additional bash programming to support a json configuration file.

still working on kernel options for proper networking.
2026-01-05 15:05:11 -07:00
parent 46382e3c6d
commit d26067b2fa
28 changed files with 10234 additions and 0 deletions
--- a/config/apply_initial_host_configuration.sh
+++ b/config/apply_initial_host_configuration.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+set -e
+set -x
+echo 'initial configuration'
+# Parse the JSON file
+while IFS="=" read -r key value; do
+  declare "$key=$value"
+done < <(jq -r 'to_entries|map("\(.key)=\(.value|tostring)")|.[]' config.json)
+
+echo "$hostname" > /etc/hostname
+echo "127.0.0.1 $hostname"> /etc/hosts
+
+echo "$timezone" > /etc/timezone
+ln -sf /usr/share/zoneinfo/America/Los_Angeles /etc/localtime
+
+# Set the root password
+echo "root:$root_password" | chpasswd
+
+#set additional profile options.
+jq --compact-output -r '.profile[]' config.json | while read -r line; do
+  echo "$line" >> /etc/profile
+done
+
+echo "export PATH=$PATH:/usr/local/go/bin" >> /etc/profile
+
+#set default shell to bash.
+sed -i 's|^SHELL=.*|SHELL=/bin/bash|' /etc/default/useradd
+
+user_mod() {
+  echo "$1"
+  username=$(echo "$1" | jq -r '.username')
+  password=$(echo "$1" | jq -r '.password')
+
+  # Create user
+  if getent passwd "$username" >/dev/null 2>&1; then
+    echo "User already exists"
+  else
+    useradd -m "$username"
+  fi   
+
+  # Set password
+  echo "$username:$password" | chpasswd
+
+  # Add to sudo group
+  usermod -aG sudo "$username"
+}
+jq --compact-output -r '.users[]' config.json | while read -r line; do
+  user_mod "$line"
+done
+echo "Configuration applied."
--- a/config/build_containerfile
+++ b/config/build_containerfile
@@ -0,0 +1,9 @@
+from ubuntu:latest
+run apt-get update
+run apt-get upgrade -y
+run apt-get install -y bison flex gcc make libncurses-dev git bc build-essential git libncurses5-dev lzop perl libssl-dev bison flex kmod device-tree-compiler dwarves libelf-dev libdwarf-dev libdw-dev python3 gawk zstd
+workdir /linux
+add ./config/container_cmd.sh /
+add ./config/update_kernel_make_config.py /
+run chmod +x /container_cmd.sh
+cmd ["/usr/bin/bash","-c","/container_cmd.sh"]
--- a/config/config.json
+++ b/config/config.json
@@ -0,0 +1,28 @@
+{
+  "hostname": "linuxhost",
+  "timezone": "America/Denver",
+  "root_password": "password",
+  "locale":"en_US.UTF-8",
+  "users": [
+    {
+      "username": "user1",
+      "password": "password1"
+    },
+    {
+      "username": "user2",
+      "password": "password2"
+    }
+  ],
+  "packages": [
+    "htop",
+    "git",
+    "ffmpeg",
+    "vlc",
+    "pciutils",
+    "usbutils"
+  ],
+  "profile":[],
+  "allowed_dns":[],
+  "allowed_host":[]
+  
+}
--- a/config/container_cmd.sh
+++ b/config/container_cmd.sh
@@ -0,0 +1,9 @@
+set -e
+cores=$(nproc)
+echo "${cores}"
+/usr/bin/make clean
+/usr/bin/make defconfig
+cat ./.config | python3 /update_kernel_make_config.py --file /linux/kernel_options.json
+cat ./.config | python3 /update_kernel_make_config.py --file /linux/kernel_options.json > ./.config
+/usr/bin/make olddefconfig
+/usr/bin/make -j ${cores}
--- a/config/filesystem_chroot_install.sh
+++ b/config/filesystem_chroot_install.sh
@@ -0,0 +1,52 @@
+#add sources list for questing.
+set -e
+set -x
+echo "deb https://archive.ubuntu.com/ubuntu questing main restricted universe multiverse" > /etc/apt/sources.list
+echo "deb https://archive.ubuntu.com/ubuntu questing-updates main restricted universe multiverse" >> /etc/apt/sources.list
+echo "deb https://archive.ubuntu.com/ubuntu questing-backports main restricted universe multiverse" >> /etc/apt/sources.list
+echo "deb https://security.ubuntu.com/ubuntu questing-security main restricted universe multiverse" >> /etc/apt/sources.list
+apt update
+apt upgrade -y
+
+#install base system packages
+apt install -y --install-recommends --install-suggests systemd
+apt install -y --no-install-recommends gnome-core
+apt install -y jq git rlwrap dnsutils curl systemd-resolved ufw nano htop ipset lm-sensors net-tools iputils-ping python3-pip bpfcc-tools gnome-shell-extension-ubuntu-dock gnome-shell-extension-ubuntu-tiling-assistant gnome-shell-extension-appindicator keepassxc libnetfilter-queue-dev libpcap-dev protobuf-compiler bpftool golang ufw
+
+#install packages from config
+jq -r '.packages | .[]' config.json | while read -r item; do
+  apt install -y "$item"
+done
+
+#set locale
+locale=$(jq -r '.locale' config.json)
+echo "$locale"
+locale-gen "$locale"
+echo "LANG=$locale" > /etc/default/locale
+
+#install python systemwide
+#pip install --break-system-packages dnslib psutil
+
+#add setuid for some applications
+chmod u+s /usr/bin/bwrap
+chmod u+s /usr/bin/ping
+
+#install firewall
+#mkdir -p /usr/local/src/
+#cd /usr/local/src/
+#git clone https://git.patronage.systems/matt/dnsf.git
+#chmod +x /usr/local/src/dnsf/dnsf_install.sh
+#/bin/bash -c /usr/local/src/dnsf/dnsf_install.sh
+
+#enable services
+systemctl enable systemd-resolved
+systemctl enable systemd-networkd
+
+#ui changes
+gsettings set org.gnome.desktop.interface color-scheme 'prefer-dark'
+
+#install brave browser
+curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
+curl -fsSLo /etc/apt/sources.list.d/brave-browser-release.sources https://brave-browser-apt-release.s3.brave.com/brave-browser.sources
+apt update
+apt install -y brave-browser
--- a/config/filesystem_cmd.sh
+++ b/config/filesystem_cmd.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+set -e
+fakechroot
+debootstrap --version
+debootstrap --variant=fakechroot --arch amd64 bionic /tmp/rootfs/ http://archive.ubuntu.com/ubuntu
--- a/config/filesystem_containerfile
+++ b/config/filesystem_containerfile
@@ -0,0 +1,11 @@
+FROM ubuntu:latest
+run ls /
+run apt-get update
+run apt-get install -y pacstrap
+run mkdir -p /tmp/
+run mkdir -p /tmp/rootfs/
+workdir /linux
+add ./config/filesystem_cmd.sh /
+add ./config/polystrap.cfg /tmp
+run chmod +x /filesystem_cmd.sh
+cmd ["/usr/bin/bash","-c","/filesystem_cmd.sh"]
--- a/config/grub.cfg
+++ b/config/grub.cfg
@@ -0,0 +1,19 @@
+set	timeout=1
+set	default=0
+echo	'loading modules..'
+insmod	normal
+insmod	fat
+insmod	part_gpt
+insmod	gzio
+insmod	ext
+
+echo	'loading menu..'
+set	root='(hd0,gpt1)'
+ls	(hd0,gpt1)/EFI/patronage/
+menuentry "PatronageOS" {
+    linux	/EFI/patronage/bzImage quiet splash boot=/init
+    echo	'loaded kernel...'
+    initrd	/EFI/patronage/initramfs.cpio.gz
+    echo	'loaded initial ramdisk...'
+    boot
+}
--- a/config/init.sh
+++ b/config/init.sh
@@ -0,0 +1,23 @@
+#!/bin/busybox sh
+set -e
+/bin/busybox echo 'mounting /proc..'
+/bin/busybox mount -t proc proc /proc
+/bin/busybox echo 'mounting /sys..'
+/bin/busybox mount -t sysfs sysfs /sys
+/bin/busybox echo 'mounting /dev..'
+/bin/busybox mount -t devtmpfs devtmpfs /dev
+/bin/busybox echo 'creating root..'
+/bin/busybox mkdir -p /newroot
+/bin/busybox echo 'mounting root..'
+/bin/busybox mount $(/bin/busybox findfs LABEL=ROOT) /newroot
+#/bin/busybox echo 'moving /sys..'
+#/bin/busybox mount --move /sys /newroot/sys
+#/bin/busybox echo 'moving /dev..'
+#/bin/busybox mount --move /dev /newroot/dev
+#/bin/busybox echo 'moving /proc..'
+#/bin/busybox mount --move /proc /newroot/proc
+#/bin/busybox modprobe encryptfs
+#/bin/busybox modprobe dm-crypt
+/bin/busybox echo 'switching root..'
+exec switch_root /newroot /lib/systemd/systemd --system
+
--- a/config/interfaces.network
+++ b/config/interfaces.network
@@ -0,0 +1,5 @@
+[Match]
+Name=*
+
+[Network]
+DHCP=yes
--- a/config/kernel_options.json
+++ b/config/kernel_options.json
--- a/config/resolved.conf
+++ b/config/resolved.conf
@@ -0,0 +1,9 @@
+[Resolve]
+Domains=~.
+DNSSEC=true
+DNSOverTLS=yes
+MulticastDNS=no
+LLMNR=no
+Cache=yes
+DNSStubListener=yes
+DNS=9.9.9.11#dns11.quad9.net DNS=1.1.1.1#cloudflare-dns.com
--- a/config/settings/opensnitch/settings.conf
+++ b/config/settings/opensnitch/settings.conf
@@ -0,0 +1,46 @@
+[General]
+statsDialog=1
+
+[database]
+file=:memory:
+max_days=1
+purge_interval=5
+purge_oldest=true
+type=0
+
+[global]
+default_action=0
+default_duration=6
+default_ignore_rules=false
+default_ignore_temporary_rules=0
+default_popup_advanced=true
+default_popup_advanced_dstip=true
+default_popup_advanced_dstport=true
+default_popup_advanced_uid=false
+default_popup_position=0
+default_target=0
+default_timeout=30
+disable_popups=false
+
+[notifications]
+enabled=true
+type=0
+
+[promptDialog]
+geometry=@ByteArray(\x1\xd9\xd0\xcb\0\x3\0\0\0\0\x6\x93\0\0\x3\x86\0\0\b\x9a\0\0\x4\xde\0\0\x6\x93\0\0\x3\xab\0\0\b\x9a\0\0\x4\xde\0\0\0\0\0\0\0\0\xf\0\0\0\x6\x93\0\0\x3\xab\0\0\b\x9a\0\0\x4\xde)
+
+[statsDialog]
+general_columns_state=@ByteArray(\0\0\0\xff\0\0\0\0\0\0\0\x1\0\0\0\x1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x4o\0\0\0\a\0\x1\x1\x1\0\0\0\0\0\0\0\0\0\0\0\0\x64\xff\xff\xff\xff\0\0\0\x84\0\0\0\0\0\0\0\a\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\x1\x1\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\xf5\0\0\0\x1\0\0\0\0\0\0\0\xe9\0\0\0\x1\0\0\0\0\0\0\x3\xe8\0\0\0\0\x64)
+general_filter_text=
+general_limit_results=0
+geometry=@ByteArray(\x1\xd9\xd0\xcb\0\x3\0\0\0\0\a\x84\0\0\x4&\0\0\f\b\0\0\a\xf7\0\0\a\x84\0\0\x4K\0\0\f\b\0\0\a\xf7\0\0\0\0\0\0\0\0\xf\0\0\0\a\x84\0\0\x4K\0\0\f\b\0\0\a\xf7)
+last_tab=0
+nodes_columns_state=@ByteArray(\0\0\0\xff\0\0\0\0\0\0\0\x1\0\0\0\x1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x5\x88\0\0\0\n\0\x1\x1\x1\0\0\0\0\0\0\0\0\x1\0\0\0\x64\xff\xff\xff\xff\0\0\0\x84\0\0\0\0\0\0\0\n\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0>\0\0\0\x1\0\0\0\x3\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\x2*\0\0\0\x1\0\0\0\0\0\0\x3\xe8\0\0\0\0\x64)
+rules_columns_state=@ByteArray(\0\0\0\xff\0\0\0\0\0\0\0\x1\0\0\0\x1\xff\xff\xff\xff\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x4\x46\0\0\0\n\0\x1\x1\x1\0\0\0\0\0\0\0\0\0\0\0\0\x64\xff\xff\xff\xff\0\0\0\x84\0\0\0\0\0\0\0\n\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\xc2\0\0\0\x1\0\0\0\0\0\0\x3\xe8\0\0\0\0\x64)
+rules_tree_0_expanded=false
+rules_tree_1_expanded=false
+show_columns=0, 1, 2, 3, 4, 5, 6
+view_columns_state2=@ByteArray(\0\0\0\xff\0\0\0\0\0\0\0\x1\0\0\0\x1\xff\xff\xff\xff\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x4\xaa\0\0\0\v\0\x1\x1\x1\0\0\0\0\0\0\0\0\0\0\0\0\x64\xff\xff\xff\xff\0\0\0\x84\0\0\0\0\0\0\0\v\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\xc2\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\x3\xe8\0\0\0\0\x64)
+view_columns_state4=@ByteArray(\0\0\0\xff\0\0\0\0\0\0\0\x1\0\0\0\x1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x3\xe2\0\0\0\x2\0\x1\x1\x1\0\0\0\0\0\0\0\0\x1\0\0\0\x64\xff\xff\xff\xff\0\0\0\x84\0\0\0\0\0\0\0\x2\0\0\x1\x64\0\0\0\x1\0\0\0\x3\0\0\x2~\0\0\0\x1\0\0\0\0\0\0\x3\xe8\0\0\0\0\x64)
+view_details_columns_state0=@ByteArray(\0\0\0\xff\0\0\0\0\0\0\0\x1\0\0\0\x1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\xc8\0\0\0\x2\0\x1\x1\x1\0\0\0\0\0\0\0\0\x1\0\0\0\x64\xff\xff\xff\xff\0\0\0\x84\0\0\0\0\0\0\0\x2\0\0\0\x64\0\0\0\x1\0\0\0\x3\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\x3\xe8\0\0\0\0\x64)
+view_details_columns_state2=@ByteArray(\0\0\0\xff\0\0\0\0\0\0\0\x1\0\0\0\x1\xff\xff\xff\xff\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x4\x46\0\0\0\n\0\x1\x1\x1\0\0\0\0\0\0\0\0\0\0\0\0\x64\xff\xff\xff\xff\0\0\0\x84\0\0\0\0\0\0\0\n\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\x64\0\0\0\x1\0\0\0\0\0\0\0\xc2\0\0\0\x1\0\0\0\0\0\0\x3\xe8\0\0\0\0\x64)
--- a/config/settings/skel/bash_profile
+++ b/config/settings/skel/bash_profile
@@ -0,0 +1,5 @@
+# ~/.bash_profile
+chsh -s /bin/bash
+if [ -f ~/.bashrc ]; then
+  . ~/.bashrc
+fi
--- a/config/settings/skel/bashrc
+++ b/config/settings/skel/bashrc
@@ -0,0 +1,8 @@
+# ~/.bashrc
+
+# Custom aliases
+alias la='ls -la'
+
+
+# Set a custom prompt
+PS1="[\u@\h \W]\$ "
--- a/config/settings/skel/profile
+++ b/config/settings/skel/profile
@@ -0,0 +1,5 @@
+# ~/.profile
+
+if [ -f ~/.bashrc ]; then
+  . ~/.bashrc
+fi
--- a/config/update_kernel_make_config.py
+++ b/config/update_kernel_make_config.py
@@ -0,0 +1,27 @@
+# -*- coding: utf-8 -*-
+
+
+import sys,json,argparse
+
+text = sys.stdin.readlines()
+
+parser = argparse.ArgumentParser()
+parser.add_argument("-f","--file")
+args = parser.parse_args()
+
+config = {}
+    
+for i in range(len(text)):
+    if '#' not in text[i] and len(str(text[i]).strip())>0:
+        key = str(text[i]).strip().split('=')
+        config[str(key[0])]=str(key[1])
+
+with open(args.file,'r',encoding='utf-8') as f:
+    changes = json.loads(f.read())
+
+for c in changes.keys():
+    config[str(c)]=changes[str(c)]
+
+config_to_write = ['='.join([str(i),str(config[str(i)])]) for i in config.keys()]
+
+print('\n'.join(config_to_write))