1

2023-07-02 07:36:09 +00:00 · 2023-07-02 07:36:09 +00:00 · 995aa9b627
commit 995aa9b627
4 changed files with 113 additions and 0 deletions
--- a/build.sh
+++ b/build.sh
@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+# install ubuntu dependenices for image building
+apt update
+apt install -y libvirt-daemon qemu-utils qemu wget
+
+wget https://raw.githubusercontent.com/alpinelinux/alpine-make-vm-image/master/alpine-make-vm-image -O alpine-make-vm-image
+chmod +x alpine-make-vm-image
+echo '0d5d3e375cb676d6eb5c1a52109a3a0a8e4cd7ac  alpine-make-vm-image' | sha1sum -c 
+if [ "$?" -gt "0" ];then
+	echo "alpine-make-vm-image checksum is bad, check for an update at:"
+	echo "https://github.com/alpinelinux/alpine-make-vm-image"
+	exit 1
+fi
+
+PACKAGES_FILE="os/packages"
+INIT_SCRIPT="os/configure.sh"
+IMAGES_FILENAME="alpine_cloud_init_vm.qcow2"
+ALPINE_BRANCH="3.17"
+DISK_SIZE="20G"
+IMAGE_FORMAT="qcow2"
+
+bash alpine-make-vm-image -b ${ALPINE_BRANCH} -p "$( cat ${PACKAGES_FILE} | xargs) " -s ${DISK_SIZE} -f ${IMAGE_FORMAT} ${IMAGES_FILENAME} --script-chroot ${INIT_SCRIPT}
--- a/os/configure.sh
+++ b/os/configure.sh
@ -0,0 +1,71 @@
+#!/bin/sh
+
+_step_counter=0
+step() {
+	_step_counter=$(( _step_counter + 1 ))
+	printf '\n\033[1;36m%d) %s\033[0m\n' $_step_counter "$@" >&2  # bold cyan
+}
+
+
+step 'Set up timezone'
+setup-timezone -z Asia/Jerusalem
+
+#step 'Set up keymap'
+#setup-keymap fr fr-azerty
+
+step 'Set up networking'
+cat > /etc/network/interfaces <<-EOF
+	auto lo
+	iface lo inet loopback
+
+	auto eth0
+	iface eth0 inet dhcp
+EOF
+
+# FIXME: remove root and alpine password
+step 'Set cloud configuration'
+sed -e '/disable_root:/ s/true/false/' \
+	-e '/ssh_pwauth:/ s/0/no/' \
+    -e '/name: alpine/a \     passwd: "*"' \
+    -e '/lock_passwd:/ s/True/False/' \
+    -i /etc/cloud/cloud.cfg
+
+# To have oh-my-zsh working on first boot
+cat >> /etc/cloud/cloud.cfg <<EOF
+EOF
+
+step 'Allow only key based ssh login'
+sed -e '/PermitRootLogin yes/d' \
+    -e 's/^#PasswordAuthentication yes/PasswordAuthentication no/' \
+    -e 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/' \
+    -i /etc/ssh/sshd_config
+
+# Terraform and github actions need ssh-rsa as accepted algorithm
+# The ssh client needs to be updated (see https://www.openssh.com/txt/release-8.8)
+echo "PubkeyAcceptedKeyTypes=+ssh-rsa" >> /etc/ssh/sshd_config
+
+step 'Remove password for users'
+usermod -p '*' root
+
+step 'Adjust rc.conf'
+sed -Ei \
+	-e 's/^[# ](rc_depend_strict)=.*/\1=NO/' \
+	-e 's/^[# ](rc_logger)=.*/\1=YES/' \
+	-e 's/^[# ](unicode)=.*/\1=YES/' \
+	/etc/rc.conf
+
+# see https://gitlab.alpinelinux.org/alpine/aports/-/issues/8861
+step 'Enable cloud-init configuration via NoCloud iso image'
+
+echo "iso9660" >> /etc/filesystems
+
+step 'Enable services'
+/sbin/rc-update add acpid default
+/sbin/rc-update add chronyd default
+/sbin/rc-update add crond default
+/sbin/rc-update add networking boot
+/sbin/rc-update add termencoding boot
+/sbin/rc-update add sshd default
+/sbin/rc-update add cloud-init default
+/sbin/rc-update add cloud-config default
+/sbin/rc-update add cloud-final default
--- a/os/packages
+++ b/os/packages
@ -0,0 +1,16 @@
+acpi
+curl
+wget
+htop
+bash
+ca-certificates
+chrony
+cloud-init
+e2fsprogs-extra
+less
+logrotate
+openssh
+py3-netifaces
+py3-pyserial
+ssl_client
+sudo
--- a/os/repositories
+++ b/os/repositories
@ -0,0 +1,3 @@
+http://dl-cdn.alpinelinux.org/alpine/v3.17/main
+http://dl-cdn.alpinelinux.org/alpine/v3.17/community
+http://dl-cdn.alpinelinux.org/alpine/edge/testing