diff --git a/postinstall.sh b/postinstall.sh new file mode 100755 index 0000000..24f5d4c --- /dev/null +++ b/postinstall.sh @@ -0,0 +1,127 @@ +#!/bin/sh + +#============================================================= +# Файл: postinstall.sh +# Назначение: Настройка ОС +# Версия: 1.0 +# Автор: Пахомов Г.Д. +# Дата: 24.05.2024 +#============================================================= + + +#============================================================= +# Переменные +#============================================================= + +USER_NAME=astra +PASSWORD=12345678 +DIR=/your_dir +IP=192.168.31.97 +FILE=test.txt +LOG_TAG=postinstall + +#============================================================= +# Раздел настройки ОС +#============================================================= + +# Удаление пароля из GRUB +function disable_grub_password() { + if sed -i 's/set\ superusers=/#set\ superusers=/g' /etc/grub.d/07_password && + sed -i 's/set\ superusers=/#set\ superusers=/g' /boot/grub/grub.cfg && + sed -i 's/password_pbkdf2/#password_pbkdf2/g' /etc/grub.d/07_password && + sed -i 's/password_pbkdf2/#password_pbkdf2/g' /boot/grub/grub.cfg + then + logger -t "$LOG_TAG" "disable_grub_password - success" + else + logger -t "$LOG_TAG" "disable_grub_password - failed" + fi +} + + +# Проверка наличия пользователя astra +function check_user() { + # Проверяем, существует ли пользователь с таким именем + if id -u $USER_NAME >/dev/null 2>&1; + then + usermod -a -G libvirt-admin,libvirt-qemu,libvirt,disk,kvm,astra-admin,astra-console $USER_NAME && + logger -t "$LOG_TAG" "check_user - success" + else + useradd -m -d /bin/bash $USER_NAME && + echo $USER_NAME:$PASSWORD | chpasswd && + pdpl-user -i 63 $USER_NAME && + usermod -aG sudo $USER_NAME && + usermod -a -G libvirt-admin,libvirt-qemu,libvirt,disk,kvm,astra-admin,astra-console $USER_NAME && + logger -t "$LOG_TAG" "check_user - success" + fi +} + + +# Создание автологина +function autologin() { + if sed -i "/AutoLoginEnable=/c\AutoLoginEnable=true" /etc/X11/fly-dm/fly-dmrc && + sed -i "/AutoLoginUser=/c\AutoLoginUser=$USER_NAME" /etc/X11/fly-dm/fly-dmrc && + sed -i "/AutoLoginPass=/c\AutoLoginPass=$PASSWORD" /etc/X11/fly-dm/fly-dmrc && + sed -i "/AutoLoginMAC=/c\AutoLoginMAC=0:63:0x0:0x0!" /etc/X11/fly-dm/fly-dmrc + then + logger -t "$LOG_TAG" "autologin - success" + else + logger -t "$LOG_TAG" "autologin - failed" + fi +} + + +#============================================================= +# Раздел решения +#============================================================= + +# Функция проверки доступности архива +function server_http_status() { + # Проверяем, доступен ли HTTP-сервер + if ! curl --silent --fail "http://$IP" >/dev/null 2>&1; + then + logger -t "$LOG_TAG" "server_http_status $IP - failed" + fi + + # Проверяем, существуют ли файлы + if curl --silent --fail --head "http://$IP/$FILE" | grep -qE 'HTTP/[0-9\.]+ 200 OK'; + then + logger -t "$LOG_TAG" "server_http_status Файлы - success" + else + logger -t "$LOG_TAG" "server_http_status Файл tac_rdy.tar.gz - failed" + fi +} + +# Функция коприрования +function dir_copy() { + if mkdir $DIR && + wget http://$IP/$FILE -P $DIR + then + logger -t "$LOG_TAG" "dir_copy - success" + else + logger -t "$LOG_TAG" "dir_copy - failed" + fi +} + + + +#============================================================= +# Основной модуль +#============================================================= +main() { + if disable_grub_password; then + if check_user; then + autologin || true; + if server_http_status; then + dir_copy || true; + else + logger -t "$LOG_TAG" "main - failed" + exit 1 + fi + fi + fi + logger -t "$LOG_TAG" "main - success" + exit 0 +} + + +main "$@" \ No newline at end of file diff --git a/preseed.cfg b/preseed.cfg new file mode 100755 index 0000000..e4d1d7f --- /dev/null +++ b/preseed.cfg @@ -0,0 +1,120 @@ +#Принять лицензию +astra-license astra-license/license boolean true +# +#Автоматический выбор сетевого интерфейса +d-i netcfg/choose_interface select auto +# +# при обнаружении DHCP требует ввести в каком домене будет АРМ, ввести нужный домен +d-i netcfg/get_domain string test.ipa +# +#Локаль и язык +d-i debian-installer/locale string ru_RU +d-i debian-installer/locale select ru_RU.UTF-8 +d-i debian-installer/language string ru +d-i debian-installer/country string RU +d-i debian-installer/keymap string ru +d-i localechooser/languagelist select ru +d-i localechooser/shortlist select RU +# +# Выбор клавиатуры +d-i console-tools/archs select at +d-i console-keymaps-at/keymap select ru +d-i console-setup/toggle string Alt+Shift +d-i console-setup/layoutcode string ru +d-i keyboard-configuration/toggle select Alt+Shift +d-i keyboard-configuration/layoutcode string ru +d-i keyboard-configuration/xkb-keymap select us +d-i languagechooser/language-name-fb select Russian +d-i countrychooser/country-name select Russia +# +# Временная зона +d-i time/zone string Europe/Moscow +# +# Автоматическая разметка дисков +d-i partman-auto/disk string /dev/sda +d-i partman-efi/non_efi_system boolean false +d-i partman-auto/method string lvm +d-i partman-auto-lvm/new_vg_name string astra_consulting +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-auto-lvm/guided_size string 80% +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true +d-i partman-auto/expert_recipe string \ +custom :: \ +1024 30 1024 ext2 \ +$primary{ } \ +$bootable{ } \ +method{ format } format{ } \ +use_filesystem{ } filesystem{ ext2 } \ +mountpoint{ /boot } \ +. \ +40000 30 40000 ext4 \ +$lvmok{ } lv_name{ root } \ +in_vg { astra_consulting } \ +method{ format } format{ } \ +use_filesystem{ } filesystem{ ext4 } \ +mountpoint{ / } \ +. \ +8192 30 8192 linux-swap \ +$lvmok{ } lv_name{ swap } \ +in_vg { astra_consulting } \ +method{ swap } format{ } \ +. \ +1024 1025 -1 ext4 \ +$lvmok{ } lv_name{ home } \ +in_vg { astra_consulting } \ +method{ format } format{ } \ +use_filesystem{ } filesystem{ ext4 } \ +mountpoint{ /home } \ +. +# +#Установка дополнительных модулей ядра +d-i anna/no_kernel_modules boolean true +# +#Выбор ядра +d-i base-installer/kernel/image select linux-6.1-generic +# +# Имя пользователя +d-i passwd/username string rfalhw +# +# Пароль пользователя +d-i passwd/user-password password 12345678 +d-i passwd/user-password-again password 12345678 +# +# Выбор ПО +d-i tasksel/first multiselect Base, Fly, Internet, Office, Multimedia +# +# Samba WINS dhcp +d-i samba-common/dhcp string false +# +d-i mirror/country string manual +d-i mirror/http/hostname string 192.168.31.97 +d-i mirror/http/directory string /images/alse175 +d-i mirror/http/proxy string +# +# Уровень защищённости +d-i astra-additional-setup/os-check select Advanced security level Voronezh +# +# Дополнительные настройки уровня защищённости +d-i astra-additional-setup/additional-settings-voronezh multiselect Enable Mandatory Integrity Control, Disable ptrace capability +# +dictionaries-common dictionaries-common/selecting_ispell_wordlist_default note +# +# Установка загрузчика GRUB +d-i grub-installer/only_debian boolean true +# +# Установка пароля GRUB +d-i grub-installer/password password 12345678 +d-i grub-installer/password-again password 12345678 +# +# Не показывать диалог окончания установки +d-i finish-install/reboot_in_progress note +# +# Копирование postinstall +d-i preseed/late_command string in-target bash -c "/usr/bin/wget -O /tmp/postinstall.sh http://192.168.31.97/scripts/postinstall.sh";\ +# Запуск postinstall +in-target bash -c "/bin/sh -x /tmp/postinstall.sh"