diff --git a/ansible/.ansible.cfg b/ansible/.ansible.cfg
new file mode 100644
index 0000000..4260fc8
--- /dev/null
+++ b/ansible/.ansible.cfg
@@ -0,0 +1,137 @@
+# config file for ansible -- http://ansible.com/
+# ==============================================
+
+# nearly all parameters can be overridden in ansible-playbook
+# or with command line flags. ansible will read ANSIBLE_CONFIG,
+# ansible.cfg in the current working directory, .ansible.cfg in
+# the home directory or /etc/ansible/ansible.cfg, whichever it
+# finds first
+
+[defaults]
+
+
+# some basic default values...
+
+inventory = $HOME/ansible/inventories/hosts
+remote_tmp = $HOME/.ansible/tmp
+forks = 15
+sudo_user = root
+transport = ssh
+
+# plays will gather facts by default, which contain information about
+# the remote system.
+#
+# smart - gather by default, but don't regather if already gathered
+# implicit - gather by default, turn off with gather_facts: False
+# explicit - do not gather by default, must say gather_facts: True
+gathering = smart
+
+# additional paths to search for roles in, colon separated
+roles_path = $HOME/ansible/roles
+
+# uncomment this to disable SSH key host checking
+host_key_checking = False
+
+# logging is off by default unless this path is defined
+# if so defined, consider logrotate
+log_path = /var/log/ansible.log
+
+# default module name for /usr/bin/ansible
+module_name = shell
+
+# set plugin path directories here, separate with colons
+action_plugins = /usr/share/ansible_plugins/action_plugins:$HOME/.ansible/plugins/action_plugins
+callback_plugins = /usr/share/ansible_plugins/callback_plugins:$HOME/.ansible/plugins/callback_plugins
+connection_plugins = /usr/share/ansible_plugins/connection_plugins:$HOME/.ansible/plugins/connection_plugins
+lookup_plugins = /usr/share/ansible_plugins/lookup_plugins:$HOME/.ansible/plugins/lookup_plugins
+vars_plugins = /usr/share/ansible_plugins/vars_plugins:$HOME/.ansible/plugins/vars_plugins
+filter_plugins = /usr/share/ansible_plugins/filter_plugins:$HOME/.ansible/plugins/filter_plugins
+
+# by default callbacks are not loaded for /bin/ansible, enable this if you
+# want, for example, a notification or logging callback to also apply to
+# /bin/ansible runs
+#bin_ansible_callbacks = False
+
+# the CA certificate path used for validating SSL certs. This path
+# should exist on the controlling node, not the target nodes
+# common locations:
+# RHEL/CentOS: /etc/pki/tls/certs/ca-bundle.crt
+# Fedora : /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
+# Ubuntu : /usr/share/ca-certificates/cacert.org/cacert.org.crt
+ca_file_path = /usr/share/ca-certificates/cacert.org/cacert.org.crt
+
+# if set to a persistent type (not 'memory', for example 'redis') fact values
+# from previous runs in Ansible will be stored. This may be useful when
+# wanting to use, for example, IP information from one group of servers
+# without having to talk to them in the same playbook run to get their
+# current IP information.
+fact_caching = jsonfile
+fact_caching_connection = $HOME/.ansible/facts
+fact_caching_timeout = 600
+
+# retry files
+#retry_files_enabled = False
+retry_files_save_path = ~/.ansible/retry
+
+[privilege_escalation]
+#become=True
+#become_method=sudo
+#become_user=root
+#become_ask_pass=False
+
+[ssh_connection]
+
+# ssh arguments to use
+# Leaving off ControlPersist will result in poor performance, so use
+# paramiko on older platforms rather than removing it
+ssh_args = -o ControlMaster=auto -o ControlPersist=60s
+
+# The path to use for the ControlPath sockets. This defaults to
+# "%(directory)s/ansible-ssh-%%h-%%p-%%r", however on some systems with
+# very long hostnames or very long path names (caused by long user names or
+# deeply nested home directories) this can exceed the character limit on
+# file socket names (108 characters for most platforms). In that case, you
+# may wish to shorten the string below.
+#
+# Example:
+# control_path = %(directory)s/%%h-%%r
+control_path = %(directory)s/ansible-ssh-%%h-%%p-%%r
+
+# Enabling pipelining reduces the number of SSH operations required to
+# execute a module on the remote server. This can result in a significant
+# performance improvement when enabled, however when using "sudo:" you must
+# first disable 'requiretty' in /etc/sudoers
+#
+# By default, this option is disabled to preserve compatibility with
+# sudoers configurations that have requiretty (the default on many distros).
+#
+pipelining = True
+
+# if True, make ansible use scp if the connection type is ssh
+# (default is sftp)
+scp_if_ssh = True
+
+[accelerate]
+accelerate_port = 5099
+accelerate_timeout = 30
+accelerate_connect_timeout = 5.0
+
+# The daemon timeout is measured in minutes. This time is measured
+# from the last activity to the accelerate daemon.
+accelerate_daemon_timeout = 30
+
+# If set to yes, accelerate_multi_key will allow multiple
+# private keys to be uploaded to it, though each user must
+# have access to the system via SSH to add a new key. The default
+# is "no".
+#accelerate_multi_key = yes
+
+[selinux]
+# file systems that require special treatment when dealing with security context
+# the default behaviour that copies the existing context or uses the user default
+# needs to be changed to use the file system dependent context.
+#special_context_filesystems=nfs,vboxsf,fuse,ramfs
+
+[inventory]
+# enable inventory plugins, default: 'host_list', 'script', 'yaml', 'ini', 'auto'
+enable_plugins = host_list, script, auto, yaml, ini, toml, community.vmware.vmware_vm_inventory
diff --git a/ansible/README.md b/ansible/README.md
index ca80fcd..e5694bc 100644
--- a/ansible/README.md
+++ b/ansible/README.md
@@ -8,7 +8,7 @@ For secrets and cred vars create $HOME/.secret/.ansible/vars_creds.yml
`vcenter_validate_certs: false`
`vcenter_datacenter: "DC01"`
-`ansible_user: "root"`
+`ansible_user: "ansb-srv-it"`
`ansible_password: "XXXXXXXX"`
-`#ansible_ssh_private_key_file: '~/.secret/auto-tools/ansible/.ssh/ansb.id_rsa'`
+`#ansible_ssh_private_key_file: '~/.secret/.ssh/XXXXX.id_rsa'`
diff --git a/ansible/hosts b/ansible/hosts
deleted file mode 100644
index cc322f1..0000000
--- a/ansible/hosts
+++ /dev/null
@@ -1,3 +0,0 @@
-
-dc01-ipxesrv01-it-infr.lab.loc ansible_host=10.8.221.2
-
diff --git a/ansible/inventories/group_vars/all.yml b/ansible/inventories/group_vars/all.yml
new file mode 100644
index 0000000..5cdcade
--- /dev/null
+++ b/ansible/inventories/group_vars/all.yml
@@ -0,0 +1,6 @@
+---
+## Ansible params
+#ansible_port: '22'
+#ansible_ssh_user: 'root'
+#ansible_ssh_password: 'XXXXXXXXX'
+#ansible_ssh_private_key_file: '~/.ssh/XXXXX.id_rsa'
diff --git a/ansible/inventories/hosts b/ansible/inventories/hosts
new file mode 100644
index 0000000..396fff5
--- /dev/null
+++ b/ansible/inventories/hosts
@@ -0,0 +1,15 @@
+
+dc01-ipxesrv01-it-infr.lab.loc ansible_host=10.8.221.2
+
+z-debian-packer-vm ansible_host=10.8.221.115
+z-ubuntu-packer-vm ansible_host=10.8.221.118
+
+aaa ansible_host=10.8.221.200
+
+
+## Do not edit and delete it ##
+## It need for packer templetes ##
+packer-templ
+## Do not edit and delete it ##
+## It need for packer templetes ##
+
diff --git a/ansible/playbooks/os-linux-apt-update.yml b/ansible/playbooks/os-linux-apt-update.yml
index 0d3a3b9..b836923 100644
--- a/ansible/playbooks/os-linux-apt-update.yml
+++ b/ansible/playbooks/os-linux-apt-update.yml
@@ -33,4 +33,4 @@
- name: Run "apt-get clean"
ansible.builtin.apt:
clean: yes
- when: ansible_facts['distribution'] == "Debian"
+ when: ansible_os_family == "Debian"
diff --git a/ansible/playbooks/os-linux-prep-default.yml b/ansible/playbooks/os-linux-prep-default.yml
new file mode 100644
index 0000000..5890337
--- /dev/null
+++ b/ansible/playbooks/os-linux-prep-default.yml
@@ -0,0 +1,9 @@
+---
+
+- hosts: "{{ hosts_target }}"
+ become: true
+ gather_facts: true
+ vars_files:
+ - ~/.secret/.ansible/vars_creds.yml
+ roles:
+ - os-linux-prep-default
diff --git a/ansible/playbooks/os-ping-test.yml b/ansible/playbooks/os-ping-test.yml
index 68c1285..cc3a01c 100644
--- a/ansible/playbooks/os-ping-test.yml
+++ b/ansible/playbooks/os-ping-test.yml
@@ -10,6 +10,6 @@
- name: Debug
debug:
# var: ansible_facts
- msg: " It is {{ansible_facts['distribution'] }} {{ ansible_facts.distribution_major_version }} ( {{ ansible_facts.distribution_release }} )"
+ msg: " It is {{ ansible_os_family }} {{ ansible_facts.distribution_major_version }} ( {{ ansible_facts.distribution_release }} )"
diff --git a/ansible/roles/clean-templ-pole/defaults/main.yml b/ansible/roles/clean-templ-pole/defaults/main.yml
new file mode 100644
index 0000000..ed97d53
--- /dev/null
+++ b/ansible/roles/clean-templ-pole/defaults/main.yml
@@ -0,0 +1 @@
+---
diff --git a/ansible/roles/clean-templ-pole/handlers/main.yml b/ansible/roles/clean-templ-pole/handlers/main.yml
new file mode 100644
index 0000000..ed97d53
--- /dev/null
+++ b/ansible/roles/clean-templ-pole/handlers/main.yml
@@ -0,0 +1 @@
+---
diff --git a/ansible/roles/clean-templ-pole/tasks/main.yml b/ansible/roles/clean-templ-pole/tasks/main.yml
new file mode 100644
index 0000000..e04a13e
--- /dev/null
+++ b/ansible/roles/clean-templ-pole/tasks/main.yml
@@ -0,0 +1,6 @@
+---
+
+- name: Ping
+ import_tasks: ping.yml
+
+
diff --git a/ansible/roles/clean-templ-pole/tasks/ping.yml b/ansible/roles/clean-templ-pole/tasks/ping.yml
new file mode 100644
index 0000000..6529d9b
--- /dev/null
+++ b/ansible/roles/clean-templ-pole/tasks/ping.yml
@@ -0,0 +1,4 @@
+---
+
+- name: ping
+ ping:
diff --git a/ansible/roles/clean-templ-pole/vars/main.yml b/ansible/roles/clean-templ-pole/vars/main.yml
new file mode 100644
index 0000000..cd21505
--- /dev/null
+++ b/ansible/roles/clean-templ-pole/vars/main.yml
@@ -0,0 +1,2 @@
+---
+
diff --git a/ansible/roles/os-linux-prep-default/defaults/main.yml b/ansible/roles/os-linux-prep-default/defaults/main.yml
new file mode 100644
index 0000000..ed97d53
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/defaults/main.yml
@@ -0,0 +1 @@
+---
diff --git a/ansible/roles/os-linux-prep-default/files/first_start.sh b/ansible/roles/os-linux-prep-default/files/first_start.sh
new file mode 100644
index 0000000..77cab36
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/files/first_start.sh
@@ -0,0 +1,84 @@
+#!/bin/bash
+
+echo "First start VM"
+echo "Resize root partition..."
+parted /dev/sda resizepart 2 100%
+pvresize /dev/sda2
+lvextend -y -f -l +100%FREE /dev/vg01/root
+resize2fs /dev/vg01/root
+
+echo "Generete new machine-id"
+rm /etc/machine-id
+systemd-machine-id-setup
+echo "Clean all logs"
+find /var/log -type f,l | xargs rm -f
+
+echo "Recreate new SSHd keys"
+rm -f /etc/ssh/ssh_host_*
+dpkg-reconfigure openssh-server --force -f noninteractive
+
+echo "Make right /etc/network/interfaces"
+if [ -z "$(cat /etc/network/interfaces | grep "inet dhcp")" ]; then
+ # No DHCP
+ iface=$(cat /etc/network/interfaces | grep "iface" | sed '/loopback/d' | awk '{print $2}')
+ ip_add=$(cat /etc/network/interfaces | grep "address" | awk '{print $2}')
+ ip_netm=$(cat /etc/network/interfaces | grep "netmask" | awk '{print $2}')
+ ip_gw=$(cat /etc/network/interfaces | grep "gateway" | awk '{print $2}')
+ echo "
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+auto $iface
+allow-hotplug $iface
+iface $iface inet static
+ address $ip_add
+ netmask $ip_netm
+ gateway $ip_gw
+" > /etc/network/interfaces
+
+echo "Create hostname and hosts"
+ipaddr=$(ip a | grep "scope global" | awk '{print $2}' | sed -r 's/\/.+//')
+host_name=$(hostname -f)
+host_shot_name=$(hostname -s)
+
+echo $host_name > /etc/hostname
+echo "127.0.0.1 localhost" > /etc/hosts
+echo "$ipaddr $host_name $host_shot_name" >> /etc/hosts
+
+else
+ # Yes DHCP
+ iface=$(cat /etc/network/interfaces | grep "iface" | sed '/loopback/d' | awk '{print $2}')
+
+ echo "
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+auto $iface
+allow-hotplug $iface
+iface $iface inet dhcp
+" > /etc/network/interfaces
+
+fi
+rm -f /etc/network/*.BeforeVMwareCustomization
+
+sed '/^\/root\/first_start.sh &/d' -i /etc/rc.local
+
+rm /root/first_start.sh
+
+sleep 5
+
+reboot
diff --git a/ansible/roles/os-linux-prep-default/handlers/main.yml b/ansible/roles/os-linux-prep-default/handlers/main.yml
new file mode 100644
index 0000000..6bcf963
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/handlers/main.yml
@@ -0,0 +1,11 @@
+---
+
+- name: Update config grub on Debian like
+ shell: "update-grub"
+ when: ansible_os_family == "Debian"
+
+- name: Reboot the server from shell
+ shell: 'shutdown -r now "Reboot the server by Ansible"'
+# ignore_errors: true
+ async: 30
+ poll: 0
diff --git a/ansible/roles/os-linux-prep-default/tasks/add-users-admins.yml b/ansible/roles/os-linux-prep-default/tasks/add-users-admins.yml
new file mode 100644
index 0000000..c1ac72c
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/tasks/add-users-admins.yml
@@ -0,0 +1,60 @@
+---
+
+- include_vars: vars/os-creds-admins.yml
+
+- name: Set host facts group for use sudo
+ set_fact: os_group_for_sudo="sudo"
+ when: ansible_os_family == "Debian"
+
+- name: Set host facts group for use sudo
+ set_fact: os_group_for_sudo="wheel"
+ when: ansible_os_family == "RedHat"
+
+- name: Change default for add user create params perm 755 to 700 (Debian)
+ block:
+ - name: Edit options in /etc/adduser.conf
+ lineinfile:
+ path: /etc/adduser.conf
+ line: "{{ item }}"
+ loop:
+ - DIR_MODE=0700
+ - SYS_DIR_MODE=0700
+ when: ansible_os_family == "Debian"
+ - name: Edit options in /etc/login.defs
+ lineinfile:
+ path: /etc/login.defs
+ line: "{{ item }}"
+ loop:
+ - HOME_MODE 0700
+ when: ansible_os_family == "Debian"
+
+- name: Add admins users
+ user:
+ name: "{{ item.username }}"
+ shell: /bin/bash
+ groups: "{{ os_group_for_sudo }}"
+ password: "{{ item.password }}"
+ comment: "{{ item.comment }}"
+ append: yes
+ loop: "{{ os_creds_sysadmins }}"
+ no_log: true
+
+- name: Add SSH keys for admins users
+ authorized_key:
+ user: "{{ item.username }}"
+ state: present
+ key: "{{ item.ssh_key }}"
+ loop: "{{ os_creds_sysadmins }}"
+ no_log: true
+
+- name: Add admins users to /etc/sudoers.d/
+ copy:
+ dest: "/etc/sudoers.d/{{ item.username }}"
+ content: |
+ {{ item.username }} ALL=(ALL) NOPASSWD:ALL
+
+ owner: root
+ group: root
+ mode: '0444'
+ loop: "{{ os_creds_sysadmins }}"
+ no_log: true
diff --git a/ansible/roles/os-linux-prep-default/tasks/ipv6-disable.yml b/ansible/roles/os-linux-prep-default/tasks/ipv6-disable.yml
new file mode 100644
index 0000000..9459116
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/tasks/ipv6-disable.yml
@@ -0,0 +1,12 @@
+---
+
+- name: Disable IPv6
+ block:
+ - name: Add to /etc/default/grub option ipv6.disable=1
+ ansible.builtin.lineinfile:
+ path: /etc/default/grub
+ regexp: '^GRUB_CMDLINE_LINUX="'
+ line: GRUB_CMDLINE_LINUX="ipv6.disable=1"
+ notify:
+ - Update config grub on Debian like
+ when: ansible_os_family == "Debian"
diff --git a/ansible/roles/os-linux-prep-default/tasks/main.yml b/ansible/roles/os-linux-prep-default/tasks/main.yml
new file mode 100644
index 0000000..1a56aed
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+
+#- name: Ping
+# import_tasks: ping.yml
+
+- name: Upload sctipts for first starting system
+ import_tasks: scripts-first-start.yml
+
+- name: IPv6 disable
+ import_tasks: ipv6-disable.yml
+
+- name: Add admins users
+ import_tasks: add-users-admins.yml
+
+- name: Install basic pkg
+ import_tasks: pkg-install.yml
diff --git a/ansible/roles/os-linux-prep-default/tasks/ping.yml b/ansible/roles/os-linux-prep-default/tasks/ping.yml
new file mode 100644
index 0000000..db9b23f
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/tasks/ping.yml
@@ -0,0 +1,8 @@
+---
+
+- name: Prepare default config for OS type of Debian
+ block:
+ - name: Debug
+ debug:
+ msg: '{{ role_path }}'
+ when: ansible_os_family == "Debian"
diff --git a/ansible/roles/os-linux-prep-default/tasks/pkg-install.yml b/ansible/roles/os-linux-prep-default/tasks/pkg-install.yml
new file mode 100644
index 0000000..44dd9fa
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/tasks/pkg-install.yml
@@ -0,0 +1,14 @@
+---
+
+- include_vars: os-pkg-list.yml
+
+- name: Install from list of packages for Debian
+ block:
+ - name: Install from list of packages for Debian
+ apt:
+ state: latest
+ pkg: "{{ debian_install_pkg_list }}"
+ - name: Run "apt-get clean"
+ apt:
+ clean: yes
+ when: ansible_distribution == "Debian"
diff --git a/ansible/roles/os-linux-prep-default/tasks/scripts-first-start.yml b/ansible/roles/os-linux-prep-default/tasks/scripts-first-start.yml
new file mode 100644
index 0000000..2b43ea0
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/tasks/scripts-first-start.yml
@@ -0,0 +1,21 @@
+---
+
+- name: Prepare scripts for custom VMs (First start)
+ block:
+ - name: Copy files to remote system
+ ansible.builtin.copy:
+ src: files/first_start.sh
+ dest: /root/first_start.sh
+ owner: root
+ group: root
+ mode: '0644'
+ - name: Edit /etc/rc.local
+ ansible.builtin.lineinfile:
+ path: /etc/rc.local
+ regexp: '^(exit 0.*)$'
+ line: |
+ /root/first_start.sh &
+ $(sleep 2; chmod 755 /root/first_start.sh | sed '/chmod 755 \/root\/first_start.sh/d' -i /etc/rc.local) &
+ exit 0
+
+ when: ansible_os_family == "Debian"
diff --git a/ansible/roles/os-linux-prep-default/vars/main.yml b/ansible/roles/os-linux-prep-default/vars/main.yml
new file mode 100644
index 0000000..cd21505
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/vars/main.yml
@@ -0,0 +1,2 @@
+---
+
diff --git a/ansible/roles/os-linux-prep-default/vars/os-creds-admins.yml b/ansible/roles/os-linux-prep-default/vars/os-creds-admins.yml
new file mode 100644
index 0000000..2260eb6
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/vars/os-creds-admins.yml
@@ -0,0 +1,4 @@
+---
+
+os_creds_sysadmins:
+ - { username: "user", password: "*", comment: "mr. User", ssh_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC21HOAhC6o25M1oKxKsZxIoxUUeIpb4oqtAdPRNGU4PhJL1g1Cnro+YeF36YnvTKHRzDxS211y/zZBkt7BxOM7qj6dTQSH23jRwGLyfcYv7VyrK1YoxUAXumOJYnhfjVhXoznKnY9++GO9a/1gxQCzjGFMoxAQxFiBMbR/3Ic92ix2SM5aftXl1Mvu3mv45iZimyVIOH5cXdC0XtDSC7EEsdp1Ex6H/GfYabS+cJ55Uyct3orVBSf1LYFLaBNpIx7evXe+bXl81pvW8k/JhYTizoYNEA9rCi+1zaLQMb5LviHM3QqiYjkJbdt2Bd6TVmAfXrJKkj5XXnaMcDqXg8VUKqBenWOSugwagjYYjPRN/pyOeucL+pW1+iv8rAsVxn/0/eliNMn4rExN+Bj6kOmmdrsfqfierffW4DGDJtZlZhfXeZTX8XhdwMt7QUsUdK/Mr14uaEGjhWywX7uqSTnySV1mG4f6vJOyJksZKNSDzK8zH4k3u3onBFbut6NRG+cW4DaScmDbxAkUyurpesPlQkZzcKit6LLscJWZqCrd09zUvHuktnLuhlcicPQPD0B3VhbqVjTvjTDqZX8ZdxrHaRFwfKtv+gqo5Xb2ziS9MxsslxrSe9Ss4w4XkfbZ3BMnyfJWgxHuuyp4Y9gVRE4pFmsoR3v1zpTTHzMGKJKXWw== user@user" }
diff --git a/ansible/roles/os-linux-prep-default/vars/os-pkg-list.yml b/ansible/roles/os-linux-prep-default/vars/os-pkg-list.yml
new file mode 100644
index 0000000..0a91058
--- /dev/null
+++ b/ansible/roles/os-linux-prep-default/vars/os-pkg-list.yml
@@ -0,0 +1,45 @@
+---
+
+debian_install_pkg_list:
+ - net-tools
+ - mc
+ - htop
+ - bash-completion
+ - iotop
+ - iftop
+ - bwm-ng
+ - sysstat
+ - iptraf-ng
+ - iperf3
+ - tcpdump
+ - scsitools
+ - lsscsi
+ - kpartx
+ - toilet
+ - figlet
+ - git
+ - apt-transport-https
+ - sysfsutils
+ - curl
+ - gpg
+ - secure-delete
+ - dnsutils
+ - rpm2cpio
+ - dos2unix
+ - telnet
+ - rsync
+ - sudo
+ - whois
+ - pv
+ - lsof
+ - tmux
+ - hping3
+ - nload
+ - parted
+ - netcat-openbsd
+ - wget
+ - ftp
+ - vim
+ - rsyslog
+ - iptables
+ - man
\ No newline at end of file
diff --git a/packer/linux/build-debian-12-x64.sh b/packer/linux/build-debian-12-x64.sh
index 9a9a10c..a50c361 100755
--- a/packer/linux/build-debian-12-x64.sh
+++ b/packer/linux/build-debian-12-x64.sh
@@ -2,15 +2,17 @@
packer="/usr/bin/packer"
+vm_name="x-debian-packer-vm"
+
# => For logs:
#export PACKER_LOG_PATH=./build-debian-12-amd64.log
export PACKER_LOG=0
creds_vars_file="$HOME/.secret/.packer/vcsrv-creds.pkrvars.hcl"
-
$packer init $HOME/packer/linux/debian-12-x64/
$packer build -force \
-var-file="$creds_vars_file" \
-var-file="$HOME/packer/linux/debian-12-x64/conf.pkrvars.hcl" \
+-var vm_name=$vm_name \
$HOME/packer/linux/debian-12-x64/
diff --git a/packer/linux/build-ubuntu-24.04-x64.sh b/packer/linux/build-ubuntu-24.04-x64.sh
old mode 100755
new mode 100644
index e8a7d4b..1fdf22c
--- a/packer/linux/build-ubuntu-24.04-x64.sh
+++ b/packer/linux/build-ubuntu-24.04-x64.sh
@@ -2,6 +2,8 @@
packer="/usr/bin/packer"
+vm_name="x-ubuntu-packer-vm"
+
# => For logs:
#export PACKER_LOG_PATH=./build-debian-12-amd64.log
export PACKER_LOG=0
@@ -13,5 +15,6 @@ $packer init $HOME/packer/linux/ubuntu-24.04-x64/
$packer build -force \
-var-file="$creds_vars_file" \
-var-file="$HOME/packer/linux/ubuntu-24.04-x64/conf.pkrvars.hcl" \
+-var vm_name=$vm_name \
$HOME/packer/linux/ubuntu-24.04-x64/
diff --git a/packer/linux/debian-12-x64/conf.pkrvars.hcl b/packer/linux/debian-12-x64/conf.pkrvars.hcl
index d58d5b6..7936535 100644
--- a/packer/linux/debian-12-x64/conf.pkrvars.hcl
+++ b/packer/linux/debian-12-x64/conf.pkrvars.hcl
@@ -4,7 +4,7 @@ vcenter_host = "esxi8-01.lab.loc"
vcenter_folder = "VLAN-0221"
vcenter_datastore = "Cluster01-LUN02"
-vm_name = "z-debian-packer-vm"
+//vm_name = "z-debian-packer-vm"
vm_num_cpu = 1
vm_ram = 1024
vm_hardware_version = "20"
diff --git a/packer/linux/debian-12-x64/data/prep-script.sh b/packer/linux/debian-12-x64/data/prep-script.sh
index fcead25..ef6870d 100644
--- a/packer/linux/debian-12-x64/data/prep-script.sh
+++ b/packer/linux/debian-12-x64/data/prep-script.sh
@@ -6,6 +6,13 @@ sudo pvresize /dev/sda2 > /dev/null 2>&1
sudo lvextend -y -f -l +100%FREE /dev/vg01/root > /dev/null 2>&1
sudo resize2fs /dev/vg01/root > /dev/null 2>&1
+echo "Delete password for root and ansb-srv-it"
+sudo usermod -p '*' root
+sudo usermod -p '*' ansb-srv-it
+
+echo "Change perm for /home/ansb-srv-it"
+sudo chmod 700 /home/ansb-srv-it
+
echo "Create rc.local file..."
sudo echo "#!/bin/sh -e
#
@@ -20,9 +27,11 @@ sudo echo "#!/bin/sh -e
#
# By default this script does nothing.
-
exit 0
" > /etc/rc.local
+
+sudo mkdir -p /root/.ansible/tmp
+sudo chmod 700 /root/.ansible/tmp
sudo chown root:root /etc/rc.local
sudo chmod 755 /etc/rc.local
diff --git a/packer/linux/debian-12-x64/debian-12-x64.pkr.hcl b/packer/linux/debian-12-x64/debian-12-x64.pkr.hcl
index 6f12342..1d981a6 100644
--- a/packer/linux/debian-12-x64/debian-12-x64.pkr.hcl
+++ b/packer/linux/debian-12-x64/debian-12-x64.pkr.hcl
@@ -32,7 +32,7 @@ source "vsphere-iso" "debian-12-x64" {
host = var.vcenter_host
datastore = var.vcenter_datastore
folder = var.vcenter_folder
-# convert_to_template = true
+ convert_to_template = true
// ****************
vm_name = var.vm_name
CPUs = var.vm_num_cpu
@@ -85,4 +85,11 @@ build {
]
}
+ provisioner "shell-local" {
+ inline = [
+ "ansible-playbook ~/ansible/playbooks/os-linux-prep-default.yml -l packer-templ -e hosts_target=packer-templ -e ansible_host=${build.Host} -e connection_username=${var.connection_username} -e connection_ssh_private_key_file=${var.connection_ssh_private_key_file}"
+ ]
+ }
+
+
}
diff --git a/packer/linux/debian-12-x64/http/preseed.cfg b/packer/linux/debian-12-x64/http/preseed.cfg
index e52f341..f141f1c 100644
--- a/packer/linux/debian-12-x64/http/preseed.cfg
+++ b/packer/linux/debian-12-x64/http/preseed.cfg
@@ -31,7 +31,7 @@ d-i apt-setup/contrib boolean true
tasksel tasksel/first multiselect none
-d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools sudo parted
+d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools python3 sudo parted
d-i pkgsel/install-language-support boolean false
popularity-contest popularity-contest/participate boolean false
diff --git a/packer/linux/ubuntu-24.04-x64/conf.pkrvars.hcl b/packer/linux/ubuntu-24.04-x64/conf.pkrvars.hcl
index 935113a..c4a6b6c 100644
--- a/packer/linux/ubuntu-24.04-x64/conf.pkrvars.hcl
+++ b/packer/linux/ubuntu-24.04-x64/conf.pkrvars.hcl
@@ -4,7 +4,7 @@ vcenter_host = "esxi8-01.lab.loc"
vcenter_folder = "VLAN-0221"
vcenter_datastore = "Cluster01-LUN02"
-vm_name = "z-ubuntu-packer-vm"
+//vm_name = "z-ubuntu-packer-vm"
vm_num_cpu = 1
vm_ram = 2048
vm_hardware_version = "20"
diff --git a/packer/linux/ubuntu-24.04-x64/data/prep-script.sh b/packer/linux/ubuntu-24.04-x64/data/prep-script.sh
index b8bc3ea..ef6870d 100644
--- a/packer/linux/ubuntu-24.04-x64/data/prep-script.sh
+++ b/packer/linux/ubuntu-24.04-x64/data/prep-script.sh
@@ -27,9 +27,11 @@ sudo echo "#!/bin/sh -e
#
# By default this script does nothing.
-
exit 0
" > /etc/rc.local
+
+sudo mkdir -p /root/.ansible/tmp
+sudo chmod 700 /root/.ansible/tmp
sudo chown root:root /etc/rc.local
sudo chmod 755 /etc/rc.local
diff --git a/packer/linux/ubuntu-24.04-x64/ubuntu-24.04-x64.pkr.hcl b/packer/linux/ubuntu-24.04-x64/ubuntu-24.04-x64.pkr.hcl
index 4610333..1f531ab 100644
--- a/packer/linux/ubuntu-24.04-x64/ubuntu-24.04-x64.pkr.hcl
+++ b/packer/linux/ubuntu-24.04-x64/ubuntu-24.04-x64.pkr.hcl
@@ -85,4 +85,10 @@ build {
]
}
+// provisioner "shell-local" {
+// inline = [
+// "ansible-playbook ~/ansible/playbooks/os-linux-prep-default.yml -l packer-templ -e hosts_target=packer-templ -e ansible_host=${build.Host} -e connection_username=${var.connection_username} -e connection_ssh_private_key_file=${var.connection_ssh_private_key_file}"
+// ]
+// }
+
}