init

Initial push to use openwrtorg. Generatres rootfs, sdk and imagebuilder
for now.

Signed-off-by: Paul Spooren <mail@aparcar.org>

.circleci/config.yml

@@ -0,0 +1,50 @@
+version: 2
+jobs:
+  rootfs-snapshot:
+    machine: true
+    steps:
+      - checkout
+      - run: bash docker-common.sh
+      - run:
+          name: Create snapshot Rootfs container
+          command: bash docker-rootfs.sh
+          environment:
+            DOCKER_IMAGE: "openwrtorg/rootfs"
+            TARGETS: "x86-64 armvirt-32 armvirt-64"
+  imagebuilder-snapshot:
+    machine: true
+    steps:
+      - checkout
+      - run: bash docker-common.sh
+      - run:
+          name: Create snapshot ImageBuilder container
+          command: bash docker-imagebuilder.sh
+          environment:
+            DOCKER_IMAGE: "openwrtorg/imagebuilder"
+            TARGETS: "cns3xxx-generic mvebu-cortexa53 mvebu-cortexa72 mvebu-cortexa9 ipq40xx-generic ipq806x-generic layerscape-armv7 layerscape-armv8_32b layerscape-armv8_64b imx6-generic octeontx-generic sunxi-cortexa8 sunxi-cortexa53 sunxi-cortexa7 ppc44x-generic bcm53xx-generic brcm47xx-mips74k brcm47xx-generic brcm47xx-legacy ath79-nand ath79-generic ath79-tiny ath25-generic mcs814x-generic ar7-ac49x ar7-generic kirkwood-generic apm821xx-sata apm821xx-nand ramips-rt305x ramips-rt3883 ramips-mt76x8 ramips-mt7620 ramips-rt288x ramips-mt7621 au1000-au1550 au1000-au1500 pistachio-generic gemini-wiligear gemini-generic gemini-raidsonic brcm2708-bcm2708 brcm2708-bcm2709 brcm2708-bcm2710 x86-geode x86-generic x86-legacy x86-64 lantiq-xway_legacy lantiq-xrx200 lantiq-ase lantiq-falcon lantiq-xway mediatek-mt7622 mediatek-mt7623 mediatek-32 mpc85xx-p1020 mpc85xx-p2020 mpc85xx-generic tegra-generic zynq-generic archs38-generic ixp4xx-harddisk ixp4xx-generic mxs-generic oxnas-ox820 octeon-generic armvirt-32 armvirt-64 arc770-generic adm8668-generic xburst-qi_lb60 samsung-s5pv210 omap-generic ar71xx-nand ar71xx-generic ar71xx-tiny ar71xx-mikrotik brcm63xx-generic brcm63xx-smp at91-sama5d3 at91-sama5d4 at91-sam9x at91-sama5 at91-legacy at91-sama5d2 rb532-generic malta-le malta-be malta-be64 malta-le6"
+  sdk-snapshot:
+    machine: true
+    steps:
+      - checkout
+      - run: bash docker-common.sh
+      - run:
+          name: Create snapshot SDK container
+          command: bash docker-sdk.sh
+          environment:
+            DOCKER_IMAGE: "openwrtorg/sdk"
+            TARGETS: "cns3xxx-generic mvebu-cortexa53 mvebu-cortexa72 mvebu-cortexa9 ipq40xx-generic ipq806x-generic layerscape-armv7 layerscape-armv8_32b layerscape-armv8_64b imx6-generic octeontx-generic sunxi-cortexa8 sunxi-cortexa53 sunxi-cortexa7 ppc44x-generic bcm53xx-generic brcm47xx-mips74k brcm47xx-generic brcm47xx-legacy ath79-nand ath79-generic ath79-tiny ath25-generic mcs814x-generic ar7-ac49x ar7-generic kirkwood-generic apm821xx-sata apm821xx-nand ramips-rt305x ramips-rt3883 ramips-mt76x8 ramips-mt7620 ramips-rt288x ramips-mt7621 au1000-au1550 au1000-au1500 pistachio-generic gemini-wiligear gemini-generic gemini-raidsonic brcm2708-bcm2708 brcm2708-bcm2709 brcm2708-bcm2710 x86-geode x86-generic x86-legacy x86-64 lantiq-xway_legacy lantiq-xrx200 lantiq-ase lantiq-falcon lantiq-xway mediatek-mt7622 mediatek-mt7623 mediatek-32 mpc85xx-p1020 mpc85xx-p2020 mpc85xx-generic tegra-generic zynq-generic archs38-generic ixp4xx-harddisk ixp4xx-generic mxs-generic oxnas-ox820 octeon-generic armvirt-32 armvirt-64 arc770-generic adm8668-generic xburst-qi_lb60 samsung-s5pv210 omap-generic ar71xx-nand ar71xx-generic ar71xx-tiny ar71xx-mikrotik brcm63xx-generic brcm63xx-smp at91-sama5d3 at91-sama5d4 at91-sam9x at91-sama5 at91-legacy at91-sama5d2 rb532-generic malta-le malta-be malta-be64 malta-le6"
+
+workflows:
+  version: 2
+  docker:
+    triggers:
+      - schedule:
+          cron: "0 0 * * *"
+          filters:
+            branches:
+              only:
+                - master
+    jobs:
+      - rootfs-snapshot
+      - imagebuilder-snapshot
+      - sdk-snapshot

.gitignore

@@ -0,0 +1 @@
+sha256sums*

Dockerfile.imagebuilder

@@ -0,0 +1,14 @@
+FROM debian:latest
+
+RUN apt-get update -qq &&\
+    apt-get install -y build-essential libncurses5-dev gawk git subversion \
+        libssl-dev gettext zlib1g-dev swig unzip python2.7 wget file &&\
+        apt-get -y autoremove && apt-get clean
+
+RUN useradd -c "OpenWrt Builder" -m -d /home/build -s /bin/bash build
+COPY --chown=build:build ./imagebuilder /home/build/imagebuilder
+RUN chown build:build /home/build/imagebuilder
+
+USER build
+ENV HOME /home/build
+WORKDIR /home/build/imagebuilder

Dockerfile.rootfs

@@ -0,0 +1,13 @@
+FROM scratch
+
+MAINTAINER Paul Spooren <mail@aparcar.org>
+
+ADD ./rootfs-openwrt /
+
+ADD ./rootfs /
+
+EXPOSE 80 443 22
+
+USER root
+
+CMD ["/sbin/init"]

Dockerfile.sdk

@@ -0,0 +1,14 @@
+FROM debian:latest
+
+RUN apt-get update -qq &&\
+    apt-get install -y build-essential libncurses5-dev gawk git subversion \
+        libssl-dev gettext zlib1g-dev swig unzip python2.7 wget file &&\
+        apt-get -y autoremove && apt-get clean
+
+RUN useradd -c "OpenWrt Builder" -m -d /home/build -s /bin/bash build
+COPY --chown=build:build ./sdk /home/build/sdk
+RUN chown build:build /home/build/sdk
+
+USER build
+ENV HOME /home/build
+WORKDIR /home/build/sdk

README.md

@@ -0,0 +1,76 @@
+# OpenWrt Docker repository
+
+This repository contains scripts to create Docker containers for OpenWrt. The
+scripts are run via an CI and upload such containers to docker.io.
+
+Used variables are `BRANCHES`, `TARGETS`, `DOCKER_USER`, `DOCKER_PASS` and `DOCKER_IMAGE`.
+
+`$BRANCHES`: space separated list of OpenWrt branches to build ("master 18.06.2 18.06.1")
+`$TARGETS`: space separated list of OpenWrt targets to build ("x86-64 ath79-generic")
+`$DOCKER_USER`: user to upload
+`$DOCKER_PASS`: passwort to upload
+`$DOCKER_IMAGE`: image name
+
+`$BRANCHES` and `$TARGETS` unite to an build matrix.
+
+See `.circleci/config.yml` for the current setup.
+
+## `rootfs`
+
+An unpackaged version of OpenWrt's rootfs for different architectures. The
+`./rootfs` folder requires slight modifications to work within Docker,
+additional files for the rootfs should be added there before building.
+
+### Example
+
+    docker run --rm -it openwrtorg/rootfs:x86-64
+
+Enjoy a local OpenWrt container with internet access. Once closed the image is
+removed.
+
+### Tags
+
+* x86-64
+* armvirt-32
+* armvirt-64
+
+## `sdk`
+
+Contains the OpenWrt SDK based on a `debian:latest` container with required
+packages preinstalled. This can be usefull when building packages on MacOS X,
+Windows or via CI.
+
+### Example
+
+    docker run --rm -v ./bin/:/home/build/sdk/bin -it openwrtorg/sdk:x86-64
+    # within the Docker container
+    ./scripts/feeds update base
+    make defconfig
+    ./scripts/feeds install firewall
+    make package/firewall/{clean,compile} -j$(nproc)
+
+Enjoy a local OpenWrt SDK container building the `firewall3` package and but the
+binary in hosts `./bin` folder.
+
+### Tags
+
+All currently available SDKs via lower case `<target>-<subtarget>`
+
+## `imagebuilder`
+
+Contains the OpenWrt ImageBuilder based on a `debian:latest` container with
+required packages preinstalled. This can be usefull when creating images on
+MacOS X, Windows or via CI.
+
+### Example
+
+    docker run --rm -v ./bin/:/home/build/imagebuilder/bin -it openwrtorg/imagebuilder:x86-64
+    # within the Docker container
+    make image
+
+Enjoy a local OpenWrt ImageBuilder container building an image for x86/64 and
+store the binary in hosts `./bin` folder.
+
+### Tags
+
+All currently available ImageBuilders via lower case `<target>-<subtarget>`

docker-common.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+
+set -e
+set -x
+
+docker login -u $DOCKER_USER -p $DOCKER_PASS
+
+# LEDE Build System (LEDE GnuPG key for unattended build jobs)
+curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/626471F1.asc' | gpg --import \
+    && echo '54CC74307A2C6DC9CE618269CD84BCED626471F1:6:' | gpg --import-ownertrust
+
+# LEDE Release Builder (17.01 "Reboot" Signing Key)
+curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/D52BBB6B.asc' | gpg --import \
+    && echo 'B09BE781AE8A0CD4702FDCD3833C6010D52BBB6B:6:' | gpg --import-ownertrust
+
+# OpenWrt Release Builder (18.06 Signing Key)
+curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/17E1CE16.asc' | gpg --import \
+    && echo '6768C55E79B032D77A28DA5F0F20257417E1CE16:6:' | gpg --import-ownertrust

docker-imagebuilder.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+
+TARGETS="${TARGETS:-x86-64}"
+BRANCHES="${BRANCHES:-master}"
+DOCKER_IMAGE="${DOCKER_IMAGE:-openwrt-imagebuilder}"
+
+for TARGET in $TARGETS ; do
+    export IMAGEBUILDER_FILE="openwrt-imagebuilder*x86_64.tar.xz"
+    for BRANCH in $BRANCHES; do
+        if [ "$BRANCH" == "master" ]; then
+            export IMAGEBUILDER_PATH="snapshots/targets/$(echo $TARGET | tr '-' '/')"
+        else
+            export IMAGEBUILDER_PATH="releases/$BRANCH/targets/$(echo $TARGET | tr '-' '/')"
+        fi
+
+        curl "https://downloads.openwrt.org/$IMAGEBUILDER_PATH/sha256sums" -sS -o sha256sums
+        curl "https://downloads.openwrt.org/$IMAGEBUILDER_PATH/sha256sums.asc" -sS -o sha256sums.asc
+        gpg --with-fingerprint --verify sha256sums.asc sha256sums
+        rsync -av "downloads.openwrt.org::downloads/$IMAGEBUILDER_PATH/$IMAGEBUILDER_FILE" . || contine # skip uploading if no IB is available
+        cat sha256sums | grep openwrt-imagebuilder > sha256sums_imagebuilder
+        sha256sum -c sha256sums_imagebuilder
+
+        mkdir -p ./imagebuilder
+        tar Jxf $IMAGEBUILDER_FILE --strip=1 -C ./imagebuilder
+        rm -rf $IMAGEBUILDER_FILE
+
+        docker build -t $DOCKER_IMAGE:$TARGET-$BRANCH -f Dockerfile.imagebuilder .
+
+        rm -rf ./imagebuilder
+
+        if [ "$BRANCH" == "master" ]; then
+            docker tag $DOCKER_IMAGE:$TARGET-$BRANCH $DOCKER_IMAGE:$TARGET
+            docker push $DOCKER_IMAGE:$TARGET
+        else
+            docker push $DOCKER_IMAGE:$TARGET-$BRANCH
+        fi
+    done
+done

docker-rootfs.sh

@@ -0,0 +1,40 @@
+#!/bin/sh
+
+TARGETS="${TARGETS:-x86-64}"
+BRANCHES="${BRANCHES:-master}"
+DOCKER_IMAGE="${DOCKER_IMAGE:-openwrt-rootfs}"
+
+for TARGET in $TARGETS ; do
+    export ROOTFS_FILE="openwrt-*-rootfs.tar.gz"
+    for BRANCH in $BRANCHES; do
+        export ROOTFS_PATH="snapshots/targets/$(echo $TARGET | tr '-' '/')"
+
+        # download and verify checksums
+        curl "https://downloads.openwrt.org/$ROOTFS_PATH/sha256sums" -sS -o sha256sums
+        curl "https://downloads.openwrt.org/$ROOTFS_PATH/sha256sums.asc" -sS -o sha256sums.asc
+        gpg --with-fingerprint --verify sha256sums.asc sha256sums
+
+        # download file or skip if not available
+        rsync -av "downloads.openwrt.org::downloads/$ROOTFS_PATH/$ROOTFS_FILE" . || contine
+
+        # shrink checksum file to single desired file and verify downloaded archive
+        cat sha256sums | grep generic-rootfs > sha256sums_rootfs
+        sha256sum -c sha256sums_rootfs
+
+        mkdir -p ./rootfs-openwrt
+        tar xzf $ROOTFS_FILE -C ./rootfs-openwrt
+        rm -rf $ROOTFS_FILE
+
+        docker build -t $DOCKER_IMAGE:$TARGET-$BRANCH -f Dockerfile.rootfs .
+
+        rm -rf ./rootfs-openwrt
+
+        # snapshot don't get master attached to tag
+        if [ "$BRANCH" == "master" ]; then
+            docker tag $DOCKER_IMAGE:$TARGET-$BRANCH $DOCKER_IMAGE:$TARGET
+            docker push $DOCKER_IMAGE:$TARGET
+        else
+            docker push $DOCKER_IMAGE:$TARGET-$BRANCH
+        fi
+    done
+done

docker-sdk.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+
+TARGETS="${TARGETS:-x86-64}"
+BRANCHES="${BRANCHES:-master}"
+DOCKER_IMAGE="${DOCKER_IMAGE:-openwrt-sdk}"
+
+for TARGET in $TARGETS ; do
+    SDK_FILE="openwrt-sdk-*.Linux-x86_64.tar.xz"
+    for BRANCH in $BRANCHES; do
+        if [ "$BRANCH" == "master" ]; then
+            SDK_PATH="snapshots/targets/$(echo $TARGET | tr '-' '/')"
+            BRANCH_FEEDS="$BRANCH"
+        else
+            SDK_PATH="releases/$BRANCH/targets/$(echo $TARGET | tr '-' '/')"
+            BRANCH_FEEDS="openwrt-$BRANCH"
+        fi
+
+        curl "https://downloads.openwrt.org/$SDK_PATH/sha256sums" -sS -o sha256sums
+        curl "https://downloads.openwrt.org/$SDK_PATH/sha256sums.asc" -sS -o sha256sums.asc
+        gpg --with-fingerprint --verify sha256sums.asc sha256sums
+        rsync -av "downloads.openwrt.org::downloads/$SDK_PATH/$SDK_FILE" . || continue # skip uploading if no SDK is available
+        cat sha256sums | grep openwrt-sdk > sha256sums_sdk
+        sha256sum -c sha256sums_sdk
+
+        mkdir -p ./sdk
+        tar Jxf $SDK_FILE --strip=1 -C ./sdk
+        rm -rf $SDK_FILE
+
+        # use GitHub instead of git.openwrt.org
+        cat > ./sdk/feeds.conf <<EOF
+src-git base https://github.com/openwrt/openwrt.git;$BRANCH_FEEDS
+src-git packages https://github.com/openwrt/packages.git;$BRANCH_FEEDS
+src-git luci https://github.com/openwrt/luci.git;$BRANCH_FEEDS
+src-git routing https://github.com/openwrt-routing/packages.git;$BRANCH_FEEDS
+src-git telephony https://github.com/openwrt/telephony.git;$BRANCH_FEEDS
+EOF
+
+        docker build -t $DOCKER_IMAGE:$TARGET-$BRANCH -f Dockerfile.sdk .
+
+        rm -rf ./sdk
+
+        if [ "$BRANCH" == "master" ]; then
+            docker tag $DOCKER_IMAGE:$TARGET-$BRANCH $DOCKER_IMAGE:$TARGET
+            docker push $DOCKER_IMAGE:$TARGET
+        else
+            docker push $DOCKER_IMAGE:$TARGET-$BRANCH
+        fi
+    done
+done

rootfs/etc/config/network

@@ -0,0 +1,13 @@
+config interface 'loopback'
+    option ifname 'lo'
+    option proto 'static'
+    option ipaddr '127.0.0.1'
+    option netmask '255.0.0.0'
+
+config interface 'wan'
+    option ifname 'eth0'
+    option proto 'dhcp'
+
+config interface 'wan6'
+    option ifname 'eth0'
+    option proto 'dhcp6'

rootfs/etc/inittab

@@ -0,0 +1,7 @@
+::sysinit:/etc/init.d/rcS S boot
+::shutdown:/etc/init.d/rcS K shutdown
+ttyS0::askfirst:/usr/libexec/login.sh
+hvc0::askfirst:/usr/libexec/login.sh
+tty1::askfirst:/usr/libexec/login.sh
+console::askfirst:/usr/libexec/login.sh
+