#!/bin/bash # Ce script est une base qu’il faut sûrement améliorer. # Il sert à installer un debian d’ordi portable JC pour le cluster SHLAGO # Le but est d’installer juste ce qu’il faut pour le le serveur tourne, le reste est laissé à ansible. # Il génère une clé SSH qui permettra d’accéder à la machine. C’est peut-être con, il faudrait plutôt le remplir de nos ssh publiques. # https://github.com/adrianamaglio/driglibash declare -A usage declare -A varia driglibash_run_retry=true version="alpha nightly 0.0.1 pre-release unstable" summary="$0 [options]" usage[m]="Path of the temporar mount point" varia[m]=mnt mnt="temporary_mount_point" usage[a]="The architecture of installed system as supported by debootstrap" varia[a]=arch arch="amd64" usage[r]="The release of installed system as supported by debootstrap" varia[r]=release release="bullseye" usage[s]="Source repository of installed system" varia[s]=repo #repo= repo="http://ftp.fr.debian.org/debian" #repo="http://localhost:3142/ftp.fr.debian.org/debian" usage[n]="The hostname" varia[n]=hostname hostname="" usage[b]="The device where grub will be installed" varia[b]=boot_device boot_device= usage[R]="The device where the system will be installed" varia[R]=boot_device boot_device= usage[l]="System locale" varia[l]=locale locale="en_US.UTF-8 UTF-8\nfr_FR.UTF-8 UTF-8" . driglibash-args secret_dir=secrets secret_dir="$(realpath -m "$secret_dir/$hostname")" install="vim openssh-server git nginx" ############################################################################### # Actual script ############################################################################### . driglibash-base chroot_run(){ run echo "$@" | chroot "$mnt" if [ "$?" -ne 0 ] ; then die "Error, chroot command [$@] exited with code '$?'" fi } wait_for_user(){ section "Time for a pause" run echo "Press 'Enter' to continue" read } mount_misc(){ run mkdir -p "$mnt"/{proc,dev,sys} run mount -t proc none "$mnt/proc" clean "umount '$mnt/proc'" # To access physical devices run mount -o bind /dev "$mnt/dev" clean "umount '$mnt/dev'" run mount -o bind /dev/pts "$mnt/dev/pts" clean "umount '$mnt/dev/pts'" run mount -o bind /sys "$mnt/sys" clean "umount '$mnt/sys'" # mount /dev/pts ? apt install complain about its absence } if [ -z "$hostname" ] ; then die "Hostname arg needed" fi root_or_die section "Testing for existing secrets" if ! [ -d "$secret_dir" ] ; then run mkdir -p "$secret_dir" run chown -R root:root "$secret_dir" run chmod 700 "$secret_dir" fi section "debootstraping" # Debootstrap may fail when the target is an existing system #if [ -n "$(ls -A $mnt)" ]; then # die "Root dir '$mnt' is not empty. Won’t debootstrap it." #fi run debootstrap --verbose --arch "$arch" "$release" "$mnt" "$repo" section "Mounting additionnal items" mount_misc section "Installing selected software" #XXX use chroot_run chroot "$mnt" < "$mnt/etc/hostname" # Fix path and remove noisy beep run cat > "$mnt/root/.bashrc" <> "$mnt/etc/inputrc" # TODO find a third method to kill this doomed beep # boot crypted #section "Installing cryptsetup in initramfs" #run echo 'CRYPTSETUP=y' >> /etc/cryptsetup-initramfs/conf-hook #run cp key "$mnt/root/" #run echo 'FILES="/root/key"' >> /etc/initramfs-tools/initramfs.conf #run update-initramfs -ut #echo "$mnt/etc/initramfs-tools/conf.d/cryptsetup" <> "$mnt/etc/environment" #echo 'export FILES="./key"' >> "$mnt/etc/initramfs-tools/initramfs.conf" #chroot_run 'update-initramfs -ut' section "Set up networking" # Disable the unpredictable naming (since we are not on the future host) run ln -s /dev/null "$mnt/etc/udev/rules.d/80-net-setup-link.rules" run cat >> "$mnt/etc/network/interfaces" <> "$mnt/root/.ssh/authorized_keys" fi section "Generating locales" chroot_run echo -e "$locale" > "/etc/locale.gen" chroot_run locale-gen section "Installing grub" # Disable predictable name (again) run sed -i 's/GRUB_CMDLINE_LINUX=""/GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0"/g' "$mnt/etc/default/grub" chroot_run update-grub chroot_run grub-install "$boot_device" if [ "$arg_test" != "false" ] ; then section "Testing installed system" run qemu-system-x86_64 -m 1024M "$boot_device" fi echo "To test the system with qemu type:" echo "qemu-system-x86_64 -m 1024M '$boot_device'" clean