├── files └── etc │ ├── systemd │ └── network │ │ ├── bridged │ │ ├── br0.netdev │ │ ├── br0.network │ │ ├── bond0.network │ │ ├── wired.network │ │ ├── wireless.network.template │ │ └── bond0.netdev │ │ ├── wired.network │ │ └── wireless.network.template │ ├── hosts │ └── fstab ├── LICENSE ├── systemd └── show-ip.service ├── post.sh ├── licenses ├── intel.license └── bsd.license ├── README.md └── pre.sh /files/etc/systemd/network/bridged/br0.netdev: -------------------------------------------------------------------------------- 1 | [NetDev] 2 | Name=br0 3 | Kind=bridge -------------------------------------------------------------------------------- /files/etc/systemd/network/bridged/br0.network: -------------------------------------------------------------------------------- 1 | [Match] 2 | Name=br0 3 | 4 | [Network] 5 | DHCP=ipv4 -------------------------------------------------------------------------------- /files/etc/systemd/network/wired.network: -------------------------------------------------------------------------------- 1 | [Match] 2 | Name=en* 3 | 4 | [Network] 5 | DHCP=yes 6 | -------------------------------------------------------------------------------- /files/etc/systemd/network/bridged/bond0.network: -------------------------------------------------------------------------------- 1 | [Match] 2 | Name=bond0 3 | 4 | [Network] 5 | Bridge=br0 -------------------------------------------------------------------------------- /files/etc/systemd/network/bridged/wired.network: -------------------------------------------------------------------------------- 1 | [Match] 2 | Name=en* 3 | 4 | [Network] 5 | Bond=bond0 6 | PrimarySlave=true -------------------------------------------------------------------------------- /files/etc/systemd/network/bridged/wireless.network.template: -------------------------------------------------------------------------------- 1 | [Match] 2 | Name=wl* 3 | SSID=@@WPA_SSID@@ 4 | 5 | [Network] 6 | Bond=bond0 -------------------------------------------------------------------------------- /files/etc/systemd/network/wireless.network.template: -------------------------------------------------------------------------------- 1 | [Match] 2 | Name=en* 3 | SSID=@@WPA_SSID@@ 4 | 5 | [Network] 6 | DHCP=yes 7 | 8 | -------------------------------------------------------------------------------- /files/etc/systemd/network/bridged/bond0.netdev: -------------------------------------------------------------------------------- 1 | [NetDev] 2 | Name=bond0 3 | Kind=bond 4 | 5 | [Bond] 6 | Mode=active-backup 7 | PrimaryReselectPolicy=always 8 | MIIMonitorSec=1s -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The following files describe the licenses that apply to this software: 2 | 3 | licenses/bsd.license 4 | licenses/intel.license 5 | 6 | Any other files with the suffix ".license" also apply to this software. 7 | -------------------------------------------------------------------------------- /files/etc/hosts: -------------------------------------------------------------------------------- 1 | 127.0.0.1 localhost 2 | 127.0.1.1 @@HOSTNAME@@ 3 | 4 | # The following lines are desirable for IPv6 capable hosts 5 | ::1 ip6-localhost ip6-loopback 6 | fe00::0 ip6-localnet 7 | ff00::0 ip6-mcastprefix 8 | ff02::1 ip6-allnodes 9 | ff02::2 ip6-allrouters 10 | ff02::3 ip6-allhosts 11 | -------------------------------------------------------------------------------- /files/etc/fstab: -------------------------------------------------------------------------------- 1 | # /etc/fstab: static file system information. 2 | # 3 | # Use 'blkid' to print the universally unique identifier for a 4 | # device; this may be used with UUID= as a more robust way to name devices 5 | # that works even if disks are added and removed. See fstab(5). 6 | # 7 | # 8 | ROOT / ext4 errors=remount-ro 0 1 9 | # /boot was on /dev/vda1 during installation 10 | BOOT 11 | SWAP none swap sw 0 0 12 | -------------------------------------------------------------------------------- /systemd/show-ip.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Show IP Addresses at Boot Prompt 3 | Requires=network-online.target 4 | After=network-online.target 5 | Before=systemd-user-sessions.service 6 | 7 | [Service] 8 | Type=oneshot 9 | RemainAfterExit=yes 10 | StandardError=null 11 | StandardOutput=null 12 | WorkingDirectory=/tmp 13 | ExecStart=/bin/sh -c "until ip -o -4 addr show | grep global | grep -v docker; do sleep 0.3; ct=$(($ct + 1)); if [ $ct -ge 33 ]; then break; fi; done && echo \"Ubuntu $(lsb_release -r | awk '{print $2}') $(lsb_release -d | awk '{print $4}') $(uname -o) $(uname -r) $(uname -m) \\l\n\nIP Address:\n$(ip -o -4 addr list $(ip route show 0.0.0.0/0 | awk '{print $5}') | head -1 | awk '{print $4}' | cut -d/ -f1)\n\nRoutes:\n$(ip route show)\n\nLANs:\n$(ip -o -4 addr list)\n\" > /etc/issue" 14 | ExecStop=/bin/sh -c "echo bye" 15 | 16 | [Install] 17 | WantedBy=network-online.target 18 | -------------------------------------------------------------------------------- /post.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright (C) 2019 Intel Corporation 4 | # SPDX-License-Identifier: BSD-3-Clause 5 | 6 | #this is provided while using Utility OS 7 | source /opt/bootstrap/functions 8 | 9 | # --- Cleanup --- 10 | if [ ! -z "${param_docker_login_user}" ] && [ ! -z "${param_docker_login_pass}" ]; then 11 | run "Logout from a Docker registry" \ 12 | "docker logout" \ 13 | "$TMP/provisioning.log" 14 | fi 15 | 16 | if [ $freemem -lt 6291456 ]; then 17 | run "Cleaning up" \ 18 | "killall dockerd && 19 | sleep 3 && 20 | swapoff $ROOTFS/swap && 21 | rm $ROOTFS/swap && 22 | while (! rm -fr $ROOTFS/tmp/ > /dev/null ); do sleep 2; done" \ 23 | "$TMP/provisioning.log" 24 | fi 25 | 26 | umount $BOOTFS && 27 | umount $ROOTFS && 28 | if [[ $param_diskencrypt == 'true' ]]; then 29 | cryptsetup luksClose root 2>&1 | tee -a /dev/console 30 | fi 31 | 32 | if [[ $param_release == 'prod' ]]; then 33 | poweroff 34 | else 35 | reboot 36 | fi 37 | -------------------------------------------------------------------------------- /licenses/intel.license: -------------------------------------------------------------------------------- 1 | Copyright © 2019, Intel Corporation All rights reserved. 2 | 3 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 4 | Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 5 | Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 6 | Neither the name of the Intel Corporation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. 7 | 8 | THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 9 | -------------------------------------------------------------------------------- /licenses/bsd.license: -------------------------------------------------------------------------------- 1 | Copyright © 2019, Intel Corporation 2 | 3 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 4 | 5 | 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 6 | 7 | 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 8 | 9 | 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. 10 | 11 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 12 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # PROJECT NOT UNDER ACTIVE MANAGEMENT # 2 | This project will no longer be maintained by Intel. 3 | Intel has ceased development and contributions including, but not limited to, maintenance, bug fixes, new releases, or updates, to this project. 4 | Intel no longer accepts patches to this project. 5 | If you have an ongoing need to use this project, are interested in independently developing it, or would like to maintain patches for the open source software community, please create your own fork of this project. 6 | 7 | # Ubuntu OS Base Profile "master" branch 8 | 9 | 10 | 11 | Intended to be used with [Edge Software Provisioner](https://github.com/intel/Edge-Software-Provisioner) and this Ubuntu profile repo. 12 | 13 | This master branch of this repo is the "base" of the branches listed. For example, the "desktop" and "slim" branches use the "master" branch as the base of the OS installation. When creating a new profile, clone an existing branch such as the "slim" branch and the ingredients you want installed to your profile. Documentation on how to use each profile can be found in the README of each profile branch. For example: Ubuntu OS Desktop Profile project [documentation](https://github.com/intel/rni-profile-base-ubuntu/blob/desktop/README.md) in order to deploy Ubuntu. 14 | 15 | The "legacy" branch is the old original monolithic profile that included the base and the ingredients. 16 | 17 | ## Kernel Paramaters used at build time 18 | 19 | The following kernel parameters can be added to `conf/config.yml` 20 | 21 | * `bootstrap` - RESERVED, do not change 22 | * `ubuntuversion` - Use the Ubuntu release name. Defaults to 'cosmic' release 23 | * `debug` - [TRUE | FALSE] Enables a more verbose output 24 | * `httppath` - RESERVED, do not change 25 | * `kernparam` - Used to pass additional kernel parameters to the targeted system. Example format: kernparam=splash:quiet#enable_gvt:1 26 | * `parttype` - RESERVED, do not change 27 | * `password` - Initial user password. Defaults to 'password' 28 | * `proxy` - Add proxy settings if behind proxy during installation. Example: http://proxy-us.intel.com:912 29 | * `proxysocks` - Add socks proxy settings if behind proxy during installation. Example: http://proxy-us.intel.com:1080 30 | * `release` - [prod | dev] If set to prod the system will shutdown after it is provisioned. Altnerativily it will reboot. 31 | * `token` - GitHub token for private repositories, if this profile is in a private respository this token should have access to this repo 32 | * `username` - Initial user name. Defaults to 'sys-admin' 33 | * `docker_login_user` - Add user name of docker hub login if user wants to login to docker hub repository service during provisioning. 34 | * `docker_login_pass` - Add password of docker hub login if user wants to login to docker hub repository service during provisioning. 35 | * `network` - Add password of docker hub login if user wants to login to docker hub repository service during provisioning. 36 | * `wpassid` - uOS WPA SSID if no ethernet is found 37 | * `wpapsk` - uOS WPA Pre-Shared Key if no ethernet is found 38 | * `wifissid` - Target system WiFi SSID 39 | * `wifipsk` - Target system WiFi Pre-Shared Key 40 | * `network` - By default this installs a basic network if omitted. Valid options are `bridged` which enables a bonded bridged networks accross all network devices or `network-manager` which gives management to the Network Manager utility. 41 | 42 | ## Target Device Prerequisites 43 | 44 | * x86 Bare Metal or x86 Virtual Machine 45 | * At Least 5 GB of Disk Space 46 | * Supports the following drive types: 47 | * SDD 48 | * NVME 49 | * MMC 50 | * 4 GB of RAM 51 | 52 | ## Known Limitations 53 | 54 | * Currently does not support full disk encryption 55 | * Currently does not install Secure Boot features 56 | * Currently the "master" (the base profile), is intended to be used along with the other branch profiles.\ 57 | * Only partitions 1 drive in the target device. It can be made partition as many drives as you want. Clone the "master" branch, edit file "pre.sh", got to the section "Detect HDD" and modify to your hardware specific situation. 58 | * All LAN adapters on the system will be configured for DHCP by default. Use `network` kernel parameter to change to a bonded bridged network with `network=bridged` or use NetworkManager using `network=networkmanager`. 59 | -------------------------------------------------------------------------------- /pre.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright (C) 2019 Intel Corporation 4 | # SPDX-License-Identifier: BSD-3-Clause 5 | 6 | set -a 7 | 8 | #this is provided while using Utility OS 9 | source /opt/bootstrap/functions 10 | 11 | # --- Ubuntu Packages --- 12 | ubuntu_packages="net-tools" 13 | ubuntu_tasksel="" # standard 14 | 15 | ntpd -d -N -q -n -p us.pool.ntp.org 16 | 17 | PROVISION_LOG="/tmp/provisioning.log" 18 | run "Begin provisioning process..." \ 19 | "while (! docker ps > /dev/null ); do sleep 0.5; done" \ 20 | ${PROVISION_LOG} 21 | 22 | PROVISIONER=$1 23 | 24 | # --- Get kernel parameters --- 25 | kernel_params=$(cat /proc/cmdline) 26 | 27 | if [[ $kernel_params == *" noproxy="* ]]; then 28 | tmp="${kernel_params##* noproxy=}" 29 | export param_noproxy="${tmp%% *}" 30 | export no_proxy="${param_noproxy},${PROVISIONER}" 31 | export NO_PROXY="${param_noproxy},${PROVISIONER}" 32 | fi 33 | 34 | if [ $( nc -vz -w 2 ${PROVISIONER} 3128; echo $?; ) -eq 0 ] && [ $( nc -vz -w 2 ${PROVISIONER} 4128; echo $?; ) -eq 0 ]; then 35 | PROXY_DOCKER_BIND="-v /tmp/ssl:/etc/ssl/ -v /usr/local/share/ca-certificates/EB.pem:/usr/local/share/ca-certificates/EB.crt" 36 | export http_proxy=http://${PROVISIONER}:3128/ 37 | export https_proxy=http://${PROVISIONER}:4128/ 38 | export no_proxy="localhost,127.0.0.1,${PROVISIONER}" 39 | export HTTP_PROXY=http://${PROVISIONER}:3128/ 40 | export HTTPS_PROXY=http://${PROVISIONER}:4128/ 41 | export NO_PROXY="localhost,127.0.0.1,${PROVISIONER}" 42 | export DOCKER_PROXY_ENV="--env http_proxy='${http_proxy}' --env https_proxy='${https_proxy}' --env no_proxy='${no_proxy}' --env HTTP_PROXY='${HTTP_PROXY}' --env HTTPS_PROXY='${HTTPS_PROXY}' --env NO_PROXY='${NO_PROXY}' ${PROXY_DOCKER_BIND}" 43 | export INLINE_PROXY="export http_proxy='${http_proxy}'; export https_proxy='${https_proxy}'; export no_proxy='${no_proxy}'; export HTTP_PROXY='${HTTP_PROXY}'; export HTTPS_PROXY='${HTTPS_PROXY}'; export NO_PROXY='${NO_PROXY}'; if [ ! -f /usr/local/share/ca-certificates/EB.crt ]; then if (! which wget > /dev/null ); then apt update && apt -y install wget; fi; wget -O - http://${PROVISIONER}/squid-cert/CA.pem > /usr/local/share/ca-certificates/EB.crt && update-ca-certificates; fi;" 44 | wget -O - http://${PROVISIONER}/squid-cert/CA.pem > /usr/local/share/ca-certificates/EB.pem 45 | update-ca-certificates 46 | elif [ $( nc -vz -w 2 ${PROVISIONER} 3128; echo $?; ) -eq 0 ]; then 47 | export http_proxy=http://${PROVISIONER}:3128/ 48 | export https_proxy=http://${PROVISIONER}:3128/ 49 | export no_proxy="localhost,127.0.0.1,${PROVISIONER}" 50 | export HTTP_PROXY=http://${PROVISIONER}:3128/ 51 | export HTTPS_PROXY=http://${PROVISIONER}:3128/ 52 | export NO_PROXY="localhost,127.0.0.1,${PROVISIONER}" 53 | export DOCKER_PROXY_ENV="--env http_proxy='${http_proxy}' --env https_proxy='${https_proxy}' --env no_proxy='${no_proxy}' --env HTTP_PROXY='${HTTP_PROXY}' --env HTTPS_PROXY='${HTTPS_PROXY}' --env NO_PROXY='${NO_PROXY}'" 54 | export INLINE_PROXY="export http_proxy='${http_proxy}'; export https_proxy='${https_proxy}'; export no_proxy='${no_proxy}'; export HTTP_PROXY='${HTTP_PROXY}'; export HTTPS_PROXY='${HTTPS_PROXY}'; export NO_PROXY='${NO_PROXY}';" 55 | elif [[ $kernel_params == *" proxy="* ]]; then 56 | tmp="${kernel_params##* proxy=}" 57 | export param_proxy="${tmp%% *}" 58 | export http_proxy=${param_proxy} 59 | export https_proxy=${param_proxy} 60 | export HTTP_PROXY=${param_proxy} 61 | export HTTPS_PROXY=${param_proxy} 62 | export DOCKER_PROXY_ENV="--env http_proxy='${http_proxy}' --env https_proxy='${https_proxy}' --env no_proxy='${no_proxy}' --env HTTP_PROXY='${HTTP_PROXY}' --env HTTPS_PROXY='${HTTPS_PROXY}' --env NO_PROXY='${NO_PROXY}'" 63 | export INLINE_PROXY="export http_proxy='${http_proxy}'; export https_proxy='${https_proxy}'; export no_proxy='${no_proxy}'; export HTTP_PROXY='${HTTP_PROXY}'; export HTTPS_PROXY='${HTTPS_PROXY}'; export NO_PROXY='${NO_PROXY}';" 64 | fi 65 | 66 | if [[ $kernel_params == *"proxysocks="* ]]; then 67 | tmp="${kernel_params##*proxysocks=}" 68 | param_proxysocks="${tmp%% *}" 69 | 70 | export FTP_PROXY=${param_proxysocks} 71 | 72 | tmp_socks=$(echo ${param_proxysocks} | sed "s#http://##g" | sed "s#https://##g" | sed "s#/##g") 73 | export SSH_PROXY_CMD="-o ProxyCommand='nc -x ${tmp_socks} %h %p'" 74 | fi 75 | 76 | if [[ $kernel_params == *"wifissid="* ]]; then 77 | tmp="${kernel_params##*wifissid=}" 78 | export param_wifissid="${tmp%% *}" 79 | elif [ ! -z "${SSID}" ]; then 80 | export param_wifissid="${SSID}" 81 | fi 82 | 83 | if [[ $kernel_params == *"wifipsk="* ]]; then 84 | tmp="${kernel_params##*wifipsk=}" 85 | export param_wifipsk="${tmp%% *}" 86 | elif [ ! -z "${PSK}" ]; then 87 | export param_wifipsk="${PSK}" 88 | fi 89 | 90 | if [[ $kernel_params == *"network="* ]]; then 91 | tmp="${kernel_params##*network=}" 92 | export param_network="${tmp%% *}" 93 | fi 94 | 95 | if [[ $kernel_params == *"httppath="* ]]; then 96 | tmp="${kernel_params##*httppath=}" 97 | export param_httppath="${tmp%% *}" 98 | fi 99 | 100 | if [[ $kernel_params == *"parttype="* ]]; then 101 | tmp="${kernel_params##*parttype=}" 102 | export param_parttype="${tmp%% *}" 103 | elif [ -d /sys/firmware/efi ]; then 104 | export param_parttype="efi" 105 | else 106 | export param_parttype="msdos" 107 | fi 108 | 109 | if [[ $kernel_params == *"bootstrap="* ]]; then 110 | tmp="${kernel_params##*bootstrap=}" 111 | export param_bootstrap="${tmp%% *}" 112 | export param_bootstrapurl=$(echo $param_bootstrap | sed "s#/$(basename $param_bootstrap)\$##g") 113 | fi 114 | 115 | if [[ $kernel_params == *"basebranch="* ]]; then 116 | tmp="${kernel_params##*basebranch=}" 117 | export param_basebranch="${tmp%% *}" 118 | fi 119 | 120 | if [[ $kernel_params == *"token="* ]]; then 121 | tmp="${kernel_params##*token=}" 122 | export param_token="${tmp%% *}" 123 | fi 124 | 125 | if [[ $kernel_params == *"agent="* ]]; then 126 | tmp="${kernel_params##*agent=}" 127 | export param_agent="${tmp%% *}" 128 | else 129 | export param_agent="master" 130 | fi 131 | 132 | if [[ $kernel_params == *"ubuntuversion="* ]]; then 133 | tmp="${kernel_params##*ubuntuversion=}" 134 | export param_ubuntuversion="${tmp%% *}" 135 | else 136 | export param_ubuntuversion="cosmic" 137 | fi 138 | 139 | # The following is bandaid for Disco Dingo 140 | if [ $param_ubuntuversion = "disco" ]; then 141 | export DOCKER_UBUNTU_RELEASE="cosmic" 142 | else 143 | export DOCKER_UBUNTU_RELEASE=$param_ubuntuversion 144 | fi 145 | 146 | if [[ $kernel_params == *"arch="* ]]; then 147 | tmp="${kernel_params##*arch=}" 148 | export param_arch="${tmp%% *}" 149 | else 150 | export param_arch="amd64" 151 | fi 152 | 153 | if [[ $kernel_params == *"kernelversion="* ]]; then 154 | tmp="${kernel_params##*kernelversion=}" 155 | export param_kernelversion="${tmp%% *}" 156 | else 157 | export param_kernelversion="linux-image-generic" 158 | fi 159 | 160 | if [[ $kernel_params == *"insecurereg="* ]]; then 161 | tmp="${kernel_params##*insecurereg=}" 162 | export param_insecurereg="${tmp%% *}" 163 | fi 164 | 165 | if [[ $kernel_params == *"username="* ]]; then 166 | tmp="${kernel_params##*username=}" 167 | export param_username="${tmp%% *}" 168 | else 169 | export param_username="sys-admin" 170 | fi 171 | 172 | if [[ $kernel_params == *"epassword="* ]]; then 173 | tmp="${kernel_params##*epassword=}" 174 | temp_param_epassword="${tmp%% *}" 175 | export param_epassword=$(echo ${temp_param_epassword} | sed 's/\$/\\\\\\$/g') 176 | elif [[ $kernel_params == *"password="* ]]; then 177 | tmp="${kernel_params##*password=}" 178 | export param_password="${tmp%% *}" 179 | else 180 | export param_password="password" 181 | fi 182 | 183 | if [[ $kernel_params == *"debug="* ]]; then 184 | tmp="${kernel_params##*debug=}" 185 | export param_debug="${tmp%% *}" 186 | export debug="${tmp%% *}" 187 | fi 188 | 189 | if [[ $kernel_params == *"resume="* ]]; then 190 | tmp="${kernel_params##*resume=}" 191 | export param_resume="${tmp%% *}" 192 | 193 | if [ ${param_resume,,} == "true" ]; then 194 | echo "export RESUME_PROFILE=1" > .bash_env 195 | echo "export RESUME_PROFILE_RUN=("Configuring Image Database")" >> .bash_env 196 | export BASH_ENV=.bash_env 197 | . .bash_env 198 | fi 199 | fi 200 | 201 | if [[ $kernel_params == *"release="* ]]; then 202 | tmp="${kernel_params##*release=}" 203 | export param_release="${tmp%% *}" 204 | else 205 | export param_release='dev' 206 | fi 207 | 208 | if [[ $kernel_params == *"docker_login_user="* ]]; then 209 | tmp="${kernel_params##*docker_login_user=}" 210 | export param_docker_login_user="${tmp%% *}" 211 | fi 212 | 213 | if [[ $kernel_params == *"docker_login_pass="* ]]; then 214 | tmp="${kernel_params##*docker_login_pass=}" 215 | export param_docker_login_pass="${tmp%% *}" 216 | fi 217 | 218 | if [[ $kernel_params == *"kernparam="* ]]; then 219 | tmp="${kernel_params##*kernparam=}" 220 | temp_param_kernparam="${tmp%% *}" 221 | export param_kernparam=$(echo ${temp_param_kernparam} | sed 's/#/ /g' | sed 's/:/=/g') 222 | fi 223 | 224 | # if [[ $param_release == 'prod' ]] && ; then 225 | # export param_kernparam="$param_kernparam" # ipv6.disable=1 226 | # fi 227 | 228 | MIRROR_STATUS=$(wget --method=HEAD http://${PROVISIONER}${param_httppath}/distro/ 2>&1 | grep "404 Not Found") 229 | if [[ $kernel_params == *"mirror="* ]]; then 230 | tmp="${kernel_params##*mirror=}" 231 | export param_mirror="${tmp%% *}" 232 | elif wget -q --method=HEAD http://${PROVISIONER}${param_httppath}/build/dists/${param_ubuntuversion}/InRelease; then 233 | export param_mirror="http://${PROVISIONER}${param_httppath}/build" 234 | elif wget -q --method=HEAD http://${PROVISIONER}${param_httppath}/distro/dists/${param_ubuntuversion}/InRelease; then 235 | export param_mirror="http://${PROVISIONER}${param_httppath}/distro" 236 | fi 237 | if [ ! -z "${param_mirror}" ]; then 238 | export PKG_REPO_LIST="" 239 | if wget -q --method=HEAD ${param_mirror}/dists/${param_ubuntuversion}/main/binary-${param_arch}/Release; then 240 | export PKG_REPO_LIST="${PKG_REPO_LIST} main" 241 | fi 242 | if wget -q --method=HEAD ${param_mirror}/dists/${param_ubuntuversion}/restricted/binary-${param_arch}/Release; then 243 | export PKG_REPO_LIST="${PKG_REPO_LIST} restricted" 244 | fi 245 | if wget -q --method=HEAD ${param_mirror}/dists/${param_ubuntuversion}/universe/binary-${param_arch}/Release; then 246 | export PKG_REPO_LIST="${PKG_REPO_LIST} universe" 247 | fi 248 | if wget -q --method=HEAD ${param_mirror}/dists/${param_ubuntuversion}/multiverse/binary-${param_arch}/Release; then 249 | export PKG_REPO_LIST="${PKG_REPO_LIST} multiverse" 250 | fi 251 | export PKG_REPO_SEC_LIST="" 252 | if wget -q --method=HEAD ${param_mirror}/dists/${param_ubuntuversion}-security/main/binary-${param_arch}/Release; then 253 | export PKG_REPO_SEC_LIST="${PKG_REPO_SEC_LIST} main" 254 | fi 255 | if wget -q --method=HEAD ${param_mirror}/dists/${param_ubuntuversion}-security/restricted/binary-${param_arch}/Release; then 256 | export PKG_REPO_SEC_LIST="${PKG_REPO_SEC_LIST} restricted" 257 | fi 258 | if wget -q --method=HEAD ${param_mirror}/dists/${param_ubuntuversion}-security/universe/binary-${param_arch}/Release; then 259 | export PKG_REPO_SEC_LIST="${PKG_REPO_SEC_LIST} universe" 260 | fi 261 | if wget -q --method=HEAD ${param_mirror}/dists/${param_ubuntuversion}-security/multiverse/binary-${param_arch}/Release; then 262 | export PKG_REPO_SEC_LIST="${PKG_REPO_SEC_LIST} multiverse" 263 | fi 264 | fi 265 | 266 | # --- Get free memory 267 | export freemem=$(grep MemTotal /proc/meminfo | awk '{print $2}') 268 | 269 | # --- Detect HDD --- 270 | if [ -d /sys/block/nvme[0-9]n[0-9] ]; then 271 | export DRIVE=$(echo /dev/`ls -l /sys/block/nvme* | grep -v usb | head -n1 | sed 's/^.*\(nvme[a-z0-1]\+\).*$/\1/'`); 272 | export BOOT_PARTITION=${DRIVE}p1 273 | export SWAP_PARTITION=${DRIVE}p2 274 | export ROOT_PARTITION=${DRIVE}p3 275 | elif [ -d /sys/block/[vsh]da ]; then 276 | export DRIVE=$(echo /dev/`ls -l /sys/block/[vsh]da | grep -v usb | head -n1 | sed 's/^.*\([vsh]d[a-z]\+\).*$/\1/'`); 277 | export BOOT_PARTITION=${DRIVE}1 278 | export SWAP_PARTITION=${DRIVE}2 279 | export ROOT_PARTITION=${DRIVE}3 280 | elif [ -d /sys/block/mmcblk[0-9] ]; then 281 | export DRIVE=$(echo /dev/`ls -l /sys/block/mmcblk[0-9] | grep -v usb | head -n1 | sed 's/^.*\(mmcblk[0-9]\+\).*$/\1/'`); 282 | export BOOT_PARTITION=${DRIVE}p1 283 | export SWAP_PARTITION=${DRIVE}p2 284 | export ROOT_PARTITION=${DRIVE}p3 285 | else 286 | echo "No supported drives found!" 2>&1 | tee -a /dev/console 287 | sleep 300 288 | reboot 289 | fi 290 | 291 | export BOOTFS=/target/boot 292 | export ROOTFS=/target/root 293 | mkdir -p $BOOTFS 294 | mkdir -p $ROOTFS 295 | 296 | echo "" 2>&1 | tee -a /dev/console 297 | echo "" 2>&1 | tee -a /dev/console 298 | echo "Installing on ${DRIVE}" 2>&1 | tee -a /dev/console 299 | echo "" 2>&1 | tee -a /dev/console 300 | echo "" 2>&1 | tee -a /dev/console 301 | 302 | # --- Partition HDD --- 303 | run "Partitioning drive ${DRIVE}" \ 304 | "if [[ $param_parttype == 'efi' ]]; then 305 | parted --script ${DRIVE} \ 306 | mklabel gpt \ 307 | mkpart ESP fat32 1MiB 551MiB \ 308 | set 1 esp on \ 309 | mkpart primary linux-swap 551MiB 1575MiB \ 310 | mkpart primary 1575MiB 100%; 311 | else 312 | parted --script ${DRIVE} \ 313 | mklabel msdos \ 314 | mkpart primary ext4 1MiB 551MiB \ 315 | set 1 boot on \ 316 | mkpart primary linux-swap 551MiB 1575MiB \ 317 | mkpart primary 1575MiB 100%; 318 | fi" \ 319 | ${PROVISION_LOG} 320 | 321 | # --- Create file systems --- 322 | if [[ $param_parttype == 'efi' ]]; then 323 | run "Creating boot partition on drive ${DRIVE}" \ 324 | "mkfs -t vfat -n BOOT ${BOOT_PARTITION} && \ 325 | mkdir -p $BOOTFS && \ 326 | mount ${BOOT_PARTITION} $BOOTFS" \ 327 | ${PROVISION_LOG} 328 | else 329 | run "Creating boot partition on drive ${DRIVE}" \ 330 | "mkfs -t ext4 -L BOOT -F ${BOOT_PARTITION} && \ 331 | e2label ${BOOT_PARTITION} BOOT && \ 332 | mkdir -p $BOOTFS && \ 333 | mount ${BOOT_PARTITION} $BOOTFS" \ 334 | ${PROVISION_LOG} 335 | fi 336 | 337 | # --- Create ROOT file system --- 338 | run "Creating root file system" \ 339 | "mkfs -t ext4 ${ROOT_PARTITION} && \ 340 | mount ${ROOT_PARTITION} $ROOTFS && \ 341 | e2label ${ROOT_PARTITION} STATE_PARTITION" \ 342 | ${PROVISION_LOG} 343 | 344 | run "Creating swap file system" \ 345 | "mkswap ${SWAP_PARTITION}" \ 346 | ${PROVISION_LOG} 347 | 348 | # --- check if we need to add memory --- 349 | if [ $freemem -lt 6291456 ]; then 350 | fallocate -l 2G $ROOTFS/swap 351 | chmod 600 $ROOTFS/swap 352 | mkswap $ROOTFS/swap 353 | swapon $ROOTFS/swap 354 | fi 355 | 356 | # --- check if we need to move tmp folder --- 357 | if [ $freemem -lt 2097152 ]; then 358 | mkdir -p $ROOTFS/tmp 359 | export TMP=$ROOTFS/tmp 360 | else 361 | export TMP=/tmp 362 | fi 363 | export PROVISION_LOG="$TMP/provisioning.log" 364 | 365 | if [ $(wget http://${PROVISIONER}:5557/v2/_catalog -O-) ] 2>/dev/null; then 366 | export REGISTRY_MIRROR="--registry-mirror=http://${PROVISIONER}:5557" 367 | elif [ $(wget http://${PROVISIONER}:5000/v2/_catalog -O-) ] 2>/dev/null; then 368 | export REGISTRY_MIRROR="--registry-mirror=http://${PROVISIONER}:5000" 369 | fi 370 | 371 | # -- Configure Image database --- 372 | # DockerD does not support overlay fs on tmpfs. VFS storage drive is used which is not efficient. Require lots of ram in order to run in memory 373 | if [ $freemem -lt 16777216 ]; then 374 | run "Configuring Image Database" \ 375 | "mkdir -p $ROOTFS/tmp/docker && \ 376 | chmod 777 $ROOTFS/tmp && \ 377 | killall dockerd && \ 378 | while (ls /var/run/docker.pid > /dev/null 2>&1 ); do sleep 0.5; done && \ 379 | /usr/local/bin/dockerd ${REGISTRY_MIRROR} --data-root=$ROOTFS/tmp/docker >> ${TMP}/docker.log 2>&1 &" \ 380 | "$TMP/provisioning.log" 381 | 382 | while (! docker ps > /dev/null ); do sleep 0.5; echo "Waiting for Docker to start" >> ${PROVISION_LOG}; done; sleep 3 383 | fi 384 | 385 | 386 | if [ ! -z "${param_docker_login_user}" ] && [ ! -z "${param_docker_login_pass}" ]; then 387 | run "Log in to a Docker registry" \ 388 | "docker login -u ${param_docker_login_user} -p ${param_docker_login_pass}" \ 389 | "$TMP/provisioning.log" 390 | fi 391 | 392 | # --- Begin Ubuntu Install Process --- 393 | run "Preparing Ubuntu ${param_ubuntuversion} installer" \ 394 | "docker pull ubuntu:${param_ubuntuversion}" \ 395 | "$TMP/provisioning.log" 396 | 397 | 398 | rootfs_partuuid=$(lsblk -no UUID ${ROOT_PARTITION}) 399 | bootfs_partuuid=$(lsblk -no UUID ${BOOT_PARTITION}) 400 | swapfs_partuuid=$(lsblk -no UUID ${SWAP_PARTITION}) 401 | 402 | # Need for Ubuntu Jammy release and later 403 | chmod 666 /dev/null 404 | 405 | if [[ $param_parttype == 'efi' ]]; then 406 | run "Installing Ubuntu ${param_ubuntuversion} (~10 min)" \ 407 | "docker run -i --rm --privileged --name ubuntu-installer ${DOCKER_PROXY_ENV} -v $ROOTFS:/target/root ubuntu:${param_ubuntuversion} sh -c \ 408 | 'if [ \"${PKG_REPO_SEC_LIST}\" != \"\" ]; then echo \"deb ${param_mirror} ${param_ubuntuversion}-security ${PKG_REPO_SEC_LIST}\" | cat - /etc/apt/sources.list > /tmp/out && mv /tmp/out /etc/apt/sources.list; fi && \ 409 | if [ \"${PKG_REPO_LIST}\" != \"\" ]; then echo \"deb ${param_mirror} ${param_ubuntuversion} ${PKG_REPO_LIST}\" | cat - /etc/apt/sources.list > /tmp/out && mv /tmp/out /etc/apt/sources.list; fi && \ 410 | apt update && \ 411 | apt install -y debootstrap && \ 412 | debootstrap --arch ${param_arch} ${param_ubuntuversion} /target/root ${param_mirror} && \ 413 | if [ -z ${param_mirror} ]; then cp /etc/apt/sources.list /target/root/etc/apt/sources.list; fi && \ 414 | if [ \"${PKG_REPO_SEC_LIST}\" != \"\" ]; then echo \"deb ${param_mirror} ${param_ubuntuversion}-security ${PKG_REPO_SEC_LIST}\" | cat - /target/root/etc/apt/sources.list > /tmp/out && mv /tmp/out /etc/apt/sources.list; fi && \ 415 | if [ \"${PKG_REPO_LIST}\" != \"\" ]; then echo \"deb ${param_mirror} ${param_ubuntuversion} ${PKG_REPO_LIST}\" | cat - /target/root/etc/apt/sources.list > /tmp/out && mv /tmp/out /etc/apt/sources.list; fi && \ 416 | mount --bind dev /target/root/dev && \ 417 | mount -t proc proc /target/root/proc && \ 418 | mount -t sysfs sysfs /target/root/sys && \ 419 | LANG=C.UTF-8 chroot /target/root sh -c \ 420 | \"$(echo ${INLINE_PROXY} | sed "s#'#\\\\\"#g") export TERM=xterm-color && \ 421 | export DEBIAN_FRONTEND=noninteractive && \ 422 | chmod a+rw /dev/null /dev/zero && \ 423 | mkdir -p /boot/efi && \ 424 | mount ${BOOT_PARTITION} /boot/efi && \ 425 | apt update && \ 426 | apt install -y wget ${param_kernelversion} && \ 427 | apt install -y grub-efi shim && \ 428 | \\\$(grub-install ${BOOT_PARTITION} --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=ubuntu --no-nvram; exit 0) && \ 429 | update-grub && \ 430 | adduser --quiet --disabled-password --shell /bin/bash --gecos \\\"\\\" ${param_username} && \ 431 | addgroup --system admin && \ 432 | if [ ! -z ${param_epassword} ]; then echo \\\"${param_username}:${param_epassword}\\\" | chpasswd -e; \ 433 | else echo \\\"${param_username}:${param_password}\\\" | chpasswd; fi && \ 434 | usermod -a -G admin ${param_username} && \ 435 | if [ \\\"${ubuntu_tasksel}\\\" != "" ]; then \ 436 | apt install -y tasksel && \ 437 | tasksel install ${ubuntu_tasksel}; \ 438 | fi && \ 439 | if [ \\\"${ubuntu_packages}\\\" != "" ]; then apt install -y ${ubuntu_packages}; fi && \ 440 | apt clean\"' && \ 441 | wget --header \"Authorization: token ${param_token}\" -O - ${param_basebranch}/files/etc/fstab | sed -e \"s#ROOT#UUID=${rootfs_partuuid}#g\" | sed -e \"s#BOOT#UUID=${bootfs_partuuid} /boot/efi vfat umask=0077 0 1#g\" | sed -e \"s#SWAP#UUID=${swapfs_partuuid}#g\" > $ROOTFS/etc/fstab" \ 442 | "$TMP/provisioning.log" 443 | 444 | EFI_BOOT_NAME="Ubuntu OS" 445 | run "EFI Boot Manager" \ 446 | "efibootmgr -c -d ${DRIVE} -p 1 -L \"${EFI_BOOT_NAME}\" -l '\\EFI\\ubuntu\\grubx64.efi'" \ 447 | "$TMP/provisioning.log" 448 | 449 | export MOUNT_DURING_INSTALL="chmod a+rw /dev/null /dev/zero && mount ${BOOT_PARTITION} /boot/efi" 450 | else 451 | run "Installing Ubuntu ${param_ubuntuversion} (~10 min)" \ 452 | "docker run -i --rm --privileged --name ubuntu-installer ${DOCKER_PROXY_ENV} -v $ROOTFS:/target/root ubuntu:${param_ubuntuversion} sh -c \ 453 | 'if [ \"${PKG_REPO_SEC_LIST}\" != \"\" ]; then echo \"deb ${param_mirror} ${param_ubuntuversion}-security ${PKG_REPO_SEC_LIST}\" | cat - /etc/apt/sources.list > /tmp/out && mv /tmp/out /etc/apt/sources.list; fi && \ 454 | if [ \"${PKG_REPO_LIST}\" != \"\" ]; then echo \"deb ${param_mirror} ${param_ubuntuversion} ${PKG_REPO_LIST}\" | cat - /etc/apt/sources.list > /tmp/out && mv /tmp/out /etc/apt/sources.list; fi && \ 455 | apt update && \ 456 | apt install -y debootstrap && \ 457 | debootstrap --arch ${param_arch} ${param_ubuntuversion} /target/root ${param_mirror} && \ 458 | if [ -z ${param_mirror} ]; then cp /etc/apt/sources.list /target/root/etc/apt/sources.list; fi && \ 459 | if [ \"${PKG_REPO_SEC_LIST}\" != \"\" ]; then echo \"deb ${param_mirror} ${param_ubuntuversion}-security ${PKG_REPO_SEC_LIST}\" | cat - /target/root/etc/apt/sources.list > /tmp/out && mv /tmp/out /etc/apt/sources.list; fi && \ 460 | if [ \"${PKG_REPO_LIST}\" != \"\" ]; then echo \"deb ${param_mirror} ${param_ubuntuversion} ${PKG_REPO_LIST}\" | cat - /target/root/etc/apt/sources.list > /tmp/out && mv /tmp/out /etc/apt/sources.list; fi && \ 461 | mount --bind dev /target/root/dev && \ 462 | mount -t proc proc /target/root/proc && \ 463 | mount -t sysfs sysfs /target/root/sys && \ 464 | LANG=C.UTF-8 chroot /target/root sh -c \ 465 | \"$(echo ${INLINE_PROXY} | sed "s#'#\\\\\"#g") export TERM=xterm-color && \ 466 | export DEBIAN_FRONTEND=noninteractive && \ 467 | chmod a+rw /dev/null /dev/zero && \ 468 | mount ${BOOT_PARTITION} /boot && \ 469 | apt update && \ 470 | apt install -y wget ${param_kernelversion} && \ 471 | apt install -y grub-pc && \ 472 | grub-install ${DRIVE} && \ 473 | adduser --quiet --disabled-password --shell /bin/bash --gecos \\\"\\\" ${param_username} && \ 474 | addgroup --system admin && \ 475 | if [ ! -z ${param_epassword} ]; then echo \\\"${param_username}:${param_epassword}\\\" | chpasswd -e; \ 476 | else echo \\\"${param_username}:${param_password}\\\" | chpasswd; fi && \ 477 | usermod -a -G admin ${param_username} && \ 478 | if [ \\\"${ubuntu_tasksel}\\\" != "" ]; then \ 479 | apt install -y tasksel && \ 480 | tasksel install ${ubuntu_tasksel}; \ 481 | fi && \ 482 | if [ \\\"${ubuntu_packages}\\\" != "" ]; then apt install -y ${ubuntu_packages}; fi && \ 483 | apt clean\"' && \ 484 | wget --header \"Authorization: token ${param_token}\" -O - ${param_basebranch}/files/etc/fstab | sed -e \"s#ROOT#UUID=${rootfs_partuuid}#g\" | sed -e \"s#BOOT#UUID=${bootfs_partuuid} /boot ext4 defaults 0 2#g\" | sed -e \"s#SWAP#UUID=${swapfs_partuuid}#g\" > $ROOTFS/etc/fstab" \ 485 | "$TMP/provisioning.log" 486 | 487 | export MOUNT_DURING_INSTALL="chmod a+rw /dev/null /dev/zero && mount ${BOOT_PARTITION} /boot" 488 | fi 489 | 490 | # --- Enabling Ubuntu boostrap items --- 491 | HOSTNAME="ubuntu-$(tr $ROOTFS/etc/hosts && \ 497 | mkdir -p $ROOTFS/etc/systemd/network/ && \ 498 | wget --header \"Authorization: token ${param_token}\" -O - ${param_basebranch}/files/etc/systemd/network/wired.network > $ROOTFS/etc/systemd/network/wired.network && \ 499 | sed -i 's#^GRUB_CMDLINE_LINUX_DEFAULT=\"quiet splash\"#GRUB_CMDLINE_LINUX_DEFAULT=\"kvmgt vfio-iommu-type1 vfio-mdev i915.enable_gvt=1 kvm.ignore_msrs=1 intel_iommu=on drm.debug=0\"#' $ROOTFS/etc/default/grub && \ 500 | echo \"${HOSTNAME}\" > $ROOTFS/etc/hostname && \ 501 | echo \"LANG=en_US.UTF-8\" >> $ROOTFS/etc/default/locale && \ 502 | docker run -i --rm --privileged --name ubuntu-installer ${DOCKER_PROXY_ENV} -v $ROOTFS:/target/root ubuntu:${param_ubuntuversion} sh -c \ 503 | 'mount --bind dev /target/root/dev && \ 504 | mount -t proc proc /target/root/proc && \ 505 | mount -t sysfs sysfs /target/root/sys && \ 506 | LANG=C.UTF-8 chroot /target/root sh -c \ 507 | \"$(echo ${INLINE_PROXY} | sed "s#'#\\\\\"#g") export TERM=xterm-color && \ 508 | export DEBIAN_FRONTEND=noninteractive && \ 509 | ${MOUNT_DURING_INSTALL} && \ 510 | apt purge -y netplan.io && \ 511 | rm -rf /etc/netplan && \ 512 | systemctl enable systemd-networkd && \ 513 | update-grub && \ 514 | locale-gen --purge en_US.UTF-8 && \ 515 | dpkg-reconfigure --frontend=noninteractive locales\"'" \ 516 | "$TMP/provisioning.log" 517 | 518 | if [ "${param_network}" == "bridged" ]; then 519 | run "Installing the bridged network" \ 520 | "mkdir -p $ROOTFS/etc/systemd/network/ && \ 521 | wget --header \"Authorization: token ${param_token}\" -O $ROOTFS/etc/systemd/network/wired.network ${param_basebranch}/files/etc/systemd/network/bridged/wired.network && \ 522 | wget --header \"Authorization: token ${param_token}\" -O $ROOTFS/etc/systemd/network/bond0.netdev ${param_basebranch}/files/etc/systemd/network/bridged/bond0.netdev && \ 523 | wget --header \"Authorization: token ${param_token}\" -O $ROOTFS/etc/systemd/network/bond0.network ${param_basebranch}/files/etc/systemd/network/bridged/bond0.network && \ 524 | wget --header \"Authorization: token ${param_token}\" -O $ROOTFS/etc/systemd/network/br0.netdev ${param_basebranch}/files/etc/systemd/network/bridged/br0.netdev && \ 525 | wget --header \"Authorization: token ${param_token}\" -O $ROOTFS/etc/systemd/network/br0.network ${param_basebranch}/files/etc/systemd/network/bridged/br0.network" \ 526 | "$TMP/provisioning.log" 527 | 528 | elif [ "${param_network}" == "network-manager" ]; then 529 | run "Installing Network Manager Packages on Ubuntu ${param_ubuntuversion}" \ 530 | "docker run -i --rm --privileged --name ubuntu-installer ${DOCKER_PROXY_ENV} -v /dev:/dev -v /sys/:/sys/ -v $ROOTFS:/target/root ubuntu:${param_ubuntuversion} sh -c \ 531 | 'mount --bind dev /target/root/dev && \ 532 | mount -t proc proc /target/root/proc && \ 533 | mount -t sysfs sysfs /target/root/sys && \ 534 | LANG=C.UTF-8 chroot /target/root sh -c \ 535 | \"$(echo ${INLINE_PROXY} | sed "s#'#\\\\\"#g") export TERM=xterm-color && \ 536 | export DEBIAN_FRONTEND=noninteractive && \ 537 | apt install -y network-manager\"'" \ 538 | ${PROVISION_LOG} 539 | fi 540 | 541 | if [ -d "/sys/class/ieee80211" ] && ( find /sys/class/net/wl* > /dev/null 2>&1 ); then 542 | if [ -n "${param_wifissid}" ]; then 543 | WIFI_NAME_ONBOARD=$(udevadm test-builtin net_id /sys/class/net/wl* 2> /dev/null | grep ID_NET_NAME_ONBOARD | awk -F'=' '{print $2}' | head -1) 544 | WIFI_NAME_PATH=$(udevadm test-builtin net_id /sys/class/net/wl* 2> /dev/null | grep ID_NET_NAME_PATH | awk -F'=' '{print $2}' | head -1) 545 | if [ ! -z ${WIFI_NAME_ONBOARD} ]; then 546 | WIFI_NAME=${WIFI_NAME_ONBOARD} 547 | else 548 | WIFI_NAME=${WIFI_NAME_PATH} 549 | fi 550 | if [ "${param_network}" == "bridged" ]; then 551 | run "Installing Wifi on Ubuntu ${param_ubuntuversion}" \ 552 | "wget --header \"Authorization: token ${param_token}\" -O $ROOTFS/etc/systemd/network/wireless.network ${param_basebranch}/files/etc/systemd/network/bridged/wireless.network.template && \ 553 | sed -i -e \"s#@@WIFI_NAME@@#${WIFI_NAME}#g\" $ROOTFS/etc/systemd/network/wireless.network && \ 554 | sed -i -e \"s#@@WPA_SSID@@#${param_wifissid}#g\" $ROOTFS/etc/systemd/network/wireless.network && \ 555 | sed -i -e \"s#@@WPA_PSK@@#${param_wifipsk}#g\" $ROOTFS/etc/systemd/network/wireless.network" \ 556 | ${PROVISION_LOG} 557 | elif [ "${param_network}" == "network-manager" ]; then 558 | run "Installing Wifi on Ubuntu ${param_ubuntuversion}" \ 559 | "docker run -i --rm --privileged --name ubuntu-installer ${DOCKER_PROXY_ENV} -v /dev:/dev -v /sys/:/sys/ -v $ROOTFS:/target/root ubuntu:${param_ubuntuversion} sh -c \ 560 | 'mount --bind dev /target/root/dev && \ 561 | mount -t proc proc /target/root/proc && \ 562 | mount -t sysfs sysfs /target/root/sys && \ 563 | LANG=C.UTF-8 chroot /target/root sh -c \ 564 | \"$(echo ${INLINE_PROXY} | sed "s#'#\\\\\"#g") export TERM=xterm-color && \ 565 | export DEBIAN_FRONTEND=noninteractive && \ 566 | nmcli radio wifi on && \ 567 | nmcli dev wifi connect ${param_wifissid} password '${param_wifipsk}' || true \"'" \ 568 | ${PROVISION_LOG} 569 | else 570 | run "Installing Wifi on Ubuntu ${param_ubuntuversion}" \ 571 | "wget --header \"Authorization: token ${param_token}\" -O $ROOTFS/etc/systemd/network/wireless.network ${param_basebranch}/files/etc/systemd/network/wireless.network.template && \ 572 | sed -i -e \"s#@@WIFI_NAME@@#${WIFI_NAME}#g\" $ROOTFS/etc/systemd/network/wireless.network && \ 573 | sed -i -e \"s#@@WPA_SSID@@#${param_wifissid}#g\" $ROOTFS/etc/systemd/network/wireless.network && \ 574 | sed -i -e \"s#@@WPA_PSK@@#${param_wifipsk}#g\" $ROOTFS/etc/systemd/network/wireless.network" \ 575 | ${PROVISION_LOG} 576 | fi 577 | 578 | run "Installing Wireless Packages on Ubuntu ${param_ubuntuversion}" \ 579 | "docker run -i --rm --privileged --name ubuntu-installer ${DOCKER_PROXY_ENV} -v /dev:/dev -v /sys/:/sys/ -v $ROOTFS:/target/root ubuntu:${param_ubuntuversion} sh -c \ 580 | 'mount --bind dev /target/root/dev && \ 581 | mount -t proc proc /target/root/proc && \ 582 | mount -t sysfs sysfs /target/root/sys && \ 583 | LANG=C.UTF-8 chroot /target/root sh -c \ 584 | \"$(echo ${INLINE_PROXY} | sed "s#'#\\\\\"#g") export TERM=xterm-color && \ 585 | export DEBIAN_FRONTEND=noninteractive && \ 586 | ${MOUNT_DURING_INSTALL} && \ 587 | apt install -y wireless-tools wpasupplicant && \ 588 | mkdir -p /etc/wpa_supplicant && \ 589 | wpa_passphrase ${param_wifissid} '${param_wifipsk}' > /etc/wpa_supplicant/wpa_supplicant-${WIFI_NAME}.conf && \ 590 | systemctl enable wpa_supplicant@${WIFI_NAME}.service\"'" \ 591 | ${PROVISION_LOG} 592 | fi 593 | fi 594 | 595 | run "Enabling Kernel Modules at boot time" \ 596 | "mkdir -p $ROOTFS/etc/modules-load.d/ && \ 597 | echo 'kvmgt' > $ROOTFS/etc/modules-load.d/kvmgt.conf && \ 598 | echo 'vfio-iommu-type1' > $ROOTFS/etc/modules-load.d/vfio.conf && \ 599 | echo 'dm-crypt' > $ROOTFS/etc/modules-load.d/dm-crypt.conf && \ 600 | echo 'fuse' > $ROOTFS/etc/modules-load.d/fuse.conf && \ 601 | echo 'nbd' > $ROOTFS/etc/modules-load.d/nbd.conf && \ 602 | echo 'i915 enable_gvt=1' > $ROOTFS/etc/modules-load.d/i915.conf" \ 603 | "$TMP/provisioning.log" 604 | 605 | if [ -f $ROOTFS/etc/skel/.bashrc ]; then 606 | sed -i 's|#force_color_prompt=yes|force_color_prompt=yes|g' $ROOTFS/etc/skel/.bashrc 607 | fi 608 | if [ -f $ROOTFS/root/.bashrc ]; then 609 | sed -i 's|#force_color_prompt=yes|force_color_prompt=yes|g' $ROOTFS/root/.bashrc 610 | fi 611 | if [ -f $ROOTFS/home/${param_username}/.bashrc ]; then 612 | sed -i 's|#force_color_prompt=yes|force_color_prompt=yes|g' $ROOTFS/home/${param_username}/.bashrc 613 | fi 614 | 615 | if [ ! -z "${param_proxy}" ]; then 616 | run "Enabling Proxy Environment Variables" \ 617 | "echo -e '\ 618 | http_proxy=${param_proxy}\n\ 619 | https_proxy=${param_proxy}\n\ 620 | no_proxy=localhost,127.0.0.1\n\ 621 | HTTP_PROXY=${param_proxy}\n\ 622 | HTTPS_PROXY=${param_proxy}\n\ 623 | NO_PROXY=localhost,127.0.0.1' >> $ROOTFS/etc/environment && \ 624 | mkdir -p $ROOTFS/etc/systemd/system/docker.service.d && \ 625 | echo -e '\ 626 | [Service]\n\ 627 | Environment=\"HTTPS_PROXY=${param_proxy}\" \"HTTP_PROXY=${param_proxy}\" \"NO_PROXY=localhost,127.0.0.1\"' > $ROOTFS/etc/systemd/system/docker.service.d/https-proxy.conf && \ 628 | mkdir -p $ROOTFS/root/ && \ 629 | echo 'source /etc/environment' >> $ROOTFS/root/.bashrc" \ 630 | "$TMP/provisioning.log" 631 | fi 632 | 633 | if [ ! -z "${param_proxysocks}" ]; then 634 | run "Enabling Socks Proxy Environment Variables" \ 635 | "echo -e '\ 636 | ftp_proxy=${param_proxysocks}\n\ 637 | FTP_PROXY=${param_proxysocks}' >> $ROOTFS/etc/environment" \ 638 | "$TMP/provisioning.log" 639 | fi 640 | 641 | # --- Install Extra Packages --- 642 | 643 | # Check for local docker repo 644 | if [ ! -z "${param_mirror}" ]; then 645 | if wget -q --method=HEAD ${param_mirror}/docker/dists/${param_ubuntuversion}/stable/binary-${param_arch}/Release; then 646 | echo "deb [arch=amd64] ${param_mirror} ${param_ubuntuversion} stable" >> $ROOTFS/etc/apt/sources.list 647 | fi 648 | fi 649 | 650 | run "Installing Docker on Ubuntu ${param_ubuntuversion}" \ 651 | "docker run -i --rm --privileged --name ubuntu-installer ${DOCKER_PROXY_ENV} -v $ROOTFS:/target/root ubuntu:${param_ubuntuversion} sh -c \ 652 | 'mount --bind dev /target/root/dev && \ 653 | mount -t proc proc /target/root/proc && \ 654 | mount -t sysfs sysfs /target/root/sys && \ 655 | LANG=C.UTF-8 chroot /target/root sh -c \ 656 | \"$(echo ${INLINE_PROXY} | sed "s#'#\\\\\"#g") export TERM=xterm-color && \ 657 | export DEBIAN_FRONTEND=noninteractive && \ 658 | ${MOUNT_DURING_INSTALL} && \ 659 | apt-get update && \ 660 | DOCKER_PKG=$(apt-cache search docker-ce) && \ 661 | if [ \\\"${DOCKER_PKG}\\\" != \\\"\\\" ]; then \ 662 | echo \\\"package exists\\\"; \ 663 | else \ 664 | apt install -y \ 665 | apt-transport-https \ 666 | ca-certificates \ 667 | curl \ 668 | gnupg-agent \ 669 | software-properties-common && \ 670 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - && \ 671 | apt-key fingerprint 0EBFCD88 && \ 672 | sudo add-apt-repository \\\"deb [arch=amd64] https://download.docker.com/linux/ubuntu ${DOCKER_UBUNTU_RELEASE} stable\\\" && \ 673 | apt-get update; 674 | fi && \ 675 | apt-get install -y docker-ce docker-ce-cli containerd.io\"'" \ 676 | "$TMP/provisioning.log" 677 | 678 | if [ ! -z "${param_insecurereg}" ]; then 679 | mkdir -p $ROOTFS/etc/docker && 680 | echo "{\"insecure-registries\": [\"${param_insecurereg}\"]}" >$ROOTFS/etc/docker/daemon.json 681 | fi 682 | 683 | # --- Create system-docker database on $ROOTFS --- 684 | run "Preparing system-docker database" \ 685 | "mkdir -p $ROOTFS/var/lib/docker && \ 686 | docker run -d --privileged --name system-docker ${DOCKER_PROXY_ENV} -v $ROOTFS/var/lib/docker:/var/lib/docker docker:stable-dind ${REGISTRY_MIRROR}" \ 687 | "$TMP/provisioning.log" 688 | 689 | # --- Installing docker compose --- 690 | run "Installing Docker Compose" \ 691 | "mkdir -p $ROOTFS/usr/local/bin/ && \ 692 | if wget -q --method=HEAD ${param_mirror}/docker/docker-compose; then \ 693 | wget -O $ROOTFS/usr/local/bin/docker-compose \"${param_mirror}/docker/docker-compose\"; \ 694 | else \ 695 | wget -O $ROOTFS/usr/local/bin/docker-compose \"https://github.com/docker/compose/releases/download/1.26.0/docker-compose-$(uname -s)-$(uname -m)\"; \ 696 | fi && \ 697 | chmod a+x $ROOTFS/usr/local/bin/docker-compose" \ 698 | "$TMP/provisioning.log" 699 | --------------------------------------------------------------------------------