Browse Source

ansible debian post instalation setup

master
Antoine 5 months ago
parent
commit
37743f6637
Signed by: antoine <antoinroux@hotmail.fr> GPG Key ID: 098FB66FC0475E70
15 changed files with 149 additions and 47 deletions
  1. +1
    -0
      .gitignore
  2. +6
    -6
      docker-compose.yml
  3. +13
    -5
      image/assets/ansible/playbook-debian.yml
  4. +3
    -0
      image/assets/ansible/roles/create-user/defaults/main.yml
  5. +35
    -0
      image/assets/ansible/roles/create-user/tasks/main.yml
  6. +12
    -0
      image/assets/ansible/roles/debian-init/defaults/main.yml
  7. +18
    -0
      image/assets/ansible/roles/debian-init/handlers/main.yml
  8. +30
    -0
      image/assets/ansible/roles/debian-init/tasks/main.yml
  9. +12
    -0
      image/assets/ansible/roles/debian-init/templates/interfaces.j2
  10. +0
    -1
      image/assets/ansible/roles/setup/tasks/main.yml
  11. +0
    -13
      image/assets/ansible/roles/setup/tasks/users.yml
  12. +4
    -4
      image/assets/hcl/builder.pkr.hcl
  13. +4
    -4
      image/assets/hcl/source-debian.pkr.hcl
  14. +8
    -11
      image/assets/httpdir/preseed.cfg
  15. +3
    -3
      run-image.sh

+ 1
- 0
.gitignore View File

@@ -3,6 +3,7 @@
*.iso
*.tar
*.bz2
*.qcow2
.env
*.retry



+ 6
- 6
docker-compose.yml View File

@@ -4,9 +4,6 @@ services:
gentoo_packer:
image: ${REGISTRY_URL}/${IMAGE_NAME}:${VERSION}
privileged: true
volumes:
- "./image/assets:/packer"
- "./image/cache:/packer-cache"
network_mode: "host"
environment:
- SOURCE_NAME=qemu.gentoo
@@ -16,6 +13,9 @@ services:
- ANSIBLE_PLAYBOOK=/packer/ansible/playbook-gentoo.yml
- ISO_CHECKSUM=file:http://distfiles.gentoo.org/releases/amd64/autobuilds/current-install-amd64-minimal/install-amd64-minimal-20201111T214503Z.iso.DIGESTS
- ISO_URL=http://distfiles.gentoo.org/releases/amd64/autobuilds/current-install-amd64-minimal/install-amd64-minimal-20201111T214503Z.iso
volumes:
- "./image/assets:/packer"
- "./image/cache:/packer-cache"
#ports:
# - "5900:5900/udp"
# - "2222:2229"
@@ -24,9 +24,6 @@ services:
debian_packer:
image: ${REGISTRY_URL}/${IMAGE_NAME}:${VERSION}
privileged: true
volumes:
- "./image/assets:/packer"
- "./image/cache:/packer-cache"
network_mode: "host"
environment:
- SOURCE_NAME=qemu.debian
@@ -36,6 +33,9 @@ services:
- ANSIBLE_PLAYBOOK=/packer/ansible/playbook-debian.yml
- ISO_CHECKSUM=file:https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/SHA512SUMS
- ISO_URL=https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-10.6.0-amd64-netinst.iso
volumes:
- "./image/assets:/packer"
- "./image/cache:/packer-cache"
#ports:
# - "5900:5900/udp"
# - "2222:2229"


+ 13
- 5
image/assets/ansible/playbook-debian.yml View File

@@ -1,8 +1,7 @@
---
# file: playbook-debian.yml

- hosts: localhost
become: true
- hosts: default
pre_tasks:
- name: "check ansible required param"
assert:
@@ -12,6 +11,15 @@
- generated_group is defined
fail_msg: "Pass param ssh_pub, generated_user and generated_group to launch this playbook"
roles:
- geerlingguy.docker
docker_users:
- debian
- role: debian-init
- role: create-user
vars:
ssh_public_key: "{{ ssh_pub }}"
user_name: "{{ generated_user }}"
group_name: "{{ generated_group }}"
- role: geerlingguy.docker
become: yes
vars:
docker_users:
- "{{ generated_user }}"
- debian

+ 3
- 0
image/assets/ansible/roles/create-user/defaults/main.yml View File

@@ -0,0 +1,3 @@
user_name: "default"
group_name: "default"
ssh_public_key: ""

+ 35
- 0
image/assets/ansible/roles/create-user/tasks/main.yml View File

@@ -0,0 +1,35 @@
---
# create user and group

- name: "Ensure group {{ group_name }} exists"
become: yes
group:
name: "{{ group_name }}"

- name: "create {{ user_name }} user and {{ group_name }} group"
become: yes
user:
name: "{{ user_name }}"
comment: "Login user generate by ansible"
groups:
- debian
- "{{ group_name }}"

- name: "create directory .ssh for public key"
become: yes
file:
path: "/home/{{ user_name }}/.ssh"
owner: "{{ user_name }}"
group: "{{ group_name }}"
state: directory
mode: '0755'
when: ssh_public_key is defined and ssh_public_key != ""

- name: "setup ssh key"
become: yes
copy:
content: "{{ ssh_public_key }}"
dest: "/home/{{ user_name }}/.ssh/authorized_keys"
owner: "{{ user_name }}"
group: "{{ group_name }}"
when: ssh_public_key is defined and ssh_public_key != ""

+ 12
- 0
image/assets/ansible/roles/debian-init/defaults/main.yml View File

@@ -0,0 +1,12 @@

grub_file: "/etc/default/grub"
grub_timeout: 1

network_config:
src: "interfaces.j2"
dest: "/etc/network/interfaces"
nic_name: "ens4"

initial_package:
- vim
- lsb-release

+ 18
- 0
image/assets/ansible/roles/debian-init/handlers/main.yml View File

@@ -0,0 +1,18 @@
- name: "Update grub"
become: yes
shell: "update-grub"

- name: "Restart networking"
become: yes
service:
name: networking
state: restarted
daemon_reload: yes

- name: Start qemu-guest service
become: yes
service:
name: qemu-guest-agent
state: started
enabled: yes
when: '"qemu-guest-agent" in initial_package'

+ 30
- 0
image/assets/ansible/roles/debian-init/tasks/main.yml View File

@@ -0,0 +1,30 @@
- name: "set grub timeout"
become: yes
lineinfile:
dest: "{{ grub_file }}"
line: GRUB_TIMEOUT="{{ grub_timeout }}"
regexp: '^GRUB_TIMEOUT="'
notify:
- Update grub

- name: "setup network"
become: yes
template:
src: "{{ network_config.src }}"
dest: "{{ network_config.dest }}"
owner: root
group: root
mode: '0644'
notify:
- Restart networking

- name: "flush all notified handler"
meta: flush_handlers

- name: "setup initial package"
become: yes
package:
name: "{{ initial_package }}"
update_cache: yes
state: present
notify: Start qemu-guest service

+ 12
- 0
image/assets/ansible/roles/debian-init/templates/interfaces.j2 View File

@@ -0,0 +1,12 @@
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto {{ network_config.nic_name }}
allow-hotplug {{ network_config.nic_name }}
iface {{ network_config.nic_name }} inet dhcp

+ 0
- 1
image/assets/ansible/roles/setup/tasks/main.yml View File

@@ -5,6 +5,5 @@
- import_tasks: mount.yml
- import_tasks: os.yml
- import_tasks: configure.yml
#- import_tasks: users.yml
#- import_tasks: security.yml


+ 0
- 13
image/assets/ansible/roles/setup/tasks/users.yml View File

@@ -1,13 +0,0 @@
---
# create user and group

- name: "Ensure group {{ generated_group }} exists"
group:
name: "{{ generated_group }}"

- name: "create {{ generated_user }} user and {{ generated_group }} group"
user:
name: "{{ generated_user }}"
comment: "Login user generate by ansible"
group: "{{ generated_group }}"


+ 4
- 4
image/assets/hcl/builder.pkr.hcl View File

@@ -2,14 +2,14 @@
locals { timestamp = regex_replace(timestamp(), "[- TZ:]", "") }

build {
sources = ["source.qemu.gentoo", "source.qemu.debian"]
sources = ["source.qemu.gentoo", "source.qemu.debian"]

provisioner "ansible" {
ansible_env_vars = ["ANSIBLE_CONFIG=/packer/ansible/ansible.cfg"]
extra_arguments = ["--extra-vars", "${var.ansible_extra_vars}"]
groups = ["default"]
extra_arguments = ["--extra-vars", "${var.ansible_extra_vars} ansible_python_interpreter=/usr/bin/python3", "-vv"]
groups = ["all"]
playbook_file = "${var.ansible_provisioning_playbook}"
user = "root"
user = "${var.ssh_username}"
galaxy_file = "/packer/ansible/requirements.yml"
}
}

+ 4
- 4
image/assets/hcl/source-debian.pkr.hcl View File

@@ -4,8 +4,8 @@ source "qemu" "debian" {
boot_command = [
"<down><tab>", # non-graphical install
"preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg ",
"language=en locale=en_US.UTF-8 ",
"country=FR keymap=fr ",
"language=fr locale=fr_FR.UTF-8 ",
"country=FR keymap=fr(latin9) ",
"hostname=packer domain=test ", # Should be overriden after DHCP, if available
"<enter><wait>",
]
@@ -27,14 +27,14 @@ source "qemu" "debian" {
host_port_max = 2229
iso_checksum = "${var.iso_checksum}"
iso_url = "${var.iso_url}"
memory = "1024"
memory = 2048
net_device = "virtio-net"
output_directory = "output_qcow2"
qemuargs = [
["-boot", "b"],
["-device", "virtio-rng-pci"]
]
shutdown_command = "/sbin/shutdown -hP now"
shutdown_command = "sudo /sbin/shutdown -hP now"
ssh_password = "${var.ssh_password}"
ssh_username = "${var.ssh_username}"
ssh_wait_timeout = "900m"


+ 8
- 11
image/assets/httpdir/preseed.cfg View File

@@ -1,20 +1,19 @@
d-i partman/early_command \
string debconf-set partman-auto/disk "$(list-devices disk | head -n1)"

#### Contents of the preconfiguration file (for stretch)
#### Contents of the preconfiguration file (for buster)
### Localization
# Preseeding only locale sets language, country and locale.
d-i debian-installer/locale string fr_FR.UTF-8

# The values can also be preseeded individually for greater flexibility.
#d-i debian-installer/language string en
#d-i debian-installer/country string NL
#d-i debian-installer/locale string en_GB.UTF-8
# d-i debian-installer/language string fr
# d-i debian-installer/country string FR
# Optionally specify additional locales to be generated.
d-i localechooser/supported-locales multiselect fr_FR.UTF-8, en_US.UTF-8

# Keyboard selection.
d-i keyboard-configuration/xkb-keymap select fr
d-i keyboard-configuration/xkb-keymap select fr(latin9)
# d-i keyboard-configuration/toggle select No toggling

### Network configuration
@@ -28,7 +27,7 @@ d-i keyboard-configuration/xkb-keymap select fr
d-i netcfg/choose_interface select auto

# To pick a particular interface instead:
#d-i netcfg/choose_interface select eth1
# d-i netcfg/choose_interface select ens3

# To set a different link detection timeout (default is 3 seconds).
# Values are interpreted as seconds.
@@ -97,9 +96,9 @@ d-i netcfg/wireless_wep string

### Mirror settings
# If you select ftp, the mirror/country string does not need to be set.
#d-i mirror/protocol string https
#d-i mirror/protocol string ftp
d-i mirror/country string manual
d-i mirror/http/hostname string deb.debian.org
d-i mirror/http/hostname string http.us.debian.org
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string

@@ -227,7 +226,6 @@ d-i partman/mount_style select traditional
# Configure APT to not install recommended packages by default. Use of this
# option can result in an incomplete system and should only be used by very
# experienced users.
#d-i base-installer/install-recommends boolean false
d-i base-installer/install-recommends boolean false

# The kernel image (meta) package to be installed; "none" can be used if no
@@ -278,7 +276,7 @@ tasksel tasksel/first multiselect SSH server
# We need at least these to continue the preseeding later on.
# Provide also haveged so we (hopefully) have more entropy when our VM starts
# for the first time.
d-i pkgsel/include string haveged openssh-server sudo
d-i pkgsel/include string haveged openssh-server sudo python3

# Whether to upgrade packages after debootstrap.
# Allowed values: none, safe-upgrade, full-upgrade
@@ -289,7 +287,6 @@ d-i pkgsel/upgrade select full-upgrade
# installed, and what software you use. The default is not to report back,
# but sending reports helps the project determine what software is most
# popular and include it on CDs.
#popularity-contest popularity-contest/participate boolean false
popularity-contest popularity-contest/participate boolean false

### Boot loader installation


+ 3
- 3
run-image.sh View File

@@ -1,7 +1,7 @@
#!/bin/bash

# pass debian or gentoo as first parameter
if [ "$#" -lt 2 ]; then
if [ "$#" -lt 1 ]; then
exit 1
fi

@@ -10,6 +10,6 @@ qemu-system-x86_64 \
-boot order=d -m 1024 \
-smp cpus=1,sockets=2,maxcpus=2 \
-drive "file=./image/assets/output_qcow2/$1_packer.qcow2,format=qcow2,index=1" \
-device virtio-net,netdev=user.0 \
-netdev user,id=user.0,hostfwd=tcp::5556-:22
-net nic,model=virtio \
-net user,hostfwd=tcp::5556-:22


Loading…
Cancel
Save