Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- # note: default alpine shell is ash.
- ONLN_REPO="http://nl.alpinelinux.org/alpine/latest-stable/main/"
- OFLN_REPO="/media/repository/"
- ONLN_HOST="nl.alpinelinux.org"
- CIFS_HOST="sysdata"
- CDFS_MSRC="/media/cdrom/repo/"
- CIFS_MSRC="share/alpine-mirror/latest-stable/main/"
- CIFS_OPTS="username=share,password=none"
- MIRROR=/d/00-systems/linux-x64/00-alpine/00-mirror/
- usage () {
- local out=/dev/stderr tab=$'\t'
- let "${1}==0" > /dev/null 2>&1 && out=/dev/stdout
- cat <<- EOF > ${out}
- setup.sh <help|onln|ofln|cifs|list|dkey>
- ${tab}help: show this help.
- ${tab}onln: install system from online repository.
- ${tab}ofln: install system from cdrom repository.
- ${tab}cifs: install system from cifs repository.
- ${tab}list: undocummented.
- ${tab}dkey: dump public ssh key to standard output.
- online install does'nt require anything beside this script.
- cdrom install require to build the repository on the iso file.
- cifs install require a small cdrom repository on the iso file.
- EOF
- exit $1
- }
- main () {
- # note:
- # up to setup-disk in init_hd, configuration (except apk repository and db)
- # will be propagated to installed system, including installed packages.
- local gotlan
- init_net () {
- # keyboard and default network interface dhcp setup.
- init_kbd_n_net
- # HOSTNAME env and secondary network interface static setup.
- init_static_net && gotlan=true || gotlan=false
- }
- local repo mode="$1" ; shift
- case "$mode" in
- ofln|cifs) init_net; mkdir "$OFLN_REPO" && repo="$OFLN_REPO" ;;
- onln) init_net; host_test "$ONLN_HOST" && repo="$ONLN_REPO" ;;
- list) pkglst; exit $? ;;
- dkey) ssh_pubkey ; exit ;;
- help) usage 0 ;;
- *) usage 1 ;;
- esac
- [ "$repo" ] || errx repox
- # if needed, mount repository and generate fstab line.
- if [ -d "$repo" ]; then
- local msrc
- case "$mode" in
- ofln) msrc="$CDFS_MSRC" ;;
- cifs) msrc="//${CIFS_HOST}/${CIFS_MSRC}" ;;
- esac
- mountx --rbind "$CDFS_MSRC" "$repo"
- init_repox "$repo"
- local mfst="$msrc $repo"
- [ "$mode" == "cifs" ] && {
- $gotlan || errx cifs_lanx
- mountx -t cifs -o "$CIFS_OPTS" "$msrc" "$repo"
- init_repox "$repo"
- mfst="$mfst cifs ${CIFS_OPTS},ro,noauto 0 0"
- } || mfst="$mfst none rbind,ro,noauto 0 0"
- else
- init_repox "$repo"
- fi
- init_hd # setup-disk done, configuration propagation ended.
- # propagate repository setup.
- [ -d "$repo" ] && {
- mkdir "/mnt${repo}"
- printf "${mfst}\n" >> /mnt/etc/fstab
- }
- # initialize system.
- system_setup "$HOSTNAME"
- # remote mount may lock reboot procedure.
- [ "$mode" == "cifs" ] && umount "$OFLN_REPO"
- }
- init_kbd_n_net () {
- # printf "*** setting keymap\n"
- setup-keymap fr fr-latin1
- # printf "*** setting /etc/network/interfaces\n"
- cat <<- EOF > /etc/network/interfaces
- auto lo
- iface lo inet loopback
- auto eth0
- iface eth0 inet dhcp
- EOF
- # printf "*** add networking to default rc\n"
- rc-update add networking default
- openrc
- }
- init_static_net () {
- export HOSTNAME=localhost
- local wan_ip="$(ifconfig -a)"
- { grep -q eth1 || return; } <<- EOF
- $wan_ip
- EOF
- wan_ip="$(ifconfig eth0 | sed -n '/inet addr:/s,.*r:\([^ ]*\).*,\1,p')"
- [ "$wan_ip" ] || return
- local hsedexp='s,^[^[:blank:]]*[[:blank:]]*\([^[:blank:]\.]*\).*,\1,p'
- local hname="$(getent hosts "$wan_ip" | sed -n "$hsedexp")"
- [ "$hname" ] || return
- local isedexp='s/\([[:digit:]\.]*\).*/\1/p'
- local lan_ip="$(getent hosts "${hname}-lan" | sed -n "$isedexp")"
- { [ "$lan_ip" ] && [ "$lan_ip" != "$wan_ip" ]; } || return
- hname="$(getent hosts "$lan_ip" | sed -n "$hsedexp")";
- [ "$hname" ] && export HOSTNAME="$hname"
- local tab=$'\t'
- cat <<- EOF >> /etc/network/interfaces
- auto eth1
- iface eth1 inet static
- ${tab}address ${lan_ip}
- ${tab}netmask 255.255.255.0
- EOF
- /etc/init.d/networking restart
- }
- init_hd () {
- # printf "*** setting partition table\n"
- apk_addx sfdisk
- sfdisk /dev/sda <<- EOF
- label: gpt
- label-id: 28062016-00FF-DDFF-0000-000000000000
- device: /dev/sda
- unit: sectors
- first-lba: 34
- last-lba: 33554398
- /dev/sda2 : start= 2048, size= 1048576,\
- type=0FC63DAF-8483-4772-8E79-3D69D8477DE4,\
- uuid=00000000-0000-0000-0000-0000000000FF,\
- name="Linux filesystem"
- /dev/sda4 : start=1050624, size=32503775,\
- type=0FC63DAF-8483-4772-8E79-3D69D8477DE4,\
- uuid=00000000-0000-0000-0000-0000000000EE,\
- name="Linux filesystem"
- EOF
- # note: attrs setting using dump input fail.
- sfdisk --part-attrs /dev/sda 2 LegacyBIOSBootable
- mdev -s
- apk del sfdisk # prevent propagation.
- # printf "*** initializing filesystems\n"
- apk_addx e2fsprogs btrfs-progs
- mkfs.ext4 -L boot -U 15022016-00EE-DDFF-00FF-000000000000 /dev/sda2
- mkfs.btrfs -L root -U 15022016-00EE-DDFF-00EE-000000000000 /dev/sda4
- mount -t btrfs /dev/sda4 /mnt
- btrfs su create /mnt/57
- btrfs su create /mnt/default
- btrfs su create /mnt/59
- btrfs su create /mnt/default/usr
- btrfs su create /mnt/61
- btrfs su create /mnt/default/usr/local
- btrfs su create /mnt/63
- btrfs su create /mnt/default/var
- btrfs su create /mnt/default/tmp
- btrfs su create /mnt/default/home
- for i in 57 59 61 63; do
- btrfs su delete -c /mnt/$i
- done
- btrfs su set-default 258 /mnt
- umount /mnt
- apk del e2fsprogs btrfs-progs # prevent propagation.
- # printf "*** mounting filesystems\n"
- mount -t btrfs /dev/sda4 /mnt
- mkdir /mnt/boot
- mount -t ext4 /dev/sda2 /mnt/boot
- # printf "*** initializing system\n"
- setup-disk -s0 -k vanilla /mnt
- # printf "*** initializing mbr\n"
- # note: syslinux pkg is loaded by setup-disk.
- dd if=/usr/share/syslinux/gptmbr.bin of=/dev/sda bs=440 count=1
- sync
- }
- system_setup () {
- # TODO conditionalize setup on installed packages
- # install packages first then configure them
- # checking with apk -p xxx info
- # printf "*** set repository for new system\n"
- cat /etc/apk/repositories > /mnt/etc/apk/repositories
- # printf "*** add packages\n"
- for p in $(pkgset setup_support); do
- apk -p /mnt add "$p"
- done
- # printf "*** set hostname\n"
- printf "$1" > /mnt/etc/hostname
- shift
- # # printf "*** add docs packages\n"
- # [ "$1" ] && { # TODO clean-up
- # for p in $(apk -p /mnt info); do
- # apk info ${p}-doc > /dev/null && apk -p /mnt add ${p}-doc
- # done
- # shift
- # }
- # printf "*** set bash as root shell\n"
- sed -i '/^root:/s,/bin/ash,/bin/bash,' /mnt/etc/passwd
- # printf "*** move root home to /home/root\n"
- sed -i '/^root:/s,:/root,:/home/root,' /mnt/etc/passwd
- mv /mnt/root /mnt/home/
- # printf "*** add 'admn': user, group, sudoer, home and ssh key\n"
- sed -i '/^guest:/s,.*,\0\nadmn:x:654:654:admn:/home/admn:/bin/bash,' \
- /mnt/etc/passwd
- sed -i '/^guest:/s,.*,\0\nadmn:::0:::::,' /mnt/etc/shadow
- sed -i '/^utmp:/s,.*,\0\nadmn:x:654:,' /mnt/etc/group
- sed -i '/^root/s,.*,\0\nadmn ALL=(ALL) NOPASSWD: ALL,' /mnt/etc/sudoers
- mkdir /mnt/home/admn
- chown 654.654 /mnt/home/admn
- chmod 755 /mnt/home/admn
- mkdir /mnt/home/admn/.ssh
- chown 654.654 /mnt/home/admn/.ssh
- chmod 700 /mnt/home/admn/.ssh
- ssh_pubkey > /mnt/home/admn/.ssh/authorized_keys
- chown 654.654 /mnt/home/admn/.ssh/authorized_keys
- chmod 644 /mnt/home/admn/.ssh/authorized_keys
- # printf "*** ssh server setup\n"
- sed -i 's/^#PermitRootLogin.*/PermitRootLogin no/;
- s/^#PasswordAuthentication.*/PasswordAuthentication no/;
- s/^#PermitEmptyPasswords.*/PermitEmptyPasswords no/' \
- /mnt/etc/ssh/sshd_config
- chroot /mnt /sbin/rc-update add sshd default
- # printf "*** cleanup usr/local\n"
- rm -rf /mnt/usr/local/*
- # printf "*** forge and forget root and admn passwords\n"
- apk_addx openssh
- ssh-keygen -q -t rsa -b 4096 -N '' -f /tmp/passgen
- sed -n '4s/.*/root:\0/p;5s/.*/admn:\0/p' < /tmp/passgen > /tmp/newpass
- chroot /mnt /usr/sbin/chpasswd < /tmp/newpass
- # printf "*** set default prompt\n"
- sed -i '/export PS1/s,\\h,\\u@\\h,' /mnt/etc/profile
- # printf "*** set ll alias for bash\n"
- echo "[ \"\$BASH_VERSION\" ] && alias ll='ls -la'" \
- > /mnt/etc/profile.d/ll.sh
- # printf "*** cleanup motd\n"
- echo 'motd: no news is good news.' > /mnt/etc/motd
- # printf "*** prevent boot clock skew report\n"
- apk_addx coreutils findutils
- find /mnt -print0 | xargs -0 touch -c -t 0505050505.05 2> /dev/null
- }
- pkgset () {
- while [ "$1" ]; do
- case "$1" in
- ofln) cat <<- EOF
- syslinux blkid mtools linux-vanilla linux-firmware mkinitfs \
- kmod xz-libs cryptsetup-libs device-mapper libblkid libuuid \
- lddtree alpine-base alpine-keys libc-utils musl-utils scanelf \
- busybox-initscripts busybox-suid apk-tools libssl1.0 libcrypto1.0 \
- zlib alpine-conf openrc alpine-baselayout busybox acct musl
- EOF
- ;;
- init_hd) cat <<- EOF
- sfdisk e2fsprogs btrfs-progs
- EOF
- ;;
- init_hd_dep) cat <<- EOF
- lzo libcom_err e2fsprogs-libs libfdisk libsmartcols
- EOF
- ;;
- system_setup) cat <<- EOF
- findutils coreutils
- EOF
- ;;
- system_setup_dep) cat <<- EOF
- libacl libattr
- EOF
- ;;
- setup_support) cat <<- EOF
- sudo bash openssh
- EOF
- ;;
- setup_support_dep) cat <<- EOF
- openssh-client openssh-sftp-server readline ncurses-libs \
- ncurses-terminfo ncurses-terminfo-base
- EOF
- ;;
- all_recr) cat <<- EOF
- ofln init_hd init_hd_dep system_setup system_setup_dep \
- setup_support setup_support_dep
- EOF
- ;;
- esac
- shift
- done
- }
- # small helpers
- host_test () {
- getent hosts "$@" > /dev/null 2>&1
- }
- errx () {
- local err="$1" ; shift
- local abrt="aborting on:"
- case "$err" in
- repox)
- printf "\n%s unable to define source reposity\n" "$abrt" ;;
- cifs_lanx)
- printf "\n%s lan unavailable for cifs mountint\n" "$abrt" ;;
- mountx)
- printf "\n%s mount failure with parameters\n mount" "$abrt"
- printf " %s" "$@"
- printf "\n" ;;
- init_repox)
- printf "\n%s packages database update failure\n" "$abrt" ;;
- apk_addx)
- printf "\n%s packages add failure with parameters\n apk add" "$abrt"
- printf " %s" "$@"
- printf "\n" ;;
- esac > /dev/stderr
- exit 1
- }
- mountx () {
- mount "$@" || errx mountx "$@"
- }
- init_repox () {
- # printf "*** setting package repository\n"
- cat <<- EOF > /etc/apk/repositories
- $1
- EOF
- # printf "*** updating packages database\n"
- apk update || errx init_repox
- }
- apk_addx () {
- apk add "$@" || errx apk_addx "$@"
- }
- ssh_pubkey () {
- local key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHz6HtOdGknQJvSNsFWY"
- key="${key}k8Yu9rKhznLVDDgzc9wZgcQOL23R/FqltWoiVVlC4siY8uXni/4AnKpAZo"
- key="${key}PokVRrHLo+TE1xgOdgEHszPgdDe/idTaqX8fKWvks0DglJkWu4rnHD8NfI"
- key="${key}Fld0Q9ECURbehBS65bw8Msi5Zm9g7FwzuCBxKfmQ4GWcJeWRO9f4VQqneE"
- key="${key}XA1wjsPCQdY48PQLQB8Xk9jwctHqQGQDeeJNbkSwE009Z1dThMzEexsU0g"
- key="${key}TOB0E01pdrN9QLuSGvfSqlCjEbiioYl2UPXpforQ/0//J6F8WX4cC7kckV"
- key="${key}SSJ3qOn9K65qlIF+LKcHGjqLpftemQmz1w/9cQItesoEwBYagaKncUOV72"
- key="${key}DMR+4/aLrUSYwR2IDGPGTt4nvfdhBzktEOXey/+DszQ+TkN4VCbChpC5Om"
- key="${key}UJtc4sMsDXl9rb/fkrWd1293u/GUragiSimbS6uSNfcEZOLdF82k5I6+n1"
- key="${key}HmE1h5aNDJMPYe1CL0CtmJ7biPd/rFilwKTwh68iquiQrcUE+qqWqrab+s"
- key="${key}dXiK0K5pfdq/kgUYZOI27ldNCf2Nzg3Q2scEfbu3ZexUjpEiue1MkYV3LU"
- key="${key}TzGZgx9O6Uq4Q/5l13lFOmG0Vphuk4njrlbqRbyB+VvfgbSuO0rFWnBvby"
- key="${key}najEgSEDZcPyTAi6PTcn+v2vvw== admn@alpine"
- printf "%s\n" "${key}"
- }
- [ -n "$BASH_VERSION" ] || {
- main "$@"
- exit $?
- }
- # assuming bash shell from here
- pkgerr () {
- printf "\nbad package: %s\n" "${@}" > /dev/stderr
- exit 1
- }
- pkglst () {
- local mirror="$MIRROR"
- mirror+=latest-stable/main/x86_64
- local index=APKINDEX.tar.gz
- local plist=( $(pkgset $(pkgset all_recr)) )
- # printf "checking packages..."
- [ -r ${mirror}/${index} ] || pkgerr "${mirror}/${index}"
- local i pk flist=(${mirror}/${index})
- for i in ${plist[@]}; do
- pk=(nil $(ls ${mirror}/${i}-[0-9]*.apk 2> /dev/null))
- ((${#pk[@]}==2)) || pkgerr "${mirror}/${i}"
- [ -r "${pk[1]}" ] || pkgerr "${pk[1]}"
- flist+=(${pk[1]})
- done
- # printf " done.\n"
- printf "%s\n" "${flist[@]}"
- }
- main "$@"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement