Thales Maciel
c3fb4ccc3e
New internal/imagepull/assets/first-boot.sh: POSIX-sh oneshot that detects the guest distro from /etc/os-release (ID + ID_LIKE fallback), installs openssh-server via the native package manager, and enables/starts sshd. Covers debian/ubuntu/kali/raspbian/pop, alpine, fedora/rhel/centos/rocky/almalinux, arch/manjaro, and opensuse/suse. Unknown distros fail clearly with a pointer at editing the script to add a branch. Marker-driven: the service has ConditionPathExists= /var/lib/banger/first-boot-pending, and the script removes the marker on success. Subsequent boots no-op. Testability seams in the script: RUN_PLAN=1 skips the sshd-already-present short-circuit and makes the dispatch echo the planned command instead of executing it. OS_RELEASE_FILE and BANGER_FIRST_BOOT_MARKER env vars override paths so the Go tests exercise the real dispatch logic in a tempdir without touching /etc or /var/lib on the host. Embedding: internal/imagepull/firstboot.go go:embeds both the script and the systemd unit; exposes FirstBootScript() and FirstBootUnit() plus the FirstBootScriptPath / FirstBootMarkerPath / FirstBootUnitName constants. Injection: InjectGuestAgents now drops /usr/local/libexec/ banger-first-boot (0755), /etc/systemd/system/banger-first-boot. service (0644), the empty /var/lib/banger/first-boot-pending marker (0644), and the multi-user.target.wants enable symlink. All uid=0, gid=0. Tests: eight-case dispatch-by-distro (debian, ubuntu, alpine, fedora, arch, opensuse, plus ID_LIKE fallbacks for weird derivatives). Script syntax check via `sh -n`. Unit-contains- expected-fields check. Existing inject round-trip test extended to assert the first-boot bits land in the ext4. Deferred: per-image FirstBootPending flag + extended SSH wait timeout at VM start. Will add if live verification (B-4) shows the naive retry UX is unacceptable. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
26 lines
848 B
Go
26 lines
848 B
Go
package imagepull
|
|
|
|
import _ "embed"
|
|
|
|
//go:embed assets/first-boot.sh
|
|
var firstBootScript string
|
|
|
|
//go:embed assets/first-boot.service
|
|
var firstBootUnit string
|
|
|
|
// FirstBootScript returns the shell script that installs openssh-server
|
|
// on first VM boot, dispatching on /etc/os-release.
|
|
func FirstBootScript() string { return firstBootScript }
|
|
|
|
// FirstBootUnit returns the systemd oneshot unit that runs the first-boot
|
|
// script once after network-online, before sshd.
|
|
func FirstBootUnit() string { return firstBootUnit }
|
|
|
|
// FirstBoot guest paths — kept here so inject.go and future callers
|
|
// share one source of truth.
|
|
const (
|
|
FirstBootScriptPath = "/usr/local/libexec/banger-first-boot"
|
|
FirstBootUnitName = "banger-first-boot.service"
|
|
FirstBootMarkerDir = "/var/lib/banger"
|
|
FirstBootMarkerPath = "/var/lib/banger/first-boot-pending"
|
|
)
|