-
Notifications
You must be signed in to change notification settings - Fork 6
/
Makefile.global
75 lines (61 loc) · 4.77 KB
/
Makefile.global
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
# SSH Public Key for root. This can be commented out if not required.
# Multiple entries can be provided. Proxmox will prompt for root password
# or SSH key at template deployment, this setting allows you enter a root
# password in Proxmox (which may not be usable if root password SSH is disabled)
# and then use the private keys which correspond to these keys to log in and
# do all of the initial setup
SSH_KEY +="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDSB/+K9KSd4uu7Fvyd37ko3lNE7/UfI3yq4qR12F7aM0ResGoueFXf8R3EHt1hofMXqkSsO6T+LajFTmvV8Y/w1l8JE8RmbIjxBhvgAXyecylLTol5toZZirPcvX+W/vpWSG12atO++/xHME/N2gzRusBdLRuI7/zp7MkxuqJR04JxLd0vXHJavRb+MvbTkN36YcUEGaQyQS7Xxn/jK2As/XNtcZeuTz03bxIcAWU5KrITCgQPfJeCh+fEONFMoi8YdbIZ69DysSlul4SX3zPSNw9X+omIggvMLWcE2BXA+wj29RpFuCT9ujcC6aGHgRU2U/qfyV8cCSoHribQ2pO5hykkPCDo9Qoyu1SkUlVxgbg3sZEPdD2iCztW2PwOoTorjTY3slT8wWpocIKbnvA189bpfFSSQqgobtGMdQjHPWlf+xN5tN9hRMC+ELw7KoW5kEh8x0WQHsdZ8vVpWHhdqK9sfTkC92bXVCzXnluIpwu5UT2QZU3fT8G4g9hT7ASQFMohyk8meU+bXhBzWdVMKkx9pCFH3NipYjX6cPviSLqH7paXBSdrUfyN9FoOmn04mkYeyiBRF/IJZlYJDeW1oYKBoaUzqj6UCAPhbXPS9rAwd4XL5iE4ZX1VtHoLwYG4mgWhe7+KKlPwhRaty1Ltg8J7GIRyIDUpbMjW4V5nAQ== [email protected]\n"
SSH_KEY +="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDqvpOmtZTt5vGjKEbE+xF9RpjnhHa6cDwT9KyIDwpomhXZ0AReEVUMpCdij2MOSDoN4SfQniV75eSIXHMl8j2gLdz7hKqtNmqGmn30r7Nv3KJ2bAyOqgQo/nKklJKfqP9BMIbHdnf5Jz2sS3q76yMMeI33xj1w2iw/us1B85TZOOR+vSKyjopywOh3itzUTcTR/7jR3nIfMQKDpQY8nSlF6WMFnfAXVizTTdtpeudTtHVM0KYmmeRYsr8HQwf9QbiTB+LCL5OF7W0CiJAgshuMrlIlstIsDKZdqYOkWRVT5VP7bb9vj/Y+JEGRTnfq5eRFr2QwN9cXlbpES3ThJrpzs3du7BD1vmpiJleuR2efw0sDtW1a5hrBxJJkyL5hMMFloZwrCtwYtHXAggtrkByfotFv3Jrkq+b8u4wjEd+v+PpL3lRYDiPar/lEydheHSTOefhx7ASVl85U/AkYvlidyFy/vJJY/VWfTzwmip9Y3Ks9GEq+hKCmtpEQJoeDnAP63bcxDBiLN5N3I9ry6xi8VG+NdA9/1/uqC734aK4YNA+l+Zhtt81RO3lVUQJS8pboxDPWsISSZ0Vy5Pa/6bYY6QmvSEv04bzqWIFV5KDOkNHg70mTSy+Lohe6y14C5FTKLIzFhIF+Od6Ev9McNbL9dyIvQpXAs39lkU7h3zmloQ== [email protected]\n"
SSH_KEY +="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7CAJhyapph+OQV3evDflSdHn9zRY+caRj3EqhcTgLQItZgDjYUxwW4zEWKAFuASG0E8Df3caPPkLGOZx0qhy2lBQAufOdejboMwMSoSahP2Mlz8+0zIGS8T/4J5mDhm/hX6l1pMMWZM69iLENwOjrOFI64453CYVBiDF3trEuP9ybc9Yj595+YPcUin8Ak/cYsAkRjP2V5LG3MqisGFyKx5I0IAGFOsRda5r9ogeWGKLbO4qAHx/L2RxiCX9gCiFquaqzwCbE3XEOe0tY4eD6K6CpfgAd1MKivDm3yqGKcUZ5vq8xrnnIENx9tE4VloPv0I/y40LzFW03rGUsXlYUrrQyzwj3OautM6pEV5k5bejs9Qe9Znxb15G5+ffRcAowf9TeN5JnZ+pP6htgWqjuIr21gibvzAQweFANV5l8LpnrH/ezwNRgN1gDGDPTJEDa7i++wNIyOVacJoGwMueOlsqc+RQfH7zHXvqz1gRgvUf31gSboFRhmwTawlPCRW4/MAD7A8TlNnpRqAn1hK1/dAn+WSDPvAu9ZxiU0Z2A3ixmnMEOLLcMil/5JhkYcCSFcfO445p455oCB5d473pejm4WZkM0Xg277ArrC2eqVppTCftWjiZNNEE6zEoQwWaWpjZolvX56omG34QSMRx+SmrztZv4rzBJFnwNWv1WRQ== [email protected]\n"
# Add standard packages that you would like by default on all templates
PACKAGES += sudo tcpdump traceroute
# If you would like to use ansible to manage these hosts, you need the following
PACKAGES += aptitude python3
# Set this to 1 to permit root login over SSH.
# This is important if you are using Proxmox without a public SSH key, as
# This is not a very secure configuration and the strong suggestion is to have this disabled by
# your build system as soon after the template is deployed as possible
PERMITROOT=0
# Set your local timezone (comment out for default)
TIMEZONE=Australia/Melbourne
# Rsyslogd RELP log hosts
# If this is set, we will configure rsyslog for RELP and start logging remotely at build time
# This allows us immediate visibility of new containers created via rsyslog
RELP_TARGETS += "192.168.28.10"
# Set this to 1 if you would like colourful ls output and shell prompts by default
COLOUR=1
all:
.PHONY: colour global pkgs rootpw rsyslog sshkey tz
global: colour pkgs rootpw rsyslog sshkey tz
colour:
ifneq ($(strip $(COLOUR)),)
echo "export PS1='\[\033[36m\]\h\[\033[32m\] \w\[\033[00m\]:'" >> $(BASEDIR)/etc/environment
echo "alias ls=\"ls -lh --color\"" >> $(BASEDIR)/etc/environment
endif
pkgs:
ifneq ($(strip $(PACKAGES)),)
dab install $(PACKAGES)
endif
sshkey:
ifneq ($(strip $(SSH_KEY)),)
mkdir -p $(BASEDIR)/root/.ssh
echo $(SSH_KEY) >> $(BASEDIR)/root/.ssh/authorized_keys.tmp
cat $(BASEDIR)/root/.ssh/authorized_keys.tmp | sed 's/^ //g' | egrep -v ^$$ > $(BASEDIR)/root/.ssh/authorized_keys
rm -f $(BASEDIR)/root/.ssh/authorized_keys.tmp
endif
rootpw:
ifeq ($(strip $(PERMITROOT)),1)
sed -e 's/^PermitRootLogin without-password/PermitRootLogin yes/' -i ${BASEDIR}/etc/ssh/sshd_config
endif
rsyslog:
ifneq ($(strip $(RELP_TARGETS)),)
dab install rsyslog-relp
echo "module(load=\"omrelp\")" > $(BASEDIR)/etc/rsyslog.d/00-relp.conf
echo "action(type=\"omrelp\" target=\"$(RELP_TARGETS)\" port=\"20514\")" >> $(BASEDIR)/etc/rsyslog.d/00-relp.conf
endif
tz:
ifneq ($(strip $(TIMEZONE)),)
dab exec rm -rf /etc/localtime || exit 0
dab exec ln -s /usr/share/zoneinfo/$(TIMEZONE) /etc/localtime
echo $(TIMEZONE) > $(BASEDIR)/etc/timezone
endif