Added this repo

README.md

@@ -0,0 +1,6 @@
+# FAST-RABBIT repo
+
+<br/>
+##This repo has Ansible, Packer by HashiCorp and etc auto tools for maintenance and service IT infrastructure.<br/>
+<br/>
+

ansible/README.md

@@ -0,0 +1,14 @@
+# Ansible playbooks and roles.
+
+For secrets and cred vars create /root/.secret/.ansible/vars_creds.yml<br/><br/>
+
+`vcenter_hostname: "vcs8srv01.lab.loc"`<br/>
+`vcenter_username: "administrator@vsphere.local"`<br/>
+`vcenter_password: "XXXXXXXXXXXX"`<br/>
+`vcenter_validate_certs: false`<br/>
+`vcenter_datacenter: "DC01"`<br/>
+<br/>
+`ansible_user: "root"`<br/>
+`ansible_password: "XXXXXXXX"`<br/>
+`#ansible_ssh_private_key_file: '~/.secret/auto-tools/ansible/.ssh/ansb.id_rsa'`<br/>
+

ansible/hosts

@@ -0,0 +1,3 @@
+
+dc01-ipxesrv01-it-infr.lab.loc ansible_host=10.8.221.2
+

ansible/inventories/vmware_vm_inventory.yml

@@ -0,0 +1,45 @@
+---
+#
+# For use:
+# ansible-inventory -i /root/ansible/inventories/vmware_vm_inventory.yml --list -y --output zzz.yml
+# cat zzz.yml | grep -i "guestid" | sed 's/^          config.guestId: //' | sed 's/$.*//'  | sort | uniq
+#
+plugin: community.vmware.vmware_vm_inventory
+strict: true
+hostname: "vcs8srv01.lab.loc"
+username: "administrator@vsphere.local"
+password: "XXXXXXXXX"
+validate_certs: false
+with_tags: false
+with_folders: true
+
+#resources:
+#  - datacenter:
+#    - 'DC01'
+#    resources:
+#      - compute_resource:
+#        - Cluster01
+#      - folder:
+#        - VLAN-0222
+
+hostnames:
+  - config.name
+properties:
+  - name
+  - config.name
+  - guest
+#  - config.guestId
+  - summary.runtime.powerState
+#  - config.datastoreUrl
+  - config.template
+
+filters:
+- config.template == false
+- summary.runtime.powerState == 'poweredOn'
+
+keyed_groups:
+  - key: summary.runtime.powerState
+    separator: ''
+
+#  - key: ipConfig.network
+#    separator: ''

ansible/playbooks/os-ipxe-vmware-deploy.yml

@@ -0,0 +1,9 @@
+---
+
+- hosts: "{{ ipxe_target }}"
+  become: false
+  gather_facts: false
+  vars_files:
+    - /root/.secret/.ansible/vars_creds.yml
+  roles:
+    - os-ipxe-vmware-deploy

ansible/playbooks/os-linux-apt-update.yml

@@ -0,0 +1,22 @@
+---
+
+- hosts: "{{ hosts_target }}"
+  become: false
+  gather_facts: true
+  vars_files:
+    - /root/.secret/.ansible/vars_creds.yml
+
+  tasks:
+    - name: Upgrage system type of Debian
+      block:
+        - name: Run "apt update" and "apt upgrade"
+          ansible.builtin.apt:
+            upgrade: yes
+            update_cache: yes
+        - name: Run "apt autoremove"
+          ansible.builtin.apt:
+            autoremove: yes
+        - name: Run "apt-get clean"
+          ansible.builtin.apt:
+            clean: yes
+      when: ansible_facts['distribution'] == "Debian"

ansible/playbooks/os-ping-test.yml

@@ -0,0 +1,15 @@
+---
+
+- hosts: "{{ hosts_target }}"
+  become: false
+  gather_facts: true
+  vars_files:
+    - /root/.secret/.ansible/vars_creds.yml
+
+  tasks:
+    - name: Debug
+      debug:
+#        var: ansible_facts
+        msg: " It is {{ansible_facts['distribution'] }} {{ ansible_facts.distribution_major_version }} ( {{ ansible_facts.distribution_release }} )"
+
+

ansible/playbooks/vmware_tmp/vm_get_info.yml

@@ -0,0 +1,28 @@
+---
+- name: Get info VM
+  hosts: localhost
+  become: false
+  gather_facts: false
+  vars:
+    vars_name: "dc01-ftpsrv01-it-infr.lab.loc"
+#    vars_name: "debian12-common-templ"
+  vars_files:
+    - /root/.secret/.ansible/vars_creds.yml
+
+  tasks:
+    - name: Get info VM
+      community.vmware.vmware_vm_info:
+        hostname: "{{ vcenter_hostname }}"
+        username: "{{ vcenter_username }}"
+        password: "{{ vcenter_password }}"
+        validate_certs: "{{ vcenter_validate_certs }}"
+#        datacenter: "{{ vcenter_datacenter }}"
+        vm_name: "{{ vars_name }}"
+#        vm_type: template
+      delegate_to: localhost
+      register: info_vm
+
+
+    - name: Print info {{ vars_name }}
+      debug:
+        msg: "{{ info_vm }}"

ansible/playbooks/vmware_tmp/vm_guest_info.yml

@@ -0,0 +1,26 @@
+---
+- name: Get info VM
+  hosts: localhost
+  become: false
+  gather_facts: false
+  vars:
+    vars_name: "dc01-ftpsrv01-it-infr.lab.loc"
+#    vars_name: "debian12-common-templ"
+  vars_files:
+    - /root/.secret/.ansible/vars_creds.yml
+
+  tasks:
+    - name: Get info VM
+      community.vmware.vmware_guest:
+        hostname: "{{ vcenter_hostname }}"
+        username: "{{ vcenter_username }}"
+        password: "{{ vcenter_password }}"
+        validate_certs: "{{ vcenter_validate_certs }}"
+        datacenter: "{{ vcenter_datacenter }}"
+        name: "{{ vars_name }}"
+      delegate_to: localhost
+      register: gather_info_vm
+
+    - name: Print info {{ vars_name }}
+        msg: "{{ gather_info_vm }}"
+

ansible/roles/os-ipxe-vmware-deploy.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+
+# ***********
+
+ipxe_target="dc01-ipxesrv01-it-infr.lab.loc"
+ipxe_net_name="VLAN-0221"
+
+vm_name="zdc01-testsrv01-it-infr.lab.loc"
+vm_folder="VLAN-0011"
+vm_guest_id="debian12_64Guest"
+vm_datastore="Cluster01-LUN02"
+vm_net_name="VLAN-0011"
+
+vm_ip_addr="10.8.11.55"
+vm_ip_mask="255.255.255.0"
+vm_ip_gw="10.8.11.1"
+vm_ip_dns="10.12.90.1"
+vm_ip_domain="lab.loc"
+vm_ip_search="lab.loc"
+
+
+# ***********
+
+/usr/bin/ansible-playbook /root/ansible/playbooks/os-ipxe-vmware-deploy.yml \
+-e "ipxe_target=$ipxe_target ipxe_net_name=$ipxe_net_name \
+vm_name=$vm_name vm_folder=$vm_folder vm_guest_id=$vm_guest_id vm_datastore=$vm_datastore vm_net_name=$vm_net_name \
+vm_ip_addr=$vm_ip_addr vm_ip_mask=$vm_ip_mask vm_ip_gw=$vm_ip_gw vm_ip_dns=$vm_ip_dns vm_ip_domain=$vm_ip_domain \
+vm_ip_search=$vm_ip_search"
+
+# ***********

ansible/roles/os-ipxe-vmware-deploy/defaults/main.yml

@@ -0,0 +1 @@
+---

ansible/roles/os-ipxe-vmware-deploy/handlers/main.yml

@@ -0,0 +1 @@
+---

ansible/roles/os-ipxe-vmware-deploy/tasks/conf_add_ipxesrv.yml

@@ -0,0 +1,21 @@
+---
+- name: Copy from template boot.ipxe
+  ansible.builtin.template:
+    src: boot.ipxe.j2
+    dest: "{{ path_ipxe_boot }}/boot_{{ vm_macaddress }}.ipxe"
+
+
+- name: Copy from template preseed.cfg
+  ansible.builtin.template:
+    src: preseed.cfg.j2
+    dest: "{{ path_preseed }}/preseed_{{ vm_macaddress }}.cfg"
+
+- name: Add config to DHCP server
+  ansible.builtin.lineinfile:
+    path: "{{ path_dhcp_conf }}"
+    line: 'host {{ vm_name | regex_replace("\..*","") }} { hardware ethernet  {{ vm_macaddress }}; if exists user-class and option user-class = "iPXE" { filename "http://${next-server}:80/.boot/boot_{{ vm_macaddress }}.ipxe";} else { filename "undionly.kpxe"; }}'
+
+- name: Restart DHCP service
+  ansible.builtin.systemd_service:
+    state: restarted
+    name:  isc-dhcp-server

ansible/roles/os-ipxe-vmware-deploy/tasks/conf_del_ipxesrv.yml

@@ -0,0 +1,14 @@
+---
+- name: Delete config to DHCP server
+  ansible.builtin.lineinfile:
+    path: "{{ path_dhcp_conf }}"
+    state: absent
+    line: 'host {{ vm_name | regex_replace("\..*","") }} { hardware ethernet  {{ vm_macaddress }}; if exists user-class and option user-class = "iPXE" { filename "http://${next-server}:80/.boot/boot_{{ vm_macaddress }}.ipxe";} else { filename "undionly.kpxe"; }}'
+
+- name: Remove config files
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: absent
+  loop:
+    - "{{ path_ipxe_boot }}/boot_{{ vm_macaddress }}.ipxe"
+    - "{{ path_preseed }}/preseed_{{ vm_macaddress }}.cfg"

ansible/roles/os-ipxe-vmware-deploy/tasks/main.yml

@@ -0,0 +1,25 @@
+---
+
+#- name: Debug
+#  import_tasks: vm_debug.yml
+#  tags:
+#   - always
+
+- name: Create new VM
+  import_tasks: vm_create.yml
+
+- name: Config add for iPXE and DHCP
+  import_tasks: conf_add_ipxesrv.yml
+
+- name: Deplay OS
+  import_tasks: vm_deploy_os.yml
+
+- name: Config del for iPXE and DHCP
+  import_tasks: conf_del_ipxesrv.yml
+
+- name: Custom VMs
+  import_tasks: vm_custom.yml
+
+
+
+

ansible/roles/os-ipxe-vmware-deploy/tasks/vm_create.yml

@@ -0,0 +1,53 @@
+---
+
+- name: Create a VM
+  community.vmware.vmware_guest:
+    hostname: "{{ vcenter_hostname }}"
+    username: "{{ vcenter_username }}"
+    password: "{{ vcenter_password }}"
+    validate_certs: "{{ vcenter_validate_certs }}"
+    datacenter: "{{ vcenter_datacenter }}"
+    folder: "{{ vm_folder }}"
+    name: "{{ vm_name }}"
+    state: poweredon
+    guest_id: "{{ vm_guest_id }}"
+    datastore: "{{ vm_datastore  }}"
+    disk:
+    - size_gb: 4
+      type: thin
+      datastore: " {{ vm_datastore }}"
+    hardware:
+      memory_mb: 1024
+      num_cpus: 1
+    networks:
+    - name: "{{ ipxe_net_name  }}"
+      device_type: vmxnet3
+  delegate_to: localhost
+  register: gather_create_vm
+
+- name: Set facts vm_macaddress
+  set_fact:
+    vm_macaddress: "{{ gather_create_vm.instance.hw_eth0.macaddress }}"
+    delegation: localhost
+
+- name: Set facts vm iface num
+  set_fact:
+    vm_iface_num: "{{ gather_create_vm.instance.advanced_settings['ethernet0.pciSlotNumber'] }}"
+    delegation: localhost
+
+- name: Set facts vm_name_shot
+  set_fact:
+    vm_name_shot: "{{ vm_name.split('.')[0] }}"
+    delegation: localhost
+
+
+#debug#- name: Debug
+#debug#  debug:
+#debug#    msg: "{{ gather_create_vm }}"
+#debug#- name: Debug
+#debug#  debug:
+#debug#    msg: "ens + {{ vm_iface_num }} // {{ vm_macaddress }}"
+
+
+
+

ansible/roles/os-ipxe-vmware-deploy/tasks/vm_custom.yml

@@ -0,0 +1,15 @@
+---
+
+- name: Custom VMs
+  community.vmware.vmware_guest:
+    hostname: "{{ vcenter_hostname }}"
+    username: "{{ vcenter_username }}"
+    password: "{{ vcenter_password }}"
+    validate_certs: "{{ vcenter_validate_certs }}"
+    datacenter: "{{ vcenter_datacenter }}"
+    folder: "{{ vm_folder }}"
+    name: "{{ vm_name }}"
+    networks:
+      - name: "{{ vm_net_name }}"
+  delegate_to: localhost
+  register: gather_create_vm

ansible/roles/os-ipxe-vmware-deploy/tasks/vm_debug.yml

@@ -0,0 +1,7 @@
+---
+
+
+- name: Debug
+  debug:
+
+    msg: '{{ vm_name | regex_replace("\..*","") }}'

ansible/roles/os-ipxe-vmware-deploy/tasks/vm_deploy_os.yml

@@ -0,0 +1,13 @@
+---
+- name: Wait for VMware tools to become available
+  community.vmware.vmware_guest_tools_wait:
+    hostname: "{{ vcenter_hostname }}"
+    username: "{{ vcenter_username }}"
+    password: "{{ vcenter_password }}"
+    validate_certs: "{{ vcenter_validate_certs }}"
+    datacenter: "{{ vcenter_datacenter }}"
+    folder: "{{ vm_folder }}"
+    name: "{{ vm_name }}"
+    timeout: 600
+  delegate_to: localhost
+  register: gather_guest_vm

ansible/roles/os-ipxe-vmware-deploy/templates/boot.ipxe.j2

@@ -0,0 +1,5 @@
+#!ipxe
+
+kernel http://${next-server}/.images/netinst_deb12x64/linux ipv6.disable=1 auto=true netcfg/dhcp_timeout=30 priority=critical locale=en_US preseed/url=http://${next-server}/.preseeds/preseed_{{ vm_macaddress }}.cfg
+initrd http://${next-server}/.images/netinst_deb12x64/initrd.gz
+boot

ansible/roles/os-ipxe-vmware-deploy/templates/preseed.cfg.j2

@@ -0,0 +1,141 @@
+# Language and Locale
+d-i debian-installer/language string en
+d-i debian-installer/country string RU
+d-i debian-installer/locale string en_US.UTF-8
+
+# Hostname
+d-i netcfg/get_hostname string unassigned-hostname
+d-i netcfg/get_domain string unassigned-domain
+
+# Keyboard
+d-i keymap select us
+d-i console-keymaps-at/keymap select us
+d-i keyboard-configuration/xkb-keymap select us
+
+# Timezone / Time
+d-i time/zone string Europe/Moscow
+d-i clock-setup/utc boolean true
+
+
+# Package Configuration
+d-i pkgsel/upgrade select full-upgrade
+#d-i mirror/country string TR
+d-i mirror/country string manual
+d-i mirror/http/hostname string reposrv.lab.loc
+d-i mirror/http/directory string /debian
+d-i apt-setup/services-select multiselect security, updates
+d-i apt-setup/security_host string reposrv.lab.loc
+
+d-i apt-setup/non-free boolean true
+d-i apt-setup/contrib boolean true
+
+tasksel tasksel/first multiselect none
+d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools mc htop bash-completion iotop iftop bwm-ng sysstat iptraf-ng iperf3 ethtool tcpdump scsitools lsscsi kpartx toilet figlet git apt-transport-https sysfsutils curl ethtool secure-delete dnsutils net-tools rpm2cpio dos2unix telnet rsync sudo whois pv screen lsof tmux hping3 nload parted netcat-openbsd wget vim rsyslog iptables man
+d-i pkgsel/install-language-support boolean false
+popularity-contest popularity-contest/participate boolean false
+
+# Partitioning
+d-i partman/mount_style select uuid
+d-i partman-auto/disk string /dev/sda
+d-i partman-basicfilesystems/choose_label string gpt
+d-i partman-basicfilesystems/default_label string gpt
+d-i partman-partitioning/choose_label string gpt
+d-i partman-partitioning/default_label string gpt
+d-i partman/choose_label string gpt
+d-i partman/default_label string gpt
+d-i partman-auto/method string lvm
+d-i partman-auto/purge_lvm_from_device boolean true
+d-i partman-auto/choose_recipe select gpt-boot-lvm
+d-i partman-auto-lvm/new_vg_name string vg01
+d-i partman-auto/expert_recipe string           \
+    gpt-boot-lvm ::                             \
+      1 1 1 free                                \
+        $bios_boot{ }                           \
+        method{ biosgrub }                      \
+      .                                         \
+      537 537 537 linux-swap                    \
+        $defaultignore{ }                       \
+        $lvmok{ }                               \
+        lv_name{ swap }                         \
+        method{ swap  }                         \
+        format{ }                               \
+      .                                         \
+      2600 2600 -1 ext4                         \
+        $defaultignore{ }                       \
+        $lvmok{ }                               \
+        lv_name{ root }                         \
+        method{ format }                        \
+        format{ }                               \
+        use_filesystem{ }                       \
+        filesystem{ ext4 }                      \
+        mountpoint{ / }                         \
+       .
+d-i partman-auto-lvm/no_boot boolean true
+d-i partman/confirm boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman-lvm/confirm_nooverwrite boolean true
+d-i partman-lvm/device_remove_lvm boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman/choose_partition select Finish partitioning and write changes to disk
+d-i partman/confirm_nooverwrite boolean true
+d-i partman/mount_style select uuid
+
+
+# mkpasswd -s -m sha-512
+#
+d-i passwd/root-login boolean true
+d-i passwd/root-password-crypted password $6$vWJHdzEQUi4x9.cd$usa.oXjqhviC1bAi4vc95o0B17LVMekzn/P5C8Q2JyFWNQj3cfntd7YzcRiNAFUCH4i4F8Y0nOS/j66rAvxov1
+
+d-i passwd/make-user boolean false
+#d-i passwd/user-fullname string user
+#d-i passwd/username string user
+#d-i passwd/user-password-crypted password $6$Xdo2ihdwRlBgvpQB$wPZTb9IvmjE8Y5XHsgT/OL.dPaWhna5EzLFgfWXjQ3k5NnLJqzCnb/mKBzkGQpcjSLhQCXyXqOZ0ji5E.Mu1c/
+
+d-i user-setup/allow-password-weak boolean true
+d-i user-setup/encrypt-home boolean false
+
+d-i grub-installer/bootdev string /dev/sda
+
+d-i debian-installer/splash boolean false
+
+d-i finish-install/reboot_in_progress note
+d-i preseed/late_command string in-target /bin/sh -c "cd /root;curl http://10.8.221.2/.preseeds/files_common/skel/.bashrc > .bashrc;cd /root;mkdir .config;mkdir ./.config/mc;chmod -R 700 .config;cd /root/.config/mc;curl http://10.8.221.2/.preseeds/files_common/mc/ini > ini;curl http://10.8.221.2/.preseeds/files_common/mc/panels.ini > panels.ini"; \
+in-target /bin/sh -c "sed -i 's/^#PermitRootLogin prohibit-password/#PermitRootLogin prohibit-password\nPermitRootLogin yes/' /etc/ssh/sshd_config; sed -i 's/^PermitRootLogin without-password/#PermitRootLogin without-password\nPermitRootLogin yes/' /etc/ssh/sshd_config"; \
+in-target /bin/sh -c "echo '#!/bin/bash' > /etc/update-motd.d/99-custom"; \
+in-target /bin/sh -c "echo \"echo; hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay\" >> /etc/update-motd.d/99-custom"; \
+in-target chmod 755 /etc/update-motd.d/99-custom; \
+in-target mkdir -p /root/.ssh; \
+in-target /bin/sh -c "echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDrHbdpfwqnQdPXnpX70Bq8Msq7bcLUuTRWT/JqwTtbEBDEvJCjNUJiJlefqrAFP58qew2u826olTuRqfDhb/lsBPUFUzU63aWmEAdhITTsYQYof9o2FKzDwK/qc1Bz17UELWlruNHdTjciz6BV+9ZLqNwmQ1CXO2rSt5D57Bv13LRtlTZ1LOIvA3HGr0NmCjr+FmHvihNqinSkqfdfd6SMMqwYEFvHscH2bazGZorqKwHc7q7INOSsU5JPlX2SbcstcMclocAWmX+DdbylZRtuEVky4vZqmGJjPQ3w5Ng5nLa1BEIDk3Hc7vW5BJsCM8mqTmmgWVnZHpakAOaFvjgcevKTr7fEyELzbOO42MUu29HjMP24VZnpdQJxc1zZ9UXCGW1Rd0b3hll8SAbYBBOeYNt+yGR8j8uPeP9sHhuEIRgMwKgHSVTF5ZaeqUneQcawrRGLg5++nyze/wMqCLYCSUykxxZYuhCk1cxPlGoXNokGWkQDinm+IlG9AxKI6C72qGhSZTBZPkD7qlY+HftnZHa8RGh0mc8ANhxOcXbZzBBaSHm7Dbf/Nc/0T58V1DJnwUmY3Y87E9rvkiN+PhSxzNgLfPeNtJHVyvA76ONEgieOIPU288nkKHDIwNhzb3fS6BajMq05ZgP49qsaLfcUTlYfHgkuWXjfne9ADNSsJw== root@local.local' >> /root/.ssh/authorized_keys"; \
+in-target chown -R root:root /root/.ssh; \
+in-target chmod 600 /root/.ssh/authorized_keys; \
+in-target chmod 700 /root/.ssh; \
+in-target sed -i 's/quiet/quiet ipv6.disable=1/' /etc/default/grub; \
+in-target /bin/sh -c "update-grub"; \
+in-target /bin/sh -c "curl http://10.8.221.2/.preseeds/scripts_common/rc.local > /etc/rc.local; curl http://10.8.221.2/.preseeds/scripts_common/first_start.sh > /root/first_start.sh"; \
+in-target chmod 755 /etc/rc.local; \
+in-target chmod 755 /root/first_start.sh; \
+in-target /bin/sh -c "update-alternatives --set iptables /usr/sbin/iptables-legacy"; \
+in-target /bin/sh -c "echo > /etc/network/interfaces"; \
+in-target /bin/sh -c "echo 'source /etc/network/interfaces.d/*' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo 'auto lo' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo 'iface lo inet loopback' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo 'auto ens{{ vm_iface_num  }}' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo 'allow-hotplug ens{{ vm_iface_num  }}' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '     iface ens{{ vm_iface_num  }} inet static' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '     address {{ vm_ip_addr }}' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '     netmask {{ vm_ip_mask }}' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '     gateway {{ vm_ip_gw }}' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '{{ vm_name }}' > /etc/hostname"; \
+in-target /bin/sh -c "echo '127.0.0.1		localhost' > /etc/hosts"; \
+in-target /bin/sh -c "echo '{{ vm_ip_addr }}		{{ vm_name }}		{{ vm_name_shot }}' >> /etc/hosts"; \
+in-target /bin/sh -c "echo >> /etc/hosts"; \
+in-target /bin/sh -c "echo '# The following lines are desirable for IPv6 capable hosts' >> /etc/hosts"; \
+in-target /bin/sh -c "echo '::1     localhost ip6-localhost ip6-loopback' >> /etc/hosts"; \
+in-target /bin/sh -c "echo 'ff02::1 ip6-allnodes' >> /etc/hosts"; \
+in-target /bin/sh -c "echo 'ff02::2 ip6-allrouters' >> /etc/hosts"; \
+in-target /bin/sh -c "echo 'domain {{ vm_ip_domain }}'  >  /etc/resolv.conf"; \
+in-target /bin/sh -c "echo 'search {{ vm_ip_search }}'  >> /etc/resolv.conf"; \
+in-target /bin/sh -c "echo 'nameserver {{ vm_ip_dns }}' >> /etc/resolv.conf"
+

ansible/roles/os-ipxe-vmware-deploy/vars/main.yml

@@ -0,0 +1,5 @@
+---
+
+path_ipxe_boot: "/var/www/html/.boot"
+path_dhcp_conf: "/etc/dhcp/dhcpd_tmp.conf"
+path_preseed: "/var/www/html/.preseeds"

common/README.md

@@ -0,0 +1 @@
+# Fastrabbit common repo

common/create-iso-preseed/README.md

@@ -0,0 +1,8 @@
+# Create Debian netinstall iso with my preseed
+
+Install `apt install xorriso`<br/>
+<br/>
+File create-iso-preseed.sh for use common Debian repo<br/>
+<br/>
+File create-iso-preseed-LOrepo.sh for use local repo server<br/>
+<br/>

common/create-iso-preseed/create-iso-preseed-LOrepo.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+
+orig_iso='/mini.iso'
+iso_mnt='/mnt/iso'
+new_files='/mnt/iso_new'
+new_iso='/debian-12-my-preseed-amd64-LOREPO.iso'
+mbr_template='/mnt/iso_new/isohdpfx.bin'
+
+
+wget https://deb.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/netboot/mini.iso -O /mini.iso
+
+mkdir $iso_mnt
+mkdir $new_files
+
+mount -o loop /mini.iso $iso_mnt
+cp -vRTa $iso_mnt $new_files
+umount $iso_mnt
+
+sed 's/\/linux vga=788 --- quiet/\/linux vga=788 ipv6.disable=1 auto=true netcfg\/dhcp_timeout=30 priority=critical locale=en_US preseed\/url=http:\/\/aassdd.ru\/.my-preseed\/debian\/preseed_lorepo.cfg ---/' -i $new_files/boot/grub/grub.cfg
+sed 's/append vga=788 initrd=initrd.gz --- quiet/append vga=788 initrd=initrd.gz ipv6.disable=1 auto=true netcfg\/dhcp_timeout=30 priority=critical locale=en_US preseed\/url=http:\/\/aassdd.ru\/.my-preseed\/debian\/preseed_lorepo.cfg ---/' -i $new_files/txt.cfg
+
+# ************************
+# ************************
+
+# Extract MBR template file to disk
+dd if="$orig_iso" bs=1 count=432 of="$mbr_template"
+
+# Create the new ISO image
+xorriso -as mkisofs \
+-r -V 'Debian my preseed amd64 n' \
+-o "$new_iso" \
+-J -J -joliet-long -cache-inodes \
+-isohybrid-mbr "$mbr_template" \
+-b isolinux.bin \
+-c boot.cat \
+-boot-load-size 4 -boot-info-table -no-emul-boot \
+-eltorito-alt-boot \
+-e boot/grub/efi.img \
+-no-emul-boot -isohybrid-gpt-basdat -isohybrid-apm-hfsplus \
+"$new_files"
+# ************************
+# ************************
+
+rm -fr $orig_iso
+rm -fr $iso_mnt
+rm -fr $new_files
+
+
+

common/create-iso-preseed/create-iso-preseed.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+
+orig_iso='/mini.iso'
+iso_mnt='/mnt/iso'
+new_files='/mnt/iso_new'
+new_iso='/debian-12-my-preseed-amd64.iso'
+mbr_template='/mnt/iso_new/isohdpfx.bin'
+
+
+wget https://deb.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/netboot/mini.iso -O /mini.iso
+
+mkdir $iso_mnt
+mkdir $new_files
+
+mount -o loop /mini.iso $iso_mnt
+cp -vRTa $iso_mnt $new_files
+umount $iso_mnt
+
+sed 's/\/linux vga=788 --- quiet/\/linux vga=788 ipv6.disable=1 auto=true netcfg\/dhcp_timeout=30 priority=critical locale=en_US preseed\/url=http:\/\/aassdd.ru\/.my-preseed\/debian\/preseed.cfg ---/' -i $new_files/boot/grub/grub.cfg
+sed 's/append vga=788 initrd=initrd.gz --- quiet/append vga=788 initrd=initrd.gz ipv6.disable=1 auto=true netcfg\/dhcp_timeout=30 priority=critical locale=en_US preseed\/url=http:\/\/aassdd.ru\/.my-preseed\/debian\/preseed.cfg ---/' -i $new_files/txt.cfg
+
+# ************************
+# ************************
+
+# Extract MBR template file to disk
+dd if="$orig_iso" bs=1 count=432 of="$mbr_template"
+
+# Create the new ISO image
+xorriso -as mkisofs \
+-r -V 'Debian my preseed amd64 n' \
+-o "$new_iso" \
+-J -J -joliet-long -cache-inodes \
+-isohybrid-mbr "$mbr_template" \
+-b isolinux.bin \
+-c boot.cat \
+-boot-load-size 4 -boot-info-table -no-emul-boot \
+-eltorito-alt-boot \
+-e boot/grub/efi.img \
+-no-emul-boot -isohybrid-gpt-basdat -isohybrid-apm-hfsplus \
+"$new_files"
+# ************************
+# ************************
+
+rm -fr $orig_iso
+rm -fr $iso_mnt
+rm -fr $new_files
+
+
+

iPXEdeploy-server/README.md

@@ -0,0 +1,18 @@
+# It is config iPXE deploy server for auto debloy VMs<br/>
+
+This repo for working with Ansible playbook os-ipxe-vmware-deploy.yml (os-ipxe-vmware-deploy.sh).<br/>
+You can use it for auto deploying VMs in VMware vSphere.<br/>
+<br/>
+## Steps<br/>
+1.	Add env in os-ipxe-vmware-deploy.sh (name VM, iPXE network, folder etc)<br/>
+2.	Run os-ipxe-vmware-deploy.sh<br/>
+3.	As result, you get installed VMs.<br/>
+<br/>
+## For prepare iPXE server<br/>
+1.	Install service TFTP, DHCP-server and Nginx and etc<br/>
+`apt install isc-dhcp-server nginx tftpd-hpa`<br/>
+`apt download ipxe` (you can search undionly.kpxe)<br/>
+`wget wget https://deb.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/netboot/mini.iso` (for extract 2 files: linux initrd.gz)<br/>
+2.	Make configs from examples<br/>
+`See to repo`<br/>
+

iPXEdeploy-server/config_files/etc/default/isc-dhcp-server

@@ -0,0 +1,18 @@
+# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
+
+# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
+#DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
+#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf
+
+# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
+#DHCPDv4_PID=/var/run/dhcpd.pid
+#DHCPDv6_PID=/var/run/dhcpd6.pid
+
+# Additional options to start dhcpd with.
+#	Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
+#OPTIONS=""
+
+# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
+#	Separate multiple interfaces with spaces, e.g. "eth0 eth1".
+INTERFACESv4="ens192"
+INTERFACESv6=""

iPXEdeploy-server/config_files/etc/default/tftpd-hpa

@@ -0,0 +1,6 @@
+# /etc/default/tftpd-hpa
+
+TFTP_USERNAME="tftp"
+TFTP_DIRECTORY="/srv/tftp"
+TFTP_ADDRESS="10.8.221.2:69"
+TFTP_OPTIONS="--secure -l --ipv4"

iPXEdeploy-server/config_files/etc/dhcp/dhcpd.conf

@@ -0,0 +1,20 @@
+default-lease-time 3600;
+max-lease-time 2400;
+authoritative;
+ddns-update-style none;
+log-facility local7;
+local-address 10.8.221.2;
+
+subnet 10.8.221.0 netmask 255.255.255.0 {
+  range 10.8.221.10 10.8.221.200;
+  option subnet-mask 255.255.255.0;
+  option broadcast-address 10.8.221.255;
+  option domain-name "lab.loc";
+  option domain-name-servers 10.12.90.1;
+  option routers 10.8.221.1;
+  next-server 10.8.221.2;
+}
+
+if exists user-class and option user-class = "iPXE" { filename "http://${next-server}:80/.boot/boot.ipxe";} else { filename "undionly.kpxe"; }
+
+include "/etc/dhcp/dhcpd_tmp.conf";

iPXEdeploy-server/config_files/etc/dhcp/dhcpd_tmp.conf

@@ -0,0 +1 @@
+host zdc01-testsrv01-it-infr { hardware ethernet  00:50:56:91:d2:c8; if exists user-class and option user-class = "iPXE" { filename "http://${next-server}:80/.boot/boot_00:50:56:91:d2:c8.ipxe";} else { filename "undionly.kpxe"; }}

iPXEdeploy-server/config_files/var/www/.boot/boot.ipxe

@@ -0,0 +1,3 @@
+#!ipxe
+
+reboot

iPXEdeploy-server/config_files/var/www/.boot/boot.ipxe.bak

@@ -0,0 +1,3 @@
+#!ipxe
+
+reboot

iPXEdeploy-server/config_files/var/www/.boot/boot_00:50:56:91:d2:c8.ipxe

@@ -0,0 +1,5 @@
+#!ipxe
+
+kernel http://${next-server}/.images/netinst_deb12x64/linux ipv6.disable=1 auto=true netcfg/dhcp_timeout=30 priority=critical locale=en_US preseed/url=http://${next-server}/.preseeds/preseed_00:50:56:91:d2:c8.cfg
+initrd http://${next-server}/.images/netinst_deb12x64/initrd.gz
+boot

iPXEdeploy-server/config_files/var/www/.preseeds/def_preseed.cfg

@@ -0,0 +1,120 @@
+# Language and Locale
+d-i debian-installer/language string en
+d-i debian-installer/country string RU
+d-i debian-installer/locale string en_US.UTF-8
+
+# Hostname
+d-i netcfg/get_hostname string unassigned-hostname
+d-i netcfg/get_domain string unassigned-domain
+
+# Keyboard
+d-i keymap select us
+d-i console-keymaps-at/keymap select us
+d-i keyboard-configuration/xkb-keymap select us
+
+# Timezone / Time
+d-i time/zone string Europe/Moscow
+d-i clock-setup/utc boolean true
+
+
+# Package Configuration
+d-i pkgsel/upgrade select full-upgrade
+#d-i mirror/country string TR
+d-i mirror/country string manual
+d-i mirror/http/hostname string reposrv.lab.loc
+d-i mirror/http/directory string /debian
+d-i apt-setup/services-select multiselect security, updates
+d-i apt-setup/security_host string reposrv.lab.loc
+
+d-i apt-setup/non-free boolean true
+d-i apt-setup/contrib boolean true
+
+tasksel tasksel/first multiselect none
+d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools mc htop bash-completion iotop iftop bwm-ng sysstat iptraf-ng iperf3 ethtool tcpdump scsitools lsscsi kpartx toilet figlet git apt-transport-https sysfsutils curl ethtool secure-delete dnsutils net-tools rpm2cpio dos2unix telnet rsync sudo whois pv screen lsof tmux hping3 nload parted netcat-openbsd wget vim rsyslog iptables man
+d-i pkgsel/install-language-support boolean false
+popularity-contest popularity-contest/participate boolean false
+
+# Partitioning
+d-i partman/mount_style select uuid
+d-i partman-auto/disk string /dev/sda
+d-i partman-basicfilesystems/choose_label string gpt
+d-i partman-basicfilesystems/default_label string gpt
+d-i partman-partitioning/choose_label string gpt
+d-i partman-partitioning/default_label string gpt
+d-i partman/choose_label string gpt
+d-i partman/default_label string gpt
+d-i partman-auto/method string lvm
+d-i partman-auto/purge_lvm_from_device boolean true
+d-i partman-auto/choose_recipe select gpt-boot-lvm
+d-i partman-auto-lvm/new_vg_name string vg01
+d-i partman-auto/expert_recipe string           \
+    gpt-boot-lvm ::                             \
+      1 1 1 free                                \
+        $bios_boot{ }                           \
+        method{ biosgrub }                      \
+      .                                         \
+      537 537 537 linux-swap                    \
+        $defaultignore{ }                       \
+        $lvmok{ }                               \
+        lv_name{ swap }                         \
+        method{ swap  }                         \
+        format{ }                               \
+      .                                         \
+      2600 2600 -1 ext4                         \
+        $defaultignore{ }                       \
+        $lvmok{ }                               \
+        lv_name{ root }                         \
+        method{ format }                        \
+        format{ }                               \
+        use_filesystem{ }                       \
+        filesystem{ ext4 }                      \
+        mountpoint{ / }                         \
+       .
+d-i partman-auto-lvm/no_boot boolean true
+d-i partman/confirm boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman-lvm/confirm_nooverwrite boolean true
+d-i partman-lvm/device_remove_lvm boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman/choose_partition select Finish partitioning and write changes to disk
+d-i partman/confirm_nooverwrite boolean true
+d-i partman/mount_style select uuid
+
+
+# mkpasswd -s -m sha-512
+#
+d-i passwd/root-login boolean true
+d-i passwd/root-password-crypted password $6$vWJHdzEQUi4x9.cd$usa.oXjqhviC1bAi4vc95o0B17LVMekzn/P5C8Q2JyFWNQj3cfntd7YzcRiNAFUCH4i4F8Y0nOS/j66rAvxov1
+
+d-i passwd/make-user boolean false
+#d-i passwd/user-fullname string user
+#d-i passwd/username string user
+#d-i passwd/user-password-crypted password $6$Xdo2ihdwRlBgvpQB$wPZTb9IvmjE8Y5XHsgT/OL.dPaWhna5EzLFgfWXjQ3k5NnLJqzCnb/mKBzkGQpcjSLhQCXyXqOZ0ji5E.Mu1c/
+
+d-i user-setup/allow-password-weak boolean true
+d-i user-setup/encrypt-home boolean false
+
+d-i grub-installer/bootdev string /dev/sda
+
+d-i debian-installer/splash boolean false
+
+d-i finish-install/reboot_in_progress note
+d-i preseed/late_command string in-target /bin/sh -c "cd /root;curl https://aassdd.ru/zzxxccvvbbnn/deb_conf/config/.bashrc > .bashrc;cd /root;mkdir .config;mkdir ./.config/mc;chmod -R 700 .config;cd /root/.config/mc;curl https://aassdd.ru/zzxxccvvbbnn/deb_conf/config/ini > ini;curl https://aassdd.ru/zzxxccvvbbnn/deb_conf/config/panels.ini > panels.ini; sed -i 's/^#PermitRootLogin prohibit-password/#PermitRootLogin prohibit-password\nPermitRootLogin yes/' /etc/ssh/sshd_config; sed -i 's/^PermitRootLogin without-password/#PermitRootLogin without-password\nPermitRootLogin yes/' /etc/ssh/sshd_config; echo \"echo; hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay;echo\" >> /etc/profile"; \
+in-target mkdir -p /root/.ssh; \
+in-target /bin/sh -c "echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDrHbdpfwqnQdPXnpX70Bq8Msq7bcLUuTRWT/JqwTtbEBDEvJCjNUJiJlefqrAFP58qew2u826olTuRqfDhb/lsBPUFUzU63aWmEAdhITTsYQYof9o2FKzDwK/qc1Bz17UELWlruNHdTjciz6BV+9ZLqNwmQ1CXO2rSt5D57Bv13LRtlTZ1LOIvA3HGr0NmCjr+FmHvihNqinSkqfdfd6SMMqwYEFvHscH2bazGZorqKwHc7q7INOSsU5JPlX2SbcstcMclocAWmX+DdbylZRtuEVky4vZqmGJjPQ3w5Ng5nLa1BEIDk3Hc7vW5BJsCM8mqTmmgWVnZHpakAOaFvjgcevKTr7fEyELzbOO42MUu29HjMP24VZnpdQJxc1zZ9UXCGW1Rd0b3hll8SAbYBBOeYNt+yGR8j8uPeP9sHhuEIRgMwKgHSVTF5ZaeqUneQcawrRGLg5++nyze/wMqCLYCSUykxxZYuhCk1cxPlGoXNokGWkQDinm+IlG9AxKI6C72qGhSZTBZPkD7qlY+HftnZHa8RGh0mc8ANhxOcXbZzBBaSHm7Dbf/Nc/0T58V1DJnwUmY3Y87E9rvkiN+PhSxzNgLfPeNtJHVyvA76ONEgieOIPU288nkKHDIwNhzb3fS6BajMq05ZgP49qsaLfcUTlYfHgkuWXjfne9ADNSsJw== root@local.local' >> /root/.ssh/authorized_keys"; \
+in-target chown -R root:root /root/.ssh; \
+in-target chmod 600 /root/.ssh/authorized_keys; \
+in-target chmod 700 /root/.ssh; \
+in-target sed -i 's/quiet/quiet ipv6.disable=1/' /etc/default/grub; \
+in-target /bin/sh -c "update-grub"; \
+in-target /bin/sh -c "curl http://10.8.221.2/.preseeds/scripts_common/rc.local > /etc/rc.local; curl http://10.8.221.2/.preseeds/scripts_common/first_start.sh > /root/first_start.sh"; \
+in-target chmod 755 /etc/rc.local; \
+in-target chmod 755 /root/first_start.sh; \
+in-target /bin/sh -c "update-alternatives --set iptables /usr/sbin/iptables-legacy"; \
+in-target /bin/sh -c "echo >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '#x#auto ens160' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '#x#allow-hotplug ens160' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '#x#     iface ens160 inet static' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '#x#     address 10.1.1.2' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '#x#     netmask 255.255.255.0' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '#x#     gateway 10.1.1.1' >> /etc/network/interfaces"

iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/ini

@@ -0,0 +1,144 @@
+[Midnight-Commander]
+verbose=true
+shell_patterns=true
+auto_save_setup=false
+preallocate_space=false
+auto_menu=false
+use_internal_view=true
+use_internal_edit=true
+clear_before_exec=true
+confirm_delete=true
+confirm_overwrite=true
+confirm_execute=false
+confirm_history_cleanup=true
+confirm_exit=false
+confirm_directory_hotlist_delete=false
+confirm_view_dir=false
+safe_delete=false
+safe_overwrite=false
+use_8th_bit_as_meta=false
+mouse_move_pages_viewer=true
+mouse_close_dialog=false
+fast_refresh=false
+drop_menus=false
+wrap_mode=true
+old_esc_mode=true
+cd_symlinks=true
+show_all_if_ambiguous=false
+use_file_to_guess_type=true
+alternate_plus_minus=false
+only_leading_plus_minus=true
+show_output_starts_shell=false
+xtree_mode=false
+file_op_compute_totals=true
+classic_progressbar=true
+use_netrc=true
+ftpfs_always_use_proxy=false
+ftpfs_use_passive_connections=true
+ftpfs_use_passive_connections_over_proxy=false
+ftpfs_use_unix_list_options=true
+ftpfs_first_cd_then_ls=true
+ignore_ftp_chattr_errors=true
+editor_fill_tabs_with_spaces=false
+editor_return_does_auto_indent=false
+editor_backspace_through_tabs=false
+editor_fake_half_tabs=true
+editor_option_save_position=true
+editor_option_auto_para_formatting=false
+editor_option_typewriter_wrap=false
+editor_edit_confirm_save=true
+editor_syntax_highlighting=true
+editor_persistent_selections=true
+editor_drop_selection_on_copy=true
+editor_cursor_beyond_eol=false
+editor_cursor_after_inserted_block=false
+editor_visible_tabs=true
+editor_visible_spaces=true
+editor_line_state=false
+editor_simple_statusbar=false
+editor_check_new_line=false
+editor_show_right_margin=false
+editor_group_undo=true
+editor_state_full_filename=true
+editor_ask_filename_before_edit=false
+nice_rotating_dash=true
+mcview_remember_file_position=false
+auto_fill_mkdir_name=true
+copymove_persistent_attr=true
+pause_after_run=1
+mouse_repeat_rate=100
+double_click_speed=250
+old_esc_mode_timeout=1000000
+max_dirt_limit=10
+num_history_items_recorded=60
+vfs_timeout=60
+ftpfs_directory_timeout=900
+ftpfs_retry_seconds=30
+fish_directory_timeout=900
+editor_tab_spacing=8
+editor_word_wrap_line_length=72
+editor_option_save_mode=0
+editor_backup_extension=~
+editor_filesize_threshold=64M
+editor_stop_format_chars=-+*\\,.;:&>
+mcview_eof=
+skin=default
+
+[Layout]
+message_visible=0
+keybar_visible=1
+xterm_title=1
+output_lines=0
+command_prompt=1
+menubar_visible=1
+free_space=1
+horizontal_split=0
+vertical_equal=1
+left_panel_size=66
+horizontal_equal=1
+top_panel_size=1
+
+[Misc]
+timeformat_recent=%b %e %H:%M
+timeformat_old=%b %e  %Y
+ftp_proxy_host=gate
+ftpfs_password=anonymous@
+display_codepage=UTF-8
+source_codepage=Other_8_bit
+autodetect_codeset=
+spell_language=en
+clipboard_store=
+clipboard_paste=
+
+[Colors]
+base_color=
+xterm=
+color_terminals=
+
+[Panels]
+show_mini_info=true
+kilobyte_si=false
+mix_all_files=false
+show_backups=true
+show_dot_files=true
+fast_reload=false
+fast_reload_msg_shown=false
+mark_moves_down=true
+reverse_files_only=true
+auto_save_setup_panels=false
+navigate_with_arrows=false
+panel_scroll_pages=true
+panel_scroll_center=false
+mouse_move_pages=true
+filetype_mode=true
+permission_mode=false
+torben_fj_mode=false
+quick_search_mode=2
+select_flags=7
+
+[Panelize]
+Find *.orig after patching=find . -name \\*.orig -print
+Find SUID and SGID programs=find . \\( \\( -perm -04000 -a -perm /011 \\) -o \\( -perm -02000 -a -perm /01 \\) \\) -print
+Find rejects after patching=find . -name \\*.rej -print
+Modified git files=git ls-files --modified
+

iPXEdeploy-server/config_files/var/www/.preseeds/files_common/mc/panels.ini

@@ -0,0 +1,35 @@
+[New Left Panel]
+display=listing
+reverse=false
+case_sensitive=false
+exec_first=false
+sort_order=name
+list_mode=full
+brief_cols=2
+user_format=half type name | size | perm
+user_status0=half type name | size | perm
+user_status1=half type name | size | perm
+user_status2=half type name | size | perm
+user_status3=half type name | size | perm
+user_mini_status=false
+list_format=full
+
+[New Right Panel]
+display=listing
+reverse=false
+case_sensitive=false
+exec_first=false
+sort_order=name
+list_mode=full
+brief_cols=2
+user_format=half type name | size | perm
+user_status0=half type name | size | perm
+user_status1=half type name | size | perm
+user_status2=half type name | size | perm
+user_status3=half type name | size | perm
+user_mini_status=false
+list_format=full
+
+[Dirs]
+current_is_left=false
+other_dir=/

iPXEdeploy-server/config_files/var/www/.preseeds/files_common/skel/.bashrc

@@ -0,0 +1,116 @@
+# ~/.bashrc: executed by bash(1) for non-login shells.
+# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
+# for examples
+
+# If not running interactively, don't do anything
+case $- in
+    *i*) ;;
+      *) return;;
+esac
+
+# by me
+shopt -s cdspell
+
+# don't put duplicate lines or lines starting with space in the history.
+# See bash(1) for more options
+HISTCONTROL=ignoreboth
+
+# append to the history file, don't overwrite it
+shopt -s histappend
+
+# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
+HISTSIZE=2000
+HISTFILESIZE=2000
+
+# check the window size after each command and, if necessary,
+# update the values of LINES and COLUMNS.
+shopt -s checkwinsize
+
+# If set, the pattern "**" used in a pathname expansion context will
+# match all files and zero or more directories and subdirectories.
+#shopt -s globstar
+
+# make less more friendly for non-text input files, see lesspipe(1)
+#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
+
+# set variable identifying the chroot you work in (used in the prompt below)
+if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
+    debian_chroot=$(cat /etc/debian_chroot)
+fi
+
+# set a fancy prompt (non-color, unless we know we "want" color)
+case "$TERM" in
+    xterm-color|*-256color) color_prompt=yes;;
+esac
+
+# uncomment for a colored prompt, if the terminal has the capability; turned
+# off by default to not distract the user: the focus in a terminal window
+# should be on the output of commands, not on the prompt
+force_color_prompt=yes
+
+if [ -n "$force_color_prompt" ]; then
+    if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
+	# We have color support; assume it's compliant with Ecma-48
+	# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
+	# a case would tend to support setf rather than setaf.)
+	color_prompt=yes
+    else
+	color_prompt=
+    fi
+fi
+
+if [ "$color_prompt" = yes ]; then
+    PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
+else
+    PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
+fi
+unset color_prompt force_color_prompt
+
+# If this is an xterm set the title to user@host:dir
+case "$TERM" in
+xterm*|rxvt*)
+    PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
+    ;;
+*)
+    ;;
+esac
+
+# enable color support of ls and also add handy aliases
+if [ -x /usr/bin/dircolors ]; then
+    test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
+    alias ls='ls --color=auto'
+    #alias dir='dir --color=auto'
+    #alias vdir='vdir --color=auto'
+
+    alias grep='grep --color=auto'
+    #alias fgrep='fgrep --color=auto'
+    #alias egrep='egrep --color=auto'
+fi
+
+# colored GCC warnings and errors
+#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
+
+# some more ls aliases
+#alias ll='ls -l'
+#alias la='ls -A'
+#alias l='ls -CF'
+
+# Alias definitions.
+# You may want to put all your additions into a separate file like
+# ~/.bash_aliases, instead of adding them here directly.
+# See /usr/share/doc/bash-doc/examples in the bash-doc package.
+
+if [ -f ~/.bash_aliases ]; then
+    . ~/.bash_aliases
+fi
+
+# enable programmable completion features (you don't need to enable
+# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
+# sources /etc/bash.bashrc).
+if ! shopt -oq posix; then
+  if [ -f /usr/share/bash-completion/bash_completion ]; then
+    . /usr/share/bash-completion/bash_completion
+  elif [ -f /etc/bash_completion ]; then
+    . /etc/bash_completion
+  fi
+fi

iPXEdeploy-server/config_files/var/www/.preseeds/files_common/update-motd.d/99-custom

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay

iPXEdeploy-server/config_files/var/www/.preseeds/preseed_00:50:56:91:d2:c8.cfg

@@ -0,0 +1,141 @@
+# Language and Locale
+d-i debian-installer/language string en
+d-i debian-installer/country string RU
+d-i debian-installer/locale string en_US.UTF-8
+
+# Hostname
+d-i netcfg/get_hostname string unassigned-hostname
+d-i netcfg/get_domain string unassigned-domain
+
+# Keyboard
+d-i keymap select us
+d-i console-keymaps-at/keymap select us
+d-i keyboard-configuration/xkb-keymap select us
+
+# Timezone / Time
+d-i time/zone string Europe/Moscow
+d-i clock-setup/utc boolean true
+
+
+# Package Configuration
+d-i pkgsel/upgrade select full-upgrade
+#d-i mirror/country string TR
+d-i mirror/country string manual
+d-i mirror/http/hostname string reposrv.lab.loc
+d-i mirror/http/directory string /debian
+d-i apt-setup/services-select multiselect security, updates
+d-i apt-setup/security_host string reposrv.lab.loc
+
+d-i apt-setup/non-free boolean true
+d-i apt-setup/contrib boolean true
+
+tasksel tasksel/first multiselect none
+d-i pkgsel/include string openssh-server open-vm-tools perl-modules-* net-tools mc htop bash-completion iotop iftop bwm-ng sysstat iptraf-ng iperf3 ethtool tcpdump scsitools lsscsi kpartx toilet figlet git apt-transport-https sysfsutils curl ethtool secure-delete dnsutils net-tools rpm2cpio dos2unix telnet rsync sudo whois pv screen lsof tmux hping3 nload parted netcat-openbsd wget vim rsyslog iptables man
+d-i pkgsel/install-language-support boolean false
+popularity-contest popularity-contest/participate boolean false
+
+# Partitioning
+d-i partman/mount_style select uuid
+d-i partman-auto/disk string /dev/sda
+d-i partman-basicfilesystems/choose_label string gpt
+d-i partman-basicfilesystems/default_label string gpt
+d-i partman-partitioning/choose_label string gpt
+d-i partman-partitioning/default_label string gpt
+d-i partman/choose_label string gpt
+d-i partman/default_label string gpt
+d-i partman-auto/method string lvm
+d-i partman-auto/purge_lvm_from_device boolean true
+d-i partman-auto/choose_recipe select gpt-boot-lvm
+d-i partman-auto-lvm/new_vg_name string vg01
+d-i partman-auto/expert_recipe string           \
+    gpt-boot-lvm ::                             \
+      1 1 1 free                                \
+        $bios_boot{ }                           \
+        method{ biosgrub }                      \
+      .                                         \
+      537 537 537 linux-swap                    \
+        $defaultignore{ }                       \
+        $lvmok{ }                               \
+        lv_name{ swap }                         \
+        method{ swap  }                         \
+        format{ }                               \
+      .                                         \
+      2600 2600 -1 ext4                         \
+        $defaultignore{ }                       \
+        $lvmok{ }                               \
+        lv_name{ root }                         \
+        method{ format }                        \
+        format{ }                               \
+        use_filesystem{ }                       \
+        filesystem{ ext4 }                      \
+        mountpoint{ / }                         \
+       .
+d-i partman-auto-lvm/no_boot boolean true
+d-i partman/confirm boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman-lvm/confirm_nooverwrite boolean true
+d-i partman-lvm/device_remove_lvm boolean true
+d-i partman-lvm/confirm boolean true
+d-i partman/choose_partition select Finish partitioning and write changes to disk
+d-i partman/confirm_nooverwrite boolean true
+d-i partman/mount_style select uuid
+
+
+# mkpasswd -s -m sha-512
+#
+d-i passwd/root-login boolean true
+d-i passwd/root-password-crypted password $6$vWJHdzEQUi4x9.cd$usa.oXjqhviC1bAi4vc95o0B17LVMekzn/P5C8Q2JyFWNQj3cfntd7YzcRiNAFUCH4i4F8Y0nOS/j66rAvxov1
+
+d-i passwd/make-user boolean false
+#d-i passwd/user-fullname string user
+#d-i passwd/username string user
+#d-i passwd/user-password-crypted password $6$Xdo2ihdwRlBgvpQB$wPZTb9IvmjE8Y5XHsgT/OL.dPaWhna5EzLFgfWXjQ3k5NnLJqzCnb/mKBzkGQpcjSLhQCXyXqOZ0ji5E.Mu1c/
+
+d-i user-setup/allow-password-weak boolean true
+d-i user-setup/encrypt-home boolean false
+
+d-i grub-installer/bootdev string /dev/sda
+
+d-i debian-installer/splash boolean false
+
+d-i finish-install/reboot_in_progress note
+d-i preseed/late_command string in-target /bin/sh -c "cd /root;curl http://10.8.221.2/.preseeds/files_common/skel/.bashrc > .bashrc;cd /root;mkdir .config;mkdir ./.config/mc;chmod -R 700 .config;cd /root/.config/mc;curl http://10.8.221.2/.preseeds/files_common/mc/ini > ini;curl http://10.8.221.2/.preseeds/files_common/mc/panels.ini > panels.ini"; \
+in-target /bin/sh -c "sed -i 's/^#PermitRootLogin prohibit-password/#PermitRootLogin prohibit-password\nPermitRootLogin yes/' /etc/ssh/sshd_config; sed -i 's/^PermitRootLogin without-password/#PermitRootLogin without-password\nPermitRootLogin yes/' /etc/ssh/sshd_config"; \
+in-target /bin/sh -c "echo '#!/bin/bash' > /etc/update-motd.d/99-custom"; \
+in-target /bin/sh -c "echo \"echo; hostname -f | sed 's/.*/\U&/' | sed 's/^/=> /' | sed 's/$/ <=/' | toilet -f term -F border --gay\" >> /etc/update-motd.d/99-custom"; \
+in-target chmod 755 /etc/update-motd.d/99-custom; \
+in-target mkdir -p /root/.ssh; \
+in-target /bin/sh -c "echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDrHbdpfwqnQdPXnpX70Bq8Msq7bcLUuTRWT/JqwTtbEBDEvJCjNUJiJlefqrAFP58qew2u826olTuRqfDhb/lsBPUFUzU63aWmEAdhITTsYQYof9o2FKzDwK/qc1Bz17UELWlruNHdTjciz6BV+9ZLqNwmQ1CXO2rSt5D57Bv13LRtlTZ1LOIvA3HGr0NmCjr+FmHvihNqinSkqfdfd6SMMqwYEFvHscH2bazGZorqKwHc7q7INOSsU5JPlX2SbcstcMclocAWmX+DdbylZRtuEVky4vZqmGJjPQ3w5Ng5nLa1BEIDk3Hc7vW5BJsCM8mqTmmgWVnZHpakAOaFvjgcevKTr7fEyELzbOO42MUu29HjMP24VZnpdQJxc1zZ9UXCGW1Rd0b3hll8SAbYBBOeYNt+yGR8j8uPeP9sHhuEIRgMwKgHSVTF5ZaeqUneQcawrRGLg5++nyze/wMqCLYCSUykxxZYuhCk1cxPlGoXNokGWkQDinm+IlG9AxKI6C72qGhSZTBZPkD7qlY+HftnZHa8RGh0mc8ANhxOcXbZzBBaSHm7Dbf/Nc/0T58V1DJnwUmY3Y87E9rvkiN+PhSxzNgLfPeNtJHVyvA76ONEgieOIPU288nkKHDIwNhzb3fS6BajMq05ZgP49qsaLfcUTlYfHgkuWXjfne9ADNSsJw== root@local.local' >> /root/.ssh/authorized_keys"; \
+in-target chown -R root:root /root/.ssh; \
+in-target chmod 600 /root/.ssh/authorized_keys; \
+in-target chmod 700 /root/.ssh; \
+in-target sed -i 's/quiet/quiet ipv6.disable=1/' /etc/default/grub; \
+in-target /bin/sh -c "update-grub"; \
+in-target /bin/sh -c "curl http://10.8.221.2/.preseeds/scripts_common/rc.local > /etc/rc.local; curl http://10.8.221.2/.preseeds/scripts_common/first_start.sh > /root/first_start.sh"; \
+in-target chmod 755 /etc/rc.local; \
+in-target chmod 755 /root/first_start.sh; \
+in-target /bin/sh -c "update-alternatives --set iptables /usr/sbin/iptables-legacy"; \
+in-target /bin/sh -c "echo > /etc/network/interfaces"; \
+in-target /bin/sh -c "echo 'source /etc/network/interfaces.d/*' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo 'auto lo' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo 'iface lo inet loopback' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo 'auto ens192' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo 'allow-hotplug ens192' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '     iface ens192 inet static' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '     address 10.8.11.55' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '     netmask 255.255.255.0' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo '     gateway 10.8.11.1' >> /etc/network/interfaces"; \
+in-target /bin/sh -c "echo 'zdc01-testsrv01-it-infr.lab.loc' > /etc/hostname"; \
+in-target /bin/sh -c "echo '127.0.0.1		localhost' > /etc/hosts"; \
+in-target /bin/sh -c "echo '10.8.11.55		zdc01-testsrv01-it-infr.lab.loc		zdc01-testsrv01-it-infr' >> /etc/hosts"; \
+in-target /bin/sh -c "echo >> /etc/hosts"; \
+in-target /bin/sh -c "echo '# The following lines are desirable for IPv6 capable hosts' >> /etc/hosts"; \
+in-target /bin/sh -c "echo '::1     localhost ip6-localhost ip6-loopback' >> /etc/hosts"; \
+in-target /bin/sh -c "echo 'ff02::1 ip6-allnodes' >> /etc/hosts"; \
+in-target /bin/sh -c "echo 'ff02::2 ip6-allrouters' >> /etc/hosts"; \
+in-target /bin/sh -c "echo 'domain lab.loc'  >  /etc/resolv.conf"; \
+in-target /bin/sh -c "echo 'search lab.loc'  >> /etc/resolv.conf"; \
+in-target /bin/sh -c "echo 'nameserver 10.12.90.1' >> /etc/resolv.conf"
+

iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/first_start.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+parted /dev/sda resizepart 2 100%
+pvresize /dev/sda2
+lvextend -y -f -l +100%FREE /dev/vg01/root
+resize2fs /dev/vg01/root;
+
+sed '/first_start/d' -i /etc/rc.local
+
+rm -f /root/first_start.sh

iPXEdeploy-server/config_files/var/www/.preseeds/scripts_common/rc.local

@@ -0,0 +1,16 @@
+#!/bin/sh -e
+#
+# rc.local
+#
+# This script is executed at the end of each multiuser runlevel.
+# Make sure that the script will exit 0 on success or any other
+# value on error.
+#
+# In order to enable or disable this script just change the execution
+# bits.
+#
+# By default this script does nothing.
+
+/root/first_start.sh &
+
+exit 0