2008-07-04 07:33:24 +02:00
|
|
|
#!/bin/sh
|
|
|
|
#cnas-default-settings
|
|
|
|
# Default settings file for CryptoNAS Live
|
|
|
|
#
|
|
|
|
# This file is a shell script included by the live-helper
|
|
|
|
# scripts. Settings in "cnas-custom-settings" override
|
|
|
|
# those here if that file exists.
|
|
|
|
# Therefore, if you want to make local customizations to
|
|
|
|
# your build settings, you should do:
|
|
|
|
# "cp cnas-default-settings cnas-custom-settings"
|
|
|
|
# and make changes to "cnas-custom-settings".
|
|
|
|
#
|
|
|
|
# Values in config/bootstrap, config/chroot, config/binary,
|
|
|
|
# etc. will be used if they are not redefined by
|
|
|
|
# cnas-custom-settings or cnas-default-settings.
|
|
|
|
#
|
|
|
|
# I've tried to include in this file the settings that
|
|
|
|
# are most likely to be changed by a developer or custom
|
|
|
|
# builder. If an option isn't here, you should look in
|
|
|
|
# config/bootstrap, config/chroot, config/binary,
|
|
|
|
# config/source, or config/common.
|
|
|
|
# An "effective inclusion" diagram in Open Office format
|
|
|
|
# will eventually be included in the repository for
|
|
|
|
# documentation.
|
|
|
|
|
|
|
|
|
|
|
|
# -----common-----
|
|
|
|
# Internal stuff (FIXME)
|
|
|
|
# The `--force-yes' option should be removed once `apt' is made to
|
|
|
|
# recognize and use all the relevant GPG keys. `--yes' can stay.
|
2008-08-02 09:35:05 +02:00
|
|
|
APT_OPTIONS="--yes"
|
2008-07-04 07:33:24 +02:00
|
|
|
|
|
|
|
|
|
|
|
# $LH_ARCHITECTURE: select chroot architecture
|
|
|
|
# (Default: autodetected)
|
|
|
|
# Note: Debian Live is also designed to work on AMD64 and PowerPC
|
|
|
|
LH_ARCHITECTURE="i386"
|
|
|
|
|
2008-08-02 09:35:05 +02:00
|
|
|
# $LH_APT_SECURE: set apt/aptitude security
|
|
|
|
# (Default: enabled)
|
|
|
|
# Setting $LH_APT_SECURE to "disabled" breaks cdebootstrap
|
|
|
|
# in the "bootstrap" build stage under Etch.
|
|
|
|
LH_APT_SECURE="enabled"
|
2008-07-04 07:33:24 +02:00
|
|
|
|
|
|
|
#-----bootstrap-----
|
|
|
|
# $LH_MIRROR_BOOTSTRAP: set mirror to bootstrap from
|
|
|
|
# (Default: http://ftp.us.debian.org/debian/)
|
|
|
|
LH_MIRROR_BOOTSTRAP="http://127.0.0.1:3142/apt-cacher/ftp.debian.org/debian/"
|
|
|
|
|
|
|
|
# $LH_MIRROR_CHROOT: set mirror to fetch packages from
|
|
|
|
# (Default: http://ftp.us.debian.org/debian/)
|
|
|
|
LH_MIRROR_CHROOT=$LH_MIRROR_BOOTSTRAP
|
|
|
|
|
|
|
|
# $LH_MIRROR_CHROOT_SECURITY: set security mirror to fetch packages from
|
|
|
|
# (Default: http://security.debian.org/)
|
|
|
|
LH_MIRROR_CHROOT_SECURITY="http://127.0.0.1:3142/apt-cacher/security.debian.org/"
|
|
|
|
|
|
|
|
#-----chroot-----
|
|
|
|
# $LH_HOOKS: set hook commands
|
|
|
|
# (Default: empty)
|
|
|
|
LH_HOOKS=""
|
|
|
|
|
|
|
|
# $LH_INTERACTIVE: set interactive build
|
|
|
|
# (Default: disabled)
|
|
|
|
LH_INTERACTIVE="disabled"
|
|
|
|
|
|
|
|
# $LH_KEYRING_PACKAGES: set keyring packages
|
|
|
|
# (Default: empty)
|
|
|
|
LH_KEYRING_PACKAGES=""
|
|
|
|
|
|
|
|
# $LH_LANGUAGE: set language to use
|
|
|
|
# (Default: empty)
|
|
|
|
LH_LANGUAGE="en"
|
|
|
|
|
|
|
|
# $LH_LINUX_FLAVOURS: set kernel flavour to use
|
|
|
|
# (Default: autodetected)
|
|
|
|
# CryptoNAS will be VERY slow on anything less than a Pentium,
|
2008-08-02 09:35:05 +02:00
|
|
|
# but you can add other flavors here if you want to. Note that
|
|
|
|
# the first flavor in the list will be the default.
|
2008-07-04 07:33:24 +02:00
|
|
|
#LH_LINUX_FLAVOURS="486 686"
|
2008-08-02 09:35:05 +02:00
|
|
|
LH_LINUX_FLAVOURS="686"
|
2008-07-04 07:33:24 +02:00
|
|
|
|
|
|
|
|
|
|
|
# $LH_LINUX_PACKAGES: set kernel packages to use
|
|
|
|
# (Default: autodetected)
|
|
|
|
LH_LINUX_PACKAGES="linux-image-2.6 ${LH_UNION_FILESYSTEM}-modules-2.6 squashfs-modules-2.6"
|
|
|
|
#LH_LINUX_PACKAGES=""
|
|
|
|
|
|
|
|
# $LH_PACKAGES: set packages to install
|
|
|
|
# (Default: empty)
|
|
|
|
LH_PACKAGES=""
|
|
|
|
|
|
|
|
# $LH_PACKAGES_LISTS: set package list to install
|
|
|
|
# (Default: standard)
|
|
|
|
# FIXME: Use "minimal cryptonas" for CryptoNAS releases
|
2008-08-02 09:35:05 +02:00
|
|
|
# Use "standard cryptonas-devel" for development
|
2008-07-04 07:33:24 +02:00
|
|
|
LH_PACKAGES_LISTS="standard cryptonas-devel"
|
|
|
|
|
|
|
|
#-----binary-----
|
|
|
|
# $LH_BINARY_IMAGES: set image type
|
|
|
|
# (Default: usb-hdd)
|
|
|
|
# Valid choices are:
|
|
|
|
# "iso" for CD-ROM builds
|
|
|
|
# "usb-hdd" for other block devices
|
|
|
|
# "net" for netboot
|
|
|
|
# "tar" for ???
|
|
|
|
LH_BINARY_IMAGES="usb-hdd"
|
|
|
|
|
|
|
|
# $LH_ENCRYPTION: set encrytion
|
|
|
|
# (Default: disabled)
|
|
|
|
LH_ENCRYPTION="disabled"
|
|
|
|
|
|
|
|
# $LH_HOSTNAME: set hostname
|
|
|
|
# (Default: cryptonas)
|
|
|
|
LH_HOSTNAME="cryptonas"
|
|
|
|
|
|
|
|
|
|
|
|
# $LH_ISO_PREPARER: set iso preparer
|
2008-08-02 09:35:05 +02:00
|
|
|
# (Default: live-helper 1.0~a48; http://packages.qa.debian.org/live-helper)
|
|
|
|
LH_ISO_PREPARER="live-helper 1.0~a48; http://packages.qa.debian.org/live-helper"
|
2008-07-04 07:33:24 +02:00
|
|
|
|
|
|
|
# $LH_ISO_PUBLISHER: set iso publisher
|
|
|
|
# (Default: Debian Live project; http://debian-live.alioth.debian.org/; debian-live-devel@lists.alioth.debian.org)
|
|
|
|
LH_ISO_PUBLISHER="CryptoNAS project; http://cryptonas.org; cryptobox-dev@lists.systemausfall.org"
|
|
|
|
|
|
|
|
# $LH_ISO_VOLUME: set iso volume (max 32 chars)
|
|
|
|
# (Default: Debian Live $(date +%Y%m%d-%H:%M))
|
|
|
|
LH_ISO_VOLUME="CryptoNAS Live $(date +%Y%m%d-%H:%M)"
|
|
|
|
|
|
|
|
#-----source-----
|
|
|
|
# $LH_SOURCE: set source option
|
|
|
|
# This is the easiest way to comply with the GNU GPL if you're
|
|
|
|
# redistributing CryptoNAS on a CD-ROM.
|
|
|
|
# (Default: disabled)
|
|
|
|
LH_SOURCE="disabled"
|
2008-06-19 09:35:37 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# It is recommended that CryptoNAS-specific variable
|
|
|
|
# definitions follow the CNAS_FOO or _CNAS_FOO conventions to
|
2008-07-04 07:33:24 +02:00
|
|
|
# avoid polluting the shared live-helper namespace. Additionally,
|
|
|
|
# only variables starting with "CNAS_" will be available at
|
|
|
|
# runtime via the scoreboard file.
|
2008-06-19 09:35:37 +02:00
|
|
|
###############################################################
|
|
|
|
|
|
|
|
#CNAS_DELETEFILES="/etc/rcS.d/*discover \
|
|
|
|
#/etc/rcS.d/*lvm \
|
|
|
|
#/var/log/dpkg.log \
|
|
|
|
#/var/log/bootstrap.log"
|
|
|
|
|
|
|
|
#CNAS_MAKEDIRS=""
|
2008-07-04 07:33:24 +02:00
|
|
|
|
|
|
|
|
|
|
|
CNAS_ROOT_FS="/root"
|
|
|
|
CNAS_HARDNESS="devel"
|
2008-07-12 05:27:05 +02:00
|
|
|
|
2008-08-18 02:24:32 +02:00
|
|
|
CNAS_SCOREBOARD_DIR="/usr/share/cryptonas-live"
|
|
|
|
|
|
|
|
|
|
|
|
# remove rc symlinks for these services
|
|
|
|
CNAS_SERVICES_OFF="ssh setserial nviboot mountnfs ntpdate"
|
|
|
|
|
|
|
|
# This part only applies if CNAS_HARDNESS is set to "secure":
|
|
|
|
#CNAS_REMOVE_PACKAGES="strace \
|
|
|
|
# nvi nano vim vim-common vim-tiny \
|
|
|
|
# unzip zip aptitude tasksel locate \
|
|
|
|
# ssh elinks curl wget netkit-inetd telnet \
|
|
|
|
# exim4-daemon-light exim4-config exim4-base \
|
|
|
|
# ppp pppconfig pppoe pppoeconf iptables \
|
|
|
|
# subversion w3m wget lynx less screen \
|
|
|
|
# info iptables man-db manpages \
|
|
|
|
# openssh-server openssh-client"
|
|
|
|
|
|
|
|
|
|
|
|
#CNAS_REMOVE_PACKAGES="strace nvi nano vim vim-common vim-tiny unzip zip aptitude tasksel locate ssh elinks curl wget netkit-inetd telnet exim4-daemon-light exim4-config exim4-base ppp pppconfig pppoe pppoeconf iptables subversion w3m wget lynx less screen info iptables man-db manpages openssh-server openssh-client"
|
|
|
|
|
|
|
|
# config/chroot_local-includes/usr/lib/cryptobox-cd/etc.d/modules and
|
|
|
|
# config/chroot_local-includes/usr/lib/cryptobox-cd/etc.d/network/interfaces
|
|
|
|
# will now be used at boot time if they exist. The developer can specify
|
|
|
|
# alternative files using the $CNAS_KMODULES and $CNAS_INTERFACES
|
|
|
|
# variables.
|
2008-07-12 05:27:05 +02:00
|
|
|
|
2008-09-04 05:07:06 +02:00
|
|
|
CNAS_INTERFACES="$CNAS_SCOREBOARD_DIR/etc.d/network/interfaces"
|
|
|
|
|
|
|
|
CNAS_KMODULES="$CNAS_SCOREBOARD_DIR/etc.d/modules"
|
2008-07-12 05:27:05 +02:00
|
|
|
#FIXME: add to etc.d/network/interfaces
|
|
|
|
#\tauto lo eth0
|
|
|
|
#\tiface lo inet loopback
|
|
|
|
#\tiface eth0 inet static
|
|
|
|
#\t\taddress 192.168.0.23
|
|
|
|
#\t\tnetmask 255.255.255.0
|
2008-08-02 09:35:05 +02:00
|
|
|
|
|
|
|
# $LH_ENCRYPTION: set encryption type/key size
|
|
|
|
# Encryption of the Debian Live media is broken under Etch. It may
|
|
|
|
# work under Lenny. In particular, the loop-aes runtime is broken
|
|
|
|
# in casper or initramfs-tools.
|
|
|
|
#LH_ENCRYPTION="aes256"
|
|
|
|
|