fix networking.
This commit is contained in:
Matt Knoop
@@ -15,6 +15,7 @@ echo "CONFIG_FRAMEBUFFER_CONSOLE=y" >> ./.config
|
||||
echo "CONFIG_DRM_VIRTIO_GPU=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_PCI=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_BLK=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_ANCHOR=y" >> ./.config
|
||||
echo "CONFIG_SCSI_VIRTIO=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_NET=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_CONSOLE=y" >> ./.config
|
||||
@@ -22,6 +23,8 @@ echo "CONFIG_VIRTIO_PCI_LIB=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_PCI_LIB_LEGACY=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_MENU=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_BALLOON=y" >> ./.config
|
||||
echo "CONFIG_HW_RANDOM_VIRTIO=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_PCI_LEGACY=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_MEM=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_MMIO=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES=y" >> ./.config
|
||||
@@ -29,6 +32,7 @@ echo "CONFIG_VIRTIO_IOMMU=y" >> ./.config
|
||||
echo "CONFIG_VIRTIO_FS=y" >> ./.config
|
||||
echo "CONFIG_PCI=y" >> ./.config
|
||||
echo "CONFIG_PCI_HOST_GENERIC=y" >> ./.config
|
||||
echo "CONFIG_RPMSG_VIRTIO=y" >> ./.config
|
||||
echo "CONFIG_DRM=y" >> ./.config
|
||||
/usr/bin/make olddefconfig
|
||||
/usr/bin/make -j ${cores}
|
||||
|
||||
@@ -1,25 +1,46 @@
|
||||
|
||||
echo "deb http://archive.ubuntu.com/ubuntu noble main restricted universe multiverse" > /etc/apt/sources.list
|
||||
echo "deb http://archive.ubuntu.com/ubuntu noble-updates main restricted universe multiverse" >> /etc/apt/sources.list
|
||||
echo "deb http://archive.ubuntu.com/ubuntu noble-backports main restricted universe multiverse" >> /etc/apt/sources.list
|
||||
echo "deb http://security.ubuntu.com/ubuntu noble-security main restricted universe multiverse" >> /etc/apt/sources.list
|
||||
#add sources list for noble.
|
||||
set -e
|
||||
echo "deb https://archive.ubuntu.com/ubuntu noble main restricted universe multiverse" > /etc/apt/sources.list
|
||||
echo "deb https://archive.ubuntu.com/ubuntu noble-updates main restricted universe multiverse" >> /etc/apt/sources.list
|
||||
echo "deb https://archive.ubuntu.com/ubuntu noble-backports main restricted universe multiverse" >> /etc/apt/sources.list
|
||||
echo "deb https://security.ubuntu.com/ubuntu noble-security main restricted universe multiverse" >> /etc/apt/sources.list
|
||||
apt update
|
||||
apt install -y gnome-core
|
||||
systemd-nspawn --boot
|
||||
#systemctl enable opensnitch
|
||||
apt install -y ufw
|
||||
ufw enable
|
||||
apt install -y curl flatpak
|
||||
#git opensnitch qemu-system python3-bpfcc python3-pip bpfcc-tools ipset doas lm-sensors flatpak net-tools iputils-ping
|
||||
#pip install --break-system-packages dnslib psutil
|
||||
flatpak remote-add flathub https://dl.flathub.org/repo/flathub.flatpakrepo
|
||||
|
||||
#set locale
|
||||
locale-gen "en_US.UTF-8"
|
||||
echo "LANG=en_US.UTF-8" > /etc/default/locale
|
||||
|
||||
#install base system packages
|
||||
apt install -y --no-install-recommends gnome-core git curl flatpak systemd-resolved ufw nano htop ipset lm-sensors net-tools iputils-ping fish python3-bpfcc python3-pip bpfcc-tools gnome-shell-extension-ubuntu-dock gnome-shell-extension-ubuntu-tiling-assistant ffmpeg vlc
|
||||
pip install --break-system-packages dnslib psutil
|
||||
|
||||
#add setuid for some applications
|
||||
chmod u+s /usr/bin/bwrap
|
||||
chmod u+s /usr/bin/ping
|
||||
|
||||
#enable services
|
||||
systemctl enable systemd-resolved
|
||||
systemctl enable systemd-networkd
|
||||
|
||||
#ui changes
|
||||
gsettings set org.gnome.desktop.interface color-scheme 'prefer-dark'
|
||||
|
||||
|
||||
#run echo "permit persist :sudo as root" >> /etc/doas.conf
|
||||
|
||||
|
||||
#create the default user
|
||||
useradd -m -s /bin/bash ubuntu
|
||||
usermod -a -G sudo ubuntu
|
||||
yes defaultpass | passwd ubuntu
|
||||
|
||||
#install flatpak apps
|
||||
flatpak remote-add flathub https://dl.flathub.org/repo/flathub.flatpakrepo
|
||||
flatpak install --system --noninteractive flathub org.keepassxc.KeePassXC
|
||||
|
||||
#install brave browser
|
||||
curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
|
||||
curl -fsSLo /etc/apt/sources.list.d/brave-browser-release.sources https://brave-browser-apt-release.s3.brave.com/brave-browser.sources
|
||||
apt remove -y snapd
|
||||
apt update
|
||||
apt install -y brave-browser
|
||||
|
||||
5
config/interfaces.network
Normal file
5
config/interfaces.network
Normal file
@@ -0,0 +1,5 @@
|
||||
[Match]
|
||||
Name=*
|
||||
|
||||
[Network]
|
||||
DHCP=yes
|
||||
@@ -1,9 +0,0 @@
|
||||
# /tmp/polystrap.cfg
|
||||
[system]
|
||||
target = amd64-linux-gnu
|
||||
rootfs = /tmp/rootfs
|
||||
host = host
|
||||
download = http://deb.debian.org/debian
|
||||
distribution = bullseye
|
||||
components = main contrib non-free
|
||||
architectures = amd64
|
||||
9
config/resolved.conf
Normal file
9
config/resolved.conf
Normal file
@@ -0,0 +1,9 @@
|
||||
[Resolve]
|
||||
Domains=~.
|
||||
DNSSEC=true
|
||||
DNSOverTLS=yes
|
||||
MulticastDNS=no
|
||||
LLMNR=no
|
||||
Cache=yes
|
||||
DNSStubListener=yes
|
||||
DNS=9.9.9.11#dns11.quad9.net DNS=1.1.1.1#cloudflare-dns.com
|
||||
Reference in New Issue
Block a user