Guest User

Untitled

a guest
Apr 3rd, 2014
328
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2.  
  3. ### exit on errors (in pipes too) and verbose execution
  4. set -o pipefail -e -x
  5.  
  6. TMPDIR=$(mktemp -d)
  7. VEID=777
  8. DESTDIR=/vz/private/${VEID}
  9.  
  10. ### veid config
  11. cat << _EOF_ > /etc/vz/conf/${VEID}.conf
  12. # This config is only valid for decent VSwap-enabled kernel
  13. # (version 042stab042 or later).
  14.  
  15. ONBOOT="yes"
  16.  
  17. # RAM
  18. PHYSPAGES="0:2G"
  19.  
  20. # Swap
  21. SWAPPAGES="0:0G"
  22.  
  23. # Disk quota parameters (in form of softlimit:hardlimit)
  24. DISKSPACE="20G:22G"
  25. DISKINODES="200000:220000"
  26. QUOTATIME="0"
  27.  
  28. # CPU fair scheduler parameter
  29. CPUUNITS="1000"
  30.  
  31. VE_ROOT="/vz/root/\$VEID"
  32. VE_PRIVATE="/vz/private/\$VEID"
  33. OSTEMPLATE="centos-6-secured-x86_64"
  34. ORIGIN_SAMPLE="basic"
  35.  
  36. HOSTNAME="localhost"
  37. SEARCHDOMAIN=""
  38. NAMESERVER="8.8.8.8 8.8.4.4"
  39. IP_ADDRESS="10.20.30.40"
  40.  
  41. CPULIMIT="100"
  42. CPUS="1"
  43. _EOF_
  44.  
  45. ### stop / destroy if exists /  recreate
  46. vzctl stop ${VEID}
  47. [[ -d ${DESTDIR} ]] && rm -rf ${DESTDIR}
  48. mkdir -p ${DESTDIR}
  49. mkdir -p /vz/root/${VEID}
  50.  
  51. ### init rpm db
  52. rpm --root ${DESTDIR} --initdb
  53.  
  54. ### download packages for create base directory
  55. yum install -q -y yum-utils
  56. yumdownloader --destdir ${TMPDIR} centos-release centos-release-cr
  57.  
  58. ### install base directory rpms
  59. TO_INSTALL=""
  60. for i in ${TMPDIR}/*.rpm; do
  61.     TO_INSTALL="${TO_INSTALL} ${i}"
  62. done
  63.  
  64. rpm --root ${DESTDIR} -i ${TO_INSTALL}
  65.  
  66. ### Save random seed
  67. touch ${DESTDIR}/var/lib/random-seed
  68. chmod 600 ${DESTDIR}/var/lib/random-seed
  69. dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=512 2>/dev/null
  70.  
  71. ### import centos pubkey
  72. rpm --root ${DESTDIR} --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
  73.  
  74. ### install required rpms
  75. yum --installroot=${DESTDIR} install -q -y postfix filesystem tzdata glibc procps \
  76.     coreutils rpm yum yum-utils udev openssh basesystem bash grep MAKEDEV \
  77.     openssl gnupg2 logrotate rsyslog screen openssh-server openssh-clients \
  78.     info ca-certificates libuuid sed vim-enhanced findutils iproute tmpwatch \
  79.     wget curl patch vixie-cron sysstat htop telnet which diffutils rsync \
  80.     sudo yum-cron psacct lftp tcpdump numactl git vconfig nc xz bzip2 \
  81.     nscd passwd tar
  82.  
  83. ### pts only in fstab
  84. cat << _EOF_ > ${DESTDIR}/etc/fstab
  85. none    /dev/pts    devpts  gid=5,mode=620  0   0
  86. _EOF_
  87. chmod 0644 ${DESTDIR}/etc/fstab
  88.  
  89. mkdir -p ${DESTDIR}/dev/pts
  90.  
  91. ### create devices
  92. for INPATH in dev etc/udev/devices; do
  93.     /sbin/MAKEDEV -x -d ${DESTDIR}/${INPATH} console core fd full kmem kmsg mem null port \
  94.         ptmx {p,t}ty{a,p}{0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f} random \
  95.         urandom zero ram{,0,1,disk} std{in,out,err}
  96. done
  97.  
  98. ### do not run agetty's
  99. sed -i 's/^ACTIVE_CONSOLES=\(.*\)/#ACTIVE_CONSOLES=\1\nACTIVE_CONSOLES=""/g' ${DESTDIR}/etc/sysconfig/init
  100.  
  101. ### run minimum services
  102. SERVICES="(network|crond|sshd|sysstat|snmpd|syslog|psacct|udev-post|nscd)"
  103. chroot ${DESTDIR} "/sbin/chkconfig" "--list" | grep -oP '^\S+' | sort | uniq | egrep -vE "${SERVICES}" | xargs -I{} chroot ${DESTDIR} "/sbin/chkconfig" "{}" "off"
  104. chroot ${DESTDIR} "/sbin/chkconfig" "--list" | grep -oP '^\S+' | sort | uniq | egrep -E "${SERVICES}" | xargs -I{} chroot ${DESTDIR} "/sbin/chkconfig" "{}" "--level" "2345" "on"
  105.  
  106. ### clock/timezone
  107. cat << _EOF_ > ${DESTDIR}/etc/sysconfig/clock
  108. ZONE="Europe/Moscow"
  109. _EOF_
  110. chroot ${DESTDIR} "/usr/sbin/tzdata-update"
  111.  
  112. ### make mtab actual every time
  113. chroot ${DESTDIR} 'rm' '-fv' '/etc/mtab'
  114. chroot ${DESTDIR} 'ln' '-s' '/proc/mounts' '/etc/mtab'
  115.  
  116. ### cleanup
  117. rm -rf ${TMPDIR}
  118.  
  119. ### set locale to UTF
  120. cat << _EOF_ > ${DESTDIR}/etc/sysconfig/i18n
  121. LANG="en_US.UTF-8"
  122. SYSFONT="latarcyrheb-sun16"
  123. _EOF_
  124. chroot ${DESTDIR} 'localedef' '-c' '-f' 'UTF-8' '-i' 'en_US' '/usr/lib/locale/en_US.utf8'
  125.  
  126. ### TODO:
  127. ### 1. check ssh keys and delete them
  128. ### 2. make template.tar.gz
RAW Paste Data