nas1: New host

3 files changed, 121 insertions, 0 deletions

diff --git a/hosts/nas1/conf b/hosts/nas1/conf
new file mode 100644
index 0000000..2790c0c
--- /dev/null
+++ b/hosts/nas1/conf
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+#	start,size,id,bootable
+part_script='
+	1024,+,83,*
+	'
+
+#	fs           mp       type    options              dump    pass
+fstab='
+	@DEV1@       /        ext4    errors=remount-ro    0       1
+	UUID=97ace982-0d37-4d52-8f0b-a8ec30de0b03 /media/5tb ext4 defaults 0 2
+	'
+
+mirror='http://deb.debian.org/debian'
+suite='buster'
+arch='amd64'
+extra_pkgs='
+	grub-pc
+	linux-image-amd64
+	sysvinit-core
+	'
+apt_sources='
+	deb http://deb.debian.org/debian buster main
+	deb-src http://deb.debian.org/debian buster main
+
+	deb http://security.debian.org/debian-security buster/updates main
+	deb-src http://security.debian.org/debian-security buster/updates main
+	'
+
+locale='en_US'
+supported_locales='en_US.UTF-8 en_DK.UTF-8'
+
+time_zone='America/New_York'
+
+passwd_shadow='on'
+root_passwd_crypted=''
+root_login=false
+user_make=true
+user_name='pj'
+user_full_name='P. J. McDermott'
+user_groups='adm sudo'
+user_passwd_crypted='$6$.4kiiaCvfP$WZtL6RXtWtW0lIRnx2GyJwaN1OdkQUEHOulzxyXlS.dKTClhaI9Hkq3.bdE6TC613VqgEekwPgm3.T1D9CCuk0'
+
+debconf_selections='
+	keyboard-configuration keyboard-configuration/layout select English (US)
+	keyboard-configuration keyboard-configuration/variant select English (US)
+	'
diff --git a/hosts/nas1/pkgs b/hosts/nas1/pkgs
new file mode 100644
index 0000000..4e7fbda
--- /dev/null
+++ b/hosts/nas1/pkgs
@@ -0,0 +1,33 @@
+# Base system utilities
+	bc
+	time
+# Shells
+	bash
+	bash-completion
+# Administrative utilities
+	adduser
+	sudo
+# Hardware sensor monitoring and fan control utilities
+	lm-sensors
+# Hardware listing utilities
+	pciutils
+	usbutils
+# Block device utilities
+	smartmontools
+# File and file system utilities
+	lsof
+	ncdu
+	nocache
+# Editors, pagers, and documentation readers
+	less
+	vim
+# Network communication utilities
+	openssh-server
+# Network services
+	nfs-kernel-server
+# Time utilities
+	ntp
+# System monitoring utilities
+	htop
+# Terminal utilities
+	screen
diff --git a/hosts/nas1/postinst b/hosts/nas1/postinst
new file mode 100644
index 0000000..82d4d26
--- /dev/null
+++ b/hosts/nas1/postinst
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+# Purge systemd.
+in_target apt-get -q -y purge libpam-systemd systemd || return 1
+in_target apt-get -q -y --purge autoremove || return 1
+
+# Remove packages from APT cache.
+in_target apt-get clean || return 1
+
+# Install GRUB.
+in_target update-grub
+in_target grub-install "${dev}"
+
+# Update initramfs.
+in_target update-initramfs -u
+
+# Configure network interfaces.
+mv "${target}/etc/network/interfaces" "${target}/etc/network/interfaces.dist"
+cat 1>"${target}/etc/network/interfaces" 0<<-EOF
+	auto lo
+	iface lo inet loopback
+
+	# FIXME
+	auto eth0
+	iface eth0 inet dhcp
+	EOF
+
+# Configure NFS.
+mv "${target}/etc/exports" "${target}/etc/exports.dist"
+cat 1>"${target}/etc/exports" 0<<-EOF
+	/media/5tb 192.168.10.0/255.255.255.0(rw,sync,no_subtree_check,no_root_squash,mountpoint)
+	EOF
+
+# Harden SSH server.
+mv "${target}/etc/ssh/sshd_config" "${target}/etc/ssh/sshd_config.dist"
+sed \
+	-e 's/^PermitRootLogin .*$/PermitRootLogin no/' \
+	-e 's/^#PasswordAuthentication .*$/#PasswordAuthentication no/' \
+	"${target}/etc/ssh/sshd_config.dist" 1>"${target}/etc/ssh/sshd_config"
+
+return 0