Spotter-VM/01-basic.sh

52 lines
1.6 KiB
Bash
Executable File

#!/bin/sh
SOURCE_DIR=$(realpath $(dirname "${0}"))/basic
# Install packages
apk --no-cache add docker gettext git htop kbd-misc libressl openssh-server openssh-sftp-server postfix nginx
# Copy profile files and settings
mkdir /root/.ssh
mkdir -p /root/.config/htop
cp ${SOURCE_DIR}/root/.ssh/authorized_keys /root/.ssh/authorized_keys
cp ${SOURCE_DIR}/root/.config/htop/htoprc /root/.config/htop/htoprc
# Copy boot configuration
cp ${SOURCE_DIR}/boot/extlinux.conf /boot/extlinux.conf
# Forbid login on tty1, disable tty2-6
cp ${SOURCE_DIR}/etc/inittab /etc/inittab
# Enable support for Czech characters
cp ${SOURCE_DIR}/etc/rc.conf /etc/rc.conf
cp ${SOURCE_DIR}/etc/conf.d/consolefont /etc/conf.d/consolefont
rc-update add consolefont boot
# Set legal banner with URL
cp ${SOURCE_DIR}/etc/issue.template /etc/issue.template
cp ${SOURCE_DIR}/sbin/issue-gen /sbin/issue-gen
# Configure Postfix
cp ${SOURCE_DIR}/etc/postfix/main.cf /etc/postfix/main.cf
# Create a self-signed certificate
mkdir /etc/ssl/private
openssl req -x509 -new -out /etc/ssl/certs/services.pem -keyout /etc/ssl/private/services.key -nodes -days 3654 -subj "/C=CZ/CN=$(hostname -f)"
chmod 640 /etc/ssl/private/services.key
# Configure nginx
cp ${SOURCE_DIR}/etc/nginx/nginx.conf /etc/nginx/nginx.conf
cp ${SOURCE_DIR}/etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf
# Copy Portal resources
cp ${SOURCE_DIR}/usr/local/bin/portal-app-manager /usr/local/bin/portal-app-manager
cp -r ${SOURCE_DIR}/srv/portal /srv/portal
# Configure services
for SERVICE in docker nginx postfix sshd; do
rc-update add ${SERVICE} boot
service ${SERVICE} start
done
# TODO: Hide OpenRC output