From: "'Quirin Gylstorff' via isar-users" <isar-users@googlegroups.com>
To: Jan Kiszka <jan.kiszka@siemens.com>,
isar-users@googlegroups.com, cedric.hombourger@siemens.com,
felix.moessbauer@siemens.com
Subject: Re: [PATCH v4 09/10] Use lighttpd as a example how to add a dracut module
Date: Thu, 23 Oct 2025 10:19:23 +0200 [thread overview]
Message-ID: <7f8ff202-bb50-42c5-9d8c-789cd88fb33b@siemens.com> (raw)
In-Reply-To: <8bc68db3-1294-412e-b8d2-f3b5b648b41f@siemens.com>
On 10/22/25 18:08, Jan Kiszka wrote:
> On 22.10.25 17:06, Quirin Gylstorff wrote:
>> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
>>
>
> Some words about what we will get? An initramfs that runs a tiny
> webserver, right?
>
I will write something in v5. The intention was to have a complex
example which contains the most stuff necessary to create a module.
I should also try to document the stuff more.>> Signed-off-by: Quirin
Gylstorff <quirin.gylstorff@siemens.com>
>> ---
>> .../dracut-example-lighttpd_0.1.bb | 26 ++++++++++
>> .../dracut-example-lighttpd/files/install.sh | 21 ++++++++
>> .../files/lighttpd.conf | 52 +++++++++++++++++++
>> .../files/lighttpd.service | 13 +++++
>> .../files/sysuser-lighttpd.conf | 3 ++
>> .../recipes-initramfs/images/isar-dracut.bb | 3 ++
>> 6 files changed, 118 insertions(+)
>> create mode 100644 meta-isar/recipes-initramfs/dracut-example-lighttpd/dracut-example-lighttpd_0.1.bb
>> create mode 100644 meta-isar/recipes-initramfs/dracut-example-lighttpd/files/install.sh
>> create mode 100644 meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.conf
>> create mode 100644 meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.service
>> create mode 100644 meta-isar/recipes-initramfs/dracut-example-lighttpd/files/sysuser-lighttpd.conf
>>
>> diff --git a/meta-isar/recipes-initramfs/dracut-example-lighttpd/dracut-example-lighttpd_0.1.bb b/meta-isar/recipes-initramfs/dracut-example-lighttpd/dracut-example-lighttpd_0.1.bb
>> new file mode 100644
>> index 00000000..7895e689
>> --- /dev/null
>> +++ b/meta-isar/recipes-initramfs/dracut-example-lighttpd/dracut-example-lighttpd_0.1.bb
>> @@ -0,0 +1,26 @@
>> +#
>> +# Copyright (c) Siemens AG, 2025
>> +#
>> +# Authors:
>> +# Quirin Gylstorff <quirin.gylstorff@siemens.com>
>> +#
>> +# SPDX-License-Identifier: MIT
>> +#
>> +require recipes-initramfs/dracut-module/dracut-module.inc
>> +
>> +DEBIAN_DEPENDS:append = ",lighttpd"
>> +SRC_URI += "file://install.sh \
>> + file://lighttpd.conf \
>> + file://lighttpd.service \
>> + file://sysuser-lighttpd.conf \
>> + "
>> +DRACUT_REQUIRED_BINARIES = "lighttpd"
>> +DRACUT_MODULE_DEPENDENCIES = "systemd-network-management"
>> +
>> +do_install[cleandirs] += "${D}/usr/lib/sysusers.d/"
>> +do_install:append() {
>> + install -m 666 ${WORKDIR}/lighttpd.conf ${DRACUT_MODULE_PATH}
>> + install -m 666 ${WORKDIR}/lighttpd.service ${DRACUT_MODULE_PATH}
>> + install -m 666 ${WORKDIR}/sysuser-lighttpd.conf ${D}/usr/lib/sysusers.d/lighttpd.conf
>
> But this config file is not for the dracut building rootfs, it's for the
> initramfs, right? Is that installation location a good idea then?
inst_sysuser will use that config and it needs to be in that location.
I will write some documentation or a new hook.
>
>> +}
>> +
>> diff --git a/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/install.sh b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/install.sh
>> new file mode 100644
>> index 00000000..e7e50ad4
>> --- /dev/null
>> +++ b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/install.sh
>> @@ -0,0 +1,21 @@
>> +install() {
>> + inst_binary /usr/sbin/lighttpd
>> + inst_binary /usr/sbin/lighttpd-angel
>> + inst_binary /usr/sbin/lighttpd-disable-mod
>> + inst_binary /usr/sbin/lighttpd-enable-mod
>
> Can't we generate that? Like HOOK_COPY_EXECS?
I will try to adapt that code.>
>> + inst_multiple -o /usr/lib/lighttpd/*.so
>> + inst_multiple -o /usr/share/lighttpd/*
>> + inst_simple "${moddir}/lighttpd.service" "$systemdsystemunitdir/lighttpd.service"
>> + mkdir -p -m 0700 "$initdir/etc/lighttpd/"
>> + mkdir -p -m 0700 "$initdir/var/cache/lighttpd/compress"
>> + mkdir -p -m 0700 "$initdir/var/cache/lighttpd/uploads"
>> + mkdir -p -m 0700 "$initdir/var/log/lighttpd/"
>> + mkdir -p -m 0755 "$initdir/var/www/html"
>> + /usr/bin/install -m 0644 /usr/share/lighttpd/index.html "$initdir/var/www/html/index.html"
>> + touch "$moddir"/error.log
>> + /usr/bin/install -m 0644 "$moddir"/error.log "$initdir/var/log/lighttpd/error.log"
>> + chown -R www-data:www-data "$initdir/var/log/lighttpd/"
>> + inst_simple "${moddir}/lighttpd.conf" /etc/lighttpd/lighttpd.conf
>> + inst_sysusers lighttpd.conf
>> + systemctl -q --root "$initdir" enable lighttpd
>
> This is a rather complex example. I'm still wondering what of all these
> will repeat often enough to maybe simplify the install() functions
> people will need to write (or not?) for their modules.
>
> Did you already try to convert some of the isar-cip-core hooks? Those
> basically made me create initramfs-hook/hook.inc in the end.
I haven't start yet. But I should start now the get the hook in a better
shape.>
>> +}
>> diff --git a/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.conf b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.conf
>> new file mode 100644
>> index 00000000..3a1bb351
>> --- /dev/null
>> +++ b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.conf
>> @@ -0,0 +1,52 @@
>> +server.modules = (
>> + "mod_indexfile",
>> + "mod_access",
>> + "mod_alias",
>> + "mod_redirect",
>> +)
>> +
>> +server.document-root = "/var/www/html"
>> +server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
>> +server.errorlog = "/var/log/lighttpd/error.log"
>> +server.pid-file = "/run/lighttpd.pid"
>> +server.username = "www-data"
>> +server.groupname = "www-data"
>> +server.port = 80
>> +
>> +# features
>> +#https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_feature-flagsDetails
>> +server.feature-flags += ("server.h2proto" => "enable")
>> +server.feature-flags += ("server.h2c" => "enable")
>> +server.feature-flags += ("server.graceful-shutdown-timeout" => 5)
>> +#server.feature-flags += ("server.graceful-restart-bg" => "enable")
>> +
>> +# strict parsing and normalization of URL for consistency and security
>> +# https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
>> +# (might need to explicitly set "url-path-2f-decode" = "disable"
>> +# if a specific application is encoding URLs inside url-path)
>> +server.http-parseopts = (
>> + "header-strict" => "enable",# default
>> + "host-strict" => "enable",# default
>> + "host-normalize" => "enable",# default
>> + "url-normalize-unreserved"=> "enable",# recommended highly
>> + "url-normalize-required" => "enable",# recommended
>> + "url-ctrls-reject" => "enable",# recommended
>> + "url-path-2f-decode" => "enable",# recommended highly (unless breaks app)
>> + #"url-path-2f-reject" => "enable",
>> + "url-path-dotseg-remove" => "enable",# recommended highly (unless breaks app)
>> + #"url-path-dotseg-reject" => "enable",
>> + #"url-query-20-plus" => "enable",# consistency in query string
>> +)
>> +
>> +index-file.names = ( "index.php", "index.html" )
>> +url.access-deny = ( "~", ".inc" )
>> +static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
>> +
>> +# default listening port for IPv6 falls back to the IPv4 port
>> +include "/etc/lighttpd/conf-enabled/*.conf"
>> +
>> +#server.compat-module-load = "disable"
>> +server.modules += (
>> + "mod_dirlisting",
>> + "mod_staticfile",
>> +)
>> diff --git a/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.service b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.service
>> new file mode 100644
>> index 00000000..da8c9033
>> --- /dev/null
>> +++ b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.service
>> @@ -0,0 +1,13 @@
>> +[Unit]
>> +Description=Lighttpd Daemon
>> +DefaultDependencies=no
>> +
>> +[Service]
>> +Type=simple
>> +PIDFile=/run/lighttpd.pid
>> +ExecStartPre=/usr/sbin/lighttpd -tt -f /etc/lighttpd/lighttpd.conf
>> +ExecStart=/usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
>> +ExecReload=/bin/kill -USR1 $MAINPID
>> +Restart=on-failure
>> +[Install]
>> +WantedBy=sysinit.target
>> diff --git a/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/sysuser-lighttpd.conf b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/sysuser-lighttpd.conf
>> new file mode 100644
>> index 00000000..6507ccf3
>> --- /dev/null
>> +++ b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/sysuser-lighttpd.conf
>> @@ -0,0 +1,3 @@
>> +g www-data - -
>> +u www-data - - /var/www /usr/sbin/nologin
>> +
>> diff --git a/meta-isar/recipes-initramfs/images/isar-dracut.bb b/meta-isar/recipes-initramfs/images/isar-dracut.bb
>> index 226fdeaa..95739b12 100644
>> --- a/meta-isar/recipes-initramfs/images/isar-dracut.bb
>> +++ b/meta-isar/recipes-initramfs/images/isar-dracut.bb
>> @@ -14,4 +14,7 @@ INITRAMFS_PREINSTALL += " \
>>
>> # Recipes that should be installed into the initramfs build rootfs.
>> INITRAMFS_INSTALL += " \
>> + dracut-example-lighttpd \
>> "
>> +
>> +DRACUT_EXTRA_MODULES += "example-lighttpd"
>
> We cannot derive a package name from the module name, right? Packages
> might be named differently or have multiple modules included?
Mhm, I look into it but the problem is already in debian that the module
name does not follow the pacakge name. We could add the convention to Isar:
- the package name must be `dracut-<module-name>`
Quirin>
> Jan
>
--
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/7f8ff202-bb50-42c5-9d8c-789cd88fb33b%40siemens.com.
next prev parent reply other threads:[~2025-10-23 8:19 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-22 15:06 [PATCH v4 00/10] Add support for dracut 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 01/10] add dracut to custom kernel builds 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 02/10] rootfs: Allow to overwrite the initramfs generation cmds 'Quirin Gylstorff' via isar-users
2025-10-22 15:44 ` 'Jan Kiszka' via isar-users
2025-10-22 15:53 ` 'cedric.hombourger@siemens.com' via isar-users
2025-10-22 15:56 ` 'Jan Kiszka' via isar-users
2025-10-23 8:00 ` 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 03/10] rootfs Add dracut to initramfs generator 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 04/10] initramfs: allow to set the generator command 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 05/10] Add class to generate custom dracut initramfs 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 06/10] rootfs: add flag to use dracut if it is not part of the package list 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 07/10] Add example dracut initramfs 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 08/10] Add dracut module helper 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 09/10] Use lighttpd as a example how to add a dracut module 'Quirin Gylstorff' via isar-users
2025-10-22 16:08 ` 'Jan Kiszka' via isar-users
2025-10-23 8:19 ` 'Quirin Gylstorff' via isar-users [this message]
2025-10-22 15:07 ` [PATCH v4 10/10] user_manual: Add dracut for initramfs generation 'Quirin Gylstorff' via isar-users
2025-10-22 15:58 ` [PATCH v4 00/10] Add support for dracut 'Jan Kiszka' via isar-users
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7f8ff202-bb50-42c5-9d8c-789cd88fb33b@siemens.com \
--to=isar-users@googlegroups.com \
--cc=cedric.hombourger@siemens.com \
--cc=felix.moessbauer@siemens.com \
--cc=jan.kiszka@siemens.com \
--cc=quirin.gylstorff@siemens.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox