Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:mcepl:moldavite
moldavite
config.sh
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File config.sh of Package moldavite
#!/bin/bash # Copyright (c) 2023 Richard Brown # Copyright (c) 2023 Project Moldavite # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to deal # in the Software without restriction, including without limitation the rights # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell # copies of the Software, and to permit persons to whom the Software is # furnished to do so, subject to the following conditions: # # The above copyright notice and this permission notice shall be included in # all copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. # #====================================== # Functions... #-------------------------------------- test -f /.kconfig && . /.kconfig test -f /.profile && . /.profile set -euxo pipefail echo "Configure image: [$kiwi_iname]-[$kiwi_profiles]..." # Systemd controls the console font now echo FONT="eurlatgr.psfu" >> /etc/vconsole.conf #====================================== # prepare for setting root pw, timezone #-------------------------------------- echo "** reset machine settings" rm -f /etc/machine-id \ /var/lib/zypp/AnonymousUniqueId \ /var/lib/systemd/random-seed #====================================== # Specify default systemd target #-------------------------------------- baseSetRunlevel multi-user.target #====================================== # Import trusted rpm keys #-------------------------------------- suseImportBuildKey cat >/etc/moldavite-build-key <<"EOF" -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.5 (GNU/Linux) mQENBFqe0Y8BCADhmzKp5n1vQEbvlazZrPNsrH78s4XXEKjGg3QAumyBu0DpPZ7A 0uHsmR9sqfhf3RDZzymVqwEqkXruB4eMUH2D9khY7J8AO9yJve7Hpocvequ3IuEQ gM+0ahVl1/GUOWObor2JW90kA5tiNal+m5LoQPBk79+p3YdtPskLlQQe1mxhBo6i X4Kny+Z2Ebhq5UQN+4Rujb2rcL/iRK0xIRThBCYfgMmb5zQRr4k55t8LU793RDYK 7gga/U8y+PMnjFz+Sd2LRr86+d/Ps3Xa7QGgkc6Ipg6o647VyuGf3A+TCy/RqawX rOu9xFMMSSV0D/Spi1qSj7wlbGKBE3isztPHABEBAAG0NmhvbWU6bWNlcGwgT0JT IFByb2plY3QgPGhvbWU6bWNlcGxAYnVpbGQub3BlbnN1c2Uub3JnPokBPgQTAQgA KAUCYriXlgIbAwUJDDh2BwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQRoIc 1BHzVZNNQAf9FeCYZ5fmh0hbbIX+BBsEEn27f5VUO4lgpq03N12CYvDE8E5alZZl SUbtJN5jiZGxoNKaVaRHYxkK27Bga9Es1UhZbXm02Ob+7A/8FQNcQvcchFZ/fmoh CMjypYwjiqtcPw3velyrSlx59zQP9Mz046jjfnoI43e5cHd+18OdfqjCyTX3iWMm ZOLs9JySPOP/xziqML3rEfwh9ULSIGuofCMEpLEET/xpneEI99rkkXc1qkrfi6DF VGqU1h+HPP11DrUGSiqk2QrPanxCNG7sYWUTmEZ4l+rJquJEMqRluNyDuRuL68b4 eejPfpARWQkXw71TSGXje2lizEc7hAVP+YhGBBMRAgAGBQJantGPAAoJEDswEbdr nWUjlsEAoIZd+MQx7YJVfYPsnKa4r8L34WQrAJoDcsAva5KDf+N3zfPxLPtPsf/I ww== =oT+Q -----END PGP PUBLIC KEY BLOCK----- EOF rpm --import /etc/moldavite-build-key rm -f /etc/moldavite-build-key #====================================== # Set hostname by DHCP #-------------------------------------- baseUpdateSysConfig /etc/sysconfig/network/dhcp DHCLIENT_SET_HOSTNAME yes # Add repos from /etc/YaST2/control.xml if [ -x /usr/sbin/add-yast-repos ]; then add-yast-repos zypper --non-interactive rm -u live-add-yast-repos fi # Add moldavite repo zypper --gpg-auto-import-keys --non-interactive ar -f https://download.opensuse.org/repositories/home:/mcepl:/moldavite/standard/ moldavite # Adjust zypp conf sed -i 's/^multiversion =.*/multiversion =/g' /etc/zypp/zypp.conf #===================================== # Configure snapper #------------------------------------- if [ "${kiwi_btrfs_root_is_snapshot-false}" = 'true' ]; then echo "creating initial snapper config ..." cp /etc/snapper/config-templates/default /etc/snapper/configs/root \ || cp /usr/share/snapper/config-templates/default /etc/snapper/configs/root baseUpdateSysConfig /etc/sysconfig/snapper SNAPPER_CONFIGS root # Adjust parameters sed -i'' 's/^TIMELINE_CREATE=.*$/TIMELINE_CREATE="no"/g' /etc/snapper/configs/root sed -i'' 's/^NUMBER_LIMIT=.*$/NUMBER_LIMIT="2-10"/g' /etc/snapper/configs/root sed -i'' 's/^NUMBER_LIMIT_IMPORTANT=.*$/NUMBER_LIMIT_IMPORTANT="4-10"/g' /etc/snapper/configs/root fi #===================================== # Enable chrony if installed #------------------------------------- if [ -f /etc/chrony.conf ]; then systemctl enable chronyd fi # Enable jeos-firstboot if installed, disabled by combustion/ignition if rpm -q --whatprovides jeos-firstboot >/dev/null; then mkdir -p /var/lib/YaST2 touch /var/lib/YaST2/reconfig_system systemctl enable jeos-firstboot.service fi # The %post script can't edit /etc/fstab sys due to https://github.com/OSInside/kiwi/issues/945 # so use the kiwi custom hack cat >/etc/fstab.script <<"EOF" #!/bin/sh set -eux /usr/sbin/setup-fstab-for-overlayfs # If /var is on a different partition than /... if [ "$(findmnt -snT / -o SOURCE)" != "$(findmnt -snT /var -o SOURCE)" ]; then # ... set options for autoexpanding /var gawk -i inplace '$2 == "/var" { $4 = $4",x-growpart.grow,x-systemd.growfs" } { print $0 }' /etc/fstab fi EOF chmod a+x /etc/fstab.script # To make x-systemd.growfs work from inside the initrd cat >/etc/dracut.conf.d/50-microos-growfs.conf <<"EOF" install_items+=" /usr/lib/systemd/systemd-growfs " EOF # Use the btrfs storage driver. This is usually detected in %post, but with kiwi # that happens outside of the final FS. if [ -e /etc/containers/storage.conf ]; then sed -i 's/driver = "overlay"/driver = "btrfs"/g' /etc/containers/storage.conf fi # Enable Network systemctl enable NetworkManager # Enable gpg-agent for all users (https://todo.sr.ht/~mcepl/moldavite/3) systemctl --global enable gpg-agent.socket systemctl --global enable gpg-agent-browser.socket systemctl --global enable gpg-agent-ssh.socket systemctl --global enable gpg-agent-extra.socket #====================================== # Disable recommends on virtual images (keep hardware supplements, see bsc#1089498) #-------------------------------------- sed -i 's/.*solver.onlyRequires.*/solver.onlyRequires = true/g' /etc/zypp/zypp.conf #====================================== # Disable installing documentation #-------------------------------------- sed -i 's/.*rpm.install.excludedocs.*/rpm.install.excludedocs = yes/g' /etc/zypp/zypp.conf #====================================== # Add default kernel boot options #-------------------------------------- serialconsole='console=ttyS0,115200' grub_cmdline=('quiet' 'systemd.show_status=yes' "${serialconsole}" 'console=tty0') rpm -q wicked && grub_cmdline+=('net.ifnames=0') ignition_platform='metal' # One '\' for sed, one '\' for grub2-mkconfig grub_cmdline+=('\\$ignition_firstboot' "ignition.platform.id=${ignition_platform}") sed -i "s#^GRUB_CMDLINE_LINUX_DEFAULT=.*\$#GRUB_CMDLINE_LINUX_DEFAULT=\"${grub_cmdline[*]}\"#" /etc/default/grub #====================================== # If SELinux is installed, configure it like transactional-update setup-selinux #-------------------------------------- if [[ -e /etc/selinux/config ]]; then # Check if we don't have selinux already enabled. grep ^GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub | grep -q security=selinux || \ sed -i -e 's|\(^GRUB_CMDLINE_LINUX_DEFAULT=.*\)"|\1 security=selinux selinux=1"|g' "/etc/default/grub" # Adjust selinux config sed -i -e 's|^SELINUX=.*|SELINUX=enforcing|g' \ -e 's|^SELINUXTYPE=.*|SELINUXTYPE=targeted|g' \ "/etc/selinux/config" # Move an /.autorelabel file from initial installation to writeable location test -f /.autorelabel && mv /.autorelabel /etc/selinux/.autorelabel fi #====================================== # Configure SelfInstall specifics #-------------------------------------- cat > /etc/systemd/system/selfinstallreboot.service <<-EOF [Unit] Description=SelfInstall Image Reboot after Firstboot (to ensure ignition and such runs) After=systemd-machine-id-commit.service Before=jeos-firstboot.service [Service] Type=oneshot ExecStart=rm /etc/systemd/system/selfinstallreboot.service ExecStart=rm /etc/systemd/system/default.target.wants/selfinstallreboot.service ExecStart=systemctl --no-block reboot [Install] WantedBy=default.target EOF ln -s /etc/systemd/system/selfinstallreboot.service /etc/systemd/system/default.target.wants/selfinstallreboot.service
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor