|
|
|
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
|
|
|
|
|
|
|
|
# config files
|
|
|
|
cp -a /hardware-setup/config/* /
|
|
|
|
|
|
|
|
# locales
|
|
|
|
|
|
|
|
echo 'console-setup console-setup/charmap47 select UTF-8' | debconf-set-selections
|
|
|
|
echo 'keyboard-configuration keyboard-configuration/variant select English (US)' | debconf-set-selections
|
|
|
|
echo 'keyboard-configuration kekeyboard-configuration keyboard-configuration/layout select English (US)' | debconf-set-selections
|
|
|
|
echo 'locales locales/default_environment_locale select en_US.UTF-8' | debconf-set-selections
|
|
|
|
echo 'locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8' | debconf-set-selections
|
|
|
|
|
|
|
|
apt-get -y install locales
|
|
|
|
|
|
|
|
|
|
|
|
### boot
|
|
|
|
|
|
|
|
apt-get -y install mdadm cryptsetup systemd systemd-sysv dropbear
|
|
|
|
|
|
|
|
# generate minimal mdadm.conf
|
|
|
|
mdadm --examine --scan | perl -pe 's/.*\/dev\/md\/?([0-9]+) .*UUID\=(.+?) .*/ARRAY \/dev\/md$1 UUID=$2/' > /etc/mdadm/mdadm.conf
|
|
|
|
|
|
|
|
# concat user keys for cryptsetup unlocking at boot
|
|
|
|
cat /hardware-setup/authorized_keys/* > /etc/dropbear-initramfs/authorized_keys
|
|
|
|
|
|
|
|
# set dropbear port to something other than 22, because of openssh
|
|
|
|
sed -i 's/DROPBEAR_PORT=.*/DROPBEAR_PORT=222/' /etc/default/dropbear
|
|
|
|
|
|
|
|
# after cryptsetup, mdadm, ... because of update-initramfs
|
|
|
|
apt-get -y install linux-image-amd64
|
|
|
|
|
|
|
|
DEBIAN_FRONTEND=noninteractive apt-get -y install grub-pc
|
|
|
|
"/hardware-setup/hardware/$1/grub.sh"
|
|
|
|
update-grub
|
|
|
|
|
|
|
|
### users
|
|
|
|
|
|
|
|
apt-get -y install sudo
|
|
|
|
|
|
|
|
for key in /hardware-setup/authorized_keys/*; do
|
|
|
|
user=$(basename "$key")
|
|
|
|
|
|
|
|
adduser --gecos '' --disabled-password "$user"
|
|
|
|
|
|
|
|
mkdir -p /home/"$user"/.ssh
|
|
|
|
cp "$key" /home/"$user"/.ssh/authorized_keys
|
|
|
|
chown "$user": /home/"$user"/.ssh/authorized_keys
|
|
|
|
|
|
|
|
adduser "$user" sudo
|
|
|
|
done
|
|
|
|
|
|
|
|
### Docker
|
|
|
|
|
|
|
|
# add docker key
|
|
|
|
apt-get -y install gnupg2
|
|
|
|
apt-key add /hardware-setup/docker.key
|
|
|
|
apt-get -y --purge autoremove gnupg2
|
|
|
|
|
|
|
|
echo 'deb https://download.docker.com/linux/debian buster stable' > /etc/apt/sources.list.d/docker.list
|
|
|
|
apt-get update
|
|
|
|
|
|
|
|
apt-get -y install docker-ce
|
|
|
|
|
|
|
|
|
|
|
|
### administration
|
|
|
|
|
|
|
|
apt-get -y install \
|
|
|
|
man-db \
|
|
|
|
vim \
|
|
|
|
openssh-server
|