summaryrefslogtreecommitdiff
path: root/assets
diff options
context:
space:
mode:
authorPeter Bex <peter@more-magic.net>2016-02-14 19:16:04 +0100
committerPeter Bex <peter@more-magic.net>2016-02-21 00:40:40 +0100
commite0f806a2f44bc08ff8931f8e5dab09579850154d (patch)
tree774f1e676093937e7775de39f11f6a91afcdbb21 /assets
downloadvps-builder-e0f806a2f44bc08ff8931f8e5dab09579850154d.tar.gz
First version of vps image builder.
Diffstat (limited to 'assets')
-rw-r--r--assets/boot/extlinux.conf5
-rw-r--r--assets/firewall/ferm.conf38
-rw-r--r--assets/fstab3
-rw-r--r--assets/modprobe/blacklist.conf2
-rw-r--r--assets/network/cloudstack-guest-setup30
-rw-r--r--assets/network/interfaces18
-rw-r--r--assets/package-manager/apt/apt-settings4
7 files changed, 100 insertions, 0 deletions
diff --git a/assets/boot/extlinux.conf b/assets/boot/extlinux.conf
new file mode 100644
index 0000000..c340924
--- /dev/null
+++ b/assets/boot/extlinux.conf
@@ -0,0 +1,5 @@
+default linux
+timeout 1
+label linux
+kernel {KERNEL}
+append initrd={RAMDISK} root=/dev/vda1 console=tty0 console=ttyS0,115200 ro quiet \ No newline at end of file
diff --git a/assets/firewall/ferm.conf b/assets/firewall/ferm.conf
new file mode 100644
index 0000000..e9a1e88
--- /dev/null
+++ b/assets/firewall/ferm.conf
@@ -0,0 +1,38 @@
+# -*- shell-script -*-
+#
+# Configuration file for ferm(1).
+#
+
+@def $PUBLIC_SERVICES=(ssh);
+@def $BADGUYS=();
+
+domain (ip ip6) table filter {
+ chain (INPUT OUTPUT FORWARD) {
+ # connection tracking
+ mod state state INVALID DROP;
+ mod state state (ESTABLISHED RELATED) ACCEPT;
+ }
+
+ chain INPUT {
+ policy DROP;
+
+ # drop blacklisted connections
+ saddr @ipfilter($BADGUYS) DROP;
+
+ # allow local packet
+ interface lo ACCEPT;
+
+ # respond to ping
+ proto icmp ACCEPT;
+
+ proto tcp dport $PUBLIC_SERVICES ACCEPT;
+ }
+
+ chain OUTPUT {
+ policy ACCEPT;
+ }
+
+ chain FORWARD {
+ policy DROP;
+ }
+}
diff --git a/assets/fstab b/assets/fstab
new file mode 100644
index 0000000..703881b
--- /dev/null
+++ b/assets/fstab
@@ -0,0 +1,3 @@
+# /etc/fstab: static file system information.
+proc /proc proc nodev,noexec,nosuid 0 0
+/dev/vda1 / ext3 errors=remount-ro 0 1
diff --git a/assets/modprobe/blacklist.conf b/assets/modprobe/blacklist.conf
new file mode 100644
index 0000000..4a36d77
--- /dev/null
+++ b/assets/modprobe/blacklist.conf
@@ -0,0 +1,2 @@
+# disable pc speaker
+blacklist pcspkr \ No newline at end of file
diff --git a/assets/network/cloudstack-guest-setup b/assets/network/cloudstack-guest-setup
new file mode 100644
index 0000000..3583afe
--- /dev/null
+++ b/assets/network/cloudstack-guest-setup
@@ -0,0 +1,30 @@
+#!/bin/sh
+#
+# From https://github.com/shankerbalan/cloudstack-scripts
+# Stripped out the non-Debian and Plesk stuff, the cron
+# randomisation and the 127.0.1.1 removal in /etc/hosts.
+#
+# TODO: Rewrite in CHICKEN?
+#
+# /etc/dhcp/dhclient-exit-hooks.d/cloudstack-guest-setup (debian/ubuntu)
+# runs on firstboot after acquiring DHCP lease
+
+if [ "$reason" != BOUND ] && [ "$reason" != RENEW ] && [ "$reason" != REBIND ] && [ "$reason" != REBOOT ]; then
+ return
+fi
+
+# set hostname
+logger -t "cloudstack" "Setting hostname to \"${new_host_name}\""
+hostname "$new_host_name" > /dev/null 2>&1
+echo "$new_host_name" > /etc/hostname
+
+# add hostname to /etc/hosts and remove previous localhost-style
+sed -i "/127.0.0.1/a $new_ip_address $new_host_name.$new_domain_name $new_host_name" /etc/hosts > /dev/null 2>&1
+
+# generate ssh host keys
+logger -t "cloudstack" "Generating ssh host keys"
+ssh-keygen -A && rm /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.pub
+# remove self
+rm /etc/dhcp/dhclient-exit-hooks.d/cloudstack-guest-setup > /dev/null 2>&1
+
+exit 0
diff --git a/assets/network/interfaces b/assets/network/interfaces
new file mode 100644
index 0000000..b40848c
--- /dev/null
+++ b/assets/network/interfaces
@@ -0,0 +1,18 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The normal eth0
+auto eth0
+iface eth0 inet dhcp
+
+# Maybe the VM has 2 NICs?
+allow-hotplug eth1
+iface eth1 inet dhcp
+
+# Maybe the VM has 3 NICs?
+allow-hotplug eth2
+iface eth2 inet dhcp
diff --git a/assets/package-manager/apt/apt-settings b/assets/package-manager/apt/apt-settings
new file mode 100644
index 0000000..32ee0c8
--- /dev/null
+++ b/assets/package-manager/apt/apt-settings
@@ -0,0 +1,4 @@
+// Avoid installing unnecessary packages, to keep a lean system.
+// This is installed into /etc/apt/apt.conf.d/90custom-config
+APT::Install-Recommends "0";
+APT::Install-Suggests "0";