Bump Alpine VM to 3.15

This commit is contained in:
Disassembler 2021-12-20 14:12:16 +01:00
parent 5d4e4c3dae
commit 5ebac252b3
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
6 changed files with 15 additions and 39 deletions

23
vm.sh
View File

@ -14,8 +14,8 @@ echo
# Set up repositories
cat <<EOF >/etc/apk/repositories
http://dl-cdn.alpinelinux.org/alpine/v3.13/main
http://dl-cdn.alpinelinux.org/alpine/v3.13/community
http://dl-cdn.alpinelinux.org/alpine/v3.15/main
http://dl-cdn.alpinelinux.org/alpine/v3.15/community
EOF
# Install disk management tools
@ -35,10 +35,6 @@ p
2
t
2
8e
w
EOF
# Set up partition encryption
@ -72,12 +68,8 @@ UUID=${BOOT_UUID} /boot ext4 rw,noatime,data=ordered 0 2
EOF
echo "system UUID=${CRYPT_UUID} none luks" >/mnt/etc/crypttab
# Rebuild initfs
sed -i 's/lvm/lvm cryptsetup/' /mnt/etc/mkinitfs/mkinitfs.conf
mkinitfs -c /mnt/etc/mkinitfs/mkinitfs.conf -b /mnt $(ls /mnt/lib/modules)
# Update extlinux (ignore the errors)
sed -i "s/rootfstype=ext4/rootfstype=ext4 cryptroot=UUID=${CRYPT_UUID} cryptdm=system/" /mnt/etc/update-extlinux.conf
sed -i "s/crypdm=root/cryptdm=system/" /mnt/etc/update-extlinux.conf
chroot /mnt update-extlinux
sed -i 's/overwrite=1/overwrite=0/' /mnt/etc/update-extlinux.conf
@ -89,11 +81,16 @@ apk --no-cache add apache2-utils gettext
wget https://repo.spotter.cz/vm.tar.gz -O - | tar xzf - -C /mnt
envsubst </mnt/boot/extlinux.conf >/mnt/boot/extlinux.conf.new
mv /mnt/boot/extlinux.conf.new /mnt/boot/extlinux.conf
chroot /mnt apk --no-cache add ca-certificates curl e2fsprogs-extra gettext iptables kbd-misc logrotate postfix nginx openssh-server openssh-sftp-server util-linux podman@edgecommunity spoc@spotter vmmgr@spotter
chroot /mnt apk --no-cache add ca-certificates curl e2fsprogs-extra gettext kbd-misc logrotate postfix nginx openssh-server openssh-sftp-server util-linux podman spoc@spotter vmmgr@spotter
chroot /mnt newaliases
for SERVICE in consolefont crond iptables networking nginx ntpd podman postfix spoc swap urandom vmmgr; do
# Enable services
for SERVICE in cgroups consolefont crond networking nginx ntpd postfix spoc swap urandom vmmgr; do
ln -s /etc/init.d/${SERVICE} /mnt/etc/runlevels/boot
done
# Configure spoc and vmmgr
chroot /mnt adduser -D spoc
ADMINPWD=$(htpasswd -bnBC 10 '' "${ENCPWD}" | tr -d ':\n' | sed 's/$2y/$2b/') envsubst </mnt/etc/vmmgr/config.json >/mnt/etc/vmmgr/config.json.new
mv /mnt/etc/vmmgr/config.json.new /mnt/etc/vmmgr/config.json

View File

@ -1,5 +1,3 @@
http://dl-cdn.alpinelinux.org/alpine/v3.13/main
http://dl-cdn.alpinelinux.org/alpine/v3.13/community
@edge http://dl-cdn.alpinelinux.org/alpine/edge/main
@edgecommunity http://dl-cdn.alpinelinux.org/alpine/edge/community
@spotter https://repo.spotter.cz/alpine/v3.13/apk
http://dl-cdn.alpinelinux.org/alpine/v3.15/main
http://dl-cdn.alpinelinux.org/alpine/v3.15/community
@spotter https://repo.spotter.cz/alpine/v3.15/apk

View File

@ -1,14 +0,0 @@
# /etc/conf.d/iptables
# Location in which iptables initscript will save set rules on
# service shutdown
IPTABLES_SAVE="/etc/iptables/rules-save"
# Options to pass to iptables-save and iptables-restore
SAVE_RESTORE_OPTIONS="-c"
# Save state on stopping iptables
SAVE_ON_STOP="no"
# Enable/disable IPv4 forwarding with the rules
IPFORWARD="yes"

View File

@ -1,7 +0,0 @@
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
[0:0] -A POSTROUTING -o eth0 -j MASQUERADE
COMMIT

1
vm/etc/subgid Normal file
View File

@ -0,0 +1 @@
spoc:100000:65536

1
vm/etc/subuid Normal file
View File

@ -0,0 +1 @@
spoc:100000:65536