diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2010-11-18 19:32:40 -0200 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2010-11-18 19:32:40 -0200 |
commit | d4abd97cfa9d3c49b0bfee826b03b8b03156b216 (patch) | |
tree | ed36ddeda2f613892e4575269ec374bfd99b58ea | |
parent | 6721dcbac4f17114b11ad957e9059b74eda9e7f4 (diff) | |
download | hydra-d4abd97cfa9d3c49b0bfee826b03b8b03156b216.tar.gz hydra-d4abd97cfa9d3c49b0bfee826b03b8b03156b216.tar.bz2 |
Initial provision code
-rw-r--r-- | lib/hydra/misc | 15 | ||||
-rwxr-xr-x | share/hydractl/provision | 148 |
2 files changed, 163 insertions, 0 deletions
diff --git a/lib/hydra/misc b/lib/hydra/misc index b349b40..26d03ea 100644 --- a/lib/hydra/misc +++ b/lib/hydra/misc @@ -129,3 +129,18 @@ function hydra_usage_hydra { function hydra_usage_hydractl { echo "Usage: hydractl <command> [arguments]" } + +# Read a parameter from user +function hydra_read { + local input + param="$1" + default="$2" + shift 2 + read -rep "$* (defaults to $default): " input + + if [ -z "$input" ]; then + declare $param=$default + else + declare $param=$input + fi +} diff --git a/share/hydractl/provision b/share/hydractl/provision index 488c2ea..0b4139b 100755 --- a/share/hydractl/provision +++ b/share/hydractl/provision @@ -2,3 +2,151 @@ # # System installer. # + +# Load +source $APP_BASE/lib/hydra/functions || exit 1 +hydra_config_load + +# Setup. +hydra_read device /dev/sdb "Destination device" +hydra_read garbage y "Pre-fill volumes with garbage? (y/n)" +hydra_read hostname $HOSTNAME "Hostname" +hydra_read domain example.com "Domain" +hydra_read arch amd64 "System arch" +hydra_read version lenny "Distro version" +hydra_read vg vg "Temporary install vg" +hydra_read grub n "Setup GRUB? (y/n)" + +# Warning. +echo "" +echo "Make sure you have chosen the right parameters" +echo "and that $device has the needed partitions." +echo "" +echo "Press ENTER to continue, Ctrl-C to abort." +read answer + +# Create volumes. +echo "Creating the needed disk volumes..." +pvcreate "$device"3 +vgcreate $vg "$device"3 +lvcreate -L20G -n root $vg +vgchange -a y $vg + +# Garbage. +if [ "$garbage" == "y" ]; then + echo "Filling volumes with garbage..." + dd if=/dev/urandom of=/dev/$vg/root + dd if=/dev/urandom of="$device"1 +fi + +# Create root device. +echo "Creating root device..." +cryptsetup -h sha256 -c aes-cbc-essiv:sha256 -s 256 luksFormat /dev/$vg/root +cryptsetup luksOpen /dev/$vg/root debootstrap +mkfs.ext3 /dev/mapper/debootstrap + +# Initial system install. +echo "Installing base system..." +mkdir /tmp/debootstrap +mount /dev/mapper/debootstrap /tmp/debootstrap/ +debootstrap --arch=$arch $version /tmp/debootstrap/ + +# Initial configuration. +echo "Applying initial configuration..." +mount none -t proc /tmp/debootstrap/proc/ +mount -o bind /dev/ /tmp/debootstrap/dev +cp -L /etc/resolv.conf /tmp/debootstrap/etc +echo $hostname.$domain > /tmp/debootstrap/etc/hostname +echo "127.0.0.1 localhost $hostname $hostname.$domain" >> /tmp/debootstrap/etc/hosts +echo LANG=C > /tmp/debootstrap/etc/default/locale + +# Initial upgrade. +echo "Applying initial upgrades..." +chroot /tmp/debootstrap/ apt-get update +chroot /tmp/debootstrap/ apt-get upgrade +chroot /tmp/debootstrap/ apt-get install locales cryptsetup lvm2 initramfs-tools grub + +# Crypttab. +echo "Configuring crypttab..." +cat > /tmp/debootstrap/etc/crypttab <<-EOF +# <target name> <source device> <key file> <options> +root /dev/mapper/vg-root none luks,cipher=aes-cbc-essiv:sha256 +cswap "$device"1 /dev/random swap,cipher=aes-cbc-essiv:sha256 +EOF + +# Fstab. +echo "Configuring fstab..." +cat > /tmp/debootstrap/etc/fstab <<-EOF +/dev/mapper/cswap none swap sw 0 0 +/dev/mapper/root / ext3 defaults,errors=remount-ro 0 1 +EOF + +# Boot. +echo "Boot device setup..." +mkfs.ext3 "$device"2 +mount "$device"2 /boot +grub-install --no-floppy "$device" +echo " "$device"2 /boot ext3 defaults,errors=remount-ro 0 2" >> /tmp/debootstrap/etc/fstab + +# Grub. +if [ "$grub" == "y" ]; then + echo "Setting up GRUB..." + mkdir -p /tmp/debootstrap/boot/grub/ + cat /tmp/debootstrap/boot/grub/menu.lst <<-EOF +title $hostname (hd0) +root (hd0,1) +kernel /vmlinuz-2.6.26-2-vserver-amd64 root=/dev/mapper/root ro quiet rootdelay=10 +initrd /initrd.img-2.6.26-2-vserver-amd64 + +title $hostname (hd0) (single) +root (hd0,1) +kernel /vmlinuz-2.6.26-2-vserver-amd64 root=/dev/mapper/root ro single rootdelay=10 +initrd /initrd.img-2.6.26-2-vserver-amd64 +EOF +fi + +# Kernel. +echo "Installing kernel..." +cat > /tmp/debootstrap/boot/grub/etc/initramfs-tools/modules <<-EOF +dm-mod +dm-crypt +aes +twofish +sha256 +EOF + +cat > /tmp/debootstrap/etc/kernel-img.conf <<-EOF +do_initrd = Yes +EOF + +if [ "$arch" == "i386" ]; then + kernel_arch="686" +else + kernel_arch="$arch" +fi + +chroot /tmp/debootstrap apt-get install linux-image-2.6-vserver-$kernel_arch + +# Initramfs. +echo "Creating initramfs..." +chroot /tmp/debootstrap update-initramfs -v -u + +# Ssh. +echo "Installing OpenSSH daemon..." +chroot /tmp/debootstrap apt-get install openssh-server + +echo "OpenSSH fingerprints:" +chroot /tmp/debootstrap ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub +chroot /tmp/debootstrap ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub + +# Accounts. +echo "Installing sudo..." +chroot /tmp/debootstrap apt-get install sudo + +echo "Choose a root password." +chroot /tmp/debootstrap passwd root + +# Final steps: +# Create an user account with sudo privileges. +# Network setup. + |