项目作者: jandelgado

项目描述 :
A container based self-contained LEDE/OpenWrt image builder.
高级语言: Shell
项目地址: git://github.com/jandelgado/lede-dockerbuilder.git
创建时间: 2017-05-11T22:40:24Z
项目社区:https://github.com/jandelgado/lede-dockerbuilder

开源协议:Apache License 2.0

下载


Containerized OpenWrt image builder

test

What

Easily and quickly build OpenWrt custom images (e.g.
for your embedded device or a Raspberry PI) using a self-contained docker
container or a nix-shell and the OpenWrt image
builder
.
On the builder host, Docker, podman/buildah (for dockerless operation) or nix-shell is the
only requirement. Supports latest OpenWrt release (24.10.x).

Note

The OpenWrt imagebuilder uses pre-compiled packages to build the final image.
Go here if you are looking
for a docker images to compile OpenWrt completely from source.

Why

  • customized and optimized (size) images with your personal configurations
  • full automatic image creation (could be run in CI)
  • repeatable builds
  • easy configuration, fast build

How

Using docker

  1. $ git clone https://github.com/jandelgado/lede-dockerbuilder.git
  2. $ cd lede-dockerbuilder
  3. $ ./builder.sh build-docker-image example-nexx-wt3020.conf
  4. $ ./builder.sh build example-nexx-wt3020.conf

The build-docker-image command will first build the docker image containing
the actual image builder. The resulting docker image is per default tagged with
openwrt-imagebuilder:<Release>-<Target>-<Subtarget>. The build command
will afterwards run a container, which builds the actual OpenWrt image. The
final OpenWrt image will be available in the output/ directory.

Using nix-shell

  1. $ git clone https://github.com/jandelgado/lede-dockerbuilder.git
  2. $ cd lede-dockerbuilder
  3. $ ./builder.sh build example-nexx-wt3020.conf --nix

Using nix-shell does not require building a container image or starting a
container first, therefore it is usually faster.

Usage

  1. Dockerized LEDE/OpenWRT image builder.
  2. Usage: $1 COMMAND CONFIGFILE [OPTIONS]
  3. COMMAND is one of:
  4. build-docker-image - build the docker image (run once first)
  5. profiles - show available profiles for current configuration
  6. build - start container and build the LEDE/OpenWRT image
  7. shell - start shell in the build dir
  8. CONFIGFILE - configuraton file to use
  9. OPTIONS:
  10. -o OUTPUT_DIR - output directory (default $OUTPUT_DIR)
  11. --docker-opts OPTS - additional options to pass to docker run
  12. (can occur multiple times)
  13. -f ROOTFS_OVERLAY - rootfs-overlay directory (default $ROOTFS_OVERLAY)
  14. --sudo - call container tool with sudo
  15. --podman - use buildah and podman to build and run container
  16. --nerdctl - use nerdctl to build and run container
  17. --docker - use docker to build and run container (default)
  18. --nix - build using nix-shell
  19. command line options -o, -f override config file settings.
  20. Example:
  21. # build the builder docker image first
  22. ./builder.sh build-docker-image example-glinet-gl-ar750.conf
  23. # now build the OpenWrt image, overriding output and rootfs locations
  24. ./builder.sh build example-glinet-gl-ar750.conf -o output -f myrootfs
  25. # show available profiles for the arch/target/subtarget of the given configuration
  26. ./builder.sh profiles example-glinet-gl-ar750.conf
  27. # pass additional docker options: mount downloads to host directory during build
  28. ./builder.sh build example-glinet-gl-ar750.conf --docker-opts "-v=$(pwd)/dl:/lede/imagebuilder/dl:z"
  29. # use nix to build the OpenWrt image, no need to build a container first
  30. ./builder.sh build example-x86_64.conf --nix

Builder runtime

  • By default docker will be used to build and run the container.
  • When called with --podman option, lede-dockerbuilder will use buildah and
    podman to build and run the container.
  • When called with --nerdctl option, lede-dockerbuilder will use nerdctl to
    build and run the container.
  • Use the --sudo option to run the container command with sudo.
  • Use the --nix option to run the build in a nix-shell (instead
    of using a container runtime)

When using a container builder like docker, the build container will be newly
created on every build. When using the nix builder, the build environment will
be reused, which is ususally faster. By default, the nix build environments are
installed in the .build directory, relative to the builder.sh script. This
can be overriden with the NIX_BUILD_DIR environment variable.

Configuration file

The configuration file is quiet self-explanatory. The following parameters are
mandatory (prefixed with LEDE_ for historical reasons, config works also
with OpenWrt):

  • LEDE_TARGET - Target architecture
  • LEDE_SUBTARGET - Sub target architecture
  • LEDE_RELEASE - Release to use
  • LEDE_PROFILE - Profile to use
  • LEDE_PACKAGES - list of packages to include/exclude. Prepend package to be excluded with -
  • LEDE_DISABLED_SERVICES - list of services to disable on startup in /etc/init.d

LEDE_TARGET, LEDE_SUBTARGET and LEDE_RELEASE are used to construct the
URL of the image builder binary well as for the construction for the tag of the
docker image.

You can find the proper values by browsing the OpenWrt website e.g.
here and
here.

In addition the following optional parameters can be set, to further control
output and image creation:

  • OUTPUT_DIR - path where resulting images are stored. Defaults to output
    in the scripts directory (can be overridden by -o parameter). Will be
    automatically created.
  • ROOTFS_OVERLAY - path of the root file system overlay directory. Defaults
    to rootfs-overlay in the scripts directory (can be overridden by -f
    parameter).
  • LEDE_BUILDER_URL - URL of the LEDE/OpenWrt image builder to use, override
    if you do not wish to use the default builder
    (https://downloads.openwrt.org/releases/$LEDE_RELEASE/targets/$LEDE_TARGET/$LEDE_SUBTARGET/openwrt-imagebuilder-$LEDE_RELEASE-$LEDE_TARGET-$LEDE_SUBTARGET.Linux-x86_64.tar.xz)
  • REPOSITORIES_CONF - optional file file to use instead of the default
    repositories.conf. The file will be mounted in the container.
    Look at the official documentation
    for more information.

Use the BASEDIR_CONFIG_FILE variable to set locations of OUTPUT_DIR or
ROOTFS_OVERLAY relative to the configuration files location. This allows
self-contained projects outside of the lede-dockerbuilder folder. If e.g.
ROOTFS_OVERLAY=$BASEDIR_CONFIG_FILE/rootfs-overlay is set, then the
rootfs-overlay directory is expected to be in the same directory as the
configuration file.

Example configuration for my NEXX
WT3020
router, where I have an
encrypted USB disk attached so I can use it as a simple NAS with samba and ftp:

  1. # LEDE profile to use: NEXX WT3020
  2. LEDE_PROFILE=nexx_wt3020-8m
  3. LEDE_RELEASE=23.05.0
  4. LEDE_TARGET=ramips
  5. LEDE_SUBTARGET=mt7620
  6. # list packages to include in LEDE image. prepend packages to deinstall with "-".
  7. #
  8. # include all packages to build a mobile NAS supporting disk encryption:
  9. # ksmbd (samba4 is too large now for the WT3020's 8MB), cryptsetup.
  10. # see https://github.com/namjaejeon/ksmbd-tools for ksmbd info.
  11. LEDE_PACKAGES="ksmbd-server lsblk block-mount\
  12. kmod-usb-storage-uas kmod-scsi-core ntfs-3g\
  13. kmod-nls-iso8859-1 cryptsetup kmod-crypto-xts\
  14. kmod-mt76 kmod-usb2 kmod-usb-ohci kmod-usb-core kmod-dm kmod-crypto-ecb\
  15. kmod-crypto-misc kmod-crypto-cbc kmod-crypto-crc32c kmod-crypto-hash\
  16. kmod-crypto-user\
  17. -ppp -kmod-ppp -kmod-pppoe -kmod-pppox -ppp-mod-pppoe -opkg\
  18. -ip6tables -odhcp6c -kmod-ipv6 -kmod-ip6tables -odhcpd-ipv6only"
  19. # optionally override OUTPUT_DIR and ROOTFS_OVERLAY directory location here

File system overlay

Place any files and folders that should be copied to the root file system of
the resulting image to the directory pointed to by ROOTFS_OVERLAY (default:
rootfs-overlay/), which can be overridden by the -f command line option.

Example directory structure

The following is an example directoy layout, which I use to create a customized
OpenWrt image for my NEXX WT3020
router (including the generated output).

  1. ├── builder.sh
  2. ├── docker
  3. ├── Dockerfile
  4. └── etc
  5. └── entrypoint.sh
  6. ├── example.cfg
  7. ├── example-openwrt.cfg
  8. ├── output
  9. ├── openwrt-xx.yy.z-ramips-mt7620-device-wt3020-8m.manifest
  10. ├── openwrt-xx.yy.z-ramips-mt7620-wt3020-8M-squashfs-factory.bin
  11. ├── openwrt-xx.yy.z-ramips-mt7620-wt3020-8M-squashfs-sysupgrade.bin
  12. └── sha256sums
  13. ├── README.md
  14. └── rootfs-overlay
  15. ├── etc
  16. ├── config
  17. ├── dhcp
  18. ├── dropbear
  19. ├── firewall
  20. ├── network
  21. ├── samba
  22. ├── system
  23. ├── wireless
  24. ├── dropbear
  25. └── authorized_keys
  26. ├── hotplug.d
  27. └── block
  28. └── 10-mount
  29. ├── passwd
  30. ├── rc.local
  31. ├── shadow
  32. └── vsftpd.conf
  33. ├── README.md
  34. └── usr
  35. └── local
  36. └── bin
  37. └── fix_sta_ap.sh

Debugging

Run ./builder.sh shell CONFIGFILE to get a shell into the docker container,
e.g. ./builder.sh shell example.cfg.

Examples

These examples evolved from images I use myself.

To build an example run ./builder.sh build <config-file>, e.g.

  1. $ ./builder.sh build example-rpi2.conf

The resulting image can be found in the output/ directory. The OpenWrt
wiki

describes how to flash the new image in detail.

Building a x86_64 image and running it in qemu

The example-x86_64.conf file can be used to build a
x86_64 based OpenWrt image which can also be run in qemu, e.g., if you need
a virtual router/firewall.

First build the image with builder.sh build example-x86_64.conf, then unpack
the resulting image with e.g. gunzip output/openwrt-24.10.0-x86-64-generic-ext4-combined.img.gz. Finally the image
can be started with qemu (or simply use run_in_qemu.sh)

  1. qemu-system-x86_64 \
  2. -enable-kvm \
  3. -nographic \
  4. -device ide-hd,drive=d0,bus=ide.0 \
  5. -device virtio-net-pci,netdev=hn0,id=lan \
  6. -netdev user,id=hn0,net=192.168.1.0/24,host=192.168.1.2,hostfwd=tcp::1122-192.168.1.1:22,hostfwd=tcp::8443-192.168.1.1:443\
  7. -device virtio-net-pci,netdev=hn1,id=wan \
  8. -netdev user,id=hn1\
  9. -drive id=d0,if=none,file="$IMG"

Qemu will assign the IP address 10.0.2.15/24 to the WAN interface (eth1)
and OpenWrt the address 192.168.1.1/24 to the LAN (br-lan bridge with
eth0) interface.

Port 1122 will be forwarded to the OpenWrt VMs port 22 (ssh), and port
8443 will be forwarded to port 443 , allowing to access luci using a
web browser from the host under https://localhost:8443.

Note: inside Qemu, press CTRL-a + x to exit.

Building an OpenWrt snapshot release

To build a snapshot release, set
LEDE_RELEASE to snapshots and let LEDE_BUILDER_URL point to the image
builder in the snapshot dir, e.g.

  1. LEDE_RELEASE=snapshots
  2. LEDE_BUILDER_URL="https://downloads.openwrt.org/$LEDE_RELEASE/targets/$LEDE_TARGET/$LEDE_SUBTARGET/openwrt-imagebuilder-$LEDE_TARGET-$LEDE_SUBTARGET.Linux-x86_64.tar.xz"

See the this example which builds an x86_64
image using the snapshot release.

Author

(C) Copyright 2017-2022 by Jan Delgado

License

Apache License 2.0