Created
October 8, 2017 03:54
-
-
Save frieder/9f86ad859b98431c0b67b6458b3577b7 to your computer and use it in GitHub Desktop.
Simple debootstrap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This snippet shows how to create a LXC template by using debootstrap. Done. This is a response to https://bitbucket.org/flybyte/dab-templates which does the same but has the limitation that it will result in a system that uses sysvinit while with this approach the system will use systemd. | |
| === | |
| mkdir -p /opt/debian && cd /opt/debian | |
| --- | |
| debootstrap --arch amd64 --variant=minbase jessie /opt/debian/root http://ftp.ch.debian.org/debian | |
| --- | |
| mount -o bind /dev/ /opt/debian/root/dev/ | |
| --- | |
| mount -o bind /dev/pts/ /opt/debian/root/dev/pts/ | |
| --- | |
| mount -t sysfs /sys/ /opt/debian/root/sys/ | |
| --- | |
| mount -t proc /proc/ /opt/debian/root/proc/ | |
| --- | |
| LANG=C.UTF-8 chroot root/ /bin/bash | |
| --- | |
| apt update && apt install openssh-server -y | |
| --- | |
| cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig | |
| --- | |
| cat << EOF > /etc/ssh/sshd_config | |
| Port 2022 | |
| #ListenAddress 0.0.0.0 | |
| Protocol 2 | |
| HostKey /etc/ssh/ssh_host_rsa_key | |
| HostKey /etc/ssh/ssh_host_dsa_key | |
| HostKey /etc/ssh/ssh_host_ecdsa_key | |
| UsePrivilegeSeparation yes | |
| KeyRegenerationInterval 3600 | |
| ServerKeyBits 1024 | |
| SyslogFacility AUTH | |
| LogLevel INFO | |
| LoginGraceTime 30 | |
| PermitRootLogin no | |
| PasswordAuthentication no | |
| StrictModes yes | |
| RSAAuthentication yes | |
| PubkeyAuthentication yes | |
| IgnoreRhosts yes | |
| RhostsRSAAuthentication no | |
| HostbasedAuthentication no | |
| PermitEmptyPasswords no | |
| ChallengeResponseAuthentication no | |
| X11Forwarding no | |
| X11DisplayOffset 10 | |
| PrintMotd no | |
| PrintLastLog yes | |
| TCPKeepAlive yes | |
| AcceptEnv LANG LC_* | |
| Subsystem sftp /usr/lib/openssh/sftp-server | |
| UsePAM no | |
| ClientAliveInterval 300 | |
| ClientAliveCountMax 0 | |
| MaxAuthTries 2 | |
| Match Address 10.0.0.0/29 | |
| PermitRootLogin without-password | |
| EOF | |
| --- | |
| mkdir -p /root/.ssh/ | |
| --- | |
| cat << EOF > /root/.ssh/authorized_keys | |
| put your ssh pub key in here | |
| EOF | |
| --- | |
| echo "deb http://repo.saltstack.com/apt/debian/8/amd64/latest jessie main" > /etc/apt/sources.list.d/saltstack.list | |
| --- | |
| apt install wget -y | |
| --- | |
| wget -O - http://repo.saltstack.com/apt/debian/8/amd64/latest/SALTSTACK-GPG-KEY.pub | apt-key add - | |
| --- | |
| apt update && apt install salt-minion -y | |
| --- | |
| echo "Europe/Zurich" > /etc/timezone | |
| --- | |
| cp /usr/share/zoneinfo/Europe/Zurich /etc/localtime | |
| --- | |
| dpkg-reconfigure -f noninteractive tzdata | |
| --- | |
| apt install locales locales-all ntpdate -y | |
| --- | |
| localedef -i en_US -c -f UTF-8 en_US.UTF-8 | |
| --- | |
| dpkg-reconfigure -f noninteractive locales | |
| --- | |
| echo "alias ..='cd ..'" >> /root/.bashrc | |
| --- | |
| echo "alias ll='ls -la'" >> /root/.bashrc | |
| --- | |
| apt install inetutils-tools net-tools iputils-ping -y | |
| --- | |
| exit | |
| --- | |
| umount /opt/debian/root/proc | |
| --- | |
| umount /opt/debian/root/sys | |
| --- | |
| umount /opt/debian/root/dev/pts/ | |
| --- | |
| umount /opt/debian/root/dev/ | |
| --- | |
| tar -czf debian-8.5-salt.tar.gz -C root/ . | |
| --- | |
| mv debian-8.5-salt.tar.gz /var/lib/vz/template/cache/ | |
| === | |
| Enjoy. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment