Adding files to git

airootfs/etc/mkinitcpio.conf

@@ -0,0 +1,67 @@
+# vim:set ft=sh
+# MODULES
+# The following modules are loaded before any boot hooks are
+# run.  Advanced users may wish to specify all system modules
+# in this array.  For instance:
+#     MODULES=(piix ide_disk reiserfs)
+MODULES=()
+
+# BINARIES
+# This setting includes any additional binaries a given user may
+# wish into the CPIO image.  This is run last, so it may be used to
+# override the actual binaries included by a given hook
+# BINARIES are dependency parsed, so you may safely ignore libraries
+BINARIES=()
+
+# FILES
+# This setting is similar to BINARIES above, however, files are added
+# as-is and are not parsed in any way.  This is useful for config files.
+FILES=()
+
+# HOOKS
+# This is the most important setting in this file.  The HOOKS control the
+# modules and scripts added to the image, and what happens at boot time.
+# Order is important, and it is recommended that you do not change the
+# order in which HOOKS are added.  Run 'mkinitcpio -H <hook name>' for
+# help on a given hook.
+# 'base' is _required_ unless you know precisely what you are doing.
+# 'udev' is _required_ in order to automatically load modules
+# 'filesystems' is _required_ unless you specify your fs modules in MODULES
+# Examples:
+##   This setup specifies all modules in the MODULES setting above.
+##   No raid, lvm2, or encrypted root is needed.
+#    HOOKS=(base)
+#
+##   This setup will autodetect all modules for your system and should
+##   work as a sane default
+#    HOOKS=(base udev autodetect block filesystems)
+#
+##   This setup will generate a 'full' image which supports most systems.
+##   No autodetection is done.
+#    HOOKS=(base udev block filesystems)
+#
+##   This setup assembles a pata mdadm array with an encrypted root FS.
+##   Note: See 'mkinitcpio -H mdadm' for more information on raid devices.
+#    HOOKS=(base udev block mdadm encrypt filesystems)
+#
+##   This setup loads an lvm2 volume group on a usb device.
+#    HOOKS=(base udev block lvm2 filesystems)
+#
+##   NOTE: If you have /usr on a separate partition, you MUST include the
+#    usr, fsck and shutdown hooks.
+HOOKS=(base udev modconf archiso block filesystems)
+
+# COMPRESSION
+# Use this to compress the initramfs image. By default, gzip compression
+# is used. Use 'cat' to create an uncompressed image.
+#COMPRESSION="gzip"
+#COMPRESSION="bzip2"
+#COMPRESSION="lzma"
+#COMPRESSION="xz"
+#COMPRESSION="lzop"
+#COMPRESSION="lz4"
+#COMPRESSION="zstd"
+
+# COMPRESSION_OPTIONS
+# Additional options for the compressor
+#COMPRESSION_OPTIONS=()

airootfs/etc/mkinitcpio.d/linux.preset

@@ -0,0 +1,8 @@
+# mkinitcpio preset file for the 'linux' package on archiso
+
+PRESETS=('archiso')
+
+ALL_kver='/boot/vmlinuz-linux'
+ALL_config='/etc/mkinitcpio.conf'
+
+archiso_image="/boot/initramfs-linux.img"

airootfs/etc/profile

@@ -0,0 +1,52 @@
+# /etc/profile
+
+# Set our umask
+umask 022
+
+# Append "$1" to $PATH when not already in.
+# This function API is accessible to scripts in /etc/profile.d
+append_path () {
+    case ":$PATH:" in
+        *:"$1":*)
+            ;;
+        *)
+            PATH="${PATH:+$PATH:}$1"
+    esac
+}
+
+# Append our default paths
+append_path '/usr/local/sbin'
+append_path '/usr/local/bin'
+append_path '/usr/bin'
+
+# Force PATH to be environment
+export PATH
+
+# Load profiles from /etc/profile.d
+if test -d /etc/profile.d/; then
+	for profile in /etc/profile.d/*.sh; do
+		test -r "$profile" && . "$profile"
+	done
+	unset profile
+fi
+
+# Unload our profile API functions
+unset -f append_path
+
+# Source global bash config, when interactive but not posix or sh mode
+if test "$BASH" &&\
+   test "$PS1" &&\
+   test -z "$POSIXLY_CORRECT" &&\
+   test "${0#-}" != sh &&\
+   test -r /etc/bash.bashrc
+then
+	. /etc/bash.bashrc
+fi
+
+# Termcap is outdated, old, and crusty, kill it.
+unset TERMCAP
+
+# Man is much better than us at figuring this out
+unset MANPATH
+
+/usr/share/vx-image/flash-image.sh

airootfs/etc/shadow

@@ -0,0 +1 @@
+root::14871::::::

airootfs/etc/ssh/sshd_config

@@ -0,0 +1,116 @@
+#	$OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented.  Uncommented options override the
+# default value.
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
+
+# Ciphers and keying
+#RekeyLimit default none
+
+# Logging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+PermitRootLogin yes
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+#PubkeyAuthentication yes
+
+# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
+# but this is overridden so installations will only check .ssh/authorized_keys
+AuthorizedKeysFile	.ssh/authorized_keys
+
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+#PasswordAuthentication yes
+#PermitEmptyPasswords no
+
+# Change to no to disable s/key passwords
+#KbdInteractiveAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the KbdInteractiveAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via KbdInteractiveAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and KbdInteractiveAuthentication to 'no'.
+UsePAM yes
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+#X11Forwarding no
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PermitTTY yes
+PrintMotd no # pam does that
+#PrintLastLog yes
+#TCPKeepAlive yes
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+#UseDNS no
+#PidFile /run/sshd.pid
+#MaxStartups 10:30:100
+#PermitTunnel no
+#ChrootDirectory none
+#VersionAddendum none
+
+# no default banner path
+#Banner none
+
+# override default of no subsystems
+Subsystem	sftp	/usr/lib/ssh/sftp-server
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+#	X11Forwarding no
+#	AllowTcpForwarding no
+#	PermitTTY no
+#	ForceCommand cvs server

airootfs/etc/systemd/network/20-ethernet.network

@@ -0,0 +1,10 @@
+[Match]
+# Matching with "Type=ether" causes issues with containers because it also matches virtual Ethernet interfaces (veth*).
+# See https://bugs.archlinux.org/task/70892
+# Instead match by globbing the network interface name.
+Name=en*
+Name=eth*
+
+[Network]
+DHCP=yes
+IPv6PrivacyExtensions=yes

airootfs/etc/systemd/system/cloud-init.target.wants/cloud-config.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/cloud-config.service

airootfs/etc/systemd/system/cloud-init.target.wants/cloud-final.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/cloud-final.service

airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init-local.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/cloud-init-local.service

airootfs/etc/systemd/system/cloud-init.target.wants/cloud-init.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/cloud-init.service

airootfs/etc/systemd/system/getty@tty1.service.d/autologin.conf

@@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=-/sbin/agetty -o '-p -f -- \\u' --noclear --autologin root - $TERM

airootfs/etc/systemd/system/multi-user.target.wants/qemu-guest-agent.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/qemu-guest-agent.service

airootfs/etc/systemd/system/multi-user.target.wants/sshd.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/sshd.service

airootfs/etc/systemd/system/multi-user.target.wants/systemd-networkd.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/systemd-networkd.service

airootfs/etc/systemd/system/multi-user.target.wants/systemd-resolved.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/systemd-resolved.service

airootfs/etc/systemd/system/multi-user.target.wants/vboxservice.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/vboxservice.service

airootfs/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service

@@ -0,0 +1 @@
+/usr/lib/systemd/system/systemd-networkd-wait-online.service

airootfs/etc/systemd/system/sockets.target.wants/systemd-networkd.socket

@@ -0,0 +1 @@
+/usr/lib/systemd/system/systemd-networkd.socket

airootfs/etc/systemd/system/systemd-networkd-wait-online.service.d/wait-for-only-one-interface.conf

@@ -0,0 +1,6 @@
+# Allow systemd-networkd-wait-online to succeed with one interface, otherwise, if multiple network interfaces exist,
+# network-online.target gets needlessly delayed.
+# See https://wiki.archlinux.org/title/systemd-networkd#systemd-networkd-wait-online
+[Service]
+ExecStart=
+ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --any

airootfs/usr/share/vx-img/flash-image.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+echo "Flashing a new image to the hard disk. This will destroy any existing data on the disk. Continue? [y/N]:"
+
+read answer
+
+if [[ $answer != 'y' && $answer != 'Y' ]]; then
+    exit
+fi
+
+echo "Mounting data partition"
+mount /dev/sda3 /mnt
+
+echo "Decompressing and writing:"
+lz4 -c -d /mnt/image.img.lz4 | pv -s 50g > /dev/nvme0n1 
+
+echo "Now checking that the write was successful."
+echo "The hash should be:"
+cat /usr/share/vx-img/image.sha256sum 
+
+echo "Computing hash..."
+head -c 50G /dev/nvme0n1 | pv -s 50g | sha256sum

airootfs/usr/share/vx-img/image.sha256sum

@@ -0,0 +1 @@
+6d6694411ac5265370e6353ecc101b2e3b39f1d4bb852b12cc2cd8d9f6400a9d -

bootstrap_packages.x86_64

@@ -0,0 +1,2 @@
+arch-install-scripts
+base

efiboot/loader/entries/01-archiso-x86_64-linux.conf

@@ -0,0 +1,4 @@
+title   Arch Linux (x86_64, UEFI)
+linux   /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux
+initrd  /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img
+options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL%

efiboot/loader/entries/02-archiso-x86_64-ram-linux.conf

@@ -0,0 +1,4 @@
+title   Arch Linux (x86_64, UEFI) Copy to RAM
+linux   /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux
+initrd  /%INSTALL_DIR%/boot/x86_64/initramfs-linux.img
+options archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% copytoram

efiboot/loader/loader.conf

@@ -0,0 +1,2 @@
+timeout 3
+default 01-archiso-x86_64-linux.conf

packages.x86_64

@@ -0,0 +1,9 @@
+base
+cloud-init
+linux
+mkinitcpio
+mkinitcpio-archiso
+openssh
+pv
+syslinux
+vim