ansible debian post instalation setup

This commit is contained in:
Antoine 2020-11-13 04:02:41 +01:00
父節點 b87e28b77e
當前提交 37743f6637
簽署人: antoine
GPG Key ID: 098FB66FC0475E70
共有 15 個文件被更改,包括 149 次插入47 次删除

1
.gitignore vendored
查看文件

@ -3,6 +3,7 @@
*.iso
*.tar
*.bz2
*.qcow2
.env
*.retry

查看文件

@ -4,9 +4,6 @@ services:
gentoo_packer:
image: ${REGISTRY_URL}/${IMAGE_NAME}:${VERSION}
privileged: true
volumes:
- "./image/assets:/packer"
- "./image/cache:/packer-cache"
network_mode: "host"
environment:
- SOURCE_NAME=qemu.gentoo
@ -16,6 +13,9 @@ services:
- ANSIBLE_PLAYBOOK=/packer/ansible/playbook-gentoo.yml
- ISO_CHECKSUM=file:http://distfiles.gentoo.org/releases/amd64/autobuilds/current-install-amd64-minimal/install-amd64-minimal-20201111T214503Z.iso.DIGESTS
- ISO_URL=http://distfiles.gentoo.org/releases/amd64/autobuilds/current-install-amd64-minimal/install-amd64-minimal-20201111T214503Z.iso
volumes:
- "./image/assets:/packer"
- "./image/cache:/packer-cache"
#ports:
# - "5900:5900/udp"
# - "2222:2229"
@ -24,9 +24,6 @@ services:
debian_packer:
image: ${REGISTRY_URL}/${IMAGE_NAME}:${VERSION}
privileged: true
volumes:
- "./image/assets:/packer"
- "./image/cache:/packer-cache"
network_mode: "host"
environment:
- SOURCE_NAME=qemu.debian
@ -36,6 +33,9 @@ services:
- ANSIBLE_PLAYBOOK=/packer/ansible/playbook-debian.yml
- ISO_CHECKSUM=file:https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/SHA512SUMS
- ISO_URL=https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-10.6.0-amd64-netinst.iso
volumes:
- "./image/assets:/packer"
- "./image/cache:/packer-cache"
#ports:
# - "5900:5900/udp"
# - "2222:2229"

查看文件

@ -1,8 +1,7 @@
---
# file: playbook-debian.yml
- hosts: localhost
become: true
- hosts: default
pre_tasks:
- name: "check ansible required param"
assert:
@ -12,6 +11,15 @@
- generated_group is defined
fail_msg: "Pass param ssh_pub, generated_user and generated_group to launch this playbook"
roles:
- geerlingguy.docker
docker_users:
- debian
- role: debian-init
- role: create-user
vars:
ssh_public_key: "{{ ssh_pub }}"
user_name: "{{ generated_user }}"
group_name: "{{ generated_group }}"
- role: geerlingguy.docker
become: yes
vars:
docker_users:
- "{{ generated_user }}"
- debian

查看文件

@ -0,0 +1,3 @@
user_name: "default"
group_name: "default"
ssh_public_key: ""

查看文件

@ -0,0 +1,35 @@
---
# create user and group
- name: "Ensure group {{ group_name }} exists"
become: yes
group:
name: "{{ group_name }}"
- name: "create {{ user_name }} user and {{ group_name }} group"
become: yes
user:
name: "{{ user_name }}"
comment: "Login user generate by ansible"
groups:
- debian
- "{{ group_name }}"
- name: "create directory .ssh for public key"
become: yes
file:
path: "/home/{{ user_name }}/.ssh"
owner: "{{ user_name }}"
group: "{{ group_name }}"
state: directory
mode: '0755'
when: ssh_public_key is defined and ssh_public_key != ""
- name: "setup ssh key"
become: yes
copy:
content: "{{ ssh_public_key }}"
dest: "/home/{{ user_name }}/.ssh/authorized_keys"
owner: "{{ user_name }}"
group: "{{ group_name }}"
when: ssh_public_key is defined and ssh_public_key != ""

查看文件

@ -0,0 +1,12 @@
grub_file: "/etc/default/grub"
grub_timeout: 1
network_config:
src: "interfaces.j2"
dest: "/etc/network/interfaces"
nic_name: "ens4"
initial_package:
- vim
- lsb-release

查看文件

@ -0,0 +1,18 @@
- name: "Update grub"
become: yes
shell: "update-grub"
- name: "Restart networking"
become: yes
service:
name: networking
state: restarted
daemon_reload: yes
- name: Start qemu-guest service
become: yes
service:
name: qemu-guest-agent
state: started
enabled: yes
when: '"qemu-guest-agent" in initial_package'

查看文件

@ -0,0 +1,30 @@
- name: "set grub timeout"
become: yes
lineinfile:
dest: "{{ grub_file }}"
line: GRUB_TIMEOUT="{{ grub_timeout }}"
regexp: '^GRUB_TIMEOUT="'
notify:
- Update grub
- name: "setup network"
become: yes
template:
src: "{{ network_config.src }}"
dest: "{{ network_config.dest }}"
owner: root
group: root
mode: '0644'
notify:
- Restart networking
- name: "flush all notified handler"
meta: flush_handlers
- name: "setup initial package"
become: yes
package:
name: "{{ initial_package }}"
update_cache: yes
state: present
notify: Start qemu-guest service

查看文件

@ -0,0 +1,12 @@
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto {{ network_config.nic_name }}
allow-hotplug {{ network_config.nic_name }}
iface {{ network_config.nic_name }} inet dhcp

查看文件

@ -5,6 +5,5 @@
- import_tasks: mount.yml
- import_tasks: os.yml
- import_tasks: configure.yml
#- import_tasks: users.yml
#- import_tasks: security.yml

查看文件

@ -1,13 +0,0 @@
---
# create user and group
- name: "Ensure group {{ generated_group }} exists"
group:
name: "{{ generated_group }}"
- name: "create {{ generated_user }} user and {{ generated_group }} group"
user:
name: "{{ generated_user }}"
comment: "Login user generate by ansible"
group: "{{ generated_group }}"

查看文件

@ -2,14 +2,14 @@
locals { timestamp = regex_replace(timestamp(), "[- TZ:]", "") }
build {
sources = ["source.qemu.gentoo", "source.qemu.debian"]
sources = ["source.qemu.gentoo", "source.qemu.debian"]
provisioner "ansible" {
ansible_env_vars = ["ANSIBLE_CONFIG=/packer/ansible/ansible.cfg"]
extra_arguments = ["--extra-vars", "${var.ansible_extra_vars}"]
groups = ["default"]
extra_arguments = ["--extra-vars", "${var.ansible_extra_vars} ansible_python_interpreter=/usr/bin/python3", "-vv"]
groups = ["all"]
playbook_file = "${var.ansible_provisioning_playbook}"
user = "root"
user = "${var.ssh_username}"
galaxy_file = "/packer/ansible/requirements.yml"
}
}

查看文件

@ -4,8 +4,8 @@ source "qemu" "debian" {
boot_command = [
"<down><tab>", # non-graphical install
"preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg ",
"language=en locale=en_US.UTF-8 ",
"country=FR keymap=fr ",
"language=fr locale=fr_FR.UTF-8 ",
"country=FR keymap=fr(latin9) ",
"hostname=packer domain=test ", # Should be overriden after DHCP, if available
"<enter><wait>",
]
@ -27,14 +27,14 @@ source "qemu" "debian" {
host_port_max = 2229
iso_checksum = "${var.iso_checksum}"
iso_url = "${var.iso_url}"
memory = "1024"
memory = 2048
net_device = "virtio-net"
output_directory = "output_qcow2"
qemuargs = [
["-boot", "b"],
["-device", "virtio-rng-pci"]
]
shutdown_command = "/sbin/shutdown -hP now"
shutdown_command = "sudo /sbin/shutdown -hP now"
ssh_password = "${var.ssh_password}"
ssh_username = "${var.ssh_username}"
ssh_wait_timeout = "900m"

查看文件

@ -1,20 +1,19 @@
d-i partman/early_command \
string debconf-set partman-auto/disk "$(list-devices disk | head -n1)"
#### Contents of the preconfiguration file (for stretch)
#### Contents of the preconfiguration file (for buster)
### Localization
# Preseeding only locale sets language, country and locale.
d-i debian-installer/locale string fr_FR.UTF-8
# The values can also be preseeded individually for greater flexibility.
#d-i debian-installer/language string en
#d-i debian-installer/country string NL
#d-i debian-installer/locale string en_GB.UTF-8
# d-i debian-installer/language string fr
# d-i debian-installer/country string FR
# Optionally specify additional locales to be generated.
d-i localechooser/supported-locales multiselect fr_FR.UTF-8, en_US.UTF-8
# Keyboard selection.
d-i keyboard-configuration/xkb-keymap select fr
d-i keyboard-configuration/xkb-keymap select fr(latin9)
# d-i keyboard-configuration/toggle select No toggling
### Network configuration
@ -28,7 +27,7 @@ d-i keyboard-configuration/xkb-keymap select fr
d-i netcfg/choose_interface select auto
# To pick a particular interface instead:
#d-i netcfg/choose_interface select eth1
# d-i netcfg/choose_interface select ens3
# To set a different link detection timeout (default is 3 seconds).
# Values are interpreted as seconds.
@ -97,9 +96,9 @@ d-i netcfg/wireless_wep string
### Mirror settings
# If you select ftp, the mirror/country string does not need to be set.
#d-i mirror/protocol string https
#d-i mirror/protocol string ftp
d-i mirror/country string manual
d-i mirror/http/hostname string deb.debian.org
d-i mirror/http/hostname string http.us.debian.org
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string
@ -227,7 +226,6 @@ d-i partman/mount_style select traditional
# Configure APT to not install recommended packages by default. Use of this
# option can result in an incomplete system and should only be used by very
# experienced users.
#d-i base-installer/install-recommends boolean false
d-i base-installer/install-recommends boolean false
# The kernel image (meta) package to be installed; "none" can be used if no
@ -278,7 +276,7 @@ tasksel tasksel/first multiselect SSH server
# We need at least these to continue the preseeding later on.
# Provide also haveged so we (hopefully) have more entropy when our VM starts
# for the first time.
d-i pkgsel/include string haveged openssh-server sudo
d-i pkgsel/include string haveged openssh-server sudo python3
# Whether to upgrade packages after debootstrap.
# Allowed values: none, safe-upgrade, full-upgrade
@ -289,7 +287,6 @@ d-i pkgsel/upgrade select full-upgrade
# installed, and what software you use. The default is not to report back,
# but sending reports helps the project determine what software is most
# popular and include it on CDs.
#popularity-contest popularity-contest/participate boolean false
popularity-contest popularity-contest/participate boolean false
### Boot loader installation

查看文件

@ -1,7 +1,7 @@
#!/bin/bash
# pass debian or gentoo as first parameter
if [ "$#" -lt 2 ]; then
if [ "$#" -lt 1 ]; then
exit 1
fi
@ -10,6 +10,6 @@ qemu-system-x86_64 \
-boot order=d -m 1024 \
-smp cpus=1,sockets=2,maxcpus=2 \
-drive "file=./image/assets/output_qcow2/$1_packer.qcow2,format=qcow2,index=1" \
-device virtio-net,netdev=user.0 \
-netdev user,id=user.0,hostfwd=tcp::5556-:22
-net nic,model=virtio \
-net user,hostfwd=tcp::5556-:22