openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

File config.sh of Package moldavite

#!/bin/bash
# Copyright (c) 2023 Richard Brown
# Copyright (c) 2023 Project Moldavite
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# 
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# 
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
# 
#======================================
# Functions...
#--------------------------------------

test -f /.kconfig && . /.kconfig
test -f /.profile && . /.profile

set -euxo pipefail

echo "Configure image: [$kiwi_iname]-[$kiwi_profiles]..."

# Systemd controls the console font now
echo FONT="eurlatgr.psfu" >> /etc/vconsole.conf

#======================================
# prepare for setting root pw, timezone
#--------------------------------------
echo "** reset machine settings"
rm -f /etc/machine-id \
      /var/lib/zypp/AnonymousUniqueId \
      /var/lib/systemd/random-seed

#======================================
# Specify default systemd target
#--------------------------------------
baseSetRunlevel multi-user.target

#======================================
# Import trusted rpm keys
#--------------------------------------
suseImportBuildKey

cat >/etc/moldavite-build-key <<"EOF"
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.5 (GNU/Linux)

mQENBFqe0Y8BCADhmzKp5n1vQEbvlazZrPNsrH78s4XXEKjGg3QAumyBu0DpPZ7A
0uHsmR9sqfhf3RDZzymVqwEqkXruB4eMUH2D9khY7J8AO9yJve7Hpocvequ3IuEQ
gM+0ahVl1/GUOWObor2JW90kA5tiNal+m5LoQPBk79+p3YdtPskLlQQe1mxhBo6i
X4Kny+Z2Ebhq5UQN+4Rujb2rcL/iRK0xIRThBCYfgMmb5zQRr4k55t8LU793RDYK
7gga/U8y+PMnjFz+Sd2LRr86+d/Ps3Xa7QGgkc6Ipg6o647VyuGf3A+TCy/RqawX
rOu9xFMMSSV0D/Spi1qSj7wlbGKBE3isztPHABEBAAG0NmhvbWU6bWNlcGwgT0JT
IFByb2plY3QgPGhvbWU6bWNlcGxAYnVpbGQub3BlbnN1c2Uub3JnPokBPgQTAQgA
KAUCYriXlgIbAwUJDDh2BwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQRoIc
1BHzVZNNQAf9FeCYZ5fmh0hbbIX+BBsEEn27f5VUO4lgpq03N12CYvDE8E5alZZl
SUbtJN5jiZGxoNKaVaRHYxkK27Bga9Es1UhZbXm02Ob+7A/8FQNcQvcchFZ/fmoh
CMjypYwjiqtcPw3velyrSlx59zQP9Mz046jjfnoI43e5cHd+18OdfqjCyTX3iWMm
ZOLs9JySPOP/xziqML3rEfwh9ULSIGuofCMEpLEET/xpneEI99rkkXc1qkrfi6DF
VGqU1h+HPP11DrUGSiqk2QrPanxCNG7sYWUTmEZ4l+rJquJEMqRluNyDuRuL68b4
eejPfpARWQkXw71TSGXje2lizEc7hAVP+YhGBBMRAgAGBQJantGPAAoJEDswEbdr
nWUjlsEAoIZd+MQx7YJVfYPsnKa4r8L34WQrAJoDcsAva5KDf+N3zfPxLPtPsf/I
ww==
=oT+Q
-----END PGP PUBLIC KEY BLOCK-----
EOF

rpm --import /etc/moldavite-build-key

rm -f /etc/moldavite-build-key

#======================================
# Set hostname by DHCP
#--------------------------------------
baseUpdateSysConfig /etc/sysconfig/network/dhcp DHCLIENT_SET_HOSTNAME yes

# Add repos from /etc/YaST2/control.xml
if [ -x /usr/sbin/add-yast-repos ]; then
	add-yast-repos
	zypper --non-interactive rm -u live-add-yast-repos
fi

# Add moldavite repo 
zypper --gpg-auto-import-keys --non-interactive ar -f https://download.opensuse.org/repositories/home:/mcepl:/moldavite/standard/ moldavite

# Adjust zypp conf
sed -i 's/^multiversion =.*/multiversion =/g' /etc/zypp/zypp.conf

#=====================================
# Configure snapper
#-------------------------------------
if [ "${kiwi_btrfs_root_is_snapshot-false}" = 'true' ]; then
        echo "creating initial snapper config ..."
        cp /etc/snapper/config-templates/default /etc/snapper/configs/root \
		|| cp /usr/share/snapper/config-templates/default /etc/snapper/configs/root
        baseUpdateSysConfig /etc/sysconfig/snapper SNAPPER_CONFIGS root

# Adjust parameters
	sed -i'' 's/^TIMELINE_CREATE=.*$/TIMELINE_CREATE="no"/g' /etc/snapper/configs/root
	sed -i'' 's/^NUMBER_LIMIT=.*$/NUMBER_LIMIT="2-10"/g' /etc/snapper/configs/root
	sed -i'' 's/^NUMBER_LIMIT_IMPORTANT=.*$/NUMBER_LIMIT_IMPORTANT="4-10"/g' /etc/snapper/configs/root
fi

#=====================================
# Enable chrony if installed
#-------------------------------------
if [ -f /etc/chrony.conf ]; then
	systemctl enable chronyd
fi

# Enable jeos-firstboot if installed, disabled by combustion/ignition
if rpm -q --whatprovides jeos-firstboot >/dev/null; then
	mkdir -p /var/lib/YaST2
	touch /var/lib/YaST2/reconfig_system
	systemctl enable jeos-firstboot.service
fi

# The %post script can't edit /etc/fstab sys due to https://github.com/OSInside/kiwi/issues/945
# so use the kiwi custom hack
cat >/etc/fstab.script <<"EOF"
#!/bin/sh
set -eux

/usr/sbin/setup-fstab-for-overlayfs
# If /var is on a different partition than /...
if [ "$(findmnt -snT / -o SOURCE)" != "$(findmnt -snT /var -o SOURCE)" ]; then
	# ... set options for autoexpanding /var
	gawk -i inplace '$2 == "/var" { $4 = $4",x-growpart.grow,x-systemd.growfs" } { print $0 }' /etc/fstab
fi
EOF

chmod a+x /etc/fstab.script

# To make x-systemd.growfs work from inside the initrd
cat >/etc/dracut.conf.d/50-microos-growfs.conf <<"EOF"
install_items+=" /usr/lib/systemd/systemd-growfs "
EOF

# Use the btrfs storage driver. This is usually detected in %post, but with kiwi
# that happens outside of the final FS.
if [ -e /etc/containers/storage.conf ]; then
	sed -i 's/driver = "overlay"/driver = "btrfs"/g' /etc/containers/storage.conf
fi

# Enable Network
systemctl enable NetworkManager

# Enable gpg-agent for all users (https://todo.sr.ht/~mcepl/moldavite/3)
systemctl --global enable gpg-agent.socket
systemctl --global enable gpg-agent-browser.socket
systemctl --global enable gpg-agent-ssh.socket
systemctl --global enable gpg-agent-extra.socket

#======================================
# Disable recommends on virtual images (keep hardware supplements, see bsc#1089498)
#--------------------------------------
sed -i 's/.*solver.onlyRequires.*/solver.onlyRequires = true/g' /etc/zypp/zypp.conf

#======================================
# Disable installing documentation
#--------------------------------------
sed -i 's/.*rpm.install.excludedocs.*/rpm.install.excludedocs = yes/g' /etc/zypp/zypp.conf

#======================================
# Add default kernel boot options
#--------------------------------------
serialconsole='console=ttyS0,115200'

grub_cmdline=('quiet' 'systemd.show_status=yes' "${serialconsole}" 'console=tty0')
rpm -q wicked && grub_cmdline+=('net.ifnames=0')

ignition_platform='metal'

# One '\' for sed, one '\' for grub2-mkconfig
grub_cmdline+=('\\$ignition_firstboot' "ignition.platform.id=${ignition_platform}")

sed -i "s#^GRUB_CMDLINE_LINUX_DEFAULT=.*\$#GRUB_CMDLINE_LINUX_DEFAULT=\"${grub_cmdline[*]}\"#" /etc/default/grub

#======================================
# If SELinux is installed, configure it like transactional-update setup-selinux
#--------------------------------------
if [[ -e /etc/selinux/config ]]; then
	# Check if we don't have selinux already enabled.
	grep ^GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub | grep -q security=selinux || \
	    sed -i -e 's|$^GRUB_CMDLINE_LINUX_DEFAULT=.*$"|\1 security=selinux selinux=1"|g' "/etc/default/grub"

# Move an /.autorelabel file from initial installation to writeable location
	test -f /.autorelabel && mv /.autorelabel /etc/selinux/.autorelabel
fi

#======================================
# Configure SelfInstall specifics
#--------------------------------------
cat > /etc/systemd/system/selfinstallreboot.service <<-EOF
[Unit]
Description=SelfInstall Image Reboot after Firstboot (to ensure ignition and such runs)
After=systemd-machine-id-commit.service
Before=jeos-firstboot.service
	
[Service]
Type=oneshot
ExecStart=rm /etc/systemd/system/selfinstallreboot.service
ExecStart=rm /etc/systemd/system/default.target.wants/selfinstallreboot.service
ExecStart=systemctl --no-block reboot

[Install]
WantedBy=default.target
EOF
ln -s /etc/systemd/system/selfinstallreboot.service /etc/systemd/system/default.target.wants/selfinstallreboot.service

Places

File config.sh of Package moldavite

Places