ova: fix swap, auto-launch setup wizard, add password change step

- Replace direct storage layout with explicit partitioning (no swap)
- Setup wizard now auto-launches on TTY1 via getty override instead
  of a separate systemd service that competed with console output
- Add step 1/7: prompt user to change default zroc password on first boot
- Update Makefile for QEMU-based build (was referencing old ovftool flow)
- Add backend package-lock.json for Docker build

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Justin
2026-04-13 09:59:17 -04:00
parent 8b146bc340
commit 79c025430e
6 changed files with 2188 additions and 95 deletions
+25 -8
View File
@@ -30,8 +30,23 @@ cat << 'BANNER'
BANNER
echo -e "${RESET}"
# Step 1: Network
step "1/6 Network Configuration"
# Step 0: Change default zroc password
step "1/7 Change Appliance Password"
echo "The default 'zroc' user password must be changed."
while true; do
read -rsp "New password for 'zroc' (min 8 chars): " NEW_PW; echo
read -rsp "Confirm password: " NEW_PW2; echo
if [[ "$NEW_PW" != "$NEW_PW2" ]]; then err "Passwords do not match.";
elif [[ ${#NEW_PW} -lt 8 ]]; then err "Password must be at least 8 characters.";
else
echo "zroc:$NEW_PW" | chpasswd
ok "Appliance password changed"
break
fi
done
# Step 2: Network
step "2/7 Network Configuration"
CURRENT_IP=$(hostname -I | awk '{print $1}')
echo "Current IP: ${BOLD}$CURRENT_IP${RESET} (DHCP)"
read -rp "Keep DHCP? [Y/n]: " NET_CHOICE
@@ -40,13 +55,13 @@ PUBLIC_URL="https://$CURRENT_IP"
ok "Using $CURRENT_IP"
# Step 2: TLS
step "2/6 HTTPS / TLS Certificate"
step "3/7 HTTPS / TLS Certificate"
echo "Using self-signed certificate (default)"
TLS_MODE="internal"
ok "Self-signed certificate will be generated by Caddy"
# Step 3: Admin password
step "3/6 zROC Admin Account"
step "4/7 zROC Admin Account"
while true; do
read -rsp "Admin password (min 12 chars): " ADMIN_PASS; echo
read -rsp "Confirm password: " ADMIN_PASS2; echo
@@ -56,18 +71,18 @@ while true; do
done
# Step 4: ZVM Site 1
step "4/6 Zerto ZVM Configuration — Site 1"
step "5/7 Zerto ZVM Configuration — Site 1"
read -rp "ZVM Hostname or IP: " ZVM_HOST
read -rp "ZVM Username [admin]: " ZVM_USER; ZVM_USER="${ZVM_USER:-admin}"
read -rsp "ZVM Password: " ZVM_PASS; echo
read -rp "vCenter Hostname (optional): " VCENTER_HOST
# Step 5: Second site
step "5/6 Second ZVM Site (optional)"
step "6/7 Second ZVM Site (optional)"
read -rp "Monitor a second site? [y/N]: " SITE2; SITE2="${SITE2:-N}"
# Step 6: Enterprise IdP
step "6/6 Enterprise Identity Provider (optional)"
step "7/7 Enterprise Identity Provider (optional)"
echo "Using local Authentik accounts (default)"
# Generate secrets
@@ -105,7 +120,9 @@ echo "Starting zROC services..."
cd "$INSTALL_DIR"
docker compose up -d 2>&1 | tail -20
systemctl disable zroc-firstboot.service 2>/dev/null || true
# Remove the getty override so normal login resumes after reboot
rm -f /etc/systemd/system/getty@tty1.service.d/zroc-firstboot.conf
systemctl daemon-reload
echo -e "${GREEN}${BOLD}"
echo " ✅ zROC is ready!"