From 5ae5fe2586423b38d17b9be6a57e40ddb8e56c76 Mon Sep 17 00:00:00 2001 From: Sergei Bobkov Date: Thu, 19 Sep 2024 13:29:35 +0300 Subject: [PATCH] Added this repo --- README.md | 6 + ansible/README.md | 14 ++ ansible/hosts | 3 + ansible/inventories/vmware_vm_inventory.yml | 45 ++++++ ansible/playbooks/os-ipxe-vmware-deploy.yml | 9 ++ ansible/playbooks/os-linux-apt-update.yml | 22 +++ ansible/playbooks/os-ping-test.yml | 15 ++ ansible/playbooks/vmware_tmp/vm_get_info.yml | 28 ++++ .../playbooks/vmware_tmp/vm_guest_info.yml | 26 ++++ ansible/roles/os-ipxe-vmware-deploy.sh | 30 ++++ .../os-ipxe-vmware-deploy/defaults/main.yml | 1 + .../os-ipxe-vmware-deploy/handlers/main.yml | 1 + .../tasks/conf_add_ipxesrv.yml | 21 +++ .../tasks/conf_del_ipxesrv.yml | 14 ++ .../os-ipxe-vmware-deploy/tasks/main.yml | 25 +++ .../os-ipxe-vmware-deploy/tasks/vm_create.yml | 53 +++++++ .../os-ipxe-vmware-deploy/tasks/vm_custom.yml | 15 ++ .../os-ipxe-vmware-deploy/tasks/vm_debug.yml | 7 + .../tasks/vm_deploy_os.yml | 13 ++ .../templates/boot.ipxe.j2 | 5 + .../templates/preseed.cfg.j2 | 141 +++++++++++++++++ .../roles/os-ipxe-vmware-deploy/vars/main.yml | 5 + common/README.md | 1 + common/create-iso-preseed/README.md | 8 + .../create-iso-preseed-LOrepo.sh | 49 ++++++ .../create-iso-preseed/create-iso-preseed.sh | 49 ++++++ iPXEdeploy-server/README.md | 18 +++ .../config_files/etc/default/isc-dhcp-server | 18 +++ .../config_files/etc/default/tftpd-hpa | 6 + .../config_files/etc/dhcp/dhcpd.conf | 20 +++ .../config_files/etc/dhcp/dhcpd_tmp.conf | 1 + .../config_files/srv/tftp/undionly.kpxe | 0 .../config_files/var/www/.boot/boot.ipxe | 3 + .../config_files/var/www/.boot/boot.ipxe.bak | 3 + .../var/www/.boot/boot_00:50:56:91:d2:c8.ipxe | 5 + .../www/.images/netinst_deb12x64/initrd.gz | 0 .../var/www/.images/netinst_deb12x64/linux | 0 .../www/.images/netinst_ubu24.04x64/initrd | 0 .../var/www/.images/netinst_ubu24.04x64/linux | 0 .../var/www/.preseeds/def_preseed.cfg | 120 +++++++++++++++ .../var/www/.preseeds/files_common/mc/ini | 144 ++++++++++++++++++ .../www/.preseeds/files_common/mc/panels.ini | 35 +++++ .../www/.preseeds/files_common/skel/.bashrc | 116 ++++++++++++++ .../files_common/update-motd.d/99-custom | 3 + .../.preseeds/preseed_00:50:56:91:d2:c8.cfg | 141 +++++++++++++++++ .../.preseeds/scripts_common/first_start.sh | 10 ++ .../var/www/.preseeds/scripts_common/rc.local | 16 ++ 47 files changed, 1265 insertions(+) create mode 100644 README.md create mode 100644 ansible/README.md create mode 100644 ansible/hosts create mode 100644 ansible/inventories/vmware_vm_inventory.yml create mode 100644 ansible/playbooks/os-ipxe-vmware-deploy.yml create mode 100644 ansible/playbooks/os-linux-apt-update.yml create mode 100644 ansible/playbooks/os-ping-test.yml create mode 100644 ansible/playbooks/vmware_tmp/vm_get_info.yml create mode 100644 ansible/playbooks/vmware_tmp/vm_guest_info.yml create mode 100755 ansible/roles/os-ipxe-vmware-deploy.sh create mode 100644 ansible/roles/os-ipxe-vmware-deploy/defaults/main.yml create mode 100644 ansible/roles/os-ipxe-vmware-deploy/handlers/main.yml create mode 100644 ansible/roles/os-ipxe-vmware-deploy/tasks/conf_add_ipxesrv.yml create mode 100644 ansible/roles/os-ipxe-vmware-deploy/tasks/conf_del_ipxesrv.yml create mode 100644 ansible/roles/os-ipxe-vmware-deploy/tasks/main.yml create mode 100644 ansible/roles/os-ipxe-vmware-deploy/tasks/vm_create.yml create mode 100644 ansible/roles/os-ipxe-vmware-deploy/tasks/vm_custom.yml create mode 100644 ansible/roles/os-ipxe-vmware-deploy/tasks/vm_debug.yml create mode 100644 ansible/roles/os-ipxe-vmware-deploy/tasks/vm_deploy_os.yml create mode 100644 ansible/roles/os-ipxe-vmware-deploy/templates/boot.ipxe.j2 create mode 100644 ansible/roles/os-ipxe-vmware-deploy/templates/preseed.cfg.j2 create mode 100644 ansible/roles/os-ipxe-vmware-deploy/vars/main.yml create mode 100644 common/README.md create mode 100644 common/create-iso-preseed/README.md create mode 100755 common/create-iso-preseed/create-iso-preseed-LOrepo.sh create mode 100755 common/create-iso-preseed/create-iso-preseed.sh create mode 100644 iPXEdeploy-server/README.md create mode 100644 iPXEdeploy-server/config_files/etc/default/isc-dhcp-server create mode 100644 iPXEdeploy-server/config_files/etc/default/tftpd-hpa create mode 100644 iPXEdeploy-server/config_files/etc/dhcp/dhcpd.conf create mode 100644 iPXEdeploy-server/config_files/etc/dhcp/dhcpd_tmp.conf create mode 100644 iPXEdeploy-server/config_files/srv/tftp/undionly.kpxe create mode 100644 iPXEdeploy-server/config_files/var/www/.boot/boot.ipxe create mode 100644 iPXEdeploy-server/config_files/var/www/.boot/boot.ipxe.bak create mode 100644 iPXEdeploy-server/config_files/var/www/.boot/boot_00:50:56:91:d2:c8.ipxe create mode 100644 iPXEdeploy-server/config_files/var/www/.images/netinst_deb12x64/initrd.gz create mode 100644 iPXEdeploy-server/config_files/var/www/.images/netinst_deb12x64/linux create mode 100644 iPXEdeploy-server/config_files/var/www/.images/netinst_ubu24.04x64/initrd create mode 100644 iPXEdeploy-server/config_files/var/www/.images/netinst_ubu24.04x64/linux create mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/def_preseed.cfg create mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/ini create mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/panels.ini create mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/files_common/skel/.bashrc create mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/files_common/update-motd.d/99-custom create mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/preseed_00:50:56:91:d2:c8.cfg create mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/first_start.sh create mode 100644 iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/rc.local diff --git a/README.md b/README.md new file mode 100644 index 0000000..d341ead --- /dev/null +++ b/README.md @@ -0,0 +1,6 @@ +# FAST-RABBIT repo + +
+##This repo has Ansible, Packer by HashiCorp and etc auto tools for maintenance and service IT infrastructure.
+
+ diff --git a/ansible/README.md b/ansible/README.md new file mode 100644 index 0000000..3787471 --- /dev/null +++ b/ansible/README.md @@ -0,0 +1,14 @@ +# Ansible playbooks and roles. + +For secrets and cred vars create /root/.secret/.ansible/vars_creds.yml

+ +`vcenter_hostname: "vcs8srv01.lab.loc"`
+`vcenter_username: "administrator@vsphere.local"`
+`vcenter_password: "XXXXXXXXXXXX"`
+`vcenter_validate_certs: false`
+`vcenter_datacenter: "DC01"`
+
+`ansible_user: "root"`
+`ansible_password: "XXXXXXXX"`
+`#ansible_ssh_private_key_file: '~/.secret/auto-tools/ansible/.ssh/ansb.id_rsa'`
+ diff --git a/ansible/hosts b/ansible/hosts new file mode 100644 index 0000000..cc322f1 --- /dev/null +++ b/ansible/hosts @@ -0,0 +1,3 @@ + +dc01-ipxesrv01-it-infr.lab.loc ansible_host=10.8.221.2 + diff --git a/ansible/inventories/vmware_vm_inventory.yml b/ansible/inventories/vmware_vm_inventory.yml new file mode 100644 index 0000000..af7ea18 --- /dev/null +++ b/ansible/inventories/vmware_vm_inventory.yml @@ -0,0 +1,45 @@ +--- +# +# For use: +# ansible-inventory -i /root/ansible/inventories/vmware_vm_inventory.yml --list -y --output zzz.yml +# cat zzz.yml | grep -i "guestid" | sed 's/^ config.guestId: //' | sed 's/$.*//' | sort | uniq +# +plugin: community.vmware.vmware_vm_inventory +strict: true +hostname: "vcs8srv01.lab.loc" +username: "administrator@vsphere.local" +password: "XXXXXXXXX" +validate_certs: false +with_tags: false +with_folders: true + +#resources: +# - datacenter: +# - 'DC01' +# resources: +# - compute_resource: +# - Cluster01 +# - folder: +# - VLAN-0222 + +hostnames: + - config.name +properties: + - name + - config.name + - guest +# - config.guestId + - summary.runtime.powerState +# - config.datastoreUrl + - config.template + +filters: +- config.template == false +- summary.runtime.powerState == 'poweredOn' + +keyed_groups: + - key: summary.runtime.powerState + separator: '' + +# - key: ipConfig.network +# separator: '' diff --git a/ansible/playbooks/os-ipxe-vmware-deploy.yml b/ansible/playbooks/os-ipxe-vmware-deploy.yml new file mode 100644 index 0000000..8c55d59 --- /dev/null +++ b/ansible/playbooks/os-ipxe-vmware-deploy.yml @@ -0,0 +1,9 @@ +--- + +- hosts: "{{ ipxe_target }}" + become: false + gather_facts: false + vars_files: + - /root/.secret/.ansible/vars_creds.yml + roles: + - os-ipxe-vmware-deploy diff --git a/ansible/playbooks/os-linux-apt-update.yml b/ansible/playbooks/os-linux-apt-update.yml new file mode 100644 index 0000000..5b51c5c --- /dev/null +++ b/ansible/playbooks/os-linux-apt-update.yml @@ -0,0 +1,22 @@ +--- + +- hosts: "{{ hosts_target }}" + become: false + gather_facts: true + vars_files: + - /root/.secret/.ansible/vars_creds.yml + + tasks: + - name: Upgrage system type of Debian + block: + - name: Run "apt update" and "apt upgrade" + ansible.builtin.apt: + upgrade: yes + update_cache: yes + - name: Run "apt autoremove" + ansible.builtin.apt: + autoremove: yes + - name: Run "apt-get clean" + ansible.builtin.apt: + clean: yes + when: ansible_facts['distribution'] == "Debian" diff --git a/ansible/playbooks/os-ping-test.yml b/ansible/playbooks/os-ping-test.yml new file mode 100644 index 0000000..68c1285 --- /dev/null +++ b/ansible/playbooks/os-ping-test.yml @@ -0,0 +1,15 @@ +--- + +- hosts: "{{ hosts_target }}" + become: false + gather_facts: true + vars_files: + - /root/.secret/.ansible/vars_creds.yml + + tasks: + - name: Debug + debug: +# var: ansible_facts + msg: " It is {{ansible_facts['distribution'] }} {{ ansible_facts.distribution_major_version }} ( {{ ansible_facts.distribution_release }} )" + + diff --git a/ansible/playbooks/vmware_tmp/vm_get_info.yml b/ansible/playbooks/vmware_tmp/vm_get_info.yml new file mode 100644 index 0000000..5c4a012 --- /dev/null +++ b/ansible/playbooks/vmware_tmp/vm_get_info.yml @@ -0,0 +1,28 @@ +--- +- name: Get info VM + hosts: localhost + become: false + gather_facts: false + vars: + vars_name: "dc01-ftpsrv01-it-infr.lab.loc" +# vars_name: "debian12-common-templ" + vars_files: + - /root/.secret/.ansible/vars_creds.yml + + tasks: + - name: Get info VM + community.vmware.vmware_vm_info: + hostname: "{{ vcenter_hostname }}" + username: "{{ vcenter_username }}" + password: "{{ vcenter_password }}" + validate_certs: "{{ vcenter_validate_certs }}" +# datacenter: "{{ vcenter_datacenter }}" + vm_name: "{{ vars_name }}" +# vm_type: template + delegate_to: localhost + register: info_vm + + + - name: Print info {{ vars_name }} + debug: + msg: "{{ info_vm }}" diff --git a/ansible/playbooks/vmware_tmp/vm_guest_info.yml b/ansible/playbooks/vmware_tmp/vm_guest_info.yml new file mode 100644 index 0000000..dfb27ad --- /dev/null +++ b/ansible/playbooks/vmware_tmp/vm_guest_info.yml @@ -0,0 +1,26 @@ +--- +- name: Get info VM + hosts: localhost + become: false + gather_facts: false + vars: + vars_name: "dc01-ftpsrv01-it-infr.lab.loc" +# vars_name: "debian12-common-templ" + vars_files: + - /root/.secret/.ansible/vars_creds.yml + + tasks: + - name: Get info VM + community.vmware.vmware_guest: + hostname: "{{ vcenter_hostname }}" + username: "{{ vcenter_username }}" + password: "{{ vcenter_password }}" + validate_certs: "{{ vcenter_validate_certs }}" + datacenter: "{{ vcenter_datacenter }}" + name: "{{ vars_name }}" + delegate_to: localhost + register: gather_info_vm + + - name: Print info {{ vars_name }} + msg: "{{ gather_info_vm }}" + diff --git a/ansible/roles/os-ipxe-vmware-deploy.sh b/ansible/roles/os-ipxe-vmware-deploy.sh new file mode 100755 index 0000000..a20e4c5 --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# *********** + +ipxe_target="dc01-ipxesrv01-it-infr.lab.loc" +ipxe_net_name="VLAN-0221" + +vm_name="zdc01-testsrv01-it-infr.lab.loc" +vm_folder="VLAN-0011" +vm_guest_id="debian12_64Guest" +vm_datastore="Cluster01-LUN02" +vm_net_name="VLAN-0011" + +vm_ip_addr="10.8.11.55" +vm_ip_mask="255.255.255.0" +vm_ip_gw="10.8.11.1" +vm_ip_dns="10.12.90.1" +vm_ip_domain="lab.loc" +vm_ip_search="lab.loc" + + +# *********** + +/usr/bin/ansible-playbook /root/ansible/playbooks/os-ipxe-vmware-deploy.yml \ +-e "ipxe_target=$ipxe_target ipxe_net_name=$ipxe_net_name \ +vm_name=$vm_name vm_folder=$vm_folder vm_guest_id=$vm_guest_id vm_datastore=$vm_datastore vm_net_name=$vm_net_name \ +vm_ip_addr=$vm_ip_addr vm_ip_mask=$vm_ip_mask vm_ip_gw=$vm_ip_gw vm_ip_dns=$vm_ip_dns vm_ip_domain=$vm_ip_domain \ +vm_ip_search=$vm_ip_search" + +# *********** diff --git a/ansible/roles/os-ipxe-vmware-deploy/defaults/main.yml b/ansible/roles/os-ipxe-vmware-deploy/defaults/main.yml new file mode 100644 index 0000000..ed97d53 --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/defaults/main.yml @@ -0,0 +1 @@ +--- diff --git a/ansible/roles/os-ipxe-vmware-deploy/handlers/main.yml b/ansible/roles/os-ipxe-vmware-deploy/handlers/main.yml new file mode 100644 index 0000000..ed97d53 --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/handlers/main.yml @@ -0,0 +1 @@ +--- diff --git a/ansible/roles/os-ipxe-vmware-deploy/tasks/conf_add_ipxesrv.yml b/ansible/roles/os-ipxe-vmware-deploy/tasks/conf_add_ipxesrv.yml new file mode 100644 index 0000000..97cf666 --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/tasks/conf_add_ipxesrv.yml @@ -0,0 +1,21 @@ +--- +- name: Copy from template boot.ipxe + ansible.builtin.template: + src: boot.ipxe.j2 + dest: "{{ path_ipxe_boot }}/boot_{{ vm_macaddress }}.ipxe" + + +- name: Copy from template preseed.cfg + ansible.builtin.template: + src: preseed.cfg.j2 + dest: "{{ path_preseed }}/preseed_{{ vm_macaddress }}.cfg" + +- name: Add config to DHCP server + ansible.builtin.lineinfile: + path: "{{ path_dhcp_conf }}" + line: 'host {{ vm_name | regex_replace("\..*","") }} { hardware ethernet {{ vm_macaddress }}; if exists user-class and option user-class = "iPXE" { filename "http://${next-server}:80/.boot/boot_{{ vm_macaddress }}.ipxe";} else { filename "undionly.kpxe"; }}' + +- name: Restart DHCP service + ansible.builtin.systemd_service: + state: restarted + name: isc-dhcp-server diff --git a/ansible/roles/os-ipxe-vmware-deploy/tasks/conf_del_ipxesrv.yml b/ansible/roles/os-ipxe-vmware-deploy/tasks/conf_del_ipxesrv.yml new file mode 100644 index 0000000..49223b0 --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/tasks/conf_del_ipxesrv.yml @@ -0,0 +1,14 @@ +--- +- name: Delete config to DHCP server + ansible.builtin.lineinfile: + path: "{{ path_dhcp_conf }}" + state: absent + line: 'host {{ vm_name | regex_replace("\..*","") }} { hardware ethernet {{ vm_macaddress }}; if exists user-class and option user-class = "iPXE" { filename "http://${next-server}:80/.boot/boot_{{ vm_macaddress }}.ipxe";} else { filename "undionly.kpxe"; }}' + +- name: Remove config files + ansible.builtin.file: + path: "{{ item }}" + state: absent + loop: + - "{{ path_ipxe_boot }}/boot_{{ vm_macaddress }}.ipxe" + - "{{ path_preseed }}/preseed_{{ vm_macaddress }}.cfg" diff --git a/ansible/roles/os-ipxe-vmware-deploy/tasks/main.yml b/ansible/roles/os-ipxe-vmware-deploy/tasks/main.yml new file mode 100644 index 0000000..160a6e9 --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/tasks/main.yml @@ -0,0 +1,25 @@ +--- + +#- name: Debug +# import_tasks: vm_debug.yml +# tags: +# - always + +- name: Create new VM + import_tasks: vm_create.yml + +- name: Config add for iPXE and DHCP + import_tasks: conf_add_ipxesrv.yml + +- name: Deplay OS + import_tasks: vm_deploy_os.yml + +- name: Config del for iPXE and DHCP + import_tasks: conf_del_ipxesrv.yml + +- name: Custom VMs + import_tasks: vm_custom.yml + + + + diff --git a/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_create.yml b/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_create.yml new file mode 100644 index 0000000..8bf6b8a --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_create.yml @@ -0,0 +1,53 @@ +--- + +- name: Create a VM + community.vmware.vmware_guest: + hostname: "{{ vcenter_hostname }}" + username: "{{ vcenter_username }}" + password: "{{ vcenter_password }}" + validate_certs: "{{ vcenter_validate_certs }}" + datacenter: "{{ vcenter_datacenter }}" + folder: "{{ vm_folder }}" + name: "{{ vm_name }}" + state: poweredon + guest_id: "{{ vm_guest_id }}" + datastore: "{{ vm_datastore }}" + disk: + - size_gb: 4 + type: thin + datastore: " {{ vm_datastore }}" + hardware: + memory_mb: 1024 + num_cpus: 1 + networks: + - name: "{{ ipxe_net_name }}" + device_type: vmxnet3 + delegate_to: localhost + register: gather_create_vm + +- name: Set facts vm_macaddress + set_fact: + vm_macaddress: "{{ gather_create_vm.instance.hw_eth0.macaddress }}" + delegation: localhost + +- name: Set facts vm iface num + set_fact: + vm_iface_num: "{{ gather_create_vm.instance.advanced_settings['ethernet0.pciSlotNumber'] }}" + delegation: localhost + +- name: Set facts vm_name_shot + set_fact: + vm_name_shot: "{{ vm_name.split('.')[0] }}" + delegation: localhost + + +#debug#- name: Debug +#debug# debug: +#debug# msg: "{{ gather_create_vm }}" +#debug#- name: Debug +#debug# debug: +#debug# msg: "ens + {{ vm_iface_num }} // {{ vm_macaddress }}" + + + + diff --git a/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_custom.yml b/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_custom.yml new file mode 100644 index 0000000..21a7b4e --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_custom.yml @@ -0,0 +1,15 @@ +--- + +- name: Custom VMs + community.vmware.vmware_guest: + hostname: "{{ vcenter_hostname }}" + username: "{{ vcenter_username }}" + password: "{{ vcenter_password }}" + validate_certs: "{{ vcenter_validate_certs }}" + datacenter: "{{ vcenter_datacenter }}" + folder: "{{ vm_folder }}" + name: "{{ vm_name }}" + networks: + - name: "{{ vm_net_name }}" + delegate_to: localhost + register: gather_create_vm diff --git a/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_debug.yml b/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_debug.yml new file mode 100644 index 0000000..16f2d75 --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_debug.yml @@ -0,0 +1,7 @@ +--- + + +- name: Debug + debug: + + msg: '{{ vm_name | regex_replace("\..*","") }}' diff --git a/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_deploy_os.yml b/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_deploy_os.yml new file mode 100644 index 0000000..ba41e1a --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/tasks/vm_deploy_os.yml @@ -0,0 +1,13 @@ +--- +- name: Wait for VMware tools to become available + community.vmware.vmware_guest_tools_wait: + hostname: "{{ vcenter_hostname }}" + username: "{{ vcenter_username }}" + password: "{{ vcenter_password }}" + validate_certs: "{{ vcenter_validate_certs }}" + datacenter: "{{ vcenter_datacenter }}" + folder: "{{ vm_folder }}" + name: "{{ vm_name }}" + timeout: 600 + delegate_to: localhost + register: gather_guest_vm diff --git a/ansible/roles/os-ipxe-vmware-deploy/templates/boot.ipxe.j2 b/ansible/roles/os-ipxe-vmware-deploy/templates/boot.ipxe.j2 new file mode 100644 index 0000000..459f5ac --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/templates/boot.ipxe.j2 @@ -0,0 +1,5 @@ +#!ipxe + +kernel http://${next-server}/.images/netinst_deb12x64/linux ipv6.disable=1 auto=true netcfg/dhcp_timeout=30 priority=critical locale=en_US preseed/url=http://${next-server}/.preseeds/preseed_{{ vm_macaddress }}.cfg +initrd http://${next-server}/.images/netinst_deb12x64/initrd.gz +boot diff --git a/ansible/roles/os-ipxe-vmware-deploy/templates/preseed.cfg.j2 b/ansible/roles/os-ipxe-vmware-deploy/templates/preseed.cfg.j2 new file mode 100644 index 0000000..1e69c8b --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/templates/preseed.cfg.j2 @@ -0,0 +1,141 @@ +# Language and Locale +d-i debian-installer/language string en +d-i debian-installer/country string RU +d-i debian-installer/locale string en_US.UTF-8 + +# Hostname +d-i netcfg/get_hostname string unassigned-hostname +d-i netcfg/get_domain string unassigned-domain + +# Keyboard +d-i keymap select us +d-i console-keymaps-at/keymap select us +d-i keyboard-configuration/xkb-keymap select us + +# Timezone / Time +d-i time/zone string Europe/Moscow +d-i clock-setup/utc boolean true + + +# Package Configuration +d-i pkgsel/upgrade select full-upgrade +#d-i mirror/country string TR +d-i mirror/country string manual +d-i mirror/http/hostname string reposrv.lab.loc +d-i mirror/http/directory string /debian +d-i apt-setup/services-select multiselect security, updates +d-i apt-setup/security_host string reposrv.lab.loc + +d-i apt-setup/non-free boolean true +d-i apt-setup/contrib boolean true + +tasksel tasksel/first multiselect none +d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools mc htop bash-completion iotop iftop bwm-ng sysstat iptraf-ng iperf3 ethtool tcpdump scsitools lsscsi kpartx toilet figlet git apt-transport-https sysfsutils curl ethtool secure-delete dnsutils net-tools rpm2cpio dos2unix telnet rsync sudo whois pv screen lsof tmux hping3 nload parted netcat-openbsd wget vim rsyslog iptables man +d-i pkgsel/install-language-support boolean false +popularity-contest popularity-contest/participate boolean false + +# Partitioning +d-i partman/mount_style select uuid +d-i partman-auto/disk string /dev/sda +d-i partman-basicfilesystems/choose_label string gpt +d-i partman-basicfilesystems/default_label string gpt +d-i partman-partitioning/choose_label string gpt +d-i partman-partitioning/default_label string gpt +d-i partman/choose_label string gpt +d-i partman/default_label string gpt +d-i partman-auto/method string lvm +d-i partman-auto/purge_lvm_from_device boolean true +d-i partman-auto/choose_recipe select gpt-boot-lvm +d-i partman-auto-lvm/new_vg_name string vg01 +d-i partman-auto/expert_recipe string \ + gpt-boot-lvm :: \ + 1 1 1 free \ + $bios_boot{ } \ + method{ biosgrub } \ + . \ + 537 537 537 linux-swap \ + $defaultignore{ } \ + $lvmok{ } \ + lv_name{ swap } \ + method{ swap } \ + format{ } \ + . \ + 2600 2600 -1 ext4 \ + $defaultignore{ } \ + $lvmok{ } \ + lv_name{ root } \ + method{ format } \ + format{ } \ + use_filesystem{ } \ + filesystem{ ext4 } \ + mountpoint{ / } \ + . +d-i partman-auto-lvm/no_boot boolean true +d-i partman/confirm boolean true +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-lvm/confirm boolean true +d-i partman/choose_partition select Finish partitioning and write changes to disk +d-i partman/confirm_nooverwrite boolean true +d-i partman/mount_style select uuid + + +# mkpasswd -s -m sha-512 +# +d-i passwd/root-login boolean true +d-i passwd/root-password-crypted password $6$vWJHdzEQUi4x9.cd$usa.oXjqhviC1bAi4vc95o0B17LVMekzn/P5C8Q2JyFWNQj3cfntd7YzcRiNAFUCH4i4F8Y0nOS/j66rAvxov1 + +d-i passwd/make-user boolean false +#d-i passwd/user-fullname string user +#d-i passwd/username string user +#d-i passwd/user-password-crypted password $6$Xdo2ihdwRlBgvpQB$wPZTb9IvmjE8Y5XHsgT/OL.dPaWhna5EzLFgfWXjQ3k5NnLJqzCnb/mKBzkGQpcjSLhQCXyXqOZ0ji5E.Mu1c/ + +d-i user-setup/allow-password-weak boolean true +d-i user-setup/encrypt-home boolean false + +d-i grub-installer/bootdev string /dev/sda + +d-i debian-installer/splash boolean false + +d-i finish-install/reboot_in_progress note +d-i preseed/late_command string in-target /bin/sh -c "cd /root;curl http://10.8.221.2/.preseeds/files_common/skel/.bashrc > .bashrc;cd /root;mkdir .config;mkdir ./.config/mc;chmod -R 700 .config;cd /root/.config/mc;curl http://10.8.221.2/.preseeds/files_common/mc/ini > ini;curl http://10.8.221.2/.preseeds/files_common/mc/panels.ini > panels.ini"; \ +in-target /bin/sh -c "sed -i 's/^#PermitRootLogin prohibit-password/#PermitRootLogin prohibit-password\nPermitRootLogin yes/' /etc/ssh/sshd_config; sed -i 's/^PermitRootLogin without-password/#PermitRootLogin without-password\nPermitRootLogin yes/' /etc/ssh/sshd_config"; \ +in-target /bin/sh -c "echo '#!/bin/bash' > /etc/update-motd.d/99-custom"; \ +in-target /bin/sh -c "echo \"echo; hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay\" >> /etc/update-motd.d/99-custom"; \ +in-target chmod 755 /etc/update-motd.d/99-custom; \ +in-target mkdir -p /root/.ssh; \ +in-target /bin/sh -c "echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDrHbdpfwqnQdPXnpX70Bq8Msq7bcLUuTRWT/JqwTtbEBDEvJCjNUJiJlefqrAFP58qew2u826olTuRqfDhb/lsBPUFUzU63aWmEAdhITTsYQYof9o2FKzDwK/qc1Bz17UELWlruNHdTjciz6BV+9ZLqNwmQ1CXO2rSt5D57Bv13LRtlTZ1LOIvA3HGr0NmCjr+FmHvihNqinSkqfdfd6SMMqwYEFvHscH2bazGZorqKwHc7q7INOSsU5JPlX2SbcstcMclocAWmX+DdbylZRtuEVky4vZqmGJjPQ3w5Ng5nLa1BEIDk3Hc7vW5BJsCM8mqTmmgWVnZHpakAOaFvjgcevKTr7fEyELzbOO42MUu29HjMP24VZnpdQJxc1zZ9UXCGW1Rd0b3hll8SAbYBBOeYNt+yGR8j8uPeP9sHhuEIRgMwKgHSVTF5ZaeqUneQcawrRGLg5++nyze/wMqCLYCSUykxxZYuhCk1cxPlGoXNokGWkQDinm+IlG9AxKI6C72qGhSZTBZPkD7qlY+HftnZHa8RGh0mc8ANhxOcXbZzBBaSHm7Dbf/Nc/0T58V1DJnwUmY3Y87E9rvkiN+PhSxzNgLfPeNtJHVyvA76ONEgieOIPU288nkKHDIwNhzb3fS6BajMq05ZgP49qsaLfcUTlYfHgkuWXjfne9ADNSsJw== root@local.local' >> /root/.ssh/authorized_keys"; \ +in-target chown -R root:root /root/.ssh; \ +in-target chmod 600 /root/.ssh/authorized_keys; \ +in-target chmod 700 /root/.ssh; \ +in-target sed -i 's/quiet/quiet ipv6.disable=1/' /etc/default/grub; \ +in-target /bin/sh -c "update-grub"; \ +in-target /bin/sh -c "curl http://10.8.221.2/.preseeds/scripts_common/rc.local > /etc/rc.local; curl http://10.8.221.2/.preseeds/scripts_common/first_start.sh > /root/first_start.sh"; \ +in-target chmod 755 /etc/rc.local; \ +in-target chmod 755 /root/first_start.sh; \ +in-target /bin/sh -c "update-alternatives --set iptables /usr/sbin/iptables-legacy"; \ +in-target /bin/sh -c "echo > /etc/network/interfaces"; \ +in-target /bin/sh -c "echo 'source /etc/network/interfaces.d/*' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo 'auto lo' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo 'iface lo inet loopback' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo 'auto ens{{ vm_iface_num }}' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo 'allow-hotplug ens{{ vm_iface_num }}' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo ' iface ens{{ vm_iface_num }} inet static' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo ' address {{ vm_ip_addr }}' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo ' netmask {{ vm_ip_mask }}' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo ' gateway {{ vm_ip_gw }}' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo '{{ vm_name }}' > /etc/hostname"; \ +in-target /bin/sh -c "echo '127.0.0.1 localhost' > /etc/hosts"; \ +in-target /bin/sh -c "echo '{{ vm_ip_addr }} {{ vm_name }} {{ vm_name_shot }}' >> /etc/hosts"; \ +in-target /bin/sh -c "echo >> /etc/hosts"; \ +in-target /bin/sh -c "echo '# The following lines are desirable for IPv6 capable hosts' >> /etc/hosts"; \ +in-target /bin/sh -c "echo '::1 localhost ip6-localhost ip6-loopback' >> /etc/hosts"; \ +in-target /bin/sh -c "echo 'ff02::1 ip6-allnodes' >> /etc/hosts"; \ +in-target /bin/sh -c "echo 'ff02::2 ip6-allrouters' >> /etc/hosts"; \ +in-target /bin/sh -c "echo 'domain {{ vm_ip_domain }}' > /etc/resolv.conf"; \ +in-target /bin/sh -c "echo 'search {{ vm_ip_search }}' >> /etc/resolv.conf"; \ +in-target /bin/sh -c "echo 'nameserver {{ vm_ip_dns }}' >> /etc/resolv.conf" + diff --git a/ansible/roles/os-ipxe-vmware-deploy/vars/main.yml b/ansible/roles/os-ipxe-vmware-deploy/vars/main.yml new file mode 100644 index 0000000..2a9c6c9 --- /dev/null +++ b/ansible/roles/os-ipxe-vmware-deploy/vars/main.yml @@ -0,0 +1,5 @@ +--- + +path_ipxe_boot: "/var/www/html/.boot" +path_dhcp_conf: "/etc/dhcp/dhcpd_tmp.conf" +path_preseed: "/var/www/html/.preseeds" diff --git a/common/README.md b/common/README.md new file mode 100644 index 0000000..a0aec07 --- /dev/null +++ b/common/README.md @@ -0,0 +1 @@ +# Fastrabbit common repo diff --git a/common/create-iso-preseed/README.md b/common/create-iso-preseed/README.md new file mode 100644 index 0000000..a5dab9e --- /dev/null +++ b/common/create-iso-preseed/README.md @@ -0,0 +1,8 @@ +# Create Debian netinstall iso with my preseed + +Install `apt install xorriso`
+
+File create-iso-preseed.sh for use common Debian repo
+
+File create-iso-preseed-LOrepo.sh for use local repo server
+
diff --git a/common/create-iso-preseed/create-iso-preseed-LOrepo.sh b/common/create-iso-preseed/create-iso-preseed-LOrepo.sh new file mode 100755 index 0000000..c24341f --- /dev/null +++ b/common/create-iso-preseed/create-iso-preseed-LOrepo.sh @@ -0,0 +1,49 @@ +#!/bin/bash + +orig_iso='/mini.iso' +iso_mnt='/mnt/iso' +new_files='/mnt/iso_new' +new_iso='/debian-12-my-preseed-amd64-LOREPO.iso' +mbr_template='/mnt/iso_new/isohdpfx.bin' + + +wget https://deb.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/netboot/mini.iso -O /mini.iso + +mkdir $iso_mnt +mkdir $new_files + +mount -o loop /mini.iso $iso_mnt +cp -vRTa $iso_mnt $new_files +umount $iso_mnt + +sed 's/\/linux vga=788 --- quiet/\/linux vga=788 ipv6.disable=1 auto=true netcfg\/dhcp_timeout=30 priority=critical locale=en_US preseed\/url=http:\/\/aassdd.ru\/.my-preseed\/debian\/preseed_lorepo.cfg ---/' -i $new_files/boot/grub/grub.cfg +sed 's/append vga=788 initrd=initrd.gz --- quiet/append vga=788 initrd=initrd.gz ipv6.disable=1 auto=true netcfg\/dhcp_timeout=30 priority=critical locale=en_US preseed\/url=http:\/\/aassdd.ru\/.my-preseed\/debian\/preseed_lorepo.cfg ---/' -i $new_files/txt.cfg + +# ************************ +# ************************ + +# Extract MBR template file to disk +dd if="$orig_iso" bs=1 count=432 of="$mbr_template" + +# Create the new ISO image +xorriso -as mkisofs \ +-r -V 'Debian my preseed amd64 n' \ +-o "$new_iso" \ +-J -J -joliet-long -cache-inodes \ +-isohybrid-mbr "$mbr_template" \ +-b isolinux.bin \ +-c boot.cat \ +-boot-load-size 4 -boot-info-table -no-emul-boot \ +-eltorito-alt-boot \ +-e boot/grub/efi.img \ +-no-emul-boot -isohybrid-gpt-basdat -isohybrid-apm-hfsplus \ +"$new_files" +# ************************ +# ************************ + +rm -fr $orig_iso +rm -fr $iso_mnt +rm -fr $new_files + + + diff --git a/common/create-iso-preseed/create-iso-preseed.sh b/common/create-iso-preseed/create-iso-preseed.sh new file mode 100755 index 0000000..223e197 --- /dev/null +++ b/common/create-iso-preseed/create-iso-preseed.sh @@ -0,0 +1,49 @@ +#!/bin/bash + +orig_iso='/mini.iso' +iso_mnt='/mnt/iso' +new_files='/mnt/iso_new' +new_iso='/debian-12-my-preseed-amd64.iso' +mbr_template='/mnt/iso_new/isohdpfx.bin' + + +wget https://deb.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/netboot/mini.iso -O /mini.iso + +mkdir $iso_mnt +mkdir $new_files + +mount -o loop /mini.iso $iso_mnt +cp -vRTa $iso_mnt $new_files +umount $iso_mnt + +sed 's/\/linux vga=788 --- quiet/\/linux vga=788 ipv6.disable=1 auto=true netcfg\/dhcp_timeout=30 priority=critical locale=en_US preseed\/url=http:\/\/aassdd.ru\/.my-preseed\/debian\/preseed.cfg ---/' -i $new_files/boot/grub/grub.cfg +sed 's/append vga=788 initrd=initrd.gz --- quiet/append vga=788 initrd=initrd.gz ipv6.disable=1 auto=true netcfg\/dhcp_timeout=30 priority=critical locale=en_US preseed\/url=http:\/\/aassdd.ru\/.my-preseed\/debian\/preseed.cfg ---/' -i $new_files/txt.cfg + +# ************************ +# ************************ + +# Extract MBR template file to disk +dd if="$orig_iso" bs=1 count=432 of="$mbr_template" + +# Create the new ISO image +xorriso -as mkisofs \ +-r -V 'Debian my preseed amd64 n' \ +-o "$new_iso" \ +-J -J -joliet-long -cache-inodes \ +-isohybrid-mbr "$mbr_template" \ +-b isolinux.bin \ +-c boot.cat \ +-boot-load-size 4 -boot-info-table -no-emul-boot \ +-eltorito-alt-boot \ +-e boot/grub/efi.img \ +-no-emul-boot -isohybrid-gpt-basdat -isohybrid-apm-hfsplus \ +"$new_files" +# ************************ +# ************************ + +rm -fr $orig_iso +rm -fr $iso_mnt +rm -fr $new_files + + + diff --git a/iPXEdeploy-server/README.md b/iPXEdeploy-server/README.md new file mode 100644 index 0000000..e84f42f --- /dev/null +++ b/iPXEdeploy-server/README.md @@ -0,0 +1,18 @@ +# It is config iPXE deploy server for auto debloy VMs
+ +This repo for working with Ansible playbook os-ipxe-vmware-deploy.yml (os-ipxe-vmware-deploy.sh).
+You can use it for auto deploying VMs in VMware vSphere.
+
+## Steps
+1. Add env in os-ipxe-vmware-deploy.sh (name VM, iPXE network, folder etc)
+2. Run os-ipxe-vmware-deploy.sh
+3. As result, you get installed VMs.
+
+## For prepare iPXE server
+1. Install service TFTP, DHCP-server and Nginx and etc
+`apt install isc-dhcp-server nginx tftpd-hpa`
+`apt download ipxe` (you can search undionly.kpxe)
+`wget wget https://deb.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/netboot/mini.iso` (for extract 2 files: linux initrd.gz)
+2. Make configs from examples
+`See to repo`
+ diff --git a/iPXEdeploy-server/config_files/etc/default/isc-dhcp-server b/iPXEdeploy-server/config_files/etc/default/isc-dhcp-server new file mode 100644 index 0000000..869cb06 --- /dev/null +++ b/iPXEdeploy-server/config_files/etc/default/isc-dhcp-server @@ -0,0 +1,18 @@ +# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server) + +# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf). +#DHCPDv4_CONF=/etc/dhcp/dhcpd.conf +#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf + +# Path to dhcpd's PID file (default: /var/run/dhcpd.pid). +#DHCPDv4_PID=/var/run/dhcpd.pid +#DHCPDv6_PID=/var/run/dhcpd6.pid + +# Additional options to start dhcpd with. +# Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead +#OPTIONS="" + +# On what interfaces should the DHCP server (dhcpd) serve DHCP requests? +# Separate multiple interfaces with spaces, e.g. "eth0 eth1". +INTERFACESv4="ens192" +INTERFACESv6="" diff --git a/iPXEdeploy-server/config_files/etc/default/tftpd-hpa b/iPXEdeploy-server/config_files/etc/default/tftpd-hpa new file mode 100644 index 0000000..8d59a37 --- /dev/null +++ b/iPXEdeploy-server/config_files/etc/default/tftpd-hpa @@ -0,0 +1,6 @@ +# /etc/default/tftpd-hpa + +TFTP_USERNAME="tftp" +TFTP_DIRECTORY="/srv/tftp" +TFTP_ADDRESS="10.8.221.2:69" +TFTP_OPTIONS="--secure -l --ipv4" diff --git a/iPXEdeploy-server/config_files/etc/dhcp/dhcpd.conf b/iPXEdeploy-server/config_files/etc/dhcp/dhcpd.conf new file mode 100644 index 0000000..3aab5a8 --- /dev/null +++ b/iPXEdeploy-server/config_files/etc/dhcp/dhcpd.conf @@ -0,0 +1,20 @@ +default-lease-time 3600; +max-lease-time 2400; +authoritative; +ddns-update-style none; +log-facility local7; +local-address 10.8.221.2; + +subnet 10.8.221.0 netmask 255.255.255.0 { + range 10.8.221.10 10.8.221.200; + option subnet-mask 255.255.255.0; + option broadcast-address 10.8.221.255; + option domain-name "lab.loc"; + option domain-name-servers 10.12.90.1; + option routers 10.8.221.1; + next-server 10.8.221.2; +} + +if exists user-class and option user-class = "iPXE" { filename "http://${next-server}:80/.boot/boot.ipxe";} else { filename "undionly.kpxe"; } + +include "/etc/dhcp/dhcpd_tmp.conf"; diff --git a/iPXEdeploy-server/config_files/etc/dhcp/dhcpd_tmp.conf b/iPXEdeploy-server/config_files/etc/dhcp/dhcpd_tmp.conf new file mode 100644 index 0000000..31b4899 --- /dev/null +++ b/iPXEdeploy-server/config_files/etc/dhcp/dhcpd_tmp.conf @@ -0,0 +1 @@ +host zdc01-testsrv01-it-infr { hardware ethernet 00:50:56:91:d2:c8; if exists user-class and option user-class = "iPXE" { filename "http://${next-server}:80/.boot/boot_00:50:56:91:d2:c8.ipxe";} else { filename "undionly.kpxe"; }} diff --git a/iPXEdeploy-server/config_files/srv/tftp/undionly.kpxe b/iPXEdeploy-server/config_files/srv/tftp/undionly.kpxe new file mode 100644 index 0000000..e69de29 diff --git a/iPXEdeploy-server/config_files/var/www/.boot/boot.ipxe b/iPXEdeploy-server/config_files/var/www/.boot/boot.ipxe new file mode 100644 index 0000000..8e8cabc --- /dev/null +++ b/iPXEdeploy-server/config_files/var/www/.boot/boot.ipxe @@ -0,0 +1,3 @@ +#!ipxe + +reboot diff --git a/iPXEdeploy-server/config_files/var/www/.boot/boot.ipxe.bak b/iPXEdeploy-server/config_files/var/www/.boot/boot.ipxe.bak new file mode 100644 index 0000000..8e8cabc --- /dev/null +++ b/iPXEdeploy-server/config_files/var/www/.boot/boot.ipxe.bak @@ -0,0 +1,3 @@ +#!ipxe + +reboot diff --git a/iPXEdeploy-server/config_files/var/www/.boot/boot_00:50:56:91:d2:c8.ipxe b/iPXEdeploy-server/config_files/var/www/.boot/boot_00:50:56:91:d2:c8.ipxe new file mode 100644 index 0000000..9628ede --- /dev/null +++ b/iPXEdeploy-server/config_files/var/www/.boot/boot_00:50:56:91:d2:c8.ipxe @@ -0,0 +1,5 @@ +#!ipxe + +kernel http://${next-server}/.images/netinst_deb12x64/linux ipv6.disable=1 auto=true netcfg/dhcp_timeout=30 priority=critical locale=en_US preseed/url=http://${next-server}/.preseeds/preseed_00:50:56:91:d2:c8.cfg +initrd http://${next-server}/.images/netinst_deb12x64/initrd.gz +boot diff --git a/iPXEdeploy-server/config_files/var/www/.images/netinst_deb12x64/initrd.gz b/iPXEdeploy-server/config_files/var/www/.images/netinst_deb12x64/initrd.gz new file mode 100644 index 0000000..e69de29 diff --git a/iPXEdeploy-server/config_files/var/www/.images/netinst_deb12x64/linux b/iPXEdeploy-server/config_files/var/www/.images/netinst_deb12x64/linux new file mode 100644 index 0000000..e69de29 diff --git a/iPXEdeploy-server/config_files/var/www/.images/netinst_ubu24.04x64/initrd b/iPXEdeploy-server/config_files/var/www/.images/netinst_ubu24.04x64/initrd new file mode 100644 index 0000000..e69de29 diff --git a/iPXEdeploy-server/config_files/var/www/.images/netinst_ubu24.04x64/linux b/iPXEdeploy-server/config_files/var/www/.images/netinst_ubu24.04x64/linux new file mode 100644 index 0000000..e69de29 diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/def_preseed.cfg b/iPXEdeploy-server/config_files/var/www/.preseeds/def_preseed.cfg new file mode 100644 index 0000000..9186a40 --- /dev/null +++ b/iPXEdeploy-server/config_files/var/www/.preseeds/def_preseed.cfg @@ -0,0 +1,120 @@ +# Language and Locale +d-i debian-installer/language string en +d-i debian-installer/country string RU +d-i debian-installer/locale string en_US.UTF-8 + +# Hostname +d-i netcfg/get_hostname string unassigned-hostname +d-i netcfg/get_domain string unassigned-domain + +# Keyboard +d-i keymap select us +d-i console-keymaps-at/keymap select us +d-i keyboard-configuration/xkb-keymap select us + +# Timezone / Time +d-i time/zone string Europe/Moscow +d-i clock-setup/utc boolean true + + +# Package Configuration +d-i pkgsel/upgrade select full-upgrade +#d-i mirror/country string TR +d-i mirror/country string manual +d-i mirror/http/hostname string reposrv.lab.loc +d-i mirror/http/directory string /debian +d-i apt-setup/services-select multiselect security, updates +d-i apt-setup/security_host string reposrv.lab.loc + +d-i apt-setup/non-free boolean true +d-i apt-setup/contrib boolean true + +tasksel tasksel/first multiselect none +d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools mc htop bash-completion iotop iftop bwm-ng sysstat iptraf-ng iperf3 ethtool tcpdump scsitools lsscsi kpartx toilet figlet git apt-transport-https sysfsutils curl ethtool secure-delete dnsutils net-tools rpm2cpio dos2unix telnet rsync sudo whois pv screen lsof tmux hping3 nload parted netcat-openbsd wget vim rsyslog iptables man +d-i pkgsel/install-language-support boolean false +popularity-contest popularity-contest/participate boolean false + +# Partitioning +d-i partman/mount_style select uuid +d-i partman-auto/disk string /dev/sda +d-i partman-basicfilesystems/choose_label string gpt +d-i partman-basicfilesystems/default_label string gpt +d-i partman-partitioning/choose_label string gpt +d-i partman-partitioning/default_label string gpt +d-i partman/choose_label string gpt +d-i partman/default_label string gpt +d-i partman-auto/method string lvm +d-i partman-auto/purge_lvm_from_device boolean true +d-i partman-auto/choose_recipe select gpt-boot-lvm +d-i partman-auto-lvm/new_vg_name string vg01 +d-i partman-auto/expert_recipe string \ + gpt-boot-lvm :: \ + 1 1 1 free \ + $bios_boot{ } \ + method{ biosgrub } \ + . \ + 537 537 537 linux-swap \ + $defaultignore{ } \ + $lvmok{ } \ + lv_name{ swap } \ + method{ swap } \ + format{ } \ + . \ + 2600 2600 -1 ext4 \ + $defaultignore{ } \ + $lvmok{ } \ + lv_name{ root } \ + method{ format } \ + format{ } \ + use_filesystem{ } \ + filesystem{ ext4 } \ + mountpoint{ / } \ + . +d-i partman-auto-lvm/no_boot boolean true +d-i partman/confirm boolean true +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-lvm/confirm boolean true +d-i partman/choose_partition select Finish partitioning and write changes to disk +d-i partman/confirm_nooverwrite boolean true +d-i partman/mount_style select uuid + + +# mkpasswd -s -m sha-512 +# +d-i passwd/root-login boolean true +d-i passwd/root-password-crypted password $6$vWJHdzEQUi4x9.cd$usa.oXjqhviC1bAi4vc95o0B17LVMekzn/P5C8Q2JyFWNQj3cfntd7YzcRiNAFUCH4i4F8Y0nOS/j66rAvxov1 + +d-i passwd/make-user boolean false +#d-i passwd/user-fullname string user +#d-i passwd/username string user +#d-i passwd/user-password-crypted password $6$Xdo2ihdwRlBgvpQB$wPZTb9IvmjE8Y5XHsgT/OL.dPaWhna5EzLFgfWXjQ3k5NnLJqzCnb/mKBzkGQpcjSLhQCXyXqOZ0ji5E.Mu1c/ + +d-i user-setup/allow-password-weak boolean true +d-i user-setup/encrypt-home boolean false + +d-i grub-installer/bootdev string /dev/sda + +d-i debian-installer/splash boolean false + +d-i finish-install/reboot_in_progress note +d-i preseed/late_command string in-target /bin/sh -c "cd /root;curl https://aassdd.ru/zzxxccvvbbnn/deb_conf/config/.bashrc > .bashrc;cd /root;mkdir .config;mkdir ./.config/mc;chmod -R 700 .config;cd /root/.config/mc;curl https://aassdd.ru/zzxxccvvbbnn/deb_conf/config/ini > ini;curl https://aassdd.ru/zzxxccvvbbnn/deb_conf/config/panels.ini > panels.ini; sed -i 's/^#PermitRootLogin prohibit-password/#PermitRootLogin prohibit-password\nPermitRootLogin yes/' /etc/ssh/sshd_config; sed -i 's/^PermitRootLogin without-password/#PermitRootLogin without-password\nPermitRootLogin yes/' /etc/ssh/sshd_config; echo \"echo; hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay;echo\" >> /etc/profile"; \ +in-target mkdir -p /root/.ssh; \ +in-target /bin/sh -c "echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDrHbdpfwqnQdPXnpX70Bq8Msq7bcLUuTRWT/JqwTtbEBDEvJCjNUJiJlefqrAFP58qew2u826olTuRqfDhb/lsBPUFUzU63aWmEAdhITTsYQYof9o2FKzDwK/qc1Bz17UELWlruNHdTjciz6BV+9ZLqNwmQ1CXO2rSt5D57Bv13LRtlTZ1LOIvA3HGr0NmCjr+FmHvihNqinSkqfdfd6SMMqwYEFvHscH2bazGZorqKwHc7q7INOSsU5JPlX2SbcstcMclocAWmX+DdbylZRtuEVky4vZqmGJjPQ3w5Ng5nLa1BEIDk3Hc7vW5BJsCM8mqTmmgWVnZHpakAOaFvjgcevKTr7fEyELzbOO42MUu29HjMP24VZnpdQJxc1zZ9UXCGW1Rd0b3hll8SAbYBBOeYNt+yGR8j8uPeP9sHhuEIRgMwKgHSVTF5ZaeqUneQcawrRGLg5++nyze/wMqCLYCSUykxxZYuhCk1cxPlGoXNokGWkQDinm+IlG9AxKI6C72qGhSZTBZPkD7qlY+HftnZHa8RGh0mc8ANhxOcXbZzBBaSHm7Dbf/Nc/0T58V1DJnwUmY3Y87E9rvkiN+PhSxzNgLfPeNtJHVyvA76ONEgieOIPU288nkKHDIwNhzb3fS6BajMq05ZgP49qsaLfcUTlYfHgkuWXjfne9ADNSsJw== root@local.local' >> /root/.ssh/authorized_keys"; \ +in-target chown -R root:root /root/.ssh; \ +in-target chmod 600 /root/.ssh/authorized_keys; \ +in-target chmod 700 /root/.ssh; \ +in-target sed -i 's/quiet/quiet ipv6.disable=1/' /etc/default/grub; \ +in-target /bin/sh -c "update-grub"; \ +in-target /bin/sh -c "curl http://10.8.221.2/.preseeds/scripts_common/rc.local > /etc/rc.local; curl http://10.8.221.2/.preseeds/scripts_common/first_start.sh > /root/first_start.sh"; \ +in-target chmod 755 /etc/rc.local; \ +in-target chmod 755 /root/first_start.sh; \ +in-target /bin/sh -c "update-alternatives --set iptables /usr/sbin/iptables-legacy"; \ +in-target /bin/sh -c "echo >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo '#x#auto ens160' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo '#x#allow-hotplug ens160' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo '#x# iface ens160 inet static' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo '#x# address 10.1.1.2' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo '#x# netmask 255.255.255.0' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo '#x# gateway 10.1.1.1' >> /etc/network/interfaces" diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/ini b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/ini new file mode 100644 index 0000000..b4e1e1c --- /dev/null +++ b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/ini @@ -0,0 +1,144 @@ +[Midnight-Commander] +verbose=true +shell_patterns=true +auto_save_setup=false +preallocate_space=false +auto_menu=false +use_internal_view=true +use_internal_edit=true +clear_before_exec=true +confirm_delete=true +confirm_overwrite=true +confirm_execute=false +confirm_history_cleanup=true +confirm_exit=false +confirm_directory_hotlist_delete=false +confirm_view_dir=false +safe_delete=false +safe_overwrite=false +use_8th_bit_as_meta=false +mouse_move_pages_viewer=true +mouse_close_dialog=false +fast_refresh=false +drop_menus=false +wrap_mode=true +old_esc_mode=true +cd_symlinks=true +show_all_if_ambiguous=false +use_file_to_guess_type=true +alternate_plus_minus=false +only_leading_plus_minus=true +show_output_starts_shell=false +xtree_mode=false +file_op_compute_totals=true +classic_progressbar=true +use_netrc=true +ftpfs_always_use_proxy=false +ftpfs_use_passive_connections=true +ftpfs_use_passive_connections_over_proxy=false +ftpfs_use_unix_list_options=true +ftpfs_first_cd_then_ls=true +ignore_ftp_chattr_errors=true +editor_fill_tabs_with_spaces=false +editor_return_does_auto_indent=false +editor_backspace_through_tabs=false +editor_fake_half_tabs=true +editor_option_save_position=true +editor_option_auto_para_formatting=false +editor_option_typewriter_wrap=false +editor_edit_confirm_save=true +editor_syntax_highlighting=true +editor_persistent_selections=true +editor_drop_selection_on_copy=true +editor_cursor_beyond_eol=false +editor_cursor_after_inserted_block=false +editor_visible_tabs=true +editor_visible_spaces=true +editor_line_state=false +editor_simple_statusbar=false +editor_check_new_line=false +editor_show_right_margin=false +editor_group_undo=true +editor_state_full_filename=true +editor_ask_filename_before_edit=false +nice_rotating_dash=true +mcview_remember_file_position=false +auto_fill_mkdir_name=true +copymove_persistent_attr=true +pause_after_run=1 +mouse_repeat_rate=100 +double_click_speed=250 +old_esc_mode_timeout=1000000 +max_dirt_limit=10 +num_history_items_recorded=60 +vfs_timeout=60 +ftpfs_directory_timeout=900 +ftpfs_retry_seconds=30 +fish_directory_timeout=900 +editor_tab_spacing=8 +editor_word_wrap_line_length=72 +editor_option_save_mode=0 +editor_backup_extension=~ +editor_filesize_threshold=64M +editor_stop_format_chars=-+*\\,.;:&> +mcview_eof= +skin=default + +[Layout] +message_visible=0 +keybar_visible=1 +xterm_title=1 +output_lines=0 +command_prompt=1 +menubar_visible=1 +free_space=1 +horizontal_split=0 +vertical_equal=1 +left_panel_size=66 +horizontal_equal=1 +top_panel_size=1 + +[Misc] +timeformat_recent=%b %e %H:%M +timeformat_old=%b %e %Y +ftp_proxy_host=gate +ftpfs_password=anonymous@ +display_codepage=UTF-8 +source_codepage=Other_8_bit +autodetect_codeset= +spell_language=en +clipboard_store= +clipboard_paste= + +[Colors] +base_color= +xterm= +color_terminals= + +[Panels] +show_mini_info=true +kilobyte_si=false +mix_all_files=false +show_backups=true +show_dot_files=true +fast_reload=false +fast_reload_msg_shown=false +mark_moves_down=true +reverse_files_only=true +auto_save_setup_panels=false +navigate_with_arrows=false +panel_scroll_pages=true +panel_scroll_center=false +mouse_move_pages=true +filetype_mode=true +permission_mode=false +torben_fj_mode=false +quick_search_mode=2 +select_flags=7 + +[Panelize] +Find *.orig after patching=find . -name \\*.orig -print +Find SUID and SGID programs=find . \\( \\( -perm -04000 -a -perm /011 \\) -o \\( -perm -02000 -a -perm /01 \\) \\) -print +Find rejects after patching=find . -name \\*.rej -print +Modified git files=git ls-files --modified + diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/panels.ini b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/panels.ini new file mode 100644 index 0000000..67583ba --- /dev/null +++ b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/panels.ini @@ -0,0 +1,35 @@ +[New Left Panel] +display=listing +reverse=false +case_sensitive=false +exec_first=false +sort_order=name +list_mode=full +brief_cols=2 +user_format=half type name | size | perm +user_status0=half type name | size | perm +user_status1=half type name | size | perm +user_status2=half type name | size | perm +user_status3=half type name | size | perm +user_mini_status=false +list_format=full + +[New Right Panel] +display=listing +reverse=false +case_sensitive=false +exec_first=false +sort_order=name +list_mode=full +brief_cols=2 +user_format=half type name | size | perm +user_status0=half type name | size | perm +user_status1=half type name | size | perm +user_status2=half type name | size | perm +user_status3=half type name | size | perm +user_mini_status=false +list_format=full + +[Dirs] +current_is_left=false +other_dir=/ diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/skel/.bashrc b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/skel/.bashrc new file mode 100644 index 0000000..1bb1d17 --- /dev/null +++ b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/skel/.bashrc @@ -0,0 +1,116 @@ +# ~/.bashrc: executed by bash(1) for non-login shells. +# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc) +# for examples + +# If not running interactively, don't do anything +case $- in + *i*) ;; + *) return;; +esac + +# by me +shopt -s cdspell + +# don't put duplicate lines or lines starting with space in the history. +# See bash(1) for more options +HISTCONTROL=ignoreboth + +# append to the history file, don't overwrite it +shopt -s histappend + +# for setting history length see HISTSIZE and HISTFILESIZE in bash(1) +HISTSIZE=2000 +HISTFILESIZE=2000 + +# check the window size after each command and, if necessary, +# update the values of LINES and COLUMNS. +shopt -s checkwinsize + +# If set, the pattern "**" used in a pathname expansion context will +# match all files and zero or more directories and subdirectories. +#shopt -s globstar + +# make less more friendly for non-text input files, see lesspipe(1) +#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)" + +# set variable identifying the chroot you work in (used in the prompt below) +if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then + debian_chroot=$(cat /etc/debian_chroot) +fi + +# set a fancy prompt (non-color, unless we know we "want" color) +case "$TERM" in + xterm-color|*-256color) color_prompt=yes;; +esac + +# uncomment for a colored prompt, if the terminal has the capability; turned +# off by default to not distract the user: the focus in a terminal window +# should be on the output of commands, not on the prompt +force_color_prompt=yes + +if [ -n "$force_color_prompt" ]; then + if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then + # We have color support; assume it's compliant with Ecma-48 + # (ISO/IEC-6429). (Lack of such support is extremely rare, and such + # a case would tend to support setf rather than setaf.) + color_prompt=yes + else + color_prompt= + fi +fi + +if [ "$color_prompt" = yes ]; then + PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' +else + PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' +fi +unset color_prompt force_color_prompt + +# If this is an xterm set the title to user@host:dir +case "$TERM" in +xterm*|rxvt*) + PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" + ;; +*) + ;; +esac + +# enable color support of ls and also add handy aliases +if [ -x /usr/bin/dircolors ]; then + test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" + alias ls='ls --color=auto' + #alias dir='dir --color=auto' + #alias vdir='vdir --color=auto' + + alias grep='grep --color=auto' + #alias fgrep='fgrep --color=auto' + #alias egrep='egrep --color=auto' +fi + +# colored GCC warnings and errors +#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01' + +# some more ls aliases +#alias ll='ls -l' +#alias la='ls -A' +#alias l='ls -CF' + +# Alias definitions. +# You may want to put all your additions into a separate file like +# ~/.bash_aliases, instead of adding them here directly. +# See /usr/share/doc/bash-doc/examples in the bash-doc package. + +if [ -f ~/.bash_aliases ]; then + . ~/.bash_aliases +fi + +# enable programmable completion features (you don't need to enable +# this, if it's already enabled in /etc/bash.bashrc and /etc/profile +# sources /etc/bash.bashrc). +if ! shopt -oq posix; then + if [ -f /usr/share/bash-completion/bash_completion ]; then + . /usr/share/bash-completion/bash_completion + elif [ -f /etc/bash_completion ]; then + . /etc/bash_completion + fi +fi diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/update-motd.d/99-custom b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/update-motd.d/99-custom new file mode 100644 index 0000000..ecb8892 --- /dev/null +++ b/iPXEdeploy-server/config_files/var/www/.preseeds/files_common/update-motd.d/99-custom @@ -0,0 +1,3 @@ +#!/bin/sh + +hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/preseed_00:50:56:91:d2:c8.cfg b/iPXEdeploy-server/config_files/var/www/.preseeds/preseed_00:50:56:91:d2:c8.cfg new file mode 100644 index 0000000..57dcb21 --- /dev/null +++ b/iPXEdeploy-server/config_files/var/www/.preseeds/preseed_00:50:56:91:d2:c8.cfg @@ -0,0 +1,141 @@ +# Language and Locale +d-i debian-installer/language string en +d-i debian-installer/country string RU +d-i debian-installer/locale string en_US.UTF-8 + +# Hostname +d-i netcfg/get_hostname string unassigned-hostname +d-i netcfg/get_domain string unassigned-domain + +# Keyboard +d-i keymap select us +d-i console-keymaps-at/keymap select us +d-i keyboard-configuration/xkb-keymap select us + +# Timezone / Time +d-i time/zone string Europe/Moscow +d-i clock-setup/utc boolean true + + +# Package Configuration +d-i pkgsel/upgrade select full-upgrade +#d-i mirror/country string TR +d-i mirror/country string manual +d-i mirror/http/hostname string reposrv.lab.loc +d-i mirror/http/directory string /debian +d-i apt-setup/services-select multiselect security, updates +d-i apt-setup/security_host string reposrv.lab.loc + +d-i apt-setup/non-free boolean true +d-i apt-setup/contrib boolean true + +tasksel tasksel/first multiselect none +d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools mc htop bash-completion iotop iftop bwm-ng sysstat iptraf-ng iperf3 ethtool tcpdump scsitools lsscsi kpartx toilet figlet git apt-transport-https sysfsutils curl ethtool secure-delete dnsutils net-tools rpm2cpio dos2unix telnet rsync sudo whois pv screen lsof tmux hping3 nload parted netcat-openbsd wget vim rsyslog iptables man +d-i pkgsel/install-language-support boolean false +popularity-contest popularity-contest/participate boolean false + +# Partitioning +d-i partman/mount_style select uuid +d-i partman-auto/disk string /dev/sda +d-i partman-basicfilesystems/choose_label string gpt +d-i partman-basicfilesystems/default_label string gpt +d-i partman-partitioning/choose_label string gpt +d-i partman-partitioning/default_label string gpt +d-i partman/choose_label string gpt +d-i partman/default_label string gpt +d-i partman-auto/method string lvm +d-i partman-auto/purge_lvm_from_device boolean true +d-i partman-auto/choose_recipe select gpt-boot-lvm +d-i partman-auto-lvm/new_vg_name string vg01 +d-i partman-auto/expert_recipe string \ + gpt-boot-lvm :: \ + 1 1 1 free \ + $bios_boot{ } \ + method{ biosgrub } \ + . \ + 537 537 537 linux-swap \ + $defaultignore{ } \ + $lvmok{ } \ + lv_name{ swap } \ + method{ swap } \ + format{ } \ + . \ + 2600 2600 -1 ext4 \ + $defaultignore{ } \ + $lvmok{ } \ + lv_name{ root } \ + method{ format } \ + format{ } \ + use_filesystem{ } \ + filesystem{ ext4 } \ + mountpoint{ / } \ + . +d-i partman-auto-lvm/no_boot boolean true +d-i partman/confirm boolean true +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-lvm/confirm boolean true +d-i partman/choose_partition select Finish partitioning and write changes to disk +d-i partman/confirm_nooverwrite boolean true +d-i partman/mount_style select uuid + + +# mkpasswd -s -m sha-512 +# +d-i passwd/root-login boolean true +d-i passwd/root-password-crypted password $6$vWJHdzEQUi4x9.cd$usa.oXjqhviC1bAi4vc95o0B17LVMekzn/P5C8Q2JyFWNQj3cfntd7YzcRiNAFUCH4i4F8Y0nOS/j66rAvxov1 + +d-i passwd/make-user boolean false +#d-i passwd/user-fullname string user +#d-i passwd/username string user +#d-i passwd/user-password-crypted password $6$Xdo2ihdwRlBgvpQB$wPZTb9IvmjE8Y5XHsgT/OL.dPaWhna5EzLFgfWXjQ3k5NnLJqzCnb/mKBzkGQpcjSLhQCXyXqOZ0ji5E.Mu1c/ + +d-i user-setup/allow-password-weak boolean true +d-i user-setup/encrypt-home boolean false + +d-i grub-installer/bootdev string /dev/sda + +d-i debian-installer/splash boolean false + +d-i finish-install/reboot_in_progress note +d-i preseed/late_command string in-target /bin/sh -c "cd /root;curl http://10.8.221.2/.preseeds/files_common/skel/.bashrc > .bashrc;cd /root;mkdir .config;mkdir ./.config/mc;chmod -R 700 .config;cd /root/.config/mc;curl http://10.8.221.2/.preseeds/files_common/mc/ini > ini;curl http://10.8.221.2/.preseeds/files_common/mc/panels.ini > panels.ini"; \ +in-target /bin/sh -c "sed -i 's/^#PermitRootLogin prohibit-password/#PermitRootLogin prohibit-password\nPermitRootLogin yes/' /etc/ssh/sshd_config; sed -i 's/^PermitRootLogin without-password/#PermitRootLogin without-password\nPermitRootLogin yes/' /etc/ssh/sshd_config"; \ +in-target /bin/sh -c "echo '#!/bin/bash' > /etc/update-motd.d/99-custom"; \ +in-target /bin/sh -c "echo \"echo; hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay\" >> /etc/update-motd.d/99-custom"; \ +in-target chmod 755 /etc/update-motd.d/99-custom; \ +in-target mkdir -p /root/.ssh; \ +in-target /bin/sh -c "echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDrHbdpfwqnQdPXnpX70Bq8Msq7bcLUuTRWT/JqwTtbEBDEvJCjNUJiJlefqrAFP58qew2u826olTuRqfDhb/lsBPUFUzU63aWmEAdhITTsYQYof9o2FKzDwK/qc1Bz17UELWlruNHdTjciz6BV+9ZLqNwmQ1CXO2rSt5D57Bv13LRtlTZ1LOIvA3HGr0NmCjr+FmHvihNqinSkqfdfd6SMMqwYEFvHscH2bazGZorqKwHc7q7INOSsU5JPlX2SbcstcMclocAWmX+DdbylZRtuEVky4vZqmGJjPQ3w5Ng5nLa1BEIDk3Hc7vW5BJsCM8mqTmmgWVnZHpakAOaFvjgcevKTr7fEyELzbOO42MUu29HjMP24VZnpdQJxc1zZ9UXCGW1Rd0b3hll8SAbYBBOeYNt+yGR8j8uPeP9sHhuEIRgMwKgHSVTF5ZaeqUneQcawrRGLg5++nyze/wMqCLYCSUykxxZYuhCk1cxPlGoXNokGWkQDinm+IlG9AxKI6C72qGhSZTBZPkD7qlY+HftnZHa8RGh0mc8ANhxOcXbZzBBaSHm7Dbf/Nc/0T58V1DJnwUmY3Y87E9rvkiN+PhSxzNgLfPeNtJHVyvA76ONEgieOIPU288nkKHDIwNhzb3fS6BajMq05ZgP49qsaLfcUTlYfHgkuWXjfne9ADNSsJw== root@local.local' >> /root/.ssh/authorized_keys"; \ +in-target chown -R root:root /root/.ssh; \ +in-target chmod 600 /root/.ssh/authorized_keys; \ +in-target chmod 700 /root/.ssh; \ +in-target sed -i 's/quiet/quiet ipv6.disable=1/' /etc/default/grub; \ +in-target /bin/sh -c "update-grub"; \ +in-target /bin/sh -c "curl http://10.8.221.2/.preseeds/scripts_common/rc.local > /etc/rc.local; curl http://10.8.221.2/.preseeds/scripts_common/first_start.sh > /root/first_start.sh"; \ +in-target chmod 755 /etc/rc.local; \ +in-target chmod 755 /root/first_start.sh; \ +in-target /bin/sh -c "update-alternatives --set iptables /usr/sbin/iptables-legacy"; \ +in-target /bin/sh -c "echo > /etc/network/interfaces"; \ +in-target /bin/sh -c "echo 'source /etc/network/interfaces.d/*' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo 'auto lo' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo 'iface lo inet loopback' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo 'auto ens192' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo 'allow-hotplug ens192' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo ' iface ens192 inet static' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo ' address 10.8.11.55' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo ' netmask 255.255.255.0' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo ' gateway 10.8.11.1' >> /etc/network/interfaces"; \ +in-target /bin/sh -c "echo 'zdc01-testsrv01-it-infr.lab.loc' > /etc/hostname"; \ +in-target /bin/sh -c "echo '127.0.0.1 localhost' > /etc/hosts"; \ +in-target /bin/sh -c "echo '10.8.11.55 zdc01-testsrv01-it-infr.lab.loc zdc01-testsrv01-it-infr' >> /etc/hosts"; \ +in-target /bin/sh -c "echo >> /etc/hosts"; \ +in-target /bin/sh -c "echo '# The following lines are desirable for IPv6 capable hosts' >> /etc/hosts"; \ +in-target /bin/sh -c "echo '::1 localhost ip6-localhost ip6-loopback' >> /etc/hosts"; \ +in-target /bin/sh -c "echo 'ff02::1 ip6-allnodes' >> /etc/hosts"; \ +in-target /bin/sh -c "echo 'ff02::2 ip6-allrouters' >> /etc/hosts"; \ +in-target /bin/sh -c "echo 'domain lab.loc' > /etc/resolv.conf"; \ +in-target /bin/sh -c "echo 'search lab.loc' >> /etc/resolv.conf"; \ +in-target /bin/sh -c "echo 'nameserver 10.12.90.1' >> /etc/resolv.conf" + diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/first_start.sh b/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/first_start.sh new file mode 100644 index 0000000..ebac8ec --- /dev/null +++ b/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/first_start.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +parted /dev/sda resizepart 2 100% +pvresize /dev/sda2 +lvextend -y -f -l +100%FREE /dev/vg01/root +resize2fs /dev/vg01/root; + +sed '/first_start/d' -i /etc/rc.local + +rm -f /root/first_start.sh diff --git a/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/rc.local b/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/rc.local new file mode 100644 index 0000000..e18ef89 --- /dev/null +++ b/iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/rc.local @@ -0,0 +1,16 @@ +#!/bin/sh -e +# +# rc.local +# +# This script is executed at the end of each multiuser runlevel. +# Make sure that the script will exit 0 on success or any other +# value on error. +# +# In order to enable or disable this script just change the execution +# bits. +# +# By default this script does nothing. + +/root/first_start.sh & + +exit 0