+mod

Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org>
2020-10-12 18:53:48 +02:00 · 2020-10-12 18:53:48 +02:00 · 0875392098
commit 0875392098
parent bc6217fa0f
5 changed files with 64 additions and 36 deletions
--- a/alpine-rebuild-initramfs.sh
+++ b/alpine-rebuild-initramfs.sh
@ -1,90 +1,107 @@
 #!/bin/sh
 if [ $# -ne 1 ]; then
    echo "$0 ssh-keyfile"
    echo "   ssh-keyfile: ssh keys to add into the image"
    exit 1
 fi
 set -e
 set -x
-MAJOR_VERSION=3.11
+SSH_KEYS=$1; shift
-MINOR_VERSION=2
+
 MAJOR_VERSION=3.12
 MINOR_VERSION=0
 IMAGE=alpine-minirootfs-$MAJOR_VERSION.$MINOR_VERSION-x86_64.tar.gz
-SSH_KEYS=$(cat ~/.ssh/id_rsa.pub)
+
 RESOLVCONF=/etc/resolv.conf
 working_directory=$(pwd -P)
 rootfs_tmpdir=$(mktemp -d)
 rootfs_tmpdir=alpine_${MAJOR_VERSION}-${MINOR_VERSION}-rootfs
 mkdir -p ${rootfs_tmpdir}
 rootfs_url="http://dl-cdn.alpinelinux.org/alpine/v$MAJOR_VERSION/releases/x86_64/$IMAGE"
 run_root () {
-    chroot $rootfs_tmpdir /usr/bin/env \
+    sudo chroot $rootfs_tmpdir /usr/bin/env \
        PATH=/bin:/sbin \
        /bin/sh -c "$*"
 }
-if [ "$(whoami)" != 'root' ]; then
+wget -c "$rootfs_url" -O "$working_directory/$IMAGE"
    echo "This script must be run as root." >&2
    exit 1
 fi
-# Download, extract inital rootfs.
+# keep right permissions, use sudo
-curl "$rootfs_url" -o "$working_directory/$IMAGE"
+sudo tar xf $IMAGE -C $rootfs_tmpdir
 tar xf $IMAGE -C $rootfs_tmpdir
 # Add SSH keys
 run_root mkdir -p root/.ssh
-echo $SSH_KEYS > $rootfs_tmpdir/root/.ssh/authorized_keys
+sudo cp $SSH_KEYS $rootfs_tmpdir/root/.ssh/authorized_keys
 run_root chown root:root root/.ssh/authorized_keys
 run_root chmod 0600 root/.ssh/authorized_keys
 run_root chmod 0700 root/.ssh
 # Import local resolv.conf.
-cat "$RESOLVCONF" > $rootfs_tmpdir/etc/resolv.conf
+sudo cp "$RESOLVCONF" $rootfs_tmpdir/etc/resolv.conf
 # Make sure init is found by the kernel.
-run_root ln -s /sbin/init /init
+#run_root ln -sf /sbin/init /init
 # Layer atop base rootfs.
 run_root apk update
 run_root apk upgrade
 run_root apk add openssh linux-lts openrc udev ndisc6
 run_root rc-update add udev
 run_root rc-update add udev-trigger
 run_root rc-update add sshd
 run_root rc-update add networking
 run_root rc-update add hostname
 run_root rc-update add rdnssd
 # Generate iniramfs image
 (cd $rootfs_tmpdir; sudo find . | sudo cpio -H newc -o | gzip -9 > "$working_directory/alpine-initramfs.gz")
 cp "$rootfs_tmpdir/boot/vmlinuz-lts" "$working_directory/alpine-kernel"
 # Servers have static addresses, disable the standard
 # alpine setting of using tempaddr = 2
-cat > "$rootfs_tmpdir/etc/sysctl.d/99-ipv6.conf" <<EOF
+sudo tee "$rootfs_tmpdir/etc/sysctl.d/99-ipv6.conf" <<EOF
 net.ipv6.conf.default.use_tempaddr = 0
 net.ipv6.conf.all.use_tempaddr = 0
 net.ipv6.conf.all.accept_ra = 1
 EOF
-cat > "$rootfs_tmpdir/etc/network/interfaces" <<EOF
+sudo tee "$rootfs_tmpdir/etc/network/interfaces" <<EOF
 auto lo
 iface lo inet loopback
 auto eth0
 iface eth0 inet6 manual
    pre-up ip link set eth0 up
    post-up sleep 10
    post-up ip addr show dev eth0 | grep inet6 >> /etc/issue
    post-up echo post post up >> /etc/issue
 EOF
-cat > "$rootfs_tmpdir/etc/hostname" <<EOF
+sudo tee "$rootfs_tmpdir/etc/hostname" <<EOF
 alpine-unconfigured
 EOF
-echo ipv6 >> "$rootfs_tmpdir/etc/modules"
+echo ipv6 | sudo tee -a "$rootfs_tmpdir/etc/modules"
 # Upload to netboot server. - needs to be done outside sudo
 echo "Use alpine-initramfs.gz alpine-kernel from $working_directory"!
 exit 0
 # Layer atop base rootfs.
 run_root apk update
 run_root apk upgrade
 run_root apk add openssh linux-vanilla openrc udev
 run_root rc-update add udev
 run_root rc-update add udev-trigger
 run_root rc-update add sshd
 run_root rc-update add networking
 run_root rc-update add hostname
 # FIXME: add / install rdnssd / ndisc6 / start it on boot
 # ndisc6 is only @testing
 # Generate iniramfs image
 (cd $rootfs_tmpdir; find . | cpio -H newc -o | gzip -9 > "$working_directory/alpine-initramfs.gz")
 cp "$rootfs_tmpdir/boot/vmlinuz-vanilla" "$working_directory/alpine-kernel"
 # Cleanup.
 #rm -r "$rootfs_tmpdir"
 # Upload to netboot server. - needs to be done outside sudo
 echo "Use alpine-initramfs.gz alpine-kernel from $working_directory"!
--- a/mikrotik-update.sh
+++ b/mikrotik-update.sh
@ -2,6 +2,8 @@
 # Nico Schottelius, 2019-12-02
 # Update mikrotik routers to the latest package
 set -e
 if [ $# -lt 2 ]; then
    echo "$0 <version> <arch> router [router...]"
    cat <<EOF
@ -31,11 +33,20 @@ unzip "${file}"
 pkg_list="dhcp ipv6 lcd lte multicast ppp routing security system user-manager wireless"
 while [ $# -ge 1 ]; do
    target=$1; shift
    # Escape literal IPv6 addresses
    if echo $target | grep ':'; then
        target_scp="[$target]"
    else
        target_scp="$target"
    fi
    echo "Updating ${target}"
    for pkg in $pkg_list; do
-        scp ${pkg}-${version}-${arch}.npk "admin@${target}:"
+        scp ${pkg}-${version}-${arch}.npk "admin@${target_scp}:"
    done
    ssh admin@${target} "/system reboot"
 done
--- a/openwrt-add-letsencrypt.sh
+++ b/openwrt-add-letsencrypt.sh
--- a/openwrt-add-lte.sh
+++ b/openwrt-add-lte.sh
--- a/openwrt-motion-config.sh
+++ b/openwrt-motion-config.sh