Index: release/Makefile.vm =================================================================== --- release/Makefile.vm +++ release/Makefile.vm @@ -19,6 +19,7 @@ CLOUDWARE?= BASIC-CI \ EC2 \ GCE \ + OCI \ VAGRANT-VIRTUALBOX \ VAGRANT-VMWARE AZURE_FORMAT= vhdf @@ -33,6 +34,9 @@ GCE_FORMAT= raw GCE_DESC= Google Compute Engine image GCE_DISK= disk.${GCE_FORMAT} +OCI_FORMAT= qcow2 +OCI_DESC= Oracle Cloud Infrastructure image +OCI_DISK= disk.${OCI_FORMAT} OPENSTACK_FORMAT=qcow2 OPENSTACK_DESC= OpenStack platform image OPENSTACK_DISK= ${OSRELEASE}.${OPENSTACK_FORMAT} @@ -177,4 +181,6 @@ .include "${.CURDIR}/Makefile.ec2" .include "${.CURDIR}/Makefile.azure" .include "${.CURDIR}/Makefile.gce" +# TODO write one of these when we have figured out upload +# .include "${.CURDIR}/Makefile.oci" .include "${.CURDIR}/Makefile.vagrant" Index: release/tools/oci.conf =================================================================== --- /dev/null +++ release/tools/oci.conf @@ -0,0 +1,99 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# # Set to a list of packages to install. +export VM_EXTRA_PACKAGES="www/gurl sysutils/htop" +# export VM_EXTRA_PACKAGES="net/cloud-init \ +# devel/git \ +# devel/py-pika \ +# devel/uclcmd \ +# editors/neovim \ +# ftp/curl \ +# misc/mbuffer \ +# net-mgmt/iftop \ +# net-mgmt/nstat \ +# net/mosh \ +# net/ngrep \ +# net/rsync \ +# security/ca_root_nss \ +# security/hpenc \ +# security/sudo \ +# security/vault \ +# shells/fish \ +# sysutils/htop \ +# sysutils/fd \ +# sysutils/panicmail \ +# sysutils/tmux \ +# sysutils/ttyd \ +# textproc/jq \ +# textproc/ripgrep \ +# www/gurl \ +# devel/py-pbr devel/py-iso8601 \ +# net/py-eventlet net/py-netaddr comms/py-serial devel/py-six \ +# devel/py-babel net/py-oauth net/py-netifaces" + +# Should be enough for base image, image can be resized in needed +export VMSIZE=5g + +# Set to a list of third-party software to enable in rc.conf(5). +export VM_RC_LIST="zfs cloudinit sshd growfs ntpd ntpd_sync_on_start" + +vm_extra_pre_umount() { + cat << EOF >> ${DESTDIR}/etc/rc.conf +dumpdev=AUTO +ifconfig_DEFAULT=SYNCDHCP +sendmail_enable=NONE +EOF + + cat << EOF >> ${DESTDIR}/boot/loader.conf +autoboot_delay="5" +beastie_disable="YES" +boot_serial="YES" +loader_logo="none" +# ensure disk devices are found by label not partition +# kern.geom.label.disk_ident.enable="0" +# kern.geom.label.gptid.enable="0" +# storage +cryptodev_load="YES" +opensolaris_load="YES" +xz_load="YES" +zfs_load="YES" +EOF + + mkdir ${DESTDIR}/root/.ssh/ + cat <> ${DESTDIR}/root/.ssh/authorized_keys +# dch +ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBOK3AqefoNusxGu6Oo89aex0keBn7qAnZxXKsD77b0rp3UKJLKettY60Ox47XhIbt4Y50Xjnc0GRKhEX0jceZYO/CgZ53V/tLS5TmOOU2gZVc/7DSTy+gkQiDT9CNAiiEQ== +ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBItIwUr8zhXOBtFH1B0YmNz2WJcY6w1ysRiTAIkI2CBenMb0f7H2pH1rFAa6ZF6dYS3SuLMng+igZUfkqhV/0Km+zus3lAjc37FFiawtATt+/nRj3hj/AaVz/cK7NnWdlg== +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJZ0cNlRkFRRleUZhFjIZYJ2p7h7wNWvODGBLEzfSfvr +# andrew +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFZD3GCV7Vv+Ogy+NgZxZgbgQfnHIoD7mqbEa4BjrFRR +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH8SBIaIxtEvTfdJm1RQRjLG91TW0t7f0BVxeqMiYYxI +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKElSNTwRQjcZG6veImHlI7io/IH5QGZhTR6dfWZfoX9 +# emaste +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICGOgpvb8NWeoqxtWP8SBPJTb0IkiH5eutpP2WasoK7V +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP0zkyBn0F2FDeDOAHdnwKO5D7yMg2Mp5dyvDhyK1f/1 +# thj +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyeYJ+OS/EkekERA6bwaFKHSm6QYCMextSN5judp2qYbAx4OPkB+JHwgofjOVpcE8eRfWVfBMGE+ATwrFiPOHA0Y7faqqOozjVxq0spk4KaNQFV0Ew4R0zKW/zajxUdRNTFcrYy6KrHhJjoUEIUHFXZU2lguyGKL4q/FI0QozTv8l3qzI5SabhHQBSy6jdVyC/tsNsMCo3+GeVOmYUJ5y15OEwTNYDdQyniW42vx90x2KgZr7O80pruhYKbR3YgTY2apjt9qGyF5YVrX/SlwgKJd8D8vPkG4ro9/MHw2ua+Kp14PZ3pQQJRceOZsm0jDqbGGdoOgujEtZ+pJyGm0gAsobeFJtLXa+/9m4YWITm3qMb34ejL0MmBUI9UGynp98rpD7/uqh5Bp1QLMTmQEdp/5GpvijXiyloMCHRMcx3OlHH9rgAIqRp8Ed5xv/NphgKd1ZZVygQ0igyWXEELXkh2GB1iAjJSjhl4GGmrNhGHkgMIpOdZqf9G//BXW3vPpk= freefall +# markj +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJgzKgR6PAeKlmQU2A5Qwon0jHROUOj/EjoVRub+HftR mark@raichu +# khng +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9wL3/NtHRYdYR8kIex1C6SN/FObFKo/4+KyRcHkMVcoKus0t2zFmPDKf4Aj33eqdGcJriwF2CUAgeMiEqLms92pMXrfrHNy0+oF711SEhpzCGJukeAww3ygsjPg6XUJZDI36xCnCfRPnrdD5Zo7McJSVwiIPDjLwpB+X224Y+hYgyZL4nqaw+FfI4JsYe3x9VrrN+uSHcEPVoh1FBukxR2cE9UCJUqmdFWXAPh64nSEzPjLIbNyn1bULXoo+EFeuNaHzMa2Jik99UGp4CO07qGgrurkex83yw+4ENvFV7hYCTijNUK/PkjielDisg8ZkSQSJWnrQ7bRW4pzN43qan khng-yk0 +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEpP0amw3lE12BguxzX5/4a5SWGfohsnpf6jS7Jd5/CtrPKeuFxLj/lTxEjhFQTlzujTuT8AI66/Pn4hInUHK7uTouFSIXTJYunMOww2He676K6zEg4vfCS3HoA4FnjdURDYfrrEq+ZYp0qvPr9r2mBqLEef4xdqCpY36pQ5h4m39Mn+HKOILLPEWXWAbItCQmUnjAWLrdCSfOjJbiGIjDPy1BIKq92kiRsZ9sXpVsOuYf9oe0oiMrG9aA6B+BfGoo6PSq/mZ4KlJNDYbF46G0dRRor2lJC+vDHTAoGc9ySnasuaY9lKbcErP+1hPExW35WvbyyB1zUa8mDs+nVpYh khng-yk1 +EOF + + cat <> ${DESTDIR}/etc/ssh/sshd_config +PermitRootLogin prohibit-password +PasswordAuthentication no +KbdInteractiveAuthentication no +PermitEmptyPasswords no +UsePAM no +UseDNS no +EOF + + touch ${DESTDIR}/firstboot + + return 0 +}