build-cloud-init-frr-alpine/os/configure.sh

#!/bin/sh

_step_counter=0
step() {
	_step_counter=$(( _step_counter + 1 ))
	printf '\n\033[1;36m%d) %s\033[0m\n' $_step_counter "$@" >&2  # bold cyan
}


step 'Set up timezone'
setup-timezone -z Asia/Jerusalem

#step 'Set up keymap'
#setup-keymap fr fr-azerty

step 'Set up networking'
cat > /etc/network/interfaces <<-EOF
	auto lo
	iface lo inet loopback

	auto eth0
	iface eth0 inet dhcp
EOF

# FIXME: remove root and alpine password
step 'Set cloud configuration'
sed -e '/disable_root:/ s/true/false/' \
	-e '/ssh_pwauth:/ s/0/no/' \
    -e '/name: alpine/a \     passwd: "*"' \
    -e '/lock_passwd:/ s/True/False/' \
    -i /etc/cloud/cloud.cfg

# To have oh-my-zsh working on first boot
cat >> /etc/cloud/cloud.cfg <<EOF
EOF

step 'Allow only key based ssh login'
sed -e '/PermitRootLogin yes/d' \
    -e 's/^#PasswordAuthentication yes/PasswordAuthentication no/' \
    -e 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/' \
    -i /etc/ssh/sshd_config

# Terraform and github actions need ssh-rsa as accepted algorithm
# The ssh client needs to be updated (see https://www.openssh.com/txt/release-8.8)
echo "PubkeyAcceptedKeyTypes=+ssh-rsa" >> /etc/ssh/sshd_config

step 'Remove password for users'
usermod -p '*' root

step 'Adjust rc.conf'
sed -Ei \
	-e 's/^[# ](rc_depend_strict)=.*/\1=NO/' \
	-e 's/^[# ](rc_logger)=.*/\1=YES/' \
	-e 's/^[# ](unicode)=.*/\1=YES/' \
	/etc/rc.conf

# see https://gitlab.alpinelinux.org/alpine/aports/-/issues/8861
step 'Enable cloud-init configuration via NoCloud iso image'

echo "iso9660" >> /etc/filesystems

step 'Enable services'
/sbin/rc-update add acpid default
/sbin/rc-update add chronyd default
/sbin/rc-update add crond default
/sbin/rc-update add networking boot
/sbin/rc-update add termencoding boot
/sbin/rc-update add sshd default
/sbin/rc-update add cloud-init default
/sbin/rc-update add cloud-config default
/sbin/rc-update add cloud-final default
/sbin/rc-update add frr default
1 2023-07-03 02:41:33 +03:00			`#!/bin/sh`

			`_step_counter=0`
			`step() {`
			`_step_counter=$(( _step_counter + 1 ))`
			`printf '\n\033[1;36m%d) %s\033[0m\n' $_step_counter "$@" >&2 # bold cyan`
			`}`


			`step 'Set up timezone'`
			`setup-timezone -z Asia/Jerusalem`

			`#step 'Set up keymap'`
			`#setup-keymap fr fr-azerty`

			`step 'Set up networking'`
			`cat > /etc/network/interfaces <<-EOF`
			`auto lo`
			`iface lo inet loopback`

			`auto eth0`
			`iface eth0 inet dhcp`
			`EOF`

			`# FIXME: remove root and alpine password`
			`step 'Set cloud configuration'`
			`sed -e '/disable_root:/ s/true/false/' \`
			`-e '/ssh_pwauth:/ s/0/no/' \`
			`-e '/name: alpine/a \ passwd: "*"' \`
			`-e '/lock_passwd:/ s/True/False/' \`
			`-i /etc/cloud/cloud.cfg`

			`# To have oh-my-zsh working on first boot`
			`cat >> /etc/cloud/cloud.cfg <<EOF`
			`EOF`

			`step 'Allow only key based ssh login'`
			`sed -e '/PermitRootLogin yes/d' \`
			`-e 's/^#PasswordAuthentication yes/PasswordAuthentication no/' \`
			`-e 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/' \`
			`-i /etc/ssh/sshd_config`

			`# Terraform and github actions need ssh-rsa as accepted algorithm`
			`# The ssh client needs to be updated (see https://www.openssh.com/txt/release-8.8)`
			`echo "PubkeyAcceptedKeyTypes=+ssh-rsa" >> /etc/ssh/sshd_config`

			`step 'Remove password for users'`
			`usermod -p '*' root`

			`step 'Adjust rc.conf'`
			`sed -Ei \`
			`-e 's/^[# ](rc_depend_strict)=.*/\1=NO/' \`
			`-e 's/^[# ](rc_logger)=.*/\1=YES/' \`
			`-e 's/^[# ](unicode)=.*/\1=YES/' \`
			`/etc/rc.conf`

			`# see https://gitlab.alpinelinux.org/alpine/aports/-/issues/8861`
			`step 'Enable cloud-init configuration via NoCloud iso image'`

			`echo "iso9660" >> /etc/filesystems`

			`step 'Enable services'`
			`/sbin/rc-update add acpid default`
			`/sbin/rc-update add chronyd default`
			`/sbin/rc-update add crond default`
			`/sbin/rc-update add networking boot`
			`/sbin/rc-update add termencoding boot`
			`/sbin/rc-update add sshd default`
			`/sbin/rc-update add cloud-init default`
			`/sbin/rc-update add cloud-config default`
			`/sbin/rc-update add cloud-final default`
			`/sbin/rc-update add frr default`