carbon-config

s6-rc.aat (9766B)

---

 @include common.aat
 @include rc-common.aat
 @awk rc-builder.include.awk
 |END{
 /	d	m755
 
 
 |declare_bundle("ok-all", "ok-all-but-tty gettys")
 
 |declare_bundle("ok-sysinit", "mount-sysinit dev-coldplug")
 
 |declare_bundle("ok-mount", "ok-sysinit ok-localmount")
 
 |declare_bundle("ok-all-but-tty", "net-all ok-mount")
 
 
 |### Networking ###
 |start_oneshot("loopback")
 |enabled_bundle("net-all")
 |up()
 	if { ip link set lo up }
 	if -nt { ip addr add 127.0.0.1/8 dev lo brd + }
 	pipeline { ip addr show dev lo } grep -q "inet 127\\.0\\.0\\.1"
 |end()
 
 |if(find("static_ip.rows")) {
 @for i in static_ip
 |start_oneshot(with_counter("net-" get("i.iface") "-ip"))
 |in_bundle("net-" get("i.iface"))
 |add_to_bundle("net-all", "net-" get("i.iface"))
 |up()
 	if { ip link set {<i.iface>} up }
 	if -nt { ip addr add {<i.ip>}/{<i.prefix>} dev {<i.iface>} }
 	pipeline { ip addr show dev {<i.iface>} } grep -F -q -e "inet {<i.ip>}/{<i.prefix>} "
 |down()
 	ip addr del {<i.ip>} dev {<i.iface>}
 |end()
 @endfor
 |}
 
 |if(find("static_route.rows")) {
 @for i in static_route
 |start_oneshot(with_counter("net-" get("i.iface") "-route"), list_services_with_counter("net-" get("i.iface") "-ip"))
 |in_bundle("net-" get("i.iface"))
 |up()
 	if { ip link set {<i.iface>} up }
 	if -nt { ip route add dev {<i.iface>} {<i.spec>} }
 	pipeline { ip route show dev {<i.iface>} {<i.spec>} } grep -q .
 |down()
 	ip route del dev {<i.iface>} {<i.spec>}
 |end()
 @endfor
 |}
 
 |start_longrun_with_logger("dhcpcd", "modules ok-mount ok-sysinit")
 |enabled_bundle("net-all")
 |run_arg("dhcpcd --nobackground")
 |end()
 
 |start_longrun_with_logger("unbound", "loopback ok-mount ok-sysinit")
 |enabled_bundle("net-all")
 |run_arg("unbound -ddp")
 |end()
 
 |start_oneshot("hostname")
 |in_bundle("ok-all-but-tty")
 |up()
 	hostname -F /etc/hostname
 |end()
 
 |start_oneshot("loadkeys", "kbd_mode")
 |enabled_bundle("ok-all-but-tty")
 |up()
 	loadkeys --unicode /root/keymap
 |end()
 
 |### per-TTY services ###
 
 |for(tty=1; tty<=(<getty_max>+0); tty++) {
 |start_longrun("tty" tty, "ok-sysinit")
 |in_bundle("gettys")
 |run_el()
 	foreground { /command/issue-gen }
 	env LOGIN_TTY=/dev/tty{{tty}} /sbin/getty -l login-keepenv 38400 tty{{tty}} linux
 |finish_el()
 	redirfd -w 1 /dev/tty{{tty}}
 	fdmove -c 2 1
 	foreground { s6-echo "\nwaiting for session cleanup" }
 	flock /run/ttylock/tty{{tty}} true
 |end()
 |}
 
 |for(tty=1; tty<=(<tty_max>+0); tty++) {
 |start_oneshot("kbd_mode-tty" tty)
 |in_bundle("kbd_mode")
 |up()
 	kbd_mode -u -C /dev/tty{{tty}}
 |end()
 |}
 
 |if(get("tty_setfont")) {
 |add_to_bundle("ok-all-but-tty", "setfont")
 |for(tty=1; tty<=(<tty_max>+0); tty++) {
 |start_oneshot("setfont-tty" tty)
 |in_bundle("setfont")
 |up()
 	redirfd -r 0 /dev/tty{{tty}} setfont {<tty_setfont>}
 |end()
 |}
 |}
 
 |start_oneshot("dmesg")
 |in_bundle("ok-all-but-tty")
 |up()
 	# description="Set the dmesg level for a cleaner boot"
 	# dmesg_level=1
 	dmesg -n1
 |end()
 
 |start_oneshot("modules", "dmesg")
 |in_bundle("ok-all-but-tty")
 |up()
 @for i in modprobe_modules
 	foreground { modprobe {<i.module>} }
 @endfor
 |end()
 
 |start_oneshot("cgroups", "mount-run-cgroup2")
 |in_bundle("ok-sysinit")
 |up()
 	cgconfigparser -l /current/conf/etc/cgconfig.conf
 |end()
 
 |start_oneshot("mdevd-coldplug", "mount-dev mount-sys modules mdevd")
 |up()
 	mdevd-coldplug
 |end()
 
 |start_oneshot("udev-coldplug", "mount-dev mount-sys modules udev")
 |up()
 	udevadm settle
 |end()
 
 |if(get("dev_manager")) {
 |service("dev-coldplug", "bundle", (<dev_manager>)"-coldplug")
 |add_to_bundle("ok-sysinit", (<dev_manager>))
 |}
 
 |start_longrun("mdevd", "mount-dev")  # TODO add "mount-proc mount-sys", add logger
 |notification_fd(3)
 |run()  # TODO use run_el() or run_arg()
 	#!/command/execlineb -P
 	mdevd -D 3 -f /current/conf/etc/mdevd.conf
 |end()
 
 |start_longrun("udev", "mount-sys mount-proc mount-dev")  # TODO add logger
 |notification_fd(3)
 |run_el()
 	background {
 		sh -xc "until /sbin/udevadm settle --timeout=120; do sleep 0.5; done; echo >&3 settled"
 		#foreground { loopwhilex -x 0 if -nt { /sbin/udevadm settle --timeout=120 } foreground { sleep 0.1 } exit 1 }
 		#fdmove -c 3 1
 		#echo
 	}
 	fdclose 3
 	/sbin/udevd
 |end()
 
 |start_oneshot("swapon-vg-swap", "dev-coldplug")
 |in_bundle("ok-all-but-tty")
 |up()
 	swapon /dev/vg/swap
 |down()
 	swapoff /dev/vg/swap
 |end()
 
 |start_oneshot("mount-tmp-X11", "ok-sysinit")
 |in_bundle("ok-mount")
 |up()
 	if { mkdir -p /tmp/.X11-unix /run/X11 }
 	if { chmod 771 /run/X11 }
 	if { chown root:xorg /run/X11 }
 	mount --bind /run/X11 /tmp/.X11-unix
 |down()
 	foreground { umount /tmp/.X11-unix }
 |end()
 
 |start_oneshot("openrc", "ok-sysinit ok-mount modules")
 |up()
 	export TERM "linux"
 	foreground { /sbin/openrc boot }
 	/sbin/openrc default
 |down()
 	export TERM "linux"
 	/sbin/openrc shutdown
 |end()
 
 /.scripts	d	m755
 
 |start_longrun_with_logger("sshd", "ssh_host_ed25519_key ssh_host_rsa_key ok-sysinit")
 |enabled_bundle("ok-all-but-tty")
 |run_arg("/usr/sbin/sshd -D -e -f /etc/ssh/sshd_config")
 |end()
 
 |start_oneshot("ssh_host_ed25519_key", "hostname rootfs")
 |up()
 	if -n -t { s6-test -f /etc/ssh/ssh_host_ed25519_key }
 	ssh-keygen -N "" -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
 |end()
 
 |start_oneshot("ssh_host_rsa_key", "hostname rootfs")
 |up()
 	if -n -t { s6-test -f /etc/ssh/ssh_host_rsa_key }
 	ssh-keygen -N "" -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key
 |end()
 
 |#|add_to_bundle("ok-all-but-tty", "swap")
 |#/swap	d	m755
 |#/swap/type	cN	oneshot	m644
 |#/swap/up	cN	swapon -a	m644
 |#/swap/down	cN	swapoff -a	m644
 
 |start_oneshot("alsa-devices", "modules udev")
 |up()
 	sh -c "
 	retry=true
 	while $retry; do
 	retry=false
 	for card in $(sed -n -e '/^ \\?[0-9]/{s/ *\\([0-9]*\\).*/\\1/;p}' /proc/asound/cards); do
 	$retry && sleep 0.5
 	test -e /dev/snd/controlC${card} || retry=true
 	done
 	$retry && sleep 0.5
 	done
 	:
 	"
 |end()
 
 |start_longrun_with_logger("alsactl-rdaemon","alsa-devices")
 |enabled_bundle("ok-all-but-tty")
 |run_arg("alsactl rdaemon")
 |end()
 
 |start_oneshot("brightness", "ok-sysinit")
 |enabled_bundle("ok-all-but-tty")
 |up()
 	foreground { redirfd -w 1 /sys/class/backlight/intel_backlight/brightness echo 800 }
 	if { chgrp users /sys/class/backlight/intel_backlight/brightness }
 	chmod g+w  /sys/class/backlight/intel_backlight/brightness
 |end()
 
 |start_oneshot("tlp", "ok-sysinit")
 |enabled_bundle("ok-all-but-tty")
 |up()
 	tlp init start
 |down()
 	tlp init stop
 |end()
 
 |start_oneshot("containers", "ok-mount")
 |enabled_bundle("ok-all-but-tty")
 |up()
 	export TERM "linux"
 	if {
 		zsh -lc "quiet=1 confz site_container_services"
 	}
 	s6-svscanctl -a /run/service
 |end()
 
 |if(find("user_svscan.rows")) {
 @for u in user_svscan
 |start_longrun("svscan-"(<u.name>)"-log", "ok-sysinit rootfs")
 |consumer_for("svscan-"(<u.name>))
 |run_el()
 	if { mkdir -p /run/user/{<u.id>}.logs }
 	if { ln -sf {<u.id>}.logs /run/user/{<u.name>}.logs }
 	if { chown {<u.name>}: /run/user/{<u.id>}.logs }
 	if { chmod 700 /run/user/{<u.id>}.logs }
 	s6-setuidgid {<u.name>}
 	s6-log -- t /run/user/{<u.id>}.logs
 |end()
 
 |start_longrun("svscan-"(<u.name>), "ok-sysinit rootfs")
 |in_bundle("ok-all-but-tty")
 |notification_fd(3)
 |producer_for("svscan-"(<u.name>)"-log")
 |run_el()
 	if { mkdir -p /run/user/{<u.id>} }
 	if { ln -sf {<u.id>} /run/user/{<u.name>} }
 	if { chown {<u.name>}: /run/user/{<u.id>} }
 	if { chmod 700 /run/user/{<u.id>} }
 	s6-setuidgid {<u.name>}
 	if { mkdir -p /run/user/{<u.id>}/service }
 	s6-svscan -d 3 /run/user/{<u.id>}/service
 |end()
 @endfor
 |}
 
 |start_longrun_with_logger("syncthing", "ok-mount")
 |enabled_bundle("ok-all-but-tty")
 |run_el()
 	/usr/bin/env HOME=/var/lib/syncthing
 	s6-setuidgid syncthing
 	syncthing -logflags 0
 |end()
 
 |if(find("tinc_networks.rows")) {
 @for i in tinc_networks
 |tinc_network = get("i.name")
 |start_longrun_with_logger("tinc." tinc_network, "net-all")
 |add_to_bundle("ok-all-but-tty", "tinc." tinc_network)
 |run_arg("tincd -n \"" tinc_network "\" -D -d")
 |end()
 @endfor
 |}
 
 |start_longrun_with_logger("wpa_supplicant", "modules\nok-sysinit")
 |enabled_bundle("net-all")
 |run_el()
 	/sbin/wpa_supplicant
 	-iwlan0
 	-c/etc/wpa_supplicant/wpa_supplicant.conf
 |end()
 
 
 |if(find("X_servers.rows")) {
 @for i in X_servers
 /{<i.svc>}	d	m750
 /{<i.svc>}/data	d	m750
 /{<i.svc>}/data/.keep	cN		m640
 /{<i.svc>}/env	d	m750
 /{<i.svc>}/env/vtN	cN	{<i.vtN>}	m640
 /{<i.svc>}/notification-fd	cN	3	m640
 /{<i.svc>}/run	l	../.scripts/X.run	m777
 /{<i.svc>}/type	cN	longrun	m640
 @endfor
 
 /.scripts	d	m755
 /.scripts/X.run
 CN	#!/command/execlineb -P
 	fdmove -c 2 1
 	s6-envdir env
 	importas vtN vtN
 	export XDG_RUNTIME_DIR /run/service/X${vtN}/data
 	importas XDG_RUNTIME_DIR XDG_RUNTIME_DIR
 	if { truncate -s 0 ${XDG_RUNTIME_DIR}/Xauthority }
 	if { chmod 600 ${XDG_RUNTIME_DIR}/Xauthority }
 	if { chown xorg:xorg ${XDG_RUNTIME_DIR}/Xauthority }
 	if { chown xorg:xorg ${XDG_RUNTIME_DIR} }
 	if {
 	  pipeline {
 	    if { printf "add :%d . " ${vtN} }
 	    if { redirfd -r 0 /dev/urandom xxd -p -l 16 }
 	  }
 	  xauth -f ${XDG_RUNTIME_DIR}/Xauthority source -
 	}
 	piperw 4 5
 	background -d {
 	  fdclose 5
 	  if { mkdir -p ${XDG_RUNTIME_DIR}/env }
 	  if {
 	    redirfd -w 1 ${XDG_RUNTIME_DIR}/env/XAUTHORITY
 	    printf "%s/Xauthority" ${XDG_RUNTIME_DIR}
 	  }
 	  if {
 	    fdmove 0 4
 	    redirfd -w 1 ${XDG_RUNTIME_DIR}/env/DISPLAY
 	    if { printf : }
 	    head -n1
 	  }
 	  fdmove 1 3
 	  echo
 	}
 	unexport !
 	fdclose 4
 	fdclose 3
 	umask 077
 	if { chmod 660 /dev/tty${vtN} }
 	if { chown root:xorg /dev/tty${vtN} }
 	if {
 	  elglob dev /dev/input/event*
 	  if { chown root:input ${dev} }
 	  chmod 660 ${dev}
 	}
 	redirfd -r 0 /dev/tty${vtN}
 	redirfd -w 1 /dev/tty${vtN}
 	s6-setsid
 	s6-setuidgid xorg
 	Xorg
 	  -displayfd 5
 	  -nolisten local
 	  -nolisten tcp
 	  -quiet
 	#  -logfile /dev/stdout
 	  -logfile ${XDG_RUNTIME_DIR}/log
 	  -auth ${XDG_RUNTIME_DIR}/Xauthority
 	  -tst
 	  -retro
 	  -novtswitch
 	  vt${vtN} :${vtN}
 	
 m755
 |}
 
 |print_bundles()
 |}