diff --git a/.gitignore b/.gitignore index d599a62..19a7483 100644 --- a/.gitignore +++ b/.gitignore @@ -4,6 +4,8 @@ *.tar *.bz2 .env +*.retry packer/assets/id_rsa_qemu* packer/assets/packer_cache/ +packer/assets/output_gentoo_qcow2/ diff --git a/Makefile b/Makefile index 09f8d3e..26d2e9d 100644 --- a/Makefile +++ b/Makefile @@ -1,13 +1,13 @@ .PHONY: up -up: ssh +up: packer/assets/id_rsa_qemu docker-compose up --build -d exec: docker-compose exec gentoo_packer bash -ssh: packer/assets/id_rsa_qemu packer/assets/id_rsa_qemu.pub - @if [ ! -f $< ]; then \ - ssh-keygen -a 100 -C antoinroux@hotmail.fr -t ed25519 -N "" -b 2048 -q -f $<; \ +packer/assets/id_rsa_qemu: + @if [ ! -f "$@" ]; then \ + ssh-keygen -a 100 -C antoinroux@hotmail.fr -t ed25519 -N "" -b 2048 -q -f $@; \ fi diff --git a/docker-compose.yml b/docker-compose.yml index dce2eee..e507dec 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -16,7 +16,7 @@ services: - "./packer/assets:/packer/" network_mode: "host" #ports: - # - "5959:5959" + # - "5900:5900/udp" # - "2222:2229" - # - "8888:10082" + # - "10082:10082" diff --git a/.env.sample b/env.sample similarity index 100% rename from .env.sample rename to env.sample diff --git a/packer/Dockerfile b/packer/Dockerfile index 18b842c..6273013 100644 --- a/packer/Dockerfile +++ b/packer/Dockerfile @@ -10,7 +10,7 @@ ARG GROUP=packer WORKDIR /packer RUN apk add --update qemu qemu-system-x86_64 qemu-img \ - vim htop util-linux gzip sysfsutils openssh-client openssh-keygen sudo + vim htop util-linux gzip sysfsutils openssh-client openssh-keygen sudo ansible RUN addgroup -g 1000 "${GROUP}" && \ adduser -u 1000 -D -G "${GROUP}" "${USER}" && \ diff --git a/packer/assets/ansible/playbook.yml b/packer/assets/ansible/playbook.yml new file mode 100644 index 0000000..50c68ed --- /dev/null +++ b/packer/assets/ansible/playbook.yml @@ -0,0 +1,17 @@ +--- +# file: playbook.yml + +- hosts: default + become: true + become_method: su + pre_tasks: + - name: "check ansible required param" + assert: + that: + - ssh_pub is defined + - generated_user is defined + - generated_group is defined + fail_msg: "Pass param ssh_pub, generated_user and generated_group to launch this playbook" + roles: + - prepare + diff --git a/packer/assets/ansible/roles/prepare/tasks/main.yml b/packer/assets/ansible/roles/prepare/tasks/main.yml new file mode 100644 index 0000000..ee7427d --- /dev/null +++ b/packer/assets/ansible/roles/prepare/tasks/main.yml @@ -0,0 +1,8 @@ +--- +# prepare gentoo iso to setup gentoo + +- name: "Check if remote had network connection" + shell: "ping -c 3 www.google.fr" + register: ping_res + failed_when: ping_res.rc != 0 + diff --git a/packer/assets/ansible/roles/prepare/vars/main.yml b/packer/assets/ansible/roles/prepare/vars/main.yml new file mode 100644 index 0000000..acd035e --- /dev/null +++ b/packer/assets/ansible/roles/prepare/vars/main.yml @@ -0,0 +1,7 @@ +--- +# ssh variable + + +generated_user: "{{ ansible_user }}" +generated_group: "" +user_home: "{% if generated_user == 'root' %} /root {% else %} /home/{{ generated_user }} {% endif %}" diff --git a/packer/assets/ansible/roles/setup/tasks/main.yml b/packer/assets/ansible/roles/setup/tasks/main.yml new file mode 100644 index 0000000..376ce12 --- /dev/null +++ b/packer/assets/ansible/roles/setup/tasks/main.yml @@ -0,0 +1,29 @@ +--- +# setup gentoo + +- name: "Ensure group {{ generated_group }} exists" + group: + name: "{{ generated_group }}" + +- name: "create {{ generated_user }} user and {{ generated_group }} group" + user: + name: "{{ generated_user }}" + comment: "Login user generate by ansible" + group: "{{ generated_group }}" + +- name: "copy ssh key to {{ user_home }}/.ssh/authorized_keys" + lineinfile: + path: "{{ user_home }}/.ssh/authorized_keys" + line: "{{ ssh_pub }}" + create: yes + owner: "{{ generated_user }}" + group: "{{ generated_user }}" + mode: '0600' + +- name: Ensure SELinux is set to permissive mode + lineinfile: + path: /etc/selinux/config + regexp: '^SELINUX=' + line: SELINUX=permissive + + diff --git a/packer/assets/ansible/roles/setup/vars/main.yml b/packer/assets/ansible/roles/setup/vars/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/packer/assets/gentoo.json b/packer/assets/gentoo.json index 1c60b6b..dab4bef 100644 --- a/packer/assets/gentoo.json +++ b/packer/assets/gentoo.json @@ -11,13 +11,16 @@ ], "memory": "1024", "cpus": "2", - "disk_interface": "virtio", - "disk_size": "5000M", - "disk_image": "true", "use_backing_file": "true", "format": "qcow2", "net_device": "virtio-net", + "disk_interface": "virtio", + "disk_size": "80g", + "disk_image": "true", + "disk_compression": "true", + "disk_additional_size": [], + "iso_urls": [ "/packer/install-amd64-minimal-{{user `version`}}.iso", "http://distfiles.gentoo.org/releases/amd64/autobuilds/{{user `version`}}/install-amd64-minimal-{{user `version`}}.iso" @@ -25,7 +28,7 @@ "iso_checksum_url": "http://distfiles.gentoo.org/releases/amd64/autobuilds/{{user `version`}}/install-amd64-minimal-{{user `version`}}.iso.DIGESTS.asc", "iso_checksum_type": "file", - "vm_name": "gentoo_packer", + "vm_name": "gentoo_packer.qcow2", "output_directory": "output_gentoo_qcow2", "http_directory": "/packer/httpdir", @@ -79,23 +82,19 @@ "provisioners": [ { - "type": "file", - "source": "/packer/id_rsa_qemu.pub", - "destination": "/root/.ssh/authorized_keys" - }, - { - "type": "shell", - "inline": [ - "chown root:root /root/.ssh/authorized_keys", - "chmod 600 /root/.ssh/authorized_keys", - "sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config", - "echo package_upgrade: true >>/etc/cloud/cloud.cfg" - ] + "type": "ansible", + "playbook_file": "/packer/ansible/playbook.yml", + "extra_arguments": [ "--extra-vars", "ssh_pub={{user `ssh_pub_key`}} generated_user={{user `generated_user`}} generated_group={{user `generated_group`}}" ], + "groups": "default", + "user": "root" } ], "variables": { "ssh_username": "root", "ssh_password": "CHANGEME", + "ssh_pub_key": "", + "generated_user": "antoine", + "generated_group": "antoine", "version": "20200205T214502Z" } } diff --git a/packer/assets/gentoo_save.json b/packer/assets/httpdir/gentoo_save.json similarity index 91% rename from packer/assets/gentoo_save.json rename to packer/assets/httpdir/gentoo_save.json index 87b783e..99d65b9 100644 --- a/packer/assets/gentoo_save.json +++ b/packer/assets/httpdir/gentoo_save.json @@ -123,6 +123,20 @@ "sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config", "echo package_upgrade: true >>/etc/cloud/cloud.cfg" ] + }, + { + "type": "file", + "source": "/packer/id_rsa_qemu.pub", + "destination": "/root/.ssh/authorized_keys" + }, + { + "type": "shell", + "inline": [ + "chown root:root /root/.ssh/authorized_keys", + "chmod 600 /root/.ssh/authorized_keys", + "sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config", + "echo package_upgrade: true >>/etc/cloud/cloud.cfg" + ] } ] } diff --git a/packer/assets/run-packer.sh b/packer/assets/run-packer.sh index 9a9fa4a..77b82f4 100755 --- a/packer/assets/run-packer.sh +++ b/packer/assets/run-packer.sh @@ -3,9 +3,12 @@ #packer build --only=qemu --var outfile=boxen/gentoo-minimal-hyperv.box --var headless=true --var hyperv_switchname=Ethernet gentoo-minimal.json +SSH_PUB=$(cat ./id_rsa_qemu.pub) export PACKER_LOG=1; packer build --only=qemu \ -var version="20200205T214502Z" \ -var ssh_username="root" \ -var ssh_password="toor" \ + -var ssh_pub_key="$SSH_PUB" \ + -force \ /packer/gentoo.json diff --git a/test.sh b/test.sh new file mode 100755 index 0000000..f2df4b9 --- /dev/null +++ b/test.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +qemu-system-x86_64 -cdrom ./packer/assets/install-amd64-minimal-20200205T214502Z.iso -boot order=b -m 1024 -smp cpus=1,cores=4