212 lines
6.2 KiB
Bash
Executable file
212 lines
6.2 KiB
Bash
Executable file
#!/bin/sh
|
|
# Copyright (c) 2017, 2022 Jonas 'Sortie' Termansen.
|
|
#
|
|
# Permission to use, copy, modify, and distribute this software for any
|
|
# purpose with or without fee is hereby granted, provided that the above
|
|
# copyright notice and this permission notice appear in all copies.
|
|
#
|
|
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
#
|
|
# tix-iso-liveconfig
|
|
# Generate configuration files for customizing the live environment.
|
|
|
|
set -e
|
|
|
|
autoinstall=
|
|
autoupgrade=
|
|
daemons=
|
|
directory=
|
|
hostname=
|
|
kblayout=
|
|
operand=1
|
|
root_ssh_authorized_keys=
|
|
root_ssh_config=
|
|
root_ssh_keygen=false
|
|
root_ssh_known_hosts=
|
|
ssh_config=
|
|
sshd_config=
|
|
sshd_keygen=false
|
|
sshd_key_known_hosts_file=
|
|
sshd_key_known_hosts_hosts=
|
|
videomode=
|
|
|
|
dashdash=
|
|
previous_option=
|
|
for argument do
|
|
if test -n "$previous_option"; then
|
|
eval $previous_option=\$argument
|
|
previous_option=
|
|
continue
|
|
fi
|
|
|
|
case $argument in
|
|
*=?*) parameter=$(expr "X$argument" : '[^=]*=\(.*\)' || true) ;;
|
|
*=) parameter= ;;
|
|
*) parameter=yes ;;
|
|
esac
|
|
|
|
case $dashdash$argument in
|
|
--) dashdash=yes ;;
|
|
--autoinstall=*) autoinstall=$parameter ;;
|
|
--autoinstall) previous_option=autoinstall ;;
|
|
--autoupgrade=*) autoupgrade=$parameter ;;
|
|
--autoupgrade) previous_option=autoupgrade ;;
|
|
--daemons=*) daemons=$parameter ;;
|
|
--daemons) previous_option=daemons ;;
|
|
--hostname=*) hostname=$parameter ;;
|
|
--hostname) previous_option=hostname ;;
|
|
--kblayout=*) kblayout=$parameter ;;
|
|
--kblayout) previous_option=kblayout ;;
|
|
--root-ssh-authorized-keys=*) root_ssh_authorized_keys=$parameter ;;
|
|
--root-ssh-authorized-keys) previous_option=root_ssh_authorized_keys ;;
|
|
--root-ssh-config=*) root_ssh_config=$parameter ;;
|
|
--root-ssh-config) previous_option=root_ssh_config ;;
|
|
--root-ssh-keygen) root_ssh_keygen=true ;;
|
|
--root-ssh-known-hosts=*) root_ssh_known_hosts=$parameter ;;
|
|
--root-ssh-known-hosts) previous_option=root_ssh_known_hosts ;;
|
|
--ssh-config=*) ssh_config=$parameter ;;
|
|
--ssh-config) previous_option=ssh_config ;;
|
|
--sshd-config=*) sshd_config=$parameter ;;
|
|
--sshd-config) previous_option=sshd_config ;;
|
|
--sshd-keygen) sshd_keygen=true ;;
|
|
--sshd-key-known-hosts-file=*) sshd_key_known_hosts_file=$parameter ;;
|
|
--sshd-key-known-hosts-file) previous_option=sshd_key_known_hosts_file ;;
|
|
--sshd-key-known-hosts-hosts=*) sshd_key_known_hosts_hosts=$parameter ;;
|
|
--sshd-key-known-hosts-hosts) previous_option=sshd_key_known_hosts_hosts ;;
|
|
--videomode=*) videomode=$parameter ;;
|
|
--videomode) previous_option=videomode ;;
|
|
-*) echo "$0: unrecognized option $argument" >&2
|
|
exit 1 ;;
|
|
*)
|
|
if [ $operand = 1 ]; then
|
|
directory="$argument"
|
|
operand=2
|
|
else
|
|
echo "$0: unexpected extra operand $argument" >&2
|
|
exit 1
|
|
fi
|
|
;;
|
|
esac
|
|
done
|
|
|
|
if test -n "$previous_option"; then
|
|
echo "$0: option '$argument' requires an argument" >&2
|
|
exit 1
|
|
fi
|
|
|
|
if test -z "$directory"; then
|
|
echo "$0: No directory was specified" >&2
|
|
exit 1
|
|
fi
|
|
|
|
mkdir -p "$directory"
|
|
|
|
if [ -n "$autoinstall" ]; then
|
|
mkdir -p -- "$directory/etc"
|
|
cp -- "$autoinstall" "$directory/etc/autoinstall.conf"
|
|
fi
|
|
|
|
if [ -n "$autoupgrade" ]; then
|
|
mkdir -p -- "$directory/etc"
|
|
cp -- "$autoupgrade" "$directory/etc/autoupgrade.conf"
|
|
fi
|
|
|
|
if [ -n "$daemons" ]; then
|
|
mkdir -p -- "$directory/etc/init"
|
|
true > "$directory/etc/init/local"
|
|
for daemon in $daemons; do
|
|
printf "require %s optional\n" "$daemon" >> "$directory/etc/init/local"
|
|
done
|
|
fi
|
|
|
|
if [ -n "$hostname" ]; then
|
|
mkdir -p -- "$directory/etc"
|
|
printf "%s\n" "$hostname" > "$directory/etc/hostname"
|
|
else
|
|
hostname=sortix
|
|
fi
|
|
|
|
if [ -n "$kblayout" ]; then
|
|
mkdir -p -- "$directory/etc"
|
|
printf "%s\n" "$kblayout" > "$directory/etc/kblayout"
|
|
fi
|
|
|
|
if [ -n "$videomode" ]; then
|
|
mkdir -p -- "$directory/etc"
|
|
printf "%s\n" "$videomode" > "$directory/etc/videomode"
|
|
fi
|
|
|
|
if [ -n "$ssh_config" ]; then
|
|
mkdir -p -- "$directory/etc"
|
|
cp -- "$ssh_config" "$directory/etc/ssh_config"
|
|
fi
|
|
|
|
if [ -n "$sshd_config" ]; then
|
|
mkdir -p -- "$directory/etc"
|
|
cp -- "$sshd_config" "$directory/etc/sshd_config"
|
|
fi
|
|
|
|
if $sshd_keygen; then
|
|
mkdir -p -- "$directory/etc"
|
|
for keytype in rsa ecdsa ed25519; do
|
|
if [ ! -e "$directory/etc/ssh_host_${keytype}_key" ]; then
|
|
ssh-keygen -t $keytype -f "$directory/etc/ssh_host_${keytype}_key" -N "" \
|
|
-C "root@$hostname"
|
|
fi
|
|
done
|
|
for keytype in rsa ecdsa ed25519; do
|
|
ssh-keygen -l -f "$directory/etc/ssh_host_${keytype}_key"
|
|
done
|
|
fi
|
|
|
|
if [ -n "$sshd_key_known_hosts_file" ]; then
|
|
known_hosts_tmp=$(mktemp)
|
|
for host in $sshd_key_known_hosts_hosts; do
|
|
for keytype in rsa ecdsa ed25519; do
|
|
if [ ! -e "$directory/etc/ssh_host_${keytype}_key.pub" ]; then
|
|
continue
|
|
fi
|
|
(printf '%s ' "$host" &&
|
|
sed -E 's/^([^ ]* [^ ]*).*/\1/' \
|
|
"$directory/etc/ssh_host_${keytype}_key.pub") \
|
|
>> "$known_hosts_tmp"
|
|
done
|
|
done
|
|
# TODO: ssh-keygen needs a standalone way to make such a hash.
|
|
ssh-keygen -H -f "$known_hosts_tmp" 1>/dev/null 2>/dev/null
|
|
cat -- "$known_hosts_tmp" >> "$sshd_key_known_hosts_file"
|
|
rm -f "$known_hosts_tmp"
|
|
rm -f "$known_hosts_tmp.old"
|
|
fi
|
|
|
|
if [ -n "$root_ssh_authorized_keys" ]; then
|
|
mkdir -p -- "$directory/root"
|
|
mkdir -p -m 700 -- "$directory/root/.ssh"
|
|
cp -- "$root_ssh_authorized_keys" "$directory/root/.ssh/authorized_keys"
|
|
fi
|
|
|
|
if [ -n "$root_ssh_config" ]; then
|
|
mkdir -p -- "$directory/root"
|
|
mkdir -p -m 700 -- "$directory/root/.ssh"
|
|
cp -- "$root_ssh_config" "$directory/root/.ssh/config"
|
|
fi
|
|
|
|
if [ -n "$root_ssh_known_hosts" ]; then
|
|
mkdir -p -- "$directory/root"
|
|
mkdir -p -m 700 -- "$directory/root/.ssh"
|
|
cp -- "$root_ssh_known_hosts" "$directory/root/.ssh/known_hosts"
|
|
fi
|
|
|
|
if $root_ssh_keygen; then
|
|
mkdir -p -- "$directory/root"
|
|
mkdir -p -m 700 -- "$directory/root/.ssh"
|
|
if [ ! -e "$directory/root/.ssh/id_rsa"]; then
|
|
ssh-keygen -t rsa -f "$directory/root/.ssh/id_rsa" -N "" -C "root@$hostname"
|
|
fi
|
|
fi
|