aesthetic.computer / core
Monorepo for Aesthetic.Computer aesthetic.computer
4
fork

Configure Feed

Select the types of activity you want to include in your feed.

Finalize lith routing and native boot updates

Jeffrey Alan Scudder c505ac4e 972c4adb

+193 -41
+43 -2
fedac/native/ac-os
··· 538 538 539 539 build_kernel() { 540 540 local LINUX_DIR="${BUILD_DIR}/linux-6.14.2" 541 + local HOST_FW_DIR="" 541 542 if [ ! -d "${LINUX_DIR}" ]; then 542 543 err "Linux source not found at ${LINUX_DIR}" 543 544 exit 1 ··· 552 553 else 553 554 cd "${LINUX_DIR}" 554 555 fi 556 + copy_builtin_fw_blob() { 557 + local rel="$1" 558 + local dst="$2/$rel" 559 + mkdir -p "$(dirname "${dst}")" 560 + if [ -f "${HOST_FW_DIR}/${rel}" ]; then 561 + cp -L "${HOST_FW_DIR}/${rel}" "${dst}" 562 + return 0 563 + fi 564 + if [ -f "${HOST_FW_DIR}/${rel}.zst" ]; then 565 + zstd -d "${HOST_FW_DIR}/${rel}.zst" -o "${dst}" 2>/dev/null && return 0 566 + fi 567 + if [ -f "${HOST_FW_DIR}/${rel}.xz" ]; then 568 + xz -dc "${HOST_FW_DIR}/${rel}.xz" > "${dst}" 2>/dev/null && return 0 569 + fi 570 + return 1 571 + } 572 + 573 + for d in /usr/lib/firmware /lib/firmware; do 574 + if [ -d "${d}" ]; then 575 + HOST_FW_DIR="${d}" 576 + break 577 + fi 578 + done 579 + 555 580 # Inject built-in firmware paths if firmware blobs exist locally 556 581 local FW_DIR="${BUILD_DIR}/firmware" 557 - if [ -d "${FW_DIR}" ] && ls "${FW_DIR}"/*.ucode &>/dev/null; then 558 - local FW_LIST=$(cd "${FW_DIR}" && ls *.ucode 2>/dev/null | tr '\n' ' ' | sed 's/ $//') 582 + local FW_LIST 583 + FW_LIST=$(sed -n 's/^CONFIG_EXTRA_FIRMWARE="\([^"]*\)"/\1/p' "${LINUX_DIR}/.config" | head -1) 584 + if [ -n "${FW_LIST}" ]; then 585 + mkdir -p "${FW_DIR}" 586 + if [ -n "${HOST_FW_DIR}" ]; then 587 + local missing_fw="" 588 + local fw="" 589 + for fw in ${FW_LIST}; do 590 + if ! copy_builtin_fw_blob "${fw}" "${FW_DIR}"; then 591 + missing_fw="${missing_fw} ${fw}" 592 + fi 593 + done 594 + if [ -n "${missing_fw}" ]; then 595 + err "Missing built-in firmware blobs:${missing_fw}" 596 + err "Looked under: ${HOST_FW_DIR}" 597 + exit 1 598 + fi 599 + fi 559 600 sed -i "s|^CONFIG_EXTRA_FIRMWARE=.*|CONFIG_EXTRA_FIRMWARE=\"${FW_LIST}\"|" "${LINUX_DIR}/.config" 560 601 sed -i "s|^CONFIG_EXTRA_FIRMWARE_DIR=.*|CONFIG_EXTRA_FIRMWARE_DIR=\"${FW_DIR}\"|" "${LINUX_DIR}/.config" 561 602 log "Built-in firmware: ${FW_LIST}"
+23 -8
fedac/native/initramfs/init
··· 51 51 export SSL_CERT_DIR="/etc/ssl/certs" 52 52 export HOME="/tmp" 53 53 54 - # ── Mount USB EFI partition (for config.json, wifi_creds.json, logs) ── 55 - # Load filesystem modules and retry — USB takes time to appear 54 + # ── Mount USB config/log partition (for config.json, wifi creds, logs) ── 55 + # Prefer the writable config partition over the boot partitions. 56 56 modprobe vfat 2>/dev/null 57 57 modprobe nls_cp437 2>/dev/null 58 58 modprobe nls_ascii 2>/dev/null 59 59 USB_MOUNTED=0 60 - for attempt in 1 2 3 4 5 6 7 8 9 10; do 61 - for p in /dev/sda1 /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/nvme0n1p1; do 60 + USB_PARTS="/dev/sda1 /dev/sda2 /dev/sda3 /dev/sdb1 /dev/sdb2 /dev/sdb3 /dev/sdc1 /dev/sdc2 /dev/sdc3 /dev/sdd1 /dev/sdd2 /dev/sdd3 /dev/nvme0n1p1 /dev/nvme0n1p2 /dev/nvme0n1p3" 61 + 62 + mount_usb_partition() { 63 + pass="$1" 64 + for p in $USB_PARTS; do 62 65 if [ -b "$p" ]; then 63 66 mkdir -p /mnt 64 - mount -t vfat "$p" /mnt 2>/dev/null && { 65 - if [ -f /mnt/EFI/BOOT/BOOTX64.EFI ]; then USB_MOUNTED=1; break 2; fi 66 - umount /mnt 2>/dev/null 67 - } 67 + mount -t vfat "$p" /mnt 2>/dev/null || continue 68 + if [ "$pass" = "config" ] && [ -f /mnt/config.json ]; then 69 + USB_MOUNTED=1 70 + return 0 71 + fi 72 + if [ "$pass" = "boot" ] && { [ -f /mnt/EFI/BOOT/BOOTX64.EFI ] || [ -f /mnt/EFI/BOOT/KERNEL.EFI ]; }; then 73 + USB_MOUNTED=1 74 + return 0 75 + fi 76 + umount /mnt 2>/dev/null 68 77 fi 69 78 done 79 + return 1 80 + } 81 + 82 + for attempt in 1 2 3 4 5 6 7 8 9 10; do 83 + mount_usb_partition config && break 84 + mount_usb_partition boot && break 70 85 [ "$USB_MOUNTED" = "1" ] && break 71 86 sleep 1 72 87 done
+27 -13
fedac/native/scripts/flash-helper-runner.sh
··· 62 62 local dev="$1" 63 63 local mountpoint="$2" 64 64 local include_config="${3:-no}" 65 + local boot_mode="${4:-chainloader}" 65 66 66 67 mount_vfat_partition "${dev}" "${mountpoint}" 67 68 mkdir -p "${mountpoint}/EFI/BOOT" 68 - cp "${STAGED_ROOT}/EFI/BOOT/BOOTX64.EFI" "${mountpoint}/EFI/BOOT/BOOTX64.EFI" 69 - cp "${STAGED_ROOT}/EFI/BOOT/KERNEL.EFI" "${mountpoint}/EFI/BOOT/KERNEL.EFI" 69 + case "${boot_mode}" in 70 + chainloader) 71 + cp "${STAGED_ROOT}/EFI/BOOT/BOOTX64.EFI" "${mountpoint}/EFI/BOOT/BOOTX64.EFI" 72 + cp "${STAGED_ROOT}/EFI/BOOT/KERNEL.EFI" "${mountpoint}/EFI/BOOT/KERNEL.EFI" 73 + ;; 74 + kernel-only) 75 + cp "${STAGED_ROOT}/EFI/BOOT/KERNEL.EFI" "${mountpoint}/EFI/BOOT/KERNEL.EFI" 76 + rm -f "${mountpoint}/EFI/BOOT/BOOTX64.EFI" 77 + ;; 78 + *) 79 + err "Unknown VFAT boot mode: ${boot_mode}" 80 + return 1 81 + ;; 82 + esac 70 83 if [ "${include_config}" = "yes" ]; then 71 84 cp "${STAGED_ROOT}/config.json" "${mountpoint}/config.json" 72 85 fi ··· 80 93 81 94 mount_hfs_partition "${dev}" "${mountpoint}" 82 95 83 - mkdir -p "${mountpoint}/EFI/BOOT" 84 96 mkdir -p "${mountpoint}/System/Library/CoreServices" 85 97 86 - cp "${STAGED_ROOT}/EFI/BOOT/BOOTX64.EFI" "${mountpoint}/EFI/BOOT/BOOTX64.EFI" 87 - cp "${STAGED_ROOT}/EFI/BOOT/KERNEL.EFI" "${mountpoint}/EFI/BOOT/KERNEL.EFI" 88 - cp "${STAGED_ROOT}/EFI/BOOT/BOOTX64.EFI" "${mountpoint}/System/Library/CoreServices/boot.efi" 98 + cp "${STAGED_ROOT}/EFI/BOOT/KERNEL.EFI" "${mountpoint}/System/Library/CoreServices/boot.efi" 89 99 90 100 if [ -f /boot/efi/System/Library/CoreServices/SystemVersion.plist ]; then 91 101 cp /boot/efi/System/Library/CoreServices/SystemVersion.plist \ ··· 98 108 cp /boot/efi/mach_kernel "${mountpoint}/mach_kernel" 99 109 fi 100 110 101 - hfs-bless "${mountpoint}/EFI/BOOT/BOOTX64.EFI" 111 + hfs-bless "${mountpoint}/System/Library/CoreServices/boot.efi" 102 112 sync 103 113 umount "${mountpoint}" 104 114 } ··· 117 127 118 128 mount_vfat_partition "${main_part}" /mnt/ac-main 119 129 log "Main config: $(ac_media_summarize_config_file /mnt/ac-main/config.json || echo config=unreadable)" 130 + test ! -f /mnt/ac-main/EFI/BOOT/BOOTX64.EFI 120 131 sha256sum /mnt/ac-main/EFI/BOOT/KERNEL.EFI "${STAGED_ROOT}/EFI/BOOT/KERNEL.EFI" 121 132 umount /mnt/ac-main 122 133 123 134 mount_vfat_partition "${efi_part}" /mnt/ac-efi 135 + test ! -f /mnt/ac-efi/EFI/BOOT/BOOTX64.EFI 124 136 sha256sum /mnt/ac-efi/EFI/BOOT/KERNEL.EFI "${STAGED_ROOT}/EFI/BOOT/KERNEL.EFI" 125 137 umount /mnt/ac-efi 126 138 127 139 mount_hfs_partition "${mac_part}" /mnt/ac-mac 128 - sha256sum /mnt/ac-mac/EFI/BOOT/KERNEL.EFI "${STAGED_ROOT}/EFI/BOOT/KERNEL.EFI" 129 - test -f /mnt/ac-mac/System/Library/CoreServices/boot.efi 140 + test ! -f /mnt/ac-mac/EFI/BOOT/BOOTX64.EFI 141 + test ! -f /mnt/ac-mac/EFI/BOOT/KERNEL.EFI 142 + sha256sum /mnt/ac-mac/System/Library/CoreServices/boot.efi "${STAGED_ROOT}/EFI/BOOT/KERNEL.EFI" 130 143 umount /mnt/ac-mac 131 144 } 132 145 ··· 180 193 mkfs.vfat -F 32 -n ACEFI "${EFI_PART}" >/dev/null 181 194 mkfs.hfsplus -v AC-MAC "${MAC_PART}" >/dev/null 182 195 183 - sgdisk --attributes=1:set:2 "${USB_DEV}" >/dev/null 2>&1 || true 184 - sgdisk --hybrid 1:2:3 "${USB_DEV}" >/dev/null 2>&1 || true 196 + sgdisk --attributes=1:set:62 "${USB_DEV}" >/dev/null 2>&1 || true 197 + sgdisk --attributes=2:set:62 "${USB_DEV}" >/dev/null 2>&1 || true 198 + sgdisk --hybrid 3 "${USB_DEV}" >/dev/null 2>&1 || true 185 199 partprobe "${USB_DEV}" 2>/dev/null || true 186 200 187 - copy_boot_tree_to_vfat "${MAIN_PART}" /mnt/ac-main yes 188 - copy_boot_tree_to_vfat "${EFI_PART}" /mnt/ac-efi no 201 + copy_boot_tree_to_vfat "${MAIN_PART}" /mnt/ac-main yes kernel-only 202 + copy_boot_tree_to_vfat "${EFI_PART}" /mnt/ac-efi no kernel-only 189 203 populate_mac_partition "${MAC_PART}" /mnt/ac-mac 190 204 191 205 sync
+2 -2
fedac/native/src/ac-native.c
··· 2010 2010 fprintf(stderr, "[ac-native] dmesg DRM/i915:\n"); 2011 2011 system("dmesg 2>/dev/null | grep -i 'drm\\|i915\\|display\\|error' | tail -20"); 2012 2012 // Write diagnostics to USB too 2013 - system("cat /proc/cmdline >> /mnt/usb/ac-init.log 2>/dev/null"); 2014 - system("dmesg 2>/dev/null | grep -i 'drm\\|i915\\|display' >> /mnt/usb/ac-init.log 2>/dev/null"); 2013 + system("cat /proc/cmdline >> /mnt/ac-init.log 2>/dev/null"); 2014 + system("dmesg 2>/dev/null | grep -i 'drm\\|i915\\|display' >> /mnt/ac-init.log 2>/dev/null"); 2015 2015 if (getpid() == 1) { sleep(30); reboot(LINUX_REBOOT_CMD_POWER_OFF); } 2016 2016 return 1; 2017 2017 }
+1 -1
lith/Caddyfile
··· 340 340 } 341 341 reverse_proxy localhost:8888 342 342 } 343 - @mainspa host aesthetic.computer www.aesthetic.computer kidlisp.com www.kidlisp.com notepat.com www.notepat.com p5.aesthetic.computer sitemap.aesthetic.computer 343 + @mainspa host aesthetic.computer www.aesthetic.computer lith.aesthetic.computer kidlisp.com www.kidlisp.com notepat.com www.notepat.com p5.aesthetic.computer sitemap.aesthetic.computer 344 344 handle @mainspa { 345 345 # Preload critical assets (browser starts fetching before parsing HTML) 346 346 header Link "</aesthetic.computer/boot.mjs>; rel=preload; as=script, </aesthetic.computer/style.css>; rel=preload; as=style"
+97 -15
lith/deploy.fish
··· 12 12 set VAULT_DIR "$SCRIPT_DIR/../aesthetic-computer-vault" 13 13 set SSH_KEY "$VAULT_DIR/home/.ssh/id_rsa" 14 14 set SERVICE_ENV "$VAULT_DIR/lith/.env" 15 - set LITH_HOST "lith.aesthetic.computer" 16 15 set LITH_USER "root" 17 16 set REMOTE_DIR "/opt/ac" 17 + set DEFAULT_LITH_HOST "lith.aesthetic.computer" 18 + set DEFAULT_LITH_DROPLET_NAME "ac-lith" 19 + set TARGET_HOST $DEFAULT_LITH_HOST 20 + set TARGET_DROPLET_NAME $DEFAULT_LITH_DROPLET_NAME 21 + 22 + if set -q LITH_HOST 23 + set TARGET_HOST $LITH_HOST 24 + end 25 + 26 + if set -q LITH_DROPLET_NAME 27 + set TARGET_DROPLET_NAME $LITH_DROPLET_NAME 28 + end 29 + 30 + function ssh_ok --argument host 31 + ssh -i $SSH_KEY -o StrictHostKeyChecking=no -o ConnectTimeout=10 $LITH_USER@$host "echo ok" &>/dev/null 32 + end 33 + 34 + function get_do_token 35 + if set -q DIGITALOCEAN_ACCESS_TOKEN 36 + echo $DIGITALOCEAN_ACCESS_TOKEN 37 + return 0 38 + end 39 + 40 + if set -q DO_TOKEN 41 + echo $DO_TOKEN 42 + return 0 43 + end 44 + 45 + for token_file in \ 46 + "$VAULT_DIR/help/deploy.env" \ 47 + "$VAULT_DIR/judge/deploy.env" \ 48 + "$VAULT_DIR/oven/deploy.env" \ 49 + "$VAULT_DIR/at/deploy.env" 50 + if not test -f $token_file 51 + continue 52 + end 53 + 54 + set token_line (rg -m1 '^DO_TOKEN=' $token_file) 55 + if test -n "$token_line" 56 + string replace -r '^DO_TOKEN=' '' -- $token_line 57 + return 0 58 + end 59 + end 60 + 61 + return 1 62 + end 63 + 64 + function get_lith_host_from_do 65 + if not command -sq doctl 66 + return 1 67 + end 68 + 69 + set do_token (get_do_token) 70 + if test -z "$do_token" 71 + return 1 72 + end 73 + 74 + set row (env DIGITALOCEAN_ACCESS_TOKEN="$do_token" \ 75 + doctl compute droplet list --format Name,PublicIPv4 --no-header 2>/dev/null | \ 76 + rg "^$TARGET_DROPLET_NAME\\s") 77 + 78 + if test -z "$row" 79 + return 1 80 + end 81 + 82 + set compact_row (string replace -ra '\s+' ' ' -- (string trim -- $row)) 83 + set fields (string split ' ' -- $compact_row) 84 + 85 + if test (count $fields) -lt 2 86 + return 1 87 + end 88 + 89 + echo $fields[2] 90 + end 18 91 19 92 # Check for required files 20 93 if not test -f $SSH_KEY ··· 34 107 end 35 108 36 109 # Test SSH connection 37 - echo -e "$GREEN-> Testing SSH connection to $LITH_HOST...$NC" 38 - if not ssh -i $SSH_KEY -o StrictHostKeyChecking=no -o ConnectTimeout=10 $LITH_USER@$LITH_HOST "echo ok" &>/dev/null 39 - echo -e "$RED x Cannot connect to $LITH_HOST$NC" 40 - exit 1 110 + echo -e "$GREEN-> Testing SSH connection to $TARGET_HOST...$NC" 111 + if not ssh_ok $TARGET_HOST 112 + set fallback_host (get_lith_host_from_do) 113 + 114 + if test -n "$fallback_host"; and test "$fallback_host" != "$TARGET_HOST" 115 + echo -e "$YELLOW Falling back to DigitalOcean droplet $TARGET_DROPLET_NAME at $fallback_host.$NC" 116 + set TARGET_HOST $fallback_host 117 + end 118 + 119 + if not ssh_ok $TARGET_HOST 120 + echo -e "$RED x Cannot connect to $TARGET_HOST$NC" 121 + exit 1 122 + end 41 123 end 42 124 43 - echo -e "$GREEN-> Connected.$NC" 125 + echo -e "$GREEN-> Connected to $TARGET_HOST.$NC" 44 126 45 127 # Sync repo (git pull on remote) 46 128 echo -e "$GREEN-> Pulling latest code...$NC" 47 - ssh -i $SSH_KEY $LITH_USER@$LITH_HOST "cd $REMOTE_DIR && git pull origin main" 129 + ssh -i $SSH_KEY $LITH_USER@$TARGET_HOST "cd $REMOTE_DIR && git pull origin main" 48 130 49 131 # Overlay local working tree changes so deploys include uncommitted routing/frontend edits. 50 132 echo -e "$GREEN-> Syncing local lith/ and system/ working tree...$NC" ··· 53 135 --exclude .env \ 54 136 --exclude .DS_Store \ 55 137 "$REPO_ROOT/lith/" \ 56 - $LITH_USER@$LITH_HOST:$REMOTE_DIR/lith/ 138 + $LITH_USER@$TARGET_HOST:$REMOTE_DIR/lith/ 57 139 rsync -az --delete \ 58 140 --exclude node_modules \ 59 141 --exclude .env \ 60 142 --exclude .DS_Store \ 61 143 "$REPO_ROOT/system/" \ 62 - $LITH_USER@$LITH_HOST:$REMOTE_DIR/system/ 144 + $LITH_USER@$TARGET_HOST:$REMOTE_DIR/system/ 63 145 64 146 # Upload env 65 147 echo -e "$GREEN-> Uploading environment...$NC" 66 148 # Note: lith.service reads EnvironmentFile=/opt/ac/system/.env, so the 67 149 # canonical vault source lives at aesthetic-computer-vault/lith/.env and is 68 150 # uploaded into system/.env on the remote host. 69 - scp -i $SSH_KEY $SERVICE_ENV $LITH_USER@$LITH_HOST:$REMOTE_DIR/system/.env 151 + scp -i $SSH_KEY $SERVICE_ENV $LITH_USER@$TARGET_HOST:$REMOTE_DIR/system/.env 70 152 71 153 # Install deps 72 154 echo -e "$GREEN-> Installing dependencies...$NC" 73 - ssh -i $SSH_KEY $LITH_USER@$LITH_HOST "cd $REMOTE_DIR/lith && npm install && cd $REMOTE_DIR/system && npm install" 155 + ssh -i $SSH_KEY $LITH_USER@$TARGET_HOST "cd $REMOTE_DIR/lith && npm install && cd $REMOTE_DIR/system && npm install" 74 156 75 157 # Upload Caddyfile 76 158 echo -e "$GREEN-> Updating Caddy config...$NC" 77 - scp -i $SSH_KEY $SCRIPT_DIR/Caddyfile $LITH_USER@$LITH_HOST:/etc/caddy/Caddyfile 78 - ssh -i $SSH_KEY $LITH_USER@$LITH_HOST "systemctl reload caddy" 159 + scp -i $SSH_KEY $SCRIPT_DIR/Caddyfile $LITH_USER@$TARGET_HOST:/etc/caddy/Caddyfile 160 + ssh -i $SSH_KEY $LITH_USER@$TARGET_HOST "systemctl reload caddy" 79 161 80 162 # Restart lith service 81 163 echo -e "$GREEN-> Restarting lith...$NC" 82 - ssh -i $SSH_KEY $LITH_USER@$LITH_HOST "systemctl restart lith" 164 + ssh -i $SSH_KEY $LITH_USER@$TARGET_HOST "systemctl restart lith" 83 165 84 - echo -e "$GREEN-> Done. lith deployed to $LITH_HOST$NC" 166 + echo -e "$GREEN-> Done. lith deployed to $TARGET_HOST$NC"