Fork: 0
LuminaSensum / buildroot-MynaPlayer

External buildroot tree for LuminaSensum MynaPlayer

Download ZIP 50commits
Transfer to URL with SHA
latest commit 0b09a4c529
@Jookia Jookia authored on 16 Aug 2020
board/ myna-player-odyssey board/MynaPlayer odyssey: Add ethernet and machine-id support in barebox. 3 years ago
buildroot-patches buildroot-patches: Add patches needed for Buildroot 3 years ago
configs board/MynaPlayer odyssey: added pivot_root from util-linux. 3 years ago
packages openssh-systemd: Remove sysvinit files 3 years ago
scripts scripts/rauc_fixups.sh: Copy instead of symlinking 3 years ago
.gitignore Reworked certificates handling. The certs.sh.example contains a full example of this, and must be copied to certs.sh, and modified accordingly to reflect the real paths where the certificates are stored. A script that can be called by any board is creating symlinks from the real paths to corresponding statics targets for usage in genimage and postbuild scripts. The certs folder in the external tree must never be distributed in the repository, and is hence ignored via .gitignore. 3 years ago
Config.in Initial commit. 3 years ago
LICENSE Added LICENSE file. This work is entirely under the GPL 3.0 or later, except where otherwise noted (third party code). 3 years ago
README.md README.md: 'BUILDING' -> 'Building' 3 years ago
changelog.md Release 2020-08-11 3 years ago
external.desc Initial commit. 3 years ago
external.mk external.mk: Fix rauc-fixups makefile race 3 years ago
README.md

This is the external Buildroot repository used to build system images and updates for the MynaPlayer project.

Building

Building MynaPlayer is a easy process, though it requires decent hardware.

First install Buildroot's required dependencies. See: The buildroot user manual, chapter 2: System requirements

Then set up the required source code:

mkdir MYNA && cd MYNA
git clone -b v3.0.7 'https://github.com/OpenVPN/easy-rsa'
git clone -b 2020.05.x 'https://git.buildroot.net/buildroot'
git clone 'https://git.lumina-sensum.com/git/LuminaSensum/buildroot-MynaPlayer.git'
export BR2_EXTERNAL="$PWD/buildroot-MynaPlayer"
cd buildroot
git am ../buildroot-MynaPlayer/buildroot-patches/*.patch
cd ..

Create keys for RAUC updates:

cd easy-rsa
sed -i "s/extendedKeyUsage/#extendedKeyUsage/g" easyrsa3/x509-types/code-signing
./easyrsa3/easyrsa init-pki
./easyrsa3/easyrsa build-ca
./easyrsa3/easyrsa gen-req rauc
./easyrsa3/easyrsa sign-req code-signing rauc
cd ..
cat >buildroot-MynaPlayer/scripts/certs.sh <<EOF
#!/bin/sh
RAUC_CERTIFICATE_AUTHORITY="$PWD/easy-rsa/pki/ca.crt"
RAUC_PRIVATE_KEY="$PWD/easy-rsa/pki/private/rauc.key"
RAUC_PUBLIC_KEY="$PWD/easy-rsa/pki/issued/rauc.crt"
EOF

Build the image:

cd buildroot
make O=output_rootfs myna_player_odyssey_defconfig
make O=output_rootfs -j8
cd ..

Copy RAUC bundles and keys to a server (www.jookia.org in this example):

ls buildroot/output_rootfs/images/
# Find the file ending in *.raucb
# You can also just flash MynaPlayer.img using dd but it takes a long time
mv buildroot/output_rootfs/images/bundle-MynaPlayer-2020-08-06.fe2ca3ce-be36-4f33-94d4-e295cd0518be.raucb /var/www/www.jookia.org/
cp $PWD/easy-rsa/pki/ca.crt /var/www/www.jookia.org/
chmod a+r /var/www/www.jookia.org/ca.crt

Install the update on the device from the server:

wget 'https://www.jookia.org/ca.crt'
cp /etc/rauc/keyring.pem{,.bak}
mv ca.crt /etc/rauc/keyring.pem
rauc install https://www.jookia.org/bundle-MynaPlayer-2020-08-06.fe2ca3ce-be36-4f33-94d4-e295cd0518be.raucb
mv /etc/rauc/keyring.pem{.bak,}
reboot

Future updates won't need to copy the keyring, a single 'rauc install' invocation should download and install the image without trouble.

You should now be running a system you've just built (check the kernel build date):

uname -a
# Linux MynaPlayer 5.8.0 #3 SMP PREEMPT Thu Aug 6 03:21:30 EDT 2020 armv7l GNU/Linux