BSD Router Project

User Tools

Site Tools

Trace:
documentation:technical_docs:poudriere

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
documentation:technical_docs:poudriere [2023/10/10 01:13] – [Generating firmware image] olivierdocumentation:technical_docs:poudriere [2023/10/12 14:26] – [Set of configuration files] olivier
Line 50: Line 50:
 cat > ~/router-pkglist <<EOF cat > ~/router-pkglist <<EOF
 sysutils/tmux sysutils/tmux
-net/frr8+net/frr9
 net/bird2 net/bird2
 net/mpd5 net/mpd5
Line 151: Line 151:
 | Build a specific kernel file  | Just had to install custom kernel int the custom source tree | Customized kernel | | Build a specific kernel file  | Just had to install custom kernel int the custom source tree | Customized kernel |
 | Build only list of kernel modules | Declaring MODULES_OVERRIDE in -src.conf | Customized module list | | Build only list of kernel modules | Declaring MODULES_OVERRIDE in -src.conf | Customized module list |
-| Advanced scripting for building non-ports softwares | FIXME Not available, no idea of how to cleanly add this feature | Need to build some of /usr/src/tools |+| Advanced scripting for building non-ports softwares | Solution should be to create a port | Need to build some of /usr/src/tools |
 | Advanced tuning of final image | -A post-script and -B pre-script | Generating a mtree (for host-IDS), creating specific users | | Advanced tuning of final image | -A post-script and -B pre-script | Generating a mtree (for host-IDS), creating specific users |
 | Building ports using own (outdated) embedded script | NATIVE role of poudriere | Adding ports to image | | Building ports using own (outdated) embedded script | NATIVE role of poudriere | Adding ports to image |
Line 174: Line 174:
 Then need other configuration files: Then need other configuration files:
   * BSDRP-pkglist : List of packages to be build and included in the final image   * BSDRP-pkglist : List of packages to be build and included in the final image
-  * A kernel configuration file: I'm using the BSDRP amd64 configuration+  * A kernel configuration file: I'm using the [[https://github.com/ocochard/BSDRP/blob/master/BSDRP/kernels/amd64|BSDRP amd64 configuration]]
   * excluded.files: A list of file we want to be exculed during the installworld   * excluded.files: A list of file we want to be exculed during the installworld
-  * overlaydir/usr/local/etc/pkg.conf: with a FILES_IGNORE_GLOB list that will exclude files from being extracted during packages installation+  * [[https://github.com/ocochard/BSDRP/blob/master/BSDRP/Files/usr/local/etc/pkg.conf|overlaydir/usr/local/etc/pkg.conf]]: with a FILES_IGNORE_GLOB list that will exclude files from being extracted during packages installation
 ==== poudriere.d/BSDRPj-src.conf ==== ==== poudriere.d/BSDRPj-src.conf ====
  
 The previous section of the NanoBSD configuration files found in variables CONF_BUILD and CONF_WORLD in file [[https://github.com/ocochard/BSDRP/blob/4febbb26dad24a38275eba344b85f05bc123e59f/BSDRP/BSDRP.nano|BSDRP/BSDRP.nano]] should be copied in this file. The previous section of the NanoBSD configuration files found in variables CONF_BUILD and CONF_WORLD in file [[https://github.com/ocochard/BSDRP/blob/4febbb26dad24a38275eba344b85f05bc123e59f/BSDRP/BSDRP.nano|BSDRP/BSDRP.nano]] should be copied in this file.
  
-As for the BSDRP example, this give this file, that will include the MODULES_OVERRIDE list too +Notice this jail will be used to build the port, so compiler should be kept here.
-<code> +
-cat <<EOF > /usr/local/etc/poudriere.d/BSDRPj-src.conf +
-BOOT_BOOT0_COMCONSOLE_SPEED=0 +
-WITHOUT_ACCT= +
-WITHOUT_AMD= +
-WITHOUT_APM= +
-WITHOUT_ASSERT_DEBUG= +
-WITHOUT_ATF= +
-WITHOUT_ATM= +
-WITHOUT_AUDIT= +
-WITHOUT_AUTHPF= +
-WITHOUT_AUTOFS= +
-WITHOUT_BHYVE= +
-WITHOUT_BLUETOOTH= +
-WITHOUT_BOOTPARAMD= +
-WITHOUT_BOOTPD= +
-WITHOUT_BSDINSTALL= +
-WITHOUT_CALENDAR= +
-WITHOUT_CCD= +
-WITHOUT_CROSS_COMPILER= +
-WITHOUT_CTM= +
-WITHOUT_CVS= +
-WITHOUT_DICT= +
-WITHOUT_EE= +
-WITHOUT_EXAMPLES= +
-WITHOUT_FINGER= +
-WITHOUT_FLOPPY= +
-WITHOUT_FREEBSD_UPDATE= +
-WITHOUT_GAMES= +
-WITHOUT_GCOV= +
-WITHOUT_GNUCXX= +
-WITHOUT_GPIB= +
-WITHOUT_GPIO= +
-WITHOUT_GROFF= +
-WITHOUT_HAST= +
-WITHOUT_HTML= +
-WITHOUT_INFO= +
-WITHOUT_IPX= +
-WITHOUT_IPX_SUPPORT= +
-WITHOUT_ISCSI= +
-WITHOUT_KERBEROS= +
-WITHOUT_LIB32= +
-WITHOUT_LINT= +
-WITHOUT_LLVM_ASSERTIONS= +
-WITHOUT_LLVM_TARGET_ALL= +
-WITHOUT_LOADER_FIREWIRE= +
-WITHOUT_LOADER_GELI= +
-WITHOUT_LOCATE= +
-WITHOUT_LPR= +
-WITHOUT_NCP= +
-WITHOUT_NDIS= +
-WITHOUT_NIS= +
-WITHOUT_NLS= +
-WITHOUT_NLS_CATALOGS= +
-WITHOUT_NS_CACHING= +
-WITHOUT_PC_SYSINSTALL= +
-WITHOUT_PORTSNAP= +
-WITHOUT_PROFILE= +
-WITHOUT_QUOTAS= +
-WITHOUT_RBOOTD= +
-WITHOUT_RCMDS= +
-WITHOUT_RCS= +
-WITHOUT_RESCUE= +
-WITHOUT_ROUTED= +
-WITHOUT_SENDMAIL= +
-WITHOUT_SERVICESDB= +
-WITHOUT_SHAREDOCS= +
-WITHOUT_SVNLITE= +
-WITHOUT_SYSCONS= +
-WITHOUT_SYSINSTALL= +
-WITHOUT_TALK= +
-WITHOUT_TESTS= +
-WITHOUT_TESTS_SUPPORT= +
-WITHOUT_TFTP= +
-WITHOUT_TIMED= +
-WITHOUT_UNBOUND= +
-WITHOUT_USB_GADGET_EXAMPLES= +
-WITHOUT_WIRELESS= +
-WITHOUT_WPA_SUPPLICANT_EAPOL= +
-WITHOUT_ZFS= +
-WITH_IDEA= +
-WITH_OFED= +
-WITH_DEBUG_FILES= +
-WITH_RETPOLINE= +
-WITH_REPRODUCIBLE_BUILD= +
-WITH_MALLOC_PRODUCTION= +
-WITH_OPENSSL_KTLS= +
-MODULES_OVERRIDE= \ +
-        backlight \ +
-        blake2 \ +
-        bridgestp \ +
-        carp \ +
-        dtrace \ +
-        dummynet \ +
-        fdescfs \ +
-        if_bridge \ +
-        if_disc \ +
-        if_epair \ +
-        if_gre \ +
-        if_infiniband \ +
-        if_lagg \ +
-        if_stf \ +
-        if_tuntap \ +
-        if_vxlan \ +
-        ipdivert \ +
-        ipfilter \ +
-        ipfw \ +
-        ipfw_nat \ +
-        ipfw_nat64 \ +
-        ipfw_pmod \ +
-        ipfw_nptv6 \ +
-        ipsec \ +
-        i2c \ +
-        fib_dxr \ +
-        ksyms \ +
-        libalias \ +
-        mlx4 \ +
-        mlx4en \ +
-        netgraph \ +
-        nullfs \ +
-        opensolaris \ +
-        pf \ +
-        pfsync \ +
-        pflog \ +
-        rc4 \ +
-        unionfs \ +
-        usb/uether \ +
-        usb/urndis \ +
-        amdsbwd \ +
-        amdsmn \ +
-        amdtemp \ +
-        cpuctl \ +
-        coretemp \ +
-        dpdk_lpm4 \ +
-        dpdk_lpm6 \ +
-        ena \ +
-        ichwd \ +
-        ioat \ +
-        ipmi \ +
-        ispfw \ +
-        hifn \ +
-        hyperv \ +
-        qat \ +
-        qatfw \ +
-        qat_c2xxx \ +
-        hwpmc \ +
-        padlock \ +
-        qlxgb \ +
-        qlxgbe \ +
-        safe \ +
-        vmware +
-EOF +
-</code>+
  
 +The [[https://github.com/ocochard/BSDRP/blob/master/poudriere.etc/poudriere.d/BSDRPj-src.conf|BSDRPj-src.conf]] is on github.
 ==== poudriere.d/image-BSDRPj-src.conf ==== ==== poudriere.d/image-BSDRPj-src.conf ====
  
-Allow to ADD WITHOUT that will be removed during installworld+Allow to ADD WITHOUT_ knob that will be removed during installworld into the final image.
  
-<code> +This is where we remove compiler and other no-more used part. 
-WITHOUT_DEBUG_FILES= + 
-WITHOUT_TOOLCHAIN= +The [[https://github.com/ocochard/BSDRP/blob/master/poudriere.etc/poudriere.d/image-BSDRPj-src.conf|image-BSDRPj-src.conf]] is on github.
-# Still 26M in /usr/includes, need to exclude them with the excludefiles +
-WITHOUT_INCLUDES= +
-WITHOUT_KERNEL_SYMBOLS= +
-WITHOUT_INSTALLLIB= +
-WITHOUT_FDT= +
-WITHOUT_SERVICESDB= +
-</code>+
 ==== poudriere.d/BSDRPj-make.conf ==== ==== poudriere.d/BSDRPj-make.conf ====
  
-This file contains configuration parameters common for all ports. +This file contains build parameters for the ports.
- +
-<code> +
-OPTIONS_UNSET+=DOCS EXAMPLES INFO NLS X11 DOXYGEN +
-lang_perl5.32_UNSET+=DTRACE +
-textproc_expat2_SET+=STATIC +
-net_frr9_SET+=MULTIPATH +
-net_openldap25-client_UNSET+=GSSAPI +
-security_ipsec-tools_SET+=RC5 IDEA RADIUS LDAP +
-security_strongswan_SET+=MEDIATION GCM +
-security_strongswan_UNSET+=EAPAKA3GPP2 EAPSIMFILE SQLITE UNBOUND LOADTESTER TESTVECTOR +
-security_openvpn_SET+=DCO +
-benchmarks_netperf_UNSET+=OMNI +
-sysutils_flashrom_UNSET+=DMIDECODE FTDI +
-sysutils_mstflint_SET+=FWMANAGER ADAB +
-net_mtr_UNSET+=JSON +
-ftp_curl_SET+=GSSAPI_NONE +
-ftp_curl_UNSET+=GSSAPI_BASE IMAP GOPHER HTTP2 LIBSSH2 POP3 PSL RTSP SMTP TELNET +
-</code>+
  
 +The [[https://github.com/ocochard/BSDRP/blob/master/poudriere.etc/poudriere.d/BSDRPj-make.conf|BSDRPj-make.conf]] is on github.
  
 ==== BSDRP-pkglist ==== ==== BSDRP-pkglist ====
  
-Now the list of package to be builded and added to the final image:+This file includes the list of package to be builded and added to the final image.
  
-<code> +The [[https://github.com/ocochard/BSDRP/blob/master/poudriere.etc/poudriere.d/BSDRP-pkglist|BSDRP-pkglist]] is on github. 
-benchmarks/iperf + 
-benchmarks/iperf3 + 
-benchmarks/netperf + 
-editors/vim@tiny + 
-emulators/open-vm-tools@nox11 +==== excluded.files ==== 
-lang/perl5.32 + 
-lang/python +List of files/directory that WITHOUT_ wasn't able to prevent to be on the final image. 
-net-mgmt/bgpq4 + 
-net-mgmt/bsnmp-regex +The [[https://github.com/ocochard/BSDRP/blob/master/poudriere.etc/poudriere.d/excluded.files|excluded.files ]] is on github.
-net-mgmt/bsnmp-ucd +
-net-mgmt/nrpe3 +
-net-mgmt/pmacct +
-net-mgmt/rtrlib +
-net/arping +
-net/bird2@netlink +
-net/dhcp6 +
-net/dhcprelya +
-net/exabgp4 +
-net/freevrrpd +
-net/frr8 +
-net/frr8-pythontools +
-net/graphpath +
-net/isc-dhcp44-server +
-net/ixl_unlock +
-net/mlvpn +
-net/mpd5 +
-net/mrouted +
-net/mrtparse +
-net/mtr +
-net/nc +
-net/netmap-fwd +
-net/ntraceroute +
-net/pimd +
-net/pkt-gen +
-net/quagga-bgp-netgen +
-net/realtek-re-kmod +
-net/tayga +
-net/trafshow +
-net/ucarp +
-net/wireguard-tools +
-ports-mgmt/pkg +
-security/ca_root_nss +
-security/ipsec-tools +
-security/openvpn-devel +
-security/strongswan +
-security/sudo +
-security/tinc +
-sysutils/devcpu-data +
-sysutils/dtrace-toolkit +
-sysutils/flashrom +
-sysutils/fswatch-mon +
-sysutils/intel-pcm +
-sysutils/ipmitool +
-sysutils/monit +
-sysutils/mstflint-lite +
-sysutils/tmux +
-sysutils/x86info +
-</code>+
  
  
Line 444: Line 219:
 The simplest solution is to re-use already existing BSDRP patched source tree: specific kernel configuration files can be installed into these source tree and use after. The simplest solution is to re-use already existing BSDRP patched source tree: specific kernel configuration files can be installed into these source tree and use after.
  
-Start by only patching BSDRP sources (sources and ports) using the BSDRP make.sh script:+Start by only patching BSDRP sources (sources and ports) using the [[https://github.com/ocochard/BSDRP/blob/master/make.sh|BSDRP make.sh]] script:
 <code> <code>
 ./make.sh -U ./make.sh -U
Line 482: Line 257:
 ===== Generating firmware image ===== ===== Generating firmware image =====
  
-Here I'm instructing to build a 4GB image using the previous sets, jail, port-tree.+Here I'm instructing to build a 2GB image using the previous sets, jail, port-tree.
 <code> <code>
 poudriere image -t firmware -s 2g \ poudriere image -t firmware -s 2g \
documentation/technical_docs/poudriere.txt · Last modified: 2024/04/04 12:19 by olivier
Except where otherwise noted, content on this wiki is licensed under the following license: BSD 2-Clause
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki