M .gitignore => .gitignore +4 -0
@@ 1,1 1,5 @@
/.direnv/
+
+/common/etc/apk/keys/
+
+*.img
A README.md => README.md +8 -0
@@ 0,0 1,8 @@
+# src.quest anemos infra
+
+## Common files
+`./common/` contains files that are common to all hosts, they can be copied to
+host directories with `just merge-with-common` and can be removed with
+`just remove-common`.
+
+These steps are done automatically during build steps.
A common/etc/apk/repositories => common/etc/apk/repositories +2 -0
@@ 0,0 1,2 @@
+https://dl-cdn.alpinelinux.org/alpine/v3.22/main
+https://dl-cdn.alpinelinux.org/alpine/v3.22/community
A common/etc/ssh/sshd_config.makeimg.patch => common/etc/ssh/sshd_config.makeimg.patch +11 -0
@@ 0,0 1,11 @@
+--- sshd_config
++++ sshd_config
+@@ -58,7 +58,7 @@
+ #IgnoreRhosts yes
+
+ # To disable tunneled clear text passwords, change to "no" here!
+-#PasswordAuthentication yes
++PasswordAuthentication no
+ #PermitEmptyPasswords no
+
+ # Change to "no" to disable keyboard-interactive authentication. Depending on
A common/root/.ssh/authorized_keys => common/root/.ssh/authorized_keys +1 -0
@@ 0,0 1,1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGAlif3ABIk0YSx++A+sEeRYPNMMZWLcDuoTKhmcCL6K jonni@liljamo.com
M justfile => justfile +53 -4
@@ 9,6 9,24 @@ host-dir-exists host:
exit 1
fi
+# Remove common files from host
+remove-common host: (host-dir-exists host)
+ #!/usr/bin/env sh
+ prefix="./common/"
+ for file in $(find ./common/ -type f); do
+ path=${file#$"$prefix"}
+ rm -f "./{{host}}/files/$path"
+ done
+
+# Merge common files into host directory
+merge-with-common host: (host-dir-exists host)
+ cp --archive --force ./common/. ./{{host}}/files/
+
+# Remove build artifacts
+remove-artifacts host: (host-dir-exists host)
+ rm -f "./{{host}}/{{host}}.img"
+ rm -f "./{{host}}/{{host}}.packages"
+
# Check host reachability via ping
host-reachable host: (host-dir-exists host)
#!/usr/bin/env sh
@@ 19,12 37,43 @@ host-reachable host: (host-dir-exists host)
fi
# Test the IMGBUILD by building an image
-test host: (host-dir-exists host)
+test host: (host-dir-exists host) (merge-with-common host) && (remove-common host) (remove-artifacts host)
#!/usr/bin/env sh
cd ./{{host}}
sudo makeimg --format "raw 4g msdos ext4"
get-anemos host: (host-reachable host)
- #!/usr/bin/env/sh
- address=$(cat ./{{host}}/ADDRESS)
- ssh root@$address wget https://git.sr.ht/~bitfehler/anemos-cli/blob/master/anemos
+ ssh root@$(cat ./{{host}}/ADDRESS) wget https://git.sr.ht/~bitfehler/anemos-cli/blob/master/anemos
+
+# Download alpine linux keys
+alpine-keys:
+ #!/usr/bin/env sh
+ mkdir -p common/etc/apk/keys
+ cd common/etc/apk/keys
+
+ # Copy the names unser APKBUILD from here:
+ # https://git.alpinelinux.org/aports/plain/main/alpine-keys
+ keys="
+ alpine-devel@lists.alpinelinux.org-4a6a0840.rsa.pub
+ alpine-devel@lists.alpinelinux.org-5243ef4b.rsa.pub
+ alpine-devel@lists.alpinelinux.org-524d27bb.rsa.pub
+ alpine-devel@lists.alpinelinux.org-5261cecb.rsa.pub
+ alpine-devel@lists.alpinelinux.org-58199dcc.rsa.pub
+ alpine-devel@lists.alpinelinux.org-58cbb476.rsa.pub
+ alpine-devel@lists.alpinelinux.org-58e4f17d.rsa.pub
+ alpine-devel@lists.alpinelinux.org-5e69ca50.rsa.pub
+ alpine-devel@lists.alpinelinux.org-60ac2099.rsa.pub
+ alpine-devel@lists.alpinelinux.org-6165ee59.rsa.pub
+ alpine-devel@lists.alpinelinux.org-61666e3f.rsa.pub
+ alpine-devel@lists.alpinelinux.org-616a9724.rsa.pub
+ alpine-devel@lists.alpinelinux.org-616abc23.rsa.pub
+ alpine-devel@lists.alpinelinux.org-616ac3bc.rsa.pub
+ alpine-devel@lists.alpinelinux.org-616adfeb.rsa.pub
+ alpine-devel@lists.alpinelinux.org-616ae350.rsa.pub
+ alpine-devel@lists.alpinelinux.org-616db30d.rsa.pub
+ alpine-devel@lists.alpinelinux.org-66ba20fe.rsa.pub
+ "
+
+ for key in $keys; do
+ curl -O "https://git.alpinelinux.org/aports/plain/main/alpine-keys/${key}"
+ done
A sqmeta/keys => sqmeta/keys +1 -0
@@ 0,0 1,1 @@
+files/etc/apk/keys<
\ No newline at end of file
A sqmeta/repositories => sqmeta/repositories +1 -0
@@ 0,0 1,1 @@
+files/etc/apk/repositories<
\ No newline at end of file