summaryrefslogtreecommitdiffstats
path: root/setup-arch-vm
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2014-03-12 15:09:01 +0100
committerFlorian Pritz <bluewind@xinu.at>2014-03-12 15:09:01 +0100
commitfd48e4001be8f0094abeda644dad900fd93127fc (patch)
tree9ea8764eda8a41876f6194bcc1084b27701cee65 /setup-arch-vm
parenta224a91ca291db138d6a656306221539c990df7f (diff)
downloadbin-fd48e4001be8f0094abeda644dad900fd93127fc.tar.gz
bin-fd48e4001be8f0094abeda644dad900fd93127fc.tar.xz
vm setup: misc changes
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'setup-arch-vm')
-rw-r--r--setup-arch-vm57
1 files changed, 31 insertions, 26 deletions
diff --git a/setup-arch-vm b/setup-arch-vm
index 4444591..fbf3be1 100644
--- a/setup-arch-vm
+++ b/setup-arch-vm
@@ -42,12 +42,22 @@ cat <<EOF >/etc/pacman.d/mirrorlist
Server = http://mirror.server-speed.net/\$repo/os/\$arch
EOF
-pacstrap /mnt base syslinux sudo openssh haveged htop git zsh screen dnsutils vim net-tools avahi
+pacstrap /mnt base syslinux sudo openssh haveged htop git zsh screen dnsutils vim net-tools
genfstab -p /mnt >> /mnt/etc/fstab
mymac=$(ip addr show dev eth0 | sed -rn 's#^\s+link/ether ([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}).*$#\1#p')
get_url "http://$server/hostnames/$mymac" "archvm" > /mnt/etc/hostname
+hostname=$(cat /mnt/etc/hostname)
+
+cat << EOF >/mnt/etc/systemd/network/10-static-ethernet.network
+[Match]
+Name=e*
+
+[Network]
+$(get_url "http://$server/network/$hostname")
+EOF
+
ln -s /usr/share/zoneinfo/Europe/Athens /mnt/etc/localtime
echo "en_US.UTF-8 UTF-8" > /mnt/etc/locale.gen
arch-chroot /mnt locale-gen
@@ -62,37 +72,32 @@ cat <<EOF >/mnt/boot/syslinux/syslinux.cfg
serial 0 115200
DEFAULT arch
PROMPT 0
-TIMEOUT 50
+TIMEOUT 30
+UI menu.c32
LABEL arch
MENU LABEL Arch Linux
LINUX ../vmlinuz-linux
- APPEND root=${disk}1 rw logo.nologo elevator=deadline console=tty0 console=ttyS0 nomodeset
+ APPEND root=${disk}1 rw logo.nologo elevator=deadline nomodeset
INITRD ../initramfs-linux.img
EOF
-cat <<EOF >/mnt/etc/avahi/avahi-daemon.conf
-[server]
-browse-domains=
-use-ipv4=yes
-use-ipv6=yes
-ratelimit-interval-usec=1000000
-ratelimit-burst=1000
-
-[wide-area]
-enable-wide-area=no
-
-[publish]
-
-[reflector]
-
-[rlimits]
-rlimit-core=0
-rlimit-data=4194304
-rlimit-fsize=0
-rlimit-nofile=768
-rlimit-stack=4194304
-rlimit-nproc=3
+cat <<EOF >/mnt/etc/ssh/sshd_config
+Port 22
+Protocol 2
+PermitRootLogin yes
+PubkeyAuthentication yes
+AuthorizedKeysFile .ssh/authorized_keys
+PasswordAuthentication no
+ChallengeResponseAuthentication no
+UsePAM yes
+GatewayPorts clientspecified
+PrintMotd no # pam does that
+UsePrivilegeSeparation sandbox # Default for new installations.
+Ciphers aes256-ctr,aes192-ctr,aes128-ctr
+Subsystem sftp internal-sftp
+Match Group "ssh-password"
+ PasswordAuthentication yes
EOF
arch-chroot /mnt mkinitcpio -p linux
@@ -116,7 +121,7 @@ arch-chroot /mnt passwd -d $newuser
curl https://git.server-speed.net/users/flo/bin/plain/init_new_user.sh | arch-chroot /mnt sudo -u $newuser bash
arch-chroot /mnt chsh -s /bin/zsh $newuser
-arch-chroot /mnt systemctl enable multi-user.target sshd haveged dhcpcd avahi-daemon
+arch-chroot /mnt systemctl enable multi-user.target sshd haveged dhcpcd systemd-networkd
sync
systemctl reboot