aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* baseline: Add bootstrap packages fileDavid Runge2021-05-091-0/+2
| | | | | configs/baseline/bootstrap_packages.x86_64: Add a packages file for bootstrap images using the baseline profile and add arch-install-scripts and base to it.
* baseline: Add buildmodes to profiledef.shDavid Runge2021-05-091-0/+1
| | | | | configs/baseline/profiledef.sh: Add `buildmodes` array with default entry for the 'iso' buildmode.
* releng: Add buildmodes to profiledef.shDavid Runge2021-05-091-0/+1
| | | | | configs/releng/profiledef.sh: Add a `buildmodes` array to releng's profiledef.sh with the up-to-now default buildmode 'iso'.
* releng: Add packages file for bootstrap imageDavid Runge2021-05-091-0/+2
| | | | | configs/releng/bootstrap_packages.x86_64: Add packages file for bootstrap images and add arch-install-scripts and base.
* Increase timeout for initial prompt in build VMDavid Runge2021-05-061-1/+1
| | | | | | | .gitlab/ci/build-host.sh: Increase the allowed timeout for reaching the initial prompt in the build VM from 30 to 60 seconds. Fixes #129
* Use QEMU 6.x optionsDavid Runge2021-05-061-3/+3
| | | | | | | | scripts/run_archiso: Change parameters to qemu's `-drive` option to make use of the explicit `read-only=on`, as the implicit `read-only` is now obsolete. Closes #126
* Use QEMU 6.x optionsDavid Runge2021-05-061-1/+1
| | | | | | .gitlab/ci/build-host.sh: Change parameters to qemu's `-drive` option to make use of the explicit `read-only=on`, as the implicit `read-only` is now obsolete.
* Set more generic output for signaturesDavid Runge2021-05-011-2/+2
| | | | | | | | archiso/mkarchiso: Change the help output to reflect that the `-g` option is generically signing a rootfs (which may be e.g. squashfs or erofs). Change the output of `_mksignature()` to be more generic, as it signs any type of understood rootfs image (which may be e.g. squashfs or erofs).
* Force PGP signature file extensionDavid Runge2021-05-011-2/+3
| | | | | | | | archiso/mkarchiso: Force the file extension in use for the PGP signatures of the rootfs to always be .sig. When gnupg's 'armor' configuration option is used, the output otherwise defaults to using .asc. As the verification hook in mkinitcpio-archiso expects the .sig file extension, verifying the rootfs will fail in that scenario.
* Add ephemeral signing key to CI setupDavid Runge2021-05-011-1/+48
| | | | | | | .gitlab/ci/build-inside-vm.sh: Create an ephemeral signing key for signing the rootfs image (e.g. squashfs or erofs) when building the profiles. Implements #125
* Add changelog for v53David Runge2021-05-011-0/+20
| | | | | CHANGELOG.rst: Add changelog for v53
* Add packages for unlocking LUKS2 volumes with systemdDavid Runge2021-04-301-0/+2
| | | | | | configs/releng/packages.x86_64: Add libfido2 for unlocking LUKS2 volumes with FIDO2 tokens. Add tpm2-tss for unlocking LUKS2 volumes with TPM2.
* Add required packages to interact with smartcardsDavid Runge2021-04-301-0/+2
| | | | | | | configs/releng/packages.x86_64: Add libusb-compat and pcsclite as optional dependencies for gnupg to be able to interact with smartcards out-of-the-box. Closes #122
* Remove docs/README.knownissues. Replaced by issue #83.nl67202021-04-301-12/+0
|
* Remove docs/README.build. Superseded by README.rstnl67202021-04-301-68/+0
|
* Move README.profile.rst to docs/nl67202021-04-302-1/+1
| | | | Keep all documentation except the main README in the docs directory.
* Update README.profile.rstnl67202021-04-301-60/+59
| | | | | * Don't nest code blocks inside quote blocks. * Use monospace for paths, options, values, etc.
* Update README.rstnl67202021-04-301-37/+36
| | | | | | | | * Don't nest code blocks inside quote blocks. * Replace bash with sh, as there's nothing bash-specific in the examples. * There is no syntax highlighting for grub, use sh. * Use sentence case for headings. * Use monospace for paths.
* configs/releng/syslinux/: increase serial baud rate to 115200nl67202021-04-302-1/+2
| | | | | | Additionally enable serial in baseline profile. Related to #75.
* mkarchiso: create reproducible gzip archivesnl67202021-04-301-2/+2
| | | | | | Use the gzip option -n/--no-name to prevent saving the original file name and timestamp. Fixes #104.
* mkarchiso: make sure to remove potentially preexisting files from ↵nl67202021-04-301-0/+1
| | | | | | | | $airootfs_dir before creating them with output redirection mkarchiso creates "${airootfs_dir}/etc/machine-id" by using output redirection. If this file is an existing symlink, then the printf output would be written to the symlink target. It can be a big issue in case the symlink resolves to a path outside ${airootfs_dir}. Fixes #121.
* mkarchiso: append IMAGE_ID and IMAGE_VERSION to /etc/os-releasenl67202021-04-301-0/+16
| | | | | | | | | This provides the ISO version information in the os-release file. * IMAGE_ID is set to the value of $iso_name. * IMAGE_VERSION is set to the value of $iso_version. Implements #116.
* Add package count, El Torito EFI image size and initramfs image sizes to ↵nl67202021-04-302-1/+23
| | | | | | | | GitLab metrics Metrics are now collected in build-inside-vm.sh since the files in question are in the work directory. Implements #101 and #111.
* Ignore SC3060 in initcpio hookDavid Runge2021-04-301-1/+1
| | | | | archiso/initcpio/hooks/archiso_pxe_common: Disable shellcheck's SC3060, as ash is able to do bash-like string replacements.
* Fix shellcheck complains in CI scriptsDavid Runge2021-04-302-8/+11
| | | | | | | | | | .gitlab/ci/build-host.sh: Change the readonly TMPDIR variable to a global tmpdir variable and set it in the `init()` function. .gitlab/ci/build-inside-vm.sh: Change assigning the readonly tmpdir variable directly to assigning it after declaring it. Change `cleanup()` and `create_zsync_delta()` to use bash-style statements and also check whether SUDO_GID is set before using it.
* mkarchiso: also add iso name in grub environment blockChristian Hesse2021-04-072-5/+6
|
* mkarchiso: use -isohybrid-gpt-basdat instead of -appended_part_as_gpt for ↵nl67202021-04-071-13/+31
| | | | | | | | | | | | ISOs that will support BIOS booting Some hardware, like Lenovo Thinkpad T420, will not BIOS boot if the disk has a valid GPT. See https://bbs.archlinux.org/viewtopic.php?id=264096 . Instead of a valid GPT, change to a valid MBR and invalid GPT similar to what was used before 729d16b48c99c5d9b23a89123ecde4ecacfa8705. That layout, despite having crazy partition tables, boots everywhere. The difference is that -append_partition is still kept and specified before -isohybrid-gpt-basdat. Thus the appended partition will be listed as EFI system partition in MBR and as Microsoft basic partition in the invalid GPT. Fixes #102.
* Revert "configs/releng: improve UX"David Runge2021-03-302-17/+9
| | | | This reverts commit 8b6f3545e348caf16a2ff30d948ff93b4d9a4b89.
* Add changelog entry for v52David Runge2021-03-301-0/+24
| | | | | CHANGELOG.rst: Add changelog entry for v52
* configs/releng: improve UXnl67202021-03-302-9/+17
| | | | Implements #90
* releng/packages: Add archinstall to the list of packagesGiancarlo Razzolini2021-03-301-0/+1
| | | | Add archinstall to the list of packages thare are installed on the ISO.
* Add releases section with PGP informationDavid Runge2021-03-291-0/+20
| | | | | | | | | README.rst: Add a "Releases" section that specifies who is creating releases and which PGP key ID is used to sign tags. Additionally, information about how to retrieve the relevant public key and how to verify a tag in the repository is added. Fixes #114
* Reduce amount of checked mirrorsDavid Runge2021-03-291-1/+1
| | | | | | | | | configs/releng/airootfs/etc/xdg/reflector/reflector.conf: Reduce the amount mirrors that reflector checks from 70 to 20. This significantly reduces the time it takes to end up with an up-to-date mirrorlist during boot with the releng profile. Fixes #92
* Allow redirects for scriptsDavid Runge2021-03-291-1/+1
| | | | | | | | configs/releng/airootfs/root/.automated_script.sh: Add the `--location` curl parameter (see `man 1 curl`) to allow for curl to retrieve a remote script even if the source is being redirected (e.g. moved permanently) when using the `script=` kernel commandline parameter. Fixes #113
* configs/releng: add and enable ModemManagernl67202021-03-264-1/+5
| | | | | | | | ModemManager's mmcli is the simplest way to connect with WWAN modems. Mention mmcli in MOTD. Implements #110.
* configs/releng: start DHCP client for mobile broadbandnl67202021-03-261-0/+15
| | | | | | Add /etc/systemd/network/20-wwan.network Related to #110.
* configs/releng: rename 20-wireless.network to 20-wlan.networknl67202021-03-261-0/+0
| | | | The file is limited to Wi-Fi (Type=wlan in networkd configuration).
* Update ↵nl67202021-03-262-6/+10
| | | | | | | configs/releng/airootfs/etc/systemd/network/20-{ethernet,wireless}.network * Match the device type instead of the interface name. * Replace DHCP section with DHCPv4/DHCPv6. systemd split the sections.
* mkarchiso: do not set default mksquashfs optionsnl67202021-03-262-7/+1
| | | | | | Remove hardcoded '-comp xz', it prevents using mksquashfs defaults. Fixes #112.
* .gitlab/ci/build-host.sh: install erofs-utilsnl67202021-03-261-1/+1
| | | | Allow building ISOs with EROFS airootfs images in CI.
* .gitlab/ci/build-host.sh: Do not upgrade packages with files in ↵nl67202021-03-211-1/+1
| | | | | | /usr/lib/modules/ Packages with files in /usr/lib/modules/ depend on the current kernel, thus they should not be updated.
* Recursively change file permissions for folders listed in profiledef.shMichael Gilchrist2021-03-212-3/+8
| | | | | - if a folder listed in the associative array ends with a "/", recursively apply chmod and chown.
* add a sound card firmwareAlexander Epaneshnikov2021-03-141-0/+1
|
* .gitlab-ci.yml: do not use build:secure on forksnl67202021-03-141-6/+6
| | | | | | Forks may not have access to secure runners. Restrict build:secure to https://gitlab.archlinux.org/archlinux/archiso/ only. Fixes https://gitlab.archlinux.org/archlinux/archiso/-/issues/106 .
* .gitlab/ci/build-host.sh: increase mksquashfs timeout to 40 minutesnl67202021-03-141-1/+1
| | | | Some mksquashfs runs take a very long time and 1000 seconds might not be enough.
* Create zsync control file for delta downloadsJonathon Fernyhough2021-03-142-1/+11
|
* Support EROFSnl67202021-03-096-12/+85
| | | | | | | | | EROFS, like Squashfs, is a read-only file system. It can be used to store airootfs in an image file. Its advantage is the support for POSIX ACLs. EROFS downside is that currently it only supports LZ4 compression (LZMA support is not yet fully implemented). A difference from Squashfs is that, EROFS stores change time (ctime) not modification time (mtime). The reverse is true for Squashfs. Implements https://gitlab.archlinux.org/archlinux/archiso/-/issues/59
* archiso/initcpio/hooks/archiso: remove redundant /sfs/ from airootfs mount pointnl67202021-03-091-4/+5
| | | | Remove /run/archiso/bootmnt directory if nothing is mounted there. An empty directory is just confusing.
* releng: Add usbmuxd to list of packagesDavid Runge2021-02-161-0/+1
| | | | | | | | configs/releng/packages.x86_64: Add usbmuxd to list of packages, so that users have the option to use iOS devices out-of-the-box for data connection during installation. Fixes #99
* Remove havegedKristian Klausen2021-02-162-3/+0
| | | | | | | | | | | | | | | | | | | haveged was added 8 years ago[1] to increase entropy and presumably to prevent entropy starvation. A few things has changed since, most notable: * the kernel actively tries to add entropy (jitter entropy)[2][3][4][5] * /dev/random no longer blocks after CRNG initialization[6][7] [1] d7e790d ("Initialize pacman keyring on bootup") [2] https://github.com/torvalds/linux/commit/3f2dc2798b81531fd93a3b9b7c39da47ec689e55 [3] https://github.com/torvalds/linux/commit/50ee7529ec4500c88f8664560770a7a1b65db72b [4] https://lore.kernel.org/lkml/alpine.DEB.2.21.1909290010500.2636@nanos.tec.linutronix.de/T/ [5] https://lwn.net/Articles/800509/ [6] https://github.com/torvalds/linux/commit/30c08efec8884fb106b8e57094baa51bb4c44e32 [7] https://lwn.net/Articles/808575/ Fix #98
generated by cgit v1.2.3-70-g09d2 (git 2.51.0) at 2025-12-29 19:56:58 +0000