feat: Asahi Linux provisioning for Apple Silicon #10

Merged

michal merged 7 commits from feat/asahi-provisioning into main 2026-03-31 23:30:42 +00:00

Conversation 0 Commits 7 Files Changed 25 +1935 -11

michal commented 2026-03-31 01:46:47 +00:00

Owner

Copy Link

Summary

• Add bastion endpoints for provisioning Apple Silicon machines (Mac Studio) via the Asahi Linux installer
• GET /asahi — wrapper script that runs Asahi installer with custom installer_data.json pointing to bastion
• GET /asahi/installer_data.json — custom partition layout: 60GB root (no expand) + expanding LVM data partition
• GET /asahi/firstboot.sh — first-boot LVM setup script matching our kickstart layout (swap 27GB, var 100GB, varlog 10GB, home 10GB, srv 20GB, rancher 20GB, longhorn fills remaining)
• Handles reprovision: detects existing labvg and re-mounts instead of recreating
• 19 new tests covering routes + script generation for all roles

Next steps

• Build custom rootfs pipeline (inject firstboot script into Fedora Asahi Remix rootfs)
• Integration test with aarch64 QEMU VM
• Test on real Mac Studio hardware

Test plan

• 225 tests pass (19 new + 206 existing)
• Script generation verified for infra/worker/vanilla roles
• All routes return correct content types and data

🤖 Generated with Claude Code

## Summary - Add bastion endpoints for provisioning Apple Silicon machines (Mac Studio) via the Asahi Linux installer - `GET /asahi` — wrapper script that runs Asahi installer with custom `installer_data.json` pointing to bastion - `GET /asahi/installer_data.json` — custom partition layout: 60GB root (no expand) + expanding LVM data partition - `GET /asahi/firstboot.sh` — first-boot LVM setup script matching our kickstart layout (swap 27GB, var 100GB, varlog 10GB, home 10GB, srv 20GB, rancher 20GB, longhorn fills remaining) - Handles reprovision: detects existing `labvg` and re-mounts instead of recreating - 19 new tests covering routes + script generation for all roles ## Next steps - [ ] Build custom rootfs pipeline (inject firstboot script into Fedora Asahi Remix rootfs) - [ ] Integration test with aarch64 QEMU VM - [ ] Test on real Mac Studio hardware ## Test plan - [x] 225 tests pass (19 new + 206 existing) - [x] Script generation verified for infra/worker/vanilla roles - [x] All routes return correct content types and data 🤖 Generated with [Claude Code](https://claude.com/claude-code)

michal added 1 commit 2026-03-31 01:46:48 +00:00

feat: Asahi Linux provisioning for Apple Silicon (Mac Studio) ... 863c7f2b83

Add bastion endpoints for provisioning Apple Silicon machines via the
Asahi Linux installer with custom LVM partitioning:

- GET /asahi — wrapper script (curl bastion:8080/asahi | sh)
- GET /asahi/installer_data.json — custom partition layout (60GB root + LVM data)
- GET /asahi/firstboot.sh — first-boot LVM setup matching kickstart layout
- GET /asahi/firstboot.service — systemd oneshot unit

The firstboot script creates labvg with role-specific LVs (var, varlog,
home, srv, rancher, longhorn) and handles reprovision by detecting
existing VGs. Includes 19 new tests.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

michal added 1 commit 2026-03-31 02:07:45 +00:00

test: integration test for Asahi firstboot LVM setup ... 53265bb18c

VM-based end-to-end test using Fedora cloud image with two disks:
root (20GB) + data (200GB). Verifies the firstboot script creates
labvg with correct LV sizes, mounts volumes, migrates /home content,
sets hostname, creates admin user, and handles reprovision.

Fixes to firstboot script:
- Detect whole disks (not just partitions) for LVM PV
- Handle btrfs subvolume paths in root device detection
- Copy /home content before mounting LV (preserves SSH keys)
- Don't restart sshd (config takes effect on reboot)
- Make swapon and mount operations resilient to failures

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

michal added 1 commit 2026-03-31 02:20:14 +00:00

feat: Asahi rootfs build pipeline + serve from bastion ... 6807632d46

- Add scripts/build-asahi-rootfs.sh: downloads upstream Fedora Asahi
  Remix Server, injects lab firstboot script + systemd service + SSH
  keys, repackages with installer_data.json that adds LVM Data partition
- Bastion serves built artifacts at /asahi/repo/* via fastify-static
- installer_data.json prefers built config, falls back to minimal
- Fix __dirname crash in ESM module (use import.meta.url)
- Fix smoke test timeout (was crashing due to __dirname)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

michal added 1 commit 2026-03-31 02:26:28 +00:00

fix: rootfs build script — mkdir before write, fix package path checks ... ad76c74020

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

michal added 1 commit 2026-03-31 12:22:26 +00:00

feat: Asahi validation tests, rootfs build fixes, shellcheck-clean scripts ... a8dc79bc5a

- Add 16 validation tests: shellcheck (3 roles), installer_data.json
  schema (8), Python parser validation, ZIP structure (3), rootfs mount
- Fix empty SSH keys generating invalid bash (SC1073)
- Fix __dirname crash in ESM modules (use import.meta.url)
- Fix rootfs build: mkdir -p before writing, correct binary paths
- Add .gitignore for large build artifacts (.asahi-cache, *.zip)
- Bump smoke test timeout for additional static plugin registration

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

michal added 1 commit 2026-03-31 22:32:41 +00:00

feat: iSCSI, Longhorn disk labels, labctl asahi command, ZIP32 fix ... bb8f37ef7d

k3s host prep:
- Add iSCSI initiator install+enable (Fedora: iscsi-initiator-utils,
  Ubuntu: open-iscsi) — required by Longhorn
- Add Longhorn disk label to k3s server+agent configs
- Add Longhorn disk annotation operation in post-install hardening

CLI:
- Add `labctl provision asahi` command with interactive install guide
- Change default SSH user from "michal" to "lab" in all commands
- Change admin user in bastion progress callback to "lab"

Asahi provisioning fixes:
- Download installer_data.json locally (installer reads it as file)
- Use REPO_BASE to serve upstream ZIP from bastion (LAN speed)
- Fix ZIP32 vs ZIP64: serve original upstream ZIP unmodified
  (our repackaged ZIP used ZIP64 which breaks Asahi urlcache)
- Add /data/asahi-repo fallback path for k3s container PVC mount
- Deploy script syncs asahi-repo to bastion pod after deployment

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

michal added 1 commit 2026-03-31 23:30:31 +00:00

fix: pre-download rootfs ZIP to avoid macOS Python HTTP streaming issues ... 17bae7ddbf

The Asahi installer's urlcache.py fails with AssertionError on macOS
when streaming ZIP via HTTP Range requests from Fastify. Fix: download
the ZIP with curl first (reliable on macOS), then set REPO_BASE to the
local directory so the installer opens it as a local file.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

michal merged commit 8c737d163d into main 2026-03-31 23:30:42 +00:00

michal referenced this issue from a commit 2026-03-31 23:30:44 +00:00

Merge pull request 'feat: Asahi Linux provisioning for Apple Silicon' (#10) from feat/asahi-provisioning into main

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

michal

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: michal/lab#10