From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.7 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,URIBL_SBL_A autolearn=unavailable autolearn_force=no version=3.4.6 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 3F5FB65F0; Fri, 28 Oct 2022 11:06:31 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 496) id 89F38654E; Fri, 28 Oct 2022 11:06:28 +0000 (UTC) Received: from mail-lj1-x243.google.com (mail-lj1-x243.google.com [IPv6:2a00:1450:4864:20::243]) by atuin.qyliss.net (Postfix) with ESMTPS id 87EE365E9 for ; Fri, 28 Oct 2022 11:06:24 +0000 (UTC) Received: by mail-lj1-x243.google.com with SMTP id b18so7861765ljr.13 for ; Fri, 28 Oct 2022 04:06:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=unikie.com; s=google; h=content-transfer-encoding:mime-version:reply-to:references :in-reply-to:message-id:date:subject:cc:to:from:from:to:cc:subject :date:message-id:reply-to; bh=Y6OJzaWlAqfbkIXfHPnKvAJ1K3WVvGG6gVArXmdJwpQ=; b=PV0b+ddPP0GCqOTOF6gZbajn6/3WmMuy6oJ22OBmZdxYH5/b+H/cZE7YC1S5hJGXxy S1ZJNrGKVc2v3dxDZaoeXD0FmeaEKHaVHuexNReE47+5p2Jcb07z/bEc5TtLYVChwsvS F72r0jbqDiV6qR8Nwkxxwil1PZKjWfSndw+uhM/TxDRmYfbPYt7asFEalP49neZTlHuY YNIGvCu0JYFBB30d7otIhWcaJvfX63GN0iL06gsCPmkjxyMNpLsfgm7Z13nA0Na9qsuc X/7qXt5YWokPfc7mX1f7PxlWOUiE3L0/o6mMTRPS364IkKxB33nZIrNN5gy4gnEjrBXY pPsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:reply-to:references :in-reply-to:message-id:date:subject:cc:to:from:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=Y6OJzaWlAqfbkIXfHPnKvAJ1K3WVvGG6gVArXmdJwpQ=; b=F7rw06E3VFQuHe4rSVgbeHco5masw9dZJyVfH1rspled5vx5Y5SFQsw1edCi6Pg78b BjAojWzg6XVbqEzkV9eFhVkwtSrN3PI4l1NWmufYS/a/AfL6xO3Zb+5qRC7VMR4spCcI yslGimF4PZGZHbmpGKZl+oqDmqzbMPFB4qyggIxadOD+KtzK1L/2DkfaEXxa3EjEyZYq jsNmYtzrxIez4zXE1kSrg8Lvp/I3FqKzgYcG1bKQ01Q1zQVR4osjW0TyrcHcWGToGDgV Dv46Xwv65+20oVf6rXPEwSjcJb6IcfKii67371ZSUTm9r/s7gtYz5uHsaItbx/LNUzJO +geg== X-Gm-Message-State: ACrzQf2fm+KD3dTMPAKdjUt2wLCXHJhFwsLHP0rZcNxFHId14eQxKNQC qrSuq+figH8M/j9eko5kkNML83wzejhVAQ== X-Google-Smtp-Source: AMsMyM7hwyKIzqODRk4K/YgipncUo59HxjBh+k8dNf3RKTQovT+Nu1xqxFohX3wJlvLdQJmzkvQlvg== X-Received: by 2002:a05:651c:160c:b0:264:a5ae:7dd2 with SMTP id f12-20020a05651c160c00b00264a5ae7dd2mr20862742ljq.80.1666955180416; Fri, 28 Oct 2022 04:06:20 -0700 (PDT) Received: from evgeniia-ThinkPad-T490.. ([109.204.204.138]) by smtp.gmail.com with ESMTPSA id b14-20020a056512070e00b0049876c1bb24sm518029lfs.225.2022.10.28.04.06.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Oct 2022 04:06:18 -0700 (PDT) From: Jenni Nikolaenko To: devel@spectrum-os.org Subject: [PATCH] Docs: new structure Date: Fri, 28 Oct 2022 14:05:58 +0300 Message-Id: <20221028110558.205351-1-evgeniia.nikolaenko@unikie.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Message-ID-Hash: TNJQURFMOTLCVNPQZSRMU2UNQ25WDHRB X-Message-ID-Hash: TNJQURFMOTLCVNPQZSRMU2UNQ25WDHRB X-MailFrom: evgeniia.nikolaenko@unikie.com X-Mailman-Rule-Hits: header-match-devel.spectrum-os.org-0 X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1 CC: Jenni Nikolaenko X-Mailman-Version: 3.3.5 Precedence: list Reply-To: Alyssa@atuin.qyliss.net List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Create separate folders for new parent pages, update Introduction page, remove a and the articles from titles, quick check text for simple english Signed-off-by: Jenni Nikolaenko --- Documentation/{ => about}/architecture.adoc | 20 ++++--- Documentation/about/index.adoc | 30 +++++++++++ Documentation/building-documentation.adoc | 52 ------------------ .../decisions/001-host-update-mechanism.adoc | 4 +- .../decisions/002-install-options.adoc | 4 +- Documentation/decisions/003-partitioning.adoc | 2 +- .../004-data-at-rest-encryption.adoc | 4 +- .../005-virtual-machine-monitor.adoc | 2 +- .../decisions/006-drivers-on-host.adoc | 2 +- .../decisions/007-usb-virtual-machines.adoc | 2 +- ...008-inter-vm-communication-mechanisms.adoc | 2 +- Documentation/decisions/index.adoc | 2 +- .../build-configuration.adoc | 13 +++-- .../development/building-documentation.adoc | 53 +++++++++++++++++++ .../{ => development}/debugging.adoc | 12 ++--- .../{ => development}/first-patch.adoc | 32 +++++------ Documentation/development/index.adoc | 31 +++++++++++ Documentation/{ => development}/replying.adoc | 13 ++--- .../{ => development}/reviewing-patches.adoc | 4 +- .../{ => development}/testing-patches.adoc | 34 ++++++------ .../{ => development}/uuid-reference.adoc | 5 +- Documentation/explanation.adoc | 3 +- .../{ => getting-started}/creating-vms.adoc | 2 +- Documentation/getting-started/index.adoc | 14 +++++ .../{ => getting-started}/running-vms.adoc | 2 +- .../getting-started/user-partition.adoc | 16 ++++++ Documentation/how-to.adoc | 1 + Documentation/index.adoc | 29 ++++++++-- Documentation/{ => installation}/b4.adoc | 5 +- .../{ => installation}/binary-cache.adoc | 18 ++++--- .../{ => installation}/getting-spectrum.adoc | 14 ++--- Documentation/installation/index.adoc | 26 +++++++++ Documentation/reference.adoc | 3 +- Documentation/tutorials.adoc | 3 +- Documentation/user-partition.adoc | 12 ----- 35 files changed, 302 insertions(+), 169 deletions(-) rename Documentation/{ => about}/architecture.adoc (84%) create mode 100644 Documentation/about/index.adoc delete mode 100644 Documentation/building-documentation.adoc rename Documentation/{ => development}/build-configuration.adoc (73%) create mode 100644 Documentation/development/building-documentation.adoc rename Documentation/{ => development}/debugging.adoc (79%) rename Documentation/{ => development}/first-patch.adoc (80%) create mode 100644 Documentation/development/index.adoc rename Documentation/{ => development}/replying.adoc (68%) rename Documentation/{ => development}/reviewing-patches.adoc (88%) rename Documentation/{ => development}/testing-patches.adoc (81%) rename Documentation/{ => development}/uuid-reference.adoc (97%) rename Documentation/{ => getting-started}/creating-vms.adoc (98%) create mode 100644 Documentation/getting-started/index.adoc rename Documentation/{ => getting-started}/running-vms.adoc (93%) create mode 100644 Documentation/getting-started/user-partition.adoc rename Documentation/{ => installation}/b4.adoc (93%) rename Documentation/{ => installation}/binary-cache.adoc (80%) rename Documentation/{ => installation}/getting-spectrum.adoc (82%) create mode 100644 Documentation/installation/index.adoc delete mode 100644 Documentation/user-partition.adoc diff --git a/Documentation/architecture.adoc b/Documentation/about/architecture.adoc similarity index 84% rename from Documentation/architecture.adoc rename to Documentation/about/architecture.adoc index 1c4307b..c1af320 100644 --- a/Documentation/architecture.adoc +++ b/Documentation/about/architecture.adoc @@ -1,17 +1,15 @@ = Architecture -:page-parent: Explanation +:page-parent: About Spectrum // SPDX-FileCopyrightText: 2022 Unikie // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 -== Introduction +Spectrum is based on the principle of security by compartmentalization. -Spectrum is based on the principle of security by -compartmentalization. The high level stack is illustrated in the -following diagram: +The high level stack is illustrated in the following diagram: -image::diagrams/stack.svg[] +image::../diagrams/stack.svg[] The default set of virtual machines includes two application VMs, _appvm-catgirl_ (an IRC client) and _appvm-lynx_ (a text-based web @@ -26,7 +24,7 @@ https://en.wikipedia.org/wiki/Architectural_decision[Architecturally significant decisions] are xref:decisions/index.adoc[recorded] as lightweight https://cognitect.com/blog/2011/11/15/documenting-architecture-decisions/[ADRs]. -== The Spectrum host system +== Spectrum Host System Compartmentalization is implemented using https://cloud-hypervisor.org/[cloud-hypervisor] virtual machines. @@ -35,7 +33,7 @@ https://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine[Kernel-based Virtual Machine] (KVM) to provide lightweight, hardware-accelerated VMs. While Linux (including KVM) is portable between many hardware architectures, -cloud-hypervisor supports only x86_64 and aarch64. Spectrum currently only +cloud-hypervisor supports only x86_64 and aarch64. Spectrum currently only works on x86_64, but aarch64 support is in development. https://skarnet.org/software/s6-rc/overview.html[s6-rc] is used for service @@ -44,7 +42,7 @@ and service scripts. https://wayland.freedesktop.org/[Wayland] is used for window management and display. The Wayland architecture is well documented -https://wayland.freedesktop.org/architecture.html[here]. The host provides only +https://wayland.freedesktop.org/architecture.html[here]. The host provides only a Wayland terminal client, https://codeberg.org/dnkl/foot/[foot], which is used for interacting with VM consoles. In future it will be possible for application VMs to display windows on the single Wayland compositor on the host system, @@ -57,7 +55,7 @@ https://www.etalabs.net/compare_libcs.html[added safety on resource exhaustion and security hardening on memory allocation]. Kernel hardening will be investigated in future. -== Exploring the Spectrum dependency tree +== Spectrum Dependency Tree For a detailed, interactive view of dependencies, use https://github.com/utdemir/nix-tree[nix-tree] in the Spectrum repository: @@ -67,4 +65,4 @@ https://github.com/utdemir/nix-tree[nix-tree] in the Spectrum repository: nix-build img/live -I nixpkgs=https://spectrum-os.org/git/nixpkgs/snapshot/nixpkgs-rootfs.tar.gz --no-out-link | xargs -o nix-tree https://diode.zone/w/8DBDQ6HQUe5UUdLkpDuL35[See video of Spectrum live image -interactive analysis with nix-tree] +interactive analysis with nix-tree]. diff --git a/Documentation/about/index.adoc b/Documentation/about/index.adoc new file mode 100644 index 0000000..9e2a47e --- /dev/null +++ b/Documentation/about/index.adoc @@ -0,0 +1,30 @@ += About Spectrum +:description: Some words about Spectrum as the operating system, not a project. Highlights the differences between common Linux distributions and Spectrum. +:page-nav_order: 1 +:page-has_children: true + +// SPDX-FileCopyrightText: 2022 Unikie +// SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 + +Spectrum is a Linux-based system that uses Nix package manager and Nixpkgs +collection of packages. + +This gives an actively-developed base with good +hardware support, powerful and optimised compartmentalization primitives in +KVM, and the reproducible packaging and configuration system that is important +for a maintainable compartmentalized system. + +== Why Spectrum + +* User data and applications are managed centrally while remaining isolated. +That means that the system can be backed up and managed as a whole, rather than +mixed up in several dozen VMs. + +* The host system and isolated environments are managed declaratively and +reproducibly using the Nix package manager. +This can save the user the burden of maintaining many different virtual +computers, allowing finer-grained resource access controls and making it +possible to verify the software running across all environments. + +TIP: If you are interested in why we do something _this_ way instead of _that_ +way, see xref:../decisions/index.adoc[Architecture Decision Records]. diff --git a/Documentation/building-documentation.adoc b/Documentation/building-documentation.adoc deleted file mode 100644 index b491105..0000000 --- a/Documentation/building-documentation.adoc +++ /dev/null @@ -1,52 +0,0 @@ -= Building the Documentation -:page-parent: Tutorials - -// SPDX-FileCopyrightText: 2022 Unikie -// SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 - -This tutorial assumes that you have https://nixos.org/[Nix] installed. -You may also want to xref:binary-cache.adoc[configure the Spectrum -binary cache], to avoid having to wait for dependencies to compile on -your local system. - -1. Get a copy of the Spectrum source code: -+ -[source,shell] ----- -git clone https://spectrum-os.org/git/spectrum ----- -2. Enter the documentation directory: -+ -[source,shell] ----- -cd spectrum/Documentation ----- -3. Enter the development environment: -+ -[source,shell] ----- -nix-shell -I nixpkgs=https://spectrum-os.org/git/nixpkgs/snapshot/nixpkgs-rootfs.tar.gz ----- -4. In the development shell, do an initial build of the documentation -site: -+ -[source,shell] ----- -scripts/build.sh ----- -5. Run a development server for previewing changes locally: -+ -[source,shell] ----- -jekyll serve ----- -+ -This will serve a local copy of the documentation at http://localhost:4000/. -+ -IMPORTANT: Jekyll doesn't handle rendering of the draw.io diagrams, so -if you modify any of those, or add new ones, you'll have to run -`scripts/build.sh` again to do a full rebuild of the site. - -Once you've made your changes to the documentation, see -xref:first-patch.adoc[Sending Your First Patch] for information -about how to submit them for review. diff --git a/Documentation/decisions/001-host-update-mechanism.adoc b/Documentation/decisions/001-host-update-mechanism.adoc index 574deb4..39f9f28 100644 --- a/Documentation/decisions/001-host-update-mechanism.adoc +++ b/Documentation/decisions/001-host-update-mechanism.adoc @@ -1,6 +1,6 @@ = 001 Host Update Mechanism :page-parent: Architecture Decision Records -:page-grand_parent: Explanation +:page-grand_parent: About Spectrum // SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 @@ -11,7 +11,7 @@ Proposed == Context -Spectrum currently has no implementation for software update. The host -- +Spectrum currently has no implementation for software update. The host -- consisting of the Linux kernel, KVM, cloud-hypervisor and minimal user space tools -- will require software updates to support feature development and security fixes. diff --git a/Documentation/decisions/002-install-options.adoc b/Documentation/decisions/002-install-options.adoc index 4412b53..4a745eb 100644 --- a/Documentation/decisions/002-install-options.adoc +++ b/Documentation/decisions/002-install-options.adoc @@ -1,6 +1,6 @@ -= 002 Install options += 002 Install Options :page-parent: Architecture Decision Records -:page-grand_parent: Explanation +:page-grand_parent: About Spectrum // SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/decisions/003-partitioning.adoc b/Documentation/decisions/003-partitioning.adoc index 8494ea4..a13b8cc 100644 --- a/Documentation/decisions/003-partitioning.adoc +++ b/Documentation/decisions/003-partitioning.adoc @@ -1,6 +1,6 @@ = 003 Partitioning :page-parent: Architecture Decision Records -:page-grand_parent: Explanation +:page-grand_parent: About Spectrum // SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/decisions/004-data-at-rest-encryption.adoc b/Documentation/decisions/004-data-at-rest-encryption.adoc index 26fe273..5b0f518 100644 --- a/Documentation/decisions/004-data-at-rest-encryption.adoc +++ b/Documentation/decisions/004-data-at-rest-encryption.adoc @@ -1,6 +1,6 @@ = 004 Data at Rest Encryption :page-parent: Architecture Decision Records -:page-grand_parent: Explanation +:page-grand_parent: About Spectrum // SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 @@ -20,5 +20,5 @@ User data is encrypted. == Consequences Spectrum needs to come with enough software to get the encryption key -via different methods (password, usb, fido, etc.) Can we use dm-crypt +via different methods (password, usb, fido, etc.). Can we use dm-crypt for everything instead of LUKS? diff --git a/Documentation/decisions/005-virtual-machine-monitor.adoc b/Documentation/decisions/005-virtual-machine-monitor.adoc index db81c72..df1b501 100644 --- a/Documentation/decisions/005-virtual-machine-monitor.adoc +++ b/Documentation/decisions/005-virtual-machine-monitor.adoc @@ -1,6 +1,6 @@ = 005 Virtual Machine Monitor :page-parent: Architecture Decision Records -:page-grand_parent: Explanation +:page-grand_parent: About Spectrum // SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/decisions/006-drivers-on-host.adoc b/Documentation/decisions/006-drivers-on-host.adoc index 872044e..b92d863 100644 --- a/Documentation/decisions/006-drivers-on-host.adoc +++ b/Documentation/decisions/006-drivers-on-host.adoc @@ -1,6 +1,6 @@ = 006 Drivers on Host :page-parent: Architecture Decision Records -:page-grand_parent: Explanation +:page-grand_parent: About Spectrum // SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/decisions/007-usb-virtual-machines.adoc b/Documentation/decisions/007-usb-virtual-machines.adoc index 3bdf78b..d832691 100644 --- a/Documentation/decisions/007-usb-virtual-machines.adoc +++ b/Documentation/decisions/007-usb-virtual-machines.adoc @@ -1,6 +1,6 @@ = 007 USB Virtual Machine :page-parent: Architecture Decision Records -:page-grand_parent: Explanation +:page-grand_parent: About Spectrum // SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/decisions/008-inter-vm-communication-mechanisms.adoc b/Documentation/decisions/008-inter-vm-communication-mechanisms.adoc index a1b7d49..c1e5b87 100644 --- a/Documentation/decisions/008-inter-vm-communication-mechanisms.adoc +++ b/Documentation/decisions/008-inter-vm-communication-mechanisms.adoc @@ -1,6 +1,6 @@ = 008 Inter-VM Communication Mechanisms :page-parent: Architecture Decision Records -:page-grand_parent: Explanation +:page-grand_parent: About Spectrum // SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/decisions/index.adoc b/Documentation/decisions/index.adoc index 772f382..a022239 100644 --- a/Documentation/decisions/index.adoc +++ b/Documentation/decisions/index.adoc @@ -1,6 +1,6 @@ = Architecture Decision Records :page-has_children: true -:page-parent: Explanation +:page-parent: About Spectrum // SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/build-configuration.adoc b/Documentation/development/build-configuration.adoc similarity index 73% rename from Documentation/build-configuration.adoc rename to Documentation/development/build-configuration.adoc index b89575f..c9a8c99 100644 --- a/Documentation/build-configuration.adoc +++ b/Documentation/development/build-configuration.adoc @@ -1,19 +1,22 @@ = Configuring the Build -:page-parent: How-to Guides +:page-parent: Development +:page-nav_order: 1 :example-caption: Test // SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 Some aspects of a Spectrum build can be customised using a build -configuration file. By default, this configuration file should be -called config.nix and located in the root of the Spectrum source tree, -but this can be overridden by setting `spectrum-config` in the +configuration file. + +By default, this configuration file should be called config.nix and located in +the root of the Spectrum source tree, but this can be overridden by setting +`spectrum-config` in the https://nixos.org/manual/nix/stable/command-ref/env-common.html#env-NIX_PATH[NIX_PATH] to the path of the configuration file. The configuration file should contain an attribute set. The only -currently allowed attribute name is `pkgs`, which allows using a +currently allowed attribute name is `pkgs`. It allows using a custom Nixpkgs to evaluate Spectrum. .config.nix to build Spectrum with a https://nixos.org/manual/nixpkgs/unstable/#sec-overlays-definition[Nixpkgs overlay] diff --git a/Documentation/development/building-documentation.adoc b/Documentation/development/building-documentation.adoc new file mode 100644 index 0000000..d83c343 --- /dev/null +++ b/Documentation/development/building-documentation.adoc @@ -0,0 +1,53 @@ += Building Documentation +:page-parent: Development +:page-nav_order: 4 + +// SPDX-FileCopyrightText: 2022 Unikie +// SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 + +Make sure you have https://nixos.org/[Nix] installed. +You may also want to xref:binary-cache.adoc[configure the Spectrum +binary cache], to avoid having to wait for dependencies to compile on +your local system. + +. Get a copy of the Spectrum source code: ++ +[source,shell] +---- +git clone https://spectrum-os.org/git/spectrum +---- +. Enter the documentation directory: ++ +[source,shell] +---- +cd spectrum/Documentation +---- +. Enter the development environment: ++ +[source,shell] +---- +nix-shell -I nixpkgs=https://spectrum-os.org/git/nixpkgs/snapshot/nixpkgs-rootfs.tar.gz +---- +. In the development shell, do an initial build of the documentation +site: ++ +[source,shell] +---- +scripts/build.sh +---- +. Run a development server for previewing changes locally: ++ +[source,shell] +---- +jekyll serve +---- ++ +This will serve a local copy of the documentation at http://localhost:4000/. ++ +IMPORTANT: Jekyll does not handle rendering of the draw.io diagrams. If you +modify any of those, or add new ones, run `scripts/build.sh` again to do a full +rebuild of the site. + +After making changes to the documentation, see +xref:first-patch.adoc[Working with Patches] for information +on how to submit your changes for review. diff --git a/Documentation/debugging.adoc b/Documentation/development/debugging.adoc similarity index 79% rename from Documentation/debugging.adoc rename to Documentation/development/debugging.adoc index 3871a7c..d342294 100644 --- a/Documentation/debugging.adoc +++ b/Documentation/development/debugging.adoc @@ -1,7 +1,6 @@ -= Debugging Spectrum -:page-parent: Explanation -:toc: -:toclevels: 1 += Debugging +:page-parent: Development +:page-nav_order: 3 // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 @@ -9,8 +8,9 @@ == Extracting core dumps when running Spectrum in a VM When using a VM to run the Spectrum host system, a special mechanism -is available to enable easy introspection of core files. When a -program on the Spectrum host system dumps core, the system will +is available to enable easy introspection of core files. + +When a program on the Spectrum host system dumps core, the system will attempt to upload the core file to _its_ host (i.e. the system running Spectrum in a VM) using the vsock(7) protocol, on port 1129271877. diff --git a/Documentation/first-patch.adoc b/Documentation/development/first-patch.adoc similarity index 80% rename from Documentation/first-patch.adoc rename to Documentation/development/first-patch.adoc index 30672b9..cf19b37 100644 --- a/Documentation/first-patch.adoc +++ b/Documentation/development/first-patch.adoc @@ -1,11 +1,11 @@ -= Sending Your First Patch -:page-parent: Tutorials += Working with Patches +:page-parent: Development +:page-nav_order: 1 +:page-has_children: true // SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 -== Prerequisites - This tutorial assumes that you already have basic https://git-scm.com/[git] experience. @@ -14,19 +14,18 @@ https://spectrum-os.org/git/[Spectrum source tree]. You'll also need to have configured `git send-email` — a guide for this can be found at https://git-send-email.io/. -== Making your changes +== Making Changes -If you've worked on any git repository before, the process for making -your changes will probably be very familiar. +The process of making changes is similar to working on any git repository. -1. Create a branch for your changes: +. Create a branch for your changes: + [source,shell] ---- git checkout -b fix-docs # for example ---- -2. Make changes in your editor. -3. Stage and commit your changes: +. Make changes in your editor. +. Stage and commit your changes: + [source,shell] ---- @@ -39,7 +38,7 @@ indicates your acceptance of the https://spectrum-os.org/git/spectrum/tree/DCO-1.1.txt[Developer's Certificate of Origin], which is mandatory for Spectrum patches. -== Submitting changes +== Submitting Changes Once you're happy with how the commits on your branch look, run: @@ -64,13 +63,14 @@ message that will be sent before all of your patches. Once your patch has been submitted, wait for it to be reviewed. Feedback, if any, will be sent as email replies to your submitted -patch. You can respond to feedback in your mail client. Please use -the Reply All button to ensure that your messages are sent to the +patch. You can respond to feedback in your mail client. + +Use the *Reply All* button to sent your messages to the mailing list as well as to the person who sent the feedback. -If you need to make changes to your patch, and submit a new version, +If you need to make changes to your patch and submit a new version, use https://git-rebase.io/[`git rebase`] to create a new version of -your patch(es), and submit it like this: +your patch(es) and then submit it like this: [source,shell] ---- @@ -81,7 +81,7 @@ The added `-v2` flag indicates that this is version two of your patch set. If your patches require more rounds of changes, submit subsequent rounds with `-v3`, `-v4`, etc. as appropriate. -If you'd like to describe what has changed from the previous version +If you would like to describe what has changed from the previous version of your patches, you can do so in a xref:cover-letter[cover letter] as described above. diff --git a/Documentation/development/index.adoc b/Documentation/development/index.adoc new file mode 100644 index 0000000..1fe4d8b --- /dev/null +++ b/Documentation/development/index.adoc @@ -0,0 +1,31 @@ += Development +:description: Development progress, general development practices +:page-nav_order: 4 +:page-has_children: true + +// SPDX-FileCopyrightText: 2022 Unikie +// SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 + +Spectrum is free software, currently under active development. + +If you made changes in a source code, +https://spectrum-os.org/installation/getting-spectrum.html#building-an-installer[rebuild Spectrum], +xref:../development/testing-patches.adoc[test your patch] and +then https://spectrum-os.org/development/first-patch.html#submitting-changes[submit your changes for review]. + +== Developer Setup + +Before starting, make sure you are familiar with +https://git.kernel.org/pub/scm/utils/b4/b4.git/about/[b4] and the +https://nixos.org/manual/nix/stable/introduction.html[Nix package manager]. + +== Mailing Lists + +The Spectrum project runs several +https://spectrum-os.org/mailman3/lists/?all-lists[mailing lists] on which you +can ask your questions or help other people with the questions they have. All +the Spectrum developers as well as many long time Linux and Spectrum users are +on the lists. + +For real-time feedback, use +https://spectrum-os.org/participating.html#irc[IRC/Matrix channel]. diff --git a/Documentation/replying.adoc b/Documentation/development/replying.adoc similarity index 68% rename from Documentation/replying.adoc rename to Documentation/development/replying.adoc index bb8e31a..a1ad394 100644 --- a/Documentation/replying.adoc +++ b/Documentation/development/replying.adoc @@ -1,5 +1,7 @@ = Replying to Messages in the Mailing List Archives -:page-parent: Tutorials +:page-parent: Working with Patches +:page-grand_parent: Development +:page-nav_order: 3 // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 @@ -9,14 +11,13 @@ https://spectrum-os.org/participating.html#mailing-lists[mailing lists]. Make sure to Reply All when replying to messages, so that the message -is sent to the mailing list and not just to the person you're -replying to. +is sent to the mailing list and not just to the person you reply to. == Getting a copy of a message -You may want to reply to a mailing list message that you don't have a -copy of in your mail client, because you aren't subscribed to the -list, or because you subscribed after the message was sent. +You may want to reply to a mailing list message that you do not have a +copy of in your mail client, because you are not subscribed to the +list or because you subscribed after the message was sent. To do this, find the message you want to reply to in the https://spectrum-os.org/lists/archives[public-inbox list archives], diff --git a/Documentation/reviewing-patches.adoc b/Documentation/development/reviewing-patches.adoc similarity index 88% rename from Documentation/reviewing-patches.adoc rename to Documentation/development/reviewing-patches.adoc index 63ff24e..ba47f25 100644 --- a/Documentation/reviewing-patches.adoc +++ b/Documentation/development/reviewing-patches.adoc @@ -1,5 +1,7 @@ = Reviewing Patches -:page-parent: How-to Guides +:page-parent: Working with Patches +:page-grand_parent: Development +:page-nav_order: 2 // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/testing-patches.adoc b/Documentation/development/testing-patches.adoc similarity index 81% rename from Documentation/testing-patches.adoc rename to Documentation/development/testing-patches.adoc index 743cd6e..600cf0f 100644 --- a/Documentation/testing-patches.adoc +++ b/Documentation/development/testing-patches.adoc @@ -1,5 +1,7 @@ = Testing Patches -:page-parent: How-to Guides +:page-parent: Working with Patches +:page-grand_parent: Development +:page-nav_order: 2 // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-FileCopyrightText: 2022 Unikie @@ -9,7 +11,7 @@ Potential changes to Spectrum are posted to and discussed on the https://spectrum-os.org/participating.html#spectrum-devel[devel@spectrum-os.org] mailing list. -== Apply the patch +== Apply Patch . Find the patch series you want to test on https://spectrum-os.org/lists/archives/spectrum-devel/[public-inbox]. @@ -28,35 +30,31 @@ of the Spectrum root's nix-shell, which allows you to skip this step. with the patch's Message-Id to download all the patches in the series into a file. + -[example] [source,shell] ---- b4 am 20220511092352.70E54C980@atuin.qyliss.net ---- - -. b4 will indicate the file name it has downloaded the patches into - with a line like: +b4 will indicate the file name it has downloaded the patches into with a line +like: + -[example] -[listing] +[source,shell] +---- Writing ./20220424_hi_host_rootfs_fix_weston_hotplugging.mbx +---- +. Run `git am` on that file to apply the patches. For example: + -Run `git am` on that file to apply the patches, for example: -+ -[example] [source,shell] ---- git am 20220424_hi_host_rootfs_fix_weston_hotplugging.mbx ---- -== Post your test results +== Post Your Results -When you've tested a patch, it's really helpful to +When you tested a patch, it is helpful to xref:replying.adoc[reply] with your test results. -If the patch worked for you, please reply to it and include a line -like the following, separated from any reply text: - +If the patch worked for you, please reply to it and include a line like the following, separated from any reply text: +[source,shell] ---- Tested-by: John Smith ---- @@ -66,10 +64,10 @@ patch replies will be automatically included in the commit message when a patch is applied. It's also helpful to explain in your reply how you tested the patch, -but you don't have to if it's obvious. (For example, if a patch is +but you don't have to if it's obvious. For example, if a patch is supposed to fix a bug, and you verified that after applying the patch the bug is fixed, just the Tested-by line on its own is enough to -indicate that.) +indicate that. If you found an issue with the patch, do not include a Tested-by line, and instead reply to the patch explaining what you tested, what you diff --git a/Documentation/uuid-reference.adoc b/Documentation/development/uuid-reference.adoc similarity index 97% rename from Documentation/uuid-reference.adoc rename to Documentation/development/uuid-reference.adoc index 4b0b481..61c602f 100644 --- a/Documentation/uuid-reference.adoc +++ b/Documentation/development/uuid-reference.adoc @@ -1,7 +1,8 @@ = UUID Reference -:page-parent: Reference +:page-parent: Development :toc: preamble :toclevels: 1 +:page-nav_order: 5 // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 @@ -40,7 +41,7 @@ xref:user-partition.adoc[Spectrum user partition]. === `56a3bbc3-aefa-43d9-a64d-7b3fd59bbc4e` -https://github.com/endlessm/eos-installer["eosimages"] partition on the +https://github.com/endlessm/eos-installer["eosimages"] partition on the Spectrum combined live system / installer image. == Combined Image Partition IDs diff --git a/Documentation/explanation.adoc b/Documentation/explanation.adoc index b39cc6d..f682129 100644 --- a/Documentation/explanation.adoc +++ b/Documentation/explanation.adoc @@ -1,6 +1,5 @@ = Explanation -:page-has_children: true -:page-nav_order: 4 +:page-nav_exclude: true // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/creating-vms.adoc b/Documentation/getting-started/creating-vms.adoc similarity index 98% rename from Documentation/creating-vms.adoc rename to Documentation/getting-started/creating-vms.adoc index d967098..e06be85 100644 --- a/Documentation/creating-vms.adoc +++ b/Documentation/getting-started/creating-vms.adoc @@ -1,5 +1,5 @@ = Creating VMs -:page-parent: Reference +:page-parent: Getting Started // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/getting-started/index.adoc b/Documentation/getting-started/index.adoc new file mode 100644 index 0000000..639e0a6 --- /dev/null +++ b/Documentation/getting-started/index.adoc @@ -0,0 +1,14 @@ += Getting Started +:description: Exploring Spectrum OS. Using (=How-To-Guides), Configuring (adding smth). Ready to get started with Spectrum OS? After installing you can create VMs and then configure each one. +:page-nav_order: 3 +:page-has_children: true +:page-has_toc: false + +// SPDX-FileCopyrightText: 2022 Unikie +// SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 + +Ready to get started with Spectrum? Here is what you can do next: + +* xref:../getting-started/creating-vms.adoc[Create your own VM] to use others applications. +* xref:../getting-started/running-vms.adoc[Start some applications]. +* If needed, xref:../getting-started/user-partition.adoc[change the user partition type]. diff --git a/Documentation/running-vms.adoc b/Documentation/getting-started/running-vms.adoc similarity index 93% rename from Documentation/running-vms.adoc rename to Documentation/getting-started/running-vms.adoc index d0d3f99..9073e3c 100644 --- a/Documentation/running-vms.adoc +++ b/Documentation/getting-started/running-vms.adoc @@ -1,5 +1,5 @@ = Running VMs -:page-parent: Reference +:page-parent: Getting Started // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/getting-started/user-partition.adoc b/Documentation/getting-started/user-partition.adoc new file mode 100644 index 0000000..7c142b8 --- /dev/null +++ b/Documentation/getting-started/user-partition.adoc @@ -0,0 +1,16 @@ += User Partition +:page-parent: Getting Started + +// SPDX-FileCopyrightText: 2022 Alyssa Ross +// SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 + +The Spectrum host system is immutable, so configuration and user data +lives on a separate partition. + +The host system discovers the user +partition by looking for the special partition type +`9293e1ff-cee4-4658-88be-898ec863944f`. + +This behavior can be overridden with the `ext` parameter on the host's kernel +command line, which works in a similar way to the standard Linux `root` +parameter. diff --git a/Documentation/how-to.adoc b/Documentation/how-to.adoc index f43fa13..98cc842 100644 --- a/Documentation/how-to.adoc +++ b/Documentation/how-to.adoc @@ -1,4 +1,5 @@ = How-to Guides +:page-nav_exclude: true :page-has_children: true :page-nav_order: 2 diff --git a/Documentation/index.adoc b/Documentation/index.adoc index 3079847..ea28533 100644 --- a/Documentation/index.adoc +++ b/Documentation/index.adoc @@ -1,13 +1,32 @@ -= Spectrum Docs += Spectrum Documentation :page-nav_exclude: true // SPDX-FileCopyrightText: 2022 Alyssa Ross +// SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 -Spectrum is a compartmentalized operating system. -If you'd like to try Spectrum, see xref:getting-spectrum.adoc[Getting -Spectrum]. +Spectrum is an open-source project that aims to create a computer operating +system, based on the principle of security by compartmentalization, that has a +lower barrier to entry and is easy to use and maintain. + +== Using Spectrum To learn about what Spectrum is and how it's implemented, start with -the xref:architecture.adoc[architecture overview]. +the xref:about/architecture.adoc[architecture overview]. + +If you want to try Spectrum, see xref:../installation/index.adoc[Build and Run] + to setup a development environment. + + +== Developing and Contributing + +Spectrum is made of free and open-source software. It is free for anyone to + use, modify, and distribute. + +Once you are up and rinning, see + xref:../development/index.adoc[Development] to understand how to work with + patches, debug the system or build the documentation. + +If you are thinking of contributing to Spectrum docs, see + xref:../development/building-documentation.adoc[Building Documentation]. diff --git a/Documentation/b4.adoc b/Documentation/installation/b4.adoc similarity index 93% rename from Documentation/b4.adoc rename to Documentation/installation/b4.adoc index 489ced4..58efd0e 100644 --- a/Documentation/b4.adoc +++ b/Documentation/installation/b4.adoc @@ -1,5 +1,6 @@ = Installing and Configuring b4 -:page-parent: Tutorials +:page-parent: Build and Run +:page-nav_order: 3 // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-FileCopyrightText: 2022 Unikie @@ -19,7 +20,7 @@ of the Spectrum root's nix-shell. You should be able to install b4 from your package manager. -Using Nix, you can start a shell with b4 available by running +Using Nix, you can start a shell with b4 available by running: [listing] [source,shell] diff --git a/Documentation/binary-cache.adoc b/Documentation/installation/binary-cache.adoc similarity index 80% rename from Documentation/binary-cache.adoc rename to Documentation/installation/binary-cache.adoc index 6e69b39..dff12e1 100644 --- a/Documentation/binary-cache.adoc +++ b/Documentation/installation/binary-cache.adoc @@ -1,5 +1,6 @@ -= Setting Up the Binary Cache -:page-parent: How-to Guides += Setting Up Binary Cache +:page-parent: Build and Run +:page-nav_order: 1 // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 @@ -20,10 +21,9 @@ encounter any trouble with it. The binary cache is currently not able to provide logs, due to a https://github.com/NixOS/nix/pull/6051[Nix bug]. -== On NixOS +== For NixOS -The following configuration adds the Spectrum binary cache as a -substituter, and tells Nix to trust builds signed with its public key. +Add the following configuration to /etc/nixos/configuration.nix: [source,nix] ---- @@ -38,7 +38,13 @@ substituter, and tells Nix to trust builds signed with its public key. } ---- -== On Non-NixOS systems +This configuration adds the Spectrum binary cache as a substituter and makes +Nix to trust builds signed with its public key. + +To apply changes, rebuild your system with the https://nixos.wiki/wiki/Nixos-rebuild[nixos-rebuild] command. + + +== For Non-NixOS Systems Add the following configuration to /etc/nix/nix.conf: diff --git a/Documentation/getting-spectrum.adoc b/Documentation/installation/getting-spectrum.adoc similarity index 82% rename from Documentation/getting-spectrum.adoc rename to Documentation/installation/getting-spectrum.adoc index b3fa1ef..c365a93 100644 --- a/Documentation/getting-spectrum.adoc +++ b/Documentation/installation/getting-spectrum.adoc @@ -1,5 +1,6 @@ = Getting Spectrum -:page-parent: Tutorials +:page-parent: Build and Run +:page-nav_order: 2 // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 @@ -34,7 +35,7 @@ nix-shell -I nixpkgs=../../../nixpkgs-spectrum --run 'make run' This builds just enough of Spectrum to try it out in a VM, but it will still take a very long time. -== Building an installer +== Building Installer [source,shell] ---- @@ -47,8 +48,7 @@ This will take a very long time, but when it's done, a symbolic link named "result" will appear, pointing to a Spectrum USB installer image. -CAUTION: Spectrum is not yet suitable for real-world use. Do not use -your Spectrum system for anything important or sensitive. Spectrum is -currently missing many important security properties, and there is no -procedure for updating to new versions of Spectrum -- you have to -reinstall. +CAUTION: Do not use Spectrum for anything important or sensitive as it is not +yet suitable for real-world use. Many important security properties are +currently missing, and there is no procedure for updating to +new versions—you have to reinstall the OS. diff --git a/Documentation/installation/index.adoc b/Documentation/installation/index.adoc new file mode 100644 index 0000000..2c4e9c7 --- /dev/null +++ b/Documentation/installation/index.adoc @@ -0,0 +1,26 @@ += Build and Run +:description: How to download and install Spectrum OS. +:page-nav_order: 2 +:page-has_children: true +:page-has_toc: false + +// SPDX-FileCopyrightText: 2022 Unikie +// SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 + + +To start working with Spectrum, you need: + +* xref:../installation/binary-cache.adoc[Set up the binary cache] to speed up the build process. +* xref:../installation/getting-spectrum.adoc[Build Spectrum] from the source. +* xref:../installation/b4.adoc[Install and configure the b4 utility] to be able to work with patches. + +TIP: Currently, Spectrum works only on x86-64. AAarch64 support is in +development. If you have the configuration layer, you can +xref:../development/build-configuration.adoc[configure the build] to be able to +work with specific devices. + +== Uninstalling and Updating + +Currently, there is no implementation for a software update. + +You can replace Spectrum by installing another OS. diff --git a/Documentation/reference.adoc b/Documentation/reference.adoc index 44b359d..55259ea 100644 --- a/Documentation/reference.adoc +++ b/Documentation/reference.adoc @@ -1,6 +1,5 @@ = Reference -:page-has_children: true -:page-nav_order: 3 +:page-nav_exclude: true // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/tutorials.adoc b/Documentation/tutorials.adoc index cd1fb12..fcef31b 100644 --- a/Documentation/tutorials.adoc +++ b/Documentation/tutorials.adoc @@ -1,6 +1,5 @@ = Tutorials -:page-nav_order: 1 -:page-has_children: true +:page-nav_exclude: true // SPDX-FileCopyrightText: 2022 Alyssa Ross // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 diff --git a/Documentation/user-partition.adoc b/Documentation/user-partition.adoc deleted file mode 100644 index 73bc0d0..0000000 --- a/Documentation/user-partition.adoc +++ /dev/null @@ -1,12 +0,0 @@ -= The User Partition -:page-parent: Explanation - -// SPDX-FileCopyrightText: 2022 Alyssa Ross -// SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 - -The Spectrum host system is immutable, so configuration and user data -lives on a separate partition. The host system discovers the user -partition by looking for the special partition type -`9293e1ff-cee4-4658-88be-898ec863944f`. This behavior can be -overridden with the `ext` parameter on the host's kernel command line, -which works in a similar way to the standard Linux `root` parameter. -- 2.34.1