1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
|
#!/bin/sh
# start,size,id,bootable
part_script='
,+,83,*
'
# fs mp type options dump pass
fstab='
@DEV1@ / ext4 errors=remount-ro 0 1
/var/swap swap swap defaults,pri=100 0 0
'
mirror='http://httpredir.debian.org/debian'
suite='jessie'
arch='amd64'
extra_pkgs='
linux-image-amd64
sysvinit-core
'
hostname='alsvid2'
locale='en_US'
supported_locales='en_US.UTF-8 en_DK.UTF-8'
time_zone='UTC'
passwd_shadow='on'
root_passwd_crypted='$6$XMSNMQ6H8G0$9J.jbKWARqSLj51uC1L3J9y0nO/E6.7/l6JdUAwL6Dn.KVeaYbmA2H4EBHT.d55a49gifPkF0AuUnziKN45rF.'
root_login=true
user_make=true
user_name='pj'
user_full_name='P. J. McDermott'
user_groups='adm cdrom floppy sudo audio dip video plugdev netdev lpadmin'
user_passwd_crypted='$6$.4kiiaCvfP$WZtL6RXtWtW0lIRnx2GyJwaN1OdkQUEHOulzxyXlS.dKTClhaI9Hkq3.bdE6TC613VqgEekwPgm3.T1D9CCuk0'
debconf_selections='
keyboard-configuration keyboard-configuration/layout select English (US)
keyboard-configuration keyboard-configuration/variant select English (US)
wireshark-common wireshark-common/install-setuid boolean true
'
postinst_pkgs='
busybox
bash mksh ksh zsh bash-completion
time faketime
screen sudo adduser
bc
nocache
lsof
info
cowsay
unar zip unzip p7zip
lynx
ntfs-3g
vcsh myrepos
vim bvi less wdiff vbindiff
git gitk build-essential autoconf automake pkg-config m4 bison flex gdb
bmake cmake bzr dh-autoreconf
subversion mercurial
patch quilt
sbuild devscripts lintian debootstrap
sloccount valgrind
pciutils libpci-dev acpica-tools libfreetype6-dev
libusb-1.0-0-dev libusb-dev usbutils
dis51
kpartx genisoimage syslinux-utils qemu-system-x86
u-boot-tools heimdall-flash android-tools-adb android-tools-fastboot
flashrom
gcc-avr binutils-avr avr-libc avrdude
markdown
pdftk
optipng
gnupg gnupg-agent openssl
sqlite3
dnsutils whois ftp iperf3
powertop powerstat iotop
gddrescue
cups printer-driver-hpcups system-config-printer
xorg xserver-xorg-video-intel xserver-xorg-input-evdev
xinput xserver-xorg-input-synaptics desktop-base x11-xserver-utils
xdg-utils avahi-daemon libnss-mdns anacron eject iw alsa-utils alsa-base
fluxbox fbpanel fbpager clipit compton
xdm xscreensaver scrot
unclutter
gnome-themes-standard
roxterm-gtk3 gtk-redshift workrave
mpd mpc ncmpcpp mpdscribble mpv sox audacity wodim
gpicview gimp inkscape dia fontforge tiled
librsvg2-bin xcftools imagemagick
kanatest
pidgin mumble gobby
iceweasel
claws-mail claws-mail-fancy-plugin
claws-mail-pgpmime claws-mail-pgpinline
claws-mail-spam-report html2ps
openssh-server openssh-client rsync netcat-openbsd
gerbv openscad meshlab
libreoffice evince
planner ledger
graphviz paps llgal
minicom htop ntp ncdu
wicd-daemon wicd-gtk wicd-curses wicd-cli
wireshark
gnome-calculator units
fonts-mplus fonts-linuxlibertine fonts-freefont-ttf
fonts-dejavu fonts-liberation
fonts-droid fonts-ubuntu-title fonts-lato ttf-unifont fonts-croscore
libhtml-tree-perl libhtml-template-perl
libemail-mime-perl libemail-sender-perl libmail-rfc822-address-perl
libhtml-template-perl libjson-xs-perl libwww-perl
libparse-recdescent-perl libplack-perl liburi-perl
libcrypt-rijndael-perl libdigest-sha-perl
starman bsdgames fortune-mod fortunes-min fortunes-bofh-excuses
libdbi-perl libcurses-ui-perl perl-doc
libcgi-ssi-perl
libtest-script-perl libdevel-repl-perl libdevel-cover-perl
libtime-fake-perl libmodule-starter-perl
libtest-pod-perl libtest-pod-coverage-perl
libperl-critic-perl libautovivification-perl
libmozjs-24-bin mocha
libjavascript-beautifier-perl
libncurses5-dev
libdbd-sqlite3-perl
libxml-sax-perl libxml-sax-expatxs-perl
libsdl1.2-dev libsdl-image1.2-dev
liblua5.1-0-dev lua-posix lua-ldoc lua-markdown
libwebkit2gtk-4.0-dev libgtk-3-dev gtk-3-examples libgtk-3-0-dbg
libglib2.0-0-dbg libgtk-3-doc libwebkit2gtk-4.0-doc autoconf-doc
librsvg2-dev librsvg2-doc libcairo2-dev libcairo2-doc
wamerican-large wamerican-huge wamerican-insane
desmume freedink freedoom micropolis openttd prboom-plus pychess
python-pygame python-six vba wesnoth
'
do_postinst()
{
# Make swap file and set vm.swappiness.
# mkswap needs to be given the full path to the swap file including the
# root file system's mount point, or else this false error happens:
# mkswap: error: /var/swap is mounted; will not make swapspace
fallocate -l 12GiB "${target}/var/swap" || return 1
chmod 0600 "${target}/var/swap" || return 1
mkswap "${target}/var/swap" || return 1
printf 'vm.swappiness = 10\n' \
>"${target}/etc/sysctl.d/vm-swappiness.conf"
# Hibernation.
mkdir -p "${target}/boot/grub/" || return 1
root="UUID=$(blkid -o value -s UUID "${dev}1")"
offset="$(in_target filefrag -v /var/swap | sed -n '
/physical_offset:/{
n;
s/^[ 0-9.]*:[ 0-9.]*: *\([0-9][0-9]*\)...*$/\1/;
p;
q;
};')"
cmdline="root=${root} ro quiet resume=${root} resume_offset=${offset}"
cat >"${target}/boot/grub/libreboot_grub.cfg" <<-EOF
set root=(ahci0,msdos1)
linux /vmlinuz ${cmdline}
initrd /initrd.img
boot
EOF
# Disable mpd service.
in_target update-rc.d mpd disable
# Add "deb-src" line and backports.
cat >"${target}/etc/apt/sources.list" <<-EOF
deb http://httpredir.debian.org/debian jessie main
deb-src http://httpredir.debian.org/debian jessie main
EOF
cat >"${target}/etc/apt/sources.list.d/jessie-backports.list" <<-EOF
deb http://httpredir.debian.org/debian jessie-backports main
deb-src http://httpredir.debian.org/debian jessie-backports main
EOF
in_target apt-get update || return 1
in_target apt-get -q -y install midori || return 1
in_target apt-get -q -y install youtube-dl/jessie-backports || return 1
in_target apt-get -q -y install kicad/jessie-backports || return 1
in_target apt-get -q -y install \
tor/jessie-backports torsocks/jessie-backports || return 1
# Set default x-www-browser.
in_target update-alternatives --set x-www-browser /usr/bin/midori
# Purge systemd.
in_target apt-get -q -y purge libpam-systemd systemd || return 1
in_target apt-get -q -y --purge autoremove || return 1
# Remove packages from APT cache.
in_target apt-get clean || return 1
# Add user to groups created by postinst_pkgs.
in_target adduser pj scanner || return 1
in_target adduser pj wireshark || return 1
in_target adduser pj sbuild || return 1
# Add udev rule for USBtinyISP(-compatible) programmers.
cat >"${target}/etc/udev/rules.d/10-usbtinyisp.rules" <<-EOF
SUBSYSTEM=="usb", ATTR{idVendor}=="1781", ATTR{idProduct}=="0c9f", MODE="0660", GROUP="adm"
EOF
# Install Vertex themes.
in_target apt-get -q -y install gnome-themes-standard \
gtk2-engines-murrine libgtk-3-dev
in_target sudo -u pj sh <<-EOF
set -e
git clone https://github.com/horst3180/vertex-theme \
/home/pj/src/vertex-theme/
cd /home/pj/src/vertex-theme/
./autogen.sh --prefix=/home/pj/.local
make install
ln -s .local/share/themes/ /home/pj/.themes
EOF
[ ${?} -ne 0 ] && return 1
# Download wallpaper.
in_target sudo -u pj wget -O /home/pj/.wallpaper \
http://product-files.libiquity.com/taurinus/boot-splash/x200/background.png
# Use temporary configuation SSH key.
install -d -o 1000 -g 1000 -m 0700 "${target}/home/pj/.ssh" || return 1
cat >"${target}/home/pj/.ssh/id_rsa" <<-EOF
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCzAF0zqeS2X0TuVOIxqMec3lMzZy/MHQswPP+BQkmc2D3YVb2x
px1YAAweQnfZ27pGJkDztStOtMQJeaOsnAVdm2NSe+hEdaKAOxf9p6t+F930HM/w
1wkm1ddlsnCaaCipzGVOM77Q/brEItWvuq8G0+/fgN1o4pZzl4Bub/4D4QIDAQAB
AoGAS+wKnAAiXuv3m7LrIa75w2JVHcdVcZicB0DICnYoLNtXF+v+AlzkSE/009zT
YtccoeZVxEiCbuajA3XRY0PlzgGHTbsGn1BWqI9cjdXTiotnjzOH8zr3JiMZMWwf
hqwbtleP+yruNPHMxQ8dKVXv875NKJW+aArmQWtjeMOy/vECQQDdsvPJ4bUu8M7/
MXqGtz8CJbrRp+ZMKUw0WuwSwTfHRs/Jp27mWf5+t/u+RN8WK/RRD8FHvz4azLhr
sNUFiE69AkEAzrI/DFBFOM5mUECujs2UvCCeWZiAi9QoJ7kDrrAkcG+hMalpNUU3
SUZ76stBUk3hZNpc82aq0a0o8ac0VrBd9QJAB3nbYrlrxLN2J4Dhot1XEJl5HUzO
JU9XNITEZTWCzgODSkeNI9NxE5DcumPUKgk9aeZgHC1EyN6ScX87D76y+QJAL8DE
ii69X1toDeBzs7BRTYlnrCFsiWGRiWPYMvKk6IkRv6x5DwKXvEkZdexRghdWHHvK
f71Xd6u+yt2rXN/QRQJBALv6SwbokdXp5qKJV48QG452dSOT7FQEINnCsIeNUKP6
9YyaZxqLia6pEbEKTSRdztXaMqRsrmOG8E084sFg8DQ=
-----END RSA PRIVATE KEY-----
EOF
in_target chown pj:pj '/home/pj/.ssh/id_rsa'
in_target chmod 0600 '/home/pj/.ssh/id_rsa'
# Set up SSH known hosts.
cat >"${target}/home/pj/.ssh/known_hosts" <<-EOF
|1|fypb7kn7NH0fqHGj9Xs/rdpO71s=|SCtg2BdMNB9zL5bAPYkJy1uiNSM= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXcG5BuZi4947D9WqY1L6CzaH4Qjw7YA7Dja+09y0nZjLVDd1saZCPkTjo1PEHxVCvSHvc0VmRqIZ2wUGtuqIlgGPMphCPAtdHN63YcNXqIhjEygLsaSZgy1Qz33YQF+YSANbeZQ4vnqiYr3C1IA7Cw4km/0s1BvP3t9yJf/iYODZqjVqUhqB4hzXJcBZHrgnM4LmPD4NH81fCqpwfRviNQNFAqd/aT1YTvgdn46HTVz7dV8ahW6SLXBTJZvO9dLAAKOPPZwuluaRphBqjPLC83zsihQ884SAH+AKcpN1ne73UZUuA1Gyk3HW+a/ngbzm1nmoeC0Sm1nNlTvC4WrLD
|1|z7it+otnWcn/98YKdeaBCXl+ug8=|NFRpdQZBMTAuWbUDAqXLptFR5Ao= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXcG5BuZi4947D9WqY1L6CzaH4Qjw7YA7Dja+09y0nZjLVDd1saZCPkTjo1PEHxVCvSHvc0VmRqIZ2wUGtuqIlgGPMphCPAtdHN63YcNXqIhjEygLsaSZgy1Qz33YQF+YSANbeZQ4vnqiYr3C1IA7Cw4km/0s1BvP3t9yJf/iYODZqjVqUhqB4hzXJcBZHrgnM4LmPD4NH81fCqpwfRviNQNFAqd/aT1YTvgdn46HTVz7dV8ahW6SLXBTJZvO9dLAAKOPPZwuluaRphBqjPLC83zsihQ884SAH+AKcpN1ne73UZUuA1Gyk3HW+a/ngbzm1nmoeC0Sm1nNlTvC4WrLD
EOF
in_target chown pj:pj '/home/pj/.ssh/known_hosts'
in_target chmod 0600 '/home/pj/.ssh/known_hosts'
# Bootstrap vcsh and mr.
rm -f "${target}/home/pj/.profile" "${target}/home/pj/.bashrc" \
"${target}/home/pj/.bash_logout"
in_target sudo -u pj vcsh clone \
ssh://git@git.pehjota.net/dotfiles/mr.git mr || return 1
in_target sudo -u pj mr update || return 1
in_target sudo -u pj /home/pj/bin/dfen claws-mail clipit fluxbox \
gpicview gimp gtk kicad midori mpd mpv redshift roxterm \
xdg-user-dirs xscreensaver
# Create XDG directories.
sed 's/#.*$//; /^$/d;' "${target}/home/pj/.config/user-dirs.dirs" | \
while IFS='=' read var val; do
HOME='/home/pj'
eval "mkdir '${target}/'${val}"
done
# Add empty folder list to prevent Claws Mail wizard from running.
cat >"${target}/home/pj/.claws-mail/folderlist.xml" <<-EOF
<?xml version="1.0" encoding="UTF-8"?>
<folderlist>
<folder type="imap" sort="0" collapsed="0" account_id="1" name="pj@pehjota.net">
</folder>
<folder type="imap" sort="0" collapsed="0" account_id="2" name="patrick.mcdermott@libiquity.com">
</folder>
</folderlist>
EOF
# Generate target's SSH keypair.
rm -f "${target}/home/pj/.ssh/id_rsa" \
"${target}/home/pj/.ssh/id_rsa.pub" || return 1
install -o 1000 -g 1000 -m 0600 '/home/pj/.ssh/id_rsa' \
"${target}/home/pj/.ssh/id_rsa" || return 1
install -o 1000 -g 1000 -m 0600 '/home/pj/.ssh/id_rsa.pub' \
"${target}/home/pj/.ssh/id_rsa.pub" || return 1
#in_target ssh-keygen -b 4096 -C pj@alsvid200 -t rsa \
# -f /home/pj/.ssh/id_rsa </dev/null || return 1
#cp "${target}/home/pj/.ssh/id_rsa.pub" 'pj@alsvid200.pub' || return 1
return 0
}
|
