freeBSD with a clean install of podman on linux (qemu)

freebsd_inst.sh

#!/bin/bash
set -e

# specs for virtual machine 
declare -A VMACHINE=( [RAM]=4g [CPU]=2 )
# you can override them by redifining them in this file
[ -e specs.sh ] && source ./specs.sh

echo all files in skel will be copied in /home/user

touch skel

function require () { which $1 &> /dev/null && echo "$1 OK" || ( echo "ARG: You SHOULD install $1 $@"; exit 1; )  }
echo CHECKING

require growisofs
require qemu-img package qemu system
require curl

LOCATION=$(pwd)
ARCH=${ARCH:-amd64}
VERSION=${VERSION:-14.2}
FLAVOUR=${FLAVOUR:-RELEASE}
FROM_VM=https://download.freebsd.org/ftp/releases/VM-IMAGES/${VERSION}-${FLAVOUR}/${ARCH}/Latest/
FROM_CDROM=https://download.freebsd.org/ftp/releases/ISO-IMAGES/${VERSION}/
FILENAME=FreeBSD-${VERSION}-${FLAVOUR}-${ARCH}.qcow2
CDROM="$( basename $FILENAME .qcow2 )-bootonly.iso"
BUILD=${LOCATION}/build
read -p "Enter a password for root & user\n# " -s PASSWORD
echo

[ -f $CDROM ] ||  curl "$FROM_CDROM/${CDROM}" > "$CDROM"
[ -f ${FILENAME}.bak ] ||( curl $FROM_VM/${FILENAME}.xz | xz -d - > ${FILENAME}.bak; )
KEYMAP="fr"
BUILD=${LOCATION}/build
SKEL=${LOCATION}/skel
BUILD_ETC=${LOCATION}/build/etc

echo new fresh ISO
cp $LOCATION/$CDROM $LOCATION/new.iso
cp $LOCATION/$CDROM $LOCATION/new2.iso

echo creating build dir

rm -rf "$BUILD"
mkdir  "$BUILD"
mkdir  "$BUILD/etc"
mkdir  "$BUILD/boot"
[ -d $SKEL ] || (mkdir  "$SKEL" && touch "$SKELL/killroy_was_here")

echo new fresh qcow2
# using qemu-nbd snapshot here could be smart but I hate their doc
cp $LOCATION/$FILENAME.bak $LOCATION/${FILENAME}




echo creating /etc/rc.conf
cat > $BUILD/etc/rc.conf << EIA
keymap="$KEYMAP"
firstboot_freebsd_update_enable=YES
growfs_enable=YES
dumpdev="AUTO"
EIA
cat > $BUILD/boot/loader.conf << \EOA
dcons_load="YES"
boot_multicons="YES"
boot_serial="YES"
console="comconsole"
EOA

echo creating /boot/loader.conf


echo creating /ect/installerconfig to executes custom code
cat > $BUILD/etc/installerconfig << \EOG
#!/bin/sh

echo Resizing
ROOTFS_VM=/dev/ada0p4
JAILFS_VM=/dev/ada0p5
camcontrol reprobe /dev/ada0
echo repairaing the size extension made with qemuimg
gpart recover ada0
gpart resize -i 4 /dev/ada0
growfs -y $ROOTFS_VM
echo adding zfs partition
#gpart add -t freebsd-zfs -a 4k -s 1500M ada0
gpart recover ada0

poweroff


EOG



chmod +x $BUILD_ETC/installerconfig
echo building the new CD image with new layer including installerconfig

volid=$(isoinfo -d -i new.iso | awk '/Volume id/{print$3}')

growisofs -M new.iso -d -l -r -V "$volid" -graft-points /etc/rc.conf=$BUILD/etc/rc.conf /etc/installerconfig=$BUILD/etc/installerconfig
echo resizing VM qemu size
qemu-img resize  $LOCATION/$FILENAME  +20G
echo bootsrtapping qemu image with growfs
qemu-system-x86_64 -m ${VMACHINE[RAM]} -smp ${VMACHINE[CPU]}  -cdrom new.iso -boot order=d -drive file=${LOCATION}/${FILENAME}


echo creating another cdrom 
ROOTFS_VM=/dev/ada0p4

cat > $BUILD/etc/installerconfig << EOJ
#!/bin/sh

echo Custom Install 2

set -x
echo doing manipulation on the host with a chroot
#read -p "debugging the install by launching a promptless shell" TEST
#sh
mount -t tmpfs -o size=1624m tmpfs /tmp
#fsck -y $ROOTFS_VM
mount $ROOTFS_VM /mnt

echo changing rc.conf on the mounted VM
cp /etc/rc.conf /mnt/etc/rc.conf
echo changing boot/loader on the mounted VM
cp /boot/loader.conf.template /mnt/boot/loader.conf
cp -a /skel /mnt/tmp

#echo setting up ZFS >> /etc/motd.template
#service zfs start
#zpool create jails /dev/ada0p5


cat << 'EOP' | chroot /mnt /bin/sh
mount -t devfs devfs /dev

echo 'ifconfig_em0="DHCP"' >> /etc/rc.conf
echo setting up network interfaxce >> /etc/motd.template
service netif restart
echo fixing my broken local dnsmaq using 1.1.1.1
echo making 1.1.1.1 the first dns server
echo 'prepend domain-name-servers 1.1.1.1;' > /etc/dhclient.conf

dhclient em0


ifconfig em0
netstat -nr
sysrc sshd_enabled="YES"
echo ssh automatically starting >> /etc/motd.template
pkg install -y python310
echo installing pip for python3.10 >> /etc/motd.template
echo use ports to have latest python current >> /etc/motd.template
python3.10 -mensurepip
pkg install -y git
echo installing doas and setting user as a root user without pass >> /etc/motd.template
pkg install -y doas
echo "permit nopass user as root" > /usr/local/etc/doas.conf
sync

#portsnap --interactive fetch
#portsnap --interactive extract
#portsnap --interactive update
#sysrc console="comsonsole"

EOJ

cat >> $BUILD/etc/installerconfig << EOQ
#echo bash c installed >> /etc/motd.template

echo 'export TERM=vt100-color' >> /usr/local/etc/profile
echo setting up hostname >> /etc/motd.template
echo 'hostname="freebsd-${VERSION}_${FLAVOUR}"' >> /etc/rc.conf
sync

echo -n '$PASSWORD' | pw useradd -n user -m -G wheel -h 0
echo copying user file in user dir >> /etc/motd.template
chown -R user:user /tmp/skel/*
echo setting up hostname >> /etc/motd.template
cp -a /tmp/skel/* /home/user
cp -a /tmp/skel/.[^.]* /home/user
rm -rf /tmp/skel
sync

echo importing user files >> /etc/motd.template
echo -n '$PASSWORD' | pw usermod root -h 0
echo setting up pwd >> /etc/motd.template
chsh -s /usr/local/bin/bash root
sync

echo setting up pwd >> /etc/motd.template
pkg install -y bash bash-completion

echo installing podman

pkg install -y podman-suite
pkg install -y podman


echo https://podman.io/docs/installation >> /etc/motd.template
sync
echo "fdesc   /dev/fd         fdescfs         rw      0       0" >> /etc/fstab

service podman enable

cp /usr/local/etc/containers/pf.conf.sample /etc/pf.conf

echo mod pf >> /etc/motd.template
sync
perl -i.bak -pe  's/v4egress_if.*=.*/v4egress_if = "em0"/' /etc/pf.conf
perl -i.bak -pe  's/v6egress_if.*=.*/v6egress_if = "em0"/' /etc/pf.conf

echo enabling pf >> /etc/motd.template
service pf enable
echo 'pf_load="YES"' >> /boot/loader.conf
echo 'net.pf.filter_local=1' >> /etc/sysctl.conf.local

sync
echo changing storage to vfs >> /etc/motd.template
sed -I .bak -e 's/driver = "zfs"/driver = "vfs"/' /usr/local/etc/containers/storage.conf


sysrc linux_enable=YES
echo https://github.com/containers/podman/blob/main/troubleshooting.md >> /etc/motd.template

echo 'unqualified-search-registries = ["docker.io"]' >> /usr/local/etc/containers/registries.conf
echo setting up hostname >> /etc/motd.template
rm -rf /var/db/containers/storage

sync
chsh -s /usr/local/bin/bash user

EOP

echo emitting power off to avoir hanigup
sync

poweroff

EOQ

chmod +x $BUILD/etc/installerconfig
echo building the new iso with new layer

volid=$(isoinfo -d -i new2.iso | awk '/Volume id/{print$3}')

growisofs -M new2.iso -input-charset=utf8  -d -l -r -V "$volid" -graft-points /etc/rc.conf=$BUILD/etc/rc.conf /etc/installerconfig=$BUILD/etc/installerconfig /boot/loader.conf.template=$BUILD/boot/loader.conf /skel=$SKEL


qemu-system-x86_64 -m ${VMACHINE[RAM]} -smp ${VMACHINE[CPU]} -cpu host  -machine type=q35,accel=kvm -cdrom new2.iso -boot order=d -drive file=${LOCATION}/${FILENAME} 

echo booting the image
echo creating ./start_${VERSION}_${FLAVOUR}.sh for later convenience
echo qemu-system-x86_64 -m ${VMACHINE[RAM]} -cpu host -no-acpi -machine type=q35,accel=kvm -object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0 -smp ${VMACHINE[CPU]} -nographic ${LOCATION}/${FILENAME} \$\*  > ./start_${VERSION}_${FLAVOUR}.sh
chmod +x ./start_${VERSION}_${FLAVOUR}.sh
./start_${VERSION}_${FLAVOUR}.sh

keymap="$KEYMAP.iso" y a plus besoin du iso depuis vt
pour le loader.conf je metterai uniquement:

autoboot_delay="-1"'
beastie_disable="YES"
loader_logo="none"
console="comconsole,vidconsole"

Dans rc.conf:

hostname="freebsd"
firstboot_freebsd_update_enable=YES
growfs_enable=YES
dumpdev="AUTO"
ifconfig_DEFAULT="SYNCDHCP accept_rtadv"

^_ ^ je teste

Je vais garder le fait de pouvoir utiliser la console série dans le terminal, contrairement à la sortie GUI, ça à l'avantage de supporter le copier coller sans surprises.
(d'où la console série en primaire).

J'ai pas pu tout mettre :)