freebsd-skq/release/tools/gce.conf
Glen Barber a7976e867f Increase the default size of the GCE disk image from 3GB to 20GB,
as 3GB is too small as discovered in this week's snapshot builds.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2019-05-03 17:23:08 +00:00

127 lines
3.5 KiB
Bash

#!/bin/sh
#
# $FreeBSD$
#
# The default of 3GB is too small for GCE, so override the size here.
export VMSIZE=20G
# Set to a list of packages to install.
export VM_EXTRA_PACKAGES="firstboot-freebsd-update firstboot-pkgs \
google-cloud-sdk panicmail sudo sysutils/py-google-compute-engine \
lang/python lang/python2 lang/python3"
# Set to a list of third-party software to enable in rc.conf(5).
export VM_RC_LIST="ntpd sshd growfs \
firstboot_pkgs firstboot_freebsd_update google_startup \
google_accounts_daemon google_clock_skew_daemon \
google_instance_setup google_network_daemon"
vm_extra_install_base() {
echo 'search google.internal' > ${DESTDIR}/etc/resolv.conf
echo 'nameserver 169.254.169.254' >> ${DESTDIR}/etc/resolv.conf
echo 'nameserver 8.8.8.8' >> ${DESTDIR}/etc/resolv.conf
}
vm_extra_pre_umount() {
# Enable growfs on every boot, not only the first, as as instance's disk can
# be enlarged post-creation
sed -i -e '/KEYWORD: firstboot/d' /etc/rc.d/growfs
cat << EOF >> ${DESTDIR}/etc/rc.conf
dumpdev="AUTO"
ifconfig_DEFAULT="SYNCDHCP mtu 1460"
ntpd_sync_on_start="YES"
# need to fill in something here
#firstboot_pkgs_list=""
panicmail_autosubmit="YES"
EOF
cat << EOF >> ${DESTDIR}/boot/loader.conf
autoboot_delay="-1"
beastie_disable="YES"
loader_logo="none"
hw.memtest.tests="0"
console="comconsole,vidconsole"
hw.vtnet.mq_disable=1
kern.timecounter.hardware=ACPI-safe
aesni_load="YES"
nvme_load="YES"
EOF
echo '169.254.169.254 metadata.google.internal metadata' >> \
${DESTDIR}/etc/hosts
# overwrite ntp.conf
cat << EOF > ${DESTDIR}/etc/ntp.conf
server metadata.google.internal iburst
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 ::1
restrict 127.127.1.0
EOF
cat << EOF >> ${DESTDIR}/etc/syslog.conf
*.err;kern.warning;auth.notice;mail.crit /dev/console
EOF
cat << EOF >> ${DESTDIR}/etc/ssh/sshd_config
ChallengeResponseAuthentication no
X11Forwarding no
AcceptEnv LANG
AllowAgentForwarding no
ClientAliveInterval 420
EOF
cat << EOF >> ${DESTDIR}/etc/crontab
0 3 * * * root /usr/sbin/freebsd-update cron
EOF
cat << EOF >> ${DESTDIR}/etc/sysctl.conf
net.inet.icmp.drop_redirect=1
net.inet.ip.redirect=0
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
kern.ipc.somaxconn=1024
debug.trace_on_panic=1
debug.debugger_on_panic=0
EOF
# To meet GCE marketplace requirements, extract the src.txz and
# ports.txz distributions to the target virtual machine disk image
# and fetch the sources for the third-party software installed on
# the image.
if [ ! -c "${DESTDIR}/dev/null" ]; then
mkdir -p ${DESTDIR}/dev
mount -t devfs devfs ${DESTDIR}/dev
fi
if [ -e "${DESTDIR}/../ftp/src.txz" ]; then
tar fxJ ${DESTDIR}/../ftp/src.txz -C ${DESTDIR}
fi
if [ -e "${DESTDIR}/../ftp/ports.txz" ]; then
tar fxJ ${DESTDIR}/../ftp/ports.txz -C ${DESTDIR}
_INSTALLED_PACKAGES=$(chroot ${DESTDIR} pkg info -o -q -a)
for PACKAGE in ${_INSTALLED_PACKAGES}; do
chroot ${DESTDIR} \
make -C /usr/ports/${PACKAGE} fetch
done
fi
if [ -c "${DESTDIR}/dev/null" ]; then
umount_loop ${DESTDIR}/dev
fi
## XXX: Verify this is needed. I do not see this requirement
## in the docs, and it impairs the ability to boot-test a copy
## of the image prior to packaging for upload to GCE.
#sed -E -i '' 's/^([^#].*[[:space:]])on/\1off/' ${DESTDIR}/etc/ttys
touch ${DESTDIR}/firstboot
rm -f ${DESTDIR}/etc/resolv.conf
return 0
}