diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d4f588e --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +artifacts/ diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..87e630e --- /dev/null +++ b/Dockerfile @@ -0,0 +1,11 @@ +FROM ubuntu:18.04 + +ENV IS_IN_CONTAINER 1 + +RUN apt-get update \ + && apt-get -qy install git python3 wget ca-certificates \ + && mkdir -p /build/source + +COPY . /source/WireGuard + +ENTRYPOINT exec /source/WireGuard/build.sh diff --git a/README.rst b/README.rst index c893f29..30451cc 100644 --- a/README.rst +++ b/README.rst @@ -25,7 +25,7 @@ DS213j armada370 *N/A* No (Kernel version too old) DS218j armada38x 6.2 Yes ====== ========= =========== =========================== -The minimun required kernel version is 3.10. If you have a kernel version lower +The minimum required kernel version is 3.10. If you have a kernel version lower than that, WireGuard will not work. You can check your kernel version by logging in through SSH and running the ``uname -a`` command. @@ -53,49 +53,34 @@ runs ``wg-quick up wg0`` on startup. Compiling --------- -I've used docker to compile everything as ``pkgscripts-ng`` clutters the file -system quite a bit. Start by setting up a new docker container and enter a bash -prompt inside it: +I've used docker to compile everything, as ``pkgscripts-ng`` clutters the file +system quite a bit. First create a docker image by running the following +command in this repository: .. code-block:: bash - sudo docker create -it --privileged --name synobuild ubuntu - sudo docker start synobuild - sudo docker exec -it synobuild bash + sudo docker build -t synobuild . -Now we can setup the build toolchain inside the Docker container: +Now we can build for any platform and DSM version using: .. code-block:: bash - apt-get update - apt-get install git python3 wget ca-certificates - git clone https://github.com/SynologyOpenSource/pkgscripts-ng - mkdir source - git clone https://github.com/runfalk/synology-wireguard /source/WireGuard + sudo docker run --rm --privileged --env PACKAGE_ARCH= --env DSM_VER= -v $(pwd)/artifacts:/result_spk synobuild -The next step is figuring out which platform and DSM version to compile for. -Using `this table `_ -you can figure out how the next command should look like. In my case it's: +You should replace ```` with your NAS's package arch. Using +`this table `_ +you can figure out which one to use. Note that the package arch must be +lowercase. ```` should be replaced with the version of DSM you are +compiling for. + +For the DS218j that I have, the complete command looks like this: .. code-block:: bash - pkgscripts-ng/EnvDeploy -p armada38x -v 6.2 - cp /etc/ssl/certs/ca-certificates.crt /build_env/*/etc/ssl/certs/ + sudo docker run --rm --privileged --env PACKAGE_ARCH=armada38x --env DSM_VER=6.2 -v $(pwd)/artifacts:/result_spk synobuild -The second command is very important, or the package build will fail on SSL -errors. Now we can build an SPK package: - -.. code-block:: bash - - pkgscripts-ng/PkgCreate.py -p armada38x -v 6.2 -S --build-opt=-J --print-log -c WireGuard - -There should now be an SPK in ``/result_spk``. You can now exit the docker -container and extract the SPKs: - -.. code-block:: bash - - sudo docker cp synobuild:/result_spk/WireGuard-0.0.20190227/WireGuard-armada38x-0.0.20190227.spk . - sudo docker cp synobuild:/result_spk/WireGuard-0.0.20190227/WireGuard-armada38x-0.0.20190227_debug.spk . +If everything worked you should have a directory called ``artifacts`` that +contains your SPK files. Credits @@ -103,5 +88,5 @@ Credits I based a lot of this work on `this guide `_ by Reddit user `akhener `_. However, I had -to modify their instructions a lot since my NAS has an ARM which made cross +to modify their instructions a lot since my NAS has an ARM CPU which made cross compilation a lot trickier. diff --git a/build.sh b/build.sh new file mode 100755 index 0000000..05fc2c2 --- /dev/null +++ b/build.sh @@ -0,0 +1,72 @@ +#!/bin/bash +if [ -z ${IS_IN_CONTAINER+x} ]; then + echo "This script expect to be run inside a docker container" 1>&2 + exit 1 +fi + +if [ -z ${PACKAGE_ARCH+x} ]; then + echo "PACKAGE_ARCH is undefined. Please find and set you package arch:" 1>&2 + echo "https://www.synology.com/en-global/knowledgebase/DSM/tutorial/Compatibility_Peripherals/What_kind_of_CPU_does_my_NAS_have" 1>&2 + exit 2 +fi + +if [ -z ${DSM_VER+x} ]; then + echo "DSM_VER is undefined. This should a version number like 6.2" 1>&2 + exit 3 +fi + +# Ensure that we are working directly in the root file system. Though this +# should always be the case in containers. +cd / + +# Make the script quit if there are errors +set -e + +# Fetch Synology toolchain +if [ ! -d /pkgscripts-ng ]; then + git clone https://github.com/SynologyOpenSource/pkgscripts-ng +fi + +# Install the toolchain for the given package arch and DSM version +build_env="/build_env/ds.$PACKAGE_ARCH-$DSM_VER" +if [ ! -d "$build_env" ]; then + pkgscripts-ng/EnvDeploy -p $PACKAGE_ARCH -v $DSM_VER + + # Ensure the installed toolchain has support for CA signed certificates. + # Without this wget on https:// will fail + cp /etc/ssl/certs/ca-certificates.crt "$build_env/etc/ssl/certs/" +fi + +# Disable quit if errors to allow printing of logfiles +set +e + +# Build packages +# -p package arch +# -v DSM version +# -S no signing +# --build-opt=-J prevent parallel building (required) +# --print-log save build logs +# -c WireGuard project path in /source +pkgscripts-ng/PkgCreate.py \ + -p $PACKAGE_ARCH \ + -v $DSM_VER \ + -S \ + --build-opt=-J \ + --print-log \ + -c WireGuard + +# Save package builder exit code. This allows us to print the logfiles and give +# a non-zero exit code on errors. +pkg_status=$? + +echo "Build log" +echo "=========" +cat "$build_env/logs.build" +echo + +echo "Install log" +echo "===========" +cat "$build_env/logs.install" +echo + +exit $pkg_status