Initial commit
This commit is contained in:
commit
ba5e6216ed
|
|
@ -0,0 +1,25 @@
|
|||
FROM busybox
|
||||
MAINTAINER Julian Ospald <hasufell@posteo.de>
|
||||
|
||||
# copy hooks
|
||||
COPY ./config/paludis /etc/paludis-new
|
||||
|
||||
# This one should be present by running the build.sh script
|
||||
COPY bootstrap.sh /
|
||||
|
||||
# one step, to make the layer as thin as possible
|
||||
# bootstrap.h calls build.sh
|
||||
RUN /bootstrap.sh amd64 x86_64
|
||||
|
||||
COPY build.sh /
|
||||
|
||||
RUN /build.sh
|
||||
|
||||
# update etc files... hope this doesn't screw up
|
||||
RUN eclectic config accept-all
|
||||
|
||||
# don't allow regular sync, because we want to make sure
|
||||
# all images deriving from this one have the same state
|
||||
RUN sed -i -e 's|^sync|#sync|' /etc/paludis/repositories/*.conf
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,59 @@
|
|||
## Usage
|
||||
|
||||
This image is optimized for size, as such, stuff in the following
|
||||
directories is removed:
|
||||
```
|
||||
/srv/binhost/
|
||||
/usr/include/
|
||||
/usr/lib64/debug/
|
||||
/usr/portage/
|
||||
/usr/share/applications/
|
||||
/usr/share/doc/
|
||||
/usr/share/gtk-doc/
|
||||
/usr/share/info/
|
||||
/usr/share/man/
|
||||
/usr/share/mime/
|
||||
/var/cache/paludis/metadata/
|
||||
/var/cache/paludis/names/
|
||||
/var/tmp/paludis/
|
||||
```
|
||||
|
||||
When installing something, the hook in `ebuild_preinst_pre/cleanup_files.bash`
|
||||
will remove files from the following directories from the package before
|
||||
it is merged:
|
||||
```
|
||||
/usr/include/
|
||||
/usr/lib64/debug/
|
||||
/usr/share/applications/
|
||||
/usr/share/doc/
|
||||
/usr/share/gtk-doc/
|
||||
/usr/share/info/
|
||||
/usr/share/man/
|
||||
/usr/share/mime/
|
||||
```
|
||||
|
||||
When creating a derived image, you have to do the following before
|
||||
you can attempt package installation, since the checked out files
|
||||
of the main gentoo repositories are removed, while the git repository
|
||||
data is still intact:
|
||||
```sh
|
||||
git -C /usr/portage checkout -- .
|
||||
cave sync gentoo
|
||||
```
|
||||
|
||||
A complete Dockerfile command to install something could look like this:
|
||||
```
|
||||
RUN chgrp paludisbuild /dev/tty && \
|
||||
git -C /usr/portage checkout -- . && \
|
||||
env-update && \
|
||||
source /etc/profile && \
|
||||
cave sync && \
|
||||
cave resolve <the-package-I-want> -x && \
|
||||
rm -rf /var/cache/paludis/names/* /var/cache/paludis/metadata/* \
|
||||
/var/tmp/paludis/* /usr/portage/* /srv/binhost/*
|
||||
```
|
||||
|
||||
A few things to note are also:
|
||||
* non-binary packages are not allowed, since /usr/include/ files are removed and compilation would probably fail hard (a complete rebuild via `cave resolve -e world -x` would be necessary after removing the `ebuild_preinst_pre/cleanup_files.bash` hook)
|
||||
* the same goes for Dockerfiles that do local compilations, they will have to run `cave resolve -e world -x` in order to restore all development files
|
||||
* a regular sync does not update the actual repositories, so we have a defined state (files in `/etc/paludis/repositories/*.conf` can be modified to allow that though)
|
||||
|
|
@ -0,0 +1,55 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
# First param is package tarball, 2nd is the *.DIGEST file
|
||||
VerifyShaOfStage3()
|
||||
{
|
||||
test_sum=$(awk -v myvar="$1" '$2==myvar {for(i=1; i<=1; i++) { print $1; exit}}' $2)
|
||||
calculated_sum=$(sha1sum $1 | awk '{print $1}' -)
|
||||
if [[ "$test_sum" == "$calculated_sum" ]]; then
|
||||
return 0
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
suffix=$3 # e.g. -hardened
|
||||
arch=$1
|
||||
dist="http://dev.exherbo.org/stages/"
|
||||
stage3="exherbo-amd64-current.tar.xz"
|
||||
|
||||
# Create working directory, keep a copy of busybox handy
|
||||
mkdir newWorldOrder; cd newWorldOrder
|
||||
cp /bin/busybox .
|
||||
|
||||
echo "Downloading and extracting ${stage3}..."
|
||||
wget -c "${dist}/${stage3}" "${dist}/sha1sum"
|
||||
if VerifyShaOfStage3 $stage3 "sha1sum"; then
|
||||
echo "DIGEST sum is okey";
|
||||
else
|
||||
echo "DIGEST sum is NOT okey";
|
||||
return 1;
|
||||
fi
|
||||
xz -d ${stage3}
|
||||
tar --exclude "./etc/hosts" --exclude "./etc/hostname" --exclude "./sys/*" -xf ${stage3%.*}
|
||||
/newWorldOrder/busybox rm -f ${stage3%.*}
|
||||
|
||||
echo "Installing stage 3"
|
||||
/newWorldOrder/busybox rm -rf /lib* /usr /var /bin /sbin /opt /mnt /media /root /home /run /tmp
|
||||
/newWorldOrder/busybox cp -fRap lib* /
|
||||
/newWorldOrder/busybox cp -fRap bin boot home media mnt opt root run sbin tmp usr var /
|
||||
/newWorldOrder/busybox cp -fRap etc/* /etc/
|
||||
/newWorldOrder/busybox cp -fRap /etc/paludis-new/* /etc/paludis/
|
||||
/newWorldOrder/busybox rm -rf /etc/paludis-new
|
||||
|
||||
# Cleaning
|
||||
cd /
|
||||
/newWorldOrder/busybox rm -rf /newWorldOrder /bootstrap.sh /linuxrc
|
||||
|
||||
# Say hello
|
||||
echo "Bootstrapped ${stage3} into /:"
|
||||
ls --color -lah
|
||||
|
||||
# exec /bin/bash -c /build.sh
|
||||
|
||||
|
|
@ -0,0 +1,37 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
source /etc/profile
|
||||
eclectic env update
|
||||
|
||||
# set timezone
|
||||
ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime
|
||||
|
||||
# set locale
|
||||
export LANG=en_US.utf8
|
||||
export LANGUAGE=en_US:en
|
||||
export LC_ALL=en_US.utf8
|
||||
cat << EOF > /etc/locale.gen
|
||||
en_US ISO-8859-1
|
||||
en_US.UTF-8 UTF-8
|
||||
EOF
|
||||
localedef -i en_US -f ISO-8859-1 en_US
|
||||
localedef -i en_US -f UTF-8 en_US.utf8
|
||||
echo LANG="en_US.UTF-8" > /etc/env.d/99locale
|
||||
|
||||
# update
|
||||
sed -i -e 's#^SCM_REPOSITORY=.*$#SCM_REPOSITORY="https://galileo.mailstation.de/gerrit/paludis"#' \
|
||||
/var/db/paludis/repositories/arbor/packages/sys-apps/paludis/paludis-scm.exheres-0
|
||||
chgrp paludisbuild /dev/tty
|
||||
cave sync
|
||||
cave resolve -z -1 dev-libs/libressl sys-apps/paludis -U dev-libs/openssl -D dev-libs/openssl -f -x
|
||||
cave resolve -z \!dev-libs/openssl -u '*/*' -x
|
||||
cave resolve -z -1 dev-libs/libressl -x
|
||||
cave resolve -z -1 net-misc/wget net-misc/curl -x
|
||||
cave fix-linkage -x -- --without sys-apps/paludis
|
||||
cave resolve -z \!sys-apps/systemd -u '*/*' -x
|
||||
cave resolve -c world -x
|
||||
cave purge -x
|
||||
cave fix-linkage -x
|
||||
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
CHOST="x86_64-pc-linux-gnu"
|
||||
x86_64_pc_linux_gnu_CFLAGS="-march=native -pipe -O2"
|
||||
x86_64_pc_linux_gnu_CXXFLAGS="-march=native -pipe -O2"
|
||||
x86_64_pc_linux_gnu_LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu"
|
||||
i686_pc_linux_gnu_CFLAGS="-march=native -pipe -O2"
|
||||
i686_pc_linux_gnu_CXXFLAGS="-march=native -pipe -O2"
|
||||
i686_pc_linux_gnu_LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu"
|
||||
|
||||
[[ -e /etc/paludis/hooks/setup_pkg_env.bash ]] && . /etc/paludis/hooks/setup_pkg_env.bash
|
||||
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
add-options CFLAGS -O3
|
||||
add-options x86_64_pc_linux_gnu_CFLAGS -O3
|
||||
add-options i686_pc_linux_gnu_CFLAGS -O3
|
||||
add-options CXXFLAGS -O3
|
||||
add-options x86_64_pc_linux_gnu_CXXFLAGS -O3
|
||||
add-options i686_pc_linux_gnu_CXXFLAGS -O3
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
CC='clang'
|
||||
CXX='clang++'
|
||||
CFLAGS="${CFLAGS} -O3 -flto"
|
||||
x86_64_pc_linux_gnu_CFLAGS="${x86_64_pc_linux_gnu_CFLAGS} -O3 -flto"
|
||||
i686_pc_linux_gnu_CFLAGS="${i686_pc_linux_gnu_CFLAGS} -O3 -flto"
|
||||
CXXFLAGS="${CXXFLAGS} -O3 -flto"
|
||||
x86_64_pc_linux_gnu_CXXFLAGS="${x86_64_pc_linux_gnu_CXXFLAGS} -O3 -flto"
|
||||
i686_pc_linux_gnu_CXXFLAGS="${i686_pc_linux_gnu_CXXFLAGS} -O3 -flto"
|
||||
LDFLAGS="${LDFLAGS} -O3 -flto -Wl,-plugin,/usr/lib64/LLVMgold.so"
|
||||
x86_64_pc_linux_gnu_LDFLAGS="${x86_64_pc_linux_gnu_LDFLAGS} -O3 -flto -Wl,-plugin,/usr/lib64/LLVMgold.so"
|
||||
i686_pc_linux_gnu_LDFLAGS="${i686_pc_linux_gnu_LDFLAGS} -O3 -flto -Wl,-plugin,/usr/lib64/LLVMgold.so"
|
||||
AR='/usr/local/bin/clang-ar'
|
||||
RANLIB=':'
|
||||
NM='nm --plugin /usr/lib64/LLVMgold.so'
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
add-options CFLAGS -Wall -g
|
||||
add-options x86_64_pc_linux_gnu_CFLAGS -Wall -g
|
||||
add-options i686_pc_linux_gnu_CFLAGS -Wall -g
|
||||
add-options CXXFLAGS -Wall -g
|
||||
add-options x86_64_pc_linux_gnu_CXXFLAGS -Wall -g
|
||||
add-options i686_pc_linux_gnu_CXXFLAGS -Wall -g
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
add-options CFLAGS -fpermissive
|
||||
add-options x86_64_pc_linux_gnu_CFLAGS -fpermissive
|
||||
add-options i686_pc_linux_gnu_CFLAGS -fpermissive
|
||||
add-options CXXFLAGS -fpermissive
|
||||
add-options x86_64_pc_linux_gnu_CXXFLAGS -fpermissive
|
||||
add-options i686_pc_linux_gnu_CXXFLAGS -fpermissive
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
add-options CFLAGS -Wall -g -O0
|
||||
add-options x86_64_pc_linux_gnu_CFLAGS -Wall -g -O0
|
||||
add-options i686_pc_linux_gnu_CFLAGS -Wall -g -O0
|
||||
add-options CXXFLAGS -Wall -g -O0
|
||||
add-options x86_64_pc_linux_gnu_CXXFLAGS -Wall -g -O0
|
||||
add-options i686_pc_linux_gnu_CXXFLAGS -Wall -g -O0
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
CC=x86_64-pc-linux-gnu-gcc
|
||||
CXX=x86_64-pc-linux-gnu-g++
|
||||
|
||||
remove-options CFLAGS -Qunused-arguments -fcolor-diagnostics
|
||||
remove-options x86_64_pc_linux_gnu_CFLAGS -Qunused-arguments -fcolor-diagnostics
|
||||
remove-options i686_pc_linux_gnu_CFLAGS -Qunused-arguments -fcolor-diagnostics
|
||||
remove-options CXXFLAGS -Qunused-arguments -fcolor-diagnostics
|
||||
remove-options x86_64_pc_linux_gnu_CXXFLAGS -Qunused-arguments -fcolor-diagnostics
|
||||
remove-options i686_pc_linux_gnu_CXXFLAGS -Qunused-arguments -fcolor-diagnostics
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
remove-options CFLAGS -O3
|
||||
remove-options x86_64_pc_linux_gnu_CFLAGS -O3
|
||||
remove-options i686_pc_linux_gnu_CFLAGS -O3
|
||||
remove-options CXXFLAGS -O3
|
||||
remove-options x86_64_pc_linux_gnu_CXXFLAGS -O3
|
||||
remove-options i686_pc_linux_gnu_CXXFLAGS -O3
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
remove-options LDFLAGS -Wl,--as-needed
|
||||
remove-options x86_64_pc_linux_gnu_LDFLAGS -Wl,--as-needed
|
||||
remove-options i686_pc_linux_gnu_LDFLAGS -Wl,--as-needed
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
add-options CFLAGS -g0
|
||||
add-options x86_64_pc_linux_gnu_CFLAGS -g0
|
||||
add-options i686_pc_linux_gnu_CFLAGS -g0
|
||||
add-options CXXFLAGS -g0
|
||||
add-options x86_64_pc_linux_gnu_CXXFLAGS -g0
|
||||
add-options i686_pc_linux_gnu_CXXFLAGS -g0
|
||||
|
|
@ -0,0 +1 @@
|
|||
CMAKE_MAKEFILE_GENERATOR="emake"
|
||||
|
|
@ -0,0 +1 @@
|
|||
MAKEOPTS="-j1"
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
# system, general, other
|
||||
*/* -X -cups -gtk -gnutls -acpi -bash-completion
|
||||
|
||||
# linguas
|
||||
*/* LINGUAS: en
|
||||
|
||||
# build options
|
||||
*/* build_options: symbols=strip work=remove jobs=8 -optional_tests -recommended_tests -expensive_tests
|
||||
|
||||
# targets
|
||||
*/* targets: -* x86_64-pc-linux-gnu
|
||||
|
||||
# SSL
|
||||
*/* providers: -gnutls -openssl libressl
|
||||
dev-libs/glib-networking providers: gnutls
|
||||
|
||||
# jpeg
|
||||
*/* providers: -ijg-jpeg jpeg-turbo
|
||||
|
||||
# no systemd
|
||||
*/* providers: -systemd eudev rsyslog
|
||||
*/* -systemd
|
||||
*/* providers: -runit -sinit sysvinit
|
||||
|
||||
# paludis
|
||||
sys-apps/paludis pbin search-index
|
||||
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
# always_keep_output_logs may be set to 'true' to always keep output logs, even
|
||||
# if a build succeeds.
|
||||
always_keep_output_logs = false
|
||||
|
||||
Loading…
Reference in New Issue