Move to Drone

.drone.yml

@@ -4,12 +4,64 @@ type: kubernetes
 name: default
 
 steps:
-- name: docker
-  image: plugins/docker
+- name: build
+  image: openwrtorg/imagebuilder:ath79-generic-openwrt-21.02
   settings:
-    repo: harbor.k-space.ee/k-space/openwrt-camera-image
-    registry: harbor.k-space.ee
-    username:
-      from_secret: docker_username
+    mtu: 1300
+  environment:
+    # TODO: git log -1 --pretty=%ct
+    SOURCE_DATE_EPOCH: 0
+    FILES: /drone/src/overlay/
+    PROFILE: glinet_gl-ar150
+    PACKAGES: |-
+        ca-certificates
+        curl
+        -dnsmasq
+        htop
+        iftop
+        -ip6tables
+        -kmod-ath
+        -kmod-ath9k
+        -kmod-ath9k-common
+        -kmod-ip6tables
+        -kmod-ipsec6
+        -kmod-iptunnel6
+        -kmod-ppp
+        kmod-video-uvc
+        -luci
+        -luci-proto-ipv6
+        -luci-proto-ppp
+        mjpg-streamer
+        mjpg-streamer-input-uvc
+        mjpg-streamer-output-http
+        nano
+        -odhcp6c
+        -odhcpd
+        openssh-server
+        openssl-util
+        pciutils
+        -ppp
+        -pppd
+        -ppp-mod-pppoe
+        prometheus-node-exporter-lua
+        prometheus-node-exporter-lua-netstat
+        prometheus-node-exporter-lua-openwrt
+        usbutils
+        v4l-utils
+  commands:
+  - mkdir -p overlay/etc/uci-defaults
+  - cd /home/build/openwrt
+  - make image PACKAGES="$(echo $PACKAGES | xargs)"
+  - mv $(find /home/build/openwrt/bin  -iname *sysupgrade.bin) /drone/src/openwrt-camera-sysupgrade.bin
+- name: deliver
+  image: drillster/drone-email
+  settings:
+    from: drone@k-space.ee
+    subject: Camera OpenWrt image
+    body: OpenWrt image
+    host: mail.k-space.ee
+    port: 465
+    username: drone
     password:
-      from_secret: docker_password
+      from_secret: email_password
+    attachments: openwrt-camera-sysupgrade.bin

Jenkinsfile

@@ -1,29 +0,0 @@
-#!/usr/bin/groovy
-directory = "openwrt-camera-image"
-pipeline {
-    agent any
-    stages {
-        stage("Setup") {
-            steps {
-                dir(directory) {
-                    deleteDir()
-                    checkout scm
-                }
-            }
-        }
-        stage("Build") {
-            steps {
-                dir(directory) {
-                    sh "sh script.sh"
-                }
-            }
-        }
-        stage("Deliver") {
-            steps {
-                dir(directory) {
-                    archiveArtifacts artifacts: "bin/*", allowEmptyArchive: false, fingerprint: false
-                }
-            }
-        }
-    }
-}

overlay/etc/profile

@@ -0,0 +1,32 @@
+#!/bin/sh
+[ -f /etc/banner ] && cat /etc/banner
+[ -e /tmp/.failsafe ] && cat /etc/banner.failsafe
+
+export PATH=/usr/bin:/usr/sbin:/bin:/sbin
+export HOME=$(grep -e "^${USER:-root}:" /etc/passwd | cut -d ":" -f 6)
+export HOME=${HOME:-/root}
+export PS1='\u@\h:\w\$ '
+
+[ -z "$KSH_VERSION" -o \! -s /etc/mkshrc ] || . /etc/mkshrc
+[ -x /bin/more ] || alias more=less
+[ -x /usr/bin/vim ] && alias vi=vim || alias vim=vi
+[ -x /usr/bin/arp ] || arp() { cat /proc/net/arp; }
+[ -x /usr/bin/ldd ] || ldd() { LD_TRACE_LOADED_OBJECTS=1 $*; }
+
+HOSTNAME=$(uci get system.@system[0].hostname)
+DOMAIN=$(uci -q get dhcp.@dnsmasq[0].domain)
+
+if [ $? -eq 0 ]; then
+    FQDN=$HOSTNAME.$DOMAIN
+else
+    FQDN=$HOSTNAME
+fi
+
+export PS1='\[\033[01;31m\]$FQDN\[\033[01;34m\] \W #\[\033[00m\] '
+case "$TERM" in
+    xterm*|rxvt*)
+        echo -ne "\033]0;${USER}@${FQDN}:${PWD}\007"
+    ;;
+    *)
+    ;;
+esac

overlay/etc/uci-defaults/40-hostname

@@ -0,0 +1,3 @@
+HOSTNAME=cam-$(cat /sys/class/net/eth0/address | cut -d : -f 4- | sed -e 's/://g')
+uci set system.@system[0].hostname=$HOSTNAME
+uci set network.lan.hostname=$HOSTNAME

overlay/etc/uci-defaults/50-camera

@@ -0,0 +1,14 @@
+# Disable DHCP servers
+/etc/init.d/odhcpd disable
+/etc/init.d/dnsmasq disable
+
+# Remove firewall rules since AP bridges ethernet to wireless anyway
+uci delete firewall.@zone[1]
+uci delete firewall.@zone[0]
+uci delete firewall.@forwarding[0]
+for j in $(seq 0 10); do uci delete firewall.@rule[0]; done
+
+# Remove LAN interface
+uci delete network.lan
+uci delete network.globals.ula_prefix
+uci delete dhcp.@dnsmasq[0].domain

overlay/etc/uci-defaults/90-mjpg-streamer

@@ -0,0 +1,5 @@
+uci set mjpg-streamer.core.enabled='1'
+uci set mjpg-streamer.core.resolution='1280x720'
+uci set mjpg-streamer.core.fps='5'
+uci set mjpg-streamer.core.username=user
+uci set mjpg-streamer.core.password=XlwgWa3orRCpjbQAMaxh

overlay/etc/uci-defaults/99-auth

@@ -0,0 +1,10 @@
+
+# Add Lauri's keys
+echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCWiKkJw8QKNFlCN5OF/bJSGIt8ZrTF5LOC/Cw6pqx76wdKzY5D/LTEXhHTY846oL8ep3p5OiuTUieOVqyyBTvy+ZNzj98WoJchH/adu07t8lj1755R1sBeZyha+5z+unKEexmYpCAcXfZLoRg4mQ6OnG6tD2itZZ+12igqVaMMUdR9dSAULsd60twmGYtEe5O1Y33YIXpyWttVySY4oSQZtItwaztUOlnxJS8JpECz324FqznrRNEq3M4EG8jf5PPkoCoTsinOLfeqUcXDhgVr+C5Rxgrv2uKXzprnEIY3fLsTf7J0hZyMiy78+ii1FtehkOmpMRNqtP4WDsTd0kEY5HdK3RMWqBSvH4NJA8SIRxV587w68bF4oe040am3YySborEBNRHZLDWOowAuPfE8aBLwHWcANox0bgVW+j6XugHPCnm6TM15iphgNJ7GVlVE8hWO1lN4FTYe6vhtY54/oSM8qR87437lBwhUwVE3du6A3N68PL8QiZcKYBIB33U= lauri@lauri-x230
+' > /etc/dropbear/authorized_keys
+
+# Ping lauri for plaintext password, eg when there's issue camera
+sed -i 's|^root::|root:$1$Ji4oV3An$2h4IhUFWhheefdaWEW.vg/:|' /etc/shadow
+
+# Move Dropbear to port 2222
+uci set dropbear.@dropbear[0].Port=2222

script.sh

@@ -1,105 +0,0 @@
-
-set -e
-set -x
-
-RELEASE=21.02.1
-BASENAME=openwrt-imagebuilder-$RELEASE-ath79-generic.Linux-x86_64
-FILENAME=$BASENAME.tar.xz
-URL=https://downloads.openwrt.org/releases/21.02.1/targets/ath79/generic/$FILENAME
-
-wget -c $URL
-
-tar xvf $FILENAME
-cd $BASENAME
-
-mkdir -p overlay/etc/uci-defaults
-
-cat << \EOF > overlay/etc/profile
-#!/bin/sh
-[ -f /etc/banner ] && cat /etc/banner
-[ -e /tmp/.failsafe ] && cat /etc/banner.failsafe
-
-export PATH=/usr/bin:/usr/sbin:/bin:/sbin
-export HOME=$(grep -e "^${USER:-root}:" /etc/passwd | cut -d ":" -f 6)
-export HOME=${HOME:-/root}
-export PS1='\u@\h:\w\$ '
-
-[ -z "$KSH_VERSION" -o \! -s /etc/mkshrc ] || . /etc/mkshrc
-[ -x /bin/more ] || alias more=less
-[ -x /usr/bin/vim ] && alias vi=vim || alias vim=vi
-[ -x /usr/bin/arp ] || arp() { cat /proc/net/arp; }
-[ -x /usr/bin/ldd ] || ldd() { LD_TRACE_LOADED_OBJECTS=1 $*; }
-
-HOSTNAME=$(uci get system.@system[0].hostname)
-DOMAIN=$(uci -q get dhcp.@dnsmasq[0].domain)
-
-if [ $? -eq 0 ]; then
-    FQDN=$HOSTNAME.$DOMAIN
-else
-    FQDN=$HOSTNAME
-fi
-
-export PS1='\[\033[01;31m\]$FQDN\[\033[01;34m\] \W #\[\033[00m\] '
-case "$TERM" in
-    xterm*|rxvt*)
-        echo -ne "\033]0;${USER}@${FQDN}:${PWD}\007"
-    ;;
-    *)
-    ;;
-esac
-EOF
-
-# Autogenerate hostname
-cat << \EOF > overlay/etc/uci-defaults/40-hostname
-HOSTNAME=cam-$(cat /sys/class/net/eth0/address | cut -d : -f 4- | sed -e 's/://g')
-uci set system.@system[0].hostname=$HOSTNAME
-uci set network.lan.hostname=$HOSTNAME
-EOF
-
-# Network interfaces config
-cat << \EOF > overlay/etc/uci-defaults/50-access-point
-# Disable DHCP servers
-/etc/init.d/odhcpd disable
-/etc/init.d/dnsmasq disable
-
-# Remove firewall rules since AP bridges ethernet to wireless anyway
-uci delete firewall.@zone[1]
-uci delete firewall.@zone[0]
-uci delete firewall.@forwarding[0]
-for j in $(seq 0 10); do uci delete firewall.@rule[0]; done
-
-# Remove LAN interface
-uci delete network.lan
-uci delete network.globals.ula_prefix
-uci delete dhcp.@dnsmasq[0].domain
-
-EOF
-
-# Set mjpg-streamer defaults
-cat << \EOF > overlay/etc/uci-defaults/90-mjpg-streamer
-uci set mjpg-streamer.core.enabled='1'
-uci set mjpg-streamer.core.resolution='1280x720'
-uci set mjpg-streamer.core.fps='5'
-uci set mjpg-streamer.core.username=user
-uci set mjpg-streamer.core.password=XlwgWa3orRCpjbQAMaxh
-EOF
-
-cat << \EOF > overlay/etc/uci-defaults/99-k-space
-# Add Lauri's Yubikey
-echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDXOBCwD0Lj4ZmAhAxxvMNaElhYUvYh+qVBFAeZCzhOvyjpGXvGtDkdS6XmzpVBa5zgVb9WTAiH9JMNFQJlseyByAA++ISK7cILi+6vS+EtA0bungL6GrlwN1XXDjS5BLrv8m7cJC5xhHYXjEzOYzuhwzrk2uWuQ+eBSPBvy6gXcRt17m7rX0v+D6SlMbX+yjtSUSphHdsRyBv2beTh/wz8UZVBaRfCEX7mwkkWb8dYxjrgyNEMRxBiv62/SPo4iShrQz5jpMLNTrIfJTJnQCG8byOti7mHy+4Oai1nocIUaff/biJ/wchyc6j+VI1XjTriLyOgInBQrUxbF173Ko+Lh1KDONs3fOUGuHtDjcYmIdjotaLZPYx0fhFNAP9Xmm+FYvtTEGiXWI6uwvJnlILqhhhnuT91yPTv7P2XWoHz3x+p2yES+nP0vTVsJ6R0IoW9d1Wp0g6nsUSqEuQDM5s3ON65TX5wc3WJQ2CHYuEIRkwZoga61jtE0nesg2p/S2mB3KFn2jx0y9yTApBygTWJB2GgNciUEohAkr1Qt4lfl2JJOmFVpg0H6gMJBeLPzlugPc3xgQFHPR+8NoseGvtrV+mbPL/YKHM5Yy+c4Yw4DWUzh7TbRfCIw9YdHyes8eIv+w4WX2q0Ze7DbPrdYAmVqKIeYlEm1/ZH/2QXiG9fNQ== cardno:000608670822' > /etc/dropbear/authorized_keys
-
-# Ping lauri for plaintext password, eg when there's issue camera
-sed -i 's|^root::|root:$1$Ji4oV3An$2h4IhUFWhheefdaWEW.vg/:|' /etc/shadow
-
-EOF
-
-# Make image
-make image PROFILE=glinet_gl-ar150 FILES=overlay/ PACKAGES="usbutils curl htop nano mjpg-streamer kmod-video-uvc \
-    mjpg-streamer-input-uvc mjpg-streamer-output-http \
-    v4l-utils tcpdump -odhcp6c -odhcpd -dnsmasq -pppd -luci-proto-ppp -kmod-ppp -ppp -ppp-mod-pppoe \
-    -kmod-ath -kmod-ath9k-common -kmod-ath9k -kmod-ip6tables -ip6tables -luci-proto-ipv6 -kmod-iptunnel6 -kmod-ipsec6 -luci"
-
-# Copy binaries to fixed location
-cd -
-mkdir -p bin/
-cp $BASENAME/bin/targets/ath79/generic/*.bin bin/