scripts/debian/chroot.install

241 lines
8.8 KiB
Bash
Executable File
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/sh
# Vars
## Define the hard drive to use
if [ -b '/dev/sda' ]; then
hdd="/dev/sda"
else
printf '%b\n' "Please check the hard drive to use"
exit 0
fi
## Computer hostname
new_hostname="2g"
## Volume Group name to use for LVM
vgname="ovhsys"
## If the script should manage the partitions (delete, add,…)
manage_part=0
## Colors definition {{{
BLACK='\033[49;30m'
BLACKB='\033[49;90m'
RED='\033[0;31m'
REDB='\033[1;31m'
GREEN='\033[0;32m'
YELLOW='\033[0;33m'
BLUE='\033[94;49m'
MAGENTA='\033[0;35m'
CYAN='\033[36;49m'
WHITE='\033[0;37m'
BOLD='\033[1m'
RESET='\033[0m'
## }}}
## Package to exclude from debootstrap install
dbs_pkg_exclude="vim-tiny"
## Package to include to debootstrap install
dbs_pkg_include="aptitude,bzip2,debconf-i18n,dialog,dmsetup,htop,isc-dhcp-client,isc-dhcp-common,locales,lvm2,openssh-server,pciutils,tmux,vim-nox,wget,zsh"
# Prepare host system {{{
apt update
apt install -y coreutils debootstrap e2fsprogs gawk ipcalc lvm2 parted util-linux wget
# }}}
# Partitionning {{{
if [ "${manage_part}" -eq 0 ]; then
## Remove all old partitions
for part_number in 1 2 3 4 5 6 7 8; do
[ -b "${hdd}""${part_number}" ] && parted "${hdd}" rm "${part_number}"
done
## Recreate partition (/boot and LV) {{{
### Partition type
parted "${hdd}" mklabel msdos
### /boot
parted "${hdd}" mkpart primary 0% 512MB
parted "${hdd}" set 1 boot on
### LV
parted "${hdd}" mkpart primary 512MB 100%
parted "${hdd}" set 2 lvm on
sudo pvcreate "${hdd}"2
sudo vgcreate "${vgname}" "${hdd}"2
fi
mkfs.ext3 -F -L boot -- "${hdd}"1
## }}}
## Create Logical Volumes {{{
[ ! -b /dev/mapper/"${vgname}"-home ] && lvcreate -n home -L 20g "${vgname}"
[ ! -b /dev/mapper/"${vgname}"-opt ] && lvcreate -n opt -L 2g "${vgname}"
[ ! -b /dev/mapper/"${vgname}"-root ] && lvcreate -n root -L 5g "${vgname}"
[ ! -b /dev/mapper/"${vgname}"-srv ] && lvcreate -n srv -L 2g "${vgname}"
[ ! -b /dev/mapper/"${vgname}"-tmp ] && lvcreate -n tmp -L 10g "${vgname}"
[ ! -b /dev/mapper/"${vgname}"-usr ] && lvcreate -n usr -L 15g "${vgname}"
[ ! -b /dev/mapper/"${vgname}"-var ] && lvcreate -n var -L 10g "${vgname}"
[ ! -b /dev/mapper/"${vgname}"-vz ] && lvcreate -n vz -L 150g "${vgname}"
[ ! -b /dev/mapper/"${vgname}"-bkp ] && lvcreate -n bkp -L 150g "${vgname}"
[ ! -b /dev/mapper/"${vgname}"-swap ] && lvcreate -n swap -L 2g "${vgname}"
### Format the LV in ext4
cd -- /dev/"${vgname}" || exit 1
for lvname in *; do
mkfs.ext4 -F -L "${lvname}" -- "${lvname}"
done
cd -- - || exit 1
### And format the swap
mkswap -L sw01 -- /dev/mapper/"${vgname}"-swap
## }}}
# }}}
# Debootstrap {{{
## Create and mount the system {{{
### Root
mkdir -p -- /target
mountpoint -q /target || mount -- /dev/mapper/"${vgname}"-root /target
### boot - grub
mkdir -p -- /target/boot
mountpoint -q /target/boot || mount -- ${hdd}1 /target/boot
### home LV
mkdir -p -- /target/home
mountpoint -q /target/home || mount -- /dev/mapper/"${vgname}"-home /target/home
### opt LV
mkdir -p -- /target/opt
mountpoint -q /target/opt || mount -- /dev/mapper/"${vgname}"-opt /target/opt
### srv LV
mkdir -p -- /target/srv
mountpoint -q /target/srv || mount -- /dev/mapper/"${vgname}"-srv /target/srv
#### bkp LV
mkdir -p -- /target/srv/backup
mountpoint -q /target/srv/backup || mount -- /dev/mapper/"${vgname}"-bkp /target/srv/backup
### tmp LV
mkdir -p -- /target/tmp
mountpoint -q /target/tmp || mount -- /dev/mapper/"${vgname}"-tmp /target/tmp
### usr LV
mkdir -p -- /target/usr
mountpoint -q /target/usr || mount -- /dev/mapper/"${vgname}"-usr /target/usr
### var LV
mkdir -p -- /target/var
mountpoint -q /target/var || mount -- /dev/mapper/"${vgname}"-var /target/var
#### vz LV
mkdir -p -- /target/var/lib/vz
mountpoint -q /target/var/lib/vz || mount -- /dev/mapper/"${vgname}"-vz /target/var/lib/vz
### Swap
swapon -- /dev/mapper/"${vgname}"-swap
## }}}
## Run debootstrap
debootstrap --arch amd64 --include="${dbs_pkg_include}" --exclude="${dbs_pkg_exclude}" stretch /target http://ftp.fr.debian.org/debian
# }}}
# Configure system {{{
## Fstab {{{
### Use the current mtab content as default fstab file for the target system
grep target /etc/mtab | grep -vE '(tmpfs|pts|proc|sysfs)' > /target/etc/fstab
### Ensure to enable swap
grep swap /target/etc/fstab || echo "/dev/mapper/${vgname}-swap swap swap sw,pri=0 0 0" >> /target/etc/fstab
### Add extra tmpfs mount point
grep "^proc" /target/etc/fstab || echo "proc /proc proc rw,nodev,size=100M 0 0" >> /target/etc/fstab
grep "^sysfs" /target/etc/fstab || echo "sysfs /sys sysfs rw,nodev,size=100M 0 0" >> /target/etc/fstab
grep "/dev/shm" /target/etc/fstab || echo "tmpfs /dev/shm tmpfs rw,nodev,size=100M 0 0" >> /target/etc/fstab
grep "^devpts" /target/etc/fstab || echo "devpts /dev/pts devpts rw,relatime,size=10240k,nr_inodes=2051120,mode=755 0 0" >> /target/etc/fstab
grep "/var/tmp" /target/etc/fstab || echo "/tmp /var/tmp none rw,bind,size=1M,mode=1777 0 0" >> /target/etc/fstab
### Remove all occurrences to target and avoid double slashs
sed -i 's;target;;g' /target/etc/fstab
sed -i 's;//;/;g' /target/etc/fstab
## }}}
## Ensure to (re)mount devices for chroot {{{
mkdir -p -- /target/dev
mountpoint -q /target/dev/ || mount -t devtmpfs -- none /target/dev
mkdir -p -- /target/dev/pts
mountpoint -q /target/dev/pts || mount -t devpts -- /dev/pts /target/dev/pts
mkdir -p -- /target/proc
mountpoint -q /target/proc || mount -t proc -- none /target/proc
mkdir -p -- /target/sys
mountpoint -q /target/sys || mount -t sysfs -- none /target/sys
## }}}
## Network {{{
### Get all informations from current network configuration in rescue mode
net_device=$(ip r | grep "^default" | head -1 | cut -d" " -f5)
#### TODO: Switch to ip a to get ip address
net_address=$(ip r | grep -vE "(^default|metric)" | grep "${net_device}.*src" | head -1 | awk -F" " '{print $NF}')
read -r net_mac_address </sys/class/net/"${net_device}"/address
net_netmask=$(ipcalc "${net_address}" | awk '/Netmask:/{print $2;}')
net_netmask_cidr=$(ipcalc "${net_address}" | awk '/Netmask:/{print $4;}')
net_broadcast=$(ip a s dev "${net_device}" | awk '/inet.*brd/{print $4}')
net_network=$(ip r | grep -vE "(^default|metric)" | grep "src ${net_address}" | head -1 | cut -d"/" -f1)
net_gateway=$(ip r | grep "^default" | head -1 | cut -d" " -f3)
### Create a network unit for systemd-networkd
printf '%b' "[Match]
MACAddress=${net_mac_address}
[Network]
Description=network interface with default route without dhcp
DHCP=no
Address=${net_address}/${net_netmask_cidr}
Gateway=${net_gateway}
IPv6AcceptRA=no
DNS=80.67.169.12
" > /target/etc/systemd/network/50-default.network
### Ensure to enable systemd-networkd at startup
chroot /target systemctl enable systemd-networkd
## }}}
## Locale {{{
### Enable locale(s)
sed -i 's/^# \(en_US.UTF-8 UTF-8\)/\1/' /target/etc/locale.gen
#sed -i 's/^# \(fr_FR.UTF-8 UTF-8\)/\1/' /target/etc/locale.gen
chroot /target locale-gen
## }}}
## Timezone {{{
### Set timezone
printf '%b\n' "Europe/Paris" > /target/etc/timezone
ln -fs /usr/share/zoneinfo/Europe/Paris /target/etc/localtime
chroot /target dpkg-reconfigure --frontend noninteractive tzdata
## }}}
## Kernel and Grub {{{
chroot /target aptitude install --assume-yes --without-recommends -- linux-image-amd64 grub-pc
chroot /target grub-install "${hdd}"
chroot /target update-grub
## }}}
## Hostname {{{
printf '%b\n' "${new_hostname}" > /target/etc/hostname
#printf '%b\n' "127.0.0.1 ${new_hostname}" >> /target/etc/hosts
## }}}
# }}}
# Finish {{{
## Call a latecommand script {{{
wget -O /tmp/latecommand.tar.gz "https://git.ipr.univ-rennes1.fr/cellinfo/tftpboot/raw/master/scripts/latecommand.tar.gz" --no-check-certificate
tar xzf /tmp/latecommand.tar.gz -C /target/tmp/
chroot /target /bin/sh /tmp/latecommand/post.stretch.sh
## }}}
## SSH {{{
### Allow root connections - this should be fixed if it works
sed -i 's/\(^\|^\#\)\(PermitRootLogin\).*/\2 yes/g' /target/etc/ssh/sshd_config
### Add current authorized_keys from the rescue system if present
if [ -f /root/.ssh/authorized_keys ]; then
mkdir -p -- /target/root/.ssh
cp -- /root/.ssh/authorized_keys /target/root/.ssh/authorized_keys
else
printf '%b\n' "${REDB}You might want to define an authorized key for SSH/root in /target/etc/ssh/sshd_config${RESET}"
fi
## }}}
printf '%b\n' "${REDB}Please change the root's password:${RESET}"
chroot /target passwd
# Ensure to umount everything
#umount /target/var/lib/vz/ /target/var/ /target/usr/ /target/tmp/ /target/sys/ /target/srv/backup/ /target/srv/ /target/proc/ /target/opt/ /target/home/ /target/dev/pts/ /target/dev /target/boot/ /target/
printf '%b\n' "${GREEN}The system is still available on /target but you can now try to reboot the hardware.${RESET}"
exit 0
# }}}