From 730d08cbd25779c78eafdc6af810debb36eaeba5 Mon Sep 17 00:00:00 2001 From: MichaIng Date: Sun, 19 Jan 2025 13:26:43 +0100 Subject: [PATCH] v9.10 - CI | Switch to new ARM runners for ARM software builds and tests: https://github.blog/changelog/2025-01-16-linux-arm64-hosted-runners-now-available-for-free-in-public-repositories-public-preview/ --- .build/software/Amiberry/build.bash | 4 +- .build/software/dietpi-software-build.bash | 25 ++-- .build/software/gmediarender/build.bash | 4 +- .build/software/shairport-sync/build.bash | 6 +- .build/software/squeezelite/build.bash | 4 +- .build/software/vaultwarden/build.bash | 10 +- .build/software/ympd/build.bash | 4 +- .github/workflows/dietpi-software-build.yml | 5 +- .github/workflows/dietpi-software.bash | 127 +++++++++----------- .github/workflows/dietpi-software.yml | 5 +- 10 files changed, 83 insertions(+), 111 deletions(-) diff --git a/.build/software/Amiberry/build.bash b/.build/software/Amiberry/build.bash index 254a795ae8..0a24c90c9d 100755 --- a/.build/software/Amiberry/build.bash +++ b/.build/software/Amiberry/build.bash @@ -21,7 +21,7 @@ G_AGUP G_AGDUG "${adeps_build[@]}" for i in "${adeps[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || dpkg-query -s "${i}t64" &> /dev/null && continue G_DIETPI-NOTIFY 1 "Expected dependency package was not installed: $i" exit 1 @@ -189,7 +189,7 @@ find "$DIR" ! \( -path "$DIR/DEBIAN" -prune \) -type f -exec md5sum {} + | sed " DEPS_APT_VERSIONED= for i in "${adeps[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || i+='t64' DEPS_APT_VERSIONED+=" $i (>= $(dpkg-query -Wf '${VERSION}' "$i"))," done diff --git a/.build/software/dietpi-software-build.bash b/.build/software/dietpi-software-build.bash index 3ad4b9e642..d20bb72f63 100644 --- a/.build/software/dietpi-software-build.bash +++ b/.build/software/dietpi-software-build.bash @@ -78,22 +78,12 @@ apackages=('xz-utils' 'parted' 'fdisk' 'systemd-container') emulation=0 (( $G_HW_ARCH == $arch || ( $G_HW_ARCH < 10 && $G_HW_ARCH > $arch ) )) || emulation=1 -# Bullseye/Jammy: binfmt-support still required for emulation. With systemd-binfmt only, mmdebstrap throws "E: can neither be executed natively nor via qemu user emulation with binfmt_misc" -(( $emulation )) && { apackages+=('qemu-user-static'); (( $G_DISTRO < 7 )) && apackages+=('binfmt-support'); } +(( $emulation )) && apackages+=('qemu-user-static') G_AG_CHECK_INSTALL_PREREQ "${apackages[@]}" # Register QEMU binfmt configs -if (( $emulation )) -then - if (( $G_DISTRO < 7 )) - then - G_EXEC systemctl disable --now systemd-binfmt - G_EXEC systemctl restart binfmt-support - else - G_EXEC systemctl restart systemd-binfmt - fi -fi +(( $emulation )) && G_EXEC systemctl restart systemd-binfmt ########################################## # Prepare container @@ -117,14 +107,17 @@ G_EXEC_OUTPUT=1 G_EXEC e2fsck -fp "${FP_LOOP}p1" G_EXEC mkdir rootfs G_EXEC mount "${FP_LOOP}p1" rootfs -# Enforce ARMv6 arch on Raspbian -# shellcheck disable=SC2015 -(( $arch > 1 )) || { echo -e '#/bin/dash\n[ "$*" = -m ] && echo armv6l || /bin/uname "$@"' > rootfs/usr/local/bin/uname && G_EXEC chmod +x rootfs/usr/local/bin/uname; } || Error_Exit 'Failed to generate /usr/local/bin/uname for ARMv6' +# Enforce target ARM arch in containers with newer host/emulated ARM version +if (( $arch < 3 && $G_HW_ARCH != $arch )) +then + # shellcheck disable=SC2015 + echo -e "#/bin/dash\n[ \"\$*\" = -m ] && echo $ARCH || /bin/uname \"\$@\"" > rootfs/usr/local/bin/uname && G_EXEC chmod +x rootfs/usr/local/bin/uname || Error_Exit "Failed to generate /usr/local/bin/uname for $ARCH" +fi # Enable automated setup G_CONFIG_INJECT 'AUTO_SETUP_AUTOMATED=' 'AUTO_SETUP_AUTOMATED=1' rootfs/boot/dietpi.txt # - Workaround for failing systemd services and hence missing autologin in emulated Trixie containers: https://gitlab.com/qemu-project/qemu/-/issues/1962, https://github.com/systemd/systemd/issues/31219 -if [[ $DISTRO == 'trixie' ]] && (( $G_HW_ARCH != $arch && ( $G_HW_ARCH > 9 || $G_HW_ARCH < $arch ) )) +if [[ $DISTRO == 'trixie' && $emulation == 1 ]] then for i in rootfs/usr/lib/systemd/system/*.service do diff --git a/.build/software/gmediarender/build.bash b/.build/software/gmediarender/build.bash index b6bc41ccb8..5c7bd9b01b 100755 --- a/.build/software/gmediarender/build.bash +++ b/.build/software/gmediarender/build.bash @@ -9,7 +9,7 @@ adeps=('libc6' 'gstreamer1.0-alsa' 'gstreamer1.0-libav' 'gstreamer1.0-plugins-go (( $G_DISTRO > 7 )) && adeps+=('libupnp17') || adeps+=('libupnp13') for i in "${adeps[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || dpkg-query -s "${i}t64" &> /dev/null && continue G_DIETPI-NOTIFY 1 "Expected dependency package was not installed: $i" exit 1 @@ -164,7 +164,7 @@ find "$DIR" ! \( -path "$DIR/DEBIAN" -prune \) -type f -exec md5sum {} + | sed " DEPS_APT_VERSIONED= for i in "${adeps[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || i+='t64' DEPS_APT_VERSIONED+=" $i (>= $(dpkg-query -Wf '${VERSION}' "$i"))," done diff --git a/.build/software/shairport-sync/build.bash b/.build/software/shairport-sync/build.bash index d0511597e4..fdf2050d25 100755 --- a/.build/software/shairport-sync/build.bash +++ b/.build/software/shairport-sync/build.bash @@ -22,7 +22,7 @@ case $G_DISTRO in esac for i in "${adeps[@]}" "${adeps2[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || dpkg-query -s "${i}t64" &> /dev/null && continue G_DIETPI-NOTIFY 1 "Expected dependency package was not installed: $i" exit 1 @@ -358,7 +358,7 @@ find "$DIR" ! \( -path "$DIR/DEBIAN" -prune \) -type f -exec md5sum {} + | sed " DEPS_APT_VERSIONED= for i in "${adeps[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || i+='t64' DEPS_APT_VERSIONED+=" $i (>= $(dpkg-query -Wf '${VERSION}' "$i"))," done @@ -540,7 +540,7 @@ find "$DIR" ! \( -path "$DIR/DEBIAN" -prune \) -type f -exec md5sum {} + | sed " # - Obtain DEB dependency versions for i in "${adeps2[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || i+='t64' DEPS_APT_VERSIONED+=", $i (>= $(dpkg-query -Wf '${VERSION}' "$i"))" done diff --git a/.build/software/squeezelite/build.bash b/.build/software/squeezelite/build.bash index 5abcdc5f7b..d826067984 100755 --- a/.build/software/squeezelite/build.bash +++ b/.build/software/squeezelite/build.bash @@ -16,7 +16,7 @@ case $G_DISTRO in esac for i in "${adeps[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || dpkg-query -s "${i}t64" &> /dev/null && continue G_DIETPI-NOTIFY 1 "Expected dependency package was not installed: $i" exit 1 @@ -142,7 +142,7 @@ find "$DIR" ! \( -path "$DIR/DEBIAN" -prune \) -type f -exec md5sum {} + | sed " DEPS_APT_VERSIONED= for i in "${adeps[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || i+='t64' DEPS_APT_VERSIONED+=" $i (>= $(dpkg-query -Wf '${VERSION}' "$i"))," done diff --git a/.build/software/vaultwarden/build.bash b/.build/software/vaultwarden/build.bash index d9ead499c7..ca143359ce 100755 --- a/.build/software/vaultwarden/build.bash +++ b/.build/software/vaultwarden/build.bash @@ -11,19 +11,15 @@ G_AGUP G_AGDUG "${adeps_build[@]}" for i in "${adeps[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || dpkg-query -s "${i}t64" &> /dev/null && continue G_DIETPI-NOTIFY 1 "Expected dependency package was not installed: $i" exit 1 done G_DIETPI-NOTIFY 2 'Installing Rust via rustup' -# - ARMv6: Set default target explicitly, otherwise it compiles for ARMv7 in emulated container +# - ARMv6: Set default target explicitly, otherwise it compiles for ARMv7 in container with newer host/emulated ARM version grep -q '^ID=raspbian' /etc/os-release && G_HW_ARCH_NAME='armv6l' host=('--default-host' 'arm-unknown-linux-gnueabihf') || host=() -# - ARMv7: Apply workaround for failing crates index update in in emulated 32-bit ARM environments: https://github.com/rust-lang/cargo/issues/8719. CARGO_REGISTRIES_CRATES_IO_PROTOCOL='sparse' does not solve everything: https://github.com/rust-lang/cargo/issues/8719#issuecomment-1928540617 -# - ARMv8: Apply workaround for increased cargo fetch RAM usage: https://github.com/rust-lang/cargo/issues/10583 -export HOME=$(mktemp -d) CARGO_NET_GIT_FETCH_WITH_CLI='true' -G_EXEC cd "$HOME" G_EXEC curl -sSfo rustup-init.sh 'https://sh.rustup.rs' G_EXEC chmod +x rustup-init.sh G_EXEC_OUTPUT=1 G_EXEC ./rustup-init.sh -y --profile minimal --default-toolchain none "${host[@]}" @@ -205,7 +201,7 @@ find "$DIR" ! \( -path "$DIR/DEBIAN" -prune \) -type f -exec md5sum {} + | sed " DEPS_APT_VERSIONED= for i in "${adeps[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || i+='t64' DEPS_APT_VERSIONED+=" $i (>= $(dpkg-query -Wf '${VERSION}' "$i"))," done diff --git a/.build/software/ympd/build.bash b/.build/software/ympd/build.bash index 806c17368b..698fa34ea2 100644 --- a/.build/software/ympd/build.bash +++ b/.build/software/ympd/build.bash @@ -15,7 +15,7 @@ case $G_DISTRO in esac for i in "${adeps[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || dpkg-query -s "${i}t64" &> /dev/null && continue G_DIETPI-NOTIFY 1 "Expected dependency package was not installed: $i" exit 1 @@ -138,7 +138,7 @@ find "$DIR" ! \( -path "$DIR/DEBIAN" -prune \) -type f -exec md5sum {} + | sed " DEPS_APT_VERSIONED= for i in "${adeps[@]}" do - # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Sid: https://bugs.debian.org/1065394 + # Temporarily allow lib*t64 packages, while the 64-bit time_t transition is ongoing on Trixie: https://bugs.debian.org/1065394 dpkg-query -s "$i" &> /dev/null || i+='t64' DEPS_APT_VERSIONED+=" $i (>= $(dpkg-query -Wf '${VERSION}' "$i"))," done diff --git a/.github/workflows/dietpi-software-build.yml b/.github/workflows/dietpi-software-build.yml index cae2b8f8dc..804703d613 100644 --- a/.github/workflows/dietpi-software-build.yml +++ b/.github/workflows/dietpi-software-build.yml @@ -71,10 +71,7 @@ jobs: - { arch: x86_64, name: gogs } fail-fast: false name: "${{ matrix.name }} - ${{ matrix.arch }} - ${{ matrix.dist }}" - # aarch64 build in QEMU-emulated Bullseye containers on Ubuntu Noble hosts fail: - # Processing triggers for libc-bin (2.31-13+deb11u10) ... - # qemu: uncaught target signal 11 (Segmentation fault) - core dumped - runs-on: ${{ matrix.dist == 'bullseye' && matrix.arch == 'aarch64' && 'ubuntu-22.04' || 'ubuntu-24.04' }} + runs-on: ${{ matrix.arch == 'x86_64' && 'ubuntu-24.04' || 'ubuntu-24.04-arm' }} steps: - name: Build run: sudo bash -c "G_GITOWNER=$GITHUB_REPOSITORY_OWNER G_GITBRANCH=$GITHUB_REF_NAME; $(curl -sSf "https://raw.githubusercontent.com/$GITHUB_REPOSITORY_OWNER/DietPi/$GITHUB_REF_NAME/.build/software/dietpi-software-build.bash")" -- -n '${{ matrix.name }}' -a '${{ matrix.arch }}' -d '${{ matrix.dist }}' diff --git a/.github/workflows/dietpi-software.bash b/.github/workflows/dietpi-software.bash index 22f6725a92..9cc88d09ab 100644 --- a/.github/workflows/dietpi-software.bash +++ b/.github/workflows/dietpi-software.bash @@ -74,8 +74,10 @@ image="DietPi_Container-$image.img" [[ $RPI =~ ^('false'|'true')$ ]] || { G_DIETPI-NOTIFY 1 "Invalid RPi flag \"$RPI\" passed, aborting..."; exit 1; } [[ $TEST =~ ^('false'|'true')$ ]] || { G_DIETPI-NOTIFY 1 "Invalid test flag \"$TEST\" passed, aborting..."; exit 1; } -# Workaround for "Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 145." during Apache2 DEB postinst in 32-bit ARM Bookworm container: https://lists.ubuntu.com/archives/foundations-bugs/2022-January/467253.html -[[ $SOFTWARE =~ (^| )83( |$) && $DISTRO == 'bookworm' ]] && (( $arch < 3 )) && { echo '[ WARN ] Installing Lighttpd instead of Apache due to a bug in 32-bit ARM containers'; SOFTWARE=$(sed -E 's/(^| )83( |$)/\184\2/g' <<< "$SOFTWARE"); } +# Emulation support in case of incompatible architecture +emulation=0 +(( $G_HW_ARCH == $arch || ( $G_HW_ARCH < 10 && $G_HW_ARCH > $arch ) )) || emulation=1 + # Remove Docker containers from test installs as Docker cannot start in systemd containers [[ $SOFTWARE =~ (^| )(86|142|185)( |$) ]] && { echo '[ WARN ] Removing Roon Extension Manager, MicroK8s and Portainer from test installs as Docker cannot start in systemd containers'; SOFTWARE=$(sed -E 's/(^| )(86|142|186)( |$)/\1\3/g' <<< "$SOFTWARE"); } # Add MariaDB with Allo GUI (non-full/reinstall ID 160), as otherwise the install fails @@ -92,7 +94,7 @@ Process_Software() do # shellcheck disable=SC2016 case $i in - 'webserver') [[ $SOFTWARE =~ (^| )8[345]( |$) ]] || aSERVICES[84]='lighttpd' aTCP[84]='80';; # Lighttpd as default due to above bug in 32-bit ARM Bookworm containers + 'webserver') [[ $SOFTWARE =~ (^| )8[345]( |$) ]] || aSERVICES[83]='apache2' aTCP[83]='80';; 0) aCOMMANDS[i]='ssh -V';; 1) aCOMMANDS[i]='smbclient -V';; 2) aSERVICES[i]='fahclient' aTCP[i]='7396';; @@ -104,8 +106,8 @@ Process_Software() 29) aSERVICES[i]='xrdp' aTCP[i]='3389';; 30) aSERVICES[i]='nxserver' aTCP[i]='4000';; 32) aSERVICES[i]='ympd' aTCP[i]='1337';; - 33) (( $arch == 10 )) && aSERVICES[i]='airsonic' aTCP[i]='8080' aDELAY[i]=30;; # Fails in QEMU-emulated containers, probably due to missing device access - 35) aSERVICES[i]='lyrionmusicserver' aTCP[i]='9000'; (( $arch < 10 )) && aDELAY[i]=60;; + 33) (( $emulation )) || aSERVICES[i]='airsonic' aTCP[i]='8080' aDELAY[i]=60;; # Fails in QEMU-emulated containers, probably due to missing device access + 35) aSERVICES[i]='lyrionmusicserver' aTCP[i]='9000';; 36) aCOMMANDS[i]='squeezelite -t';; # Service listens on random high UDP port and exits if no audio device has been found, which does not exist on GitHub Actions runners, respectively within the containers 37) aSERVICES[i]='shairport-sync' aTCP[i]='5000';; # AirPlay 2 would be TCP port 7000 39) aSERVICES[i]='minidlna' aTCP[i]='8200';; @@ -118,9 +120,9 @@ Process_Software() 49) aSERVICES[i]='gogs' aTCP[i]='3000';; 50) aSERVICES[i]='syncthing' aTCP[i]='8384';; 51) aCOMMANDS[i]='/usr/games/opentyrian/opentyrian -h';; - 52) aSERVICES[i]='cuberite' aTCP[i]='1339'; (( $arch < 10 )) && aDELAY[i]=120; (( $arch == 10 )) && aDELAY[i]=30;; + 52) aSERVICES[i]='cuberite' aTCP[i]='1339' aDELAY[i]=60;; 53) aSERVICES[i]='mineos' aTCP[i]='8443';; - 58) aCOMMANDS[i]='tailscale version';; # aSERVICES[i]='tailscaled' aUDP[i]='41641' GitHub Action runners to not support the TUN module + 58) aCOMMANDS[i]='tailscale version';; # aSERVICES[i]='tailscaled' aUDP[i]='41641' GitHub Actions runners do not support the TUN module 59) aSERVICES[i]='raspimjpeg';; #60) aUDP[i]='53 68';; Cannot be installed in CI since a WiFi interface is required #61) aSERVICES[i]='tor' aUDP[i]='9040';; Cannot be installed in CI since a WiFi interface is required @@ -133,8 +135,8 @@ Process_Software() 71) aSERVICES[i]='webiopi' aTCP[i]='8002';; 73) aSERVICES[i]='fail2ban';; 74) aSERVICES[i]='influxdb' aTCP[i]='8086 8088';; - 77) aSERVICES[i]='grafana-server' aTCP[i]='3001'; (( $arch < 10 )) && aDELAY[i]=60;; - 80) aSERVICES[i]='ubooquity' aTCP[i]='2038 2039'; (( $arch == 10 )) || aDELAY[i]=30;; + 77) aSERVICES[i]='grafana-server' aTCP[i]='3001';; + 80) aSERVICES[i]='ubooquity' aTCP[i]='2038 2039'; (( $emulation )) && aDELAY[i]=30;; 83) aSERVICES[i]='apache2' aTCP[i]='80';; 84) aSERVICES[i]='lighttpd' aTCP[i]='80';; 85) aSERVICES[i]='nginx' aTCP[i]='80';; @@ -146,24 +148,24 @@ Process_Software() 94) aSERVICES[i]='proftpd' aTCP[i]='21';; 95) aSERVICES[i]='vsftpd' aTCP[i]='21';; 96) aSERVICES[i]='smbd' aTCP[i]='139 445';; - 97) aCOMMANDS[i]='openvpn --version';; # aSERVICES[i]='openvpn' aUDP[i]='1194' GitHub Action runners do not support the TUN module + 97) aCOMMANDS[i]='openvpn --version';; # aSERVICES[i]='openvpn' aUDP[i]='1194' GitHub Actions runners do not support the TUN module 98) aSERVICES[i]='haproxy' aTCP[i]='80 1338';; 99) aSERVICES[i]='node_exporter' aTCP[i]='9100';; #100) (( $arch < 3 )) && aCOMMANDS[i]='/usr/bin/pijuice_cli32 -V' || aCOMMANDS[i]='/usr/bin/pijuice_cli64 -V' aSERVICES[i]='pijuice' aTCP[i]='????' Service does not start without I2C device, not present in container and CLI command always puts you in interactive console 104) aSERVICES[i]='dropbear' aTCP[i]='22';; 105) aSERVICES[i]='ssh' aTCP[i]='22';; - 106) aSERVICES[i]='lidarr' aTCP[i]='8686'; (( $arch < 10 )) && aDELAY[i]=60;; + 106) aSERVICES[i]='lidarr' aTCP[i]='8686';; 107) aSERVICES[i]='rtorrent' aTCP[i]='49164' aUDP[i]='6881';; 108) aCOMMANDS[i]='LD_LIBRARY_PATH=/mnt/dietpi_userdata/amiberry/lib /mnt/dietpi_userdata/amiberry/amiberry -h | grep '\''^$VER: Amiberry '\';; 109) aSERVICES[i]='nfs-kernel-server' aTCP[i]='2049';; 110) aCOMMANDS[i]='mount.nfs -V';; 111) aSERVICES[i]='urbackupsrv' aTCP[i]='55414';; 115) aSERVICES[i]='webmin' aTCP[i]='10000';; - 116) aSERVICES[i]='medusa' aTCP[i]='8081'; (( $arch == 10 )) || aDELAY[i]=30;; + 116) aSERVICES[i]='medusa' aTCP[i]='8081'; (( $emulation )) && aDELAY[i]=30;; #117) :;; # ToDo: Implement automated install via /boot/unattended_pivpn.conf 118) aSERVICES[i]='mopidy' aTCP[i]='6680';; - 121) aSERVICES[i]='roonbridge' aUDP[i]='9003'; (( $arch < 10 )) && aDELAY[i]=30;; - 122) aSERVICES[i]='node-red' aTCP[i]='1880'; (( $arch == 10 )) || aDELAY[i]=30;; + 121) aSERVICES[i]='roonbridge' aUDP[i]='9003';; + 122) aSERVICES[i]='node-red' aTCP[i]='1880'; (( $emulation )) && aDELAY[i]=30;; 123) aSERVICES[i]='mosquitto' aTCP[i]='1883';; 124) aSERVICES[i]='networkaudiod';; # aUDP[i]='????';; 125) aSERVICES[i]='synapse' aTCP[i]='8008';; @@ -180,41 +182,41 @@ Process_Software() 139) aSERVICES[i]='sabnzbd' aTCP[i]='8080'; (( $arch == 10 )) || aDELAY[i]=30;; # ToDo: Solve conflict with Airsonic 140) aSERVICES[i]='domoticz' aTCP[i]='8124 8424';; #142) aSERVICES[i]='snapd';; "system does not fully support snapd: cannot mount squashfs image using "squashfs": mount: /tmp/syscheck-mountpoint-2075108377: mount failed: Operation not permitted." - 143) aSERVICES[i]='koel' aTCP[i]='8003'; (( $arch == 10 )) || aDELAY[i]=30;; - 144) aSERVICES[i]='sonarr' aTCP[i]='8989'; (( $arch < 10 )) && aDELAY[i]=90;; - 145) aSERVICES[i]='radarr' aTCP[i]='7878'; (( $arch < 10 )) && aDELAY[i]=90;; - 146) aSERVICES[i]='tautulli' aTCP[i]='8181'; (( $arch == 10 )) || aDELAY[i]=60;; - 147) aSERVICES[i]='jackett' aTCP[i]='9117'; (( $arch < 10 )) && aDELAY[i]=90;; + 143) aSERVICES[i]='koel' aTCP[i]='8003'; (( $emulation )) && aDELAY[i]=30;; + 144) aSERVICES[i]='sonarr' aTCP[i]='8989';; + 145) aSERVICES[i]='radarr' aTCP[i]='7878';; + 146) aSERVICES[i]='tautulli' aTCP[i]='8181'; (( $emulation )) && aDELAY[i]=60;; + 147) aSERVICES[i]='jackett' aTCP[i]='9117';; 148) aSERVICES[i]='mympd' aTCP[i]='1333';; 149) aSERVICES[i]='nzbget' aTCP[i]='6789';; 150) aCOMMANDS[i]='mono -V';; - 151) aSERVICES[i]='prowlarr' aTCP[i]='9696'; (( $arch < 10 )) && aDELAY[i]=60;; + 151) aSERVICES[i]='prowlarr' aTCP[i]='9696';; 152) aSERVICES[i]='avahi-daemon' aUDP[i]='5353';; - 153) aSERVICES[i]='octoprint' aTCP[i]='5001'; (( $arch == 10 )) || aDELAY[i]=60;; + 153) aSERVICES[i]='octoprint' aTCP[i]='5001'; (( $emulation )) && aDELAY[i]=60;; 154) aSERVICES[i]='roonserver';; # Listens on a variety of different port ranges - 155) aSERVICES[i]='htpc-manager' aTCP[i]='8085'; (( $arch == 10 )) || aDELAY[i]=30; [[ $arch == 3 && $DISTRO == 'trixie' ]] && aDELAY[i]=60;; - 157) aSERVICES[i]='home-assistant' aTCP[i]='8123'; (( $arch == 10 )) && aDELAY[i]=60 || aDELAY[i]=900;; + 155) aSERVICES[i]='htpc-manager' aTCP[i]='8085'; (( $emulation )) && aDELAY[i]=30;; + 157) aSERVICES[i]='home-assistant' aTCP[i]='8123'; (( $emulation )) && aDELAY[i]=900 || aDELAY[i]=60;; 158) aSERVICES[i]='minio' aTCP[i]='9001 9004';; 161) aSERVICES[i]='bdd' aTCP[i]='80 443';; 162) aCOMMANDS[i]='docker -v';; # aSERVICES[i]='docker' Service does not start in systemd containers (without dedicated network) 163) aSERVICES[i]='gmediarender';; # DLNA => UPnP high range of ports - 164) aSERVICES[i]='nukkit' aUDP[i]='19132'; (( $arch == 10 )) || aDELAY[i]=60;; - 165) aSERVICES[i]='gitea' aTCP[i]='3000'; (( $arch < 10 )) && aDELAY[i]=30;; + 164) aSERVICES[i]='nukkit' aUDP[i]='19132'; (( $emulation )) && aDELAY[i]=60;; + 165) aSERVICES[i]='gitea' aTCP[i]='3000';; #166) aSERVICES[i]='pi-spc';; Service cannot reasonably start in container as WirinPi's gpio command fails reading /proc/cpuinfo - 167) (( $arch < 3 )) || aSERVICES[i]='raspotify';; # 32-bit ARM fails with: "arm-binfmt-P: /usr/bin/librespot: Unable to find a guest_base to satisfy all guest address mapping requirements" + 167) aSERVICES[i]='raspotify';; #169) aSERVICES[i]='voice-recognizer';; "RuntimeError: This module can only be run on a Raspberry Pi!" 170) aCOMMANDS[i]='unrar -V';; 171) aSERVICES[i]='frps frpc' aTCP[i]='7000 7400 7500';; 172) aSERVICES[i]='wg-quick@wg0' aUDP[i]='51820';; 174) aCOMMANDS[i]='gimp -v';; 176) aSERVICES[i]='mycroft';; - 177) aSERVICES[i]='forgejo' aTCP[i]='3000'; (( $arch < 10 )) && aDELAY[i]=30;; - 178) aSERVICES[i]='jellyfin' aTCP[i]='8097'; [[ $arch == [23] ]] && aDELAY[i]=300;; # jellyfin[9983]: arm-binfmt-P: ../../target/arm/translate.c:9659: thumb_tr_translate_insn: Assertion `(dc->base.pc_next & 1) == 0' failed. ### jellyfin[9983]: qemu: uncaught target signal 6 (Aborted) - core dumped ### about 5 times - 179) aSERVICES[i]='komga' aTCP[i]='2037'; (( $arch == 10 )) && aDELAY[i]=30; (( $arch != 10 )) && aDELAY[i]=300;; - 180) aSERVICES[i]='bazarr' aTCP[i]='6767'; (( $arch == 10 )) && aDELAY[i]=30; (( $arch < 10 )) && aDELAY[i]=90;; - 181) aSERVICES[i]='papermc' aTCP[i]='25565 25575'; (( $arch == 10 )) && aDELAY[i]=60 || aDELAY[i]=600;; + 177) aSERVICES[i]='forgejo' aTCP[i]='3000';; + 178) aSERVICES[i]='jellyfin' aTCP[i]='8097';; + 179) aSERVICES[i]='komga' aTCP[i]='2037'; (( $emulation )) && aDELAY[i]=300 || aDELAY[i]=30;; + 180) aSERVICES[i]='bazarr' aTCP[i]='6767' aDELAY[i]=30;; + 181) aSERVICES[i]='papermc' aTCP[i]='25565 25575'; (( $emulation )) && aDELAY[i]=600 || aDELAY[i]=60;; 182) aSERVICES[i]='unbound' aUDP[i]='53'; [[ ${aSERVICES[126]} ]] && aUDP[i]+=' 5335';; # Uses port 5335 if Pi-hole or AdGuard Home is installed, but those do listen on port 53 instead - 183) aSERVICES[i]='vaultwarden' aTCP[i]='8001'; (( $arch < 10 )) && aDELAY[i]=20;; + 183) aSERVICES[i]='vaultwarden' aTCP[i]='8001';; 184) aSERVICES[i]='tor';; # aTCP[i]='443 9051' Interactive install with ports depending on choice and relay type #185) aTCP[i]='9002';; # Docker does not start in systemd containers (without dedicated network) 186) aSERVICES[i]='ipfs' aTCP[i]='5003 8087';; @@ -233,14 +235,14 @@ Process_Software() #200) aSERVICES[i]='dietpi-dashboard' aTCP[i]='5252';; "dietpi-dashboard.service: Failed to set up standard input: No such file or directory"; "dietpi-dashboard.service: Failed at step STDIN spawning /opt/dietpi-dashboard/dietpi-dashboard: No such file or directory" 201) aSERVICES[i]='zerotier-one' aTCP[i]='9993';; 202) aCOMMANDS[i]='rclone -h';; - 203) aSERVICES[i]='readarr' aTCP[i]='8787'; [[ $arch == [23] ]] && aDELAY[i]=60;; - 204) aSERVICES[i]='navidrome' aTCP[i]='4533'; (( $arch > 9 )) || aDELAY[i]=60;; - 206) aSERVICES[i]='openhab'; (( $arch == 2 )) || aTCP[i]='8444'; [[ $arch == [23] || $arch == 11 ]] && aDELAY[i]=600;; # Service start takes too long in emulated ARMv7 container, so skip port check for now ... + 203) aSERVICES[i]='readarr' aTCP[i]='8787';; + 204) aSERVICES[i]='navidrome' aTCP[i]='4533';; + 206) aSERVICES[i]='openhab' aTCP[i]='8444'; (( $emulation )) && aDELAY[i]=600;; #207) Moonlight (CLI), "moonlight" command #208) Moonlight (GUI), "moonlight-qt" command 209) aCOMMANDS[i]='restic version';; - 211) aCOMMANDS[i]='hb-service status' aSERVICES[i]='homebridge' aTCP[i]='8581'; (( $arch < 10 )) && aDELAY[i]=30; (( $arch == 3 )) && aDELAY[i]=120;; - 212) aSERVICES[i]='kavita' aTCP[i]='2036'; (( $arch < 10 )) && aDELAY[i]=180; (( $arch == 10 )) && aDELAY[i]=30;; + 211) aCOMMANDS[i]='hb-service status' aSERVICES[i]='homebridge' aTCP[i]='8581';; + 212) aSERVICES[i]='kavita' aTCP[i]='2036' aDELAY[i]=30;; 213) aSERVICES[i]='soju' aTCP[i]='6667';; *) :;; esac @@ -275,26 +277,12 @@ done ########################################## apackages=('xz-utils' 'parted' 'fdisk' 'systemd-container') -# Emulation support in case of incompatible architecture -emulation=0 -(( $G_HW_ARCH == $arch || ( $G_HW_ARCH < 10 && $G_HW_ARCH > $arch ) )) || emulation=1 - -# Bullseye/Jammy: binfmt-support still required for emulation. With systemd-binfmt only, mmdebstrap throws "E: can neither be executed natively nor via qemu user emulation with binfmt_misc" -(( $emulation )) && { apackages+=('qemu-user-static'); (( $G_DISTRO < 7 )) && apackages+=('binfmt-support'); } +(( $emulation )) && apackages+=('qemu-user-static') G_AG_CHECK_INSTALL_PREREQ "${apackages[@]}" # Register QEMU binfmt configs -if (( $emulation )) -then - if (( $G_DISTRO < 7 )) - then - G_EXEC systemctl disable --now systemd-binfmt - G_EXEC systemctl restart binfmt-support - else - G_EXEC systemctl restart systemd-binfmt - fi -fi +(( $emulation )) && G_EXEC systemctl restart systemd-binfmt ########################################## # Prepare container @@ -318,9 +306,12 @@ G_EXEC_OUTPUT=1 G_EXEC e2fsck -fp "${FP_LOOP}p1" G_EXEC mkdir rootfs G_EXEC mount "${FP_LOOP}p1" rootfs -# Force ARMv6 arch on Raspbian -# shellcheck disable=SC2015 -(( $arch > 1 )) || { echo -e '#/bin/dash\n[ "$*" = -m ] && echo armv6l || /bin/uname "$@"' > rootfs/usr/local/bin/uname && G_EXEC chmod +x rootfs/usr/local/bin/uname; } || Error_Exit 'Failed to generate /usr/local/bin/uname for ARMv6' +# Enforce target ARM arch in containers with newer host/emulated ARM version +if (( $arch < 3 && $G_HW_ARCH != $arch )) +then + # shellcheck disable=SC2015 + echo -e "#/bin/dash\n[ \"\$*\" = -m ] && echo $ARCH || /bin/uname \"\$@\"" > rootfs/usr/local/bin/uname && G_EXEC chmod +x rootfs/usr/local/bin/uname || Error_Exit "Failed to generate /usr/local/bin/uname for $ARCH" +fi # Force RPi on ARM systems if requested if [[ $RPI == 'true' ]] && (( $arch < 10 )) @@ -387,16 +378,17 @@ G_EXEC touch rootfs/mnt/dietpi_userdata/papermc/plugins/Geyser-Spigot.jar # Workaround for "Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 145." during Apache2 DEB postinst in 32-bit ARM Bookworm container: https://lists.ubuntu.com/archives/foundations-bugs/2022-January/467253.html G_CONFIG_INJECT 'AUTO_SETUP_WEB_SERVER_INDEX=' 'AUTO_SETUP_WEB_SERVER_INDEX=-2' rootfs/boot/dietpi.txt -# Workaround for failing services as PrivateUsers=true leads to "Failed to set up user namespacing" on QEMU-emulated 32-bit ARM containers, and AmbientCapabilities to "Failed to apply ambient capabilities (before UID change): Operation not permitted" -G_EXEC mkdir rootfs/etc/systemd/system/{redis-server,raspotify,navidrome,homebridge}.service.d -G_EXEC eval 'echo -e '\''[Service]\nPrivateUsers=0'\'' > rootfs/etc/systemd/system/redis-server.service.d/dietpi-container.conf' -G_EXEC eval 'echo -e '\''[Service]\nPrivateUsers=0'\'' > rootfs/etc/systemd/system/raspotify.service.d/dietpi-container.conf' -G_EXEC eval 'echo -e '\''[Service]\nPrivateUsers=0'\'' > rootfs/etc/systemd/system/navidrome.service.d/dietpi-container.conf' -G_EXEC eval 'echo -e '\''[Service]\nAmbientCapabilities='\'' > rootfs/etc/systemd/system/homebridge.service.d/dietpi-container.conf' - -# Workaround for failing 32-bit ARM Rust builds on ext4 in QEMU emulated container on 64-bit host: https://github.com/rust-lang/cargo/issues/9545 -if (( $arch < 3 && $G_HW_ARCH > 9 )) +# Workarounds for QEMU-emulated 32-bit ARM containers +if (( $arch < 3 && $emulation )) then + # Failing services as PrivateUsers=true leads to "Failed to set up user namespacing" on QEMU-emulated 32-bit ARM containers, and AmbientCapabilities to "Failed to apply ambient capabilities (before UID change): Operation not permitted" + G_EXEC mkdir rootfs/etc/systemd/system/{redis-server,raspotify,navidrome,homebridge}.service.d + G_EXEC eval 'echo -e '\''[Service]\nPrivateUsers=0'\'' > rootfs/etc/systemd/system/redis-server.service.d/dietpi-container.conf' + G_EXEC eval 'echo -e '\''[Service]\nPrivateUsers=0'\'' > rootfs/etc/systemd/system/raspotify.service.d/dietpi-container.conf' + G_EXEC eval 'echo -e '\''[Service]\nPrivateUsers=0'\'' > rootfs/etc/systemd/system/navidrome.service.d/dietpi-container.conf' + G_EXEC eval 'echo -e '\''[Service]\nAmbientCapabilities='\'' > rootfs/etc/systemd/system/homebridge.service.d/dietpi-container.conf' + + # Failing 32-bit ARM Rust builds on ext4 in QEMU emulated container on 64-bit host: https://github.com/rust-lang/cargo/issues/9545 G_EXEC eval 'echo -e '\''tmpfs /mnt/dietpi_userdata tmpfs size=3G,noatime,lazytime\ntmpfs /root tmpfs size=3G,noatime,lazytime'\'' >> rootfs/etc/fstab' cat << '_EOF_' > rootfs/boot/Automation_Custom_PreScript.sh #!/bin/dash -e @@ -410,13 +402,10 @@ rm -R /mnt/dietpi_userdata_bak _EOF_ fi -# Workaround failing Java apps if 64-bit host memory leads to too large heap size in emulated 32-bit containers: https://stackoverflow.com/questions/4401396 +# Workaround failing Java apps if 64-bit host memory leads to too large heap size in 32-bit containers: https://stackoverflow.com/questions/4401396 # shellcheck disable=SC2016 (( $arch < 3 && $G_HW_ARCH > 2)) && G_EXEC sed --follow-symlinks -i '/# Start DietPi-Software/a\sed -i '\''s|-mx${memory_limit}m|-mx1024m|'\'' /boot/dietpi/dietpi-software' rootfs/boot/dietpi/dietpi-login -# Workaround for Node.js on ARMv6 -(( $arch == 1 )) && G_EXEC sed --follow-symlinks -i '/# Start DietPi-Software/a\sed -i '\''/G_EXEC chmod +x node-install.sh/a\\sed -i "/^ARCH=/c\\ARCH=armv6l" node-install.sh'\'' /boot/dietpi/dietpi-software' rootfs/boot/dietpi/dietpi-login - # Workaround for sysctl: permission denied on key "net.core.rmem_max" in containers G_EXEC sed --follow-symlinks -i '/# Start DietPi-Software/a\sed -i '\''/G_EXEC sysctl -w net\.core\.rmem_max/d'\'' /boot/dietpi/dietpi-software' rootfs/boot/dietpi/dietpi-login diff --git a/.github/workflows/dietpi-software.yml b/.github/workflows/dietpi-software.yml index d013908cee..1c6aa00632 100644 --- a/.github/workflows/dietpi-software.yml +++ b/.github/workflows/dietpi-software.yml @@ -68,10 +68,7 @@ jobs: - { arch: riscv64, dist: bookworm } fail-fast: false name: "${{ matrix.arch }} - ${{ matrix.dist }} - ${{ github.event.inputs.soft }}" - # aarch64 test in QEMU-emulated Bullseye containers on Ubuntu Noble hosts fail: - # Processing triggers for libc-bin (2.31-13+deb11u10) ... - # qemu: uncaught target signal 11 (Segmentation fault) - core dumped - runs-on: ${{ matrix.dist == 'bullseye' && matrix.arch == 'aarch64' && 'ubuntu-22.04' || 'ubuntu-24.04' }} + runs-on: ${{ matrix.arch == 'x86_64' && 'ubuntu-24.04' || 'ubuntu-24.04-arm' }} steps: - name: Install run: |