feat: updated defaults

2024-07-15 10:31:04 -05:00
parent 8b39ea1a34
commit 0f46302697
1 changed files with 243 additions and 4 deletions
--- a/builds/linux-storage.pkrvars.hcl.example
+++ b/builds/linux-storage.pkrvars.hcl.example
@@ -2,19 +2,257 @@
    DESCRIPTION:
    Storage variables used for Linux builds.
    - Variables are passed to and used by guest operating system configuration files (e.g., ks.cfg).
+    - Only 1 group can be active (i.e. uncommented) at a time.
+    - Default partition/volume sizing assumes a single 32GB VM disk.
+    - All disk sizes are in MegaBytes (MB).
+    - Use a size value of -1 to use all remaining space on disk.
 */

+/*
+//  This section is an example when you want to build a VM with the BIOS bootloader
+//  using a single partition that consumes the entire VM disk.
+
+// VM Storage Settings
+vm_disk_device     = "vda"
+vm_disk_use_swap   = true
+vm_disk_partitions = [
+  {
+    name = "root"
+    size = -1,
+    format = {
+      label  = "ROOTFS",
+      fstype = "ext4",
+    },
+    mount = {
+      path    = "/",
+      options = "",
+    },
+    volume_group = "",
+  },
+]
+*/
+
+/*
+//  This section is an example when you want to build a VM with the UEFI bootloader
+//  that has the required partitons for UEFI and then a single root partition that
+//  fills up the rest of the space on the VM disk.
+
 // VM EFI Settings
-vm_efi_storage_pool      = "vm-data"
+vm_efi_storage_pool      = "pool0"
 vm_efi_type              = "4m"
 vm_efi_pre_enrolled_keys = false

 // VM Storage Settings
-vm_efi_storage_pool      = "vm-data"
+vm_disk_device     = "vda"
+vm_disk_use_swap   = true
+vm_disk_partitions = [
+  {
+    name = "efi"
+    size = 1024,
+    format = {
+      label  = "EFIFS",
+      fstype = "fat32",
+    },
+    mount = {
+      path    = "/boot/efi",
+      options = "",
+    },
+    volume_group = "",
+  },
+  {
+    name = "boot"
+    size = 1024,
+    format = {
+      label  = "BOOTFS",
+      fstype = "ext4",
+    },
+    mount = {
+      path    = "/boot",
+      options = "",
+    },
+    volume_group = "",
+  },
+  {
+    name = "root"
+    size = -1,
+    format = {
+      label  = "ROOTFS",
+      fstype = "ext4",
+    },
+    mount = {
+      path    = "/",
+      options = "",
+    },
+    volume_group = "",
+  },
+]
+*/
+
+/*
+//  This section is an example when you want to build a VM with the BIOS bootloader
+//  using LVM with a volume layout that follows CIS hardening guidelines.
+
+// VM Storage Settings
+vm_disk_device     = "vda"
+vm_disk_use_swap   = true
+vm_disk_partitions = [
+  {
+    name = "boot"
+    size = 1024,
+    format = {
+      label  = "BOOTFS",
+      fstype = "ext4",
+    },
+    mount = {
+      path    = "/boot",
+      options = "",
+    },
+    volume_group = "",
+  },
+  {
+    name = "sysvg"
+    size = -1,
+    format = {
+      label  = "",
+      fstype = "",
+    },
+    mount = {
+      path    = "",
+      options = "",
+    },
+    volume_group = "sysvg",
+  },
+]
+vm_disk_lvm = [
+  {
+    name: "sysvg",
+    partitions: [
+      {
+        name = "lv_swap",
+        size = 1024,
+        format = {
+          label  = "SWAPFS",
+          fstype = "swap",
+        },
+        mount = {
+          path    = "",
+          options = "",
+        },
+      },
+      {
+        name = "lv_root",
+        size = 10240,
+        format = {
+          label  = "ROOTFS",
+          fstype = "ext4",
+        },
+        mount = {
+          path    = "/",
+          options = "",
+        },
+      },
+      {
+        name = "lv_home",
+        size = 4096,
+        format = {
+          label  = "HOMEFS",
+          fstype = "ext4",
+        },
+        mount = {
+          path    = "/home",
+          options = "nodev,nosuid",
+        },
+      },
+      {
+        name = "lv_opt",
+        size = 2048,
+        format = {
+          label  = "OPTFS",
+          fstype = "ext4",
+        },
+        mount = {
+          path    = "/opt",
+          options = "nodev",
+        },
+      },
+      {
+        name = "lv_tmp",
+        size = 4096,
+        format = {
+          label  = "TMPFS",
+          fstype = "ext4",
+        },
+        mount = {
+          path    = "/tmp",
+          options = "nodev,noexec,nosuid",
+        },
+      },
+      {
+        name = "lv_var",
+        size = 2048,
+        format = {
+          label  = "VARFS",
+          fstype = "ext4",
+        },
+        mount = {
+          path    = "/var",
+          options = "nodev",
+        },
+      },
+      {
+        name = "lv_var_tmp",
+        size = 1000,
+        format = {
+          label  = "VARTMPFS",
+          fstype = "ext4",
+        },
+        mount = {
+          path    = "/var/tmp",
+          options = "nodev,noexec,nosuid",
+        },
+      },
+      {
+        name = "lv_var_log",
+        size = 4096,
+        format = {
+          label  = "VARLOGFS",
+          fstype = "ext4",
+        },
+        mount = {
+          path    = "/var/log",
+          options = "nodev,noexec,nosuid",
+        },
+      },
+      {
+        name = "lv_var_audit",
+        size = 500,
+        format = {
+          label  = "AUDITFS",
+          fstype = "ext4",
+        },
+        mount = {
+          path    = "/var/log/audit",
+          options = "nodev,noexec,nosuid",
+        },
+      },
+    ],
+  }
+]
+*/
+
+/*
+//  This section is an example when you want to build a VM with the EFI firmware
+//  using LVM with a volume layout that follows CIS hardening guidelines.
+
+//   EFI Settings for VM
+//   NOTE: This requires the vm_bios to be set to 'ovmf'!
+
+//VM EFI Settings
+vm_efi_storage_pool      = "pool0"
 vm_efi_type              = "4m"
 vm_efi_pre_enrolled_keys = false

-// VM Storage Settings
+// UEFI VM Storage Settings
 vm_disk_device     = "vda"
 vm_disk_use_swap   = true
 vm_disk_partitions = [
@@ -172,4 +410,5 @@ vm_disk_lvm = [
      },
    ],
  }
-]
+]
+*/