# ALIX 3D2 system configuration for Embedded Tor node
# By MacLemon
# Public Domain, do whatever you want with it
# 2010/02/01
# The numbers in the name correspond to the git repository revision.
NANO_NAME=Alix3D2-53-1b1c29f
NANO_KERNEL=/usr/src/tools/tools/nanobsd/ALIXKERNEL-53-1b1c29f
NANO_SRC=/usr/src
NANO_IMAGES=2
NANO_BOOT0CFG="-o nopacket -s 1 -m 3" # nopacket seems to be required by tinyBIOS
NANO_PMAKE="make -j 6"
# To stop nanoBSD from outputting everything to serial console (when using VGA)
# NANO_BOOTLOADER="boot/boot0"
# Drive geometry
# Log C/H/S 1007/32/63 (1 GB)
# NANO_MEDIASIZE=2030112
# NANO_HEADS=32
# NANO_SECTS=63
# Log C/H/S 974/64/63 SanDisk ultra II 2GB
NANO_MEDIASIZE=3928176
NANO_HEADS=64 # heads from the logic CHS information at boot time
NANO_SECTS=63 # sects from the logic CHS information at boot time
NANO_DRIVE=ad0
NANO_CODESIZE=0
NANO_CONFSIZE=2048
NANO_DATASIZE=262144
NANO_RAM_ETCSIZE=10240
NANO_RAM_TMPVARSIZE=20480
CONF_WORLD='
TARGET=i386
TARGET_ARCH=i386
TARGET_CPUTYPE=pentium-mmx
WITHOUT_ACPI=yes
WITHOUT_ATM=yes
WITHOUT_BLUETOOTH=yes
WITHOUT_CALENDAR=yes
WITHOUT_DICT=yes
WITHOUT_FORTRAN=yes
WITHOUT_GCOV=yes
WITHOUT_GPIB=yes
WITHOUT_HTML=yes
WITHOUT_I4B=yes
WITHOUT_INFO=yes
WITHOUT_IPFILTER=yes
WITHOUT_IPX=yes
WITHOUT_KERBEROS=yes
WITHOUT_LPR=yes
WITHOUT_NIS=yes
WITHOUT_NLS=yes
WITHOUT_NLS_CATALOGS=yes
WITHOUT_PROFILE=yes
WITHOUT_RCMDS=yes
WITHOUT_RESCUE=yes
WITHOUT_SHAREDOCS=yes
WITHOUT_SYSCONS=yes
WITHOUT_ZFS=yes
BOOT_COMCONSOLE_SPEED=9600
'
cust_nobeastie() (
touch ${NANO_WORLDDIR}/boot/loader.conf
echo "beastie_disable=\"YES\"" >> ${NANO_WORLDDIR}/boot/loader.conf
)
cust_loader_conf(){
# Shortens the boot delay to select the desired slice to 3s (default is 10s)
# Speeds up the boot process by 7 seconds
echo "autoboot_delay=\"3\"" >> ${NANO_WORLDDIR}/boot/loader.conf
}
cust_rc_conf(){
touch ${NANO_WORLDDIR}/etc/rc.conf
# Fetch an IP from DHCP on vr0 (primary ethernet interface on ALIX)
echo "ifconfig_vr0=\"DHCP\"" >> ${NANO_WORLDDIR}/etc/rc.conf
# Set time via ntp, this cannot be done through tor, since ntp uses UDP
echo "ntpdate_enable=\"YES\"" >> ${NANO_WORLDDIR}/etc/rc.conf
echo "ntpdate_hosts=\"pool.ntp.org\"" >> ${NANO_WORLDDIR}/etc/rc.conf
# Run tor at system start
echo "tor_enable=\"YES\"" >> ${NANO_WORLDDIR}/etc/rc.conf
# Set correct file permissions
chmod 644 ${NANO_WORLDDIR}/etc/rc.conf
}
cust_add_packages(){
# Add packages to
# /usr/src/tools/tools/nanobsd/packages
# first clean this from last build
# rm -r /usr/src/tools/tools/nanobsd/packages/*
cp -r /usr/ports/security/tor /usr/src/tools/tools/nanobsd/packages/
}
install_packages(){
mkdir -p ${NANO_WORLDDIR}/packages
cp /usr/src/tools/tools/nanobsd/packages/* ${NANO_WORLDDIR}/packages
chroot ${NANO_WORLDDIR} sh -c 'cd packages; pkg_add -v *;cd ..;'
rm -rf ${NANO_WORLDDIR}/packages
}
cust_install_packages(){
PACKAGE_LIST=`ls ${CONF_ROOT}/packages/*`
cd ${NANO_WORLDDIR}
for p in ${PACKAGE_LIST}
do
cat ${p} | pkg_add -rvC . -
done
}
customize_cmd cust_comconsole
customize_cmd cust_install_files
customize_cmd cust_nobeastie
customize_cmd cust_rc_conf
customize_cmd cust_loader_conf
# customize_cmd cust_tor
# customize_cmd cust_add_packages
# customize_cmd cust_install_packages
customize_cmd install_packages
# Just for testing, we actually do not need this during normal operation
##### Be sure to change tha password for root if you enable SSH! #####
customize_cmd cust_allow_ssh_root
#EOF