Image build configurations for operating system images
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

171 lines
4.2 KiB

11 months ago
#!/bin/sh -eux
cleanup() {
# The order here is important if you don't want to hose your mounts
umount -Rf "$root"/boot || true
umount -Rf "$root" || true
qemu-nbd --disconnect /dev/nbd0 || true
rm -rf "$root" || true
mkdir -p "$arch"
qemu-img create -f qcow2 $arch/root.img.qcow2 25G
11 months ago
modprobe nbd
qemu-nbd --connect=/dev/nbd0 $arch/root.img.qcow2
trap cleanup EXIT
11 months ago
sleep 1
11 months ago
dd if=/usr/lib/syslinux/bios/mbr.bin of=/dev/nbd0 bs=1 count=440
sfdisk --no-reread /dev/nbd0 << EOF
mkdir -p "$root"
mkfs.ext4 /dev/nbd0p1
mkfs.ext4 /dev/nbd0p2
mount /dev/nbd0p2 "$root"
mkdir -p "$root"/boot
mount /dev/nbd0p1 "$root"/boot
pacstrap root base base-devel git openssh mkinitcpio linux syslinux pacutils
run_root() {
local cmd="$@"
chroot $root /bin/bash -c "$cmd"
run_normal() {
local cmd="$@"
chroot --userspec=$SUDO_UID:$SUDO_GID \
$root \
/bin/bash -c "cd /home/cyberian && $cmd"
echo 'Server =$repo/os/$arch' >> $root/etc/pacman.d/mirrorlist
echo ' localhost.localdomain localhost' > $root/etc/hosts
echo '::1 localhost.localdomain localhost' >> $root/etc/hosts
mount --bind /proc $root/proc
mount --bind /sys $root/sys
mount --bind /dev $root/dev
mount --bind /dev/pts $root/dev/pts
mount --bind /dev/shm $root/dev/shm
mount --bind /run $root/run
cp mkinitcpio.conf $root/etc
cp pacman.conf $root/etc
reflector --protocol https --latest 30 --sort rate --save $root/etc/pacman.d/mirrorlist
mkdir -p $root/etc/pacman.d/hooks/
ln -s /dev/null $root/etc/pacman.d/hooks/90-linux.hook
sed -i 's/#en_US.UTF-8/en_US.UTF-8/' $root/etc/locale.gen
run_root locale-gen
cat >"$root"/etc/systemd/network/ <<EOF
run_root systemctl enable systemd-networkd.service
run_root systemctl enable systemd-resolved.service
run_root systemctl enable systemd-timesyncd.service
run_root mkinitcpio -p linux
run_root groupadd sudo
run_root useradd -mG sudo cyberian
run_root passwd -d cyberian
echo '%sudo ALL=(ALL) NOPASSWD: ALL' >> $root/etc/sudoers
11 months ago
11 months ago
run_root mkdir -p "/home/cyberian/.ssh"
run_root chmod 700 "/home/cyberian/.ssh"
run_root chown cyberian "/home/cyberian/.ssh"
sed -e 's/#PasswordAuthentication yes/PasswordAuthentication no/' -i $root/etc/ssh/sshd_config
11 months ago
sed -e 's/#PermitRootLogin prohibit-password/PermitRootLogin no/' -i $root/etc/ssh/sshd_config
11 months ago
run_root systemctl enable sshd
cat >> "$root"/etc/fstab << EOF
/dev/vda1 /boot ext4 rw,relatime,data=ordered 0 0
/dev/vda2 / ext4 rw,relatime,data=ordered 0 0
extlinux -i "$root"/boot
cat > "$root"/boot/extlinux.conf <<- EOF
serial 0 115200
11 months ago
default archlinux
label archlinux
linux vmlinuz-linux
initrd initramfs-linux.img
append root=/dev/vda2 rw console=tty0 console=ttyS0,115200 quiet
11 months ago
echo "makeopts=(--skippgpcheck)" >> $root/etc/makepkg.conf
run_normal curl -O
run_normal tar xf yay.tar.gz
run_normal 'cd yay && env GOCACHE=/tmp/cache makepkg -si --noconfirm --skippgpcheck'
run_normal rm -rf /tmp/cache yay yay.tar.gz
# capsul-init
cat > $root/etc/motd <<-EOF
welcome, cyberian ^(;,;)^
your machine awaits
btw this is arch
cat > $root/bin/capsul-init <<-EOF
until mount -t iso9660 -o ro /dev/sr0 /mnt; do
sleep 1
cat >> "/home/cyberian/.ssh/authorized_keys" <<EOW
11 months ago
\$(grep '\- ssh' /mnt/user-data | cut -d ' ' -f 8-)
chmod 600 "/home/cyberian/.ssh/authorized_keys"
chown cyberian.cyberian "/home/cyberian/.ssh/authorized_keys"
resize2fs /dev/vda2
systemctl disable capsul-init
systemctl daemon-reload
umount /mnt
11 months ago
rm /etc/systemd/system/capsul-init.service
rm /bin/capsul-init
chmod +x $root/bin/capsul-init
cat > $root/etc/systemd/system/capsul-init.service <<-EOF
Description=init capsul and EXPLODE
11 months ago
run_root systemctl daemon-reload
run_root systemctl enable capsul-init
# cleanup
run_root rm -f /etc/ssh/*key /etc/ssh/*pub
find $root/var/db -type f -name "dhclient.leases.*" | xargs rm -f
run_root pacman --noconfirm -Rs go
paccache -rk0 -c "$root/var/cache/pacman/pkg"
pkill gpg-agent || true