chore: Release init version 2.6.6

cargo update
add ethtool
2026-05-12 10:28:29 +02:00 · 2026-05-12 10:28:23 +02:00 · 2026-05-12 10:20:58 +02:00 · 2026-05-08 12:00:31 +02:00 · 2026-05-08 11:56:45 +02:00 · 2026-05-08 11:54:39 +02:00
6 changed files with 189 additions and 653 deletions
@@ -1,6 +1,6 @@
 [package]
 name = "init"
-version = "2.6.0"
+version = "2.6.6"
 edition = "2024"

 [profile.release]
@@ -28,6 +28,7 @@ unix_mode = "0.1.4"
 sys-info = "0.9.1"
 dkl = { git = "https://novit.tech/direktil/dkl", version = "1.0.0" }
 openssl = "0.10.73"
-reqwest = { version = "0.13.1", features = ["native-tls"] }
+#reqwest = { version = "0.13.1", features = ["native-tls", "system-proxy"], default-features = false }
+reqwest = { git = "https://github.com/mcluseau/rs-reqwest", version = "0.13.1", features = ["native-tls", "system-proxy", "socks"], default-features = false }
 glob = "0.3.3"
 hex = "0.4.3"
@@ -17,7 +17,7 @@ run . /etc/os-release \
 && wget -O- https://dl-cdn.alpinelinux.org/alpine/v${VERSION_ID%.*}/releases/x86_64/alpine-minirootfs-${VERSION_ID}-x86_64.tar.gz |tar zxv

 run apk add --no-cache --update -p . musl libgcc coreutils \
- iproute2 lvm2 lvm2-extra lvm2-dmeventd udev cryptsetup \
+ ethtool iproute2 lvm2 lvm2-extra lvm2-dmeventd udev cryptsetup \
 e2fsprogs lsblk openssl openssh-server wireguard-tools-wg-quick \
 && rm -rf usr/share/apk var/cache/apk etc/motd dev/*

@@ -1,5 +1,5 @@
 use eyre::{format_err, Result};
-use log::{info, warn};
+use log::{debug, info, warn};
 use std::path::{Path, PathBuf};
 use tokio::{
    fs,
@@ -49,7 +49,7 @@ pub async fn bootstrap(cfg: Config) {
    .await;

    let sys_cfg: dkl::Config = retry(async || {
-        let sys_cfg_bytes = seed_config(base_dir, &bs.seed, &verifier).await?;
+        let sys_cfg_bytes = seed_config(base_dir, &bs, &verifier).await?;
        Ok(serde_yaml::from_slice(&sys_cfg_bytes)?)
    })
    .await;
@@ -79,7 +79,30 @@ pub async fn bootstrap(cfg: Config) {
    })
    .await;

-    exec("chroot", &["/system", "update-ca-certificates"]).await
+    exec("chroot", &["/system", "update-ca-certificates"]).await;
+
+    // activate ttyS* consoles as needed
+    retry_or_ignore(async || {
+        const PATH: &str = "/system/etc/inittab";
+        let mut inittab = fs::read_to_string(PATH).await?;
+        let mut changed = false;
+        for opt in utils::cmdline().filter_map(|s| s.strip_prefix("console=ttyS")) {
+            info!("inittab: adding entry for ttyS{opt}");
+            changed = true;
+
+            let mut params = opt.split(',');
+            let num = params.next().unwrap();
+            let speed = params.next().unwrap_or("115200");
+            inittab.push_str(&format!(
+                "S{num}:12345:respawn:/sbin/agetty --noclear {speed} ttyS{num} linux\n"
+            ));
+        }
+        if changed {
+            fs::write(PATH, inittab.as_bytes()).await?;
+        }
+        Ok(())
+    })
+    .await;
 }

 struct Verifier {
@@ -130,7 +153,7 @@ impl Verifier {

 async fn seed_config(
    base_dir: &str,
-    seed_url: &Option<String>,
+    bs: &dkl::bootstrap::Bootstrap,
    verifier: &Verifier,
 ) -> Result<Vec<u8>> {
    let cfg_path = &format!("{base_dir}/config.yaml");
@@ -141,13 +164,12 @@ async fn seed_config(

    let bs_tar = "/bootstrap.tar";
    if !fs::try_exists(bs_tar).await? {
-        if let Some(seed_url) = seed_url.as_ref() {
-            fetch_bootstrap(seed_url, bs_tar).await?;
-        } else {
+        if bs.seed.is_none() {
            return Err(format_err!(
-                "no {cfg_path}, no {bs_tar} and no seed, can't bootstrap"
+                "no {cfg_path}, no {bs_tar} and no seed URL, can't bootstrap"
            ));
        }
+        fetch_bootstrap(bs, bs_tar).await?;
    }

    try_exec("tar", &["xf", bs_tar, "-C", base_dir]).await?;
@@ -159,15 +181,41 @@ async fn seed_config(
    verifier.verify_path(&cfg_path).await
 }

-async fn fetch_bootstrap(seed_url: &str, output_file: &str) -> Result<()> {
-    let seed_url: reqwest::Url = seed_url.parse()?;
+async fn fetch_bootstrap(bs: &dkl::bootstrap::Bootstrap, output_file: &str) -> Result<()> {
+    let seed_url: reqwest::Url = (bs.seed.as_ref())
+        .ok_or(format_err!("no seed URL"))?
+        .parse()
+        .map_err(|e| format_err!("invalid seed URL: {e}"))?;

    info!(
        "fetching {output_file} from {}",
        seed_url.host_str().unwrap_or("<no host>")
    );

-    let resp = reqwest::get(seed_url).await?;
+    let mut builder = reqwest::Client::builder();
+
+    if let Some(ref proxy) = bs.seed_proxy {
+        debug!("using proxy {proxy}");
+        let proxy = reqwest::Proxy::all(proxy) //
+            .map_err(|e| format_err!("seed proxy setup failed: {e}"))?;
+        builder = builder.proxy(proxy);
+    }
+
+    if let Some(ref ca) = bs.seed_ca {
+        debug!("using custom CA certificate");
+        let ca = base64_decode(ca).map_err(|e| format_err!("invalid seed CA: decode: {e}"))?;
+        let ca = reqwest::Certificate::from_der(&ca)
+            .map_err(|e| format_err!("invalid seed CA: parse: {e}"))?;
+        builder = builder.tls_certs_only([ca]);
+    }
+
+    if let Some(ref sn) = bs.seed_servername {
+        debug!("tls server name: {sn}");
+        builder = builder.tls_server_name(bs.seed_servername.clone());
+    }
+
+    let req = builder.build()?.get(seed_url);
+    let resp = req.send().await?;

    if !resp.status().is_success() {
        return Err(format_err!("HTTP request failed: {}", resp.status()));
@@ -315,7 +363,6 @@ async fn mount_system(cfg: &dkl::Config, bs_cfg: &Config, bs_dir: &str, verifier
            if layer == "modules" && bs_cfg.modules.is_some() {
                continue; // take modules from initrd
            }
-
            mounter.mount(layer).await;
        }
    }
@@ -11,7 +11,7 @@ static CMDLINE: LazyLock<String> = LazyLock::new(|| {
        .unwrap_or_default()
 });

-fn cmdline() -> impl Iterator<Item = &'static str> {
+pub fn cmdline() -> impl Iterator<Item = &'static str> {
    CMDLINE.split_ascii_whitespace()
 }

@@ -95,8 +95,8 @@ lvm:
 #- dev: /dev/storage/bootstrap
 #- dev: /dev/storage/dls

-signer_public_key: 'MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBe6Y3zGQUIHvVXoS5GI8irY8yoB0ozFpzn/cUykA46TkHdJ8xCEaaM1MpqMrfWgDtP/rA2KeE9HjVerLnEFD01uUAUh4/OYgCBDYJPhridVDoC78KOJpkWBj7Shl0Rp0AtETvatNPa1RRe15V7nDF/Nm75Y6O3IL29lYPQ6jqEGhR810='
+signer_public_key: 'MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAd5sR4NqLtjSt8ESNlYWvuufYj7v+aYGDlgxQThcKbzDPVe639IfH94hHE0l9TAfyU94qtN/GpFyKJ68F/u2pu70A/umT1m24ELFDqXlQXqhTsH91r+nYUZ7due3EqSrvru/yjchNNRkpoCCu3QkDF25KnrYfWWHqj9ZIRlBTCJE9SwM='
 bootstrap:
  dev: /dev/storage/bootstrap
-  seed: http://192.168.12.254:7606/public/download-set/host/m1/bootstrap.tar?set=ICIXKJJWA6U4RQESD3KQMWO3IBW6THG4FJUM2HUNFPTIODVSXGDPXTCHSFT6IOUZO6LBAG65QIGYUMIZA3TEHTPB6BXKUFONNUWKUWAJAQRE2GDEOC4RWAAAQA3DSZJXMNSDGN34NA5G2MJ2MJXW65DTORZGC4BOORQXEAAAAAACMICVFM
+  seed: http://192.168.12.254:7606/public/download-set/host/m1/bootstrap.tar?set=ICM5KUZDRAMJPMO5OWW6PSIFYF4AHMYLAQSBZVFUDNG4DQDEW6UFQQJQKMGIXPI4CFOZFVA4CXULRXCAHKX3WELVAYS246FM6SGSGHIOAQRE2GDEOC4RUAAAQA3GEZDFMUZDOMD4NA5CUOTCN5XXI43UOJQXALTUMFZAAAAAACHHUMRU
Author	SHA1	Message	Date
Mikaël Cluseau	ea49b99dbe	chore: Release init version 2.6.6	2026-05-12 10:28:29 +02:00
Mikaël Cluseau	c5f3f220c9	cargo update	2026-05-12 10:28:23 +02:00
Mikaël Cluseau	fec3cfcb57	add ethtool	2026-05-12 10:20:58 +02:00
Mikaël Cluseau	c8437c655c	chore: Release init version 2.6.5	2026-05-08 12:00:31 +02:00
Mikaël Cluseau	fe3752baf9	auto-create inittab entries for serial consoles	2026-05-08 11:56:45 +02:00
Mikaël Cluseau	f29dc650b4	chore: Release init version 2.6.4	2026-05-08 11:54:39 +02:00
Mikaël Cluseau	5ebf1331bb	bump dkl	2026-05-08 11:54:39 +02:00
Mikaël Cluseau	be0e10723a	chore: Release init version 2.6.2	2026-05-08 11:54:39 +02:00
Mikaël Cluseau	01b211d0c5	sanity	2026-05-08 11:54:39 +02:00
Mikaël Cluseau	0ef1ae769e	bump dkl to get FilePart support	2026-05-08 11:54:39 +02:00
Mikaël Cluseau	afac751118	handle seed_{ca,proxy,servername}	2026-05-08 11:54:20 +02:00