#!/bin/bash CERT= #Private Key PRIKEY= #User ID USRID= #Upload bucket BUCKET= #Access ID ACCESSID= #Secrect SECRET= if [[ `uname -m` == i686 ]]; then ARCH=i686 EC2_ARCH=i386 else ARCH=x86_64 EC2_ARCH=x86_64 fi ROOT=arch_$ARCH PACKS="tzdata glibc attr acl ncurses readline bash zlib binutils bzip2 gcc-libs \ db cracklib pam shadow gmp libcap coreutils cpio libgpg-error findutils \ gzip texinfo libgcrypt popt util-linux-ng e2fsprogs dash expat filesystem \ dcron dhcpcd dialog diffutils file gawk gdbm gettext pcre grep libarchive \ sed glib2 udev net-tools sysvinit initscripts iputils less xz-utils openssl \ libfetch licenses logrotate mailx mlocate nano pacman-mirrorlist \ pacman sysfsutils procinfo procps psmisc eventlog syslog-ng tar vi wget \ which openssh curl module-init-tools sudo ca-certificates bash-completion screen \ devtools" cat < pacman.conf [options] HoldPkg = pacman glibc SyncFirst = pacman [core] Server = ftp://mirror.cs.vt.edu/pub/ArchLinux/\$repo/os/$ARCH Server = http://mirrors.easynews.com/linux/archlinux/\$repo/os/$ARCH Server = http://schlunix.org/archlinux/\$repo/os/$ARCH Server = ftp://ftp.archlinux.org/\$repo/os/$ARCH Include = /etc/pacman.d/mirrorlist [extra] Server = ftp://mirror.cs.vt.edu/pub/ArchLinux/\$repo/os/$ARCH Server = http://mirrors.easynews.com/linux/archlinux/\$repo/os/$ARCH Server = http://schlunix.org/archlinux/\$repo/os/$ARCH Server = ftp://ftp.archlinux.org/\$repo/os/$ARCH Include = /etc/pacman.d/mirrorlist [community] Server = ftp://mirror.cs.vt.edu/pub/ArchLinux/\$repo/os/$ARCH Server = http://mirrors.easynews.com/linux/archlinux/\$repo/os/$ARCH Server = http://schlunix.org/archlinux/\$repo/os/$ARCH Server = ftp://ftp.archlinux.org/\$repo/os/$ARCH Include = /etc/pacman.d/mirrorlist EOF LC_ALL=C mkarchroot -C pacman.conf $ROOT $PACKS chmod 666 $ROOT/dev/null mknod -m 666 $ROOT/dev/random c 1 8 mknod -m 666 $ROOT/dev/urandom c 1 9 mkdir -m 755 $ROOT/dev/pts mkdir -m 1777 $ROOT/dev/shm cat <$ROOT/etc/rc.conf # # /etc/rc.conf - Main Configuration for Arch Linux # LOCALE="en_US.UTF-8" HARDWARECLOCK="localtime" USEDIRECTISA="no" TIMEZONE="UTC" KEYMAP="us" USECOLOR="yes" MOD_AUTOLOAD="yes" MODULES=(!ipv6) USELVM="no" HOSTNAME="myhost" eth0="dhcp" INTERFACES=(eth0) ROUTES=() DAEMONS=(syslog-ng network crond sshd) EOF cat <$ROOT/etc/hosts.deny # # /etc/hosts.deny # # End of file EOF cat <>$ROOT/etc/rc.local if [ -f /root/firstboot ]; then mkdir /root/.ssh curl --retry 3 --retry-delay 5 --silent --fail -o /root/.ssh/authorized_keys http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key if curl --retry 3 --retry-delay 5 --silent --fail -o /root/user-data http://169.254.169.254/1.0/user-data; then bash /root/user-data fi rm -f /root/user-data /root/firstboot fi EOF cat <$ROOT/etc/inittab # # /etc/inittab # id:3:initdefault: rc::sysinit:/etc/rc.sysinit rs:S1:wait:/etc/rc.single rm:2345:wait:/etc/rc.multi rh:06:wait:/etc/rc.shutdown su:S:wait:/sbin/sulogin -p ca::ctrlaltdel:/sbin/shutdown -t3 -r now # End of file EOF sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' $ROOT/etc/ssh/sshd_config sed -i 's/#UseDNS yes/UseDNS no/' $ROOT/etc/ssh/sshd_config touch $ROOT/root/firstboot cat <<-EOF>$ROOT/etc/fstab /dev/sda1 / ext3 defaults 1 1 /dev/sda2 /mnt ext3 defaults 0 0 /dev/sda3 swap swap defaults 0 0 none /proc proc defaults 0 0 none /sys sysfs defaults 0 0 none /dev/pts devpts gid=5,mode=620 0 0 none /dev/shm tmpfs defaults 0 0 EOF cat <>$ROOT/etc/skel/.bashrc if [ "\$USER" == "root" ];then PS1='\[\e[0;31m\]\u\[\e[m\] \[\e[1;34m\]\w\[\e[m\] \[\e[0;31m\]\\\$\[\e[m\] ' else PS1='\[\e[0;32m\]\u\[\e[m\] \[\e[1;34m\]\w\[\e[m\] \[\e[1;32m\]\\\$\[\e[m\] ' fi export GREP_COLOR="1;33" alias grep='grep --color=auto' eval \`dircolors -b\` EOF cp $ROOT/etc/skel/.bash* $ROOT/root cp $ROOT/etc/skel/.screenrc $ROOT/root cd $ROOT/lib curl -s http://static.iphash.net/ec2/$EC2_ARCH/2.6.27-23-xen.cpio.lzma|lzma -d |cpio -idm cd ../.. SURF=$(date +%G%m%d) if [[ "$ARCH" == "i686" ]]; then ec2-bundle-vol -c $CERT -k $PRIKEY -u $USRID -r i386 --kernel aki-21f01148 --ramdisk ari-3bf01152 -s 10240 -v arch_i686 --no-inherit -p archlinux-i686-$SURF ec2-upload-bundle -b $BUCKET -a $ACCESSID -s $SECRET -m /tmp/archlinux-i686-$SURF.manifest.xml else ec2-bundle-vol -c $CERT -k $PRIKEY -u $USRID -r x86_64 --kernel aki-4f4daa26 --ramdisk ari-6b5bbc02 -s 10240 -v arch_x86_64 --no-inherit -p archlinux-x86_64-$SURF ec2-upload-bundle -b $BUCKET -a $ACCESSID -s $SECRET -m /tmp/archlinux-x86_64-$SURF.manifest.xml fi