xref: /freebsd/release/tools/oracle.conf (revision 24e4dcf4ba5e9dedcf89efd358ea3e1fe5867020) 
1#!/bin/sh
2# Set to a list of packages to install.
3export VM_EXTRA_PACKAGES="
4    comms/py-pyserial
5    converters/base64
6    devel/oci-cli
7    devel/py-babel
8    devel/py-iso8601
9    devel/py-pbr
10    devel/py-six
11    ftp/curl
12    lang/python
13    lang/python3
14    net/cloud-init
15    net/py-eventlet
16    net/py-netaddr
17    net/py-netifaces
18    net/py-oauth
19    net/rsync
20    security/ca_root_nss
21    security/sudo@default
22    sysutils/firstboot-freebsd-update
23    sysutils/firstboot-pkgs
24    sysutils/panicmail
25    textproc/jq
26    "
27
28# Should be enough for base image, image can be resized in needed
29export VMSIZE=8g
30
31# Set to a list of third-party software to enable in rc.conf(5).
32export VM_RC_LIST="
33    cloudinit
34    firstboot_pkgs
35    firstboot_freebsd_update
36    growfs
37    ntpd
38    ntpd_sync_on_start
39    sshd
40    zfs"
41
42vm_extra_pre_umount() {
43	cat <<-'EOF' >> ${DESTDIR}/etc/rc.conf
44		dumpdev=AUTO
45		sendmail_enable=NONE
46EOF
47
48	cat <<-'EOF' >> ${DESTDIR}/boot/loader.conf
49		autoboot_delay="5"
50		beastie_disable="YES"
51		boot_serial="YES"
52		loader_logo="none"
53		cryptodev_load="YES"
54		opensolaris_load="YES"
55		xz_load="YES"
56		zfs_load="YES"
57EOF
58	metalog_add_data ./boot/loader.conf
59
60	cat <<-'EOF' >> ${DESTDIR}/etc/ssh/sshd_config
61		# S11 Configure the SSH service to prevent password-based login
62		PermitRootLogin prohibit-password
63		PasswordAuthentication no
64		KbdInteractiveAuthentication no
65		PermitEmptyPasswords no
66		UseDNS no
67EOF
68
69	 # S14 Root user login must be disabled on serial-over-ssh console
70	 pw -R ${DESTDIR} usermod root -w no
71	 # Oracle requirements override the default FreeBSD cloud-init settings
72	 cat <<-'EOF' >> ${DESTDIR}/usr/local/etc/cloud/cloud.cfg.d/98_oracle.cfg
73		disable_root: true
74		system_info:
75		   distro: freebsd
76		   default_user:
77		     name: freebsd
78		     lock_passwd: True
79		     gecos: "Oracle Cloud Default User"
80		     groups: [wheel]
81		     sudo: ["ALL=(ALL) NOPASSWD:ALL"]
82		     shell: /bin/sh
83		   network:
84		      renderers: ['freebsd']
85EOF
86	metalog_add_data ./usr/local/etc/cloud/cloud.cfg.d/98_oracle.cfg
87
88	# Use Oracle Cloud Infrastructure NTP server
89	sed -i '' -E -e 's/^pool.*iburst/server 169.254.169.254 iburst/' \
90            ${DESTDIR}/etc/ntp.conf
91
92	return 0
93}
94