feat: v3.4 — boot reliability, log readability, USB export, screen resolution, GRUB UEFI fix, memtest, KVM console stability

Web UI / logs: - Strip ANSI escape codes and handle \r (progress bars) in task log output - Add USB export API + UI card on Export page (list removable devices, write audit JSON or support bundle) - Add Display Resolution card in Tools (xrandr-based, per-output mode selector) - Dashboard: audit status banner with auto-reload when audit task completes Boot & install: - bee-web starts immediately with no dependencies (was blocked by audit + network) - bee-audit.service redesigned: waits for bee-web healthz, sleeps 60s, enqueues audit via /api/audit/run (task system) - bee-install: fix GRUB UEFI — grub-install exit code was silently ignored (|| true); add --no-nvram fallback; always copy EFI/BOOT/BOOTX64.EFI fallback path - Add grub-efi-amd64, grub-pc, grub-efi-amd64-signed, shim-signed to package list (grub-install requires these, not just -bin variants) - memtest hook: fix binary/boot/ not created before cp; handle both Debian (no extension) and upstream (x64.efi) naming - bee-openbox-session: increase healthz wait from 30s to 120s KVM console stability: - runCmdJob: syscall.Setpriority(PRIO_PROCESS, pid, 10) on all stress subprocesses - lightdm.service.d: Nice=-5 so X server preempts stress processes Packages: add btop Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-31 10:13:31 +03:00
parent 105d92df8b
commit 20f834aa96
10 changed files with 458 additions and 26 deletions
--- a/iso/overlay/usr/local/bin/bee-install
+++ b/iso/overlay/usr/local/bin/bee-install
@@ -158,20 +158,56 @@ mount --bind /sys  "${MOUNT_ROOT}/sys"

 # ------------------------------------------------------------------
 log "--- Step 7/7: Installing GRUB bootloader ---"
+
+# Helper: run a chroot command, log all output, return its exit code.
+# Needed because "cmd | while" pipelines hide the exit code of cmd.
+chroot_log() {
+    local rc=0
+    local out
+    out=$(chroot "$MOUNT_ROOT" "$@" 2>&1) || rc=$?
+    echo "$out" | while IFS= read -r line; do log "  $line"; done
+    return $rc
+}
+
 if [ "$UEFI" = "1" ]; then
-    chroot "$MOUNT_ROOT" grub-install \
-        --target=x86_64-efi \
-        --efi-directory=/boot/efi \
-        --bootloader-id=bee \
-        --recheck 2>&1 | while read -r line; do log "  $line"; done || true
+    # Primary attempt: write EFI NVRAM entry (requires writable efivars)
+    if ! chroot_log grub-install \
+            --target=x86_64-efi \
+            --efi-directory=/boot/efi \
+            --bootloader-id=bee \
+            --recheck; then
+        log "  WARNING: grub-install (with NVRAM) failed — retrying with --no-nvram"
+        # --no-nvram: write grubx64.efi but skip EFI variable update.
+        # Needed on headless servers where efivars is read-only or unavailable.
+        chroot_log grub-install \
+            --target=x86_64-efi \
+            --efi-directory=/boot/efi \
+            --bootloader-id=bee \
+            --no-nvram \
+            --recheck || log "  WARNING: grub-install --no-nvram also failed — check logs"
+    fi
+
+    # Always install the UEFI fallback path EFI/BOOT/BOOTX64.EFI.
+    # Many UEFI implementations (especially server BMCs and some firmware)
+    # ignore the NVRAM boot entry and only look for this path.
+    GRUB_EFI="${MOUNT_ROOT}/boot/efi/EFI/bee/grubx64.efi"
+    FALLBACK_DIR="${MOUNT_ROOT}/boot/efi/EFI/BOOT"
+    if [ -f "$GRUB_EFI" ]; then
+        mkdir -p "$FALLBACK_DIR"
+        cp "$GRUB_EFI" "${FALLBACK_DIR}/BOOTX64.EFI"
+        log "  Fallback EFI binary installed: EFI/BOOT/BOOTX64.EFI"
+    else
+        log "  WARNING: grubx64.efi not found at $GRUB_EFI — UEFI fallback path not set"
+    fi
 else
-    chroot "$MOUNT_ROOT" grub-install \
+    chroot_log grub-install \
        --target=i386-pc \
        --recheck \
-        "$DEVICE" 2>&1 | while read -r line; do log "  $line"; done || true
+        "$DEVICE" || log "  WARNING: grub-install (BIOS) failed — check logs"
 fi
-chroot "$MOUNT_ROOT" update-grub 2>&1 | while read -r line; do log "  $line"; done || true
-log "  GRUB installed."
+
+chroot_log update-grub || log "  WARNING: update-grub failed — check logs"
+log "  GRUB step complete."

 # ------------------------------------------------------------------
 # Cleanup
--- a/iso/overlay/usr/local/bin/bee-openbox-session
+++ b/iso/overlay/usr/local/bin/bee-openbox-session
@@ -8,13 +8,16 @@ xset -dpms
 xset s noblank

 tint2 &
-# Wait for bee-web to bind (Go starts fast, usually <2s)
+
+# Wait up to 120s for bee-web to bind. The web server starts immediately now
+# (audit is deferred), so this should succeed in a few seconds on most hardware.
 i=0
-while [ $i -lt 30 ]; do
+while [ $i -lt 120 ]; do
    if curl -sf http://localhost/healthz >/dev/null 2>&1; then break; fi
    sleep 1
    i=$((i+1))
 done
+
 chromium \
    --disable-infobars \
    --disable-translate \