diff options
| author |   Jan-Simon Moeller <jsmoeller@linuxfoundation.org> | 2023-12-08 03:15:56 +0100 |
|---|---|---|
| committer | Jan-Simon Moeller <jsmoeller@linuxfoundation.org> | 2023-12-11 14:17:46 +0000 |
| commit | c8d5eede46a9a95e4fa2d48f956647d811e59def (patch) | |
| tree | a978c50a27b57c67da6cba1b38dd4869a89239bc | |
| parent | fbf4831e5f7e2f98531c2931ec9f6d5edaa17793 (diff) | |
Add initial templates for ec2-arm64 and ec2-x86-64 MACHINES
Support building images for ec2.
v2: Add meta-virt into the templates.
v3: workaround bug in cloud-init recipe leading to empty cloud-init-systemd package
Bug-AGL: SPEC-5006
Change-Id: I65563c19eec60a53693a17b316f965100e2339e5
Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/29511
ci-image-boot-test: Jenkins Job builder account
Tested-by: Jenkins Job builder account
ci-image-build: Jenkins Job builder account
| -rw-r--r-- | meta-agl-core/files/passwd | 1 | ||||
| -rw-r--r-- | templates/machine/aws-ec2-arm64/50_bblayers.conf.inc | 8 | ||||
| -rw-r--r-- | templates/machine/aws-ec2-arm64/50_local.conf.inc | 21 | ||||
| -rw-r--r-- | templates/machine/aws-ec2-x86-64/50_bblayers.conf.inc | 8 | ||||
| -rw-r--r-- | templates/machine/aws-ec2-x86-64/50_local.conf.inc | 21 |
5 files changed, 59 insertions, 0 deletions
diff --git a/meta-agl-core/files/passwd b/meta-agl-core/files/passwd index c34e707fc..3e6639d86 100644 --- a/meta-agl-core/files/passwd +++ b/meta-agl-core/files/passwd @@ -64,3 +64,4 @@ mosquitto::1007:1007::: pipewire::1008:1008::: kuksa::900:900::: qemu::901:901::: +user::1004:100::: diff --git a/templates/machine/aws-ec2-arm64/50_bblayers.conf.inc b/templates/machine/aws-ec2-arm64/50_bblayers.conf.inc new file mode 100644 index 000000000..4e619cde0 --- /dev/null +++ b/templates/machine/aws-ec2-arm64/50_bblayers.conf.inc @@ -0,0 +1,8 @@ +AGL_META_PYTHON = "${METADIR}/external/meta-openembedded/meta-python" +AGL_META_MULTIMEDIA = "${METADIR}/external/meta-openembedded/meta-multimedia" +AGL_META_NETWORKING = "${METADIR}/external/meta-openembedded/meta-networking" +AGL_META_VIRTUALIZATION = "${METADIR}/external/meta-virtualization" + +BBLAYERS =+ "\ + ${METADIR}/bsp/meta-aws \ + " diff --git a/templates/machine/aws-ec2-arm64/50_local.conf.inc b/templates/machine/aws-ec2-arm64/50_local.conf.inc new file mode 100644 index 000000000..ca20e0bf2 --- /dev/null +++ b/templates/machine/aws-ec2-arm64/50_local.conf.inc @@ -0,0 +1,21 @@ +MACHINE = "aws-ec2-arm64" + +VIRTUAL-RUNTIME_initscripts = "systemd-compat-units" +IMAGE_INSTALL:append = " cloud-init" +DISTRO_FEATURES:append = " virtualization" + + +# can we shuffle this out so CI still works +INHERIT += "extrausers" +# Hardening: Locking the root password. Creating the user without password for ssh key-based login only +EXTRA_USERS_PARAMS = "usermod -L root; useradd -p '*' user" + +EXTRA_IMAGE_FEATURES:append = " ssh-server-openssh" + +# Forcing removal of debug-tweakes as that leads to reversing some sshd_config hardening done in our bbappend when do_rootfs runs +EXTRA_IMAGE_FEATURES:remove = "debug-tweaks" + +AGL_DEFAULT_IMAGE_FSTYPES := "wic.vhd" + +# workaround bug in cloud-init leading to empty cloud-init-systemd package +PACKAGES:pn-cloud-init:forcevariable = "cloud-init-src cloud-init-dbg cloud-init-staticdev cloud-init-dev cloud-init-doc cloud-init-locale cloud-init-systemd cloud-init" diff --git a/templates/machine/aws-ec2-x86-64/50_bblayers.conf.inc b/templates/machine/aws-ec2-x86-64/50_bblayers.conf.inc new file mode 100644 index 000000000..4e619cde0 --- /dev/null +++ b/templates/machine/aws-ec2-x86-64/50_bblayers.conf.inc @@ -0,0 +1,8 @@ +AGL_META_PYTHON = "${METADIR}/external/meta-openembedded/meta-python" +AGL_META_MULTIMEDIA = "${METADIR}/external/meta-openembedded/meta-multimedia" +AGL_META_NETWORKING = "${METADIR}/external/meta-openembedded/meta-networking" +AGL_META_VIRTUALIZATION = "${METADIR}/external/meta-virtualization" + +BBLAYERS =+ "\ + ${METADIR}/bsp/meta-aws \ + " diff --git a/templates/machine/aws-ec2-x86-64/50_local.conf.inc b/templates/machine/aws-ec2-x86-64/50_local.conf.inc new file mode 100644 index 000000000..58b4b087d --- /dev/null +++ b/templates/machine/aws-ec2-x86-64/50_local.conf.inc @@ -0,0 +1,21 @@ +MACHINE = "aws-ec2-x86-64" + +VIRTUAL-RUNTIME_initscripts = "systemd-compat-units" +IMAGE_INSTALL:append = " cloud-init" +DISTRO_FEATURES:append = " virtualization" + + +# can we shuffle this out so CI still works +INHERIT += "extrausers" +# Hardening: Locking the root password. Creating the user without password for ssh key-based login only +EXTRA_USERS_PARAMS = "usermod -L root; useradd -p '*' user" + +EXTRA_IMAGE_FEATURES:append = " ssh-server-openssh" + +# Forcing removal of debug-tweakes as that leads to reversing some sshd_config hardening done in our bbappend when do_rootfs runs +EXTRA_IMAGE_FEATURES:remove = "debug-tweaks" + +AGL_DEFAULT_IMAGE_FSTYPES := "wic.vhd" + +# workaround bug in cloud-init leading to empty cloud-init-systemd package +PACKAGES:pn-cloud-init:forcevariable = "cloud-init-src cloud-init-dbg cloud-init-staticdev cloud-init-dev cloud-init-doc cloud-init-locale cloud-init-systemd cloud-init" |