| index : archinstall32 | |
| Archlinux32 installer | gitolite user |
| summaryrefslogtreecommitdiff |
| -rw-r--r-- | README.md | 8 | ||||
| -rw-r--r-- | archinstall.py | 147 | ||||
| -rw-r--r-- | deployments/08:00:27:36:83:9b.json | 21 | ||||
| -rw-r--r-- | deployments/08:00:27:6f:0c:25.json | 29 | ||||
| -rw-r--r-- | deployments/08:00:27:e0:e0:e6.json | 31 |
@@ -5,6 +5,7 @@ Just a bare bone automated [Arch](https://wiki.archlinux.org/index.php/Arch_Linu # cd ~/archlive # echo -e "git\npython-psutil" >> packages.both + # echo "cd /root" >> ./airootfs/root/customize_airootfs.sh # echo "git clone https://github.com/Torxed/archinstall.git" >> ./airootfs/root/customize_airootfs.sh # echo "chmod +x ~/archinstall/archinstall.py" >> ./airootfs/root/customize_airootfs.sh # mkdir ./airootfs/etc/skel @@ -22,9 +23,14 @@ Whenever this live-cd boots, from here on now - it'll run `archinstall.py`. # pacman -Sy git # git clone https://github.com/Torxed/archinstall.git # python3 ./archinstall/archinstall.py - > Note: *(You could also wget the `archinstall.py` script and skip installing git)* +# Rerunning a installation + + # umount -R /mnt; cryptsetup close /dev/mapper/luksdev + # python3 ./archinstall/archinstall.py +> Note: This assumes `--post=stay` is set to avoid instant reboot at the end. + # Some parameters you can give it --drive=</dev/sdX> diff --git a/archinstall.py b/archinstall.py index 9fa0d07e..49e2b878 100644 --- a/archinstall.py +++ b/archinstall.py @@ -1,4 +1,5 @@ #!/usr/bin/python3 +import traceback import psutil, os, re, struct, sys, json import urllib.request, urllib.parse from glob import glob @@ -6,6 +7,7 @@ from glob import glob from socket import socket, inet_ntoa, AF_INET, AF_INET6, AF_PACKET from collections import OrderedDict as oDict from subprocess import Popen, STDOUT, PIPE +from time import sleep rootdir_pattern = re.compile('^.*?/devices') harddrives = oDict() @@ -41,19 +43,21 @@ def get_local_MACs(): macs[addr.address] = nic return macs -def run(cmd, echo=False, *args, **kwargs): - #print('[!] {}'.format(cmd)) +def run(cmd, echo=False, opts=None, *args, **kwargs): + if not opts: opts = {} + if echo or 'debug' in opts: + print('[!] {}'.format(cmd)) handle = Popen(cmd, shell='True', stdout=PIPE, stderr=STDOUT, **kwargs) output = b'' while handle.poll() is None: data = handle.stdout.read() if len(data): - if echo and 'flush': + if echo or 'debug' in opts: print(data.decode('UTF-8'), end='') # print(data.decode('UTF-8'), end='') output += data data = handle.stdout.read() - if echo: + if echo or 'debug' in opts: print(data.decode('UTF-8'), end='') output += data handle.stdout.close() @@ -145,20 +149,53 @@ if __name__ == '__main__': if not 'country' in args: args['country'] = 'SE' #all if not 'packages' in args: args['packages'] = '' if not 'post' in args: args['post'] = 'reboot' + if not 'password' in args: args['password'] = '0000' + + ## == If we got networking, + # Try fetching instructions for this box and execute them. + instructions = {} + if get_default_gateway_linux(): + locmac = get_local_MACs() + if not len(locmac): + print('[N] No network interfaces - No net deploy.') + else: + for mac in locmac: + try: + instructions = grab_url_data('https://raw.githubusercontent.com/Torxed/archinstall/net-deploy/deployments/{}.json'.format(mac)) + except urllib.error.HTTPError: + print('[N] No instructions for this box on this mac: {}'.format(mac)) + continue + + #print('Decoding:', instructions) + try: + instructions = json.loads(instructions.decode('UTF-8'), object_pairs_hook=oDict) + except: + print('[E] JSON instructions failed to load for {}'.format(mac)) + traceback.print_exc() + instructions = {} + sleep(5) + continue + + if 'args' in instructions: + for key, val in instructions['args'].items(): + args[key] = val + else: + print('[N] No gateway - No net deploy') + print(args) if not os.path.isfile(args['pwfile']): - PIN = '0000' + #PIN = '0000' with open(args['pwfile'], 'w') as pw: - pw.write(PIN) - else: - ## TODO: Convert to `rb` instead. - # We shouldn't discriminate \xfu from being a passwd phrase. - with open(args['pwfile'], 'r') as pw: - PIN = pw.read().strip() + pw.write(args['password']) + #else: + # ## TODO: Convert to `rb` instead. + # # We shouldn't discriminate \xfu from being a passwd phrase. + # with open(args['pwfile'], 'r') as pw: + # PIN = pw.read().strip() print() - print('[!] Disk PASSWORD is: {}'.format(PIN)) + print('[!] Disk PASSWORD is: {}'.format(args['password'])) print() print('[N] Setting up {drive}.'.format(**args)) # dd if=/dev/random of=args['drive'] bs=4096 status=progress @@ -197,6 +234,29 @@ if __name__ == '__main__': o = run("sed -i 's/#Server/Server/' /root/mirrorlist") o = run('rankmirrors -n 6 /root/mirrorlist > /etc/pacman.d/mirrorlist') + pre_conf = {} + if 'pre' in instructions: + pre_conf = instructions['pre'] + elif 'prerequisits' in instructions: + pre_conf = instructions['prerequisits'] + + ## Prerequisit steps needs to NOT be executed in arch-chroot. + ## Mainly because there's no root structure to chroot into. + ## But partly because some configurations need to be done against the live CD. + ## (For instance, modifying mirrors are done on LiveCD and replicated intwards) + for title in pre_conf: + print('[N] Network prerequisit step: {}'.format(title)) + for command in pre_conf[title]: + opts = pre_conf[title][command] if type(pre_conf[title][command]) in (dict, oDict) else {} + if len(opts): + print('[-] Options: {}'.format(opts)) + + #print('[N] Command: {} ({})'.format(command, opts)) + o = run('{c}'.format(c=command), opts) + if type(conf[title][command]) == bytes and len(conf[title][command]) and not conf[title][command] in o: + print('[W] Prerequisit step failed: {}'.format(o.decode('UTF-8'))) + #print(o) + print('[N] Straping in packages.') o = run('pacman -Syy') o = run('pacstrap /mnt base base-devel btrfs-progs efibootmgr nano wpa_supplicant dialog {packages}'.format(**args)) @@ -211,17 +271,18 @@ if __name__ == '__main__': #o = run('arch-chroot /mnt echo "{hostname}" > /etc/hostname'.format(**args)) #o = run("arch-chroot /mnt sed -i 's/#\(en_US\.UTF-8\)/\1/' /etc/locale.gen") o = run("arch-chroot /mnt sh -c \"echo '{hostname}' > /etc/hostname\"".format(**args)) - o = run("arch-chroot /mnt sh -c \"echo -n 'en_US.UTF-8' > /etc/locale.gen\"") + o = run("arch-chroot /mnt sh -c \"echo 'en_US.UTF-8 UTF-8' > /etc/locale.gen\"") + o = run("arch-chroot /mnt sh -c \"echo 'LANG=en_US.UTF-8' > /etc/locale.conf\"") o = run('arch-chroot /mnt locale-gen') o = run('arch-chroot /mnt chmod 700 /root') ## == Passwords - # o = run('arch-chroot /mnt usermod --password {} root'.format(PIN)) - # o = run("arch-chroot /mnt sh -c 'echo {pin} | passwd --stdin root'".format(pin='"{pin}"'.format(**args, pin=PIN)), echo=True) - o = run("arch-chroot /mnt sh -c \"echo 'root:{pin}' | chpasswd\"".format(**args, pin=PIN)) + # o = run('arch-chroot /mnt usermod --password {} root'.format(args['password'])) + # o = run("arch-chroot /mnt sh -c 'echo {pin} | passwd --stdin root'".format(pin='"{pin}"'.format(**args, pin=args['password'])), echo=True) + o = run("arch-chroot /mnt sh -c \"echo 'root:{pin}' | chpasswd\"".format(**args, pin=args['password'])) if 'user' in args: o = run('arch-chroot /mnt useradd -m -G wheel {user}'.format(**args)) - o = run("arch-chroot /mnt sh -c \"echo '{user}:{pin}' | chpasswd\"".format(**args, pin=PIN)) + o = run("arch-chroot /mnt sh -c \"echo '{user}:{pin}' | chpasswd\"".format(**args, pin=args['password'])) with open('/mnt/etc/mkinitcpio.conf', 'w') as mkinit: ## TODO: Don't replace it, in case some update in the future actually adds something. @@ -246,33 +307,31 @@ if __name__ == '__main__': entry.write('initrd /initramfs-linux.img\n') entry.write('options cryptdevice=UUID={UUID}:luksdev root=/dev/mapper/luksdev rw intel_pstate=no_hwp\n'.format(UUID=UUID)) - ## == If we got networking, - # Try fetching instructions for this box and execute them. - if get_default_gateway_linux(): - locmac = get_local_MACs() - for mac in locmac: - try: - instructions = grab_url_data('https://raw.githubusercontent.com/Torxed/archinstall/net-deploy/deployments/{}.json'.format(mac)) - except urllib.error.HTTPError: - print('[N] No instructions for this box on this mac: {}'.format(mac)) - continue - - #print('Decoding:', instructions) - instructions = json.loads(instructions.decode('UTF-8'), object_pairs_hook=oDict) - - for title in instructions: - print('[N] Network Deploy: {}'.format(title)) - for command in instructions[title]: - opts = instructions[title][command] if type(instructions[title][command]) in (dict, oDict) else {} - - #print('[N] Command: {} ({})'.format(command, opts)) - o = run('arch-chroot /mnt {c}'.format(c=command), **opts) - if type(instructions[title][command]) == bytes and len(instructions[title][command]) and not instructions[title][command] in o: - print('[W] Post install command failed: {}'.format(o.decode('UTF-8'))) - #print(o) - - o = run('umount -R /mnt') + conf = {} + if 'post' in instructions: + conf = instructions['post'] + elif not 'args' in instructions and len(instructions): + conf = instructions + + for title in conf: + print('[N] Network Deploy: {}'.format(title)) + for command in conf[title]: + opts = conf[title][command] if type(conf[title][command]) in (dict, oDict) else {} + if len(opts): + print('[-] Options: {}'.format(opts)) + + #print('[N] Command: {} ({})'.format(command, opts)) + o = run('arch-chroot /mnt {c}'.format(c=command), opts) + if type(conf[title][command]) == bytes and len(conf[title][command]) and not conf[title][command] in o: + print('[W] Post install command failed: {}'.format(o.decode('UTF-8'))) + #print(o) + if args['post'] == 'reboot': + o = run('umount -R /mnt') o = run('reboot now') else: - print('Done. "reboot" when you\'re done tinkering.') + print('Done. "umount -R /mnt; reboot" when you\'re done tinkering.') + + + +'su - postgres -c "psql -c \'CREATE USER pdns WITH PASSWORD \\\'SomePassword\\\';\'"' diff --git a/deployments/08:00:27:36:83:9b.json b/deployments/08:00:27:36:83:9b.json new file mode 100644 index 00000000..c6e4f698 --- /dev/null +++ b/deployments/08:00:27:36:83:9b.json @@ -0,0 +1,21 @@ +{ + "args" : { + "password" : "0000" + }, + "pre" : { + "sh -c \"echo -n -e '[arch_offline]\nSigLevel = Optional TrustAll\nServer = http://localmirror.lan/archlinux/os/${arch}' >> /etc/pacman.conf\"" : null + }, + "post" : { + "Setup openssh": { + "pacman -Syy --noconfirm openssh" : null + }, + "Setup OpenVPN": { + "pacman -Syy --noconfirm openvpn" : null + }, + "Setup autostarts": { + "systemctl enable dhcpcd" : null, + "systemctl enable openssh" : null, + "systemctl enable openvpn-client@testclient" : null + } + } +} diff --git a/deployments/08:00:27:6f:0c:25.json b/deployments/08:00:27:6f:0c:25.json new file mode 100644 index 00000000..423fe872 --- /dev/null +++ b/deployments/08:00:27:6f:0c:25.json @@ -0,0 +1,29 @@ +{ + "args" : { + "password" : "0000", + "post" : "stay" + }, + "post" : { + "Installing DNS + Database": { + "pacman -Syy --noconfirm powerdns postgresql" : null + }, + "Setup Database": { + "sh -c \"echo 'postgres:{pin}' | chpasswd\"" : null, + "su - postgres -c \"initdb --locale $LANG -E UTF8 -D '/var/lib/postgres/data'\"" : null, + "systemctl start postgresql" : null, + "su - postgres -c \"psql -c \\\"CREATE USER pdns WITH PASSWORD 'SomePassword';\\\"\"" : {"debug" : true} + }, + "Setup DNS": { + "sh -c \"echo -e 'launch=gpgsql\ngpgsql-host=127.0.0.1\ngpgsql-user=pdns\ngpgsql-dbname=pdns\ngpgsql-password={PIN}' >> /etc/powerdns/pdns.conf\"" : null, + "psql -U pdns -d pdns -a -f /usr/share/doc/powerdns/schema.pgsql.sql" : null + }, + "Install DNS Entries": { + + }, + "Setup autostarts": { + "systemctl enable dhcpcd" : null, + "systemctl enable postgresql" : null, + "systemctl enable powerdns" : null + } + } +} diff --git a/deployments/08:00:27:e0:e0:e6.json b/deployments/08:00:27:e0:e0:e6.json new file mode 100644 index 00000000..79347f8b --- /dev/null +++ b/deployments/08:00:27:e0:e0:e6.json @@ -0,0 +1,31 @@ +{ + "args" : { + "password" : "0001" + }, + "post" : { + "Setup temp build env": { + "pacman -Syy --noconfirm git" : null, + "useradd -m -G wheel builder" : null, + "sed -i 's/# %wheel ALL=(ALL) NO/%wheel ALL=(ALL) NO/' /etc/sudoers" : null + }, + "install lighttpd2-git": { + "git clone https://aur.archlinux.org/lighttpd2-git.git /home/builder/lighttpd2" : null, + "chown -R builder.builder /home/builder/lighttpd2" : null, + "su - builder -c \"(cd /home/builder/lighttpd2/; /usr/bin/makepkg -s --noconfirm)\"" : null, + "sh -c 'pacman -U --noconfirm /home/builder/lighttpd2/*.xz'" : null + }, + "Remove temp build env": { + "rm -rf /home/builder/lighttpd2" : null, + "sed -i 's/%wheel ALL=(ALL) NO/# %wheel ALL=(ALL) NO/' /etc/sudoers" : null + }, + "Create mirror": { + "mkdir -p /srv/http/archlinux/arch_offline/os/x86_64" : null, + "pacman --noconfirm --dbpath /tmp/ -Syu -w --cachedir /srv/http/archlinux/arch_offline/os/x86_64 base base-devel git python python-systemd awesome xorg-xinit xorg-server xterm nano screen sudo iptables mesa-libgl dhclient dnsmasq darkhttpd openssh sshfs openssl openvpn gcc openvpn rtorrent powerdns postgresql" : null, + "sh -c 'repo-add /srv/http/archlinux/arch_offline/os/x86_64/arch_offline.db.tar.gz /srv/http/archlinux/arch_offline/os/x86_64/*.pkg.tar.xz'" : null + }, + "Setup autostarts": { + "systemctl enable dhcpcd" : null, + "systemctl enable lighttpd2" : null + } + } +} |