Fixes #24.
We create /etc/ssl1.1 with symlinks to /etc/ssl, as would be found in a default installation of 3.15.
This is a different approach from my proposal of setting SSL_CERT_FILE/SSL_CERT_DIR. It's easier to convince myself that modifying the tmpfs will be appropriately scoped to the problem, and not pollute anything I didn't think about, rather than modifying environment variables.
I tested this by:
- built
mkinitfs-*.apkfrom a modifiedAPKBUILDto point to my repo - installed the
*.apkto analpine:3.15docker container - ran
mkinitfs -s /path/to/modloop-virt.SIGN.RSA.alpine-devel@lists.alpinelinux.org-6165ee59.rsa.pub -k -F "base squashfs network usb virtio" -o "/tmp/initramfs-virt" "5.15.32-0-virt", which is as close as I could find to the command used to generateinitramfs-virtfor release - booted with the following ipxe config, booting from the test artifact hosted on backblaze b2:
#!ipxe
ifconf
kernel https://dl-cdn.alpinelinux.org/alpine/v3.15/releases/x86_64/netboot/vmlinuz-virt modules=loop,squashfs nomodeset apkovl=https://f004.backblazeb2.com/file/sbrudenell-netboot/test.apkovl.tar.gz alpine_repo=https://dl-cdn.alpinelinux.org/alpine/v3.15/main modloop=https://dl-cdn.alpinelinux.org/alpine/v3.15/releases/x86_64/netboot/modloop-virt console=tty0 console=ttyS0,115200n8 earlyprintk=serial,ttyS0,115200n8
initrd https://f004.backblazeb2.com/file/sbrudenell-netboot/initramfs-virt
bootIt worked as expected. It loaded my apkovl from https, and installed packages from the https repo.