#!/bin/bash # # Configure a Debian Edu system with 'LTSP-Server' profile' for both diskless # workstations and also thin clients (using X2Go). # LTSP has been re-written in 2019. LTSP5 has been discontinued and isn't available # any longer in the Debian archive, the known tools are gone. This script takes care # for the special Debian Edu requirements. # The configuration below applies to a Debian Edu machine in the internal # backbone network with two NICs. This system needs to be registered w/ GOsa² in # case it isn't the main server (i.e. a 'combined' server). # Kerberized NFS is used (with krb5i as default), see: # https://wiki.debian.org/DebianEdu/Documentation/Bookworm/HowTo/Administration#Kerberized_NFS # The modified system provides a separate LTSP client network attached to eth1. # # Author/Copyright: Wolfgang Schweer # Licence: GPL2+ # first edited: 2019-11-21 version=2023-03-25 set -e select_desktop () { # select the first found desktop as the default, based on what x2goclient # (src/onmainwindow.cpp) and x2goserver (x2goserver/bin/x2goruncommand) # support if [ -x /usr/bin/startxfce4 ]; then # from xfce4-session echo XFCE # FIXME x2goclient and x2goserver (x2goruncommand) in Debian only support # startkde which does not exist any more (#955128) #elif [ -x /usr/bin/startplasma-x11 ]; then # from plasma-workspace # echo KDE elif [ -x /usr/bin/gnome-session ]; then # from gnome-session-bin echo GNOME elif [ -x /usr/bin/mate-session ]; then # from mate-session echo MATE elif [ -x /usr/bin/startlxde ]; then # from openbox-lxde-session echo LXDE elif [ -x /usr/bin/startlxqt ]; then # from lxqt-session echo LXQT elif [ -x /usr/bin/cinnamon-session-cinnamon2d ]; then # from cinnamon echo CINNAMON elif [ -x /usr/bin/openbox-session ]; then # from openbox echo OPENBOX elif [ -x /usr/bin/icewm-session ]; then # from icewm echo ICEWM else echo XFCE fi } # usage if [ -z "$1" ] ; then echo "Use $0 -h or $0 --help for more information" exit 0 fi if [ "$1" = "-h" ] || [ "$1" = "--help" ] ; then cat < --dist --dns_server <10.0.2.2|dns server ip> --diskless_workstation --thin_type --dlw --img --desktop --x2go_desktop Turn a Debian Edu workstation into an LTSP server for both diskless workstations and thin clients. --arch takes effect for a thin client chroot setup, default value is the system architecture one. --dist takes effect for a LTSP/X2Go client chroot setup, default value is the one the LTSP server is running. --dns_server defaults to 10.0.2.2 if omitted. --diskless_workstation defaults to no if omitted. --dlw used to create a diskless workstation LTSP chroot (root fs via NFS), default is no. --img takes effect for LTSP diskless workstation and X2Go thin client chroot setup, default is yes. --desktop takes effect for LTSP diskless workstation chroot setup, default is xfce. Other values: cinnamon, gnome, kde, lxde, lxqt, mate. (And 'none' for modular installations - also useful for testing). --x2go_desktop takes effect for X2Go thin client setup, default is any of the installed desktop environments Other values: cinnamon, gnome, kde, lxde, lxqt, mate, openbox, icewm --thin_type has no default value. These are available: bare: preconfigured x2go client running via 'startx' as user 'thin' with sound and client side mass storage support. display: x2gothinclient running in display mode. desktop: x2gothinclient running in minidesktop mode. Example 1: 'debian-edu-ltsp-install --diskless_workstation yes' creates diskless workstation support (SquashFS image). Example 2: 'debian-edu-ltsp-install --arch amd64 --diskless_workstation yes --thin_type bare' creates diskless workstation and 64-bit thin client support. LTSP client boot defaults to diskless workstation. Example 3: 'debian-edu-ltsp-install --arch i386 --thin_type bare' creates additional 32-bit thin client support. Example 4: 'debian-edu-ltsp-install --diskless_workstation yes' updates the diskless workstation SquashFS image. Example 5: 'debian-edu-ltsp-install --dlw yes --img no' creates a diskless workstation LTSP chroot. Please note that about 15 GiB of additional disk space is needed. In the default case, run the commands 'lvresize -L+15G /dev/vg_system/srv+ltsp' and 'resize2fs /dev/vg_system/srv+ltsp'. Example 6: 'debian-edu-ltsp-install --dlw yes' creates diskless workstation LTSP chroot and the related SquashFS image. Another 5 GiB more additional disk space is needed. This script applies to a system with two NICs on the internal backbone network. EOF exit 0 fi if [ -r /etc/debian-edu/config ] ; then . /etc/debian-edu/config fi # Grab dist value for both testing and stable release cases. if grep -q / /etc/debian_version ; then dist="$(cat /etc/debian_version | cut -d/ -f1)" else dist=$(lsb_release -sc) fi # Set default values. arch="$(dpkg --print-architecture)" dns_server="10.0.2.2" diskless_workstation="no" thin_type="" dlw="no" img="yes" desktop="xfce" x2go_desktop="$(select_desktop)" while [ $# -gt 0 ] ; do case "$1" in --arch) arch="$2" ; shift ;; --dist) dist="$2" ; shift ;; --dns_server) dns_server="$2" ; shift ;; --diskless_workstation) diskless_workstation="$2" ; shift ;; --thin_type) thin_type="$2" ; shift ;; --dlw) dlw="$2" ; shift ;; --img) img="$2" ; shift ;; --desktop) desktop="$2" ; shift ;; --x2go_dektop) x2go_desktop="$(printf '%s\n' "$2" | tr '[:lower:]' '[:upper:]')" shift ;; --version) echo $version; exit 0 ;; esac shift done kernel_arch="$arch" # Special case i386. if [ "i386" == "$arch" ] ; then #kernel_arch="686-pae" # next one optimal for very old TC machines w/o PAE. kernel_arch="686" fi # Common Debian Edu specific configuration (dirs and HERE documents), only minor # difference for thin clients and diskless workstation (in ltsp.conf), see below. # Next two lines are needed in case of a separate LTSP server. ETH0_IP="$(hostname -I | cut -d' ' -f1)" ETH1_IP="$(hostname -I | cut -d' ' -f2)" ETH1_IP=${ETH1_IP:-"192.168.0.254"} HOSTNAME="$(hostname -s)" if [ ! -d /etc/ltsp/client ] ; then mkdir -p /etc/ltsp/client/init # We are using NFS/Kerberos (krb5i) and autofs instead of sshfs for home dirs. touch /etc/ltsp/client/init/54-pam.sh # Debian Edu wants a greeter w/o user list, i.e. don't modify existing config. touch /etc/ltsp/client/init/55-display-manager.sh # make ipxe menu entries more user friendly. cat < /etc/ltsp/ltsp.conf # /bin/sh -n # LTSP configuration file # Documentation=man:ltsp.conf(5) [server] # Provide a full menu name for x2go-bare-amd64.img IPXE_X2GO_BARE_AMD64_IMG="Plain X2Go Thin Client (64-Bit)" # Provide a full menu name for x2go-bare-i386.img IPXE_X2GO_BARE_I386_IMG="Plain X2Go Thin Client (32-Bit)" # Provide a full menu name for x2go-bare-amd64 IPXE_X2GO_BARE_AMD64="Plain X2Go Thin Client (64-Bit, NFS rootfs)" # Provide a full menu name for x2go-bare-i386 IPXE_X2GO_BARE_I386="Plain X2Go Thin Client (32-Bit, NFS rootfs)" # Provide a full menu name for x2go-display-amd64.img IPXE_X2GO_DISPLAY_AMD64_IMG="Display Mode X2Go Thin Client (64-Bit)" # Provide a full menu name for x2go-display-i386.img IPXE_X2GO_DISPLAY_I386_IMG="Display Mode X2Go Thin Client (32-Bit)" # Provide a full menu name for x2go-display-amd64 IPXE_X2GO_DISPLAY_AMD64="Display Mode X2Go Thin Client (64-Bit, NFS rootfs)" # Provide a full menu name for x2go-display-i386 IPXE_X2GO_DISPLAY_I386="Display Mode X2Go Thin Client (32-Bit, NFS rootfs)" # Provide a full menu name for x2go-desktop-amd64.img IPXE_X2GO_DESKTOP_AMD64_IMG="Desktop Mode X2Go Thin Client (64-Bit)" # Provide a full menu name for thin/desktop-i386.img IPXE_X2GO_DESKTOP_I386_IMG="Desktop Mode X2Go Thin Client (32-Bit)" # Provide a full menu name for x2go-desktop-amd64 IPXE_X2GO_DESKTOP_AMD64="Desktop Mode X2Go Thin Client (64-Bit, NFS rootfs)" # Provide a full menu name for thin/desktop-i386 IPXE_X2GO_DESKTOP_I386="Desktop Mode X2Go Thin Client (32-Bit, NFS rootfs)" # Provide a full menu name for x86_64.img IPXE_X86_64_IMG="Diskless Workstation (server's SquashFS image)" # Provide a full menu name for x86_32.img IPXE_X86_32_IMG="Diskless Workstation (32-Bit, server's SquashFS image)" # Provide a full menu name for dlw.img IPXE_DLW_IMG="Diskless Workstation (SquashFS image from chroot)" # Provide a full menu name for dlw IPXE_DLW="Diskless Workstation (Chroot as NFS rootfs)" ##### Set default boot value ###### # Default value is x86_64 or x86_32 (arch specific, Diskless Workstation) # Plain X2Go Thin Client (64-Bit) #DEFAULT_IMAGE="x2go-bare-amd64" # Plain X2Go Thin Client (32-Bit) #DEFAULT_IMAGE="x2go-bare-i386" # Display Mode X2Go Thin Client (64-Bit) #DEFAULT_IMAGE="x2go-display-amd64" # Desktop Mode X2Go Thin Client (64-Bit) #DEFAULT_IMAGE="x2go-desktop-amd64" # Diskless Workstation (Chroot as NFS rootfs) #DEFAULT_IMAGE="dlw" # Install Debian Edu/amd64 (64-Bit) #DEFAULT_IMAGE="amd64" # Install Debian Edu/i386 (32-Bit) #DEFAULT_IMAGE="i386" ##### Set default iPXE menu timeout ###### # Default value is 5000 milliseconds, i.e. 5 seconds. #MENU_TIMEOUT="5000" # Don't show the menu. #MENU_TIMEOUT="-1" # Debian Edu specific DNS_SERVER=10.0.2.2 SEARCH_DOMAIN=intern ADD_IMAGE_EXCLUDES="/etc/ltsp/image-local.excludes" # This takes effect for hosts behind the LTSP eth1 interface. NAT=1 # In the special [clients] section, parameters for all clients can be defined. # Most ltsp.conf parameters should be placed here. [clients] POST_INIT_PRINTER="cp /etc/ltsp/p910d.conf /etc/default/p910d" HOSTS_1="10.0.2.2 tjener.intern tjener" HOSTS_2="$ETH1_IP $HOSTNAME" EOF fi # Debian Edu specific common additional image excludes; for diskless # workstations the /skole mountpoint (for autofs) needs to be clean. # This applies for both a combined server and a separate LTSP server. # For a combined server image the autofs service needs to be enabled (see below). if echo "$PROFILE" | grep -Eq 'Workstation|LTSP-Server' ; then cat < /etc/ltsp/image-local.excludes skole/* EOF cat < /etc/ltsp/p910d.conf # Use attached USB printer (default is /dev/lp0, i.e. parallel port printer). P910ND_OPTS=" -f /dev/usb/lp0" # Debian specific (set to 1 to enable daemon start, default is 0) P910ND_START=1 # See 'man p910nd' for details and settings. EOF fi # FIXME: On the main server even more additional excludes might be useful. if echo "$PROFILE" | grep -Eq 'Main-Server' ; then cat <> /etc/ltsp/image-local.excludes etc/apache2 etc/bind etc/dbconfig-common etc/dovecot etc/etckeeper etc/gosa etc/freeradius etc/icinga etc/icinga2 etc/icingaweb2 etc/krb5kdc etc/krb5.keytab.imap etc/krb5.keytab.ldap etc/krb5.keytab.smtp etc/mysql etc/nagios etc/nagios-plugins etc/nagios3 etc/samba etc/slbackup etc/slbackup-php usr/lib/apache2 usr/lib/exim4 usr/lib/icinga usr/log/samba/* usr/log/squid/* var/cache/apache2/* var/cache/apt/* var/cache/bind/* var/cache/debconf/* var/cache/etckeeper/* var/cache/gosa/* var/cache/icinga/* var/cache/munin/* var/cache/nscd/* var/cache/samba/* var/lib/apache2/* var/lib/cfengine3/* var/lib/dbus/* var/lib/dhcp/* var/lib/dpkg/* var/lib/exim4/* var/lib/icinga/* var/lib/ldap/* var/lib/munin/* var/lib/munin-node/* var/lib/nfs/* var/lib/samba/* var/log/apache2/* var/log/cfengine/* var/log/installer/* var/log/munin/* var/log/samba/* var/log/squid/* var/mail/* var/log/*.gz var/spool/squid EOF fi # Needed for thin client auto login user. mkdir -p /etc/ltsp/getty@tty1.service.d cat < /etc/ltsp/getty@tty1.service.d/override.conf [Service] ExecStart= ExecStart=-/usr/sbin/agetty -a thin --noclear %I $TERM RestartSec=10 EOF # Needed for thin client autofs setup (USB mass storage support (rw mode). mkdir -p /etc/ltsp/autofs cat < /etc/ltsp/autofs/extra.autofs /- /etc/auto.usb0 --mode=0777 --timeout=3 EOF cat < /etc/ltsp/autofs/auto.usb0 /usb0 -fstype=auto,rw,user,umask=000 :/dev/sda1 EOF # Needed for thin client auto login configuration (startx). mkdir -p /etc/ltsp/skel cat < /etc/ltsp/skel/.profile while true ; do startx done EOF # Needed for thin client auto login configuration (x2goclient start). cat < /etc/ltsp/skel/.xinitrc exec x2goclient --no-menu --add-to-known-hosts --no-session-edit --close-disconnect EOF # Needed for thin client x2goclient configuration. mkdir -p /etc/ltsp/skel/.x2goclient cat < /etc/ltsp/skel/.x2goclient/printing [General] pdfview=false showdialog=true [CUPS] defaultprinter= [print] command=lpr ps=false startcmd=false stdin=false [view] command=xpdf open=true EOF # Needed for thin client (x2goclient preconfigured session). cat < /etc/ltsp/skel/.x2goclient/sessions [default] autologin=false clipboard=both command=$x2go_desktop defsndport=true directrdp=false directrdpsettings= directxdmcp=false directxdmcpsettings= display=1 dpi=96 export="/usb0:1;" fstunnel=true fullscreen=true height=600 host=$(hostname -s) icon=/usr/share/icons/hicolor/64x64/apps/x2goclient.png iconvfrom=ISO8859-1 iconvto=UTF-8 krbdelegation=false krblogin=false maxdim=false multidisp=false name=Debian Edu Thin Client pack=16m-jpeg print=true published=false quality=9 rootless=false setdpi=true sndport=4713 sound=true soundsystem=pulse soundtunnel=true speed=4 sshport=22 sshproxyautologin=false startsoundsystem=true type=auto useiconv=false usekbd=true usesshproxy=false width=800 xdmcpclient=Xnest xdmcpserver=localhost xinerama=false EOF # Needed for thin client x2goclient configuration. cat < /etc/ltsp/skel/.x2goclient/settings [toolbar] show=false EOF # Specific settings needed if BD ISO image is used for installation inside d-i. # First part of next condition: Looking for file created by base-installer and # removed at the end of the d-i run. if [ -e /etc/apt/apt.conf.d/00IgnoreTimeConflict ] && grep -q BD /etc/apt/sources.list ; then BD_ISO="true"; device="$(grep media/cdrom /etc/fstab | cut -d' ' -f1)" mirror="file:///media/cdrom/" else mirror="http://deb.debian.org/debian" fi # Create thin client chroot and generate image. export DEBIAN_FRONTEND=noninteractive if ! [ "" == "$thin_type" ] && [ ! -d /srv/tftp/ltsp/x2go-"$thin_type"-"$arch"/etc/ltsp ] ; then mkdir -p /srv/tftp/ltsp/x2go-"$thin_type"-"$arch" # Install common thin client packages. debootstrap --arch="$arch" --no-check-gpg --variant=minbase --include=sitesummary-client,linux-image-"$kernel_arch" \ "$dist" /srv/ltsp/x2go-"$thin_type"-"$arch" "$mirror" # Unset temporary directory variables to avoid problems when directory # is missing inside the chroot. https://bugs.debian.org/765443 unset TMPDIR TEMP TEMPDIR TMP chroot /srv/ltsp/x2go-"$thin_type"-"$arch"/ apt clean # Care for complete sources list (security, also nonfree -- in case firmware is needed). chroot /srv/ltsp/x2go-"$thin_type"-"$arch"/ sh -c "cp /usr/share/doc/apt/examples/sources.list /etc/apt/sources.list.d/full.list" mount /dev/pts -t devpts /srv/ltsp/x2go-"$thin_type"-"$arch"/dev/pts mount proc -t proc /srv/ltsp/x2go-"$thin_type"-"$arch"/proc if [ "true" == "$BD_ISO" ] ; then mkdir -p /srv/ltsp/x2go-"$thin_type"-"$arch"/media/cdrom mount "$device" /srv/ltsp/x2go-"$thin_type"-"$arch"/media/cdrom echo "deb [trusted=yes] $mirror $dist main" > /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/apt/sources.list fi chroot /srv/ltsp/x2go-"$thin_type"-"$arch"/ apt -y -qq install education-thin-client p910nd # Install case specific additional packages. if [ "display" == "$thin_type" ] ; then chroot /srv/ltsp/x2go-"$thin_type"-"$arch"/ apt -y -qq install x2gothinclient-displaymanager fi if [ "desktop" == "$thin_type" ] ; then chroot /srv/ltsp/x2go-"$thin_type"-"$arch"/ apt -y -qq install x2gothinclient-minidesktop \ x2gothinclient-cdmanager x2gothinclient-usbmount if ! [ "en" == "$LANGCODE" ] ; then chroot /srv/ltsp/x2go-"$thin_type"-"$arch"/ apt -y -qq install firefox-esr-l10n-"$LANGCODE" fi fi if [ "true" == "$BD_ISO" ] ; then umount /srv/ltsp/x2go-"$thin_type"-"$arch"/media/cdrom fi umount /srv/ltsp/x2go-"$thin_type"-"$arch"/dev/pts umount /srv/ltsp/x2go-"$thin_type"-"$arch"/proc if [ "bare" == "$thin_type" ] ; then rm -rf /srv/ltsp/x2go-"$thin_type"-"$arch"/var/cache/debconf rm -rf /srv/ltsp/x2go-"$thin_type"-"$arch"/var/cache/man fi # Configure locale et al. cp /etc/locale.gen /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/ cp /etc/default/locale /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/default chroot /srv/ltsp/x2go-"$thin_type"-"$arch" locale-gen cp /etc/default/keyboard /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/default cp /etc/default/console-setup /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/default chroot /srv/ltsp/x2go-"$thin_type"-"$arch" setupcon -k # Configure Sitesummary. cp -r /etc/sitesummary/config.d/ /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/sitesummary/ cp -f /etc/sitesummary/site /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/sitesummary/ cp -f /etc/sitesummary/sitegroup /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/sitesummary/ echo ltsp-client > /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/sitesummary/hostclass # Customize X2Go client for Debian Edu use. if [ "display" == "$thin_type" ] || [ "desktop" == "$thin_type" ] ; then cp /etc/ltsp/skel/.x2goclient/sessions /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/x2go/x2gothinclient_sessions fi # Firefox-ESR customization for Debian Edu. if [ "desktop" == "$thin_type" ] ; then cp /etc/environment /srv/ltsp/x2go-"$thin_type"-"$arch"/etc cp /etc/firefox-esr/debian-edu.js /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/firefox-esr cp /etc/firefox-esr/debian-edu-homepage-ldap.js /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/firefox-esr cp /etc/ssl/certs/Debian-Edu_rootCA.crt /srv/ltsp/x2go-"$thin_type"-"$arch"/etc/ssl/certs cat < /srv/ltsp/x2go-"$thin_type"-"$arch"/usr/share/firefox-esr/distribution/policies.json { "policies": { "Certificates": { "ImportEnterpriseRoots": true, "Install": [ "/etc/ssl/certs/Debian-Edu_rootCA.crt" ] }, "NewTabPage": false, "OverrideFirstRunPage": "", "SearchEngines": { "Add": [ { "IconURL": "https://duckduckgo.com/favicon.ico", "Method": "POST", "Name": "DuckDuckGo", "SuggestURLTemplate": "https://duckduckgo.com/ac/?q={searchTerms}&type=list", "URLTemplate": "https://duckduckgo.com/?q={searchTerms}" } ], "Default": "DuckDuckGo" } } } EOF fi if [ "$img" == "yes" ] ; then ltsp image /srv/ltsp/x2go-"$thin_type"-"$arch" fi # Create a runtime user for x2go login terminal; configure autofs (USB storage support). if [ "bare" == "$thin_type" ] ; then cat <> /etc/ltsp/ltsp.conf POST_INIT_THIN_USER='useradd -G disk -m -d /run/home/thin -k /etc/ltsp/skel -r thin' POST_INIT_SYSTEMD='mkdir /etc/systemd/system/getty@tty1.service.d && \ cp /etc/ltsp/getty@tty1.service.d/override.conf /etc/systemd/system/getty@tty1.service.d' POST_INIT_AUTOFS='cp /etc/ltsp/autofs/extra.autofs /etc/auto.master.d && \ cp /etc/ltsp/autofs/auto.* /etc' EOF fi ALL_IMAGES=1 ltsp kernel # Create the ltsp.img file and move it to where it belongs. ltsp initrd mv /srv/tftp/ltsp/ltsp.img /srv/tftp/ltsp/x2go-"$thin_type"-"$arch"/ltsp.img # Clean up ltsp.conf from image specific items. sed -i '/POST_INIT/d' /etc/ltsp/ltsp.conf fi # Generate image for diskless workstation. if [ "yes" == "$diskless_workstation" ] ; then if echo "$PROFILE" | grep -Eq 'Main-Server' ; then # The image is a copy of the main server's fs. On the server, autofs # is disabled, but it is needed for diskless workstations. # OTOH some services need to be disabled, i.e. 'masked'. cat <> /etc/ltsp/ltsp.conf PRE_INIT_AUTOFS="echo 'LDAPURI=ldap://ldap' >> /etc/default/autofs" PRE_INIT_MAIN_SERVER="systemctl enable autofs" POST_INIT_USE_FQDN="sed -i '/10.0.2.2/ s/server/tjener.intern tjener/' /etc/hosts" POST_INIT_SITESUMMARY="sed -i 's/main-server/ltsp-client/' /etc/sitesummary/hostclass" MASK_SYSTEM_SERVICES="apache2 named cups dovecot etckeeper exim4 squid tftpd-hpa \ icinga2 nmbd slapd smbd systemd-journald xrdp xrdp-sesman krb5-kdc mariadb cfengine3 isc-dhcp-server" EOF else cat <> /etc/ltsp/ltsp.conf MASK_SYSTEM_SERVICES="etckeeper exim4 tftpd-hpa isc-dhcp-server xrdp xrdp-sesman" EOF fi # Temporary workaround needed in some cases for configuring the resolver inside # the SquashFS image. rm -f /etc/resolv.conf echo "nameserver $dns_server" > /etc/resolv.conf echo "search intern" >> /etc/resolv.conf # Create SqashFS image. ltsp image /,,/boot,subdir=boot,,/usr,subdir=usr,,/var,subdir=var # Revert resolver workaround from above. rm -f /etc/resolv.conf ln -s /run/resolvconf/resolv.conf /etc/resolv.conf # next modification avoids ltsp command error if lot of images are available. ALL_IMAGES=1 ltsp kernel ltsp initrd if uname -r | grep -q 686 ; then mv /srv/tftp/ltsp/ltsp.img /srv/tftp/ltsp/x86_32/ltsp.img else mv /srv/tftp/ltsp/ltsp.img /srv/tftp/ltsp/"$(uname -m)"/ltsp.img fi # Clean up ltsp.conf from specific items. sed -i '/PRE_INIT_MAIN/d' /etc/ltsp/ltsp.conf sed -i '/PRE_INIT_AUTOFS/d' /etc/ltsp/ltsp.conf sed -i '/MASK_SYSTEM/d' /etc/ltsp/ltsp.conf fi # Generate chroot and SquashFS image (optional) for diskless workstation. if [ "yes" == "$dlw" ] ; then # The chroot is basically a workstation installation. # Petter Reinholdtsen's debian-edu-bless script is used to achieve it. cat <> /etc/ltsp/ltsp.conf LIGHTDM_CONF="greeter-hide-users" POST_INIT_USE_FQDN="sed -i '/10.0.2.2/ s/server/tjener.intern tjener/' /etc/hosts" EOF mkdir -p /srv/ltsp/dlw chmod 755 /srv/ltsp/dlw # Use BD-ISO if available. if [ "true" == "$BD_ISO" ] && ! mountpoint -q /media/cdrom ; then mount /media/cdrom fi if grep -q BD /etc/apt/sources.list && [ -f /media/cdrom/.disk/info ] ; then mkdir -p /srv/ltsp/dlw/media/cdrom mount --bind /media/cdrom /srv/ltsp/dlw/media/cdrom mirror="file:///media/cdrom/" fi # Install base system debootstrap --arch="$arch" --no-check-gpg --variant=minbase --include=locales,console-setup,linux-image-"$arch" "$dist" /srv/ltsp/dlw "$mirror" # Care for complete sources list (security, also nonfree -- in case firmware is needed). chroot /srv/ltsp/dlw sh -c "cp /usr/share/doc/apt/examples/sources.list /etc/apt/sources.list.d/full.list" # Care for same locale and keyboard settings in the chroot, also useful to quiet down Perl. cp /etc/locale.gen /srv/ltsp/dlw/etc/ cp /etc/default/locale /srv/ltsp/dlw/etc/default chroot /srv/ltsp/dlw locale-gen cp /etc/default/keyboard /srv/ltsp/dlw/etc/default cp /etc/default/console-setup /srv/ltsp/dlw/etc/default chroot /srv/ltsp/dlw setupcon -k # Care for special files. # Unset temporary directory variables to avoid problems when directory # is missing inside the chroot. https://bugs.debian.org/765443 unset TMPDIR TEMP TEMPDIR TMP mount /dev/pts -t devpts /srv/ltsp/dlw/dev/pts mount proc -t proc /srv/ltsp/dlw/proc if grep -q BD /etc/apt/sources.list && mountpoint -q /media/cdrom ; then echo "deb [trusted=yes] $mirror $dist main" > /srv/ltsp/dlw/etc/apt/sources.list fi mkdir -p /srv/ltsp/dlw/tmp/user/0/ cp /usr/share/debian-edu-config/tools/debian-edu-bless /srv/ltsp/dlw/sbin # Install the mandatory ltsp package (and apt-utils to don't delay package configuration). chroot /srv/ltsp/dlw apt-get install -y -qq apt-utils ltsp # Turn system into a Debian Edu workstation. chroot /srv/ltsp/dlw sh -c "DESKTOP=$desktop /sbin/debian-edu-bless" mkdir -p /srv/ltsp/dlw/skole chmod 755 /srv/ltsp/dlw/skole rm -f /srv/ltsp/dlw/etc/resolv.conf # Next line needed for kerberized NFS home directory access. cp /etc/krb5.keytab /srv/ltsp/dlw/etc/ # Care for Debian Edu certificates. cp /etc/ssl/certs/debian-edu-server.crt /srv/ltsp/dlw/etc/ssl/certs/ cp /usr/local/share/ca-certificates/*.crt /srv/ltsp/dlw/usr/local/share/ca-certificates/ chroot /srv/ltsp/dlw update-ca-certificates # Adjust Sitesummary configuration cp -f /etc/sitesummary/site /srv/ltsp/dlw/etc/sitesummary/ cp -f /etc/sitesummary/sitegroup /srv/ltsp/dlw/etc/sitesummary/ echo ltsp-client > /srv/ltsp/dlw/etc/sitesummary/hostclass # Care for temporary mounts. umount /srv/ltsp/dlw/dev/pts umount /srv/ltsp/dlw/proc if grep -q BD /etc/apt/sources.list && [ -f /media/cdrom/.disk/info ] ; then umount /srv/ltsp/dlw/media/cdrom umount /media/cdrom fi # Create optional SqashFS image file. if [ "yes" == "$img" ] ; then ltsp image dlw fi # Next modification avoids ltsp command error if lot of images are available. ALL_IMAGES=1 ltsp kernel # Create ltsp initrd (ltsp.img) and move it to the right location. ltsp initrd mv /srv/tftp/ltsp/ltsp.img /srv/tftp/ltsp/dlw/ # Update iPXE menu and adjust the created file for Debian Edu needs. ltsp ipxe sed -i 's#ltsp/ltsp.img#ltsp/${img}/ltsp.img#' /srv/tftp/ltsp/ltsp.ipxe # Clean up ltsp.conf from image specific items. sed -i '/POST_INIT/d' /etc/ltsp/ltsp.conf sed -i '/LIGHTDM_CONF/d' /etc/ltsp/ltsp.conf fi # Get rid of additional excludes just in case they exist (main server). cat /dev/null > /etc/ltsp/image-local.excludes # Use legacy network interfaces names. if ! grep -q net.ifnames /etc/default/grub ; then sed -i 's/quiet/net.ifnames=0 quiet/' /etc/default/grub update-grub fi # Tweak network interfaces file to match the use case. if echo "$PROFILE" | grep -Eq 'Main-Server' ; then cat < /etc/network/interfaces auto eth0 eth1 iface eth0 inet static address 10.0.2.2 gateway 10.0.0.1 dns-search intern dns-nameserver 127.0.0.1 iface eth1 inet static address $ETH1_IP EOF else cat < /etc/network/interfaces auto eth0 eth1 iface eth0 inet static address $ETH0_IP gateway 10.0.0.1 dns-search intern dns-nameservers 10.0.2.2 iface eth1 inet static address $ETH1_IP EOF fi # Next line is needed upon upgrade from LTSP5. sed -i '/ltsp/d' /etc/exports # Adjust NFS exports for separate LTSP servers. if ! echo "$PROFILE" | grep -Eq 'Main-Server' ; then rm -f /etc/exports.d/edu.exports fi # Configure NFS ltsp nfs # Restart nfs-kernel-server and give feedback about exports if running this # script outside of the Debian Installer environment. if [ ! -x /sbin/start-stop-daemon.REAL ] ; then exportfs -rav fi # Generate the LTSP specific iPXE menu ltsp ipxe # Add PXE installation related entries to iPXE menu. if ! grep -q main-server /srv/tftp/ltsp/ltsp.ipxe && \ [ -f /srv/tftp/debian-installer/amd64/linux ] ; then echo "Modifying /srv/tftp/ltsp/ltsp.ipxe" sed -i '/^menu.*/ a item\ item --gap Installation:\ item --key a amd64 Install Debian Edu/amd64 (64-Bit)\ item --key i i386 Install Debian Edu/i386 (32-Bit)\ item\ ' /srv/tftp/ltsp/ltsp.ipxe cat /srv/tftp/debian-edu/install.cfg >>/srv/tftp/ltsp/ltsp.ipxe fi # Make sure /srv/tftp/ltsp/ltsp.ipxe is Debian Edu specific. sed -i 's#ltsp/ltsp.img#ltsp/${img}/ltsp.img#' /srv/tftp/ltsp/ltsp.ipxe