blob: 245f73c10161f021aea2ed94bab3a41e3763c9fe (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
#!/bin/bash
# generates user data, meta data, and seed.iso for cloud init. for debian
# requires the name of the vm as an argument
#
# osinfo-query os to list all available vm types to deploy. debian is debian12
# use no cloud and some other tools because cloud init does not work
image_url="https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-nocloud-amd64.qcow2"
sshkeysdir="/root/k"
scriptdir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" #&& echo $scriptdir
dir_path="/var/lib/libvirt/images/.image_store"
src_file="${dir_path}/debian12.qcow2"
config_dir="/var/lib/libvirt/images/.temp"
user_data="${config_dir}/user-data"
meta_data="${config_dir}/meta-data"
seed_iso="${config_dir}/seed.iso"
# note that cloud init specifically looks for "user-data" and "meta-data" in the seed.iso disk. do not deviate from the naming convention.
if [ $# -ne 1 ]; then
echo "Usage: $0 <vm-name>"
exit 1
fi
sudo mkdir -p "$dir_path" # make image store dir
sudo mkdir -p "$config_dir"
[ ! -f "$src_file" ] && echo "source image does not exist! downloading..." && sudo wget -O "$src_file" "$image_url"
# First create a command that will generate all the ssh-inject options
SSH_INJECT_OPTS=$(find ${sshkeysdir} -name "*.pub" -exec echo "--ssh-inject user:file:{}" \;)
flag_file="${dir_path}/debian12_customized"
# Check if customization has already been done
if [ -f "$flag_file" ]; then
echo "Image already customized, skipping customization..."
else
echo "Customizing image..."
export LIBGUESTFS_BACKEND=direct
sudo -E virt-customize -a /var/lib/libvirt/images/.image_store/debian12.qcow2 \
--run-command 'useradd -m -s /bin/bash user' \
$SSH_INJECT_OPTS \
--update \
--install openssh-server,git \
--run-command 'echo "user ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/user' \
--run-command 'sed -i "s/PermitRootLogin yes/PermitRootLogin no/" /etc/ssh/sshd_config' \
--run-command 'sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/" /etc/ssh/sshd_config' \
--run-command 'cd /home/user && git clone https://git.0nom.ch/keys && chown -R user:user keys && sudo -u user ./keys/add-ssh-keys.sh' \
--run-command 'tee -a /etc/bashrc > /dev/null << "EOF"
LS_COLORS=$LS_COLORS:'\''di=38;5;135:ex=00;32:'\'' ; export LS_COLORS
PS1='\''[\[\033[01;32m\]\u\[\033[00m\]@\h \[\033[38;5;135m\]\W\[\033[00m\]]\$ '\''
EOF' && \
# Create flag file after successful customization
sudo touch "$flag_file"
fi
|
