s unsquashfs $sfs
s mkdir -p squashfs-root/root/.ssh
s chmod 755 squashfs-root/root/.ssh
-s cp ~/.ssh/id_rsa.pub squashfs-root/root/.ssh/authorized_keys
+s cp ~/.ssh/home.pub squashfs-root/root/.ssh/authorized_keys
s cp $script_dir/arch-iso-init squashfs-root/root
s rm $sfs
addr=$(host $host | sed -rn 's/^\S+ has address //p;T;q')
h=$(host $addr)
h=${h##* }
-echo ${h%%.*}
+echo $h
d-i preseed/late_command string \
in-target sed -i 's/^%sudo.*$/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' /etc/sudoers; \
in-target mkdir -p /home/$user/.ssh; \
-in-target /bin/sh -c "echo '$(cat ~/.ssh/id_rsa.pub)' >> /home/$user/.ssh/authorized_keys"; \
+in-target /bin/sh -c "echo '$(cat ~/.ssh/home.pub)' >> /home/$user/.ssh/authorized_keys"; \
in-target chown -R $user:$user /home/$user; \
in-target chmod -R go-rwx /home/$user/.ssh/authorized_keys; \
in-target cp -r /home/$user/.ssh /root; \
rsync -rlp --delete --relative --exclude /fai/config/basefiles/ fai/config root@$faiserver_host:/srv
-scp -q ~/.ssh/id_rsa.pub \
+scp -q ~/.ssh/home.pub \
root@$faiserver_host:/srv/fai/config/files/root/.ssh/authorized_keys/GRUB_PC
# todo: automatically disable faiserver after a period so
# these files are not exposed.
console_arg=--noautoconsole
fi
+# docker makes forward default to drop, which blocks the vm pxe on flidas. easiest solution:
+s iptables -P FORWARD ACCEPT
+
# --cpu host: this causes mkfs.btrfs to fail with a stack trace which began
# something like:
# init_module+0x108/0x1000 [raid6_pq]
chroot $FAI_ROOT bash <<'EOF'
+#### begin .ssh setup ###
set -eE -o pipefail
mkdir -p /home/iank/.ssh
f=/root/.ssh/authorized_keys
cp -rL /home/iank/.ssh /root
chown -R root:root /root/.ssh
chmod 700 /root/.ssh
+#### end .ssh setup ###
+# this is needed to enable resolvconf, making /etc/resolv.conf be a symlink.
+# why? i dun know, it\'s really dumb.
+dpkg-reconfigure -fnoninteractive resolvconf
# default jessie groups + kvm, systemd-journal, adm
usermod -aG adm,cdrom,floppy,sudo,audio,dip,video,plugdev,netdev iank
[[ $EUID == 0 ]] || exec sudo "${BASH_SOURCE}" "$@"
usage() {
- cat <<EOF
+ cat <<EOF
usage: ${0##*/} [-h|--help]
install fai-server on the current machine
/a/bin/fai-basefiles
EOF
- exit $1
+ exit $1
}
case $1 in
- -h|--help) usage ;;
+ -h|--help) usage ;;
esac
fi
armhf() {
- [[ $(dpkg --print-architecture) == armhf ]]
+ [[ $(dpkg --print-architecture) == armhf ]]
}
if armhf; then
cat >/etc/apt/sources.list.d/fai.list <<'EOF'
deb http://fai-project.org/download stretch koeln
EOF
+elif grep -iE 'flidas|xenail' /etc/os-release; then
+ add-apt-repository -y ppa:fai/ppa
else
- rm -f /etc/apt/sources.list.d/fai.list
+ rm -f /etc/apt/sources.list.d/fai.list
fi
-# for ubuntu:
-#add-apt-repository -y ppa:fai/ppa
-
-# for debian:
-
-
apt-get update
# Relevant packages from fai-quickstart depends and fai-server recommends.
if modprobe nfsd &>/dev/null; then
pkgs+=(nfs-kernel-server)
else
- pkgs+=(apache2)
+ pkgs+=(apache2)
fi
case $base in
- jessie|stretch)
- cat >>/etc/fai/apt/sources.list <<EOF
+ jessie|stretch)
+ cat >>/etc/fai/apt/sources.list <<EOF
# use fai repo. it's commented in the defaults. it's got bug fixes.
# and may contain newer packages.
deb http://fai-project.org/download $base koeln
EOF
- ;;
+ ;;
esac
if [[ $base == jessie ]]; then
# and if not, run it.
setup_tftp(){
- # tftp environment
- local pxebin
-
- # wheezy path
- if [ -f $NFSROOT/usr/lib/PXELINUX/pxelinux.0 ]; then
- pxebin=$NFSROOT/usr/lib/PXELINUX/pxelinux.0
- else
- # jessie/stretch path
- pxebin=$NFSROOT/usr/lib/syslinux/pxelinux.0
- fi
-
- rm -f $NFSROOT/boot/*.bak
- mkdir -p $TFTPROOT/pxelinux.cfg
- chmod a+r $NFSROOT/boot/initrd.img-* || die 9 "No initrd was created. Check the package name of the linux-image package in /etc/fai/NFSROOT."
- cp -p $v $NFSROOT/boot/vmlinu?-* $NFSROOT/boot/initrd.img-* $TFTPROOT
- cp -u $pxebin $TFTPROOT
- if [ -f $NFSROOT/usr/lib/syslinux/modules/bios/ldlinux.c32 ]; then
- cp -u $NFSROOT/usr/lib/syslinux/modules/bios/ldlinux.c32 $TFTPROOT
- fi
- if [ X$verbose = X1 ]; then
- echo "TFTP environment prepared. Enable DHCP and start the TFTP daemon on root $TFTPROOT."
- fi
+ # tftp environment
+ local pxebin
+
+ # wheezy path
+ if [ -f $NFSROOT/usr/lib/PXELINUX/pxelinux.0 ]; then
+ pxebin=$NFSROOT/usr/lib/PXELINUX/pxelinux.0
+ else
+ # jessie/stretch path
+ pxebin=$NFSROOT/usr/lib/syslinux/pxelinux.0
+ fi
+
+ rm -f $NFSROOT/boot/*.bak
+ mkdir -p $TFTPROOT/pxelinux.cfg
+ chmod a+r $NFSROOT/boot/initrd.img-* || die 9 "No initrd was created. Check the package name of the linux-image package in /etc/fai/NFSROOT."
+ cp -p $v $NFSROOT/boot/vmlinu?-* $NFSROOT/boot/initrd.img-* $TFTPROOT
+ cp -u $pxebin $TFTPROOT
+ if [ -f $NFSROOT/usr/lib/syslinux/modules/bios/ldlinux.c32 ]; then
+ cp -u $NFSROOT/usr/lib/syslinux/modules/bios/ldlinux.c32 $TFTPROOT
+ fi
+ if [ X$verbose = X1 ]; then
+ echo "TFTP environment prepared. Enable DHCP and start the TFTP daemon on root $TFTPROOT."
+ fi
}
diff -u <(type setup_tftp) <(cat <(sed -n '/^setup_tftp(){/,/^}/p' $(which fai-make-nfsroot) ) - <<'EOF' |bash
type setup_tftp
fai-setup -evag
else # not armhf
- # note, this copies the -B arg to
- # /srv/fai/nfsroot/var/tmp/base.tar.xz
- e fai-setup -evf -B /a/bin/fai-basefiles/basefiles/STRETCH64.tar.xz
- # make the faiserver also the apt proxy server
- apt-get -y install apt-cacher-ng
+ # note, this copies the -B arg to
+ # /srv/fai/nfsroot/var/tmp/base.tar.xz
+ e fai-setup -evf -B /a/bin/fai-basefiles/basefiles/STRETCH64.tar.xz
+ # make the faiserver also the apt proxy server
+ apt-get -y install apt-cacher-ng
fi
{ head -n 1 /srv/fai/nfsroot/root/.ssh/known_hosts | awk '{print $1}' \
## ian: commented and replaced with just an echo
## since usb port seems to be busted.
-echo | cedit /etc/config/fstab
+echo | cedit /etc/config/fstab ||:
# cedit /etc/config/fstab <<'EOF' || { v block umount; v block mount; }
# config global automount
# option from_fstab 1
option name ssh
option src wan
option src_dport 22
- option dest_ip 192.168.1.2
+ option dest_ip 192.168.1.8
option dest lan
config rule
option src wan
option src wan
option src_dport 443
option dest lan
- option dest_ip 192.168.1.2
+ option dest_ip 192.168.1.8
option proto tcp
config rule
option src wan
option src wan
option src_dport 1196
option dest lan
- option dest_ip 192.168.1.2
+ option dest_ip 192.168.1.8
option proto udp
config rule
option src wan
option src wan
option src_dport 80
option dest lan
- option dest_ip 192.168.1.2
+ option dest_ip 192.168.1.8
option proto tcp
config rule
option src wan
option name syncthing
option src wan
option src_dport 22001
- option dest_ip 192.168.1.2
+ option dest_ip 192.168.1.8
option dest lan
config rule
option src wan
dnsmasq_restart=false
+mail_host=$(grep -F mail.iankelling.org /etc/hosts | awk '{print $1}')
v cedit /etc/hosts <<EOF || dnsmasq_restart=true
127.0.1.1 wrt
192.168.1.1 wrt
192.168.1.2 treetowl
192.168.1.3 frodo
192.168.1.4 htpc
-192.168.1.5 x2 faiserver b8.nz
+192.168.1.5 x2
192.168.1.6 demohost
#192.168.1.7 faiserver
-192.168.1.8 tp
+192.168.1.8 tp faiserver b8.nz
192.168.1.9 n5
192.168.1.10 kw
+192.168.1.11 kww
+192.168.1.12 fz
72.14.176.105 li
45.33.9.11 lj
138.68.10.24 dopub
10.173.0.2 transmission
EOF
+# if [[ $mail_host ]]; then
+# sed -i '/^$mail_host/a mail.iankelling.org' /etc/hosts
+# fi
+
# avoid using the dns servers that my isp tells me about.
if [[ $(uci get dhcp.@dnsmasq[0].resolvfile) ]]; then
dhcp-host=f4:6d:04:02:ed:66,set:treetowl,192.168.1.2,treetowl
dhcp-host=00:26:18:97:bb:16,set:frodo,192.168.1.3,frodo
dhcp-host=10:78:d2:da:29:22,set:htpc,192.168.1.4,htpc
-dhcp-host=00:1f:16:16:39:24,set:x2,192.168.1.5,x2
+dhcp-host=00:1f:16:16:39:24,set:fz,192.168.1.5,fz
# this is so fai can have an explicit name to use for testing,
# or else any random machine which did a pxe boot would get
# reformatted. The mac is from doing a virt-install, cancelling it,
# hostname is the name it uses according to telnet
dhcp-host=b4:75:0e:94:29:ca,set:switch9429ca,192.168.1.251,switch9429ca
dhcp-host=10:78:d2:da:28:4f,set:kw,192.168.1.10,kw
-
+dhcp-host=00:c0:ca:27:e9:b2,set:kww,192.168.1.11,kww
# template
# dhcp-host=,192.168.1.,
iankelling.org / git / automated-distro-installer / commitdiff