sortix-mirror/tix/tix-iso-liveconfig
2023-05-15 23:25:19 +02:00

212 lines
6.2 KiB
Bash
Executable file

#!/bin/sh
# Copyright (c) 2017, 2022 Jonas 'Sortie' Termansen.
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#
# tix-iso-liveconfig
# Generate configuration files for customizing the live environment.
set -e
autoinstall=
autoupgrade=
daemons=
directory=
hostname=
kblayout=
operand=1
root_ssh_authorized_keys=
root_ssh_config=
root_ssh_keygen=false
root_ssh_known_hosts=
ssh_config=
sshd_config=
sshd_keygen=false
sshd_key_known_hosts_file=
sshd_key_known_hosts_hosts=
videomode=
dashdash=
previous_option=
for argument do
if test -n "$previous_option"; then
eval $previous_option=\$argument
previous_option=
continue
fi
case $argument in
*=?*) parameter=$(expr "X$argument" : '[^=]*=\(.*\)' || true) ;;
*=) parameter= ;;
*) parameter=yes ;;
esac
case $dashdash$argument in
--) dashdash=yes ;;
--autoinstall=*) autoinstall=$parameter ;;
--autoinstall) previous_option=autoinstall ;;
--autoupgrade=*) autoupgrade=$parameter ;;
--autoupgrade) previous_option=autoupgrade ;;
--daemons=*) daemons=$parameter ;;
--daemons) previous_option=daemons ;;
--hostname=*) hostname=$parameter ;;
--hostname) previous_option=hostname ;;
--kblayout=*) kblayout=$parameter ;;
--kblayout) previous_option=kblayout ;;
--root-ssh-authorized-keys=*) root_ssh_authorized_keys=$parameter ;;
--root-ssh-authorized-keys) previous_option=root_ssh_authorized_keys ;;
--root-ssh-config=*) root_ssh_config=$parameter ;;
--root-ssh-config) previous_option=root_ssh_config ;;
--root-ssh-keygen) root_ssh_keygen=true ;;
--root-ssh-known-hosts=*) root_ssh_known_hosts=$parameter ;;
--root-ssh-known-hosts) previous_option=root_ssh_known_hosts ;;
--ssh-config=*) ssh_config=$parameter ;;
--ssh-config) previous_option=ssh_config ;;
--sshd-config=*) sshd_config=$parameter ;;
--sshd-config) previous_option=sshd_config ;;
--sshd-keygen) sshd_keygen=true ;;
--sshd-key-known-hosts-file=*) sshd_key_known_hosts_file=$parameter ;;
--sshd-key-known-hosts-file) previous_option=sshd_key_known_hosts_file ;;
--sshd-key-known-hosts-hosts=*) sshd_key_known_hosts_hosts=$parameter ;;
--sshd-key-known-hosts-hosts) previous_option=sshd_key_known_hosts_hosts ;;
--videomode=*) videomode=$parameter ;;
--videomode) previous_option=videomode ;;
-*) echo "$0: unrecognized option $argument" >&2
exit 1 ;;
*)
if [ $operand = 1 ]; then
directory="$argument"
operand=2
else
echo "$0: unexpected extra operand $argument" >&2
exit 1
fi
;;
esac
done
if test -n "$previous_option"; then
echo "$0: option '$argument' requires an argument" >&2
exit 1
fi
if test -z "$directory"; then
echo "$0: No directory was specified" >&2
exit 1
fi
mkdir -p "$directory"
if [ -n "$autoinstall" ]; then
mkdir -p -- "$directory/etc"
cp -- "$autoinstall" "$directory/etc/autoinstall.conf"
fi
if [ -n "$autoupgrade" ]; then
mkdir -p -- "$directory/etc"
cp -- "$autoupgrade" "$directory/etc/autoupgrade.conf"
fi
if [ -n "$daemons" ]; then
mkdir -p -- "$directory/etc/init"
true > "$directory/etc/init/local"
for daemon in $daemons; do
printf "require %s optional\n" "$daemon" >> "$directory/etc/init/local"
done
fi
if [ -n "$hostname" ]; then
mkdir -p -- "$directory/etc"
printf "%s\n" "$hostname" > "$directory/etc/hostname"
else
hostname=sortix
fi
if [ -n "$kblayout" ]; then
mkdir -p -- "$directory/etc"
printf "%s\n" "$kblayout" > "$directory/etc/kblayout"
fi
if [ -n "$videomode" ]; then
mkdir -p -- "$directory/etc"
printf "%s\n" "$videomode" > "$directory/etc/videomode"
fi
if [ -n "$ssh_config" ]; then
mkdir -p -- "$directory/etc"
cp -- "$ssh_config" "$directory/etc/ssh_config"
fi
if [ -n "$sshd_config" ]; then
mkdir -p -- "$directory/etc"
cp -- "$sshd_config" "$directory/etc/sshd_config"
fi
if $sshd_keygen; then
mkdir -p -- "$directory/etc"
for keytype in rsa ecdsa ed25519; do
if [ ! -e "$directory/etc/ssh_host_${keytype}_key" ]; then
ssh-keygen -t $keytype -f "$directory/etc/ssh_host_${keytype}_key" -N "" \
-C "root@$hostname"
fi
done
for keytype in rsa ecdsa ed25519; do
ssh-keygen -l -f "$directory/etc/ssh_host_${keytype}_key"
done
fi
if [ -n "$sshd_key_known_hosts_file" ]; then
known_hosts_tmp=$(mktemp)
for host in $sshd_key_known_hosts_hosts; do
for keytype in rsa ecdsa ed25519; do
if [ ! -e "$directory/etc/ssh_host_${keytype}_key.pub" ]; then
continue
fi
(printf '%s ' "$host" &&
sed -E 's/^([^ ]* [^ ]*).*/\1/' \
"$directory/etc/ssh_host_${keytype}_key.pub") \
>> "$known_hosts_tmp"
done
done
# TODO: ssh-keygen needs a standalone way to make such a hash.
ssh-keygen -H -f "$known_hosts_tmp" 1>/dev/null 2>/dev/null
cat -- "$known_hosts_tmp" >> "$sshd_key_known_hosts_file"
rm -f "$known_hosts_tmp"
rm -f "$known_hosts_tmp.old"
fi
if [ -n "$root_ssh_authorized_keys" ]; then
mkdir -p -- "$directory/root"
mkdir -p -m 700 -- "$directory/root/.ssh"
cp -- "$root_ssh_authorized_keys" "$directory/root/.ssh/authorized_keys"
fi
if [ -n "$root_ssh_config" ]; then
mkdir -p -- "$directory/root"
mkdir -p -m 700 -- "$directory/root/.ssh"
cp -- "$root_ssh_config" "$directory/root/.ssh/config"
fi
if [ -n "$root_ssh_known_hosts" ]; then
mkdir -p -- "$directory/root"
mkdir -p -m 700 -- "$directory/root/.ssh"
cp -- "$root_ssh_known_hosts" "$directory/root/.ssh/known_hosts"
fi
if $root_ssh_keygen; then
mkdir -p -- "$directory/root"
mkdir -p -m 700 -- "$directory/root/.ssh"
if [ ! -e "$directory/root/.ssh/id_rsa"]; then
ssh-keygen -t rsa -f "$directory/root/.ssh/id_rsa" -N "" -C "root@$hostname"
fi
fi