Modification : vm_{host,hosted,remote} -> {host,local,remote}/ .

[lhc/ateliers.git] / local / initramfs-configure

diff --git a/local/initramfs-configure b/local/initramfs-configure
new file mode 100755 (executable)
index 0000000..8fa1075
--- /dev/null
+++ b/local/initramfs-configure
@@ -0,0 +1,65 @@
+#!/bin/sh -eu
+tool=$(readlink -e "${0%/*}/..")
+. "$tool"/local/lib.sh
+
+sudo install -m 644 -o root -g root /dev/stdin \
+ /etc/initramfs-tools/initramfs.conf <<-EOF
+       MODULES=most
+       BUSYBOX=y
+       KEYMAP=y
+       COMPRESS=gzip
+       DEVICE=eth0
+       EOF
+sudo install -m 644 -o root -g root /dev/stdin \
+ /etc/modprobe.d/xen-pv.conf <<-EOF
+       alias eth0 xennet
+       alias scsi_hostadapter xenblk
+       EOF
+sudo install -m 644 -o root -g root /dev/stdin \
+ /etc/modules <<-EOF
+       sha1_generic
+       sha256_generic
+       sha512_generic
+       aes-x86_64
+       xts
+       # NOTE: pour Xen en mode HVM :
+       #modprobe xen-platform-pci
+       EOF
+sudo install -m 644 -o root -g root /dev/stdin \
+ /etc/initramfs-tools/modules <<-EOF
+       EOF
+sudo sed -e '/^configure_networking /s/ &$//' \
+ -i /usr/share/initramfs-tools/scripts/init-premount/dropbear
+ # NOTE: corrige une vermine : dropbear doit attendre que le réseau soit configuré..
+ssh-keygen -F "init.$vm_fqdn" -f "$tool"/etc/openssh/known_hosts |
+( while IFS= read -r line
+ do case $line in (*" RSA") return 0; break;; esac
+ done; return 1 ) ||
+ {
+sudo rm -f \
+ /etc/initramfs-tools/etc/dropbear/dropbear_rsa_host_key \
+ /etc/initramfs-tools/etc/dropbear/dropbear_rsa_host_key.pub
+sudo dropbearkey -t rsa -s 4096 -f \
+ /etc/initramfs-tools/etc/dropbear/dropbear_rsa_host_key
+ }
+# NOTE: ne se préoccupe pas de dropbear_dss_host_key ; Debian la génère et l'utilise néamoins.
+sudo install -d -m 640 -o root -g root \
+ /etc/initramfs-tools/root \
+ /etc/initramfs-tools/root/.ssh
+getent group sudo |
+while IFS=: read -r group x x users
+ do while test -n "$users" && IFS=, read -r user users <<-EOF
+               $users
+               EOF
+        do eval home="~$user"
+               sudo cat "$home"/etc/ssh/authorized_keys
+        done
+ done |
+sudo install -m 644 -o root -g root /dev/stdin \
+ /etc/initramfs-tools/root/.ssh/authorized_keys
+sudo rm -f \
+ /etc/initramfs-tools/root/.ssh/id_rsa.dropbear \
+ /etc/initramfs-tools/root/.ssh/id_rsa.pub \
+ /etc/initramfs-tools/root/.ssh/id_rsa
+ # NOTE: clefs générées par Debian
+sudo update-initramfs -u