summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbrent s <r00t@square-r00t.net>2017-05-07 12:55:30 -0400
committerbrent s <r00t@square-r00t.net>2017-05-07 12:55:30 -0400
commit0a99af21ee4c5291c2d07d1a2505b980228ee497 (patch)
tree3a4612c3ad58d691537e5b499a56d4e98a2ac738
parenta28121cbaba7a24be39c795e84106e4123671c10 (diff)
downloadAIF-NG-0a99af21ee4c5291c2d07d1a2505b980228ee497.tar.xz
i think i'm all ready for a 1.0 release...
-rw-r--r--aif.xml2
-rw-r--r--aif.xsd1
-rwxr-xr-xaifclient.py7
-rw-r--r--docs/README.adoc39
4 files changed, 46 insertions, 3 deletions
diff --git a/aif.xml b/aif.xml
index 420ef1b..c3a430a 100644
--- a/aif.xml
+++ b/aif.xml
@@ -15,7 +15,7 @@
<network hostname="aiftest.square-r00t.net">
<iface device="auto" address="auto" netproto="ipv4" />
</network>
- <system timezone="EST5EDT" locale="en_US.UTF-8" chrootpath="/mnt/aif">
+ <system timezone="EST5EDT" locale="en_US.UTF-8" chrootpath="/mnt/aif" reboot="0">
<!-- note: all password hashes below are "test"; don't waste your time trying to crack. :) -->
<users rootpass="$6$3YPpiS.l3SQC6ELe$NQ4qMvcDpv5j1cCM6AGNc5Hyg.rsvtzCt2VWlSbuZXCGg2GB21CMUN8TMGS35tdUezZ/n9y3UFGlmLRVWXvZR.">
<user name="aifusr"
diff --git a/aif.xsd b/aif.xsd
index d4b03c8..84770d8 100644
--- a/aif.xsd
+++ b/aif.xsd
@@ -265,6 +265,7 @@
<xs:attribute name="locale" type="xs:string" use="required" />
<xs:attribute name="chrootpath" type="xs:string" user="required" />
<xs:attribute name="kbd" type="xs:token" />
+ <xs:attribute name="reboot" type="xs:boolean" />
</xs:complexType>
</xs:element>
<!-- END SYSTEM -->
diff --git a/aifclient.py b/aifclient.py
index c0d577f..d90070a 100755
--- a/aifclient.py
+++ b/aifclient.py
@@ -286,9 +286,11 @@ class aif(object):
aifdict['system']['locale'] = False
aifdict['system']['kbd'] = False
aifdict['system']['chrootpath'] = False
- for i in ('locale', 'timezone', 'kbd', 'chrootpath'):
+ aifdict['system']['reboot'] = False
+ for i in ('locale', 'timezone', 'kbd', 'chrootpath', 'reboot'):
if i in xmlobj.find('system').attrib:
aifdict['system'][i] = xmlobj.find('system').attrib[i]
+ aifdict['system']['reboot'] = aifdict['system']['reboot'].lower() in ('true', '1')
# And now services...
if xmlobj.find('system/service') is None:
aifdict['system']['services'] = False
@@ -949,7 +951,8 @@ def main():
with open(logfile, 'a') as log:
pprint.pprint(instconf, stream = log)
runInstall(instconf)
- #subprocess.run(['reboot']) # We should probably leave this up to operators?
+ if instconf['system']['reboot']:
+ subprocess.run(['reboot'])
if __name__ == "__main__":
main()
diff --git a/docs/README.adoc b/docs/README.adoc
index 85acd3f..d7df21a 100644
--- a/docs/README.adoc
+++ b/docs/README.adoc
@@ -137,6 +137,44 @@ Configure your bootloader to add the following options as necessary:
** The same behavior applies for `aif_password`.
* If `aif_auth` is `digest`, this is the realm we would use (we attempt to "guess" if it isn’t specified); otherwise it is ignored.
+== Building a compatible LiveCD
+You have two options.
+
+=== Recommended
+The recommended option is to use https://bdisk.square-r00t.net/[BDisk^] (the author should look familiar ;) and per https://bdisk.square-r00t.net/#advanced_customization[the documentation^], you would simply create the following modifications (remember to replace *<BDisk directory>* with your actual BDisk directory):
+
+. `mkdir -p *<BDisk directory>*/overlay/etc/systemd/system/multi-target.wants`
+. `ln -s /etc/systemd/system/aif.service *<BDisk directory>*/overlay/etc/systemd/system/multi-target.wants/aif.service`
+.. (NOTE: This is not a typo; the symlink will resolve to the correct place during the build)
+. `printf '[Unit]\nDescription=AIF-NG Client Service\nAfter=livecdfix.service\n\n[Service]\nType=oneshot\nExecStart=/usr/bin/aif\n\n[Install]\nWantedBy=multi-user.target\n' > *<BDisk directory>*/overlay/etc/systemd/system/aif.service`
+.. (NOTE: This is all one line.)
+.. (NOTE: We use a custom aif.service instead of the AUR package provided one because of how BDisk handles bringing up the network.)
+. If you want automatic root login on TTY1 like the Arch install ISO (optional):
+.. `mkdir -p *<BDisk directory>*/overlay/etc/systemd/system/getty\@tty1.service.d`
+.. `printf '[Service]\nType=idle\nExecStart=\nExecStart=-/usr/bin/agetty --autologin root --noclear %%I 38400 linux\n' > *<BDisk directory>*/overlay/etc/systemd/system/getty\@tty1.service.d`
+... (NOTE: This is all one line.)
+
+Remember to also create a https://bdisk.square-r00t.net/#the_code_build_ini_code_file[build.ini file^]. You can find a compatible one https://git.square-r00t.net/AIF-NG/plain/extras/bdisk.build.ini[here^] (but remember to tailor it to your particular paths and needs first!).
+
+Make any further customizations as you wish, then https://bdisk.square-r00t.net/#building_a_bdisk_iso[start the build^].
+
+=== Quickest
+For convenience, I've already built a LiveCD that will auto-start AIF. Note, however, that it is configured to my personal preferences (it installs https://aif.square-r00t.net/cfgs/scripts/pkg/python.sh[python3^], installs https://aif.square-r00t.net/cfgs/scripts/pkg/apacman.py[apacman^] (and configures it and pacman to my tastes), sets up a more strict https://aif.square-r00t.net/cfgs/scripts/post/sshsecure.py[SSH configuration^], and https://aif.square-r00t.net/cfgs/scripts/post/sshkeys.py[installs my SSH pubkeys^].), so you may want to use the recommended method above instead.
+
+==== The full environment
+A full ISO build is https://aif.square-r00t.net/download/aif.iso[here] (GPG signatures are available in https://aif.square-r00t.net/download/aif.iso.sig[SIG] and https://aif.square-r00t.net/download/aif.iso.asc[ASC^] format; make sure you https://devblog.square-r00t.net/about/my-gpg-public-key-verification-of-identity[verify it^]).
+
+It has a full GNU/Linux environment that you can use, and works on both UEFI and BIOS systems. It boots to a non-passworded root login, but AIF will be running in the background. SSH is installed and configured for key-based authentication only, but is not enabled by default.
+
+==== The iPXE environment
+If you would like to boot over the network, I have an iPXE ISO https://aif.square-r00t.net/download/aif-mini.iso[here] (GPG signatures are available in https://aif.square-r00t.net/download/aif-mini.iso.sig[SIG] and https://aif.square-r00t.net/download/aif-mini.iso.asc[ASC^] format; make sure you https://devblog.square-r00t.net/about/my-gpg-public-key-verification-of-identity[verify it^]).
+
+You will need at least 2GB of RAM, as it loads entirely into memory.
+
+It also boots to a full GNU/Linux environment that you can use, and works on both UEFI and BIOS systems. It boots to a non-passworded root login, but AIF will be running in the background. SSH is installed and configured for key-based authentication only, but is not enabled by default.
+
+
+
== Logging
Currently, only one method of logging is enabled, and is always enabled. It can be found on the host and guest at */root/aif.log._<UNIX epoch timestamp>_*. Note that after the build finishes successfully, it will remove the host's log (as it's just a broken symlink at that point). You will be able to find the full log in the guest after the install, however.
@@ -352,6 +390,7 @@ The `/aif/system` element is for handling general system configuration. It conta
^m|locale |The https://wiki.archlinux.org/index.php/Locale#Setting_the_system_locale[locale^] of the installed system (e.g. `en_US.UTF-8`); if a short version is used (e.g. `en`), then all locales starting with that prefix will be enabled (multiple explicit locale support is in the TODO)
^m|chrootpath |The path on the host that will serve as the https://wiki.archlinux.org/index.php/Change_root[chroot^] path. This should be where your new install's / (root filesystem partition) is mounted at in <<code_mount_code, mounts>>
^m|kbd |The https://wiki.archlinux.org/index.php/installation_guide#Set_the_keyboard_layout[keyboard layout^] (if not US)
+^m|reboot |If we should reboot the system after the install (in order to boot to the newly-installed system, assuming your boot order is set correctly). Boolean, accepts `1`/`true` or `0`/`false`.
|======================
==== `<users>`