Created
July 16, 2019 07:10
-
-
Save hbokh/afcc51b950a5938d79f53363a838aeff to your computer and use it in GitHub Desktop.
Create a LXC template by using debootstrap.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Source: https://gist.github.com/frieder/9f86ad859b98431c0b67b6458b3577b7 | |
| # | |
| # This snippet shows how to create a LXC template by using debootstrap. | |
| # This is a response to https://bitbucket.org/flybyte/dab-templates which does the same | |
| # but has the limitation that it will result in a system that uses sysvinit while | |
| # with this approach the system will use systemd. | |
| mkdir -p /srv/debian && cd /srv/debian | |
| echo " ==> Start debootstrap ..." | |
| debootstrap --arch amd64 --variant=minbase jessie /srv/debian/root http://ftp.nl.debian.org/debian | |
| mount -o bind /dev/ /srv/debian/root/dev/ | |
| mount -o bind /dev/pts/ /srv/debian/root/dev/pts/ | |
| mount -t sysfs /sys/ /srv/debian/root/sys/ | |
| mount -t proc /proc/ /srv/debian/root/proc/ | |
| echo " ==> Entering chrooted env ..." | |
| LANG=C.UTF-8 chroot root/ /bin/bash | |
| apt update && apt install openssh-server -y | |
| cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig | |
| cat << EOF > /etc/ssh/sshd_config | |
| Port 22 | |
| #ListenAddress 0.0.0.0 | |
| Protocol 2 | |
| HostKey /etc/ssh/ssh_host_rsa_key | |
| HostKey /etc/ssh/ssh_host_dsa_key | |
| HostKey /etc/ssh/ssh_host_ecdsa_key | |
| UsePrivilegeSeparation yes | |
| KeyRegenerationInterval 3600 | |
| ServerKeyBits 1024 | |
| SyslogFacility AUTH | |
| LogLevel INFO | |
| LoginGraceTime 30 | |
| PermitRootLogin without-password | |
| PasswordAuthentication no | |
| StrictModes yes | |
| RSAAuthentication yes | |
| PubkeyAuthentication yes | |
| IgnoreRhosts yes | |
| RhostsRSAAuthentication no | |
| HostbasedAuthentication no | |
| PermitEmptyPasswords no | |
| ChallengeResponseAuthentication no | |
| X11Forwarding no | |
| X11DisplayOffset 10 | |
| PrintMotd no | |
| PrintLastLog yes | |
| TCPKeepAlive yes | |
| AcceptEnv LANG LC_* | |
| Subsystem sftp /usr/lib/openssh/sftp-server | |
| UsePAM no | |
| ClientAliveInterval 300 | |
| ClientAliveCountMax 0 | |
| MaxAuthTries 2 | |
| #Match Address 10.0.0.0/29 | |
| EOF | |
| mkdir -p /root/.ssh/ | |
| cat << EOF > /root/.ssh/authorized_keys | |
| ssh-ed25519 AAAAC3Nza[ YOUR PUB KEY HERE ]bC9dnABiPn/WF/dbzB8Q | |
| EOF | |
| echo "deb http://repo.saltstack.com/apt/debian/8/amd64/latest jessie main" > /etc/apt/sources.list.d/saltstack.list | |
| apt install wget -y | |
| wget -O - http://repo.saltstack.com/apt/debian/8/amd64/latest/SALTSTACK-GPG-KEY.pub | apt-key add - | |
| apt update && apt install salt-minion -y | |
| echo "Europe/Amsterdam" > /etc/timezone | |
| cp /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime | |
| dpkg-reconfigure -f noninteractive tzdata | |
| apt install locales locales-all ntpdate -y | |
| localedef -i en_US -c -f UTF-8 en_US.UTF-8 | |
| dpkg-reconfigure -f noninteractive locales | |
| echo "alias ..='cd ..'" >> /root/.bashrc | |
| echo "alias ll='ls -la'" >> /root/.bashrc | |
| echo "alias v='ls -altrF --color'" >> /root/.bashrc | |
| apt install inetutils-tools net-tools iputils-ping -y | |
| #apt install dbus | |
| apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* | |
| exit | |
| # ========================================================= | |
| # Almost done! Run these commands to finish: | |
| # umount /srv/debian/root/proc | |
| # umount /srv/debian/root/sys | |
| # umount /srv/debian/root/dev/pts/ | |
| # umount /srv/debian/root/dev/ | |
| # tar -czf debian-8.10-salt.tar.gz -C root/ . | |
| # mv debian-8.10-salt.tar.gz /var/lib/vz/template/cache/ | |
| # ========================================================= |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment