xref: /freebsd/release/tools/oracle.conf (revision d61c75f634cf52fdef9590601d881f85275eee9a) 
1#!/bin/sh
2# Set to a list of packages to install.
3export VM_EXTRA_PACKAGES="
4    comms/py-pyserial
5    converters/base64
6    devel/oci-cli
7    devel/py-babel
8    devel/py-iso8601
9    devel/py-pbr
10    devel/py-six
11    ftp/curl
12    lang/python
13    lang/python3
14    net/cloud-init
15    net/py-eventlet
16    net/py-netaddr
17    net/py-netifaces
18    net/py-oauth
19    net/rsync
20    security/ca_root_nss
21    security/sudo@default
22    sysutils/firstboot-freebsd-update
23    sysutils/firstboot-pkgs
24    sysutils/panicmail
25    textproc/jq
26    "
27
28# Should be enough for base image, image can be resized in needed
29export VMSIZE=8g
30
31# Set to a list of third-party software to enable in rc.conf(5).
32export VM_RC_LIST="
33    cloudinit
34    firstboot_pkgs
35    firstboot_freebsd_update
36    growfs
37    ntpd
38    ntpd_sync_on_start
39    sshd
40    zfs"
41
42vm_extra_pre_umount() {
43	cat <<-'EOF' >> ${DESTDIR}/etc/rc.conf
44		dumpdev=AUTO
45		sendmail_enable=NONE
46EOF
47
48	cat <<-'EOF' >> ${DESTDIR}/boot/loader.conf
49		autoboot_delay="5"
50		beastie_disable="YES"
51		boot_serial="YES"
52		loader_logo="none"
53		cryptodev_load="YES"
54		opensolaris_load="YES"
55		xz_load="YES"
56		zfs_load="YES"
57EOF
58
59	cat <<-'EOF' >> ${DESTDIR}/etc/ssh/sshd_config
60		# S11 Configure the SSH service to prevent password-based login
61		PermitRootLogin prohibit-password
62		PasswordAuthentication no
63		KbdInteractiveAuthentication no
64		PermitEmptyPasswords no
65		UseDNS no
66EOF
67
68	 # S14 Root user login must be disabled on serial-over-ssh console
69	 pw -R ${DESTDIR} usermod root -w no
70	 # Oracle requirements override the default FreeBSD cloud-init settings
71	 cat <<-'EOF' >> ${DESTDIR}/usr/local/etc/cloud/cloud.cfg.d/98_oracle.cfg
72		disable_root: true
73		system_info:
74		   distro: freebsd
75		   default_user:
76		     name: freebsd
77		     lock_passwd: True
78		     gecos: "Oracle Cloud Default User"
79		     groups: [wheel]
80		     sudo: ["ALL=(ALL) NOPASSWD:ALL"]
81		     shell: /bin/sh
82		   network:
83		      renderers: ['freebsd']
84EOF
85
86	# Use Oracle Cloud Infrastructure NTP server
87	sed -i '' -E -e 's/^pool.*iburst/server 169.254.169.254 iburst/' \
88        ${DESTDIR}/etc/ntp.conf
89
90	return 0
91}
92