diff --git a/.github/workflows/backend.yaml b/.github/workflows/backend.yaml index 9a80105ec..4ac503046 100644 --- a/.github/workflows/backend.yaml +++ b/.github/workflows/backend.yaml @@ -115,22 +115,7 @@ jobs: run: ./check-environment.sh - name: Build backend - run: cargo build --release --target x86_64-unknown-linux-gnu --locked - working-directory: backend - if: ${{ matrix.target == 'x86_64' }} - - - name: Build backend - run: | - docker run --rm \ - -v "/home/runner/.cargo/registry":/root/.cargo/registry \ - -v "$(pwd)":/home/rust/src \ - -P start9/rust-arm-cross:aarch64 \ - sh -c 'cd /home/rust/src/backend && - rustup install ${{ env.RUST_VERSION }} && - rustup override set ${{ env.RUST_VERSION }} && - rustup target add aarch64-unknown-linux-gnu && - cargo build --release --target ${{ matrix.target }}-unknown-linux-gnu --locked' - if: ${{ matrix.target == 'aarch64' }} + run: make ARCH=${{ matrix.target }} backend - name: 'Tar files to preserve file permissions' run: make ARCH=${{ matrix.target }} backend-${{ matrix.target }}.tar diff --git a/backend/README.md b/backend/README.md index 88a91cc61..75d305927 100644 --- a/backend/README.md +++ b/backend/README.md @@ -40,4 +40,3 @@ If you have questions about how various pieces of the backend system work. Open an issue and tag the following people - dr-bonez -- ProofOfKeags diff --git a/backend/src/sound.rs b/backend/src/sound.rs index 20be898f4..714710f95 100644 --- a/backend/src/sound.rs +++ b/backend/src/sound.rs @@ -167,11 +167,14 @@ where impl Drop for SoundInterface { fn drop(&mut self) { + let use_beep = self.use_beep; let guard = self.guard.take(); tokio::spawn(async move { - if let Err(e) = tokio::fs::write(&*UNEXPORT_FILE, "0").await { - tracing::error!("Failed to Unexport Sound Interface: {}", e); - tracing::debug!("{:?}", e); + if !use_beep { + if let Err(e) = tokio::fs::write(&*UNEXPORT_FILE, "0").await { + tracing::error!("Failed to Unexport Sound Interface: {}", e); + tracing::debug!("{:?}", e); + } } if let Some(guard) = guard { if let Err(e) = guard.unlock().await { diff --git a/build/lib/proxy.pac b/build/lib/proxy.pac new file mode 100644 index 000000000..6a666ffe3 --- /dev/null +++ b/build/lib/proxy.pac @@ -0,0 +1,12 @@ +function FindProxyForURL(url, host) +{ + if (shExpMatch(host, "*.onion")) + { + return "SOCKS5 127.0.0.1:9050"; + } + return "DIRECT"; +} + +function FindProxyForURLEx(url, host) { + return FindProxyForURL(url, host); +} \ No newline at end of file diff --git a/build/lib/scripts/chroot-and-upgrade b/build/lib/scripts/chroot-and-upgrade new file mode 100755 index 000000000..c22005a53 --- /dev/null +++ b/build/lib/scripts/chroot-and-upgrade @@ -0,0 +1,30 @@ +#!/bin/bash + +if [ "$UID" -ne 0 ]; then + >&2 echo 'Must be run as root' + exit 1 +fi + +echo 'Syncing...' + +rsync -a --delete --force --info=progress2 /media/embassy/embassyfs/current/ /media/embassy/next + +mount --bind /run /media/embassy/next/run +mount --bind /dev /media/embassy/next/dev +mount --bind /sys /media/embassy/next/sys +mount --bind /proc /media/embassy/next/proc + +chroot /media/embassy/next + +umount /media/embassy/next/run +umount /media/embassy/next/dev +umount /media/embassy/next/sys +umount /media/embassy/next/proc + +echo 'Upgrading...' + +touch /media/embassy/config/upgrade + +sync + +reboot \ No newline at end of file diff --git a/build/lib/scripts/enable-kiosk b/build/lib/scripts/enable-kiosk new file mode 100755 index 000000000..c5aec8f69 --- /dev/null +++ b/build/lib/scripts/enable-kiosk @@ -0,0 +1,49 @@ +#!/bin/sh + +set -e + +# install dependencies +apt update +apt install --no-install-recommends -y xserver-xorg x11-xserver-utils xinit firefox-esr matchbox-window-manager libnss3-tools + +# create kiosk script +cat > /home/start9/kiosk.sh << 'EOF' +#!/bin/sh +PROFILE=$(mktemp -d) +if [ -f /usr/local/share/ca-certificates/embassy-root-ca.crt ]; then + certutil -A -n "Embassy Local Root CA" -t "TCu,Cuw,Tuw" -i /usr/local/share/ca-certificates/embassy-root-ca.crt -d $PROFILE +fi +cat >> $PROFILE/prefs.js << EOT +user_pref("network.proxy.autoconfig_url", "file:///usr/lib/embassy/proxy.pac"); +user_pref("network.proxy.socks_remote_dns", true); +user_pref("network.proxy.type", 2); +user_pref("dom.securecontext.allowlist_onions", true); +user_pref("dom.securecontext.whitelist_onions", true); +user_pref("signon.rememberSignons", false); +EOT +matchbox-window-manager -use_titlebar yes & +firefox-esr --kiosk http://$(hostname).local --profile $PROFILE +rm -rf $PROFILE +EOF +chmod +x /home/start9/kiosk.sh +sed -i 's/=console/=anybody/g' /etc/X11/Xwrapper.config + +# use kiosk if tty (not pts) +if ! grep -q 'kiosk' /home/start9/.profile; then +cat >> /home/start9/.profile << 'EOF' +# Use kiosk for TTY +if [[ "$(tty)" =~ ^/dev/tty ]]; then + exec startx "$HOME/kiosk.sh" +fi +EOF +fi + +# enable autologin +mkdir -p /etc/systemd/system/getty@tty1.service.d +cat > /etc/systemd/system/getty@tty1.service.d/autologin.conf << 'EOF' +[Service] +ExecStart= +ExecStart=-/sbin/agetty --autologin start9 --noclear %I $TERM +EOF +ln -fs /etc/systemd/system/autologin@.service /etc/systemd/system/getty.target.wants/getty@tty1.service + diff --git a/build/raspberry-pi/initialization.sh b/build/raspberry-pi/initialization.sh index c61b1a490..ae4271cf3 100755 --- a/build/raspberry-pi/initialization.sh +++ b/build/raspberry-pi/initialization.sh @@ -37,6 +37,8 @@ systemctl stop tor systemctl enable embassyd.service embassy-init.service +. /usr/lib/embassy/scripts/enable-kiosk + sed -i 's/^/usb-storage.quirks=152d:0562:u,14cd:121c:u,0781:cfcb:u /g' /boot/cmdline.txt # making that *sudo docker stats* command fulfil its purpose by displaying all metrics