From 0f46302697dc411427438336141f9224159a2ad1 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 15 Jul 2024 10:31:04 -0500 Subject: [PATCH] feat: updated defaults --- builds/linux-storage.pkrvars.hcl.example | 247 ++++++++++++++++++++++- 1 file changed, 243 insertions(+), 4 deletions(-) diff --git a/builds/linux-storage.pkrvars.hcl.example b/builds/linux-storage.pkrvars.hcl.example index 9e223c4..d3eb20a 100644 --- a/builds/linux-storage.pkrvars.hcl.example +++ b/builds/linux-storage.pkrvars.hcl.example @@ -2,19 +2,257 @@ DESCRIPTION: Storage variables used for Linux builds. - Variables are passed to and used by guest operating system configuration files (e.g., ks.cfg). + - Only 1 group can be active (i.e. uncommented) at a time. + - Default partition/volume sizing assumes a single 32GB VM disk. + - All disk sizes are in MegaBytes (MB). + - Use a size value of -1 to use all remaining space on disk. */ +/* +// This section is an example when you want to build a VM with the BIOS bootloader +// using a single partition that consumes the entire VM disk. + +// VM Storage Settings +vm_disk_device = "vda" +vm_disk_use_swap = true +vm_disk_partitions = [ + { + name = "root" + size = -1, + format = { + label = "ROOTFS", + fstype = "ext4", + }, + mount = { + path = "/", + options = "", + }, + volume_group = "", + }, +] +*/ + +/* +// This section is an example when you want to build a VM with the UEFI bootloader +// that has the required partitons for UEFI and then a single root partition that +// fills up the rest of the space on the VM disk. + // VM EFI Settings -vm_efi_storage_pool = "vm-data" +vm_efi_storage_pool = "pool0" vm_efi_type = "4m" vm_efi_pre_enrolled_keys = false // VM Storage Settings -vm_efi_storage_pool = "vm-data" +vm_disk_device = "vda" +vm_disk_use_swap = true +vm_disk_partitions = [ + { + name = "efi" + size = 1024, + format = { + label = "EFIFS", + fstype = "fat32", + }, + mount = { + path = "/boot/efi", + options = "", + }, + volume_group = "", + }, + { + name = "boot" + size = 1024, + format = { + label = "BOOTFS", + fstype = "ext4", + }, + mount = { + path = "/boot", + options = "", + }, + volume_group = "", + }, + { + name = "root" + size = -1, + format = { + label = "ROOTFS", + fstype = "ext4", + }, + mount = { + path = "/", + options = "", + }, + volume_group = "", + }, +] +*/ + +/* +// This section is an example when you want to build a VM with the BIOS bootloader +// using LVM with a volume layout that follows CIS hardening guidelines. + +// VM Storage Settings +vm_disk_device = "vda" +vm_disk_use_swap = true +vm_disk_partitions = [ + { + name = "boot" + size = 1024, + format = { + label = "BOOTFS", + fstype = "ext4", + }, + mount = { + path = "/boot", + options = "", + }, + volume_group = "", + }, + { + name = "sysvg" + size = -1, + format = { + label = "", + fstype = "", + }, + mount = { + path = "", + options = "", + }, + volume_group = "sysvg", + }, +] +vm_disk_lvm = [ + { + name: "sysvg", + partitions: [ + { + name = "lv_swap", + size = 1024, + format = { + label = "SWAPFS", + fstype = "swap", + }, + mount = { + path = "", + options = "", + }, + }, + { + name = "lv_root", + size = 10240, + format = { + label = "ROOTFS", + fstype = "ext4", + }, + mount = { + path = "/", + options = "", + }, + }, + { + name = "lv_home", + size = 4096, + format = { + label = "HOMEFS", + fstype = "ext4", + }, + mount = { + path = "/home", + options = "nodev,nosuid", + }, + }, + { + name = "lv_opt", + size = 2048, + format = { + label = "OPTFS", + fstype = "ext4", + }, + mount = { + path = "/opt", + options = "nodev", + }, + }, + { + name = "lv_tmp", + size = 4096, + format = { + label = "TMPFS", + fstype = "ext4", + }, + mount = { + path = "/tmp", + options = "nodev,noexec,nosuid", + }, + }, + { + name = "lv_var", + size = 2048, + format = { + label = "VARFS", + fstype = "ext4", + }, + mount = { + path = "/var", + options = "nodev", + }, + }, + { + name = "lv_var_tmp", + size = 1000, + format = { + label = "VARTMPFS", + fstype = "ext4", + }, + mount = { + path = "/var/tmp", + options = "nodev,noexec,nosuid", + }, + }, + { + name = "lv_var_log", + size = 4096, + format = { + label = "VARLOGFS", + fstype = "ext4", + }, + mount = { + path = "/var/log", + options = "nodev,noexec,nosuid", + }, + }, + { + name = "lv_var_audit", + size = 500, + format = { + label = "AUDITFS", + fstype = "ext4", + }, + mount = { + path = "/var/log/audit", + options = "nodev,noexec,nosuid", + }, + }, + ], + } +] +*/ + +/* +// This section is an example when you want to build a VM with the EFI firmware +// using LVM with a volume layout that follows CIS hardening guidelines. + +// EFI Settings for VM +// NOTE: This requires the vm_bios to be set to 'ovmf'! + +//VM EFI Settings +vm_efi_storage_pool = "pool0" vm_efi_type = "4m" vm_efi_pre_enrolled_keys = false -// VM Storage Settings +// UEFI VM Storage Settings vm_disk_device = "vda" vm_disk_use_swap = true vm_disk_partitions = [ @@ -172,4 +410,5 @@ vm_disk_lvm = [ }, ], } -] \ No newline at end of file +] +*/ \ No newline at end of file