forge/qubes-builder-alpine
1
0
Fork 0
Code Issues 7 Pull requests Projects Releases 12 Packages Wiki Activity Actions
Builder for QubesOS Alpine Template
22 commits 4 branches 12 tags 231 KiB
Shell 91.4%
Makefile 6.8%
Ruby 1.8%
Find a file
Antoine Martin a789b33382
All checks were successful
/ build-test (pull_request) Successful in 15m37s
Details
forgejo-ci: add 319 tests
2024-08-22 16:18:04 -04:00
.forgejo forgejo-ci: add 319 tests 2024-08-22 16:18:04 -04:00
scripts forgejo-ci: move to forgejo actions 2024-08-21 15:02:08 -04:00
builder.conf Build for Alpine v3.20 2024-07-11 08:58:19 -04:00
Makefile.alpinelinux Ported rest of scripts for use by linux-template-builder 2023-08-25 17:44:09 -04:00
Makefile.builder Support different alpine versions 2023-08-26 17:14:13 -04:00
prepare-chroot-base Support different alpine versions 2023-08-26 17:14:13 -04:00
prepare-chroot-builder Ported rest of scripts for use by linux-template-builder 2023-08-25 17:44:09 -04:00
README.md README: update repo specs 2024-08-22 16:15:59 -04:00

README.md

qubes-builder-alpine

Upstream: https://ayakael.net/forge/qubes-builder-alpine

Description

This repository contains an implementation of a template builder for Alpine Linux for usage by qubes-builder. Packages are pulled from a community repo and packaged in an RPM that is installable by QubesOS.

Current state

Alpine Linux as a QubesOS template is still a work and progress. It is highly encouraged to make bug reports.

The yet-to-be-implemented list

Thus the following use cases are still not supported / tested:

  • sys-net service VM
  • sys-firewall service VM
  • qubes-vm-kernel-support Not adapted for use on Alpine yet, due to it providing a Dracut module. In most cases, it is not necessary as Qubes provides the kernel. This package is only neccessary when VM uses its own kernel, thus a hook is added to Dracut to generate the initrd for use within qubes.

How to install

First, we need to transfer to dom0 the template key.

Within VM, download template key:

curl -JO https://ayakael.net/api/packages/forge/rpm/repository.key

On dom0, transfer and copy key to key store:

qvm-run -p <curl-vm> 'cat </path/to/downloaded/key ' > repository.key
sudo mv repository.key /etc/qubes/repo-templates/keys/RPM-GPG-KEY-ayakael-forge

For installation, you have two options.

Using qvm-template

1) Create repository definition

On dom0, create and edit /etc/qubes/repo-templates/ayakael-templates.repo to match the following

[ayakael-templates]
name=Ayakael templates
baseurl=https://ayakael.net/api/packages/forge/rpm/qubes/r$releasever
enabled=1
gpgcheck=1
gpgkey = file:////etc/qubes/repo-templates/keys/RPM-GPG-KEY-ayakael-forge

2) Install template

qvm-template install alpine320

Manually

1) Download and transfer template RPM

On VM, download desired template RPM available in Packages section

curl -JO https:<url/rpm>

On dom0, transfer RPM

qvm-run -p <curl-vm> 'cat </path/to/downloaded/rpm ' > qubes-template-alpine.rpm

2) Install template

qvm-template --keyring /etc/qubes/repo-templates/keys/RPM-GPG-KEY-forge-ayakael install $(pwd)/qubes-template-alpine.rpm

How to build

Since this template builder uses pre-built Alpine Linux packages for QubesOS template support, it by defaults does not build everything locally. If you want to build them locally, you can follow these steps. If not, you can skip to the next section.

Build packages

1) Set-up build environment on Alpine Linux

apk add alpine-sdk lua-aports
addgroup <yourusername> abuild
mkdir -p /var/cache/distfiles
chmod a+w /var/cache/distfiles
abuild-keygen -a -i
cp /home/user/.abuild/*.pub /etc/apk/keys

(see Creating an Alpine package on Alpine Linux Wiki for more details)

2) Create work directory and clone qports with appropriate branch

mkdir work
cd work
git clone https://ayakael.net/forge/qports -b <desired Qubes Rel, i.e r4.2>

3) Build all packages using buildrepo

buildrepo -a <path/to/qports> -d <path/to/work/dir>/packages qports

4) Make these packages available on an HTTP server and export the following variables that will be picked up by template build

export QUBESALPINE_MIRROR=<https://url-to-custom-repo>
export QUBESALPINE_KEYFILE=<https://url-to-custom-repo-key>

Build template

1) Create work directory and clone qubes-builder-alpine with appropriate branch

mkdir work
cd work
git clone https://ayakael.net/forge/qubes-builder-alpine -b <desired Qubes Rel, i.e r4.2>

2) Set-up build environment for QubesOS template build

git clone https://github.com/QubesOS/qubes-builder
mkdir qubes-builder/qubes-src
ln -s $(pwd) qubes-builder/qubes-src/builder-alpine
cp builder.conf qubes-builder/.
git clone https://github.com/QubesOS/qubes-linux-template-builder qubes-builder/qubes-src/linux-template-builder

3) Setup build information

echo "%define _arch x86_64" >> qubes-builder/qubes-src/linux-template-builder/templates.spec
echo "4.2.0" > qubes-builder/qubes-src/linux-template-builder/version

If you want to build a different Alpine version than default, you can modify qubes-builder/builder.conf on line DIST_VM to alpine (i.e alpine320).

4) Build template

cd qubes-builder
make linux-template-builder

5) Install produced RPM on dom0

qvm-run --pass-io <build-vm> 'cat <path/to/work/dir>/qubes-builder/qubes-src/linux-template-builder/rpm/noarch/qubes-template-*.rpm' > qubes-template-alpine.rpm
qvm-template install --nogpgcheck $(pwd)/qubes-template-alpine.rpm

Issues, recommendations and proposals

To report an issue or share a recommendation

This repo is also mirrored on Codeberg. This facilitates receiving pull requests, and managing issues. You can open an issue here

To make a merge request

  • Fork the repo from Codeberg's mirror here
  • Clone your fork locally. (git clone $repo)
  • Make a branch with a descriptive name (git checkout -b $descriptivename)
  • Make the changes you want to see in the world, commit, and push to the GitLab's remote repo
  • Request a merge here