Browse Source

Add Debian 10, improve json validation

master
Teran McKinney 2 years ago
parent
commit
158ad79024
  1. 120
      debian-10.go
  2. 5
      ipxeplease.go
  3. 4
      web.go

120
debian-10.go

@ -0,0 +1,120 @@
package main
import (
"bytes"
"crypto/md5"
"encoding/hex"
"text/template"
"github.com/teran-mckinney/burnpaste"
)
const debian10_ipxescript = `#!ipxe
dhcp
set mirror http://ftp.debian.org/debian/dists/buster/main/installer-amd64/current/images/netboot/debian-installer/amd64
kernel ${mirror}/linux console=ttyS0,115200n8 net.ifnames=0 netcfg/choose_interface=eth0 initrd=initrd.gz auto=true priority=critical hostname=debian-9 auto url={{.PRESEED}} preseed-md5={{.PRESEED_CHECKSUM}}
initrd ${mirror}/initrd.gz
boot`
const debian10_preseed = `d-i debian-installer/locale string en_US
d-i keyboard-configuration/xkb-keymap select us
d-i clock-setup/utc boolean true
d-i time/zone string Etc/UTC
d-i clock-setup/ntp boolean false
# https://superuser.com/a/920957
d-i partman-basicfilesystems/no_swap boolean false
d-i partman-auto/expert_recipe string myroot :: 1000 50 -1 ext4 \
$primary{ } $bootable{ } method{ format } \
format{ } use_filesystem{ } filesystem{ ext4 } \
options/noatime{ noatime } options/nodiratime{ nodiratime } \
mountpoint{ / } \
.
d-i partman-auto/choose_recipe select myroot
d-i partman-auto/method string regular
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-auto/choose_recipe select atomic
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i apt-setup/non-free boolean false
d-i apt-setup/contrib boolean false
d-i passwd/root-password password {{.PASSWORD}}
d-i passwd/root-password-again password {{.PASSWORD}}
d-i passwd/user-fullname string Debian User
d-i passwd/username string debian
d-i passwd/user-password password {{.PASSWORD}}
d-i passwd/user-password-again password {{.PASSWORD}}
d-i user-setup/allow-password-weak boolean true
d-i base-installer/install-recommends boolean false
tasksel tasksel/first multiselect standard
popularity-contest popularity-contest/participate boolean false
d-i debian-installer/add-kernel-opts string net.ifnames=0
d-i grub-installer/only_debian boolean false
d-i grub-installer/with_other_os boolean true
d-i grub-installer/bootdev string default
d-i finish-install/reboot_in_progress note
d-i preseed/late_command string apt-install openssh-server; in-target mkdir /root/.ssh; in-target sh -c "echo '{{.SSHKEY}}' > /root/.ssh/authorized_keys"; in-target systemctl enable serial-getty@ttyS0.service
`
func debian10(sshKey, burnpaste_endpoint string) (response IPXE, err error) {
// burnpaste_endpoint is a running burnpaste instance to store our preseed data.
var return_script bytes.Buffer
var rendered_preseed bytes.Buffer
if err = validateSSHKey(sshKey); err != nil {
return
}
tmpl, err := template.New("").Parse(debian9_preseed)
if err != nil {
return
}
type preseed_args struct {
SSHKEY string
PASSWORD string
}
root_password, err := randomPassword()
if err != nil {
return
}
preseed_arguments := preseed_args{SSHKEY: sshKey, PASSWORD: root_password}
tmpl.Execute(&rendered_preseed, preseed_arguments)
hash := md5.Sum(rendered_preseed.Bytes())
hash_hex := hex.EncodeToString(hash[:])
url, err := burnpaste.Write(burnpaste_endpoint, rendered_preseed.Bytes())
if err != nil {
return
}
tmpl, err = template.New("").Parse(debian9_ipxescript)
if err != nil {
return
}
type args struct {
PRESEED string
PRESEED_CHECKSUM string
}
arguments := args{url, hash_hex}
tmpl.Execute(&return_script, arguments)
response = IPXE{Script: return_script.String(), RootPassword: &root_password}
return
}

5
ipxeplease.go

@ -20,13 +20,16 @@ func ipxe(operating_system, ssh_key, burnpaste_endpoint string) (IPXE, error) {
return coreosStable(ssh_key)
case "debian-9":
return debian9(ssh_key, burnpaste_endpoint)
case "debian-10":
return debian10(ssh_key, burnpaste_endpoint)
default:
return IPXE{}, errors.New(ErrorUnsupportedOS)
}
}
func list() ([]string, error) {
our_list := []string{"coreos-stable", "debian-9"}
// This is ugly, needs to be improved. Too redundant.
our_list := []string{"coreos-stable", "debian-9", "debian-10"}
var err error
return our_list, err
}

4
web.go

@ -50,7 +50,9 @@ func web(port, burnpaste_endpoint string) {
s.Increment("ipxe.hit")
defer s.NewTiming().Send("ipxe")
var request IPXERequest
err := json.NewDecoder(r.Body).Decode(&request)
decoder := json.NewDecoder(r.Body)
decoder.DisallowUnknownFields()
err := decoder.Decode(&request)
if err != nil {
log.Print(err)
http.Error(w, err.Error(), http.StatusBadRequest)

Loading…
Cancel
Save