diff options
| author | Lars Wirzenius <liw@liw.fi> | 2022-08-07 12:55:42 +0000 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2022-08-07 12:55:42 +0000 |
| commit | 476b68437d9ef6aceaf8b17b08f65580642d2c34 (patch) | |
| tree | f4ae042784a3514b37fe808be0ef995fd0eb20c4 | |
| parent | 71027842bfe4ed647e8229f3153cd38397d93a7f (diff) | |
| parent | e00e9f50693913d267cbe3b5f2ebfb4b360d75f6 (diff) | |
| download | v-i-476b68437d9ef6aceaf8b17b08f65580642d2c34.tar.gz | |
prepare release
See merge request larswirzenius/v-i!35
| -rw-r--r-- | NEWS.md | 34 | ||||
| -rwxr-xr-x | set-authorized-keys | 31 | ||||
| -rwxr-xr-x | set-user-ca-pubkey | 32 |
3 files changed, 32 insertions, 65 deletions
@@ -1,9 +1,39 @@ # Release notes for v-i -This file summarizes changes between releases of v-i, the vmdb2-based -installer of Debian onto bare metal systems. +This file summarizes user-visible changes between releases of v-i, the +vmdb2-based installer of Debian onto bare metal systems. +# Version 0.2, released 2022-08-07 + +## New or changed features + +* New script `configure-installer` allows configuring an installer + image that has been written to a USB drive or other block device. It + replaced the older `set-authorized-key` script. It adds support for + SSH CA and host host certificates for the installer, and accepting + user certificates for logging into the installer. + +* The tutorial is a little improved and will hopefully be possible to + understand even if you don't already know everything. + +* The installer image now boots a little faster: it now uses + `systemd-networkd` instead of `iupdown` to bring up the network, and + the persistent `journald` system log is disabled. + +* The `/etc/v-i-version` file contains information about the version + of the `v-i` repository used to build the installer image. + +## Bug fixes + +* `ping` now works on the installer. + +## Other notable changes + +* The `rootfs.tar.gz` tarball that used to be included in the + installer image is gone. It wasn't useful for anything but building + an installer image. + # Version 0.1, released 2022-03-06 This is the first release of v-i. It may or may not work for you. It diff --git a/set-authorized-keys b/set-authorized-keys deleted file mode 100755 index 2151bc9..0000000 --- a/set-authorized-keys +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash - -set -eu -o pipefail - -die() { - echo "ERROR: $*" 1>&2 - exit 1 -} - -cleanup() { - umount "$drive" || true - rmdir "$mnt" -} - -trap cleanup EXIT - -drive="$1" -pubkey="$2" - -[ -e "$drive" ] || die "$drive does not exist" -[ -e "$pubkey" ] || die "$pubkey does not exist" - -mnt="$(mktemp -d)" -mount "$drive" "$mnt" -if [ ! -e "$mnt/root/.ssh" ]; then - install -d "$mnt/root/.ssh" -fi - -authz="$mnt/root/.ssh/authorized_keys" -[ ! -e "$authz" ] || die "$authz already exists" -install -m 0600 "$pubkey" "$authz" diff --git a/set-user-ca-pubkey b/set-user-ca-pubkey deleted file mode 100755 index 0bac587..0000000 --- a/set-user-ca-pubkey +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash - -set -eu -o pipefail - -die() { - echo "ERROR: $*" 1>&2 - exit 1 -} - -cleanup() { - umount "$drive" || true - rmdir "$mnt" -} - -trap cleanup EXIT - -drive="$1" -pubkey="$2" - -[ -e "$drive" ] || die "$drive does not exist" -[ -e "$pubkey" ] || die "$pubkey does not exist" - -mnt="$(mktemp -d)" -mount "$drive" "$mnt" - -include="$mnt/etc/ssh/sshd_config.d/userca.conf" -echo "TrustedUserCAKeys /etc/ssh/user_ca_keys" >"$include" -chown root:root "$include" -chmod 0644 "$include" - -cakeys="$mnt/etc/ssh/user_ca_keys" -install -m 0600 "$pubkey" "$cakeys" |