openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
11f9d80b25cefe523bc350313a55673c93c4f5d0
tqma6-yocto-mirror/docs/04-deployment/corporate-network-deployment.md
Siggi (OpenClaw Agent) 11f9d80b25 fix: correct versions, remove non-existent packages from docs 
Verified all documents against actual CSV data:
- license-summary.md: fix u-boot 2023.10->2023.04, linux-yocto->linux-tq 6.6.102
- license-summary.md: remove systemd, imx-gpu-viv, imx-vpu (not in spaetzle build)
- license-summary.md: add actual versions from bitbake -e extraction
- corporate-network-deployment.md: add ACCEPT_FSL_EULA=1 (was missing)
- README.md: align apt packages with verified step-by-step guide
2026-03-01 21:40:57 +00:00

6.7 KiB
Raw Blame History

Corporate Network Deployment Guide (Air-Gap)

Document ID: DEPLOY-CORP-001-REV2
Date: 2026-03-01
Build Name: UT (Universität/Projekt)
Target: TQMa6UL on MBa6ULx
Environment: Air-gapped corporate network

Overview

This guide describes deployment of the UT Yocto mirror in an air-gapped corporate network. The corporate system has no internet access and requires complete offline build capability.

Prerequisites:

  • Software approval documentation received
  • UT-mirror-package.tar.gz transferred securely
  • Checksum verified
  • Ubuntu 22.04 system ready (can use local Ubuntu mirror for apt)

Pre-Deployment Checklist

  • Software approval granted
  • Mirror archive transferred to corporate network
  • SHA256 checksum verified: sha256sum -c *.sha256
  • Sufficient disk space (200GB+)
  • Ubuntu 22.04 installed (can use local apt mirror)
  • User has sudo privileges
  • Target directory /opt/UT-yocto approved by IT

Step 1: Extract Mirror Archive

# Create base directory
export UT_BASE=/opt/UT-yocto
sudo mkdir -p ${UT_BASE}
sudo chown $(whoami):$(whoami) ${UT_BASE}

# Extract mirror archive
cd ${UT_BASE}
tar xzf /path/to/transfer/UT-tqma6ul-yocto-scarthgap-*.tar.gz

# Verify structure
ls -la UT-mirror-package/
# Should show: sources/, premirror/, downloads/, licenses/, configs/

Step 2: Install Build Dependencies

From corporate Ubuntu mirror (or pre-approved packages):

sudo apt update
sudo apt install -y \
    git python3 jq bash grep gawk wget diffstat \
    chrpath cpio texinfo gcc g++ make file tar \
    bzip2 gzip xz-utils zstd lz4 patch perl \
    python3-pexpect socat unzip rsync bc \
    libsdl1.2-dev xterm

# Locale setup
sudo locale-gen en_US.UTF-8
sudo update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
export LANG=en_US.UTF-8

Step 3: Setup Mirror Directories

# Create system mirror directories
sudo mkdir -p /srv/yocto/{premirror,downloads,sstate-cache}
sudo chown -R $(whoami):$(whoami) /srv/yocto

# Copy mirror contents
cd ${UT_BASE}/UT-mirror-package

# Copy premirror (git repos and tarballs)
cp -r premirror/* /srv/yocto/premirror/

# Copy downloads
cp -r downloads/* /srv/yocto/downloads/

# SState cache (optional, speeds up rebuilds)
cp -r sstate-cache/* /srv/yocto/sstate-cache/ 2>/dev/null || true

Step 4: Configure Site Configuration

Create ~/.yocto/site.conf for air-gap:

mkdir -p ~/.yocto

cat > ~/.yocto/site.conf <<'EOF'
# UT Project - Air-Gap Configuration
# Build: UT
# Target: TQMa6UL
# Date: 2026-03-01

# Mirror directories (local filesystem)
DL_DIR = "/srv/yocto/downloads"
SSTATE_DIR = "/srv/yocto/sstate-cache"

# Air-gap settings
BB_NO_NETWORK = "1"
BB_FETCH_PREMIRRORONLY = "1"

# Premirror configuration (local files only)
SOURCE_MIRROR_URL = "file:///srv/yocto/premirror/"
INHERIT += "own-mirrors"

PREMIRRORS:prepend = " \
    git://.*/.* file:///srv/yocto/premirror/ \n \
    ftp://.*/.* file:///srv/yocto/premirror/ \n \
    http://.*/.* file:///srv/yocto/premirror/ \n \
    https://.*/.* file:///srv/yocto/premirror/ \n \
"

# Parallelism (adjust to hardware)
BB_NUMBER_THREADS ?= "8"
PARALLEL_MAKE ?= "-j8"

# License compliance
COPY_LIC_MANIFEST = "1"
COPY_LIC_DIRS = "1"
INHERIT += "archiver"
ARCHIVER_MODE[src] = "original"
EOF

Step 5: Initialize Build Environment

cd ${UT_BASE}/UT-mirror-package/sources/ci-meta-tq

# Verify submodules are present
ls -la sources/

# Set machine for TQMa6UL
export ACCEPT_FSL_EULA=1
export MACHINE=tqma6ul-multi-mba6ulx

# Initialize build (creates build_ut)
. ./setup-environment build_ut mainline

# Verify configuration
bitbake -e | grep "^MACHINE="
# Should show: MACHINE="tqma6ul-multi-mba6ulx"

Step 6: Verify Air-Gap Build

6.1 Test Offline Build

# Ensure we're in build environment
cd ${UT_BASE}/UT-mirror-package/sources/ci-meta-tq
export ACCEPT_FSL_EULA=1
export MACHINE=tqma6ul-multi-mba6ulx
. ./setup-environment build_ut mainline

# Verify no network access is attempted
export BB_NO_NETWORK=1

# Start build (should complete without network)
bitbake tq-image-small-debug

Expected: Build completes using only local premirror sources.

6.2 Verify 2038 Compliance

# Check time_t size
echo '#include <time.h>' | \
    ${WORKDIR}/recipe-sysroot-native/usr/bin/arm-poky-linux-gnueabi-gcc -x c - -dM -E | \
    grep TIME_BITS
# Expected: #define __TIME_BITS 64

# Check kernel config
bitbake -e virtual/kernel | grep CONFIG_COMPAT_32BIT_TIME
# Expected: CONFIG_COMPAT_32BIT_TIME=y

Step 7: Development Workflow

Daily Build Commands

# Enter build environment
cd ${UT_BASE}/UT-mirror-package/sources/ci-meta-tq
export ACCEPT_FSL_EULA=1
export MACHINE=tqma6ul-multi-mba6ulx
. ./setup-environment build_ut mainline

# Build target image
bitbake tq-image-small-debug

# Deploy to target (SD card)
# See TQ documentation for deployment methods

SDK Generation (for Application Development)

# Generate SDK for application developers
bitbake tq-image-small-debug -c populate_sdk

# Install SDK
${UT_BASE}/UT-mirror-package/sources/ci-meta-tq/build_ut/tmp/deploy/sdk/*.sh

# Source SDK in new terminal
source /opt/poky/.../environment-setup-arm-poky-linux-gnueabi

Build Verification Checklist

  • Air-gap build completes without network errors
  • Image boots on TQMa6UL hardware
  • 2038 compliance verified (64-bit time_t)
  • License manifest generated
  • All proprietary components reviewed
  • SDK functional for application development

Troubleshooting

Issue: "Failed to fetch" errors

Cause: BitBake trying to access network

Solution:

# Verify settings
grep BB_NO_NETWORK ~/.yocto/site.conf
grep SOURCE_MIRROR_URL ~/.yocto/site.conf

# Should show:
# BB_NO_NETWORK = "1"
# SOURCE_MIRROR_URL = "file:///srv/yocto/premirror/"

Issue: Missing files in premirror

Cause: Incomplete transfer

Solution:

# Re-verify checksum on source system
# Re-transfer missing files

Issue: Permission denied

Solution:

sudo chown -R $(whoami):$(whoami) /opt/UT-yocto /srv/yocto

Security & Compliance

  1. No Network Access: Build verified to complete offline
  2. Source Audit: All sources archived and traceable
  3. License Compliance: License manifest generated per build
  4. User Permissions: Build as regular user, not root

Support & Documentation

  • TQ BSP Documentation: Included in sources/meta-tq/
  • Yocto Manuals: Included in sources/poky/documentation/
  • License Info: build_ut/tmp/deploy/licenses/

Document Version: 2.0
Author: Siggi ⚙️
Build: UT
Last Updated: 2026-03-01

Reference in New Issue View Git Blame Copy Permalink