blob: ae233f445f383c790e998ccaabb236d748ddaed3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
|
#!/bin/sh
set -e
export DEBIAN_FRONTEND=noninteractive
# Do not use virtual machine proxy before apt-cacher-ng is installed
if [ "$http_proxy" = "http://$(hostname -f):3142" ] &&
! [ -f /etc/apt-cacher-ng/acng.conf ]; then
LOCAL_HTTP_PROXY="$http_proxy"
http_proxy=''
fi
rm -f /etc/apt/preferences.d/* /etc/apt/sources.list.d/*
# Add our builder-jessie repository for live-build, and pin it low
echo 'deb http://deb.tails.boum.org/ builder-jessie main' > /etc/apt/sources.list.d/tails.list
sed -e 's/^[[:blank:]]*//' > /etc/apt/preferences.d/tails <<EOF
Package: *
Pin: origin deb.tails.boum.org
Pin-Priority: 99
EOF
sed -e 's/^[[:blank:]]*//' > /etc/apt/preferences.d/discount <<EOF
Package: discount libmarkdown2 libmarkdown2-dev
Pin: origin deb.tails.boum.org
Pin-Priority: 500
EOF
sed -e 's/^[[:blank:]]*//' > /etc/apt/preferences.d/ikiwiki <<EOF
Package: ikiwiki
Pin: origin deb.tails.boum.org
Pin-Priority: 500
EOF
sed -e 's/^[[:blank:]]*//' > /etc/apt/preferences.d/live-build <<EOF
Package: live-build
Pin: origin deb.tails.boum.org
Pin-Priority: 500
EOF
sed -e 's/^[[:blank:]]*//' > /etc/apt/preferences.d/syslinux-utils <<EOF
Package: syslinux-utils
Pin: origin deb.tails.boum.org
Pin-Priority: 500
EOF
# We don't want to use apt-cacher-ng for gpg
http_proxy="" gpg --keyserver hkps.pool.sks-keyservers.net --recv-key C7988EA7A358D82E
gpg --export C7988EA7A358D82E | sudo apt-key add -
# We need a newer version of debootstrap for saving the list of
# packages used when building Tails (#6297).
echo 'deb http://ftp.us.debian.org/debian jessie-backports main' > /etc/apt/sources.list.d/jessie-backports.list
# Ensure that the apt-cacher-ng cache disk is formated and mounted
if [ ! -b /dev/vdb1 ]; then
echo '1,,83' | sfdisk /dev/vdb
mkfs.ext4 /dev/vdb1
fi
if [ -d /var/cache/apt-cacher-ng/ ]; then
if ! mountpoint -q /var/cache/apt-cacher-ng; then
echo "A previous installation has been detected, migrating APT data."
mount /dev/vdb1 /mnt
rsync -a /var/cache/apt-cacher-ng/ /mnt/
rm -rf /var/cache/apt-cacher-ng/*
umount /mnt/
echo "Migration done. You may want to recreate your vagrant box to save disk space."
fi
else
adduser --quiet --system --group --home /var/cache/apt-cacher-ng apt-cacher-ng
fi
if ! mountpoint -q /var/cache/apt-cacher-ng; then
mount /dev/vdb1 /var/cache/apt-cacher-ng
chown -R apt-cacher-ng:apt-cacher-ng /var/cache/apt-cacher-ng
fi
apt-get update
apt-get -o Dpkg::Options::="--force-confold" -y install apt-cacher-ng
# Install custom configuration for apt-cacher-ng and restart
install -o root -g root -m 644 /vagrant/provision/assets/acng.conf /etc/apt-cacher-ng/acng.conf
service apt-cacher-ng restart
# Restore local HTTP proxy if needed
if [ "$LOCAL_HTTP_PROXY" ]; then
http_proxy="$LOCAL_HTTP_PROXY"
fi
# Upgrade if needed
apt-get -y dist-upgrade
# Those are needed to build Tails
apt-get -y install \
debootstrap/jessie-backports \
dpkg-dev \
eatmydata \
gettext \
git \
ikiwiki \
intltool \
libfile-slurp-perl \
liblist-moreutils-perl \
live-build \
rsync \
syslinux-utils \
time \
whois
# Be sure to get all the modules we need for our Ikiwiki
apt-get -y --no-install-recommends install \
libfile-chdir-perl \
libhtml-scrubber-perl \
libhtml-template-perl \
libtext-multimarkdown-perl \
libtimedate-perl \
liburi-perl libhtml-parser-perl \
libxml-simple-perl \
libyaml-libyaml-perl po4a \
libyaml-perl \
libyaml-syck-perl \
perlmagick \
wdg-html-validator
# Add build script
install -o root -g root -m 755 /vagrant/provision/assets/build-tails /usr/local/bin
disable_live_build_conf()
{
local var="$1"
[ -e /etc/live/build.conf ] || return 0
sed -e "/^[[:space:]]*$var=/d" -i /etc/live/build.conf
}
# Force live-build to use the mirrors configured in auto/config
for prefix in MIRROR PARENT_MIRROR ; do
for target in BOOTSTRAP BINARY CHROOT ; do
for archive in '' BACKPORTS SECURITY UPDATES VOLATILE ; do
if [ -z "$archive" ] ; then
archive_suffix=''
else
archive_suffix="_${archive}"
fi
var="LB_${prefix}_${target}${archive_suffix}"
disable_live_build_conf "$var"
done
done
done
# Clean up
apt-get -y autoremove
apt-get -y clean
perl /usr/lib/apt-cacher-ng/expire-caller.pl || echo "The clean-up of apt-cacher-ng's cache failed: this is not fatal and most likely just means that some disk space could not be reclaimed -- in order to fix that situation you need to manually investigate /var/log/apt-cacher-ng/main_*.html " >&2
# XXX: Remove this once we generate a basebox > 20160226
if grep -q "^AcceptEnv" /etc/ssh/sshd_config; then
sed -i 's/^AcceptEnv/#AcceptEnv/' /etc/ssh/sshd_config
systemctl reload ssh.service
fi
# Necessary so that vagrant can merge the base branch
git config --global user.name vagrant
git config --global user.email vagrant@tailsbuilder
|
