Gentoo Image++

by beladmin
17 deployments · 2 still active · last rev. 1 month ago

Deploy Linode's Gentoo image with some useful services (such as syslog-ng, logrotate, vixie-cron and screen) installed & configured, enlarge default file numbers handling, set timezone, hostname and vim color scheme.

StackScriptID=420997

Compatible with: Gentoo
Includes: Gentoo LAMP Stack
						#!/bin/bash

#
# This script installed a few useful services on top of the Linode/Gentoo image and perform a basic settings for a better Gentoo server.
# This served as an slightly enhanced Gentoo image.

# variables for this script
#<UDF name="timezone" label="Timezone for the new node" default="Asia/Kuala_Lumpur">
# TIMEZONE=
#
#<UDF name="hostname" label="The hostname for the new Linode.">
# HOSTNAME=
#
#<UDF name="fqdn" label="The new Linode's Fully Qualified Domain Name">
# FQDN=
#
#<UDF name="mailto" label="Administer email for cron job (vixie-cron)" default="" example="webmaster@example.com">
# MAILTO=
#
#<UDF name="lamp" label="Install Gentoo LAMP stack" oneOf="Yes,No" default="No">
# LAMP=

# set proper time zone
echo $TIMEZONE > /etc/timezone
emerge --config sys-libs/timezone-data

# local script variables
STARTTIME=$(date +"%F %T.%3N")

# This sets the variable $IPADDR to the IP address the new Linode receives.
IPADDR=$(ifconfig eth0 | awk '/inet / { print $2 }')

# set hostname (Gentoo style. Note: re-login to get the correct hostname)
# ------- echo $HOSTNAME > /etc/conf.d/hostname  (Ubuntu style, not working after reboot in Gentoo)
# ------- hostname -F /etc/conf.d/hostname   ## this '-F' didn't work properly for hostname="hostname" style, but work for Ubuntu's style.
# echo "hostname=\"${HOSTNAME}\"" > /etc/conf.d/hostname
sed -i "s/localhost/${HOSTNAME}/" /etc/conf.d/hostname
hostname $HOSTNAME

# set hosts
echo $IPADDR  $FQDN  $HOSTNAME >> /etc/hosts

echo "sync and updating portage repo..."
if [ `emerge --sync -q | grep -c 'emerge --oneshot portage'` -gt "0" ]; then emerge -1q portage; else echo 'repo sync complete!'; fi

# uninstall sysklog
rc-update del sysklogd default
/etc/init.d/sysklogd stop
emerge --depclean  sysklogd

# install base packages
emerge -q syslog-ng 
emerge -q logrotate 
emerge -q vixie-cron 
emerge -q app-misc/screen 
emerge -q net-misc/ntp
emerge -q app-portage/gentoolkit

# discard update for /etc/crontab (old one is better and less junk)
rm /etc/._cfg*_crontab
# auto merge others...
etc-update --automode -5

# sync time
ntpdate pool.ntp.org

# config syslog-ng (syslog-ng can be configured after installation)
echo "Configuring syslog-ng..."
sed -i '/^log/ d' /etc/syslog-ng/syslog-ng.conf
cat <<ADDLINES >> /etc/syslog-ng/syslog-ng.conf
destination mail     { file("/var/log/mail.log"); };
 
filter f_mail { facility(mail); };
filter f_messages { not facility(mail); };

log { source(src); filter(f_messages); destination(messages); };
log { source(src); filter(f_mail); destination(mail); };

log { source(src); destination(console_all); };
ADDLINES

# config vixie-cron (can be configured after installation)
CRONTAB="/etc/crontab"
echo "Set environment variables and jobs of $CRONTAB..."
grep -q "^SHELL=" $CRONTAB || echo "SHELL=/bin/bash" >> $CRONTAB
grep -q "^HOME="  $CRONTAB || echo "HOME=/" >> $CRONTAB
grep -q "^PATH="  $CRONTAB || echo "PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" >> $CRONTAB
grep -q ":/usr/local/bin" $CRONTAB || sed -i 's|^PATH=.*$|&:/usr/local/bin|' $CRONTAB

if ! grep -q "^MAILTO=" $CRONTAB; then
  echo "MAILTO=${MAILTO}" >> $CRONTAB
else
  sed -i "/^MAILTO/ c MAILTO=${MAILTO}" $CRONTAB
fi

# --- add cron job for logrotate ---
if ! grep -q 'logrotate' $CRONTAB; then
   echo -e '00 00 * * *     root    logrotate /etc/logrotate.conf\n' >> $CRONTAB
fi
# ---- add cron job to check for crashed or stopped services ---
if ! grep -q 'rc-status' $CRONTAB; then
   echo -e "15 8-19 * * *   root    rc-status | grep 'crashed\|stopped'\n" >> $CRONTAB
fi

# --- add cron job for Portage sync ---
grep -q 'emerge --sync' $CRONTAB || echo -e "0 0 28 * *      root    if [ \`emerge --sync -q | grep -c '--oneshot portage'\` -gt \"0\" ]; then emerge -q1 portage; else echo 'repo sync done'; fi\n" >> $CRONTAB


# set vim color scheme
echo "Set color scheme for vim..."
cat > /etc/vim/vimrc.local <<ADDLINES 
hi string ctermfg=darkgreen
hi constant ctermfg=red
hi comment ctermfg=blue
hi preproc ctermfg=magenta
ADDLINES

# generate server's private key and generate default self-signed ssl
echo " :: Generate server's private key and self-sgined SSL..."
[ -d "/etc/ssl/belxpress" ] || mkdir /etc/ssl/belxpress
openssl req -x509 -newkey rsa:4096 -nodes -days 730 -sha256 -keyout /etc/ssl/belxpress/server.key -out /etc/ssl/belxpress/server.crt -subj "/C=MY/L=KL/O=BEL Technology Sdn Bhd/OU=System Dvision/CN=${FQDN}/emailAddress=postmaster@belxpress.com" -config <(echo -e "[req]\ndistinguished_name=dn\n[dn]\n[ext]\nbasicConstraints=critical,CA:FALSE") -extensions ext

# fine tune system files handle
echo " :: fine tuning the system ..."
sed -i '/^# End of file/i *                soft    nofile          20480' /etc/security/limits.conf
sed -i '/^# End of file/i *                hard    nofile          32768' /etc/security/limits.conf
sed -i '/^#\?\s\?rc_ulimit/c rc_ulimit="-n 32768 -u 32768"' /etc/rc.conf 


# add service to default and start services
rc-update add syslog-ng default
rc-update add vixie-cron default
/etc/init.d/syslog-ng start
/etc/init.d/vixie-cron start

## ======= Gentoo LAMP ========
[[ "$LAMP" == "Yes" ]] && source <ssinclude StackScriptID="421642">

echo "Gentoo Base00 System created! - ID: ${LINODE_ID} (${LINODE_LISHUSERNAME}) in DataCenter #${LINODE_DATACENTERID}"
echo "Start Time: ${STARTTIME}"
echo "End Time  : `date +'%F %T.%3N'`"

rm ~/ssinclude-*
rm ~/StackScript

exit 0