From cbc720a6c7b686312d1d309157b37c855eab063c Mon Sep 17 00:00:00 2001
From: Shulhan <ms@kilabit.info>
Date: Sun, 9 Jun 2024 16:56:54 +0700
Subject: all: add task to build image testable with qemu

An image that build for qemu will have user "arch" with predefined
SSH keys, so user can access the guest from host either using SSH key
or password.
---
 .gitignore                         |  1 +
 Makefile                           |  4 ++++
 build-arch-gce                     | 24 ++++++++++++++++++++++++
 qemu.sh                            |  3 ++-
 sys/etc/sudoers.d/wheel            |  1 +
 sys/home/arch/.ssh/authorized_keys |  1 +
 sys/home/arch/.ssh/id_ed25519      |  7 +++++++
 sys/home/arch/.ssh/id_ed25519.pub  |  1 +
 8 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100644 sys/etc/sudoers.d/wheel
 create mode 100644 sys/home/arch/.ssh/authorized_keys
 create mode 100644 sys/home/arch/.ssh/id_ed25519
 create mode 100644 sys/home/arch/.ssh/id_ed25519.pub

diff --git a/.gitignore b/.gitignore
index caebcbf..d91d6d5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 *.html
 *.log
+*.raw
 *.tar.gz
diff --git a/Makefile b/Makefile
index f01f957..e68fd9a 100644
--- a/Makefile
+++ b/Makefile
@@ -7,6 +7,10 @@ image:
 	ini set host::image $$(basename -s .tar.gz `ls *.tar.gz | tail -1`) awwan.env
 	ls -lh
 
+.PHONY: image-qemu
+image-qemu:
+	sudo IMAGE_QEMU=1 ./build-arch-gce
+
 .PHONY: publish
 publish:
 	awwan local gcloud-image-publish.aww 5-
diff --git a/build-arch-gce b/build-arch-gce
index eb9c751..094ab67 100755
--- a/build-arch-gce
+++ b/build-arch-gce
@@ -137,6 +137,19 @@ echo '-- Configuring network.'
 mkdir -p $mount_dir/etc/systemd/network/
 cp ./sys/etc/systemd/network/10-eth0.network $mount_dir/etc/systemd/network/
 
+if [[ -n "${IMAGE_QEMU:-}" ]]; then
+	echo '-- IMAGE_QEMU: Configuring sudoers.'
+	cp ./sys/etc/sudoers.d/wheel $mount_dir/etc/sudoers.d/wheel
+	chown root:root $mount_dir/etc/sudoers.d/wheel
+	chmod 0600 $mount_dir/etc/sudoers.d/wheel
+
+	echo '-- IMAGE_QEMU: Copying user arch SSH keys.'
+	mkdir -p $mount_dir/home/arch/.ssh
+	cp ./sys/home/arch/.ssh/id_ed25519 $mount_dir/home/arch/.ssh/
+	cp ./sys/home/arch/.ssh/id_ed25519.pub $mount_dir/home/arch/.ssh/
+	cp ./sys/home/arch/.ssh/authorized_keys $mount_dir/home/arch/.ssh/
+fi
+
 arch-chroot -- "$mount_dir" /bin/bash -s <<-'EOS'
 	set -eEuo pipefail
 	trap 'echo "Error: \`$BASH_COMMAND\` exited with status $?"' ERR
@@ -166,6 +179,16 @@ arch-chroot -- "$mount_dir" /bin/bash -s <<-'EOS'
 
 	echo '-- Running boot loader.'
 	bootctl install --no-variables --quiet
+
+	if [[ -n "${IMAGE_QEMU:-}" ]]; then
+		echo '-- IMAGE_QEMU: Creating user arch.'
+		useradd --create-home --groups wheel arch
+		echo "arch:arch" | chpasswd
+
+		chown -R arch:arch /home/arch
+		chmod 0600 /home/arch/.ssh/
+		chmod 0600 /home/arch/.ssh/*
+	fi
 EOS
 
 echo '- Configuring boot loader.'
@@ -186,5 +209,6 @@ echo '- Building the compressed image.'
 disk_tar="arch-v$(date --utc +%Y%m%d).tar.gz"
 tar --sparse -czf "$work_dir/$disk_tar" --directory="$work_dir" disk.raw
 mv -- "$work_dir/$disk_tar" .
+mv -- "$work_dir/disk.raw" ./
 
 echo "Successfully built image \`$disk_tar\`."
diff --git a/qemu.sh b/qemu.sh
index 559313a..a696f2d 100755
--- a/qemu.sh
+++ b/qemu.sh
@@ -4,7 +4,8 @@ image=$1
 echo $image
 qemu-system-x86_64 -enable-kvm \
 	-drive format=raw,file=$image,if=virtio \
-	-net none \
+	-device virtio-net,netdev=network0 \
+	-netdev user,id=network0 \
 	-m 512M \
 	-bios /usr/share/ovmf/x64/OVMF.fd \
 	-boot menu=on
diff --git a/sys/etc/sudoers.d/wheel b/sys/etc/sudoers.d/wheel
new file mode 100644
index 0000000..bbad988
--- /dev/null
+++ b/sys/etc/sudoers.d/wheel
@@ -0,0 +1 @@
+%wheel ALL=(ALL:ALL) NOPASSWD: ALL
diff --git a/sys/home/arch/.ssh/authorized_keys b/sys/home/arch/.ssh/authorized_keys
new file mode 100644
index 0000000..39b353a
--- /dev/null
+++ b/sys/home/arch/.ssh/authorized_keys
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDJrvpWBR2l3aMUjgxbmiWgd+46NvF2ha+4aOBa6aMIX arch@gcp
diff --git a/sys/home/arch/.ssh/id_ed25519 b/sys/home/arch/.ssh/id_ed25519
new file mode 100644
index 0000000..b51b218
--- /dev/null
+++ b/sys/home/arch/.ssh/id_ed25519
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACAya76VgUdpd2jFI4MW5oloHfuOjbxdoWvuGjgWumjCFwAAAJC/uupfv7rq
+XwAAAAtzc2gtZWQyNTUxOQAAACAya76VgUdpd2jFI4MW5oloHfuOjbxdoWvuGjgWumjCFw
+AAAEDwUtNQDNtFtsi60mqD4cBrDDVV31UiLTCg1vzzu+GBHjJrvpWBR2l3aMUjgxbmiWgd
++46NvF2ha+4aOBa6aMIXAAAACGFyY2hAZ2NwAQIDBAU=
+-----END OPENSSH PRIVATE KEY-----
diff --git a/sys/home/arch/.ssh/id_ed25519.pub b/sys/home/arch/.ssh/id_ed25519.pub
new file mode 100644
index 0000000..39b353a
--- /dev/null
+++ b/sys/home/arch/.ssh/id_ed25519.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDJrvpWBR2l3aMUjgxbmiWgd+46NvF2ha+4aOBa6aMIX arch@gcp
-- 
cgit v1.3