summaryrefslogtreecommitdiffstats
path: root/hosts/alsvid2
blob: 3f073e63768d26e1ad8a53f6f8a67744d90bca92 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
#!/bin/sh

#	start,size,id,bootable
part_script='
	,+,83,*
	'

#	fs           mp       type    options              dump    pass
fstab='
	@DEV1@       /        ext4    errors=remount-ro    0       1
	/var/swap    swap     swap    defaults,pri=100     0       0
	'

mirror='http://httpredir.debian.org/debian'
suite='jessie'
arch='amd64'
extra_pkgs='
	linux-image-amd64
	sysvinit-core
	'

hostname='alsvid2'

locale='en_US'
supported_locales='en_US.UTF-8 en_DK.UTF-8'

time_zone='UTC'

passwd_shadow='on'
root_passwd_crypted='$6$XMSNMQ6H8G0$9J.jbKWARqSLj51uC1L3J9y0nO/E6.7/l6JdUAwL6Dn.KVeaYbmA2H4EBHT.d55a49gifPkF0AuUnziKN45rF.'
root_login=true
user_make=true
user_name='pj'
user_full_name='P. J. McDermott'
user_groups='adm cdrom floppy sudo audio dip video plugdev netdev lpadmin'
user_passwd_crypted='$6$.4kiiaCvfP$WZtL6RXtWtW0lIRnx2GyJwaN1OdkQUEHOulzxyXlS.dKTClhaI9Hkq3.bdE6TC613VqgEekwPgm3.T1D9CCuk0'

debconf_selections='
	keyboard-configuration keyboard-configuration/layout select English (US)
	keyboard-configuration keyboard-configuration/variant select English (US)
	wireshark-common wireshark-common/install-setuid boolean true
	'

postinst_pkgs="
	`# Base system utilities `
	bc
	busybox
	time
	`# Shells `
	bash
	bash-completion
	ksh
	mksh
	zsh
	`# Administrative daemons `
	anacron
	`# Administrative utilities `
	adduser
	sudo
	`# Hardware listing utilities `
	pciutils
	usbutils
	`# Block device utilities `
	gddrescue
	kpartx
	`# File and file system utilities `
	lsof
	ncdu
	nocache
	ntfs-3g
	`# Archival utilities `
	p7zip
	unar
	unzip
	zip
	`# User configuration management utilities `
	vcsh
	myrepos
	`# Editors, pagers, and documentation readers `
	bvi
	info
	less
	vbindiff
	vim
	wdiff
	`# Version control systems `
	bzr
	git
	gitk
	mercurial
	subversion
	`# Patch management utilities `
	patch
	quilt
	`# Build system utilities `
	autoconf
	autoconf-doc
	automake
	bmake
	cmake
	pkg-config
	`# Build utilities `
	bison
	build-essential
	flex
	gdb
	`# Debian development tools `
	debootstrap
	devscripts
	dh-autoreconf
	lintian
	sbuild
	`# Code analytics and QA utilities `
	sloccount
	valgrind
	`# coreboot and GRUB build dependencies `
	acpica-tools
	gnat
	libfreetype6-dev
	libpci-dev
	zlib1g-dev
	`# flashrom build dependencies `
	libusb-1.0-0-dev
	libusb-dev
	`# Firmware utilities `
	dis51
	`# U-Boot and Android-related utilities `
	android-tools-adb
	android-tools-fastboot
	heimdall-flash
	u-boot-tools
	`# Flashing utilities `
	flashrom
	`# AVR build and flashing utilities and C library `
	avr-libc
	avrdude
	binutils-avr
	gcc-avr
	`# Hypervisors `
	qemu-system-x86
	`# Database management systems `
	sqlite3
	`# Graphics and document utilities `
	graphviz
	imagemagick
	librsvg2-bin
	llgal
	m4
	markdown
	optipng
	paps
	pdftk
	xcftools
	`# Public-key cryptography utilities `
	gnupg
	gnupg-agent
	openssl
	`# Networking utilities `
	dnsutils
	ftp
	iperf3
	whois
	wget
	wireshark
	`# Network communication utilities `
	netcat-openbsd
	openssh-client
	openssh-server
	rsync
	`# DNS service discovery daemon and NSS module `
	avahi-daemon
	libnss-mdns
	`# Wi-Fi utilities `
	iw
	`# Wicd `
	wicd-cli
	wicd-curses
	wicd-daemon
	wicd-gtk
	`# Time utilities `
	faketime
	ntp
	`# System monitoring utilities `
	htop
	iotop
	powerstat
	powertop
	`# ALSA `
	alsa-base
	alsa-utils
	`# CUPS, etc. `
	cups
	printer-driver-hpcups
	system-config-printer
	`# X.org X server, drivers, and utilities `
	x11-xserver-utils
	xinput
	xorg
	xserver-xorg-input-evdev
	xserver-xorg-input-synaptics
	xserver-xorg-video-intel
	`# Window manager and panel `
	clipit
	compton
	fbpager
	fbpanel
	fluxbox
	`# Display manager, screensaver daemon, etc. `
	scrot
	unclutter
	xdm
	xscreensaver
	`# Desktop artwork, utilities, etc. `
	desktop-base
	xdg-utils
	`# GNOME themes `
	gnome-themes-standard
	`# Terminal utilities `
	minicom
	roxterm-gtk3
	screen
	`# Ergonomics applications `
	gtk-redshift
	workrave
	`# Image, font, and tileset viewers and editors `
	dia
	fontforge
	gimp
	gpicview
	inkscape
	tiled
	`# Multimedia players and editors `
	audacity
	mpc
	mpd
	mpdscribble
	mpv
	ncmpcpp
	sox
	`# Disc and image utilities `
	brasero
	eject
	genisoimage
	syslinux-utils
	wodim
	`# Web browsers `
	iceweasel
	lynx
	w3m
	`# Mail client `
	claws-mail
	claws-mail-fancy-plugin
	claws-mail-pgpinline
	claws-mail-pgpmime
	claws-mail-spam-report
	html2ps
	`# Messaging and collaboration applications `
	gobby
	mumble
	pidgin
	`# Mathematics applications `
	gnome-calculator
	units
	`# Office, productivity, and accounting applications `
	evince
	ledger
	libreoffice
	planner
	`# Solid CAD applications `
	gerbv
	meshlab
	openscad
	`# Ncurses, SDL, Lua, GTK+, WebKitGTK+, etc. libraries `
	gtk-3-examples
	libcairo2-dev
	libcairo2-doc
	libglib2.0-0-dbg
	libgtk-3-0-dbg
	libgtk-3-dev
	libgtk-3-doc
	liblua5.1-0-dev
	libncurses5-dev
	librsvg2-dev
	librsvg2-doc
	libsdl-image1.2-dev
	libsdl1.2-dev
	libwebkit2gtk-4.0-dev
	libwebkit2gtk-4.0-doc
	`# Perl distributions `
	libautovivification-perl
	libcgi-ssi-perl
	libcrypt-rijndael-perl
	libcurses-ui-perl
	libdbd-sqlite3-perl
	libdbi-perl
	libdevel-cover-perl
	libdevel-repl-perl
	libdigest-sha-perl
	libemail-mime-perl
	libemail-sender-perl
	libhtml-template-perl
	libhtml-template-perl
	libhtml-tree-perl
	libjavascript-beautifier-perl
	libjson-xs-perl
	libmail-rfc822-address-perl
	libmodule-starter-perl
	libparse-recdescent-perl
	libperl-critic-perl
	libplack-perl
	libtest-pod-coverage-perl
	libtest-pod-perl
	libtest-script-perl
	libtime-fake-perl
	liburi-perl
	libwww-perl
	libxml-sax-expatxs-perl
	libxml-sax-perl
	perl-doc
	starman
	`# JavaScript utilities `
	libmozjs-24-bin
	mocha
	`# Lua libraries `
	lua-ldoc
	lua-markdown
	lua-posix
	`# Font families `
	fonts-croscore
	fonts-dejavu
	fonts-droid
	fonts-freefont-ttf
	fonts-lato
	fonts-liberation
	fonts-linuxlibertine
	fonts-mplus
	fonts-ubuntu-title
	ttf-unifont
	`# Dictionary word lists `
	wamerican-huge
	wamerican-insane
	wamerican-large
	`# Educational applications `
	kanatest
	`# Toys `
	cowsay
	fortune-mod
	fortunes-bofh-excuses
	fortunes-min
	`# Games, etc. `
	bsdgames
	desmume
	freedink
	freedoom
	micropolis
	openttd
	prboom-plus
	pychess
	python-pygame
	python-six
	vba
	wesnoth
	"

do_postinst()
{
	# Make swap file and set vm.swappiness.
	# mkswap needs to be given the full path to the swap file including the
	# root file system's mount point, or else this false error happens:
	#   mkswap: error: /var/swap is mounted; will not make swapspace
	fallocate -l 12GiB "${target}/var/swap" || return 1
	chmod 0600 "${target}/var/swap" || return 1
	mkswap "${target}/var/swap" || return 1
	printf 'vm.swappiness = 10\n' \
		>"${target}/etc/sysctl.d/vm-swappiness.conf"

	# Hibernation.
	mkdir -p "${target}/boot/grub/" || return 1
	root="UUID=$(blkid -o value -s UUID "${dev}1")"
	offset="$(in_target filefrag -v /var/swap | sed -n '
		/physical_offset:/{
			n;
			s/^[ 0-9.]*:[ 0-9.]*: *\([0-9][0-9]*\)...*$/\1/;
			p;
			q;
		};')"
	cmdline="root=${root} ro quiet resume=${root} resume_offset=${offset}"
	cat >"${target}/boot/grub/libreboot_grub.cfg" <<-EOF
		set root=(ahci0,msdos1)
		linux /vmlinuz ${cmdline}
		initrd /initrd.img
		boot
		EOF

	# Disable mpd service.
	in_target update-rc.d mpd disable

	# Add "deb-src" line and backports.
	cat >"${target}/etc/apt/sources.list" <<-EOF
		deb http://httpredir.debian.org/debian jessie main
		deb-src http://httpredir.debian.org/debian jessie main
		EOF
	cat >"${target}/etc/apt/sources.list.d/jessie-backports.list" <<-EOF
		deb http://httpredir.debian.org/debian jessie-backports main
		deb-src http://httpredir.debian.org/debian jessie-backports main
		EOF
	in_target apt-get update || return 1
	in_target apt-get -q -y install midori || return 1
	in_target apt-get -q -y install youtube-dl/jessie-backports || return 1
	in_target apt-get -q -y install kicad/jessie-backports || return 1
	in_target apt-get -q -y install \
		tor/jessie-backports torsocks/jessie-backports || return 1

	# Set default x-www-browser.
	in_target update-alternatives --set x-www-browser /usr/bin/midori

	# Purge systemd.
	in_target apt-get -q -y purge libpam-systemd systemd || return 1
	in_target apt-get -q -y --purge autoremove || return 1

	# Remove packages from APT cache.
	in_target apt-get clean || return 1

	# Add user to groups created by postinst_pkgs.
	in_target adduser pj scanner || return 1
	in_target adduser pj wireshark || return 1
	in_target adduser pj sbuild || return 1

	# Add udev rule for USBtinyISP(-compatible) programmers.
	cat >"${target}/etc/udev/rules.d/10-usbtinyisp.rules" <<-EOF
		SUBSYSTEM=="usb", ATTR{idVendor}=="1781", ATTR{idProduct}=="0c9f", MODE="0660", GROUP="adm"
		EOF

	# Install Vertex themes.
	in_target apt-get -q -y install gnome-themes-standard \
		gtk2-engines-murrine libgtk-3-dev
	in_target sudo -u pj sh <<-EOF
		set -e
		git clone https://github.com/horst3180/vertex-theme \
			/home/pj/src/vertex-theme/
		cd /home/pj/src/vertex-theme/
		./autogen.sh --prefix=/home/pj/.local
		make install
		ln -s .local/share/themes/ /home/pj/.themes
		EOF
	[ ${?} -ne 0 ] && return 1

	# Download wallpaper.
	in_target sudo -u pj wget -O /home/pj/.wallpaper \
		http://product-files.libiquity.com/taurinus/boot-splash/x200/background.png

	# Use temporary configuation SSH key.
	install -d -o 1000 -g 1000 -m 0700 "${target}/home/pj/.ssh" || return 1
	cat >"${target}/home/pj/.ssh/id_rsa" <<-EOF
		-----BEGIN RSA PRIVATE KEY-----
		MIICXAIBAAKBgQCzAF0zqeS2X0TuVOIxqMec3lMzZy/MHQswPP+BQkmc2D3YVb2x
		px1YAAweQnfZ27pGJkDztStOtMQJeaOsnAVdm2NSe+hEdaKAOxf9p6t+F930HM/w
		1wkm1ddlsnCaaCipzGVOM77Q/brEItWvuq8G0+/fgN1o4pZzl4Bub/4D4QIDAQAB
		AoGAS+wKnAAiXuv3m7LrIa75w2JVHcdVcZicB0DICnYoLNtXF+v+AlzkSE/009zT
		YtccoeZVxEiCbuajA3XRY0PlzgGHTbsGn1BWqI9cjdXTiotnjzOH8zr3JiMZMWwf
		hqwbtleP+yruNPHMxQ8dKVXv875NKJW+aArmQWtjeMOy/vECQQDdsvPJ4bUu8M7/
		MXqGtz8CJbrRp+ZMKUw0WuwSwTfHRs/Jp27mWf5+t/u+RN8WK/RRD8FHvz4azLhr
		sNUFiE69AkEAzrI/DFBFOM5mUECujs2UvCCeWZiAi9QoJ7kDrrAkcG+hMalpNUU3
		SUZ76stBUk3hZNpc82aq0a0o8ac0VrBd9QJAB3nbYrlrxLN2J4Dhot1XEJl5HUzO
		JU9XNITEZTWCzgODSkeNI9NxE5DcumPUKgk9aeZgHC1EyN6ScX87D76y+QJAL8DE
		ii69X1toDeBzs7BRTYlnrCFsiWGRiWPYMvKk6IkRv6x5DwKXvEkZdexRghdWHHvK
		f71Xd6u+yt2rXN/QRQJBALv6SwbokdXp5qKJV48QG452dSOT7FQEINnCsIeNUKP6
		9YyaZxqLia6pEbEKTSRdztXaMqRsrmOG8E084sFg8DQ=
		-----END RSA PRIVATE KEY-----
		EOF
	in_target chown pj:pj '/home/pj/.ssh/id_rsa'
	in_target chmod 0600 '/home/pj/.ssh/id_rsa'

	# Set up SSH known hosts.
	cat >"${target}/home/pj/.ssh/known_hosts" <<-EOF
		|1|fypb7kn7NH0fqHGj9Xs/rdpO71s=|SCtg2BdMNB9zL5bAPYkJy1uiNSM= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXcG5BuZi4947D9WqY1L6CzaH4Qjw7YA7Dja+09y0nZjLVDd1saZCPkTjo1PEHxVCvSHvc0VmRqIZ2wUGtuqIlgGPMphCPAtdHN63YcNXqIhjEygLsaSZgy1Qz33YQF+YSANbeZQ4vnqiYr3C1IA7Cw4km/0s1BvP3t9yJf/iYODZqjVqUhqB4hzXJcBZHrgnM4LmPD4NH81fCqpwfRviNQNFAqd/aT1YTvgdn46HTVz7dV8ahW6SLXBTJZvO9dLAAKOPPZwuluaRphBqjPLC83zsihQ884SAH+AKcpN1ne73UZUuA1Gyk3HW+a/ngbzm1nmoeC0Sm1nNlTvC4WrLD
		|1|z7it+otnWcn/98YKdeaBCXl+ug8=|NFRpdQZBMTAuWbUDAqXLptFR5Ao= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXcG5BuZi4947D9WqY1L6CzaH4Qjw7YA7Dja+09y0nZjLVDd1saZCPkTjo1PEHxVCvSHvc0VmRqIZ2wUGtuqIlgGPMphCPAtdHN63YcNXqIhjEygLsaSZgy1Qz33YQF+YSANbeZQ4vnqiYr3C1IA7Cw4km/0s1BvP3t9yJf/iYODZqjVqUhqB4hzXJcBZHrgnM4LmPD4NH81fCqpwfRviNQNFAqd/aT1YTvgdn46HTVz7dV8ahW6SLXBTJZvO9dLAAKOPPZwuluaRphBqjPLC83zsihQ884SAH+AKcpN1ne73UZUuA1Gyk3HW+a/ngbzm1nmoeC0Sm1nNlTvC4WrLD
		EOF
	in_target chown pj:pj '/home/pj/.ssh/known_hosts'
	in_target chmod 0600 '/home/pj/.ssh/known_hosts'

	# Bootstrap vcsh and mr.
	rm -f "${target}/home/pj/.profile" "${target}/home/pj/.bashrc" \
		"${target}/home/pj/.bash_logout"
	in_target sudo -u pj vcsh clone \
		ssh://git@git.pehjota.net/dotfiles/mr.git mr || return 1
	in_target sudo -u pj mr update || return 1
	in_target sudo -u pj /home/pj/bin/dfen claws-mail clipit fluxbox \
		gpicview gimp gtk kicad midori mpd mpv redshift roxterm \
		xdg-user-dirs xscreensaver

	# Create XDG directories.
	sed 's/#.*$//; /^$/d;' "${target}/home/pj/.config/user-dirs.dirs" | \
		while IFS='=' read var val; do
			HOME='/home/pj'
			eval "mkdir '${target}/'${val}"
		done

	# Add empty folder list to prevent Claws Mail wizard from running.
	cat >"${target}/home/pj/.claws-mail/folderlist.xml" <<-EOF
		<?xml version="1.0" encoding="UTF-8"?>
		<folderlist>
		    <folder type="imap" sort="0" collapsed="0" account_id="1" name="pj@pehjota.net">
		    </folder>
		    <folder type="imap" sort="0" collapsed="0" account_id="2" name="patrick.mcdermott@libiquity.com">
		    </folder>
		</folderlist>
		EOF

	# Generate target's SSH keypair.
	rm -f "${target}/home/pj/.ssh/id_rsa" \
		"${target}/home/pj/.ssh/id_rsa.pub" || return 1
	install -o 1000 -g 1000 -m 0600 '/home/pj/.ssh/id_rsa' \
		"${target}/home/pj/.ssh/id_rsa" || return 1
	install -o 1000 -g 1000 -m 0600 '/home/pj/.ssh/id_rsa.pub' \
		"${target}/home/pj/.ssh/id_rsa.pub" || return 1
	#in_target ssh-keygen -b 4096 -C pj@alsvid200 -t rsa \
	#	-f /home/pj/.ssh/id_rsa </dev/null || return 1
	#cp "${target}/home/pj/.ssh/id_rsa.pub" 'pj@alsvid200.pub' || return 1

	return 0
}