Fedora image: install havegd, ip utils & ci, uncloud-init

fedora-uncloud-image.sh

@@ -16,7 +16,7 @@ RELEASE=31
 ARCH=x86_64
 IMAGE_PATH=fedora-uncloud-$RELEASE-$(date +%+F).img.qcow2
 IMAGE_SIZE=10G
-NBD_DEVICE=/dev/nbd1
+NBD_DEVICE=/dev/nbd5
 
 cleanup() {
 	# The order here is important.
@@ -80,7 +80,8 @@ dnf -y \
 	--enablerepo=fedora \
 	--enablerepo=updates install \
 	--setopt=install_weak_deps=False \
-	@Core
+		basesystem systemd systemd-udev passwd dnf fedora-release procps-ng \
+		iproute iputils vim-minimal
 
 mount --bind /dev /mnt/dev
 mount --bind /dev/pts /mnt/dev/pts
@@ -99,9 +100,36 @@ cat > /mnt/etc/hosts << EOF
 
 EOF
 
+# Use haveged as entropy source.
+run_root dnf -y install haveged
+run_root systemctl enable haveged
+
 # Accept router advertisements for SLAAC.
 run_root sysctl -w net.ipv6.conf.all.accept_ra=1
 
+# Install RDNSSD for DNS discovery from router advertisement. The service is enabled by default.
+run_root dnf -y install ndisc6
+cat > /mnt/etc/systemd/system/rdnssd.service << EOF
+[Unit]
+Description=IPv6 Recursive DNS Server discovery Daemon
+Documentation=man:rdnssd(8)
+Before=network.target
+Requires=network.target
+
+[Service]
+Type=forking
+ExecStartPre=/bin/mkdir -p /var/run/rdnssd
+ExecStartPre=/bin/chown nobody /var/run/rdnssd
+ExecStartPre=/bin/chmod 0755 /var/run/rdnssd
+ExecStart=/sbin/rdnssd -p /var/run/rdnssd.pid -H /etc/rdnssd/merge-hook
+PIDFile=/var/run/rdnssd.pid
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
+EOF
+run_root systemctl enable rdnssd
+
 # Initialize base services.
 run_root systemd-machine-id-setup
 
@@ -146,9 +174,19 @@ rm -f /var/lib/systemd/random-seed
 # Note: build logs could be removed as well.
 run_root dnf clean all
 
-# FIXME: add fnux's SSH key for testing purposes.
+# Manually install uncloud-init.
-mkdir -p /mnt/root/.ssh
+uncloud_init_dir=/tmp/uncloud-init
-curl https://key.wf/fnux > /mnt/root/.ssh/authorized_keys
+run_root dnf install -y git curl grep make
+
+mkdir -p "$uncloud_init_dir"
+run_root git clone https://code.ungleich.ch/uncloud/uncloud-init.git "$uncloud_init_dir"
+run_root make -C "$uncloud_init_dir" install
+run_root rm -r "$uncloud_init_dir"
+
+run_root systemctl enable uncloud-init
+
+# Remove resolv.conf: will be handled by uncloud-init.
+run_root rm /etc/resolv.conf
 
 # Make sure everything is written to disk before exiting.
 sync