SHARE
TWEET

Untitled

a guest Apr 3rd, 2014 192 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2.  
  3. ### exit on errors (in pipes too) and verbose execution
  4. set -o pipefail -e -x
  5.  
  6. TMPDIR=$(mktemp -d)
  7. VEID=777
  8. DESTDIR=/vz/private/${VEID}
  9.  
  10. ### veid config
  11. cat << _EOF_ > /etc/vz/conf/${VEID}.conf
  12. # This config is only valid for decent VSwap-enabled kernel
  13. # (version 042stab042 or later).
  14.  
  15. ONBOOT="yes"
  16.  
  17. # RAM
  18. PHYSPAGES="0:2G"
  19.  
  20. # Swap
  21. SWAPPAGES="0:0G"
  22.  
  23. # Disk quota parameters (in form of softlimit:hardlimit)
  24. DISKSPACE="20G:22G"
  25. DISKINODES="200000:220000"
  26. QUOTATIME="0"
  27.  
  28. # CPU fair scheduler parameter
  29. CPUUNITS="1000"
  30.  
  31. VE_ROOT="/vz/root/\$VEID"
  32. VE_PRIVATE="/vz/private/\$VEID"
  33. OSTEMPLATE="centos-6-secured-x86_64"
  34. ORIGIN_SAMPLE="basic"
  35.  
  36. HOSTNAME="localhost"
  37. SEARCHDOMAIN=""
  38. NAMESERVER="8.8.8.8 8.8.4.4"
  39. IP_ADDRESS="10.20.30.40"
  40.  
  41. CPULIMIT="100"
  42. CPUS="1"
  43. _EOF_
  44.  
  45. ### stop / destroy if exists /  recreate
  46. vzctl stop ${VEID}
  47. [[ -d ${DESTDIR} ]] && rm -rf ${DESTDIR}
  48. mkdir -p ${DESTDIR}
  49. mkdir -p /vz/root/${VEID}
  50.  
  51. ### init rpm db
  52. rpm --root ${DESTDIR} --initdb
  53.  
  54. ### download packages for create base directory
  55. yum install -q -y yum-utils
  56. yumdownloader --destdir ${TMPDIR} centos-release centos-release-cr
  57.  
  58. ### install base directory rpms
  59. TO_INSTALL=""
  60. for i in ${TMPDIR}/*.rpm; do
  61.         TO_INSTALL="${TO_INSTALL} ${i}"
  62. done
  63.  
  64. rpm --root ${DESTDIR} -i ${TO_INSTALL}
  65.  
  66. ### Save random seed
  67. touch ${DESTDIR}/var/lib/random-seed
  68. chmod 600 ${DESTDIR}/var/lib/random-seed
  69. dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=512 2>/dev/null
  70.  
  71. ### import centos pubkey
  72. rpm --root ${DESTDIR} --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
  73.  
  74. ### install required rpms
  75. yum --installroot=${DESTDIR} install -q -y postfix filesystem tzdata glibc procps \
  76.         coreutils rpm yum yum-utils udev openssh basesystem bash grep MAKEDEV \
  77.         openssl gnupg2 logrotate rsyslog screen openssh-server openssh-clients \
  78.         info ca-certificates libuuid sed vim-enhanced findutils iproute tmpwatch \
  79.         wget curl patch vixie-cron sysstat htop telnet which diffutils rsync \
  80.         sudo yum-cron psacct lftp tcpdump numactl git vconfig nc xz bzip2 \
  81.         nscd passwd tar
  82.  
  83. ### pts only in fstab
  84. cat << _EOF_ > ${DESTDIR}/etc/fstab
  85. none    /dev/pts        devpts  gid=5,mode=620  0       0
  86. _EOF_
  87. chmod 0644 ${DESTDIR}/etc/fstab
  88.  
  89. mkdir -p ${DESTDIR}/dev/pts
  90.  
  91. ### create devices
  92. for INPATH in dev etc/udev/devices; do
  93.         /sbin/MAKEDEV -x -d ${DESTDIR}/${INPATH} console core fd full kmem kmsg mem null port \
  94.                 ptmx {p,t}ty{a,p}{0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f} random \
  95.                 urandom zero ram{,0,1,disk} std{in,out,err}
  96. done
  97.  
  98. ### do not run agetty's
  99. sed -i 's/^ACTIVE_CONSOLES=\(.*\)/#ACTIVE_CONSOLES=\1\nACTIVE_CONSOLES=""/g' ${DESTDIR}/etc/sysconfig/init
  100.  
  101. ### run minimum services
  102. SERVICES="(network|crond|sshd|sysstat|snmpd|syslog|psacct|udev-post|nscd)"
  103. chroot ${DESTDIR} "/sbin/chkconfig" "--list" | grep -oP '^\S+' | sort | uniq | egrep -vE "${SERVICES}" | xargs -I{} chroot ${DESTDIR} "/sbin/chkconfig" "{}" "off"
  104. chroot ${DESTDIR} "/sbin/chkconfig" "--list" | grep -oP '^\S+' | sort | uniq | egrep -E "${SERVICES}" | xargs -I{} chroot ${DESTDIR} "/sbin/chkconfig" "{}" "--level" "2345" "on"
  105.  
  106. ### clock/timezone
  107. cat << _EOF_ > ${DESTDIR}/etc/sysconfig/clock
  108. ZONE="Europe/Moscow"
  109. _EOF_
  110. chroot ${DESTDIR} "/usr/sbin/tzdata-update"
  111.  
  112. ### make mtab actual every time
  113. chroot ${DESTDIR} 'rm' '-fv' '/etc/mtab'
  114. chroot ${DESTDIR} 'ln' '-s' '/proc/mounts' '/etc/mtab'
  115.  
  116. ### cleanup
  117. rm -rf ${TMPDIR}
  118.  
  119. ### set locale to UTF
  120. cat << _EOF_ > ${DESTDIR}/etc/sysconfig/i18n
  121. LANG="en_US.UTF-8"
  122. SYSFONT="latarcyrheb-sun16"
  123. _EOF_
  124. chroot ${DESTDIR} 'localedef' '-c' '-f' 'UTF-8' '-i' 'en_US' '/usr/lib/locale/en_US.utf8'
  125.  
  126. ### TODO:
  127. ### 1. check ssh keys and delete them
  128. ### 2. make template.tar.gz
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top