From 430a173fb181c69ce9b2d21ccb7b5a5540151b5b Mon Sep 17 00:00:00 2001 From: Matt Compton Date: Tue, 20 Apr 2021 14:36:00 -0400 Subject: [PATCH] add cli prof for testing --- build_iso.sh | 24 ++-- chrooted.sh | 12 +- crystal-cli/airootfs/etc/buildstamp | 1 + crystal-cli/airootfs/etc/doas.conf | 2 + crystal-cli/airootfs/etc/mkinitcpio.conf | 70 +++++++++ .../airootfs/etc/mkinitcpio.d/linux.preset | 11 ++ crystal-cli/airootfs/etc/packages.x86_64 | 18 +++ crystal-cli/airootfs/etc/pacman.conf | 111 +++++++++++++++ crystal-cli/airootfs/etc/pacman.d/.keep | 1 + crystal-cli/airootfs/etc/pacman.d/mirrorlist | 133 ++++++++++++++++++ crystal-cli/airootfs/etc/profile | 1 + crystal-cli/airootfs/etc/ssh/sshd_config | 116 +++++++++++++++ crystal-cli/airootfs/etc/sudoers | 2 + crystal-cli/airootfs/etc/sysrootpkgs | 10 ++ .../etc/systemd/network/20-ethernet.network | 13 ++ .../cloud-config.service | 1 + .../cloud-final.service | 1 + .../cloud-init-local.service | 1 + .../cloud-init.service | 1 + .../systemd/system/etc-pacman.d-gnupg.mount | 11 ++ .../getty@tty1.service.d/autologin.conf | 3 + .../multi-user.target.wants/sshd.service | 1 + .../systemd-networkd.service | 1 + .../systemd-resolved.service | 1 + .../etc-pacman.d-gnupg.mount | 1 + .../pacman-init.service | 1 + .../systemd-networkd-wait-online.service | 1 + .../etc/systemd/system/pacman-init.service | 20 +++ .../systemd-networkd.socket | 1 + .../wait-for-only-one-interface.conf | 5 + crystal-cli/airootfs/root/.profile | 3 + crystal-cli/airootfs/root/.xinitrc | 3 + .../loader/entries/archiso-x86_64-linux.conf | 7 + crystal-cli/efiboot/loader/loader.conf | 5 + crystal-cli/packages.gone | 33 +++++ crystal-cli/packages.x86_64 | 18 +++ crystal-cli/pacman.conf | 111 +++++++++++++++ crystal-cli/profiledef.sh | 15 ++ crystal-cli/syslinux/syslinux-linux.cfg | 8 ++ crystal-cli/syslinux/syslinux.cfg | 11 ++ crystal/packages.removed | 4 - 41 files changed, 767 insertions(+), 26 deletions(-) create mode 100644 crystal-cli/airootfs/etc/buildstamp create mode 100644 crystal-cli/airootfs/etc/doas.conf create mode 100644 crystal-cli/airootfs/etc/mkinitcpio.conf create mode 100644 crystal-cli/airootfs/etc/mkinitcpio.d/linux.preset create mode 100644 crystal-cli/airootfs/etc/packages.x86_64 create mode 100644 crystal-cli/airootfs/etc/pacman.conf create mode 100644 crystal-cli/airootfs/etc/pacman.d/.keep create mode 100644 crystal-cli/airootfs/etc/pacman.d/mirrorlist create mode 100644 crystal-cli/airootfs/etc/profile create mode 100644 crystal-cli/airootfs/etc/ssh/sshd_config create mode 100644 crystal-cli/airootfs/etc/sudoers create mode 100644 crystal-cli/airootfs/etc/sysrootpkgs create mode 100644 crystal-cli/airootfs/etc/systemd/network/20-ethernet.network create mode 120000 crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service create mode 120000 crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service create mode 120000 crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service create mode 120000 crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service create mode 100644 crystal-cli/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount create mode 100644 crystal-cli/airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf create mode 120000 crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service create mode 120000 crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service create mode 120000 crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service create mode 120000 crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/etc-pacman.d-gnupg.mount create mode 120000 crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/pacman-init.service create mode 120000 crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service create mode 100644 crystal-cli/airootfs/etc/systemd/system/pacman-init.service create mode 120000 crystal-cli/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket create mode 100644 crystal-cli/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf create mode 100755 crystal-cli/airootfs/root/.profile create mode 100755 crystal-cli/airootfs/root/.xinitrc create mode 100644 crystal-cli/efiboot/loader/entries/archiso-x86_64-linux.conf create mode 100644 crystal-cli/efiboot/loader/loader.conf create mode 100644 crystal-cli/packages.gone create mode 100644 crystal-cli/packages.x86_64 create mode 100644 crystal-cli/pacman.conf create mode 100644 crystal-cli/profiledef.sh create mode 100644 crystal-cli/syslinux/syslinux-linux.cfg create mode 100644 crystal-cli/syslinux/syslinux.cfg delete mode 100644 crystal/packages.removed diff --git a/build_iso.sh b/build_iso.sh index 88dba4e..9947f70 100755 --- a/build_iso.sh +++ b/build_iso.sh @@ -1,15 +1,17 @@ -rm -fv crystal-live-*.iso +rm -fv *.iso +if [[ "$1" == "" ]]; then + printf "Profile: " + read prof +else + prof=$1 +fi WORKDIR=$(mktemp -d) # idk if this would've happened automatically? -cp crystal/pacman.conf crystal/airootfs/etc/. -cp crystal/packages.x86_64 crystal/airootfs/etc/packages.x86_64 -cp /etc/pacman.d/mirrorlist crystal/airootfs/etc/pacman.d/. -echo "Built on $(date +"%D @ %T EST")" > crystal/airootfs/etc/buildstamp -time sudo ./mkarchiso -v -w $WORKDIR -o . crystal -sudo rm -rf $WORKDIR - -if [[ "$1" == "docker" ]]; then - cp *.iso /output/. -fi \ No newline at end of file +cp ${prof}/pacman.conf ${prof}/airootfs/etc/. +cp ${prof}/packages.x86_64 ${prof}/airootfs/etc/packages.x86_64 +cp /etc/pacman.d/mirrorlist ${prof}/airootfs/etc/pacman.d/. +echo "Built on $(date +"%D @ %T EST")" > ${prof}/airootfs/etc/buildstamp +time sudo ./mkarchiso -v -w $WORKDIR -o . ${prof} +sudo rm -rf $WORKDIR \ No newline at end of file diff --git a/chrooted.sh b/chrooted.sh index 69b44f7..bda2b7e 100644 --- a/chrooted.sh +++ b/chrooted.sh @@ -15,14 +15,4 @@ chmod +x /usr/bin/mirrorsetup /usr/bin/usermod -p $(echo "pear" | openssl passwd -6 -stdin) carly /usr/bin/usermod -p $(echo "pear" | openssl passwd -6 -stdin) root /usr/bin/chmod +x /home/carly/.xinitrc -echo "Configured the 'carly' user. Exiting chroot." - -cat >> .bashrc << EOF -if [ -z "${DISPLAY}" ] && [ "${XDG_VTNR}" -eq 1 ]; then - startx -fi - -if [[ ! -f /etc/pacman.d/mirrorlist ]]; then - sudo reflector --verbose --latest 5 --sort rate --save /etc/pacman.d/mirrorlist -fi -EOF \ No newline at end of file +echo "Configured the 'carly' user. Exiting chroot." \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/buildstamp b/crystal-cli/airootfs/etc/buildstamp new file mode 100644 index 0000000..7e57a01 --- /dev/null +++ b/crystal-cli/airootfs/etc/buildstamp @@ -0,0 +1 @@ +Built on 04/20/21 @ 14:32:43 EST diff --git a/crystal-cli/airootfs/etc/doas.conf b/crystal-cli/airootfs/etc/doas.conf new file mode 100644 index 0000000..0525c1c --- /dev/null +++ b/crystal-cli/airootfs/etc/doas.conf @@ -0,0 +1,2 @@ +permit persist root +permit persist carly \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/mkinitcpio.conf b/crystal-cli/airootfs/etc/mkinitcpio.conf new file mode 100644 index 0000000..4b7b7fb --- /dev/null +++ b/crystal-cli/airootfs/etc/mkinitcpio.conf @@ -0,0 +1,70 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +# vim:set ft=sh +# MODULES +# The following modules are loaded before any boot hooks are +# run. Advanced users may wish to specify all system modules +# in this array. For instance: +# MODULES=(piix ide_disk reiserfs) +MODULES=() + +# BINARIES +# This setting includes any additional binaries a given user may +# wish into the CPIO image. This is run last, so it may be used to +# override the actual binaries included by a given hook +# BINARIES are dependency parsed, so you may safely ignore libraries +BINARIES=() + +# FILES +# This setting is similar to BINARIES above, however, files are added +# as-is and are not parsed in any way. This is useful for config files. +FILES=() + +# HOOKS +# This is the most important setting in this file. The HOOKS control the +# modules and scripts added to the image, and what happens at boot time. +# Order is important, and it is recommended that you do not change the +# order in which HOOKS are added. Run 'mkinitcpio -H ' for +# help on a given hook. +# 'base' is _required_ unless you know precisely what you are doing. +# 'udev' is _required_ in order to automatically load modules +# 'filesystems' is _required_ unless you specify your fs modules in MODULES +# Examples: +## This setup specifies all modules in the MODULES setting above. +## No raid, lvm2, or encrypted root is needed. +# HOOKS=(base) +# +## This setup will autodetect all modules for your system and should +## work as a sane default +# HOOKS=(base udev autodetect block filesystems) +# +## This setup will generate a 'full' image which supports most systems. +## No autodetection is done. +# HOOKS=(base udev block filesystems) +# +## This setup assembles a pata mdadm array with an encrypted root FS. +## Note: See 'mkinitcpio -H mdadm' for more information on raid devices. +# HOOKS=(base udev block mdadm encrypt filesystems) +# +## This setup loads an lvm2 volume group on a usb device. +# HOOKS=(base udev block lvm2 filesystems) +# +## NOTE: If you have /usr on a separate partition, you MUST include the +# usr, fsck and shutdown hooks. +HOOKS=(base udev modconf archiso block filesystems) + +# COMPRESSION +# Use this to compress the initramfs image. By default, gzip compression +# is used. Use 'cat' to create an uncompressed image. +#COMPRESSION="gzip" +#COMPRESSION="bzip2" +#COMPRESSION="lzma" +#COMPRESSION="xz" +#COMPRESSION="lzop" +#COMPRESSION="lz4" +#COMPRESSION="zstd" + +# COMPRESSION_OPTIONS +# Additional options for the compressor +#COMPRESSION_OPTIONS=() diff --git a/crystal-cli/airootfs/etc/mkinitcpio.d/linux.preset b/crystal-cli/airootfs/etc/mkinitcpio.d/linux.preset new file mode 100644 index 0000000..d35f137 --- /dev/null +++ b/crystal-cli/airootfs/etc/mkinitcpio.d/linux.preset @@ -0,0 +1,11 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +# mkinitcpio preset file for the 'linux' package on archiso + +PRESETS=('archiso') + +ALL_kver='/boot/vmlinuz-linux' +ALL_config='/etc/mkinitcpio.conf' + +archiso_image="/boot/initramfs-linux.img" diff --git a/crystal-cli/airootfs/etc/packages.x86_64 b/crystal-cli/airootfs/etc/packages.x86_64 new file mode 100644 index 0000000..ea076a3 --- /dev/null +++ b/crystal-cli/airootfs/etc/packages.x86_64 @@ -0,0 +1,18 @@ +xorg +xorg-xinit +arch-install-scripts +reflector +pacman-contrib +nano +doas +linux-firmware +tree +base +cloud-init +linux +mkinitcpio +mkinitcpio-archiso +openssh +syslinux + +crystal-misc \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/pacman.conf b/crystal-cli/airootfs/etc/pacman.conf new file mode 100644 index 0000000..ae291d4 --- /dev/null +++ b/crystal-cli/airootfs/etc/pacman.conf @@ -0,0 +1,111 @@ +# +# /etc/pacman.conf +# +# See the pacman.conf(5) manpage for option and repository directives +# +# SPDX-License-Identifier: GPL-3.0-or-later + +# +# GENERAL OPTIONS +# +[options] +# The following paths are commented out with their default values listed. +# If you wish to use different paths, uncomment and update the paths. +#RootDir = / +#DBPath = /var/lib/pacman/ +#CacheDir = /var/cache/pacman/pkg/ +#LogFile = /var/log/pacman.log +#GPGDir = /etc/pacman.d/gnupg/ +#HookDir = /etc/pacman.d/hooks/ +HoldPkg = pacman glibc +#XferCommand = /usr/bin/curl -L -C - -f -o %o %u +#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u +#CleanMethod = KeepInstalled +Architecture = auto + +# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup +#IgnorePkg = +#IgnoreGroup = + +#NoUpgrade = +#NoExtract = + +# Misc options +#UseSyslog +Color +TotalDownload +ILoveCandy +# We cannot check disk space from within a chroot environment +#CheckSpace +#VerbosePkgLists + +# By default, pacman accepts packages signed by keys that its local keyring +# trusts (see pacman-key and its man page), as well as unsigned packages. +SigLevel = Never +LocalFileSigLevel = Never +RemoteFileSigLevel = Never + +# NOTE: You must run `pacman-key --init` before first using pacman; the local +# keyring can then be populated with the keys of all official Arch Linux +# packagers with `pacman-key --populate archlinux`. + +# +# REPOSITORIES +# - can be defined here or included from another file +# - pacman will search repositories in the order defined here +# - local/custom mirrors can be added here or in separate files +# - repositories listed first will take precedence when packages +# have identical names, regardless of version number +# - URLs will have $repo replaced by the name of the current repo +# - URLs will have $arch replaced by the name of the architecture +# +# Repository entries are of the format: +# [repo-name] +# Server = ServerName +# Include = IncludePath +# +# The header [repo-name] is crucial - it must be present and +# uncommented to enable the repo. +# + +# The testing repositories are disabled by default. To enable, uncomment the +# repo name header and Include lines. You can add preferred servers immediately +# after the header, and they will be used before the default mirrors. + +#[testing] +#Include = /etc/pacman.d/mirrorlist + +[crystal] +Server = https://repo.xhec.us/crystal +SigLevel = Never + +[core] +Include = /etc/pacman.d/mirrorlist + +[extra] +Include = /etc/pacman.d/mirrorlist + +#[community-testing] +#Include = /etc/pacman.d/mirrorlist + +[community] +Include = /etc/pacman.d/mirrorlist + +[aur] +Server = https://repo.xhec.us/aur +SigLevel = Never + +# If you want to run 32 bit applications on your x86_64 system, +# enable the multilib repositories as required here. + +#[multilib-testing] +#Include = /etc/pacman.d/mirrorlist + +#[multilib] +#Include = /etc/pacman.d/mirrorlist + +# An example of a custom package repository. See the pacman manpage for +# tips on creating your own repositories. +#[custom] +#SigLevel = Optional TrustAll +#Server = file:///home/custompkgs diff --git a/crystal-cli/airootfs/etc/pacman.d/.keep b/crystal-cli/airootfs/etc/pacman.d/.keep new file mode 100644 index 0000000..4a31a76 --- /dev/null +++ b/crystal-cli/airootfs/etc/pacman.d/.keep @@ -0,0 +1 @@ +#heeho \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/pacman.d/mirrorlist b/crystal-cli/airootfs/etc/pacman.d/mirrorlist new file mode 100644 index 0000000..e324736 --- /dev/null +++ b/crystal-cli/airootfs/etc/pacman.d/mirrorlist @@ -0,0 +1,133 @@ +################################################################################ +################# Arch Linux mirrorlist generated by Reflector ################# +################################################################################ + +# With: reflector -c us --sort age +# When: 2021-04-19 05:00:03 UTC +# From: https://www.archlinux.org/mirrors/status/json/ +# Retrieved: 2021-04-19 05:00:03 UTC +# Last Check: 2021-04-19 04:54:20 UTC + +Server = http://mirror.lty.me/archlinux/$repo/os/$arch +Server = https://america.mirror.pkgbuild.com/$repo/os/$arch +Server = http://arch.mirror.square-r00t.net/$repo/os/$arch +Server = https://arch.mirror.square-r00t.net/$repo/os/$arch +Server = rsync://arch.mirror.square-r00t.net/arch/$repo/os/$arch +Server = https://mirror.lty.me/archlinux/$repo/os/$arch +Server = rsync://mirror.lty.me/archlinux/$repo/os/$arch +Server = http://arch.mirror.constant.com/$repo/os/$arch +Server = https://arch.mirror.constant.com/$repo/os/$arch +Server = rsync://arch.mirror.constant.com/archlinux/$repo/os/$arch +Server = http://arlm.tyzoid.com/$repo/os/$arch +Server = https://arlm.tyzoid.com/$repo/os/$arch +Server = rsync://arlm.tyzoid.com/archlinux/$repo/os/$arch +Server = http://archmirror1.octyl.net/$repo/os/$arch +Server = https://archmirror1.octyl.net/$repo/os/$arch +Server = http://mirror.hackingand.coffee/arch/$repo/os/$arch +Server = https://mirror.hackingand.coffee/arch/$repo/os/$arch +Server = rsync://mirror.hackingand.coffee/arch/$repo/os/$arch +Server = http://mirrors.lug.mtu.edu/archlinux/$repo/os/$arch +Server = https://mirrors.lug.mtu.edu/archlinux/$repo/os/$arch +Server = rsync://mirrors.lug.mtu.edu/archlinux/$repo/os/$arch +Server = http://ftp.sudhip.com/archlinux/$repo/os/$arch +Server = https://ftp.sudhip.com/archlinux/$repo/os/$arch +Server = http://arch.hu.fo/archlinux/$repo/os/$arch +Server = https://arch.hu.fo/archlinux/$repo/os/$arch +Server = rsync://arch.hu.fo/archlinux/$repo/os/$arch +Server = http://mirrors.xtom.com/archlinux/$repo/os/$arch +Server = https://mirrors.xtom.com/archlinux/$repo/os/$arch +Server = http://mirrors.rit.edu/archlinux/$repo/os/$arch +Server = https://mirrors.rit.edu/archlinux/$repo/os/$arch +Server = rsync://mirrors.rit.edu/archlinux/$repo/os/$arch +Server = http://mirrors.advancedhosters.com/archlinux/$repo/os/$arch +Server = rsync://mirrors.advancedhosters.com/archlinux/$repo/os/$arch +Server = http://mirrors.ocf.berkeley.edu/archlinux/$repo/os/$arch +Server = https://mirrors.ocf.berkeley.edu/archlinux/$repo/os/$arch +Server = http://mirror.kaminski.io/archlinux/$repo/os/$arch +Server = http://mirror.cybersecurity.nmt.edu/archlinux/$repo/os/$arch +Server = https://mirror.cybersecurity.nmt.edu/archlinux/$repo/os/$arch +Server = http://mirror.dal10.us.leaseweb.net/archlinux/$repo/os/$arch +Server = http://mirror.mia11.us.leaseweb.net/archlinux/$repo/os/$arch +Server = http://mirror.sfo12.us.leaseweb.net/archlinux/$repo/os/$arch +Server = http://mirror.wdc1.us.leaseweb.net/archlinux/$repo/os/$arch +Server = https://mirror.dal10.us.leaseweb.net/archlinux/$repo/os/$arch +Server = https://mirror.mia11.us.leaseweb.net/archlinux/$repo/os/$arch +Server = https://mirror.sfo12.us.leaseweb.net/archlinux/$repo/os/$arch +Server = https://mirror.wdc1.us.leaseweb.net/archlinux/$repo/os/$arch +Server = rsync://mirror.dal10.us.leaseweb.net/archlinux/$repo/os/$arch +Server = rsync://mirror.mia11.us.leaseweb.net/archlinux/$repo/os/$arch +Server = rsync://mirror.sfo12.us.leaseweb.net/archlinux/$repo/os/$arch +Server = rsync://mirror.wdc1.us.leaseweb.net/archlinux/$repo/os/$arch +Server = http://mirrors.acm.wpi.edu/archlinux/$repo/os/$arch +Server = http://mirror.cs.pitt.edu/archlinux/$repo/os/$arch +Server = rsync://mirror.cs.pitt.edu/archlinux/$repo/os/$arch +Server = http://mirrors.kernel.org/archlinux/$repo/os/$arch +Server = https://mirrors.kernel.org/archlinux/$repo/os/$arch +Server = rsync://mirrors.kernel.org/archlinux/$repo/os/$arch +Server = http://repo.ialab.dsu.edu/archlinux/$repo/os/$arch +Server = https://repo.ialab.dsu.edu/archlinux/$repo/os/$arch +Server = http://mirror.arizona.edu/archlinux/$repo/os/$arch +Server = https://mirror.arizona.edu/archlinux/$repo/os/$arch +Server = rsync://mirror.arizona.edu/archlinux/$repo/os/$arch +Server = http://mirrors.mit.edu/archlinux/$repo/os/$arch +Server = https://mirrors.mit.edu/archlinux/$repo/os/$arch +Server = rsync://mirrors.mit.edu/archlinux/$repo/os/$arch +Server = http://plug-mirror.rcac.purdue.edu/archlinux/$repo/os/$arch +Server = https://plug-mirror.rcac.purdue.edu/archlinux/$repo/os/$arch +Server = rsync://plug-mirror.rcac.purdue.edu/archlinux/$repo/os/$arch +Server = http://mirror.es.its.nyu.edu/archlinux/$repo/os/$arch +Server = rsync://mirror.es.its.nyu.edu/archlinux/$repo/os/$arch +Server = http://ca.us.mirror.archlinux-br.org/$repo/os/$arch +Server = http://il.us.mirror.archlinux-br.org/$repo/os/$arch +Server = http://iad.mirrors.misaka.one/archlinux/$repo/os/$arch +Server = https://iad.mirrors.misaka.one/archlinux/$repo/os/$arch +Server = rsync://iad.mirrors.misaka.one/archlinux/$repo/os/$arch +Server = http://mirrors.cat.pdx.edu/archlinux/$repo/os/$arch +Server = rsync://mirrors.cat.pdx.edu/archlinux/$repo/os/$arch +Server = http://mirror.siena.edu/archlinux/$repo/os/$arch +Server = rsync://mirror.siena.edu/archlinux/$repo/os/$arch +Server = http://mirror.umd.edu/archlinux/$repo/os/$arch +Server = rsync://mirror.umd.edu/archlinux/$repo/os/$arch +Server = http://archlinux.surlyjake.com/archlinux/$repo/os/$arch +Server = http://mirror.stephen304.com/archlinux/$repo/os/$arch +Server = https://mirror.stephen304.com/archlinux/$repo/os/$arch +Server = http://mirror.math.princeton.edu/pub/archlinux/$repo/os/$arch +Server = rsync://mirror.math.princeton.edu/pub/archlinux/$repo/os/$arch +Server = http://mirror.ette.biz/archlinux/$repo/os/$arch +Server = https://mirror.ette.biz/archlinux/$repo/os/$arch +Server = rsync://mirror.ette.biz/archlinux/$repo/os/$arch +Server = http://mirrors.aggregate.org/archlinux/$repo/os/$arch +Server = rsync://mirrors.aggregate.org/archlinux/$repo/os/$arch +Server = http://mirrors.sonic.net/archlinux/$repo/os/$arch +Server = https://mirrors.sonic.net/archlinux/$repo/os/$arch +Server = rsync://mirrors.sonic.net/archlinux/$repo/os/$arch +Server = http://mirrors.xmission.com/archlinux/$repo/os/$arch +Server = http://mirrors.liquidweb.com/archlinux/$repo/os/$arch +Server = rsync://mirrors.liquidweb.com/archlinux/$repo/os/$arch +Server = http://dfw.mirror.rackspace.com/archlinux/$repo/os/$arch +Server = http://iad.mirror.rackspace.com/archlinux/$repo/os/$arch +Server = http://ord.mirror.rackspace.com/archlinux/$repo/os/$arch +Server = https://dfw.mirror.rackspace.com/archlinux/$repo/os/$arch +Server = https://iad.mirror.rackspace.com/archlinux/$repo/os/$arch +Server = https://ord.mirror.rackspace.com/archlinux/$repo/os/$arch +Server = rsync://dfw.mirror.rackspace.com/archlinux/$repo/os/$arch +Server = rsync://iad.mirror.rackspace.com/archlinux/$repo/os/$arch +Server = rsync://ord.mirror.rackspace.com/archlinux/$repo/os/$arch +Server = https://arch.rrig.gs/$repo/os/$arch +Server = rsync://arch.rrig.gs/arch/$repo/os/$arch +Server = http://mirrors.gigenet.com/archlinux/$repo/os/$arch +Server = http://mirror.vtti.vt.edu/archlinux/$repo/os/$arch +Server = http://repo.miserver.it.umich.edu/archlinux/$repo/os/$arch +Server = http://ftp.osuosl.org/pub/archlinux/$repo/os/$arch +Server = rsync://ftp.osuosl.org/archlinux/$repo/os/$arch +Server = http://mirror.cs.vt.edu/pub/ArchLinux/$repo/os/$arch +Server = rsync://mirror.cs.vt.edu/archlinux/$repo/os/$arch +Server = http://www.gtlib.gatech.edu/pub/archlinux/$repo/os/$arch +Server = http://distro.ibiblio.org/archlinux/$repo/os/$arch +Server = rsync://distro.ibiblio.org/archlinux/$repo/os/$arch +Server = http://mirror.pit.teraswitch.com/archlinux/$repo/os/$arch +Server = https://mirror.pit.teraswitch.com/archlinux/$repo/os/$arch +Server = rsync://mirror.pit.teraswitch.com/archlinux/$repo/os/$arch +Server = http://mirrors.rutgers.edu/archlinux/$repo/os/$arch +Server = https://mirrors.rutgers.edu/archlinux/$repo/os/$arch + diff --git a/crystal-cli/airootfs/etc/profile b/crystal-cli/airootfs/etc/profile new file mode 100644 index 0000000..a42fb8d --- /dev/null +++ b/crystal-cli/airootfs/etc/profile @@ -0,0 +1 @@ +alias sudo="doas" \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/ssh/sshd_config b/crystal-cli/airootfs/etc/ssh/sshd_config new file mode 100644 index 0000000..8ef1758 --- /dev/null +++ b/crystal-cli/airootfs/etc/ssh/sshd_config @@ -0,0 +1,116 @@ +# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to no to disable s/key passwords +ChallengeResponseAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +#X11Forwarding no +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +PrintMotd no # pam does that +#PrintLastLog yes +#TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# override default of no subsystems +Subsystem sftp /usr/lib/ssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server diff --git a/crystal-cli/airootfs/etc/sudoers b/crystal-cli/airootfs/etc/sudoers new file mode 100644 index 0000000..5f74484 --- /dev/null +++ b/crystal-cli/airootfs/etc/sudoers @@ -0,0 +1,2 @@ +root ALL=(ALL) ALL +carly ALL=(ALL) NOPASSWD: ALL \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/sysrootpkgs b/crystal-cli/airootfs/etc/sysrootpkgs new file mode 100644 index 0000000..efa34a4 --- /dev/null +++ b/crystal-cli/airootfs/etc/sysrootpkgs @@ -0,0 +1,10 @@ +base +linux +nano +doas +linux-firmware +openssh +man-db +man-pages +texinfo +networkmanager \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/network/20-ethernet.network b/crystal-cli/airootfs/etc/systemd/network/20-ethernet.network new file mode 100644 index 0000000..efa309c --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/network/20-ethernet.network @@ -0,0 +1,13 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Match] +Name=en* +Name=eth* + +[Network] +DHCP=yes +IPv6PrivacyExtensions=yes + +[DHCP] +RouteMetric=512 diff --git a/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service b/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service new file mode 120000 index 0000000..ebc50f0 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-config.service \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service b/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service new file mode 120000 index 0000000..80fa3c8 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-final.service \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service b/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service new file mode 120000 index 0000000..dd8e9f1 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-init-local.service \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service b/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service new file mode 120000 index 0000000..24c7a26 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/cloud-init.service \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount b/crystal-cli/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount new file mode 100644 index 0000000..f86a91d --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/etc-pacman.d-gnupg.mount @@ -0,0 +1,11 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Unit] +Description=Temporary /etc/pacman.d/gnupg directory + +[Mount] +What=tmpfs +Where=/etc/pacman.d/gnupg +Type=tmpfs +Options=mode=0755 diff --git a/crystal-cli/airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf b/crystal-cli/airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf new file mode 100644 index 0000000..4df51e0 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf @@ -0,0 +1,3 @@ +[Service] +ExecStart= +ExecStart=-/sbin/agetty --autologin carly --noclear %I 38400 linux \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service b/crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service new file mode 120000 index 0000000..d21ebd9 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/sshd.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/sshd.service \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service b/crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service new file mode 120000 index 0000000..4c158e6 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-networkd.service \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service b/crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service new file mode 120000 index 0000000..4f6ae34 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-resolved.service \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/etc-pacman.d-gnupg.mount b/crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/etc-pacman.d-gnupg.mount new file mode 120000 index 0000000..a2bbbbc --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/etc-pacman.d-gnupg.mount @@ -0,0 +1 @@ +systemd/system/etc-pacman.d-gnupg.mount \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/pacman-init.service b/crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/pacman-init.service new file mode 120000 index 0000000..80f5df3 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/pacman-init.service @@ -0,0 +1 @@ +systemd/system/pacman-init.service \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service b/crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service new file mode 120000 index 0000000..7d6ad92 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-networkd-wait-online.service \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/pacman-init.service b/crystal-cli/airootfs/etc/systemd/system/pacman-init.service new file mode 100644 index 0000000..afbb35e --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/pacman-init.service @@ -0,0 +1,20 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Unit] +Description=Initializes Pacman keyring +Requires=etc-pacman.d-gnupg.mount +After=etc-pacman.d-gnupg.mount + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/bin/bash -c "echo hi" +ExecStart=/usr/bin/pacman-key --init +ExecStart=/usr/bin/pacman-key --populate archlinux +ExecStart=/usr/bin/reflector --latest 5 --sort rate --save /etc/pacman.d/mirrorlist +ExecStart=/usr/bin/sed -i 's/#Server/Server/g' /etc/pacman.d/mirrorlist + + +[Install] +WantedBy=multi-user.target diff --git a/crystal-cli/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket b/crystal-cli/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket new file mode 120000 index 0000000..51942c8 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket @@ -0,0 +1 @@ +/usr/lib/systemd/system/systemd-networkd.socket \ No newline at end of file diff --git a/crystal-cli/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf b/crystal-cli/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf new file mode 100644 index 0000000..a4d7442 --- /dev/null +++ b/crystal-cli/airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf @@ -0,0 +1,5 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +[Service] +ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --any diff --git a/crystal-cli/airootfs/root/.profile b/crystal-cli/airootfs/root/.profile new file mode 100755 index 0000000..896139b --- /dev/null +++ b/crystal-cli/airootfs/root/.profile @@ -0,0 +1,3 @@ +if [ -z "${DISPLAY}" ] && [ "${XDG_VTNR}" -eq 1 ]; then + exec startx +fi \ No newline at end of file diff --git a/crystal-cli/airootfs/root/.xinitrc b/crystal-cli/airootfs/root/.xinitrc new file mode 100755 index 0000000..d51b594 --- /dev/null +++ b/crystal-cli/airootfs/root/.xinitrc @@ -0,0 +1,3 @@ +#!/bin/bash +export DESKTOP_SESSION=plasma +exec startplasma-x11 \ No newline at end of file diff --git a/crystal-cli/efiboot/loader/entries/archiso-x86_64-linux.conf b/crystal-cli/efiboot/loader/entries/archiso-x86_64-linux.conf new file mode 100644 index 0000000..c5abdfc --- /dev/null +++ b/crystal-cli/efiboot/loader/entries/archiso-x86_64-linux.conf @@ -0,0 +1,7 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +title CrystalUX Live (x86_64, UEFI) +linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux +initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img +options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% diff --git a/crystal-cli/efiboot/loader/loader.conf b/crystal-cli/efiboot/loader/loader.conf new file mode 100644 index 0000000..1ea5ce5 --- /dev/null +++ b/crystal-cli/efiboot/loader/loader.conf @@ -0,0 +1,5 @@ +# +# SPDX-License-Identifier: GPL-3.0-or-later + +timeout 3 +default archiso-x86_64-linux.conf diff --git a/crystal-cli/packages.gone b/crystal-cli/packages.gone new file mode 100644 index 0000000..3918ac8 --- /dev/null +++ b/crystal-cli/packages.gone @@ -0,0 +1,33 @@ +plasma +ark +gnome-calendar +cheese +evince +noto-fonts-emoji +nautilus +firefox +gambas3 +gpodder +gwenview +kate +kcalc +kmail +knotes +konsole +ktnef +kvantum-qt5 +gnome-maps +gnome-software +gnome-software-packagekit-plugin +archlinux-appstream-data +rhythmbox +spectacle +vlc +gnome-todo +epiphany +latte-dock +dolphin +tk +qtmares +kde-skel +kde-theme \ No newline at end of file diff --git a/crystal-cli/packages.x86_64 b/crystal-cli/packages.x86_64 new file mode 100644 index 0000000..ea076a3 --- /dev/null +++ b/crystal-cli/packages.x86_64 @@ -0,0 +1,18 @@ +xorg +xorg-xinit +arch-install-scripts +reflector +pacman-contrib +nano +doas +linux-firmware +tree +base +cloud-init +linux +mkinitcpio +mkinitcpio-archiso +openssh +syslinux + +crystal-misc \ No newline at end of file diff --git a/crystal-cli/pacman.conf b/crystal-cli/pacman.conf new file mode 100644 index 0000000..ae291d4 --- /dev/null +++ b/crystal-cli/pacman.conf @@ -0,0 +1,111 @@ +# +# /etc/pacman.conf +# +# See the pacman.conf(5) manpage for option and repository directives +# +# SPDX-License-Identifier: GPL-3.0-or-later + +# +# GENERAL OPTIONS +# +[options] +# The following paths are commented out with their default values listed. +# If you wish to use different paths, uncomment and update the paths. +#RootDir = / +#DBPath = /var/lib/pacman/ +#CacheDir = /var/cache/pacman/pkg/ +#LogFile = /var/log/pacman.log +#GPGDir = /etc/pacman.d/gnupg/ +#HookDir = /etc/pacman.d/hooks/ +HoldPkg = pacman glibc +#XferCommand = /usr/bin/curl -L -C - -f -o %o %u +#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u +#CleanMethod = KeepInstalled +Architecture = auto + +# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup +#IgnorePkg = +#IgnoreGroup = + +#NoUpgrade = +#NoExtract = + +# Misc options +#UseSyslog +Color +TotalDownload +ILoveCandy +# We cannot check disk space from within a chroot environment +#CheckSpace +#VerbosePkgLists + +# By default, pacman accepts packages signed by keys that its local keyring +# trusts (see pacman-key and its man page), as well as unsigned packages. +SigLevel = Never +LocalFileSigLevel = Never +RemoteFileSigLevel = Never + +# NOTE: You must run `pacman-key --init` before first using pacman; the local +# keyring can then be populated with the keys of all official Arch Linux +# packagers with `pacman-key --populate archlinux`. + +# +# REPOSITORIES +# - can be defined here or included from another file +# - pacman will search repositories in the order defined here +# - local/custom mirrors can be added here or in separate files +# - repositories listed first will take precedence when packages +# have identical names, regardless of version number +# - URLs will have $repo replaced by the name of the current repo +# - URLs will have $arch replaced by the name of the architecture +# +# Repository entries are of the format: +# [repo-name] +# Server = ServerName +# Include = IncludePath +# +# The header [repo-name] is crucial - it must be present and +# uncommented to enable the repo. +# + +# The testing repositories are disabled by default. To enable, uncomment the +# repo name header and Include lines. You can add preferred servers immediately +# after the header, and they will be used before the default mirrors. + +#[testing] +#Include = /etc/pacman.d/mirrorlist + +[crystal] +Server = https://repo.xhec.us/crystal +SigLevel = Never + +[core] +Include = /etc/pacman.d/mirrorlist + +[extra] +Include = /etc/pacman.d/mirrorlist + +#[community-testing] +#Include = /etc/pacman.d/mirrorlist + +[community] +Include = /etc/pacman.d/mirrorlist + +[aur] +Server = https://repo.xhec.us/aur +SigLevel = Never + +# If you want to run 32 bit applications on your x86_64 system, +# enable the multilib repositories as required here. + +#[multilib-testing] +#Include = /etc/pacman.d/mirrorlist + +#[multilib] +#Include = /etc/pacman.d/mirrorlist + +# An example of a custom package repository. See the pacman manpage for +# tips on creating your own repositories. +#[custom] +#SigLevel = Optional TrustAll +#Server = file:///home/custompkgs diff --git a/crystal-cli/profiledef.sh b/crystal-cli/profiledef.sh new file mode 100644 index 0000000..4f3a07c --- /dev/null +++ b/crystal-cli/profiledef.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash +# shellcheck disable=SC2034 + +iso_name="crystal-cli-live" +iso_label="CRYS_CLI_$(date +%Y%m)" +iso_publisher="CrystalUX