Draft installiso release

1 files changed, 99 insertions, 0 deletions

diff --git a/_drafts/first-release-of-installiso.md b/_drafts/first-release-of-installiso.md
new file mode 100644
index 0000000..bbaac53
--- /dev/null
+++ b/_drafts/first-release-of-installiso.md
@@ -0,0 +1,99 @@
+---
+title: "First release of installiso"
+description: "A utility to customize OpenBSD installation images for unattended installation."
+published: 2021-07-23
+---
+
+One year ago I [posted](/posts/autoinstall-openbsd-on-qemu/) how to script an unattended installation of OpenBSD on the QEMU virtual machine monitor.
+The script involved ... TODO; essentially because I treated the installation image as a black box.
+Of course, I could have mounted the ISO 9660 image and created a modified image using [`mkisofs(8)`](http://cdrtools.sourceforge.net/private/man/cdrecord/mkisofs.8.html).
+But I didn't know how to insert the [`autoinstall(8)`](https://man.openbsd.org/OpenBSD-6.9/autoinstall) response file into the RAMDISK kernel in the ISO 9660 image.
+That was no surprise -- why would anyone need to change an OpenBSD kernel on Linux.
+
+OpenBSD, on the other hand, includes adequate utilities.
+Thanks to [`vmctl(8)`](https://man.openbsd.org/OpenBSD-6.9/vmctl), [`rdsetroot(8)`](https://man.openbsd.org/OpenBSD-6.9/rdsetroot), and [`mkhybrid(8)`](https://man.openbsd.org/OpenBSD-6.9/mkhybrid), we can modify the ISO 9660 image _and_ the contained RAMDISK kernel.
+The exact process is a bit tedious so I decided to automate it.
+The resulting script is more hacky than pretty but it gets the job done and I found it useful enough to give it a name, `installiso`, and release it today.
+You can download the very first release [here](/files/installiso-0.1.0.tar.gz).
+Feedback appreciated!
+<!-- TODO: Add release tarball -->
+<!-- TODO: Link or embed HTML man page? -->
+
+In the remainder of this post I'll show how I use `installiso` to create custom OpenBSD installation images for unattended -- and possibly offline -- installation.
+As an example, I'll show how to create virtual machines on OpenBSD's own virtual machine monitor, [`vmm(4)`](https://man.openbsd.org/OpenBSD-6.9/vmm).
+
+For starters, we create an [`autoinstall(8)`](https://man.openbsd.org/OpenBSD-6.9/autoinstall) response file.
+Of course, you can skip this step and have the installer mail you the responses recorded during an interactive installation instead.
+
+
+```
+$ cat >install.conf <<EOF
+Change the default console to com0 = yes
+Which speed should com0 use = 115200
+System hostname = openbsd-vm
+DNS domain name = example.com
+Password for root = *************
+Start sshd(8) by default = yes
+Allow root ssh login = no
+Setup a user = $USER
+Full name for user stefan = $( userinfo "$USER" | sed -n 's/^gecos[[:space:]]*\(.*\)$/\1/p' )
+Password for user = *************
+Public ssh key for user = $( cat "$HOME/.ssh/id_rsa.pub" )
+What timezone are you in = UTC
+Location of sets = cd0
+Set name(s) = site*.tgz
+Directory does not contain SHA256.sig. Continue without verification = yes
+EOF
+```
+
+Next, we create a site-specific file set.
+
+```
+$ mkdir -p site
+$ cat >site/install.site <<EOF
+#! /bin/ksh
+
+set -o errexit
+
+# Permit user group wheel to run any command as root
+# without entering their password using doas(1).
+echo "permit nopass keepenv :wheel" > /etc/doas.conf
+
+# Install packages.
+#echo "pkg_add sqlite3" >> /etc/rc.firsttime
+
+# Patch the base system.
+#echo "syspatch && shutdown -r now" >> /etc/rc.firsttime
+EOF
+```
+
+Now we're ready to create the custom installation image using `installiso`.
+First, we download and verify the latest development snapshot.
+You can also specify the mirror, a specific release, and the [`signify(1)`](https://man.openbsd.org/OpenBSD-6.9/signify) public key if you like.
+Then, we insert the prepared response file and file set into the image[^tmpdir].
+
+    $ installiso -v fetch -o snapshot.iso
+    $ doas installiso -v \
+        patch -i install.conf -s site snapshot.iso custom.iso
+
+Finally, we start a virtual machine off a new disk image and the custom installation image.
+
+    $ vmctl create -s 10G disk.qcow2
+    $ doas vmctl start -c -d disk.qcow2 -m 512M \
+        -i 1 -L -r custom.iso tmp
+
+<!-- TODO: Note vmctl (network) preconditions -->
+
+Once the unattended installation completed, we can log in:
+
+    $ ssh \
+        -o "StrictHostKeyChecking no" \
+        -o "UserKnownHostsFile /dev/null" \
+        100.64.1.3
+
+[^tmpdir]:
+The `installiso` utility may fail due to not enough space in `/tmp`.
+If so, you can set the `TMPDIR` environment variable of [`mktemp(1)`](https://man.openbsd.org/OpenBSD-6.9/mktemp).
+Remember that [`doas(1)`](https://man.openbsd.org/OpenBSD-6.9/doas) creates a new environment by default, though.
+You can either configure `doas(1)` to keep the `TMPDIR`, or you execute a shell:
+`doas sh -c 'TMPDIR=/path/to/tmp installiso patch ...'`.