linux-qubasis

linux oasis port as a qubes template

git clone https://9o.is/git/linux-qubasis.git

commit 81f6820f7faaaf8d61af9e10c34968d887a3c9d8
parent de19fd10e5fc0dbc7259ec7e29a8dc43d1120586
Author: Jul <jul@9o.is>
Date:   Tue, 30 Sep 2025 21:02:33 +0800

install rc to alpine-template

Diffstat:

Mgen.sh | 1+


Mninja/functions.sh | 21++++++++++++++++-----


Aninja/qubes-fspec.sh | 71+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Mninja/qubes-install.sh | 1-


Mninja/rules.ninja | 6+++++-


Atpl/alpine-template/gen.sh | 2++


6 files changed, 95 insertions(+), 7 deletions(-)

diff --git a/gen.sh b/gen.sh
@@ -46,5 +46,6 @@ subgen pkg/zlib
 subgen pkg/zstd
 
 subgen tpl/example
+subgen tpl/alpine-template
 
 default build
diff --git a/ninja/functions.sh b/ninja/functions.sh
@@ -219,6 +219,11 @@ headers_exist() {
 }
 
 template() {
+    if [ $# -eq 1 ]; then
+        _ninja_template="$1"
+        return
+    fi
+
     case $3 in
         *M) _ninja_template="$1 $2 $(( ${3%M} * 1048576 ))";;
         *) error image size "'$3'" must be suffixed by "'M'";;
@@ -608,11 +613,17 @@ _ninja_flush_build() {
             if [ "$_ninja_template" ]; then
                 set -- $_ninja_template
 
-                build qubes-install $outdir/qubes-installed '|' $basedir/ninja/qubes-install.sh $hostdir/pax $outdir/root.tar.zstd
-                bind template $1
-                bind label $2
-                bind size $3
-                bind tar $outdir/root.tar.zstd
+                if [ $# -eq 1 ]; then
+                    build qubes-fspec $outdir/qubes-installed '|' $basedir/ninja/qubes-fspec.sh $hostdir/pax $outdir/root.tar.zstd
+                    bind template $1
+                    bind tar $outdir/root.tar.zstd
+                else
+                    build qubes-install $outdir/qubes-installed '|' $basedir/ninja/qubes-install.sh $hostdir/pax $outdir/root.tar.zstd
+                    bind template $1
+                    bind label $2
+                    bind size $3
+                    bind tar $outdir/root.tar.zstd
+                fi
 
                 build phony $tgtdir/install $outdir/qubes-installed
             fi
diff --git a/ninja/qubes-fspec.sh b/ninja/qubes-fspec.sh
@@ -0,0 +1,71 @@
+set -eu
+
+template=$1
+tar=$2
+
+# Don't forget to add the following policies to dom0. Replace "{vm}" with the
+# name of the this vm, and tag the template vms with "build-client". VMs tagged
+# with build-client should have rpc /etc/qubes-rpc/oasis.FspecUpdate that
+# extracts the archive.
+#
+# admin.vm.CurrentState * {vm} @tag:build-client allow target=dom0
+# admin.vm.Shutdown     * {vm} @tag:build-client allow target=dom0
+# build.FspecUpdate     * {vm} @tag:build-client allow
+
+error() {
+    printf "Failed installing qubes fspec '%s': %s\n" "$template" "$*"
+    exit 1
+}
+
+set_running() {
+    set -- $(qrexec-client-vm $template admin.vm.CurrentState </dev/null | xargs -0)
+    status=${1-1}
+
+    if [ $status -ne 0 ]; then
+        error "current state request: $status $*"
+    fi
+
+    shift
+
+    for val in $*; do
+        case $val in
+            power_state=*)
+                val=${val#power_state=}
+                if [ "$val" = 'Running' ]; then
+                    running=true
+                else
+                    running=false
+                fi
+                ;;
+        esac
+    done
+
+    if [ ! "${running-}" ]; then
+        error "current state response missing power_state: $*"
+    fi
+}
+
+update() {
+    zstd -d --stdout $tar | qrexec-client-vm $template build.FspecUpdate 1>/dev/null 2>&1
+    status=$?
+
+    if [ $status -ne 0 ]; then
+        error "update: $status"
+    fi
+}
+
+shutdown() {
+    set -- $(qrexec-client-vm $template admin.vm.Shutdown </dev/null | xargs -0)
+    status=${1-1}
+
+    if [ $status -ne 0 ]; then
+        error "shutdown request: $*"
+    fi
+}
+
+set_running
+update
+
+if ! $running; then
+    shutdown
+fi
diff --git a/ninja/qubes-install.sh b/ninja/qubes-install.sh
@@ -6,7 +6,6 @@ template=$1
 label=$2
 size=$3
 tar=$4
-outdir=$5
 
 tmpdir=$(mktemp -d)
 mnt=$tmpdir/mnt
diff --git a/ninja/rules.ninja b/ninja/rules.ninja
@@ -98,6 +98,10 @@ rule sed
   description = SED $out
 
 rule qubes-install
-  command = sh $basedir/ninja/qubes-install.sh $template $label $size $tar $outdir && touch $out
+  command = sh $basedir/ninja/qubes-install.sh $template $label $size $tar && touch $out
   description = QUBES-INSTALL $template
   pool = console
+
+rule qubes-fspec
+  command = sh $basedir/ninja/qubes-fspec.sh $template $tar && touch $out
+  description = QUBES-FSPEC $template
diff --git a/tpl/alpine-template/gen.sh b/tpl/alpine-template/gen.sh
@@ -0,0 +1,2 @@
+template alpine-template
+pkg rc