From: "'Jan Kiszka' via isar-users" <isar-users@googlegroups.com>
To: Quirin Gylstorff <Quirin.Gylstorff@siemens.com>,
isar-users@googlegroups.com, cedric.hombourger@siemens.com,
felix.moessbauer@siemens.com
Subject: Re: [PATCH v4 09/10] Use lighttpd as a example how to add a dracut module
Date: Wed, 22 Oct 2025 18:08:28 +0200 [thread overview]
Message-ID: <8bc68db3-1294-412e-b8d2-f3b5b648b41f@siemens.com> (raw)
In-Reply-To: <20251022150737.3639891-10-Quirin.Gylstorff@siemens.com>
On 22.10.25 17:06, Quirin Gylstorff wrote:
> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
>
Some words about what we will get? An initramfs that runs a tiny
webserver, right?
> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> ---
> .../dracut-example-lighttpd_0.1.bb | 26 ++++++++++
> .../dracut-example-lighttpd/files/install.sh | 21 ++++++++
> .../files/lighttpd.conf | 52 +++++++++++++++++++
> .../files/lighttpd.service | 13 +++++
> .../files/sysuser-lighttpd.conf | 3 ++
> .../recipes-initramfs/images/isar-dracut.bb | 3 ++
> 6 files changed, 118 insertions(+)
> create mode 100644 meta-isar/recipes-initramfs/dracut-example-lighttpd/dracut-example-lighttpd_0.1.bb
> create mode 100644 meta-isar/recipes-initramfs/dracut-example-lighttpd/files/install.sh
> create mode 100644 meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.conf
> create mode 100644 meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.service
> create mode 100644 meta-isar/recipes-initramfs/dracut-example-lighttpd/files/sysuser-lighttpd.conf
>
> diff --git a/meta-isar/recipes-initramfs/dracut-example-lighttpd/dracut-example-lighttpd_0.1.bb b/meta-isar/recipes-initramfs/dracut-example-lighttpd/dracut-example-lighttpd_0.1.bb
> new file mode 100644
> index 00000000..7895e689
> --- /dev/null
> +++ b/meta-isar/recipes-initramfs/dracut-example-lighttpd/dracut-example-lighttpd_0.1.bb
> @@ -0,0 +1,26 @@
> +#
> +# Copyright (c) Siemens AG, 2025
> +#
> +# Authors:
> +# Quirin Gylstorff <quirin.gylstorff@siemens.com>
> +#
> +# SPDX-License-Identifier: MIT
> +#
> +require recipes-initramfs/dracut-module/dracut-module.inc
> +
> +DEBIAN_DEPENDS:append = ",lighttpd"
> +SRC_URI += "file://install.sh \
> + file://lighttpd.conf \
> + file://lighttpd.service \
> + file://sysuser-lighttpd.conf \
> + "
> +DRACUT_REQUIRED_BINARIES = "lighttpd"
> +DRACUT_MODULE_DEPENDENCIES = "systemd-network-management"
> +
> +do_install[cleandirs] += "${D}/usr/lib/sysusers.d/"
> +do_install:append() {
> + install -m 666 ${WORKDIR}/lighttpd.conf ${DRACUT_MODULE_PATH}
> + install -m 666 ${WORKDIR}/lighttpd.service ${DRACUT_MODULE_PATH}
> + install -m 666 ${WORKDIR}/sysuser-lighttpd.conf ${D}/usr/lib/sysusers.d/lighttpd.conf
But this config file is not for the dracut building rootfs, it's for the
initramfs, right? Is that installation location a good idea then?
> +}
> +
> diff --git a/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/install.sh b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/install.sh
> new file mode 100644
> index 00000000..e7e50ad4
> --- /dev/null
> +++ b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/install.sh
> @@ -0,0 +1,21 @@
> +install() {
> + inst_binary /usr/sbin/lighttpd
> + inst_binary /usr/sbin/lighttpd-angel
> + inst_binary /usr/sbin/lighttpd-disable-mod
> + inst_binary /usr/sbin/lighttpd-enable-mod
Can't we generate that? Like HOOK_COPY_EXECS?
> + inst_multiple -o /usr/lib/lighttpd/*.so
> + inst_multiple -o /usr/share/lighttpd/*
> + inst_simple "${moddir}/lighttpd.service" "$systemdsystemunitdir/lighttpd.service"
> + mkdir -p -m 0700 "$initdir/etc/lighttpd/"
> + mkdir -p -m 0700 "$initdir/var/cache/lighttpd/compress"
> + mkdir -p -m 0700 "$initdir/var/cache/lighttpd/uploads"
> + mkdir -p -m 0700 "$initdir/var/log/lighttpd/"
> + mkdir -p -m 0755 "$initdir/var/www/html"
> + /usr/bin/install -m 0644 /usr/share/lighttpd/index.html "$initdir/var/www/html/index.html"
> + touch "$moddir"/error.log
> + /usr/bin/install -m 0644 "$moddir"/error.log "$initdir/var/log/lighttpd/error.log"
> + chown -R www-data:www-data "$initdir/var/log/lighttpd/"
> + inst_simple "${moddir}/lighttpd.conf" /etc/lighttpd/lighttpd.conf
> + inst_sysusers lighttpd.conf
> + systemctl -q --root "$initdir" enable lighttpd
This is a rather complex example. I'm still wondering what of all these
will repeat often enough to maybe simplify the install() functions
people will need to write (or not?) for their modules.
Did you already try to convert some of the isar-cip-core hooks? Those
basically made me create initramfs-hook/hook.inc in the end.
> +}
> diff --git a/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.conf b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.conf
> new file mode 100644
> index 00000000..3a1bb351
> --- /dev/null
> +++ b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.conf
> @@ -0,0 +1,52 @@
> +server.modules = (
> + "mod_indexfile",
> + "mod_access",
> + "mod_alias",
> + "mod_redirect",
> +)
> +
> +server.document-root = "/var/www/html"
> +server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
> +server.errorlog = "/var/log/lighttpd/error.log"
> +server.pid-file = "/run/lighttpd.pid"
> +server.username = "www-data"
> +server.groupname = "www-data"
> +server.port = 80
> +
> +# features
> +#https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_feature-flagsDetails
> +server.feature-flags += ("server.h2proto" => "enable")
> +server.feature-flags += ("server.h2c" => "enable")
> +server.feature-flags += ("server.graceful-shutdown-timeout" => 5)
> +#server.feature-flags += ("server.graceful-restart-bg" => "enable")
> +
> +# strict parsing and normalization of URL for consistency and security
> +# https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
> +# (might need to explicitly set "url-path-2f-decode" = "disable"
> +# if a specific application is encoding URLs inside url-path)
> +server.http-parseopts = (
> + "header-strict" => "enable",# default
> + "host-strict" => "enable",# default
> + "host-normalize" => "enable",# default
> + "url-normalize-unreserved"=> "enable",# recommended highly
> + "url-normalize-required" => "enable",# recommended
> + "url-ctrls-reject" => "enable",# recommended
> + "url-path-2f-decode" => "enable",# recommended highly (unless breaks app)
> + #"url-path-2f-reject" => "enable",
> + "url-path-dotseg-remove" => "enable",# recommended highly (unless breaks app)
> + #"url-path-dotseg-reject" => "enable",
> + #"url-query-20-plus" => "enable",# consistency in query string
> +)
> +
> +index-file.names = ( "index.php", "index.html" )
> +url.access-deny = ( "~", ".inc" )
> +static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
> +
> +# default listening port for IPv6 falls back to the IPv4 port
> +include "/etc/lighttpd/conf-enabled/*.conf"
> +
> +#server.compat-module-load = "disable"
> +server.modules += (
> + "mod_dirlisting",
> + "mod_staticfile",
> +)
> diff --git a/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.service b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.service
> new file mode 100644
> index 00000000..da8c9033
> --- /dev/null
> +++ b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/lighttpd.service
> @@ -0,0 +1,13 @@
> +[Unit]
> +Description=Lighttpd Daemon
> +DefaultDependencies=no
> +
> +[Service]
> +Type=simple
> +PIDFile=/run/lighttpd.pid
> +ExecStartPre=/usr/sbin/lighttpd -tt -f /etc/lighttpd/lighttpd.conf
> +ExecStart=/usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
> +ExecReload=/bin/kill -USR1 $MAINPID
> +Restart=on-failure
> +[Install]
> +WantedBy=sysinit.target
> diff --git a/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/sysuser-lighttpd.conf b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/sysuser-lighttpd.conf
> new file mode 100644
> index 00000000..6507ccf3
> --- /dev/null
> +++ b/meta-isar/recipes-initramfs/dracut-example-lighttpd/files/sysuser-lighttpd.conf
> @@ -0,0 +1,3 @@
> +g www-data - -
> +u www-data - - /var/www /usr/sbin/nologin
> +
> diff --git a/meta-isar/recipes-initramfs/images/isar-dracut.bb b/meta-isar/recipes-initramfs/images/isar-dracut.bb
> index 226fdeaa..95739b12 100644
> --- a/meta-isar/recipes-initramfs/images/isar-dracut.bb
> +++ b/meta-isar/recipes-initramfs/images/isar-dracut.bb
> @@ -14,4 +14,7 @@ INITRAMFS_PREINSTALL += " \
>
> # Recipes that should be installed into the initramfs build rootfs.
> INITRAMFS_INSTALL += " \
> + dracut-example-lighttpd \
> "
> +
> +DRACUT_EXTRA_MODULES += "example-lighttpd"
We cannot derive a package name from the module name, right? Packages
might be named differently or have multiple modules included?
Jan
--
Siemens AG, Foundational Technologies
Linux Expert Center
--
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/8bc68db3-1294-412e-b8d2-f3b5b648b41f%40siemens.com.
next prev parent reply other threads:[~2025-10-22 16:08 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-22 15:06 [PATCH v4 00/10] Add support for dracut 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 01/10] add dracut to custom kernel builds 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 02/10] rootfs: Allow to overwrite the initramfs generation cmds 'Quirin Gylstorff' via isar-users
2025-10-22 15:44 ` 'Jan Kiszka' via isar-users
2025-10-22 15:53 ` 'cedric.hombourger@siemens.com' via isar-users
2025-10-22 15:56 ` 'Jan Kiszka' via isar-users
2025-10-23 8:00 ` 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 03/10] rootfs Add dracut to initramfs generator 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 04/10] initramfs: allow to set the generator command 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 05/10] Add class to generate custom dracut initramfs 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 06/10] rootfs: add flag to use dracut if it is not part of the package list 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 07/10] Add example dracut initramfs 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 08/10] Add dracut module helper 'Quirin Gylstorff' via isar-users
2025-10-22 15:06 ` [PATCH v4 09/10] Use lighttpd as a example how to add a dracut module 'Quirin Gylstorff' via isar-users
2025-10-22 16:08 ` 'Jan Kiszka' via isar-users [this message]
2025-10-23 8:19 ` 'Quirin Gylstorff' via isar-users
2025-10-22 15:07 ` [PATCH v4 10/10] user_manual: Add dracut for initramfs generation 'Quirin Gylstorff' via isar-users
2025-10-22 15:58 ` [PATCH v4 00/10] Add support for dracut 'Jan Kiszka' via isar-users
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8bc68db3-1294-412e-b8d2-f3b5b648b41f@siemens.com \
--to=isar-users@googlegroups.com \
--cc=Quirin.Gylstorff@siemens.com \
--cc=cedric.hombourger@siemens.com \
--cc=felix.moessbauer@siemens.com \
--cc=jan.kiszka@siemens.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox