mrrl-system-config

s6-rc.aat (11330B)

---

 @include common.aat
 @include rc-common.aat
 @awk rc-builder.include.awk
 |END{
 /	d	m755
 
 
 |declare_bundle("ok-all", "ok-all-but-tty gettys")
 
 |declare_bundle("ok-sysinit", "mount-sysinit dev-coldplug")
 
 |declare_bundle("ok-mount", "ok-sysinit ok-localmount")
 
 |declare_bundle("ok-all-but-tty", "net-all ok-mount")
 
 |declare_bundle("net-all")
 
 |### Networking ###
 |start_oneshot("loopback")
 |# TODO: make loopback conditional
 |enabled_bundle("net-all")
 |up()
 	{{qexec("if")}} { {{qexec("ip")}} link set dev lo up }
 	{{qexec("if")}} -nt { {{qexec("ip")}} addr add 127.0.0.1/8 dev lo }
 	{{qexec("pipeline")}} { {{qexec("ip")}} addr show dev lo } {{qexec("grep")}} -q "inet 127\\.0\\.0\\.1"
 |end()
 
 |if(find("static_ip.rows")) {
 @for i in static_ip
 |start_oneshot(with_counter("net-" get("i.iface") "-ip"))
 |in_bundle("net-" get("i.iface"))
 |add_to_bundle("net-all", "net-" get("i.iface"))
 |up()
 	{{qexec("if")}} { {{qexec("ip")}} link set {<i.iface>} up }
 	{{qexec("if")}} -nt { {{qexec("ip")}} addr add {<i.ip>}/{<i.prefix>} dev {<i.iface>} }
 	{{qexec("pipeline")}} { {{qexec("ip")}} ip addr show dev {<i.iface>} } {{qexec("grep")}} -F -q -e "inet {<i.ip>}/{<i.prefix>} "
 |down()
 	{{qexec("ip")}} addr del {<i.ip>} dev {<i.iface>}
 |end()
 @endfor
 |}
 
 |if(find("static_route.rows")) {
 @for i in static_route
 |start_oneshot(with_counter("net-" get("i.iface") "-route"), list_services_with_counter("net-" get("i.iface") "-ip"))
 |in_bundle("net-" get("i.iface"))
 |up()
 	{{qexec("if")}} { {{qexec("ip")}} link set {<i.iface>} up }
 	{{qexec("if")}} -nt { {{qexec("ip")}} route add dev {<i.iface>} {<i.spec>} }
 	{{qexec("pipeline")}} { {{qexec("ip")}} route show dev {<i.iface>} {<i.spec>} } grep -q .
 |down()
 	{{qexec("ip")}} route del dev {<i.iface>} {<i.spec>}
 |end()
 @endfor
 |}
 
 |start_longrun_with_logger("dhcpcd", "sysctl modules ok-mount ok-sysinit")
 |enabled_bundle("net-all")
 |run_arg("dhcpcd --nobackground --nohook 20-resolv.conf")
 |end()
 
 |start_longrun_with_logger("unbound", "loopback ok-mount ok-sysinit")
 |enabled_bundle("net-all")
 |run_arg("unbound -d -p")
 |end()
 
 |start_oneshot("hostname")
 |in_bundle("ok-all-but-tty")
 |up()
 	{{qexec("hostname")}} -F {{qconfig("hostname")}}
 |end()
 
 |start_oneshot("loadkeys", "kbd_mode")
 |enabled_bundle("ok-all-but-tty")
 |up()
 	{{qexec("cd")}} {{qconfig("console_keymap")}} {{qexec("loadkeys")}} --unicode keymap
 |end()
 
 |### per-TTY services ###
 
 |for(tty=1; tty<=(<getty_max>+0); tty++) {
 |start_longrun("tty" tty, "ok-sysinit")
 |in_bundle("gettys")
 |run_el()
 	{{qexec("foreground")}} { {{qexec("issue-gen")}} }
 	{{qexec("env")}} LOGIN_TTY=/dev/tty{{tty}} {{qexec("getty")}} -l {{qexec("login-keepenv")}} 38400 tty{{tty}} linux
 |if(tty >= 1 && tty <= 4) {
 |finish_el()
 	{{qexec("foreground")}} {
 		{{qexec("chgrp")}}
 		-R root
 		/run/service/X{{tty + 4}}/supervise
 		/run/service/X{{tty + 4}}/event
 	}
 	{{qexec("foreground")}} { {{qexec("chown")}} xorg:root /run/Xauthority.$X }
 	{{qexec("s6-svc")}} -wD -d /run/service/X{{tty + 4}}
 |end()
 |}
 |}
 
 |for(tty=1; tty<=(<tty_max>+0); tty++) {
 |start_oneshot("kbd_mode-tty" tty)
 |in_bundle("kbd_mode")
 |up()
 	kbd_mode -u -C /dev/tty{{tty}}
 |end()
 |}
 
 |if(get("tty_setfont")) {
 |add_to_bundle("ok-all-but-tty", "setfont")
 |for(tty=1; tty<=(<tty_max>+0); tty++) {
 |start_oneshot("setfont-tty" tty)
 |in_bundle("setfont")
 |up()
 	redirfd -r 0 /dev/tty{{tty}} setfont {<tty_setfont>}
 |end()
 |}
 |}
 
 |start_oneshot("dmesg")
 |in_bundle("ok-all-but-tty")
 |up()
 	# description="Set the dmesg level for a cleaner boot"
 	# dmesg_level=1
 	{{qexec("dmesg")}} -n1
 |end()
 
 |start_oneshot("modules", "dmesg")
 |in_bundle("ok-all-but-tty")
 |up()
 @for i in modprobe_modules
 	{{qexec("foreground")}} { {{qexec("modprobe")}} {<i.module>} }
 @endfor
 |end()
 
 |start_oneshot("sysctl", "modules")
 |in_bundle("ok-all-but-tty")
 |up()
 	{{qexec("sysctl")}} -p {{qconfig("sysctl.conf")}}
 |end()
 
 |start_oneshot("cgroups", "mount-run-cgroup")
 |in_bundle("ok-sysinit")
 |up()
 	cgconfigparser -l {{qconfig("cgconfig.conf")}}
 |end()
 
 |start_oneshot("mdevd-coldplug", "mount-dev mount-sys sysctl modules mdevd")
 |up()
 	{{qenv("mdevd")}} mdevd-coldplug
 |end()
 
 |start_oneshot("udev-coldplug", "mount-dev mount-sys sysctl modules udev")
 |up()
 	udevadm settle
 |end()
 
 |if(get("dev_manager")) {
 |service("dev-coldplug", "bundle", (<dev_manager>)"-coldplug")
 |add_to_bundle("ok-sysinit", (<dev_manager>))
 |}
 
 |start_oneshot("prepare-dev", "mount-dev")
 |up()
 	if { ln -s -f /proc/self/fd  /dev/ }
 	if { ln -s -f /proc/self/fd/0  /dev/stdin }
 	if { ln -s -f /proc/self/fd/1  /dev/stdout }
 	ln -s -f /proc/self/fd/2  /dev/stderr
 |end()
 
 |start_longrun("mdevd", "mount-dev prepare-dev mount-sys")  # TODO add "mount-proc mount-sys", add logger
 |notification_fd(3)
 |run()
 	#!{{env_el("mdevd")}} -P
 	mdevd -D 3 -b 67108864 -f {{qconfig("mdevd.conf")}}
 |end()
 
 |start_longrun("udev", "mount-sys mount-proc mount-dev")  # TODO add logger
 |notification_fd(3)
 |run_el()
 	background {
 		sh -xc "until /sbin/udevadm settle --timeout=120; do sleep 0.5; done; echo >&3 settled"
 		#foreground { loopwhilex -x 0 if -nt { /sbin/udevadm settle --timeout=120 } foreground { sleep 0.1 } exit 1 }
 		#fdmove -c 3 1
 		#echo
 	}
 	fdclose 3
 	/sbin/udevd
 |end()
 
 |start_oneshot("swapon-vg-swap", "dev-coldplug")
 |#in_bundle("ok-all-but-tty")
 |up()
 	{{qexec("swapon")}} /dev/vg/swap
 |down()
 	{{qexec("swapoff")}} /dev/vg/swap
 |end()
 
 |start_oneshot("mount-tmp-X11", "ok-sysinit")
 |in_bundle("ok-mount")
 |up()
 	{{qexec("if")}} { {{qexec("mkdir")}} -p /tmp/.X11-unix /run/X11 }
 	{{qexec("if")}} { {{qexec("chmod")}} 771 /run/X11 }
 	{{qexec("if")}} { {{qexec("chown")}} root:xorg /run/X11 }
 	{{qexec("mount")}} --bind /run/X11 /tmp/.X11-unix
 |down()
 	{{qexec("foreground")}} { {{qexec("umount")}} /tmp/.X11-unix }
 |end()
 
 |start_oneshot("openrc", "ok-sysinit ok-mount sysctl modules")
 |up()
 	export TERM "linux"
 	foreground { /sbin/openrc boot }
 	/sbin/openrc default
 |down()
 	export TERM "linux"
 	/sbin/openrc shutdown
 |end()
 
 |start_longrun_with_logger("sshd", "ssh_host_ed25519_key ssh_host_rsa_key ok-sysinit")
 |enabled_bundle("ok-all-but-tty")
 |run_arg("/usr/sbin/sshd -D -e -f /etc/ssh/sshd_config")
 |end()
 
 |start_oneshot("ssh_host_ed25519_key", "hostname rootfs")
 |up()
 	if -n -t { eltest -f /etc/ssh/ssh_host_ed25519_key }
 	ssh-keygen -N "" -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
 |end()
 
 |start_oneshot("ssh_host_rsa_key", "hostname rootfs")
 |up()
 	if -n -t { eltest -f /etc/ssh/ssh_host_rsa_key }
 	ssh-keygen -N "" -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key
 |end()
 
 |#|add_to_bundle("ok-all-but-tty", "swap")
 |#/swap	d	m755
 |#/swap/type	cN	oneshot	m644
 |#/swap/up	cN	swapon -a	m644
 |#/swap/down	cN	swapoff -a	m644
 
 |start_oneshot("alsa-devices", "sysctl modules dev-coldplug")
 |up()
 	sh -c "
 	retry=true
 	while $retry; do
 	retry=false
 	for card in $(sed -n -e '/^ \\?[0-9]/{s/ *\\([0-9]*\\).*/\\1/;p}' /proc/asound/cards); do
 	$retry && sleep 0.5
 	test -e /dev/snd/controlC${card} || retry=true
 	done
 	$retry && sleep 0.5
 	done
 	:
 	"
 |end()
 
 |start_longrun_with_logger("alsactl-rdaemon","alsa-devices")
 |enabled_bundle("ok-all-but-tty")
 |run_arg("alsactl rdaemon")
 |end()
 
 |start_oneshot("brightness", "ok-sysinit")
 |enabled_bundle("ok-all-but-tty")
 |up()
 	foreground { redirfd -w 1 /sys/class/backlight/intel_backlight/brightness echo 800 }
 	if { chgrp users /sys/class/backlight/intel_backlight/brightness }
 	chmod g+w  /sys/class/backlight/intel_backlight/brightness
 |end()
 
 |start_oneshot("tlp", "ok-sysinit")
 |enabled_bundle("ok-all-but-tty")
 |up()
 	tlp init start
 |down()
 	tlp init stop
 |end()
 
 |start_oneshot("containers", "ok-mount")
 |enabled_bundle("ok-all-but-tty")
 |up()
 	{{qenv("containers")}}
 	export TERM "linux"
 	if {
 		export quiet 1
 		confz site_container_services
 	}
 	s6-svscanctl -a /run/service
 |end()
 
 |if(find("user_svscan.rows")) {
 @for u in user_svscan
 |start_longrun("svscan-"(<u.name>)"-log", "ok-sysinit rootfs")
 |consumer_for("svscan-"(<u.name>))
 |run_el()
 	if { mkdir -p /run/user/{<u.id>}.logs }
 	if { ln -sf {<u.id>}.logs /run/user/{<u.name>}.logs }
 	if { chown {<u.name>}: /run/user/{<u.id>}.logs }
 	if { chmod 700 /run/user/{<u.id>}.logs }
 	s6-envuidgid {<u.name>} applyuidgid-caps -U ""
 	s6-log -- t /run/user/{<u.id>}.logs
 |end()
 
 |start_longrun("svscan-"(<u.name>), "ok-sysinit rootfs")
 |in_bundle("ok-all-but-tty")
 |notification_fd(3)
 |producer_for("svscan-"(<u.name>)"-log")
 |run_el()
 	if { mkdir -p /run/user/{<u.id>} }
 	if { ln -sf {<u.id>} /run/user/{<u.name>} }
 	if { chown {<u.name>}: /run/user/{<u.id>} }
 	if { chmod 700 /run/user/{<u.id>} }
 	s6-envuidgid {<u.name>} applyuidgid-caps -U ""
 	if { mkdir -p /run/user/{<u.id>}/service }
 	s6-svscan -d 3 /run/user/{<u.id>}/service
 |end()
 @endfor
 |}
 
 |start_longrun_with_logger("syncthing", "ok-mount")
 |enabled_bundle("ok-all-but-tty")
 |run_el()
 	/usr/bin/env HOME=/var/lib/syncthing
 	s6-envuidgid syncthing applyuidgid-caps -U ""
 	syncthing -logflags 0
 |end()
 
 |if(find("tinc_networks.rows")) {
 @for i in tinc_networks
 |tinc_network = get("i.name")
 |start_longrun_with_logger("tinc." tinc_network, "net-all")
 |add_to_bundle("ok-all-but-tty", "tinc." tinc_network)
 |run_arg("tincd -n \"" tinc_network "\" -D -d")
 |end()
 @endfor
 |}
 
 |start_longrun_with_logger("rsyncd", "loopback\nok-mount")
 |run_el()
 	/usr/bin/rsync
 	--daemon
 	--no-detach
 	--log-file=/dev/stdout
 	--address=127.0.0.1
 	--port=873
 	--config=/etc/rsyncd.conf
 |end()
 
 |start_longrun_with_logger("wpa_supplicant", "sysctl modules ok-sysinit")
 |#enabled_bundle("net-all")
 |run_el()
 	/usr/sbin/wpa_supplicant
 	-iwlan0
 	-c/etc/wpa_supplicant/wpa_supplicant.conf
 |end()
 
 
 |if(find("X_servers.rows")) {
 /.scripts	d	m755
 /.scripts/X.run
 CN	#!{{env_el("containers")}} -P
 	fdmove -c 2 1
 	s6-envdir env
 	importas vtN vtN
 	export XDG_RUNTIME_DIR /run/service/X${vtN}/data
 	importas XDG_RUNTIME_DIR XDG_RUNTIME_DIR
 	if { truncate -s 0 ${XDG_RUNTIME_DIR}/Xauthority }
 	if { chmod 600 ${XDG_RUNTIME_DIR}/Xauthority }
 	if { chown xorg:xorg ${XDG_RUNTIME_DIR}/Xauthority }
 	if { chown xorg:xorg ${XDG_RUNTIME_DIR} }
 	if {
 	  pipeline {
 	    if { printf "add :%d . " ${vtN} }
 	    if { redirfd -r 0 /dev/urandom xxd -p -l 16 }
 	  }
 	  xauth -f ${XDG_RUNTIME_DIR}/Xauthority source -
 	}
 	piperw 4 5
 	background -d {
 	  fdclose 5
 	  if { mkdir -p ${XDG_RUNTIME_DIR}/env }
 	  if {
 	    redirfd -w 1 ${XDG_RUNTIME_DIR}/env/XAUTHORITY
 	    printf "%s/Xauthority" ${XDG_RUNTIME_DIR}
 	  }
 	  if {
 	    fdmove 0 4
 	    redirfd -w 1 ${XDG_RUNTIME_DIR}/env/DISPLAY
 	    if { printf : }
 	    head -n1
 	  }
 	  fdmove 1 3
 	  echo
 	}
 	unexport !
 	fdclose 4
 	fdclose 3
 	umask 077
 	if { chmod 660 /dev/tty${vtN} }
 	if { chown root:xorg /dev/tty${vtN} }
 	if {
 	  elglob dev /dev/input/event*
 	  if { chown root:input ${dev} }
 	  chmod 660 ${dev}
 	}
 	redirfd -r 0 /dev/tty${vtN}
 	redirfd -w 1 /dev/tty${vtN}
 	s6-setsid
 	s6-envuidgid xorg applyuidgid-caps -U ""
 	Xorg
 	  -displayfd 5
 	  -nolisten local
 	  -nolisten tcp
 	  -quiet
 	#  -logfile /dev/stdout
 	  -logfile ${XDG_RUNTIME_DIR}/log
 	  -auth ${XDG_RUNTIME_DIR}/Xauthority
 	  -tst
 	  -retro
 	  -novtswitch
 	  vt${vtN} :${vtN}
 	
 m755
 
 @for i in X_servers
 /{<i.svc>}	d	m750
 /{<i.svc>}/data	d	m750
 /{<i.svc>}/data/.keep	cN		m640
 /{<i.svc>}/env	d	m750
 /{<i.svc>}/env/vtN	cN	{<i.vtN>}	m640
 /{<i.svc>}/notification-fd	cN	3	m640
 /{<i.svc>}/run	l	../.scripts/X.run	m777
 /{<i.svc>}/type	cN	longrun	m640
 @endfor
 
 |}
 
 |print_bundles()
 |}