mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-25 10:01:02 +01:00
42 lines
1.0 KiB
Bash
42 lines
1.0 KiB
Bash
#!/bin/sh
|
|
|
|
# Should be enough for base image, image can be resized in needed
|
|
export VMSIZE=5g
|
|
|
|
# 1M config drive should be enough in most cases
|
|
export CONFIG_DRIVE=YES
|
|
export CONFIG_DRIVE_SIZE=1M
|
|
|
|
# Packages to install into the image we're creating.
|
|
# * firstboot-freebsd-update, to install security updates at first boot.
|
|
export VM_EXTRA_PACKAGES="${VM_EXTRA_PACKAGES} firstboot-freebsd-update"
|
|
|
|
# Set to a list of third-party software to enable in rc.conf(5).
|
|
export VM_RC_LIST="${VM_RC_LIST} firstboot_freebsd_update growfs sshd nuageinit"
|
|
|
|
vm_extra_pre_umount() {
|
|
cat << EOF >> ${DESTDIR}/etc/rc.conf
|
|
dumpdev="AUTO"
|
|
ifconfig_DEFAULT="SYNCDHCP accept_rtadv"
|
|
sshd_enable="YES"
|
|
# RSA host keys are obsolete and also very slow to generate
|
|
sshd_rsa_enable="NO"
|
|
EOF
|
|
|
|
cat << EOF >> ${DESTDIR}/boot/loader.conf
|
|
autoboot_delay="-1"
|
|
beastie_disable="YES"
|
|
loader_logo="none"
|
|
console="comconsole,vidconsole"
|
|
EOF
|
|
|
|
cat << EOF >> ${DESTDIR}/etc/ssh/sshd_config
|
|
PasswordAuthentication yes
|
|
UsePAM no
|
|
EOF
|
|
|
|
touch ${DESTDIR}/firstboot
|
|
|
|
return 0
|
|
}
|