Untitled

#!/bin/bash

### exit on errors (in pipes too) and verbose execution
set -o pipefail -e -x

TMPDIR=$(mktemp -d)
VEID=777
DESTDIR=/vz/private/${VEID}

### veid config
cat << _EOF_ > /etc/vz/conf/${VEID}.conf
# This config is only valid for decent VSwap-enabled kernel
# (version 042stab042 or later).

ONBOOT="yes"

# RAM
PHYSPAGES="0:2G"

# Swap
SWAPPAGES="0:0G"

# Disk quota parameters (in form of softlimit:hardlimit)
DISKSPACE="20G:22G"
DISKINODES="200000:220000"
QUOTATIME="0"

# CPU fair scheduler parameter
CPUUNITS="1000"

VE_ROOT="/vz/root/\$VEID"
VE_PRIVATE="/vz/private/\$VEID"
OSTEMPLATE="centos-6-secured-x86_64"
ORIGIN_SAMPLE="basic"

HOSTNAME="localhost"
SEARCHDOMAIN=""
NAMESERVER="8.8.8.8 8.8.4.4"
IP_ADDRESS="10.20.30.40"

CPULIMIT="100"
CPUS="1"
_EOF_

### stop / destroy if exists /  recreate
vzctl stop ${VEID}
[[ -d ${DESTDIR} ]] && rm -rf ${DESTDIR}
mkdir -p ${DESTDIR}
mkdir -p /vz/root/${VEID}

### init rpm db
rpm --root ${DESTDIR} --initdb

### download packages for create base directory
yum install -q -y yum-utils
yumdownloader --destdir ${TMPDIR} centos-release centos-release-cr

### install base directory rpms
TO_INSTALL=""
for i in ${TMPDIR}/*.rpm; do
    TO_INSTALL="${TO_INSTALL} ${i}"
done

rpm --root ${DESTDIR} -i ${TO_INSTALL}

### Save random seed
touch ${DESTDIR}/var/lib/random-seed
chmod 600 ${DESTDIR}/var/lib/random-seed
dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=512 2>/dev/null

### import centos pubkey
rpm --root ${DESTDIR} --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

### install required rpms
yum --installroot=${DESTDIR} install -q -y postfix filesystem tzdata glibc procps \
    coreutils rpm yum yum-utils udev openssh basesystem bash grep MAKEDEV \
    openssl gnupg2 logrotate rsyslog screen openssh-server openssh-clients \
    info ca-certificates libuuid sed vim-enhanced findutils iproute tmpwatch \
    wget curl patch vixie-cron sysstat htop telnet which diffutils rsync \
    sudo yum-cron psacct lftp tcpdump numactl git vconfig nc xz bzip2 \
    nscd passwd tar

### pts only in fstab
cat << _EOF_ > ${DESTDIR}/etc/fstab
none    /dev/pts    devpts  gid=5,mode=620  0   0
_EOF_
chmod 0644 ${DESTDIR}/etc/fstab

mkdir -p ${DESTDIR}/dev/pts

### create devices
for INPATH in dev etc/udev/devices; do
    /sbin/MAKEDEV -x -d ${DESTDIR}/${INPATH} console core fd full kmem kmsg mem null port \
        ptmx {p,t}ty{a,p}{0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f} random \
        urandom zero ram{,0,1,disk} std{in,out,err}
done

### do not run agetty's
sed -i 's/^ACTIVE_CONSOLES=\(.*\)/#ACTIVE_CONSOLES=\1\nACTIVE_CONSOLES=""/g' ${DESTDIR}/etc/sysconfig/init

### run minimum services
SERVICES="(network|crond|sshd|sysstat|snmpd|syslog|psacct|udev-post|nscd)"
chroot ${DESTDIR} "/sbin/chkconfig" "--list" | grep -oP '^\S+' | sort | uniq | egrep -vE "${SERVICES}" | xargs -I{} chroot ${DESTDIR} "/sbin/chkconfig" "{}" "off"
chroot ${DESTDIR} "/sbin/chkconfig" "--list" | grep -oP '^\S+' | sort | uniq | egrep -E "${SERVICES}" | xargs -I{} chroot ${DESTDIR} "/sbin/chkconfig" "{}" "--level" "2345" "on"

### clock/timezone
cat << _EOF_ > ${DESTDIR}/etc/sysconfig/clock
ZONE="Europe/Moscow"
_EOF_
chroot ${DESTDIR} "/usr/sbin/tzdata-update"

### make mtab actual every time
chroot ${DESTDIR} 'rm' '-fv' '/etc/mtab'
chroot ${DESTDIR} 'ln' '-s' '/proc/mounts' '/etc/mtab'

### cleanup
rm -rf ${TMPDIR}

### set locale to UTF
cat << _EOF_ > ${DESTDIR}/etc/sysconfig/i18n
LANG="en_US.UTF-8"
SYSFONT="latarcyrheb-sun16"
_EOF_
chroot ${DESTDIR} 'localedef' '-c' '-f' 'UTF-8' '-i' 'en_US' '/usr/lib/locale/en_US.utf8'

### TODO:
### 1. check ssh keys and delete them
### 2. make template.tar.gz