From f50e97c88f2f3f5b1ae700389bc197d2f3a5a9ab Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 10 Jun 2024 23:03:17 -0500 Subject: [PATCH 01/72] feat: added build for Ubuntu 24.04 --- ansible/roles/configure/tasks/ubuntu.yml | 15 +- build.sh | 87 ++++- .../ubuntu/22-04-lts/linux-ubuntu.pkr.hcl | 2 +- builds/linux/ubuntu/24-04-lts/data/meta-data | 0 .../ubuntu/24-04-lts/data/storage.pkrtpl.hcl | 109 +++++++ .../24-04-lts/data/user-data.pkrtpl.hcl | 27 ++ .../24-04-lts/linux-ubuntu.auto.pkrvars.hcl | 45 +++ .../ubuntu/24-04-lts/linux-ubuntu.pkr.hcl | 198 ++++++++++++ .../24-04-lts/variables-storage.pkr.hcl | 53 ++++ .../linux/ubuntu/24-04-lts/variables.pkr.hcl | 297 ++++++++++++++++++ 10 files changed, 815 insertions(+), 18 deletions(-) create mode 100644 builds/linux/ubuntu/24-04-lts/data/meta-data create mode 100644 builds/linux/ubuntu/24-04-lts/data/storage.pkrtpl.hcl create mode 100644 builds/linux/ubuntu/24-04-lts/data/user-data.pkrtpl.hcl create mode 100644 builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl create mode 100644 builds/linux/ubuntu/24-04-lts/linux-ubuntu.pkr.hcl create mode 100644 builds/linux/ubuntu/24-04-lts/variables-storage.pkr.hcl create mode 100644 builds/linux/ubuntu/24-04-lts/variables.pkr.hcl diff --git a/ansible/roles/configure/tasks/ubuntu.yml b/ansible/roles/configure/tasks/ubuntu.yml index 972b925..dad1976 100644 --- a/ansible/roles/configure/tasks/ubuntu.yml +++ b/ansible/roles/configure/tasks/ubuntu.yml @@ -2,9 +2,11 @@ - name: "Configure SSH for Public Key Authentication" shell: | sudo sed -i 's/.*PubkeyAuthentication.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config -- name: "Restarting the SSH daemon." - shell: | - sudo systemctl restart sshd + +- name: Restarting the SSH daemon + ansible.builtin.service: + name: ssh + state: restarted - name: Remove cloud-init files ansible.builtin.file: @@ -18,7 +20,7 @@ - /etc/netplan/00-installer-config.yaml when: - cloud_init | bool - - ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" + - ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" or ansible_distribution_version == "24.04" - name: Disable cloud-init if configured to block: @@ -38,7 +40,7 @@ - 'etc_cloud_folder.stat.exists' when: - not cloud_init | bool - - ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" + - ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" or ansible_distribution_version == "24.04" - name: Copy cloud-init PVE default file ansible.builtin.copy: @@ -51,7 +53,7 @@ shell: | sed -i -e "s/GRUB_CMDLINE_LINUX_DEFAULT=\"\(.*\)\"/GRUB_CMDLINE_LINUX_DEFAULT=\"\"/" /etc/default/grub update-grub - when: ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" + when: ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" or ansible_distribution_version == "24.04" - name: Creating SSH key regeneration service file ansible.builtin.copy: @@ -84,4 +86,3 @@ enabled: true when: not cloud_init | bool -... diff --git a/build.sh b/build.sh index 5f3723c..8126713 100755 --- a/build.sh +++ b/build.sh @@ -258,6 +258,69 @@ menu_option_8() { } menu_option_9() { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/24-04-lts/ + echo -e "\nCONFIRM: Build a Ubuntu Server 24.04 LTS Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a Ubuntu Server 24.04 LTS Template for Proxmox. ### + echo "Building a Ubuntu Server 24.04 LTS Template for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_10() { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/24-04-lts/ + echo -e "\nCONFIRM: Build a Ubuntu Server 24.04 LTS (cloud-init) Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a Ubuntu Server 24.04 LTS Template for Proxmox. ### + echo "Building a Ubuntu Server 24.04 LTS (cloud-init) Template for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var "vm_cloud_init_enable=true" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_11() { INPUT_PATH="$SCRIPT_PATH"/builds/linux/opensuse/leap-15-5/ echo -e "\nCONFIRM: Build a OpenSUSE Leap 15.5 Template for Proxmox?" echo -e "\nContinue? (y/n)" @@ -328,7 +391,9 @@ until [ "$selection" = "0" ]; do echo " 6 - Ubuntu Server 20.04 LTS (cloud-init)" echo " 7 - Ubuntu Server 22.04 LTS" echo " 8 - Ubuntu Server 22.04 LTS (cloud-init)" - echo " 9 - OpenSUSE Leap 15.5" + echo " 9 - Ubuntu Server 24.04 LTS" + echo " 10 - Ubuntu Server 24.04 LTS (cloud-init)" + echo " 11 - OpenSUSE Leap 15.5" echo "" echo " Other:" echo "" @@ -338,15 +403,17 @@ until [ "$selection" = "0" ]; do read -r selection echo "" case $selection in - 1 ) clear ; menu_option_1 ; press_enter ;; - 2 ) clear ; menu_option_2 ; press_enter ;; - 3 ) clear ; menu_option_3 ; press_enter ;; - 4 ) clear ; menu_option_4 ; press_enter ;; - 5 ) clear ; menu_option_5 ; press_enter ;; - 6 ) clear ; menu_option_6 ; press_enter ;; - 7 ) clear ; menu_option_7 ; press_enter ;; - 8 ) clear ; menu_option_8 ; press_enter ;; - 9 ) clear ; menu_option_9 ; press_enter ;; + 1 ) clear ; menu_option_1 ; press_enter ;; + 2 ) clear ; menu_option_2 ; press_enter ;; + 3 ) clear ; menu_option_3 ; press_enter ;; + 4 ) clear ; menu_option_4 ; press_enter ;; + 5 ) clear ; menu_option_5 ; press_enter ;; + 6 ) clear ; menu_option_6 ; press_enter ;; + 7 ) clear ; menu_option_7 ; press_enter ;; + 8 ) clear ; menu_option_8 ; press_enter ;; + 9 ) clear ; menu_option_9 ; press_enter ;; + 10) clear ; menu_option_10 ; press_enter ;; + 11) clear ; menu_option_11 ; press_enter ;; [Ii] ) clear ; info ; press_enter ;; [Qq] ) clear ; exit ;; * ) clear ; incorrect_selection ; press_enter ;; diff --git a/builds/linux/ubuntu/22-04-lts/linux-ubuntu.pkr.hcl b/builds/linux/ubuntu/22-04-lts/linux-ubuntu.pkr.hcl index b2fc263..5534ef5 100644 --- a/builds/linux/ubuntu/22-04-lts/linux-ubuntu.pkr.hcl +++ b/builds/linux/ubuntu/22-04-lts/linux-ubuntu.pkr.hcl @@ -1,6 +1,6 @@ /* DESCRIPTION: - Ubuntu Server 22.04 LTS template using the Packer Builder for VMware vSphere (vsphere-iso). + Ubuntu Server 22.04 LTS template using the Packer Builder for Proxmox (proxmox-iso). */ // BLOCK: packer diff --git a/builds/linux/ubuntu/24-04-lts/data/meta-data b/builds/linux/ubuntu/24-04-lts/data/meta-data new file mode 100644 index 0000000..e69de29 diff --git a/builds/linux/ubuntu/24-04-lts/data/storage.pkrtpl.hcl b/builds/linux/ubuntu/24-04-lts/data/storage.pkrtpl.hcl new file mode 100644 index 0000000..07a1371 --- /dev/null +++ b/builds/linux/ubuntu/24-04-lts/data/storage.pkrtpl.hcl @@ -0,0 +1,109 @@ +%{~ if length(partitions) == 1 && partitions[0].name == "autopart" ~} + %{~ if partitions[0].format.fstype == "lvm" ~} + storage: + layout: + name: lvm + %{~ endif ~} + %{~ if partitions[0].format.fstype == "simple" ~} + storage: + layout: + name: direct + %{~ endif ~} + %{~ if partitions[0].format.fstype == "" ~} + storage: + layout: + name: direct + %{~ endif ~} +%{~ else ~} + storage: + config: + - ptable: gpt + path: /dev/${device} + wipe: superblock + preserve: false + name: '' +%{ if vm_bios == "ovmf" ~} + grub_device: false +%{ endif ~} +%{ if vm_bios == "seabios" ~} + grub_device: true +%{ endif ~} + type: disk + id: disk-${device} +# BIOS boot partition +%{ for index, partition in partitions ~} + - device: disk-${device} +%{ if partition.size != -1 ~} + size: ${partition.size}M +%{ else ~} + size: ${partition.size} +%{ endif ~} + wipe: superblock + preserve: false +%{ if partition.name == "bios_grub" && vm_bios == "seabios" && index == 0 ~} + flag: bios_grub + grub_device: false +%{ endif ~} +%{ if partition.mount.path == "/boot/efi" && index == 0 ~} + flag: boot + grub_device: true +%{ endif ~} + type: partition + id: partition-${partition.name} +%{ if partition.format.fstype != "" ~} + - id: format-${partition.name} + type: format + volume: partition-${partition.name} + label: ${partition.format.label} + fstype: ${partition.format.fstype} +%{ endif ~} +# Don't create a mount for the GRUB partition when using BIOS +%{ if partition.volume_group == "" && partition.name != "bios_grub" ~} + - id: mount-${partition.name} + type: mount +%{ if partition.mount.path == "" ~} + path: none +%{ else ~} + path: ${partition.mount.path} +%{ endif ~} + device: format-${partition.name} +%{ if partition.mount.options != "" ~} + options: ${partition.mount.options} +%{ endif ~} +%{ endif ~} +%{ endfor ~} +%{ for index, volume_group in lvm ~} + - id: volgroup-${volume_group.name} + type: lvm_volgroup + name: ${volume_group.name} + devices: +%{ for index, partition in partitions ~} +%{ if lookup(partition, "volume_group", "") == volume_group.name ~} + - partition-${partition.name} +%{ endif ~} +%{ endfor ~} +%{ for index, partition in volume_group.partitions ~} + - id: partition-${partition.name} + type: lvm_partition + name: ${partition.name} + size: ${partition.size}M + volgroup: volgroup-${volume_group.name} + - id: format-${partition.name} + type: format + volume: partition-${partition.name} + label: ${partition.format.label} + fstype: ${partition.format.fstype} + - id: mount-${partition.name} + type: mount +%{ if partition.mount.path == "" ~} + path: none +%{ else ~} + path: ${partition.mount.path} +%{ endif ~} + device: format-${partition.name} +%{ if partition.mount.options != "" ~} + options: ${partition.mount.options} +%{ endif ~} +%{ endfor ~} +%{ endfor ~} +%{~ endif ~} \ No newline at end of file diff --git a/builds/linux/ubuntu/24-04-lts/data/user-data.pkrtpl.hcl b/builds/linux/ubuntu/24-04-lts/data/user-data.pkrtpl.hcl new file mode 100644 index 0000000..1b44a10 --- /dev/null +++ b/builds/linux/ubuntu/24-04-lts/data/user-data.pkrtpl.hcl @@ -0,0 +1,27 @@ +#cloud-config +autoinstall: + version: 1 + early-commands: + - sudo systemctl stop ssh + locale: ${vm_os_language} + keyboard: + layout: ${vm_os_keyboard} +${storage} + identity: + hostname: ubuntu-server + username: ${build_username} + password: ${build_password_encrypted} + ssh: + install-server: true + allow-pw: true + packages: + - openssh-server + - qemu-guest-agent + - cloud-init + user-data: + disable_root: false + timezone: ${vm_os_timezone} + late-commands: + - sed -i -e 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /target/etc/ssh/sshd_config + - echo '${build_username} ALL=(ALL) NOPASSWD:ALL' > /target/etc/sudoers.d/${build_username} + - curtin in-target --target=/target -- chmod 440 /etc/sudoers.d/${build_username} diff --git a/builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl b/builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl new file mode 100644 index 0000000..6566d96 --- /dev/null +++ b/builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl @@ -0,0 +1,45 @@ +/* + DESCRIPTION: + Ubuntu Server 24.04 LTS variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// Guest Operating System Metadata +vm_os_language = "en_US" +vm_os_keyboard = "us" +vm_os_timezone = "UTC" +vm_os_family = "linux" +vm_os_name = "ubuntu" +vm_os_version = "24.04-lts" + +// Virtual Machine Guest Operating System Setting +vm_os_type = "l26" + +// Virtual Machine Hardware Settings +vm_bios = "seabios" +vm_cpu_count = 1 +vm_cpu_sockets = 1 +vm_cpu_type = "kvm64" +vm_mem_size = 2048 +vm_disk_type = "virtio" +vm_disk_size = "32G" +vm_disk_format = "raw" +vm_storage_pool = "vm-data" +vm_disk_controller_type = "virtio-scsi-pci" +vm_network_card_model = "virtio" +vm_bridge_interface = "vmbr0" +vm_vlan_tag = "102" + +// Removable Media Settings +iso_path = "iso" +iso_file = "ubuntu-24.04-live-server-amd64.iso" +iso_checksum = "8762f7e74e4d64d72fceb5f70682e6b069932deedb4949c6975d0f0fe0a91be3" + +// Boot Settings +vm_boot = "order=virtio0;ide2;net0" +vm_boot_wait = "5s" + +// EFI Settings +vm_firmware_path = "./OVMF.fd" +vm_efi_storage_pool = "vm-data" +vm_efi_pre_enrolled_keys = false +vm_efi_type = "4m" diff --git a/builds/linux/ubuntu/24-04-lts/linux-ubuntu.pkr.hcl b/builds/linux/ubuntu/24-04-lts/linux-ubuntu.pkr.hcl new file mode 100644 index 0000000..b85f281 --- /dev/null +++ b/builds/linux/ubuntu/24-04-lts/linux-ubuntu.pkr.hcl @@ -0,0 +1,198 @@ +/* + DESCRIPTION: + Ubuntu Server 24.04 LTS template using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: packer +// The Packer configuration. + +packer { + required_version = ">= 1.9.1" + required_plugins { + ansible = { + source = "github.com/hashicorp/ansible" + version = "~> 1" + } + git = { + version = ">= 0.4.2" + source = "github.com/ethanmdavidson/git" + } + proxmox = { + version = ">= 1.0.6" + source = "github.com/hashicorp/proxmox" + } + } +} + +// BLOCK: data +// Defines the data sources. + +data "git-repository" "cwd" {} + +// BLOCK: locals +// Defines the local variables. + +locals { + build_by = "Built by: HashiCorp Packer ${packer.version}" + build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) + build_version = data.git-repository.cwd.head + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" + manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) + manifest_path = "${path.cwd}/manifests/" + manifest_output = "${local.manifest_path}${local.manifest_date}.json" + data_source_content = { + "/meta-data" = file("${abspath(path.root)}/data/meta-data") + "/user-data" = templatefile("${abspath(path.root)}/data/user-data.pkrtpl.hcl", { + build_username = var.build_username + build_password = var.build_password + build_password_encrypted = var.build_password_encrypted + vm_disk_type = local.vm_disk_type + vm_os_language = var.vm_os_language + vm_os_keyboard = var.vm_os_keyboard + vm_os_timezone = var.vm_os_timezone + storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { + device = var.vm_disk_device + swap = var.vm_disk_use_swap + partitions = var.vm_disk_partitions + lvm = var.vm_disk_lvm + vm_bios = var.vm_bios + }) + }) + } + data_source_command = var.common_data_source == "http" ? "ds=\"nocloud-net;seedfrom=http://{{.HTTPIP}}:{{.HTTPPort}}/\"" : "ds=\"nocloud\"" + vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null +} + +// BLOCK: source +// Defines the builder configuration blocks. + +source "proxmox-iso" "ubuntu" { + + // Proxmox Connection Settings and Credentials + proxmox_url = "https://${var.proxmox_hostname}:8006/api2/json" + username = "${var.proxmox_api_token_id}" + token = "${var.proxmox_api_token_secret}" + insecure_skip_tls_verify = "${var.proxmox_insecure_connection}" + + // Proxmox Settings + node = "${var.proxmox_node}" + + // Virtual Machine Settings + vm_name = "${local.vm_name}" + bios = "${var.vm_bios}" + sockets = "${var.vm_cpu_sockets}" + cores = "${var.vm_cpu_count}" + cpu_type = "${var.vm_cpu_type}" + memory = "${var.vm_mem_size}" + os = "${var.vm_os_type}" + scsi_controller = "${var.vm_disk_controller_type}" + disks { + disk_size = "${var.vm_disk_size}" + type = "${var.vm_disk_type}" + storage_pool = "${var.vm_storage_pool}" + format = "${var.vm_disk_format}" + } + dynamic "efi_config" { + for_each = var.vm_bios == "ovmf" ? [1] : [] + content { + efi_storage_pool = var.vm_bios == "ovmf" ? var.vm_efi_storage_pool : null + efi_type = var.vm_bios == "ovmf" ? var.vm_efi_type : null + pre_enrolled_keys = var.vm_bios == "ovmf" ? var.vm_efi_pre_enrolled_keys : null + } + } + unmount_iso = true + ssh_username = "${var.build_username}" + ssh_password = "${var.build_password}" + ssh_timeout = "${var.timeout}" + ssh_port = "22" + iso_file = "${var.common_iso_storage}:${var.iso_path}/${var.iso_file}" + iso_checksum = "${var.iso_checksum}" + qemu_agent = true + + network_adapters { + bridge = "${var.vm_bridge_interface}" + model = "${var.vm_network_card_model}" + vlan_tag = "${var.vm_vlan_tag}" + } + + // Removable Media Settings + http_content = "${var.common_data_source}" == "http" ? "${local.data_source_content}" : null + + // Boot and Provisioning Settings + http_bind_address = var.common_data_source == "http" ? var.common_http_bind_address : null + http_port_min = var.common_data_source == "http" ? var.common_http_port_min : null + http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null + boot = var.vm_boot + boot_wait = var.vm_boot_wait + boot_command = [ + "c", + "linux /casper/vmlinuz --- autoinstall ${local.data_source_command}", + "", + "initrd /casper/initrd", + "", + "boot", + "" + ] + + dynamic "additional_iso_files" { + for_each = var.common_data_source == "disk" ? [1] : [] + content { + cd_files = var.common_data_source == "disk" ? local.data_source_content : null + cd_label = var.common_data_source == "disk" ? "cidata" : null + iso_storage_pool = var.common_data_source == "disk" ? "local" : null + } + } + + template_name = "${local.vm_name}" + template_description = "${local.build_description}" + + # VM Cloud Init Settings + cloud_init = var.vm_cloud_init_enable + cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + +} + +# Build Definition to create the VM Template +build { + sources = ["source.proxmox-iso.ubuntu"] + + provisioner "ansible" { + user = "${var.build_username}" + playbook_file = "${path.cwd}/ansible/main.yml" + roles_path = "${path.cwd}/ansible/roles" + ansible_env_vars = [ + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" + ] + extra_arguments = [ + "--extra-vars", "display_skipped_hosts=false", + "--extra-vars", "BUILD_USERNAME=${var.build_username}", + "--extra-vars", "BUILD_SECRET='${var.build_key}'", + "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", + "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", + "--extra-vars", "cloud_init='${var.vm_cloud_init_enable}'", + ] + } + + post-processor "manifest" { + output = local.manifest_output + strip_path = true + strip_time = true + custom_data = { + ansible_username = "${var.ansible_username}" + build_username = "${var.build_username}" + build_date = "${local.build_date}" + build_version = "${local.build_version}" + common_data_source = "${var.common_data_source}" + vm_cpu_sockets = "${var.vm_cpu_sockets}" + vm_cpu_count = "${var.vm_cpu_count}" + vm_disk_size = "${var.vm_disk_size}" + vm_bios = "${var.vm_bios}" + vm_os_type = "${var.vm_os_type}" + vm_mem_size = "${var.vm_mem_size}" + vm_network_card_model = "${var.vm_network_card_model}" + vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + } + } +} diff --git a/builds/linux/ubuntu/24-04-lts/variables-storage.pkr.hcl b/builds/linux/ubuntu/24-04-lts/variables-storage.pkr.hcl new file mode 100644 index 0000000..bcfe8df --- /dev/null +++ b/builds/linux/ubuntu/24-04-lts/variables-storage.pkr.hcl @@ -0,0 +1,53 @@ +/* + DESCRIPTION: + Ubuntu Server 24.04 LTS storage variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Storage Settings + +variable "vm_disk_device" { + type = string + description = "The device for the virtual disk. (e.g. 'sda')" +} + +variable "vm_disk_use_swap" { + type = bool + description = "Whether to use a swap partition." +} + +variable "vm_disk_partitions" { + type = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + volume_group = string + })) + description = "The disk partitions for the virtual disk." +} + +variable "vm_disk_lvm" { + type = list(object({ + name = string + partitions = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + })) + })) + description = "The LVM configuration for the virtual disk." + default = [] +} diff --git a/builds/linux/ubuntu/24-04-lts/variables.pkr.hcl b/builds/linux/ubuntu/24-04-lts/variables.pkr.hcl new file mode 100644 index 0000000..70c3be2 --- /dev/null +++ b/builds/linux/ubuntu/24-04-lts/variables.pkr.hcl @@ -0,0 +1,297 @@ +/* + DESCRIPTION: + Ubuntu Server 24.04 LTS variables using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: variable +// Defines the input variables. + +// Proxmox Credentials + +variable "proxmox_hostname" { + type = string + description = "The FQDN or IP address of a Proxmox node. Only one node should be specified in a cluster." +} + +variable "proxmox_api_token_id" { + type = string + description = "The token to login to the Proxmox node/cluster. The format is USER@REALM!TOKENID. (e.g. packer@pam!packer_pve_token)" +} + +variable "proxmox_api_token_secret" { + type = string + description = "The secret for the API token used to login to the Proxmox API." +# sensitive = true +} + +variable "proxmox_insecure_connection" { + description = "true/false to skip Proxmox TLS certificate checks." + type = bool + default = true +} + +// Proxmox Settings + +variable "proxmox_node" { + type = string + description = "The name of the Proxmox node that Packer will build templates on." +} + +// Virtual Machine Settings + +variable "vm_os_language" { + type = string + description = "The guest operating system language." + default = "en_US" +} + +variable "vm_os_keyboard" { + type = string + description = "The guest operating system keyboard layout." + default = "us" +} + +variable "vm_os_timezone" { + type = string + description = "The guest operating system timezone." + default = "UTC" +} + +variable "vm_os_family" { + type = string + description = "The guest operating system family. Used for naming. (e.g. 'linux')" +} + +variable "vm_os_name" { + type = string + description = "The guest operating system name. Used for naming. (e.g. 'ubuntu')" +} + +variable "vm_os_version" { + type = string + description = "The guest operating system version. Used for naming. (e.g. '22-04-lts')" +} + +variable "vm_os_type" { + type = string + description = "The guest operating system type. (e.g. 'l26')" +} + +variable "vm_bios" { + type = string + description = "The firmware type. Allowed values 'ovmf' or 'seabios'" + default = "OVMF" + + validation { + condition = contains(["ovmf", "seabios"], var.vm_bios) + error_message = "The vm_bios value must be 'ovmf' or 'seabios'." + } +} + +variable "vm_firmware_path" { + type = string + description = "The firmware file to be used. Needed for EFI" + default = "/usr/share/ovmf/OVMF.fd" +} + +variable "vm_efi_storage_pool" { + type = string + description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" +} + +variable "vm_efi_type" { + type = string + description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" +} + +variable "vm_efi_pre_enrolled_keys" { + type = bool + description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" +} + +variable "vm_cpu_count" { + type = number + description = "The number of virtual CPUs. (e.g. '2')" +} + +variable "vm_cpu_sockets" { + type = number + description = "The number of virtual CPU sockets. (e.g. '1')" +} + +variable "vm_cpu_type" { + type = string + description = "The CPU type to emulate. See the Proxmox API documentation for the complete list of accepted values. For best performance, set this to host. Defaults to kvm64." +} + +variable "vm_mem_size" { + type = number + description = "The size for the virtual memory in MB. (e.g. '2048')" +} + +variable "vm_disk_controller_type" { + type = string + description = "The SCSI controller model to emulate. (e.g. 'virtio-scsi-pci')" +} + +variable "vm_disk_type" { + type = string + description = "The type of disk to emulate. (e.g. 'virtio')" +} + +variable "vm_storage_pool" { + type = string + description = "The name of the Proxmox storage pool to store the VM template. (e.g. 'local-lvm')" +} + +variable "vm_disk_size" { + type = string + description = "The size for the virtual disk in GB. (e.g. '32G')" +} + +variable "vm_disk_format" { + type = string + description = "The format of the file backing the disk. (e.g. 'qcow2')" +} + +variable "vm_network_card_model" { + type = string + description = "The model of the virtual network adapter to emulate. (e.g. 'virtio')" +} + +variable "vm_bridge_interface" { + type = string + description = "The name of the Proxmox bridge to attach the adapter to." +} + +variable "vm_vlan_tag" { + type = string + description = "If the adapter should tag packets, give the VLAN ID. (e.g. '102')" +} + +// Cloud-Init Settings + +variable "vm_cloud_init_enable" { + type = bool + description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" + default = false +} + +// Removable Media Settings + +variable "common_iso_storage" { + type = string + description = "The name of the source Proxmox storage location for ISO images. (e.g. 'local-lvm')" +} + +variable "iso_path" { + type = string + description = "The path on the source Proxmox storage location for ISO images. (e.g. 'iso')" +} + +variable "iso_file" { + type = string + description = "The file name of the ISO image used by the vendor. (e.g. 'ubuntu--live-server-amd64.iso')" +} + +variable "iso_checksum" { + type = string + description = "The checksum value of the ISO image provided by the vendor." +} + +// Boot Settings + +variable "common_data_source" { + type = string + description = "The provisioning data source. (e.g. 'http' or 'disk')" +} + +variable "common_http_bind_address" { + type = string + description = "Define an IP address on the host to use for the HTTP server." + default = null +} + +variable "common_http_port_min" { + type = number + description = "The start of the HTTP port range." +} + +variable "common_http_port_max" { + type = number + description = "The end of the HTTP port range." +} + +variable "vm_boot" { + type = string + description = "The boot order for virtual machine devices. (e.g. 'order=virtio0;ide2;net0')" +} + +variable "vm_boot_wait" { + type = string + description = "The time to wait after booting the initial VM before typing the boot_command (e.g '10s')" +} + +variable "common_ip_wait_timeout" { + type = string + description = "Time to wait for guest operating system IP address response." +} + +variable "common_shutdown_timeout" { + type = string + description = "Time to wait for guest operating system shutdown." +} + +// Communicator Settings and Credentials + +variable "build_username" { + type = string + description = "The username to login to the guest operating system. (e.g. 'ubuntu')" +# sensitive = true +} + +variable "build_password" { + type = string + description = "The password to login to the guest operating system." +# sensitive = true +} + +variable "build_password_encrypted" { + type = string + description = "The encrypted password to login to the guest operating system." +# sensitive = true +} + +variable "build_key" { + type = string + description = "The SSH public key to login to the guest operating system." +# sensitive = true +} + +variable "timeout" { + description = "not sure why I need so high a timeout but here we are" + default = "90m" +} + +// Ansible Credentials + +variable "ansible_username" { + type = string + description = "The username for Ansible to login to the guest operating system. (e.g. 'ansible')" +# sensitive = true +} + +variable "ansible_key" { + type = string + description = "The public key for Ansible to login to the guest operating system." +# sensitive = true +} + +// HCP Packer Settings + +variable "common_hcp_packer_registry_enabled" { + type = bool + description = "Enable the HCP Packer registry." + default = false +} + From b2dcc40838de2ff1da2cf7fb9d58f288900a325f Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Tue, 11 Jun 2024 22:34:57 -0500 Subject: [PATCH 02/72] feat: improve ansible playbooks and config --- ansible/ansible.cfg | 1 + ansible/main.yml | 4 +-- ansible/roles/base/tasks/debian.yml | 26 ++++++++--------- ansible/roles/base/tasks/redhat.yml | 44 ++++++++--------------------- ansible/roles/base/tasks/ubuntu.yml | 7 +---- ansible/roles/base/vars/main.yml | 20 +++++++++++++ 6 files changed, 46 insertions(+), 56 deletions(-) create mode 100644 ansible/roles/base/vars/main.yml diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg index fd5cf75..3a958ad 100644 --- a/ansible/ansible.cfg +++ b/ansible/ansible.cfg @@ -1,4 +1,5 @@ [defaults] +stdout_callback = default display_skipped_hosts = false ansible_python_interpreter = /usr/bin/python3 diff --git a/ansible/main.yml b/ansible/main.yml index b218398..8ec4951 100644 --- a/ansible/main.yml +++ b/ansible/main.yml @@ -1,8 +1,8 @@ --- -- become: "yes" +- become: true become_method: sudo debugger: never - gather_facts: "yes" + gather_facts: true hosts: all roles: - base diff --git a/ansible/roles/base/tasks/debian.yml b/ansible/roles/base/tasks/debian.yml index 4f88c25..5314222 100644 --- a/ansible/roles/base/tasks/debian.yml +++ b/ansible/roles/base/tasks/debian.yml @@ -1,17 +1,13 @@ --- -- name: "Updating the guest operating system." - apt: - force_apt_get: true - name: "*" - state: latest # noqa package-latest - update_cache: "yes" +- block: + - name: "Updating the guest operating system." + ansible.builtin.apt: + force_apt_get: true + name: "*" + state: latest # noqa package-latest + update_cache: "yes" -- name: "Installing additional packages." - apt: - name: - - bash-completion - - curl - - wget - - unzip - - ca-certificates - state: latest # noqa package-latest + - name: "Installing additional packages." + ansible.builtin.apt: + name: "{{ additional_packages[ansible_os_family] }}" + state: latest # noqa package-latest diff --git a/ansible/roles/base/tasks/redhat.yml b/ansible/roles/base/tasks/redhat.yml index bebfa01..c2b27f5 100644 --- a/ansible/roles/base/tasks/redhat.yml +++ b/ansible/roles/base/tasks/redhat.yml @@ -4,38 +4,16 @@ ansible.builtin.shell: "subscription-manager refresh" when: "ansible_facts['distribution'] == 'RedHat'" -- name: "Updating the guest operating system." - ansible.builtin.dnf: - name: "*" - state: latest # noqa package-latest - update_cache: "yes" - when: "ansible_facts['distribution_major_version'] >= \"8\"" +- block: + - name: "Updating the guest operating system." + ansible.builtin.dnf: + name: "*" + state: latest # noqa package-latest + update_cache: "yes" -- name: "Installing additional packages." - ansible.builtin.dnf: - name: - - curl - - wget - - unzip - - ca-certificates - state: latest # noqa package-latest - when: "ansible_facts['distribution_major_version'] >= \"8\"" + - name: "Installing additional packages." + ansible.builtin.dnf: + name: "{{ additional_packages[ansible_os_family] }}" + state: latest # noqa package-latest + when: ansible_distribution_major_version | int > 8 -- name: "Updating the guest operating system." - when: "ansible_facts['distribution_major_version'] <= \"7\"" - ansible.builtin.yum: - name: "*" - state: latest # noqa package-latest - update_cache: "yes" - -- name: "Installing additional packages." - when: "ansible_facts['distribution_major_version'] <= \"7\"" - ansible.builtin.yum: - name: - - curl - - wget - - unzip - - ca-certificates - state: latest # noqa package-latest - -... \ No newline at end of file diff --git a/ansible/roles/base/tasks/ubuntu.yml b/ansible/roles/base/tasks/ubuntu.yml index 4f88c25..502d180 100644 --- a/ansible/roles/base/tasks/ubuntu.yml +++ b/ansible/roles/base/tasks/ubuntu.yml @@ -8,10 +8,5 @@ - name: "Installing additional packages." apt: - name: - - bash-completion - - curl - - wget - - unzip - - ca-certificates + name: "{{ additional_packages[ansible_os_family] }}" state: latest # noqa package-latest diff --git a/ansible/roles/base/vars/main.yml b/ansible/roles/base/vars/main.yml new file mode 100644 index 0000000..0d2cbc6 --- /dev/null +++ b/ansible/roles/base/vars/main.yml @@ -0,0 +1,20 @@ +--- +task_name: "Update the operating system and install additional packages." +additional_packages: + Debian: + - bash-completion + - ca-certificates + - curl + - unzip + - wget + RedHat: + - ca-certificates + - curl + - unzip + - wget + Ubuntu: + - bash-completion + - ca-certificates + - curl + - unzip + - wget From 3433e322580a15e4f26baf7aa2824577af18e0c9 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Tue, 11 Jun 2024 22:36:19 -0500 Subject: [PATCH 03/72] feat: add Rocky Linux 8 and 9 support --- build.sh | 92 +++++- builds/linux/rocky/8/data/ks.pkrtpl.hcl | 85 +++++ builds/linux/rocky/8/data/network.pkrtpl.hcl | 5 + builds/linux/rocky/8/data/storage.pkrtpl.hcl | 73 +++++ .../rocky/8/data/storage.pkrtpl.hcl.orig | 66 ++++ .../rocky/8/linux-rocky.auto.pkrvars.hcl | 45 +++ builds/linux/rocky/8/linux-rocky.pkr.hcl | 204 ++++++++++++ .../linux/rocky/8/variables-network.pkr.hcl | 36 +++ .../linux/rocky/8/variables-storage.pkr.hcl | 53 +++ builds/linux/rocky/8/variables.pkr.hcl | 304 ++++++++++++++++++ builds/linux/rocky/9/data/ks.pkrtpl.hcl | 85 +++++ builds/linux/rocky/9/data/network.pkrtpl.hcl | 5 + builds/linux/rocky/9/data/storage.pkrtpl.hcl | 73 +++++ .../rocky/9/linux-rocky.auto.pkrvars.hcl | 45 +++ builds/linux/rocky/9/linux-rocky.pkr.hcl | 204 ++++++++++++ .../linux/rocky/9/variables-network.pkr.hcl | 36 +++ .../linux/rocky/9/variables-storage.pkr.hcl | 53 +++ builds/linux/rocky/9/variables.pkr.hcl | 304 ++++++++++++++++++ builds/network.pkrvars.hcl.example | 12 + 19 files changed, 1767 insertions(+), 13 deletions(-) create mode 100644 builds/linux/rocky/8/data/ks.pkrtpl.hcl create mode 100644 builds/linux/rocky/8/data/network.pkrtpl.hcl create mode 100644 builds/linux/rocky/8/data/storage.pkrtpl.hcl create mode 100644 builds/linux/rocky/8/data/storage.pkrtpl.hcl.orig create mode 100644 builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl create mode 100644 builds/linux/rocky/8/linux-rocky.pkr.hcl create mode 100644 builds/linux/rocky/8/variables-network.pkr.hcl create mode 100644 builds/linux/rocky/8/variables-storage.pkr.hcl create mode 100644 builds/linux/rocky/8/variables.pkr.hcl create mode 100644 builds/linux/rocky/9/data/ks.pkrtpl.hcl create mode 100644 builds/linux/rocky/9/data/network.pkrtpl.hcl create mode 100644 builds/linux/rocky/9/data/storage.pkrtpl.hcl create mode 100644 builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl create mode 100644 builds/linux/rocky/9/linux-rocky.pkr.hcl create mode 100644 builds/linux/rocky/9/variables-network.pkr.hcl create mode 100644 builds/linux/rocky/9/variables-storage.pkr.hcl create mode 100644 builds/linux/rocky/9/variables.pkr.hcl create mode 100644 builds/network.pkrvars.hcl.example diff --git a/build.sh b/build.sh index 8126713..52ae17f 100755 --- a/build.sh +++ b/build.sh @@ -132,6 +132,68 @@ menu_option_4() { } menu_option_5() { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/rocky/8/ + echo -e "\nCONFIRM: Build a Rocky Linux 8 Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a Rocky Linux 8 for Proxmox. ### + echo "Building a Rocky Linux 8 for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_6() { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/rocky/9/ + echo -e "\nCONFIRM: Build a Rocky Linux 9 Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a Rocky Linux 9 for Proxmox. ### + echo "Building a Rocky Linux 9 for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_7() { INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/20-04-lts/ echo -e "\nCONFIRM: Build a Ubuntu Server 20.04 LTS Template for Proxmox?" echo -e "\nContinue? (y/n)" @@ -162,7 +224,7 @@ menu_option_5() { echo "Done." } -menu_option_6() { +menu_option_8() { INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/20-04-lts/ echo -e "\nCONFIRM: Build a Ubuntu Server 20.04 LTS (cloud-init) Template for Proxmox?" echo -e "\nContinue? (y/n)" @@ -194,7 +256,7 @@ menu_option_6() { echo "Done." } -menu_option_7() { +menu_option_9() { INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/22-04-lts/ echo -e "\nCONFIRM: Build a Ubuntu Server 22.04 LTS Template for Proxmox?" echo -e "\nContinue? (y/n)" @@ -225,7 +287,7 @@ menu_option_7() { echo "Done." } -menu_option_8() { +menu_option_10() { INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/22-04-lts/ echo -e "\nCONFIRM: Build a Ubuntu Server 22.04 LTS (cloud-init) Template for Proxmox?" echo -e "\nContinue? (y/n)" @@ -257,7 +319,7 @@ menu_option_8() { echo "Done." } -menu_option_9() { +menu_option_11() { INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/24-04-lts/ echo -e "\nCONFIRM: Build a Ubuntu Server 24.04 LTS Template for Proxmox?" echo -e "\nContinue? (y/n)" @@ -288,7 +350,7 @@ menu_option_9() { echo "Done." } -menu_option_10() { +menu_option_12() { INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/24-04-lts/ echo -e "\nCONFIRM: Build a Ubuntu Server 24.04 LTS (cloud-init) Template for Proxmox?" echo -e "\nContinue? (y/n)" @@ -320,7 +382,7 @@ menu_option_10() { echo "Done." } -menu_option_11() { +menu_option_13() { INPUT_PATH="$SCRIPT_PATH"/builds/linux/opensuse/leap-15-5/ echo -e "\nCONFIRM: Build a OpenSUSE Leap 15.5 Template for Proxmox?" echo -e "\nContinue? (y/n)" @@ -387,13 +449,15 @@ until [ "$selection" = "0" ]; do echo " 2 - CentOS 9 Stream" echo " 3 - Debian 11 (Bullseye)" echo " 4 - Debian 12 (Bookworm)" - echo " 5 - Ubuntu Server 20.04 LTS" - echo " 6 - Ubuntu Server 20.04 LTS (cloud-init)" - echo " 7 - Ubuntu Server 22.04 LTS" - echo " 8 - Ubuntu Server 22.04 LTS (cloud-init)" - echo " 9 - Ubuntu Server 24.04 LTS" - echo " 10 - Ubuntu Server 24.04 LTS (cloud-init)" - echo " 11 - OpenSUSE Leap 15.5" + echo " 5 - Rocky Linux 8" + echo " 6 - Rocky Linux 9" + echo " 7 - Ubuntu Server 20.04 LTS" + echo " 8 - Ubuntu Server 20.04 LTS (cloud-init)" + echo " 9 - Ubuntu Server 22.04 LTS" + echo " 10 - Ubuntu Server 22.04 LTS (cloud-init)" + echo " 11 - Ubuntu Server 24.04 LTS" + echo " 12 - Ubuntu Server 24.04 LTS (cloud-init)" + echo " 13 - OpenSUSE Leap 15.5" echo "" echo " Other:" echo "" @@ -414,6 +478,8 @@ until [ "$selection" = "0" ]; do 9 ) clear ; menu_option_9 ; press_enter ;; 10) clear ; menu_option_10 ; press_enter ;; 11) clear ; menu_option_11 ; press_enter ;; + 12) clear ; menu_option_12 ; press_enter ;; + 13) clear ; menu_option_13 ; press_enter ;; [Ii] ) clear ; info ; press_enter ;; [Qq] ) clear ; exit ;; * ) clear ; incorrect_selection ; press_enter ;; diff --git a/builds/linux/rocky/8/data/ks.pkrtpl.hcl b/builds/linux/rocky/8/data/ks.pkrtpl.hcl new file mode 100644 index 0000000..2bdd9c7 --- /dev/null +++ b/builds/linux/rocky/8/data/ks.pkrtpl.hcl @@ -0,0 +1,85 @@ +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE +# WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +# Rocky Linux 8 + +### Installs from the first attached CD-ROM/DVD on the system. +cdrom + +### Performs the kickstart installation in text mode. +### By default, kickstart installations are performed in graphical mode. +text + +### Accepts the End User License Agreement. +eula --agreed + +### Sets the language to use during installation and the default language to use on the installed system. +lang ${vm_os_language} + +### Sets the default keyboard type for the system. +keyboard ${vm_os_keyboard} + +### Configure network information for target system and activate network devices in the installer environment (optional) +### --onboot enable device at a boot time +### --device device to be activated and / or configured with the network command +### --bootproto method to obtain networking configuration for device (default dhcp) +### --noipv6 disable IPv6 on this device +${network} + +### Lock the root account. +rootpw --lock + +### The selected profile will restrict root login. +### Add a user that can login and escalate privileges. +user --name=${build_username} --iscrypted --password=${build_password_encrypted} --groups=wheel + +### Configure firewall settings for the system. +### --enabled reject incoming connections that are not in response to outbound requests +### --ssh allow sshd service through the firewall +firewall --enabled --ssh + +### Sets up the authentication options for the system. +### The SSSD profile sets sha512 to hash passwords. Passwords are shadowed by default +### See the manual page for authselect-profile for a complete list of possible options. +authselect select sssd + +### Sets the state of SELinux on the installed system. +### Defaults to enforcing. +selinux --enforcing + +### Sets the system time zone. +timezone ${vm_os_timezone} + +### Partitioning +${storage} + +### Modifies the default set of services that will run under the default runlevel. +services --enabled=NetworkManager,sshd + +### Do not configure X on the installed system. +skipx + +### Packages selection. +%packages --ignoremissing --excludedocs +@core +-iwl*firmware +%end + +### Post-installation commands. +%post +dnf makecache +dnf install epel-release -y +dnf makecache +dnf install -y sudo qemu-guest-tools +%{ if additional_packages != "" ~} +dnf install -y ${additional_packages} +%{ endif ~} +echo "${build_username} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/${build_username} +sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers +%end + +### Reboot after the installation is complete. +### --eject attempt to eject the media before rebooting. +reboot --eject diff --git a/builds/linux/rocky/8/data/network.pkrtpl.hcl b/builds/linux/rocky/8/data/network.pkrtpl.hcl new file mode 100644 index 0000000..a7949a7 --- /dev/null +++ b/builds/linux/rocky/8/data/network.pkrtpl.hcl @@ -0,0 +1,5 @@ +%{ if ip != null ~} +network --device=${device} --bootproto=static --ip=${ip} --netmask=${cidrnetmask("${ip}/${netmask}")} --gateway=${gateway} --nameserver=${join(",", dns)} +%{ else ~} +network --device=${device} --bootproto=dhcp +%{ endif ~} diff --git a/builds/linux/rocky/8/data/storage.pkrtpl.hcl b/builds/linux/rocky/8/data/storage.pkrtpl.hcl new file mode 100644 index 0000000..b35af89 --- /dev/null +++ b/builds/linux/rocky/8/data/storage.pkrtpl.hcl @@ -0,0 +1,73 @@ +### Sets how the boot loader should be installed. +bootloader --location=mbr + +### Initialize any invalid partition tables found on disks. +zerombr + +### Removes partitions from the system, prior to creation of new partitions. +### By default, no partitions are removed. +### --all Erases all partitions from the system +### --initlabel Initializes a disk (or disks) by creating a default disk label for all disks in their respective architecture. +clearpart --all --initlabel + +### Modify partition sizes for the virtual machine hardware. +### Create primary system partitions. +%{ for partition in partitions ~} +part +%{~ if partition.volume_group != "" ~} + pv.${partition.volume_group} +%{~ else ~} +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} +%{~ if partition.format.fstype != "" ~} + --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ endif ~} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +### Create a logical volume management (LVM) group. +%{ for index, volume_group in lvm ~} +volgroup sysvg pv.${volume_group.name} + +### Modify logical volume sizes for the virtual machine hardware. +### Create logical volumes. +%{ for partition in volume_group.partitions ~} +logvol +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} + --name=${partition.name} --vgname=${volume_group.name} --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +%{ endfor ~} \ No newline at end of file diff --git a/builds/linux/rocky/8/data/storage.pkrtpl.hcl.orig b/builds/linux/rocky/8/data/storage.pkrtpl.hcl.orig new file mode 100644 index 0000000..d048cf0 --- /dev/null +++ b/builds/linux/rocky/8/data/storage.pkrtpl.hcl.orig @@ -0,0 +1,66 @@ +### Sets how the boot loader should be installed. +bootloader --location=mbr + +### Initialize any invalid partition tables found on disks. +zerombr + +### Removes partitions from the system, prior to creation of new partitions. +### By default, no partitions are removed. +### --all Erases all partitions from the system +### --initlabel Initializes a disk (or disks) by creating a default disk label for all disks in their respective architecture. +clearpart --all --initlabel + +### Modify partition sizes for the virtual machine hardware. +### Create primary system partitions. +%{ if length(partitions) == 1 && partitions[0].name == "autopart" ~} + %{ if partitions[0].format.fstype == "lvm" ~} +autopart --type=lvm + %{ endif } + %{ if partitions[0].format.fstype == "simple" ~} +autopart --type=plain + %{ endif } + %{ if partitions[0].format.fstype == "" ~} +autopart --type=plain + %{ endif } +%{ else } + %{ for partition in partitions ~} + %{ if partition.format.fstype == "swap" ~} +part swap --size=${partition.size} + + %{ endif ~} + %{ if partition.mount.path == "/boot/efi" ~} +part ${partition.mount.path} --fstype vfat --size=${partition.size} --label=${partition.format.label} + + %{ endif ~} + %{ if partition.mount.path != "" ~} +part ${partition.mount.path} --fstype ${partition.format.fstype} --size=${partition.size} --label=${partition.format.label} %{~ if partition.mount.options != "" ~}--fsoptions="${partition.mount.options}"%{~ endif ~} + + %{ endif ~} + %{ if partition.volume_group != "" ~} + %{ if partition.size == -1 ~} +part pv.${partition.volume_group} --size=100 --grow + + %{ else ~} +part pv.${partition.volume_group} --size=${partition.size} + + %{ endif ~} +### Create a logical volume management (LVM) group. +### Modify logical volume sizes for the virtual machine hardware. + %{ for index, volume_group in lvm ~} + %{ if partition.volume_group != "" ~} +volgroup ${volume_group.name} --pesize=4096 pv.${partition.volume_group} + + %{ endif ~} +### Create logical volumes. + %{ for partition in volume_group.partitions ~} + %{ if partition.format.fstype == "swap" ~} +logvol swap --fstype ${partition.format.fstype} --name=${partition.name} --vgname=${volume_group.name} --size=${partition.size} --label=${partition.format.label} + %{ else ~} +logvol ${partition.mount.path} %{ if partition.format.fstype == "fat32" } --fstype vfat %{ else } --fstype ${partition.format.fstype} %{ endif } %{ if partition.size != -1 } --size=${partition.size} %{ else } --size=100 --grow %{ endif } --name=${partition.name} --vgname=${volume_group.name} --label=${partition.format.label} %{ if partition.mount.options != "" ~} --fsoptions="${partition.mount.options}" %{~ endif ~} + + %{ endif ~} + %{ endfor ~} + %{ endfor ~} + %{ endif ~} + %{ endfor ~} +%{ endif } diff --git a/builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl b/builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl new file mode 100644 index 0000000..8d649e6 --- /dev/null +++ b/builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl @@ -0,0 +1,45 @@ +/* + DESCRIPTION: + Rocky Linux 8 variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// Guest Operating System Metadata +vm_os_language = "en_US" +vm_os_keyboard = "us" +vm_os_timezone = "UTC" +vm_os_family = "linux" +vm_os_name = "rocky" +vm_os_version = "8" + +// Virtual Machine Guest Operating System Setting +vm_os_type = "l26" + +// Virtual Machine Hardware Settings +vm_bios = "seabios" +vm_cpu_count = 1 +vm_cpu_sockets = 1 +vm_cpu_type = "kvm64" +vm_mem_size = 2048 +vm_disk_type = "virtio" +vm_disk_size = "32G" +vm_disk_format = "raw" +vm_storage_pool = "vm-data" +vm_disk_controller_type = "virtio-scsi-pci" +vm_network_card_model = "virtio" +vm_bridge_interface = "vmbr0" +vm_vlan_tag = "102" + +// Removable Media Settings +iso_path = "iso" +iso_file = "Rocky-8.10-x86_64-dvd1.iso" +iso_checksum = "file:https://download.rockylinux.org/pub/rocky/8/isos/x86_64/CHECKSUM" + +// Boot Settings +vm_boot = "order=virtio0;ide2;net0" +vm_boot_wait = "10s" + +// EFI Settings +vm_firmware_path = "./OVMF.fd" +vm_efi_storage_pool = "vm-data" +vm_efi_pre_enrolled_keys = false +vm_efi_type = "4m" diff --git a/builds/linux/rocky/8/linux-rocky.pkr.hcl b/builds/linux/rocky/8/linux-rocky.pkr.hcl new file mode 100644 index 0000000..9a21856 --- /dev/null +++ b/builds/linux/rocky/8/linux-rocky.pkr.hcl @@ -0,0 +1,204 @@ +/* + DESCRIPTION: + Rocky Linux 8 template using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: packer +// The Packer configuration. + +packer { + required_version = ">= 1.9.1" + required_plugins { + ansible = { + source = "github.com/hashicorp/ansible" + version = "~> 1" + } + git = { + version = ">= 0.4.2" + source = "github.com/ethanmdavidson/git" + } + proxmox = { + version = ">= 1.0.6" + source = "github.com/hashicorp/proxmox" + } + } +} + +// BLOCK: data +// Defines the data sources. + +data "git-repository" "cwd" {} + +// BLOCK: locals +// Defines the local variables. + +locals { + build_by = "Built by: HashiCorp Packer ${packer.version}" + build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) + build_version = data.git-repository.cwd.head + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" + manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) + manifest_path = "${path.cwd}/manifests/" + manifest_output = "${local.manifest_path}${local.manifest_date}.json" + data_source_content = { + "/ks.cfg" = templatefile("${abspath(path.root)}/data/ks.pkrtpl.hcl", { + build_username = var.build_username + build_password = var.build_password + build_password_encrypted = var.build_password_encrypted + vm_disk_type = local.vm_disk_type + vm_os_language = var.vm_os_language + vm_os_keyboard = var.vm_os_keyboard + vm_os_timezone = var.vm_os_timezone + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_bridge_interface + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) + common_data_source = var.common_data_source + # lvm needs to be here so late commands can access vg names + lvm = var.vm_disk_lvm + storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { + device = var.vm_disk_device + swap = var.vm_disk_use_swap + partitions = var.vm_disk_partitions + lvm = var.vm_disk_lvm + vm_bios = var.vm_bios + }) + additional_packages = join(" ", var.additional_packages) + }) + } + data_source_command = var.common_data_source == "http" ? "inst.ks=http://{{.HTTPIP}}:{{.HTTPPort}}/ks.cfg" : "inst.ks=/cdrom/ks.cfg" + vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null +} + +// BLOCK: source +// Defines the builder configuration blocks. + +source "proxmox-iso" "linux-rocky" { + + // Proxmox Connection Settings and Credentials + proxmox_url = "https://${var.proxmox_hostname}:8006/api2/json" + username = "${var.proxmox_api_token_id}" + token = "${var.proxmox_api_token_secret}" + insecure_skip_tls_verify = "${var.proxmox_insecure_connection}" + + // Proxmox Settings + node = "${var.proxmox_node}" + + // Virtual Machine Settings + vm_name = "${local.vm_name}" + bios = "${var.vm_bios}" + sockets = "${var.vm_cpu_sockets}" + cores = "${var.vm_cpu_count}" + cpu_type = "${var.vm_cpu_type}" + memory = "${var.vm_mem_size}" + os = "${var.vm_os_type}" + scsi_controller = "${var.vm_disk_controller_type}" + disks { + disk_size = "${var.vm_disk_size}" + type = "${var.vm_disk_type}" + storage_pool = "${var.vm_storage_pool}" + format = "${var.vm_disk_format}" + } + dynamic "efi_config" { + for_each = var.vm_bios == "ovmf" ? [1] : [] + content { + efi_storage_pool = var.vm_bios == "ovmf" ? var.vm_efi_storage_pool : null + efi_type = var.vm_bios == "ovmf" ? var.vm_efi_type : null + pre_enrolled_keys = var.vm_bios == "ovmf" ? var.vm_efi_pre_enrolled_keys : null + } + } + unmount_iso = true + ssh_username = "${var.build_username}" + ssh_password = "${var.build_password}" + ssh_timeout = "${var.timeout}" + ssh_port = "22" + iso_file = "${var.common_iso_storage}:${var.iso_path}/${var.iso_file}" + iso_checksum = "${var.iso_checksum}" + qemu_agent = true + + network_adapters { + bridge = "${var.vm_bridge_interface}" + model = "${var.vm_network_card_model}" + vlan_tag = "${var.vm_vlan_tag}" + } + + // Removable Media Settings + http_content = "${var.common_data_source}" == "http" ? "${local.data_source_content}" : null + + // Boot and Provisioning Settings + http_bind_address = var.common_data_source == "http" ? var.common_http_bind_address : null + http_port_min = var.common_data_source == "http" ? var.common_http_port_min : null + http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null + boot = var.vm_boot + boot_wait = var.vm_boot_wait + boot_command = [ + "", + "", + " text ${local.data_source_command}", + "" + ] + + dynamic "additional_iso_files" { + for_each = var.common_data_source == "disk" ? [1] : [] + content { + cd_files = var.common_data_source == "disk" ? local.data_source_content : null + cd_label = var.common_data_source == "disk" ? "cidata" : null + iso_storage_pool = var.common_data_source == "disk" ? "local" : null + } + } + + template_name = "${local.vm_name}" + template_description = "${local.build_description}" + + # VM Cloud Init Settings + cloud_init = var.vm_cloud_init_enable + cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + +} + +# Build Definition to create the VM Template +build { + sources = ["source.proxmox-iso.linux-rocky"] + + provisioner "ansible" { + user = "${var.build_username}" + playbook_file = "${path.cwd}/ansible/main.yml" + roles_path = "${path.cwd}/ansible/roles" + ansible_env_vars = [ + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" + ] + extra_arguments = [ + "--extra-vars", "display_skipped_hosts=false", + "--extra-vars", "BUILD_USERNAME=${var.build_username}", + "--extra-vars", "BUILD_SECRET='${var.build_key}'", + "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", + "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", + ] + } + + post-processor "manifest" { + output = local.manifest_output + strip_path = true + strip_time = true + custom_data = { + ansible_username = "${var.ansible_username}" + build_username = "${var.build_username}" + build_date = "${local.build_date}" + build_version = "${local.build_version}" + common_data_source = "${var.common_data_source}" + vm_cpu_sockets = "${var.vm_cpu_sockets}" + vm_cpu_count = "${var.vm_cpu_count}" + vm_disk_size = "${var.vm_disk_size}" + vm_bios = "${var.vm_bios}" + vm_os_type = "${var.vm_os_type}" + vm_mem_size = "${var.vm_mem_size}" + vm_network_card_model = "${var.vm_network_card_model}" + vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + } + } +} diff --git a/builds/linux/rocky/8/variables-network.pkr.hcl b/builds/linux/rocky/8/variables-network.pkr.hcl new file mode 100644 index 0000000..84b081f --- /dev/null +++ b/builds/linux/rocky/8/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + Rocky Linux 8 network variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens192" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} diff --git a/builds/linux/rocky/8/variables-storage.pkr.hcl b/builds/linux/rocky/8/variables-storage.pkr.hcl new file mode 100644 index 0000000..daf1f52 --- /dev/null +++ b/builds/linux/rocky/8/variables-storage.pkr.hcl @@ -0,0 +1,53 @@ +/* + DESCRIPTION: + Rocky Linux 8 storage variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Storage Settings + +variable "vm_disk_device" { + type = string + description = "The device for the virtual disk. (e.g. 'sda')" +} + +variable "vm_disk_use_swap" { + type = bool + description = "Whether to use a swap partition." +} + +variable "vm_disk_partitions" { + type = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + volume_group = string + })) + description = "The disk partitions for the virtual disk." +} + +variable "vm_disk_lvm" { + type = list(object({ + name = string + partitions = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + })) + })) + description = "The LVM configuration for the virtual disk." + default = [] +} diff --git a/builds/linux/rocky/8/variables.pkr.hcl b/builds/linux/rocky/8/variables.pkr.hcl new file mode 100644 index 0000000..ded878b --- /dev/null +++ b/builds/linux/rocky/8/variables.pkr.hcl @@ -0,0 +1,304 @@ +/* + DESCRIPTION: + Rocky Linux 8 variables using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: variable +// Defines the input variables. + +// Proxmox Credentials + +variable "proxmox_hostname" { + type = string + description = "The FQDN or IP address of a Proxmox node. Only one node should be specified in a cluster." +} + +variable "proxmox_api_token_id" { + type = string + description = "The token to login to the Proxmox node/cluster. The format is USER@REALM!TOKENID. (e.g. packer@pam!packer_pve_token)" +} + +variable "proxmox_api_token_secret" { + type = string + description = "The secret for the API token used to login to the Proxmox API." +# sensitive = true +} + +variable "proxmox_insecure_connection" { + description = "true/false to skip Proxmox TLS certificate checks." + type = bool + default = true +} + +// Proxmox Settings + +variable "proxmox_node" { + type = string + description = "The name of the Proxmox node that Packer will build templates on." +} + +// Virtual Machine Settings + +variable "vm_os_language" { + type = string + description = "The guest operating system language." + default = "en_US" +} + +variable "vm_os_keyboard" { + type = string + description = "The guest operating system keyboard layout." + default = "us" +} + +variable "vm_os_timezone" { + type = string + description = "The guest operating system timezone." + default = "UTC" +} + +variable "vm_os_family" { + type = string + description = "The guest operating system family. Used for naming. (e.g. 'linux')" +} + +variable "vm_os_name" { + type = string + description = "The guest operating system name. Used for naming. (e.g. 'ubuntu')" +} + +variable "vm_os_version" { + type = string + description = "The guest operating system version. Used for naming. (e.g. '22-04-lts')" +} + +variable "vm_os_type" { + type = string + description = "The guest operating system type. (e.g. 'l26')" +} + +variable "vm_bios" { + type = string + description = "The firmware type. Allowed values 'ovmf' or 'seabios'" + default = "OVMF" + + validation { + condition = contains(["ovmf", "seabios"], var.vm_bios) + error_message = "The vm_bios value must be 'ovmf' or 'seabios'." + } +} + +variable "vm_firmware_path" { + type = string + description = "The firmware file to be used. Needed for EFI" + default = "/usr/share/ovmf/OVMF.fd" +} + +variable "vm_efi_storage_pool" { + type = string + description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" +} + +variable "vm_efi_type" { + type = string + description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" +} + +variable "vm_efi_pre_enrolled_keys" { + type = bool + description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" +} + +variable "vm_cpu_count" { + type = number + description = "The number of virtual CPUs. (e.g. '2')" +} + +variable "vm_cpu_sockets" { + type = number + description = "The number of virtual CPU sockets. (e.g. '1')" +} + +variable "vm_cpu_type" { + type = string + description = "The CPU type to emulate. See the Proxmox API documentation for the complete list of accepted values. For best performance, set this to host. Defaults to kvm64." +} + +variable "vm_mem_size" { + type = number + description = "The size for the virtual memory in MB. (e.g. '2048')" +} + +variable "vm_disk_controller_type" { + type = string + description = "The SCSI controller model to emulate. (e.g. 'virtio-scsi-pci')" +} + +variable "vm_disk_type" { + type = string + description = "The type of disk to emulate. (e.g. 'virtio')" +} + +variable "vm_storage_pool" { + type = string + description = "The name of the Proxmox storage pool to store the VM template. (e.g. 'local-lvm')" +} + +variable "vm_disk_size" { + type = string + description = "The size for the virtual disk in GB. (e.g. '32G')" +} + +variable "vm_disk_format" { + type = string + description = "The format of the file backing the disk. (e.g. 'qcow2')" +} + +variable "vm_network_card_model" { + type = string + description = "The model of the virtual network adapter to emulate. (e.g. 'virtio')" +} + +variable "vm_bridge_interface" { + type = string + description = "The name of the Proxmox bridge to attach the adapter to." +} + +variable "vm_vlan_tag" { + type = string + description = "If the adapter should tag packets, give the VLAN ID. (e.g. '102')" +} + +// Cloud-Init Settings + +variable "vm_cloud_init_enable" { + type = bool + description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" + default = false +} + +// Removable Media Settings + +variable "common_iso_storage" { + type = string + description = "The name of the source Proxmox storage location for ISO images. (e.g. 'local-lvm')" +} + +variable "iso_path" { + type = string + description = "The path on the source Proxmox storage location for ISO images. (e.g. 'iso')" +} + +variable "iso_file" { + type = string + description = "The file name of the ISO image used by the vendor. (e.g. 'ubuntu--live-server-amd64.iso')" +} + +variable "iso_checksum" { + type = string + description = "The checksum value of the ISO image provided by the vendor." +} + +// Boot Settings + +variable "common_data_source" { + type = string + description = "The provisioning data source. (e.g. 'http' or 'disk')" +} + +variable "common_http_bind_address" { + type = string + description = "Define an IP address on the host to use for the HTTP server." + default = null +} + +variable "common_http_port_min" { + type = number + description = "The start of the HTTP port range." +} + +variable "common_http_port_max" { + type = number + description = "The end of the HTTP port range." +} + +variable "vm_boot" { + type = string + description = "The boot order for virtual machine devices. (e.g. 'order=virtio0;ide2;net0')" +} + +variable "vm_boot_wait" { + type = string + description = "The time to wait after booting the initial VM before typing the boot_command (e.g '10s')" +} + +variable "common_ip_wait_timeout" { + type = string + description = "Time to wait for guest operating system IP address response." +} + +variable "common_shutdown_timeout" { + type = string + description = "Time to wait for guest operating system shutdown." +} + +// Communicator Settings and Credentials + +variable "build_username" { + type = string + description = "The username to login to the guest operating system. (e.g. 'ubuntu')" +# sensitive = true +} + +variable "build_password" { + type = string + description = "The password to login to the guest operating system." +# sensitive = true +} + +variable "build_password_encrypted" { + type = string + description = "The encrypted password to login to the guest operating system." +# sensitive = true +} + +variable "build_key" { + type = string + description = "The SSH public key to login to the guest operating system." +# sensitive = true +} + +variable "timeout" { + description = "not sure why I need so high a timeout but here we are" + default = "90m" +} + +// Ansible Credentials + +variable "ansible_username" { + type = string + description = "The username for Ansible to login to the guest operating system. (e.g. 'ansible')" +# sensitive = true +} + +variable "ansible_key" { + type = string + description = "The public key for Ansible to login to the guest operating system." +# sensitive = true +} + +// HCP Packer Settings + +variable "common_hcp_packer_registry_enabled" { + type = bool + description = "Enable the HCP Packer registry." + default = false +} + +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} diff --git a/builds/linux/rocky/9/data/ks.pkrtpl.hcl b/builds/linux/rocky/9/data/ks.pkrtpl.hcl new file mode 100644 index 0000000..93e36e2 --- /dev/null +++ b/builds/linux/rocky/9/data/ks.pkrtpl.hcl @@ -0,0 +1,85 @@ +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE +# WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +# Rocky Linux 9 + +### Installs from the first attached CD-ROM/DVD on the system. +cdrom + +### Performs the kickstart installation in text mode. +### By default, kickstart installations are performed in graphical mode. +text + +### Accepts the End User License Agreement. +eula --agreed + +### Sets the language to use during installation and the default language to use on the installed system. +lang ${vm_os_language} + +### Sets the default keyboard type for the system. +keyboard ${vm_os_keyboard} + +### Configure network information for target system and activate network devices in the installer environment (optional) +### --onboot enable device at a boot time +### --device device to be activated and / or configured with the network command +### --bootproto method to obtain networking configuration for device (default dhcp) +### --noipv6 disable IPv6 on this device +${network} + +### Lock the root account. +rootpw --lock + +### The selected profile will restrict root login. +### Add a user that can login and escalate privileges. +user --name=${build_username} --iscrypted --password=${build_password_encrypted} --groups=wheel + +### Configure firewall settings for the system. +### --enabled reject incoming connections that are not in response to outbound requests +### --ssh allow sshd service through the firewall +firewall --enabled --ssh + +### Sets up the authentication options for the system. +### The SSSD profile sets sha512 to hash passwords. Passwords are shadowed by default +### See the manual page for authselect-profile for a complete list of possible options. +authselect select sssd + +### Sets the state of SELinux on the installed system. +### Defaults to enforcing. +selinux --enforcing + +### Sets the system time zone. +timezone ${vm_os_timezone} + +### Partitioning +${storage} + +### Modifies the default set of services that will run under the default runlevel. +services --enabled=NetworkManager,sshd + +### Do not configure X on the installed system. +skipx + +### Packages selection. +%packages --ignoremissing --excludedocs +@core +-iwl*firmware +%end + +### Post-installation commands. +%post +dnf makecache +dnf install epel-release -y +dnf makecache +dnf install -y sudo qemu-guest-tools +%{ if additional_packages != "" ~} +dnf install -y ${additional_packages} +%{ endif ~} +echo "${build_username} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/${build_username} +sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers +%end + +### Reboot after the installation is complete. +### --eject attempt to eject the media before rebooting. +reboot --eject diff --git a/builds/linux/rocky/9/data/network.pkrtpl.hcl b/builds/linux/rocky/9/data/network.pkrtpl.hcl new file mode 100644 index 0000000..a7949a7 --- /dev/null +++ b/builds/linux/rocky/9/data/network.pkrtpl.hcl @@ -0,0 +1,5 @@ +%{ if ip != null ~} +network --device=${device} --bootproto=static --ip=${ip} --netmask=${cidrnetmask("${ip}/${netmask}")} --gateway=${gateway} --nameserver=${join(",", dns)} +%{ else ~} +network --device=${device} --bootproto=dhcp +%{ endif ~} diff --git a/builds/linux/rocky/9/data/storage.pkrtpl.hcl b/builds/linux/rocky/9/data/storage.pkrtpl.hcl new file mode 100644 index 0000000..2ec0342 --- /dev/null +++ b/builds/linux/rocky/9/data/storage.pkrtpl.hcl @@ -0,0 +1,73 @@ +### Sets how the boot loader should be installed. +bootloader --location=mbr + +### Initialize any invalid partition tables found on disks. +zerombr + +### Removes partitions from the system, prior to creation of new partitions. +### By default, no partitions are removed. +### --all Erases all partitions from the system +### --initlabel Initializes a disk (or disks) by creating a default disk label for all disks in their respective architecture. +clearpart --all --initlabel + +### Modify partition sizes for the virtual machine hardware. +### Create primary system partitions. +%{ for partition in partitions ~} +part +%{~ if partition.volume_group != "" ~} + pv.${partition.volume_group} +%{~ else ~} +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} +%{~ if partition.format.fstype != "" ~} + --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ endif ~} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +### Create a logical volume management (LVM) group. +%{ for index, volume_group in lvm ~} +volgroup sysvg pv.${volume_group.name} + +### Modify logical volume sizes for the virtual machine hardware. +### Create logical volumes. +%{ for partition in volume_group.partitions ~} +logvol +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} + --name=${partition.name} --vgname=${volume_group.name} --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +%{ endfor ~} diff --git a/builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl b/builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl new file mode 100644 index 0000000..d4c34a4 --- /dev/null +++ b/builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl @@ -0,0 +1,45 @@ +/* + DESCRIPTION: + Rocky Linux 9 variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// Guest Operating System Metadata +vm_os_language = "en_US" +vm_os_keyboard = "us" +vm_os_timezone = "UTC" +vm_os_family = "linux" +vm_os_name = "rocky" +vm_os_version = "9" + +// Virtual Machine Guest Operating System Setting +vm_os_type = "l26" + +// Virtual Machine Hardware Settings +vm_bios = "seabios" +vm_cpu_count = 1 +vm_cpu_sockets = 1 +vm_cpu_type = "x86-64-v2-AES" +vm_mem_size = 2048 +vm_disk_type = "virtio" +vm_disk_size = "32G" +vm_disk_format = "raw" +vm_storage_pool = "vm-data" +vm_disk_controller_type = "virtio-scsi-pci" +vm_network_card_model = "virtio" +vm_bridge_interface = "vmbr0" +vm_vlan_tag = "102" + +// Removable Media Settings +iso_path = "iso" +iso_file = "Rocky-9.4-x86_64-dvd.iso" +iso_checksum = "file:https://download.rockylinux.org/pub/rocky/9/isos/x86_64/CHECKSUM" + +// Boot Settings +vm_boot = "order=virtio0;ide2;net0" +vm_boot_wait = "10s" + +// EFI Settings +vm_firmware_path = "./OVMF.fd" +vm_efi_storage_pool = "vm-data" +vm_efi_pre_enrolled_keys = false +vm_efi_type = "4m" diff --git a/builds/linux/rocky/9/linux-rocky.pkr.hcl b/builds/linux/rocky/9/linux-rocky.pkr.hcl new file mode 100644 index 0000000..731ea55 --- /dev/null +++ b/builds/linux/rocky/9/linux-rocky.pkr.hcl @@ -0,0 +1,204 @@ +/* + DESCRIPTION: + Rocky Linux 9 template using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: packer +// The Packer configuration. + +packer { + required_version = ">= 1.9.1" + required_plugins { + ansible = { + source = "github.com/hashicorp/ansible" + version = "~> 1" + } + git = { + version = ">= 0.4.2" + source = "github.com/ethanmdavidson/git" + } + proxmox = { + version = ">= 1.0.6" + source = "github.com/hashicorp/proxmox" + } + } +} + +// BLOCK: data +// Defines the data sources. + +data "git-repository" "cwd" {} + +// BLOCK: locals +// Defines the local variables. + +locals { + build_by = "Built by: HashiCorp Packer ${packer.version}" + build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) + build_version = data.git-repository.cwd.head + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" + manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) + manifest_path = "${path.cwd}/manifests/" + manifest_output = "${local.manifest_path}${local.manifest_date}.json" + data_source_content = { + "/ks.cfg" = templatefile("${abspath(path.root)}/data/ks.pkrtpl.hcl", { + build_username = var.build_username + build_password = var.build_password + build_password_encrypted = var.build_password_encrypted + vm_disk_type = local.vm_disk_type + vm_os_language = var.vm_os_language + vm_os_keyboard = var.vm_os_keyboard + vm_os_timezone = var.vm_os_timezone + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_bridge_interface + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) + common_data_source = var.common_data_source + # lvm needs to be here so late commands can access vg names + lvm = var.vm_disk_lvm + storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { + device = var.vm_disk_device + swap = var.vm_disk_use_swap + partitions = var.vm_disk_partitions + lvm = var.vm_disk_lvm + vm_bios = var.vm_bios + }) + additional_packages = join(" ", var.additional_packages) + }) + } + data_source_command = var.common_data_source == "http" ? "inst.ks=http://{{.HTTPIP}}:{{.HTTPPort}}/ks.cfg" : "inst.ks=/cdrom/ks.cfg" + vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null +} + +// BLOCK: source +// Defines the builder configuration blocks. + +source "proxmox-iso" "linux-rocky" { + + // Proxmox Connection Settings and Credentials + proxmox_url = "https://${var.proxmox_hostname}:8006/api2/json" + username = "${var.proxmox_api_token_id}" + token = "${var.proxmox_api_token_secret}" + insecure_skip_tls_verify = "${var.proxmox_insecure_connection}" + + // Proxmox Settings + node = "${var.proxmox_node}" + + // Virtual Machine Settings + vm_name = "${local.vm_name}" + bios = "${var.vm_bios}" + sockets = "${var.vm_cpu_sockets}" + cores = "${var.vm_cpu_count}" + cpu_type = "${var.vm_cpu_type}" + memory = "${var.vm_mem_size}" + os = "${var.vm_os_type}" + scsi_controller = "${var.vm_disk_controller_type}" + disks { + disk_size = "${var.vm_disk_size}" + type = "${var.vm_disk_type}" + storage_pool = "${var.vm_storage_pool}" + format = "${var.vm_disk_format}" + } + dynamic "efi_config" { + for_each = var.vm_bios == "ovmf" ? [1] : [] + content { + efi_storage_pool = var.vm_bios == "ovmf" ? var.vm_efi_storage_pool : null + efi_type = var.vm_bios == "ovmf" ? var.vm_efi_type : null + pre_enrolled_keys = var.vm_bios == "ovmf" ? var.vm_efi_pre_enrolled_keys : null + } + } + unmount_iso = true + ssh_username = "${var.build_username}" + ssh_password = "${var.build_password}" + ssh_timeout = "${var.timeout}" + ssh_port = "22" + iso_file = "${var.common_iso_storage}:${var.iso_path}/${var.iso_file}" + iso_checksum = "${var.iso_checksum}" + qemu_agent = true + + network_adapters { + bridge = "${var.vm_bridge_interface}" + model = "${var.vm_network_card_model}" + vlan_tag = "${var.vm_vlan_tag}" + } + + // Removable Media Settings + http_content = "${var.common_data_source}" == "http" ? "${local.data_source_content}" : null + + // Boot and Provisioning Settings + http_bind_address = var.common_data_source == "http" ? var.common_http_bind_address : null + http_port_min = var.common_data_source == "http" ? var.common_http_port_min : null + http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null + boot = var.vm_boot + boot_wait = var.vm_boot_wait + boot_command = [ + "", + "", + " text ${local.data_source_command}", + "" + ] + + dynamic "additional_iso_files" { + for_each = var.common_data_source == "disk" ? [1] : [] + content { + cd_files = var.common_data_source == "disk" ? local.data_source_content : null + cd_label = var.common_data_source == "disk" ? "cidata" : null + iso_storage_pool = var.common_data_source == "disk" ? "local" : null + } + } + + template_name = "${local.vm_name}" + template_description = "${local.build_description}" + + # VM Cloud Init Settings + cloud_init = var.vm_cloud_init_enable + cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + +} + +# Build Definition to create the VM Template +build { + sources = ["source.proxmox-iso.linux-rocky"] + + provisioner "ansible" { + user = "${var.build_username}" + playbook_file = "${path.cwd}/ansible/main.yml" + roles_path = "${path.cwd}/ansible/roles" + ansible_env_vars = [ + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" + ] + extra_arguments = [ + "--extra-vars", "display_skipped_hosts=false", + "--extra-vars", "BUILD_USERNAME=${var.build_username}", + "--extra-vars", "BUILD_SECRET='${var.build_key}'", + "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", + "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", + ] + } + + post-processor "manifest" { + output = local.manifest_output + strip_path = true + strip_time = true + custom_data = { + ansible_username = "${var.ansible_username}" + build_username = "${var.build_username}" + build_date = "${local.build_date}" + build_version = "${local.build_version}" + common_data_source = "${var.common_data_source}" + vm_cpu_sockets = "${var.vm_cpu_sockets}" + vm_cpu_count = "${var.vm_cpu_count}" + vm_disk_size = "${var.vm_disk_size}" + vm_bios = "${var.vm_bios}" + vm_os_type = "${var.vm_os_type}" + vm_mem_size = "${var.vm_mem_size}" + vm_network_card_model = "${var.vm_network_card_model}" + vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + } + } +} diff --git a/builds/linux/rocky/9/variables-network.pkr.hcl b/builds/linux/rocky/9/variables-network.pkr.hcl new file mode 100644 index 0000000..29f8a32 --- /dev/null +++ b/builds/linux/rocky/9/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + Rocky Linux 9 network variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens192" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} diff --git a/builds/linux/rocky/9/variables-storage.pkr.hcl b/builds/linux/rocky/9/variables-storage.pkr.hcl new file mode 100644 index 0000000..edfadb6 --- /dev/null +++ b/builds/linux/rocky/9/variables-storage.pkr.hcl @@ -0,0 +1,53 @@ +/* + DESCRIPTION: + Rocky Linux 9 storage variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Storage Settings + +variable "vm_disk_device" { + type = string + description = "The device for the virtual disk. (e.g. 'sda')" +} + +variable "vm_disk_use_swap" { + type = bool + description = "Whether to use a swap partition." +} + +variable "vm_disk_partitions" { + type = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + volume_group = string + })) + description = "The disk partitions for the virtual disk." +} + +variable "vm_disk_lvm" { + type = list(object({ + name = string + partitions = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + })) + })) + description = "The LVM configuration for the virtual disk." + default = [] +} diff --git a/builds/linux/rocky/9/variables.pkr.hcl b/builds/linux/rocky/9/variables.pkr.hcl new file mode 100644 index 0000000..15810aa --- /dev/null +++ b/builds/linux/rocky/9/variables.pkr.hcl @@ -0,0 +1,304 @@ +/* + DESCRIPTION: + Rocky Linux 9 variables using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: variable +// Defines the input variables. + +// Proxmox Credentials + +variable "proxmox_hostname" { + type = string + description = "The FQDN or IP address of a Proxmox node. Only one node should be specified in a cluster." +} + +variable "proxmox_api_token_id" { + type = string + description = "The token to login to the Proxmox node/cluster. The format is USER@REALM!TOKENID. (e.g. packer@pam!packer_pve_token)" +} + +variable "proxmox_api_token_secret" { + type = string + description = "The secret for the API token used to login to the Proxmox API." +# sensitive = true +} + +variable "proxmox_insecure_connection" { + description = "true/false to skip Proxmox TLS certificate checks." + type = bool + default = true +} + +// Proxmox Settings + +variable "proxmox_node" { + type = string + description = "The name of the Proxmox node that Packer will build templates on." +} + +// Virtual Machine Settings + +variable "vm_os_language" { + type = string + description = "The guest operating system language." + default = "en_US" +} + +variable "vm_os_keyboard" { + type = string + description = "The guest operating system keyboard layout." + default = "us" +} + +variable "vm_os_timezone" { + type = string + description = "The guest operating system timezone." + default = "UTC" +} + +variable "vm_os_family" { + type = string + description = "The guest operating system family. Used for naming. (e.g. 'linux')" +} + +variable "vm_os_name" { + type = string + description = "The guest operating system name. Used for naming. (e.g. 'ubuntu')" +} + +variable "vm_os_version" { + type = string + description = "The guest operating system version. Used for naming. (e.g. '22-04-lts')" +} + +variable "vm_os_type" { + type = string + description = "The guest operating system type. (e.g. 'l26')" +} + +variable "vm_bios" { + type = string + description = "The firmware type. Allowed values 'ovmf' or 'seabios'" + default = "OVMF" + + validation { + condition = contains(["ovmf", "seabios"], var.vm_bios) + error_message = "The vm_bios value must be 'ovmf' or 'seabios'." + } +} + +variable "vm_firmware_path" { + type = string + description = "The firmware file to be used. Needed for EFI" + default = "/usr/share/ovmf/OVMF.fd" +} + +variable "vm_efi_storage_pool" { + type = string + description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" +} + +variable "vm_efi_type" { + type = string + description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" +} + +variable "vm_efi_pre_enrolled_keys" { + type = bool + description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" +} + +variable "vm_cpu_count" { + type = number + description = "The number of virtual CPUs. (e.g. '2')" +} + +variable "vm_cpu_sockets" { + type = number + description = "The number of virtual CPU sockets. (e.g. '1')" +} + +variable "vm_cpu_type" { + type = string + description = "The CPU type to emulate. See the Proxmox API documentation for the complete list of accepted values. For best performance, set this to host. Defaults to kvm64." +} + +variable "vm_mem_size" { + type = number + description = "The size for the virtual memory in MB. (e.g. '2048')" +} + +variable "vm_disk_controller_type" { + type = string + description = "The SCSI controller model to emulate. (e.g. 'virtio-scsi-pci')" +} + +variable "vm_disk_type" { + type = string + description = "The type of disk to emulate. (e.g. 'virtio')" +} + +variable "vm_storage_pool" { + type = string + description = "The name of the Proxmox storage pool to store the VM template. (e.g. 'local-lvm')" +} + +variable "vm_disk_size" { + type = string + description = "The size for the virtual disk in GB. (e.g. '32G')" +} + +variable "vm_disk_format" { + type = string + description = "The format of the file backing the disk. (e.g. 'qcow2')" +} + +variable "vm_network_card_model" { + type = string + description = "The model of the virtual network adapter to emulate. (e.g. 'virtio')" +} + +variable "vm_bridge_interface" { + type = string + description = "The name of the Proxmox bridge to attach the adapter to." +} + +variable "vm_vlan_tag" { + type = string + description = "If the adapter should tag packets, give the VLAN ID. (e.g. '102')" +} + +// Cloud-Init Settings + +variable "vm_cloud_init_enable" { + type = bool + description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" + default = false +} + +// Removable Media Settings + +variable "common_iso_storage" { + type = string + description = "The name of the source Proxmox storage location for ISO images. (e.g. 'local-lvm')" +} + +variable "iso_path" { + type = string + description = "The path on the source Proxmox storage location for ISO images. (e.g. 'iso')" +} + +variable "iso_file" { + type = string + description = "The file name of the ISO image used by the vendor. (e.g. 'ubuntu--live-server-amd64.iso')" +} + +variable "iso_checksum" { + type = string + description = "The checksum value of the ISO image provided by the vendor." +} + +// Boot Settings + +variable "common_data_source" { + type = string + description = "The provisioning data source. (e.g. 'http' or 'disk')" +} + +variable "common_http_bind_address" { + type = string + description = "Define an IP address on the host to use for the HTTP server." + default = null +} + +variable "common_http_port_min" { + type = number + description = "The start of the HTTP port range." +} + +variable "common_http_port_max" { + type = number + description = "The end of the HTTP port range." +} + +variable "vm_boot" { + type = string + description = "The boot order for virtual machine devices. (e.g. 'order=virtio0;ide2;net0')" +} + +variable "vm_boot_wait" { + type = string + description = "The time to wait after booting the initial VM before typing the boot_command (e.g '10s')" +} + +variable "common_ip_wait_timeout" { + type = string + description = "Time to wait for guest operating system IP address response." +} + +variable "common_shutdown_timeout" { + type = string + description = "Time to wait for guest operating system shutdown." +} + +// Communicator Settings and Credentials + +variable "build_username" { + type = string + description = "The username to login to the guest operating system. (e.g. 'ubuntu')" +# sensitive = true +} + +variable "build_password" { + type = string + description = "The password to login to the guest operating system." +# sensitive = true +} + +variable "build_password_encrypted" { + type = string + description = "The encrypted password to login to the guest operating system." +# sensitive = true +} + +variable "build_key" { + type = string + description = "The SSH public key to login to the guest operating system." +# sensitive = true +} + +variable "timeout" { + description = "not sure why I need so high a timeout but here we are" + default = "90m" +} + +// Ansible Credentials + +variable "ansible_username" { + type = string + description = "The username for Ansible to login to the guest operating system. (e.g. 'ansible')" +# sensitive = true +} + +variable "ansible_key" { + type = string + description = "The public key for Ansible to login to the guest operating system." +# sensitive = true +} + +// HCP Packer Settings + +variable "common_hcp_packer_registry_enabled" { + type = bool + description = "Enable the HCP Packer registry." + default = false +} + +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} diff --git a/builds/network.pkrvars.hcl.example b/builds/network.pkrvars.hcl.example new file mode 100644 index 0000000..e3f5fdf --- /dev/null +++ b/builds/network.pkrvars.hcl.example @@ -0,0 +1,12 @@ +/* + DESCRIPTION: + Network variables used for all builds. + - Variables are passed to and used by guest operating system configuration files (e.g., ks.cfg). + +*/ + +// VM Network Settings (default DHCP) +// vm_ip_address = "192.168.101.100" +// vm_ip_netmask = 24 +// vm_ip_gateway = "192.168.101.1" +// vm_dns_list = [ "8.8.8.8", "8.8.4.4" ] From 45e5d5b1ce991dcfc2df3b4ed6f1d2997b4b5567 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Tue, 11 Jun 2024 22:39:52 -0500 Subject: [PATCH 04/72] doc: Add Rocky Linux 8 and 9, and Ubuntu 24.04 --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 7d5406b..76a7fad 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,10 @@ The following builds are available: | CentOS Stream | 8 | | Debian | 12 | | Debian | 11 | +| Rocky Linux | 9 | +| Rocky Linux | 8 | | OpenSUSE Leap | 15.5 | +| Ubuntu Server | 24.04 LTS | | Ubuntu Server | 22.04 LTS | | Ubuntu Server | 20.04 LTS | @@ -720,4 +723,4 @@ The repository is modeled after the [VMware Packer Examples][packer-examples-for [proxmox-api-tokens]: https://pve.proxmox.com/pve-docs/pveum-plain.html -[^1]: If you try to create a VM with the same ID as an existing VM the Proxmox API will generate a 500 error. \ No newline at end of file +[^1]: If you try to create a VM with the same ID as an existing VM the Proxmox API will generate a 500 error. From 79442bd7c8cb4fdd8decf3b42d409fa5be74433f Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:14:34 -0500 Subject: [PATCH 05/72] chore: removed centos-8-stream as it is EOL --- .../linux/centos/8-stream/data/ks.pkrtpl.hcl | 84 ----- .../centos/8-stream/data/storage.pkrtpl.hcl | 66 ---- .../linux-centos-stream.auto.pkrvars.hcl | 45 --- .../8-stream/linux-centos-stream.pkr.hcl | 197 ------------ .../centos/8-stream/variables-storage.pkr.hcl | 53 ---- .../linux/centos/8-stream/variables.pkr.hcl | 297 ------------------ 6 files changed, 742 deletions(-) delete mode 100644 builds/linux/centos/8-stream/data/ks.pkrtpl.hcl delete mode 100644 builds/linux/centos/8-stream/data/storage.pkrtpl.hcl delete mode 100644 builds/linux/centos/8-stream/linux-centos-stream.auto.pkrvars.hcl delete mode 100644 builds/linux/centos/8-stream/linux-centos-stream.pkr.hcl delete mode 100644 builds/linux/centos/8-stream/variables-storage.pkr.hcl delete mode 100644 builds/linux/centos/8-stream/variables.pkr.hcl diff --git a/builds/linux/centos/8-stream/data/ks.pkrtpl.hcl b/builds/linux/centos/8-stream/data/ks.pkrtpl.hcl deleted file mode 100644 index 6815d31..0000000 --- a/builds/linux/centos/8-stream/data/ks.pkrtpl.hcl +++ /dev/null @@ -1,84 +0,0 @@ -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE -# WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR -# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -# CentOS Stream 8 - -### Installs from the first attached CD-ROM/DVD on the system. -cdrom - -### Performs the kickstart installation in text mode. -### By default, kickstart installations are performed in graphical mode. -text - -### Accepts the End User License Agreement. -eula --agreed - -### Sets the language to use during installation and the default language to use on the installed system. -lang ${vm_os_language} - -### Sets the default keyboard type for the system. -keyboard ${vm_os_keyboard} - -### Configure network information for target system and activate network devices in the installer environment (optional) -### --onboot enable device at a boot time -### --device device to be activated and / or configured with the network command -### --bootproto method to obtain networking configuration for device (default dhcp) -### --noipv6 disable IPv6 on this device -### -### network --bootproto=static --ip=172.16.11.200 --netmask=255.255.255.0 --gateway=172.16.11.200 --nameserver=172.16.11.4 --hostname centos-linux-8 -network --bootproto=dhcp - -### Lock the root account. -rootpw --lock - -### The selected profile will restrict root login. -### Add a user that can login and escalate privileges. -user --name=${build_username} --iscrypted --password=${build_password_encrypted} --groups=wheel - -### Configure firewall settings for the system. -### --enabled reject incoming connections that are not in response to outbound requests -### --ssh allow sshd service through the firewall -firewall --enabled --ssh - -### Sets up the authentication options for the system. -### The SSDD profile sets sha512 to hash passwords. Passwords are shadowed by default -### See the manual page for authselect-profile for a complete list of possible options. -authselect select sssd - -### Sets the state of SELinux on the installed system. -### Defaults to enforcing. -selinux --enforcing - -### Sets the system time zone. -timezone ${vm_os_timezone} - -### Partitioning -${storage} - -### Modifies the default set of services that will run under the default runlevel. -services --enabled=NetworkManager,sshd - -### Do not configure X on the installed system. -skipx - -### Packages selection. -%packages --ignoremissing --excludedocs -@core --iwl*firmware -%end - -### Post-installation commands. -%post -dnf makecache -dnf install epel-release -y -dnf makecache -dnf install -y sudo qemu-guest-tools -echo "${build_username} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/${build_username} -sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers -%end - -### Reboot after the installation is complete. -### --eject attempt to eject the media before rebooting. -reboot --eject diff --git a/builds/linux/centos/8-stream/data/storage.pkrtpl.hcl b/builds/linux/centos/8-stream/data/storage.pkrtpl.hcl deleted file mode 100644 index d048cf0..0000000 --- a/builds/linux/centos/8-stream/data/storage.pkrtpl.hcl +++ /dev/null @@ -1,66 +0,0 @@ -### Sets how the boot loader should be installed. -bootloader --location=mbr - -### Initialize any invalid partition tables found on disks. -zerombr - -### Removes partitions from the system, prior to creation of new partitions. -### By default, no partitions are removed. -### --all Erases all partitions from the system -### --initlabel Initializes a disk (or disks) by creating a default disk label for all disks in their respective architecture. -clearpart --all --initlabel - -### Modify partition sizes for the virtual machine hardware. -### Create primary system partitions. -%{ if length(partitions) == 1 && partitions[0].name == "autopart" ~} - %{ if partitions[0].format.fstype == "lvm" ~} -autopart --type=lvm - %{ endif } - %{ if partitions[0].format.fstype == "simple" ~} -autopart --type=plain - %{ endif } - %{ if partitions[0].format.fstype == "" ~} -autopart --type=plain - %{ endif } -%{ else } - %{ for partition in partitions ~} - %{ if partition.format.fstype == "swap" ~} -part swap --size=${partition.size} - - %{ endif ~} - %{ if partition.mount.path == "/boot/efi" ~} -part ${partition.mount.path} --fstype vfat --size=${partition.size} --label=${partition.format.label} - - %{ endif ~} - %{ if partition.mount.path != "" ~} -part ${partition.mount.path} --fstype ${partition.format.fstype} --size=${partition.size} --label=${partition.format.label} %{~ if partition.mount.options != "" ~}--fsoptions="${partition.mount.options}"%{~ endif ~} - - %{ endif ~} - %{ if partition.volume_group != "" ~} - %{ if partition.size == -1 ~} -part pv.${partition.volume_group} --size=100 --grow - - %{ else ~} -part pv.${partition.volume_group} --size=${partition.size} - - %{ endif ~} -### Create a logical volume management (LVM) group. -### Modify logical volume sizes for the virtual machine hardware. - %{ for index, volume_group in lvm ~} - %{ if partition.volume_group != "" ~} -volgroup ${volume_group.name} --pesize=4096 pv.${partition.volume_group} - - %{ endif ~} -### Create logical volumes. - %{ for partition in volume_group.partitions ~} - %{ if partition.format.fstype == "swap" ~} -logvol swap --fstype ${partition.format.fstype} --name=${partition.name} --vgname=${volume_group.name} --size=${partition.size} --label=${partition.format.label} - %{ else ~} -logvol ${partition.mount.path} %{ if partition.format.fstype == "fat32" } --fstype vfat %{ else } --fstype ${partition.format.fstype} %{ endif } %{ if partition.size != -1 } --size=${partition.size} %{ else } --size=100 --grow %{ endif } --name=${partition.name} --vgname=${volume_group.name} --label=${partition.format.label} %{ if partition.mount.options != "" ~} --fsoptions="${partition.mount.options}" %{~ endif ~} - - %{ endif ~} - %{ endfor ~} - %{ endfor ~} - %{ endif ~} - %{ endfor ~} -%{ endif } diff --git a/builds/linux/centos/8-stream/linux-centos-stream.auto.pkrvars.hcl b/builds/linux/centos/8-stream/linux-centos-stream.auto.pkrvars.hcl deleted file mode 100644 index 677bd52..0000000 --- a/builds/linux/centos/8-stream/linux-centos-stream.auto.pkrvars.hcl +++ /dev/null @@ -1,45 +0,0 @@ -/* - DESCRIPTION: - CentOS Stream 8 variables used by the Packer Plugin for Proxmox (proxmox-iso). -*/ - -// Guest Operating System Metadata -vm_os_language = "en_US" -vm_os_keyboard = "us" -vm_os_timezone = "UTC" -vm_os_family = "linux" -vm_os_name = "centos-stream" -vm_os_version = "8" - -// Virtual Machine Guest Operating System Setting -vm_os_type = "l26" - -// Virtual Machine Hardware Settings -vm_bios = "seabios" -vm_cpu_count = 1 -vm_cpu_sockets = 1 -vm_cpu_type = "kvm64" -vm_mem_size = 2048 -vm_disk_type = "virtio" -vm_disk_size = "32G" -vm_disk_format = "raw" -vm_storage_pool = "vm-data" -vm_disk_controller_type = "virtio-scsi-pci" -vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" - -// Removable Media Settings -iso_path = "iso" -iso_file = "CentOS-Stream-8-x86_64-latest-dvd1.iso" -iso_checksum = "file:http://centos.mirror.ndchost.com/8-stream/isos/x86_64/CHECKSUM" - -// Boot Settings -vm_boot = "order=virtio0;ide2;net0" -vm_boot_wait = "10s" - -// EFI Settings -vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" diff --git a/builds/linux/centos/8-stream/linux-centos-stream.pkr.hcl b/builds/linux/centos/8-stream/linux-centos-stream.pkr.hcl deleted file mode 100644 index 2bc9087..0000000 --- a/builds/linux/centos/8-stream/linux-centos-stream.pkr.hcl +++ /dev/null @@ -1,197 +0,0 @@ -/* - DESCRIPTION: - CentOS Stream 8 template using the Packer Builder for Proxmox (proxmox-iso). -*/ - -// BLOCK: packer -// The Packer configuration. - -packer { - required_version = ">= 1.9.1" - required_plugins { - ansible = { - source = "github.com/hashicorp/ansible" - version = "~> 1" - } - git = { - version = ">= 0.4.2" - source = "github.com/ethanmdavidson/git" - } - proxmox = { - version = ">= 1.0.6" - source = "github.com/hashicorp/proxmox" - } - } -} - -// BLOCK: data -// Defines the data sources. - -data "git-repository" "cwd" {} - -// BLOCK: locals -// Defines the local variables. - -locals { - build_by = "Built by: HashiCorp Packer ${packer.version}" - build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) - build_version = data.git-repository.cwd.head - build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" - vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" - manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) - manifest_path = "${path.cwd}/manifests/" - manifest_output = "${local.manifest_path}${local.manifest_date}.json" - data_source_content = { - "/ks.cfg" = templatefile("${abspath(path.root)}/data/ks.pkrtpl.hcl", { - build_username = var.build_username - build_password = var.build_password - build_password_encrypted = var.build_password_encrypted - vm_disk_type = local.vm_disk_type - vm_os_language = var.vm_os_language - vm_os_keyboard = var.vm_os_keyboard - vm_os_timezone = var.vm_os_timezone - common_data_source = var.common_data_source - # lvm needs to be here so late commands can access vg names - lvm = var.vm_disk_lvm - storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { - device = var.vm_disk_device - swap = var.vm_disk_use_swap - partitions = var.vm_disk_partitions - lvm = var.vm_disk_lvm - vm_bios = var.vm_bios - }) - }) - } - data_source_command = var.common_data_source == "http" ? "inst.ks=http://{{.HTTPIP}}:{{.HTTPPort}}/ks.cfg" : "inst.ks=/cdrom/ks.cfg" - vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" - vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null -} - -// BLOCK: source -// Defines the builder configuration blocks. - -source "proxmox-iso" "linux-centos-stream" { - - // Proxmox Connection Settings and Credentials - proxmox_url = "https://${var.proxmox_hostname}:8006/api2/json" - username = "${var.proxmox_api_token_id}" - token = "${var.proxmox_api_token_secret}" - insecure_skip_tls_verify = "${var.proxmox_insecure_connection}" - - // Proxmox Settings - node = "${var.proxmox_node}" - - // Virtual Machine Settings - vm_name = "${local.vm_name}" - bios = "${var.vm_bios}" - sockets = "${var.vm_cpu_sockets}" - cores = "${var.vm_cpu_count}" - cpu_type = "${var.vm_cpu_type}" - memory = "${var.vm_mem_size}" - os = "${var.vm_os_type}" - scsi_controller = "${var.vm_disk_controller_type}" - disks { - disk_size = "${var.vm_disk_size}" - type = "${var.vm_disk_type}" - storage_pool = "${var.vm_storage_pool}" - format = "${var.vm_disk_format}" - } - dynamic "efi_config" { - for_each = var.vm_bios == "ovmf" ? [1] : [] - content { - efi_storage_pool = var.vm_bios == "ovmf" ? var.vm_efi_storage_pool : null - efi_type = var.vm_bios == "ovmf" ? var.vm_efi_type : null - pre_enrolled_keys = var.vm_bios == "ovmf" ? var.vm_efi_pre_enrolled_keys : null - } - } - unmount_iso = true - ssh_username = "${var.build_username}" - ssh_password = "${var.build_password}" - ssh_timeout = "${var.timeout}" - ssh_port = "22" - iso_file = "${var.common_iso_storage}:${var.iso_path}/${var.iso_file}" - iso_checksum = "${var.iso_checksum}" - qemu_agent = true - - network_adapters { - bridge = "${var.vm_bridge_interface}" - model = "${var.vm_network_card_model}" - vlan_tag = "${var.vm_vlan_tag}" - } - - // Removable Media Settings - http_content = "${var.common_data_source}" == "http" ? "${local.data_source_content}" : null - - // Boot and Provisioning Settings - http_bind_address = var.common_data_source == "http" ? var.common_http_bind_address : null - http_port_min = var.common_data_source == "http" ? var.common_http_port_min : null - http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null - boot = var.vm_boot - boot_wait = var.vm_boot_wait - boot_command = [ - "", - "", - " text ${local.data_source_command}", - "" - ] - - dynamic "additional_iso_files" { - for_each = var.common_data_source == "disk" ? [1] : [] - content { - cd_files = var.common_data_source == "disk" ? local.data_source_content : null - cd_label = var.common_data_source == "disk" ? "cidata" : null - iso_storage_pool = var.common_data_source == "disk" ? "local" : null - } - } - - template_name = "${local.vm_name}" - template_description = "${local.build_description}" - - # VM Cloud Init Settings - cloud_init = var.vm_cloud_init_enable - cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null - -} - -# Build Definition to create the VM Template -build { - sources = ["source.proxmox-iso.linux-centos-stream"] - - provisioner "ansible" { - user = "${var.build_username}" - playbook_file = "${path.cwd}/ansible/main.yml" - roles_path = "${path.cwd}/ansible/roles" - ansible_env_vars = [ - "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" - ] - extra_arguments = [ - "--extra-vars", "display_skipped_hosts=false", - "--extra-vars", "BUILD_USERNAME=${var.build_username}", - "--extra-vars", "BUILD_SECRET='${var.build_key}'", - "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", - "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", - "--extra-vars", "cloud_init='${var.vm_cloud_init_enable}'", - ] - } - - post-processor "manifest" { - output = local.manifest_output - strip_path = true - strip_time = true - custom_data = { - ansible_username = "${var.ansible_username}" - build_username = "${var.build_username}" - build_date = "${local.build_date}" - build_version = "${local.build_version}" - common_data_source = "${var.common_data_source}" - vm_cpu_sockets = "${var.vm_cpu_sockets}" - vm_cpu_count = "${var.vm_cpu_count}" - vm_disk_size = "${var.vm_disk_size}" - vm_bios = "${var.vm_bios}" - vm_os_type = "${var.vm_os_type}" - vm_mem_size = "${var.vm_mem_size}" - vm_network_card_model = "${var.vm_network_card_model}" - vm_cloud_init_enable = "${var.vm_cloud_init_enable}" - } - } -} diff --git a/builds/linux/centos/8-stream/variables-storage.pkr.hcl b/builds/linux/centos/8-stream/variables-storage.pkr.hcl deleted file mode 100644 index dd6d16d..0000000 --- a/builds/linux/centos/8-stream/variables-storage.pkr.hcl +++ /dev/null @@ -1,53 +0,0 @@ -/* - DESCRIPTION: - CentOS Stream 8 storage variables used by the Packer Plugin for Proxmox (proxmox-iso). -*/ - -// VM Storage Settings - -variable "vm_disk_device" { - type = string - description = "The device for the virtual disk. (e.g. 'sda')" -} - -variable "vm_disk_use_swap" { - type = bool - description = "Whether to use a swap partition." -} - -variable "vm_disk_partitions" { - type = list(object({ - name = string - size = number - format = object({ - label = string - fstype = string - }) - mount = object({ - path = string - options = string - }) - volume_group = string - })) - description = "The disk partitions for the virtual disk." -} - -variable "vm_disk_lvm" { - type = list(object({ - name = string - partitions = list(object({ - name = string - size = number - format = object({ - label = string - fstype = string - }) - mount = object({ - path = string - options = string - }) - })) - })) - description = "The LVM configuration for the virtual disk." - default = [] -} diff --git a/builds/linux/centos/8-stream/variables.pkr.hcl b/builds/linux/centos/8-stream/variables.pkr.hcl deleted file mode 100644 index 72f5652..0000000 --- a/builds/linux/centos/8-stream/variables.pkr.hcl +++ /dev/null @@ -1,297 +0,0 @@ -/* - DESCRIPTION: - CentOS Stream 8 variables using the Packer Builder for Proxmox (proxmox-iso). -*/ - -// BLOCK: variable -// Defines the input variables. - -// Proxmox Credentials - -variable "proxmox_hostname" { - type = string - description = "The FQDN or IP address of a Proxmox node. Only one node should be specified in a cluster." -} - -variable "proxmox_api_token_id" { - type = string - description = "The token to login to the Proxmox node/cluster. The format is USER@REALM!TOKENID. (e.g. packer@pam!packer_pve_token)" -} - -variable "proxmox_api_token_secret" { - type = string - description = "The secret for the API token used to login to the Proxmox API." -# sensitive = true -} - -variable "proxmox_insecure_connection" { - description = "true/false to skip Proxmox TLS certificate checks." - type = bool - default = true -} - -// Proxmox Settings - -variable "proxmox_node" { - type = string - description = "The name of the Proxmox node that Packer will build templates on." -} - -// Virtual Machine Settings - -variable "vm_os_language" { - type = string - description = "The guest operating system language." - default = "en_US" -} - -variable "vm_os_keyboard" { - type = string - description = "The guest operating system keyboard layout." - default = "us" -} - -variable "vm_os_timezone" { - type = string - description = "The guest operating system timezone." - default = "UTC" -} - -variable "vm_os_family" { - type = string - description = "The guest operating system family. Used for naming. (e.g. 'linux')" -} - -variable "vm_os_name" { - type = string - description = "The guest operating system name. Used for naming. (e.g. 'ubuntu')" -} - -variable "vm_os_version" { - type = string - description = "The guest operating system version. Used for naming. (e.g. '22-04-lts')" -} - -variable "vm_os_type" { - type = string - description = "The guest operating system type. (e.g. 'l26')" -} - -variable "vm_bios" { - type = string - description = "The firmware type. Allowed values 'ovmf' or 'seabios'" - default = "OVMF" - - validation { - condition = contains(["ovmf", "seabios"], var.vm_bios) - error_message = "The vm_bios value must be 'ovmf' or 'seabios'." - } -} - -variable "vm_firmware_path" { - type = string - description = "The firmware file to be used. Needed for EFI" - default = "/usr/share/ovmf/OVMF.fd" -} - -variable "vm_efi_storage_pool" { - type = string - description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" -} - -variable "vm_efi_type" { - type = string - description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" -} - -variable "vm_efi_pre_enrolled_keys" { - type = bool - description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" -} - -variable "vm_cpu_count" { - type = number - description = "The number of virtual CPUs. (e.g. '2')" -} - -variable "vm_cpu_sockets" { - type = number - description = "The number of virtual CPU sockets. (e.g. '1')" -} - -variable "vm_cpu_type" { - type = string - description = "The CPU type to emulate. See the Proxmox API documentation for the complete list of accepted values. For best performance, set this to host. Defaults to kvm64." -} - -variable "vm_mem_size" { - type = number - description = "The size for the virtual memory in MB. (e.g. '2048')" -} - -variable "vm_disk_controller_type" { - type = string - description = "The SCSI controller model to emulate. (e.g. 'virtio-scsi-pci')" -} - -variable "vm_disk_type" { - type = string - description = "The type of disk to emulate. (e.g. 'virtio')" -} - -variable "vm_storage_pool" { - type = string - description = "The name of the Proxmox storage pool to store the VM template. (e.g. 'local-lvm')" -} - -variable "vm_disk_size" { - type = string - description = "The size for the virtual disk in GB. (e.g. '32G')" -} - -variable "vm_disk_format" { - type = string - description = "The format of the file backing the disk. (e.g. 'qcow2')" -} - -variable "vm_network_card_model" { - type = string - description = "The model of the virtual network adapter to emulate. (e.g. 'virtio')" -} - -variable "vm_bridge_interface" { - type = string - description = "The name of the Proxmox bridge to attach the adapter to." -} - -variable "vm_vlan_tag" { - type = string - description = "If the adapter should tag packets, give the VLAN ID. (e.g. '102')" -} - -// Cloud-Init Settings - -variable "vm_cloud_init_enable" { - type = bool - description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" - default = false -} - -// Removable Media Settings - -variable "common_iso_storage" { - type = string - description = "The name of the source Proxmox storage location for ISO images. (e.g. 'local-lvm')" -} - -variable "iso_path" { - type = string - description = "The path on the source Proxmox storage location for ISO images. (e.g. 'iso')" -} - -variable "iso_file" { - type = string - description = "The file name of the ISO image used by the vendor. (e.g. 'ubuntu--live-server-amd64.iso')" -} - -variable "iso_checksum" { - type = string - description = "The checksum value of the ISO image provided by the vendor." -} - -// Boot Settings - -variable "common_data_source" { - type = string - description = "The provisioning data source. (e.g. 'http' or 'disk')" -} - -variable "common_http_bind_address" { - type = string - description = "Define an IP address on the host to use for the HTTP server." - default = null -} - -variable "common_http_port_min" { - type = number - description = "The start of the HTTP port range." -} - -variable "common_http_port_max" { - type = number - description = "The end of the HTTP port range." -} - -variable "vm_boot" { - type = string - description = "The boot order for virtual machine devices. (e.g. 'order=virtio0;ide2;net0')" -} - -variable "vm_boot_wait" { - type = string - description = "The time to wait after booting the initial VM before typing the boot_command (e.g '10s')" -} - -variable "common_ip_wait_timeout" { - type = string - description = "Time to wait for guest operating system IP address response." -} - -variable "common_shutdown_timeout" { - type = string - description = "Time to wait for guest operating system shutdown." -} - -// Communicator Settings and Credentials - -variable "build_username" { - type = string - description = "The username to login to the guest operating system. (e.g. 'ubuntu')" -# sensitive = true -} - -variable "build_password" { - type = string - description = "The password to login to the guest operating system." -# sensitive = true -} - -variable "build_password_encrypted" { - type = string - description = "The encrypted password to login to the guest operating system." -# sensitive = true -} - -variable "build_key" { - type = string - description = "The SSH public key to login to the guest operating system." -# sensitive = true -} - -variable "timeout" { - description = "not sure why I need so high a timeout but here we are" - default = "90m" -} - -// Ansible Credentials - -variable "ansible_username" { - type = string - description = "The username for Ansible to login to the guest operating system. (e.g. 'ansible')" -# sensitive = true -} - -variable "ansible_key" { - type = string - description = "The public key for Ansible to login to the guest operating system." -# sensitive = true -} - -// HCP Packer Settings - -variable "common_hcp_packer_registry_enabled" { - type = bool - description = "Enable the HCP Packer registry." - default = false -} - From 32dfe5be630d0cf851f4d4d718c79b50c45732f6 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:17:07 -0500 Subject: [PATCH 06/72] feat: moved network config to template --- builds/linux/centos/9-stream/data/ks.pkrtpl.hcl | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/builds/linux/centos/9-stream/data/ks.pkrtpl.hcl b/builds/linux/centos/9-stream/data/ks.pkrtpl.hcl index 0380be3..ff6db3b 100644 --- a/builds/linux/centos/9-stream/data/ks.pkrtpl.hcl +++ b/builds/linux/centos/9-stream/data/ks.pkrtpl.hcl @@ -26,9 +26,7 @@ keyboard ${vm_os_keyboard} ### --device device to be activated and / or configured with the network command ### --bootproto method to obtain networking configuration for device (default dhcp) ### --noipv6 disable IPv6 on this device -### -### network --bootproto=static --ip=172.16.11.200 --netmask=255.255.255.0 --gateway=172.16.11.200 --nameserver=172.16.11.4 --hostname centos-linux-8 -network --bootproto=dhcp +${network} ### Lock the root account. rootpw --lock From a2e644e5cee000835efd4a568a25da72202466c7 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:18:00 -0500 Subject: [PATCH 07/72] feat: reworked storage template --- .../centos/9-stream/data/storage.pkrtpl.hcl | 101 ++++++++++-------- 1 file changed, 54 insertions(+), 47 deletions(-) diff --git a/builds/linux/centos/9-stream/data/storage.pkrtpl.hcl b/builds/linux/centos/9-stream/data/storage.pkrtpl.hcl index d048cf0..b35af89 100644 --- a/builds/linux/centos/9-stream/data/storage.pkrtpl.hcl +++ b/builds/linux/centos/9-stream/data/storage.pkrtpl.hcl @@ -12,55 +12,62 @@ clearpart --all --initlabel ### Modify partition sizes for the virtual machine hardware. ### Create primary system partitions. -%{ if length(partitions) == 1 && partitions[0].name == "autopart" ~} - %{ if partitions[0].format.fstype == "lvm" ~} -autopart --type=lvm - %{ endif } - %{ if partitions[0].format.fstype == "simple" ~} -autopart --type=plain - %{ endif } - %{ if partitions[0].format.fstype == "" ~} -autopart --type=plain - %{ endif } -%{ else } - %{ for partition in partitions ~} - %{ if partition.format.fstype == "swap" ~} -part swap --size=${partition.size} +%{ for partition in partitions ~} +part +%{~ if partition.volume_group != "" ~} + pv.${partition.volume_group} +%{~ else ~} +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} +%{~ if partition.format.fstype != "" ~} + --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ endif ~} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} - %{ endif ~} - %{ if partition.mount.path == "/boot/efi" ~} -part ${partition.mount.path} --fstype vfat --size=${partition.size} --label=${partition.format.label} - - %{ endif ~} - %{ if partition.mount.path != "" ~} -part ${partition.mount.path} --fstype ${partition.format.fstype} --size=${partition.size} --label=${partition.format.label} %{~ if partition.mount.options != "" ~}--fsoptions="${partition.mount.options}"%{~ endif ~} - - %{ endif ~} - %{ if partition.volume_group != "" ~} - %{ if partition.size == -1 ~} -part pv.${partition.volume_group} --size=100 --grow - - %{ else ~} -part pv.${partition.volume_group} --size=${partition.size} - - %{ endif ~} +%{ endfor ~} ### Create a logical volume management (LVM) group. +%{ for index, volume_group in lvm ~} +volgroup sysvg pv.${volume_group.name} + ### Modify logical volume sizes for the virtual machine hardware. - %{ for index, volume_group in lvm ~} - %{ if partition.volume_group != "" ~} -volgroup ${volume_group.name} --pesize=4096 pv.${partition.volume_group} - - %{ endif ~} ### Create logical volumes. - %{ for partition in volume_group.partitions ~} - %{ if partition.format.fstype == "swap" ~} -logvol swap --fstype ${partition.format.fstype} --name=${partition.name} --vgname=${volume_group.name} --size=${partition.size} --label=${partition.format.label} - %{ else ~} -logvol ${partition.mount.path} %{ if partition.format.fstype == "fat32" } --fstype vfat %{ else } --fstype ${partition.format.fstype} %{ endif } %{ if partition.size != -1 } --size=${partition.size} %{ else } --size=100 --grow %{ endif } --name=${partition.name} --vgname=${volume_group.name} --label=${partition.format.label} %{ if partition.mount.options != "" ~} --fsoptions="${partition.mount.options}" %{~ endif ~} +%{ for partition in volume_group.partitions ~} +logvol +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} + --name=${partition.name} --vgname=${volume_group.name} --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} - %{ endif ~} - %{ endfor ~} - %{ endfor ~} - %{ endif ~} - %{ endfor ~} -%{ endif } +%{ endfor ~} +%{ endfor ~} \ No newline at end of file From 7ee81ba04edb994921e6d28dca9e355399440bc4 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:19:27 -0500 Subject: [PATCH 08/72] feat: added cloud-init var and set vm_bios to OVMF as default --- .../linux/centos/9-stream/linux-centos-stream.auto.pkrvars.hcl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/builds/linux/centos/9-stream/linux-centos-stream.auto.pkrvars.hcl b/builds/linux/centos/9-stream/linux-centos-stream.auto.pkrvars.hcl index 4a238f0..9a4a965 100644 --- a/builds/linux/centos/9-stream/linux-centos-stream.auto.pkrvars.hcl +++ b/builds/linux/centos/9-stream/linux-centos-stream.auto.pkrvars.hcl @@ -13,9 +13,10 @@ vm_os_version = "9" // Virtual Machine Guest Operating System Setting vm_os_type = "l26" +vm_cloudinit = true // Virtual Machine Hardware Settings -vm_bios = "seabios" +vm_bios = "ovmf" vm_cpu_count = 1 vm_cpu_sockets = 1 vm_cpu_type = "x86-64-v2-AES" From a7dfdd80428d9798a53b96dfad1910513cad48ec Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:21:10 -0500 Subject: [PATCH 09/72] feat: reworked cloud-init vars, UEFI, and ansible provisioner --- .../9-stream/linux-centos-stream.pkr.hcl | 68 +++++++++++++------ 1 file changed, 49 insertions(+), 19 deletions(-) diff --git a/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl b/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl index d0e6e32..e06404b 100644 --- a/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl +++ b/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl @@ -33,10 +33,32 @@ data "git-repository" "cwd" {} // Defines the local variables. locals { + + bios_boot_command = [ + "", + "", + " text ${local.data_source_command}", + "" + ] + + uefi_boot_command = [ + // This sends the "up arrow" key, typically used to navigate through boot menu options. + "", + // This sends the "e" key. In the GRUB boot loader, this is used to edit the selected boot menu option. + "e", + // This sends two "down arrow" keys, followed by the "end" key, and then waits. This is used to navigate to a specific line in the boot menu option's configuration. + "", + // This types the string "text" followed by the value of the 'data_source_command' local variable. + // This is used to modify the boot menu option's configuration to boot in text mode and specify the kickstart data source configured in the common variables. + "text ${local.data_source_command}", + // This sends the "enter" key, waits, turns on the left control key, sends the "x" key, and then turns off the left control key. This is used to save the changes and exit the boot menu option's configuration, and then continue the boot process. + "x" + ] + build_by = "Built by: HashiCorp Packer ${packer.version}" build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) build_version = data.git-repository.cwd.head - build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) manifest_path = "${path.cwd}/manifests/" @@ -50,6 +72,14 @@ locals { vm_os_language = var.vm_os_language vm_os_keyboard = var.vm_os_keyboard vm_os_timezone = var.vm_os_timezone + vm_cloudinit = var.vm_cloudinit + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_bridge_interface + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) common_data_source = var.common_data_source # lvm needs to be here so late commands can access vg names lvm = var.vm_disk_lvm @@ -60,10 +90,12 @@ locals { lvm = var.vm_disk_lvm vm_bios = var.vm_bios }) + additional_packages = join(" ", var.additional_packages) }) } data_source_command = var.common_data_source == "http" ? "inst.ks=http://{{.HTTPIP}}:{{.HTTPPort}}/ks.cfg" : "inst.ks=/cdrom/ks.cfg" vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null } @@ -128,12 +160,7 @@ source "proxmox-iso" "linux-centos-stream" { http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null boot = var.vm_boot boot_wait = var.vm_boot_wait - boot_command = [ - "", - "", - " text ${local.data_source_command}", - "" - ] + boot_command = local.boot_command dynamic "additional_iso_files" { for_each = var.common_data_source == "disk" ? [1] : [] @@ -148,8 +175,8 @@ source "proxmox-iso" "linux-centos-stream" { template_description = "${local.build_description}" # VM Cloud Init Settings - cloud_init = var.vm_cloud_init_enable - cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null } @@ -158,19 +185,22 @@ build { sources = ["source.proxmox-iso.linux-centos-stream"] provisioner "ansible" { - user = "${var.build_username}" - playbook_file = "${path.cwd}/ansible/main.yml" - roles_path = "${path.cwd}/ansible/roles" + user = "${var.build_username}" + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" ansible_env_vars = [ - "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/libexec/platform-python" ] extra_arguments = [ "--extra-vars", "display_skipped_hosts=false", - "--extra-vars", "BUILD_USERNAME=${var.build_username}", - "--extra-vars", "BUILD_SECRET='${var.build_key}'", - "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", - "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", - "--extra-vars", "cloud_init='${var.vm_cloud_init_enable}'", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloud_init='${var.vm_cloudinit}'", ] } @@ -191,7 +221,7 @@ build { vm_os_type = "${var.vm_os_type}" vm_mem_size = "${var.vm_mem_size}" vm_network_card_model = "${var.vm_network_card_model}" - vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + vm_cloudinit = "${var.vm_cloudinit}" } } } From b6d2481022ad3d670e8f137e702956865f2b4baf Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:22:03 -0500 Subject: [PATCH 10/72] feat: added additional_packages and renamed cloud-init vars --- builds/linux/centos/9-stream/variables.pkr.hcl | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/builds/linux/centos/9-stream/variables.pkr.hcl b/builds/linux/centos/9-stream/variables.pkr.hcl index 195646b..7ca551b 100644 --- a/builds/linux/centos/9-stream/variables.pkr.hcl +++ b/builds/linux/centos/9-stream/variables.pkr.hcl @@ -171,7 +171,7 @@ variable "vm_vlan_tag" { // Cloud-Init Settings -variable "vm_cloud_init_enable" { +variable "vm_cloudinit" { type = bool description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" default = false @@ -295,3 +295,10 @@ variable "common_hcp_packer_registry_enabled" { default = false } +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} \ No newline at end of file From 0eadf8fba9b5ea883559b58f87b3295cad2258ee Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:23:06 -0500 Subject: [PATCH 11/72] feat: add network templates and vars --- .../centos/9-stream/data/network.pkrtpl.hcl | 5 +++ .../centos/9-stream/variables-network.pkr.hcl | 36 +++++++++++++++++++ 2 files changed, 41 insertions(+) create mode 100644 builds/linux/centos/9-stream/data/network.pkrtpl.hcl create mode 100644 builds/linux/centos/9-stream/variables-network.pkr.hcl diff --git a/builds/linux/centos/9-stream/data/network.pkrtpl.hcl b/builds/linux/centos/9-stream/data/network.pkrtpl.hcl new file mode 100644 index 0000000..64aaf4f --- /dev/null +++ b/builds/linux/centos/9-stream/data/network.pkrtpl.hcl @@ -0,0 +1,5 @@ +%{ if ip != null ~} +network --device=${device} --bootproto=static --ip=${ip} --netmask=${cidrnetmask("${ip}/${netmask}")} --gateway=${gateway} --nameserver=${join(",", dns)} +%{ else ~} +network --device=${device} --bootproto=dhcp +%{ endif ~} \ No newline at end of file diff --git a/builds/linux/centos/9-stream/variables-network.pkr.hcl b/builds/linux/centos/9-stream/variables-network.pkr.hcl new file mode 100644 index 0000000..9c2129d --- /dev/null +++ b/builds/linux/centos/9-stream/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + CentOS Stream 9 network variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens192" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} From b885f907db475234178a99ef91bc2f86b418f1e0 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:26:52 -0500 Subject: [PATCH 12/72] feat: reworked most of the ansible playbooks and roles --- ansible/{main.yml => linux-playbook.yml} | 0 ansible/linux-requirements.yml | 6 + ansible/roles/base/defaults/main.yml | 2 + ansible/roles/base/tasks/debian.yml | 8 ++ ansible/roles/base/tasks/main.yml | 8 +- ansible/roles/base/tasks/redhat.yml | 9 +- ansible/roles/base/tasks/suse.yml | 32 ++++- ansible/roles/base/vars/main.yml | 6 + ansible/roles/clean/tasks/debian.yml | 144 ++++++++++++---------- ansible/roles/clean/tasks/main.yml | 6 +- ansible/roles/clean/tasks/redhat.yml | 135 ++++++++++++-------- ansible/roles/clean/tasks/suse.yml | 17 +-- ansible/roles/clean/tasks/ubuntu.yml | 150 +++++++++++------------ ansible/roles/clean/vars/main.yml | 2 + ansible/roles/configure/tasks/debian.yml | 85 ++++++++----- ansible/roles/configure/tasks/main.yml | 6 +- ansible/roles/configure/tasks/redhat.yml | 39 +++++- ansible/roles/configure/tasks/suse.yml | 27 +++- ansible/roles/configure/tasks/ubuntu.yml | 128 ++++++++----------- ansible/roles/configure/vars/main.yml | 2 + ansible/roles/users/tasks/linux.yml | 75 +++++++----- ansible/roles/users/vars/main.yml | 2 + 22 files changed, 524 insertions(+), 365 deletions(-) rename ansible/{main.yml => linux-playbook.yml} (100%) create mode 100644 ansible/linux-requirements.yml create mode 100644 ansible/roles/base/defaults/main.yml create mode 100644 ansible/roles/clean/vars/main.yml create mode 100644 ansible/roles/configure/vars/main.yml create mode 100644 ansible/roles/users/vars/main.yml diff --git a/ansible/main.yml b/ansible/linux-playbook.yml similarity index 100% rename from ansible/main.yml rename to ansible/linux-playbook.yml diff --git a/ansible/linux-requirements.yml b/ansible/linux-requirements.yml new file mode 100644 index 0000000..babfada --- /dev/null +++ b/ansible/linux-requirements.yml @@ -0,0 +1,6 @@ +--- +collections: + - name: ansible.posix + version: 1.5.4 + - name: community.general + version: 8.5.0 \ No newline at end of file diff --git a/ansible/roles/base/defaults/main.yml b/ansible/roles/base/defaults/main.yml new file mode 100644 index 0000000..ee29246 --- /dev/null +++ b/ansible/roles/base/defaults/main.yml @@ -0,0 +1,2 @@ +--- +enable_cloudinit: false \ No newline at end of file diff --git a/ansible/roles/base/tasks/debian.yml b/ansible/roles/base/tasks/debian.yml index 5314222..97fa550 100644 --- a/ansible/roles/base/tasks/debian.yml +++ b/ansible/roles/base/tasks/debian.yml @@ -1,4 +1,5 @@ --- + - block: - name: "Updating the guest operating system." ansible.builtin.apt: @@ -11,3 +12,10 @@ ansible.builtin.apt: name: "{{ additional_packages[ansible_os_family] }}" state: latest # noqa package-latest + + - name: "Installing cloud-init." + become: true + ansible.builtin.apt: + name: cloud-init + state: latest + when: enable_cloudinit == 'true' and ansible_distribution_version | int >= 11 diff --git a/ansible/roles/base/tasks/main.yml b/ansible/roles/base/tasks/main.yml index 2e51352..dc5169c 100644 --- a/ansible/roles/base/tasks/main.yml +++ b/ansible/roles/base/tasks/main.yml @@ -1,5 +1,9 @@ --- +- name: "Getting guest operating system information." + ansible.builtin.debug: + msg: "OS: {{ ansible_distribution }} Version: {{ ansible_distribution_version }} Family: {{ ansible_os_family }}" + - name: Prepare the {{ ansible_facts['distribution'] }} guest operating system include_tasks: "{{ ansible_facts['distribution'] | lower }}.yml" when: "ansible_facts['distribution'] == 'Debian'" @@ -13,7 +17,7 @@ when: "ansible_facts['distribution'] in ['RedHat', 'CentOS', 'Rocky', 'AlmaLinux', 'OracleLinux']" - name: Prepare the {{ ansible_facts['distribution'] }} guest operating system - include_tasks: "{{ ansible_facts['distribution'] | lower }}.yml" - when: "ansible_facts['distribution'] == 'Suse'" + include_tasks: suse.yml + when: "ansible_facts['distribution'] in ['openSUSE Leap', 'Suse']" ... \ No newline at end of file diff --git a/ansible/roles/base/tasks/redhat.yml b/ansible/roles/base/tasks/redhat.yml index c2b27f5..88a2889 100644 --- a/ansible/roles/base/tasks/redhat.yml +++ b/ansible/roles/base/tasks/redhat.yml @@ -15,5 +15,12 @@ ansible.builtin.dnf: name: "{{ additional_packages[ansible_os_family] }}" state: latest # noqa package-latest - when: ansible_distribution_major_version | int > 8 + + - name: "Installing cloud-init." + become: true + ansible.builtin.dnf: + name: cloud-init + state: latest + when: enable_cloudinit == 'true' and ansible_distribution_version | int >= 8 + when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int >= 8 diff --git a/ansible/roles/base/tasks/suse.yml b/ansible/roles/base/tasks/suse.yml index 82f24a2..ab9792f 100644 --- a/ansible/roles/base/tasks/suse.yml +++ b/ansible/roles/base/tasks/suse.yml @@ -1,9 +1,29 @@ --- -- name: Updating the operating system - ansible.builtin.zypper: - name: "*" - state: latest - update_cache: true +- block: + - name: Updating the operating system + ansible.builtin.zypper: + name: "*" + state: latest + update_cache: true -... \ No newline at end of file + - name: Installing additional packages + ansible.builtin.zypper: + name: "{{ additional_packages[ansible_os_family] }}" + state: latest + +- name: "Configure cloud-init." + block: + - name: "Add the SUSE OSS repo." + become: true + community.general.zypper_repository: + name: repo-oss + repo: "http://download.opensuse.org/distribution/leap/15.5/repo/oss/" + auto_import_keys: true + + - name: "Installing cloud-init." + become: true + ansible.builtin.zypper: + name: cloud-init + state: latest + when: enable_cloudinit == 'true' diff --git a/ansible/roles/base/vars/main.yml b/ansible/roles/base/vars/main.yml index 0d2cbc6..f5a8a78 100644 --- a/ansible/roles/base/vars/main.yml +++ b/ansible/roles/base/vars/main.yml @@ -12,6 +12,12 @@ additional_packages: - curl - unzip - wget + Suse: + - bash-completion + - ca-certificates + - curl + - unzip + - wget Ubuntu: - bash-completion - ca-certificates diff --git a/ansible/roles/clean/tasks/debian.yml b/ansible/roles/clean/tasks/debian.yml index d084e3c..e86081d 100644 --- a/ansible/roles/clean/tasks/debian.yml +++ b/ansible/roles/clean/tasks/debian.yml @@ -1,81 +1,93 @@ --- +# Tasks for setting custom facts. +- name: "Setting custom facts." + set_fact: + enable_cloudinit: "{{ enable_cloudinit | default('false') }}" -- name: Remove audit log files - ansible.builtin.file: +# # Tasks for removing the cloud-init package. +# - name: "Removing the cloud-init package." +# apt: +# name: cloud-init +# state: absent +# when: ansible_distribution == 'Ubuntu' and enable_cloudinit == 'false' + +# Tasks to clean the audit logs. +- name: "Cleaning the audit logs." + file: path: "{{ item }}" state: absent loop: - - "/var/log/audit/audit.log" - - "/var/log/wtmp" - - "/var/log/lastlog" + - /var/log/audit/audit.log + - /var/log/auth.log + - /var/log/btmp + - /var/log/dpkg.log + - /var/log/faillog + - /var/log/kern.log + - /var/log/lastlog + - /var/log/syslog + - /var/log/wtmp -- name: Check to see if the /var/log/audit directory exists - ansible.builtin.stat: - path: "/var/log/audit" - register: audit_directory - -- name: Ensure /var/log/audit directory exists - ansible.builtin.file: - path: /var/log/audit - state: directory - mode: "0750" - owner: root - group: adm - when: audit_directory.stat.exists - -- name: Ensure /var/log/audit/audit.log exists - ansible.builtin.file: - path: /var/log/audit/audit.log - state: touch - mode: "0640" - owner: root - group: adm - when: audit_directory.stat.exists - -- name: Ensure wtmp and lastlog exist with the correct permissions - ansible.builtin.copy: - dest: "{{ item }}" - content: "" - mode: "0664" - owner: root - group: utmp - loop: - - "/var/log/wtmp" - - "/var/log/lastlog" - -- name: Cleaning persistent udev rules - ansible.builtin.file: +# Tasks to clean the persistent udev rules. +- name: "Cleaning persistent udev rules." + file: path: /etc/udev/rules.d/70-persistent-net.rules state: absent -- name: "Cleaning the /tmp directories" - ansible.builtin.file: - path: "{{ item }}" - state: absent - loop: - - "/tmp/*" - - "/var/tmp/*" +# Tasks to find the /tmp directories. +- name: "Finding the /tmp directories." + find: + paths: + - /tmp + - /var/tmp + file_type: any + register: find_tmp_directories +# Tasks to clean the /tmp directories. +- name: "Cleaning the /tmp directories." + file: + path: "{{ item.path }}" + state: absent + loop: "{{ find_tmp_directories.files }}" + loop_control: + label: "{{ item.path }}" + +# Tasks to find the SSH host keys. +- name: "Finding the SSH host keys." + find: + paths: /etc/ssh + patterns: 'ssh_host_*' + register: find_ssh_host_keys + +# Tasks to clean the SSH host keys. - name: "Cleaning the SSH host keys." - shell: | - rm -f /etc/ssh/ssh_host_* - -- name: remove /etc/machine-id file: - path: /etc/machine-id + path: "{{ item.path }}" state: absent + loop: "{{ find_ssh_host_keys.files }}" + loop_control: + label: "{{ item.path }}" -- name: remove /var/lib/dbus/machine-id - file: - path: /var/lib/dbus/machine-id - state: absent +# Tasks to clean the machine-id. +- name: "Cleaning the machine-id." + block: + - name: "Emptying the /etc/machine-id." + community.general.filesize: + path: /etc/machine-id + size: 0 + - name: "Removing /var/lib/dbus/machine-id." + file: + path: /var/lib/dbus/machine-id + state: absent + - name: "Creating a symbolic link to /etc/machine-id." + file: + src: /etc/machine-id + dest: /var/lib/dbus/machine-id + state: link -- name: generate new machine-id - command: systemd-machine-id-setup - -- name: Cleaning the shell history - shell: | - unset HISTFILE - history -cw - echo > ~/.bash_history - rm -fr /root/.bash_history +# Tasks to clean the shell history. +- name: "Cleaning the shell history." + block: + - name: "Cleaning the shell history." + file: + path: "{{ ansible_env.HOME }}/.bash_history" + state: absent \ No newline at end of file diff --git a/ansible/roles/clean/tasks/main.yml b/ansible/roles/clean/tasks/main.yml index 2e51352..5c3566f 100644 --- a/ansible/roles/clean/tasks/main.yml +++ b/ansible/roles/clean/tasks/main.yml @@ -12,8 +12,8 @@ include_tasks: redhat.yml when: "ansible_facts['distribution'] in ['RedHat', 'CentOS', 'Rocky', 'AlmaLinux', 'OracleLinux']" -- name: Prepare the {{ ansible_facts['distribution'] }} guest operating system - include_tasks: "{{ ansible_facts['distribution'] | lower }}.yml" - when: "ansible_facts['distribution'] == 'Suse'" +- name: Cleaning tasks for the {{ ansible_facts['distribution'] }} guest operating system + include_tasks: suse.yml + when: "ansible_facts['distribution'] in ['openSUSE Leap', 'Suse']" ... \ No newline at end of file diff --git a/ansible/roles/clean/tasks/redhat.yml b/ansible/roles/clean/tasks/redhat.yml index 28e91cc..20c1503 100644 --- a/ansible/roles/clean/tasks/redhat.yml +++ b/ansible/roles/clean/tasks/redhat.yml @@ -1,59 +1,92 @@ --- - -- name: "Cleaning all audit logs." - shell: | - if [ -f /var/log/audit/audit.log ]; then - cat /dev/null > /var/log/audit/audit.log - fi - if [ -f /var/log/wtmp ]; then - cat /dev/null > /var/log/wtmp - fi - if [ -f /var/log/lastlog ]; then - cat /dev/null > /var/log/lastlog - fi - -- name: "Cleaning persistent udev rules." - shell: | - if [ -f /etc/udev/rules.d/70-persistent-net.rules ]; then - rm /etc/udev/rules.d/70-persistent-net.rules - fi - -- name: "Cleaning the /tmp directories" - shell: | - rm -rf /tmp/* - rm -rf /var/tmp/* - rm -rf /var/cache/dnf/* - +# Tasks to clean the Red Hat Subscription Manager logs. - name: "Cleaning the Red Hat Subscription Manager logs." - shell: | - rm -rf /var/log/rhsm/* - when: "ansible_facts['distribution'] == 'RedHat'" + ansible.builtin.file: + path: /var/log/rhsm + state: absent + when: ansible_distribution == 'RedHat' +# Tasks to clean the audit logs. +- name: "Cleaning the audit logs." + ansible.builtin.file: + path: "{{ item }}" + state: absent + loop: + - /var/log/audit/audit.log + - /var/log/btmp + - /var/log/boot.log + - /var/log/cron + - /var/log/dnf.log + - /var/log/lastlog + - /var/log/maillog + - /var/log/messages + - /var/log/secure + - /var/log/wtmp + - /var/log/yum.log + +# Tasks to clean the persistent udev rules. +- name: "Cleaning persistent udev rules." + ansible.builtin.file: + path: /etc/udev/rules.d/70-persistent-net.rules + state: absent + +# Tasks to find the /tmp directories. +- name: "Finding the /tmp directories." + ansible.builtin.find: + paths: + - /tmp + - /var/tmp + file_type: any + register: find_tmp_directories + +# Tasks to clean the /tmp directories. +- name: "Cleaning the /tmp directories." + ansible.builtin.file: + path: "{{ item.path }}" + state: absent + loop: "{{ find_tmp_directories.files }}" + loop_control: + label: "{{ item.path }}" + +# Tasks to find the SSH host keys. +- name: "Finding the SSH host keys." + ansible.builtin.find: + paths: /etc/ssh + patterns: 'ssh_host_*' + register: find_ssh_host_keys + +# Tasks to clean the SSH host keys. - name: "Cleaning the SSH host keys." - shell: | - rm -f /etc/ssh/ssh_host_* + ansible.builtin.file: + path: "{{ item.path }}" + state: absent + loop: "{{ find_ssh_host_keys.files }}" + loop_control: + label: "{{ item.path }}" + +# Tasks to clean the machine-id. +- name: "Emptying the /etc/machine-id." + community.general.filesize: + path: /etc/machine-id + size: 0 - name: "Cleaning the machine-id." - when: 'ansible_facts[''distribution_major_version''] <= "8"' - shell: | - truncate -s 0 /etc/machine-id - rm /var/lib/dbus/machine-id - ln -s /etc/machine-id /var/lib/dbus/machine-id - -- name: "Cleaning the machine-id." - when: 'ansible_facts[''distribution_major_version''] >= "9"' - shell: | - truncate -s 0 /etc/machine-id + block: + - name: "Removing /var/lib/dbus/machine-id." + ansible.builtin.file: + path: /var/lib/dbus/machine-id + state: absent + - name: "Creating a symbolic link to /etc/machine-id." + ansible.builtin.file: + src: /etc/machine-id + dest: /var/lib/dbus/machine-id + state: link + when: ansible_distribution_major_version | int <= 8 +# Tasks to clean the shell history. - name: "Cleaning the shell history." - shell: | - unset HISTFILE - history -cw - echo > ~/.bash_history - rm -fr /root/.bash_history - -- name: "Running a sync." - shell: | - sync && sync - -... \ No newline at end of file + block: + - name: "Cleaning the shell history." + ansible.builtin.file: + path: "{{ ansible_env.HOME }}/.bash_history" + state: absent \ No newline at end of file diff --git a/ansible/roles/clean/tasks/suse.yml b/ansible/roles/clean/tasks/suse.yml index a4299ba..5323171 100644 --- a/ansible/roles/clean/tasks/suse.yml +++ b/ansible/roles/clean/tasks/suse.yml @@ -2,13 +2,14 @@ # Tasks to clean the SUSE Customer Center file. - name: "Cleaning the SUSE Customer Center file." - file: + ansible.builtin.file: path: /etc/SUSEConnect state: absent + when: "ansible_facts['distribution'] != 'openSUSE Leap'" # Tasks to clean the audit logs. - name: "Cleaning the audit logs." - file: + ansible.builtin.file: path: "{{ item }}" state: absent loop: @@ -24,13 +25,13 @@ # Tasks to clean the persistent udev rules. - name: "Cleaning persistent udev rules." - file: + ansible.builtin.file: path: /etc/udev/rules.d/70-persistent-net.rules state: absent # Tasks to find the /tmp directories. - name: "Finding the /tmp directories." - find: + ansible.builtin.find: paths: - /tmp - /var/tmp @@ -40,7 +41,7 @@ # Tasks to clean the /tmp directories. - name: "Cleaning the /tmp directories." - file: + ansible.builtin.file: path: "{{ item.path }}" state: absent loop: "{{ find_tmp_directories.files }}" @@ -49,14 +50,14 @@ # Tasks to find the SSH host keys. - name: "Finding the SSH host keys." - find: + ansible.builtin.find: paths: /etc/ssh patterns: 'ssh_host_*' register: find_ssh_host_keys # Tasks to clean the SSH host keys. - name: "Cleaning the SSH host keys." - file: + ansible.builtin.file: path: "{{ item.path }}" state: absent loop: "{{ find_ssh_host_keys.files }}" @@ -73,7 +74,7 @@ - name: "Cleaning the shell history." block: - name: "Cleaning the shell history." - file: + ansible.builtin.file: path: "{{ ansible_env.HOME }}/.bash_history" state: absent diff --git a/ansible/roles/clean/tasks/ubuntu.yml b/ansible/roles/clean/tasks/ubuntu.yml index 0125776..3016532 100644 --- a/ansible/roles/clean/tasks/ubuntu.yml +++ b/ansible/roles/clean/tasks/ubuntu.yml @@ -1,93 +1,93 @@ --- +# Tasks for setting custom facts. +- name: "Setting custom facts." + ansible.builtin.set_fact: + enable_cloudinit: "{{ enable_cloudinit | default('false') }}" -- name: Remove audit log files +# Tasks for removing the cloud-init package. +- name: "Removing the cloud-init package." + ansible.builtin.apt: + name: cloud-init + state: absent + when: enable_cloudinit == 'false' + +# Tasks to clean the audit logs. +- name: "Cleaning the audit logs." ansible.builtin.file: path: "{{ item }}" state: absent loop: - - "/var/log/audit/audit.log" - - "/var/log/wtmp" - - "/var/log/lastlog" + - /var/log/audit/audit.log + - /var/log/auth.log + - /var/log/btmp + - /var/log/dpkg.log + - /var/log/faillog + - /var/log/kern.log + - /var/log/lastlog + - /var/log/syslog + - /var/log/wtmp -- name: Check to see if the /var/log/audit directory exists - ansible.builtin.stat: - path: "/var/log/audit" - register: audit_directory - -- name: Ensure /var/log/audit directory exists - ansible.builtin.file: - path: /var/log/audit - state: directory - mode: "0750" - owner: root - group: adm - when: audit_directory.stat.exists - -- name: Ensure /var/log/audit/audit.log exists - ansible.builtin.file: - path: /var/log/audit/audit.log - state: touch - mode: "0640" - owner: root - group: adm - when: audit_directory.stat.exists - -- name: Ensure wtmp and lastlog exist with the correct permissions - ansible.builtin.copy: - dest: "{{ item }}" - content: "" - mode: "0664" - owner: root - group: utmp - loop: - - "/var/log/wtmp" - - "/var/log/lastlog" - -- name: Cleaning persistent udev rules +# Tasks to clean the persistent udev rules. +- name: "Cleaning persistent udev rules." ansible.builtin.file: path: /etc/udev/rules.d/70-persistent-net.rules state: absent -- name: "Cleaning the /tmp directories" +# Tasks to find the /tmp directories. +- name: "Finding the /tmp directories." + ansible.builtin.find: + paths: + - /tmp + - /var/tmp + file_type: any + register: find_tmp_directories + +# Tasks to clean the /tmp directories. +- name: "Cleaning the /tmp directories." ansible.builtin.file: - path: "{{ item }}" + path: "{{ item.path }}" state: absent - loop: - - "/tmp/*" - - "/var/tmp/*" + loop: "{{ find_tmp_directories.files }}" + loop_control: + label: "{{ item.path }}" -- name: Cleaning the SSH host keys - shell: | - rm -f /etc/ssh/ssh_host_* +# Tasks to find the SSH host keys. +- name: "Finding the SSH host keys." + ansible.builtin.find: + paths: /etc/ssh + patterns: 'ssh_host_*' + register: find_ssh_host_keys -- name: remove /etc/machine-id - file: - path: /etc/machine-id +# Tasks to clean the SSH host keys. +- name: "Cleaning the SSH host keys." + ansible.builtin.file: + path: "{{ item.path }}" state: absent + loop: "{{ find_ssh_host_keys.files }}" + loop_control: + label: "{{ item.path }}" -- name: remove /var/lib/dbus/machine-id - file: - path: /var/lib/dbus/machine-id - state: absent +# Tasks to clean the machine-id. +- name: "Cleaning the machine-id." + block: + - name: "Emptying the /etc/machine-id." + community.general.filesize: + path: /etc/machine-id + size: 0 + - name: "Removing /var/lib/dbus/machine-id." + ansible.builtin.file: + path: /var/lib/dbus/machine-id + state: absent + - name: "Creating a symbolic link to /etc/machine-id." + ansible.builtin.file: + src: /etc/machine-id + dest: /var/lib/dbus/machine-id + state: link -- name: generate new machine-id - command: systemd-machine-id-setup - -- name: Clean apt - ansible.builtin.apt: - autoclean: yes - autoremove: yes - clean: yes - -- name: Cleaning the shell history - shell: | - unset HISTFILE - history -cw - echo > ~/.bash_history - rm -fr /root/.bash_history - -- name: Clean cloud-init - ansible.builtin.command: cloud-init clean - when: cloud_init | bool - -... +# Tasks to clean the shell history. +- name: "Cleaning the shell history." + block: + - name: "Cleaning the shell history." + ansible.builtin.file: + path: "{{ ansible_env.HOME }}/.bash_history" + state: absent \ No newline at end of file diff --git a/ansible/roles/clean/vars/main.yml b/ansible/roles/clean/vars/main.yml new file mode 100644 index 0000000..075e3e0 --- /dev/null +++ b/ansible/roles/clean/vars/main.yml @@ -0,0 +1,2 @@ +--- +task_name: "Clean the operating system." \ No newline at end of file diff --git a/ansible/roles/configure/tasks/debian.yml b/ansible/roles/configure/tasks/debian.yml index 35250c6..1fd82e2 100644 --- a/ansible/roles/configure/tasks/debian.yml +++ b/ansible/roles/configure/tasks/debian.yml @@ -1,37 +1,54 @@ --- -- name: "Configure SSH for Public Key Authentication." - shell: | - sudo sed -i 's/.*PubkeyAuthentication.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config +# Tasks for setting custom facts. +- name: "Setting custom facts." + set_fact: + enable_cloudinit: "{{ enable_cloudinit | default('false') }}" -- name: Creating SSH key regeneration service file - ansible.builtin.copy: - dest: /etc/systemd/system/regenerate_ssh_host_keys.service +# Tasks for configuring SSH for public key authentication. +- name: "Configuring SSH for Public Key Authentication." + lineinfile: + path: /etc/ssh/sshd_config + regexp: '^PubkeyAuthentication' + line: 'PubkeyAuthentication yes' + +# Tasks for setting the hostname. +- name: "Setting the hostname." + hostname: + name: "localhost" + +# Tasks for restarting the SSH daemon. +- name: "Restarting the SSH daemon." + systemd: + name: ssh + state: restarted + daemon_reload: true + +# Tasks for disabling systemd-tmpfiles. +- name: "Disabling systemd-tmpfiles." + replace: + path: /usr/lib/tmpfiles.d/tmp.conf + regexp: '^D' + replace: '#D' + +# Tasks for configuring cloud-init. +- name: "Configuring cloud-init." + block: + - name: "Message: Configuring cloud-init" + ansible.builtin.debug: + msg: "Configuring cloud-init" + - ansible.builtin.copy: + content: 'datasource_list: [ ConfigDrive, NoCloud ]' + dest: /etc/cloud/cloud.cfg.d/90_dpkg.cfg + when: enable_cloudinit == 'true' + +# Tasks for setting SSH keys to regenerate. +- name: "Setting SSH keys to regenerate." + copy: + dest: /etc/rc.local content: | - [Unit] - Description=Regenerate SSH host keys - Before=ssh.service - ConditionFileIsExecutable=/usr/bin/ssh-keygen - - [Service] - Type=oneshot - ExecStartPre=-/bin/dd if=/dev/hwrng of=/dev/urandom count=1 bs=4096 - ExecStartPre=-/bin/sh -c "/bin/rm -f -v /etc/ssh/ssh_host_*_key*" - ExecStart=/usr/bin/ssh-keygen -A -v - ExecStartPost=/bin/systemctl disable regenerate_ssh_host_keys - - [Install] - WantedBy=multi-user.target - when: not cloud_init | bool - -- name: Reload systemd to re-read configurations - ansible.builtin.systemd: - daemon-reload: true - when: not cloud_init | bool - -- name: Enable regenerate_ssh_host_keys service - ansible.builtin.systemd: - name: regenerate_ssh_host_keys - enabled: true - when: not cloud_init | bool - -... + #!/bin/bash + if test -z "$(find /etc/ssh/ -iname 'ssh_host_*_key*')"; then + dpkg-reconfigure openssh-server + fi + exit 0 + mode: 0755 diff --git a/ansible/roles/configure/tasks/main.yml b/ansible/roles/configure/tasks/main.yml index 2e51352..b295b54 100644 --- a/ansible/roles/configure/tasks/main.yml +++ b/ansible/roles/configure/tasks/main.yml @@ -12,8 +12,8 @@ include_tasks: redhat.yml when: "ansible_facts['distribution'] in ['RedHat', 'CentOS', 'Rocky', 'AlmaLinux', 'OracleLinux']" -- name: Prepare the {{ ansible_facts['distribution'] }} guest operating system - include_tasks: "{{ ansible_facts['distribution'] | lower }}.yml" - when: "ansible_facts['distribution'] == 'Suse'" +- name: Configuration tasks for the {{ ansible_facts['distribution'] }} guest operating system + include_tasks: suse.yml + when: "ansible_facts['distribution'] in ['openSUSE Leap', 'Suse']" ... \ No newline at end of file diff --git a/ansible/roles/configure/tasks/redhat.yml b/ansible/roles/configure/tasks/redhat.yml index a36b764..d071913 100644 --- a/ansible/roles/configure/tasks/redhat.yml +++ b/ansible/roles/configure/tasks/redhat.yml @@ -1,5 +1,36 @@ --- -- name: "Configure SSH for Public Key Authentication." - shell: | - sudo sed -i 's/.*PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config - sudo sed -i 's/.*PubkeyAuthentication.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config +# Tasks for unregistering from Red Hat Subscription Manager. +- name: "Unregistering from Red Hat Subscription Manager." + community.general.redhat_subscription: + state: absent + when: ansible_distribution == 'RedHat' + +# Tasks for configuring SSH for public key authentication. +- name: "Configuring SSH for Public Key Authentication." + block: + - ansible.builtin.lineinfile: + path: /etc/ssh/sshd_config + regexp: '^PermitRootLogin' + line: 'PermitRootLogin no' + - ansible.builtin.lineinfile: + path: /etc/ssh/sshd_config + regexp: '^PubkeyAuthentication' + line: 'PubkeyAuthentication yes' + +# Tasks for setting the hostname. +- name: "Setting the hostname." + ansible.builtin.hostname: + name: "localhost" + +# Tasks for disabling SELinux. +- name: "Disabling SELinux." + ansible.builtin.selinux: + state: disabled + policy: targeted + +# Tasks for restarting the SSH daemon. +- name: "Restarting the SSH daemon." + ansible.builtin.systemd: + name: sshd + state: restarted + daemon_reload: true diff --git a/ansible/roles/configure/tasks/suse.yml b/ansible/roles/configure/tasks/suse.yml index 01517ef..96f092e 100644 --- a/ansible/roles/configure/tasks/suse.yml +++ b/ansible/roles/configure/tasks/suse.yml @@ -1,35 +1,52 @@ --- +# Tasks for setting custom facts. +- name: "Setting custom facts." + set_fact: + enable_cloudinit: "{{ enable_cloudinit | default('false') }}" + # Tasks for unregistering from SUSE Customer Center. - name: "Unregistering from SUSE Customer Center." - command: + ansible.builtin.command: cmd: "{{ item }}" loop: - SUSEConnect -d - SUSEConnect --cleanup + when: "ansible_facts['distribution'] != 'openSUSE Leap'" # Tasks for configuring SSH for public key authentication. - name: "Configuring SSH for Public Key Authentication." block: - - lineinfile: + - ansible.builtin.lineinfile: path: /etc/ssh/sshd_config regexp: '^PermitRootLogin' line: 'PermitRootLogin no' - - lineinfile: + - ansible.builtin.lineinfile: path: /etc/ssh/sshd_config regexp: '^PubkeyAuthentication' line: 'PubkeyAuthentication yes' # Tasks for setting the hostname. - name: "Setting the hostname." - hostname: + ansible.builtin.hostname: name: "localhost" # Tasks for restarting the SSH daemon. - name: "Restarting the SSH daemon." - systemd: + ansible.builtin.systemd: name: sshd state: restarted daemon_reload: true +# Tasks for configuring cloud-init. +- name: "Configuring cloud-init." + block: + - name: "Message: Configuring cloud-init" + ansible.builtin.debug: + msg: "Configuring cloud-init" + - ansible.builtin.copy: + content: 'datasource_list: [ ConfigDrive, NoCloud ]' + dest: /etc/cloud/cloud.cfg.d/90_dpkg.cfg + when: enable_cloudinit == 'true' + ... \ No newline at end of file diff --git a/ansible/roles/configure/tasks/ubuntu.yml b/ansible/roles/configure/tasks/ubuntu.yml index dad1976..56a5ee8 100644 --- a/ansible/roles/configure/tasks/ubuntu.yml +++ b/ansible/roles/configure/tasks/ubuntu.yml @@ -1,88 +1,62 @@ --- -- name: "Configure SSH for Public Key Authentication" - shell: | - sudo sed -i 's/.*PubkeyAuthentication.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config +# Tasks for setting custom facts. +- name: "Setting custom facts." + ansible.builtin.set_fact: + enable_cloudinit: "{{ enable_cloudinit | default('false') }}" -- name: Restarting the SSH daemon - ansible.builtin.service: +# Tasks for configuring SSH for public key authentication. +- name: "Configuring SSH for Public Key Authentication." + ansible.builtin.lineinfile: + path: /etc/ssh/sshd_config + regexp: '^PubkeyAuthentication' + line: 'PubkeyAuthentication yes' + +# Tasks for setting the hostname. +- name: "Setting the hostname." + ansible.builtin.hostname: + name: "localhost" + +# Tasks for restarting the SSH daemon. +- name: "Restarting the SSH daemon." + ansible.builtin.systemd: name: ssh state: restarted + daemon_reload: true -- name: Remove cloud-init files - ansible.builtin.file: - path: "{{ item }}" - state: absent - loop: - - /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg - - /etc/cloud/cloud.cfg.d/50-curtin-networking.cfg - - /etc/cloud/cloud.cfg.d/curtin-preserve-sources.cfg - - /etc/cloud/cloud.cfg.d/99-installer.cfg - - /etc/netplan/00-installer-config.yaml - when: - - cloud_init | bool - - ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" or ansible_distribution_version == "24.04" +# Tasks for disabling systemd-tmpfiles. +- name: "Disabling systemd-tmpfiles." + ansible.builtin.replace: + path: /usr/lib/tmpfiles.d/tmp.conf + regexp: '^D' + replace: '#D' -- name: Disable cloud-init if configured to +# Tasks for configuring cloud-init. +- name: "Configuring cloud-init." block: - - name: Check if /etc/cloud/ exists - ansible.builtin.stat: - path: '/etc/cloud/' - register: etc_cloud_folder + - name: "Message: Configuring cloud-init" + ansible.builtin.debug: + msg: "Configuring cloud-init" + - ansible.builtin.file: + path: "{{ item }}" + state: absent + loop: + - /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg + - /etc/cloud/cloud.cfg.d/99-installer.cfg + - /etc/netplan/00-installer-config.yaml + - ansible.builtin.copy: + content: 'datasource_list: [ VMware, OVF, None ]' + dest: /etc/cloud/cloud.cfg.d/90_dpkg.cfg + when: enable_cloudinit == 'true' - - name: 'Generate /etc/cloud/cloud-init.disabled' - ansible.builtin.copy: - dest: '/etc/cloud/cloud-init.disabled' - content: 'disabled by ansible\n' - owner: 'root' - group: 'root' - mode: '0644' - when: - - 'etc_cloud_folder.stat.exists' - when: - - not cloud_init | bool - - ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" or ansible_distribution_version == "24.04" - -- name: Copy cloud-init PVE default file +# Tasks for setting SSH keys to regenerate. +- name: "Setting SSH keys to regenerate." ansible.builtin.copy: - dest: /etc/cloud/cloud.cfg.d/90_dpkg.cfg + dest: /etc/rc.local content: | - datasource_list: [ ConfigDrive, NoCloud ] - when: cloud_init | bool - -- name: "Modifying GRUB." - shell: | - sed -i -e "s/GRUB_CMDLINE_LINUX_DEFAULT=\"\(.*\)\"/GRUB_CMDLINE_LINUX_DEFAULT=\"\"/" /etc/default/grub - update-grub - when: ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" or ansible_distribution_version == "24.04" - -- name: Creating SSH key regeneration service file - ansible.builtin.copy: - dest: /etc/systemd/system/regenerate_ssh_host_keys.service - content: | - [Unit] - Description=Regenerate SSH host keys - Before=ssh.service - ConditionFileIsExecutable=/usr/bin/ssh-keygen - - [Service] - Type=oneshot - ExecStartPre=-/bin/dd if=/dev/hwrng of=/dev/urandom count=1 bs=4096 - ExecStartPre=-/bin/sh -c "/bin/rm -f -v /etc/ssh/ssh_host_*_key*" - ExecStart=/usr/bin/ssh-keygen -A -v - ExecStartPost=/bin/systemctl disable regenerate_ssh_host_keys - - [Install] - WantedBy=multi-user.target - when: not cloud_init | bool - -- name: Reload systemd to re-read configurations - ansible.builtin.systemd: - daemon-reload: true - when: not cloud_init | bool - -- name: Enable regenerate_ssh_host_keys service - ansible.builtin.systemd: - name: regenerate_ssh_host_keys - enabled: true - when: not cloud_init | bool + #!/bin/bash + if test -z "$(find /etc/ssh/ -iname 'ssh_host_*_key*')"; then + dpkg-reconfigure openssh-server + fi + exit 0 + mode: 0755 diff --git a/ansible/roles/configure/vars/main.yml b/ansible/roles/configure/vars/main.yml new file mode 100644 index 0000000..c4b5142 --- /dev/null +++ b/ansible/roles/configure/vars/main.yml @@ -0,0 +1,2 @@ +--- +task_name: "Configure the operating system." \ No newline at end of file diff --git a/ansible/roles/users/tasks/linux.yml b/ansible/roles/users/tasks/linux.yml index f0f6a68..6737ba7 100644 --- a/ansible/roles/users/tasks/linux.yml +++ b/ansible/roles/users/tasks/linux.yml @@ -1,31 +1,46 @@ --- -- name: "Adding authorized_keys for the default local user." - shell: | - sudo mkdir -p /home/{{BUILD_USERNAME}}/.ssh - sudo tee /home/{{BUILD_USERNAME}}/.ssh/authorized_keys << EOF - {{BUILD_SECRET}} - EOF - sudo chown -R {{BUILD_USERNAME}} /home/{{BUILD_USERNAME}}/.ssh - sudo chmod 700 /home/{{BUILD_USERNAME}}/.ssh - sudo chmod 644 /home/{{BUILD_USERNAME}}/.ssh/authorized_keys -- name: "Adding the default local user to passwordless sudoers." - shell: | - sudo bash -c "echo \"""{{BUILD_USERNAME}}"" ALL=(ALL) NOPASSWD:ALL\" >> /etc/sudoers" -- name: "Creating a local user for Ansible." - shell: | - sudo groupadd {{ANSIBLE_USERNAME}} - sudo useradd -g {{ANSIBLE_USERNAME}} -m -s /bin/bash {{ANSIBLE_USERNAME}} - sudo usermod -aG sudo {{ANSIBLE_USERNAME}} - echo {{ANSIBLE_USERNAME}}:"$(openssl rand -base64 14)" | sudo chpasswd -- name: "Adding authorized_keys to the local user for Ansible." - shell: | - sudo mkdir -p /home/{{ANSIBLE_USERNAME}}/.ssh - sudo tee /home/{{ANSIBLE_USERNAME}}/.ssh/authorized_keys << EOF - {{ANSIBLE_SECRET}} - EOF - sudo chown -R {{ANSIBLE_USERNAME}} /home/{{ANSIBLE_USERNAME}}/.ssh - sudo chmod 700 /home/{{ANSIBLE_USERNAME}}/.ssh - sudo chmod 644 /home/{{ANSIBLE_USERNAME}}/.ssh/authorized_keys -- name: "Adding the local user for Ansible to passwordless sudoers." - shell: | - sudo bash -c "echo \"""{{ANSIBLE_USERNAME}}"" ALL=(ALL) NOPASSWD:ALL\" >> /etc/sudoers" +# Tasks for setting custom facts. +- name: "Setting custom facts." + ansible.builtin.set_fact: + enable_cloudinit: "{{ enable_cloudinit | default('false') }}" + +# Tasks for creating the local group for Ansible. +- name: "Creating the local group for Ansible." + ansible.builtin.group: + name: "{{ ansible_username }}" + +# Tasks for creating the sudo group. +- name: "Creating the sudo group." + ansible.builtin.group: + name: sudo + +# Tasks for creating the local user for Ansible. +- name: "Creating the local user for Ansible." + ansible.builtin.user: + name: "{{ ansible_username }}" + group: "{{ ansible_username }}" + groups: sudo + password: '!' + shell: /bin/bash + +# Tasks for managing the authorized keys for the local users. +- name: "Managing the authorized keys for the local users." + ansible.posix.authorized_key: + user: "{{ item.user }}" + key: "{{ item.key }}" + loop: + - user: "{{ ansible_username }}" + key: "{{ ansible_key }}" + - user: "{{ build_username }}" + key: "{{ build_key }}" + no_log: true + +# Tasks for managing sudoers.d for the local users. +- name: "Managing sudoers.d for the local users." + community.general.sudoers: + name: "{{ item }}" + user: "{{ item }}" + commands: ALL + loop: + - "{{ build_username }}" + - "{{ ansible_username }}" diff --git a/ansible/roles/users/vars/main.yml b/ansible/roles/users/vars/main.yml new file mode 100644 index 0000000..ef9eb71 --- /dev/null +++ b/ansible/roles/users/vars/main.yml @@ -0,0 +1,2 @@ +--- +task_name: "Configure the operating system users." \ No newline at end of file From e9722d61d4b157f1ff922fd111372e044f05c525 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:29:47 -0500 Subject: [PATCH 13/72] feat: moved network config to template and added additional_packages var --- builds/linux/debian/11/data/preseed.pkrtpl.hcl | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/builds/linux/debian/11/data/preseed.pkrtpl.hcl b/builds/linux/debian/11/data/preseed.pkrtpl.hcl index 14c3716..b74b7aa 100644 --- a/builds/linux/debian/11/data/preseed.pkrtpl.hcl +++ b/builds/linux/debian/11/data/preseed.pkrtpl.hcl @@ -23,10 +23,7 @@ d-i grub-installer/only_debian boolean true ${storage} # Network configuration -d-i netcfg/choose_interface select auto -d-i netcfg/get_hostname string unassigned-hostname -d-i netcfg/get_domain string unassigned-domain - +${network} ### Apt setup # Choose, if you want to scan additional installation media @@ -63,7 +60,7 @@ d-i passwd/user-password-crypted password ${build_password_encrypted} # Package Configuration d-i pkgsel/run_tasksel boolean false -d-i pkgsel/include string openssh-server qemu-guest-agent python3 +d-i pkgsel/include string openssh-server qemu-guest-agent python3-apt ${additional_packages} # You can choose, if your system will report back on what software you have # installed, and what software you use. The default is not to report back, From 0997919d2d9e9fb9756915d64df5766403503538 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:30:54 -0500 Subject: [PATCH 14/72] feat: added cloud-init var and set vm_bios to ovmf as default --- builds/linux/debian/11/linux-debian.auto.pkrvars.hcl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/builds/linux/debian/11/linux-debian.auto.pkrvars.hcl b/builds/linux/debian/11/linux-debian.auto.pkrvars.hcl index 6ef755d..bdb07cd 100644 --- a/builds/linux/debian/11/linux-debian.auto.pkrvars.hcl +++ b/builds/linux/debian/11/linux-debian.auto.pkrvars.hcl @@ -13,9 +13,10 @@ vm_os_version = "11" // Virtual Machine Guest Operating System Setting vm_os_type = "l26" +vm_cloudinit = true // Virtual Machine Hardware Settings -vm_bios = "seabios" +vm_bios = "ovmf" vm_cpu_count = 1 vm_cpu_sockets = 1 vm_cpu_type = "kvm64" From 53ab0aafa15872ae069d8b7922fa835adf68b084 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:32:38 -0500 Subject: [PATCH 15/72] feat: reworked clout-init, UEFI boot, and ansible provisioner --- builds/linux/debian/11/linux-debian.pkr.hcl | 96 +++++++++++++++------ 1 file changed, 72 insertions(+), 24 deletions(-) diff --git a/builds/linux/debian/11/linux-debian.pkr.hcl b/builds/linux/debian/11/linux-debian.pkr.hcl index 12e7e8a..a66b9c8 100644 --- a/builds/linux/debian/11/linux-debian.pkr.hcl +++ b/builds/linux/debian/11/linux-debian.pkr.hcl @@ -32,11 +32,52 @@ data "git-repository" "cwd" {} // BLOCK: locals // Defines the local variables. -locals { +locals { + + bios_boot_command = [ + "", + "/install.amd/vmlinuz ", + "initrd=/install.amd/initrd.gz ", + "auto=true ", + "${local.data_source_command} ", + "netcfg/get_hostname=debian netcfg/get_domain=example.com ", + "interface=auto ", + "vga=788 noprompt quiet --" + ] + + uefi_boot_command = [ + // This waits for 3 seconds, sends the "c" key, and then waits for another 3 seconds. In the GRUB boot loader, this is used to enter command line mode. + "c", + // This types a command to load the Linux kernel from the specified path. + "linux /install.amd/vmlinuz", + // This types a string that sets the auto-install/enable option to true. This is used to automate the installation process. + " auto-install/enable=true", + // This types a string that sets the debconf/priority option to critical. This is used to minimize the number of questions asked during the installation process. + " debconf/priority=critical", + // This types the value of the 'data_source_command' local variable. This is used to specify the kickstart data source configured in the common variables. + " ${local.data_source_command}", + // This types a string that sets the noprompt option and then sends the "enter" key. This is used to prevent the installer from pausing for user input. + " noprompt --", + // This types a command to load the initial RAM disk from the specified path and then sends the "enter" key. + "initrd /install.amd/initrd.gz", + // This types the "boot" command and then sends the "enter" key. This starts the boot process using the loaded kernel and initial RAM disk. + "boot", + // This waits for 30 seconds. This is typically used to give the system time to boot before sending more commands. + "", + // This sends the "enter" key and then waits. This is typically used to dismiss any prompts or messages that appear during boot. + "", + // This sends the "enter" key and then waits. This is typically used to dismiss any prompts or messages that appear during boot. + "", + // This types the value of the `mount_cdrom` local variable. This is typically used to mount the installation media. + " ${local.mount_cdrom}", + // This sends four "down arrow" keys and then the "enter" key. This is typically used to select a specific option in a menu. + "" + ] + build_by = "Built by: HashiCorp Packer ${packer.version}" build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) build_version = data.git-repository.cwd.head - build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) manifest_path = "${path.cwd}/manifests/" @@ -50,6 +91,15 @@ locals { vm_os_language = var.vm_os_language vm_os_keyboard = var.vm_os_keyboard vm_os_timezone = var.vm_os_timezone + vm_cloudinit = var.vm_cloudinit + common_data_source = var.common_data_source + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_network_device + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) common_data_source = var.common_data_source # lvm needs to be here so late commands can access vg names lvm = var.vm_disk_lvm @@ -60,10 +110,14 @@ locals { lvm = var.vm_disk_lvm vm_bios = var.vm_bios }) + additional_packages = join(" ", var.additional_packages) }) } data_source_command = var.common_data_source == "http" ? "url=http://{{.HTTPIP}}:{{.HTTPPort}}/preseed.cfg" : "file=/media/preseed.cfg" + mount_cdrom_command = " mount /dev/sr1 /media " + mount_cdrom = var.common_data_source == "http" ? " " : local.mount_cdrom_command vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null } @@ -128,16 +182,7 @@ source "proxmox-iso" "debian" { http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null boot = var.vm_boot boot_wait = var.vm_boot_wait - boot_command = [ - "", - "/install.amd/vmlinuz ", - "initrd=/install.amd/initrd.gz ", - "auto=true ", - "${local.data_source_command} ", - "netcfg/get_hostname=debian netcfg/get_domain=example.com ", - "interface=auto ", - "vga=788 noprompt quiet --" - ] + boot_command = local.boot_command dynamic "additional_iso_files" { for_each = var.common_data_source == "disk" ? [1] : [] @@ -152,8 +197,8 @@ source "proxmox-iso" "debian" { template_description = "${local.build_description}" # VM Cloud Init Settings - cloud_init = var.vm_cloud_init_enable - cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null } @@ -162,19 +207,22 @@ build { sources = ["source.proxmox-iso.debian"] provisioner "ansible" { - user = "${var.build_username}" - playbook_file = "${path.cwd}/ansible/main.yml" - roles_path = "${path.cwd}/ansible/roles" + user = var.build_username + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" ansible_env_vars = [ - "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3" ] extra_arguments = [ "--extra-vars", "display_skipped_hosts=false", - "--extra-vars", "BUILD_USERNAME=${var.build_username}", - "--extra-vars", "BUILD_SECRET='${var.build_key}'", - "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", - "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", - "--extra-vars", "cloud_init='${var.vm_cloud_init_enable}'", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", ] } @@ -195,7 +243,7 @@ build { vm_os_type = "${var.vm_os_type}" vm_mem_size = "${var.vm_mem_size}" vm_network_card_model = "${var.vm_network_card_model}" - vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + vm_cloudinit = "${var.vm_cloudinit}" } } } From d985d159d5c99a9b2ec9b3ef45e85cfe37a9ead2 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:33:28 -0500 Subject: [PATCH 16/72] feat: added var for additional packages to install --- builds/linux/debian/11/variables.pkr.hcl | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/builds/linux/debian/11/variables.pkr.hcl b/builds/linux/debian/11/variables.pkr.hcl index e5c9f66..487e08c 100644 --- a/builds/linux/debian/11/variables.pkr.hcl +++ b/builds/linux/debian/11/variables.pkr.hcl @@ -171,7 +171,7 @@ variable "vm_vlan_tag" { // Cloud-Init Settings -variable "vm_cloud_init_enable" { +variable "vm_cloudinit" { type = bool description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" default = false @@ -295,3 +295,10 @@ variable "common_hcp_packer_registry_enabled" { default = false } +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} \ No newline at end of file From 01e3bb13d963d47695ab85d974893333d5dd1219 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:34:27 -0500 Subject: [PATCH 17/72] feat: added network preseed template and vars --- .../linux/debian/11/data/network.pkrtpl.hcl | 9 +++++ .../linux/debian/11/variables-network.pkr.hcl | 36 +++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 builds/linux/debian/11/data/network.pkrtpl.hcl create mode 100644 builds/linux/debian/11/variables-network.pkr.hcl diff --git a/builds/linux/debian/11/data/network.pkrtpl.hcl b/builds/linux/debian/11/data/network.pkrtpl.hcl new file mode 100644 index 0000000..fe4c0c9 --- /dev/null +++ b/builds/linux/debian/11/data/network.pkrtpl.hcl @@ -0,0 +1,9 @@ +d-i netcfg/choose_interface select ${device} +%{ if ip != null ~} +d-i netcfg/disable_autoconfig boolean true +d-i netcfg/get_ipaddress string ${ip} +d-i netcfg/get_netmask string ${cidrnetmask("${ip}/${netmask}")} +d-i netcfg/get_gateway string ${gateway} +d-i netcfg/get_nameservers string ${join(" ", dns)} +d-i netcfg/confirm_static boolean true +%{ endif ~} \ No newline at end of file diff --git a/builds/linux/debian/11/variables-network.pkr.hcl b/builds/linux/debian/11/variables-network.pkr.hcl new file mode 100644 index 0000000..d2d6996 --- /dev/null +++ b/builds/linux/debian/11/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + Debian Linux 11 network variables used by the Packer Plugin for VMware vSphere (vsphere-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens192" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} \ No newline at end of file From f188cd4b9982a174da5cc60e575d0b29258efaab Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:35:29 -0500 Subject: [PATCH 18/72] feat: moved network config to template and added var to install additional packages --- builds/linux/debian/12/data/preseed.pkrtpl.hcl | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/builds/linux/debian/12/data/preseed.pkrtpl.hcl b/builds/linux/debian/12/data/preseed.pkrtpl.hcl index dfd0941..9b06149 100644 --- a/builds/linux/debian/12/data/preseed.pkrtpl.hcl +++ b/builds/linux/debian/12/data/preseed.pkrtpl.hcl @@ -23,10 +23,7 @@ d-i grub-installer/only_debian boolean true ${storage} # Network configuration -d-i netcfg/choose_interface select auto -d-i netcfg/get_hostname string unassigned-hostname -d-i netcfg/get_domain string unassigned-domain - +${network} ### Apt setup # Choose, if you want to scan additional installation media @@ -63,7 +60,7 @@ d-i passwd/user-password-crypted password ${build_password_encrypted} # Package Configuration d-i pkgsel/run_tasksel boolean false -d-i pkgsel/include string openssh-server qemu-guest-agent python3 +d-i pkgsel/include string openssh-server qemu-guest-agent python3-apt ${additional_packages} # You can choose, if your system will report back on what software you have # installed, and what software you use. The default is not to report back, From 9db794b14634a2d01dbf4577eac22da1e148271e Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:36:09 -0500 Subject: [PATCH 19/72] feat: add clout-init var and set vm_bios to ovmf as default --- builds/linux/debian/12/linux-debian.auto.pkrvars.hcl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/builds/linux/debian/12/linux-debian.auto.pkrvars.hcl b/builds/linux/debian/12/linux-debian.auto.pkrvars.hcl index 99465a0..58035ee 100644 --- a/builds/linux/debian/12/linux-debian.auto.pkrvars.hcl +++ b/builds/linux/debian/12/linux-debian.auto.pkrvars.hcl @@ -13,9 +13,10 @@ vm_os_version = "12" // Virtual Machine Guest Operating System Setting vm_os_type = "l26" +vm_cloudinit = true // Virtual Machine Hardware Settings -vm_bios = "seabios" +vm_bios = "ovmf" vm_cpu_count = 1 vm_cpu_sockets = 1 vm_cpu_type = "kvm64" From f812fefba54372cf9eb87506b7551c8505a1597a Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:36:57 -0500 Subject: [PATCH 20/72] feat: reworked cloud-init, UEFI boot, and ansible provisioner --- builds/linux/debian/12/linux-debian.pkr.hcl | 96 +++++++++++++++------ 1 file changed, 71 insertions(+), 25 deletions(-) diff --git a/builds/linux/debian/12/linux-debian.pkr.hcl b/builds/linux/debian/12/linux-debian.pkr.hcl index abda7a0..6c300af 100644 --- a/builds/linux/debian/12/linux-debian.pkr.hcl +++ b/builds/linux/debian/12/linux-debian.pkr.hcl @@ -32,11 +32,53 @@ data "git-repository" "cwd" {} // BLOCK: locals // Defines the local variables. -locals { +locals { + + bios_boot_command = [ + "", + "/install.amd/vmlinuz ", + "initrd=/install.amd/initrd.gz ", + "auto=true ", + "${local.data_source_command} ", +// "hostname=${var.vm_os_name}-${var.vm_os_version} ", + "netcfg/get_hostname=debian netcfg/get_domain=example.com ", + "interface=auto ", + "vga=788 noprompt quiet --" + ] + + uefi_boot_command = [ + // This waits for 3 seconds, sends the "c" key, and then waits for another 3 seconds. In the GRUB boot loader, this is used to enter command line mode. + "c", + // This types a command to load the Linux kernel from the specified path. + "linux /install.amd/vmlinuz", + // This types a string that sets the auto-install/enable option to true. This is used to automate the installation process. + " auto-install/enable=true", + // This types a string that sets the debconf/priority option to critical. This is used to minimize the number of questions asked during the installation process. + " debconf/priority=critical", + // This types the value of the 'data_source_command' local variable. This is used to specify the kickstart data source configured in the common variables. + " ${local.data_source_command}", + // This types a string that sets the noprompt option and then sends the "enter" key. This is used to prevent the installer from pausing for user input. + " noprompt --", + // This types a command to load the initial RAM disk from the specified path and then sends the "enter" key. + "initrd /install.amd/initrd.gz", + // This types the "boot" command and then sends the "enter" key. This starts the boot process using the loaded kernel and initial RAM disk. + "boot", + // This waits for 30 seconds. This is typically used to give the system time to boot before sending more commands. + "", + // This sends the "enter" key and then waits. This is typically used to dismiss any prompts or messages that appear during boot. + "", + // This sends the "enter" key and then waits. This is typically used to dismiss any prompts or messages that appear during boot. + "", + // This types the value of the `mount_cdrom` local variable. This is typically used to mount the installation media. + " ${local.mount_cdrom}", + // This sends four "down arrow" keys and then the "enter" key. This is typically used to select a specific option in a menu. + "" + ] + build_by = "Built by: HashiCorp Packer ${packer.version}" build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) build_version = data.git-repository.cwd.head - build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) manifest_path = "${path.cwd}/manifests/" @@ -51,6 +93,13 @@ locals { vm_os_keyboard = var.vm_os_keyboard vm_os_timezone = var.vm_os_timezone common_data_source = var.common_data_source + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_network_device + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) # lvm needs to be here so late commands can access vg names lvm = var.vm_disk_lvm storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { @@ -60,10 +109,14 @@ locals { lvm = var.vm_disk_lvm vm_bios = var.vm_bios }) + additional_packages = join(" ", var.additional_packages) }) } data_source_command = var.common_data_source == "http" ? "url=http://{{.HTTPIP}}:{{.HTTPPort}}/preseed.cfg" : "file=/media/preseed.cfg" + mount_cdrom_command = " mount /dev/sr1 /media " + mount_cdrom = var.common_data_source == "http" ? " " : local.mount_cdrom_command vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null } @@ -128,17 +181,7 @@ source "proxmox-iso" "debian" { http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null boot = var.vm_boot boot_wait = var.vm_boot_wait - boot_command = [ - "", - "/install.amd/vmlinuz ", - "initrd=/install.amd/initrd.gz ", - "auto=true ", - "${local.data_source_command} ", -// "hostname=${var.vm_os_name}-${var.vm_os_version} ", - "netcfg/get_hostname=debian netcfg/get_domain=example.com ", - "interface=auto ", - "vga=788 noprompt quiet --" - ] + boot_command = local.boot_command dynamic "additional_iso_files" { for_each = var.common_data_source == "disk" ? [1] : [] @@ -153,8 +196,8 @@ source "proxmox-iso" "debian" { template_description = "${local.build_description}" # VM Cloud Init Settings - cloud_init = var.vm_cloud_init_enable - cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null } @@ -163,19 +206,22 @@ build { sources = ["source.proxmox-iso.debian"] provisioner "ansible" { - user = "${var.build_username}" - playbook_file = "${path.cwd}/ansible/main.yml" - roles_path = "${path.cwd}/ansible/roles" + user = var.build_username + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" ansible_env_vars = [ - "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3" ] extra_arguments = [ "--extra-vars", "display_skipped_hosts=false", - "--extra-vars", "BUILD_USERNAME=${var.build_username}", - "--extra-vars", "BUILD_SECRET='${var.build_key}'", - "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", - "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", - "--extra-vars", "cloud_init='${var.vm_cloud_init_enable}'", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", ] } @@ -196,7 +242,7 @@ build { vm_os_type = "${var.vm_os_type}" vm_mem_size = "${var.vm_mem_size}" vm_network_card_model = "${var.vm_network_card_model}" - vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + vm_cloudinit = "${var.vm_cloudinit}" } } } From 241822c93d05e0e54998c6b3ec39e5e2b2397e2f Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:37:43 -0500 Subject: [PATCH 21/72] feat: changed cloud-init and added additional_packages var --- builds/linux/debian/12/variables.pkr.hcl | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/builds/linux/debian/12/variables.pkr.hcl b/builds/linux/debian/12/variables.pkr.hcl index 1a3718d..f5be19a 100644 --- a/builds/linux/debian/12/variables.pkr.hcl +++ b/builds/linux/debian/12/variables.pkr.hcl @@ -171,7 +171,7 @@ variable "vm_vlan_tag" { // Cloud-Init Settings -variable "vm_cloud_init_enable" { +variable "vm_cloudinit" { type = bool description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" default = false @@ -295,3 +295,10 @@ variable "common_hcp_packer_registry_enabled" { default = false } +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} \ No newline at end of file From 41c45ef133d998c31c7c8cd959f664edb66525e6 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:38:30 -0500 Subject: [PATCH 22/72] feat: added network preseed template and vars file --- .../linux/debian/12/data/network.pkrtpl.hcl | 9 +++++ .../linux/debian/12/variables-network.pkr.hcl | 36 +++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 builds/linux/debian/12/data/network.pkrtpl.hcl create mode 100644 builds/linux/debian/12/variables-network.pkr.hcl diff --git a/builds/linux/debian/12/data/network.pkrtpl.hcl b/builds/linux/debian/12/data/network.pkrtpl.hcl new file mode 100644 index 0000000..fe4c0c9 --- /dev/null +++ b/builds/linux/debian/12/data/network.pkrtpl.hcl @@ -0,0 +1,9 @@ +d-i netcfg/choose_interface select ${device} +%{ if ip != null ~} +d-i netcfg/disable_autoconfig boolean true +d-i netcfg/get_ipaddress string ${ip} +d-i netcfg/get_netmask string ${cidrnetmask("${ip}/${netmask}")} +d-i netcfg/get_gateway string ${gateway} +d-i netcfg/get_nameservers string ${join(" ", dns)} +d-i netcfg/confirm_static boolean true +%{ endif ~} \ No newline at end of file diff --git a/builds/linux/debian/12/variables-network.pkr.hcl b/builds/linux/debian/12/variables-network.pkr.hcl new file mode 100644 index 0000000..d2d6996 --- /dev/null +++ b/builds/linux/debian/12/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + Debian Linux 11 network variables used by the Packer Plugin for VMware vSphere (vsphere-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens192" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} \ No newline at end of file From 651a9a022318b1ccd451df7d05d7a2c370c45df2 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:41:51 -0500 Subject: [PATCH 23/72] feat: rocky 8 updates --- .../rocky/8/linux-rocky.auto.pkrvars.hcl | 3 +- builds/linux/rocky/8/linux-rocky.pkr.hcl | 59 +++++++++++++------ builds/linux/rocky/8/variables.pkr.hcl | 2 +- 3 files changed, 44 insertions(+), 20 deletions(-) diff --git a/builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl b/builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl index 8d649e6..028700f 100644 --- a/builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl +++ b/builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl @@ -13,9 +13,10 @@ vm_os_version = "8" // Virtual Machine Guest Operating System Setting vm_os_type = "l26" +vm_cloudinit = true // Virtual Machine Hardware Settings -vm_bios = "seabios" +vm_bios = "ovmf" vm_cpu_count = 1 vm_cpu_sockets = 1 vm_cpu_type = "kvm64" diff --git a/builds/linux/rocky/8/linux-rocky.pkr.hcl b/builds/linux/rocky/8/linux-rocky.pkr.hcl index 9a21856..9f93bcc 100644 --- a/builds/linux/rocky/8/linux-rocky.pkr.hcl +++ b/builds/linux/rocky/8/linux-rocky.pkr.hcl @@ -33,10 +33,32 @@ data "git-repository" "cwd" {} // Defines the local variables. locals { + + bios_boot_command = [ + "", + "", + " text ${local.data_source_command}", + "" + ] + + uefi_boot_command = [ + // This sends the "up arrow" key, typically used to navigate through boot menu options. + "", + // This sends the "e" key. In the GRUB boot loader, this is used to edit the selected boot menu option. + "e", + // This sends two "down arrow" keys, followed by the "end" key, and then waits. This is used to navigate to a specific line in the boot menu option's configuration. + "", + // This types the string "text" followed by the value of the 'data_source_command' local variable. + // This is used to modify the boot menu option's configuration to boot in text mode and specify the kickstart data source configured in the common variables. + "text ${local.data_source_command}", + // This sends the "enter" key, waits, turns on the left control key, sends the "x" key, and then turns off the left control key. This is used to save the changes and exit the boot menu option's configuration, and then continue the boot process. + "x" + ] + build_by = "Built by: HashiCorp Packer ${packer.version}" build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) build_version = data.git-repository.cwd.head - build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) manifest_path = "${path.cwd}/manifests/" @@ -50,6 +72,7 @@ locals { vm_os_language = var.vm_os_language vm_os_keyboard = var.vm_os_keyboard vm_os_timezone = var.vm_os_timezone + vm_cloudinit = var.vm_cloudinit network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { device = var.vm_bridge_interface ip = var.vm_ip_address @@ -72,6 +95,7 @@ locals { } data_source_command = var.common_data_source == "http" ? "inst.ks=http://{{.HTTPIP}}:{{.HTTPPort}}/ks.cfg" : "inst.ks=/cdrom/ks.cfg" vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null } @@ -136,12 +160,7 @@ source "proxmox-iso" "linux-rocky" { http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null boot = var.vm_boot boot_wait = var.vm_boot_wait - boot_command = [ - "", - "", - " text ${local.data_source_command}", - "" - ] + boot_command = local.boot_command dynamic "additional_iso_files" { for_each = var.common_data_source == "disk" ? [1] : [] @@ -156,8 +175,8 @@ source "proxmox-iso" "linux-rocky" { template_description = "${local.build_description}" # VM Cloud Init Settings - cloud_init = var.vm_cloud_init_enable - cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null } @@ -166,18 +185,22 @@ build { sources = ["source.proxmox-iso.linux-rocky"] provisioner "ansible" { - user = "${var.build_username}" - playbook_file = "${path.cwd}/ansible/main.yml" - roles_path = "${path.cwd}/ansible/roles" + user = "${var.build_username}" + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" ansible_env_vars = [ - "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/libexec/platform-python" ] extra_arguments = [ "--extra-vars", "display_skipped_hosts=false", - "--extra-vars", "BUILD_USERNAME=${var.build_username}", - "--extra-vars", "BUILD_SECRET='${var.build_key}'", - "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", - "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", ] } @@ -198,7 +221,7 @@ build { vm_os_type = "${var.vm_os_type}" vm_mem_size = "${var.vm_mem_size}" vm_network_card_model = "${var.vm_network_card_model}" - vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + vm_cloud_init_enable = "${var.vm_cloudinit}" } } } diff --git a/builds/linux/rocky/8/variables.pkr.hcl b/builds/linux/rocky/8/variables.pkr.hcl index ded878b..0812cad 100644 --- a/builds/linux/rocky/8/variables.pkr.hcl +++ b/builds/linux/rocky/8/variables.pkr.hcl @@ -171,7 +171,7 @@ variable "vm_vlan_tag" { // Cloud-Init Settings -variable "vm_cloud_init_enable" { +variable "vm_cloudinit" { type = bool description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" default = false From 80b9360d05269d5092f70d3702557f8a0318af00 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:43:05 -0500 Subject: [PATCH 24/72] feat: rocky 9 updates --- builds/linux/rocky/9/data/storage.pkrtpl.hcl | 2 +- .../rocky/9/linux-rocky.auto.pkrvars.hcl | 3 +- builds/linux/rocky/9/linux-rocky.pkr.hcl | 59 +++++++++++++------ builds/linux/rocky/9/variables.pkr.hcl | 2 +- 4 files changed, 45 insertions(+), 21 deletions(-) diff --git a/builds/linux/rocky/9/data/storage.pkrtpl.hcl b/builds/linux/rocky/9/data/storage.pkrtpl.hcl index 2ec0342..b35af89 100644 --- a/builds/linux/rocky/9/data/storage.pkrtpl.hcl +++ b/builds/linux/rocky/9/data/storage.pkrtpl.hcl @@ -70,4 +70,4 @@ logvol %{ endif ~} %{ endfor ~} -%{ endfor ~} +%{ endfor ~} \ No newline at end of file diff --git a/builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl b/builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl index d4c34a4..06c6d33 100644 --- a/builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl +++ b/builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl @@ -13,9 +13,10 @@ vm_os_version = "9" // Virtual Machine Guest Operating System Setting vm_os_type = "l26" +vm_cloudinit = true // Virtual Machine Hardware Settings -vm_bios = "seabios" +vm_bios = "ovmf" vm_cpu_count = 1 vm_cpu_sockets = 1 vm_cpu_type = "x86-64-v2-AES" diff --git a/builds/linux/rocky/9/linux-rocky.pkr.hcl b/builds/linux/rocky/9/linux-rocky.pkr.hcl index 731ea55..4c9b15d 100644 --- a/builds/linux/rocky/9/linux-rocky.pkr.hcl +++ b/builds/linux/rocky/9/linux-rocky.pkr.hcl @@ -33,10 +33,32 @@ data "git-repository" "cwd" {} // Defines the local variables. locals { + + bios_boot_command = [ + "", + "", + " text ${local.data_source_command}", + "" + ] + + uefi_boot_command = [ + // This sends the "up arrow" key, typically used to navigate through boot menu options. + "", + // This sends the "e" key. In the GRUB boot loader, this is used to edit the selected boot menu option. + "e", + // This sends two "down arrow" keys, followed by the "end" key, and then waits. This is used to navigate to a specific line in the boot menu option's configuration. + "", + // This types the string "text" followed by the value of the 'data_source_command' local variable. + // This is used to modify the boot menu option's configuration to boot in text mode and specify the kickstart data source configured in the common variables. + "text ${local.data_source_command}", + // This sends the "enter" key, waits, turns on the left control key, sends the "x" key, and then turns off the left control key. This is used to save the changes and exit the boot menu option's configuration, and then continue the boot process. + "x" + ] + build_by = "Built by: HashiCorp Packer ${packer.version}" build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) build_version = data.git-repository.cwd.head - build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) manifest_path = "${path.cwd}/manifests/" @@ -50,6 +72,7 @@ locals { vm_os_language = var.vm_os_language vm_os_keyboard = var.vm_os_keyboard vm_os_timezone = var.vm_os_timezone + vm_cloudinit = var.vm_cloudinit network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { device = var.vm_bridge_interface ip = var.vm_ip_address @@ -72,6 +95,7 @@ locals { } data_source_command = var.common_data_source == "http" ? "inst.ks=http://{{.HTTPIP}}:{{.HTTPPort}}/ks.cfg" : "inst.ks=/cdrom/ks.cfg" vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null } @@ -136,12 +160,7 @@ source "proxmox-iso" "linux-rocky" { http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null boot = var.vm_boot boot_wait = var.vm_boot_wait - boot_command = [ - "", - "", - " text ${local.data_source_command}", - "" - ] + boot_command = local.boot_command dynamic "additional_iso_files" { for_each = var.common_data_source == "disk" ? [1] : [] @@ -156,8 +175,8 @@ source "proxmox-iso" "linux-rocky" { template_description = "${local.build_description}" # VM Cloud Init Settings - cloud_init = var.vm_cloud_init_enable - cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null } @@ -166,18 +185,22 @@ build { sources = ["source.proxmox-iso.linux-rocky"] provisioner "ansible" { - user = "${var.build_username}" - playbook_file = "${path.cwd}/ansible/main.yml" - roles_path = "${path.cwd}/ansible/roles" + user = "${var.build_username}" + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" ansible_env_vars = [ - "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/libexec/platform-python" ] extra_arguments = [ "--extra-vars", "display_skipped_hosts=false", - "--extra-vars", "BUILD_USERNAME=${var.build_username}", - "--extra-vars", "BUILD_SECRET='${var.build_key}'", - "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", - "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", ] } @@ -198,7 +221,7 @@ build { vm_os_type = "${var.vm_os_type}" vm_mem_size = "${var.vm_mem_size}" vm_network_card_model = "${var.vm_network_card_model}" - vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + vm_cloud_init_enable = "${var.vm_cloudinit}" } } } diff --git a/builds/linux/rocky/9/variables.pkr.hcl b/builds/linux/rocky/9/variables.pkr.hcl index 15810aa..12a2164 100644 --- a/builds/linux/rocky/9/variables.pkr.hcl +++ b/builds/linux/rocky/9/variables.pkr.hcl @@ -171,7 +171,7 @@ variable "vm_vlan_tag" { // Cloud-Init Settings -variable "vm_cloud_init_enable" { +variable "vm_cloudinit" { type = bool description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" default = false From 324b7233e94c4357bcc699aff9326a48add31faa Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:44:08 -0500 Subject: [PATCH 25/72] fix: removed hardcoded network interface --- builds/linux/opensuse/leap-15-5/data/autoinst.pkrtpl.hcl | 7 ------- 1 file changed, 7 deletions(-) diff --git a/builds/linux/opensuse/leap-15-5/data/autoinst.pkrtpl.hcl b/builds/linux/opensuse/leap-15-5/data/autoinst.pkrtpl.hcl index 8506552..fa5c491 100644 --- a/builds/linux/opensuse/leap-15-5/data/autoinst.pkrtpl.hcl +++ b/builds/linux/opensuse/leap-15-5/data/autoinst.pkrtpl.hcl @@ -472,13 +472,6 @@ true true false - - - eth0 - ATTR{address} - bc:24:11:b0:93:4b - - false false From af0f77bc6a6b4fc7ec75c41f198da1d7efdb8bb5 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:44:40 -0500 Subject: [PATCH 26/72] feat: add cloud-init var --- .../opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl | 1 + 1 file changed, 1 insertion(+) diff --git a/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl b/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl index 96da63c..e22afb6 100644 --- a/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl +++ b/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl @@ -13,6 +13,7 @@ vm_os_version = "15.5" // Virtual Machine Guest Operating System Setting vm_os_type = "l26" +vm_cloudinit = true // Virtual Machine Hardware Settings vm_bios = "seabios" From ab445dd2b75bac490bc24f5b7009b2338599e951 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:45:46 -0500 Subject: [PATCH 27/72] feat: renamed cloud-init var and added var for additional packages --- builds/linux/opensuse/leap-15-5/variables.pkr.hcl | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/builds/linux/opensuse/leap-15-5/variables.pkr.hcl b/builds/linux/opensuse/leap-15-5/variables.pkr.hcl index 69b0210..308258f 100644 --- a/builds/linux/opensuse/leap-15-5/variables.pkr.hcl +++ b/builds/linux/opensuse/leap-15-5/variables.pkr.hcl @@ -171,7 +171,7 @@ variable "vm_vlan_tag" { // Cloud-Init Settings -variable "vm_cloud_init_enable" { +variable "vm_cloudinit" { type = bool description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" default = false @@ -295,3 +295,10 @@ variable "common_hcp_packer_registry_enabled" { default = false } +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} \ No newline at end of file From 2441ef2ebf675b7565adb5fc2e98d90d3f518300 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:47:36 -0500 Subject: [PATCH 28/72] fix: change where grub_device gets defined, add partition for BIOS builds, change conditional for BIOS builds --- .../ubuntu/20-04-lts/data/storage.pkrtpl.hcl | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/builds/linux/ubuntu/20-04-lts/data/storage.pkrtpl.hcl b/builds/linux/ubuntu/20-04-lts/data/storage.pkrtpl.hcl index 07a1371..b8758a0 100644 --- a/builds/linux/ubuntu/20-04-lts/data/storage.pkrtpl.hcl +++ b/builds/linux/ubuntu/20-04-lts/data/storage.pkrtpl.hcl @@ -21,16 +21,21 @@ path: /dev/${device} wipe: superblock preserve: false - name: '' -%{ if vm_bios == "ovmf" ~} - grub_device: false -%{ endif ~} %{ if vm_bios == "seabios" ~} grub_device: true %{ endif ~} type: disk id: disk-${device} -# BIOS boot partition +%{if vm_bios == "seabios" ~} + - device: disk-${device} + size: 1M + flag: bios_grub + number: 1 + preserve: false + type: partition + id: partition-grub +%{ endif ~} + %{ for index, partition in partitions ~} - device: disk-${device} %{ if partition.size != -1 ~} @@ -40,7 +45,7 @@ %{ endif ~} wipe: superblock preserve: false -%{ if partition.name == "bios_grub" && vm_bios == "seabios" && index == 0 ~} +%{ if partition.mount.path == "/boot" && vm_bios == "seabios" && index == 0 ~} flag: bios_grub grub_device: false %{ endif ~} @@ -57,7 +62,6 @@ label: ${partition.format.label} fstype: ${partition.format.fstype} %{ endif ~} -# Don't create a mount for the GRUB partition when using BIOS %{ if partition.volume_group == "" && partition.name != "bios_grub" ~} - id: mount-${partition.name} type: mount From cfef5d832b8d4736111c5f5866ab8cc4e5ec5d7e Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:49:10 -0500 Subject: [PATCH 29/72] feat: moved network to separate template, additional packages loop, fixed qemu-guest-agent install --- .../linux/ubuntu/20-04-lts/data/user-data.pkrtpl.hcl | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/builds/linux/ubuntu/20-04-lts/data/user-data.pkrtpl.hcl b/builds/linux/ubuntu/20-04-lts/data/user-data.pkrtpl.hcl index 470a254..a279f75 100644 --- a/builds/linux/ubuntu/20-04-lts/data/user-data.pkrtpl.hcl +++ b/builds/linux/ubuntu/20-04-lts/data/user-data.pkrtpl.hcl @@ -9,12 +9,11 @@ autoinstall: uri: http://archive.ubuntu.com/ubuntu - arches: [default] uri: http://ports.ubuntu.com/ubuntu-ports - early-commands: - - sudo systemctl stop ssh locale: ${vm_os_language} keyboard: layout: ${vm_os_keyboard} -${storage} +${storage} +${network} identity: hostname: ubuntu-server username: ${build_username} @@ -24,8 +23,10 @@ ${storage} allow-pw: true packages: - openssh-server - - qemu-guest-agent - cloud-init +%{ for package in additional_packages ~} + - ${package} +%{ endfor ~} user-data: disable_root: false timezone: ${vm_os_timezone} @@ -33,3 +34,5 @@ ${storage} - sed -i -e 's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g' /target/etc/ssh/sshd_config - echo '${build_username} ALL=(ALL) NOPASSWD:ALL' > /target/etc/sudoers.d/${build_username} - curtin in-target --target=/target -- chmod 440 /etc/sudoers.d/${build_username} + - curtin in-target -- apt-get update + - curtin in-target -- apt-get install qemu-guest-agent From 6e1aed04085339601c3f216a90132e40e67afdb4 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:50:34 -0500 Subject: [PATCH 30/72] feat: added cloud-init var, changed vm_bios to ovmf as default, updated ISO image --- .../linux/ubuntu/20-04-lts/linux-ubuntu.auto.pkrvars.hcl | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/builds/linux/ubuntu/20-04-lts/linux-ubuntu.auto.pkrvars.hcl b/builds/linux/ubuntu/20-04-lts/linux-ubuntu.auto.pkrvars.hcl index accd9e9..e5156d7 100644 --- a/builds/linux/ubuntu/20-04-lts/linux-ubuntu.auto.pkrvars.hcl +++ b/builds/linux/ubuntu/20-04-lts/linux-ubuntu.auto.pkrvars.hcl @@ -13,9 +13,10 @@ vm_os_version = "20.04-lts" // Virtual Machine Guest Operating System Setting vm_os_type = "l26" +vm_cloudinit = false // Virtual Machine Hardware Settings -vm_bios = "seabios" +vm_bios = "ovmf" vm_cpu_count = 1 vm_cpu_sockets = 1 vm_cpu_type = "kvm64" @@ -31,8 +32,8 @@ vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" -iso_file = "ubuntu-20.04-live-server-amd64.iso" -iso_checksum = "caf3fd69c77c439f162e2ba6040e9c320c4ff0d69aad1340a514319a9264df9f" +iso_file = "ubuntu-20.04.6-live-server-amd64.iso" +iso_checksum = "file:https://releases.ubuntu.com/focal/SHA256SUMS" // Boot Settings vm_boot = "order=virtio0;ide2;net0" From d9b16250f9f9ec481ef2a5929598559ce5a5782a Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:51:45 -0500 Subject: [PATCH 31/72] feat: changed cloud-init vars, added in UEFI boot command, reworked ansible provisioner --- .../ubuntu/20-04-lts/linux-ubuntu.pkr.hcl | 86 +++++++++++++------ 1 file changed, 60 insertions(+), 26 deletions(-) diff --git a/builds/linux/ubuntu/20-04-lts/linux-ubuntu.pkr.hcl b/builds/linux/ubuntu/20-04-lts/linux-ubuntu.pkr.hcl index 63d4e84..6d9d781 100644 --- a/builds/linux/ubuntu/20-04-lts/linux-ubuntu.pkr.hcl +++ b/builds/linux/ubuntu/20-04-lts/linux-ubuntu.pkr.hcl @@ -33,10 +33,40 @@ data "git-repository" "cwd" {} // Defines the local variables. locals { + bios_boot_command = [ + "", + "", + "/casper/vmlinuz ", + "root=/dev/sr0 ", + "initrd=/casper/initrd ", + "autoinstall ", + "${local.data_source_command}", + "" + ] + uefi_boot_command = [ + // This waits for 3 seconds, sends the "c" key, and then waits for another 3 seconds. In the GRUB boot loader, this is used to enter command line mode. + "", + // This types a command to load the Linux kernel fromthe specified path with the 'autoinstall' option and the value of the 'data_source_command' local variable. + // The 'autoinstall' option is used to automate the installation process. + // The 'data_source_command' local variable is used to specify the kickstart data source configured in the common variables. + "linux /casper/vmlinuz autoinstall ${local.data_source_command} ---", + // This sends the "enter" key and then waits. This is typically used to execute the command and give the system time to process it. + "", + // This types a command to load the initial RAM disk from the specified path. + "initrd /casper/initrd", + // This sends the "enter" key and then waits. This is typically used to execute the command and give the system time to process it. + "", + // This types the "boot" command. This starts the boot process using the loaded kernel and initial RAM disk. + "boot", + // This sends the "enter" key. This is typically used to execute the command. + "" + ] build_by = "Built by: HashiCorp Packer ${packer.version}" build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) build_version = data.git-repository.cwd.head - build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" + # For some reason 20.04 doesn't like quotes in the boot commands for BIOS machines + http_command = var.vm_bios == "ovmf" ? "ds=\"nocloud-net;seedfrom=http://{{.HTTPIP}}:{{.HTTPPort}}/\"" : "ds=nocloud-net;seedfrom=http://{{.HTTPIP}}:{{.HTTPPort}}/" vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) manifest_path = "${path.cwd}/manifests/" @@ -51,6 +81,14 @@ locals { vm_os_language = var.vm_os_language vm_os_keyboard = var.vm_os_keyboard vm_os_timezone = var.vm_os_timezone + + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_network_device + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { device = var.vm_disk_device swap = var.vm_disk_use_swap @@ -58,11 +96,13 @@ locals { lvm = var.vm_disk_lvm vm_bios = var.vm_bios }) + additional_packages = var.additional_packages }) } - # For some reason 20.04 doesn't like quotes in the boot commands - data_source_command = var.common_data_source == "http" ? "ds=nocloud-net;seedfrom=http://{{.HTTPIP}}:{{.HTTPPort}}/" : "ds=nocloud" - vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + + data_source_command = var.common_data_source == "http" ? "${local.http_command}" : "ds=nocloud" + vm_name = var.vm_cloudinit == false ? "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" : "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}-cloud-init" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null } @@ -127,16 +167,7 @@ source "proxmox-iso" "ubuntu" { http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null boot = var.vm_boot boot_wait = var.vm_boot_wait - boot_command = [ - "", - "", - "/casper/vmlinuz ", - "root=/dev/sr0 ", - "initrd=/casper/initrd ", - "autoinstall ", - "${local.data_source_command}", - "" - ] + boot_command = local.boot_command dynamic "additional_iso_files" { for_each = var.common_data_source == "disk" ? [1] : [] @@ -151,8 +182,8 @@ source "proxmox-iso" "ubuntu" { template_description = "${local.build_description}" # VM Cloud Init Settings - cloud_init = var.vm_cloud_init_enable - cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null } @@ -161,19 +192,22 @@ build { sources = ["source.proxmox-iso.ubuntu"] provisioner "ansible" { - user = "${var.build_username}" - playbook_file = "${path.cwd}/ansible/main.yml" - roles_path = "${path.cwd}/ansible/roles" + user = var.build_username + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" ansible_env_vars = [ - "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3" ] extra_arguments = [ "--extra-vars", "display_skipped_hosts=false", - "--extra-vars", "BUILD_USERNAME=${var.build_username}", - "--extra-vars", "BUILD_SECRET='${var.build_key}'", - "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", - "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", - "--extra-vars", "cloud_init='${var.vm_cloud_init_enable}'", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", ] } @@ -194,7 +228,7 @@ build { vm_os_type = "${var.vm_os_type}" vm_mem_size = "${var.vm_mem_size}" vm_network_card_model = "${var.vm_network_card_model}" - vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + vm_cloudinit = "${var.vm_cloudinit}" } } } From 76f79e8678cbe88f79e7cec5d2820627f2fe8a20 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:52:19 -0500 Subject: [PATCH 32/72] feat: renamed cloud-init var and added var for additional packages --- builds/linux/ubuntu/20-04-lts/variables.pkr.hcl | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/builds/linux/ubuntu/20-04-lts/variables.pkr.hcl b/builds/linux/ubuntu/20-04-lts/variables.pkr.hcl index c3548f5..6d1cf3e 100644 --- a/builds/linux/ubuntu/20-04-lts/variables.pkr.hcl +++ b/builds/linux/ubuntu/20-04-lts/variables.pkr.hcl @@ -171,7 +171,7 @@ variable "vm_vlan_tag" { // Cloud-Init Settings -variable "vm_cloud_init_enable" { +variable "vm_cloudinit" { type = bool description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" default = false @@ -295,3 +295,10 @@ variable "common_hcp_packer_registry_enabled" { default = false } +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} \ No newline at end of file From a3181105ba48c03940acee5bfa6f16f4eeb288fd Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 29 Jun 2024 10:53:12 -0500 Subject: [PATCH 33/72] feat: added network template and vars file --- .../ubuntu/20-04-lts/data/network.pkrtpl.hcl | 19 ++++++++++ .../20-04-lts/variables-network.pkr.hcl | 36 +++++++++++++++++++ 2 files changed, 55 insertions(+) create mode 100644 builds/linux/ubuntu/20-04-lts/data/network.pkrtpl.hcl create mode 100644 builds/linux/ubuntu/20-04-lts/variables-network.pkr.hcl diff --git a/builds/linux/ubuntu/20-04-lts/data/network.pkrtpl.hcl b/builds/linux/ubuntu/20-04-lts/data/network.pkrtpl.hcl new file mode 100644 index 0000000..7a05956 --- /dev/null +++ b/builds/linux/ubuntu/20-04-lts/data/network.pkrtpl.hcl @@ -0,0 +1,19 @@ + network: + network: + version: 2 + ethernets: +%{ if ip != null ~} + ${device}: + dhcp4: false + addresses: + - ${ip}/${netmask} + gateway4: ${gateway} + nameservers: + addresses: +%{ for item in dns ~} + - ${item} +%{ endfor ~} +%{ else ~} + ${device}: + dhcp4: true +%{ endif ~} diff --git a/builds/linux/ubuntu/20-04-lts/variables-network.pkr.hcl b/builds/linux/ubuntu/20-04-lts/variables-network.pkr.hcl new file mode 100644 index 0000000..1761446 --- /dev/null +++ b/builds/linux/ubuntu/20-04-lts/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + Debian Linux 11 network variables used by the Packer Plugin for VMware vSphere (vsphere-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens18" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} \ No newline at end of file From c7ea82e32dd664b51630720f64845cceb26210c5 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 1 Jul 2024 16:34:08 -0500 Subject: [PATCH 34/72] remove unused variable --- builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl | 1 - 1 file changed, 1 deletion(-) diff --git a/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl b/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl index e06404b..e785e30 100644 --- a/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl +++ b/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl @@ -72,7 +72,6 @@ locals { vm_os_language = var.vm_os_language vm_os_keyboard = var.vm_os_keyboard vm_os_timezone = var.vm_os_timezone - vm_cloudinit = var.vm_cloudinit network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { device = var.vm_bridge_interface ip = var.vm_ip_address From 844fa6bff82a2e479c196e272c446ed6f1a2abab Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 1 Jul 2024 16:36:14 -0500 Subject: [PATCH 35/72] removed repo and templated network config --- .../leap-15-5/data/autoinst.pkrtpl.hcl | 37 +------------- .../leap-15-5/data/network.pkrtpl.hcl | 50 +++++++++++++++++++ 2 files changed, 52 insertions(+), 35 deletions(-) create mode 100644 builds/linux/opensuse/leap-15-5/data/network.pkrtpl.hcl diff --git a/builds/linux/opensuse/leap-15-5/data/autoinst.pkrtpl.hcl b/builds/linux/opensuse/leap-15-5/data/autoinst.pkrtpl.hcl index fa5c491..6f08fab 100644 --- a/builds/linux/opensuse/leap-15-5/data/autoinst.pkrtpl.hcl +++ b/builds/linux/opensuse/leap-15-5/data/autoinst.pkrtpl.hcl @@ -17,13 +17,6 @@ 99 / - - repo-openh264 - http://codecs.opensuse.org/openh264/openSUSE_Leap/ - Open H.264 Codec (openSUSE Leap) - 99 - - repo-sle-update http://download.opensuse.org/update/leap/15.5/sle/ @@ -54,14 +47,13 @@ auto false true - true + false gfxterm 8 false true vga=gfx-1024x768x16 - grub2 false @@ -451,32 +443,7 @@ - - - - AUTO - - - true - localhost - auto - - - - dhcp - eth0 - auto - public - - - true - true - false - - false - false - - +${network} auto diff --git a/builds/linux/opensuse/leap-15-5/data/network.pkrtpl.hcl b/builds/linux/opensuse/leap-15-5/data/network.pkrtpl.hcl new file mode 100644 index 0000000..5aac10a --- /dev/null +++ b/builds/linux/opensuse/leap-15-5/data/network.pkrtpl.hcl @@ -0,0 +1,50 @@ + + + + AUTO + + +%{ if ip != null ~} + +%{ for dns_server in dns ~} + ${dns_server} +%{ endfor ~} + +%{ else ~} + true + localhost +%{ endif ~} + auto + + + +%{ if ip != null ~} + static + ${ip} + ${netmask} +%{ else ~} + dhcp +%{ endif ~} + eth0 + auto + public + + + true + true + false + + false + false +%{ if ip != null ~} + + + default + - + ${gateway} + - + + +%{ endif ~} + + \ No newline at end of file From 9f5dc1ceb08e95402e4f6c0f4dd2a44cedf7e3cb Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 1 Jul 2024 16:36:39 -0500 Subject: [PATCH 36/72] changed vm_bios to ovmf --- .../opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl b/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl index e22afb6..f4b0d23 100644 --- a/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl +++ b/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl @@ -16,7 +16,7 @@ vm_os_type = "l26" vm_cloudinit = true // Virtual Machine Hardware Settings -vm_bios = "seabios" +vm_bios = "ovmf" vm_cpu_count = 1 vm_cpu_sockets = 1 vm_cpu_type = "x86-64-v2-AES" From 4650163f33905c1196814e8c014346e5dfbbdd04 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 1 Jul 2024 16:37:58 -0500 Subject: [PATCH 37/72] feat: added UEFI support and templated network --- .../leap-15-5/linux-opensuse-leap.pkr.hcl | 79 +++++++++++++------ .../leap-15-5/variables-network.pkr.hcl | 36 +++++++++ 2 files changed, 90 insertions(+), 25 deletions(-) create mode 100644 builds/linux/opensuse/leap-15-5/variables-network.pkr.hcl diff --git a/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.pkr.hcl b/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.pkr.hcl index b506b35..89f7582 100644 --- a/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.pkr.hcl +++ b/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.pkr.hcl @@ -33,10 +33,37 @@ data "git-repository" "cwd" {} // Defines the local variables. locals { + + bios_boot_command = [ + "", + "linux ", + "biosdevname=0 ", + "net.ifnames=0 ", + "netdevice=eth0 ", + "netsetup=dhcp ", + "lang=en_US ", + "textmode=1 ", + "${local.data_source_command}", + "", + ] + + uefi_boot_command = [ + // This sends the "escape" key. In the GRUB boot loader, this is used to enter command line mode. + "", + // This sends the "e" key. In the GRUB boot loader, this is used to edit the selected boot menu option. + "e", + // This sends four "down arrow" keys and then the "end" key. This is used to navigate to a specific line in the boot menu option's configuration. + "", + // This types the value of the 'data_source_command' local variable. This is used to specify the kickstart data source configured in the common variables. + "${local.data_source_command}", + // This sends the "F10" key. In the GRUB boot loader, this is used to save the changes and exit the boot menu option's configuration, and then continue the boot process. + "" + ] + build_by = "Built by: HashiCorp Packer ${packer.version}" build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) build_version = data.git-repository.cwd.head - build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) manifest_path = "${path.cwd}/manifests/" @@ -50,9 +77,16 @@ locals { vm_os_language = var.vm_os_language vm_os_keyboard = var.vm_os_keyboard vm_os_timezone = var.vm_os_timezone + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_bridge_interface + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) common_data_source = var.common_data_source - # lvm needs to be here so late commands can access vg names - lvm = var.vm_disk_lvm + # vm_bios needs to be here to help determine the bootloader + vm_bios = var.vm_bios storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { device = var.vm_disk_device swap = var.vm_disk_use_swap @@ -60,10 +94,12 @@ locals { lvm = var.vm_disk_lvm vm_bios = var.vm_bios }) + additional_packages = var.additional_packages }) } - data_source_command = var.common_data_source == "http" ? "autoyast=http://{{ .HTTPIP }}:{{ .HTTPPort }}/autoinst.xml" : " netsetup=dhcp autoyast=device://sr1/autoinst.xml" + data_source_command = var.common_data_source == "http" ? " autoyast=http://{{ .HTTPIP }}:{{ .HTTPPort }}/autoinst.xml" : " netsetup=dhcp autoyast=device://sr1/autoinst.xml" vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null } @@ -128,18 +164,7 @@ source "proxmox-iso" "linux-opensuse-leap" { http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null boot = var.vm_boot boot_wait = var.vm_boot_wait - boot_command = [ - "", - "linux ", - "biosdevname=0 ", - "net.ifnames=0 ", - "netdevice=eth0 ", - "netsetup=dhcp ", - "lang=en_US ", - "textmode=1 ", - "${local.data_source_command}", - "", - ] + boot_command = local.boot_command dynamic "additional_iso_files" { for_each = var.common_data_source == "disk" ? [1] : [] @@ -154,8 +179,8 @@ source "proxmox-iso" "linux-opensuse-leap" { template_description = "${local.build_description}" # VM Cloud Init Settings - cloud_init = var.vm_cloud_init_enable - cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null } @@ -164,18 +189,22 @@ build { sources = ["source.proxmox-iso.linux-opensuse-leap"] provisioner "ansible" { - playbook_file = "${path.cwd}/ansible/main.yml" - roles_path = "${path.cwd}/ansible/roles" + user = "${var.build_username}" + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" ansible_env_vars = [ "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", "ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3" ] extra_arguments = [ "--extra-vars", "display_skipped_hosts=false", - "--extra-vars", "BUILD_USERNAME=${var.build_username}", - "--extra-vars", "BUILD_SECRET='${var.build_key}'", - "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", - "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", ] } @@ -196,7 +225,7 @@ build { vm_os_type = "${var.vm_os_type}" vm_mem_size = "${var.vm_mem_size}" vm_network_card_model = "${var.vm_network_card_model}" - vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + vm_cloudinit = "${var.vm_cloudinit}" } } } diff --git a/builds/linux/opensuse/leap-15-5/variables-network.pkr.hcl b/builds/linux/opensuse/leap-15-5/variables-network.pkr.hcl new file mode 100644 index 0000000..d2d6996 --- /dev/null +++ b/builds/linux/opensuse/leap-15-5/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + Debian Linux 11 network variables used by the Packer Plugin for VMware vSphere (vsphere-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens192" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} \ No newline at end of file From 05c333dcb96298cbbb83dae7614d79c3aaca0e03 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 1 Jul 2024 16:39:13 -0500 Subject: [PATCH 38/72] feat: templated storage config vs. static config --- .../leap-15-5/data/storage.pkrtpl.hcl | 120 +++++++++++------- 1 file changed, 72 insertions(+), 48 deletions(-) diff --git a/builds/linux/opensuse/leap-15-5/data/storage.pkrtpl.hcl b/builds/linux/opensuse/leap-15-5/data/storage.pkrtpl.hcl index 8fdf239..7320ebd 100644 --- a/builds/linux/opensuse/leap-15-5/data/storage.pkrtpl.hcl +++ b/builds/linux/opensuse/leap-15-5/data/storage.pkrtpl.hcl @@ -1,63 +1,87 @@ - - /dev/system - false - - - true - ext4 - false - root - / - device - false - false - 32199671808 - - 1 - 0 - - - true - swap - false - swap - swap - device - false - false - 2147483648 - - 1 - 0 - - - 4194304 - CT_LVM - /dev/${device} gpt +%{ for index, partition in partitions ~} true - false - 263 - 1 - false - 8388608 - - - true - false - system +%{ if partition.volume_group != "" ~} + ${partition.volume_group} 142 - 2 + false +%{ else ~} +%{ if partition.format.fstype == "swap" ~} + swap + 130 + true +%{ else ~} + false - 34350284288 + uuid +%{ endif ~} +%{ if partition.format.fstype == "fat32" ~} + vfat +%{ if partition.mount.path == "/boot/efi" ~} + 259 + utf8 +%{ else ~} + 12 +%{ endif ~} +%{ else ~} + ${partition.format.fstype} + 131 +%{ endif ~} + true + ${partition.mount.path} +%{ endif ~} +%{ if partition.size != -1 ~} + ${partition.size}M +%{ else ~} + max +%{ endif ~} + +%{ endfor ~} CT_DISK all +%{ for index, volume_group in lvm ~} + + /dev/${volume_group.name} + false + +%{ for partition in volume_group.partitions ~} + + true +%{ if partition.format.fstype == "swap" ~} + swap + swap +%{ else ~} + ${partition.format.fstype} + ${partition.mount.path} +%{ endif ~} + ${partition.name} + false + device + false + false +%{ if partition.mount.options != "" ~} + ${partition.mount.options} +%{ endif ~} +%{ if partition.size != -1 ~} + ${partition.size}M +%{ else ~} + max +%{ endif ~} + 1 + 0 + +%{ endfor ~} + + 4194304 + CT_LVM + +%{ endfor ~} \ No newline at end of file From e370d9e5ad6a7c04a5ad33c8ab5fa18f372fb8ab Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 1 Jul 2024 16:40:15 -0500 Subject: [PATCH 39/72] fix: suse doesn't have /var/log/secure by default --- ansible/roles/clean/tasks/suse.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/ansible/roles/clean/tasks/suse.yml b/ansible/roles/clean/tasks/suse.yml index 5323171..0dbf064 100644 --- a/ansible/roles/clean/tasks/suse.yml +++ b/ansible/roles/clean/tasks/suse.yml @@ -18,7 +18,6 @@ - /var/log/lastlog - /var/log/mail - /var/log/messages - - /var/log/secure - /var/log/warn - /var/log/wtmp - /var/log/zypper.log From 8d3f41ca384c9fd4f556d36c2d95237a07eed667 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 1 Jul 2024 16:40:35 -0500 Subject: [PATCH 40/72] fix: remove hardcoded version from repo --- ansible/roles/base/tasks/suse.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/base/tasks/suse.yml b/ansible/roles/base/tasks/suse.yml index ab9792f..7438900 100644 --- a/ansible/roles/base/tasks/suse.yml +++ b/ansible/roles/base/tasks/suse.yml @@ -18,7 +18,7 @@ become: true community.general.zypper_repository: name: repo-oss - repo: "http://download.opensuse.org/distribution/leap/15.5/repo/oss/" + repo: "http://download.opensuse.org/distribution/leap/$releasever/repo/oss/" auto_import_keys: true - name: "Installing cloud-init." From 7f2ea96f63feafd7672698843b669aa61b92093d Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 1 Jul 2024 16:44:08 -0500 Subject: [PATCH 41/72] feat: add openSUSE Leap 15.6 support --- .../leap-15-6/data/autoinst.pkrtpl.hcl | 610 ++++++++++++++++++ .../leap-15-6/data/network.pkrtpl.hcl | 50 ++ .../leap-15-6/data/storage.pkrtpl.hcl | 87 +++ .../linux-opensuse-leap.auto.pkrvars.hcl | 46 ++ .../leap-15-6/linux-opensuse-leap.pkr.hcl | 224 +++++++ .../leap-15-6/variables-network.pkr.hcl | 36 ++ .../leap-15-6/variables-storage.pkr.hcl | 53 ++ .../opensuse/leap-15-6/variables.pkr.hcl | 304 +++++++++ 8 files changed, 1410 insertions(+) create mode 100644 builds/linux/opensuse/leap-15-6/data/autoinst.pkrtpl.hcl create mode 100644 builds/linux/opensuse/leap-15-6/data/network.pkrtpl.hcl create mode 100644 builds/linux/opensuse/leap-15-6/data/storage.pkrtpl.hcl create mode 100644 builds/linux/opensuse/leap-15-6/linux-opensuse-leap.auto.pkrvars.hcl create mode 100644 builds/linux/opensuse/leap-15-6/linux-opensuse-leap.pkr.hcl create mode 100644 builds/linux/opensuse/leap-15-6/variables-network.pkr.hcl create mode 100644 builds/linux/opensuse/leap-15-6/variables-storage.pkr.hcl create mode 100644 builds/linux/opensuse/leap-15-6/variables.pkr.hcl diff --git a/builds/linux/opensuse/leap-15-6/data/autoinst.pkrtpl.hcl b/builds/linux/opensuse/leap-15-6/data/autoinst.pkrtpl.hcl new file mode 100644 index 0000000..6bd2b72 --- /dev/null +++ b/builds/linux/opensuse/leap-15-6/data/autoinst.pkrtpl.hcl @@ -0,0 +1,610 @@ + + + + + + + repo-backports-update + http://download.opensuse.org/update/leap/15.6/backports/ + Update repository of openSUSE Backports + 99 + / + + + repo-non-oss + http://download.opensuse.org/distribution/leap/15.6/repo/non-oss/ + Non-OSS Repository + 99 + / + + + repo-sle-update + http://download.opensuse.org/update/leap/15.6/sle/ + Update repository with updates from SUSE Linux Enterprise 15 + 99 + / + + + repo-update + http://download.opensuse.org/update/leap/15.6/oss + Main Update Repository + 99 + / + + + repo-update-non-oss + http://download.opensuse.org/update/leap/15.6/non-oss/ + Update Repository (Non-Oss) + 99 + / + + + + + + splash=silent preempt=full mitigations=auto quiet security=apparmor + auto + auto + false + true + false + gfxterm + 8 + false + true + vga=gfx-1024x768x16 + + + + false + + + public + true + off + true + + + Unsolicited incoming network packets are rejected. Incoming packets that are related to outgoing network connections are accepted. Outgoing network connections are allowed. + + false + block + + + + Block + %%REJECT%% + + + For computers in your demilitarized zone that are publicly-accessible with limited access to your internal network. Only selected incoming connections are accepted. + + false + dmz + + + + ssh + + DMZ + default + + + All network connections are accepted. + + docker0 + + false + docker + + + + docker + ACCEPT + + + Unsolicited incoming network packets are dropped. Incoming packets that are related to outgoing network connections are accepted. Outgoing network connections are allowed. + + false + drop + + + + Drop + DROP + + + For use on external networks. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted. + + true + external + + + + ssh + + External + default + + + For use in home areas. You mostly trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted. + + false + home + + + + dhcpv6-client + mdns + samba-client + ssh + + Home + default + + + For use on internal networks. You mostly trust the other computers on the networks to not harm your computer. Only selected incoming connections are accepted. + + false + internal + + + + dhcpv6-client + mdns + samba-client + ssh + + Internal + default + + + For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted. + + eth0 + + false + public + + + + dhcpv6-client + ssh + + Public + default + + + All network connections are accepted. + + false + trusted + + + + Trusted + ACCEPT + + + For use in work areas. You mostly trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted. + + false + work + + + + dhcpv6-client + ssh + + Work + default + + + + + + false + + + + + 100 + users + + + + 493 + utmp + + + + 65533 + nogroup + + + + 71 + ntadmin + + + + 488 + input + + + + 491 + cdrom + + + + 475 + polkitd + + + + 1 + bin + daemon + + + 2 + daemon + + + + 65534 + nobody + + + + 36 + kvm + + + + 59 + maildrop + postfix + + + 477 + sshd + + + + 482 + chrony + + + + 489 + disk + + + + 492 + audio + + + + 494 + lock + + + + 15 + shadow + + + + 485 + tape + + + + 495 + kmem + + + + 5 + tty + + + + 480 + systemd-network + + + + 484 + video + + + + 499 + messagebus + + + + 486 + sgx + + + + 497 + lp + + + + 487 + render + + + + 0 + root + + + + 42 + trusted + + + + 479 + systemd-timesync + + + + 481 + systemd-journal + + + + 51 + postfix + + + + 490 + dialout + + + + 483 + audit + + + + 498 + mail + postfix + + + 62 + man + + + + 496 + wheel + + + + 478 + nscd + + + + + + + 127.0.0.1 + + localhost + + + + ::1 + + localhost ipv6-localhost ipv6-loopback + + + + fe00::0 + + ipv6-localnet + + + + ff00::0 + + ipv6-mcastprefix + + + + ff02::1 + + ipv6-allnodes + + + + ff02::2 + + ipv6-allrouters + + + + ff02::3 + + ipv6-allhosts + + + + + + + + AUTO + + + true + localhost + auto + + + + dhcp + eth0 + auto + public + + + true + true + false + + false + false + + + + auto + + systemd + +${storage} + + false + + + multi-user + + + YaST2-Firstboot + YaST2-Second-Stage + apparmor + auditd + klog + chronyd + cron + cups + firewalld + wickedd-auto4 + wickedd-dhcp4 + wickedd-dhcp6 + wickedd-nanny + irqbalance + issue-generator + kbdsettings + lvm2-monitor + mcelog + wicked + nscd + postfix + purge-kernels + rsyslog + smartd + sshd + systemd-fsck-root + systemd-pstore + systemd-remount-fs + qemu-guest-agent + + + + + true + + + wicked + os-prober + openssh + openSUSE-release + lvm2 + kexec-tools + grub2 + glibc + firewalld + e2fsprogs + chrony + autoyast2 + qemu-guest-agent + + + apparmor + base + documentation + enhanced_base + minimal_base + sw_management + yast2_basis + + + Leap + + + + false + false + + + ${vm_os_timezone} + + + + 100 + /home + -1 + /bin/bash + 022 + + + + + true + Build User + 100 + /home/${build_username} + false + + + + + 99999 + 0 + 7 + + /bin/bash + 1000 + ${build_password_encrypted} + ${build_username} + + + + + + + + + + + diff --git a/builds/linux/opensuse/leap-15-6/data/network.pkrtpl.hcl b/builds/linux/opensuse/leap-15-6/data/network.pkrtpl.hcl new file mode 100644 index 0000000..5aac10a --- /dev/null +++ b/builds/linux/opensuse/leap-15-6/data/network.pkrtpl.hcl @@ -0,0 +1,50 @@ + + + + AUTO + + +%{ if ip != null ~} + +%{ for dns_server in dns ~} + ${dns_server} +%{ endfor ~} + +%{ else ~} + true + localhost +%{ endif ~} + auto + + + +%{ if ip != null ~} + static + ${ip} + ${netmask} +%{ else ~} + dhcp +%{ endif ~} + eth0 + auto + public + + + true + true + false + + false + false +%{ if ip != null ~} + + + default + - + ${gateway} + - + + +%{ endif ~} + + \ No newline at end of file diff --git a/builds/linux/opensuse/leap-15-6/data/storage.pkrtpl.hcl b/builds/linux/opensuse/leap-15-6/data/storage.pkrtpl.hcl new file mode 100644 index 0000000..7320ebd --- /dev/null +++ b/builds/linux/opensuse/leap-15-6/data/storage.pkrtpl.hcl @@ -0,0 +1,87 @@ + + + /dev/${device} + gpt + +%{ for index, partition in partitions ~} + + true +%{ if partition.volume_group != "" ~} + ${partition.volume_group} + 142 + false +%{ else ~} +%{ if partition.format.fstype == "swap" ~} + swap + 130 + true +%{ else ~} + + false + uuid +%{ endif ~} +%{ if partition.format.fstype == "fat32" ~} + vfat +%{ if partition.mount.path == "/boot/efi" ~} + 259 + utf8 +%{ else ~} + 12 +%{ endif ~} +%{ else ~} + ${partition.format.fstype} + 131 +%{ endif ~} + true + ${partition.mount.path} +%{ endif ~} +%{ if partition.size != -1 ~} + ${partition.size}M +%{ else ~} + max +%{ endif ~} + + +%{ endfor ~} + + CT_DISK + all + +%{ for index, volume_group in lvm ~} + + /dev/${volume_group.name} + false + +%{ for partition in volume_group.partitions ~} + + true +%{ if partition.format.fstype == "swap" ~} + swap + swap +%{ else ~} + ${partition.format.fstype} + ${partition.mount.path} +%{ endif ~} + ${partition.name} + false + device + false + false +%{ if partition.mount.options != "" ~} + ${partition.mount.options} +%{ endif ~} +%{ if partition.size != -1 ~} + ${partition.size}M +%{ else ~} + max +%{ endif ~} + 1 + 0 + +%{ endfor ~} + + 4194304 + CT_LVM + +%{ endfor ~} + \ No newline at end of file diff --git a/builds/linux/opensuse/leap-15-6/linux-opensuse-leap.auto.pkrvars.hcl b/builds/linux/opensuse/leap-15-6/linux-opensuse-leap.auto.pkrvars.hcl new file mode 100644 index 0000000..dfddc68 --- /dev/null +++ b/builds/linux/opensuse/leap-15-6/linux-opensuse-leap.auto.pkrvars.hcl @@ -0,0 +1,46 @@ +/* + DESCRIPTION: + openSUSE-Leap 15.6 variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// Guest Operating System Metadata +vm_os_language = "en_US" +vm_os_keyboard = "us" +vm_os_timezone = "UTC" +vm_os_family = "linux" +vm_os_name = "opensuse-leap" +vm_os_version = "15.6" + +// Virtual Machine Guest Operating System Setting +vm_os_type = "l26" +vm_cloudinit = true + +// Virtual Machine Hardware Settings +vm_bios = "ovmf" +vm_cpu_count = 1 +vm_cpu_sockets = 1 +vm_cpu_type = "x86-64-v2-AES" +vm_mem_size = 2048 +vm_disk_type = "virtio" +vm_disk_size = "32G" +vm_disk_format = "raw" +vm_storage_pool = "vm-data" +vm_disk_controller_type = "virtio-scsi-pci" +vm_network_card_model = "virtio" +vm_bridge_interface = "vmbr0" +vm_vlan_tag = "102" + +// Removable Media Settings +iso_path = "iso" +iso_file = "openSUSE-Leap-15.6-DVD-x86_64-Media.iso" +iso_checksum = "file:https://download.opensuse.org/distribution/leap/15.6/iso/openSUSE-Leap-15.6-DVD-x86_64-Media.iso.sha256" + +// Boot Settings +vm_boot = "order=virtio0;ide2;net0" +vm_boot_wait = "5s" + +// EFI Settings +vm_firmware_path = "./OVMF.fd" +vm_efi_storage_pool = "vm-data" +vm_efi_pre_enrolled_keys = false +vm_efi_type = "4m" diff --git a/builds/linux/opensuse/leap-15-6/linux-opensuse-leap.pkr.hcl b/builds/linux/opensuse/leap-15-6/linux-opensuse-leap.pkr.hcl new file mode 100644 index 0000000..c09a13a --- /dev/null +++ b/builds/linux/opensuse/leap-15-6/linux-opensuse-leap.pkr.hcl @@ -0,0 +1,224 @@ +/* + DESCRIPTION: + openSUSE-Leap 15.6 template using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: packer +// The Packer configuration. + +packer { + required_version = ">= 1.9.1" + required_plugins { + ansible = { + source = "github.com/hashicorp/ansible" + version = "~> 1" + } + git = { + version = ">= 0.4.2" + source = "github.com/ethanmdavidson/git" + } + proxmox = { + version = ">= 1.1.6" + source = "github.com/hashicorp/proxmox" + } + } +} + +// BLOCK: data +// Defines the data sources. + +data "git-repository" "cwd" {} + +// BLOCK: locals +// Defines the local variables. + +locals { + + bios_boot_command = [ + "", + "linux ", + "biosdevname=0 ", + "net.ifnames=0 ", + "netdevice=eth0 ", + "netsetup=dhcp ", + "lang=en_US ", + "textmode=1 ", + "${local.data_source_command}", + "", + ] + + uefi_boot_command = [ + // This sends the "escape" key. In the GRUB boot loader, this is used to enter command line mode. + "", + // This sends the "e" key. In the GRUB boot loader, this is used to edit the selected boot menu option. + "e", + // This sends four "down arrow" keys and then the "end" key. This is used to navigate to a specific line in the boot menu option's configuration. + "", + // This types the value of the 'data_source_command' local variable. This is used to specify the kickstart data source configured in the common variables. + "${local.data_source_command}", + // This sends the "F10" key. In the GRUB boot loader, this is used to save the changes and exit the boot menu option's configuration, and then continue the boot process. + "" + ] + + build_by = "Built by: HashiCorp Packer ${packer.version}" + build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) + build_version = data.git-repository.cwd.head + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" + vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" + manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) + manifest_path = "${path.cwd}/manifests/" + manifest_output = "${local.manifest_path}${local.manifest_date}.json" + data_source_content = { + "/autoinst.xml" = templatefile("${abspath(path.root)}/data/autoinst.pkrtpl.hcl", { + build_username = var.build_username + build_password = var.build_password + build_password_encrypted = var.build_password_encrypted + vm_disk_type = local.vm_disk_type + vm_os_language = var.vm_os_language + vm_os_keyboard = var.vm_os_keyboard + vm_os_timezone = var.vm_os_timezone + common_data_source = var.common_data_source + # vm_bios needs to be here to help determine the bootloader + vm_bios = var.vm_bios + storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { + device = var.vm_disk_device + swap = var.vm_disk_use_swap + partitions = var.vm_disk_partitions + lvm = var.vm_disk_lvm + vm_bios = var.vm_bios + }) + additional_packages = var.additional_packages + }) + } + data_source_command = var.common_data_source == "http" ? " autoyast=http://{{ .HTTPIP }}:{{ .HTTPPort }}/autoinst.xml" : " netsetup=dhcp autoyast=device://sr1/autoinst.xml" + vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command + vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null +} + +// BLOCK: source +// Defines the builder configuration blocks. + +source "proxmox-iso" "linux-opensuse-leap" { + + // Proxmox Connection Settings and Credentials + proxmox_url = "https://${var.proxmox_hostname}:8006/api2/json" + username = "${var.proxmox_api_token_id}" + token = "${var.proxmox_api_token_secret}" + insecure_skip_tls_verify = "${var.proxmox_insecure_connection}" + + // Proxmox Settings + node = "${var.proxmox_node}" + + // Virtual Machine Settings + vm_name = "${local.vm_name}" + bios = "${var.vm_bios}" + sockets = "${var.vm_cpu_sockets}" + cores = "${var.vm_cpu_count}" + cpu_type = "${var.vm_cpu_type}" + memory = "${var.vm_mem_size}" + os = "${var.vm_os_type}" + scsi_controller = "${var.vm_disk_controller_type}" + disks { + disk_size = "${var.vm_disk_size}" + type = "${var.vm_disk_type}" + storage_pool = "${var.vm_storage_pool}" + format = "${var.vm_disk_format}" + } + dynamic "efi_config" { + for_each = var.vm_bios == "ovmf" ? [1] : [] + content { + efi_storage_pool = var.vm_bios == "ovmf" ? var.vm_efi_storage_pool : null + efi_type = var.vm_bios == "ovmf" ? var.vm_efi_type : null + pre_enrolled_keys = var.vm_bios == "ovmf" ? var.vm_efi_pre_enrolled_keys : null + } + } + unmount_iso = true + ssh_username = "${var.build_username}" + ssh_password = "${var.build_password}" + ssh_timeout = "${var.timeout}" + ssh_port = "22" + iso_file = "${var.common_iso_storage}:${var.iso_path}/${var.iso_file}" + iso_checksum = "${var.iso_checksum}" + qemu_agent = true + + network_adapters { + bridge = "${var.vm_bridge_interface}" + model = "${var.vm_network_card_model}" + vlan_tag = "${var.vm_vlan_tag}" + } + + // Removable Media Settings + http_content = "${var.common_data_source}" == "http" ? "${local.data_source_content}" : null + + // Boot and Provisioning Settings + http_bind_address = var.common_data_source == "http" ? var.common_http_bind_address : null + http_port_min = var.common_data_source == "http" ? var.common_http_port_min : null + http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null + boot = var.vm_boot + boot_wait = var.vm_boot_wait + boot_command = local.boot_command + + dynamic "additional_iso_files" { + for_each = var.common_data_source == "disk" ? [1] : [] + content { + cd_files = var.common_data_source == "disk" ? local.data_source_content : null + cd_label = var.common_data_source == "disk" ? "cidata" : null + iso_storage_pool = var.common_data_source == "disk" ? "local" : null + } + } + + template_name = "${local.vm_name}" + template_description = "${local.build_description}" + + # VM Cloud Init Settings + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null + +} + +# Build Definition to create the VM Template +build { + sources = ["source.proxmox-iso.linux-opensuse-leap"] + + provisioner "ansible" { + user = "${var.build_username}" + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" + ansible_env_vars = [ + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3" + ] + extra_arguments = [ + "--extra-vars", "display_skipped_hosts=false", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", + ] + } + + post-processor "manifest" { + output = local.manifest_output + strip_path = true + strip_time = true + custom_data = { + ansible_username = "${var.ansible_username}" + build_username = "${var.build_username}" + build_date = "${local.build_date}" + build_version = "${local.build_version}" + common_data_source = "${var.common_data_source}" + vm_cpu_sockets = "${var.vm_cpu_sockets}" + vm_cpu_count = "${var.vm_cpu_count}" + vm_disk_size = "${var.vm_disk_size}" + vm_bios = "${var.vm_bios}" + vm_os_type = "${var.vm_os_type}" + vm_mem_size = "${var.vm_mem_size}" + vm_network_card_model = "${var.vm_network_card_model}" + vm_cloudinit = "${var.vm_cloudinit}" + } + } +} diff --git a/builds/linux/opensuse/leap-15-6/variables-network.pkr.hcl b/builds/linux/opensuse/leap-15-6/variables-network.pkr.hcl new file mode 100644 index 0000000..d2d6996 --- /dev/null +++ b/builds/linux/opensuse/leap-15-6/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + Debian Linux 11 network variables used by the Packer Plugin for VMware vSphere (vsphere-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens192" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} \ No newline at end of file diff --git a/builds/linux/opensuse/leap-15-6/variables-storage.pkr.hcl b/builds/linux/opensuse/leap-15-6/variables-storage.pkr.hcl new file mode 100644 index 0000000..6edce0d --- /dev/null +++ b/builds/linux/opensuse/leap-15-6/variables-storage.pkr.hcl @@ -0,0 +1,53 @@ +/* + DESCRIPTION: + openSUSE-Leap 15.6 storage variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Storage Settings + +variable "vm_disk_device" { + type = string + description = "The device for the virtual disk. (e.g. 'sda')" +} + +variable "vm_disk_use_swap" { + type = bool + description = "Whether to use a swap partition." +} + +variable "vm_disk_partitions" { + type = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + volume_group = string + })) + description = "The disk partitions for the virtual disk." +} + +variable "vm_disk_lvm" { + type = list(object({ + name = string + partitions = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + })) + })) + description = "The LVM configuration for the virtual disk." + default = [] +} diff --git a/builds/linux/opensuse/leap-15-6/variables.pkr.hcl b/builds/linux/opensuse/leap-15-6/variables.pkr.hcl new file mode 100644 index 0000000..42574e8 --- /dev/null +++ b/builds/linux/opensuse/leap-15-6/variables.pkr.hcl @@ -0,0 +1,304 @@ +/* + DESCRIPTION: + openSUSE-Leap 15.6 variables using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: variable +// Defines the input variables. + +// Proxmox Credentials + +variable "proxmox_hostname" { + type = string + description = "The FQDN or IP address of a Proxmox node. Only one node should be specified in a cluster." +} + +variable "proxmox_api_token_id" { + type = string + description = "The token to login to the Proxmox node/cluster. The format is USER@REALM!TOKENID. (e.g. packer@pam!packer_pve_token)" +} + +variable "proxmox_api_token_secret" { + type = string + description = "The secret for the API token used to login to the Proxmox API." +# sensitive = true +} + +variable "proxmox_insecure_connection" { + description = "true/false to skip Proxmox TLS certificate checks." + type = bool + default = true +} + +// Proxmox Settings + +variable "proxmox_node" { + type = string + description = "The name of the Proxmox node that Packer will build templates on." +} + +// Virtual Machine Settings + +variable "vm_os_language" { + type = string + description = "The guest operating system language." + default = "en_US" +} + +variable "vm_os_keyboard" { + type = string + description = "The guest operating system keyboard layout." + default = "us" +} + +variable "vm_os_timezone" { + type = string + description = "The guest operating system timezone." + default = "UTC" +} + +variable "vm_os_family" { + type = string + description = "The guest operating system family. Used for naming. (e.g. 'linux')" +} + +variable "vm_os_name" { + type = string + description = "The guest operating system name. Used for naming. (e.g. 'ubuntu')" +} + +variable "vm_os_version" { + type = string + description = "The guest operating system version. Used for naming. (e.g. '22-04-lts')" +} + +variable "vm_os_type" { + type = string + description = "The guest operating system type. (e.g. 'l26')" +} + +variable "vm_bios" { + type = string + description = "The firmware type. Allowed values 'ovmf' or 'seabios'" + default = "OVMF" + + validation { + condition = contains(["ovmf", "seabios"], var.vm_bios) + error_message = "The vm_bios value must be 'ovmf' or 'seabios'." + } +} + +variable "vm_firmware_path" { + type = string + description = "The firmware file to be used. Needed for EFI" + default = "/usr/share/ovmf/OVMF.fd" +} + +variable "vm_efi_storage_pool" { + type = string + description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" +} + +variable "vm_efi_type" { + type = string + description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" +} + +variable "vm_efi_pre_enrolled_keys" { + type = bool + description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" +} + +variable "vm_cpu_count" { + type = number + description = "The number of virtual CPUs. (e.g. '2')" +} + +variable "vm_cpu_sockets" { + type = number + description = "The number of virtual CPU sockets. (e.g. '1')" +} + +variable "vm_cpu_type" { + type = string + description = "The CPU type to emulate. See the Proxmox API documentation for the complete list of accepted values. For best performance, set this to host. Defaults to kvm64." +} + +variable "vm_mem_size" { + type = number + description = "The size for the virtual memory in MB. (e.g. '2048')" +} + +variable "vm_disk_controller_type" { + type = string + description = "The SCSI controller model to emulate. (e.g. 'virtio-scsi-pci')" +} + +variable "vm_disk_type" { + type = string + description = "The type of disk to emulate. (e.g. 'virtio')" +} + +variable "vm_storage_pool" { + type = string + description = "The name of the Proxmox storage pool to store the VM template. (e.g. 'local-lvm')" +} + +variable "vm_disk_size" { + type = string + description = "The size for the virtual disk in GB. (e.g. '32G')" +} + +variable "vm_disk_format" { + type = string + description = "The format of the file backing the disk. (e.g. 'qcow2')" +} + +variable "vm_network_card_model" { + type = string + description = "The model of the virtual network adapter to emulate. (e.g. 'virtio')" +} + +variable "vm_bridge_interface" { + type = string + description = "The name of the Proxmox bridge to attach the adapter to." +} + +variable "vm_vlan_tag" { + type = string + description = "If the adapter should tag packets, give the VLAN ID. (e.g. '102')" +} + +// Cloud-Init Settings + +variable "vm_cloudinit" { + type = bool + description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" + default = false +} + +// Removable Media Settings + +variable "common_iso_storage" { + type = string + description = "The name of the source Proxmox storage location for ISO images. (e.g. 'local-lvm')" +} + +variable "iso_path" { + type = string + description = "The path on the source Proxmox storage location for ISO images. (e.g. 'iso')" +} + +variable "iso_file" { + type = string + description = "The file name of the ISO image used by the vendor. (e.g. 'ubuntu--live-server-amd64.iso')" +} + +variable "iso_checksum" { + type = string + description = "The checksum value of the ISO image provided by the vendor." +} + +// Boot Settings + +variable "common_data_source" { + type = string + description = "The provisioning data source. (e.g. 'http' or 'disk')" +} + +variable "common_http_bind_address" { + type = string + description = "Define an IP address on the host to use for the HTTP server." + default = null +} + +variable "common_http_port_min" { + type = number + description = "The start of the HTTP port range." +} + +variable "common_http_port_max" { + type = number + description = "The end of the HTTP port range." +} + +variable "vm_boot" { + type = string + description = "The boot order for virtual machine devices. (e.g. 'order=virtio0;ide2;net0')" +} + +variable "vm_boot_wait" { + type = string + description = "The time to wait after booting the initial VM before typing the boot_command (e.g '10s')" +} + +variable "common_ip_wait_timeout" { + type = string + description = "Time to wait for guest operating system IP address response." +} + +variable "common_shutdown_timeout" { + type = string + description = "Time to wait for guest operating system shutdown." +} + +// Communicator Settings and Credentials + +variable "build_username" { + type = string + description = "The username to login to the guest operating system. (e.g. 'ubuntu')" +# sensitive = true +} + +variable "build_password" { + type = string + description = "The password to login to the guest operating system." +# sensitive = true +} + +variable "build_password_encrypted" { + type = string + description = "The encrypted password to login to the guest operating system." +# sensitive = true +} + +variable "build_key" { + type = string + description = "The SSH public key to login to the guest operating system." +# sensitive = true +} + +variable "timeout" { + description = "not sure why I need so high a timeout but here we are" + default = "90m" +} + +// Ansible Credentials + +variable "ansible_username" { + type = string + description = "The username for Ansible to login to the guest operating system. (e.g. 'ansible')" +# sensitive = true +} + +variable "ansible_key" { + type = string + description = "The public key for Ansible to login to the guest operating system." +# sensitive = true +} + +// HCP Packer Settings + +variable "common_hcp_packer_registry_enabled" { + type = bool + description = "Enable the HCP Packer registry." + default = false +} + +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} From f589c496a4f92bfe784d03ef50815f819072f9bc Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 12:34:21 -0500 Subject: [PATCH 42/72] change the vm_name to remove if/then --- builds/linux/ubuntu/20-04-lts/linux-ubuntu.pkr.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/builds/linux/ubuntu/20-04-lts/linux-ubuntu.pkr.hcl b/builds/linux/ubuntu/20-04-lts/linux-ubuntu.pkr.hcl index 6d9d781..1681d56 100644 --- a/builds/linux/ubuntu/20-04-lts/linux-ubuntu.pkr.hcl +++ b/builds/linux/ubuntu/20-04-lts/linux-ubuntu.pkr.hcl @@ -101,7 +101,7 @@ locals { } data_source_command = var.common_data_source == "http" ? "${local.http_command}" : "ds=nocloud" - vm_name = var.vm_cloudinit == false ? "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" : "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}-cloud-init" + vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null } From 69b05aaaf1d0b5649e8832f9afc1b33747169853 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 12:58:05 -0500 Subject: [PATCH 43/72] fix: update efi vars and storage sizes so installs don't break --- builds/linux-storage.pkrvars.hcl.example | 26 +++++++++++++++--------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/builds/linux-storage.pkrvars.hcl.example b/builds/linux-storage.pkrvars.hcl.example index 6782ec4..9e223c4 100644 --- a/builds/linux-storage.pkrvars.hcl.example +++ b/builds/linux-storage.pkrvars.hcl.example @@ -4,6 +4,12 @@ - Variables are passed to and used by guest operating system configuration files (e.g., ks.cfg). */ +// VM EFI Settings +vm_efi_storage_pool = "vm-data" +vm_efi_type = "4m" +vm_efi_pre_enrolled_keys = false + +// VM Storage Settings vm_efi_storage_pool = "vm-data" vm_efi_type = "4m" vm_efi_pre_enrolled_keys = false @@ -39,7 +45,7 @@ vm_disk_partitions = [ volume_group = "", }, { - name = "vg_root" + name = "sysvg" size = -1, format = { label = "", @@ -49,12 +55,12 @@ vm_disk_partitions = [ path = "", options = "", }, - volume_group = "vg_root", + volume_group = "sysvg", }, ] vm_disk_lvm = [ { - name: "vg_root", + name: "sysvg", partitions: [ { name = "lv_swap", @@ -70,7 +76,7 @@ vm_disk_lvm = [ }, { name = "lv_root", - size = 3000, + size = 10240, format = { label = "ROOTFS", fstype = "ext4", @@ -82,7 +88,7 @@ vm_disk_lvm = [ }, { name = "lv_home", - size = 1200, + size = 4096, format = { label = "HOMEFS", fstype = "ext4", @@ -106,7 +112,7 @@ vm_disk_lvm = [ }, { name = "lv_tmp", - size = 2500, + size = 4096, format = { label = "TMPFS", fstype = "ext4", @@ -118,7 +124,7 @@ vm_disk_lvm = [ }, { name = "lv_var", - size = 3072, + size = 2048, format = { label = "VARFS", fstype = "ext4", @@ -130,7 +136,7 @@ vm_disk_lvm = [ }, { name = "lv_var_tmp", - size = 4096, + size = 1000, format = { label = "VARTMPFS", fstype = "ext4", @@ -142,7 +148,7 @@ vm_disk_lvm = [ }, { name = "lv_var_log", - size = 1024, + size = 4096, format = { label = "VARLOGFS", fstype = "ext4", @@ -166,4 +172,4 @@ vm_disk_lvm = [ }, ], } -] +] \ No newline at end of file From 971f15ba30401dc1f5886f0f5ac97cb2ba345a49 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 12:59:10 -0500 Subject: [PATCH 44/72] feat: update cloud-init var and add additional_packages var --- builds/linux/ubuntu/22-04-lts/variables.pkr.hcl | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/builds/linux/ubuntu/22-04-lts/variables.pkr.hcl b/builds/linux/ubuntu/22-04-lts/variables.pkr.hcl index 720fb8d..40950a2 100644 --- a/builds/linux/ubuntu/22-04-lts/variables.pkr.hcl +++ b/builds/linux/ubuntu/22-04-lts/variables.pkr.hcl @@ -171,7 +171,7 @@ variable "vm_vlan_tag" { // Cloud-Init Settings -variable "vm_cloud_init_enable" { +variable "vm_cloudinit" { type = bool description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" default = false @@ -295,3 +295,10 @@ variable "common_hcp_packer_registry_enabled" { default = false } +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} \ No newline at end of file From 7eedafbccb78d2e19b34618a1637c780628173ee Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 12:59:50 -0500 Subject: [PATCH 45/72] feat: add templated network config --- .../ubuntu/22-04-lts/data/network.pkrtpl.hcl | 19 +++++++++++++++++++ .../22-04-lts/data/user-data.pkrtpl.hcl | 3 ++- 2 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 builds/linux/ubuntu/22-04-lts/data/network.pkrtpl.hcl diff --git a/builds/linux/ubuntu/22-04-lts/data/network.pkrtpl.hcl b/builds/linux/ubuntu/22-04-lts/data/network.pkrtpl.hcl new file mode 100644 index 0000000..7a05956 --- /dev/null +++ b/builds/linux/ubuntu/22-04-lts/data/network.pkrtpl.hcl @@ -0,0 +1,19 @@ + network: + network: + version: 2 + ethernets: +%{ if ip != null ~} + ${device}: + dhcp4: false + addresses: + - ${ip}/${netmask} + gateway4: ${gateway} + nameservers: + addresses: +%{ for item in dns ~} + - ${item} +%{ endfor ~} +%{ else ~} + ${device}: + dhcp4: true +%{ endif ~} diff --git a/builds/linux/ubuntu/22-04-lts/data/user-data.pkrtpl.hcl b/builds/linux/ubuntu/22-04-lts/data/user-data.pkrtpl.hcl index 1b44a10..6c51160 100644 --- a/builds/linux/ubuntu/22-04-lts/data/user-data.pkrtpl.hcl +++ b/builds/linux/ubuntu/22-04-lts/data/user-data.pkrtpl.hcl @@ -6,7 +6,8 @@ autoinstall: locale: ${vm_os_language} keyboard: layout: ${vm_os_keyboard} -${storage} +${storage} +${network} identity: hostname: ubuntu-server username: ${build_username} From c68a47c9de1b9a5b655f83a1359759577e4f54db Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 13:00:19 -0500 Subject: [PATCH 46/72] fix: update template for UEFI and BIOS --- .../ubuntu/22-04-lts/data/storage.pkrtpl.hcl | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/builds/linux/ubuntu/22-04-lts/data/storage.pkrtpl.hcl b/builds/linux/ubuntu/22-04-lts/data/storage.pkrtpl.hcl index 07a1371..b8758a0 100644 --- a/builds/linux/ubuntu/22-04-lts/data/storage.pkrtpl.hcl +++ b/builds/linux/ubuntu/22-04-lts/data/storage.pkrtpl.hcl @@ -21,16 +21,21 @@ path: /dev/${device} wipe: superblock preserve: false - name: '' -%{ if vm_bios == "ovmf" ~} - grub_device: false -%{ endif ~} %{ if vm_bios == "seabios" ~} grub_device: true %{ endif ~} type: disk id: disk-${device} -# BIOS boot partition +%{if vm_bios == "seabios" ~} + - device: disk-${device} + size: 1M + flag: bios_grub + number: 1 + preserve: false + type: partition + id: partition-grub +%{ endif ~} + %{ for index, partition in partitions ~} - device: disk-${device} %{ if partition.size != -1 ~} @@ -40,7 +45,7 @@ %{ endif ~} wipe: superblock preserve: false -%{ if partition.name == "bios_grub" && vm_bios == "seabios" && index == 0 ~} +%{ if partition.mount.path == "/boot" && vm_bios == "seabios" && index == 0 ~} flag: bios_grub grub_device: false %{ endif ~} @@ -57,7 +62,6 @@ label: ${partition.format.label} fstype: ${partition.format.fstype} %{ endif ~} -# Don't create a mount for the GRUB partition when using BIOS %{ if partition.volume_group == "" && partition.name != "bios_grub" ~} - id: mount-${partition.name} type: mount From c1662d2647c861642860ac5f0994986f07feb2b1 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 13:00:42 -0500 Subject: [PATCH 47/72] feat: add network vars --- .../22-04-lts/variables-network.pkr.hcl | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 builds/linux/ubuntu/22-04-lts/variables-network.pkr.hcl diff --git a/builds/linux/ubuntu/22-04-lts/variables-network.pkr.hcl b/builds/linux/ubuntu/22-04-lts/variables-network.pkr.hcl new file mode 100644 index 0000000..1761446 --- /dev/null +++ b/builds/linux/ubuntu/22-04-lts/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + Debian Linux 11 network variables used by the Packer Plugin for VMware vSphere (vsphere-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens18" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} \ No newline at end of file From 11f3f5692cacb30ef58084aa5a5f771fe86d2bad Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 13:02:07 -0500 Subject: [PATCH 48/72] feat: UEFI and BIOS updates, network template, and ansible provisioner changes --- .../ubuntu/22-04-lts/linux-ubuntu.pkr.hcl | 76 +++++++++++++------ 1 file changed, 54 insertions(+), 22 deletions(-) diff --git a/builds/linux/ubuntu/22-04-lts/linux-ubuntu.pkr.hcl b/builds/linux/ubuntu/22-04-lts/linux-ubuntu.pkr.hcl index 5534ef5..3b31787 100644 --- a/builds/linux/ubuntu/22-04-lts/linux-ubuntu.pkr.hcl +++ b/builds/linux/ubuntu/22-04-lts/linux-ubuntu.pkr.hcl @@ -33,10 +33,37 @@ data "git-repository" "cwd" {} // Defines the local variables. locals { + bios_boot_command = [ + "c", + "linux /casper/vmlinuz --- autoinstall ${local.data_source_command}", + "", + "initrd /casper/initrd", + "", + "boot", + "" + ] + uefi_boot_command = [ + // This waits for 3 seconds, sends the "c" key, and then waits for another 3 seconds. In the GRUB boot loader, this is used to enter command line mode. + "c", + // This types a command to load the Linux kernel from the specified path with the 'autoinstall' option and the value of the 'data_source_command' local variable. + // The 'autoinstall' option is used to automate the installation process. + // The 'data_source_command' local variable is used to specify the kickstart data source configured in the common variables. + "linux /casper/vmlinuz --- autoinstall ${local.data_source_command}", + // This sends the "enter" key and then waits. This is typically used to execute the command and give the system time to process it. + "", + // This types a command to load the initial RAM disk from the specified path. + "initrd /casper/initrd", + // This sends the "enter" key and then waits. This is typically used to execute the command and give the system time to process it. + "", + // This types the "boot" command. This starts the boot process using the loaded kernel and initial RAM disk. + "boot", + // This sends the "enter" key. This is typically used to execute the command. + "" + ] build_by = "Built by: HashiCorp Packer ${packer.version}" build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) build_version = data.git-repository.cwd.head - build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) manifest_path = "${path.cwd}/manifests/" @@ -51,6 +78,14 @@ locals { vm_os_language = var.vm_os_language vm_os_keyboard = var.vm_os_keyboard vm_os_timezone = var.vm_os_timezone + + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_network_device + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { device = var.vm_disk_device swap = var.vm_disk_use_swap @@ -58,10 +93,12 @@ locals { lvm = var.vm_disk_lvm vm_bios = var.vm_bios }) + additional_packages = var.additional_packages }) } data_source_command = var.common_data_source == "http" ? "ds=\"nocloud-net;seedfrom=http://{{.HTTPIP}}:{{.HTTPPort}}/\"" : "ds=\"nocloud\"" vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null } @@ -126,15 +163,7 @@ source "proxmox-iso" "ubuntu" { http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null boot = var.vm_boot boot_wait = var.vm_boot_wait - boot_command = [ - "c", - "linux /casper/vmlinuz --- autoinstall ${local.data_source_command}", - "", - "initrd /casper/initrd", - "", - "boot", - "" - ] + boot_command = local.boot_command dynamic "additional_iso_files" { for_each = var.common_data_source == "disk" ? [1] : [] @@ -149,8 +178,8 @@ source "proxmox-iso" "ubuntu" { template_description = "${local.build_description}" # VM Cloud Init Settings - cloud_init = var.vm_cloud_init_enable - cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null } @@ -159,19 +188,22 @@ build { sources = ["source.proxmox-iso.ubuntu"] provisioner "ansible" { - user = "${var.build_username}" - playbook_file = "${path.cwd}/ansible/main.yml" - roles_path = "${path.cwd}/ansible/roles" + user = var.build_username + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" ansible_env_vars = [ - "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3" ] extra_arguments = [ "--extra-vars", "display_skipped_hosts=false", - "--extra-vars", "BUILD_USERNAME=${var.build_username}", - "--extra-vars", "BUILD_SECRET='${var.build_key}'", - "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", - "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", - "--extra-vars", "cloud_init='${var.vm_cloud_init_enable}'", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", ] } @@ -192,7 +224,7 @@ build { vm_os_type = "${var.vm_os_type}" vm_mem_size = "${var.vm_mem_size}" vm_network_card_model = "${var.vm_network_card_model}" - vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + vm_cloudinit = "${var.vm_cloudinit}" } } } From 5b164322784131f161956989e06dcce341fd8eb4 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 13:02:46 -0500 Subject: [PATCH 49/72] feat: update default values --- builds/linux/ubuntu/22-04-lts/linux-ubuntu.auto.pkrvars.hcl | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/builds/linux/ubuntu/22-04-lts/linux-ubuntu.auto.pkrvars.hcl b/builds/linux/ubuntu/22-04-lts/linux-ubuntu.auto.pkrvars.hcl index cef071b..136de07 100644 --- a/builds/linux/ubuntu/22-04-lts/linux-ubuntu.auto.pkrvars.hcl +++ b/builds/linux/ubuntu/22-04-lts/linux-ubuntu.auto.pkrvars.hcl @@ -13,9 +13,10 @@ vm_os_version = "22.04-lts" // Virtual Machine Guest Operating System Setting vm_os_type = "l26" +vm_cloudinit = true // Virtual Machine Hardware Settings -vm_bios = "seabios" +vm_bios = "ovmf" vm_cpu_count = 1 vm_cpu_sockets = 1 vm_cpu_type = "kvm64" @@ -32,7 +33,7 @@ vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" iso_file = "ubuntu-22.04-live-server-amd64.iso" -iso_checksum = "84aeaf7823c8c61baa0ae862d0a06b03409394800000b3235854a6b38eb4856f" +iso_checksum = "file:https://releases.ubuntu.com/jammy/SHA256SUMS" // Boot Settings vm_boot = "order=virtio0;ide2;net0" From b53e237f331f2e53201355cb6e015a58d8eee535 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 13:30:28 -0500 Subject: [PATCH 50/72] feat: update default values --- builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl b/builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl index 6566d96..ccfc477 100644 --- a/builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl +++ b/builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl @@ -13,9 +13,10 @@ vm_os_version = "24.04-lts" // Virtual Machine Guest Operating System Setting vm_os_type = "l26" +vm_cloudinit = true // Virtual Machine Hardware Settings -vm_bios = "seabios" +vm_bios = "ovmf" vm_cpu_count = 1 vm_cpu_sockets = 1 vm_cpu_type = "kvm64" @@ -32,7 +33,7 @@ vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" iso_file = "ubuntu-24.04-live-server-amd64.iso" -iso_checksum = "8762f7e74e4d64d72fceb5f70682e6b069932deedb4949c6975d0f0fe0a91be3" +iso_checksum = "https://releases.ubuntu.com/noble/SHA256SUMS" // Boot Settings vm_boot = "order=virtio0;ide2;net0" From 615205d97e6b95109195a490ecc73f0bfa21ea0f Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 13:32:39 -0500 Subject: [PATCH 51/72] feat: add UEFI and BIOS boot commands and ansible provisioner update --- .../ubuntu/24-04-lts/linux-ubuntu.pkr.hcl | 76 +++++++++++++------ 1 file changed, 54 insertions(+), 22 deletions(-) diff --git a/builds/linux/ubuntu/24-04-lts/linux-ubuntu.pkr.hcl b/builds/linux/ubuntu/24-04-lts/linux-ubuntu.pkr.hcl index b85f281..912d164 100644 --- a/builds/linux/ubuntu/24-04-lts/linux-ubuntu.pkr.hcl +++ b/builds/linux/ubuntu/24-04-lts/linux-ubuntu.pkr.hcl @@ -33,10 +33,37 @@ data "git-repository" "cwd" {} // Defines the local variables. locals { + bios_boot_command = [ + "c", + "linux /casper/vmlinuz --- autoinstall ${local.data_source_command}", + "", + "initrd /casper/initrd", + "", + "boot", + "" + ] + uefi_boot_command = [ + // This waits for 3 seconds, sends the "c" key, and then waits for another 3 seconds. In the GRUB boot loader, this is used to enter command line mode. + "c", + // This types a command to load the Linux kernel from the specified path with the 'autoinstall' option and the value of the 'data_source_command' local variable. + // The 'autoinstall' option is used to automate the installation process. + // The 'data_source_command' local variable is used to specify the kickstart data source configured in the common variables. + "linux /casper/vmlinuz --- autoinstall ${local.data_source_command}", + // This sends the "enter" key and then waits. This is typically used to execute the command and give the system time to process it. + "", + // This types a command to load the initial RAM disk from the specified path. + "initrd /casper/initrd", + // This sends the "enter" key and then waits. This is typically used to execute the command and give the system time to process it. + "", + // This types the "boot" command. This starts the boot process using the loaded kernel and initial RAM disk. + "boot", + // This sends the "enter" key. This is typically used to execute the command. + "" + ] build_by = "Built by: HashiCorp Packer ${packer.version}" build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) build_version = data.git-repository.cwd.head - build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloud_init_enable}" + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) manifest_path = "${path.cwd}/manifests/" @@ -51,6 +78,14 @@ locals { vm_os_language = var.vm_os_language vm_os_keyboard = var.vm_os_keyboard vm_os_timezone = var.vm_os_timezone + + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_network_device + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { device = var.vm_disk_device swap = var.vm_disk_use_swap @@ -58,10 +93,12 @@ locals { lvm = var.vm_disk_lvm vm_bios = var.vm_bios }) + additional_packages = var.additional_packages }) } data_source_command = var.common_data_source == "http" ? "ds=\"nocloud-net;seedfrom=http://{{.HTTPIP}}:{{.HTTPPort}}/\"" : "ds=\"nocloud\"" vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null } @@ -126,15 +163,7 @@ source "proxmox-iso" "ubuntu" { http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null boot = var.vm_boot boot_wait = var.vm_boot_wait - boot_command = [ - "c", - "linux /casper/vmlinuz --- autoinstall ${local.data_source_command}", - "", - "initrd /casper/initrd", - "", - "boot", - "" - ] + boot_command = local.boot_command dynamic "additional_iso_files" { for_each = var.common_data_source == "disk" ? [1] : [] @@ -149,8 +178,8 @@ source "proxmox-iso" "ubuntu" { template_description = "${local.build_description}" # VM Cloud Init Settings - cloud_init = var.vm_cloud_init_enable - cloud_init_storage_pool = var.vm_cloud_init_enable == true ? var.vm_storage_pool : null + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null } @@ -159,19 +188,22 @@ build { sources = ["source.proxmox-iso.ubuntu"] provisioner "ansible" { - user = "${var.build_username}" - playbook_file = "${path.cwd}/ansible/main.yml" - roles_path = "${path.cwd}/ansible/roles" + user = var.build_username + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" ansible_env_vars = [ - "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg" + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3" ] extra_arguments = [ "--extra-vars", "display_skipped_hosts=false", - "--extra-vars", "BUILD_USERNAME=${var.build_username}", - "--extra-vars", "BUILD_SECRET='${var.build_key}'", - "--extra-vars", "ANSIBLE_USERNAME=${var.ansible_username}", - "--extra-vars", "ANSIBLE_SECRET='${var.ansible_key}'", - "--extra-vars", "cloud_init='${var.vm_cloud_init_enable}'", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", ] } @@ -192,7 +224,7 @@ build { vm_os_type = "${var.vm_os_type}" vm_mem_size = "${var.vm_mem_size}" vm_network_card_model = "${var.vm_network_card_model}" - vm_cloud_init_enable = "${var.vm_cloud_init_enable}" + vm_cloudinit = "${var.vm_cloudinit}" } } } From fc29e3201d90d3b7d51864ba4416138b7b1541ee Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 13:33:09 -0500 Subject: [PATCH 52/72] feat: add templated network configs --- .../ubuntu/24-04-lts/data/network.pkrtpl.hcl | 19 ++++++++++ .../24-04-lts/data/user-data.pkrtpl.hcl | 3 +- .../24-04-lts/variables-network.pkr.hcl | 36 +++++++++++++++++++ 3 files changed, 57 insertions(+), 1 deletion(-) create mode 100644 builds/linux/ubuntu/24-04-lts/data/network.pkrtpl.hcl create mode 100644 builds/linux/ubuntu/24-04-lts/variables-network.pkr.hcl diff --git a/builds/linux/ubuntu/24-04-lts/data/network.pkrtpl.hcl b/builds/linux/ubuntu/24-04-lts/data/network.pkrtpl.hcl new file mode 100644 index 0000000..7a05956 --- /dev/null +++ b/builds/linux/ubuntu/24-04-lts/data/network.pkrtpl.hcl @@ -0,0 +1,19 @@ + network: + network: + version: 2 + ethernets: +%{ if ip != null ~} + ${device}: + dhcp4: false + addresses: + - ${ip}/${netmask} + gateway4: ${gateway} + nameservers: + addresses: +%{ for item in dns ~} + - ${item} +%{ endfor ~} +%{ else ~} + ${device}: + dhcp4: true +%{ endif ~} diff --git a/builds/linux/ubuntu/24-04-lts/data/user-data.pkrtpl.hcl b/builds/linux/ubuntu/24-04-lts/data/user-data.pkrtpl.hcl index 1b44a10..0756f5f 100644 --- a/builds/linux/ubuntu/24-04-lts/data/user-data.pkrtpl.hcl +++ b/builds/linux/ubuntu/24-04-lts/data/user-data.pkrtpl.hcl @@ -6,7 +6,8 @@ autoinstall: locale: ${vm_os_language} keyboard: layout: ${vm_os_keyboard} -${storage} +${storage} +${network} identity: hostname: ubuntu-server username: ${build_username} diff --git a/builds/linux/ubuntu/24-04-lts/variables-network.pkr.hcl b/builds/linux/ubuntu/24-04-lts/variables-network.pkr.hcl new file mode 100644 index 0000000..1761446 --- /dev/null +++ b/builds/linux/ubuntu/24-04-lts/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + Debian Linux 11 network variables used by the Packer Plugin for VMware vSphere (vsphere-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens18" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} \ No newline at end of file From 1c757c73dbed6f097ebb8b53b09593de215e31b9 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 13:33:37 -0500 Subject: [PATCH 53/72] feat: updated tempalte for UEFI and BIOS bootloaders --- .../ubuntu/24-04-lts/data/storage.pkrtpl.hcl | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/builds/linux/ubuntu/24-04-lts/data/storage.pkrtpl.hcl b/builds/linux/ubuntu/24-04-lts/data/storage.pkrtpl.hcl index 07a1371..b8758a0 100644 --- a/builds/linux/ubuntu/24-04-lts/data/storage.pkrtpl.hcl +++ b/builds/linux/ubuntu/24-04-lts/data/storage.pkrtpl.hcl @@ -21,16 +21,21 @@ path: /dev/${device} wipe: superblock preserve: false - name: '' -%{ if vm_bios == "ovmf" ~} - grub_device: false -%{ endif ~} %{ if vm_bios == "seabios" ~} grub_device: true %{ endif ~} type: disk id: disk-${device} -# BIOS boot partition +%{if vm_bios == "seabios" ~} + - device: disk-${device} + size: 1M + flag: bios_grub + number: 1 + preserve: false + type: partition + id: partition-grub +%{ endif ~} + %{ for index, partition in partitions ~} - device: disk-${device} %{ if partition.size != -1 ~} @@ -40,7 +45,7 @@ %{ endif ~} wipe: superblock preserve: false -%{ if partition.name == "bios_grub" && vm_bios == "seabios" && index == 0 ~} +%{ if partition.mount.path == "/boot" && vm_bios == "seabios" && index == 0 ~} flag: bios_grub grub_device: false %{ endif ~} @@ -57,7 +62,6 @@ label: ${partition.format.label} fstype: ${partition.format.fstype} %{ endif ~} -# Don't create a mount for the GRUB partition when using BIOS %{ if partition.volume_group == "" && partition.name != "bios_grub" ~} - id: mount-${partition.name} type: mount From e251bcdef00ec1991d29090c078428a2e72dc235 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Wed, 3 Jul 2024 13:34:07 -0500 Subject: [PATCH 54/72] feat: rename cloud-init var and add additional packages --- builds/linux/ubuntu/24-04-lts/variables.pkr.hcl | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/builds/linux/ubuntu/24-04-lts/variables.pkr.hcl b/builds/linux/ubuntu/24-04-lts/variables.pkr.hcl index 70c3be2..0022fcf 100644 --- a/builds/linux/ubuntu/24-04-lts/variables.pkr.hcl +++ b/builds/linux/ubuntu/24-04-lts/variables.pkr.hcl @@ -171,7 +171,7 @@ variable "vm_vlan_tag" { // Cloud-Init Settings -variable "vm_cloud_init_enable" { +variable "vm_cloudinit" { type = bool description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" default = false @@ -295,3 +295,10 @@ variable "common_hcp_packer_registry_enabled" { default = false } +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} \ No newline at end of file From 6eea70f540ec35f754c5991bb64a4c9f32725a72 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Sat, 6 Jul 2024 09:49:41 -0500 Subject: [PATCH 55/72] fix: update cloud-init var in ansible provisioner --- builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl b/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl index e785e30..008fed4 100644 --- a/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl +++ b/builds/linux/centos/9-stream/linux-centos-stream.pkr.hcl @@ -199,7 +199,7 @@ build { "--extra-vars", "build_key='${var.build_key}'", "--extra-vars", "ansible_username=${var.ansible_username}", "--extra-vars", "ansible_key='${var.ansible_key}'", - "--extra-vars", "enable_cloud_init='${var.vm_cloudinit}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", ] } From 04dfcba4abebf8f1fe8b7ade71eeb0123bf00597 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 14:40:37 -0500 Subject: [PATCH 56/72] chore: upgrade version of community.general --- ansible/linux-requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/linux-requirements.yml b/ansible/linux-requirements.yml index babfada..d29d392 100644 --- a/ansible/linux-requirements.yml +++ b/ansible/linux-requirements.yml @@ -3,4 +3,4 @@ collections: - name: ansible.posix version: 1.5.4 - name: community.general - version: 8.5.0 \ No newline at end of file + version: 9.1.0 \ No newline at end of file From 141f2986858e30c1ab7c227ef808054a3844639d Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:09:15 -0500 Subject: [PATCH 57/72] feat: add extra info to debug message --- ansible/roles/base/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/base/tasks/main.yml b/ansible/roles/base/tasks/main.yml index dc5169c..ba19a60 100644 --- a/ansible/roles/base/tasks/main.yml +++ b/ansible/roles/base/tasks/main.yml @@ -2,7 +2,7 @@ - name: "Getting guest operating system information." ansible.builtin.debug: - msg: "OS: {{ ansible_distribution }} Version: {{ ansible_distribution_version }} Family: {{ ansible_os_family }}" + msg: "OS Family: {{ ansible_os_family }} | Ansible Distribution: {{ ansible_distribution }} | Distribution Version: {{ ansible_distribution_version }}" - name: Prepare the {{ ansible_facts['distribution'] }} guest operating system include_tasks: "{{ ansible_facts['distribution'] | lower }}.yml" From 311db978ad14f131302d5dae2c0bd2ef93cccab0 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:10:34 -0500 Subject: [PATCH 58/72] fix: take away conditions in when clause --- ansible/roles/base/tasks/redhat.yml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/ansible/roles/base/tasks/redhat.yml b/ansible/roles/base/tasks/redhat.yml index 88a2889..b54c85c 100644 --- a/ansible/roles/base/tasks/redhat.yml +++ b/ansible/roles/base/tasks/redhat.yml @@ -16,11 +16,9 @@ name: "{{ additional_packages[ansible_os_family] }}" state: latest # noqa package-latest - - name: "Installing cloud-init." - become: true - ansible.builtin.dnf: - name: cloud-init - state: latest - when: enable_cloudinit == 'true' and ansible_distribution_version | int >= 8 - when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int >= 8 - +- name: "Installing cloud-init." + become: true + ansible.builtin.dnf: + name: cloud-init + state: latest + when: enable_cloudinit == 'true' From 25c4affd1e8853a423c94f18d6445c6b0d24031b Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:12:08 -0500 Subject: [PATCH 59/72] feat: disable cloud-init instead of uninstalling --- ansible/roles/clean/tasks/ubuntu.yml | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/ansible/roles/clean/tasks/ubuntu.yml b/ansible/roles/clean/tasks/ubuntu.yml index 3016532..7d70275 100644 --- a/ansible/roles/clean/tasks/ubuntu.yml +++ b/ansible/roles/clean/tasks/ubuntu.yml @@ -4,11 +4,23 @@ ansible.builtin.set_fact: enable_cloudinit: "{{ enable_cloudinit | default('false') }}" -# Tasks for removing the cloud-init package. -- name: "Removing the cloud-init package." - ansible.builtin.apt: - name: cloud-init - state: absent +# Tasks for disabling cloud-init +- name: "Disabling cloud-init." + block: + - name: 'Check if /etc/cloud/ exists' + ansible.builtin.stat: + path: '/etc/cloud/' + register: etc_cloud_folder + + - name: 'Generate /etc/cloud/cloud-init.disabled' + ansible.builtin.copy: + dest: '/etc/cloud/cloud-init.disabled' + content: "disabled by ansible\n" + owner: 'root' + group: 'root' + mode: '0644' + when: + - 'etc_cloud_folder.stat.exists' when: enable_cloudinit == 'false' # Tasks to clean the audit logs. From 503e9fb0e30a4afa45c9f52b76c899802c0387aa Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:12:46 -0500 Subject: [PATCH 60/72] fix: change datasouces --- ansible/roles/configure/tasks/debian.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/configure/tasks/debian.yml b/ansible/roles/configure/tasks/debian.yml index 1fd82e2..dd7658f 100644 --- a/ansible/roles/configure/tasks/debian.yml +++ b/ansible/roles/configure/tasks/debian.yml @@ -37,8 +37,8 @@ ansible.builtin.debug: msg: "Configuring cloud-init" - ansible.builtin.copy: - content: 'datasource_list: [ ConfigDrive, NoCloud ]' - dest: /etc/cloud/cloud.cfg.d/90_dpkg.cfg + content: "datasource_list: [ NoCloud, ConfigDrive ]" + dest: /etc/cloud/cloud.cfg.d/99_pve.cfg when: enable_cloudinit == 'true' # Tasks for setting SSH keys to regenerate. From 57fbda310b297dd553e411fcb68d0f42f2440ca5 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:15:05 -0500 Subject: [PATCH 61/72] fix: updated datasource config --- ansible/roles/configure/tasks/ubuntu.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/configure/tasks/ubuntu.yml b/ansible/roles/configure/tasks/ubuntu.yml index 56a5ee8..772f8e7 100644 --- a/ansible/roles/configure/tasks/ubuntu.yml +++ b/ansible/roles/configure/tasks/ubuntu.yml @@ -44,8 +44,8 @@ - /etc/cloud/cloud.cfg.d/99-installer.cfg - /etc/netplan/00-installer-config.yaml - ansible.builtin.copy: - content: 'datasource_list: [ VMware, OVF, None ]' - dest: /etc/cloud/cloud.cfg.d/90_dpkg.cfg + content: "datasource_list: [ NoCloud, ConfigDrive ]" + dest: /etc/cloud/cloud.cfg.d/99_pve.cfg when: enable_cloudinit == 'true' # Tasks for setting SSH keys to regenerate. From d55f32302038aecf847c3cc7b513ae4010eac5fd Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:15:27 -0500 Subject: [PATCH 62/72] feat: add steps to configure cloud-init --- ansible/roles/configure/tasks/redhat.yml | 22 ++++++++++++++++++++- ansible/roles/configure/tasks/suse.yml | 25 ++++++++++++++---------- 2 files changed, 36 insertions(+), 11 deletions(-) diff --git a/ansible/roles/configure/tasks/redhat.yml b/ansible/roles/configure/tasks/redhat.yml index d071913..e40e314 100644 --- a/ansible/roles/configure/tasks/redhat.yml +++ b/ansible/roles/configure/tasks/redhat.yml @@ -28,9 +28,29 @@ state: disabled policy: targeted +# Tasks for configuring cloud-init. +- block: + - name: "Message: Configuring cloud-init" + ansible.builtin.debug: + msg: "Configuring cloud-init" + - name: "Add Proxmox datasource" + ansible.builtin.copy: + content: "datasource_list: [ NoCloud, ConfigDrive ]" + dest: /etc/cloud/cloud.cfg.d/99_pve.cfg + - name: Enable cloud-init services + ansible.builtin.service: + name: "{{ item }}" + enabled: true + loop: + - cloud-config + - cloud-init + - cloud-init-local + - cloud-final + when: enable_cloudinit == 'true' + # Tasks for restarting the SSH daemon. - name: "Restarting the SSH daemon." ansible.builtin.systemd: name: sshd state: restarted - daemon_reload: true + daemon_reload: true \ No newline at end of file diff --git a/ansible/roles/configure/tasks/suse.yml b/ansible/roles/configure/tasks/suse.yml index 96f092e..2a9e9eb 100644 --- a/ansible/roles/configure/tasks/suse.yml +++ b/ansible/roles/configure/tasks/suse.yml @@ -31,13 +31,6 @@ ansible.builtin.hostname: name: "localhost" -# Tasks for restarting the SSH daemon. -- name: "Restarting the SSH daemon." - ansible.builtin.systemd: - name: sshd - state: restarted - daemon_reload: true - # Tasks for configuring cloud-init. - name: "Configuring cloud-init." block: @@ -45,8 +38,20 @@ ansible.builtin.debug: msg: "Configuring cloud-init" - ansible.builtin.copy: - content: 'datasource_list: [ ConfigDrive, NoCloud ]' - dest: /etc/cloud/cloud.cfg.d/90_dpkg.cfg + content: "datasource_list: [ NoCloud, ConfigDrive ]" + dest: /etc/cloud/cloud.cfg.d/99_pve.cfg + - name: Enable cloud-init services + ansible.builtin.service: + name: "{{ item }}" + enabled: true + loop: + - cloud-init + - cloud-init-local when: enable_cloudinit == 'true' -... \ No newline at end of file +# Tasks for restarting the SSH daemon. +- name: "Restarting the SSH daemon." + ansible.builtin.systemd: + name: sshd + state: restarted + daemon_reload: true From c3ef4ca2c648d5761fd32bcc952508da272acb37 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:16:38 -0500 Subject: [PATCH 63/72] feat: initial AlmaLinux support --- builds/linux/almalinux/8/data/ks.pkrtpl.hcl | 85 +++++ .../linux/almalinux/8/data/network.pkrtpl.hcl | 5 + .../linux/almalinux/8/data/storage.pkrtpl.hcl | 76 +++++ .../8/linux-almalinux.auto.pkrvars.hcl | 40 +++ .../linux/almalinux/8/linux-almalinux.pkr.hcl | 227 +++++++++++++ .../almalinux/8/variables-network.pkr.hcl | 36 ++ .../almalinux/8/variables-storage.pkr.hcl | 53 +++ builds/linux/almalinux/8/variables.pkr.hcl | 307 ++++++++++++++++++ builds/linux/almalinux/9/data/ks.pkrtpl.hcl | 85 +++++ .../linux/almalinux/9/data/network.pkrtpl.hcl | 5 + .../linux/almalinux/9/data/storage.pkrtpl.hcl | 76 +++++ .../9/linux-almalinux.auto.pkrvars.hcl | 40 +++ .../linux/almalinux/9/linux-almalinux.pkr.hcl | 227 +++++++++++++ .../almalinux/9/variables-network.pkr.hcl | 36 ++ .../almalinux/9/variables-storage.pkr.hcl | 53 +++ builds/linux/almalinux/9/variables.pkr.hcl | 307 ++++++++++++++++++ 16 files changed, 1658 insertions(+) create mode 100644 builds/linux/almalinux/8/data/ks.pkrtpl.hcl create mode 100644 builds/linux/almalinux/8/data/network.pkrtpl.hcl create mode 100644 builds/linux/almalinux/8/data/storage.pkrtpl.hcl create mode 100644 builds/linux/almalinux/8/linux-almalinux.auto.pkrvars.hcl create mode 100644 builds/linux/almalinux/8/linux-almalinux.pkr.hcl create mode 100644 builds/linux/almalinux/8/variables-network.pkr.hcl create mode 100644 builds/linux/almalinux/8/variables-storage.pkr.hcl create mode 100644 builds/linux/almalinux/8/variables.pkr.hcl create mode 100644 builds/linux/almalinux/9/data/ks.pkrtpl.hcl create mode 100644 builds/linux/almalinux/9/data/network.pkrtpl.hcl create mode 100644 builds/linux/almalinux/9/data/storage.pkrtpl.hcl create mode 100644 builds/linux/almalinux/9/linux-almalinux.auto.pkrvars.hcl create mode 100644 builds/linux/almalinux/9/linux-almalinux.pkr.hcl create mode 100644 builds/linux/almalinux/9/variables-network.pkr.hcl create mode 100644 builds/linux/almalinux/9/variables-storage.pkr.hcl create mode 100644 builds/linux/almalinux/9/variables.pkr.hcl diff --git a/builds/linux/almalinux/8/data/ks.pkrtpl.hcl b/builds/linux/almalinux/8/data/ks.pkrtpl.hcl new file mode 100644 index 0000000..c9c8dca --- /dev/null +++ b/builds/linux/almalinux/8/data/ks.pkrtpl.hcl @@ -0,0 +1,85 @@ +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE +# WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +# AlmaLinux 8 + +### Installs from the first attached CD-ROM/DVD on the system. +cdrom + +### Performs the kickstart installation in text mode. +### By default, kickstart installations are performed in graphical mode. +text + +### Accepts the End User License Agreement. +eula --agreed + +### Sets the language to use during installation and the default language to use on the installed system. +lang ${vm_os_language} + +### Sets the default keyboard type for the system. +keyboard ${vm_os_keyboard} + +### Configure network information for target system and activate network devices in the installer environment (optional) +### --onboot enable device at a boot time +### --device device to be activated and / or configured with the network command +### --bootproto method to obtain networking configuration for device (default dhcp) +### --noipv6 disable IPv6 on this device +${network} + +### Lock the root account. +rootpw --lock + +### The selected profile will restrict root login. +### Add a user that can login and escalate privileges. +user --name=${build_username} --iscrypted --password=${build_password_encrypted} --groups=wheel + +### Configure firewall settings for the system. +### --enabled reject incoming connections that are not in response to outbound requests +### --ssh allow sshd service through the firewall +firewall --enabled --ssh + +### Sets up the authentication options for the system. +### The SSSD profile sets sha512 to hash passwords. Passwords are shadowed by default +### See the manual page for authselect-profile for a complete list of possible options. +authselect select sssd + +### Sets the state of SELinux on the installed system. +### Defaults to enforcing. +selinux --enforcing + +### Sets the system time zone. +timezone ${vm_os_timezone} + +### Partitioning +${storage} + +### Modifies the default set of services that will run under the default runlevel. +services --enabled=NetworkManager,sshd + +### Do not configure X on the installed system. +skipx + +### Packages selection. +%packages --ignoremissing --excludedocs +@core +-iwl*firmware +%end + +### Post-installation commands. +%post +dnf makecache +dnf install epel-release -y +dnf makecache +dnf install -y sudo qemu-guest-tools +%{ if additional_packages != "" ~} +dnf install -y ${additional_packages} +%{ endif ~} +echo "${build_username} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/${build_username} +sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers +%end + +### Reboot after the installation is complete. +### --eject attempt to eject the media before rebooting. +reboot --eject diff --git a/builds/linux/almalinux/8/data/network.pkrtpl.hcl b/builds/linux/almalinux/8/data/network.pkrtpl.hcl new file mode 100644 index 0000000..a7949a7 --- /dev/null +++ b/builds/linux/almalinux/8/data/network.pkrtpl.hcl @@ -0,0 +1,5 @@ +%{ if ip != null ~} +network --device=${device} --bootproto=static --ip=${ip} --netmask=${cidrnetmask("${ip}/${netmask}")} --gateway=${gateway} --nameserver=${join(",", dns)} +%{ else ~} +network --device=${device} --bootproto=dhcp +%{ endif ~} diff --git a/builds/linux/almalinux/8/data/storage.pkrtpl.hcl b/builds/linux/almalinux/8/data/storage.pkrtpl.hcl new file mode 100644 index 0000000..14be99a --- /dev/null +++ b/builds/linux/almalinux/8/data/storage.pkrtpl.hcl @@ -0,0 +1,76 @@ +### Sets how the boot loader should be installed. +bootloader --location=mbr + +### Initialize any invalid partition tables found on disks. +zerombr + +### Removes partitions from the system, prior to creation of new partitions. +### By default, no partitions are removed. +### --all Erases all partitions from the system +### --initlabel Initializes a disk (or disks) by creating a default disk label for all disks in their respective architecture. +clearpart --all --initlabel + +### Modify partition sizes for the virtual machine hardware. +### Create primary system partitions. +%{ for partition in partitions ~} +part +%{~ if partition.volume_group != "" ~} + pv.${partition.volume_group} +%{~ else ~} +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} +%{~ if partition.format.fstype != "" ~} + --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ endif ~} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +%{ if vm_bios == "seabios" ~} +part biosboot --fstype="biosboot" --ondisk=${device} --size=1 +%{ endif ~} +### Create a logical volume management (LVM) group. +%{ for index, volume_group in lvm ~} +volgroup sysvg pv.${volume_group.name} + +### Modify logical volume sizes for the virtual machine hardware. +### Create logical volumes. +%{ for partition in volume_group.partitions ~} +logvol +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} + --name=${partition.name} --vgname=${volume_group.name} --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +%{ endfor ~} \ No newline at end of file diff --git a/builds/linux/almalinux/8/linux-almalinux.auto.pkrvars.hcl b/builds/linux/almalinux/8/linux-almalinux.auto.pkrvars.hcl new file mode 100644 index 0000000..8d7dfdd --- /dev/null +++ b/builds/linux/almalinux/8/linux-almalinux.auto.pkrvars.hcl @@ -0,0 +1,40 @@ +/* + DESCRIPTION: + AlmaLinux 8 variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// Guest Operating System Metadata +vm_os_language = "en_US" +vm_os_keyboard = "us" +vm_os_timezone = "UTC" +vm_os_family = "linux" +vm_os_name = "almalinux" +vm_os_version = "8" + +// Virtual Machine Guest Operating System Setting +vm_os_type = "l26" +vm_cloudinit = true + +// Virtual Machine Hardware Settings +vm_bios = "ovmf" +vm_cpu_count = 1 +vm_cpu_sockets = 1 +vm_cpu_type = "kvm64" +vm_mem_size = 2048 +vm_disk_type = "virtio" +vm_disk_size = "32G" +vm_disk_format = "raw" +vm_disk_controller_type = "virtio-scsi-pci" +vm_network_card_model = "virtio" + +// Removable Media Settings +iso_path = "iso" +iso_file = "AlmaLinux-8.10-x86_64-dvd.iso" +iso_checksum = "file:https://repo.almalinux.org/almalinux/8.10/isos/x86_64/CHECKSUM" + +// Boot Settings +vm_boot = "order=virtio0;ide2;net0" +vm_boot_wait = "10s" + +// EFI Settings +vm_firmware_path = "./OVMF.fd" diff --git a/builds/linux/almalinux/8/linux-almalinux.pkr.hcl b/builds/linux/almalinux/8/linux-almalinux.pkr.hcl new file mode 100644 index 0000000..f245117 --- /dev/null +++ b/builds/linux/almalinux/8/linux-almalinux.pkr.hcl @@ -0,0 +1,227 @@ +/* + DESCRIPTION: + AlmaLinux OS 8 template using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: packer +// The Packer configuration. + +packer { + required_version = ">= 1.11.0" + required_plugins { + ansible = { + source = "github.com/hashicorp/ansible" + version = "~> 1" + } + git = { + version = ">= 0.6.2" + source = "github.com/ethanmdavidson/git" + } + proxmox = { + version = ">= 1.1.8" + source = "github.com/hashicorp/proxmox" + } + } +} + +// BLOCK: data +// Defines the data sources. + +data "git-repository" "cwd" {} + +// BLOCK: locals +// Defines the local variables. + +locals { + bios_boot_command = [ + // This sends the "up arrow" key, typically used to navigate through boot menu options. + "", + // This sends the "tab" key. In the BIOS bootloader, this is how you customize the boot options. + "", + "inst.text biosdevname=0 net.ifnames=0 inst.gpt", + " ${local.data_source_command}", + "" + ] + uefi_boot_command = [ + // This sends the "up arrow" key, typically used to navigate through boot menu options. + "", + // This sends the "e" key. In the GRUB boot loader, this is used to edit the selected boot menu option. + "e", + // This sends two "down arrow" keys, followed by the "end" key, and then waits. This is used to navigate to a specific line in the boot menu option's configuration. + "", + // This types the string "text" followed by the value of the 'data_source_command' local variable. + // This is used to modify the boot menu option's configuration to boot in text mode and specify the kickstart data source configured in the common variables. + "text ${local.data_source_command}", + // This sends the "enter" key, waits, turns on the left control key, sends the "x" key, and then turns off the left control key. This is used to save the changes and exit the boot menu option's configuration, and then continue the boot process. + "x" + ] + build_by = "Built by: HashiCorp Packer ${packer.version}" + build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) + build_version = data.git-repository.cwd.head + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" + vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" + manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) + manifest_path = "${path.cwd}/manifests/" + manifest_output = "${local.manifest_path}${local.manifest_date}.json" + data_source_content = { + "/ks.cfg" = templatefile("${abspath(path.root)}/data/ks.pkrtpl.hcl", { + build_username = var.build_username + build_password = var.build_password + build_password_encrypted = var.build_password_encrypted + vm_disk_type = local.vm_disk_type + vm_os_language = var.vm_os_language + vm_os_keyboard = var.vm_os_keyboard + vm_os_timezone = var.vm_os_timezone + + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_bridge_interface + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) + common_data_source = var.common_data_source + # lvm needs to be here so late commands can access vg names + #lvm = var.vm_disk_lvm + storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { + device = var.vm_disk_device + swap = var.vm_disk_use_swap + partitions = var.vm_disk_partitions + lvm = var.vm_disk_lvm + vm_bios = var.vm_bios + }) + additional_packages = join(" ", var.additional_packages) + }) + } + data_source_command = var.common_data_source == "http" ? "inst.ks=http://{{.HTTPIP}}:{{.HTTPPort}}/ks.cfg" : "inst.ks=/cdrom/ks.cfg" + vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command + vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null +} + +// BLOCK: source +// Defines the builder configuration blocks. + +source "proxmox-iso" "linux-almalinux" { + + // Proxmox Connection Settings and Credentials + proxmox_url = "https://${var.proxmox_hostname}:8006/api2/json" + username = "${var.proxmox_api_token_id}" + token = "${var.proxmox_api_token_secret}" + insecure_skip_tls_verify = "${var.proxmox_insecure_connection}" + + // Proxmox Settings + node = "${var.proxmox_node}" + + // Virtual Machine Settings + vm_name = "${local.vm_name}" + bios = "${var.vm_bios}" + sockets = "${var.vm_cpu_sockets}" + cores = "${var.vm_cpu_count}" + cpu_type = "${var.vm_cpu_type}" + memory = "${var.vm_mem_size}" + os = "${var.vm_os_type}" + scsi_controller = "${var.vm_disk_controller_type}" + disks { + disk_size = "${var.vm_disk_size}" + type = "${var.vm_disk_type}" + storage_pool = "${var.vm_storage_pool}" + format = "${var.vm_disk_format}" + } + dynamic "efi_config" { + for_each = var.vm_bios == "ovmf" ? [1] : [] + content { + efi_storage_pool = var.vm_bios == "ovmf" ? var.vm_efi_storage_pool : null + efi_type = var.vm_bios == "ovmf" ? var.vm_efi_type : null + pre_enrolled_keys = var.vm_bios == "ovmf" ? var.vm_efi_pre_enrolled_keys : null + } + } + unmount_iso = true + ssh_username = "${var.build_username}" + ssh_password = "${var.build_password}" + ssh_timeout = "${var.timeout}" + ssh_port = "22" + iso_file = "${var.common_iso_storage}:${var.iso_path}/${var.iso_file}" + iso_checksum = "${var.iso_checksum}" + qemu_agent = true + + network_adapters { + bridge = "${var.vm_bridge_interface}" + model = "${var.vm_network_card_model}" + vlan_tag = "${var.vm_vlan_tag}" + } + + // Removable Media Settings + http_content = "${var.common_data_source}" == "http" ? "${local.data_source_content}" : null + + // Boot and Provisioning Settings + http_bind_address = var.common_data_source == "http" ? var.common_http_bind_address : null + http_port_min = var.common_data_source == "http" ? var.common_http_port_min : null + http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null + boot = var.vm_boot + boot_wait = var.vm_boot_wait + boot_command = local.boot_command + + dynamic "additional_iso_files" { + for_each = var.common_data_source == "disk" ? [1] : [] + content { + cd_files = var.common_data_source == "disk" ? local.data_source_content : null + cd_label = var.common_data_source == "disk" ? "cidata" : null + iso_storage_pool = var.common_data_source == "disk" ? "local" : null + } + } + + template_name = "${local.vm_name}" + template_description = "${local.build_description}" + + # VM Cloud Init Settings + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null + +} + +# Build Definition to create the VM Template +build { + sources = ["source.proxmox-iso.linux-almalinux"] + + provisioner "ansible" { + user = "${var.build_username}" + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" + ansible_env_vars = [ + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/libexec/platform-python" + ] + extra_arguments = [ + "--extra-vars", "display_skipped_hosts=false", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", + ] + } + + post-processor "manifest" { + output = local.manifest_output + strip_path = true + strip_time = true + custom_data = { + ansible_username = "${var.ansible_username}" + build_username = "${var.build_username}" + build_date = "${local.build_date}" + build_version = "${local.build_version}" + common_data_source = "${var.common_data_source}" + vm_cpu_sockets = "${var.vm_cpu_sockets}" + vm_cpu_count = "${var.vm_cpu_count}" + vm_disk_size = "${var.vm_disk_size}" + vm_bios = "${var.vm_bios}" + vm_os_type = "${var.vm_os_type}" + vm_mem_size = "${var.vm_mem_size}" + vm_network_card_model = "${var.vm_network_card_model}" + vm_cloudinit = "${var.vm_cloudinit}" + } + } +} diff --git a/builds/linux/almalinux/8/variables-network.pkr.hcl b/builds/linux/almalinux/8/variables-network.pkr.hcl new file mode 100644 index 0000000..46bf6ee --- /dev/null +++ b/builds/linux/almalinux/8/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + AlmaLinux 8 network variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens192" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} \ No newline at end of file diff --git a/builds/linux/almalinux/8/variables-storage.pkr.hcl b/builds/linux/almalinux/8/variables-storage.pkr.hcl new file mode 100644 index 0000000..7da49b2 --- /dev/null +++ b/builds/linux/almalinux/8/variables-storage.pkr.hcl @@ -0,0 +1,53 @@ +/* + DESCRIPTION: + AlmaLinux 8 storage variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Storage Settings + +variable "vm_disk_device" { + type = string + description = "The device for the virtual disk. (e.g. 'sda')" +} + +variable "vm_disk_use_swap" { + type = bool + description = "Whether to use a swap partition." +} + +variable "vm_disk_partitions" { + type = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + volume_group = string + })) + description = "The disk partitions for the virtual disk." +} + +variable "vm_disk_lvm" { + type = list(object({ + name = string + partitions = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + })) + })) + description = "The LVM configuration for the virtual disk." + default = [] +} diff --git a/builds/linux/almalinux/8/variables.pkr.hcl b/builds/linux/almalinux/8/variables.pkr.hcl new file mode 100644 index 0000000..25b08c4 --- /dev/null +++ b/builds/linux/almalinux/8/variables.pkr.hcl @@ -0,0 +1,307 @@ +/* + DESCRIPTION: + AlmaLinux 8 variables using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: variable +// Defines the input variables. + +// Proxmox Credentials + +variable "proxmox_hostname" { + type = string + description = "The FQDN or IP address of a Proxmox node. Only one node should be specified in a cluster." +} + +variable "proxmox_api_token_id" { + type = string + description = "The token to login to the Proxmox node/cluster. The format is USER@REALM!TOKENID. (e.g. packer@pam!packer_pve_token)" +} + +variable "proxmox_api_token_secret" { + type = string + description = "The secret for the API token used to login to the Proxmox API." +# sensitive = true +} + +variable "proxmox_insecure_connection" { + description = "true/false to skip Proxmox TLS certificate checks." + type = bool + default = true +} + +// Proxmox Settings + +variable "proxmox_node" { + type = string + description = "The name of the Proxmox node that Packer will build templates on." +} + +// Virtual Machine Settings + +variable "vm_os_language" { + type = string + description = "The guest operating system language." + default = "en_US" +} + +variable "vm_os_keyboard" { + type = string + description = "The guest operating system keyboard layout." + default = "us" +} + +variable "vm_os_timezone" { + type = string + description = "The guest operating system timezone." + default = "UTC" +} + +variable "vm_os_family" { + type = string + description = "The guest operating system family. Used for naming. (e.g. 'linux')" +} + +variable "vm_os_name" { + type = string + description = "The guest operating system name. Used for naming. (e.g. 'ubuntu')" +} + +variable "vm_os_version" { + type = string + description = "The guest operating system version. Used for naming. (e.g. '22-04-lts')" +} + +variable "vm_os_type" { + type = string + description = "The guest operating system type. (e.g. 'l26')" +} + +variable "vm_bios" { + type = string + description = "The firmware type. Allowed values 'ovmf' or 'seabios'" + default = "ovmf" + + validation { + condition = contains(["ovmf", "seabios"], var.vm_bios) + error_message = "The vm_bios value must be 'ovmf' or 'seabios'." + } +} + +variable "vm_firmware_path" { + type = string + description = "The firmware file to be used. Needed for EFI" + default = "/usr/share/ovmf/OVMF.fd" +} + +variable "vm_efi_storage_pool" { + type = string + description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" +} + +variable "vm_efi_type" { + type = string + description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" +} + +variable "vm_efi_pre_enrolled_keys" { + type = bool + description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false +} + +variable "vm_cpu_count" { + type = number + description = "The number of virtual CPUs. (e.g. '2')" +} + +variable "vm_cpu_sockets" { + type = number + description = "The number of virtual CPU sockets. (e.g. '1')" +} + +variable "vm_cpu_type" { + type = string + description = "The CPU type to emulate. See the Proxmox API documentation for the complete list of accepted values. For best performance, set this to host. Defaults to kvm64." +} + +variable "vm_mem_size" { + type = number + description = "The size for the virtual memory in MB. (e.g. '2048')" +} + +variable "vm_disk_controller_type" { + type = string + description = "The SCSI controller model to emulate. (e.g. 'virtio-scsi-pci')" +} + +variable "vm_disk_type" { + type = string + description = "The type of disk to emulate. (e.g. 'virtio')" +} + +variable "vm_storage_pool" { + type = string + description = "The name of the Proxmox storage pool to store the VM template. (e.g. 'local-lvm')" +} + +variable "vm_disk_size" { + type = string + description = "The size for the virtual disk in GB. (e.g. '32G')" +} + +variable "vm_disk_format" { + type = string + description = "The format of the file backing the disk. (e.g. 'qcow2')" +} + +variable "vm_network_card_model" { + type = string + description = "The model of the virtual network adapter to emulate. (e.g. 'virtio')" +} + +variable "vm_bridge_interface" { + type = string + description = "The name of the Proxmox bridge to attach the adapter to." +} + +variable "vm_vlan_tag" { + type = string + description = "If the adapter should tag packets, give the VLAN ID. (e.g. '102')" +} + +// Cloud-Init Settings + +variable "vm_cloudinit" { + type = bool + description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" + default = false +} + +// Removable Media Settings + +variable "common_iso_storage" { + type = string + description = "The name of the source Proxmox storage location for ISO images. (e.g. 'local-lvm')" +} + +variable "iso_path" { + type = string + description = "The path on the source Proxmox storage location for ISO images. (e.g. 'iso')" +} + +variable "iso_file" { + type = string + description = "The file name of the ISO image used by the vendor. (e.g. 'ubuntu--live-server-amd64.iso')" +} + +variable "iso_checksum" { + type = string + description = "The checksum value of the ISO image provided by the vendor." +} + +// Boot Settings + +variable "common_data_source" { + type = string + description = "The provisioning data source. (e.g. 'http' or 'disk')" +} + +variable "common_http_bind_address" { + type = string + description = "Define an IP address on the host to use for the HTTP server." + default = null +} + +variable "common_http_port_min" { + type = number + description = "The start of the HTTP port range." +} + +variable "common_http_port_max" { + type = number + description = "The end of the HTTP port range." +} + +variable "vm_boot" { + type = string + description = "The boot order for virtual machine devices. (e.g. 'order=virtio0;ide2;net0')" +} + +variable "vm_boot_wait" { + type = string + description = "The time to wait after booting the initial VM before typing the boot_command (e.g '10s')" +} + +variable "common_ip_wait_timeout" { + type = string + description = "Time to wait for guest operating system IP address response." +} + +variable "common_shutdown_timeout" { + type = string + description = "Time to wait for guest operating system shutdown." +} + +// Communicator Settings and Credentials + +variable "build_username" { + type = string + description = "The username to login to the guest operating system. (e.g. 'ubuntu')" +# sensitive = true +} + +variable "build_password" { + type = string + description = "The password to login to the guest operating system." +# sensitive = true +} + +variable "build_password_encrypted" { + type = string + description = "The encrypted password to login to the guest operating system." +# sensitive = true +} + +variable "build_key" { + type = string + description = "The SSH public key to login to the guest operating system." +# sensitive = true +} + +variable "timeout" { + description = "not sure why I need so high a timeout but here we are" + default = "90m" +} + +// Ansible Credentials + +variable "ansible_username" { + type = string + description = "The username for Ansible to login to the guest operating system. (e.g. 'ansible')" +# sensitive = true +} + +variable "ansible_key" { + type = string + description = "The public key for Ansible to login to the guest operating system." +# sensitive = true +} + +// HCP Packer Settings + +variable "common_hcp_packer_registry_enabled" { + type = bool + description = "Enable the HCP Packer registry." + default = false +} + +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} \ No newline at end of file diff --git a/builds/linux/almalinux/9/data/ks.pkrtpl.hcl b/builds/linux/almalinux/9/data/ks.pkrtpl.hcl new file mode 100644 index 0000000..c00f7b6 --- /dev/null +++ b/builds/linux/almalinux/9/data/ks.pkrtpl.hcl @@ -0,0 +1,85 @@ +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE +# WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +# AlmaLinux 9 + +### Installs from the first attached CD-ROM/DVD on the system. +cdrom + +### Performs the kickstart installation in text mode. +### By default, kickstart installations are performed in graphical mode. +text + +### Accepts the End User License Agreement. +eula --agreed + +### Sets the language to use during installation and the default language to use on the installed system. +lang ${vm_os_language} + +### Sets the default keyboard type for the system. +keyboard ${vm_os_keyboard} + +### Configure network information for target system and activate network devices in the installer environment (optional) +### --onboot enable device at a boot time +### --device device to be activated and / or configured with the network command +### --bootproto method to obtain networking configuration for device (default dhcp) +### --noipv6 disable IPv6 on this device +${network} + +### Lock the root account. +rootpw --lock + +### The selected profile will restrict root login. +### Add a user that can login and escalate privileges. +user --name=${build_username} --iscrypted --password=${build_password_encrypted} --groups=wheel + +### Configure firewall settings for the system. +### --enabled reject incoming connections that are not in response to outbound requests +### --ssh allow sshd service through the firewall +firewall --enabled --ssh + +### Sets up the authentication options for the system. +### The SSSD profile sets sha512 to hash passwords. Passwords are shadowed by default +### See the manual page for authselect-profile for a complete list of possible options. +authselect select sssd + +### Sets the state of SELinux on the installed system. +### Defaults to enforcing. +selinux --enforcing + +### Sets the system time zone. +timezone ${vm_os_timezone} + +### Partitioning +${storage} + +### Modifies the default set of services that will run under the default runlevel. +services --enabled=NetworkManager,sshd + +### Do not configure X on the installed system. +skipx + +### Packages selection. +%packages --ignoremissing --excludedocs +@core +-iwl*firmware +%end + +### Post-installation commands. +%post +dnf makecache +dnf install epel-release -y +dnf makecache +dnf install -y sudo qemu-guest-tools +%{ if additional_packages != "" ~} +dnf install -y ${additional_packages} +%{ endif ~} +echo "${build_username} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/${build_username} +sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers +%end + +### Reboot after the installation is complete. +### --eject attempt to eject the media before rebooting. +reboot --eject diff --git a/builds/linux/almalinux/9/data/network.pkrtpl.hcl b/builds/linux/almalinux/9/data/network.pkrtpl.hcl new file mode 100644 index 0000000..a7949a7 --- /dev/null +++ b/builds/linux/almalinux/9/data/network.pkrtpl.hcl @@ -0,0 +1,5 @@ +%{ if ip != null ~} +network --device=${device} --bootproto=static --ip=${ip} --netmask=${cidrnetmask("${ip}/${netmask}")} --gateway=${gateway} --nameserver=${join(",", dns)} +%{ else ~} +network --device=${device} --bootproto=dhcp +%{ endif ~} diff --git a/builds/linux/almalinux/9/data/storage.pkrtpl.hcl b/builds/linux/almalinux/9/data/storage.pkrtpl.hcl new file mode 100644 index 0000000..14be99a --- /dev/null +++ b/builds/linux/almalinux/9/data/storage.pkrtpl.hcl @@ -0,0 +1,76 @@ +### Sets how the boot loader should be installed. +bootloader --location=mbr + +### Initialize any invalid partition tables found on disks. +zerombr + +### Removes partitions from the system, prior to creation of new partitions. +### By default, no partitions are removed. +### --all Erases all partitions from the system +### --initlabel Initializes a disk (or disks) by creating a default disk label for all disks in their respective architecture. +clearpart --all --initlabel + +### Modify partition sizes for the virtual machine hardware. +### Create primary system partitions. +%{ for partition in partitions ~} +part +%{~ if partition.volume_group != "" ~} + pv.${partition.volume_group} +%{~ else ~} +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} +%{~ if partition.format.fstype != "" ~} + --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ endif ~} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +%{ if vm_bios == "seabios" ~} +part biosboot --fstype="biosboot" --ondisk=${device} --size=1 +%{ endif ~} +### Create a logical volume management (LVM) group. +%{ for index, volume_group in lvm ~} +volgroup sysvg pv.${volume_group.name} + +### Modify logical volume sizes for the virtual machine hardware. +### Create logical volumes. +%{ for partition in volume_group.partitions ~} +logvol +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} + --name=${partition.name} --vgname=${volume_group.name} --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +%{ endfor ~} \ No newline at end of file diff --git a/builds/linux/almalinux/9/linux-almalinux.auto.pkrvars.hcl b/builds/linux/almalinux/9/linux-almalinux.auto.pkrvars.hcl new file mode 100644 index 0000000..e4aff4b --- /dev/null +++ b/builds/linux/almalinux/9/linux-almalinux.auto.pkrvars.hcl @@ -0,0 +1,40 @@ +/* + DESCRIPTION: + AlmaLinux 9 variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// Guest Operating System Metadata +vm_os_language = "en_US" +vm_os_keyboard = "us" +vm_os_timezone = "UTC" +vm_os_family = "linux" +vm_os_name = "almalinux" +vm_os_version = "9" + +// Virtual Machine Guest Operating System Setting +vm_os_type = "l26" +vm_cloudinit = true + +// Virtual Machine Hardware Settings +vm_bios = "ovmf" +vm_cpu_count = 1 +vm_cpu_sockets = 1 +vm_cpu_type = "x86-64-v2-AES" +vm_mem_size = 2048 +vm_disk_type = "virtio" +vm_disk_size = "32G" +vm_disk_format = "raw" +vm_disk_controller_type = "virtio-scsi-pci" +vm_network_card_model = "virtio" + +// Removable Media Settings +iso_path = "iso" +iso_file = "AlmaLinux-9.4-x86_64-dvd.iso" +iso_checksum = "file:https://repo.almalinux.org/almalinux/9.4/isos/x86_64/CHECKSUM" + +// Boot Settings +vm_boot = "order=virtio0;ide2;net0" +vm_boot_wait = "10s" + +// EFI Settings +vm_firmware_path = "./OVMF.fd" diff --git a/builds/linux/almalinux/9/linux-almalinux.pkr.hcl b/builds/linux/almalinux/9/linux-almalinux.pkr.hcl new file mode 100644 index 0000000..282051f --- /dev/null +++ b/builds/linux/almalinux/9/linux-almalinux.pkr.hcl @@ -0,0 +1,227 @@ +/* + DESCRIPTION: + AlmaLinux 9 template using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: packer +// The Packer configuration. + +packer { + required_version = ">= 1.11.0" + required_plugins { + ansible = { + source = "github.com/hashicorp/ansible" + version = "~> 1" + } + git = { + version = ">= 0.6.2" + source = "github.com/ethanmdavidson/git" + } + proxmox = { + version = ">= 1.1.8" + source = "github.com/hashicorp/proxmox" + } + } +} + +// BLOCK: data +// Defines the data sources. + +data "git-repository" "cwd" {} + +// BLOCK: locals +// Defines the local variables. + +locals { + bios_boot_command = [ + // This sends the "up arrow" key, typically used to navigate through boot menu options. + "", + // This sends the "tab" key. In the BIOS bootloader, this is how you customize the boot options. + "", + "inst.text biosdevname=0 net.ifnames=0 inst.gpt", + " ${local.data_source_command}", + "" + ] + uefi_boot_command = [ + // This sends the "up arrow" key, typically used to navigate through boot menu options. + "", + // This sends the "e" key. In the GRUB boot loader, this is used to edit the selected boot menu option. + "e", + // This sends two "down arrow" keys, followed by the "end" key, and then waits. This is used to navigate to a specific line in the boot menu option's configuration. + "", + // This types the string "text" followed by the value of the 'data_source_command' local variable. + // This is used to modify the boot menu option's configuration to boot in text mode and specify the kickstart data source configured in the common variables. + "text ${local.data_source_command}", + // This sends the "enter" key, waits, turns on the left control key, sends the "x" key, and then turns off the left control key. This is used to save the changes and exit the boot menu option's configuration, and then continue the boot process. + "x" + ] + build_by = "Built by: HashiCorp Packer ${packer.version}" + build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) + build_version = data.git-repository.cwd.head + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" + vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" + manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) + manifest_path = "${path.cwd}/manifests/" + manifest_output = "${local.manifest_path}${local.manifest_date}.json" + data_source_content = { + "/ks.cfg" = templatefile("${abspath(path.root)}/data/ks.pkrtpl.hcl", { + build_username = var.build_username + build_password = var.build_password + build_password_encrypted = var.build_password_encrypted + vm_disk_type = local.vm_disk_type + vm_os_language = var.vm_os_language + vm_os_keyboard = var.vm_os_keyboard + vm_os_timezone = var.vm_os_timezone + + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_bridge_interface + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) + common_data_source = var.common_data_source + # lvm needs to be here so late commands can access vg names + #lvm = var.vm_disk_lvm + storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { + device = var.vm_disk_device + swap = var.vm_disk_use_swap + partitions = var.vm_disk_partitions + lvm = var.vm_disk_lvm + vm_bios = var.vm_bios + }) + additional_packages = join(" ", var.additional_packages) + }) + } + data_source_command = var.common_data_source == "http" ? "inst.ks=http://{{.HTTPIP}}:{{.HTTPPort}}/ks.cfg" : "inst.ks=/cdrom/ks.cfg" + vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command + vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null +} + +// BLOCK: source +// Defines the builder configuration blocks. + +source "proxmox-iso" "linux-almalinux" { + + // Proxmox Connection Settings and Credentials + proxmox_url = "https://${var.proxmox_hostname}:8006/api2/json" + username = "${var.proxmox_api_token_id}" + token = "${var.proxmox_api_token_secret}" + insecure_skip_tls_verify = "${var.proxmox_insecure_connection}" + + // Proxmox Settings + node = "${var.proxmox_node}" + + // Virtual Machine Settings + vm_name = "${local.vm_name}" + bios = "${var.vm_bios}" + sockets = "${var.vm_cpu_sockets}" + cores = "${var.vm_cpu_count}" + cpu_type = "${var.vm_cpu_type}" + memory = "${var.vm_mem_size}" + os = "${var.vm_os_type}" + scsi_controller = "${var.vm_disk_controller_type}" + disks { + disk_size = "${var.vm_disk_size}" + type = "${var.vm_disk_type}" + storage_pool = "${var.vm_storage_pool}" + format = "${var.vm_disk_format}" + } + dynamic "efi_config" { + for_each = var.vm_bios == "ovmf" ? [1] : [] + content { + efi_storage_pool = var.vm_bios == "ovmf" ? var.vm_efi_storage_pool : null + efi_type = var.vm_bios == "ovmf" ? var.vm_efi_type : null + pre_enrolled_keys = var.vm_bios == "ovmf" ? var.vm_efi_pre_enrolled_keys : null + } + } + unmount_iso = true + ssh_username = "${var.build_username}" + ssh_password = "${var.build_password}" + ssh_timeout = "${var.timeout}" + ssh_port = "22" + iso_file = "${var.common_iso_storage}:${var.iso_path}/${var.iso_file}" + iso_checksum = "${var.iso_checksum}" + qemu_agent = true + + network_adapters { + bridge = "${var.vm_bridge_interface}" + model = "${var.vm_network_card_model}" + vlan_tag = "${var.vm_vlan_tag}" + } + + // Removable Media Settings + http_content = "${var.common_data_source}" == "http" ? "${local.data_source_content}" : null + + // Boot and Provisioning Settings + http_bind_address = var.common_data_source == "http" ? var.common_http_bind_address : null + http_port_min = var.common_data_source == "http" ? var.common_http_port_min : null + http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null + boot = var.vm_boot + boot_wait = var.vm_boot_wait + boot_command = local.boot_command + + dynamic "additional_iso_files" { + for_each = var.common_data_source == "disk" ? [1] : [] + content { + cd_files = var.common_data_source == "disk" ? local.data_source_content : null + cd_label = var.common_data_source == "disk" ? "cidata" : null + iso_storage_pool = var.common_data_source == "disk" ? "local" : null + } + } + + template_name = "${local.vm_name}" + template_description = "${local.build_description}" + + # VM Cloud Init Settings + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null + +} + +# Build Definition to create the VM Template +build { + sources = ["source.proxmox-iso.linux-almalinux"] + + provisioner "ansible" { + user = "${var.build_username}" + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" + ansible_env_vars = [ + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/libexec/platform-python" + ] + extra_arguments = [ + "--extra-vars", "display_skipped_hosts=false", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", + ] + } + + post-processor "manifest" { + output = local.manifest_output + strip_path = true + strip_time = true + custom_data = { + ansible_username = "${var.ansible_username}" + build_username = "${var.build_username}" + build_date = "${local.build_date}" + build_version = "${local.build_version}" + common_data_source = "${var.common_data_source}" + vm_cpu_sockets = "${var.vm_cpu_sockets}" + vm_cpu_count = "${var.vm_cpu_count}" + vm_disk_size = "${var.vm_disk_size}" + vm_bios = "${var.vm_bios}" + vm_os_type = "${var.vm_os_type}" + vm_mem_size = "${var.vm_mem_size}" + vm_network_card_model = "${var.vm_network_card_model}" + vm_cloudinit = "${var.vm_cloudinit}" + } + } +} diff --git a/builds/linux/almalinux/9/variables-network.pkr.hcl b/builds/linux/almalinux/9/variables-network.pkr.hcl new file mode 100644 index 0000000..38e754b --- /dev/null +++ b/builds/linux/almalinux/9/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + AlmaLinux 9 network variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens192" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} \ No newline at end of file diff --git a/builds/linux/almalinux/9/variables-storage.pkr.hcl b/builds/linux/almalinux/9/variables-storage.pkr.hcl new file mode 100644 index 0000000..6d5b477 --- /dev/null +++ b/builds/linux/almalinux/9/variables-storage.pkr.hcl @@ -0,0 +1,53 @@ +/* + DESCRIPTION: + AlmaLinux 9 storage variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Storage Settings + +variable "vm_disk_device" { + type = string + description = "The device for the virtual disk. (e.g. 'sda')" +} + +variable "vm_disk_use_swap" { + type = bool + description = "Whether to use a swap partition." +} + +variable "vm_disk_partitions" { + type = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + volume_group = string + })) + description = "The disk partitions for the virtual disk." +} + +variable "vm_disk_lvm" { + type = list(object({ + name = string + partitions = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + })) + })) + description = "The LVM configuration for the virtual disk." + default = [] +} diff --git a/builds/linux/almalinux/9/variables.pkr.hcl b/builds/linux/almalinux/9/variables.pkr.hcl new file mode 100644 index 0000000..e255b76 --- /dev/null +++ b/builds/linux/almalinux/9/variables.pkr.hcl @@ -0,0 +1,307 @@ +/* + DESCRIPTION: + AlmaLinux 9 variables using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: variable +// Defines the input variables. + +// Proxmox Credentials + +variable "proxmox_hostname" { + type = string + description = "The FQDN or IP address of a Proxmox node. Only one node should be specified in a cluster." +} + +variable "proxmox_api_token_id" { + type = string + description = "The token to login to the Proxmox node/cluster. The format is USER@REALM!TOKENID. (e.g. packer@pam!packer_pve_token)" +} + +variable "proxmox_api_token_secret" { + type = string + description = "The secret for the API token used to login to the Proxmox API." +# sensitive = true +} + +variable "proxmox_insecure_connection" { + description = "true/false to skip Proxmox TLS certificate checks." + type = bool + default = true +} + +// Proxmox Settings + +variable "proxmox_node" { + type = string + description = "The name of the Proxmox node that Packer will build templates on." +} + +// Virtual Machine Settings + +variable "vm_os_language" { + type = string + description = "The guest operating system language." + default = "en_US" +} + +variable "vm_os_keyboard" { + type = string + description = "The guest operating system keyboard layout." + default = "us" +} + +variable "vm_os_timezone" { + type = string + description = "The guest operating system timezone." + default = "UTC" +} + +variable "vm_os_family" { + type = string + description = "The guest operating system family. Used for naming. (e.g. 'linux')" +} + +variable "vm_os_name" { + type = string + description = "The guest operating system name. Used for naming. (e.g. 'ubuntu')" +} + +variable "vm_os_version" { + type = string + description = "The guest operating system version. Used for naming. (e.g. '22-04-lts')" +} + +variable "vm_os_type" { + type = string + description = "The guest operating system type. (e.g. 'l26')" +} + +variable "vm_bios" { + type = string + description = "The firmware type. Allowed values 'ovmf' or 'seabios'" + default = "ovmf" + + validation { + condition = contains(["ovmf", "seabios"], var.vm_bios) + error_message = "The vm_bios value must be 'ovmf' or 'seabios'." + } +} + +variable "vm_firmware_path" { + type = string + description = "The firmware file to be used. Needed for EFI" + default = "/usr/share/ovmf/OVMF.fd" +} + +variable "vm_efi_storage_pool" { + type = string + description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" +} + +variable "vm_efi_type" { + type = string + description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" +} + +variable "vm_efi_pre_enrolled_keys" { + type = bool + description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false +} + +variable "vm_cpu_count" { + type = number + description = "The number of virtual CPUs. (e.g. '2')" +} + +variable "vm_cpu_sockets" { + type = number + description = "The number of virtual CPU sockets. (e.g. '1')" +} + +variable "vm_cpu_type" { + type = string + description = "The CPU type to emulate. See the Proxmox API documentation for the complete list of accepted values. For best performance, set this to host. Defaults to kvm64." +} + +variable "vm_mem_size" { + type = number + description = "The size for the virtual memory in MB. (e.g. '2048')" +} + +variable "vm_disk_controller_type" { + type = string + description = "The SCSI controller model to emulate. (e.g. 'virtio-scsi-pci')" +} + +variable "vm_disk_type" { + type = string + description = "The type of disk to emulate. (e.g. 'virtio')" +} + +variable "vm_storage_pool" { + type = string + description = "The name of the Proxmox storage pool to store the VM template. (e.g. 'local-lvm')" +} + +variable "vm_disk_size" { + type = string + description = "The size for the virtual disk in GB. (e.g. '32G')" +} + +variable "vm_disk_format" { + type = string + description = "The format of the file backing the disk. (e.g. 'qcow2')" +} + +variable "vm_network_card_model" { + type = string + description = "The model of the virtual network adapter to emulate. (e.g. 'virtio')" +} + +variable "vm_bridge_interface" { + type = string + description = "The name of the Proxmox bridge to attach the adapter to." +} + +variable "vm_vlan_tag" { + type = string + description = "If the adapter should tag packets, give the VLAN ID. (e.g. '102')" +} + +// Cloud-Init Settings + +variable "vm_cloudinit" { + type = bool + description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" + default = false +} + +// Removable Media Settings + +variable "common_iso_storage" { + type = string + description = "The name of the source Proxmox storage location for ISO images. (e.g. 'local-lvm')" +} + +variable "iso_path" { + type = string + description = "The path on the source Proxmox storage location for ISO images. (e.g. 'iso')" +} + +variable "iso_file" { + type = string + description = "The file name of the ISO image used by the vendor. (e.g. 'ubuntu--live-server-amd64.iso')" +} + +variable "iso_checksum" { + type = string + description = "The checksum value of the ISO image provided by the vendor." +} + +// Boot Settings + +variable "common_data_source" { + type = string + description = "The provisioning data source. (e.g. 'http' or 'disk')" +} + +variable "common_http_bind_address" { + type = string + description = "Define an IP address on the host to use for the HTTP server." + default = null +} + +variable "common_http_port_min" { + type = number + description = "The start of the HTTP port range." +} + +variable "common_http_port_max" { + type = number + description = "The end of the HTTP port range." +} + +variable "vm_boot" { + type = string + description = "The boot order for virtual machine devices. (e.g. 'order=virtio0;ide2;net0')" +} + +variable "vm_boot_wait" { + type = string + description = "The time to wait after booting the initial VM before typing the boot_command (e.g '10s')" +} + +variable "common_ip_wait_timeout" { + type = string + description = "Time to wait for guest operating system IP address response." +} + +variable "common_shutdown_timeout" { + type = string + description = "Time to wait for guest operating system shutdown." +} + +// Communicator Settings and Credentials + +variable "build_username" { + type = string + description = "The username to login to the guest operating system. (e.g. 'ubuntu')" +# sensitive = true +} + +variable "build_password" { + type = string + description = "The password to login to the guest operating system." +# sensitive = true +} + +variable "build_password_encrypted" { + type = string + description = "The encrypted password to login to the guest operating system." +# sensitive = true +} + +variable "build_key" { + type = string + description = "The SSH public key to login to the guest operating system." +# sensitive = true +} + +variable "timeout" { + description = "not sure why I need so high a timeout but here we are" + default = "90m" +} + +// Ansible Credentials + +variable "ansible_username" { + type = string + description = "The username for Ansible to login to the guest operating system. (e.g. 'ansible')" +# sensitive = true +} + +variable "ansible_key" { + type = string + description = "The public key for Ansible to login to the guest operating system." +# sensitive = true +} + +// HCP Packer Settings + +variable "common_hcp_packer_registry_enabled" { + type = bool + description = "Enable the HCP Packer registry." + default = false +} + +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} \ No newline at end of file From 189ebb78c25f2dd3ab99d01223b76131a0fcc3d2 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:18:55 -0500 Subject: [PATCH 64/72] feat: move var to top level var file --- builds/common.pkrvars.hcl.example | 3 +++ 1 file changed, 3 insertions(+) diff --git a/builds/common.pkrvars.hcl.example b/builds/common.pkrvars.hcl.example index 708192a..64c7e1e 100644 --- a/builds/common.pkrvars.hcl.example +++ b/builds/common.pkrvars.hcl.example @@ -7,6 +7,9 @@ // Removable Media Settings common_iso_storage = "OS" +// Where to store the completed VM templates +vm_storage_pool = "pool0" + // Boot and Provisioning Settings common_data_source = "http" common_http_ip = null From 45088b8eb912cffe9b43aee0a9bb3dcd836d11ef Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:23:05 -0500 Subject: [PATCH 65/72] feat: remove vars that exist in top level var file --- .../centos/9-stream/linux-centos-stream.auto.pkrvars.hcl | 6 ------ builds/linux/debian/11/linux-debian.auto.pkrvars.hcl | 6 ------ builds/linux/debian/12/linux-debian.auto.pkrvars.hcl | 6 ------ .../opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl | 6 ------ .../opensuse/leap-15-6/linux-opensuse-leap.auto.pkrvars.hcl | 6 ------ builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl | 6 ------ builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl | 6 ------ builds/linux/ubuntu/20-04-lts/linux-ubuntu.auto.pkrvars.hcl | 6 ------ builds/linux/ubuntu/22-04-lts/linux-ubuntu.auto.pkrvars.hcl | 6 ------ builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl | 6 ------ 10 files changed, 60 deletions(-) diff --git a/builds/linux/centos/9-stream/linux-centos-stream.auto.pkrvars.hcl b/builds/linux/centos/9-stream/linux-centos-stream.auto.pkrvars.hcl index 9a4a965..96149a9 100644 --- a/builds/linux/centos/9-stream/linux-centos-stream.auto.pkrvars.hcl +++ b/builds/linux/centos/9-stream/linux-centos-stream.auto.pkrvars.hcl @@ -24,11 +24,8 @@ vm_mem_size = 2048 vm_disk_type = "virtio" vm_disk_size = "32G" vm_disk_format = "raw" -vm_storage_pool = "vm-data" vm_disk_controller_type = "virtio-scsi-pci" vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" @@ -41,6 +38,3 @@ vm_boot_wait = "5s" // EFI Settings vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" diff --git a/builds/linux/debian/11/linux-debian.auto.pkrvars.hcl b/builds/linux/debian/11/linux-debian.auto.pkrvars.hcl index bdb07cd..d852b9b 100644 --- a/builds/linux/debian/11/linux-debian.auto.pkrvars.hcl +++ b/builds/linux/debian/11/linux-debian.auto.pkrvars.hcl @@ -24,11 +24,8 @@ vm_mem_size = 2048 vm_disk_type = "virtio" vm_disk_size = "32G" vm_disk_format = "raw" -vm_storage_pool = "vm-data" vm_disk_controller_type = "virtio-scsi-pci" vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" @@ -41,6 +38,3 @@ vm_boot_wait = "5s" // EFI Settings vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" diff --git a/builds/linux/debian/12/linux-debian.auto.pkrvars.hcl b/builds/linux/debian/12/linux-debian.auto.pkrvars.hcl index 58035ee..089296b 100644 --- a/builds/linux/debian/12/linux-debian.auto.pkrvars.hcl +++ b/builds/linux/debian/12/linux-debian.auto.pkrvars.hcl @@ -24,11 +24,8 @@ vm_mem_size = 2048 vm_disk_type = "virtio" vm_disk_size = "32G" vm_disk_format = "raw" -vm_storage_pool = "vm-data" vm_disk_controller_type = "virtio-scsi-pci" vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" @@ -41,6 +38,3 @@ vm_boot_wait = "5s" // EFI Settings vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" diff --git a/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl b/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl index f4b0d23..51811ac 100644 --- a/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl +++ b/builds/linux/opensuse/leap-15-5/linux-opensuse-leap.auto.pkrvars.hcl @@ -24,11 +24,8 @@ vm_mem_size = 2048 vm_disk_type = "virtio" vm_disk_size = "32G" vm_disk_format = "raw" -vm_storage_pool = "vm-data" vm_disk_controller_type = "virtio-scsi-pci" vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" @@ -41,6 +38,3 @@ vm_boot_wait = "5s" // EFI Settings vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" diff --git a/builds/linux/opensuse/leap-15-6/linux-opensuse-leap.auto.pkrvars.hcl b/builds/linux/opensuse/leap-15-6/linux-opensuse-leap.auto.pkrvars.hcl index dfddc68..2eafb69 100644 --- a/builds/linux/opensuse/leap-15-6/linux-opensuse-leap.auto.pkrvars.hcl +++ b/builds/linux/opensuse/leap-15-6/linux-opensuse-leap.auto.pkrvars.hcl @@ -24,11 +24,8 @@ vm_mem_size = 2048 vm_disk_type = "virtio" vm_disk_size = "32G" vm_disk_format = "raw" -vm_storage_pool = "vm-data" vm_disk_controller_type = "virtio-scsi-pci" vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" @@ -41,6 +38,3 @@ vm_boot_wait = "5s" // EFI Settings vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" diff --git a/builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl b/builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl index 028700f..4072f0f 100644 --- a/builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl +++ b/builds/linux/rocky/8/linux-rocky.auto.pkrvars.hcl @@ -24,11 +24,8 @@ vm_mem_size = 2048 vm_disk_type = "virtio" vm_disk_size = "32G" vm_disk_format = "raw" -vm_storage_pool = "vm-data" vm_disk_controller_type = "virtio-scsi-pci" vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" @@ -41,6 +38,3 @@ vm_boot_wait = "10s" // EFI Settings vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" diff --git a/builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl b/builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl index 06c6d33..69009d4 100644 --- a/builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl +++ b/builds/linux/rocky/9/linux-rocky.auto.pkrvars.hcl @@ -24,11 +24,8 @@ vm_mem_size = 2048 vm_disk_type = "virtio" vm_disk_size = "32G" vm_disk_format = "raw" -vm_storage_pool = "vm-data" vm_disk_controller_type = "virtio-scsi-pci" vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" @@ -41,6 +38,3 @@ vm_boot_wait = "10s" // EFI Settings vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" diff --git a/builds/linux/ubuntu/20-04-lts/linux-ubuntu.auto.pkrvars.hcl b/builds/linux/ubuntu/20-04-lts/linux-ubuntu.auto.pkrvars.hcl index e5156d7..8ab65ee 100644 --- a/builds/linux/ubuntu/20-04-lts/linux-ubuntu.auto.pkrvars.hcl +++ b/builds/linux/ubuntu/20-04-lts/linux-ubuntu.auto.pkrvars.hcl @@ -24,11 +24,8 @@ vm_mem_size = 2048 vm_disk_type = "virtio" vm_disk_size = "32G" vm_disk_format = "raw" -vm_storage_pool = "vm-data" vm_disk_controller_type = "virtio-scsi-pci" vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" @@ -41,6 +38,3 @@ vm_boot_wait = "5s" // EFI Settings vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" diff --git a/builds/linux/ubuntu/22-04-lts/linux-ubuntu.auto.pkrvars.hcl b/builds/linux/ubuntu/22-04-lts/linux-ubuntu.auto.pkrvars.hcl index 136de07..d715a86 100644 --- a/builds/linux/ubuntu/22-04-lts/linux-ubuntu.auto.pkrvars.hcl +++ b/builds/linux/ubuntu/22-04-lts/linux-ubuntu.auto.pkrvars.hcl @@ -24,11 +24,8 @@ vm_mem_size = 2048 vm_disk_type = "virtio" vm_disk_size = "32G" vm_disk_format = "raw" -vm_storage_pool = "vm-data" vm_disk_controller_type = "virtio-scsi-pci" vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" @@ -41,6 +38,3 @@ vm_boot_wait = "5s" // EFI Settings vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" diff --git a/builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl b/builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl index ccfc477..80081dc 100644 --- a/builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl +++ b/builds/linux/ubuntu/24-04-lts/linux-ubuntu.auto.pkrvars.hcl @@ -24,11 +24,8 @@ vm_mem_size = 2048 vm_disk_type = "virtio" vm_disk_size = "32G" vm_disk_format = "raw" -vm_storage_pool = "vm-data" vm_disk_controller_type = "virtio-scsi-pci" vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" // Removable Media Settings iso_path = "iso" @@ -41,6 +38,3 @@ vm_boot_wait = "5s" // EFI Settings vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" From 37c439621a38ed90e9ba63e133ca9ebb28afeeea Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 15:24:17 -0500 Subject: [PATCH 66/72] feat: update var defaults and descriptions --- builds/linux/centos/9-stream/variables.pkr.hcl | 7 +++++-- builds/linux/debian/11/variables.pkr.hcl | 5 ++++- builds/linux/debian/12/variables.pkr.hcl | 5 ++++- builds/linux/opensuse/leap-15-5/variables.pkr.hcl | 7 +++++-- builds/linux/opensuse/leap-15-6/variables.pkr.hcl | 9 ++++++--- builds/linux/rocky/8/variables.pkr.hcl | 7 +++++-- builds/linux/rocky/9/variables.pkr.hcl | 7 +++++-- builds/linux/ubuntu/20-04-lts/variables-network.pkr.hcl | 2 +- builds/linux/ubuntu/20-04-lts/variables.pkr.hcl | 5 ++++- builds/linux/ubuntu/22-04-lts/variables-network.pkr.hcl | 2 +- builds/linux/ubuntu/22-04-lts/variables-storage.pkr.hcl | 2 +- builds/linux/ubuntu/22-04-lts/variables.pkr.hcl | 5 ++++- builds/linux/ubuntu/24-04-lts/variables-network.pkr.hcl | 2 +- builds/linux/ubuntu/24-04-lts/variables.pkr.hcl | 5 ++++- 14 files changed, 50 insertions(+), 20 deletions(-) diff --git a/builds/linux/centos/9-stream/variables.pkr.hcl b/builds/linux/centos/9-stream/variables.pkr.hcl index 7ca551b..021fd86 100644 --- a/builds/linux/centos/9-stream/variables.pkr.hcl +++ b/builds/linux/centos/9-stream/variables.pkr.hcl @@ -1,6 +1,6 @@ /* DESCRIPTION: - CentOS Stream 9 variables using the Packer Builder for Proxmox (proxmox-iso). + CentOS 9 Stream variables using the Packer Builder for Proxmox (proxmox-iso). */ // BLOCK: variable @@ -80,7 +80,7 @@ variable "vm_os_type" { variable "vm_bios" { type = string description = "The firmware type. Allowed values 'ovmf' or 'seabios'" - default = "OVMF" + default = "ovmf" validation { condition = contains(["ovmf", "seabios"], var.vm_bios) @@ -97,16 +97,19 @@ variable "vm_firmware_path" { variable "vm_efi_storage_pool" { type = string description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" } variable "vm_efi_type" { type = string description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" } variable "vm_efi_pre_enrolled_keys" { type = bool description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false } variable "vm_cpu_count" { diff --git a/builds/linux/debian/11/variables.pkr.hcl b/builds/linux/debian/11/variables.pkr.hcl index 487e08c..c80568e 100644 --- a/builds/linux/debian/11/variables.pkr.hcl +++ b/builds/linux/debian/11/variables.pkr.hcl @@ -80,7 +80,7 @@ variable "vm_os_type" { variable "vm_bios" { type = string description = "The firmware type. Allowed values 'ovmf' or 'seabios'" - default = "OVMF" + default = "ovmf" validation { condition = contains(["ovmf", "seabios"], var.vm_bios) @@ -97,16 +97,19 @@ variable "vm_firmware_path" { variable "vm_efi_storage_pool" { type = string description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" } variable "vm_efi_type" { type = string description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" } variable "vm_efi_pre_enrolled_keys" { type = bool description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false } variable "vm_cpu_count" { diff --git a/builds/linux/debian/12/variables.pkr.hcl b/builds/linux/debian/12/variables.pkr.hcl index f5be19a..ca3b54a 100644 --- a/builds/linux/debian/12/variables.pkr.hcl +++ b/builds/linux/debian/12/variables.pkr.hcl @@ -80,7 +80,7 @@ variable "vm_os_type" { variable "vm_bios" { type = string description = "The firmware type. Allowed values 'ovmf' or 'seabios'" - default = "OVMF" + default = "ovmf" validation { condition = contains(["ovmf", "seabios"], var.vm_bios) @@ -97,16 +97,19 @@ variable "vm_firmware_path" { variable "vm_efi_storage_pool" { type = string description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" } variable "vm_efi_type" { type = string description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" } variable "vm_efi_pre_enrolled_keys" { type = bool description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false } variable "vm_cpu_count" { diff --git a/builds/linux/opensuse/leap-15-5/variables.pkr.hcl b/builds/linux/opensuse/leap-15-5/variables.pkr.hcl index 308258f..b5451e1 100644 --- a/builds/linux/opensuse/leap-15-5/variables.pkr.hcl +++ b/builds/linux/opensuse/leap-15-5/variables.pkr.hcl @@ -1,6 +1,6 @@ /* DESCRIPTION: - openSUSE-Leap 15.5 variables using the Packer Builder for Proxmox (proxmox-iso). + openSUSE Leap 15.5 variables using the Packer Builder for Proxmox (proxmox-iso). */ // BLOCK: variable @@ -80,7 +80,7 @@ variable "vm_os_type" { variable "vm_bios" { type = string description = "The firmware type. Allowed values 'ovmf' or 'seabios'" - default = "OVMF" + default = "ovmf" validation { condition = contains(["ovmf", "seabios"], var.vm_bios) @@ -97,16 +97,19 @@ variable "vm_firmware_path" { variable "vm_efi_storage_pool" { type = string description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" } variable "vm_efi_type" { type = string description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" } variable "vm_efi_pre_enrolled_keys" { type = bool description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false } variable "vm_cpu_count" { diff --git a/builds/linux/opensuse/leap-15-6/variables.pkr.hcl b/builds/linux/opensuse/leap-15-6/variables.pkr.hcl index 42574e8..54e0a69 100644 --- a/builds/linux/opensuse/leap-15-6/variables.pkr.hcl +++ b/builds/linux/opensuse/leap-15-6/variables.pkr.hcl @@ -1,6 +1,6 @@ /* DESCRIPTION: - openSUSE-Leap 15.6 variables using the Packer Builder for Proxmox (proxmox-iso). + openSUSE Leap 15.6 variables using the Packer Builder for Proxmox (proxmox-iso). */ // BLOCK: variable @@ -80,7 +80,7 @@ variable "vm_os_type" { variable "vm_bios" { type = string description = "The firmware type. Allowed values 'ovmf' or 'seabios'" - default = "OVMF" + default = "ovmf" validation { condition = contains(["ovmf", "seabios"], var.vm_bios) @@ -97,16 +97,19 @@ variable "vm_firmware_path" { variable "vm_efi_storage_pool" { type = string description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" } variable "vm_efi_type" { type = string description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" } variable "vm_efi_pre_enrolled_keys" { type = bool description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false } variable "vm_cpu_count" { @@ -301,4 +304,4 @@ variable "additional_packages" { type = list(string) description = "Additional packages to install." default = [] -} +} \ No newline at end of file diff --git a/builds/linux/rocky/8/variables.pkr.hcl b/builds/linux/rocky/8/variables.pkr.hcl index 0812cad..2989464 100644 --- a/builds/linux/rocky/8/variables.pkr.hcl +++ b/builds/linux/rocky/8/variables.pkr.hcl @@ -80,7 +80,7 @@ variable "vm_os_type" { variable "vm_bios" { type = string description = "The firmware type. Allowed values 'ovmf' or 'seabios'" - default = "OVMF" + default = "ovmf" validation { condition = contains(["ovmf", "seabios"], var.vm_bios) @@ -97,16 +97,19 @@ variable "vm_firmware_path" { variable "vm_efi_storage_pool" { type = string description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" } variable "vm_efi_type" { type = string description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" } variable "vm_efi_pre_enrolled_keys" { type = bool description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false } variable "vm_cpu_count" { @@ -301,4 +304,4 @@ variable "additional_packages" { type = list(string) description = "Additional packages to install." default = [] -} +} \ No newline at end of file diff --git a/builds/linux/rocky/9/variables.pkr.hcl b/builds/linux/rocky/9/variables.pkr.hcl index 12a2164..1751228 100644 --- a/builds/linux/rocky/9/variables.pkr.hcl +++ b/builds/linux/rocky/9/variables.pkr.hcl @@ -80,7 +80,7 @@ variable "vm_os_type" { variable "vm_bios" { type = string description = "The firmware type. Allowed values 'ovmf' or 'seabios'" - default = "OVMF" + default = "ovmf" validation { condition = contains(["ovmf", "seabios"], var.vm_bios) @@ -97,16 +97,19 @@ variable "vm_firmware_path" { variable "vm_efi_storage_pool" { type = string description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" } variable "vm_efi_type" { type = string description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" } variable "vm_efi_pre_enrolled_keys" { type = bool description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false } variable "vm_cpu_count" { @@ -301,4 +304,4 @@ variable "additional_packages" { type = list(string) description = "Additional packages to install." default = [] -} +} \ No newline at end of file diff --git a/builds/linux/ubuntu/20-04-lts/variables-network.pkr.hcl b/builds/linux/ubuntu/20-04-lts/variables-network.pkr.hcl index 1761446..7f8b505 100644 --- a/builds/linux/ubuntu/20-04-lts/variables-network.pkr.hcl +++ b/builds/linux/ubuntu/20-04-lts/variables-network.pkr.hcl @@ -1,6 +1,6 @@ /* DESCRIPTION: - Debian Linux 11 network variables used by the Packer Plugin for VMware vSphere (vsphere-iso). + Ubuntu 20.04 LTS network variables used by the Packer Plugin for Proxmox (proxmox-iso). */ // VM Network Settings diff --git a/builds/linux/ubuntu/20-04-lts/variables.pkr.hcl b/builds/linux/ubuntu/20-04-lts/variables.pkr.hcl index 6d1cf3e..3e89fed 100644 --- a/builds/linux/ubuntu/20-04-lts/variables.pkr.hcl +++ b/builds/linux/ubuntu/20-04-lts/variables.pkr.hcl @@ -80,7 +80,7 @@ variable "vm_os_type" { variable "vm_bios" { type = string description = "The firmware type. Allowed values 'ovmf' or 'seabios'" - default = "OVMF" + default = "ovmf" validation { condition = contains(["ovmf", "seabios"], var.vm_bios) @@ -97,16 +97,19 @@ variable "vm_firmware_path" { variable "vm_efi_storage_pool" { type = string description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" } variable "vm_efi_type" { type = string description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" } variable "vm_efi_pre_enrolled_keys" { type = bool description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false } variable "vm_cpu_count" { diff --git a/builds/linux/ubuntu/22-04-lts/variables-network.pkr.hcl b/builds/linux/ubuntu/22-04-lts/variables-network.pkr.hcl index 1761446..6122de3 100644 --- a/builds/linux/ubuntu/22-04-lts/variables-network.pkr.hcl +++ b/builds/linux/ubuntu/22-04-lts/variables-network.pkr.hcl @@ -1,6 +1,6 @@ /* DESCRIPTION: - Debian Linux 11 network variables used by the Packer Plugin for VMware vSphere (vsphere-iso). + Ubuntu 22.04 LTS network variables used by the Packer Plugin for Proxmox (proxmox-iso). */ // VM Network Settings diff --git a/builds/linux/ubuntu/22-04-lts/variables-storage.pkr.hcl b/builds/linux/ubuntu/22-04-lts/variables-storage.pkr.hcl index b1a1f41..5a27f6a 100644 --- a/builds/linux/ubuntu/22-04-lts/variables-storage.pkr.hcl +++ b/builds/linux/ubuntu/22-04-lts/variables-storage.pkr.hcl @@ -1,6 +1,6 @@ /* DESCRIPTION: - Ubuntu Server 22.04 LTS storage variables used by the Packer Plugin for VMware vSphere (vsphere-iso). + Ubuntu Server 22.04 LTS storage variables used by the Packer Plugin for Proxmox (proxmox-iso). */ // VM Storage Settings diff --git a/builds/linux/ubuntu/22-04-lts/variables.pkr.hcl b/builds/linux/ubuntu/22-04-lts/variables.pkr.hcl index 40950a2..7a9197a 100644 --- a/builds/linux/ubuntu/22-04-lts/variables.pkr.hcl +++ b/builds/linux/ubuntu/22-04-lts/variables.pkr.hcl @@ -80,7 +80,7 @@ variable "vm_os_type" { variable "vm_bios" { type = string description = "The firmware type. Allowed values 'ovmf' or 'seabios'" - default = "OVMF" + default = "ovmf" validation { condition = contains(["ovmf", "seabios"], var.vm_bios) @@ -97,16 +97,19 @@ variable "vm_firmware_path" { variable "vm_efi_storage_pool" { type = string description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" } variable "vm_efi_type" { type = string description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" } variable "vm_efi_pre_enrolled_keys" { type = bool description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false } variable "vm_cpu_count" { diff --git a/builds/linux/ubuntu/24-04-lts/variables-network.pkr.hcl b/builds/linux/ubuntu/24-04-lts/variables-network.pkr.hcl index 1761446..89df318 100644 --- a/builds/linux/ubuntu/24-04-lts/variables-network.pkr.hcl +++ b/builds/linux/ubuntu/24-04-lts/variables-network.pkr.hcl @@ -1,6 +1,6 @@ /* DESCRIPTION: - Debian Linux 11 network variables used by the Packer Plugin for VMware vSphere (vsphere-iso). + Ubuntu 24.04 LTS network variables used by the Packer Plugin for Proxmox (proxmox-iso). */ // VM Network Settings diff --git a/builds/linux/ubuntu/24-04-lts/variables.pkr.hcl b/builds/linux/ubuntu/24-04-lts/variables.pkr.hcl index 0022fcf..01f9028 100644 --- a/builds/linux/ubuntu/24-04-lts/variables.pkr.hcl +++ b/builds/linux/ubuntu/24-04-lts/variables.pkr.hcl @@ -80,7 +80,7 @@ variable "vm_os_type" { variable "vm_bios" { type = string description = "The firmware type. Allowed values 'ovmf' or 'seabios'" - default = "OVMF" + default = "ovmf" validation { condition = contains(["ovmf", "seabios"], var.vm_bios) @@ -97,16 +97,19 @@ variable "vm_firmware_path" { variable "vm_efi_storage_pool" { type = string description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" } variable "vm_efi_type" { type = string description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" } variable "vm_efi_pre_enrolled_keys" { type = bool description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false } variable "vm_cpu_count" { From bfe195a212b47489a37c6a822194e1906e7d9e7f Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 17:55:07 -0500 Subject: [PATCH 67/72] fix: update decription --- builds/linux/almalinux/8/linux-almalinux.pkr.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/builds/linux/almalinux/8/linux-almalinux.pkr.hcl b/builds/linux/almalinux/8/linux-almalinux.pkr.hcl index f245117..48fdca2 100644 --- a/builds/linux/almalinux/8/linux-almalinux.pkr.hcl +++ b/builds/linux/almalinux/8/linux-almalinux.pkr.hcl @@ -1,6 +1,6 @@ /* DESCRIPTION: - AlmaLinux OS 8 template using the Packer Builder for Proxmox (proxmox-iso). + AlmaLinux 8 template using the Packer Builder for Proxmox (proxmox-iso). */ // BLOCK: packer From faaec3048e406b4b371bd4ddb3105d7a630d052e Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Fri, 12 Jul 2024 17:55:36 -0500 Subject: [PATCH 68/72] feat: initial oracle linux support --- builds/linux/oracle/8/data/ks.pkrtpl.hcl | 85 +++++ builds/linux/oracle/8/data/network.pkrtpl.hcl | 5 + builds/linux/oracle/8/data/storage.pkrtpl.hcl | 76 +++++ .../oracle/8/linux-oracle.auto.pkrvars.hcl | 40 +++ builds/linux/oracle/8/linux-oracle.pkr.hcl | 227 +++++++++++++ .../linux/oracle/8/variables-network.pkr.hcl | 36 ++ .../linux/oracle/8/variables-storage.pkr.hcl | 53 +++ builds/linux/oracle/8/variables.pkr.hcl | 307 ++++++++++++++++++ builds/linux/oracle/9/data/ks.pkrtpl.hcl | 85 +++++ builds/linux/oracle/9/data/network.pkrtpl.hcl | 5 + builds/linux/oracle/9/data/storage.pkrtpl.hcl | 76 +++++ .../oracle/9/linux-oracle.auto.pkrvars.hcl | 40 +++ builds/linux/oracle/9/linux-oracle.pkr.hcl | 227 +++++++++++++ .../linux/oracle/9/variables-network.pkr.hcl | 36 ++ .../linux/oracle/9/variables-storage.pkr.hcl | 53 +++ builds/linux/oracle/9/variables.pkr.hcl | 307 ++++++++++++++++++ 16 files changed, 1658 insertions(+) create mode 100644 builds/linux/oracle/8/data/ks.pkrtpl.hcl create mode 100644 builds/linux/oracle/8/data/network.pkrtpl.hcl create mode 100644 builds/linux/oracle/8/data/storage.pkrtpl.hcl create mode 100644 builds/linux/oracle/8/linux-oracle.auto.pkrvars.hcl create mode 100644 builds/linux/oracle/8/linux-oracle.pkr.hcl create mode 100644 builds/linux/oracle/8/variables-network.pkr.hcl create mode 100644 builds/linux/oracle/8/variables-storage.pkr.hcl create mode 100644 builds/linux/oracle/8/variables.pkr.hcl create mode 100644 builds/linux/oracle/9/data/ks.pkrtpl.hcl create mode 100644 builds/linux/oracle/9/data/network.pkrtpl.hcl create mode 100644 builds/linux/oracle/9/data/storage.pkrtpl.hcl create mode 100644 builds/linux/oracle/9/linux-oracle.auto.pkrvars.hcl create mode 100644 builds/linux/oracle/9/linux-oracle.pkr.hcl create mode 100644 builds/linux/oracle/9/variables-network.pkr.hcl create mode 100644 builds/linux/oracle/9/variables-storage.pkr.hcl create mode 100644 builds/linux/oracle/9/variables.pkr.hcl diff --git a/builds/linux/oracle/8/data/ks.pkrtpl.hcl b/builds/linux/oracle/8/data/ks.pkrtpl.hcl new file mode 100644 index 0000000..2d488ba --- /dev/null +++ b/builds/linux/oracle/8/data/ks.pkrtpl.hcl @@ -0,0 +1,85 @@ +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE +# WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +# Oracle Linux 8 + +### Installs from the first attached CD-ROM/DVD on the system. +cdrom + +### Performs the kickstart installation in text mode. +### By default, kickstart installations are performed in graphical mode. +text + +### Accepts the End User License Agreement. +eula --agreed + +### Sets the language to use during installation and the default language to use on the installed system. +lang ${vm_os_language} + +### Sets the default keyboard type for the system. +keyboard ${vm_os_keyboard} + +### Configure network information for target system and activate network devices in the installer environment (optional) +### --onboot enable device at a boot time +### --device device to be activated and / or configured with the network command +### --bootproto method to obtain networking configuration for device (default dhcp) +### --noipv6 disable IPv6 on this device +${network} + +### Lock the root account. +rootpw --lock + +### The selected profile will restrict root login. +### Add a user that can login and escalate privileges. +user --name=${build_username} --iscrypted --password=${build_password_encrypted} --groups=wheel + +### Configure firewall settings for the system. +### --enabled reject incoming connections that are not in response to outbound requests +### --ssh allow sshd service through the firewall +firewall --enabled --ssh + +### Sets up the authentication options for the system. +### The SSSD profile sets sha512 to hash passwords. Passwords are shadowed by default +### See the manual page for authselect-profile for a complete list of possible options. +authselect select sssd + +### Sets the state of SELinux on the installed system. +### Defaults to enforcing. +selinux --enforcing + +### Sets the system time zone. +timezone ${vm_os_timezone} + +### Partitioning +${storage} + +### Modifies the default set of services that will run under the default runlevel. +services --enabled=NetworkManager,sshd + +### Do not configure X on the installed system. +skipx + +### Packages selection. +%packages --ignoremissing --excludedocs +@core +-iwl*firmware +%end + +### Post-installation commands. +%post +dnf makecache +dnf install epel-release -y +dnf makecache +dnf install -y sudo qemu-guest-tools +%{ if additional_packages != "" ~} +dnf install -y ${additional_packages} +%{ endif ~} +echo "${build_username} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/${build_username} +sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers +%end + +### Reboot after the installation is complete. +### --eject attempt to eject the media before rebooting. +reboot --eject diff --git a/builds/linux/oracle/8/data/network.pkrtpl.hcl b/builds/linux/oracle/8/data/network.pkrtpl.hcl new file mode 100644 index 0000000..a7949a7 --- /dev/null +++ b/builds/linux/oracle/8/data/network.pkrtpl.hcl @@ -0,0 +1,5 @@ +%{ if ip != null ~} +network --device=${device} --bootproto=static --ip=${ip} --netmask=${cidrnetmask("${ip}/${netmask}")} --gateway=${gateway} --nameserver=${join(",", dns)} +%{ else ~} +network --device=${device} --bootproto=dhcp +%{ endif ~} diff --git a/builds/linux/oracle/8/data/storage.pkrtpl.hcl b/builds/linux/oracle/8/data/storage.pkrtpl.hcl new file mode 100644 index 0000000..14be99a --- /dev/null +++ b/builds/linux/oracle/8/data/storage.pkrtpl.hcl @@ -0,0 +1,76 @@ +### Sets how the boot loader should be installed. +bootloader --location=mbr + +### Initialize any invalid partition tables found on disks. +zerombr + +### Removes partitions from the system, prior to creation of new partitions. +### By default, no partitions are removed. +### --all Erases all partitions from the system +### --initlabel Initializes a disk (or disks) by creating a default disk label for all disks in their respective architecture. +clearpart --all --initlabel + +### Modify partition sizes for the virtual machine hardware. +### Create primary system partitions. +%{ for partition in partitions ~} +part +%{~ if partition.volume_group != "" ~} + pv.${partition.volume_group} +%{~ else ~} +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} +%{~ if partition.format.fstype != "" ~} + --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ endif ~} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +%{ if vm_bios == "seabios" ~} +part biosboot --fstype="biosboot" --ondisk=${device} --size=1 +%{ endif ~} +### Create a logical volume management (LVM) group. +%{ for index, volume_group in lvm ~} +volgroup sysvg pv.${volume_group.name} + +### Modify logical volume sizes for the virtual machine hardware. +### Create logical volumes. +%{ for partition in volume_group.partitions ~} +logvol +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} + --name=${partition.name} --vgname=${volume_group.name} --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +%{ endfor ~} \ No newline at end of file diff --git a/builds/linux/oracle/8/linux-oracle.auto.pkrvars.hcl b/builds/linux/oracle/8/linux-oracle.auto.pkrvars.hcl new file mode 100644 index 0000000..08befa5 --- /dev/null +++ b/builds/linux/oracle/8/linux-oracle.auto.pkrvars.hcl @@ -0,0 +1,40 @@ +/* + DESCRIPTION: + Oracle Linux 8 variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// Guest Operating System Metadata +vm_os_language = "en_US" +vm_os_keyboard = "us" +vm_os_timezone = "UTC" +vm_os_family = "linux" +vm_os_name = "oracle" +vm_os_version = "8.10" + +// Virtual Machine Guest Operating System Setting +vm_os_type = "l26" +vm_cloudinit = true + +// Virtual Machine Hardware Settings +vm_bios = "ovmf" +vm_cpu_count = 1 +vm_cpu_sockets = 1 +vm_cpu_type = "kvm64" +vm_mem_size = 2048 +vm_disk_type = "virtio" +vm_disk_size = "32G" +vm_disk_format = "raw" +vm_disk_controller_type = "virtio-scsi-pci" +vm_network_card_model = "virtio" + +// Removable Media Settings +iso_path = "iso" +iso_file = "OracleLinux-R8-U10-x86_64-dvd.iso" +iso_checksum = "file:https://linux.oracle.com/security/gpg/checksum/OracleLinux-R8-U10-Server-x86_64.checksum" + +// Boot Settings +vm_boot = "order=virtio0;ide2;net0" +vm_boot_wait = "10s" + +// EFI Settings +vm_firmware_path = "./OVMF.fd" diff --git a/builds/linux/oracle/8/linux-oracle.pkr.hcl b/builds/linux/oracle/8/linux-oracle.pkr.hcl new file mode 100644 index 0000000..8b0c648 --- /dev/null +++ b/builds/linux/oracle/8/linux-oracle.pkr.hcl @@ -0,0 +1,227 @@ +/* + DESCRIPTION: + Oracle Linux 8 template using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: packer +// The Packer configuration. + +packer { + required_version = ">= 1.11.0" + required_plugins { + ansible = { + source = "github.com/hashicorp/ansible" + version = "~> 1" + } + git = { + version = ">= 0.6.2" + source = "github.com/ethanmdavidson/git" + } + proxmox = { + version = ">= 1.1.8" + source = "github.com/hashicorp/proxmox" + } + } +} + +// BLOCK: data +// Defines the data sources. + +data "git-repository" "cwd" {} + +// BLOCK: locals +// Defines the local variables. + +locals { + bios_boot_command = [ + // This sends the "up arrow" key, typically used to navigate through boot menu options. + "", + // This sends the "tab" key. In the BIOS bootloader, this is how you customize the boot options. + "", + "inst.text biosdevname=0 net.ifnames=0 inst.gpt", + " ${local.data_source_command}", + "" + ] + uefi_boot_command = [ + // This sends the "up arrow" key, typically used to navigate through boot menu options. + "", + // This sends the "e" key. In the GRUB boot loader, this is used to edit the selected boot menu option. + "e", + // This sends two "down arrow" keys, followed by the "end" key, and then waits. This is used to navigate to a specific line in the boot menu option's configuration. + "", + // This types the string "text" followed by the value of the 'data_source_command' local variable. + // This is used to modify the boot menu option's configuration to boot in text mode and specify the kickstart data source configured in the common variables. + "text ${local.data_source_command}", + // This sends the "enter" key, waits, turns on the left control key, sends the "x" key, and then turns off the left control key. This is used to save the changes and exit the boot menu option's configuration, and then continue the boot process. + "x" + ] + build_by = "Built by: HashiCorp Packer ${packer.version}" + build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) + build_version = data.git-repository.cwd.head + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" + vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" + manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) + manifest_path = "${path.cwd}/manifests/" + manifest_output = "${local.manifest_path}${local.manifest_date}.json" + data_source_content = { + "/ks.cfg" = templatefile("${abspath(path.root)}/data/ks.pkrtpl.hcl", { + build_username = var.build_username + build_password = var.build_password + build_password_encrypted = var.build_password_encrypted + vm_disk_type = local.vm_disk_type + vm_os_language = var.vm_os_language + vm_os_keyboard = var.vm_os_keyboard + vm_os_timezone = var.vm_os_timezone + + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_bridge_interface + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) + common_data_source = var.common_data_source + # lvm needs to be here so late commands can access vg names + #lvm = var.vm_disk_lvm + storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { + device = var.vm_disk_device + swap = var.vm_disk_use_swap + partitions = var.vm_disk_partitions + lvm = var.vm_disk_lvm + vm_bios = var.vm_bios + }) + additional_packages = join(" ", var.additional_packages) + }) + } + data_source_command = var.common_data_source == "http" ? "inst.ks=http://{{.HTTPIP}}:{{.HTTPPort}}/ks.cfg" : "inst.ks=/cdrom/ks.cfg" + vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command + vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null +} + +// BLOCK: source +// Defines the builder configuration blocks. + +source "proxmox-iso" "linux-oracle" { + + // Proxmox Connection Settings and Credentials + proxmox_url = "https://${var.proxmox_hostname}:8006/api2/json" + username = "${var.proxmox_api_token_id}" + token = "${var.proxmox_api_token_secret}" + insecure_skip_tls_verify = "${var.proxmox_insecure_connection}" + + // Proxmox Settings + node = "${var.proxmox_node}" + + // Virtual Machine Settings + vm_name = "${local.vm_name}" + bios = "${var.vm_bios}" + sockets = "${var.vm_cpu_sockets}" + cores = "${var.vm_cpu_count}" + cpu_type = "${var.vm_cpu_type}" + memory = "${var.vm_mem_size}" + os = "${var.vm_os_type}" + scsi_controller = "${var.vm_disk_controller_type}" + disks { + disk_size = "${var.vm_disk_size}" + type = "${var.vm_disk_type}" + storage_pool = "${var.vm_storage_pool}" + format = "${var.vm_disk_format}" + } + dynamic "efi_config" { + for_each = var.vm_bios == "ovmf" ? [1] : [] + content { + efi_storage_pool = var.vm_bios == "ovmf" ? var.vm_efi_storage_pool : null + efi_type = var.vm_bios == "ovmf" ? var.vm_efi_type : null + pre_enrolled_keys = var.vm_bios == "ovmf" ? var.vm_efi_pre_enrolled_keys : null + } + } + unmount_iso = true + ssh_username = "${var.build_username}" + ssh_password = "${var.build_password}" + ssh_timeout = "${var.timeout}" + ssh_port = "22" + iso_file = "${var.common_iso_storage}:${var.iso_path}/${var.iso_file}" + iso_checksum = "${var.iso_checksum}" + qemu_agent = true + + network_adapters { + bridge = "${var.vm_bridge_interface}" + model = "${var.vm_network_card_model}" + vlan_tag = "${var.vm_vlan_tag}" + } + + // Removable Media Settings + http_content = "${var.common_data_source}" == "http" ? "${local.data_source_content}" : null + + // Boot and Provisioning Settings + http_bind_address = var.common_data_source == "http" ? var.common_http_bind_address : null + http_port_min = var.common_data_source == "http" ? var.common_http_port_min : null + http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null + boot = var.vm_boot + boot_wait = var.vm_boot_wait + boot_command = local.boot_command + + dynamic "additional_iso_files" { + for_each = var.common_data_source == "disk" ? [1] : [] + content { + cd_files = var.common_data_source == "disk" ? local.data_source_content : null + cd_label = var.common_data_source == "disk" ? "cidata" : null + iso_storage_pool = var.common_data_source == "disk" ? "local" : null + } + } + + template_name = "${local.vm_name}" + template_description = "${local.build_description}" + + # VM Cloud Init Settings + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null + +} + +# Build Definition to create the VM Template +build { + sources = ["source.proxmox-iso.linux-oracle"] + + provisioner "ansible" { + user = "${var.build_username}" + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" + ansible_env_vars = [ + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/libexec/platform-python" + ] + extra_arguments = [ + "--extra-vars", "display_skipped_hosts=false", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", + ] + } + + post-processor "manifest" { + output = local.manifest_output + strip_path = true + strip_time = true + custom_data = { + ansible_username = "${var.ansible_username}" + build_username = "${var.build_username}" + build_date = "${local.build_date}" + build_version = "${local.build_version}" + common_data_source = "${var.common_data_source}" + vm_cpu_sockets = "${var.vm_cpu_sockets}" + vm_cpu_count = "${var.vm_cpu_count}" + vm_disk_size = "${var.vm_disk_size}" + vm_bios = "${var.vm_bios}" + vm_os_type = "${var.vm_os_type}" + vm_mem_size = "${var.vm_mem_size}" + vm_network_card_model = "${var.vm_network_card_model}" + vm_cloudinit = "${var.vm_cloudinit}" + } + } +} diff --git a/builds/linux/oracle/8/variables-network.pkr.hcl b/builds/linux/oracle/8/variables-network.pkr.hcl new file mode 100644 index 0000000..01c3abf --- /dev/null +++ b/builds/linux/oracle/8/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + Oracle Linux 8 network variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens192" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} \ No newline at end of file diff --git a/builds/linux/oracle/8/variables-storage.pkr.hcl b/builds/linux/oracle/8/variables-storage.pkr.hcl new file mode 100644 index 0000000..4387e7d --- /dev/null +++ b/builds/linux/oracle/8/variables-storage.pkr.hcl @@ -0,0 +1,53 @@ +/* + DESCRIPTION: + Oracle Linux 8 storage variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Storage Settings + +variable "vm_disk_device" { + type = string + description = "The device for the virtual disk. (e.g. 'sda')" +} + +variable "vm_disk_use_swap" { + type = bool + description = "Whether to use a swap partition." +} + +variable "vm_disk_partitions" { + type = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + volume_group = string + })) + description = "The disk partitions for the virtual disk." +} + +variable "vm_disk_lvm" { + type = list(object({ + name = string + partitions = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + })) + })) + description = "The LVM configuration for the virtual disk." + default = [] +} diff --git a/builds/linux/oracle/8/variables.pkr.hcl b/builds/linux/oracle/8/variables.pkr.hcl new file mode 100644 index 0000000..e539bbe --- /dev/null +++ b/builds/linux/oracle/8/variables.pkr.hcl @@ -0,0 +1,307 @@ +/* + DESCRIPTION: + Oracle Linux 8 variables using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: variable +// Defines the input variables. + +// Proxmox Credentials + +variable "proxmox_hostname" { + type = string + description = "The FQDN or IP address of a Proxmox node. Only one node should be specified in a cluster." +} + +variable "proxmox_api_token_id" { + type = string + description = "The token to login to the Proxmox node/cluster. The format is USER@REALM!TOKENID. (e.g. packer@pam!packer_pve_token)" +} + +variable "proxmox_api_token_secret" { + type = string + description = "The secret for the API token used to login to the Proxmox API." +# sensitive = true +} + +variable "proxmox_insecure_connection" { + description = "true/false to skip Proxmox TLS certificate checks." + type = bool + default = true +} + +// Proxmox Settings + +variable "proxmox_node" { + type = string + description = "The name of the Proxmox node that Packer will build templates on." +} + +// Virtual Machine Settings + +variable "vm_os_language" { + type = string + description = "The guest operating system language." + default = "en_US" +} + +variable "vm_os_keyboard" { + type = string + description = "The guest operating system keyboard layout." + default = "us" +} + +variable "vm_os_timezone" { + type = string + description = "The guest operating system timezone." + default = "UTC" +} + +variable "vm_os_family" { + type = string + description = "The guest operating system family. Used for naming. (e.g. 'linux')" +} + +variable "vm_os_name" { + type = string + description = "The guest operating system name. Used for naming. (e.g. 'ubuntu')" +} + +variable "vm_os_version" { + type = string + description = "The guest operating system version. Used for naming. (e.g. '22-04-lts')" +} + +variable "vm_os_type" { + type = string + description = "The guest operating system type. (e.g. 'l26')" +} + +variable "vm_bios" { + type = string + description = "The firmware type. Allowed values 'ovmf' or 'seabios'" + default = "ovmf" + + validation { + condition = contains(["ovmf", "seabios"], var.vm_bios) + error_message = "The vm_bios value must be 'ovmf' or 'seabios'." + } +} + +variable "vm_firmware_path" { + type = string + description = "The firmware file to be used. Needed for EFI" + default = "/usr/share/ovmf/OVMF.fd" +} + +variable "vm_efi_storage_pool" { + type = string + description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" +} + +variable "vm_efi_type" { + type = string + description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" +} + +variable "vm_efi_pre_enrolled_keys" { + type = bool + description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false +} + +variable "vm_cpu_count" { + type = number + description = "The number of virtual CPUs. (e.g. '2')" +} + +variable "vm_cpu_sockets" { + type = number + description = "The number of virtual CPU sockets. (e.g. '1')" +} + +variable "vm_cpu_type" { + type = string + description = "The CPU type to emulate. See the Proxmox API documentation for the complete list of accepted values. For best performance, set this to host. Defaults to kvm64." +} + +variable "vm_mem_size" { + type = number + description = "The size for the virtual memory in MB. (e.g. '2048')" +} + +variable "vm_disk_controller_type" { + type = string + description = "The SCSI controller model to emulate. (e.g. 'virtio-scsi-pci')" +} + +variable "vm_disk_type" { + type = string + description = "The type of disk to emulate. (e.g. 'virtio')" +} + +variable "vm_storage_pool" { + type = string + description = "The name of the Proxmox storage pool to store the VM template. (e.g. 'local-lvm')" +} + +variable "vm_disk_size" { + type = string + description = "The size for the virtual disk in GB. (e.g. '32G')" +} + +variable "vm_disk_format" { + type = string + description = "The format of the file backing the disk. (e.g. 'qcow2')" +} + +variable "vm_network_card_model" { + type = string + description = "The model of the virtual network adapter to emulate. (e.g. 'virtio')" +} + +variable "vm_bridge_interface" { + type = string + description = "The name of the Proxmox bridge to attach the adapter to." +} + +variable "vm_vlan_tag" { + type = string + description = "If the adapter should tag packets, give the VLAN ID. (e.g. '102')" +} + +// Cloud-Init Settings + +variable "vm_cloudinit" { + type = bool + description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" + default = false +} + +// Removable Media Settings + +variable "common_iso_storage" { + type = string + description = "The name of the source Proxmox storage location for ISO images. (e.g. 'local-lvm')" +} + +variable "iso_path" { + type = string + description = "The path on the source Proxmox storage location for ISO images. (e.g. 'iso')" +} + +variable "iso_file" { + type = string + description = "The file name of the ISO image used by the vendor. (e.g. 'ubuntu--live-server-amd64.iso')" +} + +variable "iso_checksum" { + type = string + description = "The checksum value of the ISO image provided by the vendor." +} + +// Boot Settings + +variable "common_data_source" { + type = string + description = "The provisioning data source. (e.g. 'http' or 'disk')" +} + +variable "common_http_bind_address" { + type = string + description = "Define an IP address on the host to use for the HTTP server." + default = null +} + +variable "common_http_port_min" { + type = number + description = "The start of the HTTP port range." +} + +variable "common_http_port_max" { + type = number + description = "The end of the HTTP port range." +} + +variable "vm_boot" { + type = string + description = "The boot order for virtual machine devices. (e.g. 'order=virtio0;ide2;net0')" +} + +variable "vm_boot_wait" { + type = string + description = "The time to wait after booting the initial VM before typing the boot_command (e.g '10s')" +} + +variable "common_ip_wait_timeout" { + type = string + description = "Time to wait for guest operating system IP address response." +} + +variable "common_shutdown_timeout" { + type = string + description = "Time to wait for guest operating system shutdown." +} + +// Communicator Settings and Credentials + +variable "build_username" { + type = string + description = "The username to login to the guest operating system. (e.g. 'ubuntu')" +# sensitive = true +} + +variable "build_password" { + type = string + description = "The password to login to the guest operating system." +# sensitive = true +} + +variable "build_password_encrypted" { + type = string + description = "The encrypted password to login to the guest operating system." +# sensitive = true +} + +variable "build_key" { + type = string + description = "The SSH public key to login to the guest operating system." +# sensitive = true +} + +variable "timeout" { + description = "not sure why I need so high a timeout but here we are" + default = "90m" +} + +// Ansible Credentials + +variable "ansible_username" { + type = string + description = "The username for Ansible to login to the guest operating system. (e.g. 'ansible')" +# sensitive = true +} + +variable "ansible_key" { + type = string + description = "The public key for Ansible to login to the guest operating system." +# sensitive = true +} + +// HCP Packer Settings + +variable "common_hcp_packer_registry_enabled" { + type = bool + description = "Enable the HCP Packer registry." + default = false +} + +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} \ No newline at end of file diff --git a/builds/linux/oracle/9/data/ks.pkrtpl.hcl b/builds/linux/oracle/9/data/ks.pkrtpl.hcl new file mode 100644 index 0000000..3477c89 --- /dev/null +++ b/builds/linux/oracle/9/data/ks.pkrtpl.hcl @@ -0,0 +1,85 @@ +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE +# WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +# Oracle Linux 9 + +### Installs from the first attached CD-ROM/DVD on the system. +cdrom + +### Performs the kickstart installation in text mode. +### By default, kickstart installations are performed in graphical mode. +text + +### Accepts the End User License Agreement. +eula --agreed + +### Sets the language to use during installation and the default language to use on the installed system. +lang ${vm_os_language} + +### Sets the default keyboard type for the system. +keyboard ${vm_os_keyboard} + +### Configure network information for target system and activate network devices in the installer environment (optional) +### --onboot enable device at a boot time +### --device device to be activated and / or configured with the network command +### --bootproto method to obtain networking configuration for device (default dhcp) +### --noipv6 disable IPv6 on this device +${network} + +### Lock the root account. +rootpw --lock + +### The selected profile will restrict root login. +### Add a user that can login and escalate privileges. +user --name=${build_username} --iscrypted --password=${build_password_encrypted} --groups=wheel + +### Configure firewall settings for the system. +### --enabled reject incoming connections that are not in response to outbound requests +### --ssh allow sshd service through the firewall +firewall --enabled --ssh + +### Sets up the authentication options for the system. +### The SSSD profile sets sha512 to hash passwords. Passwords are shadowed by default +### See the manual page for authselect-profile for a complete list of possible options. +authselect select sssd + +### Sets the state of SELinux on the installed system. +### Defaults to enforcing. +selinux --enforcing + +### Sets the system time zone. +timezone ${vm_os_timezone} + +### Partitioning +${storage} + +### Modifies the default set of services that will run under the default runlevel. +services --enabled=NetworkManager,sshd + +### Do not configure X on the installed system. +skipx + +### Packages selection. +%packages --ignoremissing --excludedocs +@core +-iwl*firmware +%end + +### Post-installation commands. +%post +dnf makecache +dnf install epel-release -y +dnf makecache +dnf install -y sudo qemu-guest-tools +%{ if additional_packages != "" ~} +dnf install -y ${additional_packages} +%{ endif ~} +echo "${build_username} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/${build_username} +sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers +%end + +### Reboot after the installation is complete. +### --eject attempt to eject the media before rebooting. +reboot --eject diff --git a/builds/linux/oracle/9/data/network.pkrtpl.hcl b/builds/linux/oracle/9/data/network.pkrtpl.hcl new file mode 100644 index 0000000..a7949a7 --- /dev/null +++ b/builds/linux/oracle/9/data/network.pkrtpl.hcl @@ -0,0 +1,5 @@ +%{ if ip != null ~} +network --device=${device} --bootproto=static --ip=${ip} --netmask=${cidrnetmask("${ip}/${netmask}")} --gateway=${gateway} --nameserver=${join(",", dns)} +%{ else ~} +network --device=${device} --bootproto=dhcp +%{ endif ~} diff --git a/builds/linux/oracle/9/data/storage.pkrtpl.hcl b/builds/linux/oracle/9/data/storage.pkrtpl.hcl new file mode 100644 index 0000000..14be99a --- /dev/null +++ b/builds/linux/oracle/9/data/storage.pkrtpl.hcl @@ -0,0 +1,76 @@ +### Sets how the boot loader should be installed. +bootloader --location=mbr + +### Initialize any invalid partition tables found on disks. +zerombr + +### Removes partitions from the system, prior to creation of new partitions. +### By default, no partitions are removed. +### --all Erases all partitions from the system +### --initlabel Initializes a disk (or disks) by creating a default disk label for all disks in their respective architecture. +clearpart --all --initlabel + +### Modify partition sizes for the virtual machine hardware. +### Create primary system partitions. +%{ for partition in partitions ~} +part +%{~ if partition.volume_group != "" ~} + pv.${partition.volume_group} +%{~ else ~} +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} +%{~ if partition.format.fstype != "" ~} + --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ endif ~} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +%{ if vm_bios == "seabios" ~} +part biosboot --fstype="biosboot" --ondisk=${device} --size=1 +%{ endif ~} +### Create a logical volume management (LVM) group. +%{ for index, volume_group in lvm ~} +volgroup sysvg pv.${volume_group.name} + +### Modify logical volume sizes for the virtual machine hardware. +### Create logical volumes. +%{ for partition in volume_group.partitions ~} +logvol +%{~ if partition.format.fstype == "swap" ~} + swap +%{~ else ~} + ${partition.mount.path} +%{~ endif ~} + --name=${partition.name} --vgname=${volume_group.name} --label=${partition.format.label} +%{~ if partition.format.fstype == "fat32" ~} + --fstype vfat +%{~ else ~} + --fstype ${partition.format.fstype} +%{~ endif ~} +%{~ if partition.mount.options != "" ~} + --fsoptions="${partition.mount.options}" +%{~ endif ~} +%{~ if partition.size != -1 ~} + --size=${partition.size} +%{~ else ~} + --size=100 --grow +%{ endif ~} + +%{ endfor ~} +%{ endfor ~} \ No newline at end of file diff --git a/builds/linux/oracle/9/linux-oracle.auto.pkrvars.hcl b/builds/linux/oracle/9/linux-oracle.auto.pkrvars.hcl new file mode 100644 index 0000000..d65267f --- /dev/null +++ b/builds/linux/oracle/9/linux-oracle.auto.pkrvars.hcl @@ -0,0 +1,40 @@ +/* + DESCRIPTION: + Oracle Linux 9 variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// Guest Operating System Metadata +vm_os_language = "en_US" +vm_os_keyboard = "us" +vm_os_timezone = "UTC" +vm_os_family = "linux" +vm_os_name = "oracle" +vm_os_version = "9.4" + +// Virtual Machine Guest Operating System Setting +vm_os_type = "l26" +vm_cloudinit = true + +// Virtual Machine Hardware Settings +vm_bios = "ovmf" +vm_cpu_count = 1 +vm_cpu_sockets = 1 +vm_cpu_type = "x86-64-v2-AES" +vm_mem_size = 2048 +vm_disk_type = "virtio" +vm_disk_size = "32G" +vm_disk_format = "raw" +vm_disk_controller_type = "virtio-scsi-pci" +vm_network_card_model = "virtio" + +// Removable Media Settings +iso_path = "iso" +iso_file = "OracleLinux-R9-U4-x86_64-dvd.iso" +iso_checksum = "file:https://linux.oracle.com/security/gpg/checksum/OracleLinux-R9-U4-Server-x86_64.checksum" + +// Boot Settings +vm_boot = "order=virtio0;ide2;net0" +vm_boot_wait = "10s" + +// EFI Settings +vm_firmware_path = "./OVMF.fd" diff --git a/builds/linux/oracle/9/linux-oracle.pkr.hcl b/builds/linux/oracle/9/linux-oracle.pkr.hcl new file mode 100644 index 0000000..58a19d3 --- /dev/null +++ b/builds/linux/oracle/9/linux-oracle.pkr.hcl @@ -0,0 +1,227 @@ +/* + DESCRIPTION: + Oracle Linux 9 template using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: packer +// The Packer configuration. + +packer { + required_version = ">= 1.11.0" + required_plugins { + ansible = { + source = "github.com/hashicorp/ansible" + version = "~> 1" + } + git = { + version = ">= 0.6.2" + source = "github.com/ethanmdavidson/git" + } + proxmox = { + version = ">= 1.1.8" + source = "github.com/hashicorp/proxmox" + } + } +} + +// BLOCK: data +// Defines the data sources. + +data "git-repository" "cwd" {} + +// BLOCK: locals +// Defines the local variables. + +locals { + bios_boot_command = [ + // This sends the "up arrow" key, typically used to navigate through boot menu options. + "", + // This sends the "tab" key. In the BIOS bootloader, this is how you customize the boot options. + "", + "inst.text biosdevname=0 net.ifnames=0 inst.gpt", + " ${local.data_source_command}", + "" + ] + uefi_boot_command = [ + // This sends the "up arrow" key, typically used to navigate through boot menu options. + "", + // This sends the "e" key. In the GRUB boot loader, this is used to edit the selected boot menu option. + "e", + // This sends two "down arrow" keys, followed by the "end" key, and then waits. This is used to navigate to a specific line in the boot menu option's configuration. + "", + // This types the string "text" followed by the value of the 'data_source_command' local variable. + // This is used to modify the boot menu option's configuration to boot in text mode and specify the kickstart data source configured in the common variables. + "text ${local.data_source_command}", + // This sends the "enter" key, waits, turns on the left control key, sends the "x" key, and then turns off the left control key. This is used to save the changes and exit the boot menu option's configuration, and then continue the boot process. + "x" + ] + build_by = "Built by: HashiCorp Packer ${packer.version}" + build_date = formatdate("DD-MM-YYYY hh:mm ZZZ", "${timestamp()}" ) + build_version = data.git-repository.cwd.head + build_description = "Version: ${local.build_version}\nBuilt on: ${local.build_date}\n${local.build_by}\nCloud-Init: ${var.vm_cloudinit}" + vm_disk_type = var.vm_disk_type == "virtio" ? "vda" : "sda" + manifest_date = formatdate("YYYY-MM-DD hh:mm:ss", timestamp()) + manifest_path = "${path.cwd}/manifests/" + manifest_output = "${local.manifest_path}${local.manifest_date}.json" + data_source_content = { + "/ks.cfg" = templatefile("${abspath(path.root)}/data/ks.pkrtpl.hcl", { + build_username = var.build_username + build_password = var.build_password + build_password_encrypted = var.build_password_encrypted + vm_disk_type = local.vm_disk_type + vm_os_language = var.vm_os_language + vm_os_keyboard = var.vm_os_keyboard + vm_os_timezone = var.vm_os_timezone + + network = templatefile("${abspath(path.root)}/data/network.pkrtpl.hcl", { + device = var.vm_bridge_interface + ip = var.vm_ip_address + netmask = var.vm_ip_netmask + gateway = var.vm_ip_gateway + dns = var.vm_dns_list + }) + common_data_source = var.common_data_source + # lvm needs to be here so late commands can access vg names + #lvm = var.vm_disk_lvm + storage = templatefile("${abspath(path.root)}/data/storage.pkrtpl.hcl", { + device = var.vm_disk_device + swap = var.vm_disk_use_swap + partitions = var.vm_disk_partitions + lvm = var.vm_disk_lvm + vm_bios = var.vm_bios + }) + additional_packages = join(" ", var.additional_packages) + }) + } + data_source_command = var.common_data_source == "http" ? "inst.ks=http://{{.HTTPIP}}:{{.HTTPPort}}/ks.cfg" : "inst.ks=/cdrom/ks.cfg" + vm_name = "${var.vm_os_family}-${var.vm_os_name}-${var.vm_os_version}" + boot_command = var.vm_bios == "ovmf" ? local.uefi_boot_command : local.bios_boot_command + vm_bios = var.vm_bios == "ovmf" ? var.vm_firmware_path : null +} + +// BLOCK: source +// Defines the builder configuration blocks. + +source "proxmox-iso" "linux-oracle" { + + // Proxmox Connection Settings and Credentials + proxmox_url = "https://${var.proxmox_hostname}:8006/api2/json" + username = "${var.proxmox_api_token_id}" + token = "${var.proxmox_api_token_secret}" + insecure_skip_tls_verify = "${var.proxmox_insecure_connection}" + + // Proxmox Settings + node = "${var.proxmox_node}" + + // Virtual Machine Settings + vm_name = "${local.vm_name}" + bios = "${var.vm_bios}" + sockets = "${var.vm_cpu_sockets}" + cores = "${var.vm_cpu_count}" + cpu_type = "${var.vm_cpu_type}" + memory = "${var.vm_mem_size}" + os = "${var.vm_os_type}" + scsi_controller = "${var.vm_disk_controller_type}" + disks { + disk_size = "${var.vm_disk_size}" + type = "${var.vm_disk_type}" + storage_pool = "${var.vm_storage_pool}" + format = "${var.vm_disk_format}" + } + dynamic "efi_config" { + for_each = var.vm_bios == "ovmf" ? [1] : [] + content { + efi_storage_pool = var.vm_bios == "ovmf" ? var.vm_efi_storage_pool : null + efi_type = var.vm_bios == "ovmf" ? var.vm_efi_type : null + pre_enrolled_keys = var.vm_bios == "ovmf" ? var.vm_efi_pre_enrolled_keys : null + } + } + unmount_iso = true + ssh_username = "${var.build_username}" + ssh_password = "${var.build_password}" + ssh_timeout = "${var.timeout}" + ssh_port = "22" + iso_file = "${var.common_iso_storage}:${var.iso_path}/${var.iso_file}" + iso_checksum = "${var.iso_checksum}" + qemu_agent = true + + network_adapters { + bridge = "${var.vm_bridge_interface}" + model = "${var.vm_network_card_model}" + vlan_tag = "${var.vm_vlan_tag}" + } + + // Removable Media Settings + http_content = "${var.common_data_source}" == "http" ? "${local.data_source_content}" : null + + // Boot and Provisioning Settings + http_bind_address = var.common_data_source == "http" ? var.common_http_bind_address : null + http_port_min = var.common_data_source == "http" ? var.common_http_port_min : null + http_port_max = var.common_data_source == "http" ? var.common_http_port_max : null + boot = var.vm_boot + boot_wait = var.vm_boot_wait + boot_command = local.boot_command + + dynamic "additional_iso_files" { + for_each = var.common_data_source == "disk" ? [1] : [] + content { + cd_files = var.common_data_source == "disk" ? local.data_source_content : null + cd_label = var.common_data_source == "disk" ? "cidata" : null + iso_storage_pool = var.common_data_source == "disk" ? "local" : null + } + } + + template_name = "${local.vm_name}" + template_description = "${local.build_description}" + + # VM Cloud Init Settings + cloud_init = var.vm_cloudinit + cloud_init_storage_pool = var.vm_cloudinit == true ? var.vm_storage_pool : null + +} + +# Build Definition to create the VM Template +build { + sources = ["source.proxmox-iso.linux-oracle"] + + provisioner "ansible" { + user = "${var.build_username}" + galaxy_file = "${path.cwd}/ansible/linux-requirements.yml" + galaxy_force_with_deps = true + playbook_file = "${path.cwd}/ansible/linux-playbook.yml" + roles_path = "${path.cwd}/ansible/roles" + ansible_env_vars = [ + "ANSIBLE_CONFIG=${path.cwd}/ansible/ansible.cfg", + "ANSIBLE_PYTHON_INTERPRETER=/usr/libexec/platform-python" + ] + extra_arguments = [ + "--extra-vars", "display_skipped_hosts=false", + "--extra-vars", "build_username=${var.build_username}", + "--extra-vars", "build_key='${var.build_key}'", + "--extra-vars", "ansible_username=${var.ansible_username}", + "--extra-vars", "ansible_key='${var.ansible_key}'", + "--extra-vars", "enable_cloudinit='${var.vm_cloudinit}'", + ] + } + + post-processor "manifest" { + output = local.manifest_output + strip_path = true + strip_time = true + custom_data = { + ansible_username = "${var.ansible_username}" + build_username = "${var.build_username}" + build_date = "${local.build_date}" + build_version = "${local.build_version}" + common_data_source = "${var.common_data_source}" + vm_cpu_sockets = "${var.vm_cpu_sockets}" + vm_cpu_count = "${var.vm_cpu_count}" + vm_disk_size = "${var.vm_disk_size}" + vm_bios = "${var.vm_bios}" + vm_os_type = "${var.vm_os_type}" + vm_mem_size = "${var.vm_mem_size}" + vm_network_card_model = "${var.vm_network_card_model}" + vm_cloudinit = "${var.vm_cloudinit}" + } + } +} diff --git a/builds/linux/oracle/9/variables-network.pkr.hcl b/builds/linux/oracle/9/variables-network.pkr.hcl new file mode 100644 index 0000000..f35e3a3 --- /dev/null +++ b/builds/linux/oracle/9/variables-network.pkr.hcl @@ -0,0 +1,36 @@ +/* + DESCRIPTION: + Oracle Linux 9 network variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Network Settings + +variable "vm_network_device" { + type = string + description = "The network device of the VM." + default = "ens192" +} + +variable "vm_ip_address" { + type = string + description = "The IP address of the VM (e.g. 172.16.100.192)." + default = null +} + +variable "vm_ip_netmask" { + type = number + description = "The netmask of the VM (e.g. 24)." + default = null +} + +variable "vm_ip_gateway" { + type = string + description = "The gateway of the VM (e.g. 172.16.100.1)." + default = null +} + +variable "vm_dns_list" { + type = list(string) + description = "The nameservers of the VM." + default = [] +} \ No newline at end of file diff --git a/builds/linux/oracle/9/variables-storage.pkr.hcl b/builds/linux/oracle/9/variables-storage.pkr.hcl new file mode 100644 index 0000000..2f325e5 --- /dev/null +++ b/builds/linux/oracle/9/variables-storage.pkr.hcl @@ -0,0 +1,53 @@ +/* + DESCRIPTION: + Oracle Linux 9 storage variables used by the Packer Plugin for Proxmox (proxmox-iso). +*/ + +// VM Storage Settings + +variable "vm_disk_device" { + type = string + description = "The device for the virtual disk. (e.g. 'sda')" +} + +variable "vm_disk_use_swap" { + type = bool + description = "Whether to use a swap partition." +} + +variable "vm_disk_partitions" { + type = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + volume_group = string + })) + description = "The disk partitions for the virtual disk." +} + +variable "vm_disk_lvm" { + type = list(object({ + name = string + partitions = list(object({ + name = string + size = number + format = object({ + label = string + fstype = string + }) + mount = object({ + path = string + options = string + }) + })) + })) + description = "The LVM configuration for the virtual disk." + default = [] +} diff --git a/builds/linux/oracle/9/variables.pkr.hcl b/builds/linux/oracle/9/variables.pkr.hcl new file mode 100644 index 0000000..e1715c7 --- /dev/null +++ b/builds/linux/oracle/9/variables.pkr.hcl @@ -0,0 +1,307 @@ +/* + DESCRIPTION: + Oracle Linux 9 variables using the Packer Builder for Proxmox (proxmox-iso). +*/ + +// BLOCK: variable +// Defines the input variables. + +// Proxmox Credentials + +variable "proxmox_hostname" { + type = string + description = "The FQDN or IP address of a Proxmox node. Only one node should be specified in a cluster." +} + +variable "proxmox_api_token_id" { + type = string + description = "The token to login to the Proxmox node/cluster. The format is USER@REALM!TOKENID. (e.g. packer@pam!packer_pve_token)" +} + +variable "proxmox_api_token_secret" { + type = string + description = "The secret for the API token used to login to the Proxmox API." +# sensitive = true +} + +variable "proxmox_insecure_connection" { + description = "true/false to skip Proxmox TLS certificate checks." + type = bool + default = true +} + +// Proxmox Settings + +variable "proxmox_node" { + type = string + description = "The name of the Proxmox node that Packer will build templates on." +} + +// Virtual Machine Settings + +variable "vm_os_language" { + type = string + description = "The guest operating system language." + default = "en_US" +} + +variable "vm_os_keyboard" { + type = string + description = "The guest operating system keyboard layout." + default = "us" +} + +variable "vm_os_timezone" { + type = string + description = "The guest operating system timezone." + default = "UTC" +} + +variable "vm_os_family" { + type = string + description = "The guest operating system family. Used for naming. (e.g. 'linux')" +} + +variable "vm_os_name" { + type = string + description = "The guest operating system name. Used for naming. (e.g. 'ubuntu')" +} + +variable "vm_os_version" { + type = string + description = "The guest operating system version. Used for naming. (e.g. '22-04-lts')" +} + +variable "vm_os_type" { + type = string + description = "The guest operating system type. (e.g. 'l26')" +} + +variable "vm_bios" { + type = string + description = "The firmware type. Allowed values 'ovmf' or 'seabios'" + default = "ovmf" + + validation { + condition = contains(["ovmf", "seabios"], var.vm_bios) + error_message = "The vm_bios value must be 'ovmf' or 'seabios'." + } +} + +variable "vm_firmware_path" { + type = string + description = "The firmware file to be used. Needed for EFI" + default = "/usr/share/ovmf/OVMF.fd" +} + +variable "vm_efi_storage_pool" { + type = string + description = "Set the UEFI disk storage location. (e.g. 'local-lvm')" + default = "local-lvm" +} + +variable "vm_efi_type" { + type = string + description = "Specifies the version of the OVMF firmware to be used. (e.g. '4m')" + default = "4m" +} + +variable "vm_efi_pre_enrolled_keys" { + type = bool + description = "Whether Microsoft Standard Secure Boot keys should be pre-loaded on the EFI disk. (e.g. false)" + default = false +} + +variable "vm_cpu_count" { + type = number + description = "The number of virtual CPUs. (e.g. '2')" +} + +variable "vm_cpu_sockets" { + type = number + description = "The number of virtual CPU sockets. (e.g. '1')" +} + +variable "vm_cpu_type" { + type = string + description = "The CPU type to emulate. See the Proxmox API documentation for the complete list of accepted values. For best performance, set this to host. Defaults to kvm64." +} + +variable "vm_mem_size" { + type = number + description = "The size for the virtual memory in MB. (e.g. '2048')" +} + +variable "vm_disk_controller_type" { + type = string + description = "The SCSI controller model to emulate. (e.g. 'virtio-scsi-pci')" +} + +variable "vm_disk_type" { + type = string + description = "The type of disk to emulate. (e.g. 'virtio')" +} + +variable "vm_storage_pool" { + type = string + description = "The name of the Proxmox storage pool to store the VM template. (e.g. 'local-lvm')" +} + +variable "vm_disk_size" { + type = string + description = "The size for the virtual disk in GB. (e.g. '32G')" +} + +variable "vm_disk_format" { + type = string + description = "The format of the file backing the disk. (e.g. 'qcow2')" +} + +variable "vm_network_card_model" { + type = string + description = "The model of the virtual network adapter to emulate. (e.g. 'virtio')" +} + +variable "vm_bridge_interface" { + type = string + description = "The name of the Proxmox bridge to attach the adapter to." +} + +variable "vm_vlan_tag" { + type = string + description = "If the adapter should tag packets, give the VLAN ID. (e.g. '102')" +} + +// Cloud-Init Settings + +variable "vm_cloudinit" { + type = bool + description = "Enable or disable cloud-init drive in Proxmox. (e.g. false)" + default = false +} + +// Removable Media Settings + +variable "common_iso_storage" { + type = string + description = "The name of the source Proxmox storage location for ISO images. (e.g. 'local-lvm')" +} + +variable "iso_path" { + type = string + description = "The path on the source Proxmox storage location for ISO images. (e.g. 'iso')" +} + +variable "iso_file" { + type = string + description = "The file name of the ISO image used by the vendor. (e.g. 'ubuntu--live-server-amd64.iso')" +} + +variable "iso_checksum" { + type = string + description = "The checksum value of the ISO image provided by the vendor." +} + +// Boot Settings + +variable "common_data_source" { + type = string + description = "The provisioning data source. (e.g. 'http' or 'disk')" +} + +variable "common_http_bind_address" { + type = string + description = "Define an IP address on the host to use for the HTTP server." + default = null +} + +variable "common_http_port_min" { + type = number + description = "The start of the HTTP port range." +} + +variable "common_http_port_max" { + type = number + description = "The end of the HTTP port range." +} + +variable "vm_boot" { + type = string + description = "The boot order for virtual machine devices. (e.g. 'order=virtio0;ide2;net0')" +} + +variable "vm_boot_wait" { + type = string + description = "The time to wait after booting the initial VM before typing the boot_command (e.g '10s')" +} + +variable "common_ip_wait_timeout" { + type = string + description = "Time to wait for guest operating system IP address response." +} + +variable "common_shutdown_timeout" { + type = string + description = "Time to wait for guest operating system shutdown." +} + +// Communicator Settings and Credentials + +variable "build_username" { + type = string + description = "The username to login to the guest operating system. (e.g. 'ubuntu')" +# sensitive = true +} + +variable "build_password" { + type = string + description = "The password to login to the guest operating system." +# sensitive = true +} + +variable "build_password_encrypted" { + type = string + description = "The encrypted password to login to the guest operating system." +# sensitive = true +} + +variable "build_key" { + type = string + description = "The SSH public key to login to the guest operating system." +# sensitive = true +} + +variable "timeout" { + description = "not sure why I need so high a timeout but here we are" + default = "90m" +} + +// Ansible Credentials + +variable "ansible_username" { + type = string + description = "The username for Ansible to login to the guest operating system. (e.g. 'ansible')" +# sensitive = true +} + +variable "ansible_key" { + type = string + description = "The public key for Ansible to login to the guest operating system." +# sensitive = true +} + +// HCP Packer Settings + +variable "common_hcp_packer_registry_enabled" { + type = bool + description = "Enable the HCP Packer registry." + default = false +} + +// Additional Settings + +variable "additional_packages" { + type = list(string) + description = "Additional packages to install." + default = [] +} \ No newline at end of file From 8b39ea1a34c8e352a1098bc8eaf11a14bac0d55a Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 15 Jul 2024 10:30:18 -0500 Subject: [PATCH 69/72] fix: reordered build order and added new builds --- build.sh | 556 ++++++++++++++++++++++++++++++------------------------- 1 file changed, 300 insertions(+), 256 deletions(-) diff --git a/build.sh b/build.sh index 52ae17f..592105b 100755 --- a/build.sh +++ b/build.sh @@ -8,8 +8,8 @@ SCRIPT_PATH=$(realpath "$(dirname "$(follow_link "$0")")") CONFIG_PATH=$(realpath "${1:-${SCRIPT_PATH}/config}") menu_option_1() { - INPUT_PATH="$SCRIPT_PATH"/builds/linux/centos/8-stream/ - echo -e "\nCONFIRM: Build a CentOS 8 Stream Template for Proxmox?" + INPUT_PATH="$SCRIPT_PATH"/builds/linux/almalinux/9/ + echo -e "\nCONFIRM: Build a AlmaLinux 9 Template for Proxmox?" echo -e "\nContinue? (y/n)" read -r REPLY if [[ ! $REPLY =~ ^[Yy]$ ]] @@ -17,8 +17,8 @@ menu_option_1() { exit 1 fi - ### Build a CentOS 8 Stream Template for Proxmox. ### - echo "Building a CentOS 8 Stream Template for Proxmox..." + ### Build a AlmaLinux 9 Template for Proxmox. ### + echo "Building a AlmaLinux 9 Template for Proxmox..." ### Initialize HashiCorp Packer and required plugins. ### echo "Initializing HashiCorp Packer and required plugins..." @@ -27,11 +27,12 @@ menu_option_1() { ### Start the Build. ### echo "Starting the build...." packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ "$INPUT_PATH" ### All done. ### @@ -39,6 +40,38 @@ menu_option_1() { } menu_option_2() { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/almalinux/8/ + echo -e "\nCONFIRM: Build a AlmaLinux 8 Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a AlmaLinux 8 Template for Proxmox. ### + echo "Building a AlmaLinux 8 Template for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_3() { INPUT_PATH="$SCRIPT_PATH"/builds/linux/centos/9-stream/ echo -e "\nCONFIRM: Build a CentOS 9 Stream Template for Proxmox?" echo -e "\nContinue? (y/n)" @@ -58,42 +91,12 @@ menu_option_2() { ### Start the Build. ### echo "Starting the build...." packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ - "$INPUT_PATH" - - ### All done. ### - echo "Done." -} - -menu_option_3() { - INPUT_PATH="$SCRIPT_PATH"/builds/linux/debian/11/ - echo -e "\nCONFIRM: Build a Debian 11 (Bullseye) Template for Proxmox?" - echo -e "\nContinue? (y/n)" - read -r REPLY - if [[ ! $REPLY =~ ^[Yy]$ ]] - then - exit 1 - fi - - ### Build a Debian 11 (Bullseye) for Proxmox. ### - echo "Building a Debian 11 (Bullseye) for Proxmox..." - - ### Initialize HashiCorp Packer and required plugins. ### - echo "Initializing HashiCorp Packer and required plugins..." - packer init "$INPUT_PATH" - - ### Start the Build. ### - echo "Starting the build...." - packer build -force \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ "$INPUT_PATH" ### All done. ### @@ -120,11 +123,12 @@ menu_option_4() { ### Start the Build. ### echo "Starting the build...." packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ "$INPUT_PATH" ### All done. ### @@ -132,8 +136,8 @@ menu_option_4() { } menu_option_5() { - INPUT_PATH="$SCRIPT_PATH"/builds/linux/rocky/8/ - echo -e "\nCONFIRM: Build a Rocky Linux 8 Template for Proxmox?" + INPUT_PATH="$SCRIPT_PATH"/builds/linux/debian/11/ + echo -e "\nCONFIRM: Build a Debian 11 (Bullseye) Template for Proxmox?" echo -e "\nContinue? (y/n)" read -r REPLY if [[ ! $REPLY =~ ^[Yy]$ ]] @@ -141,8 +145,8 @@ menu_option_5() { exit 1 fi - ### Build a Rocky Linux 8 for Proxmox. ### - echo "Building a Rocky Linux 8 for Proxmox..." + ### Build a Debian 11 (Bullseye) for Proxmox. ### + echo "Building a Debian 11 (Bullseye) for Proxmox..." ### Initialize HashiCorp Packer and required plugins. ### echo "Initializing HashiCorp Packer and required plugins..." @@ -151,11 +155,12 @@ menu_option_5() { ### Start the Build. ### echo "Starting the build...." packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ "$INPUT_PATH" ### All done. ### @@ -163,8 +168,8 @@ menu_option_5() { } menu_option_6() { - INPUT_PATH="$SCRIPT_PATH"/builds/linux/rocky/9/ - echo -e "\nCONFIRM: Build a Rocky Linux 9 Template for Proxmox?" + INPUT_PATH="$SCRIPT_PATH"/builds/linux/opensuse/leap-15-6/ + echo -e "\nCONFIRM: Build a OpenSUSE Leap 15.6 Template for Proxmox?" echo -e "\nContinue? (y/n)" read -r REPLY if [[ ! $REPLY =~ ^[Yy]$ ]] @@ -172,8 +177,8 @@ menu_option_6() { exit 1 fi - ### Build a Rocky Linux 9 for Proxmox. ### - echo "Building a Rocky Linux 9 for Proxmox..." + ### Build a OpenSUSE Leap 15.6 Template for Proxmox. ### + echo "Building a OpenSUSE Leap 15.6 Template for Proxmox..." ### Initialize HashiCorp Packer and required plugins. ### echo "Initializing HashiCorp Packer and required plugins..." @@ -182,11 +187,12 @@ menu_option_6() { ### Start the Build. ### echo "Starting the build...." packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ "$INPUT_PATH" ### All done. ### @@ -194,195 +200,6 @@ menu_option_6() { } menu_option_7() { - INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/20-04-lts/ - echo -e "\nCONFIRM: Build a Ubuntu Server 20.04 LTS Template for Proxmox?" - echo -e "\nContinue? (y/n)" - read -r REPLY - if [[ ! $REPLY =~ ^[Yy]$ ]] - then - exit 1 - fi - - ### Build a Ubuntu Server 20.04 LTS Template for Proxmox. ### - echo "Building a Ubuntu Server 20.04 LTS Template for Proxmox..." - - ### Initialize HashiCorp Packer and required plugins. ### - echo "Initializing HashiCorp Packer and required plugins..." - packer init "$INPUT_PATH" - - ### Start the Build. ### - echo "Starting the build...." - packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ - "$INPUT_PATH" - - ### All done. ### - echo "Done." -} - -menu_option_8() { - INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/20-04-lts/ - echo -e "\nCONFIRM: Build a Ubuntu Server 20.04 LTS (cloud-init) Template for Proxmox?" - echo -e "\nContinue? (y/n)" - read -r REPLY - if [[ ! $REPLY =~ ^[Yy]$ ]] - then - exit 1 - fi - - ### Build a Ubuntu Server 20.04 LTS Template for Proxmox. ### - echo "Building a Ubuntu Server 20.04 LTS (cloud-init) Template for Proxmox..." - - ### Initialize HashiCorp Packer and required plugins. ### - echo "Initializing HashiCorp Packer and required plugins..." - packer init "$INPUT_PATH" - - ### Start the Build. ### - echo "Starting the build...." - packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ - -var "vm_cloud_init_enable=true" \ - "$INPUT_PATH" - - ### All done. ### - echo "Done." -} - -menu_option_9() { - INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/22-04-lts/ - echo -e "\nCONFIRM: Build a Ubuntu Server 22.04 LTS Template for Proxmox?" - echo -e "\nContinue? (y/n)" - read -r REPLY - if [[ ! $REPLY =~ ^[Yy]$ ]] - then - exit 1 - fi - - ### Build a Ubuntu Server 22.04 LTS Template for Proxmox. ### - echo "Building a Ubuntu Server 22.04 LTS Template for Proxmox..." - - ### Initialize HashiCorp Packer and required plugins. ### - echo "Initializing HashiCorp Packer and required plugins..." - packer init "$INPUT_PATH" - - ### Start the Build. ### - echo "Starting the build...." - packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ - "$INPUT_PATH" - - ### All done. ### - echo "Done." -} - -menu_option_10() { - INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/22-04-lts/ - echo -e "\nCONFIRM: Build a Ubuntu Server 22.04 LTS (cloud-init) Template for Proxmox?" - echo -e "\nContinue? (y/n)" - read -r REPLY - if [[ ! $REPLY =~ ^[Yy]$ ]] - then - exit 1 - fi - - ### Build a Ubuntu Server 22.04 LTS Template for Proxmox. ### - echo "Building a Ubuntu Server 22.04 LTS (cloud-init) Template for Proxmox..." - - ### Initialize HashiCorp Packer and required plugins. ### - echo "Initializing HashiCorp Packer and required plugins..." - packer init "$INPUT_PATH" - - ### Start the Build. ### - echo "Starting the build...." - packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ - -var "vm_cloud_init_enable=true" \ - "$INPUT_PATH" - - ### All done. ### - echo "Done." -} - -menu_option_11() { - INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/24-04-lts/ - echo -e "\nCONFIRM: Build a Ubuntu Server 24.04 LTS Template for Proxmox?" - echo -e "\nContinue? (y/n)" - read -r REPLY - if [[ ! $REPLY =~ ^[Yy]$ ]] - then - exit 1 - fi - - ### Build a Ubuntu Server 24.04 LTS Template for Proxmox. ### - echo "Building a Ubuntu Server 24.04 LTS Template for Proxmox..." - - ### Initialize HashiCorp Packer and required plugins. ### - echo "Initializing HashiCorp Packer and required plugins..." - packer init "$INPUT_PATH" - - ### Start the Build. ### - echo "Starting the build...." - packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ - "$INPUT_PATH" - - ### All done. ### - echo "Done." -} - -menu_option_12() { - INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/24-04-lts/ - echo -e "\nCONFIRM: Build a Ubuntu Server 24.04 LTS (cloud-init) Template for Proxmox?" - echo -e "\nContinue? (y/n)" - read -r REPLY - if [[ ! $REPLY =~ ^[Yy]$ ]] - then - exit 1 - fi - - ### Build a Ubuntu Server 24.04 LTS Template for Proxmox. ### - echo "Building a Ubuntu Server 24.04 LTS (cloud-init) Template for Proxmox..." - - ### Initialize HashiCorp Packer and required plugins. ### - echo "Initializing HashiCorp Packer and required plugins..." - packer init "$INPUT_PATH" - - ### Start the Build. ### - echo "Starting the build...." - packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ - -var "vm_cloud_init_enable=true" \ - "$INPUT_PATH" - - ### All done. ### - echo "Done." -} - -menu_option_13() { INPUT_PATH="$SCRIPT_PATH"/builds/linux/opensuse/leap-15-5/ echo -e "\nCONFIRM: Build a OpenSUSE Leap 15.5 Template for Proxmox?" echo -e "\nContinue? (y/n)" @@ -402,11 +219,236 @@ menu_option_13() { ### Start the Build. ### echo "Starting the build...." packer build -force \ - -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ - -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_8() { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/oracle/9/ + echo -e "\nCONFIRM: Build a Oracle Linux 9 Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a Oracle Linux 9 Template for Proxmox. ### + echo "Building a Oracle Linux 9 Template for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_9() { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/oracle/8/ + echo -e "\nCONFIRM: Build a Oracle Linux 8 Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a Oracle Linux 8 Template for Proxmox. ### + echo "Building a Oracle Linux 8 Template for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_10() { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/rocky/9/ + echo -e "\nCONFIRM: Build a Rocky Linux 9 Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a Rocky Linux 9 for Proxmox. ### + echo "Building a Rocky Linux 9 for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_11() { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/rocky/8/ + echo -e "\nCONFIRM: Build a Rocky Linux 8 Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a Rocky Linux 8 for Proxmox. ### + echo "Building a Rocky Linux 8 for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_12()) { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/24-04-lts/ + echo -e "\nCONFIRM: Build a Ubuntu Server 24.04 LTS Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a Ubuntu Server 24.04 LTS Template for Proxmox. ### + echo "Building a Ubuntu Server 24.04 LTS Template for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_13() { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/22-04-lts/ + echo -e "\nCONFIRM: Build a Ubuntu Server 22.04 LTS Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a Ubuntu Server 22.04 LTS Template for Proxmox. ### + echo "Building a Ubuntu Server 22.04 LTS Template for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ + "$INPUT_PATH" + + ### All done. ### + echo "Done." +} + +menu_option_14() { + INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/20-04-lts/ + echo -e "\nCONFIRM: Build a Ubuntu Server 20.04 LTS Template for Proxmox?" + echo -e "\nContinue? (y/n)" + read -r REPLY + if [[ ! $REPLY =~ ^[Yy]$ ]] + then + exit 1 + fi + + ### Build a Ubuntu Server 20.04 LTS Template for Proxmox. ### + echo "Building a Ubuntu Server 20.04 LTS Template for Proxmox..." + + ### Initialize HashiCorp Packer and required plugins. ### + echo "Initializing HashiCorp Packer and required plugins..." + packer init "$INPUT_PATH" + + ### Start the Build. ### + echo "Starting the build...." + packer build -force \ + -var-file="$CONFIG_PATH/ansible.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/build.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/common.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/linux-storage.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/network.pkrvars.hcl" \ + -var-file="$CONFIG_PATH/proxmox.pkrvars.hcl" \ "$INPUT_PATH" ### All done. ### @@ -445,19 +487,20 @@ until [ "$selection" = "0" ]; do echo "" echo " Linux Distribution:" echo "" - echo " 1 - CentOS 8 Stream" - echo " 2 - CentOS 9 Stream" - echo " 3 - Debian 11 (Bullseye)" - echo " 4 - Debian 12 (Bookworm)" - echo " 5 - Rocky Linux 8" - echo " 6 - Rocky Linux 9" - echo " 7 - Ubuntu Server 20.04 LTS" - echo " 8 - Ubuntu Server 20.04 LTS (cloud-init)" - echo " 9 - Ubuntu Server 22.04 LTS" - echo " 10 - Ubuntu Server 22.04 LTS (cloud-init)" - echo " 11 - Ubuntu Server 24.04 LTS" - echo " 12 - Ubuntu Server 24.04 LTS (cloud-init)" - echo " 13 - OpenSUSE Leap 15.5" + echo " 1 - AlmaLinux 9" + echo " 2 - AlmaLinux 8" + echo " 3 - CentOS 9 Stream" + echo " 4 - Debian 12" + echo " 5 - Debian 11" + echo " 6 - OpenSUSE Leap 15.6" + echo " 7 - OpenSUSE Leap 15.5" + echo " 8 - Oracle Linux 9" + echo " 9 - Oracle Linux 8" + echo " 10 - Rocky Linux 9" + echo " 11 - Rocky Linux 8" + echo " 12 - Ubuntu Server 24.04 LTS" + echo " 13 - Ubuntu Server 22.04 LTS" + echo " 14 - Ubuntu Server 20.04 LTS" echo "" echo " Other:" echo "" @@ -480,6 +523,7 @@ until [ "$selection" = "0" ]; do 11) clear ; menu_option_11 ; press_enter ;; 12) clear ; menu_option_12 ; press_enter ;; 13) clear ; menu_option_13 ; press_enter ;; + 14) clear ; menu_option_14 ; press_enter ;; [Ii] ) clear ; info ; press_enter ;; [Qq] ) clear ; exit ;; * ) clear ; incorrect_selection ; press_enter ;; From 0f46302697dc411427438336141f9224159a2ad1 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 15 Jul 2024 10:31:04 -0500 Subject: [PATCH 70/72] feat: updated defaults --- builds/linux-storage.pkrvars.hcl.example | 247 ++++++++++++++++++++++- 1 file changed, 243 insertions(+), 4 deletions(-) diff --git a/builds/linux-storage.pkrvars.hcl.example b/builds/linux-storage.pkrvars.hcl.example index 9e223c4..d3eb20a 100644 --- a/builds/linux-storage.pkrvars.hcl.example +++ b/builds/linux-storage.pkrvars.hcl.example @@ -2,19 +2,257 @@ DESCRIPTION: Storage variables used for Linux builds. - Variables are passed to and used by guest operating system configuration files (e.g., ks.cfg). + - Only 1 group can be active (i.e. uncommented) at a time. + - Default partition/volume sizing assumes a single 32GB VM disk. + - All disk sizes are in MegaBytes (MB). + - Use a size value of -1 to use all remaining space on disk. */ +/* +// This section is an example when you want to build a VM with the BIOS bootloader +// using a single partition that consumes the entire VM disk. + +// VM Storage Settings +vm_disk_device = "vda" +vm_disk_use_swap = true +vm_disk_partitions = [ + { + name = "root" + size = -1, + format = { + label = "ROOTFS", + fstype = "ext4", + }, + mount = { + path = "/", + options = "", + }, + volume_group = "", + }, +] +*/ + +/* +// This section is an example when you want to build a VM with the UEFI bootloader +// that has the required partitons for UEFI and then a single root partition that +// fills up the rest of the space on the VM disk. + // VM EFI Settings -vm_efi_storage_pool = "vm-data" +vm_efi_storage_pool = "pool0" vm_efi_type = "4m" vm_efi_pre_enrolled_keys = false // VM Storage Settings -vm_efi_storage_pool = "vm-data" +vm_disk_device = "vda" +vm_disk_use_swap = true +vm_disk_partitions = [ + { + name = "efi" + size = 1024, + format = { + label = "EFIFS", + fstype = "fat32", + }, + mount = { + path = "/boot/efi", + options = "", + }, + volume_group = "", + }, + { + name = "boot" + size = 1024, + format = { + label = "BOOTFS", + fstype = "ext4", + }, + mount = { + path = "/boot", + options = "", + }, + volume_group = "", + }, + { + name = "root" + size = -1, + format = { + label = "ROOTFS", + fstype = "ext4", + }, + mount = { + path = "/", + options = "", + }, + volume_group = "", + }, +] +*/ + +/* +// This section is an example when you want to build a VM with the BIOS bootloader +// using LVM with a volume layout that follows CIS hardening guidelines. + +// VM Storage Settings +vm_disk_device = "vda" +vm_disk_use_swap = true +vm_disk_partitions = [ + { + name = "boot" + size = 1024, + format = { + label = "BOOTFS", + fstype = "ext4", + }, + mount = { + path = "/boot", + options = "", + }, + volume_group = "", + }, + { + name = "sysvg" + size = -1, + format = { + label = "", + fstype = "", + }, + mount = { + path = "", + options = "", + }, + volume_group = "sysvg", + }, +] +vm_disk_lvm = [ + { + name: "sysvg", + partitions: [ + { + name = "lv_swap", + size = 1024, + format = { + label = "SWAPFS", + fstype = "swap", + }, + mount = { + path = "", + options = "", + }, + }, + { + name = "lv_root", + size = 10240, + format = { + label = "ROOTFS", + fstype = "ext4", + }, + mount = { + path = "/", + options = "", + }, + }, + { + name = "lv_home", + size = 4096, + format = { + label = "HOMEFS", + fstype = "ext4", + }, + mount = { + path = "/home", + options = "nodev,nosuid", + }, + }, + { + name = "lv_opt", + size = 2048, + format = { + label = "OPTFS", + fstype = "ext4", + }, + mount = { + path = "/opt", + options = "nodev", + }, + }, + { + name = "lv_tmp", + size = 4096, + format = { + label = "TMPFS", + fstype = "ext4", + }, + mount = { + path = "/tmp", + options = "nodev,noexec,nosuid", + }, + }, + { + name = "lv_var", + size = 2048, + format = { + label = "VARFS", + fstype = "ext4", + }, + mount = { + path = "/var", + options = "nodev", + }, + }, + { + name = "lv_var_tmp", + size = 1000, + format = { + label = "VARTMPFS", + fstype = "ext4", + }, + mount = { + path = "/var/tmp", + options = "nodev,noexec,nosuid", + }, + }, + { + name = "lv_var_log", + size = 4096, + format = { + label = "VARLOGFS", + fstype = "ext4", + }, + mount = { + path = "/var/log", + options = "nodev,noexec,nosuid", + }, + }, + { + name = "lv_var_audit", + size = 500, + format = { + label = "AUDITFS", + fstype = "ext4", + }, + mount = { + path = "/var/log/audit", + options = "nodev,noexec,nosuid", + }, + }, + ], + } +] +*/ + +/* +// This section is an example when you want to build a VM with the EFI firmware +// using LVM with a volume layout that follows CIS hardening guidelines. + +// EFI Settings for VM +// NOTE: This requires the vm_bios to be set to 'ovmf'! + +//VM EFI Settings +vm_efi_storage_pool = "pool0" vm_efi_type = "4m" vm_efi_pre_enrolled_keys = false -// VM Storage Settings +// UEFI VM Storage Settings vm_disk_device = "vda" vm_disk_use_swap = true vm_disk_partitions = [ @@ -172,4 +410,5 @@ vm_disk_lvm = [ }, ], } -] \ No newline at end of file +] +*/ \ No newline at end of file From 58421901826aba2dbcd6999a014333ac79a3f460 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 15 Jul 2024 20:42:10 -0500 Subject: [PATCH 71/72] fix: remove extra parenthesis --- build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.sh b/build.sh index 592105b..7c0d2a7 100755 --- a/build.sh +++ b/build.sh @@ -359,7 +359,7 @@ menu_option_11() { echo "Done." } -menu_option_12()) { +menu_option_12() { INPUT_PATH="$SCRIPT_PATH"/builds/linux/ubuntu/24-04-lts/ echo -e "\nCONFIRM: Build a Ubuntu Server 24.04 LTS Template for Proxmox?" echo -e "\nContinue? (y/n)" From 4b630847d6b7e0e25abea637d05b7f2fc6b09f30 Mon Sep 17 00:00:00 2001 From: AJ Schroeder <6432150+ajschroeder@users.noreply.github.com> Date: Mon, 15 Jul 2024 20:46:43 -0500 Subject: [PATCH 72/72] doc: major updates --- README.md | 448 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 255 insertions(+), 193 deletions(-) diff --git a/README.md b/README.md index 76a7fad..2c9b4fd 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ 1. [Requirements](#requirements) 1. [Download](#download) 1. [Configuration](#configuration) -1. [Build](#build) +1. [Packer Machine Image Builds](#packer-machine-image-builds) 1. [Troubleshoot](#troubleshoot) 1. [Known Issues](#known-issues) 1. [Unsupported Features](#unsupported-features) @@ -17,24 +17,28 @@ This repository provides opinionated infrastructure-as-code examples to automate the creation of virtual machine images and their guest operating systems on Proxmox using [HashiCorp Packer][packer] and the [Packer Plugin for Proxmox][packer-plugin-proxmox] (`proxmox-iso` builder). All examples are authored in the HashiCorp Configuration Language ("HCL2"). -By default, the machine image artifacts are converted to templates within Proxmox after a virtual machine is built and configured according to the individual templates. With the Packer Plugin for Proxmox, a new template with a unique VMID gets created each time Packer runs successfully[^1]. This is unlike VMware, where if an item with the same name exists it will be overwritten. +By default, the machine image artifacts are converted to templates within Proxmox after a virtual machine is built and configured according to the individual templates. The following builds are available: ## Linux Distributions -| Operating System | Version | -| :--- | :--- | -| CentOS Stream | 9 | -| CentOS Stream | 8 | -| Debian | 12 | -| Debian | 11 | -| Rocky Linux | 9 | -| Rocky Linux | 8 | -| OpenSUSE Leap | 15.5 | -| Ubuntu Server | 24.04 LTS | -| Ubuntu Server | 22.04 LTS | -| Ubuntu Server | 20.04 LTS | +| Operating System | Version | Custom Storage Config | Static IP Support | UEFI Bootloader | BIOS Bootloader | +| :--- | :--- | :---: | :---: | :---: | :---: | +| AlmaLinux | 9 | ✓ | ✓ | ✓ | | +| AlmaLinux | 8 | ✓ | ✓ | ✓ | | +| CentOS Stream | 9 | ✓ | ✓ | | | +| Debian | 12 | ✓ | | | | +| Debian | 11 | ✓ | | | | +| Oracle Linux | 9 | ✓ | | | | +| Oracle Linux | 8 | ✓ | | | | +| Rocky Linux | 9 | ✓ | | | | +| Rocky Linux | 8 | ✓ | | | | +| OpenSUSE Leap | 15.6 | ✓ | | | | +| OpenSUSE Leap | 15.5 | ✓ | | | | +| Ubuntu Server | 24.04 LTS | ✓ | | | | +| Ubuntu Server | 22.04 LTS | ✓ | | | | +| Ubuntu Server | 20.04 LTS | ✓ | ✓ | ✓ | ✓ | ## Requirements @@ -42,13 +46,13 @@ The following builds are available: Operating systems and versions tested with the project: -- Proxmox PVE Version 8 +- Proxmox PVE Version >= 8 - Ubuntu Server 22.04 LTS (`x86_64`) - CentOS Stream 9 (`x86_64`) **Packer**: -- HashiCorp [Packer][packer-install] 1.9.4 or higher. +- HashiCorp [Packer][packer-install] 1.11.0 or higher. > **Note** > @@ -117,8 +121,8 @@ Operating systems and versions tested with the project: > > Required plugins are automatically downloaded and initialized when using `./build.sh`. For dark sites, you may download the plugins and place these same directory as your Packer executable `/usr/local/bin` or `$HOME/.packer.d/plugins`. - - HashiCorp [Packer Plugin for Proxmox][packer-plugin-proxmox] 1.1.3 or later. - - [Packer Plugin for Git][packer-plugin-git] 0.4.2 or later - a community plugin for HashiCorp Packer. + - HashiCorp [Packer Plugin for Proxmox][packer-plugin-proxmox] 1.1.8 or later. + - [Packer Plugin for Git][packer-plugin-git] 0.6.2 or later - a community plugin for HashiCorp Packer. **Ansible**: @@ -230,7 +234,20 @@ This is useful for the purposes of running machine image builds for different en ## Configuration Variables -### Build +### Ansible Variables + +Edit the `config/ansible.pkrvars.hcl` file to configure the credentials for the Ansible account on Linux machine images. + +```hcl title="config/ansible.pkrvars.hcl" +ansible_username = "ansible" +ansible_key = "" +``` + +**Ansible User Password** + +A random password is auto-generated for the Ansible user. + +### Build Variables Edit the `config/build.pkrvars.hcl` file to configure the credentials for the default account on machine images. @@ -285,20 +302,7 @@ The content of the public key, `build_key`, is added the key to the `~/.ssh/auth > > If you wish to disable Password Authentication and only use Public Key Authentication, comment or remove the portion of the associated Ansible `configure` role. -### Ansible - -Edit the `config/ansible.pkrvars.hcl` file to configure the credentials for the Ansible account on Linux machine images. - -```hcl title="config/ansible.pkrvars.hcl" -ansible_username = "ansible" -ansible_key = "" -``` - -**Ansible User Password** - -A random password is auto-generated for the Ansible user. - -### Common +### Common Variables Edit the `config/common.pkrvars.hcl` file to configure the following common variables: @@ -322,7 +326,7 @@ common_shutdown_timeout = "15m" common_hcp_packer_registry_enabled = false ``` -### Data Source +#### Data Source The default provisioning data source for Linux machine image builds is `http`. This is used to serve the kickstart files to the Linux guest operating system during the build. @@ -355,7 +359,7 @@ common_data_source = "disk" The Packer plugin's `cd_content` option is used when selecting `disk` unless the distribution does not support a secondary CD-ROM. -### HTTP Binding +#### HTTP Binding If you need to define a specific IPv4 address from your host for Packer's built-in HTTP server, modify the `common_http_ip` variable from `null` to a `string` value that matches an IP address on your Packer host. @@ -363,7 +367,22 @@ If you need to define a specific IPv4 address from your host for Packer's built- common_http_ip = "172.16.11.254" ``` -### Proxmox VE +### Network Variables + +Configuring a static IP address under the `configs/network.pkrvars.hcl` file is supported. If you want to use DHCP for the templates then leave these variables commented out. The default is DHCP. + +Edit the `config/network.pkrvars.hcl` file to configure the following: + +- Static IP address settings + +```hcl title="config/network.pkrvars.hcl" +vm_ip_address = "192.168.101.100" +vm_ip_netmask = 24 +vm_ip_gateway = "192.168.101.1" +vm_dns_list = [ "8.8.8.8", "8.8.4.4" ] +``` + +### Proxmox Variables Edit the `config/proxmox.pkrvars.hcl` file to configure the following: @@ -386,81 +405,10 @@ For more information, please see the [Proxmox documentation][proxmox-api-tokens] For Proxmox installs that use a self-signed certificate, you will want to set `proxmox_insecure_connection` to `true`. -### Machine Images - -Edit the `*.auto.pkrvars.hcl` file in each `builds//` directory to configure the following virtual machine hardware settings, as required: - -- CPUs `(int)` -- CPU Cores `(int)` -- Memory in MB `(int)` -- Primary Disk in MB `(string)` (e.g. 32GB) -- .iso Path `(string)` -- .iso File `(string)` - -```hcl title="builds/linux/debian/11/linux-debian.auto.pkrvars.hcl" -// Guest Operating System Metadata -vm_os_language = "en_US" -vm_os_keyboard = "us" -vm_os_timezone = "UTC" -vm_os_family = "linux" -vm_os_name = "debian" -vm_os_version = "11" - -// Virtual Machine Guest Operating System Setting -vm_os_type = "l26" - -// Virtual Machine Hardware Settings -vm_bios = "seabios" -vm_cpu_count = 1 -vm_cpu_sockets = 1 -vm_cpu_type = "kvm64" -vm_mem_size = 2048 -vm_disk_type = "virtio" -vm_disk_size = "32G" -vm_disk_format = "raw" -vm_storage_pool = "vm-data" -vm_disk_controller_type = "virtio-scsi-pci" -vm_network_card_model = "virtio" -vm_bridge_interface = "vmbr0" -vm_vlan_tag = "102" - -// Removable Media Settings -iso_path = "iso" -iso_file = "ubuntu-22.04-live-server-amd64.iso" -iso_checksum = "84aeaf7823c8c61baa0ae862d0a06b03409394800000b3235854a6b38eb4856f" - -// Boot Settings -vm_boot = "order=virtio0;ide2;net0" -vm_boot_wait = "5s" - -// EFI Settings (currently an unsupported feature) -vm_firmware_path = "./OVMF.fd" -vm_efi_storage_pool = "vm-data" -vm_efi_pre_enrolled_keys = false -vm_efi_type = "4m" -``` - -> [!NOTE] -> All `variables.auto.pkrvars.hcl` default to using: -> - VirtIO SCSI storage device -> - VirtIO (paravirtualized) network card device -> - BIOS boot firmware - -The defaults use VirtIO to balance out performance, compatibility, and ease of use. Feel free to change the storage and network controllers to suit your needs. However, if you change the storage or network controllers and run into issues you should change them back to defaults and try the builds again. I won't support any builds that don't use the VirtIO drivers. - -At this time UEFI is [not supported](#unsupported-features) so that means we are left with `seabios` as the default (and only) firmware setting. The reasons for not supporting UEFI may be boring, but the biggest reason is that Proxmox Virtual Machines that have EFI disks can't be live migrated between nodes or storage pools. - -If you are interested in more detail - when I first started testing these packer builds in my home lab I was using `ovmf` (UEFI) firmware. During my initial testing the ZFS pool where I housed my VMs cratered and I had to rebuild the pool and restore all my VMs from backups. During the recovery of my storage pool, I changed over to LVM and had to migrate VMs between storage pools several times and each VM that had EFI disks had to be shutdown, migrated, and then powered on. Offline migration isn't *that* much of an inconvenience, however at the time I was trying to figure out my VM storage and recover all my VMs it was just one more annoyance. All that said, I think Proxmox should support live migration regardless of VM firmware type. - -### VM Storage - -> [!WARNING] -> The storage config is still very much a work in progress. Suggestions are welcome, see the contributing section. +### Storage Variables Edit the `config/linux-storage.pkrvars.hcl` file to configure storage for VM templates. -This file is fairly lengthy and should be broken down into chunks. - #### Disk Device ```hcl @@ -468,90 +416,82 @@ This file is fairly lengthy and should be broken down into chunks. vm_disk_device = "vda" ``` -`vm_disk_device`:`string` - This variable depends on the disk controller used inside of the specific `.auto.pkrvars.hcl` file. By default, the builds use the `virtio-scsi-pci` disk controller and that requires the use of `vda`. If you decide to run a SCSI controller, then you'll have to change the value to `sda`. This variable only accepts `sda` or `vda` as values. +`vm_disk_device`:`string` - This variable depends on the disk controller used inside of the specific `.auto.pkrvars.hcl` file. By default, the builds use the `virtio-scsi-pci` disk controller and that requires the use of `vda`. If you decide to use a non-virtio controller, then you'll have to change the `vm_disk_device` variable to the appropriate device. + +#### EFI Device +```hcl +vm_efi_storage_pool = "pool0" +vm_efi_type = "4m" +vm_efi_pre_enrolled_keys = false +``` #### Disk Partitions `vm_disk_partitions`:`list[dict]` - Use this list to define the primary partitions that will be created when a specific build runs. Each of the builds process this list in order, so the first partition defined in the list will be the first partition created, the second one listed will be the second one created, and so on. -##### Automatic Partitioning (All In One) Example -This example is the simplest way to allocate storage within your templates. It makes use of the particular Linux distribution's automatic partitioning feature in their respective automatic installers. +> **Note** +> +> - All partition sizes are in MegaBytes (MB) +> - If you want to have a partition consume all available free space, you can indicate that with `-1` -The three settings to note are: +##### Partitioning Examples -- name `(string)`: This must be set to `autopart` to use automatic partitioning -- size `(int)`: This needs to be set to -1 to consume all available disk space -- fstype `(string)` (optional): This can be set to `lvm`, `simple`, or left blank. Setting this to `simple` uses a single regular partition. Setting this to `lvm` still uses a single partition, but makes use of LVM. Leaving this value blank will default to a `simple` partitioning scheme. - -```hcl -vm_disk_partitions = [ - { - name = "autopart" - size = -1, - format = { - label = "", - fstype = "lvm", - }, - mount = { - path = "", - options = "", - }, - volume_group = "", - }, -] -``` - -##### LVM Partitioning Example -Below is an example of a partition layout for a VM template that boots with BIOS and uses LVM. The first partition is a 1GB primary partition and is mounted as /boot, finally the second partition consumes the rest of the free space (noted by -1 for space) and is setup for LVM. - -> [!WARNING] -> The mount point of `/boot` is used by the templates and is required. - -```hcl -vm_disk_partitions = [ - { - name = "boot" - size = 1000, - format = { - label = "BOOTFS", - fstype = "ext4", - }, - mount = { - path = "/boot", - options = "", - }, - volume_group = "", - }, - { - name = "vg_root" - size = -1, - format = { - label = "", - fstype = "", - }, - mount = { - path = "", - options = "", - }, - volume_group = "vg_root", - }, -] -``` - -##### LVM Partitioning Example with CIS partitions -Below is an example of a partition layout for a VM template that uses LVM and has extra partitions with mount options required by CIS for hardening a system. The first partition is a 1GB primary partition and is mounted as /boot, finally the second partition consumes the rest of the free space (noted by -1 for space) and is setup for LVM. - -> [!WARNING] -> The mount point of `/boot` is used by the templates and is required. +
+ Single Partition Example for BIOS bootloaders +Below is an example of a partition layout for a VM template that boots with BIOS and uses a single partition for the OS. ```hcl title="config/linux-storage.pkrvars.hcl" // VM Storage Settings vm_disk_device = "vda" vm_disk_use_swap = true vm_disk_partitions = [ + { + name = "root" + size = -1, + format = { + label = "ROOTFS", + fstype = "ext4", + }, + mount = { + path = "/", + options = "", + }, + volume_group = "", + }, +] +``` +
+ +
+ Single Partition Example for UEFI bootloaders +This example is similar to the above example except that it has the extra partitions needed for the UEFI (OVMF) bootloader. Note the extra variables for the EFI settings. + +```hcl title="config/linux-storage.pkrvars.hcl" +// VM EFI Settings +vm_efi_storage_pool = "pool0" +vm_efi_type = "4m" +vm_efi_pre_enrolled_keys = false + +// VM Storage Settings +vm_disk_device = "vda" +vm_disk_use_swap = true +vm_disk_partitions = [ + { + name = "efi" + size = 1024, + format = { + label = "EFIFS", + fstype = "fat32", + }, + mount = { + path = "/boot/efi", + options = "", + }, + volume_group = "", + }, { name = "boot" - size = 1000, + size = 1024, format = { label = "BOOTFS", fstype = "ext4", @@ -563,7 +503,65 @@ vm_disk_partitions = [ volume_group = "", }, { - name = "vg_root" + name = "root" + size = -1, + format = { + label = "ROOTFS", + fstype = "ext4", + }, + mount = { + path = "/", + options = "", + }, + volume_group = "", + }, +] +``` +
+ +
+ LVM Partitioning Example with CIS partitions for UEFI bootloaders +This is a more complex example of a partition layout for a VM template that uses LVM and has volumes with mount options required by CIS for hardening a linux system. + + +```hcl title="config/linux-storage.pkrvars.hcl" +//VM EFI Settings +vm_efi_storage_pool = "pool0" +vm_efi_type = "4m" +vm_efi_pre_enrolled_keys = false + +// UEFI VM Storage Settings +vm_disk_device = "vda" +vm_disk_use_swap = true +vm_disk_partitions = [ + { + name = "efi" + size = 1024, + format = { + label = "EFIFS", + fstype = "fat32", + }, + mount = { + path = "/boot/efi", + options = "", + }, + volume_group = "", + }, + { + name = "boot" + size = 1024, + format = { + label = "BOOTFS", + fstype = "ext4", + }, + mount = { + path = "/boot", + options = "", + }, + volume_group = "", + }, + { + name = "sysvg" size = -1, format = { label = "", @@ -573,16 +571,16 @@ vm_disk_partitions = [ path = "", options = "", }, - volume_group = "vg_root", + volume_group = "sysvg", }, ] vm_disk_lvm = [ { - name: "vg_root", + name: "sysvg", partitions: [ { name = "lv_swap", - size = 1000, + size = 1024, format = { label = "SWAPFS", fstype = "swap", @@ -594,7 +592,7 @@ vm_disk_lvm = [ }, { name = "lv_root", - size = 3000, + size = 10240, format = { label = "ROOTFS", fstype = "ext4", @@ -606,7 +604,7 @@ vm_disk_lvm = [ }, { name = "lv_home", - size = 1000, + size = 4096, format = { label = "HOMEFS", fstype = "ext4", @@ -618,7 +616,7 @@ vm_disk_lvm = [ }, { name = "lv_opt", - size = 2000, + size = 2048, format = { label = "OPTFS", fstype = "ext4", @@ -630,7 +628,7 @@ vm_disk_lvm = [ }, { name = "lv_tmp", - size = 2000, + size = 4096, format = { label = "TMPFS", fstype = "ext4", @@ -642,7 +640,7 @@ vm_disk_lvm = [ }, { name = "lv_var", - size = 3000, + size = 2048, format = { label = "VARFS", fstype = "ext4", @@ -666,7 +664,7 @@ vm_disk_lvm = [ }, { name = "lv_var_log", - size = 1000, + size = 4096, format = { label = "VARLOGFS", fstype = "ext4", @@ -692,17 +690,80 @@ vm_disk_lvm = [ } ] ``` +
+## Packer Machine Image Builds + +Edit the `*.auto.pkrvars.hcl` file in each `builds//` directory to configure the following virtual machine hardware settings, as required: + +- CPUs `(int)` +- CPU Cores `(int)` +- Memory in MB `(int)` +- Primary Disk in MB `(string)` (e.g. 32GB) +- .iso Path `(string)` +- .iso File `(string)` + +```hcl title="builds/linux/debian/11/linux-debian.auto.pkrvars.hcl" +// Guest Operating System Metadata +vm_os_language = "en_US" +vm_os_keyboard = "us" +vm_os_timezone = "UTC" +vm_os_family = "linux" +vm_os_name = "ubuntu" +vm_os_version = "22.04-lts" + +// Virtual Machine Guest Operating System Setting +vm_os_type = "l26" +vm_cloudinit = true + +// Virtual Machine Hardware Settings +vm_bios = "ovmf" +vm_cpu_count = 1 +vm_cpu_sockets = 1 +vm_cpu_type = "kvm64" +vm_mem_size = 2048 +vm_disk_type = "virtio" +vm_disk_size = "32G" +vm_disk_format = "raw" +vm_disk_controller_type = "virtio-scsi-pci" +vm_network_card_model = "virtio" + +// Removable Media Settings +iso_path = "iso" +iso_file = "ubuntu-22.04-live-server-amd64.iso" +// The checksum can be a URL or an actual checksum value. URL is preferred +iso_checksum = "file:https://releases.ubuntu.com/jammy/SHA256SUMS" + +// Boot Settings +vm_boot = "order=virtio0;ide2;net0" +vm_boot_wait = "5s" + +// EFI Settings +vm_firmware_path = "./OVMF.fd" +``` + +> **Note** +> +> All `variables.auto.pkrvars.hcl` default to using: +> - VirtIO SCSI storage device +> - VirtIO (paravirtualized) network card device +> - BIOS boot firmware + +The defaults use VirtIO to balance out performance, compatibility, and ease of use. Feel free to change the storage and network controllers to suit your needs. However, if you change the storage or network controllers and run into issues you should change them back to defaults and try the builds again. I won't support any builds that don't use the VirtIO drivers. + +Both UEFI and BIOS booting are supported for builds. Inside the `*.auto.pkrvars.hcl` file specific to the build, you can set the `vm_bios` variable to either `seabios` for BIOS or `ovmf` for UEFI booting. The storage layouts are different for each bootloader type so you'll need to configure the storage layouts accordingly. + +If you are interested in more detail - when I first started testing these packer builds in my home lab I was using `ovmf` (UEFI) firmware. During my initial testing the ZFS pool where I housed my VMs cratered and I had to rebuild the pool and restore all my VMs from backups. During the recovery of my storage pool, I changed over to LVM and had to migrate VMs between storage pools several times and each VM that had EFI disks had to be shutdown, migrated, and then powered on. Offline migration isn't *that* much of an inconvenience, however at the time I was trying to figure out my VM storage and recover all my VMs it was just one more annoyance. All that said, I think Proxmox should support live migration regardless of VM firmware type. Maybe this will be addressed in a future release of Proxmox? + +### Cloud-Init +All builds for operating systems that support [cloud-init][cloud-init] now have the option to enable it. This can be done on a per-build basis inside the `*.auto.pkrvars.hcl` files in the `builds/linux///` directory. The default setting is `true`. + +If a particular linux distribution ships with cloud-init (e.g. Ubuntu) and cloud-init is set to `false` in the `*.auto.pkrvars.hcl` packer file for the build, then cloud-init will be disabled in the operating system **and** within Proxmox for that specific template. + # Known Issues -## CentOS Stream 8 -- Anaconda will stop the install with a message complaining about not enough disk space. This is a known issue with kickstart on RHEL 8, however none of the fixes that have been tried have worked. If you want to build a CentOS-Stream-8 template, you will need to access the console of the machine and simply ignore the warning and continue the installation. -- OpenSUSE does not support custom storage layouts at this time. This is planned for a future release - # Unsupported Features -- UEFI firmware -- Networking configurations other than DHCP for templates # Contributing Contributions are welcome, please read the [CONTRIBUTING](.github/CONTRIBUTING.md) document for more details. @@ -714,6 +775,7 @@ The repository is modeled after the [VMware Packer Examples][packer-examples-for [//]: Links [ansible]: https://www.ansible.com [ansible-core]: https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#selecting-an-ansible-package-and-version-to-install +[cloud-init]: https://cloud-init.io/ [packer]: https://www.packer.io [packer-examples-for-vsphere]: https://github.com/vmware-samples/packer-examples-for-vsphere [packer-install]: https://developer.hashicorp.com/packer/tutorials/docker-get-started/get-started-install-cli