first checkin after breaking out from git@git.wit.com:wit/debcore_stuff.git

2018-09-24 13:54:24 +00:00 · 2018-09-24 13:54:24 +00:00 · a73a0e9e24
commit a73a0e9e24
3 changed files with 342 additions and 0 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -0,0 +1,14 @@
+pipeline:
+        build:
+                image: registry.v1.cloud.wit.com/toby/packager:1.3
+                commands:
+                        - export DEBNAME=wit-pxeboot
+                        - export RESULT_DIR=/tmp/result
+                        - ./create_pxeinitrd.sh
+                        - cd $RESULT_DIR
+                        - dpkg-buildpackage --no-sign
+                        - ls -lha ../$DEBNAME_*_all.deb
+                        - echo "$SSH_KEY" >/tmp/id_rsa
+                        - chmod 600 /tmp/id_rsa
+                        - scp -i /tmp/id_rsa -o StrictHostKeyChecking=no -P 22022 ../$DEBNAME_*_all.deb root@cloud-api.v1.cloud.wit.com:/data/incoming
+                secrets: [ ssh_key ]
--- a/16
+++ b/16
@ -0,0 +1,16 @@
+FROM debian:sid
+
+MAINTAINER "toby" <toby@wit.com>
+
+RUN apt-get update
+
+RUN apt-get -y install curl gnupg ca-certificates
+
+RUN echo 'deb https://mirrors.wit.com/debian sid main contrib non-free' > /etc/apt/sources.list && \
+    echo 'deb https://mirrors.wit.com/debcore sid main' >> /etc/apt/sources.list && \
+    curl https://mirrors.wit.com/debcore/public.key | apt-key add - && \
+    apt-get update
+
+RUN apt-get -y install debootstrap xz-utils cpio gzip devscripts build-essential lintian debhelper config-package-dev
+
+RUN apt-get clean
--- a/create_pxeinitrd.sh
+++ b/create_pxeinitrd.sh
@ -0,0 +1,312 @@
+#!/bin/bash
+set -Eeuxo pipefail
+
+DEBNAME=${DEBNAME:=wit-pxeboot}
+
+SIZE=10000
+HOSTNAME=localhost
+RELEASE=unstable
+
+TMP_DIR=$(mktemp -d)
+MNT_DIR=$TMP_DIR/newroot
+RESULT_DIR=${RESULT_DIR:=/tmp/result}
+
+
+# Configs overwritable via environment variables
+FLAVOUR=${FLAVOUR:=debian}					# Either 'debian' or 'ubuntu'
+INCLUDES=${INCLUDES:="openssh-server,init,curl,vim,locales-all,less,ceph-common,dmidecode,iputils-ping,fping,tcpdump,rsync,ethtool,lldpd,iproute2,net-tools,sudo,gnupg,tcpdump,mtr-tiny,ifupdown,ipmitool,iptables,telnet,netcat,bridge-utils,vlan,ifstat,ncurses-term,wget,dhcpcd5"}
+MIRROR=${MIRROR:="https://mirrors.wit.com/debian"}
+ARCH=${ARCH:=amd64}
+
+
+clean_debian() {
+	[ "$TMP_DIR" != "" ] && rm -r $TMP_DIR
+}
+
+fail() {
+	clean_debian
+	echo ""
+	echo "FAILED: $1"
+	exit 1
+}
+
+cancel() {
+	fail "CTRL-C detected"
+}
+
+trap cancel INT
+
+mkdir $MNT_DIR
+
+
+if [ $FLAVOUR == "debian" ]; then
+    BOOT_PKG="linux-image-$ARCH"
+elif [ $FLAVOUR == "ubuntu" ]; then
+    BOOT_PKG="linux-image-generic"
+fi
+
+
+###################
+## build root fs ##
+###################
+
+
+echo "Installing Debian $RELEASE..."
+debootstrap --variant=minbase --include=$INCLUDES $RELEASE $MNT_DIR $MIRROR || fail "cannot install $RELEASE"
+
+echo $HOSTNAME > $MNT_DIR/etc/hostname
+
+cat <<EOF > $MNT_DIR/etc/hosts
+127.0.0.1       localhost
+# The following lines are desirable for IPv6 capable hosts
+::1     localhost ip6-localhost ip6-loopback
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
+EOF
+
+
+rm -f $MNT_DIR/etc/apt/sources.list
+echo 'deb https://mirrors.wit.com/debian sid main contrib non-free' > $MNT_DIR/etc/apt/sources.list
+echo 'deb https://mirrors.wit.com/debcore sid main' >> $MNT_DIR/etc/apt/sources.list
+curl https://mirrors.wit.com/debcore/public.key | LANG=C DEBIAN_FRONTEND=noninteractive chroot $MNT_DIR apt-key add -
+LANG=C DEBIAN_FRONTEND=noninteractive chroot $MNT_DIR apt-get update
+LANG=C DEBIAN_FRONTEND=noninteractive chroot $MNT_DIR apt-get install -y $BOOT_PKG || fail "cannot install $BOOT_PKG"
+
+
+chroot $MNT_DIR apt-get clean || fail "unable to clean apt cache"
+cat /dev/null > $MNT_DIR/etc/machine-id
+
+sed -i '/PasswordAuthentication/d' $MNT_DIR/etc/ssh/sshd_config
+echo "PasswordAuthentication no" >>$MNT_DIR/etc/ssh/sshd_config
+
+mkdir -p $MNT_DIR/root/.ssh
+echo ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDd7rLlS1NmTpBr5KP5ryuA/euGD8I6uc2RCg4sCIlvH0FhEPb123QuMVImHi23ftVP61cKZXm8MlTtAoLHduYtGMHCkJWAAkiIpPetAP2KPIpuadtgIS8xuD/TCYjl0xNXLh0M1C7i7HOnTd8yr+3QNjUppyDdKjLvMQbPWZZTU5rt7CYoGlrxHjieCkq9jj8kRjRARUaAJ4DHEgMFUDIcq3JYluzzkgPK/JFwoq/IokVQCr5qfQRwr3SCkD4sIuGTj+J67uzabIr/xDBqlrMW3T+7YfY12ciHpijob+l7xESkJ+6Gxh56z8llBkGiVyh3UqnmW4MvfuAA/D3Dzhwr afrank@adams-mbp.lan > $MNT_DIR/root/.ssh/authorized_keys
+
+cat <<EOF > $MNT_DIR/etc/systemd/system/start-me-up.service
+[Unit]
+Description=WIT System Startup
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/start_me_up.sh
+RemainAfterExit=true
+ExecStop=/usr/local/bin/shut_me_down.sh
+StandardOutput=journal
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+
+cat <<EOF > $MNT_DIR/usr/local/bin/start_me_up.sh
+#!/bin/bash
+eval "kernel_args=( \$(cat /proc/cmdline) )"
+for i in "\${kernel_args[@]}"
+ do
+   if [ \${i:0:4} = exec ]
+     then
+       export -- "\$i"
+   fi
+done
+
+echo \$execstartup
+eval \$execstartup
+EOF
+
+
+cat <<EOF > $MNT_DIR/usr/local/bin/shut_me_down.sh
+#!/bin/bash
+eval "kernel_args=( \$(cat /proc/cmdline) )"
+for i in "\${kernel_args[@]}"
+ do
+   if [ \${i:0:4} = exec ]
+     then
+       export -- "\$i"
+   fi
+done
+
+echo \$execshutdown
+eval \$execshutdown
+EOF
+
+
+cat <<EOF >$MNT_DIR/root/install.sh
+#!/bin/bash
+set -eo pipefail
+export INSTALLEXTRA="\$@"
+curl http://roberto.wit.com:8081/create_local_install.sh | bash
+EOF
+
+
+cat <<EOF >$MNT_DIR/etc/dhcpcd.conf
+hostname
+duid
+slaac hwaddr
+noipv4ll
+option domain_name_servers, domain_name, domain_search, host_name
+option classless_static_routes, ntp_servers, interface_mtu
+require dhcp_server_identifier
+EOF
+
+
+chmod +x $MNT_DIR/root/install.sh
+chmod +x $MNT_DIR/usr/local/bin/start_me_up.sh
+chmod +x $MNT_DIR/usr/local/bin/shut_me_down.sh
+
+chroot $MNT_DIR systemctl enable start-me-up || fail "failed to enable start-me-up"
+
+
+
+#echo "Enter root password:"
+#while ! chroot $MNT_DIR passwd root
+#do
+#	echo "Try again"
+#done
+
+
+
+###############
+## deb build ##
+###############
+
+
+mkdir -p $RESULT_DIR/debian
+echo -e "$DEBNAME (1.0.$(date +%Y.%m.%d.%H.%M)) unstable; urgency=low\n\n$(git log --format="  * %s")\n\n -- wit <netops@wit.com>  $(date -R)" >$RESULT_DIR/debian/changelog
+
+echo "11" >$RESULT_DIR/debian/compat
+
+cat <<EOF >$RESULT_DIR/debian/$DEBNAME.install
+./vmlinuz /srv/tftp/wit-pxeboot/
+./initramfs.gz /srv/tftp/wit-pxeboot/
+EOF
+
+
+cat <<EOF >$RESULT_DIR/debian/control
+Source: $DEBNAME
+Section: unknown
+Priority: optional
+Maintainer: wit <netops@wit.com>
+Build-Depends: debhelper (>= 11)
+Standards-Version: 4.1.3
+Homepage: http://www.wit.com
+
+Package: $DEBNAME
+Architecture: all
+Depends: \${misc:Depends}, tftpd-hpa
+Description: kernel and initrd to pxeboot debcore
+ kernel and initrd to boot a pxe image easily
+ it also includes a rootfs to quickly kickstart
+ a local install
+EOF
+
+
+cat <<"EOF" >$RESULT_DIR/debian/rules
+#!/usr/bin/make -f
+# See debhelper(7) (uncomment to enable)
+# output every command that modifies files on the build system.
+#export DH_VERBOSE = 1
+
+
+# see FEATURE AREAS in dpkg-buildflags(1)
+#export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+
+# see ENVIRONMENT in dpkg-buildflags(1)
+# package maintainers to append CFLAGS
+#export DEB_CFLAGS_MAINT_APPEND  = -Wall -pedantic
+# package maintainers to append LDFLAGS
+#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
+
+
+%:
+	dh $@
+
+
+# dh_make generated override targets
+# This is example for Cmake (See https://bugs.debian.org/641051 )
+#override_dh_auto_configure:
+#	dh_auto_configure -- #	-DCMAKE_LIBRARY_PATH=$(DEB_HOST_MULTIARCH)
+
+EOF
+
+
+
+
+
+
+##################
+## build initrd ##
+##################
+
+
+mkdir -p $TMP_DIR/initramfs/bin
+wget -O $TMP_DIR/initramfs/bin/busybox https://www.busybox.net/downloads/binaries/1.26.1-defconfig-multiarch/busybox-x86_64
+chmod +x $TMP_DIR/initramfs/bin/busybox
+
+cat > $TMP_DIR/initramfs/init << EOF
+#!/bin/busybox sh
+
+# Dump to sh if something fails
+error() {
+  echo "Jumping into the shell..."
+  setsid cttyhack sh
+}
+
+# Populate /bin with binaries from busybox
+/bin/busybox --install /bin
+
+mkdir -p /proc
+mount -t proc proc /proc
+
+mkdir -p /sys
+mount -t sysfs sysfs /sys
+
+mkdir -p /sys/dev
+mkdir -p /var/run
+mkdir -p /dev
+
+mkdir -p /dev/pts
+mount -t devpts devpts /dev/pts
+
+# Populate /dev
+echo /bin/mdev > /proc/sys/kernel/hotplug
+mdev -s
+
+mkdir -p /newroot
+mount -t tmpfs -o size=${SIZE}m tmpfs /newroot || error
+
+echo "Extracting rootfs... "
+xz -d -c -f rootfs.tar.xz | tar -x -f - -C /newroot || error
+
+mount --move /sys /newroot/sys
+mount --move /proc /newroot/proc
+mount --move /dev /newroot/dev
+
+exec switch_root /newroot /sbin/init || error
+EOF
+
+chmod +x $TMP_DIR/initramfs/init
+
+cd $TMP_DIR/newroot
+tar cJf $TMP_DIR/initramfs/rootfs.tar.xz .
+
+cd $TMP_DIR/initramfs
+mkdir -p $RESULT_DIR
+find . -print0 | cpio --null -ov --format=newc | gzip -9 > $RESULT_DIR/initramfs.gz
+
+cp $TMP_DIR/newroot/boot/vmlinuz-* $RESULT_DIR/vmlinuz
+
+ls -la $RESULT_DIR/
+
+
+
+#############
+## cleanup ##
+#############
+
+
+clean_debian
+exit 0
+
+