You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
170 lines
4.2 KiB
170 lines
4.2 KiB
#!/bin/sh -eux |
|
root=root |
|
arch=x86_64 |
|
|
|
cleanup() { |
|
# The order here is important if you don't want to hose your mounts |
|
umount -Rf "$root"/boot || true |
|
umount -Rf "$root" || true |
|
qemu-nbd --disconnect /dev/nbd0 || true |
|
rm -rf "$root" || true |
|
} |
|
|
|
mkdir -p "$arch" |
|
|
|
qemu-img create -f qcow2 $arch/root.img.qcow2 25G |
|
modprobe nbd |
|
qemu-nbd --connect=/dev/nbd0 $arch/root.img.qcow2 |
|
trap cleanup EXIT |
|
|
|
sleep 1 |
|
dd if=/usr/lib/syslinux/bios/mbr.bin of=/dev/nbd0 bs=1 count=440 |
|
|
|
sfdisk --no-reread /dev/nbd0 << EOF |
|
1M,100M,L,* |
|
,,L |
|
EOF |
|
|
|
mkdir -p "$root" |
|
mkfs.ext4 /dev/nbd0p1 |
|
mkfs.ext4 /dev/nbd0p2 |
|
mount /dev/nbd0p2 "$root" |
|
mkdir -p "$root"/boot |
|
mount /dev/nbd0p1 "$root"/boot |
|
|
|
pacstrap root base base-devel git openssh mkinitcpio linux syslinux pacutils |
|
|
|
run_root() { |
|
local cmd="$@" |
|
chroot $root /bin/bash -c "$cmd" |
|
} |
|
|
|
run_normal() { |
|
local cmd="$@" |
|
chroot --userspec=$SUDO_UID:$SUDO_GID \ |
|
$root \ |
|
/bin/bash -c "cd /home/cyberian && $cmd" |
|
} |
|
|
|
echo 'Server = http://lug.mtu.edu/archlinux/$repo/os/$arch' >> $root/etc/pacman.d/mirrorlist |
|
echo '127.0.0.1 localhost.localdomain localhost' > $root/etc/hosts |
|
echo '::1 localhost.localdomain localhost' >> $root/etc/hosts |
|
|
|
mount --bind /proc $root/proc |
|
mount --bind /sys $root/sys |
|
mount --bind /dev $root/dev |
|
mount --bind /dev/pts $root/dev/pts |
|
mount --bind /dev/shm $root/dev/shm |
|
mount --bind /run $root/run |
|
|
|
cp mkinitcpio.conf $root/etc |
|
cp pacman.conf $root/etc |
|
|
|
reflector --protocol https --latest 30 --sort rate --save $root/etc/pacman.d/mirrorlist |
|
|
|
mkdir -p $root/etc/pacman.d/hooks/ |
|
ln -s /dev/null $root/etc/pacman.d/hooks/90-linux.hook |
|
|
|
sed -i 's/#en_US.UTF-8/en_US.UTF-8/' $root/etc/locale.gen |
|
run_root locale-gen |
|
|
|
cat >"$root"/etc/systemd/network/25-ens3.network <<EOF |
|
[Match] |
|
Name=ens3 |
|
|
|
[Network] |
|
DHCP=yes |
|
EOF |
|
|
|
run_root systemctl enable systemd-networkd.service |
|
run_root systemctl enable systemd-resolved.service |
|
run_root systemctl enable systemd-timesyncd.service |
|
|
|
run_root mkinitcpio -p linux |
|
|
|
run_root groupadd sudo |
|
run_root useradd -mG sudo cyberian |
|
run_root passwd -d cyberian |
|
echo '%sudo ALL=(ALL) NOPASSWD: ALL' >> $root/etc/sudoers |
|
|
|
run_root mkdir -p "/home/cyberian/.ssh" |
|
run_root chmod 700 "/home/cyberian/.ssh" |
|
run_root chown cyberian "/home/cyberian/.ssh" |
|
|
|
sed -e 's/#PasswordAuthentication yes/PasswordAuthentication no/' -i $root/etc/ssh/sshd_config |
|
sed -e 's/#PermitRootLogin prohibit-password/PermitRootLogin no/' -i $root/etc/ssh/sshd_config |
|
run_root systemctl enable sshd |
|
|
|
cat >> "$root"/etc/fstab << EOF |
|
/dev/vda1 /boot ext4 rw,relatime,data=ordered 0 0 |
|
/dev/vda2 / ext4 rw,relatime,data=ordered 0 0 |
|
EOF |
|
|
|
extlinux -i "$root"/boot |
|
|
|
cat > "$root"/boot/extlinux.conf <<- EOF |
|
serial 0 115200 |
|
default archlinux |
|
label archlinux |
|
linux vmlinuz-linux |
|
initrd initramfs-linux.img |
|
append root=/dev/vda2 rw console=tty0 console=ttyS0,115200 quiet |
|
EOF |
|
|
|
echo "makeopts=(--skippgpcheck)" >> $root/etc/makepkg.conf |
|
|
|
run_normal curl -O https://aur.archlinux.org/cgit/aur.git/snapshot/yay.tar.gz |
|
run_normal tar xf yay.tar.gz |
|
run_normal 'cd yay && env GOCACHE=/tmp/cache makepkg -si --noconfirm --skippgpcheck' |
|
run_normal rm -rf /tmp/cache yay yay.tar.gz |
|
|
|
# capsul-init |
|
cat > $root/etc/motd <<-EOF |
|
welcome, cyberian ^(;,;)^ |
|
your machine awaits |
|
|
|
btw this is arch |
|
EOF |
|
|
|
cat > $root/bin/capsul-init <<-EOF |
|
#!/bin/sh |
|
until mount -t iso9660 -o ro /dev/sr0 /mnt; do |
|
sleep 1 |
|
done |
|
cat >> "/home/cyberian/.ssh/authorized_keys" <<EOW |
|
\$(grep '\- ssh' /mnt/user-data | cut -d ' ' -f 8-) |
|
EOW |
|
chmod 600 "/home/cyberian/.ssh/authorized_keys" |
|
chown cyberian.cyberian "/home/cyberian/.ssh/authorized_keys" |
|
resize2fs /dev/vda2 |
|
systemctl disable capsul-init |
|
systemctl daemon-reload |
|
umount /mnt |
|
rm /etc/systemd/system/capsul-init.service |
|
rm /bin/capsul-init |
|
EOF |
|
chmod +x $root/bin/capsul-init |
|
|
|
cat > $root/etc/systemd/system/capsul-init.service <<-EOF |
|
[Unit] |
|
Description=init capsul and EXPLODE |
|
After=multi-user.target |
|
|
|
[Service] |
|
Type=oneshot |
|
ExecStart=/bin/capsul-init |
|
|
|
[Install] |
|
WantedBy=multi-user.target |
|
EOF |
|
|
|
run_root systemctl daemon-reload |
|
run_root systemctl enable capsul-init |
|
|
|
# cleanup |
|
run_root rm -f /etc/ssh/*key /etc/ssh/*pub |
|
find $root/var/db -type f -name "dhclient.leases.*" | xargs rm -f |
|
run_root pacman --noconfirm -Rs go |
|
paccache -rk0 -c "$root/var/cache/pacman/pkg" |
|
|
|
pkill gpg-agent || true
|
|
|