add keyfork

This commit is contained in:
Ryan Heywood 2024-02-01 00:42:49 -05:00
parent 4c5ea2b66b
commit bb0bf05a85
Signed by: ryan
GPG Key ID: 8E401478A3FBEF72
7 changed files with 61 additions and 2 deletions

View File

@ -1 +1 @@
output out

View File

@ -1,7 +1,20 @@
FROM archlinux:base-devel AS keyfork-build
RUN pacman -Syu --noconfirm
RUN useradd -m build && echo "build ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/build
USER build
WORKDIR /home/build
ADD PKGBUILD.keyfork /home/build/PKGBUILD
RUN makepkg -s --noconfirm --skipinteg
RUN mkdir /home/build/repo && cp keyfork-0.0.0-1-x86_64.pkg.tar.zst repo && repo-add /home/build/repo/keyfork.db.tar.gz keyfork-0.0.0-1-x86_64.pkg.tar.zst
FROM archlinux FROM archlinux
RUN pacman -Syu --noconfirm archiso RUN pacman -Syu --noconfirm archiso
ADD configs /configs ADD configs /configs
COPY --from=keyfork-build /home/build/repo /usr/share/keyfork
WORKDIR / WORKDIR /
ENTRYPOINT ["/usr/bin/bash", "-x", "/usr/bin/mkarchiso", "-v", "-w", "/work", "-o", "/out"] ENTRYPOINT ["/usr/bin/bash", "-x", "/usr/bin/mkarchiso", "-v", "-w", "/work", "-o", "/out"]

View File

@ -14,7 +14,8 @@ vars:
clean: clean:
rm -rf out work || true rm -rf out work || true
out/archlinux-baseline-arch-%-x86_64.iso: configs/%/ # NOTE: Relies on files in configs/% but make doesn't have recursive checks
out/archlinux-baseline-arch-%-x86_64.iso: configs/% Dockerfile PKGBUILD.keyfork
$(MAKE) docker-airgap-builder $(MAKE) docker-airgap-builder
mkdir -p out mkdir -p out
docker run --rm --privileged --volume "$(PWD)/out:/out" airgap-builder $< docker run --rm --privileged --volume "$(PWD)/out:/out" airgap-builder $<

33
PKGBUILD.keyfork Normal file
View File

@ -0,0 +1,33 @@
pkgname='keyfork'
pkgver='0.0.0'
pkgrel=1
pkgdesc='The Kitchen Sink of Entropy'
arch=('x86_64')
url='https://git.distrust.co/public/keyfork'
license=('GPL-2.0')
makedepends=('cargo' 'clang' 'git' 'llvm' 'pkgconf') # + nettle + pcsclite
depends=('nettle' 'pcsclite')
source=('git+https://git.distrust.co/public/keyfork.git')
prepare() {
cd "$srcdir/$pkgname"
export RUSTUP_TOOLCHAIN=stable
cargo fetch --locked --target "$CARCH-unknown-linux-gnu"
cd -
}
build() {
export RUSTUP_TOOLCHAIN=stable
export CARGO_TARGET_DIR=target
export RUSTFLAGS="-C codegen-units=1"
cd "$srcdir/$pkgname"
# NOTE: Do not use `--all-features` as features may be incomopatible with
# each other.
cargo build --frozen --release -p keyfork
}
package() {
build="$srcdir/$pkgname/target/release"
target="$pkgdir/usr/bin"
install -Dm755 "$build/$pkgname" "$pkgdir/usr/bin/$pkgname"
}

View File

@ -3,6 +3,13 @@
A slim version of Arch Linux intended to run on airgapped (always-offline) A slim version of Arch Linux intended to run on airgapped (always-offline)
systems. The builder runs in Docker using privileged mode. systems. The builder runs in Docker using privileged mode.
## Target Packages
Airgap NG is built for the purpose of providing an airgapped image of Keyfork.
As such, it builds an Arch package for Keyfork and a local Arch package
repository from which to install Keyfork. The base installation image will also
include Nettle, PCSC Lite
## Building ## Building
Requirements: Requirements:

View File

@ -3,3 +3,4 @@ linux
mkinitcpio mkinitcpio
mkinitcpio-archiso mkinitcpio-archiso
syslinux syslinux
keyfork

View File

@ -96,3 +96,7 @@ Include = /etc/pacman.d/mirrorlist
#[custom] #[custom]
#SigLevel = Optional TrustAll #SigLevel = Optional TrustAll
#Server = file:///home/custompkgs #Server = file:///home/custompkgs
[keyfork]
SigLevel = Optional TrustAll
Server = file:///usr/share/keyfork