Image build configurations for capsul.org operating system images
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

170 lines
4.2 KiB

#!/bin/sh -eux
root=root
arch=x86_64
cleanup() {
# The order here is important if you don't want to hose your mounts
umount -Rf "$root"/boot || true
umount -Rf "$root" || true
qemu-nbd --disconnect /dev/nbd0 || true
rm -rf "$root" || true
}
mkdir -p "$arch"
qemu-img create -f qcow2 $arch/root.img.qcow2 25G
modprobe nbd
qemu-nbd --connect=/dev/nbd0 $arch/root.img.qcow2
trap cleanup EXIT
sleep 1
dd if=/usr/lib/syslinux/bios/mbr.bin of=/dev/nbd0 bs=1 count=440
sfdisk --no-reread /dev/nbd0 << EOF
1M,100M,L,*
,,L
EOF
mkdir -p "$root"
mkfs.ext4 /dev/nbd0p1
mkfs.ext4 /dev/nbd0p2
mount /dev/nbd0p2 "$root"
mkdir -p "$root"/boot
mount /dev/nbd0p1 "$root"/boot
pacstrap root base base-devel git openssh mkinitcpio linux syslinux pacutils
run_root() {
local cmd="$@"
chroot $root /bin/bash -c "$cmd"
}
run_normal() {
local cmd="$@"
chroot --userspec=$SUDO_UID:$SUDO_GID \
$root \
/bin/bash -c "cd /home/cyberian && $cmd"
}
echo 'Server = http://lug.mtu.edu/archlinux/$repo/os/$arch' >> $root/etc/pacman.d/mirrorlist
echo '127.0.0.1 localhost.localdomain localhost' > $root/etc/hosts
echo '::1 localhost.localdomain localhost' >> $root/etc/hosts
mount --bind /proc $root/proc
mount --bind /sys $root/sys
mount --bind /dev $root/dev
mount --bind /dev/pts $root/dev/pts
mount --bind /dev/shm $root/dev/shm
mount --bind /run $root/run
cp mkinitcpio.conf $root/etc
cp pacman.conf $root/etc
reflector --protocol https --latest 30 --sort rate --save $root/etc/pacman.d/mirrorlist
mkdir -p $root/etc/pacman.d/hooks/
ln -s /dev/null $root/etc/pacman.d/hooks/90-linux.hook
sed -i 's/#en_US.UTF-8/en_US.UTF-8/' $root/etc/locale.gen
run_root locale-gen
cat >"$root"/etc/systemd/network/25-ens3.network <<EOF
[Match]
Name=ens3
[Network]
DHCP=yes
EOF
run_root systemctl enable systemd-networkd.service
run_root systemctl enable systemd-resolved.service
run_root systemctl enable systemd-timesyncd.service
run_root mkinitcpio -p linux
run_root groupadd sudo
run_root useradd -mG sudo cyberian
run_root passwd -d cyberian
echo '%sudo ALL=(ALL) NOPASSWD: ALL' >> $root/etc/sudoers
run_root mkdir -p "/home/cyberian/.ssh"
run_root chmod 700 "/home/cyberian/.ssh"
run_root chown cyberian "/home/cyberian/.ssh"
sed -e 's/#PasswordAuthentication yes/PasswordAuthentication no/' -i $root/etc/ssh/sshd_config
sed -e 's/#PermitRootLogin prohibit-password/PermitRootLogin no/' -i $root/etc/ssh/sshd_config
run_root systemctl enable sshd
cat >> "$root"/etc/fstab << EOF
/dev/vda1 /boot ext4 rw,relatime,data=ordered 0 0
/dev/vda2 / ext4 rw,relatime,data=ordered 0 0
EOF
extlinux -i "$root"/boot
cat > "$root"/boot/extlinux.conf <<- EOF
serial 0 115200
default archlinux
label archlinux
linux vmlinuz-linux
initrd initramfs-linux.img
append root=/dev/vda2 rw console=tty0 console=ttyS0,115200 quiet
EOF
echo "makeopts=(--skippgpcheck)" >> $root/etc/makepkg.conf
run_normal curl -O https://aur.archlinux.org/cgit/aur.git/snapshot/yay.tar.gz
run_normal tar xf yay.tar.gz
run_normal 'cd yay && env GOCACHE=/tmp/cache makepkg -si --noconfirm --skippgpcheck'
run_normal rm -rf /tmp/cache yay yay.tar.gz
# capsul-init
cat > $root/etc/motd <<-EOF
welcome, cyberian ^(;,;)^
your machine awaits
btw this is arch
EOF
cat > $root/bin/capsul-init <<-EOF
#!/bin/sh
until mount -t iso9660 -o ro /dev/sr0 /mnt; do
sleep 1
done
cat >> "/home/cyberian/.ssh/authorized_keys" <<EOW
\$(grep '\- ssh' /mnt/user-data | cut -d ' ' -f 8-)
EOW
chmod 600 "/home/cyberian/.ssh/authorized_keys"
chown cyberian.cyberian "/home/cyberian/.ssh/authorized_keys"
resize2fs /dev/vda2
systemctl disable capsul-init
systemctl daemon-reload
umount /mnt
rm /etc/systemd/system/capsul-init.service
rm /bin/capsul-init
EOF
chmod +x $root/bin/capsul-init
cat > $root/etc/systemd/system/capsul-init.service <<-EOF
[Unit]
Description=init capsul and EXPLODE
After=multi-user.target
[Service]
Type=oneshot
ExecStart=/bin/capsul-init
[Install]
WantedBy=multi-user.target
EOF
run_root systemctl daemon-reload
run_root systemctl enable capsul-init
# cleanup
run_root rm -f /etc/ssh/*key /etc/ssh/*pub
find $root/var/db -type f -name "dhclient.leases.*" | xargs rm -f
run_root pacman --noconfirm -Rs go
paccache -rk0 -c "$root/var/cache/pacman/pkg"
pkill gpg-agent || true