| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 |
- #!/bin/bash
- # prep release for upload to production container
- set -e
- # make ipxe directory to store ipxe disks
- mkdir -p build/ipxe
- # pull down upstream iPXE
- git clone --depth 1 https://github.com/ipxe/ipxe.git ipxe_build
- # copy iPXE config overrides into source tree
- cp ipxe/local/* ipxe_build/src/config/local/
- # copy certs into source tree
- cp script/*.crt ipxe_build/src/
- # build iPXE disks
- cd ipxe_build/src
- # get current iPXE hash
- IPXE_HASH=`git log -n 1 --pretty=format:"%H"`
- # generate netboot.xyz iPXE disks
- make bin/ipxe.dsk bin/ipxe.iso bin/ipxe.lkrn bin/ipxe.usb bin/ipxe.kpxe bin/undionly.kpxe \
- EMBED=../../ipxe/disks/netboot.xyz TRUST=ca-ipxe-org.crt,ca-netboot-xyz.crt
- mv bin/ipxe.dsk ../../build/ipxe/netboot.xyz.dsk
- mv bin/ipxe.iso ../../build/ipxe/netboot.xyz.iso
- mv bin/ipxe.lkrn ../../build/ipxe/netboot.xyz.lkrn
- mv bin/ipxe.usb ../../build/ipxe/netboot.xyz.usb
- mv bin/ipxe.kpxe ../../build/ipxe/netboot.xyz.kpxe
- mv bin/undionly.kpxe ../../build/ipxe/netboot.xyz-undionly.kpxe
- # generate netboot.xyz iPXE disk for Google Compute Engine
- make bin/ipxe.usb CONFIG=cloud EMBED=../../ipxe/disks/netboot.xyz-gce \
- TRUST=ca-ipxe-org.crt,ca-netboot-xyz.crt
- cp -f bin/ipxe.usb disk.raw
- tar Sczvf netboot.xyz-gce.tar.gz disk.raw
- mv netboot.xyz-gce.tar.gz ../../build/ipxe/netboot.xyz-gce.tar.gz
- # generate netboot.xyz-packet legacy iPXE disk
- make bin/undionly.kpxe \
- EMBED=../../ipxe/disks/netboot.xyz-packet TRUST=ca-ipxe-org.crt,ca-netboot-xyz.crt
- mv bin/undionly.kpxe ../../build/ipxe/netboot.xyz-packet.kpxe
- # generate EFI iPXE disks
- cp config/local/general.h.efi config/local/general.h
- make clean
- make bin-x86_64-efi/ipxe.efi \
- EMBED=../../ipxe/disks/netboot.xyz TRUST=ca-ipxe-org.crt,ca-netboot-xyz.crt
- mkdir -p efi_tmp
- dd if=/dev/zero of=efi_tmp/ipxe.img count=2880
- mformat -i efi_tmp/ipxe.img -m 0xf8 -f 2880
- mmd -i efi_tmp/ipxe.img ::efi ::efi/boot
- mcopy -i efi_tmp/ipxe.img bin-x86_64-efi/ipxe.efi ::efi/boot/bootx64.efi
- genisoimage -o ipxe.eiso -eltorito-alt-boot -e ipxe.img -no-emul-boot efi_tmp
- mv bin-x86_64-efi/ipxe.efi ../../build/ipxe/netboot.xyz.efi
- mv ipxe.eiso ../../build/ipxe/netboot.xyz-efi.iso
- # generate netboot.xyz-packet efi iPXE disk
- make bin-x86_64-efi/ipxe.efi \
- EMBED=../../ipxe/disks/netboot.xyz-packet TRUST=ca-ipxe-org.crt,ca-netboot-xyz.crt
- mv bin-x86_64-efi/ipxe.efi ../../build/ipxe/netboot.xyz-packet.efi
- # iPXE workaround
- # http://lists.ipxe.org/pipermail/ipxe-devel/2018-August/006254.html
- # apply patch to fix arm64 builds on amd64 builds
- sed -i '/WORKAROUND_CFLAGS/d' arch/arm64/Makefile
- # generate EFI arm64 iPXE disk
- make clean
- make CROSS_COMPILE=aarch64-linux-gnu- ARCH=arm64 \
- EMBED=../../ipxe/disks/netboot.xyz TRUST=ca-ipxe-org.crt,ca-netboot-xyz.crt \
- bin-arm64-efi/snp.efi
- mv bin-arm64-efi/snp.efi ../../build/ipxe/netboot.xyz-arm64.efi
- # generate netboot.xyz-packet-arm64 iPXE disk
- make clean
- make CROSS_COMPILE=aarch64-linux-gnu- ARCH=arm64 \
- EMBED=../../ipxe/disks/netboot.xyz-packet TRUST=ca-ipxe-org.crt,ca-netboot-xyz.crt \
- bin-arm64-efi/snp.efi
- mv bin-arm64-efi/snp.efi ../../build/ipxe/netboot.xyz-packet-arm64.efi
- # generate arm64 experimental
- cp config/local/nap.h.efi config/local/nap.h
- cp config/local/usb.h.efi config/local/usb.h
- make clean
- make CROSS_COMPILE=aarch64-linux-gnu- ARCH=arm64 \
- EMBED=../../ipxe/disks/netboot.xyz TRUST=ca-ipxe-org.crt,ca-netboot-xyz.crt \
- bin-arm64-efi/snp.efi
- mv bin-arm64-efi/snp.efi ../../build/ipxe/netboot.xyz-arm64-experimental.efi
- # return to root
- cd ../..
- # generate header for sha256-checksums file
- cd build/
- CURRENT_TIME=`date`
- cat > netboot.xyz-sha256-checksums.txt <<EOF
- # netboot.xyz bootloaders generated at $CURRENT_TIME
- # iPXE Commit: https://github.com/ipxe/ipxe/commit/$IPXE_HASH
- # Travis-CI Job: https://travis-ci.org/antonym/netboot.xyz/builds/$TRAVIS_BUILD_ID
- EOF
- # generate sha256sums for iPXE disks
- cd ipxe/
- for ipxe_disk in `ls .`
- do
- sha256sum $ipxe_disk >> ../netboot.xyz-sha256-checksums.txt
- done
- cat ../netboot.xyz-sha256-checksums.txt
- mv ../netboot.xyz-sha256-checksums.txt .
- cd ../..
- # generate signatures for netboot.xyz source files
- mkdir sigs
- for src_file in `ls src`
- do
- openssl cms -sign -binary -noattr -in src/$src_file \
- -signer script/codesign.crt -inkey script/codesign.key -certfile script/ca-netboot-xyz.crt -outform DER \
- -out sigs/$src_file.sig
- echo Generated signature for $src_file...
- done
- mv sigs src/
- # delete index.html so that we don't overwrite existing content type
- rm src/index.html
- # copy iPXE src code into build directory
- cp -R src/* build/
|
