Commit ebeb0bcb authored by Kristian Klausen's avatar Kristian Klausen

Merge http/* into build-inside-vm.sh

parent 23e02f3f
......@@ -12,14 +12,14 @@ shellcheck:
before_script:
- pacman -Syu --needed --noconfirm shellcheck
script:
- shellcheck **/*.sh
- shellcheck *.sh
shfmt:
stage: lint
before_script:
- pacman -Syu --needed --noconfirm shfmt
script:
- shfmt -i 2 -ci -d **/*.sh
- shfmt -i 2 -ci -d *.sh
.build:
stage: build
......
......@@ -118,7 +118,7 @@ function main() {
expect "# "
send "mkfs.ext4 /dev/vda && mkdir /mnt/scratch-disk/ && mount /dev/vda /mnt/scratch-disk && cd /mnt/scratch-disk\n"
expect "# "
send "cp -a /mnt/arch-boxes/{box.ovf,build-inside-vm.sh,http} .\n"
send "cp -a /mnt/arch-boxes/{box.ovf,build-inside-vm.sh} .\n"
expect "# "
send "mkdir pkg && mount --bind pkg /var/cache/pacman/pkg\n"
expect "# "
......
......@@ -98,6 +98,63 @@ function postinstall() {
arch-chroot "${MOUNT}" /usr/bin/locale-gen
arch-chroot "${MOUNT}" /usr/bin/systemd-firstboot --locale=en_US.UTF-8 --timezone=UTC --hostname=archlinux --keymap=us
ln -sf /run/systemd/resolve/stub-resolv.conf "${MOUNT}/etc/resolv.conf"
# Setup pacman-init.service for clean pacman keyring initialization
cat <<EOF >"${MOUNT}/etc/systemd/system/pacman-init.service"
[Unit]
Description=Initializes Pacman keyring
Wants=haveged.service
After=haveged.service
Before=sshd.service cloud-final.service
ConditionFirstBoot=yes
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/bin/pacman-key --init
ExecStart=/usr/bin/pacman-key --populate archlinux
[Install]
WantedBy=multi-user.target
EOF
# Add service for running reflector on first boot
cat <<EOF >"${MOUNT}/etc/systemd/system/reflector-init.service"
[Unit]
Description=Initializes mirrors for the VM
After=network-online.target
Wants=network-online.target
Before=sshd.service cloud-final.service
ConditionFirstBoot=yes
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=reflector --latest 20 --protocol https --sort rate --save /etc/pacman.d/mirrorlist
[Install]
WantedBy=multi-user.target
EOF
# enabling important services
arch-chroot "${MOUNT}" /bin/bash -e <<EOF
. /etc/profile
systemctl enable sshd
systemctl enable haveged
systemctl enable systemd-networkd
systemctl enable systemd-resolved
systemctl enable systemd-timesyncd
systemctl enable pacman-init.service
systemctl enable reflector-init.service
EOF
# GRUB
arch-chroot "${MOUNT}" /usr/bin/grub-install --target=i386-pc "${LOOPDEV}"
sed -i 's/^GRUB_TIMEOUT=.*$/GRUB_TIMEOUT=1/' "${MOUNT}/etc/default/grub"
# setup unpredictable kernel names
sed -i 's/^GRUB_CMDLINE_LINUX=.*$/GRUB_CMDLINE_LINUX="net.ifnames=0"/' "${MOUNT}/etc/default/grub"
sed -i 's/^GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT=\"rootflags=compress-force=zstd\"/' "${MOUNT}/etc/default/grub"
arch-chroot "${MOUNT}" /usr/bin/grub-mkconfig -o /boot/grub/grub.cfg
}
# Cleanup the image and trim it
......@@ -167,7 +224,6 @@ function create_image() {
}
function cloud_image() {
arch-chroot "${MOUNT}" /bin/bash < <(cat "${ORIG_PWD}"/http/install-common.sh)
# The growpart module[1] requires the growpart program, provided by the
# cloud-guest-utils package
# [1] https://cloudinit.readthedocs.io/en/latest/topics/modules.html#growpart
......@@ -181,8 +237,37 @@ function cloud_image_post() {
}
function vagrant_common() {
arch-chroot "${MOUNT}" /bin/bash < <(cat "${ORIG_PWD}"/http/install-{vagrant,common}.sh)
arch-chroot "${MOUNT}" /usr/bin/pacman -S --noconfirm netctl polkit
NEWUSER="vagrant"
# setting the user credentials
arch-chroot "${MOUNT}" /usr/bin/useradd -m -U "${NEWUSER}"
echo -e "${NEWUSER}\n${NEWUSER}" | arch-chroot "${MOUNT}" /usr/bin/passwd "${NEWUSER}"
# setting sudo for the user
cat <<EOF >"${MOUNT}/etc/sudoers.d/${NEWUSER}"
Defaults:${NEWUSER} !requiretty
${NEWUSER} ALL=(ALL) NOPASSWD: ALL
EOF
chmod 440 "${MOUNT}/etc/sudoers.d/${NEWUSER}"
# setup network
cat <<EOF >"${MOUNT}/etc/systemd/network/eth0.network"
[Match]
Name=eth0
[Network]
DHCP=ipv4
EOF
# install vagrant ssh key
arch-chroot "${MOUNT}" /bin/bash -e <<EOF
install --directory --owner=vagrant --group=vagrant --mode=0700 /home/vagrant/.ssh
curl --output /home/vagrant/.ssh/authorized_keys --location https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub
chown vagrant:vagrant /home/vagrant/.ssh/authorized_keys
chmod 0600 /home/vagrant/.ssh/authorized_keys
EOF
# setting automatic authentication for any action requiring admin rights via Polkit
cat <<EOF >"${MOUNT}/etc/polkit-1/rules.d/49-nopasswd_global.rules"
polkit.addRule(function(action, subject) {
......@@ -255,8 +340,6 @@ function main() {
setup_disk
bootstrap
postinstall
# We run it here as it is the easiest solution and we do not want anything to go wrong!
arch-chroot "${MOUNT}" grub-install --target=i386-pc "${LOOPDEV}"
unmount_image
local build_version
......
#!/bin/bash
set -e
set -x
# Setup pacman-init.service for clean pacman keyring initialization
cat <<EOF >/etc/systemd/system/pacman-init.service
[Unit]
Description=Initializes Pacman keyring
Wants=haveged.service
After=haveged.service
Before=sshd.service cloud-final.service
ConditionFirstBoot=yes
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/bin/pacman-key --init
ExecStart=/usr/bin/pacman-key --populate archlinux
[Install]
WantedBy=multi-user.target
EOF
# Add service for running reflector on first boot
cat <<EOF >/etc/systemd/system/reflector-init.service
[Unit]
Description=Initializes mirrors for the VM
After=network-online.target
Wants=network-online.target
Before=sshd.service cloud-final.service
ConditionFirstBoot=yes
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=reflector --latest 20 --protocol https --sort rate --save /etc/pacman.d/mirrorlist
[Install]
WantedBy=multi-user.target
EOF
# enabling important services
systemctl enable sshd
systemctl enable haveged
systemctl enable systemd-networkd
systemctl enable systemd-resolved
systemctl enable systemd-timesyncd
systemctl enable pacman-init.service
systemctl enable reflector-init.service
sed -i 's/^GRUB_TIMEOUT=.*$/GRUB_TIMEOUT=1/' /etc/default/grub
# setup unpredictable kernel names
sed -i 's/^GRUB_CMDLINE_LINUX=.*$/GRUB_CMDLINE_LINUX="net.ifnames=0"/' /etc/default/grub
sed -i 's/^GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT=\"rootflags=compress-force=zstd\"/' /etc/default/grub
grub-mkconfig -o /boot/grub/grub.cfg
if declare -f post >/dev/null; then
post
fi
#!/bin/bash
# shellcheck disable=SC2034
NEWUSER="vagrant"
post() {
# setting the user credentials
useradd -m -U "${NEWUSER}"
echo -e "${NEWUSER}\n${NEWUSER}" | passwd "${NEWUSER}"
# setting sudo for the user
cat <<EOF >"/etc/sudoers.d/${NEWUSER}"
Defaults:${NEWUSER} !requiretty
${NEWUSER} ALL=(ALL) NOPASSWD: ALL
EOF
chmod 440 "/etc/sudoers.d/${NEWUSER}"
# setup network
cat <<EOF >/etc/systemd/network/eth0.network
[Match]
Name=eth0
[Network]
DHCP=ipv4
EOF
# install vagrant ssh key
install --directory --owner=vagrant --group=vagrant --mode=0700 /home/vagrant/.ssh
curl --output /home/vagrant/.ssh/authorized_keys --location https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub
chown vagrant:vagrant /home/vagrant/.ssh/authorized_keys
chmod 0600 /home/vagrant/.ssh/authorized_keys
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment