From 29150865d1c19fecb7f40b3e54bb73ed0ea4e1c3 Mon Sep 17 00:00:00 2001
From: Jonni Liljamo <jonni@liljamo.com>
Date: Thu, 20 Nov 2025 18:06:23 +0200
Subject: [PATCH] feat: working anemos config

---
 .gitignore                      |  3 ++
 .makeimg.modes                  |  4 +++
 IMGBUILD                        | 63 ++++++++++++++++++++++++++++++++-
 README.md                       | 28 +++++++++++++++
 files/etc/anemos.conf           |  9 +++++
 files/etc/hostname              |  1 +
 files/etc/network/interfaces    |  5 +++
 files/root/.ssh/authorized_keys |  1 +
 justfile                        | 40 ++++++++++++++++++++-
 9 files changed, 152 insertions(+), 2 deletions(-)
 create mode 100644 README.md
 create mode 100644 files/etc/anemos.conf
 create mode 100644 files/etc/hostname
 create mode 100644 files/etc/network/interfaces
 create mode 100644 files/root/.ssh/authorized_keys

diff --git a/.gitignore b/.gitignore
index 9c56e8d..9cce8e0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,5 +7,8 @@
 /anemos-test.img
 /anemos-test.packages
 
+# anemos payload
+/payload.tar.gz
+
 # Alpine Linux keys
 /files/etc/apk/keys/*
diff --git a/.makeimg.modes b/.makeimg.modes
index b5ced61..14d29c9 100644
--- a/.makeimg.modes
+++ b/.makeimg.modes
@@ -1,3 +1,4 @@
+644 files/etc/anemos.conf
 644 files/etc/apk/keys/alpine-devel@lists.alpinelinux.org-4a6a0840.rsa.pub
 644 files/etc/apk/keys/alpine-devel@lists.alpinelinux.org-5243ef4b.rsa.pub
 644 files/etc/apk/keys/alpine-devel@lists.alpinelinux.org-524d27bb.rsa.pub
@@ -17,3 +18,6 @@
 644 files/etc/apk/keys/alpine-devel@lists.alpinelinux.org-616db30d.rsa.pub
 644 files/etc/apk/keys/alpine-devel@lists.alpinelinux.org-66ba20fe.rsa.pub
 644 files/etc/apk/repositories
+644 files/etc/hostname
+644 files/etc/network/interfaces
+644 files/root/.ssh/authorized_keys
diff --git a/IMGBUILD b/IMGBUILD
index 29fabc7..0c4dc85 100644
--- a/IMGBUILD
+++ b/IMGBUILD
@@ -1,7 +1,68 @@
 imgname=anemos-test
 target=alpine
-format="raw 4g msdos ext4"
+#format="raw 4g msdos ext4"
+format="custom"
 
+# Sections
+#  Core system
+#  Provisioning reqs
+#  Anemos reqs
+#  Other
 packages="
   alpine-base
+  linux-virt
+  syslinux
+  e2fsprogs
+
+  lsblk
+
+  zstd
+  curl
+
+  openssh
+"
+
+services="
+  networking:boot
+  sshd
 "
+
+# FIXME: this was copied from ne nameserver example
+# maybe change to fdisk?
+setup() {
+  # Repartition, in case the disk das been reset to a vendor image
+  parted -s -- /dev/vda mklabel msdos \
+    mkpart primary 2048s 256MiB \
+    mkpart primary 256MiB -1s \
+    set 1 boot on
+  partprobe /dev/vda
+  # wait for hotplug events to settle...
+  sleep 1 && mdev -sf
+  uuidr=$(uuidgen)
+  uuidb=$(uuidgen)
+  mkfs.ext2 -q -F -U "$uuidb" /dev/vda1 
+  mkfs.ext4 -q -F -U "$uuidr" /dev/vda2 
+  mount /dev/vda2 "${imgroot}"
+  mkdir "${imgroot}/boot"
+  mount /dev/vda1 "${imgroot}/boot"
+  mkdir "${imgroot}/etc"
+  opts=$(findmnt -no OPTIONS /dev/vda2)
+  printf "UUID=%s\t/\t%s\t%s\t0 1\n" "${uuidr}" "ext4" "${opts}" > "${imgroot}/etc/fstab"
+  # Keep b
+  opts=$(findmnt -no OPTIONS /dev/vda1)
+  printf "UUID=%s\t/boot\t%s\t%s\t0 2\n" "${uuidb}" "ext2" "${opts},noauto" >> "${imgroot}/etc/fstab"
+}
+
+cleanup() {
+  umount "${imgroot}/boot"
+  umount "${imgroot}"
+}
+
+provision() {
+  # Bootloader
+  uuid=$(lsblk -rno UUID /dev/vda2)
+  sed -e "s|^root=|root=/dev/disk/by-uuid/${uuid}|" -i /etc/update-extlinux.conf
+  dd bs=440 count=1 conv=notrunc if=/usr/share/syslinux/mbr.bin of="${BLKDEV}"
+  extlinux --install /boot
+  update-extlinux -v
+}
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..03e0b19
--- /dev/null
+++ b/README.md
@@ -0,0 +1,28 @@
+# anemos test
+
+## Installation on Proxmox VM
+1. Create VM with Alpine ISO (Standard)
+    1. login as root
+    2. setup-alpine
+        1. default till root pwd
+            1. set to something
+        2. defaults till root ssh key
+            1. https://meta.sr.ht/~liljamo.keys
+        3. disk setup
+            1. vda
+            2. sys
+            3. y
+    3. reboot
+    4. login as root
+    5. deps
+        1. enable community repo
+        2. apk update
+        3. apk add zstd curl
+2. just init
+3. add some program to makeimg
+4. just deploy
+5. see the new program installed, yay
+
+## Docs for stuff
+### anemos_init.conf
+https://git.sr.ht/~bitfehler/anemos-cli/tree/master/item/anemos.conf
diff --git a/files/etc/anemos.conf b/files/etc/anemos.conf
new file mode 100644
index 0000000..3a4a0c8
--- /dev/null
+++ b/files/etc/anemos.conf
@@ -0,0 +1,9 @@
+ANEMOS_INITRAMFS_URL="https://anemos.io/initramfs/3.22/initramfs-anemos"
+ANEMOS_KERNEL_URL="https://anemos.io/initramfs/3.22/vmlinuz-anemos"
+
+ANEMOS_PAYLOAD_URL="file:///root/payload.tar.gz"
+
+ANEMOS_EXEC="destructive"
+ANEMOS_OVERWRITE_KERNEL="/boot/$(cat /proc/cmdline | tr ' ' '\n' | grep BOOT_IMAGE= | cut -c 12-)"
+ANEMOS_OVERWRITE_INITRAMFS="/boot/$(echo "${ANEMOS_OVERWRITE_KERNEL}" | sed -e s/vmlinuz/initramfs/)"
+ANEMOS_OVERWRITE_BACKUP_EXT="yes"
diff --git a/files/etc/hostname b/files/etc/hostname
new file mode 100644
index 0000000..bab54c4
--- /dev/null
+++ b/files/etc/hostname
@@ -0,0 +1 @@
+anemostest
diff --git a/files/etc/network/interfaces b/files/etc/network/interfaces
new file mode 100644
index 0000000..104c1a1
--- /dev/null
+++ b/files/etc/network/interfaces
@@ -0,0 +1,5 @@
+auto lo
+iface lo inet loopback
+
+auto eth0
+iface eth0 inet dhcp
diff --git a/files/root/.ssh/authorized_keys b/files/root/.ssh/authorized_keys
new file mode 100644
index 0000000..7c9144e
--- /dev/null
+++ b/files/root/.ssh/authorized_keys
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGAlif3ABIk0YSx++A+sEeRYPNMMZWLcDuoTKhmcCL6K jonni@liljamo.com
diff --git a/justfile b/justfile
index 882e8c2..e8dd893 100644
--- a/justfile
+++ b/justfile
@@ -1,6 +1,11 @@
+payload := "payload.tar.gz"
+host := "10.1.31.245"
+ssh_opts := "-i ~/.ssh/id_ed25519_jl"
+
 _default:
     just --list
 
+# Download alpine linux keys
 alpine-keys:
     #!/usr/bin/env sh
     mkdir -p files/etc/apk/keys
@@ -33,5 +38,38 @@ alpine-keys:
       curl -O "https://git.alpinelinux.org/aports/plain/main/alpine-keys/${key}"
     done
 
-build:
+# Test the IMGBUILD
+test:
     sudo makeimg
+    rm ./anemos-test.img
+    rm ./anemos-test.packages
+
+# Check host reachability via ping
+check-host:
+    #!/usr/bin/env sh
+    ping -w 1 -c 1 {{host}}
+    if [ $? -ne 0 ]; then
+      echo "Host is not reachable"
+      exit 1
+    fi
+
+# Tar the anemos payload
+payload:
+    tar czf {{payload}} IMGBUILD files
+
+# Initialize with anemos on a new host
+init: check-host payload
+    scp {{ssh_opts}} {{payload}} files/etc/anemos.conf root@{{host}}:
+    ssh {{ssh_opts}} root@{{host}} wget https://git.sr.ht/~bitfehler/anemos-cli/blob/master/anemos
+    ssh {{ssh_opts}} root@{{host}} chmod +x anemos
+    ssh {{ssh_opts}} root@{{host}} ./anemos -c anemos.conf
+    rm {{payload}}
+
+# Deploy with anemos on an existing host
+deploy: check-host payload
+    scp {{ssh_opts}} {{payload}} root@{{host}}:
+    ssh {{ssh_opts}} root@{{host}} wget https://git.sr.ht/~bitfehler/anemos-cli/blob/master/anemos
+    ssh {{ssh_opts}} root@{{host}} chmod +x anemos
+    ssh {{ssh_opts}} root@{{host}} mount /boot
+    ssh {{ssh_opts}} root@{{host}} ./anemos
+    rm {{payload}}
-- 
2.44.1