Untitled

#!/bin/sh
# note: default alpine shell is ash.

ONLN_REPO="http://nl.alpinelinux.org/alpine/latest-stable/main/"
OFLN_REPO="/media/repository/"

ONLN_HOST="nl.alpinelinux.org"
CIFS_HOST="sysdata"

CDFS_MSRC="/media/cdrom/repo/"
CIFS_MSRC="share/alpine-mirror/latest-stable/main/"

CIFS_OPTS="username=share,password=none"
MIRROR=/d/00-systems/linux-x64/00-alpine/00-mirror/

usage () {
  local out=/dev/stderr tab=$'\t'
  let "${1}==0" > /dev/null 2>&1 && out=/dev/stdout
  cat <<- EOF > ${out}
	setup.sh <help|onln|ofln|cifs|list|dkey>
	${tab}help: show this help.
	${tab}onln: install system from online repository.
	${tab}ofln: install system from cdrom repository.
	${tab}cifs: install system from cifs repository.
	${tab}list: undocummented.
	${tab}dkey: dump public ssh key to standard output.

	online install does'nt require anything beside this script.
	cdrom install require to build the repository on the iso file.
	cifs install require a small cdrom repository on the iso file.

	EOF
  exit $1
}

main () {
  # note:
  # up to setup-disk in init_hd, configuration (except apk repository and db)
  # will be propagated to installed system, including installed packages.

  local gotlan
  init_net () {
    # keyboard and default network interface dhcp setup.
    init_kbd_n_net
    # HOSTNAME env and secondary network interface static setup.
    init_static_net && gotlan=true || gotlan=false
  }

  local repo mode="$1" ; shift
  case "$mode" in
    ofln|cifs) init_net; mkdir "$OFLN_REPO" && repo="$OFLN_REPO" ;;
    onln) init_net; host_test "$ONLN_HOST" && repo="$ONLN_REPO" ;;
    list) pkglst; exit $? ;;
    dkey) ssh_pubkey ; exit ;;
    help) usage 0 ;;
       *) usage 1 ;;
  esac
  [ "$repo" ] || errx repox

  # if needed, mount repository and generate fstab line.
  if [ -d "$repo" ]; then
    local msrc
    case "$mode" in
      ofln) msrc="$CDFS_MSRC" ;;
      cifs) msrc="//${CIFS_HOST}/${CIFS_MSRC}" ;;
    esac

    mountx --rbind "$CDFS_MSRC" "$repo"
    init_repox "$repo"

    local mfst="$msrc $repo"
    [ "$mode" == "cifs" ] && {
      $gotlan || errx cifs_lanx

      mountx -t cifs -o "$CIFS_OPTS" "$msrc" "$repo"
      init_repox "$repo"

      mfst="$mfst cifs ${CIFS_OPTS},ro,noauto 0 0"
    } || mfst="$mfst none rbind,ro,noauto 0 0"
  else
    init_repox "$repo"
  fi

  init_hd # setup-disk done, configuration propagation ended.

  # propagate repository setup.
  [ -d "$repo" ] && {
    mkdir "/mnt${repo}"
    printf "${mfst}\n" >> /mnt/etc/fstab
  }

  # initialize system.
  system_setup "$HOSTNAME"

  # remote mount may lock reboot procedure.
  [ "$mode" == "cifs" ] && umount "$OFLN_REPO"
}

init_kbd_n_net () {
  # printf "*** setting keymap\n"
  setup-keymap fr fr-latin1

  # printf "*** setting /etc/network/interfaces\n"
  cat <<- EOF > /etc/network/interfaces

	auto lo
	iface lo inet loopback

	auto eth0
	iface eth0 inet dhcp

	EOF

  # printf "*** add networking to default rc\n"
  rc-update add networking default
  openrc
}

init_static_net () {
  export HOSTNAME=localhost
  local wan_ip="$(ifconfig -a)"
  { grep -q eth1 || return; } <<- EOF
	$wan_ip
	EOF

  wan_ip="$(ifconfig eth0 | sed -n '/inet addr:/s,.*r:\([^ ]*\).*,\1,p')"
  [ "$wan_ip" ] || return

  local hsedexp='s,^[^[:blank:]]*[[:blank:]]*\([^[:blank:]\.]*\).*,\1,p'
  local hname="$(getent hosts "$wan_ip" | sed -n "$hsedexp")"
  [ "$hname" ] || return

  local isedexp='s/\([[:digit:]\.]*\).*/\1/p'
  local lan_ip="$(getent hosts "${hname}-lan" | sed -n "$isedexp")"
  { [ "$lan_ip" ] && [ "$lan_ip" != "$wan_ip" ]; } || return

  hname="$(getent hosts "$lan_ip" | sed -n "$hsedexp")";
  [ "$hname" ] && export HOSTNAME="$hname"

  local tab=$'\t'
  cat <<- EOF >> /etc/network/interfaces
	auto eth1
	iface eth1 inet static
	${tab}address ${lan_ip}
	${tab}netmask 255.255.255.0

	EOF
  /etc/init.d/networking restart
}

init_hd () {
  # printf "*** setting partition table\n"
  apk_addx sfdisk
  sfdisk /dev/sda <<- EOF
	label: gpt
	label-id: 28062016-00FF-DDFF-0000-000000000000
	device: /dev/sda
	unit: sectors
	first-lba: 34
	last-lba: 33554398

	/dev/sda2 : start=   2048, size= 1048576,\
	type=0FC63DAF-8483-4772-8E79-3D69D8477DE4,\
	uuid=00000000-0000-0000-0000-0000000000FF,\
	name="Linux filesystem"
	/dev/sda4 : start=1050624, size=32503775,\
	type=0FC63DAF-8483-4772-8E79-3D69D8477DE4,\
	uuid=00000000-0000-0000-0000-0000000000EE,\
	name="Linux filesystem"
	EOF

  # note: attrs setting using dump input fail.
  sfdisk --part-attrs /dev/sda 2 LegacyBIOSBootable
  mdev -s
  apk del sfdisk # prevent propagation.

  # printf "*** initializing filesystems\n"
  apk_addx e2fsprogs btrfs-progs
  mkfs.ext4 -L boot -U 15022016-00EE-DDFF-00FF-000000000000 /dev/sda2
  mkfs.btrfs -L root -U 15022016-00EE-DDFF-00EE-000000000000 /dev/sda4
  mount -t btrfs /dev/sda4 /mnt
  btrfs su create /mnt/57
  btrfs su create /mnt/default
  btrfs su create /mnt/59
  btrfs su create /mnt/default/usr
  btrfs su create /mnt/61
  btrfs su create /mnt/default/usr/local
  btrfs su create /mnt/63
  btrfs su create /mnt/default/var
  btrfs su create /mnt/default/tmp
  btrfs su create /mnt/default/home
  for i in 57 59 61 63; do
    btrfs su delete -c /mnt/$i
  done
  btrfs su set-default 258 /mnt
  umount /mnt
  apk del e2fsprogs btrfs-progs # prevent propagation.

  # printf "*** mounting filesystems\n"
  mount -t btrfs /dev/sda4 /mnt
  mkdir /mnt/boot
  mount -t ext4 /dev/sda2 /mnt/boot

  # printf "*** initializing system\n"
  setup-disk -s0 -k vanilla /mnt

  # printf "*** initializing mbr\n"
  # note: syslinux pkg is loaded by setup-disk.
  dd if=/usr/share/syslinux/gptmbr.bin of=/dev/sda bs=440 count=1
  sync
}

system_setup () {
  # TODO conditionalize setup on installed packages
  # install packages first then configure them
  # checking with apk -p xxx info

  # printf "*** set repository for new system\n"
  cat /etc/apk/repositories > /mnt/etc/apk/repositories

  # printf "*** add packages\n"
  for p in $(pkgset setup_support); do
    apk -p /mnt add "$p"
  done

  # printf "*** set hostname\n"
  printf "$1" > /mnt/etc/hostname
  shift

#  # printf "*** add docs packages\n"
#  [ "$1" ] && { # TODO clean-up
#    for p in $(apk -p /mnt info); do
#      apk info ${p}-doc > /dev/null && apk -p /mnt add ${p}-doc
#    done
#    shift
#  }

  # printf "*** set bash as root shell\n"
  sed -i '/^root:/s,/bin/ash,/bin/bash,' /mnt/etc/passwd

  # printf "*** move root home to /home/root\n"
  sed -i '/^root:/s,:/root,:/home/root,' /mnt/etc/passwd
  mv /mnt/root /mnt/home/

  # printf "*** add 'admn': user, group, sudoer, home and ssh key\n"
  sed -i '/^guest:/s,.*,\0\nadmn:x:654:654:admn:/home/admn:/bin/bash,' \
     /mnt/etc/passwd
  sed -i '/^guest:/s,.*,\0\nadmn:::0:::::,' /mnt/etc/shadow

  sed -i '/^utmp:/s,.*,\0\nadmn:x:654:,' /mnt/etc/group

  sed -i '/^root/s,.*,\0\nadmn ALL=(ALL) NOPASSWD: ALL,' /mnt/etc/sudoers

  mkdir /mnt/home/admn
  chown 654.654 /mnt/home/admn
  chmod 755 /mnt/home/admn

  mkdir /mnt/home/admn/.ssh
  chown 654.654 /mnt/home/admn/.ssh
  chmod 700 /mnt/home/admn/.ssh

  ssh_pubkey > /mnt/home/admn/.ssh/authorized_keys

  chown 654.654 /mnt/home/admn/.ssh/authorized_keys
  chmod 644 /mnt/home/admn/.ssh/authorized_keys

  # printf "*** ssh server setup\n"
  sed -i 's/^#PermitRootLogin.*/PermitRootLogin no/;
          s/^#PasswordAuthentication.*/PasswordAuthentication no/;
          s/^#PermitEmptyPasswords.*/PermitEmptyPasswords no/' \
    /mnt/etc/ssh/sshd_config
  chroot /mnt /sbin/rc-update add sshd default

  # printf "*** cleanup usr/local\n"
  rm -rf /mnt/usr/local/*

  # printf "*** forge and forget root and admn passwords\n"
  apk_addx openssh
  ssh-keygen -q -t rsa -b 4096 -N '' -f /tmp/passgen
  sed -n '4s/.*/root:\0/p;5s/.*/admn:\0/p' < /tmp/passgen > /tmp/newpass
  chroot /mnt /usr/sbin/chpasswd < /tmp/newpass

  # printf "*** set default prompt\n"
  sed -i '/export PS1/s,\\h,\\u@\\h,' /mnt/etc/profile

  # printf "*** set ll alias for bash\n"
  echo "[ \"\$BASH_VERSION\" ] && alias ll='ls -la'" \
    > /mnt/etc/profile.d/ll.sh

  # printf "*** cleanup motd\n"
  echo 'motd: no news is good news.' > /mnt/etc/motd

  # printf "*** prevent boot clock skew report\n"
  apk_addx coreutils findutils
  find /mnt -print0 | xargs -0 touch -c -t 0505050505.05 2> /dev/null
}

pkgset () {
  while [ "$1" ]; do
    case "$1" in
      ofln) cat <<- EOF
	syslinux blkid mtools linux-vanilla linux-firmware mkinitfs \
	kmod xz-libs cryptsetup-libs device-mapper libblkid libuuid \
	lddtree alpine-base alpine-keys libc-utils musl-utils scanelf \
	busybox-initscripts busybox-suid apk-tools libssl1.0 libcrypto1.0 \
	zlib alpine-conf openrc alpine-baselayout busybox acct musl
	EOF
        ;;
      init_hd) cat <<- EOF
	sfdisk e2fsprogs btrfs-progs
	EOF
        ;;
      init_hd_dep) cat <<- EOF
	lzo libcom_err e2fsprogs-libs libfdisk libsmartcols
	EOF
        ;;
      system_setup) cat <<- EOF
	findutils coreutils
	EOF
        ;;
      system_setup_dep) cat <<- EOF
	libacl libattr
	EOF
        ;;
      setup_support) cat <<- EOF
	sudo bash openssh
	EOF
        ;;
      setup_support_dep) cat <<- EOF
	openssh-client openssh-sftp-server readline ncurses-libs \
	ncurses-terminfo ncurses-terminfo-base
	EOF
        ;;
      all_recr) cat <<- EOF
	ofln init_hd init_hd_dep system_setup system_setup_dep \
	setup_support setup_support_dep
	EOF
        ;;
    esac
    shift
  done
}

# small helpers

host_test () {
  getent hosts "$@" > /dev/null 2>&1
}

errx () {
  local err="$1" ; shift
  local abrt="aborting on:"
  case "$err" in
    repox)
      printf "\n%s unable to define source reposity\n" "$abrt" ;;
    cifs_lanx)
      printf "\n%s lan unavailable for cifs mountint\n" "$abrt" ;;
    mountx)
      printf "\n%s mount failure with parameters\n  mount" "$abrt"
      printf " %s" "$@"
      printf "\n" ;;
    init_repox)
      printf "\n%s packages database update failure\n" "$abrt" ;;
    apk_addx)
      printf "\n%s packages add failure with parameters\n  apk add" "$abrt"
      printf " %s" "$@"
      printf "\n" ;;
  esac > /dev/stderr
  exit 1
}

mountx () {
  mount "$@" || errx mountx "$@"
}

init_repox () {
  # printf "*** setting package repository\n"
  cat <<- EOF > /etc/apk/repositories
	$1
	EOF
  # printf "*** updating packages database\n"
  apk update || errx init_repox
}

apk_addx () {
  apk add "$@" || errx apk_addx "$@"
}

ssh_pubkey () {
  local key="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHz6HtOdGknQJvSNsFWY"
  key="${key}k8Yu9rKhznLVDDgzc9wZgcQOL23R/FqltWoiVVlC4siY8uXni/4AnKpAZo"
  key="${key}PokVRrHLo+TE1xgOdgEHszPgdDe/idTaqX8fKWvks0DglJkWu4rnHD8NfI"
  key="${key}Fld0Q9ECURbehBS65bw8Msi5Zm9g7FwzuCBxKfmQ4GWcJeWRO9f4VQqneE"
  key="${key}XA1wjsPCQdY48PQLQB8Xk9jwctHqQGQDeeJNbkSwE009Z1dThMzEexsU0g"
  key="${key}TOB0E01pdrN9QLuSGvfSqlCjEbiioYl2UPXpforQ/0//J6F8WX4cC7kckV"
  key="${key}SSJ3qOn9K65qlIF+LKcHGjqLpftemQmz1w/9cQItesoEwBYagaKncUOV72"
  key="${key}DMR+4/aLrUSYwR2IDGPGTt4nvfdhBzktEOXey/+DszQ+TkN4VCbChpC5Om"
  key="${key}UJtc4sMsDXl9rb/fkrWd1293u/GUragiSimbS6uSNfcEZOLdF82k5I6+n1"
  key="${key}HmE1h5aNDJMPYe1CL0CtmJ7biPd/rFilwKTwh68iquiQrcUE+qqWqrab+s"
  key="${key}dXiK0K5pfdq/kgUYZOI27ldNCf2Nzg3Q2scEfbu3ZexUjpEiue1MkYV3LU"
  key="${key}TzGZgx9O6Uq4Q/5l13lFOmG0Vphuk4njrlbqRbyB+VvfgbSuO0rFWnBvby"
  key="${key}najEgSEDZcPyTAi6PTcn+v2vvw== admn@alpine"
  printf "%s\n" "${key}"
}

[ -n "$BASH_VERSION" ] || {
  main "$@"
  exit $?
}

# assuming bash shell from here

pkgerr () {
  printf "\nbad package: %s\n" "${@}" > /dev/stderr
  exit 1
}

pkglst () {
  local mirror="$MIRROR"
  mirror+=latest-stable/main/x86_64

  local index=APKINDEX.tar.gz
  local plist=( $(pkgset $(pkgset all_recr)) )

  # printf "checking packages..."
  [ -r ${mirror}/${index} ] || pkgerr "${mirror}/${index}"

  local i pk flist=(${mirror}/${index})
  for i in ${plist[@]}; do
    pk=(nil $(ls ${mirror}/${i}-[0-9]*.apk 2> /dev/null))
    ((${#pk[@]}==2)) || pkgerr "${mirror}/${i}"
    [ -r "${pk[1]}" ] || pkgerr "${pk[1]}"
    flist+=(${pk[1]})
  done
  # printf " done.\n"
  printf "%s\n" "${flist[@]}"
}

main "$@"