[Tails-dev] Support for modern Vagrant

Nachricht löschen

Nachricht beantworten
Autor: David Wolinsky
Datum:  
To: tails-dev
Betreff: [Tails-dev] Support for modern Vagrant
I use ArchLinux that has support for a more modern version of Vagrant. I've
spent a bit of time hacking the source code of Tails to support the newer
version of Vagrant and I think I've maintained support for the older build
environment as well. I'd appreciate feedback (including someone running
this patch against the typical build environment). Note: I have never coded
Ruby before, so any feedback is more than welcome :).

Fyi, this should resolve this issue:
https://labs.riseup.net/code/issues/6221

Many thanks,
David
From d5778c420318ba9f707d0225dc9f3045512245c9 Mon Sep 17 00:00:00 2001
From: David Isaac Wolinsky <isaac.wolinsky@???>
Date: Mon, 9 Dec 2013 23:13:39 -0500
Subject: [PATCH] fixes for vagrant v2 (1.3.5) - Version tested via
vagrant_version: vagrant_old - Moved the box checksum as a define since the
newer vagrant doesn't pass the env to the downloader - Added the insertion
of the Debian keys because it was failing to build otherwise

---
 Rakefile                                 | 40 +++++++++++++++++++++-----------
 vagrant/Vagrantfile                      | 34 ++++++++++++++++++++-------
 vagrant/lib/tails_build_settings.rb      |  3 +++
 vagrant/lib/vagrant_verified_download.rb | 34 ++++++++++++++++-----------
 vagrant/lib/vagrant_version.rb           | 22 ++++++++++++++++++
 vagrant/provision/setup-tails-builder    |  6 +++++
 6 files changed, 104 insertions(+), 35 deletions(-)
 create mode 100644 vagrant/lib/vagrant_version.rb


diff --git a/Rakefile b/Rakefile
index ea3ef38..9ab1399 100644
--- a/Rakefile
+++ b/Rakefile
@@ -25,6 +25,7 @@ require 'uri'

$:.unshift File.expand_path('../vagrant/lib', __FILE__)
require 'tails_build_settings'
+require 'vagrant_version'

# Path to the directory which holds our Vagrantfile
VAGRANT_PATH = File.expand_path('../vagrant', __FILE__)
@@ -41,23 +42,33 @@ EXTERNAL_HTTP_PROXY = ENV['http_proxy']
# In-VM proxy URL
INTERNEL_HTTP_PROXY = "http://#{VIRTUAL_MACHINE_HOSTNAME}:3142"

-def current_vm_memory
+def primary_vm
   env = Vagrant::Environment.new(:cwd => VAGRANT_PATH, :ui_class => Vagrant::UI::Basic)
-  uuid = env.primary_vm.uuid
-  info = env.primary_vm.driver.execute 'showvminfo', uuid, '--machinereadable'
+  if vagrant_old
+    return env.primary_vm
+  else
+    name = env.primary_machine_name
+    return env.machine(name, env.default_provider)
+  end
+end
+
+def current_vm_memory
+  vm = primary_vm
+  uuid = vm.uuid
+  info = vm.driver.execute 'showvminfo', uuid, '--machinereadable'
   $1.to_i if info =~ /^memory=(\d+)/
 end


def current_vm_cpus
- env = Vagrant::Environment.new(:cwd => VAGRANT_PATH, :ui_class => Vagrant::UI::Basic)
- uuid = env.primary_vm.uuid
- info = env.primary_vm.driver.execute 'showvminfo', uuid, '--machinereadable'
+ vm = primary_vm
+ uuid = vm.uuid
+ info = vm.driver.execute 'showvminfo', uuid, '--machinereadable'
$1.to_i if info =~ /^cpus=(\d+)/
end

def vm_running?
- env = Vagrant::Environment.new(:cwd => VAGRANT_PATH, :ui_class => Vagrant::UI::Basic)
- env.primary_vm.state == :running
+ vm = primary_vm
+ vm.state == :running
end

 def enough_free_memory?
@@ -197,9 +208,12 @@ desc 'Build Tails'
 task :build => ['parse_build_options', 'ensure_clean_repository', 'validate_http_proxy', 'vm:up'] do
   exported_env = EXPORTED_VARIABLES.select { |k| ENV[k] }.
                   collect { |k| "#{k}='#{ENV[k]}'" }.join(' ')
-
-  env = Vagrant::Environment.new(:cwd => VAGRANT_PATH)
-  status = env.primary_vm.channel.execute("#{exported_env} build-tails",
+  if vagrant_old
+    chan = primary_vm.channel
+  else
+    chan = primary_vm.communicate
+  end
+  status = chan.execute("#{exported_env} build-tails",
                                           :error_check => false) do |fd, data|
     (fd == :stdout ? $stdout : $stderr).write data
   end
@@ -214,8 +228,7 @@ end
 namespace :vm do
   desc 'Start the build virtual machine'
   task :up => ['parse_build_options', 'validate_http_proxy'] do
-    env = Vagrant::Environment.new(:cwd => VAGRANT_PATH, :ui_class => Vagrant::UI::Basic)
-    case env.primary_vm.state
+    case primary_vm.state
     when :not_created
       # Do not use non-existant in-VM proxy to download the basebox
       if ENV['http_proxy'] == INTERNEL_HTTP_PROXY
@@ -268,6 +281,7 @@ namespace :vm do
         abort 'The virtual machine needs to be reloaded to change the number of CPUs. Aborting.'
       end
     end
+    env = Vagrant::Environment.new(:cwd => VAGRANT_PATH, :ui_class => Vagrant::UI::Basic)
     result = env.cli('up')
     abort "'vagrant up' failed" unless result


diff --git a/vagrant/Vagrantfile b/vagrant/Vagrantfile
index 3fea818..3f097e8 100644
--- a/vagrant/Vagrantfile
+++ b/vagrant/Vagrantfile
@@ -19,6 +19,7 @@

# Monkey-patched Vagrant!
$:.unshift File.expand_path('../lib', __FILE__)
+require 'vagrant_version'
require 'vagrant_verified_download'
require 'tails_build_settings'

@@ -30,16 +31,31 @@ end

cpus = ENV['TAILS_BUILD_CPUS']

-Vagrant::Config.run do |config|
-  config.vm.box = 'tails'
-
-  config.vm.box_url = 'http://dl.amnesia.boum.org/tails/project/vagrant/squeeze.box'
-  config.vm.box_checksum = 'ffb3f68f55a3458e007b9abed3eac057f71c518713fcdf982b78f8b59e28318e'
+if vagrant_old
+  Vagrant::Config.run do |config|
+    config.vm.box = 'tails'
+    config.vm.box_url = 'http://dl.amnesia.boum.org/tails/project/vagrant/squeeze.box'
+ 
+    config.vm.provision :shell, :inline => "http_proxy='#{ENV['http_proxy']}' /vagrant/provision/setup-tails-builder"
+
+   config.vm.share_folder 'amnesia', '/amnesia.git', '../.git'
+ 
+   config.vm.customize ['modifyvm', :id, '--memory', mem_size]
+   config.vm.customize ['modifyvm', :id, '--cpus', cpus] unless cpus.nil?
+  end
+else
+  Vagrant.configure("2") do |config|
+    config.vm.box = 'tails'
+    config.vm.box_url = 'http://dl.amnesia.boum.org/tails/project/vagrant/squeeze.box'


-  config.vm.provision :shell, :inline => "http_proxy='#{ENV['http_proxy']}' /vagrant/provision/setup-tails-builder"
+    config.vm.provision "shell",
+      inline: "sudo http_proxy='#{ENV['http_proxy']}' /vagrant/provision/setup-tails-builder"


-  config.vm.share_folder 'amnesia', '/amnesia.git', '../.git'
+    config.vm.synced_folder '../.git', '/amnesia.git'


-  config.vm.customize ['modifyvm', :id, '--memory', mem_size]
-  config.vm.customize ['modifyvm', :id, '--cpus', cpus] unless cpus.nil?
+    config.vm.provider :virtualbox do |vb|
+      vb.customize ['modifyvm', :id, '--memory', mem_size]
+      vb.customize ['modifyvm', :id, '--cpus', cpus] unless cpus.nil?
+    end
+  end
 end
diff --git a/vagrant/lib/tails_build_settings.rb b/vagrant/lib/tails_build_settings.rb
index e2e48ea..8e88030 100644
--- a/vagrant/lib/tails_build_settings.rb
+++ b/vagrant/lib/tails_build_settings.rb
@@ -26,3 +26,6 @@ VM_MEMORY_FOR_RAM_BUILDS = 6 * 1024 + 512 # 6.5 GB


# Virtual machine memory size for on-disk builds
VM_MEMORY_FOR_DISK_BUILDS = 1024 # 1 GB
+
+# Checksum for BOX
+BOX_CHECKSUM = 'ffb3f68f55a3458e007b9abed3eac057f71c518713fcdf982b78f8b59e28318e'
diff --git a/vagrant/lib/vagrant_verified_download.rb b/vagrant/lib/vagrant_verified_download.rb
index 976aa47..994142a 100644
--- a/vagrant/lib/vagrant_verified_download.rb
+++ b/vagrant/lib/vagrant_verified_download.rb
@@ -15,22 +15,30 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.

require 'digest'
+require 'vagrant/util/downloader'

-# The following will monkeypatch Vagrant (successfuly tested against Vagrant
-# 1.0.2) in order to verify the checksum of a downloaded box.
-module Vagrant
-  class Config::VMConfig
-    attr_accessor :box_checksum
+def check(path)
+  checksum = Digest::SHA256.new.file(path).hexdigest
+  if checksum != BOX_CHECKSUM
+    raise Errors::BoxVerificationFailed.new
   end
+end


-  class Action::Box::Download
-    alias :unverified_download :download
-    def download
-      unverified_download
-
-      checksum = Digest::SHA256.new.file(@temp_path).hexdigest
-      if checksum != @env['global_config'].vm.box_checksum
-        raise Errors::BoxVerificationFailed.new
+module Vagrant
+  if vagrant_old
+    class Action::Box::Download
+      alias :unverified_download :download
+      def download
+        unverified_download
+        check(@temp_path)
+      end
+    end
+  else
+    class Util::Downloader
+      alias :unverified_download! :download!
+      def download!
+        unverified_download!
+        check(@destination)
       end
     end
   end
diff --git a/vagrant/lib/vagrant_version.rb b/vagrant/lib/vagrant_version.rb
new file mode 100644
index 0000000..655e309
--- /dev/null
+++ b/vagrant/lib/vagrant_version.rb
@@ -0,0 +1,22 @@
+# Tails: The Amnesic Incognito Live System
+# Copyright © 2012 Tails developers <tails@???>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+require 'vagrant/version'
+
+def vagrant_old
+  version = Vagrant::VERSION.split(".")
+  return version[1].to_i < 3
+end
diff --git a/vagrant/provision/setup-tails-builder b/vagrant/provision/setup-tails-builder
index cd84925..8404668 100755
--- a/vagrant/provision/setup-tails-builder
+++ b/vagrant/provision/setup-tails-builder
@@ -30,6 +30,12 @@ sed -e 's/^[[:blank:]]*//' > /etc/apt/preferences.d/ikiwiki <<EOF
     Pin-Priority: 500
 EOF


+for num in 5 6 7; do
+ wget http://ftp-master.debian.org/keys/archive-key-"$num".0.asc
+ apt-key add archive-key-"$num".0.asc
+ rm archive-key-"$num".0.asc
+done
+
apt-get update
apt-get -y install apt-cacher-ng

--
1.8.5.1