2022-03-04 19:33:13 +00:00
#!/bin/bash -e
# vim: set ts=4 sw=4 sts=4 et :
### 04_install_qubes.sh : Prepare chroot instance as a Qubes template
2023-08-25 21:44:09 +00:00
echo "--> Alpine linux 04_install_qubes.sh"
2022-03-04 19:33:13 +00:00
2023-08-26 21:14:13 +00:00
DIST_NAME = "alpinelinux"
DIST_VER = " v ${ DIST #alpine } "
DIST_VER = " ${ DIST_VER /3/3. } "
if [ -z " ${ DIST_NAME } " ] ; then
error "Please provide DIST_NAME in environment."
fi
if [ -z " ${ DIST_VER } " ] ; then
error "Please provide DIST_VER in environment."
fi
2023-08-25 21:44:09 +00:00
APKTOOLS_CACHE_DIR = " ${ CACHEDIR } /apk_cache "
2023-08-26 21:14:13 +00:00
ALPINELINUX_VERSION = ${ DIST_VER :- latest -stable }
QUBESALPINE_MIRROR = " ${ QUBESALPINE_MIRROR :- https : //lab.ilot.io/ayakael/repo-apk/-/raw } "
QUBESALPINE_KEYFILE = " ${ QUBESALPINE_KEYFILE :- antoine .martin@protonmail.com-5b3109ad.rsa.pub } "
QUBES_REL = " ${ QUBES_REL :- r4 .1 } "
2023-08-26 03:00:57 +00:00
export APK_CACHE_DIR
2022-03-04 19:33:13 +00:00
set -e
if [ " $VERBOSE " -ge 2 ] || [ " $DEBUG " -gt 0 ] ; then
set -x
fi
2023-08-25 21:44:09 +00:00
echo " --> Adding Qubes custom repository..."
2023-08-26 21:14:13 +00:00
su -c " echo ' $QUBESALPINE_MIRROR / $ALPINELINUX_VERSION /qubes/ $QUBES_REL ' >> $INSTALLDIR /etc/apk/repositories "
wget " $QUBESALPINE_MIRROR / $ALPINELINUX_VERSION / $QUBESALPINE_KEYFILE " -P " $INSTALLDIR " /etc/apk/keys
2022-03-04 19:33:13 +00:00
echo " --> Synchronize resolv.conf..."
cp /etc/resolv.conf " ${ INSTALLDIR } /etc/resolv.conf "
2023-08-25 21:44:09 +00:00
echo " --> Updating apk repos..."
2023-08-26 03:00:57 +00:00
" ${ TEMPLATE_CONTENT_DIR } /alpine-chroot " " $INSTALLDIR " /bin/sh -c \
2023-08-25 21:44:09 +00:00
"apk update; apk upgrade"
2022-03-04 19:33:13 +00:00
echo " --> Installing mandatory qubes packages..."
2023-08-26 03:00:57 +00:00
" ${ TEMPLATE_CONTENT_DIR } /alpine-chroot " " $INSTALLDIR " /bin/sh -c \
2023-08-25 21:44:09 +00:00
"apk add qubes-vm-dependencies"
2022-03-04 19:33:13 +00:00
echo " --> Installing recommended qubes apps"
2023-08-26 03:00:57 +00:00
" ${ TEMPLATE_CONTENT_DIR } /alpine-chroot " " $INSTALLDIR " /bin/sh -c \
2023-08-26 23:26:29 +00:00
"apk add qubes-vm-recommended qubes-vm-passwordless-root"
2022-03-04 19:33:13 +00:00
echo " --> Updating template fstab file..."
2023-08-26 19:36:16 +00:00
cat > " ${ INSTALLDIR } /etc/fstab " <<EOF
2022-03-04 19:33:13 +00:00
#
# /etc/fstab: static file system information
#
# Templates Directories
/dev/mapper/dmroot / ext4 defaults,discard,noatime 1 1
/dev/xvdb /rw auto noauto,defaults,discard 1 2
/dev/xvdc1 swap swap defaults 0 0
# Template Binds
/rw/home /home none noauto,bind,defaults 0 0
/rw/usrlocal /usr/local none noauto,bind,defaults 0 0
# Template Customizations
tmpfs /dev/shm tmpfs defaults,size= 1G 0 0
EOF
echo " --> Configuring system to our preferences..."
2023-08-25 21:44:09 +00:00
# add hcv0 to inittab
2023-08-26 03:00:57 +00:00
echo "hvc0::respawn:/sbin/getty -L hvc0 115200 vt220" >> " $INSTALLDIR " /etc/inittab
2023-08-26 19:36:16 +00:00
# user and groups
2023-08-26 03:00:57 +00:00
" ${ TEMPLATE_CONTENT_DIR } /alpine-chroot " " $INSTALLDIR " addgroup qubes
2023-08-26 19:36:16 +00:00
" ${ TEMPLATE_CONTENT_DIR } /alpine-chroot " " $INSTALLDIR " addgroup user
" ${ TEMPLATE_CONTENT_DIR } /alpine-chroot " " $INSTALLDIR " adduser -D user -G user -s /bin/bash
" ${ TEMPLATE_CONTENT_DIR } /alpine-chroot " " $INSTALLDIR " addgroup user qubes
# create /lib/modules for qubes-kernel module mount
" ${ TEMPLATE_CONTENT_DIR } /alpine-chroot " " $INSTALLDIR " mkdir /lib/modules
2023-08-26 03:00:57 +00:00
2023-12-08 01:16:14 +00:00
# lo device
cat > " ${ INSTALLDIR } /etc/network/interfaces " <<EOF
auto lo
iface lo inet loopback
EOF
2023-08-25 21:44:09 +00:00
# enable services
2023-08-26 19:36:16 +00:00
for i in udev udev-trigger xendriverdomain qubes-qrexec-agent qubes-db qubes-meminfo-writer qubes-sysinit qubes-core-early qubes-core qubes-gui-agent crond acpid; do
2023-08-26 03:00:57 +00:00
" ${ TEMPLATE_CONTENT_DIR } /alpine-chroot " " $INSTALLDIR " rc-update add $i default
2023-08-25 21:44:09 +00:00
done
2023-08-26 19:36:16 +00:00
for i in bootmisc hostname hwclock loadkmap modules networking seedrng swap sysctl syslog; do
" ${ TEMPLATE_CONTENT_DIR } /alpine-chroot " " $INSTALLDIR " rc-update add $i boot
done
for i in devfs dmesg hwdrivers mdev; do
" ${ TEMPLATE_CONTENT_DIR } /alpine-chroot " " $INSTALLDIR " rc-update add $i sysinit
done