diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8338cf2..14d6c4a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,7 +14,7 @@ jobs: - name: shellcheck run: shellcheck builder.sh testnix: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 name: test nix builds strategy: matrix: @@ -32,27 +32,26 @@ jobs: run: | ./.test/run_all.sh example-${{ matrix.example }}.conf output/ testcontainer: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 name: test container builds strategy: matrix: example: ["x86_64", "rpi4", "glinet-gl-ar750", "glinet-gl-mt300n-v2", "nexx-wt3020", "rpi2", "wrt1043nd"] - option: ["--docker", "--podman"] - sudo: ["", "--sudo"] + option: ["--docker --sudo", "--podman", "--podman --sudo"] steps: - name: Checkout uses: actions/checkout@v4 - name: test build example run: | - if [ "${{ matrix.option }}" == "--podman" ]; then + if [[ "${{ matrix.option }}" =~ "podman" ]]; then sudo apt-get -y update sudo apt-get -y install podman fi mkdir -p output time ./builder.sh build-docker-image \ - example-${{ matrix.example }}.conf ${{ matrix.option }} ${{ matrix.sudo }} &&\ + example-${{ matrix.example }}.conf ${{ matrix.option }} &&\ time ./builder.sh build \ - example-${{ matrix.example }}.conf ${{ matrix.option }} ${{ matrix.sudo }} + example-${{ matrix.example }}.conf ${{ matrix.option }} - name: check artefacts run: | ./.test/run_all.sh example-${{ matrix.example }}.conf output/ diff --git a/CHANGELOG.md b/CHANGELOG.md index 5475c03..3ee67f4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog for lede-dockerbuilder +## v3.8 [2025-02-09] + +* Upgrade to OpenWrt 24.10.0 + ## v3.7 [2024-11-10] * Upgrade to OpenWrt 23.05.5 diff --git a/README.md b/README.md index 3fcf72c..d9f9974 100644 --- a/README.md +++ b/README.md @@ -5,19 +5,19 @@ * [What](#what) - * [Note](#note) + * [Note](#note) * [Why](#why) * [How](#how) - * [Using docker](#using-docker) - * [Using nix-shell](#using-nix-shell) - * [Usage](#usage) - * [Builder runtime](#builder-runtime) - * [Configuration file](#configuration-file) - * [File system overlay](#file-system-overlay) - * [Example directory structure](#example-directory-structure) - * [Debugging](#debugging) + * [Using docker](#using-docker) + * [Using nix-shell](#using-nix-shell) + * [Usage](#usage) + * [Builder runtime](#builder-runtime) + * [Configuration file](#configuration-file) + * [File system overlay](#file-system-overlay) + * [Example directory structure](#example-directory-structure) + * [Debugging](#debugging) * [Examples](#examples) - * [Building a x86_64 image and running it in qemu](#building-a-x86_64-image-and-running-it-in-qemu) + * [Building a x86_64 image and running it in qemu](#building-a-x86_64-image-and-running-it-in-qemu) * [Building an OpenWrt snapshot release](#building-an-openwrt-snapshot-release) * [Author](#author) * [License](#license) @@ -31,12 +31,12 @@ for your embedded device or a Raspberry PI) using a self-contained docker container or a [nix-shell](https://nixos.wiki/wiki/Development_environment_with_nix-shell) and the [OpenWrt image builder](https://openwrt.org/docs/guide-user/additional-software/imagebuilder). On the builder host, Docker, podman/buildah (for dockerless operation) or nix-shell is the -only requirement. Supports latest OpenWrt release (23.05.x). +only requirement. Supports latest OpenWrt release (24.10.x). ### Note -The OpenWrt imagebuilder uses pre-compiled packages to build the final image. -Go [here](https://github.com/jandelgado/lede-dockercompiler) if you are looking +The OpenWrt imagebuilder uses pre-compiled packages to build the final image. +Go [here](https://github.com/jandelgado/lede-dockercompiler) if you are looking for a docker images to compile OpenWrt completely from source. ## Why @@ -50,7 +50,7 @@ for a docker images to compile OpenWrt completely from source. ### Using docker -``` +```text $ git clone https://github.com/jandelgado/lede-dockerbuilder.git $ cd lede-dockerbuilder $ ./builder.sh build-docker-image example-nexx-wt3020.conf @@ -71,7 +71,7 @@ $ cd lede-dockerbuilder $ ./builder.sh build example-nexx-wt3020.conf --nix ``` -Using `nix-shell` does not require building a container image or starting a +Using `nix-shell` does not require building a container image or starting a container first, therefore it is usually faster. ### Usage @@ -84,7 +84,7 @@ Usage: $1 COMMAND CONFIGFILE [OPTIONS] build-docker-image - build the docker image (run once first) profiles - show available profiles for current configuration build - start container and build the LEDE/OpenWRT image - shell - start shell in the build dir + shell - start shell in the build dir CONFIGFILE - configuraton file to use OPTIONS: @@ -192,7 +192,7 @@ LEDE_TARGET=ramips LEDE_SUBTARGET=mt7620 # list packages to include in LEDE image. prepend packages to deinstall with "-". -# +# # include all packages to build a mobile NAS supporting disk encryption: # ksmbd (samba4 is too large now for the WT3020's 8MB), cryptsetup. # see https://github.com/namjaejeon/ksmbd-tools for ksmbd info. @@ -284,8 +284,8 @@ These examples evolved from images I use myself. To build an example run `./builder.sh build `, e.g. -```shell -$ ./builder.sh build example-rpi2.conf +```text +$ ./builder.sh build example-rpi2.conf ``` The resulting image can be found in the `output/` directory. The [OpenWrt @@ -295,36 +295,35 @@ describes how to flash the new image in detail. ### Building a x86_64 image and running it in qemu The [example-x86_64.conf](example-x86_64.conf) file can be used to build a -x86_64 based OpenWrt image which can also be run in qemu, e.g. if you need +x86_64 based OpenWrt image which can also be run in qemu, e.g., if you need a virtual router/firewall. First build the image with `builder.sh build example-x86_64.conf`, then unpack the resulting image with e.g. `gunzip -output/openwrt-23.05.0-x86-64-generic-ext4-combined.img.gz`. Finally the image +output/openwrt-24.10.0-x86-64-generic-ext4-combined.img.gz`. Finally the image can be started with qemu (or simply use [run_in_qemu.sh](etc/run_in_qemu.sh)) -```shell +```text qemu-system-x86_64 \ -enable-kvm \ -nographic \ -device ide-hd,drive=d0,bus=ide.0 \ - -netdev user,id=hn0 \ - -device virtio-net-pci,netdev=hn0,id=wan \ - -netdev user,id=hn1,hostfwd=tcp::5555-:22001 \ - -device virtio-net-pci,netdev=hn1,id=lan \ - -drive id=d0,if=none,file=output/openwrt-19.07.0-x86-64-combined-ext4.img + -device virtio-net-pci,netdev=hn0,id=lan \ + -netdev user,id=hn0,net=192.168.1.0/24,host=192.168.1.2,hostfwd=tcp::1122-192.168.1.1:22,hostfwd=tcp::8443-192.168.1.1:443\ + -device virtio-net-pci,netdev=hn1,id=wan \ + -netdev user,id=hn1\ + -drive id=d0,if=none,file="$IMG" ``` -The `hostfwd=...` part can be omitted and is used in case you redirect port -22001 on your WAN adapter to port 22 of the LAN adapter, in case you want to -access SSH in the VM from your qemu-host. Check the `/etc/config/firewall` file -for details. - Qemu will assign the IP address `10.0.2.15/24` to the `WAN` interface (`eth1`) and OpenWrt the address `192.168.1.1/24` to the `LAN` (`br-lan` bridge with `eth0`) interface. -Note: press `CTRL-A X` to exit qemu. +Port `1122` will be forwarded to the OpenWrt VMs port `22` (ssh), and port +`8443` will be forwarded to port `443` , allowing to access luci using a +web browser from the host under `https://localhost:8443`. + +Note: inside Qemu, press `CTRL-a` + `x` to exit. ## Building an OpenWrt snapshot release @@ -332,9 +331,9 @@ To build a [snapshot](https://downloads.openwrt.org/snapshots) release, set `LEDE_RELEASE` to `snapshots` and let `LEDE_BUILDER_URL` point to the image builder in the snapshot dir, e.g. -``` +```text LEDE_RELEASE=snapshots -LEDE_BUILDER_URL="https://downloads.openwrt.org/$LEDE_RELEASE/targets/$LEDE_TARGET/$LEDE_SUBTARGET/openwrt-imagebuilder-$LEDE_TARGET-$LEDE_SUBTARGET.Linux-x86_64.tar.xz" +LEDE_BUILDER_URL="https://downloads.openwrt.org/$LEDE_RELEASE/targets/$LEDE_TARGET/$LEDE_SUBTARGET/openwrt-imagebuilder-$LEDE_TARGET-$LEDE_SUBTARGET.Linux-x86_64.tar.xz" ``` See the [this example](example-x86_64-snapshot.conf) which builds an x86_64 diff --git a/builder.sh b/builder.sh index cda4229..ba43ea5 100755 --- a/builder.sh +++ b/builder.sh @@ -104,6 +104,7 @@ function run_cmd_in_container { -v "$(abspath "$OUTPUT_DIR")":/lede/output \ "${repositories_volume[@]}" \ ${DOCKER_OPTS[@]} \ + ${_DOCKER_OPTS:-} \ --rm "$(image_tag)" bash -c "$*" } @@ -191,10 +192,21 @@ RUNTIME...........: $runtime EOT } +# tests if given version is at least provided reference version. +# version_ge_than("23.05.1", "24") -> false +# version_ge_than("24.0.10", "24") -> true +function version_ge_than { [ "${1%%.*}" -ge "$2" ]; } + # return default LEDE_BUILDER_URL if not overriden in configuration file function builder_url { + # using .zst since OpenWrt 24, .xz before if [ -z "${LEDE_BUILDER_URL+x}" ]; then - echo "https://downloads.openwrt.org/releases/$LEDE_RELEASE/targets/$LEDE_TARGET/$LEDE_SUBTARGET/openwrt-imagebuilder-$LEDE_RELEASE-$LEDE_TARGET-$LEDE_SUBTARGET.Linux-x86_64.tar.xz" + if version_ge_than "$LEDE_RELEASE" "24"; then + local ext="zst" + else + local ext="xz" + fi + echo "https://downloads.openwrt.org/releases/$LEDE_RELEASE/targets/$LEDE_TARGET/$LEDE_SUBTARGET/openwrt-imagebuilder-$LEDE_RELEASE-$LEDE_TARGET-$LEDE_SUBTARGET.Linux-x86_64.tar.$ext" return fi echo "$LEDE_BUILDER_URL" @@ -301,13 +313,15 @@ function dispatch_command { ;; *) usage "$0" - exit 0 + # shellcheck disable=2317 + exit 0 ;; esac } if [ $# -lt 2 ]; then usage "$0" + # shellcheck disable=2317 exit 1 fi diff --git a/docker/Dockerfile b/docker/Dockerfile index fbf53e8..567805c 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,14 +1,15 @@ -FROM ubuntu:22.04 as base -LABEL maintainer "Jan Delgado " +FROM ubuntu:24.04 AS base +LABEL maintainer="Jan Delgado " +# python3-setuptools kept here to also support OpenWrt 23 RUN apt-get update\ && DEBIAN_FRONTEND=noninteractive apt-get install -y build-essential\ libncurses5-dev libncursesw5-dev zlib1g-dev gawk git gettext libssl-dev\ - xsltproc rsync wget unzip python3 python3-distutils file\ + xsltproc rsync wget unzip python3 python3-setuptools file zstd\ && rm -rf /var/lib/apt/lists/* ADD etc/entrypoint.sh /usr/local/bin/ -RUN chmod 755 /usr/local/bin/entrypoint.sh +RUN chmod 755 /usr/local/bin/entrypoint.sh FROM base @@ -17,7 +18,9 @@ FROM base ARG BUILDER_URL RUN mkdir -p /lede/imagebuilder\ - && wget -q "$BUILDER_URL" -O /tmp/imagebuilder && tar xvf /tmp/imagebuilder --strip-components=1 -C /lede/imagebuilder \ + && wget -q "$BUILDER_URL" -O /tmp/imagebuilder && \ + tar xvf /tmp/imagebuilder\ + --strip-components=1 -C /lede/imagebuilder \ && rm -f /tmp/imagebuilder WORKDIR "/lede/imagebuilder" diff --git a/etc/run_in_qemu.sh b/etc/run_in_qemu.sh index d95342e..3ffc2bc 100755 --- a/etc/run_in_qemu.sh +++ b/etc/run_in_qemu.sh @@ -6,13 +6,16 @@ SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) IMG=${1:-$SCRIPT_DIR/../output/openwrt-22.03.0-x86-64-generic-ext4-combined.img} +# configure 2 NICs: +# 1. LAN , with port forwardings of 1122 -> 22 (ssh) and 8443 -> 443 (luci) +# 2. WAN exec qemu-system-x86_64 \ -enable-kvm \ -nographic \ -device ide-hd,drive=d0,bus=ide.0 \ - -netdev user,id=hn0 \ - -device virtio-net-pci,netdev=hn0,id=wan \ - -netdev user,id=hn1,hostfwd=tcp::5555-:22001 \ - -device virtio-net-pci,netdev=hn1,id=lan \ + -device virtio-net-pci,netdev=hn0,id=lan \ + -netdev user,id=hn0,net=192.168.1.0/24,host=192.168.1.2,hostfwd=tcp::1122-192.168.1.1:22,hostfwd=tcp::8443-192.168.1.1:443\ + -device virtio-net-pci,netdev=hn1,id=wan \ + -netdev user,id=hn1\ -drive id=d0,if=none,file="$IMG" diff --git a/example-glinet-gl-ar750.conf b/example-glinet-gl-ar750.conf index 6c74b13..ac29ffb 100644 --- a/example-glinet-gl-ar750.conf +++ b/example-glinet-gl-ar750.conf @@ -1,6 +1,6 @@ # LEDE profile to use: GL.iNet GL-AR750 LEDE_PROFILE=glinet_gl-ar750 -LEDE_RELEASE=23.05.5 +LEDE_RELEASE=24.10.0 LEDE_TARGET=ath79 LEDE_SUBTARGET=generic diff --git a/example-glinet-gl-mt300n-v2.conf b/example-glinet-gl-mt300n-v2.conf index fe197d5..bc73d41 100644 --- a/example-glinet-gl-mt300n-v2.conf +++ b/example-glinet-gl-mt300n-v2.conf @@ -1,6 +1,6 @@ # profile to use: GL.iNet GL-MT300N V2 LEDE_PROFILE=glinet_gl-mt300n-v2 -LEDE_RELEASE=23.05.5 +LEDE_RELEASE=24.10.0 LEDE_TARGET=ramips LEDE_SUBTARGET=mt76x8 diff --git a/example-nexx-wt3020.conf b/example-nexx-wt3020.conf index 662da2f..3d939ef 100644 --- a/example-nexx-wt3020.conf +++ b/example-nexx-wt3020.conf @@ -1,17 +1,17 @@ # LEDE profile to use: NEXX WT3020 LEDE_PROFILE=nexx_wt3020-8m -LEDE_RELEASE=23.05.5 +LEDE_RELEASE=24.10.0 LEDE_TARGET=ramips LEDE_SUBTARGET=mt7620 # list packages to include in LEDE image. prepend packages to deinstall with "-". -# -# include all packages to build a mobile NAS supporting disk encryption: -# ksmbd (samba4 is too large now for the WT3020's 8MB), cryptsetup. -# see https://github.com/namjaejeon/ksmbd-tools for ksmbd info. -LEDE_PACKAGES="ksmbd-server lsblk block-mount\ - kmod-usb-storage-uas kmod-scsi-core ntfs-3g\ - kmod-nls-iso8859-1 cryptsetup kmod-crypto-xts\ +# +# include all packages to build a mobile "NAS" supporting disk encryption: +# vsftpd (needs to be configured afterwards), cryptsetup, usb disk drivers. +# had to drop ksmbd with 24.10.0 since image became to large. +LEDE_PACKAGES="block-mount vsftpd\ + kmod-usb-storage-uas kmod-scsi-core lsblk\ + cryptsetup kmod-crypto-xts\ kmod-mt76 kmod-usb2 kmod-usb-ohci kmod-usb-core kmod-dm kmod-crypto-ecb\ kmod-crypto-misc kmod-crypto-cbc kmod-crypto-crc32c kmod-crypto-hash\ kmod-crypto-user\ diff --git a/example-rpi2.conf b/example-rpi2.conf index 4a6bf50..0031d75 100644 --- a/example-rpi2.conf +++ b/example-rpi2.conf @@ -1,5 +1,5 @@ LEDE_PROFILE=rpi-2 -LEDE_RELEASE=23.05.5 +LEDE_RELEASE=24.10.0 LEDE_TARGET=bcm27xx LEDE_SUBTARGET=bcm2709 @@ -7,7 +7,7 @@ LEDE_SUBTARGET=bcm2709 LEDE_PACKAGES="base-files busybox dropbear mtd uci opkg netifd fstools uclient-fetch \ logd kmod-usb-hid kmod-sound-core kmod-sound-arm-bcm2835 \ kmod-fs-vfat kmod-nls-cp437 kmod-nls-iso8859-1 dnsmasq \ - -ppp -ppp-mod-pppoe luci-ssl-nginx" + -ppp -ppp-mod-pppoe luci nginx-mod-luci nginx-ssl acme luci-app-acme" # optionally override OUTPUT_DIR and ROOTFS_OVERLAY directory location here diff --git a/example-rpi4.conf b/example-rpi4.conf index c6ffa34..e60d77c 100644 --- a/example-rpi4.conf +++ b/example-rpi4.conf @@ -1,11 +1,11 @@ # Demo for Raspberry 4. LEDE_PROFILE=rpi-4 -LEDE_RELEASE=23.05.5 +LEDE_RELEASE=24.10.0 LEDE_TARGET=bcm27xx LEDE_SUBTARGET=bcm2711 # list packages to include in LEDE image. prepend packages to deinstall with "-". LEDE_PACKAGES="dropbear mtd uci opkg netifd fstools uclient-fetch kmod-usb-hid \ kmod-sound-core kmod-fs-vfat kmod-nls-cp437 kmod-nls-iso8859-1 \ - dnsmasq -ppp -ppp-mod-pppoe luci-ssl-nginx luci-app-adblock adblock" + dnsmasq -ppp -ppp-mod-pppoe luci nginx-ssl nginx-mod-luci luci-app-adblock adblock acme luci-app-acme" diff --git a/example-wrt1043nd.conf b/example-wrt1043nd.conf index b1b1ae8..a53c886 100644 --- a/example-wrt1043nd.conf +++ b/example-wrt1043nd.conf @@ -1,7 +1,7 @@ # OpenWRT profile to use: tp link WR1043ND LEDE_PROFILE=tplink_tl-wr1043nd-v2 LEDE_TARGET=ath79 -LEDE_RELEASE=23.05.5 +LEDE_RELEASE=24.10.0 LEDE_SUBTARGET=generic # list packages to include in the image. prepend packages to deinstall with "-". diff --git a/example-x86_64-snapshot.conf b/example-x86_64-snapshot.conf index 7bfa165..e1deea0 100644 --- a/example-x86_64-snapshot.conf +++ b/example-x86_64-snapshot.conf @@ -8,7 +8,7 @@ LEDE_SUBTARGET=64 # list packages to include in LEDE image. prepend packages to deinstall with "-". LEDE_PACKAGES="base-files busybox dropbear mtd uci opkg netifd \ -fstools uclient-fetch logd kmod-usb-hid dnsmasq luci-ssl-nginx " +fstools uclient-fetch logd kmod-usb-hid dnsmasq luci-nginx " LEDE_BUILDER_URL="https://downloads.openwrt.org/$LEDE_RELEASE/targets/$LEDE_TARGET/$LEDE_SUBTARGET/openwrt-imagebuilder-$LEDE_TARGET-$LEDE_SUBTARGET.Linux-x86_64.tar.xz" diff --git a/example-x86_64.conf b/example-x86_64.conf index fa5aee6..5c33445 100644 --- a/example-x86_64.conf +++ b/example-x86_64.conf @@ -2,12 +2,13 @@ # See README.md for info on running this image with QEMU. # LEDE_PROFILE=generic -LEDE_RELEASE=23.05.5 +LEDE_RELEASE=24.10.0 LEDE_TARGET=x86 LEDE_SUBTARGET=64 # list packages to include in LEDE image. prepend packages to deinstall with "-". -LEDE_PACKAGES="dropbear mtd opkg netifd fstools uclient-fetch kmod-usb-hid dnsmasq luci-ssl-nginx" +LEDE_PACKAGES="dropbear mtd opkg netifd fstools uclient-fetch kmod-usb-hid \ + tcpdump curl netcat dnsmasq nginx-ssl nginx-mod-luci luci" # optionally override OUTPUT_DIR and ROOTFS_OVERLAY directory location here