forked from TritonDataCenter/mi-freebsd-10
-
Notifications
You must be signed in to change notification settings - Fork 1
/
installerconfig.12.2
128 lines (99 loc) · 3.31 KB
/
installerconfig.12.2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
PARTITIONS=ada0
DISTRIBUTIONS="kernel.txz base.txz"
BSDINSTALL_DISTSITE=ftp://ftp.uk.freebsd.org/pub/FreeBSD/releases/amd64/12.2-RELEASE
#!/bin/sh
echo "==> Running installerconfig"
echo "==> Enabling serial and internal consoles"
echo "-Dhv" > /boot.config
echo "==> Adding boot loader settings"
cat << BOOT > /boot/loader.conf
autoboot_delay="5"
hw.snd.default_auto=0
hw.usb.disable_enumeration=1
hw.usb.no_boot_wait=1
hw.usb.no_shutdown_wait=1
BOOT
# zfs - put in loader.conf
#kern.geom.label.disk_ident.enable="0"
#kern.geom.label.gptid.enable="0"
#opensolaris_load="YES"
#zfs_load="YES"
echo "==> Setting up rc.conf"
cat > /etc/rc.conf << RC_CONF
fsck_y_enable="YES"
ifconfig_em0=DHCP
ntpd_enable="YES"
ntpd_sync_on_start="YES"
sendmail_enable="NO"
sshd_enable="YES"
syslogd_flags="-ss"
RC_CONF
# append to ntp.conf - only listen on loopback
cat >> /etc/ntp.conf << NTP_CONF
interface ignore wildcard
interface listen 127.0.0.1
NTP_CONF
dhclient em0
# Set Time Zone to UTC
echo "==> Setting Time Zone to UTC"
/bin/cp /usr/share/zoneinfo/UTC /etc/localtime
/usr/bin/touch /etc/wall_cmos_clock
/sbin/adjkerntz -a
# Fetch and install binary updates. Ensures we have the latest security fixes.
echo "==> Running freebsd-update fetch and freebsd-update install"
# Remove src from update since it's not installed
# See https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=198030
sed -i.bak -e s/Components\ src\ world\ kernel/Components\ world\ kernel/g /etc/freebsd-update.conf
cat << FREEBSDUPDATE > /tmp/freebsd-update.conf
KeyPrint 800651ef4b4c71c27e60786d7b487188970f4b4169cc055784e21eb71d410cc5
ServerName update.FreeBSD.org
Components world/base kernel
IgnorePaths
IDSIgnorePaths /usr/share/man/cat
IDSIgnorePaths /usr/share/man/whatis
IDSIgnorePaths /var/db/locate.database
IDSIgnorePaths /var/log
UpdateIfUnmodified /etc/ /var/ /root/ /.cshrc /.profile
MergeChanges /etc/ /boot/device.hints
BackupKernel no
FREEBSDUPDATE
env PAGER=cat freebsd-update -f /tmp/freebsd-update.conf fetch
env PAGER=cat freebsd-update -f /tmp/freebsd-update.conf install
echo "==> Installing packages"
env ASSUME_ALWAYS_YES=yes pkg update -f
env ASSUME_ALWAYS_YES=yes pkg upgrade -y
env ASSUME_ALWAYS_YES=yes pkg install -y curl sudo vim-console zsh
env ASSUME_ALWAYS_YES=yes pkg autoremove
env ASSUME_ALWAYS_YES=yes pkg clean -a
echo "== Enable root login via ssh"
sed -i.bak -e s/#PermitRootLogin\ no/PermitRootLogin\ without-password/g /etc/ssh/sshd_config
# Allow SSH access to root with this key (which there is no password on)
# You should change/remove this key post install.
mkdir -p /root/.ssh
chown root:wheel /root/.ssh
chmod 700 /root/.ssh
cat <<KEY > /root/.ssh/authorized_keys
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfrHTZo8u4h3QmcwY5kD12aYEp31kA/D9+/MXC+KrXc bootstrap
KEY
chmod 600 /root/.ssh/authorized_keys
## Build date used for motd and product file
BUILDDATE=$(date +%Y%m%d)
RELEASE="12.2-RELEASE"
# Create MOTD
echo "Creating /etc/motd"
mv /etc/motd /etc/motd-backup
cat << MOTD > /etc/motd
Probably Custom (FreeBSD $RELEASE $BUILDDATE)
MOTD
# set root pw - YOU SHOULD CHANGE THIS
echo "this-might-be-long-but-still-change-it" | pw usermod root -h 0
echo "Cleaning up"
rm -rf /tmp/installscript
rm -rf /var/db/freebsd-update/*
rm -rf /tmp/freebsd-update.conf
rm -rf /boot/kernel/*.symbols
echo "End of installerconfig"
# debug
# sleep 20
# done
poweroff