This repository has been archived by the owner on May 1, 2021. It is now read-only.
/
instructions.sh
201 lines (158 loc) · 5.41 KB
/
instructions.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
# To create an Arch AMI from scratch, inside another Arch instance
pacman --noconfirm -Syu
pacman --noconfirm -Syu
pacman --noconfirm -S ruby unzip rsync lzma cpio
pacman --noconfirm -Sc
mount -t ext3 /dev/sda2 /mnt
wget http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.zip
unzip ec2-ami-tools.zip
mv ec2-ami-tools-* ec2-ami-tools
export EC2_AMITOOL_HOME="$(pwd)/ec2-ami-tools"
### Desired
# curl - needed for the initscripts that download the pubkey
### Required
# openssh - necessary to SSH in
# filesystem - base filesystem package
# dcron - cron scheduling
# dhcpcd - for network access
# gawk - alternative dependency for initscripts
# util-linux-ng - Piles of UNIX tools I don’t want to get rid of (see:
# http://freshmeat.net/projects/util-linux/)
# initscripts - necessary for system boot
# iputils - ping
# licenses - fairly sure I’m legally required to include this
# logrotate - intelligent to have everywhere
# module-init-tools - modprobe, etc - needed to utilize modules
# pacman - to install anything we don’t include
# procps - ps, top, kill
# psmisc - killall (initscripts)
# syslog-ng - system logging
PACKS="bash coreutils openssh curl filesystem dcron dhcpcd gawk \
util-linux-ng initscripts iputils licenses logrotate module-init-tools \
pacman procps psmisc syslog-ng"
TYPE="Nucleus"
RELEASE="2"
ARCH="i386"
AARCH="i686"
NAME="ArchLinux-$ARCH-$TYPE-$RELEASE"
ROOT="/mnt/$NAME.root"
cat <<EOF > fstab
/dev/sda1 / ext3 defaults 1 1
#/dev/sda2 /mnt ext3 defaults 0 0
/dev/sda3 swap swap defaults 0 0
#/dev/sdb /mnt/store-1 ext3 defaults 0 0
#/dev/sdc /mnt/store-2 ext3 defaults 0 0
#/dev/sdd /mnt/store-3 ext3 defaults 0 0
#/dev/sde /mnt/store-4 ext3 defaults 0 0
### EBS Volumes ###
none /proc proc defaults 0 0
none /sys sysfs defaults 0 0
none /dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
EOF
cat <<EOF > pacman.conf
[options]
HoldPkg = pacman glibc
SyncFirst = pacman
[core]
Server = http://mirror.cs.vt.edu/pub/ArchLinux/\$repo/os/$AARCH
Server = http://mirror.umoss.org/archlinux/\$repo/os/$AARCH
Server = http://mirror.rit.edu/archlinux/\$repo/os/$AARCH
Server = http://mirrors.gigenet.com/archlinux/\$repo/os/$AARCH
Include = /etc/pacman.d/mirrorlist
[extra]
Server = http://mirror.cs.vt.edu/pub/ArchLinux/\$repo/os/$AARCH
Server = http://mirror.umoss.org/archlinux/\$repo/os/$AARCH
Server = http://mirror.rit.edu/archlinux/\$repo/os/$AARCH
Server = http://mirrors.gigenet.com/archlinux/\$repo/os/$AARCH
Include = /etc/pacman.d/mirrorlist
[community]
Server = http://mirror.cs.vt.edu/pub/ArchLinux/\$repo/os/$AARCH
Server = http://mirror.umoss.org/archlinux/\$repo/os/$AARCH
Server = http://mirror.rit.edu/archlinux/\$repo/os/$AARCH
Server = http://mirrors.gigenet.com/archlinux/\$repo/os/$AARCH
Include = /etc/pacman.d/mirrorlist
EOF
mkdir -p "$ROOT"
mkdir "$ROOT/etc/"
mkdir "$ROOT/sys" ; mount -t sysfs sysfs "$ROOT/sys"
mkdir "$ROOT/proc" ; mount -t proc proc "$ROOT/proc"
mkdir "$ROOT/dev" ; mount -o bind /dev "$ROOT/dev"
mkdir -p "$ROOT/var/lib/pacman/"
mkdir -p "$ROOT/var/cache/pacman" ; mount -o bind {,"$ROOT"}"/var/cache/pacman"
pacman --noconfirm --noprogressbar --config=pacman.conf \
--root="$ROOT" --cachedir=/var/cache/pacman/pkg \
-Sy
pacman --noconfirm --noprogressbar --config=pacman.conf \
--root="$ROOT" --cachedir=/var/cache/pacman/pkg \
-S $PACKS
ldconfig -r "$ROOT"
# Do we need to do this?
cp {,"$ROOT/etc/"}"pacman.conf"
cp {,"$ROOT"}"/etc/locale.gen"
cat <<EOF > $ROOT/etc/rc.conf
#
# /etc/rc.conf - Main Configuration for Arch Linux
#
LOCALE="en_US.UTF-8"
HARDWARECLOCK="UTC"
USEDIRECTISA="no"
TIMEZONE="UTC"
KEYMAP="us"
USECOLOR="no"
MOD_AUTOLOAD="yes"
USELVM="no"
HOSTNAME="myhost"
eth0="dhcp"
INTERFACES=(eth0)
ROUTES=()
DAEMONS=(syslog-ng network crond sshd)
EOF
cat <<EOF > $ROOT/etc/hosts.deny
#
# /etc/hosts.deny
#
# End of file
EOF
cat <<EOF >> $ROOT/etc/rc.local
killall nash-hotplug
if [ -f /root/firstboot ]; then
mkdir /root/.ssh
curl --retry 3 --retry-delay 5 --silent --fail -o /root/.ssh/authorized_keys http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key
if curl --retry 3 --retry-delay 5 --silent --fail -o /root/user-data http://169.254.169.254/1.0/user-data; then
bash /root/user-data
fi
rm -f /root/user-data /root/firstboot
fi
EOF
cat <<EOF > $ROOT/etc/inittab
#
# /etc/inittab
#
id:3:initdefault:
rc::sysinit:/etc/rc.sysinit
rs:S1:wait:/etc/rc.single
rm:2345:wait:/etc/rc.multi
rh:06:wait:/etc/rc.shutdown
su:S:wait:/sbin/sulogin -p
ca::ctrlaltdel:/sbin/shutdown -t3 -r now
# End of file
EOF
sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/" $ROOT/etc/ssh/sshd_config
sed -i "s/#UseDNS yes/UseDNS no/" $ROOT/etc/ssh/sshd_config
touch $ROOT/root/firstboot
cd $ROOT/lib/modules
curl -s http://static.iphash.net/ec2/$ARCH/2.6.21.7-2.fc8xen.cpio.lzma | lzma -d | cpio -idmv
cd -
umount "$ROOT/"{"proc","sys","dev","var/cache/pacman"}
./ec2-ami-tools/bin/ec2-bundle-vol \
--cert /tmp/cert-*.pem --privatekey /tmp/pk-*.pem \
--user "$(cat /tmp/account_number)" \
--arch $ARCH --kernel aki-a71cf9ce --ramdisk ari-a51cf9cc \
--size 10240 --fstab fstab --volume $ROOT --no-inherit \
--destination "/mnt" --prefix "$NAME" --batch --debug
./ec2-ami-tools/bin/ec2-upload-bundle \
--access-key "$(cat /tmp/access_key)" --secret-key "$(cat /tmp/secret_key)" \
--bucket "arch-linux" \
--manifest "/mnt/${NAME}.manifest.xml" --batch --debug --retry
rm -rf /mnt/$NAME*