Commit b9f0c26c authored by Kristian Klausen's avatar Kristian Klausen 🎉 Committed by Christian Rebischke
Browse files

Move common cloud/chroot code to its own script


Signed-off-by: Kristian Klausen's avatarKristian Klausen <kristian@klausen.dk>
parent fa8ec26d
......@@ -39,8 +39,8 @@
],
"boot_command": [
"<enter><wait10><wait10><wait10><wait10><wait10><enter><enter>",
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-cloud}.sh'<enter><wait>",
"bash install.sh < install-cloud.sh && systemctl reboot<enter>"
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-common,-cloud}.sh'<enter><wait>",
"bash install.sh < <(cat install-{cloud,common}.sh) && systemctl reboot<enter>"
]
}
],
......
#!/bin/bash
set -e
set -x
ln -sf /usr/share/zoneinfo/UTC /etc/localtime
sed -i -e 's/^#\(en_US.UTF-8\)/\1/' /etc/locale.gen
locale-gen
echo 'LANG=en_US.UTF-8' >/etc/locale.conf
# setting vagrant user credentials
echo -e 'vagrant\nvagrant' | passwd
useradd -m -U vagrant
echo -e 'vagrant\nvagrant' | passwd vagrant
# setting automatic authentication for any action requiring admin rights via Polkit
cat <<EOF >/etc/polkit-1/rules.d/49-nopasswd_global.rules
polkit.addRule(function(action, subject) {
if (subject.isInGroup("vagrant")) {
return polkit.Result.YES;
}
});
EOF
# setting sudo for vagrant user
cat <<EOF >/etc/sudoers.d/vagrant
Defaults:vagrant !requiretty
vagrant ALL=(ALL) NOPASSWD: ALL
EOF
chmod 440 /etc/sudoers.d/vagrant
# install vagrant ssh key
install --directory --owner=vagrant --group=vagrant --mode=0700 /home/vagrant/.ssh
curl --output /home/vagrant/.ssh/authorized_keys --location https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub
chown vagrant:vagrant /home/vagrant/.ssh/authorized_keys
chmod 0600 /home/vagrant/.ssh/authorized_keys
# setup network
cat <<EOF >/etc/systemd/network/eth0.network
[Match]
Name=eth0
[Network]
DHCP=ipv4
EOF
# Setup pacman-init.service for clean pacman keyring initialization
cat <<EOF >/etc/systemd/system/pacman-init.service
[Unit]
Description=Initializes Pacman keyring
Wants=haveged.service
After=haveged.service
Before=sshd.service
ConditionFirstBoot=yes
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/bin/pacman-key --init
ExecStart=/usr/bin/pacman-key --populate archlinux
[Install]
WantedBy=multi-user.target
EOF
# Add service for running reflector on first boot
cat <<EOF >/etc/systemd/system/reflector-init.service
[Unit]
Description=Initializes mirrors for the VM
After=network.target
Wants=network.target
ConditionFirstBoot=yes
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=reflector --age 12 --protocol https --sort rate --save /etc/pacman.d/mirrorlist
[Install]
WantedBy=multi-user.target
EOF
# enabling important services
systemctl daemon-reload
systemctl enable sshd
systemctl enable haveged
systemctl enable systemd-networkd
systemctl enable systemd-resolved
systemctl enable pacman-init.service
systemctl enable reflector-init.service
if [ -b "/dev/sda" ]; then
grub-install /dev/sda
elif [ -b "/dev/vda" ]; then
grub-install /dev/vda
fi
sed -i -e 's/^GRUB_TIMEOUT=.*$/GRUB_TIMEOUT=1/' /etc/default/grub
# setup unpredictable kernel names
sed -i -e 's/^GRUB_CMDLINE_LINUX=.*$/GRUB_CMDLINE_LINUX="net.ifnames=0"/' /etc/default/grub
grub-mkconfig -o /boot/grub/grub.cfg
# shellcheck disable=SC2034
NEWUSER="vagrant"
post() {
# install vagrant ssh key
install --directory --owner=vagrant --group=vagrant --mode=0700 /home/vagrant/.ssh
curl --output /home/vagrant/.ssh/authorized_keys --location https://raw.github.com/mitchellh/vagrant/master/keys/vagrant.pub
chown vagrant:vagrant /home/vagrant/.ssh/authorized_keys
chmod 0600 /home/vagrant/.ssh/authorized_keys
}
#!/bin/bash
set -e
set -x
ln -sf /usr/share/zoneinfo/UTC /etc/localtime
sed -i -e 's/^#\(en_US.UTF-8\)/\1/' /etc/locale.gen
locale-gen
echo 'LANG=en_US.UTF-8' >/etc/locale.conf
# setting arch user credentials
echo -e 'arch\narch' | passwd
useradd -m -U arch
echo -e 'arch\narch' | passwd arch
# setting automatic authentication for any action requiring admin rights via Polkit
cat <<EOF >/etc/polkit-1/rules.d/49-nopasswd_global.rules
polkit.addRule(function(action, subject) {
if (subject.isInGroup("arch")) {
return polkit.Result.YES;
}
});
EOF
# setting sudo for arch user
cat <<EOF >/etc/sudoers.d/arch
Defaults:arch !requiretty
arch ALL=(ALL) NOPASSWD: ALL
EOF
chmod 440 /etc/sudoers.d/arch
# setup network
cat <<EOF >/etc/systemd/network/eth0.network
[Match]
Name=eth0
[Network]
DHCP=ipv4
EOF
# Setup pacman-init.service for clean pacman keyring initialization
cat <<EOF >/etc/systemd/system/pacman-init.service
[Unit]
Description=Initializes Pacman keyring
Wants=haveged.service
After=haveged.service
Before=sshd.service
ConditionFirstBoot=yes
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/bin/pacman-key --init
ExecStart=/usr/bin/pacman-key --populate archlinux
[Install]
WantedBy=multi-user.target
EOF
# Add service for running reflector on first boot
cat <<EOF >/etc/systemd/system/reflector-init.service
[Unit]
Description=Initializes mirrors for the VM
After=network.target
Wants=network.target
ConditionFirstBoot=yes
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=reflector --age 12 --protocol https --sort rate --save /etc/pacman.d/mirrorlist
[Install]
WantedBy=multi-user.target
EOF
# enabling important services
systemctl daemon-reload
systemctl enable sshd
systemctl enable haveged
systemctl enable systemd-networkd
systemctl enable systemd-resolved
systemctl enable pacman-init.service
systemctl enable reflector-init.service
if [ -b "/dev/sda" ]; then
grub-install /dev/sda
elif [ -b "/dev/vda" ]; then
grub-install /dev/vda
fi
sed -i -e 's/^GRUB_TIMEOUT=.*$/GRUB_TIMEOUT=1/' /etc/default/grub
# setup unpredictable kernel names
sed -i -e 's/^GRUB_CMDLINE_LINUX=.*$/GRUB_CMDLINE_LINUX="net.ifnames=0"/' /etc/default/grub
grub-mkconfig -o /boot/grub/grub.cfg
# shellcheck disable=SC2034
NEWUSER="arch"
#!/bin/bash
set -e
set -x
ln -sf /usr/share/zoneinfo/UTC /etc/localtime
sed -i -e 's/^#\(en_US.UTF-8\)/\1/' /etc/locale.gen
locale-gen
echo 'LANG=en_US.UTF-8' >/etc/locale.conf
# setting the user credentials
echo -e "${NEWUSER}\n${NEWUSER}" | passwd
useradd -m -U "${NEWUSER}"
echo -e "${NEWUSER}\n${NEWUSER}" | passwd "${NEWUSER}"
# setting automatic authentication for any action requiring admin rights via Polkit
cat <<EOF >/etc/polkit-1/rules.d/49-nopasswd_global.rules
polkit.addRule(function(action, subject) {
if (subject.isInGroup("${NEWUSER}")) {
return polkit.Result.YES;
}
});
EOF
# setting sudo for the user
cat <<EOF >"/etc/sudoers.d/${NEWUSER}"
Defaults:${NEWUSER} !requiretty
${NEWUSER} ALL=(ALL) NOPASSWD: ALL
EOF
chmod 440 "/etc/sudoers.d/${NEWUSER}"
# setup network
cat <<EOF >/etc/systemd/network/eth0.network
[Match]
Name=eth0
[Network]
DHCP=ipv4
EOF
# Setup pacman-init.service for clean pacman keyring initialization
cat <<EOF >/etc/systemd/system/pacman-init.service
[Unit]
Description=Initializes Pacman keyring
Wants=haveged.service
After=haveged.service
Before=sshd.service
ConditionFirstBoot=yes
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/bin/pacman-key --init
ExecStart=/usr/bin/pacman-key --populate archlinux
[Install]
WantedBy=multi-user.target
EOF
# Add service for running reflector on first boot
cat <<EOF >/etc/systemd/system/reflector-init.service
[Unit]
Description=Initializes mirrors for the VM
After=network.target
Wants=network.target
ConditionFirstBoot=yes
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=reflector --age 12 --protocol https --sort rate --save /etc/pacman.d/mirrorlist
[Install]
WantedBy=multi-user.target
EOF
# enabling important services
systemctl daemon-reload
systemctl enable sshd
systemctl enable haveged
systemctl enable systemd-networkd
systemctl enable systemd-resolved
systemctl enable pacman-init.service
systemctl enable reflector-init.service
if [ -b "/dev/sda" ]; then
grub-install /dev/sda
elif [ -b "/dev/vda" ]; then
grub-install /dev/vda
fi
sed -i -e 's/^GRUB_TIMEOUT=.*$/GRUB_TIMEOUT=1/' /etc/default/grub
# setup unpredictable kernel names
sed -i -e 's/^GRUB_CMDLINE_LINUX=.*$/GRUB_CMDLINE_LINUX="net.ifnames=0"/' /etc/default/grub
grub-mkconfig -o /boot/grub/grub.cfg
if declare -f post >/dev/null; then
post
fi
......@@ -44,8 +44,8 @@
],
"boot_command": [
"<enter><wait10><wait10><wait10><wait10><wait10><enter><enter>",
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-chroot}.sh'<enter><wait>",
"bash install.sh < install-chroot.sh && systemctl reboot<enter>"
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-common,-chroot}.sh'<enter><wait>",
"bash install.sh <(cat install-{chroot,common}.sh) && systemctl reboot<enter>"
]
}, {
"type": "qemu",
......@@ -73,8 +73,8 @@
],
"boot_command": [
"<enter><wait10><wait10><wait10><wait10><wait10><enter><enter>",
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-chroot}.sh'<enter><wait>",
"bash install.sh < install-chroot.sh && systemctl reboot<enter>"
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-common,-chroot}.sh'<enter><wait>",
"bash install.sh <(cat install-{chroot,common}.sh) && systemctl reboot<enter>"
]
}, {
"type": "vmware-iso",
......@@ -94,8 +94,8 @@
"cpus": "{{user `cpus`}}",
"boot_command": [
"<enter><wait10><wait10><wait10><wait10><wait10><enter><enter>",
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-chroot}.sh'<enter><wait>",
"bash install.sh < install-chroot.sh && systemctl reboot<enter>"
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-common,-chroot}.sh'<enter><wait>",
"bash install.sh <(cat install-{chroot,common}.sh) && systemctl reboot<enter>"
]
}
......
......@@ -44,8 +44,8 @@
],
"boot_command": [
"<enter><wait10><wait10><wait10><wait10><wait10><enter><enter>",
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-chroot}.sh'<enter><wait>",
"bash install.sh < install-chroot.sh && systemctl reboot<enter>"
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-common,-chroot}.sh'<enter><wait>",
"bash install.sh <(cat install-{chroot,common}.sh) && systemctl reboot<enter>"
]
}, {
"type": "qemu",
......@@ -73,8 +73,8 @@
],
"boot_command": [
"<enter><wait10><wait10><wait10><wait10><wait10><enter><enter>",
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-chroot}.sh'<enter><wait>",
"bash install.sh < install-chroot.sh && systemctl reboot<enter>"
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-common,-chroot}.sh'<enter><wait>",
"bash install.sh <(cat install-{chroot,common}.sh) && systemctl reboot<enter>"
]
}, {
"type": "vmware-iso",
......@@ -94,8 +94,8 @@
"cpus": "{{user `cpus`}}",
"boot_command": [
"<enter><wait10><wait10><wait10><wait10><wait10><enter><enter>",
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-chroot}.sh'<enter><wait>",
"bash install.sh < install-chroot.sh && systemctl reboot<enter>"
"curl -O 'http://{{.HTTPIP}}:{{.HTTPPort}}/install{,-common,-chroot}.sh'<enter><wait>",
"bash install.sh <(cat install-{chroot,common}.sh) && systemctl reboot<enter>"
]
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment