fx-marionette: Exit after idle

By default, `systemd-socket-proxyd` keeps running after the remote disconnects. This prevents the HUD control from reconnecting if e.g. Firefox crashes.
mkrootfs: Install OpenSSL 1.1
2022-12-13 11:55:31 -06:00 · 2022-12-13 11:54:35 -06:00 · 2022-12-13 11:53:04 -06:00 · 2022-12-13 11:44:16 -06:00 · 2022-12-13 10:01:07 -06:00 · 2022-12-01 20:40:27 -06:00
5 changed files with 24 additions and 24 deletions
--- a/ci/Jenkinsfile
+++ b/ci/Jenkinsfile
@@ -2,6 +2,7 @@ pipeline {
    agent {
        kubernetes {
            yamlFile 'ci/podTemplate.yaml'
            defaultContainer 'build'
        }
    }
@@ -10,28 +11,9 @@ pipeline {
        disableConcurrentBuilds()
    }
    parameters {
        booleanParam \
            name: 'Clean',
            description: 'Clean the workspace and perform a full rebuild'
    }
    stages {
        stage('Build') {
            steps {
                container('build') {
                    script {
                        if (params.Clean) {
                            sh 'rm -rf _build'
                        }
                    }
                    copyArtifacts \
                        filter: 'aarch64/mqttdpms',
                        projectName: '../mqttdpms/master',
                        selector: lastSuccessful()
                    sh 'install aarch64/mqttdpms overlay/usr/local/bin/'
                    sh 'make rootfs initramfs'
                }
                copyArtifacts \
                    filter: 'aarch64/mqttdpms',
                    projectName: '../mqttdpms/master',
--- a/ci/podTemplate.yaml
+++ b/ci/podTemplate.yaml
@@ -4,18 +4,28 @@ spec:
  terminationGracePeriodSeconds: 0
  containers:
  - name: build
-    image: registry.pyrocufflink.blue/build/basementhud
+    image: git.pyrocufflink.net/containerimages/build/basementhud
    command:
    - sleep
    - infinity
    securityContext:
      readOnlyRootFilesystem: true
      privileged: true
    volumeMounts:
    - name: tmp
      mountPath: /tmp
  - name: publish
-    image: registry.fedoraproject.org/fedora
+    image: git.pyrocufflink.net/containerimages/build/basementhud
    command:
    - sleep
    - infinity
    securityContext:
      readOnlyRootFilesystem: true
      runAsUser: 1000
    volumeMounts:
    - name: tmp
      mountPath: /tmp
  volumes:
  - name: tmp
    emptyDir:
      medium: Memory
--- a/mkrootfs.sh
+++ b/mkrootfs.sh
@@ -5,7 +5,7 @@ set -e
 srcdir="$(dirname "$0")"
 destdir="$(mkdir -p "$1" && readlink -e "$1")"
 dest=basementhud.squashfs
-releasever=35
+releasever=37
 mkdir -p "${destdir}"
@@ -28,6 +28,7 @@ dnf --installroot "${destdir}" install -y \
    nbd \
    openbox \
    openssh-server \
    openssl1.1 \
    rsyslog \
    systemd \
    xinit \
@@ -73,6 +74,8 @@ chroot "${destdir}" systemctl disable \
    systemd-homed \
    systemd-userdbd
 ln -sf /run/resolv.conf "${destdir}"/etc/resolv.conf
 grep -lR pam_sss "${destdir}"/etc/pam.d \
    | xargs sed -i /pam_sss/d
 umask 0022
 mksquashfs "${destdir}" "${destdir}/boot/${dest}" \
--- a/overlay/etc/systemd/system/xinit@.service
+++ b/overlay/etc/systemd/system/xinit@.service
@@ -4,13 +4,15 @@ Wants=network-online.target
 After=network-online.target
 Wants=time-set.target
 After=time-set.target
 After=getty@tty1.service
 Conflicts=getty@tty1.service
 [Service]
 Type=simple
 User=%I
 WorkingDirectory=~
 PAMName=xinit
-TTYPath=/dev/tty7
+TTYPath=/dev/tty1
 StandardInput=tty
 StandardOutput=journal
 StandardError=journal
--- a/overlay/etc/systemd/user/firefox-marionette.service
+++ b/overlay/etc/systemd/user/firefox-marionette.service
@@ -4,4 +4,7 @@ Requires=firefox-marionette.socket
 Requires=firefox.service
 [Service]
-ExecStart=/usr/lib/systemd/systemd-socket-proxyd 127.0.0.1:2828
+ExecStart=/usr/lib/systemd/systemd-socket-proxyd \
    --connections-max=1 \
    --exit-idle-time=10s \
    127.0.0.1:2828
Author	SHA1	Message	Date
Dustin C. Hatch	379eca833c	fx-marionette: Exit after idle All checks were successful dustin/basementhud/pipeline/head This commit looks good Details By default, `systemd-socket-proxyd` keeps running after the remote disconnects. This prevents the HUD control from reconnecting if e.g. Firefox crashes.	2022-12-13 11:55:31 -06:00
Dustin C. Hatch	6fe27732b3	mkrootfs: Install OpenSSL 1.1 `mqttdpms` is linked against OpenSSL 1.1. Rather than build multiple copies that link to different versions, it's easier (for now) to just install the old version of OpenSSL here.	2022-12-13 11:54:35 -06:00
Dustin C. Hatch	8acc69f9ba	mkrootfs: Disable pam_sss Fedora's default PAM configuration assumes SSSD is installed. Since it isn't, the system log is littered with errors about it: > PAM unable to dlopen(/usr/lib64/security/pam_sss.so): /usr/lib64/security/pam_sss.so: cannot open shared object file: No such file or directory > PAM adding faulty module: /usr/lib64/security/pam_sss.so	2022-12-13 11:53:04 -06:00
Dustin C. Hatch	0caf50f656	xinit: Start Xorg on tty1 Because `tty1` is active when `xinit@user.service` starts on `tty7`, Xorg cannot bind the modesetting driver to the DRM device: > (II) systemd-logind: got fd for /dev/dri/card2 226:2 fd 13 paused 1 > (EE) Error systemd-logind returned paused fd for drm node To fix this, we need to start Xorg on the active console. Another potential fix would be to run `chvt 7` before running `startx`, but running the GUI on tty1 seems to be what the major display managers, e.g. GDM, are doing now.	2022-12-13 11:44:16 -06:00
Dustin C. Hatch	60e03e99fe	Update to Fedora 37 All checks were successful dustin/basementhud/pipeline/pr-master This commit looks good Details dustin/basementhud/pipeline/head This commit looks good Details	2022-12-13 10:01:07 -06:00
Dustin C. Hatch	5a1054bf01	ci: Remove Clean parameter This parameter no longer makes sense as the workspace is not preserved between runs anyhow.	2022-12-01 20:40:27 -06:00
Dustin C. Hatch	19cb4256f3	ci: Run in kubernetes All checks were successful dustin/basementhud/pipeline/head This commit looks good Details	2022-12-01 20:03:33 -06:00