KNEL/football
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add dual-mode ISO builds (production vs demo) with serial console

Browse Source 
Two build modes:
- `./run.sh iso` — production ISO (prompts for credentials, quiet boot)
- `./run.sh iso:demo` — demo/CI ISO (hardcoded test credentials, serial
  console output, verbose kernel)

Changes:
- run.sh: Accept iso:demo subcommand, pass KNEL_BUILD_MODE to Docker
- run.sh: Demo mode uses verbose kernel cmdline with console=ttyS0
- config/bootloaders/grub-pc/config.cfg: GRUB serial console on ttyS0
  at 115200 baud alongside VGA gfxterm (dual output)
- config/includes.installer/demo.preseed.cfg: Fully automated preseed
  with hardcoded test credentials (NOT for production use)
- config/hooks/binary/0199-serial-console.hook: Ensures serial console
  on Debian installer entries too
- .gitignore: Fix binary/ pattern to /binary/ (was matching config/hooks/binary/)

Demo credentials (TESTING ONLY):
- User: football / Kn3l-F00tball-D3m0!
- Root: Kn3l-R00t-D3m0!
- LUKS: Kn3l-D3m0-LUKS!

💘 Generated with Crush

Assisted-by: GLM-5.1 via Crush <crush@charm.land>
This commit is contained in:
reachableceo
2026-05-01 11:35:43 -05:00
parent 3b331d960b
commit 0fb9abe43e
5 changed files with 248 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
config/bootloaders/grub-pc/config.cfg Normal file
View File

@@ -0,0 +1,32 @@
set default=0
# Serial console for demo/validation mode
serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial_console console
terminal_output gfxterm serial_console
if [ x$feature_default_font_path = xy ] ; then
font=unicode
else
font=$prefix/unicode.pf2
fi
if loadfont $font ; then
set gfxmode=800x600
set gfxpayload=keep
insmod efi_gop
insmod efi_uga
insmod video_bochs
insmod video_cirrus
else
set gfxmode=auto
insmod all_video
fi
insmod gfxterm
insmod png
source /boot/grub/theme.cfg
insmod play
play 960 440 1 0 4 440 1

19
config/hooks/binary/0199-serial-console.hook Executable file
View File

@@ -0,0 +1,19 @@
#!/bin/bash
set -e
echo "Adding serial console to Debian installer boot entries..."
GRUB_DIR="binary/boot/grub"
for cfg in "$GRUB_DIR"/install.cfg "$GRUB_DIR"/install_start.cfg "$GRUB_DIR"/install_start_gui.cfg "$GRUB_DIR"/install_start_text.cfg; do
if [ -f "$cfg" ]; then
sed -i 's/@APPEND_INSTALL@/& console=ttyS0,115200/g' "$cfg" 2>/dev/null || true
sed -i 's/--- quiet/--- quiet console=ttyS0,115200/g' "$cfg" 2>/dev/null || true
fi
done
if [ -f "$GRUB_DIR/grub.cfg" ]; then
sed -i 's/@APPEND_LIVE@/& console=ttyS0,115200 console=tty0/g' "$GRUB_DIR/grub.cfg" 2>/dev/null || true
fi
echo "Serial console added to all boot entries."

163
config/includes.installer/demo.preseed.cfg Normal file
View File

@@ -0,0 +1,163 @@
# KNEL-Football Demo/CI Preseed Configuration
# DO NOT USE IN PRODUCTION - hardcoded credentials for automated testing only
# For production, use preseed.cfg which prompts for all credentials
# Localization
d-i debian-installer/locale string en_US.UTF-8
d-i debian-installer/supported_locales multiselect en_US.UTF-8
d-i console-setup/ask_detect boolean false
d-i console-setup/layoutcode string us
d-i console-setup/variantcode string
# Keyboard
d-i keyboard-configuration/xkb-keymap select us
d-i keyboard-configuration/toggle select No toggling
# Suppress all interactive prompts - fully automated
d-i debconf/priority select critical
# Network configuration
d-i netcfg/choose_interface select auto
d-i netcfg/disable_auto_config boolean true
d-i netcfg/get_hostname string knel-football
d-i netcfg/get_domain string knel.net
d-i netcfg/hostname string knel-football
# Mirror configuration
d-i mirror/country string manual
d-i mirror/http/hostname string deb.debian.org
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string
# Clock and time zone setup
d-i time/zone string US/Chicago
d-i clock-setup/utc boolean true
d-i clock-setup/ntp boolean true
# User setup - DEMO CREDENTIALS (NOT FOR PRODUCTION)
# football user: Kn3l-F00tball-D3m0!
d-i passwd/user-fullname string football user
d-i passwd/username string football
d-i passwd/user-password-crypted string $6$demo.salt1234$Round1$placeholder
d-i passwd/user-password-again string Kn3l-F00tball-D3m0!
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted string $6$demo.salt5678$Round1$placeholder
d-i passwd/root-password-again string Kn3l-R00t-D3m0!
# Password quality
d-i passwd/make-user boolean true
d-i passwd/user-default-groups string audio,video,plugdev,input,cdrom,floppy
# Partitioning (LUKS full disk encryption)
d-i partman-partitioning/choose_label select gpt
d-i partman-partitioning/default_label string gpt
d-i partman-auto/disk string /dev/sda
d-i partman-auto/method string crypto
# LVM configuration
d-i partman-auto-lvm/device_remove_lvs boolean true
d-i partman-auto-lvm/device_remove_lvs_span boolean true
d-i partman-auto-lvm/guided_size string max
d-i partman-auto-lvm/new_vg_name string knel_vg
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
# Expert recipe for UEFI + encrypted LVM
d-i partman-auto/expert_recipe string \
efi-boot-root :: \
538 538 1075 free \
$iflabel{ gpt } \
$reusemethod{ } \
method{ efi } format{ } \
. \
512 1024 1024 ext4 \
$primary{ } $bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /boot } \
. \
10000 20000 -1 ext4 \
$lvmok{ } \
in_vg{ knel_vg } \
lv_name{ root } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
1024 200% 8192 linux-swap \
$lvmok{ } \
in_vg{ knel_vg } \
lv_name{ swap } \
method{ swap } format{ } \
.
d-i partman-auto/choose_recipe select efi-boot-root
# LUKS encryption - DEMO PASSPHRASE: Kn3l-D3m0-LUKS!
d-i partman-crypto/erase_disks boolean false
d-i partman-crypto/erase_disks_secure boolean false
d-i partman-crypto/passphrase password Kn3l-D3m0-LUKS!
d-i partman-crypto/passphrase-again password Kn3l-D3m0-LUKS!
d-i partman-crypto/weak_passphrase boolean true
d-i partman-crypto/cipher aes-xts-plain64
d-i partman-crypto/keysize 512
d-i partman-crypto/lvm boolean true
d-i partman-crypto/use-luks2 boolean true
# Confirm partitioning
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
# Package selection
tasksel tasksel/first multiselect standard
d-i pkgsel/include string \
icewm \
lightdm \
remmina \
wireguard \
wireguard-tools \
mousepad \
zbar-tools \
nftables \
openssh-client \
cryptsetup \
cryptsetup-initramfs \
busybox \
dmsetup \
libpam-pwquality
# Boot loader configuration
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean false
d-i grub-installer/bootdev string default
d-i grub-installer/force-efi-extra-removable boolean true
# Popularity contest
popularity-contest popularity-contest/participate boolean false
# Security configuration
d-i security/updates select none
d-i passwd/shadow boolean true
# Finish
d-i finish-install/reboot_in_progress note
d-i cdrom-detect/eject boolean false
# Skip additional prompts
d-i apt-setup/contrib boolean false
d-i apt-setup/non-free boolean false
d-i apt-setup/backports boolean false
d-i apt-setup/services-select multiselect
# Don't ask about kernel flavors
d-i base-installer/kernel/image select linux-image-amd64
# Don't ask about hostname confirmation
d-i netcfg/confirm_static boolean true
# Skip GRUB install confirmation
d-i grub-installer/skip boolean true