Add playbooks to role os-linux-prep-default

ansible/.ansible.cfg

@@ -0,0 +1,137 @@
+# config file for ansible -- http://ansible.com/
+# ==============================================
+
+# nearly all parameters can be overridden in ansible-playbook 
+# or with command line flags. ansible will read ANSIBLE_CONFIG,
+# ansible.cfg in the current working directory, .ansible.cfg in
+# the home directory or /etc/ansible/ansible.cfg, whichever it
+# finds first
+
+[defaults]
+
+
+# some basic default values...
+
+inventory      = $HOME/ansible/inventories/hosts
+remote_tmp     = $HOME/.ansible/tmp
+forks          = 15
+sudo_user      = root
+transport      = ssh
+
+# plays will gather facts by default, which contain information about
+# the remote system.
+#
+# smart - gather by default, but don't regather if already gathered
+# implicit - gather by default, turn off with gather_facts: False
+# explicit - do not gather by default, must say gather_facts: True
+gathering = smart
+
+# additional paths to search for roles in, colon separated
+roles_path    = $HOME/ansible/roles
+
+# uncomment this to disable SSH key host checking
+host_key_checking = False
+
+# logging is off by default unless this path is defined
+# if so defined, consider logrotate
+log_path = /var/log/ansible.log
+
+# default module name for /usr/bin/ansible
+module_name = shell
+
+# set plugin path directories here, separate with colons
+action_plugins     = /usr/share/ansible_plugins/action_plugins:$HOME/.ansible/plugins/action_plugins
+callback_plugins   = /usr/share/ansible_plugins/callback_plugins:$HOME/.ansible/plugins/callback_plugins
+connection_plugins = /usr/share/ansible_plugins/connection_plugins:$HOME/.ansible/plugins/connection_plugins
+lookup_plugins     = /usr/share/ansible_plugins/lookup_plugins:$HOME/.ansible/plugins/lookup_plugins
+vars_plugins       = /usr/share/ansible_plugins/vars_plugins:$HOME/.ansible/plugins/vars_plugins
+filter_plugins     = /usr/share/ansible_plugins/filter_plugins:$HOME/.ansible/plugins/filter_plugins
+
+# by default callbacks are not loaded for /bin/ansible, enable this if you
+# want, for example, a notification or logging callback to also apply to 
+# /bin/ansible runs
+#bin_ansible_callbacks = False
+
+# the CA certificate path used for validating SSL certs. This path 
+# should exist on the controlling node, not the target nodes
+# common locations:
+# RHEL/CentOS: /etc/pki/tls/certs/ca-bundle.crt
+# Fedora     : /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
+# Ubuntu     : /usr/share/ca-certificates/cacert.org/cacert.org.crt
+ca_file_path = /usr/share/ca-certificates/cacert.org/cacert.org.crt
+
+# if set to a persistent type (not 'memory', for example 'redis') fact values
+# from previous runs in Ansible will be stored.  This may be useful when
+# wanting to use, for example, IP information from one group of servers
+# without having to talk to them in the same playbook run to get their
+# current IP information.
+fact_caching = jsonfile
+fact_caching_connection = $HOME/.ansible/facts
+fact_caching_timeout = 600
+
+# retry files
+#retry_files_enabled = False
+retry_files_save_path = ~/.ansible/retry
+
+[privilege_escalation]
+#become=True
+#become_method=sudo
+#become_user=root
+#become_ask_pass=False
+
+[ssh_connection]
+
+# ssh arguments to use
+# Leaving off ControlPersist will result in poor performance, so use 
+# paramiko on older platforms rather than removing it
+ssh_args = -o ControlMaster=auto -o ControlPersist=60s
+
+# The path to use for the ControlPath sockets. This defaults to
+# "%(directory)s/ansible-ssh-%%h-%%p-%%r", however on some systems with
+# very long hostnames or very long path names (caused by long user names or 
+# deeply nested home directories) this can exceed the character limit on
+# file socket names (108 characters for most platforms). In that case, you 
+# may wish to shorten the string below.
+#
+# Example:
+# control_path = %(directory)s/%%h-%%r
+control_path = %(directory)s/ansible-ssh-%%h-%%p-%%r
+
+# Enabling pipelining reduces the number of SSH operations required to 
+# execute a module on the remote server. This can result in a significant 
+# performance improvement when enabled, however when using "sudo:" you must 
+# first disable 'requiretty' in /etc/sudoers
+#
+# By default, this option is disabled to preserve compatibility with
+# sudoers configurations that have requiretty (the default on many distros).
+#
+pipelining = True
+
+# if True, make ansible use scp if the connection type is ssh 
+# (default is sftp)
+scp_if_ssh = True
+
+[accelerate]
+accelerate_port = 5099
+accelerate_timeout = 30
+accelerate_connect_timeout = 5.0
+
+# The daemon timeout is measured in minutes. This time is measured
+# from the last activity to the accelerate daemon.
+accelerate_daemon_timeout = 30
+
+# If set to yes, accelerate_multi_key will allow multiple
+# private keys to be uploaded to it, though each user must
+# have access to the system via SSH to add a new key. The default
+# is "no".
+#accelerate_multi_key = yes
+
+[selinux]
+# file systems that require special treatment when dealing with security context
+# the default behaviour that copies the existing context or uses the user default
+# needs to be changed to use the file system dependent context.
+#special_context_filesystems=nfs,vboxsf,fuse,ramfs
+
+[inventory]
+# enable inventory plugins, default: 'host_list', 'script', 'yaml', 'ini', 'auto'
+enable_plugins = host_list, script, auto, yaml, ini, toml, community.vmware.vmware_vm_inventory

ansible/README.md

@@ -8,7 +8,7 @@ For secrets and cred vars create $HOME/.secret/.ansible/vars_creds.yml<br/><br/>
 `vcenter_validate_certs: false`<br/>
 `vcenter_datacenter: "DC01"`<br/>
 <br/>
-`ansible_user: "root"`<br/>
+`ansible_user: "ansb-srv-it"`<br/>
 `ansible_password: "XXXXXXXX"`<br/>
-`#ansible_ssh_private_key_file: '~/.secret/auto-tools/ansible/.ssh/ansb.id_rsa'`<br/>
+`#ansible_ssh_private_key_file: '~/.secret/.ssh/XXXXX.id_rsa'`<br/>
 

ansible/hosts

@@ -1,3 +0,0 @@
-
-dc01-ipxesrv01-it-infr.lab.loc ansible_host=10.8.221.2
-

ansible/inventories/group_vars/all.yml

@@ -0,0 +1,6 @@
+---
+## Ansible params
+#ansible_port: '22'
+#ansible_ssh_user: 'root'
+#ansible_ssh_password: 'XXXXXXXXX'
+#ansible_ssh_private_key_file: '~/.ssh/XXXXX.id_rsa'

ansible/inventories/hosts

@@ -0,0 +1,15 @@
+
+dc01-ipxesrv01-it-infr.lab.loc ansible_host=10.8.221.2
+
+z-debian-packer-vm ansible_host=10.8.221.115
+z-ubuntu-packer-vm ansible_host=10.8.221.118
+
+aaa  ansible_host=10.8.221.200
+
+
+## Do not edit and delete it    ##
+## It need for packer templetes ##
+packer-templ
+## Do not edit and delete it    ##
+## It need for packer templetes ##
+

ansible/playbooks/os-linux-apt-update.yml

@@ -33,4 +33,4 @@
         - name: Run "apt-get clean"
           ansible.builtin.apt:
             clean: yes
-      when: ansible_facts['distribution'] == "Debian"
+      when: ansible_os_family == "Debian"

ansible/playbooks/os-linux-prep-default.yml

@@ -0,0 +1,9 @@
+---
+
+- hosts: "{{ hosts_target }}"
+  become: true
+  gather_facts: true
+  vars_files:
+    - ~/.secret/.ansible/vars_creds.yml
+  roles:
+    - os-linux-prep-default

ansible/playbooks/os-ping-test.yml

@@ -10,6 +10,6 @@
     - name: Debug
       debug:
 #        var: ansible_facts
-        msg: " It is {{ansible_facts['distribution'] }} {{ ansible_facts.distribution_major_version }} ( {{ ansible_facts.distribution_release }} )"
+        msg: " It is {{ ansible_os_family }} {{ ansible_facts.distribution_major_version }} ( {{ ansible_facts.distribution_release }} )"
 
 

ansible/roles/clean-templ-pole/defaults/main.yml

@@ -0,0 +1 @@
+---

ansible/roles/clean-templ-pole/handlers/main.yml

@@ -0,0 +1 @@
+---

ansible/roles/clean-templ-pole/tasks/main.yml

@@ -0,0 +1,6 @@
+---
+
+- name: Ping
+  import_tasks: ping.yml
+
+

ansible/roles/clean-templ-pole/tasks/ping.yml

@@ -0,0 +1,4 @@
+---
+
+- name: ping
+  ping:

ansible/roles/clean-templ-pole/vars/main.yml

@@ -0,0 +1,2 @@
+---
+

ansible/roles/os-linux-prep-default/defaults/main.yml

@@ -0,0 +1 @@
+---

ansible/roles/os-linux-prep-default/files/first_start.sh

@@ -0,0 +1,84 @@
+#!/bin/bash
+
+echo "First start VM"
+echo "Resize root partition..."
+parted /dev/sda resizepart 2 100%
+pvresize /dev/sda2
+lvextend -y -f -l +100%FREE /dev/vg01/root
+resize2fs /dev/vg01/root
+
+echo "Generete new machine-id"
+rm /etc/machine-id
+systemd-machine-id-setup
+echo "Clean all logs"
+find /var/log -type f,l | xargs rm -f
+
+echo "Recreate new SSHd keys"
+rm -f /etc/ssh/ssh_host_*
+dpkg-reconfigure openssh-server --force -f noninteractive
+
+echo "Make right /etc/network/interfaces"
+if [ -z "$(cat /etc/network/interfaces | grep "inet dhcp")" ]; then
+    # No DHCP
+    iface=$(cat /etc/network/interfaces | grep "iface" | sed '/loopback/d' | awk '{print $2}')
+    ip_add=$(cat /etc/network/interfaces | grep "address" | awk '{print $2}')
+    ip_netm=$(cat /etc/network/interfaces | grep "netmask" | awk '{print $2}')
+    ip_gw=$(cat /etc/network/interfaces | grep "gateway" | awk '{print $2}')
+    echo "
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+auto $iface
+allow-hotplug $iface
+iface $iface inet static
+        address $ip_add
+        netmask $ip_netm
+        gateway $ip_gw
+" > /etc/network/interfaces
+
+echo "Create hostname and hosts"
+ipaddr=$(ip a | grep "scope global" | awk '{print $2}' | sed -r 's/\/.+//')
+host_name=$(hostname -f)
+host_shot_name=$(hostname -s)
+
+echo $host_name > /etc/hostname
+echo "127.0.0.1		localhost" > /etc/hosts
+echo "$ipaddr		$host_name		$host_shot_name" >> /etc/hosts
+
+else
+    # Yes DHCP
+    iface=$(cat /etc/network/interfaces | grep "iface" | sed '/loopback/d' | awk '{print $2}')
+
+    echo "
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+auto $iface
+allow-hotplug $iface
+iface $iface inet dhcp
+" > /etc/network/interfaces
+
+fi
+rm -f /etc/network/*.BeforeVMwareCustomization
+
+sed '/^\/root\/first_start.sh &/d' -i /etc/rc.local
+
+rm /root/first_start.sh
+
+sleep 5
+
+reboot

ansible/roles/os-linux-prep-default/handlers/main.yml

@@ -0,0 +1,11 @@
+---
+
+- name: Update config grub on Debian like
+  shell: "update-grub"
+  when: ansible_os_family == "Debian"
+
+- name: Reboot the server from shell
+  shell: 'shutdown -r now "Reboot the server by Ansible"'
+#  ignore_errors: true
+  async: 30
+  poll: 0

ansible/roles/os-linux-prep-default/tasks/add-users-admins.yml

@@ -0,0 +1,60 @@
+---
+
+- include_vars: vars/os-creds-admins.yml
+
+- name: Set host facts group for use sudo
+  set_fact: os_group_for_sudo="sudo"
+  when: ansible_os_family == "Debian"
+
+- name: Set host facts group for use sudo
+  set_fact: os_group_for_sudo="wheel"
+  when: ansible_os_family == "RedHat"
+
+- name: Change default for add user create params perm 755 to 700 (Debian)
+  block:
+    - name: Edit options in /etc/adduser.conf
+      lineinfile:
+        path: /etc/adduser.conf
+        line: "{{ item }}"
+      loop:
+        - DIR_MODE=0700
+        - SYS_DIR_MODE=0700
+      when: ansible_os_family == "Debian"
+    - name: Edit options in /etc/login.defs
+      lineinfile:
+        path: /etc/login.defs
+        line: "{{ item }}"
+      loop:
+        - HOME_MODE 0700
+  when: ansible_os_family == "Debian"
+
+- name: Add admins users
+  user:
+    name: "{{ item.username }}"
+    shell: /bin/bash
+    groups: "{{ os_group_for_sudo }}"
+    password: "{{ item.password }}"
+    comment: "{{ item.comment }}"
+    append: yes
+  loop: "{{ os_creds_sysadmins }}"
+  no_log: true
+
+- name: Add SSH keys for admins users
+  authorized_key:
+    user:  "{{ item.username }}"
+    state: present
+    key: "{{ item.ssh_key }}"
+  loop: "{{ os_creds_sysadmins }}"
+  no_log: true
+
+- name: Add admins users to /etc/sudoers.d/
+  copy:
+    dest: "/etc/sudoers.d/{{ item.username }}"
+    content: |
+      {{ item.username }} ALL=(ALL) NOPASSWD:ALL
+
+    owner: root
+    group: root
+    mode: '0444'
+  loop: "{{ os_creds_sysadmins }}"
+  no_log: true

ansible/roles/os-linux-prep-default/tasks/ipv6-disable.yml

@@ -0,0 +1,12 @@
+---
+
+- name: Disable IPv6
+  block:
+  - name: Add to /etc/default/grub option ipv6.disable=1
+    ansible.builtin.lineinfile:
+      path: /etc/default/grub
+      regexp: '^GRUB_CMDLINE_LINUX="'
+      line: GRUB_CMDLINE_LINUX="ipv6.disable=1"
+    notify:
+      - Update config grub on Debian like
+  when: ansible_os_family == "Debian"

ansible/roles/os-linux-prep-default/tasks/main.yml

@@ -0,0 +1,16 @@
+---
+
+#- name: Ping
+#  import_tasks: ping.yml
+
+- name: Upload sctipts for first starting system
+  import_tasks: scripts-first-start.yml
+
+- name: IPv6 disable
+  import_tasks: ipv6-disable.yml
+
+- name: Add admins users
+  import_tasks: add-users-admins.yml
+
+- name: Install basic pkg
+  import_tasks: pkg-install.yml

ansible/roles/os-linux-prep-default/tasks/ping.yml

@@ -0,0 +1,8 @@
+---
+
+- name: Prepare default config for OS type of Debian
+  block:
+    - name: Debug
+      debug:
+        msg: '{{ role_path }}'
+  when: ansible_os_family == "Debian"

ansible/roles/os-linux-prep-default/tasks/pkg-install.yml

@@ -0,0 +1,14 @@
+---
+
+- include_vars: os-pkg-list.yml
+
+- name: Install from list of packages for Debian
+  block:
+  - name: Install from list of packages for Debian
+    apt:
+      state: latest
+      pkg: "{{ debian_install_pkg_list }}"
+  - name: Run "apt-get clean"
+    apt:
+      clean: yes
+  when: ansible_distribution == "Debian"

ansible/roles/os-linux-prep-default/tasks/scripts-first-start.yml

@@ -0,0 +1,21 @@
+---
+
+- name: Prepare scripts for custom VMs (First start)
+  block:
+  - name: Copy files to remote system
+    ansible.builtin.copy:
+      src: files/first_start.sh
+      dest: /root/first_start.sh
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Edit /etc/rc.local
+    ansible.builtin.lineinfile:
+      path: /etc/rc.local
+      regexp: '^(exit 0.*)$'
+      line: |
+        /root/first_start.sh &
+        $(sleep 2; chmod 755 /root/first_start.sh |  sed '/chmod 755 \/root\/first_start.sh/d' -i /etc/rc.local) &
+        exit 0
+
+  when: ansible_os_family == "Debian"

ansible/roles/os-linux-prep-default/vars/main.yml

@@ -0,0 +1,2 @@
+---
+

ansible/roles/os-linux-prep-default/vars/os-creds-admins.yml

@@ -0,0 +1,4 @@
+---
+
+os_creds_sysadmins:
+  - { username: "user", password: "*", comment: "mr. User", ssh_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC21HOAhC6o25M1oKxKsZxIoxUUeIpb4oqtAdPRNGU4PhJL1g1Cnro+YeF36YnvTKHRzDxS211y/zZBkt7BxOM7qj6dTQSH23jRwGLyfcYv7VyrK1YoxUAXumOJYnhfjVhXoznKnY9++GO9a/1gxQCzjGFMoxAQxFiBMbR/3Ic92ix2SM5aftXl1Mvu3mv45iZimyVIOH5cXdC0XtDSC7EEsdp1Ex6H/GfYabS+cJ55Uyct3orVBSf1LYFLaBNpIx7evXe+bXl81pvW8k/JhYTizoYNEA9rCi+1zaLQMb5LviHM3QqiYjkJbdt2Bd6TVmAfXrJKkj5XXnaMcDqXg8VUKqBenWOSugwagjYYjPRN/pyOeucL+pW1+iv8rAsVxn/0/eliNMn4rExN+Bj6kOmmdrsfqfierffW4DGDJtZlZhfXeZTX8XhdwMt7QUsUdK/Mr14uaEGjhWywX7uqSTnySV1mG4f6vJOyJksZKNSDzK8zH4k3u3onBFbut6NRG+cW4DaScmDbxAkUyurpesPlQkZzcKit6LLscJWZqCrd09zUvHuktnLuhlcicPQPD0B3VhbqVjTvjTDqZX8ZdxrHaRFwfKtv+gqo5Xb2ziS9MxsslxrSe9Ss4w4XkfbZ3BMnyfJWgxHuuyp4Y9gVRE4pFmsoR3v1zpTTHzMGKJKXWw== user@user" }

ansible/roles/os-linux-prep-default/vars/os-pkg-list.yml

@@ -0,0 +1,45 @@
+---
+
+debian_install_pkg_list:
+  - net-tools
+  - mc
+  - htop
+  - bash-completion
+  - iotop
+  - iftop
+  - bwm-ng
+  - sysstat
+  - iptraf-ng
+  - iperf3
+  - tcpdump
+  - scsitools
+  - lsscsi
+  - kpartx
+  - toilet
+  - figlet
+  - git
+  - apt-transport-https
+  - sysfsutils
+  - curl
+  - gpg
+  - secure-delete
+  - dnsutils
+  - rpm2cpio
+  - dos2unix
+  - telnet
+  - rsync
+  - sudo
+  - whois
+  - pv
+  - lsof
+  - tmux
+  - hping3
+  - nload
+  - parted
+  - netcat-openbsd
+  - wget
+  - ftp
+  - vim
+  - rsyslog
+  - iptables
+  - man

packer/linux/build-debian-12-x64.sh

@@ -2,15 +2,17 @@
 
 packer="/usr/bin/packer"
 
+vm_name="x-debian-packer-vm"
+
 # => For logs:
 #export PACKER_LOG_PATH=./build-debian-12-amd64.log
 export PACKER_LOG=0
 
 creds_vars_file="$HOME/.secret/.packer/vcsrv-creds.pkrvars.hcl"
 
-
 $packer init $HOME/packer/linux/debian-12-x64/
 $packer build -force \
 -var-file="$creds_vars_file" \
 -var-file="$HOME/packer/linux/debian-12-x64/conf.pkrvars.hcl" \
+-var vm_name=$vm_name \
 $HOME/packer/linux/debian-12-x64/

packer/linux/build-ubuntu-24.04-x64.sh

@@ -2,6 +2,8 @@
 
 packer="/usr/bin/packer"
 
+vm_name="x-ubuntu-packer-vm"
+
 # => For logs:
 #export PACKER_LOG_PATH=./build-debian-12-amd64.log
 export PACKER_LOG=0
@@ -13,5 +15,6 @@ $packer init $HOME/packer/linux/ubuntu-24.04-x64/
 $packer build -force \
 -var-file="$creds_vars_file" \
 -var-file="$HOME/packer/linux/ubuntu-24.04-x64/conf.pkrvars.hcl" \
+-var vm_name=$vm_name \
 $HOME/packer/linux/ubuntu-24.04-x64/
 

packer/linux/debian-12-x64/conf.pkrvars.hcl

@@ -4,7 +4,7 @@ vcenter_host       = "esxi8-01.lab.loc"
 vcenter_folder     = "VLAN-0221"
 vcenter_datastore  = "Cluster01-LUN02"
 
-vm_name             = "z-debian-packer-vm"
+//vm_name             = "z-debian-packer-vm"
 vm_num_cpu          = 1
 vm_ram              = 1024
 vm_hardware_version = "20"

packer/linux/debian-12-x64/data/prep-script.sh

@@ -6,6 +6,13 @@ sudo pvresize /dev/sda2 > /dev/null 2>&1
 sudo lvextend -y -f -l +100%FREE /dev/vg01/root > /dev/null 2>&1
 sudo resize2fs /dev/vg01/root > /dev/null 2>&1
 
+echo "Delete password for root and ansb-srv-it"
+sudo usermod -p '*' root
+sudo usermod -p '*' ansb-srv-it
+
+echo "Change perm for /home/ansb-srv-it"
+sudo chmod 700 /home/ansb-srv-it
+
 echo "Create rc.local file..."
 sudo echo "#!/bin/sh -e
 #
@@ -20,9 +27,11 @@ sudo echo "#!/bin/sh -e
 #
 # By default this script does nothing.
 
-
 exit 0
 " > /etc/rc.local
+
+sudo mkdir -p /root/.ansible/tmp
+sudo chmod 700 /root/.ansible/tmp
 sudo chown root:root /etc/rc.local
 sudo chmod 755 /etc/rc.local
 

packer/linux/debian-12-x64/debian-12-x64.pkr.hcl

@@ -32,7 +32,7 @@ source "vsphere-iso" "debian-12-x64" {
   host                    = var.vcenter_host
   datastore               = var.vcenter_datastore
   folder                  = var.vcenter_folder
-# convert_to_template     = true
+  convert_to_template     = true
 // ****************
   vm_name                 = var.vm_name
   CPUs                    = var.vm_num_cpu
@@ -85,4 +85,11 @@ build {
     ]
   }
 
+  provisioner "shell-local" {
+    inline = [
+      "ansible-playbook ~/ansible/playbooks/os-linux-prep-default.yml -l packer-templ -e hosts_target=packer-templ -e ansible_host=${build.Host}  -e connection_username=${var.connection_username} -e connection_ssh_private_key_file=${var.connection_ssh_private_key_file}"
+    ]
+  }
+
+
 }

packer/linux/debian-12-x64/http/preseed.cfg

@@ -31,7 +31,7 @@ d-i apt-setup/contrib boolean true
 
 
 tasksel tasksel/first multiselect none
-d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools sudo parted
+d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools python3 sudo parted
 d-i pkgsel/install-language-support boolean false
 popularity-contest popularity-contest/participate boolean false
 

packer/linux/ubuntu-24.04-x64/conf.pkrvars.hcl

@@ -4,7 +4,7 @@ vcenter_host       = "esxi8-01.lab.loc"
 vcenter_folder     = "VLAN-0221"
 vcenter_datastore  = "Cluster01-LUN02"
 
-vm_name             = "z-ubuntu-packer-vm"
+//vm_name             = "z-ubuntu-packer-vm"
 vm_num_cpu          = 1
 vm_ram              = 2048
 vm_hardware_version = "20"

packer/linux/ubuntu-24.04-x64/data/prep-script.sh

@@ -27,9 +27,11 @@ sudo echo "#!/bin/sh -e
 #
 # By default this script does nothing.
 
-
 exit 0
 " > /etc/rc.local
+
+sudo mkdir -p /root/.ansible/tmp
+sudo chmod 700 /root/.ansible/tmp
 sudo chown root:root /etc/rc.local
 sudo chmod 755 /etc/rc.local
 

packer/linux/ubuntu-24.04-x64/ubuntu-24.04-x64.pkr.hcl

@@ -85,4 +85,10 @@ build {
     ]
   }
 
+//  provisioner "shell-local" {
+//    inline = [
+//      "ansible-playbook ~/ansible/playbooks/os-linux-prep-default.yml -l packer-templ -e hosts_target=packer-templ -e ansible_host=${build.Host}  -e connection_username=${var.connection_username} -e connection_ssh_private_key_file=${var.connection_ssh_private_key_file}"
+//    ]
+//  }
+
 }