Using Alist to Sync TrueNAS to OneDrive Background I have an E5 subscription and was originally using a solution involving running the driveone/onedrive:edge Docker container to achieve synchronization. However, this solution had drawbacks: firstly, it lacked a GUI/WebUI, and secondly, each sync operation would consume 25%-50% of CPU resources. Considering that TrueNAS's built-in sync solution can sync to WebDAV, I thought of using Alist to mount OneDrive and convert it into WebDAV for TrueNAS to mount. Process Installing Alist Create a persistent storage folder for Alist and write a Docker Compose file according to the official Alist documentation: services: alist: environment: - PUID=3000 - PGID=950 - UMASK=022 image: xhofe/alist:latest ports: - '8088:5244' restart: always volumes: - /mnt/systemdata/DockerData/alist/etc:/opt/alist/data - /mnt/data/Storage:/mnt/data Here, I exposed the Alist port on 8088. Mapping /mnt/data/Storage allows Alist to manage local storage; mapping /mnt/systemdata/DockerData/alist/etc serves as the folder for storing Alist data. Configuring OneDrive on Alist is not discussed in this article; please refer to the official Alist documentation. Here, I mounted my OneDrive at /OneDrive. After setup, go to the Alist admin panel -> Users, edit your user or create a new user, and check the Webdav Read and Webdav Manage permissions to enable WebDAV access for this user. Configuring TrueNAS Sync Go to TrueNAS Admin-Credentials-Backup Credentials, and add a Cloud Credential with the following parameters: Provider: WebDAV Name: Custom URL: Alist address +/dav, e.g., I used http://127.0.0.1:8088/dav WebDAV Service: OTHER Username和Password: Alist account credentials Verify the credential and save it if successful. Next, go to TrueNAS Admin -> Data Protection, and add a Cloud Sync Task. Under Provider, select the WebDAV credential for Alist created earlier. The parameters are explained in detail below: Direction: Choose PULL (cloud to local) or PUSH (local to cloud) Transfer Mode: COPY: Copy files. Files deleted from the source folder later will not be deleted from the target. MOVE: Copy files and then delete them from the source folder after transfer. SYNC: Keep the source and target folders synchronized. Files deleted from the source will also be deleted from the target. Directory/Files: The local file or folder to sync. Folder: The target folder in the cloud storage. Description: Notes. Schedule: Set a schedule using Cron syntax. You can use predefined intervals or write your own. For example, I selected PUSH, SYNC, syncing from /mnt/data/Storage to /OneDrive/TrueNAS, scheduled to run daily at 00:00. After editing, save the task. It will automatically upload local files to OneDrive at the scheduled time. Old Solution Project Address: https://github.com/abraunegg/onedrive Reference Articles: https://alist.nn.ci/zh/guide/install/docker.html https://alist.nn.ci/zh/guide/drivers/onedrive.html

Using Home Broadband without Public IP + CDNfly to Host a Website Introduction As is well known, hosting a website with home broadband usually requires a public IP address. However, in certain cases without a public IP, it is possible to expose an HTTP port on the carrier's exit IP for external connections through special methods, i.e., NAT penetration (this is different from FRP, ngrok, or Oray-like intranet penetration, as it does not require a server). Prerequisites Download NatTypeTester to check your NAT type. Please refer to relevant materials for details on NAT types. Ensure your network environment meets the following conditions: Under RFC3489, the NAT type must be Full Cone. Under RFC5780, the TCP mapping behavior must be EndpointIndependent. If UDPBlocked appears, change the server. Methods to Improve NAT Type Reduce the number of router layers. If using modem dial-up, connect the device directly under the modem. For multi-layer routing, connect the device directly under the top router. Enable UPnP on the router. Set the DMZ host to the server IP. Getting Started We use Lucky as the NAT penetration tool, deployed on TrueNAS via Docker Compose. TrueNAS locally has port 9080 open for HTTP. Deploying a web server is not covered in this article. Installing Lucky Follow the official guide and write a Docker Compose file: services: lucky: image: gdy666/lucky network_mode: host restart: always volumes: - /mnt/systemdata/DockerData/lucky/luckyconf:/goodluck Modify the persistent storage path to your own. Note: network_mode must be host. It can be deployed without host, but that is not discussed here. After installation, open http://[YourIP]:16601. The default username is 666 and password is 666. After logging in, modify security settings as required. Configuring Penetration Open STUN Intranet Penetration on the left side of the Lucky page and create a penetration rule. Fill in the local port with any port (ensure it does not conflict with local services), and the target address and port with the IP and port of the web service on the intranet. After completing the above configuration, choose one of the following penetration methods: {tabs} {tabs-pane label="NAT-PMP Method"} Enable the router's UPnP function, turn on the NAT-PMP switch in STUN penetration, and fill in the router address as the NAT-PMP gateway address. {/tabs-pane} {tabs-pane label="DMZ Host Method"} Set the server IP where Lucky is installed as the DMZ host in the router's DMZ settings, then turn off the UPnP and NAT-PMP options in STUN penetration. {/tabs-pane} {tabs-pane label="Non-Docker Installation + UPnP"} Enable the router's UPnP function, turn on the UPnP switch in STUN penetration, fill in the router IP as the UPnP gateway IP, and fill in the Lucky host IP as the UPnP client local IP, leaving others blank. {/tabs-pane} {tabs-pane label="Docker Installation + UPnP"} First, run Lucky in a non-Docker environment to obtain the UPnP interface address. For example, install Lucky on a computer (Windows) and create a test tunnel with the same content as the non-Docker installation. The target address and port can be filled arbitrarily. After enabling penetration, you might see content like this in the log: UPNP===>Control URL: http://192.168.3.1:5351/ctl/IPCon (Here, the URL is my Xiaomi router AX3600's UPnP management address; different routers may vary.) Copy the Control URL, then fill it into the UPnP Control Interface Address in the Docker Lucky and enable penetration. {/tabs-pane} {/tabs} If no issues arise, you should see the address and port assigned by the carrier's public exit IP. If you can access it from outside or if an itdog test shows green, the penetration is successful. Configuring CDNfly WebHook Since the public IP and port obtained this way are dynamic, a service similar to DDNS is needed to fix the access method. You can use CloudFlare Workers for redirection or use a CDN to dynamically modify the origin IP and port. I use the latter. My CDN uses the cdnfly management system. Refer to the cdnfly official documentation for API request methods. When editing the STUN intranet penetration rule, open Webhook below and check Only trigger Webhook when the address is different from the last time. Fill in the API address: https://[your-cdn-domain]/v1/sites, request method PUT; request headers include api-key and api-secret (can be found in the CDNfly backend): api-key: Your API Key api-secret: Your API Secret The request body uses JSON format to construct the payload according to the cdnfly official documentation (change the id field to your website id; if multiple websites, copy and modify accordingly): [ { "id": 114, "backend_http_port": #{port}, "backend": [ { "addr": "#{ip}", "weight": 1, "state": "up" } ] }, { "id": 514, "backend_http_port": #{port}, "backend": [ { "addr": "#{ip}", "weight": 1, "state": "up" } ] } ] Where #{ip} and #{port} are parameters provided by Lucky, representing the obtained public IP and port. Save, and if no issues, the CDN's corresponding website's origin address and port will be automatically changed to the carrier's public IP and port. Security Considerations I recommend using HTTPS penetration because HTTP is plain text and less secure. If using HTTPS, change backend_http_port to backend_https_port in the CDN API call payload and switch to HTTPS origin in the CDN. Reference Articles: https://doc.cdnfly.cn/wangzhanguanli-v1-sites.html https://lucky666.cn/docs/intro https://www.bilibili.com/opus/971100369193009187 https://github.com/gdy666/lucky

Installing 1Panel Using Docker on TrueNAS Background My TrueNAS has some performance headroom, so I'm thinking of deploying a web service. I want to install a control panel to reduce manual work. Considering the performance overhead of virtual machines, the high memory requirements for ZFS cache, and the fact that the NAS itself isn't very powerful, I decided to use Docker for deployment. Furthermore, since 1Panel itself is distributed as a Docker image, both systems controlling the TrueNAS host's Docker daemon is essentially equivalent to deploying websites directly on the TrueNAS host, making management easier. Analysis {alert type="warning"} This article assumes TrueNAS can access Docker Hub and the Docker daemon is already configured. {/alert} Environment Information Storage Pool There are two storage pools: /mnt/data: 1 x MIRROR | 2 wide | 2.73 TiB | HDD /mnt/systemdata: 1 x DISK | 1 wide | 223.57 GiB | SSD Docker data is stored in storage pool #2. Datasets There are three datasets: Storage: Located in the data storage pool, stores cold data. DockerData: Located in the systemdata storage pool, stores persistent data for containers. KaguraiYoRoy: Located in systemdata, the user's home directory. Installing 1Panel Used the moelin/1panel:latest image for deployment. Many parts of this process can refer to the README written by the image author. Project address: okxlin/docker-1panel Created a folder specifically for storing 1Panel data within the DockerData dataset, which is used as /opt/1panel inside the container, located at /mnt/systemdata/DockerData/1panel. Persistent Volumes To allow 1Panel to manage the host's Docker, map /var/run/docker.sock and the host's Docker directory. Map the data folder created for it earlier. The Docker directory in TrueNAS is different from typical Linux systems. Typically, it's at /var/lib/docker, but in TrueNAS, it's at /mnt/.ix-apps/docker. Environment Variables and Port Mapping The environment variables are the same as those set by the image author, passing TZ=Asia/Shanghai. Port mapping can be set as needed; the container's port is 10086. Docker Compose With the above information, writing the Docker Compose file becomes straightforward. The complete Docker Compose file is as follows: services: 1panel: dns: - 223.5.5.5 environment: - TZ=Asia/Shanghai image: moelin/1panel:latest labels: createdBy: Apps ports: - '8085:10086' restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock - /mnt/.ix-apps/docker:/var/lib/docker - /mnt/systemdata/DockerData/1panel/opt:/opt/1panel - /mnt/systemdata/DockerData/1panel/root:/root - /etc/docker:/etc/docker Mapping /root is because I need to run Git inside the container, and Git config is stored under /root. Setting DNS is because 1Panel needs to download data online when building environment images, and errors occur without specifying DNS. After installation, access the port you set. 1Panel Basic Information: Default Username: 1panel Default Password: 1panel_password Default Entrance: entrance Troubleshooting Docker Mirror During testing, it was found that without setting a mirror source, even with a Proxy configured, installing the PHP environment would fail. Furthermore, configuring both a mirror source and a Proxy also led to installation failure; the reason is unclear. Open /etc/docker/daemon.json on TrueNAS and add registry-mirrors: { "data-root": "/mnt/.ix-apps/docker", "default-address-pools": [ { "base": "172.17.0.0/12", "size": 24 } ], "exec-opts": [ "native.cgroupdriver=cgroupfs" ], "iptables": true, "registry-mirrors": [ "https://docker.1panel.live" ], "storage-driver": "overlay2" } Save the file, restart the host's Docker service, then try installing the environment in 1Panel again. {alert type="warning"} This configuration might be lost after a reboot. Try to install all necessary environments and apps in one go if possible. {/alert} Containers Created by 1Panel Fail to Start This is because in 1Panel, the default folder for storing data is the mapped /opt/1panel. However, the containers actually run on the TrueNAS host and try to access /opt/1panel, which doesn't exist on TrueNAS by default, and its /opt is read-only by default. This causes a "Read-only filesystem" error when starting containers. My solution is straightforward: On the TrueNAS host, first remount /opt as read-write, then create a symbolic link pointing to 1Panel's data folder. cd /opt mount -o remount,rw /opt ln -s /mnt/systemdata/DockerData/1panel/opt 1panel After this, it should work normally. One thing to note: When installing OpenResty in 1Panel, remember to avoid using ports 80 and 443, as these are the default ports for the TrueNAS web UI.

Using Infrared Camera for Face Recognition on Xiaomi 845 Series with Custom ROMs Background The Xiaomi 845 series, specifically the Mi 8 and Mi 8 Pro (UDFPS), feature a dedicated front-facing infrared camera for facial recognition. This enables facial unlock functionality even in complete darkness. However, when using a custom ROM like LineageOS compiled from its standard device tree, the infrared camera remains inaccessible, forcing the system to rely on the standard front camera. Interestingly, PixelExperience ROMs successfully utilize this hardware. This article explores the reasons behind this discrepancy and outlines the solution. The Cause CameraID The first step is directing the face recognition module to use the infrared camera. Examining the PixelExperience device tree source code reveals an overlay that configures the face unlock service to use the camera with ID 5. https://github.com/PixelExperience-Devices/device_xiaomi_dipper/blob/fourteen/overlay/packages/apps/FaceUnlockService/app/src/main/res/values/config.xml <?xml version="1.0" encoding="utf-8"?> <resources> <integer name="override_front_cam_id">5</integer> <bool name="use_alternative_vendor_impl">true</bool> </resources> PixelExperience uses Motorola's face unlock solution. Many other custom ROMs, however, utilize AOSPA's ParanoidSense. Therefore, the PixelExperience overlay method isn't directly applicable. Inspecting the ParanoidSense source code shows that it uses a system property, ro.face.sense_service.camera_id, to identify which camera to use. https://github.com/AOSPA/android_packages_apps_ParanoidSense/blob/uvite/src/co/aospa/sense/camera/CameraUtil.kt#L32 val cameraIdProp = SystemProperties.get("ro.face.sense_service.camera_id") Thus, in theory, simply setting the ro.face.sense_service.camera_id property to 5 should direct it to the infrared camera. The vendor.camera.aux.packagelist Property Merely setting the CameraID property is insufficient; the face unlock module would simply fail to access the camera. Delving into the Android framework code reveals that the system, by default, hides auxiliary cameras (AuxCameras) beyond the primary front and rear cameras. The infrared camera falls into this AuxCamera category. Using LineageOS framework code as an example: https://github.com/LineageOS/android_frameworks_base/blob/lineage-21.0/core/java/android/hardware/Camera.java#L295-L301 /** * Returns the number of physical cameras available on this device. * The return value of this method might change dynamically if the device * supports external cameras and an external camera is connected or * disconnected. * * If there is a * {@link android.hardware.camera2.CameraCharacteristics#REQUEST_AVAILABLE_CAPABILITIES_LOGICAL_MULTI_CAMERA * logical multi-camera} in the system, to maintain app backward compatibility, this method will * only expose one camera per facing for all logical camera and physical camera groups. * Use camera2 API to see all cameras. * * @return total number of accessible camera devices, or 0 if there are no * cameras or an error was encountered enumerating them. */ public static int getNumberOfCameras() { int numberOfCameras = _getNumberOfCameras(); if (!shouldExposeAuxCamera() && numberOfCameras > 2) { numberOfCameras = 2; } return numberOfCameras; } As shown, even if a device has more than two cameras, if the shouldExposeAuxCamera() function returns False, the system reports only two cameras, preventing access to any camera with an ID greater than 1. Let's examine this function: https://github.com/LineageOS/android_frameworks_base/blob/lineage-21.0/core/java/android/hardware/Camera.java#L264-L278 /** * @hide */ public static boolean shouldExposeAuxCamera() { /** * Force to expose only two cameras * if the package name does not falls in this bucket */ String packageName = ActivityThread.currentOpPackageName(); if (packageName == null) return true; List<String> packageList = Arrays.asList( SystemProperties.get("vendor.camera.aux.packagelist", packageName).split(",")); List<String> packageExcludelist = Arrays.asList( SystemProperties.get("vendor.camera.aux.packageexcludelist", "").split(",")); return packageList.contains(packageName) && !packageExcludelist.contains(packageName); } The logic is clear: if the current application's package name is listed in the vendor.camera.aux.packagelist system property and is not in the vendor.camera.aux.packageexcludelist property, the function returns True, allowing access to auxiliary cameras. The solution becomes evident: add the ParanoidSense package name (co.aospa.sense) to the vendor.camera.aux.packagelist property. The Solution Add the ParanoidSense package name co.aospa.sense to the vendor.camera.aux.packagelist property: https://github.com/YoriInstitute/crDroidAndroid_device_xiaomi_sdm845-common/commit/28fe5bc41d49b31b4acb840bf167b70d70a40c61 Set the ro.face.sense_service.camera_id property to specify the correct camera ID: https://github.com/YoriInstitute/crDroidAndroid_device_xiaomi_equuleus/commit/67518f130650e4592b5f4c7210248072058d48cc https://github.com/YoriInstitute/AOSPA_device_xiaomi_equuleus/blob/topaz/device.mk#L397-L399 In the crDroid-modified version of ParanoidSense, which is placed in the system_ext partition (refer: https://gitlab.com/crdroidandroid/android_packages_apps_FaceUnlock/-/commit/545688260eb32ba19f348e84e3cae89ba29f20d1), this property should be added to the corresponding system_ext prop file.

Brief Understanding of Some Files and Concepts in AOSP Device Trees {alert type="warning"} The following content largely represents my personal understanding of some concepts within device trees and is not official definitions. Corrections are welcome if any errors are found. {/alert} The common contents of a device tree can be broadly categorized as follows: Android.bp Various Makefiles, with the suffix .mk prop files, with the suffix .prop overlay, placed in the overlay folder sepolicy, i.e., SELinux rules, placed in the sepolicy folder manifest.xml and FCM (framework_compatibility_matrix.xml) extract-files.py, setup-makefiles.py, and proprietary-files.txt Dependency files ending with .dependencies Various other configurations Android.bp This is the configuration file for the AOSP build system, Ninja. The device tree doesn't rely heavily on it (main content is usually in Android.mk and other Makefiles). It's generally used to introduce other soong_namespaces, allowing references to Modules from other directories. Let's take the LineageOS socrates device tree as an example: // // Copyright (C) 2024 The LineageOS Project // // SPDX-License-Identifier: Apache-2.0 // soong_namespace { imports: [ "hardware/xiaomi", ], } Here, it declares the import of the namespace from hardware/xiaomi, enabling PRODUCT_PACKAGES to reference items from hardware/xiaomi. Makefile Android.mk This file defines the entry point for the entire device tree (it should be). Again, using socrates as an example: # # Copyright (C) 2024 The LineageOS Project # # SPDX-License-Identifier: Apache-2.0 # LOCAL_PATH := $(call my-dir) ifeq ($(TARGET_DEVICE),socrates) include $(LOCAL_PATH)/vendor-symlinks.mk include $(call all-subdir-makefiles,$(LOCAL_PATH)) include $(CLEAR_VARS) # A/B builds require us to create the mount points at compile time. # Just creating it for all cases since it does not hurt. FIRMWARE_MOUNT_POINT := $(TARGET_OUT_VENDOR)/firmware_mnt $(FIRMWARE_MOUNT_POINT): $(LOCAL_INSTALLED_MODULE) @echo "Creating $(FIRMWARE_MOUNT_POINT)" @mkdir -p $(TARGET_OUT_VENDOR)/firmware_mnt BT_FIRMWARE_MOUNT_POINT := $(TARGET_OUT_VENDOR)/bt_firmware $(BT_FIRMWARE_MOUNT_POINT): $(LOCAL_INSTALLED_MODULE) @echo "Creating $(BT_FIRMWARE_MOUNT_POINT)" @mkdir -p $(TARGET_OUT_VENDOR)/bt_firmware DSP_MOUNT_POINT := $(TARGET_OUT_VENDOR)/dsp $(DSP_MOUNT_POINT): $(LOCAL_INSTALLED_MODULE) @echo "Creating $(DSP_MOUNT_POINT)" @mkdir -p $(TARGET_OUT_VENDOR)/dsp ALL_DEFAULT_INSTALLED_MODULES += $(FIRMWARE_MOUNT_POINT) $(BT_FIRMWARE_MOUNT_POINT) $(DSP_MOUNT_POINT) endif It shows that if TARGET_DEVICE equals socrates, the build system will proceed to include all Makefiles in this directory and define some mount points here. AndroidProduct.mk This file is typically used to include the os_codename.mk file below and define COMMON_LUNCH_CHOICES. It defines the types supported by the device during lunch (generally distinguishing between user, userdebug, and eng builds). Note: COMMON_LUNCH_CHOICES seems to have been removed in Android 14 and above builds. BoardConfig.mk {alert type="info"} In common trees (if they exist), this is often named BoardConfigCommon.mk {/alert} As the name suggests, this is the board configuration file for the phone. It generally defines things like CPU architecture, partition sizes, kernel parameters, etc. It usually includes the SEPolicy folder, various prop files, manifest.xml, FCM, and other hardware-related parameters. Most configurations here are generally reusable across different ROMs. device.mk {alert type="info"} In common trees (if they exist), this is often named soc.mk or common.mk. For example, it's named sdm845.mk in Xiaomi's sdm845-common and lito.mk in Xiaomi's sm7250-common. {/alert} This file generally defines services within the Android operating system, includes various libraries, copies permission files (e.g., LineageOS/android_device_xiaomi_sdm845-common/blob/lineage-22.1/sdm845.mk#L26-L62). Some of the content here is reusable across different ROMs; please decide based on the specific situation. os_codename.mk This file typically defines content highly specific to the current ROM. For example, using socrates: # # Copyright (C) 2024 The LineageOS Project # # SPDX-License-Identifier: Apache-2.0 # # Inherit common AOSP configurations $(call inherit-product, build/make/target/product/full_base_telephony.mk) $(call inherit-product, build/make/target/product/core_64_bit_only.mk) # Inherit device-specific configurations $(call inherit-product, device/xiaomi/socrates/device.mk) # Inherit LineageOS configurations $(call inherit-product, vendor/lineage/config/common_full_phone.mk) PRODUCT_NAME := lineage_socrates PRODUCT_DEVICE := socrates PRODUCT_MODEL := Redmi K60 Pro PRODUCT_BRAND := Redmi PRODUCT_MANUFACTURER := Xiaomi BUILD_FINGERPRINT := Redmi/socrates/socrates:14/UKQ1.230804.001/V816.0.11.0.UMKCNXM:user/release-keys It includes necessary configurations for the build and LineageOS configurations. Referencing different configuration files here can set the operating system bitness and distinguish between tablet and phone. For instance, including build/make/target/product/core_64_bit_only.mk means the ROM built from this device tree only supports 64-bit apps. If core_64_bit.mk were included instead, it would also support 32-bit apps. Including vendor/lineage/config/common_full_phone.mk indicates adaptation for a phone-type device. For a tablet-type device, common_full_tablet.mk or common_full_tablet_wifionly.mk would be included. The section below defines device-related information like manufacturer, brand, device codename, and model. Prop Files These define Property attributes within the system, functioning similarly to prop files inside the system. They define entries required by software that relies on props for settings. It's recommended to refer to online introductions for details, as we won't elaborate much here. Overlay Official introduction: Android Overlay is a resource replacement mechanism that allows replacing resource files without repackaging the APK (res directory, not assets directory). Personal understanding: Used to replace and override specific content in the res XML of specified software within the system, allowing modifications to system settings, toggles, etc. For example: https://github.com/LineageOS/android_device_xiaomi_socrates/blob/lineage-22.1/overlay/SystemUIOverlaySocrates/res/values/config.xml#L24 {collapse} {collapse-item label="Expand Code"} <?xml version="1.0" encoding="utf-8"?> <!-- /* ** Copyright 2009, The Android Open Source Project ** ** Licensed under the Apache License, Version 2.0 (the "License"); ** you may not use this file except in compliance with the License. ** You may obtain a copy of the License at ** ** http://www.apache.org/licenses/LICENSE-2.0 ** ** Unless required by applicable law or agreed to in writing, software ** distributed under the License is distributed on an "AS IS" BASIS, ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ** See the License for the specific language governing permissions and ** limitations under the License. */ --> <!-- These resources are around just to allow their values to be customized for different hardware and product builds. --> <resources> <!-- Doze: does this device support STATE_DOZE? --> <bool name="doze_display_state_supported">true</bool><!--这一行--> <!-- Color of the UDFPS pressed view --> <color name="config_udfpsColor">#00FFFFFF</color> <!-- paddings for container with status icons and battery --> <dimen name="status_bar_icons_padding_start">0dp</dimen> <dimen name="status_bar_icons_padding_end">0dp</dimen> <!-- the padding on the start of the statusbar --> <dimen name="status_bar_padding_start">10dp</dimen> <!-- the padding on the end of the statusbar --> <dimen name="status_bar_padding_end">4dp</dimen> </resources> {/collapse-item} {/collapse} This modifies the variable of the same name here: https://github.com/LineageOS/android_frameworks_base/blob/lineage-22.1/packages/SystemUI/res/values/config.xml#L175 and thereby indicates whether the device supports Doze display:https://github.com/LineageOS/android_frameworks_base/blob/472a48741ac22537b3a0d1c0b87dbff2c1c2af8f/packages/SystemUI/src/com/android/systemui/statusbar/phone/DozeParameters.java#L185-L187 When writing overlays, one generally needs to reference the definitions of items in the res within the system and replace their values as needed. .dependencies Files As the name implies, dependencies. This file defines which dependent repositories are needed to use this device tree, encoded in JSON. The basic format is as follows: [ { "repository": "", "target_path": "", "branch": "", "remote": "" }, { "repository": "", "target_path": "", "branch": "", "remote": "" } ] Parameter details: remote: The remote address, corresponding to the remote address in the main source tree's manifest. This parameter is optional. If not specified, it defaults to cloning from the default remote address in the main source tree's manifest. repository: The repository address, i.e., this repository under the remote address. Required. branch: The branch corresponding to the branch used when downloading from the specified repository. Optional. If not specified, it defaults to the same branch as the main source tree. target_path: The clone target path. Required. clone-path: The clone depth, similar to the --depth parameter in the git clone command. Optional. If not specified, it defaults to a full download (same logic as the git command). revision: Can be understood as the branch. Optional. Therefore, a simplest dependencies file without the optional parameters can look like this: https://github.com/LineageOS/android_device_xiaomi_equuleus/blob/lineage-22.1/lineage.dependencies [ { "repository": "android_device_xiaomi_sdm845-common", "target_path": "device/xiaomi/sdm845-common" } ] When using commands like breakfast that automatically download supported device trees, this file is used to integrate the required repositories into the main source tree's manifest and download them together. extract-files.py, setup-makefiles.py, and proprietary-files.txt These files are used when generating the Vendor tree. Generally, the required blobs are listed in proprietary-files.txt, then extract-files.py is run to extract blobs from the system or a dump and create the vendor tree. That's all for now, more may be added later.