Machine/template-squeeze

Introduction
This recipe to create a debian squeeze template for KVM requires: and follows the prinziple to use the minimun amount of tools ... a console and virt-manager
 * a DOM (= Machine/dextra)
 * a Homecomputer/Workstation
 * DHCP with DynamicDNS support
 * already configured "virt-manager"

Preparation on DOM
ssh root@dextra 'wget http://cdimage.debian.org/debian-cd/6.0.2.1/amd64/iso-cd/debian-6.0.2.1-amd64-netinst.iso -O /var/lib/libvirt/images/debian-6.0.2.1-amd64-netinst.iso' ssh root@dextra 'qemu-img create -f qcow2 /var/lib/libvirt/images/template-squeeze.qcow2 20G'

Create template
virt-manager & connect to DOM and create new VM (=template-squeeze) select iso, qcow2 and br0 install debian with "standard tools" and "ssh-server" switch console before rebooting with Send Keys "CRTL + ALT + F2" and enter echo "send host-name squeeze;" >> /target/etc/dhcp/dhclient.conf switch back with "CRTL + ALT + F1" and reboot

open missing ttyT0 for virsh console squeeze on dextra ssh root@squeeze 'sed -i "s/^#T0/T0/" /etc/inittab'

ssh & sshd
FIXME add "Host squeeze ..." to .ssh/config ssh-copy-id squeeze ssh-copy-id root@squeeze ssh root@squeeze 'sed -i "s/#PasswordAuthentication\ yes/PasswordAuthentication\ no/" /etc/ssh/sshd_config' ssh root@squeeze 'service ssh restart' ssh root@squeeze 'sed -i "1 c\root::15184:0:99999:7:::" /etc/shadow' ssh root@squeeze 'reboot' test if "virsh console template-squeeze" from DOM (root & empty pwd) works

sudo
ssh root@squeeze 'aptitude install sudo' ssh root@squeeze 'adduser nemo sudo' ssh root@squeeze 'sed -i "s/)\ ALL/)\ NOPASSWD: ALL/" /etc/sudoers'

vim & screen
ssh root@squeeze 'aptitude install vim screen' ssh root@squeeze 'update-alternatives --set editor /usr/bin/vim.basic' FIXME add .vimrc to /etc/skel

etckeeper
ssh root@squeeze 'aptitude install etckeeper git-core' ssh root@squeeze 'etckeeper init' ssh root@squeeze 'etckeeper commit "Initial commit"'

postfix
ssh root@squeeze 'aptitude install postfix' ssh root@squeeze 'aptitude purge exim4' select "Internet Site" for postfix ssh root@squeeze 'sed -i "$ c\root: stefan@unterhauser.name" /etc/aliases; newaliases' ssh root@squeeze 'sed -i "s/squeeze.media/squeeze.treehouse.su\ squeeze.media/" /etc/hosts' ssh root@squeeze 'sed -i "s/^myhostname\ =\ squeeze.media.mit.edu/myhostname\ =\ squeeze.treehouse.su/" /etc/postfix/main.cf' ssh root@squeeze 'sed -i "s/localhost.media.mit.edu/squeeze/" /etc/postfix/main.cf'

shell
ssh root@squeeze 'aptitude install bash-completion strace' FIXME modify /etc/skel/.bashrc FIXME add /etc/skel/.zzz_profile

devtodo
ssh root@squeeze 'aptitude install devtodo' ssh root@squeeze 'ln -s /usr/share/doc/devtodo/examples/scripts.sh /etc/profile.d/devtodo.sh' ssh root@squeeze 'cd /etc/skel; tda -p 1 "Welcome to #treehouse"' ssh root@squeeze 'cd /etc/skel; tda -p 2 "xo dogi"' ssh root@squeeze 'cd /etc/skel; tda -p 3 "PS: man devtodo"'

addmin
(= add admin) :P ssh root@squeeze 'cd /etc/skel/; mkdir -m 700 .ssh; touch .ssh/authorized_keys; chmod -R go-r .ssh' ssh root@squeeze 'echo "EXTRA_GROUPS=\"sudo\"" >> /etc/adduser.conf'

user "dogi" name "Stefan Unterhauser" other "stefan@unterhauser.name" ssh root@squeeze 'adduser --disabled-password --add_extra_groups dogi' ssh root@squeeze 'echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArMkyotKz1J5+Kux3ToBNe+X3Qm+6WzTXflEEeOWdmxDZ5f5le7Ujes81ybRnavWSNR2TGr1evigE7vGsxHm2aEeR0YICWR24lPcJ2FUROmEdwn2OjDzh1YcKJDNvlMzXt1x0dNeEkSisHpk6p5RJ7OfCtyD/OjKhGyajbxS/n3RDSMgND46M7AiiaaIzlut3D09Gyhd93t16NTyR9Ej1RRRk8z9of3qLwhC1AqVJpSkuWn9+q111AfljsVZCHHDLw0+j7NIntk5x+yzrl2QQECNEaPpm1Pt4gmLG2nnrNjPAtrjWIfyWfhdSbgk/QscAE2XpCYoSFBW9d8bdIVMfSw== stefan@unterhauser.name" >> /home/dogi/.ssh/authorized_keys'

duplicity
ssh root@squeeze 'aptitude install duplicity' ssh root@squeeze 'touch /etc/system-full-backup.conf; chmod 600 /etc/system-full-backup.conf' ssh root@squeeze 'echo "echo \"Please configure /etc/system-full-backup.conf and run\"" >> /etc/system-full-backup.conf' ssh root@squeeze 'echo "echo \"ssh-copy-id -i /root/.ssh/id_rsa.pub sugarbackup@backup.treehouse.su\"" >> /etc/system-full-backup.conf' ssh root@squeeze 'echo "echo \"then, comment out these lines to enable backups\"" >>/etc/system-full-backup.conf' ssh root@squeeze 'echo "exit 1" >>/etc/system-full-backup.conf' ssh root@squeeze 'echo " " >>/etc/system-full-backup.conf' ssh root@squeeze 'echo "PASSPHRASE=ChangeMe" >>/etc/system-full-backup.conf' ssh root@squeeze 'echo "TARGET=\"scp://sugarbackup@backup.treehouse.su/backup/\`hostname\`\"" >>/etc/system-full-backup.conf'

munin
ssh root@squeeze 'aptitude install munin-node munin-plugins-extra' ssh root@squeeze 'echo "allow ^140\.186\.70\.53$ #sunjammer.sugarlabs.org" >> /etc/munin/munin-node.conf' ssh root@squeeze 'echo "allow ^140\.186\.70\.128$ #monitoring.treehouse.su" >> /etc/munin/munin-node.conf' ssh root@squeeze 'echo "allow ^18\.85\.44\.172$ #munin.treehouse.su" >> /etc/munin/munin-node.conf' ssh root@squeeze 'echo "allow ^2001:4830:1100:48::2$ #sunjammer.sugarlabs.org (IPv6)" >> /etc/munin/munin-node.conf' ssh root@squeeze 'rm /etc/munin/plugins/entropy' ssh root@munin 'echo "[VMs;squeeze.treehouse.su]" > /etc/munin/munin-conf.d/squeeze' ssh root@munin 'echo " address squeeze.treehouse.su" >> /etc/munin/munin-conf.d/squeeze' ssh root@munin 'echo " use_node_name yes" >> /etc/munin/munin-conf.d/squeeze'