Finished packer scripts for Debian 12

2024-09-20 16:32:19 +03:00 · 2024-09-20 16:32:19 +03:00 · 2c2770b4e1
commit 2c2770b4e1
parent dee4f1a22b
7 changed files with 188 additions and 30 deletions
--- a/packer/linux/README.md
+++ b/packer/linux/README.md
@ -9,4 +9,5 @@ For secrets and cred vars create $HOME/.secret/.packer/vcsrv-creds.pkrvars.hcl<b

 `connection_username = "root"`<br/>
 `connection_password = "XXXXXXXX"`<br/>
+`ssh_private_key_file = "/root/.ssh/XXXXXXX_ansible"`<br/>
 <br/>
--- a/packer/linux/build-debian-12-amd64.sh
+++ b/packer/linux/build-debian-12-amd64.sh
@ -1,18 +1,16 @@
 #!/bin/bash

-# => For logs:
-#export PACKER_LOG_PATH=./build-debian-12-amd64.log
-export PACKER_LOG=1
-
-
 packer="/usr/bin/packer"

+# => For logs:
+#export PACKER_LOG_PATH=./build-debian-12-amd64.log
+export PACKER_LOG=0
+
 creds_vars_file="$HOME/.secret/.packer/vcsrv-creds.pkrvars.hcl"
-build_file="$HOME/packer/linux/debian"
+

 $packer init $HOME/packer/linux/debian-12-x64/
-
 $packer build -force \
 -var-file="$creds_vars_file" \
 -var-file="$HOME/packer/linux/debian-12-x64/conf.pkrvars.hcl" \
-/root/packer/linux/debian-12-x64/
+$HOME/packer/linux/debian-12-x64/
--- a/packer/linux/debian-12-x64/conf.pkrvars.hcl
+++ b/packer/linux/debian-12-x64/conf.pkrvars.hcl
@ -17,5 +17,5 @@ iso_checksum        = "none"
 os_iso_paths        = "[Cluster01-LUN01] ISO/debian-12.7.0-amd64-netinst.iso"
 os_iso_url          = "https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-12.7.0-amd64-netinst.iso"

-boot_command = "<esc><wait><esc><wait>/install.amd/vmlinuz <wait> ipv6.disable=1 <wait> auto=true <wait> netcfg/dhcp_timeout=30 <wait> priority=critical locale=en_US <wait> preseed/url=http://aassdd.ru/.my-preseed/debian/preseed.cfg --- <wait> initrd=/install.amd/initrd.gz<wait><enter>"
+boot_command = "<esc><wait><esc><wait>/install.amd/vmlinuz <wait> ipv6.disable=1 <wait> auto=true <wait> netcfg/dhcp_timeout=30 <wait> priority=critical locale=en_US <wait> preseed/url=http://aassdd.ru/.packer/debian/preseed.cfg --- <wait> initrd=/install.amd/initrd.gz<wait><enter>"

--- a/packer/linux/debian-12-x64/data/prep-script.sh
+++ b/packer/linux/debian-12-x64/data/prep-script.sh
@ -0,0 +1,29 @@
+#!/bin/bash
+
+echo Resize root partition...
+sudo parted /dev/sda resizepart 2 100% > /dev/null 2>&1
+sudo pvresize /dev/sda2 > /dev/null 2>&1
+sudo lvextend -y -f -l +100%FREE /dev/vg01/root > /dev/null 2>&1
+sudo resize2fs /dev/vg01/root > /dev/null 2>&1
+
+echo Create rc.local file...
+sudo echo "#!/bin/sh -e
+#
+# rc.local
+#
+# This script is executed at the end of each multiuser runlevel.
+# Make sure that the script will exit 0 on success or any other
+# value on error.
+#
+# In order to enable or disable this script just change the execution
+# bits.
+#
+# By default this script does nothing.
+
+
+exit 0
+" > /etc/rc.local
+sudo chown root:root /etc/rc.local
+sudo chmod 755 /etc/rc.local
+
+exit 0
--- a/packer/linux/debian-12-x64/data/preseed.cfg
+++ b/packer/linux/debian-12-x64/data/preseed.cfg
@ -0,0 +1,115 @@
+# Language and Locale
+d-i debian-installer/language string en
+d-i debian-installer/country string RU
+d-i debian-installer/locale string en_US.UTF-8
+
+# Hostname
+d-i netcfg/get_hostname string unassigned-hostname
+d-i netcfg/get_domain string unassigned-domain
+
+# Keyboard
+d-i keymap select us
+d-i console-keymaps-at/keymap select us
+d-i keyboard-configuration/xkb-keymap select us
+
+# Timezone / Time
+d-i time/zone string Europe/Moscow
+d-i clock-setup/utc boolean true
+
+# Package Configuration
+d-i pkgsel/upgrade select full-upgrade
+d-i apt-setup/services-select multiselect security, updates
+#d-i mirror/country string TR
+d-i mirror/country string manual
+d-i mirror/http/hostname string 192.168.111.251
+d-i mirror/http/directory string /debian
+d-i apt-setup/security_host string 192.168.111.251
+
+d-i apt-setup/non-free-firmware boolean true
+d-i apt-setup/non-free boolean true
+d-i apt-setup/contrib boolean true
+
+
+tasksel tasksel/first multiselect none
+d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools sudo parted
+d-i pkgsel/install-language-support boolean false
+popularity-contest popularity-contest/participate boolean false
+
+
+# Partitioning
+d-i partman/mount_style select uuid
+d-i partman-auto/disk string /dev/sda
+d-i partman-basicfilesystems/choose_label string gpt
+d-i partman-basicfilesystems/default_label string gpt
+d-i partman-partitioning/choose_label string gpt
+d-i partman-partitioning/default_label string gpt
+d-i partman/choose_label string gpt
+d-i partman/default_label string gpt
+d-i partman-auto/method string lvm
+d-i partman-auto/purge_lvm_from_device boolean true
+d-i partman-auto/choose_recipe select gpt-boot-lvm
+d-i partman-auto-lvm/new_vg_name string vg01
+d-i partman-auto/expert_recipe string           \
+    gpt-boot-lvm ::                             \
+      1 1 1 free                                \
+        $bios_boot{ }                           \
+        method{ biosgrub }                      \
+      .                                         \
+      537 537 537 linux-swap                    \
+        $defaultignore{ }                       \
+        $lvmok{ }                               \
+        lv_name{ swap }                         \
+        method{  swap }                         \
+        format{ }                               \
+      .                                         \
+      2600 2600 -1 ext4                         \
+        $defaultignore{ }                       \
+        $lvmok{ }                               \
+        lv_name{ root }                         \
+        method{ format }                        \
+        format{ }                               \
+        use_filesystem{ }                       \
+        filesystem{ ext4 }                      \
+        mountpoint{ / }                         \
+       .
+d-i partman-auto-lvm/no_boot boolean true
+d-i partman/confirm boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman-lvm/confirm_nooverwrite boolean true
+d-i partman-lvm/device_remove_lvm boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman/choose_partition select Finish partitioning and write changes to disk
+d-i partman/confirm_nooverwrite boolean true
+d-i partman/mount_style select uuid
+
+# mkpasswd -s -m sha-512
+#
+d-i passwd/root-login boolean true
+d-i passwd/root-password-crypted password $6$Lij5f1fxeWVCjFbJ$GiWa3/zslkXwE4OfHeQrx/AlDPqhZR9pxSMxAvEZX8twF8ti7L6KM8wQWARzH.nQ99/BEmrjfDM/hwuczDJxY1
+# Create [ ansb-srv-it ] user account.
+d-i passwd/make-user boolean true
+d-i passwd/user-fullname string ansb-srv-it
+d-i passwd/username string ansb-srv-it
+d-i passwd/user-password-crypted password $6$Lij5f1fxeWVCjFbJ$GiWa3/zslkXwE4OfHeQrx/AlDPqhZR9pxSMxAvEZX8twF8ti7L6KM8wQWARzH.nQ99/BEmrjfDM/hwuczDJxY1
+
+d-i user-setup/allow-password-weak boolean true
+d-i user-setup/encrypt-home boolean false
+
+d-i grub-installer/bootdev string /dev/sda
+
+d-i debian-installer/splash boolean false
+
+d-i finish-install/reboot_in_progress note
+d-i preseed/late_command string in-target /bin/sh -c '/bin/echo "send dhcp-client-identifier = hardware;" >> /etc/dhcp/dhclient.conf'; \
+in-target mkdir -p /home/ansb-srv-it/.ssh; \
+in-target /bin/sh -c "echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC21HOAhC6o25M1oKxKsZxIoxUUeIpb4oqtAdPRNGU4PhJL1g1Cnro+YeF36YnvTKHRzDxS211y/zZBkt7BxOM7qj6dTQSH23jRwGLyfcYv7VyrK1YoxUAXumOJYnhfjVhXoznKnY9++GO9a/1gxQCzjGFMoxAQxFiBMbR/3Ic92ix2SM5aftXl1Mvu3mv45iZimyVIOH5cXdC0XtDSC7EEsdp1Ex6H/GfYabS+cJ55Uyct3orVBSf1LYFLaBNpIx7evXe+bXl81pvW8k/JhYTizoYNEA9rCi+1zaLQMb5LviHM3QqiYjkJbdt2Bd6TVmAfXrJKkj5XXnaMcDqXg8VUKqBenWOSugwagjYYjPRN/pyOeucL+pW1+iv8rAsVxn/0/eliNMn4rExN+Bj6kOmmdrsfqfierffW4DGDJtZlZhfXeZTX8XhdwMt7QUsUdK/Mr14uaEGjhWywX7uqSTnySV1mG4f6vJOyJksZKNSDzK8zH4k3u3onBFbut6NRG+cW4DaScmDbxAkUyurpesPlQkZzcKit6LLscJWZqCrd09zUvHuktnLuhlcicPQPD0B3VhbqVjTvjTDqZX8ZdxrHaRFwfKtv+gqo5Xb2ziS9MxsslxrSe9Ss4w4XkfbZ3BMnyfJWgxHuuyp4Y9gVRE4pFmsoR3v1zpTTHzMGKJKXWw== root@ansible' >> /home/ansb-srv-it/.ssh/authorized_keys"; \
+in-target chown -R ansb-srv-it:ansb-srv-it /home/ansb-srv-it; \
+in-target chmod 700 /home/ansb-srv-it; \
+in-target chmod 600 /home/ansb-srv-it/.ssh/authorized_keys; \
+in-target chmod 700 /home/ansb-srv-it/.ssh; \
+in-target usermod -aG sudo ansb-srv-it; \
+in-target usermod -p '*' ansb-srv-it; \
+in-target usermod -p '*' root; \
+in-target /bin/sh -c "echo 'ansb-srv-it ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers.d/ansb-srv-it"; \
+in-target chmod 440 /etc/sudoers.d/ansb-srv-it; \
+in-target echo
--- a/packer/linux/debian-12-x64/debian-12-x64.pkr.hcl
+++ b/packer/linux/debian-12-x64/debian-12-x64.pkr.hcl
@ -50,19 +50,20 @@ source "vsphere-iso" "debian-12" {
  }
 // ****************
  ssh_username            = var.connection_username
-  ssh_password            = var.connection_password
+//ssh_password            = var.connection_password
+  ssh_private_key_file    = var.connection_ssh_private_key_file
  ssh_port                = "22"
-  ip_wait_timeout         = "15m"
+  ip_wait_timeout         = "25m"
  ssh_timeout             = "10m"
  ssh_handshake_attempts  = "20"
-  shutdown_timeout        = "15m"
+  shutdown_timeout        = "10m"
 // ****************
  iso_checksum            = var.iso_checksum
 //  iso_url               = var.os_iso_url
  iso_paths               = [var.os_iso_paths]
 // ****************

-  boot_wait               = "5s"
+  boot_wait               = "8s"
  boot_command            = [var.boot_command]

 }
@ -70,4 +71,17 @@ source "vsphere-iso" "debian-12" {
 build {
  name    = "template"
  sources = ["source.vsphere-iso.debian-12"]
+
+  provisioner "file" {
+    destination = "/tmp/prep-script.sh"
+    source = "${path.root}data/prep-script.sh"
+  }
+
+  provisioner "shell" {
+    inline = [
+      "sudo chmod 755 /tmp/prep-script.sh",
+      "sudo /tmp/prep-script.sh",
+    ]
+  }
+
 }
--- a/packer/linux/debian-12-x64/variables.pkr.hcl
+++ b/packer/linux/debian-12-x64/variables.pkr.hcl
@ -43,22 +43,23 @@ variable "vcenter_folder" {
 }

 // ************************************
-variable "vm_name"             { default = "" }
-variable "vm_num_cpu"          { default = "" }
-variable "vm_ram"              { default = "" }
-variable "vm_hardware_version" { default = "" }
-variable "vm_guest_os_type"    { default = "" }
-variable "vm_disk_size"        { default = "" }
-variable "vm_network"          { default = "" }
-variable "vm_network_nic_type" { default = "" }
-variable "os_version"          { default = "" }
-variable "os_family"           { default = "" }
-variable "os_iso_url"          { default = "" }
+variable "vm_name"              { default = "" }
+variable "vm_num_cpu"           { default = "" }
+variable "vm_ram"               { default = "" }
+variable "vm_hardware_version"  { default = "" }
+variable "vm_guest_os_type"     {  default = "" }
+variable "vm_disk_size"         { default = "" }
+variable "vm_network"           { default = "" }
+variable "vm_network_nic_type"  { default = "" }
+variable "os_version"           { default = "" }
+variable "os_family"            { default = "" }
+variable "os_iso_url"           { default = "" }
 // ************************************
-variable "connection_username" { default = "" }
-variable "connection_password" { default = "" }
+variable "connection_username"  { default = "" }
+variable "connection_password"  { default = "" }
+variable "connection_ssh_private_key_file" { default = "" }
 // ************************************
-variable "iso_checksum"        { default = "" }
-variable "os_iso_paths"        { default = "" }
-variable "iso_url"             { default = "" }
-variable "boot_command"        { default = "" }
+variable "iso_checksum"         { default = "" }
+variable "os_iso_paths"         { default = "" }
+variable "iso_url"              { default = "" }
+variable "boot_command"         { default = "" }