1
0

Adding my FAI config space into git repo

This commit is contained in:
Jakub Filo 2019-11-02 18:49:13 +00:00
commit 921401a0b1
16 changed files with 585 additions and 0 deletions

13
class/DEBIAN.var Normal file
View File

@ -0,0 +1,13 @@
release=buster
apt_cdn=http://deb.debian.org
security_cdn=http://security.debian.org
CONSOLEFONT=
KEYMAP=us-latin1
# if you have enough RAM (>2GB) you may want to enable this line. It
# also puts /var/cache into a ramdisk.
#FAI_RAMDISKS="$target/var/lib/dpkg $target/var/cache"
# if you want to use the faiserver as APT proxy
#APTPROXY=http://faiserver:3142

8
debconf/DEBIAN Normal file
View File

@ -0,0 +1,8 @@
locales locales/default_environment_locale select en_US.UTF-8
locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8
keyboard-configuration keyboard-configuration/modelcode string pc105
keyboard-configuration keyboard-configuration/xkb-keymap select us
keyboard-configuration keyboard-configuration/variant select USA
keyboard-configuration keyboard-configuration/model select Generic 105-key (Intl) PC
keyboard-configuration keyboard-configuration/layoutcode string us
keyboard-configuration keyboard-configuration/optionscode string ctrl:nocaps,terminate:ctrl_alt_bksp

11
hooks/mountdisks.DEFAULT Executable file
View File

@ -0,0 +1,11 @@
#! /bin/bash
# stop resync of soft raid
# why though?
# FAI SUCKS
if [ $do_init_tasks -eq 1 ]; then
if grep -q active /proc/mdstat 2>/dev/null; then
echo "frozen" | tee /sys/block/md*/md/sync_action >/dev/null
fi
fi
exit 0

216
hooks/savelog.LAST.sh Executable file
View File

@ -0,0 +1,216 @@
#! /bin/bash
# parse all log files for error messages
# print errors and warnings found to error.log
# WARNING: This will only work with english error messages!
errfile=$LOGDIR/error.log
# Define grep patterns. Do not start or end with an empty line!
globalerrorpatterns="error
fail
warn
bad
bad
no space
syntax
Couldn't stat
Cannot access
conflict
is bigger than the limit
did not exist
non existent
not found
couldn't
can't
E: Sorry, broken packages
^E:
operator expected
ambiguous redirect
No previous regular expression
No such
Device or resource busy
unknown option
[a-z]\+\.log:E:
No candidate version found
segfault
Couldn't find any package whose name or description matched
cannot create
The following packages have unmet dependencies"
globalignorepatterns="[a-z]\+\.log:#
Error: Driver 'pcspkr' is already registered, aborting
: bytes packets errors dropped
:+ error=0
:+ trap error=
task_error_func=
STOP_ON_ERROR=
courier-webadmin
plugins-bad
Enabling conf localized-error-pages
ibwebadmin
kernel-patch-badram
kolab-webadmin
kolabadmin
gstreamer.\+-plugins-really-bad
liberrors.so
liberrors-samba
libsamba-errors
gsambad
libad
libtest-nowarnings-perl
libtest-warn-perl
libclass-errorhandler-perl
zope-ploneerrorreporting
libroxen-errormessage
liberror-perl
libgpg-error-dev
libgpg-error0
Opts:.\+errors=remount
[RT]X packets:
WARNING: unexpected IO-APIC
warned about = ( )
daemon.warn
kern.warn
rw,errors=
Expect some cache
no error
failmsg
RPC call returned error 101
deverror.out
(floppy), sector 0
mount version older than kernel
Can't locate module
Warning only .\+MB will be used.
hostname: Host name lookup failure
I can't tell the difference.
warning, not much extra random data, consider using the -rand option
confC._FILE
Warning: 3 database(s) sources
were not found, (but were created)
removing exim
The home dir you specified already exists.
No Rule for /usr/lib/ispell/default.hash.
/usr/sbin/update-fonts-.\+: warning: absolute path
hostname: Unknown server error
EXT2-fs warning: checktime reached
RPC: sendmsg returned error 101
can't print them to stdout. Define these classes
warning: downgrading
suppress emacs errors
echo Error:
Can't open dependencies file
documents in /usr/doc are no longer supported
if you have both a SCSI and an IDE CD-ROM
Warning: /proc/ide/hd?/settings interface is obsolete, and will be removed soon
Monitoring disabled
Error: only one processor found.
Error Recovery Strategy:
sector 0 does not have an
syslogin_perform_logout: logout() returned an error
grub is not in an XFS filesystem.
grub-install: line 374:
grub-probe: error: Cannot open \`/boot/grub/device.map'
is harmless
not updating .\+ font directory data.
register_serial(): autoconfig failed
Fontconfig error: Cannot load default config file
asking for cache data failed
However, I can not read the target:
Warning: The partition table looks like it was made
task_error=0
task_local_error=0
^info: Trying to set
warning: /usr/lib/X11/fonts
can't read /etc/udev/rules.d/z25_persistent-net.rules
/cow': No such file or directory
Dummy start-stop-daemon called
X: bytes packets errors
ACPI Error
ACPI Warning
AE_NOT_FOUND
conflicts with ACPI region
cannot stat \`/etc/modprobe.d/\*.conf'
cdrom: open failed.
libgpg-error
process \`kudzu' used the deprecated sysctl system call
PM: Resume from disk failed
JBD: barrier-based sync failed
aufs: module is from the staging directory, the quality is unknown
warning: linuxlogo stop runlevel arguments (none) do not match
insserv: warning: script .\+ missing LSB tags and overrides
live-premount.\+ If this fails
cannot read table of mounted file systems
error: no alternatives for
ERST: Error Record Serialization Table (ERST) support is initialized
ERST: Table is not found
HEST: Table not found
failed to stat /dev/pts
Failed to connect to socket /var/run/dbus/system_bus_socket
fail to add MMCONFIG information
can't initialize iptables table
can't initialize ip6tables table
Authentication warning overridden
41-warning.sh
PCCT header not found
Download is performed unsandboxed as root as file
update-alternatives: warning: skip creation of
loop: module verification failed: signature
Warning: apt-key output should not be parsed
WARNING: Failed to connect to lvmetad. Falling back to device scanning
Warning: The home dir /var/lib/usbmux you specified
diff: /var/lib/apparmor/profiles/.apparmor.md5sums: No such file or directory
error reporting disabled
Enabling Firmware First mode for corrected errors
errors: 0
0 errors
Memory Error Correction:
Memory Controller 0 - Channel . Error
IIO RAS/Control Status/Global Errors
__stack_chk_fail
grub.cfg.new: Directory nonexistent
can't derive routing for PCI INT A
failed to load isci/isci_firmware.bin
Direct firmware load for isci/isci_firmware.bin failed with error
Loading user firmware failed, using default values
stunnel4 you specified can't be accessed: No such file or directory
install-docs --verbose --check file_name' may give more details about the above errors
cannot open '/etc/ssl/certs/java/cacerts' for reading: No such file or directory
update-rc.d: warning: start and stop actions are no longer supported"
# add pattern on some conditions
if [ -n $FAI_ALLOW_UNSIGNED ] ; then
globalignorepatterns="$globalignorepatterns
WARNING: untrusted versions
WARNING: The following packages cannot be authenticated
Ignoring these trust violations"
fi
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Here you can define your own patterns. Put one pattern in a line,
# do not create empty lines.
myerrorpatterns="X_X-X_XX"
myignorepatterns="X_X-X_XX"
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# The main routine
errorpatterns="$globalerrorpatterns
$myerrorpatterns"
ignorepatterns="$globalignorepatterns
$myignorepatterns"
cd $LOGDIR || exit 3
if [ -s $errfile ]; then
echo "Errorfile already exists. Aborting." >&2
exit
fi
grep -i "$errorpatterns" *.log | grep -vi "$ignorepatterns" > $errfile
if [ X$verbose = X1 ]; then
egrep -v '^software.log:' $errfile > $LOGDIR/tempfile
mv $LOGDIR/tempfile $errfile
fi
if [ -s $errfile ]; then
echo "ERRORS found in log files. See $errfile" >&2
else
echo "Congratulations! No errors found in log files."
fi

10
hooks/setup.DEFAULT.sh Executable file
View File

@ -0,0 +1,10 @@
#! /bin/bash
# use short hostname instead of FQDN
# otherwise it gets fucked up
# FAI doesn't start
# FAI SUCKS
export HOSTNAME=${HOSTNAME%%.*}
if [ $do_init_tasks -eq 1 ]; then
echo $HOSTNAME > /proc/sys/kernel/hostname
fi

34
package_config/DEBIAN Normal file
View File

@ -0,0 +1,34 @@
PACKAGES install-norec
# only installs bare minimum needed for ansible to work
openssh-client
openssh-server
time
procinfo
locales
console-setup
kbd
sudo
python
PACKAGES install I386
linux-image-686-pae
memtest86+
PACKAGES install CHROOT
linux-image-686-pae-
linux-image-amd64-
PACKAGES install AMD64
linux-image-amd64
memtest86+
PACKAGES install ARM64
grub-efi-arm64
linux-image-arm64
PACKAGES install GRUB_PC
grub-pc
PACKAGES install GRUB_EFI_CRYPTO
grub-efi

BIN
package_config/DEBIAN.gpg Normal file

Binary file not shown.

View File

@ -0,0 +1,5 @@
PACKAGES install
mdadm
lvm2
cryptsetup

8
scripts/DEBIAN/10-rootpw Executable file
View File

@ -0,0 +1,8 @@
#! /bin/bash
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
$ROOTCMD usermod -L root
exit $error

22
scripts/DEBIAN/20-capabilities Executable file
View File

@ -0,0 +1,22 @@
#!/bin/bash
#
# Capabilities get lost when creating the fai base.tar.xz image.
# Restore them here.
#
set -e
if [ ! -x $target/sbin/setcap ] ; then
exit 0
fi
for FILE in /bin/ping /bin/ping6 /usr/bin/fping /usr/bin/fping6; do
if [ -x $target/$FILE -a ! -h $target/$FILE ] ; then
if $ROOTCMD /sbin/setcap cap_net_raw+ep $FILE; then
echo "Setcap worked! $FILE is not suid!"
fi
fi
done
if [ -x $target/usr/bin/systemd-detect-virt ] ; then
$ROOTCMD /sbin/setcap cap_dac_override,cap_sys_ptrace+ep /usr/bin/systemd-detect-virt
fi

118
scripts/DEBIAN/30-interface Executable file
View File

@ -0,0 +1,118 @@
#! /bin/bash
netplan_yaml() {
# network configuration using ubuntu's netplan.io
local IFNAME="$1"
local METHOD="$2"
echo "Generating netplan configuration for $IFNAME ($METHOD)" >&2
echo "# generated by FAI"
echo "network:"
echo " version: 2"
echo " renderer: $RENDERER"
case "$RENDERER" in
networkd)
echo " ethernets:"
echo " $IFNAME:"
case "$METHOD" in
dhcp)
echo " dhcp4: true"
;;
static)
echo " addresses: [$CIDR]"
echo " gateway4: $GATEWAYS_1"
echo " nameservers:"
echo " search: [$DOMAIN]"
echo " addresses: [${DNSSRVS// /, }]"
;;
esac
esac
}
iface_stanza() {
# classic network configuration using /etc/network/interfaces
local IFNAME="$1"
local METHOD="$2"
echo "Generating interface configuration for $IFNAME ($METHOD)" >&2
echo "# generated by FAI"
echo "auto $IFNAME"
echo "iface $IFNAME inet $METHOD"
case "$METHOD" in
static)
echo " address $IPADDR"
echo " netmask $NETMASK"
echo " broadcast $BROADCAST"
echo " gateway $GATEWAYS"
;;
esac
}
newnicnames() {
# determine predictable network names only for stretch and above
[ $do_init_tasks -eq 0 ] && return
[ -z "$NIC1" ] && return
ver=$($ROOTCMD dpkg-query --showformat='${Version}' --show udev)
if dpkg --compare-versions $ver lt 220-7; then
return
fi
fields="ID_NET_NAME_FROM_DATABASE ID_NET_NAME_ONBOARD ID_NET_NAME_SLOT ID_NET_NAME_PATH"
for field in $fields; do
name=$(udevadm info /sys/class/net/$NIC1 | sed -rn "s/^E: $field=(.+)/\1/p")
if [[ $name ]]; then
NIC1=$name
break
fi
done
if [[ ! $name ]]; then
echo "$0: error: could not find systemd predictable network name. Using $NIC1."
fi
}
if [ -z "$NIC1" ]; then
echo "WARNING: \$NIC1 is not defined. Cannot add ethernet to /etc/network/interfaces."
fi
CIDR=$(ip -o -f inet addr show $NIC1 | awk '{print $4}')
newnicnames
case "$FAI_ACTION" in
install|dirinstall)
ifclass DHCPC && METHOD=dhcp || METHOD=static
ifclass XORG && RENDERER=NetworkManager || RENDERER=networkd
if [ -d $target/etc/netplan ]; then
# Ubuntu >= 17.10 with netplan.io
if [ -n "$NIC1" ]; then
netplan_yaml $NIC1 $METHOD > $target/etc/netplan/01-${NIC1}.yaml
fi
elif [ -d $target/etc/network/interfaces.d ]; then
# ifupdown >= 0.7.41 (Debian >= 8, Ubuntu >= 14.04)
iface_stanza lo loopback > $target/etc/network/interfaces.d/lo
if [ -n "$NIC1" -a ! -f $target/etc/NetworkManager/NetworkManager.conf ]; then
iface_stanza $NIC1 $METHOD > $target/etc/network/interfaces.d/$NIC1
fi
else
(
iface_stanza lo loopback
iface_stanza $NIC1 $METHOD
) > $target/etc/network/interfaces
fi
if ! ifclass DHCPC ; then
[ -n "$NETWORK" ] && echo "localnet $NETWORK" > $target/etc/networks
if [ ! -L $target/etc/resolv.conf -a -e /etc/resolv.conf ]; then
cp -p /etc/resolv.conf $target/etc
fi
fi
;;
esac
# here fcopy is mostly used, when installing a client for running in a
# different subnet than during the installation
fcopy -iM /etc/resolv.conf
fcopy -iM /etc/network/interfaces /etc/networks
exit $error

39
scripts/DEBIAN/40-misc Executable file
View File

@ -0,0 +1,39 @@
#! /bin/bash
# (c) Thomas Lange, 2001-2016, lange@debian.org
# (c) Michael Goetze, 2010-2011, mgoetze@mgoetze.net
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
echo $TIMEZONE > $target/etc/timezone
if [ -L $target/etc/localtime ]; then
ln -sf /usr/share/zoneinfo/${TIMEZONE} $target/etc/localtime
else
cp -f /usr/share/zoneinfo/${TIMEZONE} $target/etc/localtime
fi
hostname -s > $target/etc/hostname
if [ ! -e $target/etc/adjtime ]; then
printf "0.0 0 0.0\n0\nUTC\n" > $target/etc/adjtime
fi
if [ "$UTC" = "yes" ]; then
sed -i -e 's:^LOCAL$:UTC:' $target/etc/adjtime
else
sed -i -e 's:^UTC$:LOCAL:' $target/etc/adjtime
fi
# make sure a machine-id exists
if [ ! -f $target/etc/machine-id ]; then
> $target/etc/machine-id
fi
# recreate machine-id if the file is empty
if [ X"$(stat -c '%s' $target/etc/machine-id 2>/dev/null)" = X0 -a -f /bin/systemd-machine-id-setup ]; then
$ROOTCMD systemd-machine-id-setup
fi
ln -fs /proc/mounts $target/etc/mtab
rm -f $target/etc/dpkg/dpkg.cfg.d/fai $target/etc/dpkg/dpkg.cfg.d/unsafe-io
exit $error

View File

@ -0,0 +1,74 @@
#! /bin/bash
# support for GRUB version 2
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
# This script assumes that the disk has a GPT partition table and
# that the extended system partition (ESP) is mounted on /boot/efi.
# When building a disk image, we don't change the NVRAM to point at
# the boot image we made available, because the disk image is likely
# not installed on the current system. As a result, we force
# installation into the removable media paths as well as the standard
# debian path.
set -a
# do not set up grub during dirinstall
if [ "$FAI_ACTION" = "dirinstall" ] ; then
exit 0
fi
# during softupdate use this file
[ -r $LOGDIR/disk_var.sh ] && . $LOGDIR/disk_var.sh
if [ -z "$BOOT_DEVICE" ]; then
exit 189
fi
# disable os-prober because of #788062
echo "GRUB_DISABLE_OS_PROBER" >> /etc/default/grub
# enable cryptodisk
echo "GRUB_ENABLE_CRYPTODISK=y" >> $target/etc/default/grub.d/crypto.cfg
# skip the rest, if not an initial installation
if [ $FAI_ACTION != "install" ]; then
$ROOTCMD update-grub
exit $error
fi
GROOT=$($ROOTCMD grub-probe -tdrive -d $BOOT_DEVICE)
# handle /boot in lvm-on-md
_bdev=$(readlink -f $BOOT_DEVICE)
if [ "${_bdev%%-*}" = "/dev/dm" ]; then
BOOT_DEVICE=$( lvs --noheadings -o devices $BOOT_DEVICE | sed -e 's/^*\([^(]*\)(.*$/\1/' )
fi
# override this, it doesn't work correctly for lvm on luks on raid
BOOT_DEVICE="/dev/md0"
# Check if RAID is used for the boot device
if [[ $BOOT_DEVICE =~ '/dev/md' ]]; then
raiddev=${BOOT_DEVICE#/dev/}
# install grub on all members of RAID
for device in `LC_ALL=C perl -ne 'if(/^'$raiddev'\s.+raid\d+\s(.+)/){ $_=$1; s/\d+\[\d+\]//g; print }' /proc/mdstat`; do
echo Install grub on /dev/$device
$ROOTCMD grub-install --no-floppy --force-extra-removable "/dev/$device"
done
elif [[ $BOOT_DEVICE =~ '/dev/loop' ]]; then
# do not update vmram when using a loop device
$ROOTCMD grub-install --no-floppy --force-extra-removable --modules=part_gpt --no-nvram $BOOT_DEVICE
if [ $? -eq 0 ]; then
echo "Grub installed on hostdisk $BOOT_DEVICE"
fi
else
$ROOTCMD grub-install --no-floppy --modules=part_gpt "$GROOT"
if [ $? -eq 0 ]; then
echo "Grub installed on $BOOT_DEVICE = $GROOT"
fi
fi
$ROOTCMD update-grub
exit $error

View File

@ -0,0 +1,20 @@
#! /bin/bash
# (c) Thomas Lange, 2001-2017, lange@debian.org
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
echo "SETUP USER: $username";
# add additional user account
if [ -n "$username" ]; then
if ! $ROOTCMD getent passwd $username ; then
$ROOTCMD adduser --disabled-login --gecos "$username user" $username
$ROOTCMD usermod -p "$USERPW" $username
userdir=$($ROOTCMD getent passwd "$username" | cut -d: -f6 )
for g in $groups; do
$ROOTCMD adduser $username $g
done
fi
fi

View File

@ -0,0 +1,3 @@
#!/bin/sh
echo "$username ALL=(ALL:ALL) NOPASSWD: ALL" >> /target/etc/sudoers.d/user_nopasswd

View File

@ -0,0 +1,4 @@
#!/bin/sh
mkdir $target/home/$username/.ssh;
echo "$SSHKEY" > $target/home/$username/.ssh/authorized_keys;