Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/release/tools/gce.conf
34677 views
1
#!/bin/sh

2
#

3
#

4


5
# The default of 3GB is too small for GCE, so override the size here.

6
export VMSIZE=20g

7


8
# Set to a list of packages to install.

9
export VM_EXTRA_PACKAGES="${VM_EXTRA_PACKAGES} firstboot-freebsd-update \

10
	firstboot-pkgs google-cloud-sdk panicmail sudo \

11
	sysutils/py-google-compute-engine lang/python \

12
	lang/python3"

13


14
# Set to a list of third-party software to enable in rc.conf(5).

15
export VM_RC_LIST="ntpd sshd growfs \

16
	firstboot_pkgs firstboot_freebsd_update google_startup \

17
	google_accounts_daemon google_clock_skew_daemon \

18
	google_instance_setup google_network_daemon"

19


20
vm_extra_install_base() {

21
	echo 'search google.internal' > ${DESTDIR}/etc/resolv.conf

22
	echo 'nameserver 169.254.169.254' >> ${DESTDIR}/etc/resolv.conf

23
	echo 'nameserver 8.8.8.8' >> ${DESTDIR}/etc/resolv.conf

24
}

25


26
vm_extra_pre_umount() {

27
	local DEVFSISOURS

28


29
	# Enable growfs on every boot, not only the first, as as instance's disk can

30
	# be enlarged post-creation

31
	sed -i -e '/KEYWORD: firstboot/d' /etc/rc.d/growfs

32


33
	cat << EOF >> ${DESTDIR}/etc/rc.conf

34
dumpdev="AUTO"

35
ifconfig_DEFAULT="SYNCDHCP mtu 1460"

36
ntpd_sync_on_start="YES"

37
# need to fill in something here

38
#firstboot_pkgs_list=""

39
panicmail_autosubmit="YES"

40
EOF

41


42
	cat << EOF >> ${DESTDIR}/boot/loader.conf

43
autoboot_delay="-1"

44
beastie_disable="YES"

45
loader_logo="none"

46
hw.memtest.tests="0"

47
console="comconsole,vidconsole"

48
hw.vtnet.mq_disable=1

49
kern.timecounter.hardware=ACPI-safe

50
aesni_load="YES"

51
nvme_load="YES"

52
EOF

53


54
	echo '169.254.169.254 metadata.google.internal metadata' >> \

55
		${DESTDIR}/etc/hosts

56


57
        # overwrite ntp.conf

58
	cat << EOF > ${DESTDIR}/etc/ntp.conf

59
server metadata.google.internal iburst

60


61
restrict default kod nomodify notrap nopeer noquery

62
restrict -6 default kod nomodify notrap nopeer noquery

63


64
restrict 127.0.0.1

65
restrict -6 ::1

66
restrict 127.127.1.0

67
EOF

68


69
	cat << EOF >> ${DESTDIR}/etc/syslog.conf

70
*.err;kern.warning;auth.notice;mail.crit                /dev/console

71
EOF

72


73
	cat << EOF >> ${DESTDIR}/etc/ssh/sshd_config

74
KbdInteractiveAuthentication no

75
X11Forwarding no

76
AcceptEnv LANG

77
AllowAgentForwarding no

78
ClientAliveInterval 420

79
EOF

80


81
	cat << EOF >> ${DESTDIR}/etc/crontab

82
0       3       *       *       *       root    /usr/sbin/freebsd-update cron

83
EOF

84


85
	cat << EOF >> ${DESTDIR}/etc/sysctl.conf

86
net.inet.icmp.drop_redirect=1

87
net.inet.ip.redirect=0

88
kern.ipc.soacceptqueue=1024

89
debug.trace_on_panic=1

90
debug.debugger_on_panic=0

91
EOF

92


93
	# To meet GCE marketplace requirements, extract the src.txz and

94
	# ports.txz distributions to the target virtual machine disk image

95
	# and fetch the sources for the third-party software installed on

96
	# the image.

97
	if [ ! -c "${DESTDIR}/dev/null" ]; then

98
		DEVFSISOURS=1

99
		mkdir -p ${DESTDIR}/dev

100
		mount -t devfs devfs ${DESTDIR}/dev

101
	fi

102
	if [ -e "${DESTDIR}/../ftp/src.txz" ]; then

103
		tar fxJ ${DESTDIR}/../ftp/src.txz -C ${DESTDIR}

104
	fi

105
	if [ -e "${DESTDIR}/../ftp/ports.txz" ]; then

106
		tar fxJ ${DESTDIR}/../ftp/ports.txz -C ${DESTDIR}

107
		_INSTALLED_PACKAGES=$(chroot ${DESTDIR} pkg info -o -q -a)

108
		for PACKAGE in ${_INSTALLED_PACKAGES}; do

109
			chroot ${DESTDIR} \

110
				make -C /usr/ports/${PACKAGE} fetch

111
		done

112
	fi

113
	if [ "$DEVFSISOURS" = "1" ]; then

114
		umount_loop ${DESTDIR}/dev

115
	fi

116


117
	## XXX: Verify this is needed.  I do not see this requirement

118
	## in the docs, and it impairs the ability to boot-test a copy

119
	## of the image prior to packaging for upload to GCE.

120
	#sed -E -i '' 's/^([^#].*[[:space:]])on/\1off/' ${DESTDIR}/etc/ttys

121


122
	touch ${DESTDIR}/firstboot

123


124
	return 0

125
}

126


127
# Do everything except deleting resolv.conf since we construct our own

128
# Googlized resolv.conf file in vm_extra_install_base.

129
vm_emulation_cleanup() {

130
	if [ -n "${QEMUSTATIC}" ]; then

131
		rm -f ${DESTDIR}/${EMULATOR}

132
	fi

133
	umount_loop ${DESTDIR}/dev

134
	return 0

135
}

136


137