diff --git a/.github/workflows/amd64-fatpack-image.yml b/.github/workflows/amd64-fatpack-image.yml index ccd07e249..83631f838 100644 --- a/.github/workflows/amd64-fatpack-image.yml +++ b/.github/workflows/amd64-fatpack-image.yml @@ -7,7 +7,7 @@ concurrency: on: workflow_dispatch: #push: - # branches: [ "dev", "v1.8", "v1.9" ] + # branches: ["dev", "v1.10"] # paths: # - 'build_sdcard.sh' # - 'home.admin/bitcoin.install.sh' @@ -28,7 +28,7 @@ on: # - 'home.admin/blitz.display.sh' # - 'ci/amd64/**' #pull_request: - # branches: [ "dev", "v1.8", "v1.9" ] + # branches: ["dev", "v1.10"] # paths: # - 'build_sdcard.sh' # - 'home.admin/bitcoin.install.sh' @@ -56,6 +56,7 @@ jobs: - uses: actions/checkout@v3 - name: Set values + id: set_values run: | echo "BUILD_DATE=$(date +"%Y-%m-%d")" >> $GITHUB_ENV echo "BUILD_VERSION=$(git describe --always --tags)" >> $GITHUB_ENV @@ -64,15 +65,20 @@ jobs: else echo "BRANCH_NAME=${GITHUB_HEAD_REF}" >> $GITHUB_ENV fi + if [[ "${{github.event_name}}" == "pull_request" ]]; then + echo "::set-output name=github_user::${{github.event.pull_request.head.repo.owner.login}}" + else + echo "::set-output name=github_user::$(echo ${{github.repository}} | cut -d'/' -f1)" + fi - - name: Hello RaspiBlitz + - name: Display the build name run: echo "Building the raspiblitz-amd64-debian-image-${{env.BUILD_DATE}}-${{env.BUILD_VERSION}}" - name: Run the build script run: | - echo "Using the variables: --pack fatpack --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot uefi--desktop gnome" + echo "Using the variables: --pack fatpack --github_user ${{steps.set_values.outputs.github_user}} --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot uefi --desktop none" cd ci/amd64 - bash packer.build.amd64-debian.sh --pack fatpack --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot uefi--desktop gnome + bash packer.build.amd64-debian.sh --pack fatpack --github_user ${{steps.set_values.outputs.github_user}} --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot uefi --desktop none - name: Compute checksum of the raw image run: | diff --git a/.github/workflows/amd64-lean-image.yml b/.github/workflows/amd64-lean-image.yml index 8e1c8fdae..e384f6a08 100644 --- a/.github/workflows/amd64-lean-image.yml +++ b/.github/workflows/amd64-lean-image.yml @@ -7,7 +7,7 @@ concurrency: on: workflow_dispatch: push: - branches: ["dev", "v1.8", "v1.9"] + branches: ["dev", "v1.10"] paths: - "build_sdcard.sh" - "home.admin/bitcoin.install.sh" @@ -17,7 +17,7 @@ on: - "home.admin/blitz.display.sh" - "ci/amd64/**" pull_request: - branches: ["dev", "v1.8", "v1.9"] + branches: ["dev", "v1.10"] paths: - "build_sdcard.sh" - "home.admin/bitcoin.install.sh" @@ -34,6 +34,7 @@ jobs: - uses: actions/checkout@v3 - name: Set values + id: set_values run: | echo "BUILD_DATE=$(date +"%Y-%m-%d")" >> $GITHUB_ENV echo "BUILD_VERSION=$(git describe --always --tags)" >> $GITHUB_ENV @@ -42,14 +43,20 @@ jobs: else echo "BRANCH_NAME=${GITHUB_HEAD_REF}" >> $GITHUB_ENV fi - - name: Hello RaspiBlitz + if [[ "${{github.event_name}}" == "pull_request" ]]; then + echo "::set-output name=github_user::${{github.event.pull_request.head.repo.owner.login}}" + else + echo "::set-output name=github_user::$(echo ${{github.repository}} | cut -d'/' -f1)" + fi + + - name: Display the build name run: echo "Building the raspiblitz-amd64-debian-image-${{env.BUILD_DATE}}-${{env.BUILD_VERSION}}" - name: Run the build script run: | - echo "Using the variables: --pack lean --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot uefi --desktop gnome" + echo "Using the variables: --pack lean --github_user ${{steps.set_values.outputs.github_user}} --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot uefi --desktop gnome" cd ci/amd64 - bash packer.build.amd64-debian.sh --pack lean --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot uefi --desktop gnome + bash packer.build.amd64-debian.sh --pack lean --github_user ${{steps.set_values.outputs.github_user}} --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot uefi --desktop gnome - name: Compute checksum of the raw image run: | diff --git a/.github/workflows/amd64-lean-legacyboot-image.yml b/.github/workflows/amd64-lean-legacyboot-image.yml index ea14120a1..4a361fa79 100644 --- a/.github/workflows/amd64-lean-legacyboot-image.yml +++ b/.github/workflows/amd64-lean-legacyboot-image.yml @@ -7,7 +7,7 @@ concurrency: on: workflow_dispatch: push: - branches: ["dev", "v1.8", "v1.9"] + branches: ["dev", "v1.10"] paths: - "build_sdcard.sh" - "home.admin/bitcoin.install.sh" @@ -17,7 +17,7 @@ on: - "home.admin/blitz.display.sh" - "ci/amd64/**" pull_request: - branches: ["dev", "v1.8", "v1.9"] + branches: ["dev", "v1.10"] paths: - "build_sdcard.sh" - "home.admin/bitcoin.install.sh" @@ -34,6 +34,7 @@ jobs: - uses: actions/checkout@v3 - name: Set values + id: set_values run: | echo "BUILD_DATE=$(date +"%Y-%m-%d")" >> $GITHUB_ENV echo "BUILD_VERSION=$(git describe --always --tags)" >> $GITHUB_ENV @@ -42,15 +43,20 @@ jobs: else echo "BRANCH_NAME=${GITHUB_HEAD_REF}" >> $GITHUB_ENV fi + if [[ "${{github.event_name}}" == "pull_request" ]]; then + echo "::set-output name=github_user::${{github.event.pull_request.head.repo.owner.login}}" + else + echo "::set-output name=github_user::$(echo ${{github.repository}} | cut -d'/' -f1)" + fi - - name: Hello RaspiBlitz + - name: Display the build name run: echo "Building the raspiblitz-amd64-debian-image-${{env.BUILD_DATE}}-${{env.BUILD_VERSION}}" - name: Run the build script run: | - echo "Using the variables: --pack lean --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot bios --desktop none" + echo "Using the variables: --pack lean --github_user ${{steps.set_values.outputs.github_user}} --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot bios --desktop none" cd ci/amd64 - bash packer.build.amd64-debian.sh --pack lean --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot bios --desktop none + bash packer.build.amd64-debian.sh --pack lean --github_user ${{steps.set_values.outputs.github_user}} --branch ${{env.BRANCH_NAME}} --preseed_file preseed.cfg --boot bios --desktop none - name: Compute checksum of the raw image run: | diff --git a/.github/workflows/arm64-rpi-debian12-lean-image.yml b/.github/workflows/arm64-rpi-debian12-lean-image.yml deleted file mode 100644 index ec4c7408d..000000000 --- a/.github/workflows/arm64-rpi-debian12-lean-image.yml +++ /dev/null @@ -1,77 +0,0 @@ -name: arm64-rpi-debian12-lean-image-build - -concurrency: - group: arm64-rpi-debian12-lean-image-build-${{ github.head_ref }} - cancel-in-progress: true - -on: - workflow_dispatch: - push: - branches: ["dev"] - paths: - - "build_sdcard.sh" - - "home.admin/bitcoin.install.sh" - - "home.admin/tor.install.sh" - - "home.admin/blitz.i2pd.sh" - - "home.admin/blitz.web.sh" - - "home.admin/blitz.display.sh" - - "ci/arm64-rpi/**" - pull_request: - branches: ["dev"] - paths: - - "build_sdcard.sh" - - "home.admin/bitcoin.install.sh" - - "home.admin/tor.install.sh" - - "home.admin/blitz.i2pd.sh" - - "home.admin/blitz.web.sh" - - "home.admin/blitz.display.sh" - - "ci/arm64-rpi/**" - -jobs: - arm64-rpi-image-build: - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v3 - - - name: Set values - run: | - echo "BUILD_DATE=$(date +"%Y-%m-%d")" >> $GITHUB_ENV - echo "BUILD_VERSION=$(git describe --always --tags)" >> $GITHUB_ENV - if [ -z "$GITHUB_HEAD_REF" ]; then - echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV - else - echo "BRANCH_NAME=${GITHUB_HEAD_REF}" >> $GITHUB_ENV - fi - - - name: Hello Raspiblitz - run: echo "Building the raspiblitz-arm64-rpi-lean-image-${{ env.BUILD_DATE }}-${{ env.BUILD_VERSION }}" - - - name: Run the build script - run: | - echo "Using the variables: --pack lean --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}} --image_link https://raspi.debian.net/tested/20230612_raspi_4_bookworm.img.xz --image_checksum a68cd2bfe7831c438d8a5d832803ae0db17afec9f3cd370d9e8748c7b5456283" - cd ci/arm64-rpi - bash packer.build.arm64-rpi.sh --pack lean --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}} --image_link https://raspi.debian.net/tested/20230612_raspi_4_bookworm.img.xz --image_checksum a68cd2bfe7831c438d8a5d832803ae0db17afec9f3cd370d9e8748c7b5456283 - - - name: Compute checksum of the raw image - run: | - cd ci/arm64-rpi - sha256sum raspiblitz-arm64-rpi-lean.img > raspiblitz-arm64-rpi-lean.img.sha256 - - - name: Compress image - run: | - cd ci/arm64-rpi - gzip -v9 raspiblitz-arm64-rpi-lean.img - - - name: Compute checksum of the compressed image - run: | - cd ci/arm64-rpi - sha256sum raspiblitz-arm64-rpi-lean.img.gz > raspiblitz-arm64-rpi-lean.img.gz.sha256 - - - name: Upload the image and checksums - uses: actions/upload-artifact@v3 - with: - name: raspiblitz-arm64-rpi--debian12-image-${{ env.BUILD_DATE }}-${{ env.BUILD_VERSION }} - path: | - ${{ github.workspace }}/ci/arm64-rpi/raspiblitz-arm64-rpi-lean.img.sha256 - ${{ github.workspace }}/ci/arm64-rpi/raspiblitz-arm64-rpi-lean.img.gz - ${{ github.workspace }}/ci/arm64-rpi/raspiblitz-arm64-rpi-lean.img.gz.sha256 diff --git a/.github/workflows/arm64-rpi-fatpack-image.yml b/.github/workflows/arm64-rpi-fatpack-image.yml index a084cbe99..b44a7ad90 100644 --- a/.github/workflows/arm64-rpi-fatpack-image.yml +++ b/.github/workflows/arm64-rpi-fatpack-image.yml @@ -7,7 +7,7 @@ concurrency: on: workflow_dispatch: #push: - # branches: [ "dev", "v1.8", "v1.9" ] + # branches: [ "dev", "v1.10" ] # paths: # - 'build_sdcard.sh' # - 'home.admin/bitcoin.install.sh' @@ -28,7 +28,7 @@ on: # - 'home.admin/blitz.display.sh' # - 'ci/arm64-rpi/**' #pull_request: - # branches: [ "dev", "v1.8", "v1.9" ] + # branches: [ "dev", "v1.10" ] # paths: # - 'build_sdcard.sh' # - 'home.admin/bitcoin.install.sh' @@ -47,7 +47,7 @@ on: # - 'home.admin/blitz.web.api.sh' # - 'home.admin/blitz.web.ui.sh' # - 'home.admin/blitz.display.sh' - # - 'ci/arm64-rpi/**' + # - 'ci/amd64/**' jobs: arm64-rpi-image-build: @@ -56,6 +56,7 @@ jobs: - uses: actions/checkout@v3 - name: Set values + id: set_values run: | echo "BUILD_DATE=$(date +"%Y-%m-%d")" >> $GITHUB_ENV echo "BUILD_VERSION=$(git describe --always --tags)" >> $GITHUB_ENV @@ -64,15 +65,20 @@ jobs: else echo "BRANCH_NAME=${GITHUB_HEAD_REF}" >> $GITHUB_ENV fi + if [[ "${{github.event_name}}" == "pull_request" ]]; then + echo "::set-output name=github_user::${{github.event.pull_request.head.repo.owner.login}}" + else + echo "::set-output name=github_user::$(echo ${{github.repository}} | cut -d'/' -f1)" + fi - - name: Hello Raspiblitz - run: echo "Building the raspiblitz-arm64-rpi-fatpack-image-${{ env.BUILD_DATE }}-${{ env.BUILD_VERSION }}" + - name: Display the build name + run: echo "Building the raspiblitz-arm64-rpi-fatpack-image-${{env.BUILD_DATE}}-${{env.BUILD_VERSION}}" - name: Run the build script run: | - echo "Using the variables: --pack fatpack --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}}" + echo "Using the variables: --pack fatpack --github_user ${{steps.set_values.outputs.github_user}} --branch ${{env.BRANCH_NAME}}" cd ci/arm64-rpi - bash packer.build.arm64-rpi.sh --pack fatpack --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}} + bash packer.build.arm64-rpi.sh --pack fatpack --github_user ${{steps.set_values.outputs.github_user}} --branch ${{env.BRANCH_NAME}} - name: Compute checksum of the raw image run: | diff --git a/.github/workflows/arm64-rpi-lean-image.yml b/.github/workflows/arm64-rpi-lean-image.yml index 044843c07..212147f65 100644 --- a/.github/workflows/arm64-rpi-lean-image.yml +++ b/.github/workflows/arm64-rpi-lean-image.yml @@ -7,7 +7,7 @@ concurrency: on: workflow_dispatch: push: - branches: ["dev", "v1.8", "v1.9"] + branches: ["dev", "v1.10"] paths: - "build_sdcard.sh" - "home.admin/bitcoin.install.sh" @@ -17,7 +17,7 @@ on: - "home.admin/blitz.display.sh" - "ci/arm64-rpi/**" pull_request: - branches: ["dev", "v1.8", "v1.9"] + branches: ["dev", "v1.10"] paths: - "build_sdcard.sh" - "home.admin/bitcoin.install.sh" @@ -34,6 +34,7 @@ jobs: - uses: actions/checkout@v3 - name: Set values + id: set_values run: | echo "BUILD_DATE=$(date +"%Y-%m-%d")" >> $GITHUB_ENV echo "BUILD_VERSION=$(git describe --always --tags)" >> $GITHUB_ENV @@ -42,15 +43,20 @@ jobs: else echo "BRANCH_NAME=${GITHUB_HEAD_REF}" >> $GITHUB_ENV fi + if [[ "${{github.event_name}}" == "pull_request" ]]; then + echo "::set-output name=github_user::${{github.event.pull_request.head.repo.owner.login}}" + else + echo "::set-output name=github_user::$(echo ${{github.repository}} | cut -d'/' -f1)" + fi - - name: Hello Raspiblitz + - name: Display the build name run: echo "Building the raspiblitz-arm64-rpi-lean-image-${{ env.BUILD_DATE }}-${{ env.BUILD_VERSION }}" - name: Run the build script run: | - echo "Using the variables: --pack lean --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}}" + echo "Using the variables: --pack lean --github_user ${{steps.set_values.outputs.github_user}} --branch ${{env.BRANCH_NAME}}" cd ci/arm64-rpi - bash packer.build.arm64-rpi.sh --pack lean --github_user $GITHUB_ACTOR --branch ${{env.BRANCH_NAME}} + bash packer.build.arm64-rpi.sh --pack lean --github_user ${{steps.set_values.outputs.github_user}} --branch ${{env.BRANCH_NAME}} - name: Compute checksum of the raw image run: | diff --git a/build_sdcard.sh b/build_sdcard.sh index 53ddae654..61ca168c1 100644 --- a/build_sdcard.sh +++ b/build_sdcard.sh @@ -237,10 +237,14 @@ done # AUTO-DETECTION: CPU-ARCHITECTURE # --------------------------------------- cpu="$(uname -m)" && echo "cpu=${cpu}" -architecture="$(dpkg --print-architecture 2>/dev/null)" && echo "architecture=${architecture}" case "${cpu}" in - arm*|aarch64|x86_64|amd64);; - *) echo -e "# FAIL #\nCan only build on ARM, aarch64, x86_64 not on: cpu=${cpu}"; exit 1;; + aarch64|x86_64);; + *) echo -e "# FAIL #\nCan only build on aarch64 or x86_64 not on: cpu=${cpu}"; exit 1;; +esac +architecture="$(dpkg --print-architecture 2>/dev/null)" && echo "architecture=${architecture}" +case "${architecture}" in + arm*|amd64);; + *) echo -e "# FAIL #\nCan only build on arm* or amd64 not on: architecture=${cpu}"; exit 1;; esac # AUTO-DETECTION: OPERATINGSYSTEM @@ -293,7 +297,7 @@ HandleLidSwitchDocked=ignore" | tee /etc/systemd/logind.conf.d/nosuspend.conf # https://github.com/rootzoll/raspiblitz/issues/138 # https://daker.me/2014/10/how-to-fix-perl-warning-setting-locale-failed-in-raspbian.html # https://stackoverflow.com/questions/38188762/generate-all-locales-in-a-docker-image -if [ "${baseimage}" = "raspios_arm64" ] || [ "${baseimage}" = "debian" ]; then +if [ "${cpu}" = "aarch64" ] && { [ "${baseimage}" = "raspios_arm64" ] || [ "${baseimage}" = "debian" ]; }; then echo -e "\n*** FIXING LOCALES FOR BUILD ***" sed -i "s/^# en_US.UTF-8 UTF-8.*/en_US.UTF-8 UTF-8/g" /etc/locale.gen sed -i "s/^# en_US ISO-8859-1.*/en_US ISO-8859-1/g" /etc/locale.gen @@ -378,10 +382,13 @@ else exit 1 fi -# remove any debian python protection from pip installing modules -if [ -f rm /usr/lib/python3.*/EXTERNALLY-MANAGED ]; then - rm /usr/lib/python3.*/EXTERNALLY-MANAGED -fi +# don't protect system packages from pip install +# tracking issue: https://github.com/raspiblitz/raspiblitz/issues/4170 +for PYTHONDIR in /usr/lib/python3.*; do + if [ -f "$PYTHONDIR/EXTERNALLY-MANAGED" ]; then + rm "$PYTHONDIR/EXTERNALLY-MANAGED" + fi +done # make sure /usr/bin/pip exists (and calls pip3 in Debian Buster) update-alternatives --install /usr/bin/pip pip /usr/bin/pip3 1 @@ -708,6 +715,10 @@ bash -c "echo 'vm.overcommit_memory=1' >> /etc/sysctl.conf" # based on https://raspibolt.org/security.html#fail2ban echo "*** HARDENING ***" apt_install --no-install-recommends python3-systemd fail2ban +# https://github.com/raspiblitz/raspiblitz/issues/4044 +if [ ! -f /var/log/auth.log ]; then + touch /var/log/auth.log +fi # *** CACHE DISK IN RAM & KEYVALUE-STORE*** echo "Activating CACHE RAM DISK ... " diff --git a/ci/amd64/packer.build.amd64-debian.sh b/ci/amd64/packer.build.amd64-debian.sh index b2ea9ecb1..c4f9e4182 100644 --- a/ci/amd64/packer.build.amd64-debian.sh +++ b/ci/amd64/packer.build.amd64-debian.sh @@ -13,8 +13,6 @@ else echo "# Packer is installed" fi - - # install qemu echo "# Install qemu ..." sudo apt-get update diff --git a/home.admin/config.scripts/blitz.web.api.sh b/home.admin/config.scripts/blitz.web.api.sh index 10eba49b6..62c77ae1d 100644 --- a/home.admin/config.scripts/blitz.web.api.sh +++ b/home.admin/config.scripts/blitz.web.api.sh @@ -281,11 +281,16 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then exit 1 fi else - echo "# using lastest code in branch" + echo "# using the latest code in branch" fi # install echo "# running install" sudo -u blitzapi python3 -m venv venv + # see https://github.com/raspiblitz/raspiblitz/issues/4169 - requires a Cython upgrade. + if ! sudo -u blitzapi ./venv/bin/pip install --upgrade Cython; then + echo "error='pip install upgrade Cython'" + exit 1 + fi if ! sudo -u blitzapi ./venv/bin/pip install -r requirements.txt --no-deps; then echo "error='pip install failed'" exit 1