRCDIR} ${SRCBRANCH} SRCBRANCH
 37 | git_branch ${PORTSDIR} ${PORTSBRANCH} PORTSBRANCH
 38 | git_version ${PORTSDIR}
 39 | 
 40 | setup_stage ${STAGEDIR}
 41 | setup_base ${STAGEDIR}
 42 | setup_clone ${STAGEDIR} ${PORTSDIR}
 43 | setup_clone ${STAGEDIR} ${SRCDIR}
 44 | setup_chroot ${STAGEDIR}
 45 | setup_distfiles ${STAGEDIR}
 46 | 
 47 | extract_packages ${STAGEDIR} || true
 48 | 
 49 | sh ./make.conf.sh > ${STAGEDIR}/etc/make.conf
 50 | 
 51 | echo ">>> Fetching distfiles..."
 52 | 
 53 | # block SIGINT to allow for collecting port progress (use with care)
 54 | trap : 2
 55 | 
 56 | if ! ${ENV_FILTER} chroot ${STAGEDIR} /bin/sh -es << EOF; then PORTSLIST=; fi
 57 | MAKE_ARGS="
 58 | PACKAGES=${PACKAGESDIR}
 59 | PRODUCT_ABI=${PRODUCT_ABI}
 60 | TRYBROKEN=yes
 61 | UNAME_r=\$(freebsd-version)
 62 | USE_PACKAGE_DEPENDS=yes
 63 | "
 64 | echo "${PORTSLIST}" | while read PORT_ORIGIN; do
 65 | 	echo ">>> Fetching \${PORT_ORIGIN}..."
 66 | 	FLAVOR=\${PORT_ORIGIN##*@}
 67 | 	FLAVOR_ARG=
 68 | 	if [ "\${FLAVOR}" != "\${PORT_ORIGIN}" ]; then
 69 | 		FLAVOR_ARG="FLAVOR=\${FLAVOR}"
 70 | 	fi
 71 | 	PORT=\${PORT_ORIGIN%%@*}
 72 | 	if ! make -C ${PORTSDIR}/\${PORT} fetch \${MAKE_ARGS} \${FLAVOR_ARG}; then
 73 | 		if [ -n "${PRODUCT_REBUILD}" ]; then
 74 | 			exit 1
 75 | 		fi
 76 | 		echo ">>> Failed fetching \${PORT}" >> ${STAGEDIR}/.pkg-msg
 77 | 	fi
 78 | 	PORT_DEPENDS=\$(make -C ${PORTSDIR}/\${PORT} all-depends-list \
 79 | 	    \${MAKE_ARGS})
 80 | 	for PORT_DEPEND in \${PORT_DEPENDS}; do
 81 | 		FLAVOR=\${PORT_DEPEND##*@}
 82 | 		FLAVOR_ARG=
 83 | 		if [ "\${FLAVOR}" != "\${PORT_DEPEND}" ]; then
 84 | 			FLAVOR_ARG="FLAVOR=\${FLAVOR}"
 85 | 		fi
 86 | 		PORT=\${PORT_DEPEND%%@*}
 87 | 		if ! make -C \${PORT} fetch \${MAKE_ARGS} \${FLAVOR_ARG}; then
 88 | 			if [ -n "${PRODUCT_REBUILD}" ]; then
 89 | 				exit 1
 90 | 			fi
 91 | 			echo ">>> Failed fetching \${PORT}" >> ${STAGEDIR}/.pkg-msg
 92 | 		fi
 93 | 	done
 94 | done
 95 | EOF
 96 | 
 97 | # unblock SIGINT
 98 | trap - 2
 99 | 
100 | sh ./clean.sh ${SELF}
101 | 
102 | echo -n ">>> Creating distfiles set... "
103 | tar -C ${STAGEDIR}${PORTSDIR} -cf \
104 |     ${SETSDIR}/distfiles-${PRODUCT_VERSION}.tar distfiles
105 | echo "done"
106 | 
107 | if [ -f ${STAGEDIR}/.pkg-msg ]; then
108 | 	echo ">>> WARNING: The fetch provided additional info."
109 | 	cat ${STAGEDIR}/.pkg-msg
110 | 
111 | 	# signal error as well now
112 | 	PORTSLIST=
113 | fi
114 | 
115 | if [ -z "${PORTSLIST}" ]; then
116 | 	echo ">>> The distfiles fetch did not finish properly :("
117 | 	exit 1
118 | fi
119 | 


--------------------------------------------------------------------------------
/build/download.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2018-2019 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=download
31 | 
32 | . ./common.sh
33 | 
34 | download()
35 | {
36 | 	echo ">>> Downloading ${1} from ${PRODUCT_SERVER}..."
37 | 	(cd ${2}; echo "get ${2}/${3}" | sftp ${PRODUCT_SERVER})
38 | }
39 | 
40 | for ARG in ${@}; do
41 | 	case ${ARG} in
42 | 	arm|dvd|nano|serial|vga|vm)
43 | 		sh ./clean.sh ${ARG}
44 | 		download ${ARG} ${IMAGESDIR} "*-${ARG}-*"
45 | 		;;
46 | 	base|distfiles|kernel|packages|release)
47 | 		sh ./clean.sh ${ARG}
48 | 		download ${ARG} ${SETSDIR} "${ARG}-*"
49 | 		;;
50 | 	log)
51 | 		# one log only, do not clear
52 | 		download ${ARG} ${LOGSDIR} "${PRODUCT_VERSION}-*"
53 | 		;;
54 | 	logs)
55 | 		sh ./clean.sh ${ARG}
56 | 		download ${ARG} ${LOGSDIR} "[0-9]*"
57 | 		;;
58 | 	esac
59 | done
60 | 


--------------------------------------------------------------------------------
/build/dvd.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2014-2021 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=dvd
31 | 
32 | . ./common.sh
33 | 
34 | if [ -z "${PRODUCT_UEFI}" -o -n "${PRODUCT_UEFI%%*"${SELF}"*}" ]; then
35 | 	echo ">>> BIOS-only DVD images are no longer supported" >&2
36 | 	exit 1
37 | fi
38 | 
39 | check_image ${SELF} ${@}
40 | 
41 | DVDIMG="${IMAGESDIR}/${PRODUCT_RELEASE}-dvd-${PRODUCT_ARCH}.iso"
42 | DVDLABEL=$(echo "${PRODUCT_NAME}_Install" | tr '[:lower:]' '[:upper:]')
43 | 
44 | sh ./clean.sh ${SELF}
45 | 
46 | setup_stage ${STAGEDIR} work mnt
47 | setup_base ${STAGEDIR}/work
48 | setup_kernel ${STAGEDIR}/work
49 | setup_packages ${STAGEDIR}/work
50 | setup_extras ${STAGEDIR}/work ${SELF}
51 | setup_mtree ${STAGEDIR}/work
52 | setup_entropy ${STAGEDIR}/work
53 | 
54 | BOOTIMAGE=i386
55 | 
56 | if [ ${PRODUCT_ARCH} != "amd64" ]; then
57 | 	BOOTIMAGE=efi
58 | fi
59 | 
60 | UEFIBOOT="-o bootimage=${BOOTIMAGE};${STAGEDIR}/efiboot.img"
61 | LEGACYBOOT="-o bootimage=${BOOTIMAGE};${STAGEDIR}/work/boot/cdboot -o no-emul-boot"
62 | 
63 | # keep legacy boot compatibility on amd64 only
64 | if [ ${PRODUCT_ARCH} != "amd64" ]; then
65 | 	UEFIBOOT="${UEFIBOOT} -o platformid=efi"
66 | 	LEGACYBOOT=
67 | fi
68 | 
69 | setup_efiboot ${STAGEDIR}/efiboot.img ${STAGEDIR}/work/boot/loader.efi 2048 12
70 | 
71 | cat > ${STAGEDIR}/work/etc/fstab << EOF
72 | # Device	Mountpoint	FStype	Options	Dump	Pass #
73 | /dev/iso9660/${DVDLABEL}	/	cd9660	ro	0	0
74 | tmpfs		/tmp		tmpfs	rw,mode=01777	0	0
75 | EOF
76 | 
77 | echo -n ">>> Building dvd image... "
78 | 
79 | makefs -t cd9660 ${LEGACYBOOT} ${UEFIBOOT} -o label=${DVDLABEL} \
80 |     -o rockridge ${DVDIMG} ${STAGEDIR}/work
81 | 
82 | echo "done"
83 | 
84 | sign_image ${DVDIMG}
85 | 


--------------------------------------------------------------------------------
/build/fingerprint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2019 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=fingerprint
31 | 
32 | . ./common.sh
33 | 
34 | ${PRODUCT_SIGNCHK}
35 | 


--------------------------------------------------------------------------------
/build/info.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2016-2018 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=info
31 | 
32 | . ./common.sh
33 | 
34 | info()
35 | {
36 | 	git_describe ${2}
37 | 
38 | 	cat << EOF
39 | ${1} ${2} ${REPO_VERSION} ${REPO_COMMENT} ${REPO_BRANCH}
40 | EOF
41 | }
42 | 
43 | info tools ${TOOLSDIR}
44 | info src ${SRCDIR}
45 | info ports ${PORTSDIR}
46 | info plugins ${PLUGINSDIR}
47 | info core ${COREDIR}
48 | 


--------------------------------------------------------------------------------
/build/kernel.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2014-2025 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | set -e
 29 | 
 30 | SELF=kernel
 31 | 
 32 | . ./common.sh
 33 | 
 34 | KERNELSET=$(find_set kernel)
 35 | 
 36 | if [ -f "${KERNELSET}" -a -z "${1}" ]; then
 37 | 	echo ">>> Reusing kernel set: ${KERNELSET}"
 38 | 	exit 0
 39 | fi
 40 | 
 41 | git_branch ${SRCDIR} ${SRCBRANCH} SRCBRANCH
 42 | git_version ${SRCDIR}
 43 | 
 44 | KERNEL_DEBUG_SET=${SETSDIR}/kernel-dbg-${PRODUCT_VERSION}-${PRODUCT_ARCH}${PRODUCT_DEVICE+"-${PRODUCT_DEVICE}"}.txz
 45 | KERNEL_RELEASE_SET=${SETSDIR}/kernel-${PRODUCT_VERSION}-${PRODUCT_ARCH}${PRODUCT_DEVICE+"-${PRODUCT_DEVICE}"}.txz
 46 | 
 47 | KERNDEBUG=default
 48 | SRCDEBUG="WITHOUT_DEBUG_FILES=yes"
 49 | 
 50 | if [ -n "${PRODUCT_DEBUG}" ]; then
 51 | 	KERNDEBUG=debug
 52 | 	SRCDEBUG=
 53 | fi
 54 | 
 55 | if [ -f "${CONFIGDIR}/${PRODUCT_KERNEL}" ]; then
 56 | 	sed -e "/%%DEBUG%%/r ${CONFIGDIR}/kernel.${KERNDEBUG}" \
 57 | 	    "${CONFIGDIR}/${PRODUCT_KERNEL}" | grep -v %%DEBUG%% > \
 58 | 	    "${SRCDIR}/sys/${PRODUCT_TARGET}/conf/${PRODUCT_KERNEL}"
 59 | else
 60 | 	echo ">>> Attempting to use external kernel: ${PRODUCT_KERNEL}"
 61 | fi
 62 | 
 63 | MAKE_ARGS="
 64 | TARGET_ARCH=${PRODUCT_ARCH}
 65 | TARGET=${PRODUCT_TARGET}
 66 | KERNCONF=${PRODUCT_KERNEL}
 67 | SRCCONF=${CONFIGDIR}/src.conf
 68 | ${SRCDEBUG}
 69 | __MAKE_CONF=
 70 | ${MAKE_ARGS_DEV}
 71 | "
 72 | 
 73 | ${ENV_FILTER} make -s -C${SRCDIR} -j${CPUS} kernel-toolchain ${MAKE_ARGS}
 74 | ${ENV_FILTER} make -s -C${SRCDIR} -j${CPUS} buildkernel ${MAKE_ARGS}
 75 | if [ "${1}" = "build" ]; then
 76 | 	exit 0
 77 | fi
 78 | ${ENV_FILTER} make -s -C${SRCDIR}/release obj ${MAKE_ARGS}
 79 | 
 80 | # reset the distribution directory
 81 | KERNEL_DISTDIR="$(make -C${SRCDIR}/release -v DISTDIR ${MAKE_ARGS})/${SELF}"
 82 | KERNEL_OBJDIR="$(make -C${SRCDIR}/release -v .OBJDIR ${MAKE_ARGS})"
 83 | setup_stage "${KERNEL_OBJDIR}/${KERNEL_DISTDIR}"
 84 | 
 85 | # remove older object archives, too
 86 | KERNEL_OBJ=$(make -C${SRCDIR}/release -v .OBJDIR ${MAKE_ARGS})/kernel.txz
 87 | DEBUG_OBJ=$(make -C${SRCDIR}/release -v .OBJDIR ${MAKE_ARGS})/kernel-dbg.txz
 88 | rm -f ${KERNEL_OBJ} ${DEBUG_OBJ}
 89 | 
 90 | # We used kernel.txz because we did not rewrite it,
 91 | # but as time went on and version info was embedded
 92 | # for tighter signature verification handling it is
 93 | # a convoluted action, but the archive gives us a
 94 | # full update set so we repack it instead of using
 95 | # src-related commands here too loosely...
 96 | ${ENV_FILTER} make -s -C${SRCDIR}/release kernel.txz ${MAKE_ARGS}
 97 | 
 98 | sh ./clean.sh ${SELF}
 99 | 
100 | setup_stage ${STAGEDIR} work
101 | setup_base ${STAGEDIR}
102 | setup_chroot ${STAGEDIR}
103 | 
104 | setup_set ${STAGEDIR}/work ${KERNEL_OBJ}
105 | KERNELSET=${KERNEL_RELEASE_SET}
106 | 
107 | if [ -n "$(test -f ${DEBUG_OBJ} && tar -tf ${DEBUG_OBJ})" ]; then
108 | 	setup_set ${STAGEDIR}/work ${DEBUG_OBJ}
109 | 	KERNELSET=${KERNEL_DEBUG_SET}
110 | fi
111 | 
112 | # avoid wrong linker.hints checksum with correct base utility
113 | chroot ${STAGEDIR} /usr/sbin/kldxref -R /work/boot/kernel
114 | 
115 | setup_version ${STAGEDIR} ${STAGEDIR}/work ${SELF}
116 | generate_set ${STAGEDIR}/work ${KERNELSET}
117 | generate_signature ${KERNELSET}
118 | 


--------------------------------------------------------------------------------
/build/list.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2021-2024 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=list
31 | 
32 | . ./common.sh
33 | 
34 | for ARG in ${*}; do
35 | 	if [ -d "${TARGETDIR}/${ARG}" ]; then
36 | 		ls -lah ${TARGETDIR}/"${ARG}"
37 | 	else
38 | 		SET=$(find_set "${ARG}")
39 | 		if [ -n "${SET}" ]; then
40 | 			tar -tf ${SET}
41 | 		fi
42 | 	fi
43 | done
44 | 


--------------------------------------------------------------------------------
/build/make.conf.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2021-2023 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=make.conf
31 | 
32 | . ./common.sh
33 | 
34 | SED=sed
35 | 
36 | for KEY in APACHE LUA PERL PHP PYTHON RUBY SSL; do
37 | 	eval VALUE="\${PRODUCT_${KEY}}"
38 | 	SED="${SED} -e s:%%${KEY}%%:${VALUE}:g"
39 | done
40 | 
41 | for KEY in SRCDIR; do
42 | 	eval VALUE="\${${KEY}}"
43 | 	SED="${SED} -e s:%%${KEY}%%:${VALUE}:g"
44 | done
45 | 
46 | ${SED} ${CONFIGDIR}/make.conf
47 | 


--------------------------------------------------------------------------------
/build/nano.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2015-2021 Franco Fichtner <franco@opnsense.org>
 4 | # Copyright (c) 2004-2009 Scott Ullrich <sullrich@gmail.com>
 5 | #
 6 | # Redistribution and use in source and binary forms, with or without
 7 | # modification, are permitted provided that the following conditions
 8 | # are met:
 9 | #
10 | # 1. Redistributions of source code must retain the above copyright
11 | #    notice, this list of conditions and the following disclaimer.
12 | #
13 | # 2. Redistributions in binary form must reproduce the above copyright
14 | #    notice, this list of conditions and the following disclaimer in the
15 | #    documentation and/or other materials provided with the distribution.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 | # SUCH DAMAGE.
28 | 
29 | set -e
30 | 
31 | SELF=nano
32 | 
33 | . ./common.sh
34 | 
35 | check_image ${SELF} ${@}
36 | 
37 | NANOSIZE="3G"
38 | 
39 | if [ -n "${1}" ]; then
40 | 	NANOSIZE=${1}
41 | fi
42 | 
43 | NANOIMG="${IMAGESDIR}/${PRODUCT_RELEASE}-nano-${PRODUCT_ARCH}.img"
44 | NANOSIZE=$(echo ${NANOSIZE} | tr '[:upper:]' '[:lower:]')
45 | NANOLABEL="${PRODUCT_NAME}_Nano"
46 | 
47 | sh ./clean.sh ${SELF}
48 | 
49 | setup_stage ${STAGEDIR}
50 | setup_base ${STAGEDIR}
51 | setup_kernel ${STAGEDIR}
52 | setup_packages ${STAGEDIR}
53 | setup_extras ${STAGEDIR} ${SELF}
54 | setup_entropy ${STAGEDIR}
55 | 
56 | cat > ${STAGEDIR}/etc/fstab << EOF
57 | # Device		Mountpoint	FStype	Options		Dump	Pass#
58 | /dev/ufs/${NANOLABEL}	/		ufs	rw,noatime	1	1	# notrim
59 | EOF
60 | 
61 | makefs -s ${NANOSIZE} -B little -f 400000 -o version=2 \
62 |     -o label=${NANOLABEL} ${NANOIMG} ${STAGEDIR}
63 | 
64 | DEV=$(mdconfig -a -t vnode -f ${NANOIMG})
65 | gpart create -s BSD ${DEV}
66 | gpart bootcode -b ${STAGEDIR}/boot/boot ${DEV}
67 | gpart add -t freebsd-ufs ${DEV}
68 | mdconfig -d -u ${DEV}
69 | 
70 | sign_image ${NANOIMG}
71 | 


--------------------------------------------------------------------------------
/build/options.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2021-2022 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | set -e
 29 | 
 30 | SELF=options
 31 | 
 32 | . ./common.sh
 33 | 
 34 | PORTSLIST=$(list_packages "${PORTSLIST}" ${CONFIGDIR}/aux.conf ${CONFIGDIR}/ports.conf)
 35 | 
 36 | git_branch ${SRCDIR} ${SRCBRANCH} SRCBRANCH
 37 | git_branch ${PORTSDIR} ${PORTSBRANCH} PORTSBRANCH
 38 | 
 39 | setup_stage ${STAGEDIR}
 40 | setup_base ${STAGEDIR}
 41 | setup_clone ${STAGEDIR} ${PORTSDIR}
 42 | setup_clone ${STAGEDIR} ${SRCDIR}
 43 | setup_chroot ${STAGEDIR}
 44 | 
 45 | sh ./make.conf.sh > ${STAGEDIR}/etc/make.conf
 46 | 
 47 | RET=0
 48 | 
 49 | for PORT in ${PORTSLIST}; do
 50 | 	PORT=${PORT%%@*}
 51 | 	MAKE="${ENV_FILTER} chroot ${STAGEDIR} make -C ${PORTSDIR}/${PORT}"
 52 | 	NAME=$(${MAKE} -v OPTIONS_NAME __MAKE_CONF=)
 53 | 	DEFAULTS=$(${MAKE} -v PORT_OPTIONS __MAKE_CONF=)
 54 | 	DEFINES=$(${MAKE} -v _REALLY_ALL_POSSIBLE_OPTIONS __MAKE_CONF=)
 55 | 
 56 | 	SET=$(${MAKE} -v ${NAME}_SET)
 57 | 
 58 | 	if [ -n "${SET}" ]; then
 59 | 		for OPT in ${SET}; do
 60 | 			for DEFAULT in ${DEFAULTS}; do
 61 | 				if [ ${OPT} == EXAMPLES ]; then
 62 | 					# ignore since defaults to off
 63 | 					# but is required for acme.sh
 64 | 					continue
 65 | 				fi
 66 | 				if [ ${OPT} == ${DEFAULT} ]; then
 67 | 					echo "${PORT}: ${OPT} is set by default"
 68 | 					RET=1
 69 | 				fi
 70 | 			done
 71 | 		done
 72 | 	fi
 73 | 
 74 | 	UNSET=$(${MAKE} -v ${NAME}_UNSET)
 75 | 
 76 | 	if [ -n "${UNSET}" ]; then
 77 | 		for OPT in ${UNSET}; do
 78 | 			FOUND=
 79 | 
 80 | 			for DEFAULT in ${DEFAULTS}; do
 81 | 				if [ ${OPT} = ${DEFAULT} ]; then
 82 | 					FOUND=1
 83 | 				fi
 84 | 			done
 85 | 
 86 | 			if [ -z "${FOUND}" ]; then
 87 | 				echo "${PORT}: ${OPT} is unset by default"
 88 | 				RET=1
 89 | 			fi
 90 | 		done
 91 | 	fi
 92 | 
 93 | 	if [ -n "${SET}${UNSET}" ]; then
 94 | 		for OPT in ${SET} ${UNSET}; do
 95 | 			FOUND=
 96 | 
 97 | 			for DEFINE in ${DEFINES} ${DEFAULTS}; do
 98 | 				if [ ${OPT} = ${DEFINE} ]; then
 99 | 					FOUND=1
100 | 				fi
101 | 			done
102 | 
103 | 			if [ -z "${FOUND}" ]; then
104 | 				echo "${PORT}: ${OPT} does not exist"
105 | 				RET=1
106 | 			fi
107 | 		done
108 | 	fi
109 | 
110 | 	${MAKE} check-config
111 | done
112 | 
113 | exit ${RET}
114 | 


--------------------------------------------------------------------------------
/build/packages.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2019-2024 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=packages
31 | 
32 | . ./common.sh
33 | 
34 | if check_packages ${SELF} ${@}; then
35 | 	echo ">>> Step ${SELF} is up to date"
36 | 	exit 0
37 | fi
38 | 
39 | AUXLIST=$(list_packages "${AUXLIST}" ${CONFIGDIR}/aux.conf)
40 | 
41 | setup_stage ${STAGEDIR}
42 | setup_base ${STAGEDIR}
43 | extract_packages ${STAGEDIR}
44 | 
45 | # The goal for aux packages is that they are part of the packages
46 | # set for nightly builds until they are officially built using the
47 | # "packages" target in which case the only thing that needs to be
48 | # done is stripping the auxiliary packages that are only needed for
49 | # the build and further testing.  Small lookup and delete code...
50 | for AUX in ${AUXLIST}; do
51 | 	for PKG in $(cd ${STAGEDIR}; find .${PACKAGESDIR}/All -type f); do
52 | 		PKGORIGIN=$(pkg -c ${STAGEDIR} info -F ${PKG} | \
53 | 		    grep ^Origin | awk '{ print $3; }')
54 | 
55 | 		if [ "${AUX}" = "${PKGORIGIN}" ]; then
56 | 			echo ">>> Moving auxiliary package ${AUX}" \
57 | 			    >> ${STAGEDIR}/.pkg-msg
58 | 
59 | 			mkdir -p ${STAGEDIR}${PACKAGESDIR}-aux/All
60 | 			mv ${STAGEDIR}/${PKG} ${STAGEDIR}${PACKAGESDIR}-aux/All
61 | 
62 | 			break
63 | 		fi
64 | 	done
65 | done
66 | 
67 | bundle_packages ${STAGEDIR} ${SELF}
68 | 


--------------------------------------------------------------------------------
/build/plugins.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2015-2025 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | set -e
 29 | 
 30 | SELF=plugins
 31 | 
 32 | . ./common.sh
 33 | 
 34 | if check_packages ${SELF} ${@}; then
 35 | 	echo ">>> Step ${SELF} is up to date"
 36 | 	exit 0
 37 | fi
 38 | 
 39 | PLUGINSCONF=${CONFIGDIR}/plugins.conf
 40 | 
 41 | if [ -f ${PLUGINSCONF}.local ]; then
 42 | 	PLUGINSCONF="${PLUGINSCONF} ${PLUGINSCONF}.local"
 43 | fi
 44 | 
 45 | PLUGINSLIST=$(list_packages "${PLUGINSLIST}" ${PLUGINSCONF})
 46 | _PLUGIN_ARGS="PLUGIN_ARCH=${PRODUCT_ARCH} ${PLUGINSENV}"
 47 | 
 48 | git_branch ${PLUGINSDIR} ${PLUGINSBRANCH} PLUGINSBRANCH
 49 | 
 50 | setup_stage ${STAGEDIR}
 51 | setup_base ${STAGEDIR}
 52 | setup_chroot ${STAGEDIR}
 53 | 
 54 | extract_packages ${STAGEDIR}
 55 | remove_packages ${STAGEDIR} ${@}
 56 | install_packages ${STAGEDIR} pkg git
 57 | lock_packages ${STAGEDIR}
 58 | 
 59 | for BRANCH in ${EXTRABRANCH} ${PLUGINSBRANCH}; do
 60 | 	setup_copy ${STAGEDIR} ${PLUGINSDIR}
 61 | 	git_reset ${STAGEDIR}${PLUGINSDIR} ${BRANCH}
 62 | 
 63 | 	PREFIX=${PRODUCT_PLUGINS%"*"}
 64 | 	PLUGIN_LIST=
 65 | 	PLUGIN_DEFER=
 66 | 
 67 | 	for PLUGIN_ORIGIN in ${PLUGINSLIST}; do
 68 | 		PLUGIN=${PLUGIN_ORIGIN%%@*}
 69 | 
 70 | 		if [ ! -d ${STAGEDIR}${PLUGINSDIR}/${PLUGIN} ]; then
 71 | 			continue
 72 | 		fi
 73 | 
 74 | 		PLUGIN_DEPS=$(make -C ${STAGEDIR}${PLUGINSDIR}/${PLUGIN} ${_PLUGIN_ARGS} -v PLUGIN_DEPENDS)
 75 | 		for PLUGIN_DEP in ${PLUGIN_DEPS}; do
 76 | 			if [ -z "${PLUGIN_DEP%%"${PREFIX}"*}" ]; then
 77 | 				PLUGIN_DEFER="${PLUGIN_DEFER} ${PLUGIN_ORIGIN}"
 78 | 				continue 2
 79 | 			fi
 80 | 		done
 81 | 
 82 | 		PLUGIN_LIST="${PLUGIN_LIST} ${PLUGIN_ORIGIN}"
 83 | 	done
 84 | 
 85 | 	for PLUGIN_ORIGIN in ${PLUGIN_LIST} ${PLUGIN_DEFER}; do
 86 | 		VARIANT=${PLUGIN_ORIGIN##*@}
 87 | 		PLUGIN=${PLUGIN_ORIGIN%%@*}
 88 | 
 89 | 		if [ ${BRANCH} != ${PLUGINSBRANCH} -a \
 90 | 		    ! -d ${STAGEDIR}${PLUGINSDIR}/${PLUGIN} ]; then
 91 | 			# require plugins in the main branch but
 92 | 			# not in extra branches to allow for drift
 93 | 			continue
 94 | 		fi
 95 | 
 96 | 		PLUGIN_ARGS=${_PLUGIN_ARGS}
 97 | 		if [ ${VARIANT} != ${PLUGIN} ]; then
 98 | 			PLUGIN_ARGS="${PLUGIN_ARGS} PLUGIN_VARIANT=${VARIANT}"
 99 | 		fi
100 | 
101 | 		PLUGIN_GONE=$(make -C ${STAGEDIR}${PLUGINSDIR}/${PLUGIN} ${PLUGIN_ARGS} -v PLUGIN_OBSOLETE)
102 | 		if [ -n "${PLUGIN_GONE}" ]; then
103 | 			# if the plugin has the obsolete flag
104 | 			# set we no longer include its package
105 | 			continue
106 | 		fi
107 | 
108 | 		PLUGIN_NAME=$(make -C ${STAGEDIR}${PLUGINSDIR}/${PLUGIN} ${PLUGIN_ARGS} -v PLUGIN_PKGNAME)
109 | 		PLUGIN_DEPS=$(make -C ${STAGEDIR}${PLUGINSDIR}/${PLUGIN} ${PLUGIN_ARGS} -v PLUGIN_DEPENDS)
110 | 		PLUGIN_VERS=$(make -C ${STAGEDIR}${PLUGINSDIR}/${PLUGIN} ${PLUGIN_ARGS} -v PLUGIN_PKGVERSION)
111 | 
112 | 		for REMOVED in ${@}; do
113 | 			if [ ${REMOVED} = ${PLUGIN_NAME} ]; then
114 | 				# make sure a subsequent build of the
115 | 				# same package goes through by removing
116 | 				# it while it may have been rebuilt on
117 | 				# another branch
118 | 				remove_packages ${STAGEDIR} ${REMOVED}
119 | 			fi
120 | 		done
121 | 
122 | 		if search_packages ${STAGEDIR} ${PLUGIN_NAME} ${PLUGIN_VERS}; then
123 | 			# already built
124 | 			continue
125 | 		fi
126 | 
127 | 		install_packages ${STAGEDIR} ${PLUGIN_DEPS}
128 | 		custom_packages ${STAGEDIR} ${PLUGINSDIR}/${PLUGIN} \
129 | 		    "${PLUGIN_ARGS}" ${PLUGIN_NAME} ${PLUGIN_VERS}
130 | 	done
131 | done
132 | 
133 | bundle_packages ${STAGEDIR} ${SELF}
134 | 


--------------------------------------------------------------------------------
/build/ports.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2014-2024 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | set -e
 29 | 
 30 | SELF=ports
 31 | 
 32 | . ./common.sh
 33 | 
 34 | eval ${PORTSENV}
 35 | 
 36 | ARGS=${*}
 37 | DEPS=packages
 38 | 
 39 | for OPT in BATCH DEPEND MISMATCH PRUNE; do
 40 | 	VAL=$(eval echo \$${OPT});
 41 | 	case ${VAL} in
 42 | 	yes|no)
 43 | 		;;
 44 | 	'')
 45 | 		eval ${OPT}=yes
 46 | 		;;
 47 | 	*)
 48 | 		echo ">>> Syntax error ${OPT}=${VAL}: use 'yes' or 'no'"
 49 | 		exit 1
 50 | 		;;
 51 | 	esac
 52 | done
 53 | 
 54 | if check_packages ${SELF} ${ARGS}; then
 55 | 	echo ">>> Step ${SELF} is up to date"
 56 | 	exit 0
 57 | fi
 58 | 
 59 | PORTSLIST=$(list_packages "${PORTSLIST}" ${CONFIGDIR}/ports.conf)
 60 | AUXLIST=$(list_packages "${AUXLIST}" ${CONFIGDIR}/aux.conf)
 61 | 
 62 | git_branch ${SRCDIR} ${SRCBRANCH} SRCBRANCH
 63 | git_branch ${PORTSDIR} ${PORTSBRANCH} PORTSBRANCH
 64 | 
 65 | setup_stage ${STAGEDIR}
 66 | setup_base ${STAGEDIR}
 67 | setup_clone ${STAGEDIR} ${PORTSDIR}
 68 | setup_clone ${STAGEDIR} ${SRCDIR}
 69 | setup_chroot ${STAGEDIR}
 70 | setup_distfiles ${STAGEDIR}
 71 | 
 72 | if extract_packages ${STAGEDIR}; then
 73 | 	AUXSET=$(find_set aux)
 74 | 	if [ -f "${AUXSET}" ]; then
 75 | 		tar -C ${STAGEDIR}${PACKAGESDIR} -xpf ${AUXSET} ./All
 76 | 	fi
 77 | 
 78 | 	if [ ${DEPEND} = "yes" ]; then
 79 | 		ARGS="${ARGS} ${PRODUCT_CORES} ${PRODUCT_PLUGINS}"
 80 | 		DEPS="${DEPS} plugins core"
 81 | 	fi
 82 | 	remove_packages ${STAGEDIR} ${ARGS}
 83 | 	if [ ${PRUNE} = "yes" ]; then
 84 | 		prune_packages ${STAGEDIR}
 85 | 	fi
 86 | fi
 87 | 
 88 | sh ./make.conf.sh > ${STAGEDIR}/etc/make.conf
 89 | 
 90 | if [ ${BATCH} = "no" ]; then
 91 | 	sed -i '' -e 's/^#DEVELOPER=/DEVELOPER=/' ${STAGEDIR}/etc/make.conf
 92 | fi
 93 | 
 94 | cat > ${STAGEDIR}/bin/echotime <<EOF
 95 | #!/bin/sh
 96 | echo "[\$(date '+%Y%m%d%H%M%S')]" \${*}
 97 | EOF
 98 | 
 99 | chmod 755 ${STAGEDIR}/bin/echotime
100 | 
101 | echo "ECHO_MSG=echotime" >> ${STAGEDIR}/etc/make.conf
102 | 
103 | # block SIGINT to allow for collecting port progress (use with care)
104 | trap : 2
105 | 
106 | ${ENV_FILTER} chroot ${STAGEDIR} /bin/sh -s << EOF || true
107 | # create a caching mirror for all temporary package dependencies
108 | mkdir -p ${PACKAGESDIR}-cache
109 | cp -R ${PACKAGESDIR}/All ${PACKAGESDIR}-cache/All
110 | 
111 | echo "${PORTSLIST}
112 | clean.up.post.build" | while read PORT_ORIGIN; do
113 | 	FLAVOR=\${PORT_ORIGIN##*@}
114 | 	PORT=\${PORT_ORIGIN%%@*}
115 | 	MAKE_ARGS="
116 | PACKAGES=${PACKAGESDIR}-cache
117 | PRODUCT_ABI=${PRODUCT_ABI}
118 | PRODUCT_ARCH=${PRODUCT_ARCH}
119 | UNAME_r=\$(freebsd-version)
120 | "
121 | 
122 | 	# if pkg is bootstrapped then unstrap it
123 | 	if [ -f /usr/local/sbin/pkg ]; then
124 | 		pkg set -yaA1
125 | 		pkg autoremove -y
126 | 	fi
127 | 
128 | 	if [ \${PORT} = "clean.up.post.build" ]; then
129 | 		continue
130 | 	fi
131 | 
132 | 	if [ \${FLAVOR} != \${PORT} ]; then
133 | 		MAKE_ARGS="\${MAKE_ARGS} FLAVOR=\${FLAVOR}"
134 | 	fi
135 | 
136 | 	# check whether the package has already been built
137 | 	PKGFILE=\$(make -C ${PORTSDIR}/\${PORT} -v PKGFILE \${MAKE_ARGS})
138 | 	if [ -f \${PKGFILE} ]; then
139 | 		continue
140 | 	fi
141 | 
142 | 	# check whether the package is available
143 | 	# under a different version number
144 | 	PKGNAME=\$(basename \${PKGFILE})
145 | 	PKGNAME=\${PKGNAME%%-[0-9]*}
146 | 	PORT_DESCR="\${PORT_ORIGIN} (\${PKGNAME})"
147 | 	PKGLINK=${PACKAGESDIR}/Latest/\${PKGNAME}.pkg
148 | 	if [ -L \${PKGLINK} ]; then
149 | 		PKGFILE=\$(readlink -f \${PKGLINK} || true)
150 | 		if [ -f \${PKGFILE} ]; then
151 | 			if [ ${MISMATCH} = "no" ]; then
152 | 				rm ${PACKAGESDIR}*/All/\$(basename \${PKGFILE})
153 | 			else
154 | 				PKGVERS=\$(make -C ${PORTSDIR}/\${PORT} -v PKGVERSION \${MAKE_ARGS})
155 | 				echo ">>> Skipped version \${PKGVERS} for \${PORT_DESCR}" >> /.pkg-msg
156 | 				continue
157 | 			fi
158 | 		fi
159 | 	fi
160 | 
161 | 	PKGVERS=\$(make -C ${PORTSDIR}/\${PORT} -v PKGVERSION \${MAKE_ARGS})
162 | 
163 | 	if ! make -C ${PORTSDIR}/\${PORT} install \
164 | 	    USE_PACKAGE_DEPENDS=yes \${MAKE_ARGS}; then
165 | 		echo ">>> Aborted version \${PKGVERS} for \${PORT_DESCR}" >> /.pkg-err
166 | 
167 | 		CONTINUE=
168 | 
169 | 		if [ ${BATCH} = "no" ]; then
170 | 			echo ">>> Interactive shell for \${PORT_DESCR} (use \"exit 1\" to abort)"
171 | 			(cd ${PORTSDIR}/\${PORT}; sh < /dev/tty) || exit 1
172 | 			CONTINUE=1
173 | 		fi
174 | 
175 | 		if [ -n "${PRODUCT_REBUILD}" -a -z "\${CONTINUE}" ]; then
176 | 			exit 1
177 | 		fi
178 | 
179 | 		make -C ${PORTSDIR}/\${PORT} clean \${MAKE_ARGS}
180 | 		continue
181 | 	elif ! CHECK_PLIST=\$(make -C ${PORTSDIR}/\${PORT} check-plist \${MAKE_ARGS} 2>&1); then
182 | 		echo ">>> Package list inconsistency for \${PORT_DESCR}" >> /.pkg-msg
183 | 		echo "\${CHECK_PLIST}" >> /.pkg-msg
184 | 	fi
185 | 
186 | 	if [ -n "${PRODUCT_REBUILD}" ]; then
187 | 		echo ">>> Rebuilt version \${PKGVERS} for \${PORT_DESCR}" >> /.pkg-msg
188 | 	fi
189 | 
190 | 	for PKGNAME in \$(pkg query %n); do
191 | 		pkg create -no ${PACKAGESDIR}-cache/All \${PKGNAME}
192 | 	done
193 | 
194 | 	(echo "${PORTSLIST}"; echo "${AUXLIST}") | while read PORT_DEPENDS; do
195 | 		PORT_DEPNAME=\$(pkg query -e "%o == \${PORT_DEPENDS%%@*}" %n)
196 | 		if [ -n "\${PORT_DEPNAME}" ]; then
197 | 			echo ">>> Locking package dependency: \${PORT_DEPNAME}"
198 | 			pkg set -yA0 \${PORT_DEPNAME}
199 | 		fi
200 | 	done
201 | 
202 | 	pkg autoremove -y
203 | 
204 | 	for PKGNAME in \$(pkg query %n); do
205 | 		OLD=\$(find ${PACKAGESDIR}/All -name "\${PKGNAME}-[0-9]*.pkg")
206 | 		if [ -n "\${OLD}" ]; then
207 | 			# already found
208 | 			continue
209 | 		fi
210 | 		NEW=\$(find ${PACKAGESDIR}-cache/All -name "\${PKGNAME}-[0-9]*.pkg")
211 | 		echo ">>> Saving runtime package: \${PKGNAME}"
212 | 		cp \${NEW} ${PACKAGESDIR}/All
213 | 	done
214 | 
215 | 	make -C ${PORTSDIR}/\${PORT} clean \${MAKE_ARGS}
216 | done
217 | EOF
218 | 
219 | # unblock SIGINT
220 | trap - 2
221 | 
222 | bundle_packages ${STAGEDIR} ${SELF} ${DEPS}
223 | 


--------------------------------------------------------------------------------
/build/prefetch.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2016-2024 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=prefetch
31 | 
32 | . ./common.sh
33 | 
34 | git_branch ${SRCDIR} ${SRCBRANCH} SRCBRANCH
35 | 
36 | MIRRORSETDIR="${PRODUCT_MIRROR}/${SRCABI}/${PRODUCT_ABI}/sets"
37 | 
38 | if [ -z "${VERSION}" ]; then
39 | 	VERSION=${PRODUCT_ABI}
40 | fi
41 | 
42 | for ARG in ${@}; do
43 | 	case ${ARG} in
44 | 	aux|packages)
45 | 		sh ./clean.sh ${ARG}
46 | 		URL="${MIRRORSETDIR}/${ARG}-${VERSION}-${PRODUCT_ARCH}"
47 | 		for SUFFIX in tar.sig tar; do
48 | 			fetch -o ${SETSDIR} ${URL}.${SUFFIX} || true
49 | 		done
50 | 		;;
51 | 	base|kernel|tests)
52 | 		sh ./clean.sh ${ARG}
53 | 		URL="${MIRRORSETDIR}/${ARG}-${VERSION}-${PRODUCT_ARCH}"
54 | 		for SUFFIX in txz.sig txz; do
55 | 			fetch -o ${SETSDIR} ${URL}.${SUFFIX} || true
56 | 		done
57 | 		;;
58 | 	esac
59 | done
60 | 


--------------------------------------------------------------------------------
/build/print.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2016-2017 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=print
31 | 
32 | . ./common.sh
33 | 
34 | for ARG in ${@}; do
35 | 	echo ${ARG}=\"$(printenv ${ARG})\"
36 | done
37 | 


--------------------------------------------------------------------------------
/build/rebase.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2015-2022 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=rebase
31 | 
32 | . ./common.sh
33 | 
34 | setup_stage ${STAGEDIR}
35 | 
36 | BASESET=$(find_set base)
37 | OBSOLETE=/usr/local/opnsense/version/base.obsolete
38 | 
39 | tar -tf ${BASESET} | sed -e 's/^\.//g' -e '/\/$/d' | \
40 |     grep -v -e '\.mtree\.sig$' -e '\.abi_hint$' | \
41 |     sort > ${CONFIGDIR}/base.plist.${PRODUCT_ARCH}
42 | 
43 | tar -C ${STAGEDIR} -xf ${BASESET} .${OBSOLETE}
44 | cp ${STAGEDIR}${OBSOLETE} ${CONFIGDIR}/base.obsolete.${PRODUCT_ARCH}
45 | 


--------------------------------------------------------------------------------
/build/release.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2015-2024 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=release
31 | 
32 | . ./common.sh
33 | 
34 | RELEASESET=$(find_set release)
35 | 
36 | if [ -f "${RELEASESET}" -a -z "${1}" ]; then
37 | 	echo ">>> Reusing release set: ${RELEASESET}"
38 | 	exit 0
39 | fi
40 | 
41 | RELEASESET="${SETSDIR}/release-${PRODUCT_VERSION}-${PRODUCT_ARCH}.tar"
42 | 
43 | sh ./clean.sh ${SELF}
44 | 
45 | setup_stage ${STAGEDIR}
46 | 
47 | echo -n ">>> Compressing images for ${PRODUCT_RELEASE}... "
48 | 
49 | for IMAGE in arm dvd nano serial vga vm; do
50 | 	sh ./compress.sh ${IMAGE} > /dev/null &
51 | done
52 | wait
53 | 
54 | echo "done"
55 | 
56 | mkdir -p ${STAGEDIR}/${PRODUCT_SETTINGS}
57 | 
58 | for IMAGE in $(find ${IMAGESDIR} -name "${PRODUCT_NAME}-*-${PRODUCT_ARCH}.*.bz2"); do
59 | 	cp ${IMAGE} ${STAGEDIR}/${PRODUCT_SETTINGS}
60 | done
61 | 
62 | echo -n ">>> Checksumming images for ${PRODUCT_RELEASE}... "
63 | 
64 | (cd ${STAGEDIR}/${PRODUCT_SETTINGS} && sha256 ${PRODUCT_RELEASE}-*) > \
65 |     ${STAGEDIR}/checksums
66 | 
67 | CHECKSUM="${PRODUCT_RELEASE}-checksums-${PRODUCT_ARCH}.sha256"
68 | mv ${STAGEDIR}/checksums ${STAGEDIR}/${PRODUCT_SETTINGS}/${CHECKSUM}
69 | 
70 | echo "done"
71 | 
72 | sign_image ${STAGEDIR}/${PRODUCT_SETTINGS}/${CHECKSUM}
73 | 
74 | for IMAGE in $(find ${IMAGESDIR} -name "${PRODUCT_NAME}-*-${PRODUCT_ARCH}.*.sig"); do
75 | 	cp ${IMAGE} ${STAGEDIR}/${PRODUCT_SETTINGS}
76 | done
77 | 
78 | if [ -f "${PRODUCT_PRIVKEY}" ]; then
79 | 	# checked for private key, but want the public key to
80 | 	# be able to verify the images on the mirror later on
81 | 
82 | 	PUBKEY="${PRODUCT_NAME}${PRODUCT_SUFFIX}-${PRODUCT_SETTINGS}.pub"
83 | 	cp ${PRODUCT_PUBKEY} ${STAGEDIR}/${PRODUCT_SETTINGS}/${PUBKEY}
84 | 	sign_image ${STAGEDIR}/${PRODUCT_SETTINGS}/${PUBKEY}
85 | fi
86 | 
87 | echo -n ">>> Bundling images for ${PRODUCT_RELEASE}... "
88 | tar -C ${STAGEDIR} -cf ${RELEASESET} ${PRODUCT_SETTINGS}
89 | echo "done"
90 | 


--------------------------------------------------------------------------------
/build/rename.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2016-2024 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | set -e
 29 | 
 30 | SELF=rename
 31 | 
 32 | . ./common.sh
 33 | 
 34 | for ARG in ${@}; do
 35 | 	case ${ARG} in
 36 | 	arm)
 37 | 		echo ">>> Renaming arm image: ${PRODUCT_VERSION}"
 38 | 		for FILE in $(find ${IMAGESDIR} -name \
 39 | 		    "*-arm-${PRODUCT_ARCH}-${PRODUCT_DEVICE}.*"); do
 40 | 		    mv ${FILE} ${IMAGESDIR}/${PRODUCT_NAME}${PRODUCT_SUFFIX}-${PRODUCT_VERSION}-arm-${FILE##*-arm-}
 41 | 		done
 42 | 		;;
 43 | 	aux|distfiles|packages|tests)
 44 | 		echo ">>> Renaming ${ARG} set: ${PRODUCT_VERSION}"
 45 | 		for FILE in $(find ${SETSDIR} -name \
 46 | 		    "${ARG}-*-${PRODUCT_ARCH}.*"); do
 47 | 			mv ${FILE} ${SETSDIR}/${ARG}-${PRODUCT_VERSION}-${FILE##*-}
 48 | 		done
 49 | 		;;
 50 | 	base)
 51 | 		setup_stage ${STAGEDIR} work
 52 | 		echo ">>> Repacking base set..."
 53 | 		BASESET=$(find_set base)
 54 | 		setup_set ${STAGEDIR}/work ${BASESET}
 55 | 		cp ${STAGEDIR}/work/usr/local/opnsense/version/${ARG}.obsolete \
 56 | 		    ${STAGEDIR}/obsolete
 57 | 		PRODUCT_HASH=$(cat ${STAGEDIR}/work/usr/local/opnsense/version/${ARG}.hash)
 58 | 		setup_version ${STAGEDIR} ${STAGEDIR}/work ${ARG} ${STAGEDIR}/obsolete
 59 | 		rm ${BASESET}
 60 | 		generate_set ${STAGEDIR}/work ${BASESET}
 61 | 		generate_signature ${BASESET}
 62 | 		echo ">>> Renaming base set: ${PRODUCT_VERSION}"
 63 | 		for FILE in $(find ${SETSDIR} -name \
 64 | 		    "base-*-${PRODUCT_ARCH}${PRODUCT_DEVICE+"-${PRODUCT_DEVICE}"}.*"); do
 65 | 			# XXX likely doesn't work for PRODUCT_DEVICE
 66 | 			mv ${FILE} ${SETSDIR}/base-${PRODUCT_VERSION}-${FILE##*-}
 67 | 		done
 68 | 		;;
 69 | 	dvd)
 70 | 		echo ">>> Renaming dvd image: ${PRODUCT_VERSION}"
 71 | 		for FILE in $(find ${IMAGESDIR} -name \
 72 | 		    "*-dvd-${PRODUCT_ARCH}.*"); do
 73 | 		    mv ${FILE} ${IMAGESDIR}/${PRODUCT_NAME}${PRODUCT_SUFFIX}-${PRODUCT_VERSION}-dvd-${FILE##*-}
 74 | 		done
 75 | 		;;
 76 | 	kernel)
 77 | 		setup_stage ${STAGEDIR} work
 78 | 		echo ">>> Repacking kernel set..."
 79 | 		KERNELSET=$(find_set kernel-dbg)
 80 | 		KERNEL_NAME="kernel-dbg"
 81 | 		if [ -z "${KERNELSET}" ]; then
 82 | 			KERNELSET=$(find_set kernel)
 83 | 			KERNEL_NAME="kernel"
 84 | 		fi
 85 | 		setup_set ${STAGEDIR}/work ${KERNELSET}
 86 | 		PRODUCT_HASH=$(cat ${STAGEDIR}/work/usr/local/opnsense/version/${ARG}.hash)
 87 | 		setup_version ${STAGEDIR} ${STAGEDIR}/work ${ARG}
 88 | 		rm ${KERNELSET}
 89 | 		generate_set ${STAGEDIR}/work ${KERNELSET}
 90 | 		generate_signature ${KERNELSET}
 91 | 		echo ">>> Renaming kernel set: ${PRODUCT_VERSION}"
 92 | 		for FILE in $(find ${SETSDIR} -name \
 93 | 		    "kernel-*-${PRODUCT_ARCH}${PRODUCT_DEVICE+"-${PRODUCT_DEVICE}"}.*"); do
 94 | 			# XXX likely doesn't work for PRODUCT_DEVICE
 95 | 			mv ${FILE} ${SETSDIR}/${KERNEL_NAME}-${PRODUCT_VERSION}-${FILE##*-}
 96 | 		done
 97 | 		;;
 98 | 	nano)
 99 | 		echo ">>> Renaming nano image: ${PRODUCT_VERSION}"
100 | 		for FILE in $(find ${IMAGESDIR} -name \
101 | 		    "*-nano-${PRODUCT_ARCH}.*"); do
102 | 		    mv ${FILE} ${IMAGESDIR}/${PRODUCT_NAME}${PRODUCT_SUFFIX}-${PRODUCT_VERSION}-nano-${FILE##*-}
103 | 		done
104 | 		;;
105 | 	serial)
106 | 		echo ">>> Renaming serial image: ${PRODUCT_VERSION}"
107 | 		for FILE in $(find ${IMAGESDIR} -name \
108 | 		    "*-serial-${PRODUCT_ARCH}.*"); do
109 | 		    mv ${FILE} ${IMAGESDIR}/${PRODUCT_NAME}${PRODUCT_SUFFIX}-${PRODUCT_VERSION}-serial-${FILE##*-}
110 | 		done
111 | 		;;
112 | 	vga)
113 | 		echo ">>> Renaming vga image: ${PRODUCT_VERSION}"
114 | 		for FILE in $(find ${IMAGESDIR} -name \
115 | 		    "*-vga-${PRODUCT_ARCH}.*"); do
116 | 		    mv ${FILE} ${IMAGESDIR}/${PRODUCT_NAME}${PRODUCT_SUFFIX}-${PRODUCT_VERSION}-vga-${FILE##*-}
117 | 		done
118 | 		;;
119 | 	vm)
120 | 		echo ">>> Renaming vm set: ${PRODUCT_VERSION}"
121 | 		for FILE in $(find ${IMAGESDIR} -name \
122 | 		    "*-vm-${PRODUCT_ARCH}.*"); do
123 | 			mv ${FILE} ${IMAGESDIR}/${PRODUCT_NAME}${PRODUCT_SUFFIX}-${PRODUCT_VERSION}-vm-${FILE##*-}
124 | 		done
125 | 		;;
126 | 	esac
127 | done
128 | 


--------------------------------------------------------------------------------
/build/serial.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2014-2021 Franco Fichtner <franco@opnsense.org>
 4 | # Copyright (c) 2010-2011 Scott Ullrich <sullrich@gmail.com>
 5 | #
 6 | # Redistribution and use in source and binary forms, with or without
 7 | # modification, are permitted provided that the following conditions
 8 | # are met:
 9 | #
10 | # 1. Redistributions of source code must retain the above copyright
11 | #    notice, this list of conditions and the following disclaimer.
12 | #
13 | # 2. Redistributions in binary form must reproduce the above copyright
14 | #    notice, this list of conditions and the following disclaimer in the
15 | #    documentation and/or other materials provided with the distribution.
16 | #
17 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 | # SUCH DAMAGE.
28 | 
29 | set -e
30 | 
31 | SELF=serial
32 | 
33 | . ./common.sh
34 | 
35 | check_image ${SELF} ${@}
36 | 
37 | SERIALIMG="${IMAGESDIR}/${PRODUCT_RELEASE}-serial-${PRODUCT_ARCH}.img"
38 | SERIALLABEL="${PRODUCT_NAME}_Install"
39 | 
40 | sh ./clean.sh ${SELF}
41 | 
42 | setup_stage ${STAGEDIR} work
43 | setup_base ${STAGEDIR}/work
44 | setup_kernel ${STAGEDIR}/work
45 | setup_packages ${STAGEDIR}/work
46 | setup_extras ${STAGEDIR}/work ${SELF}
47 | setup_mtree ${STAGEDIR}/work
48 | setup_entropy ${STAGEDIR}/work
49 | 
50 | cat > ${STAGEDIR}/work/etc/fstab << EOF
51 | # Device		Mountpoint	FStype	Options		Dump	Pass#
52 | /dev/ufs/${SERIALLABEL}	/		ufs	ro,noatime	1	1
53 | tmpfs			/tmp		tmpfs	rw,mode=01777	0	0
54 | EOF
55 | 
56 | makefs -B little -o label=${SERIALLABEL} -o version=2 \
57 |     ${STAGEDIR}/root.part ${STAGEDIR}/work
58 | 
59 | GPTDUMMY=
60 | UEFIBOOT=
61 | 
62 | if [ -n "${PRODUCT_UEFI}" -a -z "${PRODUCT_UEFI%%*"${SELF}"*}" ]; then
63 | 	GPTDUMMY="-p freebsd-swap::512k"
64 | 	UEFIBOOT="-p efi:=efiboot.img"
65 | 
66 | 	setup_efiboot ${STAGEDIR}/efiboot.img \
67 | 	    ${STAGEDIR}/work/boot/loader.efi
68 | fi
69 | 
70 | echo -n ">>> Building serial image... "
71 | 
72 | (cd ${STAGEDIR}; mkimg -s gpt -o ${SERIALIMG} -b work/boot/pmbr ${UEFIBOOT} \
73 |     -p freebsd-boot:=work/boot/gptboot ${GPTDUMMY} -p freebsd-ufs:=root.part)
74 | 
75 | echo "done"
76 | 
77 | sign_image ${SERIALIMG}
78 | 


--------------------------------------------------------------------------------
/build/sign.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2016-2024 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=sign
31 | 
32 | . ./common.sh
33 | 
34 | VERSIONDIR="/usr/local/opnsense/version"
35 | 
36 | for ARG in ${@}; do
37 | 	case ${ARG} in
38 | 	aux)
39 | 		AUXSET=$(find_set aux)
40 | 		if [ -f "${AUXSET}" ]; then
41 | 			generate_signature ${AUXSET}
42 | 		fi
43 | 		;;
44 | 	base)
45 | 		BASESET=$(find_set base)
46 | 		if [ -f "${BASESET}" ]; then
47 | 			setup_stage ${STAGEDIR}
48 | 			setup_set ${STAGEDIR} ${BASESET}
49 | 			generate_signature ${STAGEDIR}${VERSIONDIR}/base.mtree
50 | 			rm ${BASESET}
51 | 			generate_set ${STAGEDIR} ${BASESET}
52 | 			generate_signature ${BASESET}
53 | 		fi
54 | 		;;
55 | 	kernel)
56 | 		KERNELSET=$(find_set kernel)
57 | 		if [ -f "${KERNELSET}" ]; then
58 | 			setup_stage ${STAGEDIR}
59 | 			setup_set ${STAGEDIR} ${KERNELSET}
60 | 			generate_signature ${STAGEDIR}${VERSIONDIR}/kernel.mtree
61 | 			rm ${KERNELSET}
62 | 			generate_set ${STAGEDIR} ${KERNELSET}
63 | 			generate_signature ${KERNELSET}
64 | 		fi
65 | 		;;
66 | 	packages)
67 | 		PACKAGESET=$(find_set packages)
68 | 		if [ -f "${PACKAGESET}" ]; then
69 | 			setup_stage ${STAGEDIR}
70 | 			extract_packages ${STAGEDIR}
71 | 			bundle_packages ${STAGEDIR}
72 | 		fi
73 | 		;;
74 | 	release)
75 | 		RELEASESET=$(find_set release)
76 | 		if [ -f "${RELEASESET}" ]; then
77 | 			setup_stage ${STAGEDIR}
78 | 			setup_set ${STAGEDIR} ${RELEASESET}
79 | 			for FILE in $(find ${STAGEDIR} -name "*.sha256" -o \
80 | 			    -name "*.pub"); do
81 | 				sign_image ${FILE}
82 | 			done
83 | 			rm ${RELEASESET}
84 | 			tar -C ${STAGEDIR} -cf ${RELEASESET} .
85 | 		fi
86 | 	esac
87 | done
88 | 


--------------------------------------------------------------------------------
/build/skim.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2015-2022 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | set -e
 29 | 
 30 | FROM=FreeBSD
 31 | SELF=skim
 32 | 
 33 | . ./common.sh
 34 | 
 35 | if [ -z "${PORTSLIST}" ]; then
 36 | 	PORTSLIST=$(list_config ${CONFIGDIR}/skim.conf ${CONFIGDIR}/aux.conf \
 37 | 	    ${CONFIGDIR}/ports.conf)
 38 | fi
 39 | 
 40 | DIFF="$(which colordiff 2> /dev/null || echo cat)"
 41 | LESS="less -R"
 42 | 
 43 | setup_stage ${STAGEDIR}
 44 | 
 45 | git_branch ${PORTSDIR} ${PORTSBRANCH} PORTSBRANCH
 46 | git_fetch ${PORTSREFDIR}
 47 | git_pull ${PORTSREFDIR} ${PORTSREFBRANCH}
 48 | git_reset ${PORTSREFDIR} HEAD
 49 | git_reset ${PORTSDIR} HEAD
 50 | 
 51 | UNUSED=1
 52 | USED=1
 53 | 
 54 | for ARG in ${@}; do
 55 | 	case ${ARG} in
 56 | 	unused)
 57 | 		UNUSED=1
 58 | 		USED=
 59 | 		;;
 60 | 	used)
 61 | 		UNUSED=
 62 | 		USED=1
 63 | 		;;
 64 | 	esac
 65 | done
 66 | 
 67 | sh ./make.conf.sh > ${STAGEDIR}/make.conf
 68 | echo "${PORTSLIST}" > ${STAGEDIR}/skim
 69 | : > ${STAGEDIR}/used
 70 | 
 71 | PORTSCOUNT=$(wc -l ${STAGEDIR}/skim | awk '{ print $1 }')
 72 | PORTSNUM=0
 73 | 
 74 | echo -n ">>> Gathering dependencies:   0%"
 75 | 
 76 | while read PORT_ORIGIN PORT_BROKEN; do
 77 | 	FLAVOR=${PORT_ORIGIN##*@}
 78 | 	PORT=${PORT_ORIGIN%%@*}
 79 | 
 80 | 	MAKE_ARGS="
 81 | __MAKE_CONF=${STAGEDIR}/make.conf
 82 | PRODUCT_ABI=${PRODUCT_ABI}
 83 | "
 84 | 
 85 | 	if [ ${FLAVOR} != ${PORT} ]; then
 86 | 		MAKE_ARGS="${MAKE_ARGS} FLAVOR=${FLAVOR}"
 87 | 	fi
 88 | 
 89 | 	SOURCE=${PORTSDIR}
 90 | 	if [ ! -d ${PORTSDIR}/${PORT} ]; then
 91 | 		SOURCE=${PORTSREFDIR}
 92 | 	fi
 93 | 
 94 | 	${ENV_FILTER} make -C ${SOURCE}/${PORT} \
 95 | 	    PORTSDIR=${SOURCE} ${MAKE_ARGS} all-depends-list \
 96 | 	    | awk -F"${SOURCE}/" '{print $2}' >> ${STAGEDIR}/used
 97 | 	echo ${PORT} >> ${STAGEDIR}/used
 98 | 
 99 | 	PORTSNUM=$(expr ${PORTSNUM} + 1)
100 | 	printf "\b\b\b\b%3s%%" \
101 | 	    $(expr \( 100 \* ${PORTSNUM} \) / ${PORTSCOUNT})
102 | done < ${STAGEDIR}/skim
103 | 
104 | sort -u ${STAGEDIR}/used > ${STAGEDIR}/used.unique
105 | cp ${STAGEDIR}/used.unique ${STAGEDIR}/used
106 | 
107 | while read PORT; do
108 | 	SOURCE=${PORTSDIR}
109 | 	if [ ! -d ${PORTSDIR}/${PORT} ]; then
110 | 		SOURCE=${PORTSREFDIR}
111 | 	fi
112 | 
113 | 	PORT_MASTER=$(${ENV_FILTER} make -C ${SOURCE}/${PORT} \
114 | 	    -v MASTER_PORT PORTSDIR=${SOURCE} ${MAKE_ARGS})
115 | 	if [ -n "${PORT_MASTER}" ]; then
116 | 		echo ${PORT_MASTER} >> ${STAGEDIR}/used
117 | 	fi
118 | done < ${STAGEDIR}/used.unique
119 | 
120 | sort -u ${STAGEDIR}/used > ${STAGEDIR}/used.unique
121 | rm ${STAGEDIR}/used
122 | 
123 | echo
124 | 
125 | if [ -n "${UNUSED}" ]; then
126 | 	(cd ${PORTSDIR}; mkdir -p $(make -C ${PORTSREFDIR} -v SUBDIR))
127 | 	mkdir ${STAGEDIR}/ref
128 | 
129 | 	for ENTRY in ${PORTSDIR}/[a-z]*; do
130 | 		ENTRY=${ENTRY##"${PORTSDIR}/"}
131 | 
132 | 		echo ">>> Refreshing ${ENTRY}"
133 | 
134 | 		if [ ! -d ${PORTSREFDIR}/${ENTRY} ]; then
135 | 			cp -R ${PORTSDIR}/${ENTRY} ${STAGEDIR}/ref
136 | 			continue
137 | 		fi
138 | 
139 | 		cp -R ${PORTSREFDIR}/${ENTRY} ${STAGEDIR}/ref
140 | 
141 | 		(grep "^${ENTRY}/" ${STAGEDIR}/used.unique || true) > \
142 | 		    ${STAGEDIR}/used.entry
143 | 
144 | 		while read PORT; do
145 | 			rm -fr ${STAGEDIR}/ref/${PORT}
146 | 			cp -R ${PORTSDIR}/${PORT} \
147 | 			    ${STAGEDIR}/ref/$(dirname ${PORT})
148 | 		done < ${STAGEDIR}/used.entry
149 | 
150 | 		rm -rf ${PORTSDIR}/${ENTRY}
151 | 		mv ${STAGEDIR}/ref/${ENTRY} ${PORTSDIR}
152 | 	done
153 | 
154 | 	(
155 | 		cd ${PORTSDIR}
156 | 		git add .
157 | 		if ! git diff --quiet HEAD; then
158 | 			git commit -m \
159 | "*/*: sync with upstream
160 | 
161 | Taken from: ${FROM}"
162 | 		fi
163 | 	)
164 | fi
165 | 
166 | : > ${STAGEDIR}/used.changed
167 | 
168 | while read PORT; do
169 | 	if [ ! -d ${PORTSREFDIR}/${PORT} ]; then
170 | 		continue;
171 | 	fi
172 | 
173 | 	diff -rq ${PORTSDIR}/${PORT} ${PORTSREFDIR}/${PORT} \
174 | 	    > /dev/null && continue
175 | 
176 | 	echo ${PORT} >> ${STAGEDIR}/used.changed
177 | done < ${STAGEDIR}/used.unique
178 | 
179 | if [ -n "${USED}" ]; then
180 | 	while read PORT; do
181 | 		clear
182 | 		(diff -Nru ${PORTSDIR}/${PORT} ${PORTSREFDIR}/${PORT} \
183 | 		    2>/dev/null || true) | ${DIFF} | ${LESS}
184 | 
185 | 		echo -n ">>> Replace ${PORT} [c/e/y/N]: "
186 | 		read YN < /dev/tty
187 | 		case ${YN} in
188 | 		[yY])
189 | 			rm -fr ${PORTSDIR}/${PORT}
190 | 			cp -a ${PORTSREFDIR}/${PORT} ${PORTSDIR}/${PORT}
191 | 			;;
192 | 		[eE])
193 | 			rm -fr ${PORTSDIR}/${PORT}
194 | 			cp -a ${PORTSREFDIR}/${PORT} ${PORTSDIR}/${PORT}
195 | 			(cd ${PORTSDIR}; git checkout -p ${PORT} < /dev/tty)
196 | 			(cd ${PORTSDIR}; git add ${PORT})
197 | 			(cd ${PORTSDIR}; if ! git diff --quiet HEAD; then
198 | 				git commit -m \
199 | "${PORT}: partially sync with upstream
200 | 
201 | Taken from: ${FROM}"
202 | 			fi)
203 | 			;;
204 | 		[cC])
205 | 			rm -fr ${PORTSDIR}/${PORT}
206 | 			cp -a ${PORTSREFDIR}/${PORT} ${PORTSDIR}/${PORT}
207 | 			(cd ${PORTSDIR}; git add ${PORT})
208 | 			(cd ${PORTSDIR}; git commit -m \
209 | "${PORT}: sync with upstream
210 | 
211 | Taken from: ${FROM}")
212 | 			;;
213 | 		esac
214 | 	done < ${STAGEDIR}/used.changed
215 | 
216 | 	for ENTRY in ${PORTSREFDIR}/[A-Z]*; do
217 | 		ENTRY=${ENTRY##"${PORTSREFDIR}/"}
218 | 
219 | 		diff -rq ${PORTSDIR}/${ENTRY} ${PORTSREFDIR}/${ENTRY} \
220 | 		    > /dev/null || ENTRIES="${ENTRIES} ${ENTRY}"
221 | 	done
222 | 
223 | 	if [ -n "${ENTRIES}" ]; then
224 | 		clear
225 | 		(for ENTRY in ${ENTRIES}; do
226 | 			diff -Nru ${PORTSDIR}/${ENTRY} ${PORTSREFDIR}/${ENTRY} \
227 | 			    2>/dev/null || true
228 | 		done) | ${DIFF} | ${LESS}
229 | 
230 | 		echo -n ">>> Replace Framework [c/e/y/N]: "
231 | 		read YN < /dev/tty
232 | 		case ${YN} in
233 | 		[yY])
234 | 			for ENTRY in ${ENTRIES}; do
235 | 				rm -r ${PORTSDIR}/${ENTRY}
236 | 				cp -a ${PORTSREFDIR}/${ENTRY} ${PORTSDIR}/
237 | 			done
238 | 			;;
239 | 		[eE])
240 | 			for ENTRY in ${ENTRIES}; do
241 | 				rm -r ${PORTSDIR}/${ENTRY}
242 | 				cp -a ${PORTSREFDIR}/${ENTRY} ${PORTSDIR}/
243 | 			done
244 | 			(cd ${PORTSDIR}; git checkout -p ${ENTRIES} < /dev/tty)
245 | 			(cd ${PORTSDIR}; git add ${ENTRIES})
246 | 			(cd ${PORTSDIR}; if ! git diff --quiet HEAD; then
247 | 				git commit -m \
248 | "Framework: partially sync with upstream
249 | 
250 | Taken from: ${FROM}"
251 | 			fi)
252 | 			;;
253 | 		[cC])
254 | 			for ENTRY in ${ENTRIES}; do
255 | 				rm -r ${PORTSDIR}/${ENTRY}
256 | 				cp -a ${PORTSREFDIR}/${ENTRY} ${PORTSDIR}/
257 | 				(cd ${PORTSDIR}; git add ${ENTRY})
258 | 			done
259 | 			(cd ${PORTSDIR}; git commit -m \
260 | "Framework: sync with upstream
261 | 
262 | Taken from: ${FROM}")
263 | 			;;
264 | 		esac
265 | 	fi
266 | fi
267 | 


--------------------------------------------------------------------------------
/build/sync.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2024 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | FROM=FreeBSD
31 | SELF=sync
32 | 
33 | . ./common.sh
34 | 
35 | GIT="git -C ${PORTSDIR}"
36 | 
37 | for ARG in ${@}; do
38 | 	# ARG should be "category/name" but not strictly checked
39 | 
40 | 	if [ ! -d ${PORTSDIR}/${ARG} ]; then
41 | 		echo ">>> Sync did not find the port ${ARG}" >&2
42 | 		exit 1
43 | 	fi
44 | 
45 | 	if ${GIT} diff --quiet ${PORTSBRANCH} ${ARG}; then
46 | 		echo ">>> Sync already complete for ${ARG}"
47 | 		continue
48 | 	fi
49 | 
50 | 
51 | 	COMMITS=
52 | 
53 | 	for HASH in $(${GIT} log --oneline ${PORTSBRANCH} ${ARG} | \
54 | 	    awk '{ print $1 }'); do
55 | 		if ${GIT} diff --quiet ${HASH} ${ARG}; then
56 | 			# found no more changes
57 | 			break
58 | 		fi
59 | 
60 | 		# reverse commit order for cherry-pick
61 | 		COMMITS="${HASH} ${COMMITS}"
62 | 	done
63 | 
64 | 	FAILED=
65 | 
66 | 	for COMMIT in ${COMMITS}; do
67 | 		if ! (${GIT} cherry-pick ${COMMIT} || \
68 | 		    ${GIT} cherry-pick --skip); then
69 | 			FAILED=yes
70 | 			break
71 | 		fi
72 | 	done
73 | 
74 | 	if [ -n "${FAILED}" ]; then
75 | 		${GIT} diff -R ${PORTSBRANCH} ${ARG} | ${GIT} apply
76 | 		${GIT} add ${ARG}
77 | 		${GIT} commit -m \
78 | "${ARG}: sync with upstream
79 | 
80 | Taken from: ${FROM}"
81 | 	fi
82 | 
83 | 	if ! ${GIT} diff --quiet ${PORTSBRANCH} ${ARG}; then
84 | 		echo ">>> Sync failed due to non-emtpy diff for ${ARG}" >&2
85 | 		exit 1
86 | 	fi
87 | 
88 | 	echo ">>> Sync succeeded for ${ARG}"
89 | done
90 | 


--------------------------------------------------------------------------------
/build/test.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2014-2022 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=test
31 | 
32 | . ./common.sh
33 | 
34 | git_branch ${PLUGINSDIR} ${PLUGINSBRANCH} PLUGINSBRANCH
35 | git_branch ${COREDIR} ${COREBRANCH} COREBRANCH
36 | 
37 | setup_stage ${STAGEDIR}
38 | setup_base ${STAGEDIR}
39 | setup_clone ${STAGEDIR} ${COREDIR}
40 | setup_clone ${STAGEDIR} ${PLUGINSDIR}
41 | setup_chroot ${STAGEDIR}
42 | 
43 | extract_packages ${STAGEDIR}
44 | install_packages ${STAGEDIR} ${PRODUCT_CORE} os-debug${PRODUCT_DEVEL}
45 | lock_packages ${STAGEDIR}
46 | 
47 | echo ">>> Running packages test suite..."
48 | chroot ${STAGEDIR} /bin/sh -es <<EOF
49 | /usr/local/etc/rc.subr.d/recover
50 | pkg check -da
51 | pkg check -sa
52 | EOF
53 | 
54 | echo ">>> Running ${COREDIR} test suite..."
55 | chroot ${STAGEDIR} /bin/sh -es <<EOF
56 | make -C${COREDIR} ${COREENV} lint
57 | make -C${COREDIR} ${COREENV} style
58 | make -C${COREDIR} ${COREENV} test
59 | EOF
60 | 
61 | PLUGINSCONF=${CONFIGDIR}/plugins.conf
62 | 
63 | if [ -f ${PLUGINSCONF}.local ]; then
64 | 	PLUGINSCONF="${PLUGINSCONF} ${PLUGINSCONF}.local"
65 | fi
66 | 
67 | PLUGINSLIST=$(list_packages "${PLUGINSLIST}" ${PLUGINSCONF})
68 | 
69 | for PLUGIN_ORIGIN in ${PLUGINSLIST}; do
70 | 	VARIANT=${PLUGIN_ORIGIN##*@}
71 | 	PLUGIN=${PLUGIN_ORIGIN%%@*}
72 | 
73 | 	if [ ! -d ${STAGEDIR}${PLUGINSDIR}/${PLUGIN} ]; then
74 | 		echo ">>> Missing ${PLUGIN} origin, skipping test"
75 | 		continue
76 | 	fi
77 | 
78 | 	PLUGIN_ARGS=${PLUGINSENV}
79 | 	if [ ${VARIANT} != ${PLUGIN} ]; then
80 | 		PLUGIN_ARGS="${PLUGIN_ARGS} PLUGIN_VARIANT=${VARIANT}"
81 | 	fi
82 | 
83 | 	PLUGIN_NAME=$(make -C ${STAGEDIR}${PLUGINSDIR}/${PLUGIN} ${PLUGIN_ARGS} -v PLUGIN_NAME)
84 | 	if ! install_packages ${STAGEDIR} os-${PLUGIN_NAME}${PRODUCT_DEVEL}; then
85 | 		echo ">>> Missing ${PLUGIN_ORIGIN} package, skipping test"
86 | 		continue
87 | 	fi
88 | 
89 | 	echo ">>> Running ${PLUGIN_ORIGIN} test suite..."
90 | 	chroot ${STAGEDIR} /bin/sh -es <<EOF
91 | make -C${PLUGINSDIR}/${PLUGIN} ${PLUGINSENV} lint
92 | make -C${PLUGINSDIR}/${PLUGIN} ${PLUGINSENV} style
93 | make -C${PLUGINSDIR}/${PLUGIN} ${PLUGINSENV} test
94 | EOF
95 | done
96 | 


--------------------------------------------------------------------------------
/build/tests.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2024-2025 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=tests
31 | 
32 | . ./common.sh
33 | 
34 | TESTSSET=$(find_set tests)
35 | 
36 | if [ -f "${TESTSSET}" -a -z "${1}" ]; then
37 | 	echo ">>> Reusing tests set: ${TESTSSET}"
38 | 	exit 0
39 | fi
40 | 
41 | git_branch ${SRCDIR} ${SRCBRANCH} SRCBRANCH
42 | git_version ${SRCDIR}
43 | 
44 | TESTSSET=${SETSDIR}/tests-${PRODUCT_VERSION}-${PRODUCT_ARCH}.txz
45 | 
46 | MAKE_ARGS="
47 | TARGET_ARCH=${PRODUCT_ARCH}
48 | TARGET=${PRODUCT_TARGET}
49 | SRCCONF=${CONFIGDIR}/src.conf
50 | WITHOUT_DEBUG_FILES=yes
51 | __MAKE_CONF=
52 | ${MAKE_ARGS_DEV}
53 | "
54 | 
55 | ${ENV_FILTER} make -C${SRCDIR}/lib/libnetbsd -j${CPUS} all ${MAKE_ARGS}
56 | ${ENV_FILTER} make -C${SRCDIR}/tests -j${CPUS} all ${MAKE_ARGS}
57 | 
58 | sh ./clean.sh ${SELF}
59 | 
60 | setup_stage ${STAGEDIR} work/usr/tests
61 | mtree -deiU -f ${SRCDIR}/etc/mtree/BSD.tests.dist -p ${STAGEDIR}/work/usr/tests
62 | 
63 | ${ENV_FILTER} make -C${SRCDIR}/tests install ${MAKE_ARGS} DESTDIR=${STAGEDIR}/work
64 | 
65 | generate_set ${STAGEDIR}/work ${TESTSSET}
66 | generate_signature ${TESTSSET}
67 | 


--------------------------------------------------------------------------------
/build/update.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2017-2023 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=update
31 | 
32 | . ./common.sh
33 | 
34 | if [ -n "${VERSION}" -a -n "${EXTRABRANCH}" ]; then
35 | 	echo ">>> Cannot check out VERSION=${VERSION} while using EXTRABRANCH=${EXTRABRANCH}"
36 | 	exit 1
37 | fi
38 | 
39 | ARGS=${@}
40 | if [ -z "${ARGS}" ]; then
41 | 	ARGS="core plugins ports src tools"
42 | fi
43 | 
44 | for ARG in ${ARGS}; do
45 | 	URL=
46 | 
47 | 	case ${ARG} in
48 | 	core)
49 | 		BRANCHES="${EXTRABRANCH} ${COREBRANCH}"
50 | 		DIR=${COREDIR}
51 | 		;;
52 | 	plugins)
53 | 		BRANCHES="${EXTRABRANCH} ${PLUGINSBRANCH}"
54 | 		DIR=${PLUGINSDIR}
55 | 		;;
56 | 	ports)
57 | 		BRANCHES=${PORTSBRANCH}
58 | 		DIR=${PORTSDIR}
59 | 		;;
60 | 	portsref)
61 | 		BRANCHES=${PORTSREFBRANCH}
62 | 		DIR=${PORTSREFDIR}
63 | 		URL=${PORTSREFURL}
64 | 		;;
65 | 	src)
66 | 		BRANCHES=${SRCBRANCH}
67 | 		DIR=${SRCDIR}
68 | 		;;
69 | 	tools)
70 | 		BRANCHES=${TOOLSBRANCH}
71 | 		DIR=${TOOLSDIR}
72 | 		;;
73 | 	*)
74 | 		continue
75 | 		;;
76 | 	esac
77 | 
78 | 	git_clone ${DIR} "${URL}"
79 | 	git_fetch ${DIR}
80 | 	for BRANCH in ${BRANCHES}; do
81 | 		git_pull ${DIR} ${BRANCH} || true
82 | 	done
83 | 
84 | 	if [ -n "${VERSION}" ]; then
85 | 		git_tag ${DIR} ${VERSION}
86 | 		git_pull ${DIR} ${BRANCHES} || true
87 | 		git_reset ${DIR}
88 | 	fi
89 | done
90 | 


--------------------------------------------------------------------------------
/build/upload.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2018-2024 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=upload
31 | 
32 | . ./common.sh
33 | 
34 | upload()
35 | {
36 | 	echo ">>> Uploading ${1} to ${PRODUCT_SERVER}..."
37 | 	(echo "cd ${UPLOADDIR}"; echo "put ${2}/${3}") | sftp ${PRODUCT_SERVER}
38 | }
39 | 
40 | for ARG in ${@}; do
41 | 	case ${ARG} in
42 | 	arm|dvd|nano|serial|vga|vm)
43 | 		upload ${ARG} ${IMAGESDIR} "*-${ARG}-*${PRODUCT_DEVICE+"-${PRODUCT_DEVICE}"}*"
44 | 		;;
45 | 	aux|distfiles|packages|release|tests)
46 | 		upload ${ARG} ${SETSDIR} "${ARG}-*"
47 | 		;;
48 | 	base|kernel)
49 | 		upload ${ARG} ${SETSDIR} "${ARG}-*${PRODUCT_DEVICE+"-${PRODUCT_DEVICE}"}*"
50 | 		;;
51 | 	log)
52 | 		upload ${ARG} ${LOGSDIR} "${PRODUCT_VERSION}-*"
53 | 		;;
54 | 	logs)
55 | 		upload ${ARG} ${LOGSDIR} "[0-9]*"
56 | 		;;
57 | 	esac
58 | done
59 | 


--------------------------------------------------------------------------------
/build/verify.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2016-2017 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=verify
31 | 
32 | . ./common.sh
33 | 
34 | setup_stage ${STAGEDIR}
35 | setup_base ${STAGEDIR}
36 | setup_chroot ${STAGEDIR}
37 | 
38 | extract_packages ${STAGEDIR}
39 | install_packages ${STAGEDIR} ${PRODUCT_CORE}
40 | 
41 | mkdir -p ${STAGEDIR}${SETSDIR}
42 | cp ${SETSDIR}/* ${STAGEDIR}${SETSDIR}
43 | 
44 | chroot ${STAGEDIR} /bin/sh -es <<EOF
45 | for DIR in ${PACKAGESDIR}/Latest ${SETSDIR}; do
46 | 	for FILE in \$(find \${DIR} -name "*.sig"); do
47 | 		echo ">>> Verifying \${FILE%%.sig}:"
48 | 		opnsense-verify \${FILE%%.sig}
49 | 	done
50 | done
51 | EOF
52 | 


--------------------------------------------------------------------------------
/build/vga.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2014-2021 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=vga
31 | 
32 | . ./common.sh
33 | 
34 | check_image ${SELF} ${@}
35 | 
36 | VGAIMG="${IMAGESDIR}/${PRODUCT_RELEASE}-vga-${PRODUCT_ARCH}.img"
37 | VGALABEL="${PRODUCT_NAME}_Install"
38 | 
39 | sh ./clean.sh ${SELF}
40 | 
41 | setup_stage ${STAGEDIR} work
42 | setup_base ${STAGEDIR}/work
43 | setup_kernel ${STAGEDIR}/work
44 | setup_packages ${STAGEDIR}/work
45 | setup_extras ${STAGEDIR}/work ${SELF}
46 | setup_mtree ${STAGEDIR}/work
47 | setup_entropy ${STAGEDIR}/work
48 | 
49 | cat > ${STAGEDIR}/work/etc/fstab << EOF
50 | # Device		Mountpoint	FStype	Options		Dump	Pass#
51 | /dev/ufs/${VGALABEL}	/		ufs	ro,noatime	1	1
52 | tmpfs			/tmp		tmpfs	rw,mode=01777	0	0
53 | EOF
54 | 
55 | makefs -B little -o label=${VGALABEL} -o version=2 \
56 |     ${STAGEDIR}/root.part ${STAGEDIR}/work
57 | 
58 | GPTDUMMY=
59 | UEFIBOOT=
60 | 
61 | if [ -n "${PRODUCT_UEFI}" -a -z "${PRODUCT_UEFI%%*"${SELF}"*}" ]; then
62 | 	GPTDUMMY="-p freebsd-swap::512k"
63 | 	UEFIBOOT="-p efi:=efiboot.img"
64 | 
65 | 	setup_efiboot ${STAGEDIR}/efiboot.img \
66 | 	    ${STAGEDIR}/work/boot/loader.efi
67 | fi
68 | 
69 | echo -n ">>> Building vga image... "
70 | 
71 | (cd ${STAGEDIR}; mkimg -s gpt -o ${VGAIMG} -b work/boot/pmbr ${UEFIBOOT} \
72 |     -p freebsd-boot:=work/boot/gptboot ${GPTDUMMY} -p freebsd-ufs:=root.part)
73 | 
74 | echo "done"
75 | 
76 | sign_image ${VGAIMG}
77 | 


--------------------------------------------------------------------------------
/build/vm.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2016-2022 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | set -e
 29 | 
 30 | SELF=vm
 31 | 
 32 | . ./common.sh
 33 | 
 34 | check_image ${SELF} ${@}
 35 | 
 36 | VMFORMAT="vmdk"
 37 | VMSIZE="20G"
 38 | VMSWAP="1G"
 39 | VMEXTRAS=${SELF}
 40 | 
 41 | if [ -n "${1}" ]; then
 42 | 	VMFORMAT=${1}
 43 | fi
 44 | 
 45 | if [ -n "${2}" ]; then
 46 | 	VMSIZE=${2}
 47 | fi
 48 | 
 49 | if [ -n "${3}" ]; then
 50 | 	if [ "${3}" != "off" -a "${3}" != "never" ]; then
 51 | 		VMSWAP=${3}
 52 | 	else
 53 | 		VMSWAP=
 54 | 	fi
 55 | fi
 56 | 
 57 | if [ -n "${4}" ]; then
 58 | 	VMEXTRAS=${4}
 59 | fi
 60 | 
 61 | VMIMG="${IMAGESDIR}/${PRODUCT_RELEASE}-vm-${PRODUCT_ARCH}.${VMFORMAT}"
 62 | VMBASE="vmbase"
 63 | 
 64 | sh ./clean.sh ${SELF}
 65 | 
 66 | setup_stage ${STAGEDIR} mnt
 67 | 
 68 | truncate -s ${VMSIZE} ${STAGEDIR}/${VMBASE}
 69 | DEV=$(mdconfig -t vnode -f ${STAGEDIR}/${VMBASE})
 70 | 
 71 | if [ -n "${PRODUCT_ZFS}" ]; then
 72 | 	ZPOOL=${PRODUCT_ZFS}
 73 | 
 74 | 	# avoid clobbering existing pools
 75 | 	for IMPORT in $(zpool import 2> /dev/null | awk '$1 == "pool:" { print $2}'); do
 76 | 		if [ ${IMPORT} = ${ZPOOL} ]; then
 77 | 			echo ">>> ZFS pool '${ZPOOL}' already exists"
 78 | 			exit 1
 79 | 		fi
 80 | 	done
 81 | 
 82 | 	# 4k sector alignment
 83 | 	gnop create -S 4096 ${DEV}
 84 | 
 85 | 	# create ZFS pool like installer would
 86 | 	zpool create -R ${STAGEDIR}/mnt ${ZPOOL} ${DEV}.nop
 87 | 	zfs create -o mountpoint=none ${ZPOOL}/ROOT
 88 | 	zfs create -o mountpoint=/ ${ZPOOL}/ROOT/default
 89 | 	zfs create -o mountpoint=/tmp -o exec=on -o setuid=off ${ZPOOL}/tmp
 90 | 	zfs create -o mountpoint=/usr -o canmount=off ${ZPOOL}/usr
 91 | 	zfs create ${ZPOOL}/usr/home
 92 | 	zfs create -o setuid=off ${ZPOOL}/usr/ports
 93 | 	zfs create ${ZPOOL}/usr/src
 94 | 	zfs create -o mountpoint=/var -o canmount=off ${ZPOOL}/var
 95 | 	zfs create -o exec=off -o setuid=off ${ZPOOL}/var/audit
 96 | 	zfs create -o exec=off -o setuid=off ${ZPOOL}/var/crash
 97 | 	zfs create -o exec=off -o setuid=off ${ZPOOL}/var/log
 98 | 	zfs create -o atime=on ${ZPOOL}/var/mail
 99 | 	zfs create -o setuid=off ${ZPOOL}/var/tmp
100 | 	zpool set bootfs=${ZPOOL}/ROOT/default ${ZPOOL}
101 | 
102 | 	GPTNAME=gptzfsboot
103 | 	ROOTFS=zfs
104 | else
105 | 	newfs /dev/${DEV}
106 | 	mount /dev/${DEV} ${STAGEDIR}/mnt
107 | 
108 | 	GPTNAME=gptboot
109 | 	ROOTFS=ufs/rootfs
110 | fi
111 | 
112 | setup_base ${STAGEDIR}/mnt
113 | 
114 | # need these again later
115 | cp -R ${STAGEDIR}/mnt/boot ${STAGEDIR}
116 | 
117 | setup_kernel ${STAGEDIR}/mnt
118 | setup_xtools ${STAGEDIR}/mnt
119 | setup_packages ${STAGEDIR}/mnt
120 | setup_extras ${STAGEDIR}/mnt ${VMEXTRAS}
121 | setup_entropy ${STAGEDIR}/mnt
122 | setup_xbase ${STAGEDIR}/mnt
123 | 
124 | cat > ${STAGEDIR}/mnt/etc/fstab << EOF
125 | # Device	Mountpoint	FStype	Options	Dump	Pass#
126 | EOF
127 | 
128 | if [ -z "${PRODUCT_ZFS}" ]; then
129 | 	cat >> ${STAGEDIR}/mnt/etc/fstab << EOF
130 | /dev/gpt/rootfs	/		ufs	rw	1	1
131 | EOF
132 | 	fi
133 | 
134 | GPTBOOT="-p freebsd-boot/bootfs:=boot/${GPTNAME}"
135 | GPTDUMMY="-p freebsd-swap::512k"
136 | MBRBOOT="-b boot/pmbr"
137 | SWAPARGS=
138 | UEFIBOOT=
139 | 
140 | if [ -n "${VMSWAP}" ]; then
141 | 	SWAPARGS="-p freebsd-swap/swapfs::${VMSWAP}"
142 | 	cat >> ${STAGEDIR}/mnt/etc/fstab << EOF
143 | /dev/gpt/swapfs	none		swap	sw	0	0
144 | EOF
145 | fi
146 | 
147 | if [ -n "${PRODUCT_UEFI}" -a -z "${PRODUCT_UEFI%%*"${SELF}"*}" ]; then
148 | 	UEFIBOOT="-p efi/efifs:=efiboot.img"
149 | 
150 | 	setup_efiboot ${STAGEDIR}/efiboot.img \
151 | 	    ${STAGEDIR}/boot/loader.efi $((260 * 1024))
152 | 
153 | 	cat >> ${STAGEDIR}/mnt/etc/fstab << EOF
154 | /dev/gpt/efifs	/boot/efi	msdosfs	rw	2	2
155 | EOF
156 | fi
157 | 
158 | if [ ${PRODUCT_ARCH} = "aarch64" ]; then
159 | 	GPTBOOT=
160 | 	MBRBOOT=
161 | 
162 | 	# produce even number of partitions
163 | 	if [ -n "${VMSWAP}" -a -z "${UEFIBOOT}" ]; then
164 | 		GPTDUMMY=
165 | 	elif [ -z "${VMSWAP}" -a -n "${UEFIBOOT}" ]; then
166 | 		GPTDUMMY=
167 | 	fi
168 | else
169 | 	# produce even number of partitions
170 | 	if [ -z "${VMSWAP}" -a -z "${UEFIBOOT}" ]; then
171 | 		GPTDUMMY=
172 | 	elif [ -n "${VMSWAP}" -a -n "${UEFIBOOT}" ]; then
173 | 		GPTDUMMY=
174 | 	fi
175 | fi
176 | 
177 | if [ "${3}" == "never" ]; then
178 | 	GPTDUMMY=
179 | fi
180 | 
181 | if [ -n "${PRODUCT_ZFS}" ]; then
182 | 	zpool export ${ZPOOL}
183 | else
184 | 	umount ${STAGEDIR}/mnt
185 | fi
186 | mdconfig -d -u ${DEV}
187 | 
188 | echo -n ">>> Building vm image... "
189 | 
190 | (cd ${STAGEDIR}; mkimg -s gpt -f ${VMFORMAT} -o ${VMIMG} \
191 |     ${MBRBOOT} ${UEFIBOOT} ${GPTBOOT} ${GPTDUMMY} ${SWAPARGS} \
192 |     -p freebsd-${ROOTFS}:=${VMBASE})
193 | 
194 | echo "done"
195 | 
196 | sign_image ${VMIMG}
197 | 


--------------------------------------------------------------------------------
/build/xtools.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2016-2025 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | SELF=xtools
31 | 
32 | . ./common.sh
33 | 
34 | if [ -z "${PRODUCT_CROSS}" ]; then
35 | 	echo ">>> No need to build xtools on native build"
36 | 	exit 0
37 | fi
38 | 
39 | XTOOLSET=$(find_set xtools)
40 | 
41 | if [ -f "${XTOOLSET}" -a -z "${1}" ]; then
42 | 	echo ">>> Reusing xtools set: ${XTOOLSET}"
43 | 	exit 0
44 | fi
45 | 
46 | git_branch ${SRCDIR} ${SRCBRANCH} SRCBRANCH
47 | git_version ${SRCDIR}
48 | 
49 | XTOOLSET=${SETSDIR}/xtools-${PRODUCT_VERSION}-${PRODUCT_ARCH}.txz
50 | 
51 | setup_stage ${STAGEDIR}
52 | 
53 | MAKE_ARGS="
54 | -j${CPUS}
55 | TARGET_ARCH=${PRODUCT_ARCH}
56 | SRCCONF=${CONFIGDIR}/src.conf
57 | __MAKE_CONF=
58 | "
59 | 
60 | ${ENV_FILTER} make -C${SRCDIR} ${MAKE_ARGS} native-xtools
61 | 
62 | sh ./clean.sh ${SELF}
63 | 
64 | ${ENV_FILTER} make -C${SRCDIR} ${MAKE_ARGS} native-xtools-install \
65 | 	DESTDIR=${STAGEDIR}
66 | 
67 | echo -n ">>> Generating xtools set... "
68 | 
69 | tar -C ${STAGEDIR}/nxb-bin -cJf ${XTOOLSET} .
70 | 
71 | echo "done"
72 | 


--------------------------------------------------------------------------------
/composite/custom.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2023 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | IMAGE=${1}
29 | 
30 | set -e
31 | 
32 | eval "$(make print-PLUGINSDIR,PLUGINSENV)"
33 | 
34 | # handle path-based plugins as custom install for target image
35 | MISSING=
36 | PLUGINS=
37 | PRESENT=
38 | 
39 | if [ -n "${ADDITIONS}" ]; then
40 | 	for ADDITION in ${ADDITIONS}; do
41 | 		if [ -z "${ADDITION##*/*}" ]; then
42 | 			MISSING="${MISSING} ${ADDITION}"
43 | 		else
44 | 			PRESENT="${PRESENT} ${ADDITION}"
45 | 		fi
46 | 	done
47 | fi
48 | 
49 | if [ -z "${IMAGE}" ]; then
50 | 	echo ">>> Cannot continue without image target"
51 | 	exit 1
52 | fi
53 | 
54 | ADDITIONS=${PRESENT}
55 | 
56 | # assume master branch use but provide stable package (PLUGIN_DEVEL empty)
57 | export PLUGINSBRANCH=master
58 | export EXTRABRANCH=
59 | make update-plugins
60 | 
61 | for PLUGIN in ${MISSING}; do
62 | 	if [ ! -d ${PLUGINSDIR}/${PLUGIN} ]; then
63 | 		echo ">>> Cannot continue without missing plugin ${PLUGIN}"
64 | 		exit 1
65 | 	fi
66 | 
67 | 	# remove previous iterations of the same plugin to be fail-safe
68 | 	NAME=$(make -C ${PLUGINSDIR}/${PLUGIN} PLUGIN_DEVEL= -v PLUGIN_PKGNAME)
69 | 	make plugins-${NAME} PLUGINSLIST="${PLUGIN}" PLUGINSENV="${PLUGINSENV} PLUGIN_DEVEL="
70 | 
71 | 	ADDITIONS="${ADDITIONS} ${NAME}"
72 | 	PLUGINS="${PLUGINS} ${PLUGIN}"
73 | done
74 | 
75 | make clean-${IMAGE} ${IMAGE} ADDITIONS="${ADDITIONS}"
76 | 


--------------------------------------------------------------------------------
/composite/distribution.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2021-2022 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | eval "$(make print-PRODUCT_ARCH,PRODUCT_CORE,SETSDIR)"
29 | 
30 | PACKAGESET=$(find ${SETSDIR} -name "packages-*-${PRODUCT_ARCH}.tar")
31 | 
32 | if [ ! -f "${PACKAGESET}" ]; then
33 | 	echo ">>> Cannot continue without packages set"
34 | 	exit 1
35 | fi
36 | 
37 | COREFILE=$(tar -tf ${PACKAGESET} | grep -x "\./All/${PRODUCT_CORE}-[0-9].*\.pkg")
38 | 
39 | if [ -z "${COREFILE}" ]; then
40 | 	echo ">>> Cannot continue without core package: ${PRODUCT_CORE}"
41 | 	exit 1
42 | fi
43 | 
44 | COREFILE=$(basename ${COREFILE%%.pkg})
45 | COREFILE=$(basename ${COREFILE%%_*})
46 | 
47 | make clean-obj,release,images release VERSION=${COREFILE##*-}
48 | 


--------------------------------------------------------------------------------
/composite/factory.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2022 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | eval "$(make print-PRODUCT_ARCH,PRODUCT_CORE,PRODUCT_ZFS,SETSDIR)"
29 | 
30 | PACKAGESET=$(find ${SETSDIR} -name "packages-*-${PRODUCT_ARCH}.tar")
31 | 
32 | if [ ! -f "${PACKAGESET}" ]; then
33 | 	echo ">>> Cannot continue without packages set"
34 | 	exit 1
35 | fi
36 | 
37 | COREFILE=$(tar -tf ${PACKAGESET} | grep -x "\./All/${PRODUCT_CORE}-[0-9].*\.pkg")
38 | 
39 | if [ -z "${COREFILE}" ]; then
40 | 	echo ">>> Cannot continue without core package: ${PRODUCT_CORE}"
41 | 	exit 1
42 | fi
43 | 
44 | COREFILE=$(basename ${COREFILE%%.pkg})
45 | 
46 | FS=ufs
47 | if [ -n "${PRODUCT_ZFS}" ]; then
48 | 	FS=zfs
49 | fi
50 | 
51 | make vm-raw,4G,never,serial compress-vm VERSION=${COREFILE##*-}-${FS}
52 | 


--------------------------------------------------------------------------------
/composite/hotfix.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2017-2024 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | TARGET=${1}
 29 | MSGS=
 30 | 
 31 | set -e
 32 | 
 33 | run_stage()
 34 | {
 35 | 	STAGE=${1}
 36 | 	ARGS=${2}
 37 | 	ENV=${3}
 38 | 
 39 | 	if [ -z "${ARGS}" ]; then
 40 | 		return
 41 | 	fi
 42 | 
 43 | 	make ${STAGE}-${ARGS} PORTSENV="${ENV}"
 44 | 
 45 | 	if [ -s ${STAGEDIR}/.pkg-msg ]; then
 46 | 		MSGS="${MSGS}$(cat ${STAGEDIR}/.pkg-msg)
 47 | "
 48 | 	fi
 49 | }
 50 | 
 51 | eval "$(make print-PRODUCT_CORES,PRODUCT_PLUGINS,STAGEDIR)"
 52 | 
 53 | if [ -z "${TARGET}" ]; then
 54 | 	# run everything except ports in hotfix mode
 55 | 	for STAGE in plugins core packages; do
 56 | 		run_stage ${STAGE} hotfix
 57 | 	done
 58 | elif [ "${TARGET}" = "plugins" -o "${TARGET}" = "core" -o \
 59 |     "${TARGET}" = "ports" ]; then
 60 | 	if [ "${TARGET}" != "ports" ]; then
 61 | 		# force a full rebuild of non-ports
 62 | 		run_stage clean ${TARGET}
 63 | 	fi
 64 | 
 65 | 	run_stage ${TARGET} hotfix "MISMATCH=no ${PORTSENV}"
 66 | 
 67 | 	# do not immediately echo what was being printed
 68 | 	MSGS=
 69 | else
 70 | 	ARG_PORTS=
 71 | 	ARG_PLUGINS=
 72 | 	ARG_CORE=
 73 | 
 74 | 	# figure out which stage a package belongs to
 75 | 	for PACKAGE in $(echo ${TARGET} | tr ',' ' '); do
 76 | 		if [ -z "${PRODUCT_CORES%%*"${PACKAGE}"*}" ]; then
 77 | 			if [ -n "${ARG_CORE}" ]; then
 78 | 				ARG_CORE="${ARG_CORE},"
 79 | 			fi
 80 | 			ARG_CORE="${ARG_CORE}${PACKAGE}"
 81 | 		elif [ "${PRODUCT_PLUGINS}" = "${PACKAGE%%-*}-*" ]; then
 82 | 			if [ -n "${ARG_PLUGINS}" ]; then
 83 | 				ARG_PLUGINS="${ARG_PLUGINS},"
 84 | 			fi
 85 | 			ARG_PLUGINS="${ARG_PLUGINS}${PACKAGE}"
 86 | 		else
 87 | 			if [ -n "${ARG_PORTS}" ]; then
 88 | 				ARG_PORTS="${ARG_PORTS},"
 89 | 			fi
 90 | 			ARG_PORTS="${ARG_PORTS}${PACKAGE}"
 91 | 		fi
 92 | 	done
 93 | 
 94 | 	# run all stages required for this hotfix run
 95 | 	run_stage ports "${ARG_PORTS}" "DEPEND=no PRUNE=no ${PORTSENV}"
 96 | 	run_stage plugins "${ARG_PLUGINS}"
 97 | 	run_stage core "${ARG_CORE}"
 98 | 	run_stage packages hotfix
 99 | fi
100 | 
101 | if [ -n "${MSGS}" ]; then
102 | 	echo "=============================================================="
103 | 	echo ">>> WARNING: The hotfixing provided additional info."
104 | 	echo -n "${MSGS}"
105 | fi
106 | 


--------------------------------------------------------------------------------
/composite/nightly.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # Copyright (c) 2017-2024 Franco Fichtner <franco@opnsense.org>
  4 | #
  5 | # Redistribution and use in source and binary forms, with or without
  6 | # modification, are permitted provided that the following conditions
  7 | # are met:
  8 | #
  9 | # 1. Redistributions of source code must retain the above copyright
 10 | #    notice, this list of conditions and the following disclaimer.
 11 | #
 12 | # 2. Redistributions in binary form must reproduce the above copyright
 13 | #    notice, this list of conditions and the following disclaimer in the
 14 | #    documentation and/or other materials provided with the distribution.
 15 | #
 16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 26 | # SUCH DAMAGE.
 27 | 
 28 | CLEAN=packages
 29 | CONTINUE=
 30 | STAGENUM=0
 31 | 
 32 | if [ -n "${1}" ]; then
 33 | 	CLEAN=hotfix
 34 | 	CONTINUE=-nightly
 35 | 	PORTSENV="MISMATCH=no"
 36 | fi
 37 | 
 38 | # Stage 1 involves basic builds and preparation, reset progress for stage 2
 39 | STAGE1=${STAGE1:-"clean-obj update info base kernel xtools distfiles clean-${CLEAN}"}
 40 | 
 41 | # Stage 2 centers around ports, packages and QA for partial or full rebuild
 42 | STAGE2=${STAGE2:-"options ports plugins core audit test clean-obj"}
 43 | 
 44 | # Do not error out on these optional targets
 45 | NOERROR=${NOERROR:-"distfiles options audit test"}
 46 | 
 47 | # Number of error lines to log separately
 48 | LINES=${LINES:-400}
 49 | 
 50 | eval "$(make print-LOGSDIR,PRODUCT_ARCH,PRODUCT_VERSION,STAGEDIR,TARGETDIRPREFIX)"
 51 | 
 52 | for RECYCLE in $(cd ${LOGSDIR}; find . -name "[0-9]*" -type f | \
 53 |     sort -r | tail -n +7); do
 54 | 	(cd ${LOGSDIR}; rm ${RECYCLE})
 55 | done
 56 | 
 57 | mkdir -p ${LOGSDIR}/${PRODUCT_VERSION}
 58 | 
 59 | for STAGE in ${STAGE1}; do
 60 | 	STAGENUM=$(expr ${STAGENUM} + 1)
 61 | 	LOG="${LOGSDIR}/${PRODUCT_VERSION}/$(printf %02d ${STAGENUM})-${STAGE}.log"
 62 | 
 63 | 	# do not force rebuilds by design
 64 | 	(time make ${STAGE} 2>&1 || touch ${LOG}.err) > ${LOG}
 65 | 	if [ -f ${LOG}.err ]; then
 66 | 		echo ">>> Stage ${STAGE} was aborted due to an error, last ${LINES} lines as follows:" > ${LOG}.err
 67 | 		tail -n ${LINES} ${LOG} >> ${LOG}.err
 68 | 
 69 | 		if [ -z "${NOERROR%%*"${STAGE}"*}" ]; then
 70 | 			# continue during opportunistic stages
 71 | 			continue
 72 | 		fi
 73 | 
 74 | 		STAGE2=
 75 | 		break
 76 | 	else
 77 | 		tail -n ${LINES} ${LOG} >> ${LOG}.ok
 78 | 	fi
 79 | done
 80 | 
 81 | for STAGE in ${STAGE2}; do
 82 | 	STAGENUM=$(expr ${STAGENUM} + 1)
 83 | 	LOG="${LOGSDIR}/${PRODUCT_VERSION}/$(printf %02d ${STAGENUM})-${STAGE}.log"
 84 | 
 85 | 	# do not force rebuilds only if requested by user
 86 | 	(time make ${STAGE}${CONTINUE} PORTSENV=${PORTSENV} 2>&1 || \
 87 | 	    touch ${LOG}.err) > ${LOG}
 88 | 	if [ -f ${LOG}.err ]; then
 89 | 		echo ">>> Stage ${STAGE} was aborted due to an error, last ${LINES} lines as follows:" > ${LOG}.err
 90 | 	        tail -n ${LINES} ${LOG} >> ${LOG}.err
 91 | 
 92 | 		if [ -z "${NOERROR%%*"${STAGE}"*}" ]; then
 93 | 			# continue during opportunistic stages
 94 | 			continue
 95 | 		fi
 96 | 
 97 | 		break
 98 | 	else
 99 | 		tail -n ${LINES} ${LOG} >> ${LOG}.ok
100 | 	fi
101 | done
102 | 
103 | (make watch 2>&1) > ${LOGSDIR}/${PRODUCT_VERSION}/watch.log
104 | 
105 | tar -C ${TARGETDIRPREFIX} -cJf \
106 |     ${LOGSDIR}/${PRODUCT_VERSION}-${PRODUCT_ARCH}.txz \
107 |     ${LOGSDIR##${TARGETDIRPREFIX}/}/${PRODUCT_VERSION}
108 | 
109 | rm -rf ${LOGSDIR}/latest
110 | mv ${LOGSDIR}/${PRODUCT_VERSION} ${LOGSDIR}/latest
111 | 
112 | (make upload-log SERVER=${SERVER} UPLOADDIR=${UPLOADDIR} \
113 |     VERSION=${PRODUCT_VERSION} 2>&1) > /dev/null
114 | 


--------------------------------------------------------------------------------
/composite/pkgver.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2025 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | set -e
29 | 
30 | VERSIONS=$(make list-packages | grep All/ | sort)
31 | TARGETS=$(echo ${1} | tr ',' ' ')
32 | 
33 | for TARGET in ${TARGETS}; do
34 | 	RESULT=$(echo "${VERSIONS}" | (grep -i "/${TARGET}-[0-9]" || true))
35 | 	if [ -z "${RESULT}" ]; then
36 | 		echo "${TARGET}: N/A"
37 | 	else
38 | 		RESULT=${RESULT##*-}
39 | 		echo "${TARGET}:" ${RESULT%.pkg}
40 | 	fi
41 | done
42 | 
43 | if [ -z ${TARGET} ]; then
44 | 	for RESULT in ${VERSIONS}; do
45 | 		RESULT=${RESULT#./All/}
46 | 		TARGET=${RESULT%-*}
47 | 		RESULT=${RESULT##*-}
48 | 		echo "${TARGET}:" ${RESULT%.pkg}
49 | 	done
50 | fi
51 | 


--------------------------------------------------------------------------------
/composite/watch.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Copyright (c) 2022-2023 Franco Fichtner <franco@opnsense.org>
 4 | #
 5 | # Redistribution and use in source and binary forms, with or without
 6 | # modification, are permitted provided that the following conditions
 7 | # are met:
 8 | #
 9 | # 1. Redistributions of source code must retain the above copyright
10 | #    notice, this list of conditions and the following disclaimer.
11 | #
12 | # 2. Redistributions in binary form must reproduce the above copyright
13 | #    notice, this list of conditions and the following disclaimer in the
14 | #    documentation and/or other materials provided with the distribution.
15 | #
16 | # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 | # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 | # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | # SUCH DAMAGE.
27 | 
28 | eval "$(make print-LOGSDIR)"
29 | 
30 | CURRENTDIR=$(find -s ${LOGSDIR} -type d -depth 1 \! -name latest | tail -n1)
31 | LOGSTEP=${1}
32 | 
33 | if [ -z "${CURRENTDIR}" ]; then
34 | 	echo "No logs were found"
35 | 	return
36 | fi
37 | 
38 | if [ -z "${LOGSTEP}" ]; then
39 | 	echo nightly build $(basename ${CURRENTDIR})
40 | 	echo ==========================
41 | 	for CURRENTLOG in $(find -s ${CURRENTDIR} -name "??-*.log"); do
42 | 		CURRENTRET=running
43 | 		if [ -f ${CURRENTLOG}.ok ]; then
44 | 			CURRENTRET=ok
45 | 		elif [ -f ${CURRENTLOG}.err ]; then
46 | 			CURRENTRET=error
47 | 		fi
48 | 		CURRENTLOG=${CURRENTLOG#"${CURRENTDIR}/"}
49 | 		CURRENTLOG=${CURRENTLOG%.log}
50 | 		CURRENTLOG=${CURRENTLOG#*-}
51 | 		echo ${CURRENTLOG}: ${CURRENTRET}
52 | 	done
53 | else
54 | 	for CURRENTLOG in $(find ${CURRENTDIR} -name "??-${LOGSTEP}.log"); do
55 | 		if [ -f ${CURRENTLOG}.ok -o -f ${CURRENTLOG}.err ]; then
56 | 			less ${CURRENTLOG}
57 | 		else
58 | 			tail -f ${CURRENTLOG}
59 | 		fi
60 | 		break
61 | 	done
62 | fi
63 | 


--------------------------------------------------------------------------------
/config/25.1/SMP:
--------------------------------------------------------------------------------
 1 | include		GENERIC
 2 | 
 3 | ident		SMP
 4 | 
 5 | %%DEBUG%%
 6 | 
 7 | options		DDB
 8 | options		GEOM_BDE
 9 | options		GEOM_ELI
10 | options		GEOM_MIRROR
11 | options		GEOM_UZIP
12 | options		IPFIREWALL_DEFAULT_TO_ACCEPT
13 | options		IPFIREWALL_VERBOSE
14 | options		IPSTEALTH
15 | options		MROUTING
16 | options		PPS_SYNC
17 | options		RSS
18 | options		TCP_SIGNATURE
19 | 
20 | # Additional built-in devices
21 | device		bwi
22 | device		bwn
23 | device		rum
24 | device		run
25 | device		u3g
26 | device		uark
27 | device		uath
28 | device		uftdi
29 | device		umct
30 | device		umodem
31 | device		upgt
32 | device		uplcom
33 | device		ural
34 | device		urtw
35 | device		uvisor
36 | device		uvscom
37 | device		zyd
38 | 
39 | # Wireless features
40 | device		wlan_acl
41 | device		wlan_xauth
42 | 
43 | # Not all architectures have a consistent GENERIC
44 | device		netmap
45 | 
46 | # Crashes when added to loader.conf
47 | device		speaker
48 | 
49 | # Broken and not needed
50 | nodevice	agp		# agp_close() panic with zpool-import
51 | 


--------------------------------------------------------------------------------
/config/25.1/SMP-ARM:
--------------------------------------------------------------------------------
 1 | include		GENERIC
 2 | 
 3 | ident		SMP
 4 | 
 5 | %%DEBUG%%
 6 | 
 7 | options		DDB
 8 | options		GEOM_BDE
 9 | options		GEOM_ELI
10 | options		GEOM_MIRROR
11 | options		IPFIREWALL_DEFAULT_TO_ACCEPT
12 | options		IPFIREWALL_VERBOSE
13 | options		IPSTEALTH
14 | options		MROUTING
15 | options		PPS_SYNC
16 | options		RSS
17 | options		TCP_SIGNATURE
18 | 
19 | # Additional built-in devices
20 | #device		bwi
21 | device		bwn
22 | #device		rum
23 | #device		run
24 | device		u3g
25 | device		uark
26 | #device		uath
27 | device		uftdi
28 | device		umct
29 | device		umodem
30 | #device		upgt
31 | device		uplcom
32 | #device		ural
33 | #device		urtw
34 | device		uvisor
35 | device		uvscom
36 | #device		zyd
37 | 
38 | # Wireless features
39 | device		wlan_acl
40 | device		wlan_xauth
41 | 
42 | # Not all architectures have a consistent GENERIC
43 | device		netmap
44 | 
45 | # Crashes when added to loader.conf
46 | #device		speaker
47 | 
48 | # ARM specific
49 | device		ucom
50 | device		usb
51 | 


--------------------------------------------------------------------------------
/config/25.1/aux.conf:
--------------------------------------------------------------------------------
 1 | #ORIGIN						IGNORE
 2 | devel/binutils
 3 | devel/cmake-core
 4 | lang/go120
 5 | lang/go121
 6 | lang/go122
 7 | lang/go123
 8 | lang/go124
 9 | lang/rust
10 | 


--------------------------------------------------------------------------------
/config/25.1/build.conf:
--------------------------------------------------------------------------------
1 | APACHE?=	24
2 | LUA?=		5.4
3 | OS?=		14.2
4 | PERL?=		5.40
5 | PHP?=		83
6 | PYTHON?=	311
7 | RUBY?=		33
8 | SSL?=		openssl
9 | 


--------------------------------------------------------------------------------
/config/25.1/extras.conf:
--------------------------------------------------------------------------------
  1 | loader_conf_fixup()
  2 | {
  3 | 	# XXX core package needs a little help here...
  4 |         if [ -f ${1}/usr/local/etc/rc.loader ]; then
  5 | 		chroot ${1} /usr/local/etc/rc.loader
  6 | 	fi
  7 | 
  8 | 	cat >> ${1}/boot/loader.conf << EOF
  9 | kern.cam.boot_delay="10000"
 10 | EOF
 11 | 
 12 | 	if [ "${PRODUCT_SUFFIX}" = "-business" ]; then
 13 | 		cat > ${1}/tmp/mirror.xml << EOF
 14 |     <firmware>
 15 |         <mirror>https://opnsense-update.deciso.com/FILL-IN-YOUR-LICENSE-HERE</mirror>
 16 |     </firmware>
 17 | EOF
 18 | 		sed -i '' -e "/<system>/r ${1}/tmp/mirror.xml" ${1}${CONFIG_XML}
 19 | 		rm ${1}/tmp/mirror.xml
 20 | 	fi
 21 | }
 22 | 
 23 | arm_hook()
 24 | {
 25 | 	loader_conf_fixup ${1}
 26 | 
 27 | 	cat > ${1}/tmp/arm.xml << EOF
 28 |     <use_mfs_tmp/>
 29 |     <use_mfs_var/>
 30 |     <serialspeed>${PRODUCT_COMSPEED}</serialspeed>
 31 |     <primaryconsole>video</primaryconsole>
 32 |     <secondaryconsole>serial</secondaryconsole>
 33 | EOF
 34 | 	sed -i '' -e "/<system>/r ${1}/tmp/arm.xml" ${1}${CONFIG_XML}
 35 | 	rm ${1}/tmp/arm.xml
 36 | 
 37 | 	sed -i '' -e '/<rrd>/,/<\/rrd>/d' ${1}${CONFIG_XML}
 38 | 
 39 | 	echo "-S${PRODUCT_COMSPEED} -D" > ${1}/boot.config
 40 | 
 41 | 	cat >> ${1}/boot/loader.conf << EOF
 42 | beastie_disable="YES"
 43 | verbose_loading="YES"
 44 | comconsole_speed="${PRODUCT_COMSPEED}"
 45 | console="comconsole,vidconsole"
 46 | boot_multicons="YES"
 47 | boot_serial="YES"
 48 | usb_load="YES"
 49 | ugen_load="YES"
 50 | uhid_load="YES"
 51 | ukbd_load="YES"
 52 | umass_load="YES"
 53 | EOF
 54 | 
 55 | 	touch ${1}/.probe.for.growfs
 56 | }
 57 | 
 58 | dvd_hook()
 59 | {
 60 | 	loader_conf_fixup ${1}
 61 | }
 62 | 
 63 | nano_hook()
 64 | {
 65 | 	loader_conf_fixup ${1}
 66 | 
 67 | 	cat > ${1}/tmp/nano.xml << EOF
 68 |     <use_mfs_tmp/>
 69 |     <use_mfs_var/>
 70 |     <serialspeed>${PRODUCT_COMSPEED}</serialspeed>
 71 |     <primaryconsole>serial</primaryconsole>
 72 |     <secondaryconsole>video</secondaryconsole>
 73 | EOF
 74 | 	sed -i '' -e "/<system>/r ${1}/tmp/nano.xml" ${1}${CONFIG_XML}
 75 | 	rm ${1}/tmp/nano.xml
 76 | 
 77 | 	sed -i '' -e "/<rrd>/,/<\/rrd>/d" ${1}${CONFIG_XML}
 78 | 
 79 | 	echo "-S${PRODUCT_COMSPEED} -h -D" > ${1}/boot.config
 80 | 
 81 | 	cat >> ${1}/boot/loader.conf << EOF
 82 | comconsole_speed="${PRODUCT_COMSPEED}"
 83 | console="comconsole,vidconsole"
 84 | boot_multicons="YES"
 85 | boot_serial="YES"
 86 | EOF
 87 | 
 88 | 	touch ${1}/.probe.for.growfs
 89 | }
 90 | 
 91 | serial_hook()
 92 | {
 93 | 	loader_conf_fixup ${1}
 94 | 
 95 | 	cat > ${1}/tmp/serial.xml << EOF
 96 |     <serialspeed>${PRODUCT_COMSPEED}</serialspeed>
 97 |     <primaryconsole>serial</primaryconsole>
 98 | EOF
 99 | 	sed -i '' -e "/<system>/r ${1}/tmp/serial.xml" ${1}${CONFIG_XML}
100 | 	rm ${1}/tmp/serial.xml
101 | 
102 | 	echo "-S${PRODUCT_COMSPEED} -h" > ${1}/boot.config
103 | 
104 | 	cat >> ${1}/boot/loader.conf << EOF
105 | comconsole_speed="${PRODUCT_COMSPEED}"
106 | console="comconsole"
107 | boot_serial="YES"
108 | EOF
109 | }
110 | 
111 | vga_hook()
112 | {
113 | 	loader_conf_fixup ${1}
114 | }
115 | 
116 | vm_hook()
117 | {
118 | 	loader_conf_fixup ${1}
119 | 
120 | 	touch ${1}/.probe.for.growfs
121 | }
122 | 


--------------------------------------------------------------------------------
/config/25.1/kernel.debug:
--------------------------------------------------------------------------------
 1 | # included from kernel.debug
 2 | makeoptions	DEBUG=-g
 3 | makeoptions	WITH_CTF=1
 4 | options		INVARIANTS
 5 | options		INVARIANT_SUPPORT
 6 | options		KASSERT_PANIC_OPTIONAL
 7 | options		KDTRACE_HOOKS
 8 | options		KDTRACE_FRAME
 9 | options		DDB_CTF
10 | #options 	KASAN	# heavy network performance degradation
11 | 


--------------------------------------------------------------------------------
/config/25.1/kernel.default:
--------------------------------------------------------------------------------
1 | # included from kernel.default
2 | nomakeoptions	DEBUG
3 | 


--------------------------------------------------------------------------------
/config/25.1/make.conf:
--------------------------------------------------------------------------------
  1 | # stand-alone glue for dependency detection
  2 | 
  3 | _PRODUCT_ARCH!=		uname -p
  4 | PRODUCT_ARCH?=		${_PRODUCT_ARCH}
  5 | 
  6 | PRODUCT_PHPBIN?=	/usr/local/bin/php
  7 | .if exists(${PRODUCT_PHPBIN})
  8 | _PRODUCT_PHP!=		${PRODUCT_PHPBIN} -v
  9 | PRODUCT_PHP?=		${_PRODUCT_PHP:[2]:S/./ /g:[1..2]:tW:S/ //}
 10 | .endif
 11 | 
 12 | # fallbacks for standard builds using opnsense-code
 13 | 
 14 | PRODUCT_APACHE?=	%%APACHE%%
 15 | PRODUCT_LUA?=		%%LUA%%
 16 | PRODUCT_PERL?=		%%PERL%%
 17 | PRODUCT_PHP?=		%%PHP%%
 18 | PRODUCT_PYTHON?=	%%PYTHON%%
 19 | PRODUCT_RUBY?=		%%RUBY%%
 20 | PRODUCT_SSL?=		%%SSL%%
 21 | 
 22 | PRODUCT_GSSAPI?=	GSSAPI_MIT
 23 | 
 24 | # global options
 25 | 
 26 | OPTIONS_SET=		MONPLUGINS
 27 | OPTIONS_UNSET=		DBUS DOCS EXAMPLES GCC GSSAPI_BASE NAGPLUGINS \
 28 | 			NLS OPENGL WAYLAND X11
 29 | DEFAULT_VERSIONS=	apache=${PRODUCT_APACHE:C/^./&./}
 30 | DEFAULT_VERSIONS+=	lua=${PRODUCT_LUA}
 31 | DEFAULT_VERSIONS+=	perl5=${PRODUCT_PERL}
 32 | DEFAULT_VERSIONS+=	php=${PRODUCT_PHP}
 33 | DEFAULT_VERSIONS+=	python3=${PRODUCT_PYTHON:C/^./&./}
 34 | DEFAULT_VERSIONS+=	python=${PRODUCT_PYTHON:C/^./&./}
 35 | DEFAULT_VERSIONS+=	ruby=${PRODUCT_RUBY:C/^./&./}
 36 | DEFAULT_VERSIONS+=	ssl=${PRODUCT_SSL}
 37 | SRC_BASE=		%%SRCDIR%%
 38 | ALLOW_UNSUPPORTED_SYSTEM=why not
 39 | WARNING_WAIT=		0 # no time
 40 | WRKDIRPREFIX=		/usr/obj
 41 | PACKAGE_BUILDING=	yes
 42 | FORCE_PACKAGE=		yes
 43 | #DEVELOPER=		yes
 44 | BATCH=			yes
 45 | 
 46 | # per-port options
 47 | databases_rrdtool_UNSET=	DEJAVU GRAPH
 48 | databases_sqlite3_SET=		DQS
 49 | devel_git_UNSET=		GITWEB SEND_EMAIL SUBTREE
 50 | dns_getdns_SET=			LIBEV LIBEVENT LIBUV
 51 | dns_unbound_SET=		PYTHON
 52 | ftp_curl_SET=			GSSAPI_NONE
 53 | ftp_curl_UNSET=			LIBSSH2 TLS_SRP
 54 | graphics_graphviz_UNSET=	XPM DIGCOLA IPSEPCOLA ICONV PANGOCAIRO
 55 | mail_postfix_SET=		LDAP SASL SASLKMIT
 56 | mail_postfix_UNSET=		BLACKLISTD
 57 | mail_rspamd_SET=		HYPERSCAN
 58 | math_py-numpy_SET=		NOBLAS
 59 | math_py-numpy_UNSET=		FORTRAN OPENBLAS SUITESPARSE
 60 | net-mgmt_flowd_UNSET=		PERL
 61 | net-mgmt_zabbix5-proxy_SET=	IPMI SQLITE
 62 | net-mgmt_zabbix5-proxy_UNSET=	MYSQL
 63 | net-mgmt_zabbix6-proxy_SET=	SQLITE
 64 | net-mgmt_zabbix6-proxy_UNSET=	MYSQL
 65 | net-mgmt_zabbix7-proxy_SET=	SQLITE
 66 | net-mgmt_zabbix7-proxy_UNSET=	MYSQL
 67 | net-mgmt_zabbix72-proxy_SET=	SQLITE
 68 | net-mgmt_zabbix72-proxy_UNSET=	MYSQL
 69 | net_freeradius3_SET=		LDAP MITKRB_PORT MYSQL SQLITE3
 70 | net_freeradius3_UNSET=		HEIMDAL
 71 | net_frr8_SET=			MULTIPATH SNMP
 72 | net_haproxy_SET=		LUA # PROMEX
 73 | net_miniupnpd_SET=		CHECK_PORTINUSE
 74 | net_openldap26-client_SET=	GSSAPI
 75 | net_openldap26-server_SET=	GSSAPI
 76 | net_openldap26-server_UNSET=	SMBPWD
 77 | net_turnserver_UNSET=		MYSQL PGSQL REDIS SQLITE
 78 | net_vnstat_UNSET=		GUI
 79 | security_acme.sh_SET=		BINDTOOLS EXAMPLES
 80 | security_autossh_SET=		SSH_PORTABLE
 81 | security_ca_root_nss_UNSET=	ETCSYMLINK
 82 | security_crowdsec_SET=		FIREWALL_BOUNCER
 83 | security_cyrus-sasl2-gssapi_SET=${PRODUCT_GSSAPI}
 84 | security_libssh_SET=		${PRODUCT_GSSAPI}
 85 | security_openconnect_UNSET=	GSSAPI
 86 | security_openssl_SET=		LEGACY
 87 | security_strongswan_SET=	EAPRADIUS XAUTH
 88 | security_stunnel_SET=		TLS_LOG_IDENT
 89 | security_suricata_SET=		HYPERSCAN NSS
 90 | security_tor_UNSET=		MANPAGES
 91 | sysutils_msktutil_SET=		${PRODUCT_GSSAPI}
 92 | www_lighttpd_UNSET=		LUA
 93 | www_neon_UNSET=			GSSAPI
 94 | www_nginx_SET=			BROTLI HEADERS_MORE MAIL_IMAP MAIL_POP3 NAXSI NJS VTS
 95 | www_squid_SET=			AUTH_LDAP AUTH_SASL NO_FORGERY5 ${PRODUCT_GSSAPI} TP_PF
 96 | www_squid_UNSET=		AUTH_NIS TP_IPFW
 97 | www_webgrind_SET=		CALLGRAPH
 98 | 
 99 | # for www/caddy-custom
100 | CADDY_CUSTOM_PLUGINS=		github.com/caddyserver/ntlm-transport \
101 | 				github.com/mholt/caddy-dynamicdns \
102 | 				github.com/mholt/caddy-l4 \
103 | 				github.com/mholt/caddy-ratelimit \
104 | 				github.com/caddy-dns/cloudflare
105 | 


--------------------------------------------------------------------------------
/config/25.1/plugins.conf:
--------------------------------------------------------------------------------
  1 | #ORIGIN						IGNORE
  2 | benchmarks/iperf
  3 | databases/redis
  4 | devel/debug
  5 | devel/grid_example
  6 | devel/helloworld
  7 | dns/bind
  8 | dns/ddclient
  9 | dns/dnscrypt-proxy
 10 | dns/rfc2136
 11 | emulators/qemu-guest-agent
 12 | ftp/tftp
 13 | mail/postfix
 14 | mail/rspamd
 15 | misc/theme-advanced
 16 | misc/theme-cicada
 17 | misc/theme-rebellion
 18 | misc/theme-tukan
 19 | misc/theme-vicuna
 20 | net-mgmt/collectd
 21 | net-mgmt/lldpd
 22 | net-mgmt/net-snmp
 23 | net-mgmt/netdata
 24 | net-mgmt/nrpe
 25 | net-mgmt/telegraf
 26 | net-mgmt/zabbix-agent@zabbix5
 27 | net-mgmt/zabbix-agent@zabbix6
 28 | net-mgmt/zabbix-agent@zabbix7
 29 | net-mgmt/zabbix-agent@zabbix72
 30 | net-mgmt/zabbix-proxy@zabbix5
 31 | net-mgmt/zabbix-proxy@zabbix6
 32 | net-mgmt/zabbix-proxy@zabbix7
 33 | net-mgmt/zabbix-proxy@zabbix72
 34 | net/chrony
 35 | net/freeradius
 36 | net/frr
 37 | net/ftp-proxy
 38 | net/google-cloud-sdk
 39 | net/haproxy
 40 | net/igmp-proxy
 41 | net/mdns-repeater
 42 | net/ndproxy
 43 | net/ntopng
 44 | net/radsecproxy
 45 | net/realtek-re
 46 | net/relayd
 47 | net/shadowsocks
 48 | net/siproxd
 49 | net/sslh
 50 | net/tayga
 51 | net/turnserver
 52 | net/udpbroadcastrelay
 53 | net/upnp
 54 | net/vnstat
 55 | net/wol
 56 | net/zerotier
 57 | security/acme-client
 58 | security/clamav
 59 | security/crowdsec
 60 | security/etpro-telemetry
 61 | security/intrusion-detection-content-et-open
 62 | security/intrusion-detection-content-et-pro
 63 | security/intrusion-detection-content-pt-open
 64 | security/intrusion-detection-content-snort-vrt
 65 | security/maltrail
 66 | security/openconnect
 67 | security/softether
 68 | security/stunnel
 69 | security/tailscale
 70 | security/tinc
 71 | security/tor
 72 | security/wazuh-agent
 73 | sysutils/apcupsd
 74 | sysutils/apuled
 75 | sysutils/beats
 76 | sysutils/cpu-microcode@amd			aarch64
 77 | sysutils/cpu-microcode@intel			aarch64
 78 | sysutils/dec-hw					aarch64
 79 | sysutils/dmidecode
 80 | sysutils/gdrive-backup
 81 | sysutils/git-backup
 82 | sysutils/hw-probe
 83 | sysutils/lcdproc-sdeclcd			aarch64
 84 | sysutils/munin-node
 85 | sysutils/nextcloud-backup
 86 | sysutils/node_exporter
 87 | sysutils/nut					aarch64
 88 | sysutils/puppet-agent
 89 | sysutils/sftp-backup
 90 | sysutils/smart
 91 | sysutils/virtualbox				aarch64
 92 | sysutils/vmware
 93 | sysutils/xen					aarch64
 94 | vendor/sunnyvalley				aarch64
 95 | www/OPNProxy
 96 | www/c-icap
 97 | www/cache
 98 | www/caddy
 99 | www/nginx
100 | www/squid
101 | www/web-proxy-sso
102 | 


--------------------------------------------------------------------------------
/config/25.1/ports.conf:
--------------------------------------------------------------------------------
  1 | #ORIGIN						IGNORE
  2 | archivers/php${PRODUCT_PHP}-zlib
  3 | archivers/snappy
  4 | archivers/zip
  5 | audio/beep					aarch64
  6 | benchmarks/iperf3
  7 | benchmarks/stress-ng
  8 | comms/gnokii
  9 | converters/base64
 10 | converters/php${PRODUCT_PHP}-mbstring
 11 | databases/hiredis
 12 | databases/p5-DBD-Pg
 13 | databases/p5-DBD-Sybase
 14 | databases/pecl-mongodb
 15 | databases/php${PRODUCT_PHP}-mysqli
 16 | databases/php${PRODUCT_PHP}-sqlite3
 17 | math/py-bottleneck@py${PRODUCT_PYTHON}		# XXX unbreak py-duckdb
 18 | databases/py-duckdb@py${PRODUCT_PYTHON}
 19 | databases/py-redis@py${PRODUCT_PYTHON}
 20 | databases/py-sqlite3@py${PRODUCT_PYTHON}
 21 | databases/pymongo
 22 | databases/redis72
 23 | databases/rrdtool
 24 | devel/arcanist@php${PRODUCT_PHP}
 25 | devel/automake
 26 | devel/awscli
 27 | devel/bison
 28 | devel/gdb
 29 | devel/gettext
 30 | devel/gettext-runtime
 31 | devel/gettext-tools
 32 | devel/git
 33 | devel/gmake
 34 | devel/libtool
 35 | devel/ninja
 36 | devel/p5-File-Slurp
 37 | devel/p5-Locale-Maketext-Lexicon
 38 | devel/patch
 39 | devel/pear-PHP_CodeSniffer@php${PRODUCT_PHP}
 40 | devel/pecl-xdebug
 41 | devel/php${PRODUCT_PHP}-gettext
 42 | devel/php${PRODUCT_PHP}-pcntl
 43 | devel/phpunit9@php${PRODUCT_PHP}
 44 | devel/pkgconf
 45 | devel/py-Jinja2@py${PRODUCT_PYTHON}
 46 | devel/py-pycodestyle@py${PRODUCT_PYTHON}
 47 | devel/py-pytest@py${PRODUCT_PYTHON}
 48 | devel/py-setuptools@py${PRODUCT_PYTHON}
 49 | devel/py-ujson@py${PRODUCT_PYTHON}
 50 | devel/scons
 51 | dns/bind-tools
 52 | dns/bind920
 53 | dns/ddclient
 54 | dns/dnscrypt-proxy2
 55 | dns/dnsmasq
 56 | dns/getdns
 57 | dns/py-dns-lexicon@py${PRODUCT_PYTHON}
 58 | dns/py-dnspython@py${PRODUCT_PYTHON}
 59 | dns/unbound
 60 | editors/emacs@nox
 61 | editors/joe
 62 | editors/nano
 63 | editors/vim
 64 | emulators/open-vm-tools-nox11
 65 | emulators/qemu@guestagent
 66 | emulators/virtualbox-ose-additions-nox11	aarch64
 67 | ftp/curl
 68 | ftp/php${PRODUCT_PHP}-curl
 69 | ftp/tftp-hpa
 70 | ftp/uftp
 71 | ftp/wget
 72 | lang/perl${PRODUCT_PERL}
 73 | lang/php${PRODUCT_PHP}
 74 | lang/python${PRODUCT_PYTHON}
 75 | lang/ruby${PRODUCT_RUBY}
 76 | mail/pecl-mailparse
 77 | mail/phpmailer
 78 | mail/postfix
 79 | mail/rspamd
 80 | mail/smtp-cli
 81 | math/php${PRODUCT_PHP}-bcmath
 82 | misc/getopt
 83 | misc/gnu-watch
 84 | misc/help2man
 85 | misc/mc-nox11
 86 | devel/py-frozenlist@py${PRODUCT_PYTHON}		# XXX unbreak py-telepot
 87 | www/py-yarl@py${PRODUCT_PYTHON}			# XXX unbreak py-telepot
 88 | net-im/py-telepot@py${PRODUCT_PYTHON}
 89 | net-mgmt/bwm-ng
 90 | net-mgmt/check_mk_agent
 91 | net-mgmt/choparp
 92 | net-mgmt/collectd5
 93 | net-mgmt/flowd
 94 | net-mgmt/icinga2
 95 | net-mgmt/iftop
 96 | net-mgmt/lldpd
 97 | net-mgmt/net-snmp
 98 | net-mgmt/netdata
 99 | net-mgmt/nrpe
100 | net-mgmt/p5-FusionInventory-Agent
101 | net-mgmt/py-opn-cli
102 | net-mgmt/telegraf
103 | net-mgmt/xymon-client
104 | net-mgmt/yaf
105 | net-mgmt/zabbix5-agent
106 | net-mgmt/zabbix5-proxy
107 | net-mgmt/zabbix6-agent
108 | net-mgmt/zabbix6-proxy
109 | net-mgmt/zabbix7-agent
110 | net-mgmt/zabbix7-proxy
111 | net-mgmt/zabbix72-agent
112 | net-mgmt/zabbix72-proxy
113 | net/addrwatch
114 | net/bird2
115 | net/chrony
116 | net/dpinger
117 | net/freeradius3
118 | net/frr8-pythontools
119 | net/frr10-pythontools
120 | net/google-cloud-sdk
121 | net/haproxy
122 | net/hostapd
123 | net/igmpproxy
124 | net/isc-dhcp44-server
125 | net/kea
126 | net/lua-luasocket
127 | net/mdns-repeater
128 | net/miniupnpd
129 | net/mosquitto
130 | net/mpd5
131 | net/mtr@nox11
132 | net/ndproxy
133 | net/ntopng
134 | net/ntp
135 | net/ocserv
136 | net/openldap26-client
137 | net/openldap26-server
138 | net/p5-Net-SIP
139 | net/pecl-radius
140 | net/php${PRODUCT_PHP}-ldap
141 | net/php${PRODUCT_PHP}-soap
142 | net/php${PRODUCT_PHP}-sockets
143 | net/pimd
144 | net/py-ldap3@py${PRODUCT_PYTHON}
145 | net/py-netaddr@py${PRODUCT_PYTHON}
146 | net/py-speedtest-cli@py${PRODUCT_PYTHON}
147 | net/radsecproxy
148 | net/radvd
149 | net/realtek-re-kmod
150 | net/relayd
151 | net/rsync
152 | net/samplicator
153 | net/scapy
154 | net/shadowsocks-libev
155 | net/shadowsocks-rust				aarch64
156 | net/siproxd
157 | net/sslh
158 | net/tayga
159 | net/turnserver
160 | net/udpbroadcastrelay
161 | net/vnstat
162 | net/wol
163 | net/zerotier
164 | opnsense/cpustats
165 | opnsense/dhcp6c
166 | opnsense/dhcrelay
167 | opnsense/filterlog
168 | opnsense/google-api-php-client@php${PRODUCT_PHP}
169 | opnsense/ifinfo
170 | opnsense/installer
171 | opnsense/lang
172 | opnsense/mod_proxy_msrpc
173 | opnsense/netmap-bridge
174 | opnsense/pam
175 | opnsense/phpseclib@php${PRODUCT_PHP}
176 | opnsense/py-haproxy-cli
177 | opnsense/update
178 | ports-mgmt/pkg
179 | print/cups
180 | print/texinfo
181 | security/${PRODUCT_SSL}
182 | security/acme.sh
183 | security/autossh
184 | security/ca_root_nss
185 | security/clamav
186 | security/crowdsec
187 | security/cyrus-sasl2-gssapi
188 | security/expiretable
189 | security/gnupg
190 | security/maltrail
191 | security/nmap
192 | security/openconnect
193 | security/openssh-portable
194 | security/openvpn
195 | security/pear-Crypt_CHAP@php${PRODUCT_PHP}
196 | security/php${PRODUCT_PHP}-filter
197 | security/py-fail2ban@py${PRODUCT_PYTHON}
198 | security/py-vici@py${PRODUCT_PYTHON}
199 | security/snuffleupagus@php${PRODUCT_PHP}
200 | security/softether
201 | security/sslproxy
202 | security/sslscan
203 | security/strongswan
204 | security/stunnel
205 | security/sudo
206 | security/suricata
207 | security/tailscale
208 | security/tinc
209 | security/tor
210 | security/wazuh-agent
211 | security/wpa_supplicant
212 | security/xray-core
213 | security/yara
214 | sysutils/ansible@py${PRODUCT_PYTHON}
215 | sysutils/apcupsd
216 | sysutils/azure-agent
217 | sysutils/bastille
218 | sysutils/beats8
219 | sysutils/burp
220 | sysutils/cciss_vol_status
221 | sysutils/cpu-microcode-amd			aarch64
222 | sysutils/cpu-microcode-intel			aarch64
223 | sysutils/dmidecode
224 | sysutils/ethname
225 | sysutils/flashrom				aarch64
226 | sysutils/flock
227 | sysutils/freecolor
228 | sysutils/freeipmi				aarch64
229 | sysutils/hw-probe
230 | sysutils/iohyve
231 | sysutils/lcdproc				aarch64
232 | sysutils/logrotate
233 | sysutils/lsof
234 | sysutils/monit
235 | sysutils/msktutil
236 | sysutils/multitail
237 | sysutils/munin-node
238 | sysutils/node_exporter
239 | sysutils/nut					aarch64
240 | sysutils/pftop
241 | sysutils/pstree
242 | sysutils/puppet7
243 | sysutils/screen
244 | sysutils/smartmontools
245 | sysutils/superiotool				aarch64
246 | sysutils/sysinfo
247 | sysutils/syslog-ng
248 | sysutils/tmux
249 | sysutils/usb_modeswitch
250 | sysutils/virt-what
251 | sysutils/x86info				aarch64
252 | sysutils/xe-guest-utilities			aarch64
253 | textproc/jq
254 | textproc/minify
255 | textproc/php${PRODUCT_PHP}-ctype
256 | textproc/php${PRODUCT_PHP}-dom
257 | textproc/php${PRODUCT_PHP}-simplexml
258 | textproc/php${PRODUCT_PHP}-xml
259 | textproc/py-jq@py${PRODUCT_PYTHON}
260 | www/apache${PRODUCT_APACHE}
261 | www/c-icap
262 | www/c-icap-modules
263 | www/caddy-custom
264 | www/icapeg
265 | www/lighttpd
266 | www/mod_security
267 | www/nginx
268 | www/phalcon@php${PRODUCT_PHP}
269 | www/php${PRODUCT_PHP}-opcache
270 | www/php${PRODUCT_PHP}-session
271 | www/privoxy
272 | www/py-boto3@py${PRODUCT_PYTHON}
273 | www/py-requests@py${PRODUCT_PYTHON}
274 | www/sarg
275 | www/squid
276 | www/squid-langpack
277 | www/webgrind
278 | x11-fonts/urwfonts
279 | 


--------------------------------------------------------------------------------
/config/25.1/skim.conf:
--------------------------------------------------------------------------------
1 | devel/boost-all
2 | net/dhcp6
3 | net/frr8
4 | ports-mgmt/portlint
5 | security/krb5
6 | security/vuxml
7 | www/caddy
8 | 


--------------------------------------------------------------------------------
/config/25.1/src.conf:
--------------------------------------------------------------------------------
 1 | WITHOUT_ASSERT_DEBUG=yes
 2 | WITHOUT_ATM=yes
 3 | WITHOUT_AUDIT=yes
 4 | WITHOUT_AUTHPF=yes
 5 | WITHOUT_CALENDAR=yes
 6 | WITHOUT_CLANG_FULL=yes
 7 | WITHOUT_CLEAN=yes
 8 | WITHOUT_DICT=yes
 9 | WITHOUT_EXAMPLES=yes
10 | WITHOUT_FREEBSD_UPDATE=yes
11 | WITHOUT_GAMES=yes
12 | WITHOUT_HTML=yes
13 | WITHOUT_IPFILTER=yes
14 | WITHOUT_KERBEROS=yes
15 | WITHOUT_LIB32=yes
16 | WITHOUT_MAIL=yes
17 | WITHOUT_NCP=yes
18 | WITHOUT_NIS=yes
19 | WITHOUT_NLS=yes
20 | WITHOUT_NLS_CATALOGS=yes
21 | WITHOUT_NS_CACHING=yes
22 | WITHOUT_NTP=yes
23 | WITHOUT_OFED=yes
24 | WITHOUT_OPENSSH=yes
25 | WITHOUT_PC_SYSINSTALL=yes
26 | WITHOUT_PORTSNAP=yes
27 | WITHOUT_PROFILE=yes
28 | WITHOUT_QUOTAS=yes
29 | WITHOUT_RESCUE=yes
30 | WITHOUT_SETUID_LOGIN=yes
31 | WITHOUT_SHAREDOCS=yes
32 | WITHOUT_SVN=yes
33 | WITHOUT_SVNLITE=yes
34 | WITHOUT_TALK=yes
35 | WITHOUT_TESTS=yes
36 | WITHOUT_UNBOUND=yes
37 | WITH_TESTS_SUPPORT=yes
38 | 


--------------------------------------------------------------------------------
/device/A10.conf:
--------------------------------------------------------------------------------
 1 | # https://www.deciso.com/netboard-a10/
 2 | 
 3 | serial_hook()
 4 | {
 5 | 	# We do not require any custom hooks for the A10, but for
 6 | 	# the sake of demonstration, we keep this little stub.  :)
 7 | 
 8 | 	: # prevent syntax error
 9 | }
10 | 
11 | # unset this for generic device handling, i.e. no device suffix
12 | unset PRODUCT_DEVICE
13 | 


--------------------------------------------------------------------------------
/device/ARM64.conf:
--------------------------------------------------------------------------------
 1 | # for generic ARM64 machine
 2 | # such as qemu & ESXi virtual machines
 3 | 
 4 | export PRODUCT_KERNEL=SMP-ARM
 5 | export PRODUCT_TARGET=arm64
 6 | export PRODUCT_ARCH=aarch64
 7 | export PRODUCT_WANTS_CROSS="aarch64-binutils qemu-user-static"
 8 | 
 9 | # unset this for generic device handling, i.e. no device suffix
10 | unset PRODUCT_DEVICE
11 | 
12 | arm_install_uboot()
13 | {
14 | }
15 | 


--------------------------------------------------------------------------------
/device/R4S.conf:
--------------------------------------------------------------------------------
 1 | # FriendlyARM NanoPi-R4S (4GB/LPDDR4)
 2 | # https://wiki.friendlyarm.com/wiki/index.php/NanoPi_R4S
 3 | 
 4 | export MAKE_ARGS_DEV="
 5 | UBLDR_LOADADDR=0x42000000
 6 | "
 7 | 
 8 | export PRODUCT_KERNEL=SMP-ARM
 9 | export PRODUCT_TARGET=arm64
10 | export PRODUCT_ARCH=aarch64
11 | export PRODUCT_WANTS="u-boot-nanopi-r4s"
12 | export PRODUCT_WANTS_CROSS="aarch64-binutils qemu-user-static"
13 | export PRODUCT_COMSPEED=1500000
14 | 
15 | export ARM_FAT_SIZE="32m -b 16m"
16 | 
17 | export ARM_UBOOT_DIR="/usr/local/share/u-boot/u-boot-nanopi-r4s"
18 | 
19 | arm_install_uboot()
20 | {
21 |         sysctl kern.geom.debugflags=0x10
22 |         dd if=${ARM_UBOOT_DIR}/idbloader.img of=/dev/${DEV} seek=64 bs=512 conv=sync
23 |         dd if=${ARM_UBOOT_DIR}/u-boot.itb of=/dev/${DEV} seek=16384 bs=512 conv=sync
24 |         sysctl kern.geom.debugflags=0x0
25 | }
26 | 


--------------------------------------------------------------------------------
/device/ROCKPRO64.conf:
--------------------------------------------------------------------------------
 1 | # Pine64 RockPro64 (4GB/LPDDR4)
 2 | # https://wiki.pine64.org/wiki/ROCKPro64
 3 | 
 4 | export MAKE_ARGS_DEV="
 5 | UBLDR_LOADADDR=0x42000000
 6 | "
 7 | 
 8 | export PRODUCT_KERNEL=SMP-ARM
 9 | export PRODUCT_TARGET=arm64
10 | export PRODUCT_ARCH=aarch64
11 | export PRODUCT_WANTS="u-boot-rockpro64"
12 | export PRODUCT_WANTS_CROSS="aarch64-binutils qemu-user-static"
13 | export PRODUCT_COMSPEED=1500000
14 | 
15 | export ARM_FAT_SIZE="32m -b 16m"
16 | 
17 | export ARM_UBOOT_DIR="/usr/local/share/u-boot/u-boot-rockpro64"
18 | 
19 | arm_install_uboot()
20 | {
21 |         sysctl kern.geom.debugflags=0x10
22 |         dd if=${ARM_UBOOT_DIR}/idbloader.img of=/dev/${DEV} seek=64 bs=512 conv=sync
23 |         dd if=${ARM_UBOOT_DIR}/u-boot.itb of=/dev/${DEV} seek=16384 bs=512 conv=sync
24 |         cp -pr ${STAGEDIR}/boot/dtb ${STAGEDIR}/boot/msdos
25 |         sysctl kern.geom.debugflags=0x0
26 | }
27 | 


--------------------------------------------------------------------------------
/device/RPI.conf:
--------------------------------------------------------------------------------
 1 | # https://www.raspberrypi.org/products/raspberry-pi-3-model-b/
 2 | # https://www.raspberrypi.org/products/raspberry-pi-3-model-b-plus/
 3 | # https://www.raspberrypi.com/products/compute-module-3/
 4 | # https://www.raspberrypi.com/products/raspberry-pi-4-model-b/
 5 | # https://www.raspberrypi.com/products/compute-module-4-io-board/
 6 | # https://www.raspberrypi.com/products/compute-module-4/
 7 | # https://www.raspberrypi.com/products/compute-module-4s/
 8 | 
 9 | export MAKE_ARGS_DEV="
10 | UBLDR_LOADADDR=0x42000000
11 | "
12 | 
13 | export PRODUCT_KERNEL=SMP-ARM
14 | export PRODUCT_TARGET=arm64
15 | export PRODUCT_ARCH=aarch64
16 | export PRODUCT_WANTS="u-boot-rpi4 rpi-firmware"
17 | export PRODUCT_WANTS_CROSS="aarch64-binutils qemu-user-static"
18 | 
19 | export ARM_FIRMWARE_DIR="/usr/local/share/rpi-firmware"
20 | export ARM_UBOOT_DIR="/usr/local/share/u-boot/u-boot-rpi4"
21 | 
22 | arm_install_uboot()
23 | {
24 | 	cp -p ${ARM_FIRMWARE_DIR}/LICENCE.broadcom ${STAGEDIR}/boot/msdos
25 | 	cp -p ${ARM_FIRMWARE_DIR}/armstub8*.bin ${STAGEDIR}/boot/msdos
26 | 	cp -p ${ARM_FIRMWARE_DIR}/bcm2710-rpi-3-b*.dtb ${STAGEDIR}/boot/msdos
27 | 	cp -p ${ARM_FIRMWARE_DIR}/bcm2710-rpi-cm*.dtb ${STAGEDIR}/boot/msdos
28 | 	cp -p ${ARM_FIRMWARE_DIR}/bcm2711-rpi-4-b.dtb ${STAGEDIR}/boot/msdos
29 | 	cp -p ${ARM_FIRMWARE_DIR}/bcm2711-rpi-cm*.dtb ${STAGEDIR}/boot/msdos
30 | 	cp -p ${ARM_FIRMWARE_DIR}/bootcode.bin ${STAGEDIR}/boot/msdos
31 | 	cp -p ${ARM_FIRMWARE_DIR}/config_rpi3.txt ${STAGEDIR}/boot/msdos
32 | 	cp -p ${ARM_FIRMWARE_DIR}/config_rpi4.txt ${STAGEDIR}/boot/msdos
33 | 	cp -p ${ARM_FIRMWARE_DIR}/fixup*.dat ${STAGEDIR}/boot/msdos
34 | 	cp -p ${ARM_FIRMWARE_DIR}/start*.elf ${STAGEDIR}/boot/msdos
35 | 	cp -pr ${ARM_FIRMWARE_DIR}/overlays ${STAGEDIR}/boot/msdos/overlays
36 | 	cp -pr ${STAGEDIR}/boot/dtb ${STAGEDIR}/boot/msdos/dtb
37 | 	cp -p ${ARM_UBOOT_DIR}/README ${STAGEDIR}/boot/msdos
38 | 	cp -p ${ARM_UBOOT_DIR}/u-boot.bin ${STAGEDIR}/boot/msdos
39 | }
40 | 


--------------------------------------------------------------------------------
/scripts/parse_ports_log.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python3.7
 2 | import collections
 3 | import argparse
 4 | from datetime import datetime
 5 | 
 6 | 
 7 | def log_reader(filename):
 8 |     with open(filename ,'rb') as f_in:
 9 |         for line in f_in:
10 |             line = line.decode()
11 |             if len(line) >= 22 and line[0] == '[' and line[15] == ']' and line[1:15].isdigit() \
12 |                     and line[17:21] == '===>' and line.find(' for ') > -1:
13 |                 if line.strip().endswith('for building'):
14 |                     continue
15 |                 log_rec = collections.namedtuple('record', ['stage', 'package', 'timestamp', 'ts_epoch'])
16 |                 log_rec.stage = line[22:].split()[0]
17 |                 log_rec.package = line.split(' for ')[-1].split()[0]
18 |                 log_rec.timestamp = datetime(*map(lambda x: int(x), (
19 |                     line[1:5], line[5:7], line[7:9], line[9:11], line[11:13], line[13:15]
20 |                 )))
21 |                 log_rec.ts_epoch = float(log_rec.timestamp.strftime("%s"))
22 | 
23 |                 yield log_rec
24 | 
25 | 
26 | parser = argparse.ArgumentParser()
27 | parser.add_argument('filename', help='ports build log filename')
28 | parser.add_argument('--steps', help='show build steps', action="store_true", default=False)
29 | args = parser.parse_args()
30 | 
31 | stats = dict()
32 | prev_rec = collections.namedtuple('record', ['stage', 'package', 'timestamp', 'ts_epoch'])
33 | for record in log_reader(args.filename):
34 |     if (prev_rec.stage != record.stage or prev_rec.package != record.package) and type(prev_rec.ts_epoch) == float:
35 |         if prev_rec.package not in stats:
36 |             stats[prev_rec.package] = dict()
37 |             stats[prev_rec.package]['__total__'] = 0.0
38 |         if prev_rec.stage not in stats[prev_rec.package]:
39 |             stats[prev_rec.package][prev_rec.stage] = {'count': 0, 'total_time': 0.0}
40 | 
41 |         stats[prev_rec.package][prev_rec.stage]['total_time'] += (record.ts_epoch - prev_rec.ts_epoch)
42 |         stats[prev_rec.package][prev_rec.stage]['count'] += 1
43 |         stats[prev_rec.package]['__total__'] += (record.ts_epoch - prev_rec.ts_epoch)
44 | 
45 |     prev_rec = record
46 | 
47 | total_time = 0.0
48 | for item in sorted(stats.items(), key=lambda x: x[1]['__total__']):
49 |     package = item[0]
50 |     for stage in sorted(item[1]):
51 |         if type(stats[package][stage]) == dict and args.steps:
52 |             print ("%-40s %-5.0f seconds [execs : %d]" % (
53 |                 "%s[%s]" % (package, stage),
54 |                 stats[package][stage]['total_time'],
55 |                 stats[package][stage]['count']
56 |             ))
57 |     print ("%-40s %-5.0f seconds" % (package, stats[package]['__total__']))
58 |     total_time += stats[package]['__total__']
59 | 
60 | print ("%-40s %-5.0f seconds" % ("*", total_time))
61 | 


--------------------------------------------------------------------------------
/scripts/pkg_fingerprint.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | 
3 | PUBKEY=${1}
4 | 
5 | if [ -n "${PUBKEY}" -a -f "${PUBKEY}" ]; then
6 | 	echo "function: \"sha256\""
7 | 	echo "fingerprint: \"$(sha256 -q ${PUBKEY})\""
8 | fi
9 | 


--------------------------------------------------------------------------------
/scripts/pkg_sign.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | PUBKEY=${1}
 4 | PRIVKEY=${2}
 5 | 
 6 | read -t 30 SUM
 7 | [ -z "${SUM}" ] && exit 1
 8 | echo SIGNATURE
 9 | echo -n ${SUM} | openssl dgst -sign "${PRIVKEY}" -sha256 -binary
10 | echo
11 | echo CERT
12 | cat "${PUBKEY}"
13 | echo END
14 | 


--------------------------------------------------------------------------------