diff --git a/basic.sh b/basic.sh index eb89cb6..467486b 100755 --- a/basic.sh +++ b/basic.sh @@ -1,10 +1,14 @@ #!/bin/sh set -e -SOURCE_DIR=$(realpath $(dirname "${0}"))/basic +cd $(realpath $(dirname "${0}"))/basic + +# Configure APK repository +echo "@vm https://dl.dasm.cz/spotter-abuild" >>/etc/apk/repositories +cp etc/apk/keys/repokey.rsa.pub /etc/apk/keys/repokey.rsa.pub # Install packages -apk --no-cache add ca-certificates curl bridge e2fsprogs-extra gettext iptables kbd-misc libcap libressl libseccomp postfix python3 py3-bcrypt py3-cffi py3-cryptography py3-dnspython py3-jinja2 py3-requests py3-six py3-werkzeug nginx util-linux +apk --no-cache add ca-certificates curl bridge e2fsprogs-extra gettext iptables kbd-misc libcap libressl libseccomp postfix python3 py3-bcrypt py3-cffi py3-cryptography py3-dnspython py3-jinja2 py3-requests py3-six py3-werkzeug nginx util-linux acme-sh@vm lxc@vm if [ ${DEBUG:-0} -eq 1 ]; then # Install some utilities for DEBUG mode apk --no-cache add git file htop less openssh-server openssh-sftp-server tar xz @@ -13,57 +17,50 @@ fi # Copy root profile files and settings for DEBUG mode if [ ${DEBUG:-0} -eq 1 ]; then mkdir -p /root/.config/htop /root/.ssh - cp ${SOURCE_DIR}/root/.profile /root/.profile - cp ${SOURCE_DIR}/root/.ssh/authorized_keys /root/.ssh/authorized_keys - cp ${SOURCE_DIR}/root/.config/htop/htoprc /root/.config/htop/htoprc + cp root/.profile /root/.profile + cp root/.ssh/authorized_keys /root/.ssh/authorized_keys + cp root/.config/htop/htoprc /root/.config/htop/htoprc fi # Copy boot configuration -cp ${SOURCE_DIR}/boot/extlinux.conf /boot/extlinux.conf -cp ${SOURCE_DIR}/boot/vm.txt /boot/vm.txt -cp ${SOURCE_DIR}/etc/inittab /etc/inittab -cp ${SOURCE_DIR}/sbin/extend-disk /sbin/extend-disk -cp ${SOURCE_DIR}/sbin/vmtty /sbin/vmtty +cp boot/extlinux.conf /boot/extlinux.conf +cp boot/vm.txt /boot/vm.txt +cp etc/inittab /etc/inittab +cp sbin/extend-disk /sbin/extend-disk +cp sbin/vmtty /sbin/vmtty >/etc/motd # Enable support for Czech characters -cp ${SOURCE_DIR}/etc/rc.conf /etc/rc.conf -cp ${SOURCE_DIR}/etc/conf.d/consolefont /etc/conf.d/consolefont +cp etc/rc.conf /etc/rc.conf +cp etc/conf.d/consolefont /etc/conf.d/consolefont # Configure NTP client -cp ${SOURCE_DIR}/etc/conf.d/ntpd /etc/conf.d/ntpd +cp etc/conf.d/ntpd /etc/conf.d/ntpd # Configure networking -cp ${SOURCE_DIR}/etc/conf.d/iptables /etc/conf.d/iptables -cp ${SOURCE_DIR}/etc/iptables/rules-save /etc/iptables/rules-save -cp ${SOURCE_DIR}/etc/network/interfaces /etc/network/interfaces +cp etc/conf.d/iptables /etc/conf.d/iptables +cp etc/iptables/rules-save /etc/iptables/rules-save +cp etc/network/interfaces /etc/network/interfaces service networking restart -# Download and configure acme.sh -mkdir /etc/acme.sh.d -wget https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh -O /usr/bin/acme.sh -sed -i 's|$HOME/.$PROJECT_NAME|/etc/acme.sh.d|' /usr/bin/acme.sh -chmod +x /usr/bin/acme.sh - -# Download and configure LXC -wget https://dl.dasm.cz/lxc.tar.xz -O - | tar xJf - -C / +# Configure LXC mkdir /var/log/lxc echo -e "172.17.0.1 host" >>/etc/hosts # Copy VMMgr resources -cp ${SOURCE_DIR}/etc/init.d/vmmgr /etc/init.d/vmmgr +cp etc/init.d/vmmgr /etc/init.d/vmmgr rc-update -u -cp -r ${SOURCE_DIR}/srv/vm /srv/vm +cp -r srv/vm /srv/vm ln -s /srv/vm/cli.py /usr/bin/vmmgr # Create a self-signed certificate vmmgr create-selfsigned # Configure nginx -cp ${SOURCE_DIR}/etc/nginx/nginx.conf /etc/nginx/nginx.conf +cp etc/nginx/nginx.conf /etc/nginx/nginx.conf # Configure postfix -cp ${SOURCE_DIR}/etc/postfix/main.cf /etc/postfix/main.cf +cp etc/postfix/main.cf /etc/postfix/main.cf newaliases # Configure services diff --git a/basic/etc/apk/keys/repokey.rsa.pub b/basic/etc/apk/keys/repokey.rsa.pub new file mode 100644 index 0000000..84c5fee --- /dev/null +++ b/basic/etc/apk/keys/repokey.rsa.pub @@ -0,0 +1,9 @@ +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoNig96JdNCBGE60FMKN +9mD8DrcDIIwl06r+lTnQuLfNxEYxLCS06zlGVQ5o7bJBOZumMZNWdINpa5j8378/ +M6ieDxmd4YErcLobNnYlubp1qVljVcK8luPtvVrQ4O+Ss9owO97qJHKsXF1U2jgE +29QkIGPj+5IfkkbTeGP5T1o9ySmu6AQ+yjGi+ohUtnF5cR+cPb1cJR2XhirS0yLN +E+9E7tcTfILIgxGfCshwdSrZ67fknPZmB+8QpWypd0rlG4lf4kjrY/pZ0Jlu2JxX +BjdgUB4rzcNk99UZfkp2BbGtNYjZ4PZukOl8AYX14bdDSja2W6TcLnGfCqHZRCjW +HwIDAQAB +-----END PUBLIC KEY-----