From 43d93ef6bc7cf59c2f14cd86fcb04c947c270e4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C3=ABl=20Zasso?= Date: Fri, 5 May 2023 15:47:07 +0200 Subject: [PATCH] chore: remove config and documentation related to Raspberry Pi Refs: https://github.com/nodejs/build/issues/3102 --- ansible/MANUAL_STEPS.md | 60 ------- ansible/README.md | 2 - ansible/roles/bootstrap/tasks/main.yml | 4 - .../bootstrap/tasks/partials/raspberry-pi.yml | 159 ------------------ .../bootstrap/templates/rpi_apt_proxy.j2 | 2 - .../templates/rpi_boot-config.pi1p.txt.j2 | 5 - .../templates/rpi_boot-config.pi2.txt.j2 | 5 - .../bootstrap/templates/rpi_dphys-swapfile.j2 | 2 - .../templates/rpi_keyboard_defaults.j2 | 5 - .../bootstrap/templates/rpi_sources_list.j2 | 1 - ansible/roles/bootstrap/vars/main.yml | 6 - ansible/roles/jenkins-worker/tasks/main.yml | 4 - .../tasks/partials/raspberry-pi.yml | 60 ------- .../templates/rpi_buster.Dockerfile.j2 | 67 -------- .../templates/rpi_jessie.Dockerfile.j2 | 66 -------- .../jenkins-worker/templates/rpi_rc.local.j2 | 6 - .../templates/rpi_start_tunnel.j2 | 8 - .../templates/rpi_stretch.Dockerfile.j2 | 64 ------- .../templates/rpi_wheezy.Dockerfile.j2 | 67 -------- ansible/roles/jenkins-worker/vars/main.yml | 19 --- doc/ssh.md | 2 +- tools/build-p-ssh-hosts.sh | 3 - 22 files changed, 1 insertion(+), 616 deletions(-) delete mode 100644 ansible/roles/bootstrap/tasks/partials/raspberry-pi.yml delete mode 100644 ansible/roles/bootstrap/templates/rpi_apt_proxy.j2 delete mode 100644 ansible/roles/bootstrap/templates/rpi_boot-config.pi1p.txt.j2 delete mode 100644 ansible/roles/bootstrap/templates/rpi_boot-config.pi2.txt.j2 delete mode 100644 ansible/roles/bootstrap/templates/rpi_dphys-swapfile.j2 delete mode 100644 ansible/roles/bootstrap/templates/rpi_keyboard_defaults.j2 delete mode 100644 ansible/roles/bootstrap/templates/rpi_sources_list.j2 delete mode 100644 ansible/roles/jenkins-worker/tasks/partials/raspberry-pi.yml delete mode 100644 ansible/roles/jenkins-worker/templates/rpi_buster.Dockerfile.j2 delete mode 100644 ansible/roles/jenkins-worker/templates/rpi_jessie.Dockerfile.j2 delete mode 100644 ansible/roles/jenkins-worker/templates/rpi_rc.local.j2 delete mode 100644 ansible/roles/jenkins-worker/templates/rpi_start_tunnel.j2 delete mode 100644 ansible/roles/jenkins-worker/templates/rpi_stretch.Dockerfile.j2 delete mode 100644 ansible/roles/jenkins-worker/templates/rpi_wheezy.Dockerfile.j2 diff --git a/ansible/MANUAL_STEPS.md b/ansible/MANUAL_STEPS.md index 5d6fb93c4..63c686971 100644 --- a/ansible/MANUAL_STEPS.md +++ b/ansible/MANUAL_STEPS.md @@ -25,8 +25,6 @@ * [jenkins-workspace](#jenkins-workspace) * [Docker hosts](#docker-hosts) * [SmartOS](#smartos) -* [Raspberry Pi](#raspberry-pi) - * [NFS boot](#nfs-boot) * [IBM i](#ibm-i) * [z/OS](#zos) @@ -734,64 +732,6 @@ Note that while this is being done across all Docker hosts, you should disable [ Joyent SmartOS machines use `libsmartsshd.so` for PAM SSH authentication in order to look up SSH keys allowed to access machines. Part of our Ansible setup removes this so we can only rely on traditional SSH authentication. Therefore, it is critcal to put `nodejs_test_*` public keys into `$USER/.ssh/authorized_keys` as appropriate or access will be lost and not recoverable after reboot or sshd restart (part of Ansible setup). -## Raspberry Pi - -Raspberry Pi configuration is integrated into the standard Ansible playbooks and will run properly when the right hosts are executed. - -The current configuration relies upon an NFS boot and NFS root architecture, although it should still be possible to connect a non-NFS Raspberry Pi to the Node.js CI and the Ansible playbooks are intended to be friendly to non-NFS hosts. It's possible that current Ansible scripts don't properly account for non-NFS hosts since these are not regularly included so some adjustments may be necessary. - -This document covers much of the process we use: https://www.raspberrypi.org/documentation/hardware/raspberrypi/bootmodes/net_tutorial.md - -### NFS boot - -* The SD card in the Raspberry Pi should have an up to date bootcode.bin (found in the FAT partition of the Raspbian images and comes via regular updates) and ideally an updated firmware. It is possible to boot newer Pi's without SD card but the SD card is necessary for older models and our Ansible setup uses it for local swap space. -* Upon boot, the bootcode will cause the Pi to reach out for an initial DHCP discovery. A DHCP server should be configured to respond appropriately for that device's address along with some NFS boot signals, such as this configuration for dnsmasq: - -``` -enable-tftp -tftp-root=/var/tftpd -pxe-service=0,"Raspberry Pi Boot" -``` - -* The tftp server on the same DHCP server should be able to respond to boot requests. -* After looking in the root of the tftp server, the Pi will attempt to load files from a subdirectory named by its serial number. Obtain the serial number from /proc/cpuinfo from a running Pi, take the last 8 characters from the `Serial` field and use that to store individual boot files. -* Copy the entirety of the boot partition of the Raspbian disk image into a subdirectory for each Pi. Symlinks are acceptable to map serial numbers to the names of the Pi's to keep them organised properly. -* Edit cmdline.txt inside the tftp subdirectory for each file and replace the contents with: - -``` -modprobe.blacklist=bcm2835_v4l2 root=/dev/nfs nfsroot=NFS_ROOT_SERVER_IP:/NFS_ROOT_FOR_THIS_PI,vers=3 rw ip=dhcp rootwait elevator=deadline -``` - -* Replacing `NFS_ROOT_SERVER_IP` and `NFS_ROOT_FOR_THIS_PI` as appropraite. It is assumed that NFSv3 is used for the root server. The `modprobe.blacklist` is for a sound driver that has been causing problems in most 2019 versions of the Raspbian kernels (Stretch and Buster), this may be fixed at a later day and be unnecessary. Booting would freeze late in the process without this driver removed. -* The DHCP / tftp server should export each of the boot directories via NFS so they can be mounted by the Pi's as /boot/ which will allow the files to be updated during system updates. - -### NFS root - -An NFS root server can be separate from NFS boot server, and could be different for each Pi. - -* The NFS root server should export a shared .ccache directory to be mounted by all Pi's, so it should be exported in such a way as to be permissive with IP addresses. The export should have roughly these options: `(async,rw,all_squash,anonuid=1001,anongid=1002,no_subtree_check)`. -* The NFS root server should export a root directory for each Pi. The IP of the server along with the path to the directory should be put in cmdline.txt on the NFS boot server. The exports should have roughly these options: `(rw,sync,no_subtree_check,no_root_squash)`/ -* The ext4 partition of the Raspbian image file (second partition, not the boot FAT partition) should be extracted into this root directory. -* `etc/fstab` in the root directory should be edited to make it NFS compatible. Remove the existing `/boot` and `/` entries and replace them with: - -``` -/dev/mmcblk0p1 /mnt/mmcblk0p1 vfat defaults 0 0 -NFS_ROOT_SERVER_IP:PATH_TO_SHARED_CCACHE_DIRECTORY /home/iojs/.ccache nfs4 rw,exec,async,noauto 0 0 -NFS_BOOT_SERVER_IP:PATH_TO_TFTP_BOOT_EXPORT /boot nfs4 nfsvers=3,rw,noexec,async,noauto 0 0 -``` - -* Ansible should also perform checks on `/etc/fstab` so these modifications may not be strictly necessary but it is helpful to have first-boot be into an appropriate state. -* Mounting `/` is done during the NFS boot process so is omitted from `/etc/fstab`. -* The SD card is mounted at `/mnt/mmcblk0p1` and is assumed to be in this location by the Ansible scripts for swap file creation. -* `/boot` is this Pi's tftp boot directory from the NFS boot server. -* When powered on, the Pi should perform all mount steps and present with the standard initial Raspbian boot & login. Note that SSH is not enabled by default and this needs to be done manually before you can remotely access it. To streamline setup, these additional steps can be performed on an initial Pi and then its root directory copied to all other root directories with only minor modifications to `/etc/fstab` required: - * Enable SSH with `raspi-config` - * Add the `nodejs_build_test` public SSH key to `~pi/.ssh/authorized_keys` (with appropriate permissions). - * Change the default password for user `pi` to remove insecurity. This could even be disabled entirely since the SSH key is in place. - -After these steps are performed and the Pi's are running, Ansible can be run to finish setup. A reboot is recommended after initial setup to ensure the environment is configured correctly (locale and other settings that are changed). - - ## IBM i There isn't a system start service on IBMi -- the machine should not be diff --git a/ansible/README.md b/ansible/README.md index 8b46dc042..a5daf8588 100644 --- a/ansible/README.md +++ b/ansible/README.md @@ -261,8 +261,6 @@ Unsorted stuff of things we need to do/think about - [ ] assign 192/256mb ram to the jenkins instances that requires it: - aix - TBD -- [ ] automate more items in initial Raspberry Pi setup (see bottom of - setup/raspberry-pi/README.md, some of these can be automated) - [ ] epel-release for centos - required for centos7 on packet.net arm64 before ccache can be installed - [x] make .ssh/config and .ssh/id_rsa for release machines, adding config diff --git a/ansible/roles/bootstrap/tasks/main.yml b/ansible/roles/bootstrap/tasks/main.yml index f457a43f4..32a4fbfb3 100644 --- a/ansible/roles/bootstrap/tasks/main.yml +++ b/ansible/roles/bootstrap/tasks/main.yml @@ -14,7 +14,3 @@ - "{{ role_path }}/tasks/partials/{{ os }}.yml" - "{{ role_path }}/tasks/partials/{{ os|stripversion }}.yml" skip: true - - - name: run raspberry pi bootstrap - when: "inventory_hostname|regex_search('-arm(v6l|v7l|64)_pi')" - include: "{{ role_path }}/tasks/partials/raspberry-pi.yml" diff --git a/ansible/roles/bootstrap/tasks/partials/raspberry-pi.yml b/ansible/roles/bootstrap/tasks/partials/raspberry-pi.yml deleted file mode 100644 index 8807732b6..000000000 --- a/ansible/roles/bootstrap/tasks/partials/raspberry-pi.yml +++ /dev/null @@ -1,159 +0,0 @@ ---- - -# For Raspberry Pis of any type, assumed to be running Debian 9 - - - name: pi | gather facts - setup: - - - name: pi | discover pi type - set_fact: - pi_type: "{{ inventory_hostname | regex_replace('^.+_(pi[^-]+)-\\d+$', '\\1') }}" - tags: vars - - - name: pi | setup apt proxy - template: - src: "{{ role_path }}/templates/rpi_apt_proxy.j2" - dest: "/etc/apt/apt.conf.d/02proxy" - owner: "root" - group: "root" - mode: 0644 - when: pi_local is undefined - tags: general - - - name: pi | configure apt sources - template: - src: "{{ role_path }}/templates/rpi_sources_list.j2" - dest: "/etc/apt/sources.list" - owner: "root" - group: "root" - mode: 0644 - when: pi_local is undefined - tags: general - - - name: pi | remove dns lookup for login - lineinfile: - dest: /etc/ssh/sshd_config - line: "{{ item }}" - with_items: - - "VerifyReverseMapping no" - - "UseDNS no" - register: ssh_remove_dns - tags: general - - - name: pi | restart ssh service - service: name=ssh state=restarted enabled=yes - when: ssh_remove_dns.changed - tags: general - - - name: pi | setup keyboard config - template: - src: "{{ role_path }}/templates/rpi_keyboard_defaults.j2" - dest: "/etc/default/keyboard" - owner: "root" - group: "root" - mode: 0644 - register: keyboard_config - tags: general - - - name: pi | configure keyboard - shell: dpkg-reconfigure -f noninteractive keyboard-configuration && invoke-rc.d keyboard-setup start - when: keyboard_config.changed - tags: general - - - name: pi | setup locale - shell: - cmd: | - cat << EOF | debconf-set-selections - locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8 - EOF - rm /etc/locale.gen - dpkg-reconfigure -f noninteractive locales - update-locale LANG="en_US.UTF-8" - cat << EOF | debconf-set-selections - locales locales/default_environment_locale select en_US.UTF-8 - EOF - tags: general - - # if we have a root filesystem that is mounted via nfs and an sd card - # in the slot with a plain vfat fs on the first partition, assume that - # we should (a) mount that partition and (b) put the swapfile on it - # otherwise put the swap in the standard location - - name: pi | test if nfs-root and sd card available - shell: | - test \ - -n "$(sudo fdisk -l /dev/mmcblk0 | grep '^/dev/mmcblk0p1.*W95 FAT32')" -a \ - -n "$(grep ' / ' /proc/mounts | grep -E '^[0-9\.]+:/')" - register: nfs_root_check_result - ignore_errors: true - - - name: pi | set swap file location - set_fact: - swap_file: "{{ '/var/swap' if nfs_root_check_result.rc == 1 else '/mnt/mmcblk0p1/swap' }}" - - - name: pi | setup sd card mount - file: - path: "/mnt/mmcblk0p1" - state: directory - mode: 0755 - owner: "root" - when: nfs_root_check_result.rc == 0 - tags: general - - - name: pi | mount sd card - mount: - path: "/mnt/mmcblk0p1" - src: "/dev/mmcblk0p1" - fstype: vfat - state: mounted - when: nfs_root_check_result.rc == 0 - tags: general - - - name: pi | configure 1024M dphys-swapfile - template: - src: "{{ role_path }}/templates/rpi_dphys-swapfile.j2" - dest: "/etc/dphys-swapfile" - owner: "root" - group: "root" - mode: 0644 - register: dphys_swapfile - tags: general - - - name: pi | set up 1024M dphys-swapfile - shell: dphys-swapfile swapoff && dphys-swapfile setup && dphys-swapfile swapon - become_user: root - when: dphys_swapfile.changed - tags: general - - - name: pi | configure overclocking speed - template: - src: "{{ role_path }}/templates/rpi_boot-config.{{pi_type}}.txt.j2" - dest: "/boot/config.txt" - owner: "root" - group: "root" - mode: 0755 - when: pi_type in ("pi1p", "pi2") - tags: general - - # We need to do this here because the apt upgrade may upgrade what's in /boot and - # we'll end up out of sync and some services won't start properly on reboot - - - name: pi | enable rpcbind service - service: name=rpcbind state=started enabled=yes - tags: init - - # re-test this because we don't care about sd card at this stage - - name: pi | test if nfs-root - shell: | - test -n "$(grep ' / ' /proc/mounts | grep -E '^[0-9\.]+:/')" - register: nfs_root_check_result - ignore_errors: true - - - name: pi | mount /boot/ via nfs - mount: - name: "/boot" - src: "{{ raspberry_pi.nfs_boot_server }}:{{ raspberry_pi.nfs_boot_share_root }}/{{ inventory_hostname }}" - fstype: nfs4 - opts: nfsvers=3,rw,noexec,async,noauto - state: mounted - when: nfs_root_check_result.rc == 0 - tags: nfs diff --git a/ansible/roles/bootstrap/templates/rpi_apt_proxy.j2 b/ansible/roles/bootstrap/templates/rpi_apt_proxy.j2 deleted file mode 100644 index 36ceb25ca..000000000 --- a/ansible/roles/bootstrap/templates/rpi_apt_proxy.j2 +++ /dev/null @@ -1,2 +0,0 @@ -Acquire::http::proxy "{{ raspberry_pi.apt_proxy }}"; -Acquire::http::proxy::download.docker.com "DIRECT"; diff --git a/ansible/roles/bootstrap/templates/rpi_boot-config.pi1p.txt.j2 b/ansible/roles/bootstrap/templates/rpi_boot-config.pi1p.txt.j2 deleted file mode 100644 index 0c415167f..000000000 --- a/ansible/roles/bootstrap/templates/rpi_boot-config.pi1p.txt.j2 +++ /dev/null @@ -1,5 +0,0 @@ -arm_freq={{ '700' if type == 'release' else '800' }} -dtparam=audio=on -core_freq=250 -sdram_freq=400 -over_voltage=0 diff --git a/ansible/roles/bootstrap/templates/rpi_boot-config.pi2.txt.j2 b/ansible/roles/bootstrap/templates/rpi_boot-config.pi2.txt.j2 deleted file mode 100644 index cc76e7ea5..000000000 --- a/ansible/roles/bootstrap/templates/rpi_boot-config.pi2.txt.j2 +++ /dev/null @@ -1,5 +0,0 @@ -arm_freq=1000 -dtparam=audio=on -core_freq=500 -sdram_freq=500 -over_voltage=2 \ No newline at end of file diff --git a/ansible/roles/bootstrap/templates/rpi_dphys-swapfile.j2 b/ansible/roles/bootstrap/templates/rpi_dphys-swapfile.j2 deleted file mode 100644 index f975fb12c..000000000 --- a/ansible/roles/bootstrap/templates/rpi_dphys-swapfile.j2 +++ /dev/null @@ -1,2 +0,0 @@ -CONF_SWAPSIZE=1024 -CONF_SWAPFILE={{ swap_file }} diff --git a/ansible/roles/bootstrap/templates/rpi_keyboard_defaults.j2 b/ansible/roles/bootstrap/templates/rpi_keyboard_defaults.j2 deleted file mode 100644 index b8badfc57..000000000 --- a/ansible/roles/bootstrap/templates/rpi_keyboard_defaults.j2 +++ /dev/null @@ -1,5 +0,0 @@ -XKBMODEL="pc104" -XKBLAYOUT="us" -XKBVARIANT="" -XKBOPTIONS="" -BACKSPACE="guess" diff --git a/ansible/roles/bootstrap/templates/rpi_sources_list.j2 b/ansible/roles/bootstrap/templates/rpi_sources_list.j2 deleted file mode 100644 index d120f33d2..000000000 --- a/ansible/roles/bootstrap/templates/rpi_sources_list.j2 +++ /dev/null @@ -1 +0,0 @@ -deb http://mirror.aarnet.edu.au/pub/raspbian/raspbian/ {{ansible_distribution_release}} main contrib non-free rpi diff --git a/ansible/roles/bootstrap/vars/main.yml b/ansible/roles/bootstrap/vars/main.yml index c464ca6eb..97f274e59 100644 --- a/ansible/roles/bootstrap/vars/main.yml +++ b/ansible/roles/bootstrap/vars/main.yml @@ -1,7 +1 @@ -raspberry_pi: { - apt_proxy: 'http://192.168.2.100:3142', - nfs_boot_server: '192.168.2.100', - nfs_boot_share_root: '/var/tftpd', -} - autologon_regpath: 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' diff --git a/ansible/roles/jenkins-worker/tasks/main.yml b/ansible/roles/jenkins-worker/tasks/main.yml index f32298d8b..e86f6d798 100644 --- a/ansible/roles/jenkins-worker/tasks/main.yml +++ b/ansible/roles/jenkins-worker/tasks/main.yml @@ -31,10 +31,6 @@ state: present line: ::1 localhost.localdomain localhost -- name: run raspberry pi jenkins-worker setup - when: "inventory_hostname|regex_search('-arm(v6l|v7l|64)_pi')" - include: "{{ role_path }}/tasks/partials/raspberry-pi.yml" - - name: run scaleway armv7 jenkins-worker setup when: "'scaleway-ubuntu1804-armv7l' in inventory_hostname" include: "{{ role_path }}/tasks/partials/scaleway-armv7.yml" diff --git a/ansible/roles/jenkins-worker/tasks/partials/raspberry-pi.yml b/ansible/roles/jenkins-worker/tasks/partials/raspberry-pi.yml deleted file mode 100644 index f83f699c3..000000000 --- a/ansible/roles/jenkins-worker/tasks/partials/raspberry-pi.yml +++ /dev/null @@ -1,60 +0,0 @@ ---- - -# For Raspberry Pis of any type, assumed to be running Debian 9 - -- name: pi | make .ccache - file: - path: "/home/{{ server_user }}/.ccache" - state: directory - mode: 0755 - owner: "{{ server_user }}" - ignore_errors: True - tags: nfs - -- name: pi | mount .ccache via nfs - mount: - name: "/home/{{ server_user }}/.ccache" - src: "{{ raspberry_pi.nfs_root_server }}:{{ raspberry_pi.nfs_root_share_root }}/.ccache" - fstype: nfs4 - opts: rw,exec,async,noauto - state: mounted - tags: nfs - -- name: pi | copy rc.local to mount nfs post boot - template: - src: "./templates/rpi_rc.local.j2" - dest: "/etc/rc.local" - owner: "root" - group: "root" - mode: 0755 - tags: nfs - -- name: pi | copy start_tunnel.sh script - template: - src: "./templates/rpi_start_tunnel.j2" - dest: "/usr/local/sbin/start_tunnel.sh" - owner: "{{ server_user }}" - group: "{{ server_user }}" - mode: 0755 - when: pi_local is defined - tags: tunnel - -- name: pi | crontab entry - cron: - name: 'start ssh tunnel on reboot' - special_time: reboot - job: "/usr/local/sbin/start_tunnel.sh" - when: pi_local is defined - tags: tunnel - -- name: pi | configure containers - set_fact: - docker_containers: "{{ raspberry_pi.containers[arch] }}" - -- import_tasks: "{{ role_path }}/tasks/partials/docker-host.yml" - -- name: pi | docker | add pi user to docker group - user: - name: "pi" - groups: "docker" - append: yes diff --git a/ansible/roles/jenkins-worker/templates/rpi_buster.Dockerfile.j2 b/ansible/roles/jenkins-worker/templates/rpi_buster.Dockerfile.j2 deleted file mode 100644 index 5df1c03db..000000000 --- a/ansible/roles/jenkins-worker/templates/rpi_buster.Dockerfile.j2 +++ /dev/null @@ -1,67 +0,0 @@ -FROM balenalib/rpi-raspbian:buster - -ENV LC_ALL=C \ - USER={{ server_user }} \ - JOBS={{ jobs_env }} \ - SHELL=/bin/bash \ - HOME=/home/{{ server_user }} \ - PATH=/usr/lib/ccache/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ - NODE_COMMON_PIPE=/home/{{ server_user }}/test.pipe \ - NODE_TEST_DIR=/home/{{ server_user }}/tmp \ - OSTYPE=linux-gnu \ - OSVARIANT=docker \ - DESTCPU=arm \ - ARCH={{ arch }} \ - CCACHE_TEMPDIR=/home/{{ server_user }}/.ccache/{{ inventory_hostname }} \ - DEBIAN_FRONTEND=noninteractive - -RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y \ - g++-8 \ - gcc-8 \ - git \ - make \ - ccache \ - python2.7 \ - python \ - openssh-client \ - gzip \ - xz-utils \ - curl \ - libffi-dev \ - zlib1g-dev && \ - apt-get clean -y && \ - rm -rf /var/lib/apt/lists/* - -RUN update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-8 50 && \ - update-alternatives --install /usr/bin/c++ c++ /usr/bin/g++-8 50 && \ - update-alternatives --install /usr/bin/cpp cpp /usr/bin/gcc-8 50 && \ - update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-8 50 && \ - update-alternatives --install /usr/bin/cc cc /usr/bin/gcc-8 50 - -RUN mkdir /python && \ - cd /python && \ - curl https://github.com/python/cpython/archive/refs/tags/v3.9.4.tar.gz -L --output v3.9.4.tar.gz && \ - tar xf v3.9.4.tar.gz && \ - cd cpython-3.9.4 && \ - ./configure && \ - make install && \ - rm -rf /python - -RUN addgroup \ - --gid {{ server_user_gid.stdout_lines[0] }} \ - {{ server_user }} && \ - adduser \ - --gid {{ server_user_gid.stdout_lines[0] }} \ - --uid {{ server_user_uid.stdout_lines[0] }} \ - --disabled-password \ - --gecos {{ server_user }} \ - {{ server_user }} - -VOLUME /home/{{ server_user }}/ - -USER iojs:iojs - -# Prevent Node.js picking up the OS's openssl.cnf, https://github.com/nodejs/node/issues/27862 -ENV OPENSSL_CONF /dev/null - -ENTRYPOINT [ "tail", "-f", "/dev/null" ] diff --git a/ansible/roles/jenkins-worker/templates/rpi_jessie.Dockerfile.j2 b/ansible/roles/jenkins-worker/templates/rpi_jessie.Dockerfile.j2 deleted file mode 100644 index a7db20a3c..000000000 --- a/ansible/roles/jenkins-worker/templates/rpi_jessie.Dockerfile.j2 +++ /dev/null @@ -1,66 +0,0 @@ -FROM resin/rpi-raspbian:jessie - -ENV LC_ALL=C \ - USER={{ server_user }} \ - JOBS={{ jobs_env }} \ - SHELL=/bin/bash \ - HOME=/home/{{ server_user }} \ - PATH=/usr/lib/ccache/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ - NODE_COMMON_PIPE=/home/{{ server_user }}/test.pipe \ - NODE_TEST_DIR=/home/{{ server_user }}/tmp \ - OSTYPE=linux-gnu \ - OSVARIANT=docker \ - DESTCPU=arm \ - ARCH={{ arch }} \ - CCACHE_TEMPDIR=/home/{{ server_user }}/.ccache/{{ inventory_hostname }} \ - DEBIAN_FRONTEND=noninteractive - -RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y \ - g++-4.9 \ - gcc-4.9 \ - git \ - make \ - zlib1g \ - zlib1g-dev \ - python2.7 \ - python \ - openssh-client \ - gzip \ - xz-utils \ - curl && \ - apt-get clean -y && \ - rm -rf /var/lib/apt/lists/* - -RUN update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-4.9 50 && \ - update-alternatives --install /usr/bin/c++ c++ /usr/bin/g++-4.9 50 && \ - update-alternatives --install /usr/bin/cpp cpp /usr/bin/gcc-4.9 50 && \ - update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-4.9 50 && \ - update-alternatives --install /usr/bin/cc cc /usr/bin/gcc-4.9 50 - -RUN addgroup \ - --gid {{ server_user_gid.stdout_lines[0] }} \ - {{ server_user }} && \ - adduser \ - --gid {{ server_user_gid.stdout_lines[0] }} \ - --uid {{ server_user_uid.stdout_lines[0] }} \ - --disabled-password \ - --gecos {{ server_user }} \ - {{ server_user }} - -RUN curl -sL https://www.samba.org/ftp/ccache/ccache-{{ ccache_latest }}.tar.gz | tar zxv -C /tmp/ && \ - cd /tmp/ccache-{{ ccache_latest }} && \ - ./configure && \ - make -j {{ jobs_env }} && \ - install -c -m 755 ccache /usr/local/bin && \ - ln -s /usr/local/bin/ccache /usr/local/bin/gcc && \ - ln -s /usr/local/bin/ccache /usr/local/bin/cc && \ - ln -s /usr/local/bin/ccache /usr/local/bin/g++ && \ - ln -s /usr/local/bin/ccache /usr/local/bin/c++ && \ - ln -s /usr/local/bin/ccache /usr/local/bin/cpp && \ - rm -rf /tmp/ccache-{{ ccache_latest }} - -VOLUME /home/{{ server_user }}/ - -USER iojs:iojs - -ENTRYPOINT [ "tail", "-f", "/dev/null" ] diff --git a/ansible/roles/jenkins-worker/templates/rpi_rc.local.j2 b/ansible/roles/jenkins-worker/templates/rpi_rc.local.j2 deleted file mode 100644 index ab2e67211..000000000 --- a/ansible/roles/jenkins-worker/templates/rpi_rc.local.j2 +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -e - -/etc/init.d/rpcbind start -/etc/init.d/nfs-common start -sleep 10 && (grep nfs /etc/fstab | cut -d" " -f 2 | xargs -l mount) & -exit 0 diff --git a/ansible/roles/jenkins-worker/templates/rpi_start_tunnel.j2 b/ansible/roles/jenkins-worker/templates/rpi_start_tunnel.j2 deleted file mode 100644 index b50b7abd5..000000000 --- a/ansible/roles/jenkins-worker/templates/rpi_start_tunnel.j2 +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -autossh -f -M 0 \ - -o "ServerAliveInterval 30" \ - -o "ServerAliveCountMax 3" \ - tunnel@ci.nodejs.org \ - -L {{ ci_port }}:ci-release.nodejs.org:{{ ci_port }} \ - -N diff --git a/ansible/roles/jenkins-worker/templates/rpi_stretch.Dockerfile.j2 b/ansible/roles/jenkins-worker/templates/rpi_stretch.Dockerfile.j2 deleted file mode 100644 index d8c871b9e..000000000 --- a/ansible/roles/jenkins-worker/templates/rpi_stretch.Dockerfile.j2 +++ /dev/null @@ -1,64 +0,0 @@ -FROM balenalib/rpi-raspbian:stretch - -ENV LC_ALL=C \ - USER={{ server_user }} \ - JOBS={{ jobs_env }} \ - SHELL=/bin/bash \ - HOME=/home/{{ server_user }} \ - PATH=/usr/lib/ccache/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ - NODE_COMMON_PIPE=/home/{{ server_user }}/test.pipe \ - NODE_TEST_DIR=/home/{{ server_user }}/tmp \ - OSTYPE=linux-gnu \ - OSVARIANT=docker \ - DESTCPU=arm \ - ARCH={{ arch }} \ - CCACHE_TEMPDIR=/home/{{ server_user }}/.ccache/{{ inventory_hostname }} \ - DEBIAN_FRONTEND=noninteractive - -RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y \ - g++-6 \ - gcc-6 \ - git \ - make \ - ccache \ - python2.7 \ - python \ - openssh-client \ - gzip \ - xz-utils \ - curl \ - libffi-dev \ - zlib1g-dev && \ - apt-get clean -y && \ - rm -rf /var/lib/apt/lists/* - -RUN update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-6 50 && \ - update-alternatives --install /usr/bin/c++ c++ /usr/bin/g++-6 50 && \ - update-alternatives --install /usr/bin/cpp cpp /usr/bin/gcc-6 50 && \ - update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-6 50 && \ - update-alternatives --install /usr/bin/cc cc /usr/bin/gcc-6 50 - -RUN mkdir /python && \ - cd /python && \ - curl https://github.com/python/cpython/archive/refs/tags/v3.9.4.tar.gz -L --output v3.9.4.tar.gz && \ - tar xf v3.9.4.tar.gz && \ - cd cpython-3.9.4 && \ - ./configure && \ - make install && \ - rm -rf /python - -RUN addgroup \ - --gid {{ server_user_gid.stdout_lines[0] }} \ - {{ server_user }} && \ - adduser \ - --gid {{ server_user_gid.stdout_lines[0] }} \ - --uid {{ server_user_uid.stdout_lines[0] }} \ - --disabled-password \ - --gecos {{ server_user }} \ - {{ server_user }} - -VOLUME /home/{{ server_user }}/ - -USER iojs:iojs - -ENTRYPOINT [ "tail", "-f", "/dev/null" ] diff --git a/ansible/roles/jenkins-worker/templates/rpi_wheezy.Dockerfile.j2 b/ansible/roles/jenkins-worker/templates/rpi_wheezy.Dockerfile.j2 deleted file mode 100644 index 6159c8953..000000000 --- a/ansible/roles/jenkins-worker/templates/rpi_wheezy.Dockerfile.j2 +++ /dev/null @@ -1,67 +0,0 @@ -FROM resin/rpi-raspbian:wheezy - -ENV LC_ALL=C \ - USER={{ server_user }} \ - JOBS={{ jobs_env }} \ - SHELL=/bin/bash \ - HOME=/home/{{ server_user }} \ - PATH=/usr/lib/ccache/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ - NODE_COMMON_PIPE=/home/{{ server_user }}/test.pipe \ - NODE_TEST_DIR=/home/{{ server_user }}/tmp \ - OSTYPE=linux-gnu \ - OSVARIANT=docker \ - DESTCPU=arm \ - ARCH={{ arch }} \ - CCACHE_TEMPDIR=/home/{{ server_user }}/.ccache/{{ inventory_hostname }} \ - DEBIAN_FRONTEND=noninteractive - -RUN sed -i 's/archive/legacy/' /etc/apt/sources.list && \ - apt-get update && apt-get dist-upgrade -y && apt-get install -y \ - g++-4.8 \ - gcc-4.8 \ - git \ - make \ - zlib1g \ - zlib1g-dev \ - python2.7 \ - python \ - openssh-client \ - gzip \ - xz-utils \ - curl && \ - apt-get clean -y && \ - rm -rf /var/lib/apt/lists/* - -RUN update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-4.8 50 && \ - update-alternatives --install /usr/bin/c++ c++ /usr/bin/g++-4.8 50 && \ - update-alternatives --install /usr/bin/cpp cpp /usr/bin/gcc-4.8 50 && \ - update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-4.8 50 && \ - update-alternatives --install /usr/bin/cc cc /usr/bin/gcc-4.8 50 - -RUN addgroup \ - --gid {{ server_user_gid.stdout_lines[0] }} \ - {{ server_user }} && \ - adduser \ - --gid {{ server_user_gid.stdout_lines[0] }} \ - --uid {{ server_user_uid.stdout_lines[0] }} \ - --disabled-password \ - --gecos {{ server_user }} \ - {{ server_user }} - -RUN curl -sL https://www.samba.org/ftp/ccache/ccache-{{ ccache_latest }}.tar.gz | tar zxv -C /tmp/ && \ - cd /tmp/ccache-{{ ccache_latest }} && \ - ./configure && \ - make -j {{ jobs_env }} && \ - install -c -m 755 ccache /usr/local/bin && \ - ln -s /usr/local/bin/ccache /usr/local/bin/gcc && \ - ln -s /usr/local/bin/ccache /usr/local/bin/cc && \ - ln -s /usr/local/bin/ccache /usr/local/bin/g++ && \ - ln -s /usr/local/bin/ccache /usr/local/bin/c++ && \ - ln -s /usr/local/bin/ccache /usr/local/bin/cpp && \ - rm -rf /tmp/ccache-{{ ccache_latest }} - -VOLUME /home/{{ server_user }}/ - -USER iojs:iojs - -ENTRYPOINT [ "tail", "-f", "/dev/null" ] diff --git a/ansible/roles/jenkins-worker/vars/main.yml b/ansible/roles/jenkins-worker/vars/main.yml index a4d92ae95..08739c71e 100644 --- a/ansible/roles/jenkins-worker/vars/main.yml +++ b/ansible/roles/jenkins-worker/vars/main.yml @@ -92,25 +92,6 @@ bash_path: { zos: 'bash' } -raspberry_pi: { - nfs_root_server: '192.168.1.10', - nfs_root_share_root: '/exports/nodejs/pi', - containers: { - armv6l: [ - { name: 'wheezy', template: 'rpi_wheezy.Dockerfile.j2' }, - { name: 'jessie', template: 'rpi_jessie.Dockerfile.j2' } - ], - armv7l: [ - { name: 'stretch', template: 'rpi_stretch.Dockerfile.j2' }, - { name: 'buster', template: 'rpi_buster.Dockerfile.j2' } - ], - arm64: [ - { name: 'stretch', template: 'rpi_stretch.Dockerfile.j2' }, - { name: 'buster', template: 'rpi_buster.Dockerfile.j2' } - ] - } -} - scaleway_armv7: { containers: [ { name: 'jessie', template: 'armv7_jessie.Dockerfile.j2' }, diff --git a/doc/ssh.md b/doc/ssh.md index f26e8a60f..866c3ee50 100644 --- a/doc/ssh.md +++ b/doc/ssh.md @@ -54,7 +54,7 @@ deprecated and If everything is set up correctly, you should be able to log into the machine without passwords. By default you will log into the machine -as `root` (except macOS machines and some raspberry Pis), +as `root` (or a sudoer user), but it is recommended to switch to the `iojs` user (run `su - iojs` or `sudo su - iojs` for non-root logins) before performing any actions. diff --git a/tools/build-p-ssh-hosts.sh b/tools/build-p-ssh-hosts.sh index dcef3d763..dbac53b8f 100755 --- a/tools/build-p-ssh-hosts.sh +++ b/tools/build-p-ssh-hosts.sh @@ -15,9 +15,6 @@ egrep '^Host .*-.*-.*-.*' ~/.ssh/config | sed -e 's/^Host //' -e 's/ .*//' > hos # Add aliases for groups of hosts. Feel free to add more aliases as useful. grep -- '-arm' hosts/all > hosts/arm grep -- 'aix61-ppc64_be' hosts/all > hosts/aix61-ppc64_be -grep -- 'arm64_pi3' hosts/all > hosts/arm64_pi3 -grep -- 'armv6l_pi1' hosts/all > hosts/armv6l_pi1 -grep -- 'armv7l_pi2' hosts/all > hosts/armv7l_pi2 grep -- 'centos7-ppc64_le' hosts/all > hosts/centos7-ppc64_le grep -- 'centos7-ppc64_le' hosts/all > hosts/centos7-ppc64_le grep -- 'centos7' hosts/all > hosts/centos7