Created
June 26, 2016 14:35
-
-
Save RubenKelevra/dbfb959a2f4d6589d87bf8a40bc8e7cc to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ -z "$1" ] && (echo "supply a hostname!") && exit 1 | |
| hostname="$1" | |
| extrarepos=' | |
| [archlinuxfr] | |
| SigLevel = Optional TrustAll | |
| Server = http://repo.archlinux.fr/$arch | |
| [repo-ck] | |
| Server = http://repo-ck.com/$arch | |
| Server = http://repo-ck.com/$arch | |
| Server = http://repo-ck.com/$arch | |
| Server = http://repo-ck.com/$arch | |
| Server = http://repo-ck.com/$arch | |
| Server = http://repo-ck.com/$arch | |
| Server = http://repo-ck.com/$arch | |
| Server = http://repo-ck.com/$arch | |
| Server = http://repo-ck.com/$arch | |
| Server = http://repo-ck.com/$arch | |
| Server = http://repo-ck.com/$arch | |
| Server = http://repo-ck.com/$arch | |
| [archzfs] | |
| Server = http://archzfs.com/$repo/x86_64' | |
| locale_conf='LANG=de_DE.UTF-8 | |
| LC_CTYPE="de_DE.UTF-8" | |
| LC_NUMERIC="de_DE.UTF-8" | |
| LC_TIME="de_DE.UTF-8" | |
| LC_COLLATE="de_DE.UTF-8" | |
| LC_MONETARY="de_DE.UTF-8" | |
| LC_MESSAGES="de_DE.UTF-8" | |
| LC_PAPER="de_DE.UTF-8" | |
| LC_NAME="de_DE.UTF-8" | |
| LC_ADDRESS="de_DE.UTF-8" | |
| LC_TELEPHONE="de_DE.UTF-8" | |
| LC_MEASUREMENT="de_DE.UTF-8"' | |
| echo "Init complete." | |
| #check preconditions | |
| echo "Checking internet-connection..." | |
| ping -q 8.8.8.8 -c 4 -i 1 -W 5 >/dev/null 2>&1 | |
| if test $? -ne 0; then | |
| echo "ping failed.";exit 1 | |
| fi | |
| ping -q google.com -c 4 -i 1 -W 5 >/dev/null 2>&1 | |
| if test $? -ne 0; then | |
| echo "DNS-resolution failed.";exit 1 | |
| fi | |
| echo "Updating time..." | |
| ntpdate pool.ntp.org >/dev/null 2>&1 | |
| if test $? -ne 0; then | |
| echo "NTP failed.";exit 1 | |
| fi | |
| hwclock -w || true | |
| echo "install basic system..." | |
| pacstrap /mnt base base-devel grub || exit 1 | |
| echo "generating fstab entrys..." | |
| genfstab -Up /mnt >> /mnt/etc/fstab || exit 1 | |
| sed -i -e 's/rw,relatime,data=ordered/rw,data=ordered,noatime,discard,journal_checksum,max_batch_time=125000,min_batch_time=15000,stripe=128/' /mnt/etc/fstab || exit 1 | |
| sed -i -e 's/defaults/defaults,discard/' /mnt/etc/fstab || exit 1 | |
| echo 'KERNELVER=`uname -r` | |
| LOAD=`uptime | awk -F'\''load average:'\'' '\''{ print $2 }'\''` | |
| # get uptime from /proc/uptime | |
| uptime=$(</proc/uptime) | |
| uptime=${uptime%%.*} | |
| seconds=$(( uptime%60 )) | |
| minutes=$(( uptime/60%60 )) | |
| hours=$(( uptime/60/60%24 )) | |
| days=$(( uptime/60/60/24 )) | |
| UPTIME="$days days $hours:$minutes" | |
| short_hostname=$(echo $HOSTNAME | cut -d"." -f1) | |
| echo " | |
| /\\ _ _ _ | |
| / \\ __ _ _ __ ___| |__ | (_)_ __ _ ___ __ | |
| /'\'' \\ / _\\\`| '\''__/ __| '\''_ \\| | | '\''_ \\| | | \\ \\/ / | |
| /_- ~ -\\ | (_| | | | (__| | | | | | | | | |_| |> < | |
| / \\ \\__,_|_| \\___|_| |_|_|_|_| |_|\\__,_/_/\_\\ | |
| / _- - _ '\''\\ | |
| /_-'\'' '\''-_\\ connected to $short_hostname running Linux $KERNELVER | |
| Machine Load: $LOAD | |
| Machine Uptime: $UPTIME | |
| " > /etc/issue' > /mnt/usr/local/bin/issue_update.sh | |
| echo "writing install-script ..." | |
| echo "admins=(\"ruben\" \"sascha\" \"tobias\" \"felix\")" > /mnt/install.sh | |
| echo "declare -A sshkeys" >> /mnt/install.sh | |
| echo "sshkeys[\"ruben\"]='ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDA4VjJnNTVDxtLgQqCzOiPWsy0yBNiv32GzzYPPatKYozL8PW5hDhEWg7h8vMs5Ty77U/qijjNr4VRyKKmvDFv907f6Wg/Fnm0a7+DmzZ6M4jdEJgqM3LJc3V81aXB6vXDCpCHB3orIKVB9xz2zaBdcA1A8eNYmy7paiZZPnjnSTGDt+UNMWfKumD9TAj4zyvH3yc1MdeB2WOvWCdxQXnyVEfS/AvAIZtzZA5D2osCPKouTGpjKZXoRYqJoT7X+GltbkopFZ7As9jEMfxG3Rum8oIOrqhNwy4ipahd50RYLhBXEUFvFQpDNadlbeslgTq/P5feX1z41PUR5OgNP8cd [email protected] | |
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIVP7CBN1orjIvx7OOvAaQ6h461ziDZjjgJSseR1GfPvpFizP80+N+6bhrOs8+sz/BxaO1kr9fpArs+g/NmMQobiiXKKmOcR+Wm1y2/LBOrtotmZZJGVQnSoQwwY9K7xhJMGKL4TlktSusvmja5kg2WAf7vW389oYqTfwVq4TgerpPSihn9vVRfVi0827MNfh5agwRIZ/OgWXd6ka/LDByQ0FtV4npFWAwx4/uWphg2t/g6vR7ZoIt5rBSR/E0VqRGMwSbwlbDbYgJTPJ3/lVCrDtVka2r1fuL5f+VyuyYhobtBwkjD5GusIB82XlvIs4KzFTOGVhPpvrmoFKaN1aJ [email protected]_2 | |
| ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAFGe5/7cfDkbssq+byjSC1NEfFRIT9h7q26hKESXl2OSQuNj/vRLXlyF1iz8zwFamg0YSVjWb6KwvydimpfXNp8KQE3DKefEzn85eZMO3igMUl9tlnUQFU8skNFyG0o7aSSvw5P4AF5lFEJWqXT8VIkivU5ejI1Ua62CihwMccZ5LbFsg== ruben@i3-2014-09-22' | |
| sshkeys[\"sascha\"]='ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDaN3JkkX8JnNjU8KfzW5VmnHJ53NWsMfTv1RD17HKVTzpGt3kc4tEAbt3yca+zBLQ2QuymAauPnSNxbE+eB+E5xKJgXzYSbujBewNBBKaYamYr0WMhOS4iOSIgNv5RZRa59xKpBenkGrmQUfNN1b9kITlZHSu5pYRS5CCXLoCflrroKPttcW3Bt3mHYkOnw85lndRMY/NJ/1jmTJMsX0mmjYbvDF9YLkvYaQhzQI6eU9nb4z4YB7Vs3ksg3cdE3uHThE5NTXqYe73uL0wUUyYQl3+Ta3brPCqhOCF8WTtHEgk5RMaiQtul8xUhOoy+KPCpZJoUbD8FBIOWiM6LLuN [email protected]' | |
| sshkeys[\"tobias\"]='ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDW5fdNl1nCgAlr2ybbYkliqH+B/UvaJPXddlYlxNVcEEIMYO4myy26hg1k9pnOKXVxBUyOQo627RbHKB129HK5nksFoFrqzXmh8LKgOR4/yOff8jLYOba4GYynwplsgosR5Jrf7AIJSKfU47dYOQBoTtYTjcVLuaqQzVUkgR6lJBPY9si4o4kmwrjcluwiEsjoVer8qnUhSDtRPQmPMTHGenR56/j4tUEoLHUwkkgcjc/EMh05KDvCD1aOvPm89zptwKg8Hwn4xHKrTzTQSpmQ+KB7tMLi2WZ9ubZgJDajbdqo7a/crGBM2+CiZVbiQAwuEBSvZbr/kiUQ69jjsbar [email protected]' | |
| sshkeys[\"felix\"]='ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtAmxj3njoTfrqVdy4BcJkUFZXVmqg4YRaN8VK4ysXr1FC6zQcUmhAuw7vTh9y8pJW9AhiE/yoeX3jmJFuBaBludWudNxWq91w59R/IPF1umdPERiQzUzxV30ST4MmB8kXsjniXGWqbBovOK2GwCbilgQiKsjGuWNxhcz6Y3Nr3vG6tLgbTK5pEz2sovf+KL7h+8HRmcz4OgvI8CRhHk84hnv8MChr+zjcptwQ3R35gwzUWYc60dJlOX1F/2NeDUivVI+WPNTGTzDZZYNxgTWC86g4y8W0o74FGTO4zf/SheArhV5OMkQl31PZPzBy5YIJ7CZy11ifORAqso6mjRw+w== [email protected]'" >> /mnt/install.sh | |
| echo "echo '$hostname' > /etc/hostname" >> /mnt/install.sh | |
| echo "ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime" >> /mnt/install.sh | |
| echo "sed -i -e 's/#\(de_DE\).UTF-8 UTF-8/\1.UTF-8 UTF-8/' /etc/locale.gen" >> /mnt/install.sh | |
| echo "sed -i -e 's/#\(de_DE\) ISO-8859-1/\1 ISO-8859-1/' /etc/locale.gen" >> /mnt/install.sh | |
| echo "sed -i -e 's/#\(de_DE\)@euro ISO-8859-15/\1@euro ISO-8859-15/' /etc/locale.gen" >> /mnt/install.sh | |
| echo "locale-gen" >> /mnt/install.sh | |
| echo "echo '$locale_conf' > /etc/locale.conf" >> /mnt/install.sh | |
| echo "echo 'KEYMAP=\"de-latin1\"' > /etc/vconsole.conf" >> /mnt/install.sh | |
| echo "echo '$extrarepos' >> /etc/pacman.conf" >> /mnt/install.sh | |
| echo "dirmngr < /dev/null" >> /mnt/install.sh | |
| echo "pacman-key -r 5E1ABF240EE7A126 && pacman-key --lsign-key 5E1ABF240EE7A126" >> /mnt/install.sh | |
| echo "pacman -Syy" >> /mnt/install.sh | |
| echo "pacman -S yaourt --noconfirm" >> /mnt/install.sh | |
| echo "sed -i -e 's/ -mtune=generic / /g' /etc/makepkg.conf" >> /mnt/install.sh | |
| echo "sed -i -e 's/-march=x86-64 /-march=native /g' /etc/makepkg.conf" >> /mnt/install.sh | |
| echo "sed -i -e 's/^#MAKEFLAGS=\"-j2\"/MAKEFLAGS=\"-j4\"/' /etc/makepkg.conf" >> /mnt/install.sh | |
| echo "LISTOFADMINS=''" >> /mnt/install.sh | |
| echo 'for admin in "${admins[@]}"; do' >> /mnt/install.sh | |
| echo "" >> /mnt/install.sh | |
| echo ' useradd -m -g users -G wheel -s /bin/bash $admin' >> /mnt/install.sh | |
| echo ' mkdir /home/$admin/.ssh/' >> /mnt/install.sh | |
| echo ' touch /home/$admin/.ssh/authorized_keys' >> /mnt/install.sh | |
| echo ' chown $admin: -R /home/$admin/.ssh/' >> /mnt/install.sh | |
| echo ' chmod 700 /home/$admin/.ssh/' >> /mnt/install.sh | |
| echo ' chmod 600 /home/$admin/.ssh/authorized_keys' >> /mnt/install.sh | |
| echo ' echo "${sshkeys["$admin"]}" > /home/$admin/.ssh/authorized_keys' >> /mnt/install.sh | |
| echo ' LISTOFADMINS+=" $admin"' >> /mnt/install.sh | |
| echo 'done' >> /mnt/install.sh | |
| echo "sed -i -e 's/# %wheel ALL=(ALL) NOPASSWD: ALL/%wheel ALL=(ALL) NOPASSWD: ALL/' /etc/sudoers" >> /mnt/install.sh | |
| echo 'echo "running yaourt with $admin-user"' >> /mnt/install.sh | |
| echo 'su $admin -c "yaourt -S rk-server-basic --noconfirm"' >> /mnt/install.sh | |
| echo "pkgfile --update" >> /mnt/install.sh | |
| echo 'echo -e "\nAllowUsers$LISTOFADMINS" >> /etc/ssh/sshd_config;unset LISTOFADMINS' >> /mnt/install.sh | |
| echo "sed -i -e 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config" >> /mnt/install.sh | |
| echo "sed -i -e 's/#Port 22/Port 1337/' /etc/ssh/sshd_config" >> /mnt/install.sh | |
| echo "sed -i -e 's/#ClientAliveInterval 0/ClientAliveInterval 2/' /etc/ssh/sshd_config" >> /mnt/install.sh | |
| echo "sed -i -e 's/#ClientAliveCountMax 3/ClientAliveCountMax 5/' /etc/ssh/sshd_config" >> /mnt/install.sh | |
| echo "sed -i -e 's/#Banner none/Banner \/etc\/issue/' /etc/ssh/sshd_config" >> /mnt/install.sh | |
| echo "sed -i -e 's/#MaxStartups 10:30:100/MaxStartups 10:30:100/' /etc/ssh/sshd_config" >> /mnt/install.sh | |
| echo "sed -i -e 's/#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config" >> /mnt/install.sh | |
| echo "sed -i -e 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config" >> /mnt/install.sh | |
| echo "sed -i -e 's/#PermitEmptyPasswords no/PermitEmptyPasswords no/' /etc/ssh/sshd_config" >> /mnt/install.sh | |
| echo "passwd -l root" >> /mnt/install.sh | |
| echo "systemctl enable dhcpcd" >> /mnt/install.sh | |
| echo "systemctl enable sshd" >> /mnt/install.sh | |
| echo "systemctl enable fstrim.timer" >> /mnt/install.sh | |
| echo "systemctl mask tmp.mount" >> /mnt/install.sh | |
| echo "crontab /crontab" >> /mnt/install.sh | |
| echo "chmod +x /usr/local/bin/issue_update.sh" >> /mnt/install.sh | |
| echo "echo noarp >> /etc/dhcpcd.conf" >> /mnt/install.sh | |
| echo "mkinitcpio -p linux" >> /mnt/install.sh | |
| echo "grub-install $maindevice --target=i386-pc" >> /mnt/install.sh | |
| echo "sed -i -e 's/GRUB_TIMEOUT=5/GRUB_TIMEOUT=2/' /etc/default/grub" >> /mnt/install.sh | |
| echo "grub-mkconfig -o /boot/grub/grub.cfg" >> /mnt/install.sh | |
| echo "0 * * * * systemd-tmpfiles --clean | |
| @reboot rm -f /var/lib/pacman/db.lck | |
| */15 * * * * pacman -Syuw --noconfirm | |
| 0 */2 * * * pacman-optimize | |
| */1 * * * * /usr/local/bin/issue_update.sh" > /mnt/crontab | |
| echo "doing chroot, to configure new system..." | |
| arch-chroot /mnt /bin/sh <<EOC | |
| bash /install.sh | |
| rm /install.sh | |
| rm /crontab | |
| EOC |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment