First version of vps image builder.

7 files changed, 100 insertions, 0 deletions

diff --git a/assets/boot/extlinux.conf b/assets/boot/extlinux.conf
new file mode 100644
index 0000000..c340924
--- /dev/null
+++ b/assets/boot/extlinux.conf
@@ -0,0 +1,5 @@
+default linux
+timeout 1
+label linux
+kernel {KERNEL}
+append initrd={RAMDISK} root=/dev/vda1 console=tty0 console=ttyS0,115200 ro quiet
\ No newline at end of file
diff --git a/assets/firewall/ferm.conf b/assets/firewall/ferm.conf
new file mode 100644
index 0000000..e9a1e88
--- /dev/null
+++ b/assets/firewall/ferm.conf
@@ -0,0 +1,38 @@
+# -*- shell-script -*-
+#
+#  Configuration file for ferm(1).
+#
+
+@def $PUBLIC_SERVICES=(ssh);
+@def $BADGUYS=();
+
+domain (ip ip6) table filter {
+	chain (INPUT OUTPUT FORWARD) {
+		# connection tracking
+		mod state state INVALID DROP;
+		mod state state (ESTABLISHED RELATED) ACCEPT;
+	}
+
+	chain INPUT {
+		policy DROP;
+
+		# drop blacklisted connections
+		saddr @ipfilter($BADGUYS) DROP;
+
+		# allow local packet
+		interface lo ACCEPT;
+
+		# respond to ping
+		proto icmp ACCEPT; 
+
+		proto tcp dport $PUBLIC_SERVICES ACCEPT;
+	}
+
+	chain OUTPUT {
+		policy ACCEPT;
+	}
+
+	chain FORWARD {
+		policy DROP;
+	}
+}
diff --git a/assets/fstab b/assets/fstab
new file mode 100644
index 0000000..703881b
--- /dev/null
+++ b/assets/fstab
@@ -0,0 +1,3 @@
+# /etc/fstab: static file system information.
+proc	/proc	proc	nodev,noexec,nosuid	0	0
+/dev/vda1	/	ext3	errors=remount-ro	0	1
diff --git a/assets/modprobe/blacklist.conf b/assets/modprobe/blacklist.conf
new file mode 100644
index 0000000..4a36d77
--- /dev/null
+++ b/assets/modprobe/blacklist.conf
@@ -0,0 +1,2 @@
+# disable pc speaker
+blacklist pcspkr
\ No newline at end of file
diff --git a/assets/network/cloudstack-guest-setup b/assets/network/cloudstack-guest-setup
new file mode 100644
index 0000000..3583afe
--- /dev/null
+++ b/assets/network/cloudstack-guest-setup
@@ -0,0 +1,30 @@
+#!/bin/sh
+#
+# From https://github.com/shankerbalan/cloudstack-scripts
+# Stripped out the non-Debian and Plesk stuff, the cron
+# randomisation and the 127.0.1.1 removal in /etc/hosts.
+#
+# TODO: Rewrite in CHICKEN?
+#
+# /etc/dhcp/dhclient-exit-hooks.d/cloudstack-guest-setup (debian/ubuntu)
+# runs on firstboot after acquiring DHCP lease
+
+if [ "$reason" != BOUND ] && [ "$reason" != RENEW ] && [ "$reason" != REBIND ] && [ "$reason" != REBOOT ]; then
+    return
+fi
+
+# set hostname
+logger -t "cloudstack" "Setting hostname to \"${new_host_name}\""
+hostname "$new_host_name" > /dev/null 2>&1
+echo "$new_host_name" > /etc/hostname
+
+# add hostname to /etc/hosts and remove previous localhost-style
+sed -i "/127.0.0.1/a $new_ip_address $new_host_name.$new_domain_name $new_host_name" /etc/hosts > /dev/null 2>&1
+
+# generate ssh host keys
+logger -t "cloudstack" "Generating ssh host keys"
+ssh-keygen -A && rm /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.pub
+# remove self
+rm /etc/dhcp/dhclient-exit-hooks.d/cloudstack-guest-setup > /dev/null 2>&1
+
+exit 0
diff --git a/assets/network/interfaces b/assets/network/interfaces
new file mode 100644
index 0000000..b40848c
--- /dev/null
+++ b/assets/network/interfaces
@@ -0,0 +1,18 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The normal eth0
+auto eth0
+iface eth0 inet dhcp
+
+# Maybe the VM has 2 NICs?
+allow-hotplug eth1
+iface eth1 inet dhcp
+
+# Maybe the VM has 3 NICs?
+allow-hotplug eth2
+iface eth2 inet dhcp
diff --git a/assets/package-manager/apt/apt-settings b/assets/package-manager/apt/apt-settings
new file mode 100644
index 0000000..32ee0c8
--- /dev/null
+++ b/assets/package-manager/apt/apt-settings
@@ -0,0 +1,4 @@
+// Avoid installing unnecessary packages, to keep a lean system.
+// This is installed into /etc/apt/apt.conf.d/90custom-config
+APT::Install-Recommends "0";
+APT::Install-Suggests "0";