1
0
Fork 0
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

85 lines
4.5 KiB

#!/usr/bin/env bash
set -x
# Absolutely necessary packages needed for a VM/image
NECESSARY_PKGS=("linux-image-riscv64" "u-boot-menu")
# Packages for creature comfort (neovim), packages necessary for a router (dnsmasq, network-manager, pppoe, wireguard, ...), packages for security (firewalld, fail2ban, ...) and some nice-to-haves (bash-completion, findutils, nload, tmux, wget, ...)
MY_PKGS_01=("bash" "bash-completion" "bash-doc" "curl" "dnsmasq" "dnsmasq-utils" "fail2ban" "file" "findutils" "firewalld" "firmware-linux-free" "git" "htop" "isc-dhcp-server" "libpam-google-authenticator" "linux-image-riscv64" "locate" "lm-sensors" "man-db" "neovim" "network-manager" "network-manager-pptp" "nload" "ntpsec" "ntpsec-doc" "ntpsec-ntpdate" "ntpsec-ntpdig" "openssh-client" "openssh-server" "pppoe" "shorewall" "shorewall-doc" "shorewall-init" "shorewall6" "sudo" "tmux" "u-boot-menu" "vim" "wget" "wireguard" "wireguard-modules" "wireguard-tools" "zsh" "zsh-autosuggestions" "zsh-syntax-highlighting")
MY_PKGS_02=("qemu-system" "libvirt-clients" "libvirt-daemon-system")
# CHK_SYS_PKGS_01 CHK_SYS_PKGS_02 are Debian's "essential" and "don't remove them" set of packages respectively; only to check if they are installed or not.
CHK_SYS_PKGS_01=("apt" "base-files" "base-passwd" "bash" "bsdutils" "coreutils" "dash" "debconf" "debianutils" "diffutils" "dpkg" "e2fsprogs" "findutils" "grep" "gzip" "hostname" "init-system-helpers" "libc-bin" "liblocale-gettext-perl" "libpam-modules" "libpam-modules-bin" "libpam-runtime" "libtext-charwidth-perl" "libtext-iconv-perl" "libtext-wrapi18n-perl" "login" "mawk" "mount" "ncurses-base" "ncurses-bin" "passwd" "perl-base" "sed" "sensible-utils" "sysvinit-utils" "tar" "tzdata" "util-linux")
CHK_SYS_PKGS_02=("apt" "base-files" "base-passwd" "bash" "bsdutils" "coreutils" "dash" "debconf" "debianutils" "diffutils" "dpkg" "e2fsprogs" "findutils" "grep" "gzip" "hostname" "init-system-helpers" "libc-bin" "liblocale-gettext-perl" "libpam-modules" "libpam-modules-bin" "libpam-runtime" "libtext-charwidth-perl" "libtext-iconv-perl" "libtext-wrapi18n-perl" "login" "mawk" "mount" "ncurses-base" "ncurses-bin" "passwd" "perl-base" "sed" "sensible-utils" "sysvinit-utils" "tar" "tzdata" "util-linux")
# Services that are bundled with MY_PKGS_01; enable them and disable some suspend/hibernate related services
SERVICES_ENABLEMENT=("dnsmasq.service" "fail2ban.service" "firewalld.service" "isc-dhcp-server.service" "libvirt-guests.service" "man-db.service" "ntpsec.service" "ssh.service" "shorewall.service" "shorewall-init.service" "nftables.service" "NetworkManager.service")
SERVICES_DISABLEMENT=("hibernate.target" "iperf3.service" "suspend-then-hibernate.target" "suspend.target" "systemd-hibernate.service" "systemd-suspend-then-hibernate.service" "systemd-suspend.service")
echo "================================== ENTERED CHROOT ================================"
### Populate `sources.list`
cat <<EOF > /etc/apt/sources.list
deb http://deb.debian.org/debian-ports sid main
deb http://deb.debian.org/debian-ports unreleased main
deb-src http://deb.debian.org/debian sid main
EOF
### Update package information
apt-get update
### generate the locale
apt-get install -y locales
echo "en_IN UTF-8" > /etc/locale.gen
locale-gen
### Set root password to 'debain'
### this will be expired the moment root logs in
apt-get install -y openssl
usermod --password $(echo debian | openssl passwd -1 -stdin) root
passwd -e root
### Install necessary packages
apt-get install -y ${NECESSARY_PKGS[@]}
apt-get install -y ${MY_PKGS_01[@]}
apt-get install --no-install-recommends -y ${MY_PKGS_02[@]}
### Check if essential and additional-sys-pkgs are installed or not
### Fail outright; don't install; report to the user
for PKG in ${CHK_SYS_PKGS_01[@]}
do
dpkg -s ${PKG} 1>/dev/null || { echo -e "\n[${PKG}]: PACKAGE NOT INSTALLED. THIS SHOULD NOT HAPPEN\n"; exit 1; }
done
for PKG in ${CHK_SYS_PKGS_02[@]}
do
dpkg -s ${PKG} 1>/dev/null || { echo -e "\n[${PKG}]: PACKAGE NOT INSTALLED. THIS SHOULD NOT HAPPEN\n"; exit 1; }
done
### Services; enable some, disable some
for ESERVC in ${SERVICES_ENABLEMENT[@]}
do
systemctl service enable ${ESERVC}
done
for DSERVC in ${SERVICES_DISABLEMENT[@]}
do
systemctl service disable ${DSERVC}
done
# Configure syslinux-style boot menu
cat >>/etc/default/u-boot <<EOF
U_BOOT_ENTRIES="all"
U_BOOT_TIMEOUT="50"
U_BOOT_PARAMETERS="rw noquiet root=/dev/vda1"
U_BOOT_FDT_DIR="noexist"
EOF
u-boot-update
echo "================================== EXIT__CHROOT ================================"
exit