Index: release/Makefile.vm =================================================================== --- release/Makefile.vm +++ release/Makefile.vm @@ -19,6 +19,7 @@ CLOUDWARE?= BASIC-CI \ EC2 \ GCE \ + OCI \ VAGRANT-VIRTUALBOX \ VAGRANT-VMWARE AZURE_FORMAT= vhdf @@ -33,6 +34,9 @@ GCE_FORMAT= raw GCE_DESC= Google Compute Engine image GCE_DISK= disk.${GCE_FORMAT} +OCI_FORMAT= qcow2 +OCI_DESC= Oracle Cloud Infrastructure image +OCI_DISK= disk.${OCI_FORMAT} OPENSTACK_FORMAT=qcow2 OPENSTACK_DESC= OpenStack platform image OPENSTACK_DISK= ${OSRELEASE}.${OPENSTACK_FORMAT} @@ -177,4 +181,6 @@ .include "${.CURDIR}/Makefile.ec2" .include "${.CURDIR}/Makefile.azure" .include "${.CURDIR}/Makefile.gce" +# TODO write one of these when we have figured out upload +# .include "${.CURDIR}/Makefile.oci" .include "${.CURDIR}/Makefile.vagrant" Index: release/release.conf.sample =================================================================== --- release/release.conf.sample +++ release/release.conf.sample @@ -113,4 +113,4 @@ ## If WITH_CLOUDWARE is set to a non-empty value, this is a list of providers ## to create disk images. -#CLOUDWARE="EC2 GCE VAGRANT-VIRTUALBOX VAGRANT-VMWARE" +#CLOUDWARE="EC2 GCE OCI VAGRANT-VIRTUALBOX VAGRANT-VMWARE" Index: release/tools/oci.conf =================================================================== --- /dev/null +++ release/tools/oci.conf @@ -0,0 +1,110 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# # Set to a list of packages to install. +export VM_EXTRA_PACKAGES=" + comms/py-pyserial + devel/py-babel + devel/py-iso8601 + devel/py-oci + devel/py-pbr + devel/py-six + ftp/curl + lang/python + lang/python3 + net/cloud-init + net/py-eventlet + net/py-netaddr + net/py-netifaces + net/py-oauth + net/rsync + panicmail + security/ca_root_nss + security/hpenc + security/sudo + sysutils/fd + sysutils/firstboot-freebsd-update + sysutils/firstboot-pkgs + sysutils/htop + sysutils/panicmail + sysutils/tmux + textproc/base64 + textproc/jq + textproc/ripgrep + www/gurl" + +# Should be enough for base image, image can be resized in needed +export VMSIZE=5g + +# Set to a list of third-party software to enable in rc.conf(5). +# TODO add cloudinit after finishing testing +export VM_RC_LIST=" + firstboot_pkgs + firstboot_freebsd_update + growfs + ntpd + ntpd_sync_on_start + sshd + zfs" + +vm_extra_pre_umount() { + cat << EOF >> ${DESTDIR}/etc/rc.conf +dumpdev=AUTO +ifconfig_DEFAULT=SYNCDHCP +sendmail_enable=NONE +EOF + + cat << EOF >> ${DESTDIR}/boot/loader.conf +autoboot_delay="5" +beastie_disable="YES" +boot_serial="YES" +loader_logo="none" +# ensure disk devices are found by label not partition +# kern.geom.label.disk_ident.enable="0" +# kern.geom.label.gptid.enable="0" +# storage +cryptodev_load="YES" +opensolaris_load="YES" +xz_load="YES" +zfs_load="YES" +EOF + + test -d ${DESTDIR}/root/.ssh || mkdir -p -m 0700 ${DESTDIR}/root/.ssh + cat <> ${DESTDIR}/root/.ssh/authorized_keys +# dch +ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBOK3AqefoNusxGu6Oo89aex0keBn7qAnZxXKsD77b0rp3UKJLKettY60Ox47XhIbt4Y50Xjnc0GRKhEX0jceZYO/CgZ53V/tLS5TmOOU2gZVc/7DSTy+gkQiDT9CNAiiEQ== +ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBItIwUr8zhXOBtFH1B0YmNz2WJcY6w1ysRiTAIkI2CBenMb0f7H2pH1rFAa6ZF6dYS3SuLMng+igZUfkqhV/0Km+zus3lAjc37FFiawtATt+/nRj3hj/AaVz/cK7NnWdlg== +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJZ0cNlRkFRRleUZhFjIZYJ2p7h7wNWvODGBLEzfSfvr +# andrew +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFZD3GCV7Vv+Ogy+NgZxZgbgQfnHIoD7mqbEa4BjrFRR +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH8SBIaIxtEvTfdJm1RQRjLG91TW0t7f0BVxeqMiYYxI +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKElSNTwRQjcZG6veImHlI7io/IH5QGZhTR6dfWZfoX9 +# emaste +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICGOgpvb8NWeoqxtWP8SBPJTb0IkiH5eutpP2WasoK7V +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP0zkyBn0F2FDeDOAHdnwKO5D7yMg2Mp5dyvDhyK1f/1 +# thj +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyeYJ+OS/EkekERA6bwaFKHSm6QYCMextSN5judp2qYbAx4OPkB+JHwgofjOVpcE8eRfWVfBMGE+ATwrFiPOHA0Y7faqqOozjVxq0spk4KaNQFV0Ew4R0zKW/zajxUdRNTFcrYy6KrHhJjoUEIUHFXZU2lguyGKL4q/FI0QozTv8l3qzI5SabhHQBSy6jdVyC/tsNsMCo3+GeVOmYUJ5y15OEwTNYDdQyniW42vx90x2KgZr7O80pruhYKbR3YgTY2apjt9qGyF5YVrX/SlwgKJd8D8vPkG4ro9/MHw2ua+Kp14PZ3pQQJRceOZsm0jDqbGGdoOgujEtZ+pJyGm0gAsobeFJtLXa+/9m4YWITm3qMb34ejL0MmBUI9UGynp98rpD7/uqh5Bp1QLMTmQEdp/5GpvijXiyloMCHRMcx3OlHH9rgAIqRp8Ed5xv/NphgKd1ZZVygQ0igyWXEELXkh2GB1iAjJSjhl4GGmrNhGHkgMIpOdZqf9G//BXW3vPpk= freefall +# markj +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJgzKgR6PAeKlmQU2A5Qwon0jHROUOj/EjoVRub+HftR mark@raichu +# khng +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9wL3/NtHRYdYR8kIex1C6SN/FObFKo/4+KyRcHkMVcoKus0t2zFmPDKf4Aj33eqdGcJriwF2CUAgeMiEqLms92pMXrfrHNy0+oF711SEhpzCGJukeAww3ygsjPg6XUJZDI36xCnCfRPnrdD5Zo7McJSVwiIPDjLwpB+X224Y+hYgyZL4nqaw+FfI4JsYe3x9VrrN+uSHcEPVoh1FBukxR2cE9UCJUqmdFWXAPh64nSEzPjLIbNyn1bULXoo+EFeuNaHzMa2Jik99UGp4CO07qGgrurkex83yw+4ENvFV7hYCTijNUK/PkjielDisg8ZkSQSJWnrQ7bRW4pzN43qan khng-yk0 +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEpP0amw3lE12BguxzX5/4a5SWGfohsnpf6jS7Jd5/CtrPKeuFxLj/lTxEjhFQTlzujTuT8AI66/Pn4hInUHK7uTouFSIXTJYunMOww2He676K6zEg4vfCS3HoA4FnjdURDYfrrEq+ZYp0qvPr9r2mBqLEef4xdqCpY36pQ5h4m39Mn+HKOILLPEWXWAbItCQmUnjAWLrdCSfOjJbiGIjDPy1BIKq92kiRsZ9sXpVsOuYf9oe0oiMrG9aA6B+BfGoo6PSq/mZ4KlJNDYbF46G0dRRor2lJC+vDHTAoGc9ySnasuaY9lKbcErP+1hPExW35WvbyyB1zUa8mDs+nVpYh khng-yk1 +EOF + chown -R root:wheel ${DESTDIR}/root/.ssh + chmod 0600 ${DESTDIR}/root/.ssh/authorized_keys + + cat <> ${DESTDIR}/etc/ssh/sshd_config +PermitRootLogin prohibit-password +PasswordAuthentication no +KbdInteractiveAuthentication no +PermitEmptyPasswords no +UsePAM no +UseDNS no +EOF + + touch ${DESTDIR}/firstboot + + return 0 +}