From cfb489301c8f0b046cda5d2edae00322aa1bf9ff Mon Sep 17 00:00:00 2001 From: Florian Wilhelm Date: Wed, 9 Aug 2023 12:56:54 +0200 Subject: [PATCH] Update to debian trixie --- Dockerfile | 6 +++--- README.md | 4 ++-- builder/bootstrap | 2 +- docs/getting_started.md | 6 +++--- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index 432a9c2..ba3c4cc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,9 @@ -FROM debian:bookworm AS mv_data +FROM debian:trixie AS mv_data RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends build-essential ca-certificates git RUN git clone --depth=1 https://github.com/nkraetzschmar/mv_data RUN make -C mv_data install -FROM debian:bookworm AS aws-kms-pkcs11 +FROM debian:trixie AS aws-kms-pkcs11 RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends build-essential awscli ca-certificates cmake git libcurl4-openssl-dev libengine-pkcs11-openssl libjson-c-dev libssl-dev libp11-kit-dev libp11-dev zlib1g-dev RUN git clone --depth=1 --recurse-submodules -b 1.11.25 https://github.com/aws/aws-sdk-cpp RUN mkdir aws-sdk-cpp/.build && cd aws-sdk-cpp/.build && cmake -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=OFF -DBUILD_ONLY="kms;acm-pca" .. && make -j "$(nproc)" install @@ -11,7 +11,7 @@ RUN git clone --depth=1 -b v0.0.10 https://github.com/JackOfMostTrades/aws-kms-p RUN cd aws-kms-pkcs11 && make -j "$(nproc)" AWS_SDK_STATIC=y install RUN cp "/usr/lib/$(uname -m)-linux-gnu/pkcs11/aws_kms_pkcs11.so" /aws_kms_pkcs11.so -FROM debian:bookworm +FROM debian:trixie COPY pkg.list /pkg.list RUN apt update && DEBIAN_FRONTEND=noninteractive apt install -y --no-install-recommends $(cat /pkg.list) && rm /pkg.list COPY --from=mv_data /usr/bin/mv_data /usr/bin/mv_data diff --git a/README.md b/README.md index 9580f40..f24e902 100644 --- a/README.md +++ b/README.md @@ -35,8 +35,8 @@ In addition to the above components, your configuration directory must include t - `get_commit`: This script should output the Git commit used to tag the build artifacts. - `get_repo`: This script should output the apt package repository to use. - `get_timestamp`: This script should output the timestamp to be used instead of the real system time, ensuring reproducibility of builds. -- `get_version`: This script should output the version of the package repository to use. For example, use `bookworm` for Debian or `today` for Garden Linux. -- `keyring.gpg`: The PGP key used to validate the package repository. For Debian, you can obtain this key from the [debian-archive-keyring](https://packages.debian.org/bookworm/debian-archive-keyring) package. +- `get_version`: This script should output the version of the package repository to use. For example, use `trixie` for Debian or `today` for Garden Linux. +- `keyring.gpg`: The PGP key used to validate the package repository. For Debian, you can obtain this key from the [debian-archive-keyring](https://packages.debian.org/trixie/debian-archive-keyring) package. For a quick start guide on setting up your own config directory with your own features checkout [getting_started.md](docs/getting_started.md). diff --git a/builder/bootstrap b/builder/bootstrap index 4699149..bc8cde4 100755 --- a/builder/bootstrap +++ b/builder/bootstrap @@ -11,7 +11,7 @@ output="$5" chroot_dir="$(mktemp -d)" mount -t tmpfs -o size=2G tmpfs "$chroot_dir" chmod 755 "$chroot_dir" -container=lxc debootstrap --keyring "$keyring" --arch "$arch" --variant minbase "$version" "$chroot_dir" "$repo" bookworm || (cat "$chroot_dir/debootstrap/debootstrap.log"; false) +container=lxc debootstrap --keyring "$keyring" --arch "$arch" --variant minbase "$version" "$chroot_dir" "$repo" trixie || (cat "$chroot_dir/debootstrap/debootstrap.log"; false) gpg --keyring "$keyring" --no-default-keyring --export -a > "$chroot_dir/etc/apt/trusted.gpg.d/keyring.asc" echo "deb $repo $version main" > "$chroot_dir/etc/apt/sources.list" diff --git a/docs/getting_started.md b/docs/getting_started.md index 5cf4810..87b2337 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -15,10 +15,10 @@ To ensure that your local Podman installation is working correctly, you can test ./build base ``` -This command will create a bootable Debian Bookworm disk image at `.build/base-amd64-bookworm-6f72b564.raw` (note that the commit may have changed since the time of writing). You can test run the image using QEMU: +This command will create a bootable Debian Trixie disk image at `.build/base-amd64-trixie-6f72b564.raw` (note that the commit may have changed since the time of writing). You can test run the image using QEMU: ```shell -qemu-system-x86_64 -m 2048 -nodefaults -display none -serial mon:stdio -drive if=pflash,unit=0,readonly=on,format=raw,file=/usr/share/OVMF/OVMF_CODE.fd -drive if=virtio,format=raw,file=.build/base-amd64-bookworm-6f72b564.raw +qemu-system-x86_64 -m 2048 -nodefaults -display none -serial mon:stdio -drive if=pflash,unit=0,readonly=on,format=raw,file=/usr/share/OVMF/OVMF_CODE.fd -drive if=virtio,format=raw,file=.build/base-amd64-trixie-6f72b564.raw ``` Now that we have verified that everything is working correctly, let's proceed to build our own feature. @@ -86,7 +86,7 @@ To test your feature, build the image using the following command: You can then run the image with QEMU using the following command: ```shell -qemu-system-x86_64 -m 2048 -nodefaults -display none -serial mon:stdio -drive if=pflash,unit=0,readonly=on,format=raw,file=/usr/share/OVMF/OVMF_CODE.fd -drive if=virtio,format=raw,file=.build/base-nginx-amd64-bookworm-local.raw -netdev user,id=net0,hostfwd=tcp::8080-:80 -device virtio-net-pci,netdev=net0 +qemu-system-x86_64 -m 2048 -nodefaults -display none -serial mon:stdio -drive if=pflash,unit=0,readonly=on,format=raw,file=/usr/share/OVMF/OVMF_CODE.fd -drive if=virtio,format=raw,file=.build/base-nginx-amd64-trixie-local.raw -netdev user,id=net0,hostfwd=tcp::8080-:80 -device virtio-net-pci,netdev=net0 ``` If everything worked as intended, you should see the system boot up. Once the system is booted, opening http://localhost:8080 in a browser should display the "Hello World!" message.