From 02e13dfb001392509f1787f397330dbbc19f97ed Mon Sep 17 00:00:00 2001 From: Philippe Caseiro Date: Thu, 18 Mar 2021 16:11:35 +0100 Subject: [PATCH] Adding Chapter 1 : Packer will build for you --- .gitignore | 4 + README.md | 2 + fabrica | 101 ++++++++++ packer/Makefile | 10 + packer/post-processors/compress-qcow2.sh | 30 +++ packer/post-processors/process-eole-db.sh | 65 +++++++ packer/provisioning/90_terra_network.xml | 22 +++ packer/provisioning/alpine/ansible.sh | 11 ++ packer/provisioning/alpine/cleanup.sh | 29 +++ .../alpine/configure-onecontext.sh | 53 ++++++ packer/provisioning/alpine/finalize.sh | 8 + packer/provisioning/alpine/setup-alpine.sh | 77 ++++++++ .../sums/alpine-virt-3.10.2-x86_64.iso.sha256 | 1 + .../sums/alpine-virt-3.12.0-x86_64.iso.sha256 | 1 + packer/provisioning/alpine/syslog.sh | 54 ++++++ packer/provisioning/common.sh | 51 +++++ .../eole/2.7.2/dicos/99_terraform.xml | 18 ++ .../eole/2.7.2/modif/00-eole.yaml | 77 ++++++++ .../eole/2.7.2/netplan/01-netcfg.yaml | 11 ++ .../provisioning/eole/onecontext/net-99-eole | 35 ++++ .../provisioning/playbooks/common-appli.yml | 20 ++ packer/provisioning/playbooks/dc.yml | 37 ++++ packer/provisioning/playbooks/dns.yml | 13 ++ packer/provisioning/playbooks/dokuwiki.yml | 29 +++ packer/provisioning/playbooks/dolibarr.yml | 51 +++++ packer/provisioning/playbooks/eole/amon.yml | 26 +++ packer/provisioning/playbooks/eole/eole.yml | 75 ++++++++ .../provisioning/playbooks/eole/lemonldap.yml | 36 ++++ packer/provisioning/playbooks/eole/minio.yml | 36 ++++ .../playbooks/eole/partitions.yml | 109 +++++++++++ .../provisioning/playbooks/eole/provision.yml | 81 ++++++++ packer/provisioning/playbooks/eole/seth.yml | 26 +++ packer/provisioning/playbooks/eole/tenjin.yml | 41 +++++ packer/provisioning/playbooks/eole/zephir.yml | 26 +++ .../playbooks/get_conf_from_zephir.yml | 67 +++++++ packer/provisioning/playbooks/hole.yml | 33 ++++ .../playbooks/infra/cadoles.com/sso.yml | 17 ++ packer/provisioning/playbooks/instance.yml | 39 ++++ packer/provisioning/playbooks/jorani.yml | 68 +++++++ packer/provisioning/playbooks/limesurvey.yml | 30 +++ packer/provisioning/playbooks/nextcloud.yml | 30 +++ packer/provisioning/playbooks/nineboard.yml | 32 ++++ packer/provisioning/playbooks/ninegate.yml | 29 +++ packer/provisioning/playbooks/piwigo.yml | 29 +++ packer/provisioning/playbooks/portal.yml | 40 ++++ .../playbooks/prepare_data_disk.yml | 107 +++++++++++ .../provisioning/playbooks/prepare_disk.yml | 73 ++++++++ packer/provisioning/playbooks/syspass.yml | 66 +++++++ packer/provisioning/ssh/id_rsa | 49 +++++ packer/provisioning/ssh/id_rsa.pub | 1 + .../ssl/ca/AC-ANTSv3-Racine-1.crt | Bin 0 -> 1577 bytes packer/provisioning/ssl/ca/GeoTrust.crt | 28 +++ .../ssl/ca/GeoTrust_Primary_CA.pem | 21 +++ packer/provisioning/ssl/ca/RapidSSL.crt | 22 +++ .../ssl/ca/chaineACs-ANTSv3-SA-2.crt | 70 +++++++ .../ssl/ca/chaineACs-ANTSv3-SA-crt | 70 +++++++ packer/provisioning/ssl/ca/isrg-root-x2.pem | 14 ++ packer/provisioning/ssl/ca/isrgrootx1.crt | 31 ++++ packer/provisioning/ssl/ca/isrgrootx1.pem | 31 ++++ .../provisioning/ssl/ca/lets-encrypt-r3.pem | 30 +++ .../ssl/ca/lets-encrypt-x4-cross-signed.crt | 27 +++ .../ssl/ca/letsencryptauthorityx3.crt | 32 ++++ .../ssl/ca/letsencryptauthorityx3.pem | 32 ++++ packer/provisioning/ssl/certs/ber.crt | 30 +++ packer/provisioning/ssl/certs/ber.key | 28 +++ packer/provisioning/ssl/certs/ber.pem | 56 ++++++ .../provisioning/ssl/certs/ber_ca-chain.crt | 27 +++ packer/provisioning/ssl/certs/ca.crt | 26 +++ packer/provisioning/ssl/private/ber.key | 28 +++ packer/recipes/alpine/3.10/virt.json | 95 ++++++++++ packer/recipes/alpine/3.12/virt.json | 94 ++++++++++ packer/recipes/eole/2.7.2/amon.json | 85 +++++++++ packer/recipes/eole/2.7.2/eolebase.json | 89 +++++++++ packer/recipes/eole/2.7.2/lemonldap.json | 92 +++++++++ packer/recipes/eole/2.7.2/minio.json | 92 +++++++++ packer/recipes/eole/2.7.2/preseed.cfg | 4 + packer/recipes/eole/2.7.2/provision.sh | 76 ++++++++ packer/recipes/eole/2.7.2/seth.json | 85 +++++++++ packer/recipes/eole/2.7.2/tenjin.json | 92 +++++++++ packer/recipes/eole/2.7.2/zephir.json | 86 +++++++++ .../infra/cadoles.com/production/sso.json | 117 ++++++++++++ .../ubuntu/18.04/http/preseed-minimal.cfg | 174 ++++++++++++++++++ packer/recipes/ubuntu/18.04/packer.json | 70 +++++++ .../ubuntu/18.04/scripts/provision-minimal.sh | 57 ++++++ .../ubuntu/20.04/http/preseed-minimal.cfg | 174 ++++++++++++++++++ packer/recipes/ubuntu/20.04/packer.json | 72 ++++++++ .../ubuntu/20.04/scripts/provision-minimal.sh | 57 ++++++ packer/script/build | 31 ++++ packer/script/clean | 9 + packer/script/install | 37 ++++ packer/script/onepublish | 131 +++++++++++++ packer/script/run | 55 ++++++ packer/targets/alpine.mk | 27 +++ packer/targets/eole-2.7.2.mk | 54 ++++++ packer/targets/infra.mk | 47 +++++ packer/targets/services.mk | 34 ++++ packer/targets/ubuntu.mk | 15 ++ 97 files changed, 4630 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100755 fabrica create mode 100644 packer/Makefile create mode 100755 packer/post-processors/compress-qcow2.sh create mode 100755 packer/post-processors/process-eole-db.sh create mode 100644 packer/provisioning/90_terra_network.xml create mode 100644 packer/provisioning/alpine/ansible.sh create mode 100644 packer/provisioning/alpine/cleanup.sh create mode 100644 packer/provisioning/alpine/configure-onecontext.sh create mode 100644 packer/provisioning/alpine/finalize.sh create mode 100644 packer/provisioning/alpine/setup-alpine.sh create mode 100644 packer/provisioning/alpine/sums/alpine-virt-3.10.2-x86_64.iso.sha256 create mode 100644 packer/provisioning/alpine/sums/alpine-virt-3.12.0-x86_64.iso.sha256 create mode 100644 packer/provisioning/alpine/syslog.sh create mode 100644 packer/provisioning/common.sh create mode 100644 packer/provisioning/eole/2.7.2/dicos/99_terraform.xml create mode 100644 packer/provisioning/eole/2.7.2/modif/00-eole.yaml create mode 100644 packer/provisioning/eole/2.7.2/netplan/01-netcfg.yaml create mode 100644 packer/provisioning/eole/onecontext/net-99-eole create mode 100644 packer/provisioning/playbooks/common-appli.yml create mode 100644 packer/provisioning/playbooks/dc.yml create mode 100644 packer/provisioning/playbooks/dns.yml create mode 100644 packer/provisioning/playbooks/dokuwiki.yml create mode 100644 packer/provisioning/playbooks/dolibarr.yml create mode 100644 packer/provisioning/playbooks/eole/amon.yml create mode 100644 packer/provisioning/playbooks/eole/eole.yml create mode 100644 packer/provisioning/playbooks/eole/lemonldap.yml create mode 100644 packer/provisioning/playbooks/eole/minio.yml create mode 100644 packer/provisioning/playbooks/eole/partitions.yml create mode 100644 packer/provisioning/playbooks/eole/provision.yml create mode 100644 packer/provisioning/playbooks/eole/seth.yml create mode 100644 packer/provisioning/playbooks/eole/tenjin.yml create mode 100644 packer/provisioning/playbooks/eole/zephir.yml create mode 100644 packer/provisioning/playbooks/get_conf_from_zephir.yml create mode 100644 packer/provisioning/playbooks/hole.yml create mode 100644 packer/provisioning/playbooks/infra/cadoles.com/sso.yml create mode 100644 packer/provisioning/playbooks/instance.yml create mode 100644 packer/provisioning/playbooks/jorani.yml create mode 100644 packer/provisioning/playbooks/limesurvey.yml create mode 100644 packer/provisioning/playbooks/nextcloud.yml create mode 100644 packer/provisioning/playbooks/nineboard.yml create mode 100644 packer/provisioning/playbooks/ninegate.yml create mode 100644 packer/provisioning/playbooks/piwigo.yml create mode 100644 packer/provisioning/playbooks/portal.yml create mode 100644 packer/provisioning/playbooks/prepare_data_disk.yml create mode 100644 packer/provisioning/playbooks/prepare_disk.yml create mode 100644 packer/provisioning/playbooks/syspass.yml create mode 100644 packer/provisioning/ssh/id_rsa create mode 100644 packer/provisioning/ssh/id_rsa.pub create mode 100644 packer/provisioning/ssl/ca/AC-ANTSv3-Racine-1.crt create mode 100644 packer/provisioning/ssl/ca/GeoTrust.crt create mode 100644 packer/provisioning/ssl/ca/GeoTrust_Primary_CA.pem create mode 100644 packer/provisioning/ssl/ca/RapidSSL.crt create mode 100644 packer/provisioning/ssl/ca/chaineACs-ANTSv3-SA-2.crt create mode 100644 packer/provisioning/ssl/ca/chaineACs-ANTSv3-SA-crt create mode 100644 packer/provisioning/ssl/ca/isrg-root-x2.pem create mode 100644 packer/provisioning/ssl/ca/isrgrootx1.crt create mode 100644 packer/provisioning/ssl/ca/isrgrootx1.pem create mode 100644 packer/provisioning/ssl/ca/lets-encrypt-r3.pem create mode 100644 packer/provisioning/ssl/ca/lets-encrypt-x4-cross-signed.crt create mode 100644 packer/provisioning/ssl/ca/letsencryptauthorityx3.crt create mode 100644 packer/provisioning/ssl/ca/letsencryptauthorityx3.pem create mode 100644 packer/provisioning/ssl/certs/ber.crt create mode 100644 packer/provisioning/ssl/certs/ber.key create mode 100644 packer/provisioning/ssl/certs/ber.pem create mode 100644 packer/provisioning/ssl/certs/ber_ca-chain.crt create mode 100644 packer/provisioning/ssl/certs/ca.crt create mode 100644 packer/provisioning/ssl/private/ber.key create mode 100644 packer/recipes/alpine/3.10/virt.json create mode 100644 packer/recipes/alpine/3.12/virt.json create mode 100644 packer/recipes/eole/2.7.2/amon.json create mode 100644 packer/recipes/eole/2.7.2/eolebase.json create mode 100644 packer/recipes/eole/2.7.2/lemonldap.json create mode 100644 packer/recipes/eole/2.7.2/minio.json create mode 100644 packer/recipes/eole/2.7.2/preseed.cfg create mode 100644 packer/recipes/eole/2.7.2/provision.sh create mode 100644 packer/recipes/eole/2.7.2/seth.json create mode 100644 packer/recipes/eole/2.7.2/tenjin.json create mode 100644 packer/recipes/eole/2.7.2/zephir.json create mode 100644 packer/recipes/infra/cadoles.com/production/sso.json create mode 100644 packer/recipes/ubuntu/18.04/http/preseed-minimal.cfg create mode 100644 packer/recipes/ubuntu/18.04/packer.json create mode 100644 packer/recipes/ubuntu/18.04/scripts/provision-minimal.sh create mode 100644 packer/recipes/ubuntu/20.04/http/preseed-minimal.cfg create mode 100644 packer/recipes/ubuntu/20.04/packer.json create mode 100644 packer/recipes/ubuntu/20.04/scripts/provision-minimal.sh create mode 100755 packer/script/build create mode 100755 packer/script/clean create mode 100755 packer/script/install create mode 100755 packer/script/onepublish create mode 100755 packer/script/run create mode 100644 packer/targets/alpine.mk create mode 100644 packer/targets/eole-2.7.2.mk create mode 100644 packer/targets/infra.mk create mode 100644 packer/targets/services.mk create mode 100644 packer/targets/ubuntu.mk diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..06bf595 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +.bin/ +images/ +packer_cache/ +*inventory diff --git a/README.md b/README.md new file mode 100644 index 0000000..8a9dd9b --- /dev/null +++ b/README.md @@ -0,0 +1,2 @@ +# Fabrica +## Build your infrastructure from scratch with Eole/Hâpy Packer and Terraform diff --git a/fabrica b/fabrica new file mode 100755 index 0000000..71c0458 --- /dev/null +++ b/fabrica @@ -0,0 +1,101 @@ +#!/bin/bash + +WORKDIR="./terraform" +TERRA="terraform" +VAR_FILE="main.tfvars" +PACKER_ROOT="./packer" + +# FIXME +function needGitPull() +{ + br=$(git branch --show-current) + diff=$(git rev-list HEAD...origin/master --count) + return ${diff} +} + +function trun() +{ + #needGitPull + cd ${WORKDIR} + if [[ ${?} -ne 0 ]] + then + echo "Branch is not up 2 date !" + echo "--> Git pull needed !" + return 1 + fi + ${TERRA} ${1} -var-file ${VAR_FILE} + res=${?} + cd - + + return ${res} +} + +function plan() +{ + trun plan + return $? +} + +function apply() +{ + trun apply + return $? +} + +function destroy() +{ + trun destroy + return $? +} + +function taint() +{ + target=$1 + resource=$2 + + cd ${WORKDIR} + + $TERRA taint module.${resource}.opennebula_template.vm_template + $TERRA taint module.${resource}.opennebula_virtual_machine.vm + $TERRA taint module.${resource}.opennebula_image.system + cd - + +} + +function taint_all() +{ + target=$1 + resource=$2 + cd ${WORKDIR} + + $TERRA taint module.${resource}.opennebula_template.vm_template + $TERRA taint module.${resource}.opennebula_virtual_machine.vm + $TERRA taint module.${resource}.opennebula_image.system + $TERRA taint module.${resource}.opennebula_image.data + + cd - +} + +function init() +{ + trun init + return ${?} +} + +function build() +{ + target=$2 + cd ${PACKER_ROOT} + echo "Building ${target}" + make ${target} + return ${?} +} + +function publish() +{ + target=$2 + echo "FIXME for publish" +} + +$1 $@ +exit ${?} diff --git a/packer/Makefile b/packer/Makefile new file mode 100644 index 0000000..8d42628 --- /dev/null +++ b/packer/Makefile @@ -0,0 +1,10 @@ +include targets/*.mk + +build: + +deploy: + +clean: + rm -rf images/* + +.PHONY: clean deploy diff --git a/packer/post-processors/compress-qcow2.sh b/packer/post-processors/compress-qcow2.sh new file mode 100755 index 0000000..eaa48cf --- /dev/null +++ b/packer/post-processors/compress-qcow2.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +if [[ $# -ne 3 ]] +then + echo Missing arguments + exit 2 +fi + +WORKDIR=${1} +DOMAIN=${2} +VERSION=${3} + +function findImages() +{ + find ${1} -iname "${2}*.img" +} + +sleep 5 + +for imageName in $(findImages ${WORKDIR} ${DOMAIN}) +do + latestName=$(echo $imageName | sed "s/.img/_latest.img/g") + newName=$(echo $imageName | sed "s/.img/_${VERSION}.img/g") + virt-sparsify -x --compress --tmp ./ --format qcow2 ${imageName} ${newName} + if [[ $? -eq 0 ]] + then + ln -s ${newName} ${latestName} + rm -rf ${imageName} + fi +done diff --git a/packer/post-processors/process-eole-db.sh b/packer/post-processors/process-eole-db.sh new file mode 100755 index 0000000..290ecaa --- /dev/null +++ b/packer/post-processors/process-eole-db.sh @@ -0,0 +1,65 @@ +#!/bin/bash + +WORKDIR=${1} + +sys_img=$(find ${WORKDIR} -name "*.img") +provisionDirectory=${2} + +if [[ ! -d ${provisionDirectory} ]] +then + mkdir -p ${provisionDirectory} +fi + +tmpMntPnt=$(mktemp -d) +tmpWorkDir=$(mktemp -d) + +# +# $1 : qcow image +# $2 : mount point +# +function mountQcowImage() +{ + guestmount -a $1 -i --ro ${2} + return ${?} +} + +function getEoleDbConfig() +{ + workdir=${1} + mntPnt=${2} + provisionDir=${3} + + cd ${workdir} + cp ${mntPnt}/etc/eole/eole-db.d/* . + mkdir -p ${provisionDir}/etc/eole/eole-db.d + cp * ${provisionDir}/etc/eole/eole-db.d + cd - + +} + +function processConfiguration() +{ + workdir=${1} + mntPnt=${2} + provisionDir=${3} + + files=$(awk '/file:/ {gsub(/,|"|\047/,""); print $3}' ${mntPnt}/etc/eole/eole-db.d/*) + + for file in ${files} + do + dirname=$(dirname ${file}) + dest="${provisionDir}/${dirname}" + mkdir -p ${dest} + cp ${mntPnt}${file} ${dest} + done +} + +mountQcowImage ${sys_img} ${tmpMntPnt} + +getEoleDbConfig ${tmpWorkDir} ${tmpMntPnt} ${provisionDirectory} + +processConfiguration ${tmpWorkDir} ${tmpMntPnt} ${provisionDirectory} + +umount ${tmpMntPnt} +rm -rf ${tmpMntPnt} +#rm -rf ${tmpWorkDir} \ No newline at end of file diff --git a/packer/provisioning/90_terra_network.xml b/packer/provisioning/90_terra_network.xml new file mode 100644 index 0000000..12ba6c5 --- /dev/null +++ b/packer/provisioning/90_terra_network.xml @@ -0,0 +1,22 @@ + + + + + + + + + + + + + + + ['statique','dhcp'] + + + + + diff --git a/packer/provisioning/alpine/ansible.sh b/packer/provisioning/alpine/ansible.sh new file mode 100644 index 0000000..89f369b --- /dev/null +++ b/packer/provisioning/alpine/ansible.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +set -xe + +installPython() +{ + apk add --no-cache python3 + ln -sf python3 /usr/bin/python +} + +installPython \ No newline at end of file diff --git a/packer/provisioning/alpine/cleanup.sh b/packer/provisioning/alpine/cleanup.sh new file mode 100644 index 0000000..3969daa --- /dev/null +++ b/packer/provisioning/alpine/cleanup.sh @@ -0,0 +1,29 @@ +#!/bin/sh + +set -xe + +source /root/provisioning/common.sh + +removePkg() +{ + apk del --no-cache $1 + return $? +} + +cleanProv() +{ + rm -rf /root/provisioning + return $? +} + +for pkg in ${PKG_TO_REMOVE} +do + removePkg ${pkg} + if [ $? -ne 0 ] + then + echo "Warning : removing package ${pkg} failed with code $?" + fi +done + +cleanProv +exit $? \ No newline at end of file diff --git a/packer/provisioning/alpine/configure-onecontext.sh b/packer/provisioning/alpine/configure-onecontext.sh new file mode 100644 index 0000000..b57416d --- /dev/null +++ b/packer/provisioning/alpine/configure-onecontext.sh @@ -0,0 +1,53 @@ +#!/usr/bin/env sh + +set -xeo pipefail + +# Install one-context +wget https://github.com/OpenNebula/addon-context-linux/releases/download/v5.8.0/one-context-5.8.0-r1.apk +apk add --allow-untrusted --no-cache one-context-5.8.0-r1.apk + +apk add --no-cache e2fsprogs-extra +apk add --no-cache haveged + +# Enable VM contextualization +rc-update add one-context default +rc-update add haveged boot + +rc-status + +# Add DNS hook in one-context +mkdir -p /usr/local/share/one-context/scripts +cat > /usr/local/share/one-context/scripts/dns-nebula <<'EOF' +#!/bin/sh + +. /usr/share/one-context/scripts/utils.sh + +dns_servers="$(getval ETH0_DNS)" + +echo > /etc/resolv.conf +for nameserver_address in $dns_servers; do + echo "nameserver $nameserver_address" >> /etc/resolv.conf +done +EOF +chmod +x /usr/local/share/one-context/scripts/dns-nebula +ln -s /usr/local/share/one-context/scripts/dns-nebula /etc/one-context.d/01-dns-nebula + +# Reset network interfaces +cat > /etc/network/interfaces <> /etc/udhcpc/udhcpc.conf + +# Clean up +rm -rf /root/*.apk + +sync diff --git a/packer/provisioning/alpine/finalize.sh b/packer/provisioning/alpine/finalize.sh new file mode 100644 index 0000000..0ff282b --- /dev/null +++ b/packer/provisioning/alpine/finalize.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +set -x + +# Zeroize +dd if=/dev/zero of=/myZeroFile +rm -rf /myZeroFile +sync diff --git a/packer/provisioning/alpine/setup-alpine.sh b/packer/provisioning/alpine/setup-alpine.sh new file mode 100644 index 0000000..e753673 --- /dev/null +++ b/packer/provisioning/alpine/setup-alpine.sh @@ -0,0 +1,77 @@ +#!/usr/bin/env sh + +set -xeo pipefail + +setup-ntp -c chrony +setup-apkrepos http://dl-cdn.alpinelinux.org/alpine/v3.10/main/ http://dl-cdn.alpinelinux.org/alpine/v3.10/community/ + +apk add --no-cache wget +apk add --no-cache expect #util-linux coreutils +apk add --no-cache haveged +apk add --no-cache ca-certificates + +rc-update add haveged boot +service haveged start + +update-ca-certificates + +export DISKOPTS="-L" +expect <> ${SYSLOG_CONF_FILE} + echo "\$ActionQueueType LinkedList" >> ${SYSLOG_CONF_FILE} + echo "\$ActionQueueFileName send_all" >> ${SYSLOG_CONF_FILE} + echo "\$ActionQueueSaveOnShutdown on" >> ${SYSLOG_CONF_FILE} + echo "" >> ${SYSLOG_CONF_FILE} + echo "*.* :omrelp:${SYSLOG_SERVER}:${SYSLOG_PORT}" >> ${SYSLOG_CONF_FILE} +} + +cat /etc/resolv.conf + +#Not needed for ber +#installRsyslogRelp +#installNodeExporter +#confSyslog diff --git a/packer/provisioning/common.sh b/packer/provisioning/common.sh new file mode 100644 index 0000000..cef4c0e --- /dev/null +++ b/packer/provisioning/common.sh @@ -0,0 +1,51 @@ +#!/bin/sh + +# +# downloadArchive +# ${1} : The download url +# ${2} : the checksum +# ${3} : the filename of download target +# ${4} : the checksum command to use (default sha256sum) +# +downloadArchive(){ + url=${1} + sum=${2} + archive=${3} + if [ -n ${4} ] + then + checkCmd=${4} + else + checkCmd="sha256sum" + fi + + wget -q ${url} + set +e + echo "${sum} ${archive}" | ${checkCmd} -cs + if [ ${?} ] + then + set -e + return 0 + else + set -e + return 2 + fi +} + +extractArchiveXZ(){ + source=${1} + destination=${2} + cmd="tar xzvf" + + if [ ! -d ${destination} ] + then + mkdir -p ${destination} + fi + ${cmd} ${source} -C ${destination} + return ${?} +} + +cleanUpImage(){ + rm -rf /var/cache/apk/* + rm -rf /tmp/* + rm -rf /root/.ssh +} \ No newline at end of file diff --git a/packer/provisioning/eole/2.7.2/dicos/99_terraform.xml b/packer/provisioning/eole/2.7.2/dicos/99_terraform.xml new file mode 100644 index 0000000..7a25925 --- /dev/null +++ b/packer/provisioning/eole/2.7.2/dicos/99_terraform.xml @@ -0,0 +1,18 @@ + + + + + + + + + + + + + + + + diff --git a/packer/provisioning/eole/2.7.2/modif/00-eole.yaml b/packer/provisioning/eole/2.7.2/modif/00-eole.yaml new file mode 100644 index 0000000..3acd6f0 --- /dev/null +++ b/packer/provisioning/eole/2.7.2/modif/00-eole.yaml @@ -0,0 +1,77 @@ +%set bonds = [] +%set vlans = [] + +network: + version: 2 + renderer: networkd + ethernets: +%for %%interface in range(0, %%int(%%nombre_interfaces)): + %set current_interface = 'eth' + str(%%interface) + %set interface_mode = %%getVar(%%current_interface + '_method') + %if %%getVar('activer_bonding_' + %%current_interface, "non") == 'non' + %%getVar('nom_zone_'+ %%current_interface): + %if %%interface_mode == 'statique' and %%getVar("adresse_ip_" + %%current_interface): + addresses: + - %%getVar("adresse_ip_" + %%current_interface)/%%calc_classe(%%getVar('adresse_netmask_' + %%current_interface)) + %if %%getVar('alias_' + %%current_interface, "non") == "oui" + %for alias in %%getVar('alias_ip_' + %%current_interface) + - %%alias/%%calc_classe(getattr(alias, 'alias_netmask_' + %%current_interface)) + %end for + %end if + %if %%interface_gw == %%getVar('nom_zone_' + %%current_interface): + gateway4: %%adresse_ip_gw + %end if + %if %%getVar('activer_ipv6') == "non" + dhcp6: no + accept-ra: no + optional-addresses: [ dhcp6 ] + %end if + %elif %%interface_mode == 'dhcp' + dhcp4: yes + %else + dhcp4: no + %end if + %else + %%bonds.append(%%current_interface) + %for %%slave in %%getVar('nom_carte_' + %%current_interface): + %%slave: + optional: false + %end for + %end if + %if %%getVar('vlan_' + %%current_interface, 'non') == 'oui' + %%vlans.append(%%current_interface) + %end if +%end for + +%if len(%%bonds) > 0: + bonds: + %for bond in %%bonds: + %set %%bond_mode = %%getVar(%%bond + '_method') + %%getVar('nom_zone_' + %%bond): + interfaces: [%%custom_join(%%getVar('nom_carte_' + %%bond),',')] + %if %%bond_mode == 'statique' + addresses: [ %%getVar("adresse_ip_" + %%bond)/%%calc_classe(%%getVar('adresse_netmask_' + %%bond))] + %elif %%bond_mode == 'dhcp' + dhcp4: yes + %else + dhcp4: no + %end if + parameters: + mode: %%getVar('bonding_mode_' + %%bond) + mii-monitor-interval: %%getVar('bonding_miimon_' + %%bond) + up-delay: %%getVar('bonding_updelay_' + %%bond) + down-delay: %%getVar('bonding_downdelay_' + %%bond) + %end for +%end if + +%if len(vlans) > 0: + vlans: + %for vlan in %%vlans: + %for vlan_id in %%getVar('vlan_id_' + %%vlan): + vlan%%vlan_id: + id: %%vlan_id + link: %%getVar('nom_zone_' + %%vlan) + addresses: [ %%getattr(vlan_id, 'vlan_ip_' + %%vlan)/%%calc_classe(%%getattr(vlan_id, 'vlan_netmask_' + %%vlan)) ] + %end for + %end for +%end if diff --git a/packer/provisioning/eole/2.7.2/netplan/01-netcfg.yaml b/packer/provisioning/eole/2.7.2/netplan/01-netcfg.yaml new file mode 100644 index 0000000..e5341df --- /dev/null +++ b/packer/provisioning/eole/2.7.2/netplan/01-netcfg.yaml @@ -0,0 +1,11 @@ +# This file describes the network interfaces available on your system +# For more information, see netplan(5). +network: + version: 2 + renderer: networkd + ethernets: + ens3: + dhcp4: yes + dhcp6: no + accept-ra: no + optional-addresses: [ dhcp6 ] \ No newline at end of file diff --git a/packer/provisioning/eole/onecontext/net-99-eole b/packer/provisioning/eole/onecontext/net-99-eole new file mode 100644 index 0000000..373184f --- /dev/null +++ b/packer/provisioning/eole/onecontext/net-99-eole @@ -0,0 +1,35 @@ +#!/usr/bin/env bash + +source /etc/one-context.d/loc-10-network + +function CreoleForce { + name=$1 + value=$2 + jq -a ".$name = {\"owner\": \"creole_force\", \"val\": $value}" /etc/eole/config.eol > /etc/eole/config.eol.force + [ $? == 0 ] && mv -f /etc/eole/config.eol.force /etc/eole/config.eol + rm -f /etc/eole/config.eol.force +} + +rm -f /etc/eole/config.eol.bak +cp -f /etc/eole/config.eol /etc/eole/config.eol.bak + +CONTEXT_INTERFACES=$(get_context_interfaces) +for interface in $CONTEXT_INTERFACES; do + + IFACE_NUM=$(echo "$UPCASE_DEV" | sed 's/^ETH//') + + IP=$(get_ip) + NETWORK=$(get_network) + MASK=$(get_mask) + GATEWAY=$(get_gateway) + DNS=$(get_iface_var "DNS") + + CreoleForce "eth${IFACE_NUM}_method" '"statique"' + [ "$GATEWAY" != "None" ] && CreoleForce "adresse_ip_gw" "\"$GATEWAY\"" + [ "$GATEWAY" != "None" ] && CreoleForce "adresse_broadcast_eth$IFACE_NUM" "\"$GATEWAY\"" + [ "$MASK" != "None" ] && CreoleForce "adresse_netmask_eth$IFACE_NUM" "\"$MASK\"" + [ "$NETWORK" != "None" ] && CreoleForce "adresse_network_eth$IFACE_NUM" "\"$NETWORK\"" + [ "$IP" != "None" ] && CreoleForce "adresse_ip_eth$IFACE_NUM" "\"$IP\"" + [ "$DNS" != "None" ] && CreoleForce "adresse_ip_dns" "[\"$DNS\"]" + +done diff --git a/packer/provisioning/playbooks/common-appli.yml b/packer/provisioning/playbooks/common-appli.yml new file mode 100644 index 0000000..0936f6a --- /dev/null +++ b/packer/provisioning/playbooks/common-appli.yml @@ -0,0 +1,20 @@ +--- +- name: Preparation des serveurs d'applications web + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Update package cache + apt: + update_cache: yes + + - name: Install eole-web + apt: + name: eole-web + state: present + diff --git a/packer/provisioning/playbooks/dc.yml b/packer/provisioning/playbooks/dc.yml new file mode 100644 index 0000000..d0b4aa2 --- /dev/null +++ b/packer/provisioning/playbooks/dc.yml @@ -0,0 +1,37 @@ +--- +- name: Configure Seth Server + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Update package cache + apt: + update_cache: yes + + - apt: + name: make + + - apt: + name: git + + - apt: + name: python-ldap + + - git: + repo: 'https://forge.cadoles.com/afornerot/cadolesldap.git' + dest: /tmp/cadolesldap + + - name: Run 'install' for cadolesldap + make: + chdir: /tmp/cadolesldap + target: install + + - name: Cleanup + apt: + name: make + state: absent \ No newline at end of file diff --git a/packer/provisioning/playbooks/dns.yml b/packer/provisioning/playbooks/dns.yml new file mode 100644 index 0000000..8fb1c19 --- /dev/null +++ b/packer/provisioning/playbooks/dns.yml @@ -0,0 +1,13 @@ +--- +- name: Configure DNS Serverless + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - apk: + name: nsd, unbound \ No newline at end of file diff --git a/packer/provisioning/playbooks/dokuwiki.yml b/packer/provisioning/playbooks/dokuwiki.yml new file mode 100644 index 0000000..851b92c --- /dev/null +++ b/packer/provisioning/playbooks/dokuwiki.yml @@ -0,0 +1,29 @@ +--- +- name: Preparation des serveurs d'applications web + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Setting EOLE Dev apt repository + expect: + command: Query-Auto -D + responses: + '\[non\]': + - "oui" + echo: yes + timeout: 900 + + - name: Installing dokuwiki + apt: + name: + - eole-dokuwiki + - dokuwiki-apps + state: present + + - name: Back to normal EOLE apt repository + command: Query-Auto \ No newline at end of file diff --git a/packer/provisioning/playbooks/dolibarr.yml b/packer/provisioning/playbooks/dolibarr.yml new file mode 100644 index 0000000..6ae6291 --- /dev/null +++ b/packer/provisioning/playbooks/dolibarr.yml @@ -0,0 +1,51 @@ +--- +- name: Installation Dolibarr Server + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Update package cache + apt: + update_cache: yes + + - name: Install mariadb + apt: + name: + - mariadb-server + - python-mysqldb + - apache2 + - php + - php-mysql + - openssl + - php-ldap + - php-mcrypt + - php-intl + - php-zip + state: present + + - name: Create a new database with name 'dolibarr' + mysql_db: + name: dolibarr + state: present + + - name: Create mysql user + mysql_user: + name: dolibarr + password: '36f3igH9f5TPooZIBY99oA==' + priv: 'dolibarr.*:ALL,GRANT' + state: present + + - name: Download Dolibarr + get_url: + url: https://sourceforge.net/projects/dolibarr/files/Dolibarr%20installer%20for%20Debian-Ubuntu%20%28DoliDeb%29/10.0.1/dolibarr_10.0.1-4_all.deb + dest: /tmp/dolibarr_10.0.1.deb + checksum: sha1:74a9bb2ac282715f80ad454cb04ad51ef60de264 + + - name: Install dolibarr + apt: + deb: /tmp/dolibarr_10.0.1.deb diff --git a/packer/provisioning/playbooks/eole/amon.yml b/packer/provisioning/playbooks/eole/amon.yml new file mode 100644 index 0000000..fc49970 --- /dev/null +++ b/packer/provisioning/playbooks/eole/amon.yml @@ -0,0 +1,26 @@ +--- +- name: Transform Ubuntu into an EOLE Server + hosts: all + + tasks: + - name: Update cache + apt: + update_cache: yes + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Install amon module package + apt: + name: eole-amon-all + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Change hostname + hostname: + name: amon272 \ No newline at end of file diff --git a/packer/provisioning/playbooks/eole/eole.yml b/packer/provisioning/playbooks/eole/eole.yml new file mode 100644 index 0000000..2b0dfc6 --- /dev/null +++ b/packer/provisioning/playbooks/eole/eole.yml @@ -0,0 +1,75 @@ +--- +- name: Transform Ubuntu into an EOLE Server + hosts: all + + tasks: + - name: Stop and disable unattended-upgrades service + service: + name: unattended-upgrades + state: stopped + enabled: no + + - name: Stop apt-daily service + service: + name: apt-daily + state: stopped + enabled: no + + - name: Stop apt-daily.timer service + service: + name: apt-daily.timer + state: stopped + enabled: no + + - name: Stop apt-daily-upgrade service + service: + name: apt-daily-upgrade + state: stopped + enabled: no + + - pause: + seconds: 30 + + - name: Install a EOLE Keyring from the internet. + apt: + deb: http://eole.ac-dijon.fr/eole/pool/main/e/eole-keyring/eole-archive-keyring_2020.05.12-1_all.deb + retries: 5 + delay: 5 + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Adding EOLE main repository + apt_repository: + repo: deb [arch=amd64] http://eole.ac-dijon.fr/eole eole-2.7.2 main cloud + state: present + + - name: Adding EOLE security repository + apt_repository: + repo: deb [arch=amd64] http://eole.ac-dijon.fr/eole eole-2.7.2-security main cloud + state: present + + - name: Adding EOLE updates repository + apt_repository: + repo: deb [arch=amd64] http://eole.ac-dijon.fr/eole eole-2.7.2-updates main cloud + state: present + + - name: Update cache + apt: + update_cache: yes + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Install eole-server and eole-exim-pkg + apt: + name: eole-server,eole-exim-pkg + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" diff --git a/packer/provisioning/playbooks/eole/lemonldap.yml b/packer/provisioning/playbooks/eole/lemonldap.yml new file mode 100644 index 0000000..cbcf291 --- /dev/null +++ b/packer/provisioning/playbooks/eole/lemonldap.yml @@ -0,0 +1,36 @@ +--- +- name: Transform Ubuntu into an EOLE Server + hosts: all + + tasks: + - name: Add an Apt signing key, for Cadoles + apt_key: + url: https://vulcain.cadoles.com/cadoles.gpg + state: present + + - name: Adding Cadoles devel repository + apt_repository: + repo: deb https://vulcain.cadoles.com 2.7.2-stable main + state: present + + - name: Update cache + apt: + update_cache: yes + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Install lemonldap package + apt: + name: eole-lemonldap + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Change hostname + hostname: + name: lemonldap272 diff --git a/packer/provisioning/playbooks/eole/minio.yml b/packer/provisioning/playbooks/eole/minio.yml new file mode 100644 index 0000000..1f154e3 --- /dev/null +++ b/packer/provisioning/playbooks/eole/minio.yml @@ -0,0 +1,36 @@ +--- +- name: Transform Ubuntu into an EOLE Server + hosts: all + + tasks: + - name: Add an Apt signing key, for Cadoles + apt_key: + url: https://vulcain.cadoles.com/cadoles.gpg + state: present + + - name: Adding Cadoles devel repository + apt_repository: + repo: deb https://vulcain.cadoles.com 2.7.2-dev main + state: present + + - name: Update cache + apt: + update_cache: yes + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Install minio package + apt: + name: eole-minio + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Change hostname + hostname: + name: minio272 diff --git a/packer/provisioning/playbooks/eole/partitions.yml b/packer/provisioning/playbooks/eole/partitions.yml new file mode 100644 index 0000000..5b41375 --- /dev/null +++ b/packer/provisioning/playbooks/eole/partitions.yml @@ -0,0 +1,109 @@ +--- +- name: Prepare data disk + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + vars: + fsconf: + vgn: "{{ lookup('env', 'vgname') }}" + lvs: "{{ lookup('env', 'lvnames').split(' ') }}" + szs: "{{ lookup('env', 'lvsizes').split(' ') }}" + fss: "{{ lookup('env', 'lvfssys').split(' ') }}" + mps: "{{ lookup('env', 'lvmntps').split(' ') }}" + + tasks: + + - name: GrowPart + command: "growpart /dev/vda 4" + environment: + LC_ALL: C + + - name: Resize main vg + lvg: + vg: "{{ fsconf.vgn }}" + pvs: /dev/vda4 + pvresize: yes + + - name: Create logical volumes. + lvol: + vg: "{{ fsconf.vgn }}" + lv: "{{ item }}" + size: "{{ fsconf.szs[idx] }}" + active: yes + force: no + state: present + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Create filesystems + filesystem: + fstype: "{{ fsconf.fss[idx] }}" + dev: "/dev/{{ fsconf.vgn }}/{{ item }}" + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Find what to backup + stat: + path: "{{ item }}" + with_items: "{{ fsconf.mps }}" + register: mountPoints + + + - name: Create mount points + file: + path: "{{ fsconf.mps[idx] }}" + state: directory + mode: '0755' + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Create temporary mount points + file: + path: "/tmp{{ fsconf.mps[idx] }}" + state: directory + mode: '0755' + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Mount fs in temporary mount points + command: mount /dev/{{ fsconf.vgn }}/"{{ item }}" "/tmp{{ fsconf.mps[idx] }}" + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Configure filesystems create entry in fstab + mount: + path: "{{ fsconf.mps[idx] }}" + src: /dev/{{ fsconf.vgn }}/{{ item }} + state: present + fstype: "{{ fsconf.fss[idx] }}" + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Fill new mount points if exists + become: true + delegate_to: "{{ inventory_hostname }}" + synchronize: + mode: push + src: "{{ item.item }}/" + dest: "/tmp{{ item.item }}/" + times: yes + perms: yes + owner: yes + group: yes + links: yes + recursive: yes + with_items: "{{ mountPoints.results }}" + when: item.stat.exists + + diff --git a/packer/provisioning/playbooks/eole/provision.yml b/packer/provisioning/playbooks/eole/provision.yml new file mode 100644 index 0000000..6d3d2d6 --- /dev/null +++ b/packer/provisioning/playbooks/eole/provision.yml @@ -0,0 +1,81 @@ +--- +- name: Provision Cadoles Server + hosts: all + + tasks: + - name : Install One Context tool ! + apt: + deb: https://github.com/OpenNebula/addon-context-linux/releases/download/v5.8.0/one-context_5.8.0-1.deb + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name : Install JQ + apt: + name: jq + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name : Add cadoles context script + command: mv /root/net-99-eole /etc/one-context.d/net-99-eole + + - name: Make cadoles context script executable + file: + path: /etc/one-context.d/net-99-eole + mode: '+x' + + - name: Copy sshd_template to modif directory + command: cp /usr/share/eole/creole/distrib/sshd_config /usr/share/eole/creole/modif/sshd_config + + - name: Allow TCP Forwarding to ease GenConfig usage + lineinfile: + path: /usr/share/eole/creole/modif/sshd_config + regexp: '^AllowTcpForwarding' + line: 'AllowTcpForwarding yes' + + - name: Gen_Patch + command: gen_patch + + - name: Update Hostname + command: hostnamectl set-hostname eolebase272 + + - name: Cleanup + apt: + autoclean: yes + autoremove: yes + + - name: Disable gpm + systemd: + name: gpm + enabled: no + masked: yes + + - name: Disable NUT Driver + systemd: + name: nut-driver + enabled: no + masked: yes + + - name: Disable NUT Monitor + systemd: + name: nut-monitor + enabled: no + masked: yes + + - name: FSTRIM + command: fstrim -av + + - name: Zero out the disk + command: dd if=/dev/zero of=/mytempfile + ignore_errors: yes + + - name: Cleaup zero file + command: rm -rf /mytempfile + + - name: Sync disk + command: sync diff --git a/packer/provisioning/playbooks/eole/seth.yml b/packer/provisioning/playbooks/eole/seth.yml new file mode 100644 index 0000000..5ae8d05 --- /dev/null +++ b/packer/provisioning/playbooks/eole/seth.yml @@ -0,0 +1,26 @@ +--- +- name: Transform Ubuntu into an EOLE Server + hosts: all + + tasks: + - name: Update cache + apt: + update_cache: yes + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Install seth module package + apt: + name: eole-seth-all + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Change hostname + hostname: + name: seth272 \ No newline at end of file diff --git a/packer/provisioning/playbooks/eole/tenjin.yml b/packer/provisioning/playbooks/eole/tenjin.yml new file mode 100644 index 0000000..eae2ec2 --- /dev/null +++ b/packer/provisioning/playbooks/eole/tenjin.yml @@ -0,0 +1,41 @@ +--- +- name: Transform Ubuntu into an EOLE Server + hosts: all + + tasks: + - name: Add an Apt signing key, for Cadoles + apt_key: + url: https://vulcain.cadoles.com/cadoles.gpg + state: present + + - name: Adding Cadoles devel repository + apt_repository: + repo: deb https://vulcain.cadoles.com 2.7.2-stable main + state: present + + - name: Adding Cadoles Tenjin repository + apt_repository: + repo: deb https://vulcain.cadoles.com tenjin-2.7.2-stable main + state: present + + - name: Update cache + apt: + update_cache: yes + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Install Tenjin AD package + apt: + name: eole-seth-education + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Change hostname + hostname: + name: tenjin272 diff --git a/packer/provisioning/playbooks/eole/zephir.yml b/packer/provisioning/playbooks/eole/zephir.yml new file mode 100644 index 0000000..bb94d30 --- /dev/null +++ b/packer/provisioning/playbooks/eole/zephir.yml @@ -0,0 +1,26 @@ +--- +- name: Transform Ubuntu into an EOLE Server + hosts: all + + tasks: + - name: Update cache + apt: + update_cache: yes + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Install Zephir module package + apt: + name: eole-zephir-all + environment: + HTTP_PROXY: "{{ http_proxy }}" + HTTPS_PROXY: "{{ https_proxy }}" + http_proxy: "{{ http_proxy }}" + https_proxy: "{{ https_proxy }}" + + - name: Change hostname + hostname: + name: zephir272 \ No newline at end of file diff --git a/packer/provisioning/playbooks/get_conf_from_zephir.yml b/packer/provisioning/playbooks/get_conf_from_zephir.yml new file mode 100644 index 0000000..33605b5 --- /dev/null +++ b/packer/provisioning/playbooks/get_conf_from_zephir.yml @@ -0,0 +1,67 @@ +--- +- name: Récupère la configuration depuis le Zéphir + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + vars: + - zephir_server: "{{ lookup('env', 'zephir_server') }}" + - zephir_login: "{{ lookup('env', 'zephir_login') }}" + - zephir_password: "{{ lookup('env','zephir_password') }}" + - code_rne: "{{ lookup('env','code_rne') }}" + - zephir_id: "{{ lookup('env', 'zephir_id') }}" + + tasks: + - name: Installation de pexpect + package: + name: python-pexpect + state: present + + - name: Update CA-Certificats + command: update-ca-certificates + + - name: Enregistrement Zéphir + + expect: + command: /usr/bin/enregistrement_zephir + responses: + "(.*)Voulez-vous établir une configuration réseau minimale(.*)": "N" + "(.*)Entrez l'adresse(.*)": "{{zephir_server}}" + "(.*)Entrez votre login pour l'application Zéphir(.*)": "{{ zephir_login }}" + "(.*)Mot de passe pour l'application Zéphir pour(.*)": "{{ zephir_password }}" + "(.*)créer le serveur dans la base du serveur Zéphir(.*)": "N" + "(.*)rien pour saisir directement un n° de serveur(.*)": "{{ code_rne }}" + "(.*)entrez le n° identifiant le serveur l'application Zéphir(.*)": "{{ zephir_id }}" + "(.*)matériel(.*)": "" + "(.*)processeur(.*)": "" + "(.*)disque dur(.*)": "" + "(.*)continuer(.*)": "O" + "(.*)Entrez le numéro de votre choix(.*)": "2" + echo: yes + timeout: 480 + + - pause: + minutes: 1 + prompt: "Pause d'une minute pour finaliser l'enregistrement Zéphir" + + - name: Cleaning EOLE main repository (avoid duplicate entry) + apt_repository: + repo: deb [arch=amd64] http://eole.ac-dijon.fr/eole eole-2.7.2 main cloud + state: absent + + - name: Cleaning EOLE security repository (avoid duplicate entry) + apt_repository: + repo: deb [arch=amd64] http://eole.ac-dijon.fr/eole eole-2.7.2-security main cloud + state: absent + + - name: Cleaning EOLE updates repository (avoid duplicate entry) + apt_repository: + repo: deb [arch=amd64] http://eole.ac-dijon.fr/eole eole-2.7.2-updates main cloud + state: absent + + - name: Cleaning EOLE repository (create clean entry) + command: Query-Auto diff --git a/packer/provisioning/playbooks/hole.yml b/packer/provisioning/playbooks/hole.yml new file mode 100644 index 0000000..1bc144c --- /dev/null +++ b/packer/provisioning/playbooks/hole.yml @@ -0,0 +1,33 @@ +--- +- name: Configure Pi-Hole Server + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Update package cache + apt: + update_cache: yes + + - apt: + name: curl + + - apt: + name: git + + - git: + repo: 'https://github.com/pi-hole/pi-hole.git' + dest: /tmp/Pi-hole + depth: 1 + + - name: Run 'install' for Pi-Hole + shell: bash "/tmp/Pi-hole/automated install/basic-install.sh" --unattended + + - name: Cleanup + apt: + name: make, curl, git + state: absent diff --git a/packer/provisioning/playbooks/infra/cadoles.com/sso.yml b/packer/provisioning/playbooks/infra/cadoles.com/sso.yml new file mode 100644 index 0000000..5d8c35d --- /dev/null +++ b/packer/provisioning/playbooks/infra/cadoles.com/sso.yml @@ -0,0 +1,17 @@ +--- +- name: Configure SSO Server + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Maj-Auto + command: Maj-Auto + + - apt: + name: eole-lemonldap + state: present \ No newline at end of file diff --git a/packer/provisioning/playbooks/instance.yml b/packer/provisioning/playbooks/instance.yml new file mode 100644 index 0000000..dca5c5c --- /dev/null +++ b/packer/provisioning/playbooks/instance.yml @@ -0,0 +1,39 @@ +--- +- name: Instance EOLE image + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Installation de pexpect + package: + name: python-pexpect + state: present + + - name: Instancier le module EOLE + expect: + command: /usr/bin/instance + # Attention, les mots de passe sont en clairs dans le playbook ! + # Il serait préférable d'utiliser le mécanisme ansible_vault ici + responses: + "Nouveau mot de passe:": + - "NotSoSecret;21" + - "NotSoSecret;21" + "Confirmation du mot de passe:": + - "NotSoSecret;21" + - "NotSoSecret;21" + '\[non\]': + - non + '\[oui\]': + - non + '(.*)Un red(.)marrage(.*)\[oui\]': + - non + echo: yes + timeout: 900 + + - name: Désactivation du Maj-Auto + command: /usr/share/eole/sbin/manage_schedule -d majauto diff --git a/packer/provisioning/playbooks/jorani.yml b/packer/provisioning/playbooks/jorani.yml new file mode 100644 index 0000000..8308204 --- /dev/null +++ b/packer/provisioning/playbooks/jorani.yml @@ -0,0 +1,68 @@ +--- +- name: Installation Jorani + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Update package cache + apt: + update_cache: yes + + - name: Install mariadb + apt: + name: + - mariadb-server + - python-mysqldb + - unzip + - apache2 + - php + - openssl + - php-ldap + - libapache2-mod-php + - php-pear + - php-cgi + - php-cli + - php-common + - php-fpm + - php-gd + - php-json + - php-mysql + - php-readline + - php-curl + - php-intl + - php-mcrypt + - php-xml + - php-mbstring + + state: present + + - name: Create a new database with name 'jorani' + mysql_db: + name: jorani + state: present + + - name: Create mysql user + mysql_user: + name: jorani + password: 'FWUiVANngFqcIvcY8C7XWA==' + priv: 'jorani.*:ALL,GRANT' + state: present + + - name: Create directory Jorani + ansible.builtin.file: + path: /var/www/html/jorani + state: directory + owner: www-data + group: www-data + mode: '0750' + + - name: Download Jorani + unarchive: + src: https://github.com/bbalet/jorani/releases/download/v1.0.0/jorani-1.0.0.zip + dest: /var/www/html/jorani/ + remote_src: yes diff --git a/packer/provisioning/playbooks/limesurvey.yml b/packer/provisioning/playbooks/limesurvey.yml new file mode 100644 index 0000000..45e6d6e --- /dev/null +++ b/packer/provisioning/playbooks/limesurvey.yml @@ -0,0 +1,30 @@ +--- +- name: Preparation des serveurs d'applications web + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Setting EOLE Dev apt repository + expect: + command: Query-Auto -D + responses: + '\[non\]': + - "oui" + echo: yes + timeout: 900 + + - name: Installing ninegate + apt: + name: + - eole-limesurvey + - limesurvey-apps + state: present + + - name: Back to normal EOLE apt repository + command: Query-Auto + diff --git a/packer/provisioning/playbooks/nextcloud.yml b/packer/provisioning/playbooks/nextcloud.yml new file mode 100644 index 0000000..68f586d --- /dev/null +++ b/packer/provisioning/playbooks/nextcloud.yml @@ -0,0 +1,30 @@ +--- +- name: Preparation des serveurs d'applications web + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Setting EOLE Dev apt repository + expect: + command: Query-Auto -D + responses: + '\[non\]': + - "oui" + echo: yes + timeout: 900 + + - name: Installing Nextcloud + apt: + name: + - eole-nextcloud + - nextcloud-apps + state: present + + - name: Back to normal EOLE apt repository + command: Query-Auto + diff --git a/packer/provisioning/playbooks/nineboard.yml b/packer/provisioning/playbooks/nineboard.yml new file mode 100644 index 0000000..49a17e0 --- /dev/null +++ b/packer/provisioning/playbooks/nineboard.yml @@ -0,0 +1,32 @@ +--- +- name: Preparation des serveurs d'applications web + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Setting EOLE Dev apt repository + expect: + command: Query-Auto -D + responses: + '\[non\]': + - "oui" + echo: yes + timeout: 900 + + - name: Installing ninegate + apt: + name: + - eole-nineboard + - nineboard-apps + state: present + + - name: Back to normal EOLE apt repository + command: Query-Auto + + - name: Generate patch + command: gen_patch diff --git a/packer/provisioning/playbooks/ninegate.yml b/packer/provisioning/playbooks/ninegate.yml new file mode 100644 index 0000000..acdff5a --- /dev/null +++ b/packer/provisioning/playbooks/ninegate.yml @@ -0,0 +1,29 @@ +--- +- name: Configure Portal Server + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Setting EOLE Dev apt repository + expect: + command: Query-Auto -D + responses: + '\[non\]': + - "oui" + echo: yes + timeout: 900 + + - name: Installing ninegate + apt: + name: + - eole-ninegate + - ninegate-apps + state: present + + - name: Back to normal EOLE apt repository + command: Query-Auto diff --git a/packer/provisioning/playbooks/piwigo.yml b/packer/provisioning/playbooks/piwigo.yml new file mode 100644 index 0000000..a700bea --- /dev/null +++ b/packer/provisioning/playbooks/piwigo.yml @@ -0,0 +1,29 @@ +--- +- name: Preparation des serveurs d'applications web + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Setting EOLE Dev apt repository + expect: + command: Query-Auto -D + responses: + '\[non\]': + - "oui" + echo: yes + timeout: 900 + + - name: Installing ninegate + apt: + name: + - eole-piwigo + - piwigo-apps + state: present + + - name: Back to normal EOLE apt repository + command: Query-Auto \ No newline at end of file diff --git a/packer/provisioning/playbooks/portal.yml b/packer/provisioning/playbooks/portal.yml new file mode 100644 index 0000000..ba8d406 --- /dev/null +++ b/packer/provisioning/playbooks/portal.yml @@ -0,0 +1,40 @@ +--- +- name: Configure Portal Server + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Update package cache + apt: + update_cache: yes + + - name: Maj-Auto + command: Maj-Auto + + - name: Query-Auto Dev + expect: + command: Query-Auto -D + responses: + '\[non\]': + - "oui" + echo: yes + timeout: 900 + + - apt: + name: eole-ninegate + state: present + + - apt: + name: ninegate-apps + state: present + + - name: Query-Auto + command: Query-Auto + + - name: Reconfigure + command: reconfigure diff --git a/packer/provisioning/playbooks/prepare_data_disk.yml b/packer/provisioning/playbooks/prepare_data_disk.yml new file mode 100644 index 0000000..1a124a9 --- /dev/null +++ b/packer/provisioning/playbooks/prepare_data_disk.yml @@ -0,0 +1,107 @@ +--- +- name: Prepare data disk + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + vars: + fsconf: + vgn: "{{ lookup('env', 'vgname') }}" + lvs: "{{ lookup('env', 'lvnames').split(' ') }}" + szs: "{{ lookup('env', 'lvsizes').split(' ') }}" + fss: "{{ lookup('env', 'lvfssys').split(' ') }}" + mps: "{{ lookup('env', 'lvmntps').split(' ') }}" + + tasks: + + - name: Create the "datavg" Volume group. + lvg: + pvs: "/dev/vdb" + vg: "{{ fsconf.vgn }}" + pesize: "16" + pv_options: '-Z y' + force: no + state: present + + - name: Create logical volumes. + lvol: + vg: "datavg" + lv: "{{ item }}" + size: "{{ fsconf.szs[idx] }}" + active: yes + force: no + state: present + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Create filesystems + filesystem: + fstype: "{{ fsconf.fss[idx] }}" + dev: "/dev/datavg/{{ item }}" + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Find what to backup + stat: + path: "{{ item }}" + with_items: "{{ fsconf.mps }}" + register: mountPoints + + + - name: Create mount points + file: + path: "{{ fsconf.mps[idx] }}" + state: directory + mode: '0755' + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Create temporary mount points + file: + path: "/tmp{{ fsconf.mps[idx] }}" + state: directory + mode: '0755' + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Mount fs in temporary mount points + command: mount /dev/datavg/"{{ item }}" "/tmp{{ fsconf.mps[idx] }}" + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Configure filesystems create entry in fstab + mount: + path: "{{ fsconf.mps[idx] }}" + src: /dev/datavg/{{ item }} + state: present + fstype: "{{ fsconf.fss[idx] }}" + loop: "{{ fsconf.lvs }}" + loop_control: + index_var: idx + + - name: Fill new mount points if exists + become: true + delegate_to: "{{ inventory_hostname }}" + synchronize: + mode: push + src: "{{ item.item }}/" + dest: "/tmp{{ item.item }}/" + times: yes + perms: yes + owner: yes + group: yes + links: yes + recursive: yes + with_items: "{{ mountPoints.results }}" + when: item.stat.exists + + diff --git a/packer/provisioning/playbooks/prepare_disk.yml b/packer/provisioning/playbooks/prepare_disk.yml new file mode 100644 index 0000000..007d960 --- /dev/null +++ b/packer/provisioning/playbooks/prepare_disk.yml @@ -0,0 +1,73 @@ +--- +- name: Prepare disk + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + vars: + ds: "{{ lookup('env', 'disk') }}" + vg: "{{ lookup('env', 'vgname') }}" + lv: "{{ lookup('env', 'lvname') }}" + fs: "{{ lookup('env', 'fstype') }}" + sz: "{{ lookup('env', 'size') }}" + mp: "{{ lookup('env', 'mountp') }}" + + tasks: + + - name: Create the volume group. + lvg: + pvs: "{{ ds }}" + vg: "{{ vg }}" + pesize: "16" + pv_options: '-Z y' + force: no + state: present + + - name: Create logical volume + lvol: + vg: "{{ vg }}" + lv: "{{ lv }}" + size: "{{ sz }}" + active: yes + force: no + state: present + + - name: Create filesystem + filesystem: + fstype: "ext4" + dev: "/dev/{{ vg }}/{{ lv }}" + opts: -cc + + - name: Create temporary mount points + file: + path: "/tmp{{ mp }}" + state: directory + mode: '0755' + + - name: Mount fs in temporary mount points + command: mount /dev/"{{ vg }}"/"{{ lv }}" "/tmp{{ mp }}" + + - name: Configure filesystems create entry in fstab + mount: + path: "{{ mp }}" + src: /dev/{{ vg }}/{{ lv }} + state: present + fstype: "{{ fs }}" + + - name: Fill new mount points if exists + become: true + delegate_to: "{{ inventory_hostname }}" + synchronize: + mode: push + src: "{{ mp }}/" + dest: "/tmp{{ mp }}/" + times: yes + perms: yes + owner: yes + group: yes + links: yes + recursive: yes \ No newline at end of file diff --git a/packer/provisioning/playbooks/syspass.yml b/packer/provisioning/playbooks/syspass.yml new file mode 100644 index 0000000..267e9a3 --- /dev/null +++ b/packer/provisioning/playbooks/syspass.yml @@ -0,0 +1,66 @@ +--- +- name: Installation Syspass + hosts: all + + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + HTTPS_PROXY: "{{ lookup('env','HTTPS_PROXY') }}" + HTTP_PROXY: "{{ lookup('env','HTTP_PROXY') }}" + + tasks: + - name: Update package cache + apt: + update_cache: yes + + - name: Install mariadb + apt: + name: + - mariadb-server + - python-mysqldb + - unzip + - apache2 + - libapache2-mod-php + - php-pear + - php + - php-cgi + - php-cli + - php-common + - php-fpm + - php-gd + - php-json + - php-mysql + - php-readline + - php-curl + - php-intl + - php-ldap + - php-mcrypt + - php-xml + - php-mbstring + state: present + + - name: Create a new database with name 'syspass' + mysql_db: + name: syspass + state: present + + - name: Create mysql user + mysql_user: + name: spadmin + password: '63ApD2E0xVJlNi9+hqsZUQ==' + priv: 'syspass.*:ALL,GRANT' + state: present + + - name: Create directory syspass + ansible.builtin.file: + path: /var/www/html/syspass + state: directory + owner: www-data + group: www-data + mode: '0750' + + - name: Download Syspass + unarchive: + src: https://github.com/nuxsmin/sysPass/archive/3.2.1.zip + dest: /var/www/html/syspass + remote_src: yes diff --git a/packer/provisioning/ssh/id_rsa b/packer/provisioning/ssh/id_rsa new file mode 100644 index 0000000..2bc9a74 --- /dev/null +++ b/packer/provisioning/ssh/id_rsa @@ -0,0 +1,49 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAACFwAAAAdzc2gtcn +NhAAAAAwEAAQAAAgEA8e6gLGuOBs9zp0qFDe/L2v7w3ZmZhI+oIDKJIy0mVSqx33zHu7EN +FCS/5LhO2qEtoBLZCE4vmacsi87y05SCIuVkXYEvGDmYXJi/Gr7bnlu8DdFwA65OJI/Rrl +nX45/aLJtGjceBBTISncVIxU07LgVGVtyVkBIc2IKhP5+0qpy71ylarx45G29Ql1/Z3ZdC +AeMx66WqUleg4JGfF722236Aw8QXqGshJehuUm6bx9LQQ84prjZgAKm6MUUCJX9ITdr0lz +teDPsIt2OOswJqZT6wh9yhFfm4DS4/RuAHcW6SCzmk/HmSQTLJErgUIxiFqPNgcS472gBq +JPZB7h+sXxrRdy0wEPml+4TuYIyUkh9P7eWyqCcwwh2JiLrjdlfirdGOioqdM3m9uBWvJC +CWv1OnEab1b4NPfBak900SoSDiunJyJOXahBh7IWbh8NqpEWH+3Wu0CNWe8vcPtFzLsQGI +TXa189jOF0T8IDpRQRlqqyU2xy2ueHaVfPOXkZ8gVpBuDPRS8Yh0uB0YuMLGEc6Qx+fFHP +LXdamUz/pGkegBL+xpplr33Tks0FGiO3pngEjZDAcs2nX2SqFbMWxy/cAUyPladpbtYFuJ +4ifvX3fx84Dvj9CSk3jKDywBaOiGhK2KVC1R96ccjV0QMEW07OoCsRdwVl09OVMm0q1FI+ +kAAAdQl3RcF5d0XBcAAAAHc3NoLXJzYQAAAgEA8e6gLGuOBs9zp0qFDe/L2v7w3ZmZhI+o +IDKJIy0mVSqx33zHu7ENFCS/5LhO2qEtoBLZCE4vmacsi87y05SCIuVkXYEvGDmYXJi/Gr +7bnlu8DdFwA65OJI/RrlnX45/aLJtGjceBBTISncVIxU07LgVGVtyVkBIc2IKhP5+0qpy7 +1ylarx45G29Ql1/Z3ZdCAeMx66WqUleg4JGfF722236Aw8QXqGshJehuUm6bx9LQQ84prj +ZgAKm6MUUCJX9ITdr0lzteDPsIt2OOswJqZT6wh9yhFfm4DS4/RuAHcW6SCzmk/HmSQTLJ +ErgUIxiFqPNgcS472gBqJPZB7h+sXxrRdy0wEPml+4TuYIyUkh9P7eWyqCcwwh2JiLrjdl +firdGOioqdM3m9uBWvJCCWv1OnEab1b4NPfBak900SoSDiunJyJOXahBh7IWbh8NqpEWH+ +3Wu0CNWe8vcPtFzLsQGITXa189jOF0T8IDpRQRlqqyU2xy2ueHaVfPOXkZ8gVpBuDPRS8Y +h0uB0YuMLGEc6Qx+fFHPLXdamUz/pGkegBL+xpplr33Tks0FGiO3pngEjZDAcs2nX2SqFb +MWxy/cAUyPladpbtYFuJ4ifvX3fx84Dvj9CSk3jKDywBaOiGhK2KVC1R96ccjV0QMEW07O +oCsRdwVl09OVMm0q1FI+kAAAADAQABAAACABcuzppzFAEDEAoP0gAr4lTx6RLTDSruuSWc +shd01B+FH9ZSlrEdnis3+ktofeXlXAHizHlHRLhslJAxHIO5z16YrK1pG6IuorL80BM4Bs +N99t88Goe/xC0suuMCKPXe84Eiv/gGDg75ZV9I8Fg3tlwKlVrteEd99NWqbtkx7JYMvtM3 +W0E8nCxM1mQrAy2AuQqFQttZ3KBXVUsvqRcVTthpnt0jhUDWQy7mvuuXPcZAJUTaFJRlEX +3+xaDDBBmjwMH1IUr8nV6RD5zDJYFx0dAx2airM6RvcXuR2u5nuU7dUZFRzMWEwMcOnsX0 +bbmPN/+gkrVFwOZ687DnCBpRXqrurA3hK4RVy7SniENU4/Y7N2y9MDsFMu/85sGToOizC/ +1tsiD0u8sfz/G0OI5ASlpNiaSz6aXUysnT1u6DQa2CsyTsfdYlO51M6lNHyjh+PpAKbEHi +VLXRX0nqHxNvCtHycZJGnvL/1vbOfg5gbLODMJ/Rr9unVIX7GcMx3vM6T1gdfiOp9I7E5y +V1hq5PA7GcrZDzSkWUikR/pJYFJAROfwHLAwmxyqDWeKEfzEz6iy/X15L62verjcxhw06G +27HNOhNjfp8zHthy/HtAD8nY9Zx4svAPq0OjBMkzqspc8lOcm0O3EBrjmWWXXwe06fsAp2 +Zja3IjYKobiXJygmyhAAABAD5UtiLTvDLJO9cYPikpbfkiZis8StGEwSEUSk29S5L61dje +rnXK7B6RWu0mwvtUo7f0KCMmtZciaBDoLMaVppAgDorzqWnkQ+yxUYbEjFaRbrW1EnFk4H +CTOfEs+YZ/RRqJ1cCl1zziaf26SZJrJxl9l+JXn/Bwp6jF0W4HUTKjtAQtaQjnqp+lKG7J +d5TZleC3YBthVvAePQ+wKIaKBcIt4fkSw0RkaNSAsNXSKhmZCP0gyftrFAoqUwViFW+nkB +jtuSxu1gcjksSyB8d3adCK0+QmyanPn4T8+PHKlbKB/f43tCbpZXA9FZmaUj2KwcHLaiXk +psGPDhRr9mjimMoAAAEBAPvdzms5m5BQxfHxYvXBXVQH2NPM++aav0eluHE/zSf2Zh4Uol +2ZWzA3Ah1VhM2ozsqZVTmo/ygfeQ/+AOYDZKwTA1ngPjX5QCKiP8g+SUBRcnoUAAobX4VD +1mwm/3lzP1t8Rd5rTsawjk6aKuQUA/NQ7bzfCGAv16FamO7E5y0gZ/ynE+oa3lt1qYI56m +BP4sciFSfdKMbaTQmI7veApNiNnM8ZCpM1Yeu9JOYJiXaEVrgxeO5sHrWKbQ3iJFLncsrk +DRnqT7fBciycU74r2/nQbY+v+TkkLLmQ0JNPovwNRIULDRxeDEDm2K5yxHItmOWnTDcf8d +pmmaWYzZJilmcAAAEBAPXnFNCUudeO1OmIxur9zMwHg29KG4/qQ2mryLCXF5Qs1NcKbkFd +27o8nvjpAxSd74+9vyKvgbQxC+MTIv23euRQ3zkRoWz0Zyi8gFnuUstMRtCWjTbuv+TbI/ +xbRcJ6pUlJeRMv1l0KrPBQec0lRaHbANGw4g5iXasr9Xsddt4qOl1jInPfBB1tg31Z69Qx +rJFpk7vcgRoPDXrTOvK14yyqrR8TG2uegHm6XcmfWVvueqTlv1loQN3f9wfokhD5vh7GZT +mwnNqviQNajOxpbZzOy3lDJP9ThnM4vxExsLyrcxNYdPQZV9gs2idqQj+625LFa5wU0C1I +NtLpvYZN4S8AAAAaQ2Fkb2xlcy1WTS1EZXBsb3llbWVudC1LRVkB +-----END OPENSSH PRIVATE KEY----- diff --git a/packer/provisioning/ssh/id_rsa.pub b/packer/provisioning/ssh/id_rsa.pub new file mode 100644 index 0000000..0103415 --- /dev/null +++ b/packer/provisioning/ssh/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDx7qAsa44Gz3OnSoUN78va/vDdmZmEj6ggMokjLSZVKrHffMe7sQ0UJL/kuE7aoS2gEtkITi+ZpyyLzvLTlIIi5WRdgS8YOZhcmL8avtueW7wN0XADrk4kj9GuWdfjn9osm0aNx4EFMhKdxUjFTTsuBUZW3JWQEhzYgqE/n7SqnLvXKVqvHjkbb1CXX9ndl0IB4zHrpapSV6DgkZ8XvbbbfoDDxBeoayEl6G5SbpvH0tBDzimuNmAAqboxRQIlf0hN2vSXO14M+wi3Y46zAmplPrCH3KEV+bgNLj9G4AdxbpILOaT8eZJBMskSuBQjGIWo82BxLjvaAGok9kHuH6xfGtF3LTAQ+aX7hO5gjJSSH0/t5bKoJzDCHYmIuuN2V+Kt0Y6Kip0zeb24Fa8kIJa/U6cRpvVvg098FqT3TRKhIOK6cnIk5dqEGHshZuHw2qkRYf7da7QI1Z7y9w+0XMuxAYhNdrXz2M4XRPwgOlFBGWqrJTbHLa54dpV885eRnyBWkG4M9FLxiHS4HRi4wsYRzpDH58Uc8td1qZTP+kaR6AEv7GmmWvfdOSzQUaI7emeASNkMByzadfZKoVsxbHL9wBTI+Vp2lu1gW4niJ+9fd/HzgO+P0JKTeMoPLAFo6IaErYpULVH3pxyNXRAwRbTs6gKxF3BWXT05UybSrUUj6Q== Cadoles-VM-Deployement-KEY diff --git a/packer/provisioning/ssl/ca/AC-ANTSv3-Racine-1.crt b/packer/provisioning/ssl/ca/AC-ANTSv3-Racine-1.crt new file mode 100644 index 0000000000000000000000000000000000000000..c04e61a99c83ea08a8b1ab8b66e1ae6005c74cf0 GIT binary patch literal 1577 zcmXqLVpBC}V&PrD%*4pVBqXS?(?lvg%xyip^-_gzL2OF{4S3l&wc0$|zVk9NaQHsEAq4rO5zW^xNMG%(NuakzNY9n(|ul2aA@5=%1k^AdAX6;e`*6+$vgihxw` z;g!jyMVZBiR~8$J8;F8*aP#mP7#J8S7#ag9V{|Ww2gi?hQ;x8JC7SV|FgX0*0;y=1TMKZ1TG&wqJkdQL&WA8IR=~J1%I=UNU!Dw9SvnpC*g% zQBzoYX4>^A?*{SegNwr!u@`^N(9KF-%bu^ecK^>W6LbYX{$x3R{s#9yf$pz2E?m&z z+_QR0$jvRQj+Rod_P_oFAIwu_TYl|uf$r8ioBjvJe(&EH9%TCE?)OZ2&fiJavu~_E>y+{_NQu8k zMQU5A=Of`Skn9B$=o9we>IB4HrbfL#G*zfPxYDxUet!SnK=nc7Q?w&yKk`F;&n zHo<&y^6!fY&Fjtwua@#G^O*Q0kvIOx-NMb&ZtOe0zqRGtt|)nrfTtF>CS+Vy zyxjh#&1=pZMbpf88`9nWS@&Q1lf3EQ0aL;Jq_A@_T()wD=l-`p^Yx?pT`@c6S>3&^ zI}P6SPLnpV()53P=IgsVDj%w(PPc4&8MN}BB*#&PgZn3NE(;PZTdZ|aDk1YmTXjc^ zPVx@bRf`WyS;WA*lkc2)_rDBP@6%bHcQ#-Be~qnRIpXF<`>`NQ&e3x)azOK41n#;EHzWU5EOZDx?(&qpG DFY1GL literal 0 HcmV?d00001 diff --git a/packer/provisioning/ssl/ca/GeoTrust.crt b/packer/provisioning/ssl/ca/GeoTrust.crt new file mode 100644 index 0000000..910d84a --- /dev/null +++ b/packer/provisioning/ssl/ca/GeoTrust.crt @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEsTCCA5mgAwIBAgIQCKWiRs1LXIyD1wK0u6tTSTANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD +QTAeFw0xNzExMDYxMjIzMzNaFw0yNzExMDYxMjIzMzNaMF4xCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xHTAbBgNVBAMTFFJhcGlkU1NMIFJTQSBDQSAyMDE4MIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA5S2oihEo9nnpezoziDtx4WWLLCll/e0t1EYemE5n ++MgP5viaHLy+VpHP+ndX5D18INIuuAV8wFq26KF5U0WNIZiQp6mLtIWjUeWDPA28 +OeyhTlj9TLk2beytbtFU6ypbpWUltmvY5V8ngspC7nFRNCjpfnDED2kRyJzO8yoK +MFz4J4JE8N7NA1uJwUEFMUvHLs0scLoPZkKcewIRm1RV2AxmFQxJkdf7YN9Pckki +f2Xgm3b48BZn0zf0qXsSeGu84ua9gwzjzI7tbTBjayTpT+/XpWuBVv6fvarI6bik +KB859OSGQuw73XXgeuFwEPHTIRoUtkzu3/EQ+LtwznkkdQIDAQABo4IBZjCCAWIw +HQYDVR0OBBYEFFPKF1n8a8ADIS8aruSqqByCVtp1MB8GA1UdIwQYMBaAFAPeUDVW +0Uy7ZvCj4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF +BQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQo +MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBCBgNVHR8E +OzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9i +YWxSb290Q0EuY3JsMGMGA1UdIARcMFowNwYJYIZIAYb9bAECMCowKAYIKwYBBQUH +AgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCwYJYIZIAYb9bAEBMAgG +BmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcNAQELBQADggEBAH4jx/LKNW5ZklFc +YWs8Ejbm0nyzKeZC2KOVYR7P8gevKyslWm4Xo4BSzKr235FsJ4aFt6yAiv1eY0tZ +/ZN18bOGSGStoEc/JE4ocIzr8P5Mg11kRYHbmgYnr1Rxeki5mSeb39DGxTpJD4kG +hs5lXNoo4conUiiJwKaqH7vh2baryd8pMISag83JUqyVGc2tWPpO0329/CWq2kry +qv66OSMjwulUz0dXf4OHQasR7CNfIr+4KScc6ABlQ5RDF86PGeE6kdwSQkFiB/cQ +ysNyq0jEDQTkfa2pjmuWtMCNbBnhFXBYejfubIhaUbEv2FOQB3dCav+FPg5eEveX +TVyMnGo= +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/ca/GeoTrust_Primary_CA.pem b/packer/provisioning/ssl/ca/GeoTrust_Primary_CA.pem new file mode 100644 index 0000000..4137243 --- /dev/null +++ b/packer/provisioning/ssl/ca/GeoTrust_Primary_CA.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBY +MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo +R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEx +MjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK +Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQcmltYXJ5IENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC +AQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9 +AWbK7hWNb6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjA +ZIVcFU2Ix7e64HXprQU9nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE0 +7e9GceBrAqg1cmuXm2bgyxx5X9gaBGgeRwLmnWDiNpcB3841kt++Z8dtd1k7j53W +kBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGttm/81w7a4DSwDRp35+MI +mO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G +A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJ +KoZIhvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ1 +6CePbJC/kRYkRj5KTs4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl +4b7UVXGYNTq+k+qurUKykG/g/CFNNWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6K +oKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHaFloxt/m0cYASSJlyc1pZU8Fj +UjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG1riR/aYNKxoU +AT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/ca/RapidSSL.crt b/packer/provisioning/ssl/ca/RapidSSL.crt new file mode 100644 index 0000000..fd4341d --- /dev/null +++ b/packer/provisioning/ssl/ca/RapidSSL.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD +QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB +CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 +nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt +43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P +T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 +gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO +BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR +TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw +DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr +hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg +06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF +PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls +YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk +CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/ca/chaineACs-ANTSv3-SA-2.crt b/packer/provisioning/ssl/ca/chaineACs-ANTSv3-SA-2.crt new file mode 100644 index 0000000..ef7820a --- /dev/null +++ b/packer/provisioning/ssl/ca/chaineACs-ANTSv3-SA-2.crt @@ -0,0 +1,70 @@ +-----BEGIN CERTIFICATE----- +MIIGETCCA/mgAwIBAgISESAecjUG2O9kiX/A/O1ocueQMA0GCSqGSIb3DQEBCwUA +MIGaMQswCQYDVQQGEwJGUjEwMC4GA1UECgwnQWdlbmNlIE5hdGlvbmFsZSBkZXMg +VGl0cmVzIFPDqWN1cmlzw6lzMRcwFQYDVQQLDA4wMDAyIDEzMDAwMzI2MjE0MDIG +A1UEAwwrQXV0b3JpdMOpIGRlIENlcnRpZmljYXRpb24gUmFjaW5lIEFOVFMvQSBW +MzEKMAgGA1UEBRMBMTAeFw0xNjA1MjQwMDAwMDBaFw0yMjA1MjQwMDAwMDBaMIGe +MQswCQYDVQQGEwJGUjEwMC4GA1UECgwnQWdlbmNlIE5hdGlvbmFsZSBkZXMgVGl0 +cmVzIFPDqWN1cmlzw6lzMRcwFQYDVQQLDA4wMDAyIDEzMDAwMzI2MjE4MDYGA1UE +AwwvQXV0b3JpdMOpIGRlIENlcnRpZmljYXRpb24gU2VydmljZXMgQXBwbGljYXRp +ZnMxCjAIBgNVBAUTATIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe +uXSRwETXe+9+ylXVk8BRElcJzlLIbl8mPRIvD0SOojFTMlwMGGCgFlDiPmDGR9te +pHOVU9GfeiF3eT1o9xfBxLsRQdnC/1j68fgRm0qovYN5rXaB+wNPUuWtgZNwPgZK +dc4R6430xIAQpU9dHgcusWXxWMD3b7WJJmifwtlhEBKazEZcMgPS1irH+pPRH56+ +AEd+l+ir7PrRd5TGfNrT/aCT+ASE+auul9Q2OrSEgBEFb2mxNmfBf9rOc+Bpueir +KProsAH+XXNXrC/4uiBVEKkGslFBIkkuPpj0wuTUZR+upT/e9GRDo+iM0UhFdy7+ +oNNxa4EITghk8Rup2Mz/AgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA +MA4GA1UdDwEB/wQEAwIBBjARBgNVHSAECjAIMAYGBFUdIAAwSAYDVR0fBEEwPzA9 +oDugOYY3aHR0cDovL2NybC5hbnRzLmdvdXYuZnIvYW50c2F2My9hY19yYWNpbmVf +YW50c2F2M18xLmNybDCBgQYIKwYBBQUHAQEEdTBzMEIGCCsGAQUFBzAChjZodHRw +Oi8vc3AuYW50cy5nb3V2LmZyL2FudHNhdjMvY2FfcmFjaW5lX2FudHNhdjNfMS5j +ZXIwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLmFudHMuZ291di5mci9hbnRzYXYz +LzAdBgNVHQ4EFgQUHIkSEyXD64D3jxXvqHfoIekNCZcwHwYDVR0jBBgwFoAUXAPV +d5g1UCpNf49vmlbblvgV4OMwDQYJKoZIhvcNAQELBQADggIBAJoyslCRpqW7qigT +plNwVyio41tKS6QD73Mz9Rz4a3YQyvozidSdyLOb3eYw9RFP+0LOTvdAQYvyjtvR +EsmqddFauTxBFebZYOy39ItoO4NWCoGSd8pclu7rPXyS/8D+Sfcb/juE3XLfjQvC +CuktXVoYC1s0LGVu/XSaM0Hn+g8d/dvvEeJH2wiQV1fCcDam1j8T8kuAbVOoZcGH +/vOvXvTH3jHXqL61JsytNonLMYtmV/0ZT3K2wF16Q6t0MQWSSHO3cwzwhzWnX3wz +122RoaFBjURrINwwJZpMSbY5UIL84MUR9Vl1KA9JEX9SY2ZIYC8nslHlo/fdLKjT +vFZ8n6N6VotreblAMS1EkkavN2KS+hg2MP9pSN3717kXuFlRe7p3KbUf60Uju+ci +LfQg2zkcmL3PQcEcVPjJdLQRjtOjy4gzGtLpSZ+BMkGRlfNWBfuatWpq1AcxZHXw +dgSwCYmuU7/YhO6NZINERuwOAH7EVPfIjK52O2w8BP5YDpHnFw2+d5qLp6w4WF9q +kvhgwl9/KPN47znzZbTvZ6nOk78Rkw9F6ZJ3ipn8mRSeBg8xrN9zRMOCmBanqT/b +NWMyIFkyE+dlfcGYsqAAjNTA8k3h5uJeqLIWJmPdiQ+6kDLfPvl8iRFsUUuNa3ip +9ud8JMaCHv5JiZCCrKoYzB8L3rO9 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGJTCCBA2gAwIBAgISESC5NBpnVkavBzulIPZSBqVRMA0GCSqGSIb3DQEBCwUA +MIGaMQswCQYDVQQGEwJGUjEwMC4GA1UECgwnQWdlbmNlIE5hdGlvbmFsZSBkZXMg +VGl0cmVzIFPDqWN1cmlzw6lzMRcwFQYDVQQLDA4wMDAyIDEzMDAwMzI2MjE0MDIG +A1UEAwwrQXV0b3JpdMOpIGRlIENlcnRpZmljYXRpb24gUmFjaW5lIEFOVFMvQSBW +MzEKMAgGA1UEBRMBMTAeFw0xMzA3MDQwMDAwMDBaFw0yNTA3MDQwMDAwMDBaMIGa +MQswCQYDVQQGEwJGUjEwMC4GA1UECgwnQWdlbmNlIE5hdGlvbmFsZSBkZXMgVGl0 +cmVzIFPDqWN1cmlzw6lzMRcwFQYDVQQLDA4wMDAyIDEzMDAwMzI2MjE0MDIGA1UE +AwwrQXV0b3JpdMOpIGRlIENlcnRpZmljYXRpb24gUmFjaW5lIEFOVFMvQSBWMzEK +MAgGA1UEBRMBMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK4TdVab +glw78h8MWOZ4cILocAXSUIFbVk5gr0bD7lqEq3FV9Rpp0rGmhYkFy57sl/5oXa0v +Z+DHxnZ3fFsZODcA0DWf+H1wn3VoxoeiThIlkVdo41mFeD/ZWxaYhaYF0LkgF1Ks +hUMhaLLZNfdOVGSubIpLBCoHcBDqKf8bEEF04xS7b0hJcjfhay902SsHJ+iE3Rno +SPo3kQ4uT3kH6Qoda7StDm7F8O2FcX6LTgj/Lggly8eiT+4qPyG/+ty4RxOdE5c4 +IqcsGiJe6+koGAJ2dQQSAUKA/TeKHFId47vMRIB+MwcKMXAAiqA3Ip7csk7eFr8v +mcUWZONo4x+BiNAqm6Sdlls8+JPykxe8JiClzJbXWkuAF3vBo1aiB3PzaC1qY60H +byGtv/n0kC0R8fkEx8/YC/4Qi/XY0NAsCbyrlFTZtKrGhji1OC6wKMgk5glaNJC/ +nLwzUpXAPKjrUv4vHdI3jRRA8bKuB/Xecirt/bY/+vxTwW4lBqfWw3AttX48j+Az +Tu/sMcEC+kdO5iOc/ZI7m9irzUJk8VIiD4wkGrZ1SeINacsXh1vCJch2dYJxdYyc +0jTJGg12mEaRnFHlXTlYaF0hrhV1EBEo+2nOFODeIk9oqpwRPZ95+sAdQHTy+8SS +HPUtlbaN88Vks2mk2A40nDcOIXKu6wBCXVx5AgMBAAGjYzBhMA8GA1UdEwEB/wQF +MAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRcA9V3mDVQKk1/j2+aVtuW ++BXg4zAfBgNVHSMEGDAWgBRcA9V3mDVQKk1/j2+aVtuW+BXg4zANBgkqhkiG9w0B +AQsFAAOCAgEAPh1gSfDNSL2WKEa1n0kUVVhkyApY1JPwWrNNRxUCioRj1ulTNS/b +IcIKyowKN1d0KQFTogE8MA76y2Syc5nyQEnTwtnIhrrVuo2J4+TAt19mxObcdSJ5 +BNZ6/JoC6djlcs92sghjXUcfRbtI6v84sIbnhBZvToA6PFMOHn8WIGc1rKcNv/7F +fSS4cQydgXQPdv8IBdxCBMH7zml9wYz89ENMcemyWWIm5W6kSDhaxP5wQKo3PYmq +BOX+ICX68EhZD0CIngkxpxLmFlcOsgIciGLjzuGf3mKxek4ZQUyP4hk93jfbHftL +qrKomMcB8vrksuAbxci7uAjyR+i32TqTcPhkiWwCV3BpRIiXGPAFjOHtrfdUjJPt +7OuJ4OqlDKZIkfRhDV/E3XGzlti+x7+FhPa6Wh9IUOU42pBo1SHTh+yGSpzsITVp +7rBnRv47j9L8Y7L+wDURb2JWzlwKPR7Dnf8/zPXxJ90WPgOai41FuTDsjZYbNDop +T+PM9e7cJPB6GsuEsulSqf4ZCMUAwb+QCaZSFXajKtEaYGnYhnuIhCxjuCWqo8CU +ogANuQ7ON4v+aCVLy2pJ3LPV/9YGcLHR0YssmD/jqcZi7fhNcAJMOTRW4lticHl5 +R5ihit2olJHYbD2S+XesKj91gNz3GEJj1yWuWwo9id8nmXY5J7fGZ5w= +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/ca/chaineACs-ANTSv3-SA-crt b/packer/provisioning/ssl/ca/chaineACs-ANTSv3-SA-crt new file mode 100644 index 0000000..a798744 --- /dev/null +++ b/packer/provisioning/ssl/ca/chaineACs-ANTSv3-SA-crt @@ -0,0 +1,70 @@ +-----BEGIN CERTIFICATE----- +MIIGETCCA/mgAwIBAgISESB0DFgpC97mZ9Nh3ruNBL2qMA0GCSqGSIb3DQEBCwUA +MIGaMQswCQYDVQQGEwJGUjEwMC4GA1UECgwnQWdlbmNlIE5hdGlvbmFsZSBkZXMg +VGl0cmVzIFPDqWN1cmlzw6lzMRcwFQYDVQQLDA4wMDAyIDEzMDAwMzI2MjE0MDIG +A1UEAwwrQXV0b3JpdMOpIGRlIENlcnRpZmljYXRpb24gUmFjaW5lIEFOVFMvQSBW +MzEKMAgGA1UEBRMBMTAeFw0xMzA3MDQwMDAwMDBaFw0xOTA3MDQwMDAwMDBaMIGe +MQswCQYDVQQGEwJGUjEwMC4GA1UECgwnQWdlbmNlIE5hdGlvbmFsZSBkZXMgVGl0 +cmVzIFPDqWN1cmlzw6lzMRcwFQYDVQQLDA4wMDAyIDEzMDAwMzI2MjE4MDYGA1UE +AwwvQXV0b3JpdMOpIGRlIENlcnRpZmljYXRpb24gU2VydmljZXMgQXBwbGljYXRp +ZnMxCjAIBgNVBAUTATEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh +AFZdLGRoaYnMv+8VxDyg1uj3ES/auX+XaXIciJK4QFzudRsu6XjS9E8N/sECZsdx +uzYZzw6CIwb8Cz/gucL7H4ITN2CUDiiMCCBobuBfSXYiY4BV7efqYE9Hx2fmQjeK +9FLHVbjJBsCjn9IIFGbqHIqCcHRH0kLyIZrnM9fG9lXJxTCqWPNzMkuTISgm9pb3 +VrsBwADcoklUKeTUHkbyz+qsqwipqqrO+SJQp5Lz3Sxsx8xVNlkvKgGLn0JOidVK +PFtUPrHvd0sXzqkvaUKdAOV1SBkFJ1Oya6LBQjuDNIzdSkTyQ5h7K5p4xDUfSBU3 +bZVD0ZFYnnzPo8tCYqsjAgMBAAGjggFJMIIBRTASBgNVHRMBAf8ECDAGAQH/AgEA +MA4GA1UdDwEB/wQEAwIBBjARBgNVHSAECjAIMAYGBFUdIAAwSAYDVR0fBEEwPzA9 +oDugOYY3aHR0cDovL2NybC5hbnRzLmdvdXYuZnIvYW50c2F2My9hY19yYWNpbmVf +YW50c2F2M18xLmNybDCBgQYIKwYBBQUHAQEEdTBzMEIGCCsGAQUFBzAChjZodHRw +Oi8vc3AuYW50cy5nb3V2LmZyL2FudHNhdjMvY2FfcmFjaW5lX2FudHNhdjNfMS5j +ZXIwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLmFudHMuZ291di5mci9hbnRzYXYz +LzAdBgNVHQ4EFgQUM5+7zx89GVrXKHmoSv1jfL8AMi8wHwYDVR0jBBgwFoAUXAPV +d5g1UCpNf49vmlbblvgV4OMwDQYJKoZIhvcNAQELBQADggIBAFGR3FQ/DSv7k5ZM +n97UhitA5RT+iwT7gnGMnwZ7N2CSahmxulyNSIk2UUUpmBXd/dlBTB5W4BxupgJM +21O+32dwZwfhLxT92nVlTlG+5ow0W4aXHy3ZCso+90oFBoFuZvuVt2w3XROWxqsp +Emvoot0uZjHA81hFvZEL/B8N4yoPB4olI4HCBPVAp8oBxeljYxbc/QhB5q/PqCww +lv0K4j7r2/yiUQbml5H9YZZKSETi8MW4IaIoSUh0A0IWQH4nBR7b+cwGvfgZXw43 +ymE01oW2fAEAl+6nHYXEDA7q4o6VCGMqlb7FDY6ZvQ/V7oM1veVqj0nYyVTYBQ7p +Lp3hs0RuF5LJCFYhnaM9TLoDEh86tKG/YONJUXUYgUaBgFmYyBm2Rdj3A+GXpd9+ +8+8ihI/mRiWPNKfX9GANN67mSOlMXbUFyZkG30CwCBZdlng+EmcZnfDNNteWxOPe +gnm816k96+zR6ZbBPRz6Vkw6nN2OB9z3GfmoaWffHXaA6jmBPn62bfCC6PzEpebp +do7X/dfB7rvRRay3Ewe/aUnzc2ze5w5z3taT5bQEj5SgBEYCMnGekmJkdMOBf/c2 +mUfPtqWPDU7Mp7nO2HbMbH9Ly/EyTPh3lwFRyU3tgei0rBEN/Dq2sXt37OcfmWxy +ni/uwutaK6dn+u1i0CCQS/qDcWk0 +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIGJTCCBA2gAwIBAgISESC5NBpnVkavBzulIPZSBqVRMA0GCSqGSIb3DQEBCwUA +MIGaMQswCQYDVQQGEwJGUjEwMC4GA1UECgwnQWdlbmNlIE5hdGlvbmFsZSBkZXMg +VGl0cmVzIFPDqWN1cmlzw6lzMRcwFQYDVQQLDA4wMDAyIDEzMDAwMzI2MjE0MDIG +A1UEAwwrQXV0b3JpdMOpIGRlIENlcnRpZmljYXRpb24gUmFjaW5lIEFOVFMvQSBW +MzEKMAgGA1UEBRMBMTAeFw0xMzA3MDQwMDAwMDBaFw0yNTA3MDQwMDAwMDBaMIGa +MQswCQYDVQQGEwJGUjEwMC4GA1UECgwnQWdlbmNlIE5hdGlvbmFsZSBkZXMgVGl0 +cmVzIFPDqWN1cmlzw6lzMRcwFQYDVQQLDA4wMDAyIDEzMDAwMzI2MjE0MDIGA1UE +AwwrQXV0b3JpdMOpIGRlIENlcnRpZmljYXRpb24gUmFjaW5lIEFOVFMvQSBWMzEK +MAgGA1UEBRMBMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK4TdVab +glw78h8MWOZ4cILocAXSUIFbVk5gr0bD7lqEq3FV9Rpp0rGmhYkFy57sl/5oXa0v +Z+DHxnZ3fFsZODcA0DWf+H1wn3VoxoeiThIlkVdo41mFeD/ZWxaYhaYF0LkgF1Ks +hUMhaLLZNfdOVGSubIpLBCoHcBDqKf8bEEF04xS7b0hJcjfhay902SsHJ+iE3Rno +SPo3kQ4uT3kH6Qoda7StDm7F8O2FcX6LTgj/Lggly8eiT+4qPyG/+ty4RxOdE5c4 +IqcsGiJe6+koGAJ2dQQSAUKA/TeKHFId47vMRIB+MwcKMXAAiqA3Ip7csk7eFr8v +mcUWZONo4x+BiNAqm6Sdlls8+JPykxe8JiClzJbXWkuAF3vBo1aiB3PzaC1qY60H +byGtv/n0kC0R8fkEx8/YC/4Qi/XY0NAsCbyrlFTZtKrGhji1OC6wKMgk5glaNJC/ +nLwzUpXAPKjrUv4vHdI3jRRA8bKuB/Xecirt/bY/+vxTwW4lBqfWw3AttX48j+Az +Tu/sMcEC+kdO5iOc/ZI7m9irzUJk8VIiD4wkGrZ1SeINacsXh1vCJch2dYJxdYyc +0jTJGg12mEaRnFHlXTlYaF0hrhV1EBEo+2nOFODeIk9oqpwRPZ95+sAdQHTy+8SS +HPUtlbaN88Vks2mk2A40nDcOIXKu6wBCXVx5AgMBAAGjYzBhMA8GA1UdEwEB/wQF +MAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRcA9V3mDVQKk1/j2+aVtuW ++BXg4zAfBgNVHSMEGDAWgBRcA9V3mDVQKk1/j2+aVtuW+BXg4zANBgkqhkiG9w0B +AQsFAAOCAgEAPh1gSfDNSL2WKEa1n0kUVVhkyApY1JPwWrNNRxUCioRj1ulTNS/b +IcIKyowKN1d0KQFTogE8MA76y2Syc5nyQEnTwtnIhrrVuo2J4+TAt19mxObcdSJ5 +BNZ6/JoC6djlcs92sghjXUcfRbtI6v84sIbnhBZvToA6PFMOHn8WIGc1rKcNv/7F +fSS4cQydgXQPdv8IBdxCBMH7zml9wYz89ENMcemyWWIm5W6kSDhaxP5wQKo3PYmq +BOX+ICX68EhZD0CIngkxpxLmFlcOsgIciGLjzuGf3mKxek4ZQUyP4hk93jfbHftL +qrKomMcB8vrksuAbxci7uAjyR+i32TqTcPhkiWwCV3BpRIiXGPAFjOHtrfdUjJPt +7OuJ4OqlDKZIkfRhDV/E3XGzlti+x7+FhPa6Wh9IUOU42pBo1SHTh+yGSpzsITVp +7rBnRv47j9L8Y7L+wDURb2JWzlwKPR7Dnf8/zPXxJ90WPgOai41FuTDsjZYbNDop +T+PM9e7cJPB6GsuEsulSqf4ZCMUAwb+QCaZSFXajKtEaYGnYhnuIhCxjuCWqo8CU +ogANuQ7ON4v+aCVLy2pJ3LPV/9YGcLHR0YssmD/jqcZi7fhNcAJMOTRW4lticHl5 +R5ihit2olJHYbD2S+XesKj91gNz3GEJj1yWuWwo9id8nmXY5J7fGZ5w= +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/ca/isrg-root-x2.pem b/packer/provisioning/ssl/ca/isrg-root-x2.pem new file mode 100644 index 0000000..7d903ed --- /dev/null +++ b/packer/provisioning/ssl/ca/isrg-root-x2.pem @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICGzCCAaGgAwIBAgIQQdKd0XLq7qeAwSxs6S+HUjAKBggqhkjOPQQDAzBPMQsw +CQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2gg +R3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMjAeFw0yMDA5MDQwMDAwMDBaFw00 +MDA5MTcxNjAwMDBaME8xCzAJBgNVBAYTAlVTMSkwJwYDVQQKEyBJbnRlcm5ldCBT +ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEVMBMGA1UEAxMMSVNSRyBSb290IFgyMHYw +EAYHKoZIzj0CAQYFK4EEACIDYgAEzZvVn4CDCuwJSvMWSj5cz3es3mcFDR0HttwW ++1qLFNvicWDEukWVEYmO6gbf9yoWHKS5xcUy4APgHoIYOIvXRdgKam7mAHf7AlF9 +ItgKbppbd9/w+kHsOdx1ymgHDB/qo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0T +AQH/BAUwAwEB/zAdBgNVHQ4EFgQUfEKWrt5LSDv6kviejM9ti6lyN5UwCgYIKoZI +zj0EAwMDaAAwZQIwe3lORlCEwkSHRhtFcP9Ymd70/aTSVaYgLXTWNLxBo1BfASdW +tL4ndQavEi51mI38AjEAi/V3bNTIZargCyzuFJ0nN6T5U6VR5CmD1/iQMVtCnwr1 +/q4AaOeMSQ+2b1tbFfLn +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/ca/isrgrootx1.crt b/packer/provisioning/ssl/ca/isrgrootx1.crt new file mode 100644 index 0000000..9548dc1 --- /dev/null +++ b/packer/provisioning/ssl/ca/isrgrootx1.crt @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 +WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu +ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY +MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc +h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ +0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U +A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW +T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH +B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC +B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv +KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn +OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn +jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw +qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI +rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq +hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL +ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ +3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK +NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 +ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur +TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC +jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc +oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq +4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA +mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d +emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/ca/isrgrootx1.pem b/packer/provisioning/ssl/ca/isrgrootx1.pem new file mode 100644 index 0000000..b85c803 --- /dev/null +++ b/packer/provisioning/ssl/ca/isrgrootx1.pem @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 +WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu +ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY +MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc +h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ +0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U +A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW +T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH +B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC +B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv +KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn +OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn +jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw +qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI +rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq +hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL +ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ +3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK +NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 +ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur +TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC +jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc +oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq +4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA +mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d +emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/ca/lets-encrypt-r3.pem b/packer/provisioning/ssl/ca/lets-encrypt-r3.pem new file mode 100644 index 0000000..43b222a --- /dev/null +++ b/packer/provisioning/ssl/ca/lets-encrypt-r3.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw +WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg +RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP +R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx +sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm +NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg +Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG +/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC +AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB +Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA +FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw +AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw +Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB +gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W +PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl +ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz +CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm +lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 +avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 +yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O +yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids +hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ +HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv +MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX +nLRbwHOoq7hHwg== +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/ca/lets-encrypt-x4-cross-signed.crt b/packer/provisioning/ssl/ca/lets-encrypt-x4-cross-signed.crt new file mode 100644 index 0000000..c0b4eb6 --- /dev/null +++ b/packer/provisioning/ssl/ca/lets-encrypt-x4-cross-signed.crt @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc6bLEeMfizANBgkqhkiG9w0BAQsFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDEwMloXDTIxMDMxNzE2NDEwMlow +SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT +GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFg0MIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEA4SR0Qnu3kTHZc/84qtjORFy3OQrcRK4NvUW5lzdnr71QT1/T +EFRr90HajmPmbVvA6ECpjEH80QOJ/2JhCWDWBwV4mpC9GmQ+T9zPdy+Ja8tnr0FN +xY0AwGv+jYTctfKVMajo9pCgQ0qTdFyzPkNpS4kiR3RRPplkw80kAfmELyh3FyKn +3cNsCExmLzd0xW+TjrBGNxZh0VCYyLAPT1hTfKz22i2WYVCtQ9wKpk+etVK5nI7v +Tt9GszHcIPxpwqMgdT7sOBs2TmZm0t/1ZqSTL3umDpQ+YD1KSxxvurRNHDyRWG4v +TcTacNvtATl2wEnn6TW1FAaQweWS4hD9a7m0hQIDAQABo4IBfTCCAXkwEgYDVR0T +AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG +CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv +bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k +c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw +VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC +ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz +MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu +Y3JsMB0GA1UdDgQWBBTFsatOTLHNZDCTfsGEmQWr5gPiJTANBgkqhkiG9w0BAQsF +AAOCAQEANlaeSdstfAtqFN3jdRZJFjx9X+Ob3PIDlekPYQ1OQ1Uw43rE1FUj7hUw +g2MJKfs9b7M0WoQg7C20nJY/ajsg7pWhUG3J6rlkDTfVY9faeWi0qsPYXE6BpBDr +5BrW/Xv8yT8U2BiEAmNggWq8dmFl82fghmLzHBM8X8NZ3ZwA1fGePA53AP5IoD+0 +ArpW8Ik1sSuQBjZ8oQLfN+G8OoY7MNRopyLyQQCNy4aWfE+xYnoVoa5+yr+aPiX0 +7YQrY/cKawAn7QB4PyF5//IKSAVs7mAuB68wbMdE3FKfOHfJ24W4z/bIJTrTY8Y5 +Sr4AUhtzf8oVDrHZYWRrP4joIcOu/Q== +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/ca/letsencryptauthorityx3.crt b/packer/provisioning/ssl/ca/letsencryptauthorityx3.crt new file mode 100644 index 0000000..108c050 --- /dev/null +++ b/packer/provisioning/ssl/ca/letsencryptauthorityx3.crt @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFjTCCA3WgAwIBAgIRANOxciY0IzLc9AUoUSrsnGowDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTYxMDA2MTU0MzU1 +WhcNMjExMDA2MTU0MzU1WjBKMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg +RW5jcnlwdDEjMCEGA1UEAxMaTGV0J3MgRW5jcnlwdCBBdXRob3JpdHkgWDMwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc0wzwWuUuR7dyXTeDs2hjMOrX +NSYZJeG9vjXxcJIvt7hLQQWrqZ41CFjssSrEaIcLo+N15Obzp2JxunmBYB/XkZqf +89B4Z3HIaQ6Vkc/+5pnpYDxIzH7KTXcSJJ1HG1rrueweNwAcnKx7pwXqzkrrvUHl +Npi5y/1tPJZo3yMqQpAMhnRnyH+lmrhSYRQTP2XpgofL2/oOVvaGifOFP5eGr7Dc +Gu9rDZUWfcQroGWymQQ2dYBrrErzG5BJeC+ilk8qICUpBMZ0wNAxzY8xOJUWuqgz +uEPxsR/DMH+ieTETPS02+OP88jNquTkxxa/EjQ0dZBYzqvqEKbbUC8DYfcOTAgMB +AAGjggFnMIIBYzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADBU +BgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEBATAwMC4GCCsGAQUFBwIB +FiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQub3JnMB0GA1UdDgQWBBSo +SmpjBH3duubRObemRWXv86jsoTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3Js +LnJvb3QteDEubGV0c2VuY3J5cHQub3JnMHIGCCsGAQUFBwEBBGYwZDAwBggrBgEF +BQcwAYYkaHR0cDovL29jc3Aucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcvMDAGCCsG +AQUFBzAChiRodHRwOi8vY2VydC5yb290LXgxLmxldHNlbmNyeXB0Lm9yZy8wHwYD +VR0jBBgwFoAUebRZ5nu25eQBc4AIiMgaWPbpm24wDQYJKoZIhvcNAQELBQADggIB +ABnPdSA0LTqmRf/Q1eaM2jLonG4bQdEnqOJQ8nCqxOeTRrToEKtwT++36gTSlBGx +A/5dut82jJQ2jxN8RI8L9QFXrWi4xXnA2EqA10yjHiR6H9cj6MFiOnb5In1eWsRM +UM2v3e9tNsCAgBukPHAg1lQh07rvFKm/Bz9BCjaxorALINUfZ9DD64j2igLIxle2 +DPxW8dI/F2loHMjXZjqG8RkqZUdoxtID5+90FgsGIfkMpqgRS05f4zPbCEHqCXl1 +eO5HyELTgcVlLXXQDgAWnRzut1hFJeczY1tjQQno6f6s+nMydLN26WuU4s3UYvOu +OsUxRlJu7TSRHqDC3lSE5XggVkzdaPkuKGQbGpny+01/47hfXXNB7HntWNZ6N2Vw +p7G6OfY+YQrZwIaQmhrIqJZuigsrbe3W+gdn5ykE9+Ky0VgVUsfxo52mwFYs1JKY +2PGDuWx8M6DlS6qQkvHaRUo0FMd8TsSlbF0/v965qGFKhSDeQoMpYnwcmQilRh/0 +ayLThlHLN81gSkJjVrPI0Y8xCVPB4twb1PFUd2fPM3sA1tJ83sZ5v8vgFv2yofKR +PB0t6JzUA81mSqM3kxl5e+IZwhYAyO0OTg3/fs8HqGTNKd9BqoUwSRBzp06JMg5b +rUCGwbCUDI0mxadJ3Bz4WxR6fyNpBK2yAinWEsikxqEt +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/ca/letsencryptauthorityx3.pem b/packer/provisioning/ssl/ca/letsencryptauthorityx3.pem new file mode 100644 index 0000000..4e82cb5 --- /dev/null +++ b/packer/provisioning/ssl/ca/letsencryptauthorityx3.pem @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFjTCCA3WgAwIBAgIRANOxciY0IzLc9AUoUSrsnGowDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTYxMDA2MTU0MzU1 +WhcNMjExMDA2MTU0MzU1WjBKMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg +RW5jcnlwdDEjMCEGA1UEAxMaTGV0J3MgRW5jcnlwdCBBdXRob3JpdHkgWDMwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc0wzwWuUuR7dyXTeDs2hjMOrX +NSYZJeG9vjXxcJIvt7hLQQWrqZ41CFjssSrEaIcLo+N15Obzp2JxunmBYB/XkZqf +89B4Z3HIaQ6Vkc/+5pnpYDxIzH7KTXcSJJ1HG1rrueweNwAcnKx7pwXqzkrrvUHl +Npi5y/1tPJZo3yMqQpAMhnRnyH+lmrhSYRQTP2XpgofL2/oOVvaGifOFP5eGr7Dc +Gu9rDZUWfcQroGWymQQ2dYBrrErzG5BJeC+ilk8qICUpBMZ0wNAxzY8xOJUWuqgz +uEPxsR/DMH+ieTETPS02+OP88jNquTkxxa/EjQ0dZBYzqvqEKbbUC8DYfcOTAgMB +AAGjggFnMIIBYzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADBU +BgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEBATAwMC4GCCsGAQUFBwIB +FiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQub3JnMB0GA1UdDgQWBBSo +SmpjBH3duubRObemRWXv86jsoTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3Js +LnJvb3QteDEubGV0c2VuY3J5cHQub3JnMHIGCCsGAQUFBwEBBGYwZDAwBggrBgEF +BQcwAYYkaHR0cDovL29jc3Aucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcvMDAGCCsG +AQUFBzAChiRodHRwOi8vY2VydC5yb290LXgxLmxldHNlbmNyeXB0Lm9yZy8wHwYD +VR0jBBgwFoAUebRZ5nu25eQBc4AIiMgaWPbpm24wDQYJKoZIhvcNAQELBQADggIB +ABnPdSA0LTqmRf/Q1eaM2jLonG4bQdEnqOJQ8nCqxOeTRrToEKtwT++36gTSlBGx +A/5dut82jJQ2jxN8RI8L9QFXrWi4xXnA2EqA10yjHiR6H9cj6MFiOnb5In1eWsRM +UM2v3e9tNsCAgBukPHAg1lQh07rvFKm/Bz9BCjaxorALINUfZ9DD64j2igLIxle2 +DPxW8dI/F2loHMjXZjqG8RkqZUdoxtID5+90FgsGIfkMpqgRS05f4zPbCEHqCXl1 +eO5HyELTgcVlLXXQDgAWnRzut1hFJeczY1tjQQno6f6s+nMydLN26WuU4s3UYvOu +OsUxRlJu7TSRHqDC3lSE5XggVkzdaPkuKGQbGpny+01/47hfXXNB7HntWNZ6N2Vw +p7G6OfY+YQrZwIaQmhrIqJZuigsrbe3W+gdn5ykE9+Ky0VgVUsfxo52mwFYs1JKY +2PGDuWx8M6DlS6qQkvHaRUo0FMd8TsSlbF0/v965qGFKhSDeQoMpYnwcmQilRh/0 +ayLThlHLN81gSkJjVrPI0Y8xCVPB4twb1PFUd2fPM3sA1tJ83sZ5v8vgFv2yofKR +PB0t6JzUA81mSqM3kxl5e+IZwhYAyO0OTg3/fs8HqGTNKd9BqoUwSRBzp06JMg5b +rUCGwbCUDI0mxadJ3Bz4WxR6fyNpBK2yAinWEsikxqEt +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/certs/ber.crt b/packer/provisioning/ssl/certs/ber.crt new file mode 100644 index 0000000..c4e188f --- /dev/null +++ b/packer/provisioning/ssl/certs/ber.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFHzCCBAegAwIBAgISBCjkb2j6sMEhSJmFWzQLY9ZFMA0GCSqGSIb3DQEBCwUA +MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD +EwJSMzAeFw0yMTAyMTcxMjA3MTZaFw0yMTA1MTgxMjA3MTZaMBgxFjAUBgNVBAMM +DSouYmVyLmFzc28uZnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4 +WWRNeZeda6tJdMoq2BaVTTn9dPxv7PXmMAbyV4BBF0OjNiJiWcMUtTR2UEmnVLzD +gaIs09jwsz/ONgjlEjM0t3bUOX6DiZg5GCE454JzMNSJAbiBTmCIQmPK3G/T6ZCG +xCIIVVhBQ6IYZjZWVnULtwtTy4k4Ib8lD0XHZKo7vX5+2pycXAB0ndK8UoEDJf8L +d7OatFaNC4J3/D3qUvNVQufGUgxZPp5ETKSEDnxrl67A/coea54pP73cHyArdL97 +QRgT0UAT2Nuwn/It6a5xdE/5gl24RqwjN3XivgKyRhA5UeHw4tQBWIi6mou9Ttt0 +ky16vAsXWjt1OXxIfi8ZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYD +VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O +BBYEFIPQnxhiMLua8dlOGgyjElFFSq9JMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ +QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz +Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv +MBgGA1UdEQQRMA+CDSouYmVyLmFzc28uZnIwTAYDVR0gBEUwQzAIBgZngQwBAgEw +NwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5j +cnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQCUILwejtWNbIhzH4KL +IiwN0dpNXmxPlD1h204vWE2iwgAAAXewGhhfAAAEAwBGMEQCIC88mMBZPXR5wDuV +Q3+TNOafkGYD1RZMp88tiTI4j/EAAiAi8HdR5aYRkcjgVKsB8Dc/yA36dkQ9V/MH +3+50rvef4gB2AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDXAAABd7Aa +GQgAAAQDAEcwRQIhAIFWNgftG1lP3bFEMx90k9PGZyEQnAgt/I0rmUMFRsJVAiAT +y92UzhyUcE5ylL0ef33/f+y5Fk3TemdFDnWguX56CzANBgkqhkiG9w0BAQsFAAOC +AQEACiz/1Na1pfXd78CZ8jN65EcbhE8Z9JMUb8v4uOOf5whK6oHlkUgAvjIUzL5A +xfmUPUXdceSLOttgT6+wx5X8zyPSiUNQDEre8RMqGtRTX0uix5Gxp2nyQAOf7BdS +knzYkQ90HM5XHyXci0yqImT+g1XUz404DTXi4TtunVXaHTsnVK4VvJCMbitmwEjR +8u3xQrbqqBAkhVMeiywgNdSpkhDZz1Vl7NQgv0QmkdDfs2UM2cOt/XPlzyzYQ/DG +sRyJ+ItEm5XMlrh21ISmnHzeBNGLGnPBBNBYMX8ReLIw1VjQ+98adWs+jL6/Ac9Q +aNieo2Uw0oyYjOfiqjgqwmQ4Og== +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/certs/ber.key b/packer/provisioning/ssl/certs/ber.key new file mode 100644 index 0000000..61cebea --- /dev/null +++ b/packer/provisioning/ssl/certs/ber.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4WWRNeZeda6tJ +dMoq2BaVTTn9dPxv7PXmMAbyV4BBF0OjNiJiWcMUtTR2UEmnVLzDgaIs09jwsz/O +NgjlEjM0t3bUOX6DiZg5GCE454JzMNSJAbiBTmCIQmPK3G/T6ZCGxCIIVVhBQ6IY +ZjZWVnULtwtTy4k4Ib8lD0XHZKo7vX5+2pycXAB0ndK8UoEDJf8Ld7OatFaNC4J3 +/D3qUvNVQufGUgxZPp5ETKSEDnxrl67A/coea54pP73cHyArdL97QRgT0UAT2Nuw +n/It6a5xdE/5gl24RqwjN3XivgKyRhA5UeHw4tQBWIi6mou9Ttt0ky16vAsXWjt1 +OXxIfi8ZAgMBAAECggEBAKfFGsZzYSrvwNvCAPcK30qTFLJ41AAcfBE4JipIvbz/ +KhwP+Szeme5vlsYR/WXedUfL40a+qZEs4GWPwXqPnLBeQzOS+3NENpfHQPzjnFGu +382sFjj/llSLbvxArzkBN/md54cD/KSwo4VnCA588lpuBE4HTuMZuzZD9vImx9JC +75oGD1Acct+AFAxqf4aLDAf7XawNMTXYFmMICUtzJ/TlP4XiuSJgyt6tUvbE0SPq +PEP1iEohJCBVZrN1F1/rxW1AYKdXtso97iszObbTiHFIYyqqvBGMofgKiZXhtsLg +UCm7umD5SMeDEZWD+gGjtThepWbi+1eQezgolUMF/fECgYEA32S+VzgVwd5YNql/ +8/rYKys7asacR6MZ6MP3zTpu8JU4NhuEnRi97J2nm/r4iwCO+TI1YC72r47iImp0 +BQhs/4BMizZurMbEc7lvfgiDVZKCnV0iyfmi1k/K4IgVHUAFFX8JG5zSrT1eKXdh +cGrPU5UHO2F8iqaX2e6a/haha30CgYEA00G6m+v8gj2vb5h3bXnY+WPBatRdbpqn +DoLA/tASWhioY0lisiiOiziIFpeRjOQ6JEqgt+ro0yTKksHX54ti0yHL2QFi8acM +wXHTEHNo2S22DAe1fbUQuwbYzexxdscgqK+u2OBTQb9Ji7SzyMfPRZ5QdgRrri83 +1Fo7+N86TM0CgYAB1Jh+rHX5LbI5WHA09pQ43lTRTilPqPV4Y8qvAtCP5hkc0GLo +yqAbxTrvW0IYGXwSbKflTt00mQ4fTBIBTI1gFpQJ+/syLTrE2/se5ED3PYkWcwHq +98Gu0d6Osm7B25lvEKhpcoKDauJPoqvIuQdT3v+9K9JSbIUIAx2AAX13HQKBgECN +ozImCEDcDJGzKzs+snhybRXx0qMLiuS6O7MhbZouUrYUJJ6AGh6cpakRo55D1yhj +zXylwYNTiLsTlJ/iTc5qU1n6PHvPKeyqlW4/ddh3SVuft2u0OmqMCw/RolJDQs2I +8Yq/8XDzvMt96jn+JG4HlFqbuzO8pfizogPIYo45AoGBAIkCD7iW7TMI38npwgbt +nnA/DiMdNorsUzp/zQdzGb4QGGldVSsIk+sgJkNMAMC9zJ2ih4jh2M/Lr1N3FsOC +PVReoeF9/PMjy0Hbdyyzd6XQhW+KLiyibgwMkdRYrAD0jXaSgDnwzIff2aPS1n/m +7eRMhYiUVDxVVO8REWVlEmlr +-----END PRIVATE KEY----- diff --git a/packer/provisioning/ssl/certs/ber.pem b/packer/provisioning/ssl/certs/ber.pem new file mode 100644 index 0000000..002cb15 --- /dev/null +++ b/packer/provisioning/ssl/certs/ber.pem @@ -0,0 +1,56 @@ +-----BEGIN CERTIFICATE----- +MIIFHzCCBAegAwIBAgISBCjkb2j6sMEhSJmFWzQLY9ZFMA0GCSqGSIb3DQEBCwUA +MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD +EwJSMzAeFw0yMTAyMTcxMjA3MTZaFw0yMTA1MTgxMjA3MTZaMBgxFjAUBgNVBAMM +DSouYmVyLmFzc28uZnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4 +WWRNeZeda6tJdMoq2BaVTTn9dPxv7PXmMAbyV4BBF0OjNiJiWcMUtTR2UEmnVLzD +gaIs09jwsz/ONgjlEjM0t3bUOX6DiZg5GCE454JzMNSJAbiBTmCIQmPK3G/T6ZCG +xCIIVVhBQ6IYZjZWVnULtwtTy4k4Ib8lD0XHZKo7vX5+2pycXAB0ndK8UoEDJf8L +d7OatFaNC4J3/D3qUvNVQufGUgxZPp5ETKSEDnxrl67A/coea54pP73cHyArdL97 +QRgT0UAT2Nuwn/It6a5xdE/5gl24RqwjN3XivgKyRhA5UeHw4tQBWIi6mou9Ttt0 +ky16vAsXWjt1OXxIfi8ZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYD +VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O +BBYEFIPQnxhiMLua8dlOGgyjElFFSq9JMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ +QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz +Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv +MBgGA1UdEQQRMA+CDSouYmVyLmFzc28uZnIwTAYDVR0gBEUwQzAIBgZngQwBAgEw +NwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5j +cnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQCUILwejtWNbIhzH4KL +IiwN0dpNXmxPlD1h204vWE2iwgAAAXewGhhfAAAEAwBGMEQCIC88mMBZPXR5wDuV +Q3+TNOafkGYD1RZMp88tiTI4j/EAAiAi8HdR5aYRkcjgVKsB8Dc/yA36dkQ9V/MH +3+50rvef4gB2AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDXAAABd7Aa +GQgAAAQDAEcwRQIhAIFWNgftG1lP3bFEMx90k9PGZyEQnAgt/I0rmUMFRsJVAiAT +y92UzhyUcE5ylL0ef33/f+y5Fk3TemdFDnWguX56CzANBgkqhkiG9w0BAQsFAAOC +AQEACiz/1Na1pfXd78CZ8jN65EcbhE8Z9JMUb8v4uOOf5whK6oHlkUgAvjIUzL5A +xfmUPUXdceSLOttgT6+wx5X8zyPSiUNQDEre8RMqGtRTX0uix5Gxp2nyQAOf7BdS +knzYkQ90HM5XHyXci0yqImT+g1XUz404DTXi4TtunVXaHTsnVK4VvJCMbitmwEjR +8u3xQrbqqBAkhVMeiywgNdSpkhDZz1Vl7NQgv0QmkdDfs2UM2cOt/XPlzyzYQ/DG +sRyJ+ItEm5XMlrh21ISmnHzeBNGLGnPBBNBYMX8ReLIw1VjQ+98adWs+jL6/Ac9Q +aNieo2Uw0oyYjOfiqjgqwmQ4Og== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow +MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT +AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs +jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp +Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB +U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7 +gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel +/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R +oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E +BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p +ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE +p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE +AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu +Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0 +LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf +r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH +ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8 +S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL +qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p +O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw +UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg== +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/certs/ber_ca-chain.crt b/packer/provisioning/ssl/certs/ber_ca-chain.crt new file mode 100644 index 0000000..0002462 --- /dev/null +++ b/packer/provisioning/ssl/certs/ber_ca-chain.crt @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow +SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT +GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF +q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8 +SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0 +Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA +a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj +/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T +AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG +CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv +bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k +c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw +VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC +ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz +MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu +Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF +AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo +uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/ +wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu +X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG +PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6 +KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg== +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/certs/ca.crt b/packer/provisioning/ssl/certs/ca.crt new file mode 100644 index 0000000..1d82449 --- /dev/null +++ b/packer/provisioning/ssl/certs/ca.crt @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow +MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT +AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs +jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp +Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB +U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7 +gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel +/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R +oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E +BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p +ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE +p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE +AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu +Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0 +LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf +r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH +ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8 +S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL +qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p +O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw +UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg== +-----END CERTIFICATE----- diff --git a/packer/provisioning/ssl/private/ber.key b/packer/provisioning/ssl/private/ber.key new file mode 100644 index 0000000..61cebea --- /dev/null +++ b/packer/provisioning/ssl/private/ber.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4WWRNeZeda6tJ +dMoq2BaVTTn9dPxv7PXmMAbyV4BBF0OjNiJiWcMUtTR2UEmnVLzDgaIs09jwsz/O +NgjlEjM0t3bUOX6DiZg5GCE454JzMNSJAbiBTmCIQmPK3G/T6ZCGxCIIVVhBQ6IY +ZjZWVnULtwtTy4k4Ib8lD0XHZKo7vX5+2pycXAB0ndK8UoEDJf8Ld7OatFaNC4J3 +/D3qUvNVQufGUgxZPp5ETKSEDnxrl67A/coea54pP73cHyArdL97QRgT0UAT2Nuw +n/It6a5xdE/5gl24RqwjN3XivgKyRhA5UeHw4tQBWIi6mou9Ttt0ky16vAsXWjt1 +OXxIfi8ZAgMBAAECggEBAKfFGsZzYSrvwNvCAPcK30qTFLJ41AAcfBE4JipIvbz/ +KhwP+Szeme5vlsYR/WXedUfL40a+qZEs4GWPwXqPnLBeQzOS+3NENpfHQPzjnFGu +382sFjj/llSLbvxArzkBN/md54cD/KSwo4VnCA588lpuBE4HTuMZuzZD9vImx9JC +75oGD1Acct+AFAxqf4aLDAf7XawNMTXYFmMICUtzJ/TlP4XiuSJgyt6tUvbE0SPq +PEP1iEohJCBVZrN1F1/rxW1AYKdXtso97iszObbTiHFIYyqqvBGMofgKiZXhtsLg +UCm7umD5SMeDEZWD+gGjtThepWbi+1eQezgolUMF/fECgYEA32S+VzgVwd5YNql/ +8/rYKys7asacR6MZ6MP3zTpu8JU4NhuEnRi97J2nm/r4iwCO+TI1YC72r47iImp0 +BQhs/4BMizZurMbEc7lvfgiDVZKCnV0iyfmi1k/K4IgVHUAFFX8JG5zSrT1eKXdh +cGrPU5UHO2F8iqaX2e6a/haha30CgYEA00G6m+v8gj2vb5h3bXnY+WPBatRdbpqn +DoLA/tASWhioY0lisiiOiziIFpeRjOQ6JEqgt+ro0yTKksHX54ti0yHL2QFi8acM +wXHTEHNo2S22DAe1fbUQuwbYzexxdscgqK+u2OBTQb9Ji7SzyMfPRZ5QdgRrri83 +1Fo7+N86TM0CgYAB1Jh+rHX5LbI5WHA09pQ43lTRTilPqPV4Y8qvAtCP5hkc0GLo +yqAbxTrvW0IYGXwSbKflTt00mQ4fTBIBTI1gFpQJ+/syLTrE2/se5ED3PYkWcwHq +98Gu0d6Osm7B25lvEKhpcoKDauJPoqvIuQdT3v+9K9JSbIUIAx2AAX13HQKBgECN +ozImCEDcDJGzKzs+snhybRXx0qMLiuS6O7MhbZouUrYUJJ6AGh6cpakRo55D1yhj +zXylwYNTiLsTlJ/iTc5qU1n6PHvPKeyqlW4/ddh3SVuft2u0OmqMCw/RolJDQs2I +8Yq/8XDzvMt96jn+JG4HlFqbuzO8pfizogPIYo45AoGBAIkCD7iW7TMI38npwgbt +nnA/DiMdNorsUzp/zQdzGb4QGGldVSsIk+sgJkNMAMC9zJ2ih4jh2M/Lr1N3FsOC +PVReoeF9/PMjy0Hbdyyzd6XQhW+KLiyibgwMkdRYrAD0jXaSgDnwzIff2aPS1n/m +7eRMhYiUVDxVVO8REWVlEmlr +-----END PRIVATE KEY----- diff --git a/packer/recipes/alpine/3.10/virt.json b/packer/recipes/alpine/3.10/virt.json new file mode 100644 index 0000000..b8dfd1b --- /dev/null +++ b/packer/recipes/alpine/3.10/virt.json @@ -0,0 +1,95 @@ +{ + "variables": { + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "provisionning_dir": "{{ template_dir }}/../../../provisioning", + "alpine_provisionning": "{{ user `provisionning_dir`}}/alpine", + "al_mirror": "http://dl-cdn.alpinelinux.org/alpine", + "al_release": "3.10.2", + "al_version": "3.10", + "al_flavour": "alpine-virt", + "vm_name": "alpine-310", + "root_password": "cadoles", + "disk_size": "10240", + "headless": "true" + }, + "builders": [ + { + "name": "{{ user `vm_name` }}", + "type": "qemu", + "iso_url": "{{ user `al_mirror` }}/v{{ user `al_version` }}/releases/x86_64/{{ user `al_flavour` }}-{{ user `al_release` }}-x86_64.iso", + "iso_checksum": "file:{{ user `alpine_provisionning` }}/sums/{{ user `al_flavour` }}-{{ user `al_release` }}-x86_64.iso.sha256", + "format": "qcow2", + "disk_size": "{{user `disk_size`}}", + "disk_compression": false, + "skip_compaction": true, + "ssh_username": "root", + "ssh_password": "{{user `root_password`}}", + "accelerator": "kvm", + "headless": "{{user `headless`}}", + "http_directory": "{{ template_dir }}", + "boot_wait": "5s", + "boot_command": [ + "root", + "", + "passwdcadolescadoles", + "setup-interfaces", + "ifup eth0", + "setup-sshd", + "", + "echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config", + "rc-service sshd stop", + "rc-service sshd start", + "" + ], + "ssh_wait_timeout": "20m", + "output_directory": "{{ template_dir }}/../../../images/alpine/{{user `al_version`}}/{{ user `al_flavour` }}", + "vm_name": "{{ build_name }}-{{ isotime \"20060102\" }}.img" + } + ], + "provisioners": [ + { + "type":"file", + "source":"{{ user `provisionning_dir`}}/ssl", + "destination":"/usr/local/share/ca-certificates/" + }, + { + "type": "shell", + "expect_disconnect": true, + "script": "{{ user `alpine_provisionning` }}/setup-alpine.sh", + "environment_vars": [ + "VM_NAME={{user `vm_name`}}", + "HTTP_PROXY={{user `HTTP_PROXY`}}", + "HTTPS_PROXY={{user `HTTPS_PROXY`}}", + "http_proxy={{user `http_proxy`}}", + "https_proxy={{user `https_proxy`}}", + "ROOT_PASSWORD={{user `root_password`}}" + ] + }, + { + "pause_before": "30s", + "type": "shell", + "scripts": [ + "{{ user `alpine_provisionning` }}/configure-onecontext.sh", + "{{ user `alpine_provisionning` }}/finalize.sh" + ], + "environment_vars": [ + "VM_NAME={{user `vm_name`}}", + "HTTP_PROXY={{user `HTTP_PROXY`}}", + "HTTPS_PROXY={{user `HTTPS_PROXY`}}", + "http_proxy={{user `http_proxy`}}", + "https_proxy={{user `https_proxy`}}", + "ROOT_PASSWORD={{user `root_password`}}" + ] + } + ], + "post-processors": [ + { + "type": "shell-local", + "inline": [ "sleep 5","qemu-img convert -O qcow2 -c {{ template_dir }}/../../../images/alpine/{{ user `al_version` }}/{{ user `al_flavour` }}/{{ build_name }}-{{ isotime \"20060102\" }}.img {{ template_dir }}/../../../images/alpine/{{ user `al_version` }}/{{ user `al_flavour` }}/{{ user `al_flavour` }}-{{ user `al_version` }}.img" , + "rm -rf {{ template_dir }}/../../../images/alpine/{{ user `al_version` }}/{{ user `al_flavour` }}/{{ build_name }}-{{ isotime \"20060102\" }}.img" ] + } + ] +} diff --git a/packer/recipes/alpine/3.12/virt.json b/packer/recipes/alpine/3.12/virt.json new file mode 100644 index 0000000..068f95d --- /dev/null +++ b/packer/recipes/alpine/3.12/virt.json @@ -0,0 +1,94 @@ +{ + "variables": { + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "headless": "true", + "provisionning_dir": "{{ template_dir }}/../../../provisioning", + "alpine_provisionning": "{{ user `provisionning_dir`}}/alpine", + "root_password": "cadoles", + "al_flavour": "alpine-virt", + "al_mirror": "http://dl-cdn.alpinelinux.org/alpine", + "al_release": "3.12.0", + "al_version": "3.12", + "disk_size": "10240", + "vm_name": "alpine-312" + }, + "builders": [ + { + "accelerator": "kvm", + "boot_command": [ + "root", + "", + "passwdcadolescadoles", + "setup-interfaces", + "ifup eth0", + "setup-sshd", + "", + "echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config", + "rc-service sshd stop", + "rc-service sshd start", + "" + ], + "boot_wait": "5s", + "disk_compression": false, + "disk_size": "{{user `disk_size`}}", + "format": "qcow2", + "headless": "{{user `headless`}}", + "http_directory": "{{ template_dir }}", + "iso_checksum": "file:{{ user `alpine_provisionning` }}/sums/{{ user `al_flavour` }}-{{ user `al_release` }}-x86_64.iso.sha256", + "iso_url": "{{ user `al_mirror` }}/v{{ user `al_version` }}/releases/x86_64/{{ user `al_flavour` }}-{{ user `al_release` }}-x86_64.iso", + "name": "{{ user `vm_name` }}", + "output_directory": "{{ template_dir }}/../../../images/alpine/{{user `al_version`}}/{{ user `al_flavour` }}", + "skip_compaction": true, + "ssh_password": "{{user `root_password`}}", + "ssh_timeout": "20m", + "ssh_username": "root", + "type": "qemu", + "vm_name": "{{ build_name }}-{{ isotime \"20060102\" }}.img" + } + ], + "provisioners": [ + { + "environment_vars": [ + "VM_NAME={{user `vm_name`}}", + "HTTP_PROXY={{user `HTTP_PROXY`}}", + "HTTPS_PROXY={{user `HTTPS_PROXY`}}", + "http_proxy={{user `http_proxy`}}", + "https_proxy={{user `https_proxy`}}", + "ROOT_PASSWORD={{user `root_password`}}" + ], + "expect_disconnect": true, + "script": "{{ user `alpine_provisionning` }}/setup-alpine.sh", + "type": "shell" + }, + { + "environment_vars": [ + "VM_NAME={{user `vm_name`}}", + "HTTP_PROXY={{user `HTTP_PROXY`}}", + "HTTPS_PROXY={{user `HTTPS_PROXY`}}", + "http_proxy={{user `http_proxy`}}", + "https_proxy={{user `https_proxy`}}", + "ROOT_PASSWORD={{user `root_password`}}" + ], + "pause_before": "30s", + "scripts": [ + "{{ user `alpine_provisionning` }}/configure-onecontext.sh", + "{{ user `alpine_provisionning` }}/finalize.sh" + ], + "type": "shell" + } + ], + "post-processors": [ + { + "inline": [ + "sleep 5", + "qemu-img convert -O qcow2 -c {{ template_dir }}/../../../images/alpine/{{ user `al_version` }}/{{ user `al_flavour` }}/{{ build_name }}-{{ isotime \"20060102\" }}.img {{ template_dir }}/../../../images/alpine/{{ user `al_version` }}/{{ user `al_flavour` }}/{{ user `al_flavour` }}-{{ user `al_version` }}.img", + "rm -rf {{ template_dir }}/../../../images/alpine/{{ user `al_version` }}/{{ user `al_flavour` }}/{{ build_name }}-{{ isotime \"20060102\" }}.img" + ], + "type": "shell-local" + } + ] +} + diff --git a/packer/recipes/eole/2.7.2/amon.json b/packer/recipes/eole/2.7.2/amon.json new file mode 100644 index 0000000..5d33b1a --- /dev/null +++ b/packer/recipes/eole/2.7.2/amon.json @@ -0,0 +1,85 @@ +{ + "variables": { + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "provisionning_dir": "{{ template_dir }}/../../../provisioning", + "eole_provisionning": "{{ user `provisionning_dir`}}/eole", + "eole_playbooks": "{{ user `provisionning_dir` }}/playbooks/eole", + "module_name": "amon", + "ubuntu_version": "18.04", + "eole_version": "2.7.2", + "vm_name": "amon-2.7.2", + "image_size": "40960", + "output_dir": "{{ template_dir }}/../../../images/eole/2.7.2/{{ user `module_name` }}", + "image_name": "{{ user `vm_name` }}-{{ isotime \"20060102\" }}" + }, + "builders": [ + { + "name": "{{ user `vm_name` }}", + "type": "qemu", + "iso_url": "{{ template_dir }}/../../../images/eole/{{user `eole_version`}}/eolebase/eolebase-{{ user `eole_version` }}.img", + "iso_checksum": "none", + "disk_image": true, + "format": "qcow2", + "disk_size": "{{ user `image_size` }}", + "ssh_username": "root", + "ssh_password": "cadoles", + "http_directory": "{{ template_dir }}", + "accelerator": "kvm", + "net_device": "virtio-net", + "disk_interface": "virtio", + "ssh_wait_timeout": "5m", + "boot_wait": "5s", + "output_directory": "{{ user `output_dir` }}", + "vm_name": "{{ user `image_name` }}.img", + "headless": true, + "qemuargs": [ + [ + "-m", + "2048" + ] + ] + } + ], + "provisioners": [ + { + "type": "ansible", + "playbook_file": "{{ user `eole_playbooks` }}/partitions.yml", + "ansible_env_vars": [ + "VM_NAME={{ user `vm_name` }}", + "HTTP_PROXY={{ user `HTTP_PROXY` }}", + "HTTPS_PROXY={{ user `HTTPS_PROXY` }}", + "http_proxy={{ user `http_proxy` }}", + "https_proxy={{ user `https_proxy` }}", + "vgname=main", + "lvnames=var", + "lvsizes=80%FREE", + "lvfssys=ext4", + "lvmntps=/var" + ] + }, + { + "type": "shell", + "inline": [ "reboot" ], + "expect_disconnect": true + }, + { + "type": "ansible", + "playbook_file": "{{ user `eole_playbooks` }}/{{ user `module_name` }}.yml", + "extra_arguments": [ "--extra-vars", "VM_NAME={{ user `vm_name` }} HTTP_PROXY={{ user `HTTP_PROXY` }} HTTPS_PROXY={{ user `HTTPS_PROXY` }} http_proxy={{ user `http_proxy` }} https_proxy={{ user `https_proxy` }}"] + } + ], + "post-processors": [ + { + "type": "shell-local", + "inline": [ + "sleep 5", + "qemu-img convert -O qcow2 -c {{ user `output_dir` }}/{{ user `image_name` }}.img {{ user `output_dir` }}/{{ user `vm_name` }}.img", + "rm -rf {{ user `output_dir` }}/{{ user `image_name` }}.img" + ] + } + ] +} + diff --git a/packer/recipes/eole/2.7.2/eolebase.json b/packer/recipes/eole/2.7.2/eolebase.json new file mode 100644 index 0000000..1a2ba72 --- /dev/null +++ b/packer/recipes/eole/2.7.2/eolebase.json @@ -0,0 +1,89 @@ +{ + "variables": { + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "provisionning_dir": "{{ template_dir }}/../../../provisioning", + "eole_provisionning": "{{ user `provisionning_dir`}}/eole", + "eole_playbooks": "{{ user `provisionning_dir` }}/playbooks/eole", + "module_name": "eolebase", + "ubuntu_version": "18.04", + "eole_version": "2.7.2", + "vm_name": "eolebase-2.7.2", + "image_size": "10240", + "output_dir": "{{ template_dir }}/../../../images/eole/2.7.2/{{ user `module_name` }}", + "image_name": "{{ user `vm_name` }}-{{ isotime \"20060102\" }}" + }, + "builders": [ + { + "name": "{{ user `vm_name` }}", + "type": "qemu", + "iso_url": "{{ template_dir }}/../../../images/ubuntu/{{user `ubuntu_version`}}/ubuntu-{{ user `ubuntu_version` }}.img", + "iso_checksum": "none", + "disk_image": true, + "format": "qcow2", + "disk_size": "{{ user `image_size` }}", + "ssh_username": "root", + "ssh_password": "cadoles", + "http_directory": "{{ template_dir }}", + "accelerator": "kvm", + "net_device": "virtio-net", + "disk_interface": "virtio", + "ssh_wait_timeout": "5m", + "boot_wait": "5s", + "output_directory": "{{ user `output_dir` }}", + "vm_name": "{{ user `image_name` }}.img", + "headless": true, + "qemuargs": [ + [ + "-m", + "2048" + ] + ] + } + ], + "provisioners": [ + { + "type": "file", + "source": "{{ user `eole_provisionning` }}/onecontext/net-99-eole", + "destination": "/root/net-99-eole" + }, + { + "type": "file", + "source": "{{ user `eole_provisionning` }}/{{ user `eole_version` }}/modif/00-eole.yaml", + "destination": "/root/00-eole.yaml" + }, + { + "type": "file", + "source": "{{ user `eole_provisionning` }}/{{ user `eole_version` }}/netplan/01-netcfg.yaml", + "destination": "/etc/netplan/01-netcfg.yaml" + }, + { + "type":"file", + "source":"{{user `provisionning_dir` }}/ssl", + "destination":"/usr/local/share/ca-certificates/rapidssl" + }, + { + "type": "ansible", + "playbook_file": "{{user `eole_playbooks`}}/eole.yml", + "extra_arguments": [ "-vvvv", "--extra-vars", "VM_NAME={{ user `vm_name` }} HTTP_PROXY={{ user `HTTP_PROXY` }} HTTPS_PROXY={{ user `HTTPS_PROXY` }} http_proxy={{ user `http_proxy` }} https_proxy={{ user `https_proxy` }}"] + }, + { + "type":"ansible", + "playbook_file":"{{ user `eole_playbooks` }}/provision.yml", + "extra_arguments": [ "--extra-vars", "VM_NAME={{ user `vm_name` }} HTTP_PROXY={{ user `HTTP_PROXY` }} HTTPS_PROXY={{ user `HTTPS_PROXY` }} http_proxy={{ user `http_proxy` }} https_proxy={{ user `https_proxy` }}"] + } + ], + "post-processors": [ + { + "type": "shell-local", + "inline": [ + "sleep 5", + "qemu-img convert -O qcow2 -c {{ user `output_dir` }}/{{ user `image_name` }}.img {{ user `output_dir` }}/{{ user `vm_name` }}.img", + "rm -rf {{ user `output_dir` }}/{{ user `image_name` }}.img" + ] + } + ] +} + diff --git a/packer/recipes/eole/2.7.2/lemonldap.json b/packer/recipes/eole/2.7.2/lemonldap.json new file mode 100644 index 0000000..2d2276b --- /dev/null +++ b/packer/recipes/eole/2.7.2/lemonldap.json @@ -0,0 +1,92 @@ +{ + "variables": { + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "provisionning_dir": "{{ template_dir }}/../../../provisioning", + "eole_provisionning": "{{ user `provisionning_dir`}}/eole", + "eole_playbooks": "{{ user `provisionning_dir` }}/playbooks/eole", + "module_name": "lemonldap", + "ubuntu_version": "18.04", + "eole_version": "2.7.2", + "vm_name": "lemonldap-2.7.2", + "image_size": "20480", + "output_dir": "{{ template_dir }}/../../../images/eole/2.7.2/{{ user `module_name` }}", + "image_name": "{{ user `vm_name` }}-{{ isotime \"20060102\" }}" + }, + "builders": [ + { + "name": "{{ user `vm_name` }}", + "type": "qemu", + "iso_url": "{{ template_dir }}/../../../images/eole/{{user `eole_version`}}/eolebase/eolebase-{{ user `eole_version` }}.img", + "iso_checksum": "none", + "disk_image": true, + "format": "qcow2", + "disk_size": "{{ user `image_size` }}", + "ssh_username": "root", + "ssh_password": "cadoles", + "http_directory": "{{ template_dir }}", + "accelerator": "kvm", + "net_device": "virtio-net", + "disk_interface": "virtio", + "ssh_wait_timeout": "5m", + "boot_wait": "5s", + "output_directory": "{{ user `output_dir` }}", + "vm_name": "{{ user `image_name` }}.img", + "headless": true, + "qemuargs": [ + [ + "-m", + "2048" + ] + ] + } + ], + "provisioners": [ + { + "type": "ansible", + "playbook_file": "{{ user `eole_playbooks` }}/partitions.yml", + "ansible_env_vars": [ + "VM_NAME={{ user `vm_name` }}", + "HTTP_PROXY={{ user `HTTP_PROXY` }}", + "HTTPS_PROXY={{ user `HTTPS_PROXY` }}", + "http_proxy={{ user `http_proxy` }}", + "https_proxy={{ user `https_proxy` }}", + "vgname=main", + "lvnames=var", + "lvsizes=80%FREE", + "lvfssys=ext4", + "lvmntps=/var" + ] + }, + { + "type": "shell", + "inline": [ "reboot" ], + "expect_disconnect": true + }, + { + "type": "ansible", + "playbook_file": "{{ user `eole_playbooks` }}/{{ user `module_name` }}.yml", + "extra_arguments": [ "--extra-vars", "VM_NAME={{ user `vm_name` }} HTTP_PROXY={{ user `HTTP_PROXY` }} HTTPS_PROXY={{ user `HTTPS_PROXY` }} http_proxy={{ user `http_proxy` }} https_proxy={{ user `https_proxy` }}"] + } + ], + "post-processors": [ + { + "type": "shell-local", + "inline": [ + "sleep 5", + "qemu-img convert -O qcow2 -c {{ user `output_dir` }}/{{ user `image_name` }}.img {{ user `output_dir` }}/{{ user `vm_name` }}.img", + "rm -rf {{ user `output_dir` }}/{{ user `image_name` }}.img" + ] + }, + { + "type": "shell-local", + "inline": [ + "sleep 5", + "qemu-img convert -O vdi {{ user `output_dir` }}/{{ user `vm_name` }}.img {{ user `output_dir` }}/{{ user `vm_name` }}.vdi" + ] + } + ] +} + diff --git a/packer/recipes/eole/2.7.2/minio.json b/packer/recipes/eole/2.7.2/minio.json new file mode 100644 index 0000000..5a4c8d6 --- /dev/null +++ b/packer/recipes/eole/2.7.2/minio.json @@ -0,0 +1,92 @@ +{ + "variables": { + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "provisionning_dir": "{{ template_dir }}/../../../provisioning", + "eole_provisionning": "{{ user `provisionning_dir`}}/eole", + "eole_playbooks": "{{ user `provisionning_dir` }}/playbooks/eole", + "module_name": "minio", + "ubuntu_version": "18.04", + "eole_version": "2.7.2", + "vm_name": "minio-2.7.2", + "image_size": "102400", + "output_dir": "{{ template_dir }}/../../../images/eole/2.7.2/{{ user `module_name` }}", + "image_name": "{{ user `vm_name` }}-{{ isotime \"20060102\" }}" + }, + "builders": [ + { + "name": "{{ user `vm_name` }}", + "type": "qemu", + "iso_url": "{{ template_dir }}/../../../images/eole/{{user `eole_version`}}/eolebase/eolebase-{{ user `eole_version` }}.img", + "iso_checksum": "none", + "disk_image": true, + "format": "qcow2", + "disk_size": "{{ user `image_size` }}", + "ssh_username": "root", + "ssh_password": "cadoles", + "http_directory": "{{ template_dir }}", + "accelerator": "kvm", + "net_device": "virtio-net", + "disk_interface": "virtio", + "ssh_wait_timeout": "5m", + "boot_wait": "5s", + "output_directory": "{{ user `output_dir` }}", + "vm_name": "{{ user `image_name` }}.img", + "headless": true, + "qemuargs": [ + [ + "-m", + "2048" + ] + ] + } + ], + "provisioners": [ + { + "type": "ansible", + "playbook_file": "{{ user `eole_playbooks` }}/partitions.yml", + "ansible_env_vars": [ + "VM_NAME={{ user `vm_name` }}", + "HTTP_PROXY={{ user `HTTP_PROXY` }}", + "HTTPS_PROXY={{ user `HTTPS_PROXY` }}", + "http_proxy={{ user `http_proxy` }}", + "https_proxy={{ user `https_proxy` }}", + "vgname=main", + "lvnames=ds1 ds2 ds3 ds4 ds5 ds6 ds7 ds8", + "lvsizes=10G 10G 10G 10G 10G 10G 10G 10G", + "lvfssys=ext4 ext4 ext4 ext4 ext4 ext4 ext4 ext4", + "lvmntps=/srv/ds1 /srv/ds2 /srv/ds3 /srv/ds4 /srv/ds5 /srv/ds6 /srv/ds7 /srv/ds8" + ] + }, + { + "type": "shell", + "inline": [ "reboot" ], + "expect_disconnect": true + }, + { + "type": "ansible", + "playbook_file": "{{ user `eole_playbooks` }}/{{ user `module_name` }}.yml", + "extra_arguments": [ "--extra-vars", "VM_NAME={{ user `vm_name` }} HTTP_PROXY={{ user `HTTP_PROXY` }} HTTPS_PROXY={{ user `HTTPS_PROXY` }} http_proxy={{ user `http_proxy` }} https_proxy={{ user `https_proxy` }}"] + } + ], + "post-processors": [ + { + "type": "shell-local", + "inline": [ + "sleep 5", + "qemu-img convert -O qcow2 -c {{ user `output_dir` }}/{{ user `image_name` }}.img {{ user `output_dir` }}/{{ user `vm_name` }}.img", + "rm -rf {{ user `output_dir` }}/{{ user `image_name` }}.img" + ] + }, + { + "type": "shell-local", + "inline": [ + "sleep 5", + "qemu-img convert -O vdi {{ user `output_dir` }}/{{ user `vm_name` }}.img {{ user `output_dir` }}/{{ user `vm_name` }}.vdi" + ] + } + ] +} + diff --git a/packer/recipes/eole/2.7.2/preseed.cfg b/packer/recipes/eole/2.7.2/preseed.cfg new file mode 100644 index 0000000..a6f9883 --- /dev/null +++ b/packer/recipes/eole/2.7.2/preseed.cfg @@ -0,0 +1,4 @@ +openssh-server/permit-root-login boolean true + +d-i preseed/late_command string in-target /bin/bash -c "chpasswd -c SHA512 <<<'root:cadoles'" +d-i preseed/late_command string in-target /bin/bash -c "sed -i 's/^#PermitRootLogin.*\$/PermitRootLogin yes/g' /etc/ssh/sshd_config"; diff --git a/packer/recipes/eole/2.7.2/provision.sh b/packer/recipes/eole/2.7.2/provision.sh new file mode 100644 index 0000000..5e7cde1 --- /dev/null +++ b/packer/recipes/eole/2.7.2/provision.sh @@ -0,0 +1,76 @@ +#!/bin/bash -e + +set -xeo pipefail + +export DEBIAN_FRONTEND=noninteractive + +# Download OpenNebula context package +ONE_CONTEXT_VERSION=5.8.0 +ONE_CONTEXT_BUILD_SUFFIX=-1 +ONE_CONTEXT_SHASUM=cfcc8aa2e51396935e8d2a507f996838201515b5 +ONE_CONTEXT_URL="https://github.com/OpenNebula/addon-context-linux/releases/download/v${ONE_CONTEXT_VERSION}/one-context_${ONE_CONTEXT_VERSION}${ONE_CONTEXT_BUILD_SUFFIX}.deb" +ONE_CONTEXT_PACKAGE_DEST=/tmp/one-context.deb + +wget -O- "${ONE_CONTEXT_URL}" > "${ONE_CONTEXT_PACKAGE_DEST}" +echo "${ONE_CONTEXT_SHASUM} ${ONE_CONTEXT_PACKAGE_DEST}" | shasum -c + +# Purge cloud-init +#apt-get purge -y cloud-init + +# Install onecontext +Query-Auto +dpkg -i "${ONE_CONTEXT_PACKAGE_DEST}" || apt-get install -fy + +# Ajout script de compat contextualisation OpenNebula/EOLE +apt-get install -y jq +mv /root/net-99-eole /etc/one-context.d/net-99-eole +chmod +x /etc/one-context.d/net-99-eole + +# Allow TCP Forwarding to ease GenConfig usage +sed 's/^AllowTcpForwarding.*$/AllowTcpForwarding yes/' /usr/share/eole/creole/distrib/sshd_config > /usr/share/eole/creole/modif/sshd_config + +# Ajout patch configuration DHCPv6 +mv /root/00-eole.yaml /usr/share/eole/creole/modif/00-eole.yaml + +gen_patch + +# Update hostname +hostnamectl set-hostname "${VM_NAME}" + +# Disable root login with password +# sed -i 's/^PermitRootLogin.*$/PermitRootLogin without-password/' /etc/ssh/sshd_config + +# Cleanup +rm -f "${ONE_CONTEXT_PACKAGE_DEST}" +apt-get -y clean + +# Update image with latest packages +Maj-Auto -i + +# Clean all apt cache +apt clean + +# TEMP Prevent EOLE 2.7.0 fucking bugs +systemctl disable gpm # Allow fucking login in VNC + +# Disable nut-(driver|monitor) +systemctl mask nut-driver +systemctl disable nut-monitor + +# Disable IPv6 to allow the VM to fucking boot +sed -i 's/^GRUB_CMDLINE_LINUX_DEFAULT=.*$/GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1"/' /etc/default/grub +update-grub + +# TRIM command to reduce disk size +fstrim -av + +# Zero out the disk (could be very long) +set +e +FILE=/mytempfile +dd if=/dev/zero of=${FILE} +rm -rf ${FILE} +sync +set -e + +# Force sync +sync diff --git a/packer/recipes/eole/2.7.2/seth.json b/packer/recipes/eole/2.7.2/seth.json new file mode 100644 index 0000000..dcfacdc --- /dev/null +++ b/packer/recipes/eole/2.7.2/seth.json @@ -0,0 +1,85 @@ +{ + "variables": { + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "provisionning_dir": "{{ template_dir }}/../../../provisioning", + "eole_provisionning": "{{ user `provisionning_dir`}}/eole", + "eole_playbooks": "{{ user `provisionning_dir` }}/playbooks/eole", + "module_name": "seth", + "ubuntu_version": "18.04", + "eole_version": "2.7.2", + "vm_name": "seth-2.7.2", + "image_size": "51200", + "output_dir": "{{ template_dir }}/../../../images/eole/2.7.2/{{ user `module_name` }}", + "image_name": "{{ user `vm_name` }}-{{ isotime \"20060102\" }}" + }, + "builders": [ + { + "name": "{{ user `vm_name` }}", + "type": "qemu", + "iso_url": "{{ template_dir }}/../../../images/eole/{{user `eole_version`}}/eolebase/eolebase-{{ user `eole_version` }}.img", + "iso_checksum": "none", + "disk_image": true, + "format": "qcow2", + "disk_size": "{{ user `image_size` }}", + "ssh_username": "root", + "ssh_password": "cadoles", + "http_directory": "{{ template_dir }}", + "accelerator": "kvm", + "net_device": "virtio-net", + "disk_interface": "virtio", + "ssh_wait_timeout": "5m", + "boot_wait": "5s", + "output_directory": "{{ user `output_dir` }}", + "vm_name": "{{ user `image_name` }}.img", + "headless": true, + "qemuargs": [ + [ + "-m", + "2048" + ] + ] + } + ], + "provisioners": [ + { + "type": "ansible", + "playbook_file": "{{ user `eole_playbooks` }}/partitions.yml", + "ansible_env_vars": [ + "VM_NAME={{ user `vm_name` }}", + "HTTP_PROXY={{ user `HTTP_PROXY` }}", + "HTTPS_PROXY={{ user `HTTPS_PROXY` }}", + "http_proxy={{ user `http_proxy` }}", + "https_proxy={{ user `https_proxy` }}", + "vgname=main", + "lvnames=home var tmp", + "lvsizes=80%FREE 90%FREE 100%FREE", + "lvfssys=ext4 ext4 ext4", + "lvmntps=/home /var /tmp" + ] + }, + { + "type": "shell", + "inline": [ "reboot" ], + "expect_disconnect": true + }, + { + "type": "ansible", + "playbook_file": "{{ user `eole_playbooks` }}/{{ user `module_name` }}.yml", + "extra_arguments": [ "--extra-vars", "VM_NAME={{ user `vm_name` }} HTTP_PROXY={{ user `HTTP_PROXY` }} HTTPS_PROXY={{ user `HTTPS_PROXY` }} http_proxy={{ user `http_proxy` }} https_proxy={{ user `https_proxy` }}"] + } + ], + "post-processors": [ + { + "type": "shell-local", + "inline": [ + "sleep 5", + "qemu-img convert -O qcow2 -c {{ user `output_dir` }}/{{ user `image_name` }}.img {{ user `output_dir` }}/{{ user `vm_name` }}.img", + "rm -rf {{ user `output_dir` }}/{{ user `image_name` }}.img" + ] + } + ] +} + diff --git a/packer/recipes/eole/2.7.2/tenjin.json b/packer/recipes/eole/2.7.2/tenjin.json new file mode 100644 index 0000000..81f5882 --- /dev/null +++ b/packer/recipes/eole/2.7.2/tenjin.json @@ -0,0 +1,92 @@ +{ + "variables": { + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "provisionning_dir": "{{ template_dir }}/../../../provisioning", + "eole_provisionning": "{{ user `provisionning_dir`}}/eole", + "eole_playbooks": "{{ user `provisionning_dir` }}/playbooks/eole", + "module_name": "tenjin", + "ubuntu_version": "18.04", + "eole_version": "2.7.2", + "vm_name": "tenjin-2.7.2", + "image_size": "100G", + "output_dir": "{{ template_dir }}/../../../images/eole/2.7.2/{{ user `module_name` }}", + "image_name": "{{ user `vm_name` }}-{{ isotime \"20060102\" }}" + }, + "builders": [ + { + "name": "{{ user `vm_name` }}", + "type": "qemu", + "iso_url": "{{ template_dir }}/../../../images/eole/{{user `eole_version`}}/eolebase/eolebase-{{ user `eole_version` }}.img", + "iso_checksum": "none", + "disk_image": true, + "format": "qcow2", + "disk_size": "{{ user `image_size` }}", + "ssh_username": "root", + "ssh_password": "cadoles", + "http_directory": "{{ template_dir }}", + "accelerator": "kvm", + "net_device": "virtio-net", + "disk_interface": "virtio", + "ssh_wait_timeout": "5m", + "boot_wait": "5s", + "output_directory": "{{ user `output_dir` }}", + "vm_name": "{{ user `image_name` }}.img", + "headless": true, + "qemuargs": [ + [ + "-m", + "2048" + ] + ] + } + ], + "provisioners": [ + { + "type": "ansible", + "playbook_file": "{{ user `eole_playbooks` }}/partitions.yml", + "ansible_env_vars": [ + "VM_NAME={{ user `vm_name` }}", + "HTTP_PROXY={{ user `HTTP_PROXY` }}", + "HTTPS_PROXY={{ user `HTTPS_PROXY` }}", + "http_proxy={{ user `http_proxy` }}", + "https_proxy={{ user `https_proxy` }}", + "vgname=main", + "lvnames=var home", + "lvsizes=10%FREE 90%FREE", + "lvfssys=ext4 ext4", + "lvmntps=/var /home" + ] + }, + { + "type": "shell", + "inline": [ "reboot" ], + "expect_disconnect": true + }, + { + "type": "ansible", + "playbook_file": "{{ user `eole_playbooks` }}/{{ user `module_name` }}.yml", + "extra_arguments": [ "--extra-vars", "VM_NAME={{ user `vm_name` }} HTTP_PROXY={{ user `HTTP_PROXY` }} HTTPS_PROXY={{ user `HTTPS_PROXY` }} http_proxy={{ user `http_proxy` }} https_proxy={{ user `https_proxy` }}"] + } + ], + "post-processors": [ + { + "type": "shell-local", + "inline": [ + "sleep 5", + "qemu-img convert -O qcow2 -c {{ user `output_dir` }}/{{ user `image_name` }}.img {{ user `output_dir` }}/{{ user `vm_name` }}.img", + "rm -rf {{ user `output_dir` }}/{{ user `image_name` }}.img" + ] + }, + { + "type": "shell-local", + "inline": [ + "sleep 5", + "qemu-img convert -O vdi {{ user `output_dir` }}/{{ user `vm_name` }}.img {{ user `output_dir` }}/{{ user `vm_name` }}.vdi" + ] + } + ] +} + diff --git a/packer/recipes/eole/2.7.2/zephir.json b/packer/recipes/eole/2.7.2/zephir.json new file mode 100644 index 0000000..2658ff8 --- /dev/null +++ b/packer/recipes/eole/2.7.2/zephir.json @@ -0,0 +1,86 @@ +{ + "variables": { + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "provisionning_dir": "{{ template_dir }}/../../../provisioning", + "eole_provisionning": "{{ user `provisionning_dir`}}/eole", + "eole_playbooks": "{{ user `provisionning_dir` }}/playbooks/eole", + "module_name": "zephir", + "ubuntu_version": "18.04", + "eole_version": "2.7.2", + "vm_name": "{{ user `module_name` }}-2.7.2", + "image_size": "40960", + "output_dir": "{{ template_dir }}/../../../images/eole/2.7.2/{{ user `module_name` }}", + "image_name": "{{ user `vm_name` }}-{{ isotime \"20060102\" }}" + }, + "builders": [ + { + "name": "{{ user `vm_name` }}", + "type": "qemu", + "iso_url": "{{ template_dir }}/../../../images/eole/{{user `eole_version`}}/eolebase/eolebase-{{ user `eole_version` }}.img", + "iso_checksum": "none", + "disk_image": true, + "format": "qcow2", + "disk_size": "{{ user `image_size` }}", + "ssh_username": "root", + "ssh_password": "cadoles", + "http_directory": "{{ template_dir }}", + "accelerator": "kvm", + "net_device": "virtio-net", + "disk_interface": "virtio", + "ssh_wait_timeout": "5m", + "boot_wait": "5s", + "output_directory": "{{ user `output_dir` }}", + "vm_name": "{{ user `image_name` }}.img", + "headless": true, + "qemuargs": [ + [ + "-m", + "2048" + ] + ] + } + ], + "provisioners": [ + { + "type": "ansible", + "playbook_file": "{{ user `eole_playbooks` }}/partitions.yml", + "ansible_env_vars": [ + "VM_NAME={{ user `vm_name` }}", + "HTTP_PROXY={{ user `HTTP_PROXY` }}", + "HTTPS_PROXY={{ user `HTTPS_PROXY` }}", + "http_proxy={{ user `http_proxy` }}", + "https_proxy={{ user `https_proxy` }}", + "vgname=main", + "lvnames=home var", + "lvsizes=5%FREE 80%FREE", + "lvfssys=ext4 ext4", + "lvmntps=/home /var" + ] + }, + { + "type": "shell", + "inline": [ "reboot" ], + "expect_disconnect": true + }, + { + "type": "ansible", + "pause_before": "45s", + "playbook_file": "{{ user `eole_playbooks` }}/{{ user `module_name` }}.yml", + "extra_arguments": [ "--extra-vars", "VM_NAME={{ user `vm_name` }} HTTP_PROXY={{ user `HTTP_PROXY` }} HTTPS_PROXY={{ user `HTTPS_PROXY` }} http_proxy={{ user `http_proxy` }} https_proxy={{ user `https_proxy` }}"] + } + ], + "post-processors": [ + { + "type": "shell-local", + "inline": [ + "sleep 5", + "qemu-img convert -O qcow2 -c {{ user `output_dir` }}/{{ user `image_name` }}.img {{ user `output_dir` }}/{{ user `vm_name` }}.img", + "rm -rf {{ user `output_dir` }}/{{ user `image_name` }}.img" + ] + } + ] +} + diff --git a/packer/recipes/infra/cadoles.com/production/sso.json b/packer/recipes/infra/cadoles.com/production/sso.json new file mode 100644 index 0000000..1bae1c6 --- /dev/null +++ b/packer/recipes/infra/cadoles.com/production/sso.json @@ -0,0 +1,117 @@ +{ + "variables": { + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "domain": "{{ env `DOMAIN` }}", + "provisionning_dir": "{{ template_dir }}/../../../../provisioning", + "playbooks_dir": "{{ user `provisionning_dir` }}/playbooks", + "infra_provisionning": "{{ user `provisionning_dir`}}/infra/{{ user `domain` }}", + "infra_playbooks": "{{ user `provisionning_dir` }}/playbooks/infra/{{ user `domain` }}", + "vm_name": "{{ env `VM_NAME` }}", + "image_output_directory": "{{ template_dir }}/../../../images/infra/cadoles.com/production/{{ user `vm_name`}}/system", + "syst_image_file": "{{ user `image_output_directory` }}/{{ user `vm_name` }}.img", + "eole_module" : "eolebase", + "image_version": "0.0.1", + "eole_version" : "2.7.2" + }, + "builders": [ + { + "name": "{{ user `vm_name` }}", + "type": "qemu", + "iso_urls": "{{ template_dir }}/../../../../images/eole/{{user `eole_version`}}/{{user `eole_module`}}/{{user `eole_module`}}-{{ user `eole_version` }}.img", + "iso_checksum": "none", + "disk_image": true, + "format": "qcow2", + "cpus": "2", + "memory": "2048", + "disk_size": "20480", + "ssh_username": "root", + "ssh_password": "cadoles", + "accelerator": "kvm", + "http_directory": "{{ template_dir }}", + "ssh_wait_timeout": "20m", + "boot_wait": "15s", + "skip_compaction": true, + "headless": true, + "shutdown_command": "shutdown -P now", + "output_directory": "{{ user `image_output_directory` }}", + "vm_name": "{{ build_name }}.img" + } + ], + "provisioners": [ + { + "type": "file", + "source": "{{user `provisionning_dir`}}/ssh", + "destination": "/root/.ssh/" + }, + { + "type":"file", + "source":"{{ user `provisionning_dir` }}/../provisioning/ssl/ca/", + "destination":"/usr/local/share/ca-certificates/rapidssl" + }, + { + "type":"file", + "source":"{{ user `provisionning_dir` }}/../provisioning/ssl/certs/", + "destination":"/etc/ssl/certs/" + }, + { + "type":"file", + "source":"{{ user `provisionning_dir` }}/../provisioning/ssl/private/", + "destination":"/etc/ssl/private/" + }, + { + "type": "ansible", + "pause_before": "30s", + "playbook_file": "{{ user `playbooks_dir` }}/get_conf_from_zephir.yml", + "ansible_env_vars": [ + "zephir_server=zephir.cadoles.com", + "zephir_login=pacer", + "zephir_password=9+N7c2#vqV", + "create_server=non", + "code_rne=00004242", + "zephir_id=26", + "VM_NAME={{ user `vm_name` }}", + "HTTP_PROXY={{ user `HTTP_PROXY` }}", + "HTTPS_PROXY={{ user `HTTPS_PROXY` }}", + "http_proxy={{ user `http_proxy` }}", + "https_proxy={{ user `https_proxy` }}" + ] + }, + { + "type": "ansible", + "playbook_file": "{{ user `infra_playbooks` }}/sso.yml", + "ansible_env_vars": [ + "VM_NAME={{user `vm_name`}}", + "HTTP_PROXY={{user `HTTP_PROXY`}}", + "HTTPS_PROXY={{user `HTTPS_PROXY`}}", + "http_proxy={{user `http_proxy`}}", + "https_proxy={{user `https_proxy`}}" + ] + }, + { + "type": "ansible", + "pause_before": "10s", + "playbook_file": "{{ user `playbooks_dir` }}/instance.yml", + "ansible_env_vars": [ + "VM_NAME={{ user `vm_name` }}", + "HTTP_PROXY={{ user `HTTP_PROXY` }}", + "HTTPS_PROXY={{ user `HTTPS_PROXY` }}", + "http_proxy={{ user `http_proxy` }}", + "https_proxy={{ user `https_proxy` }}" + ] + } + ], + "post-processors": [ + { + "type": "shell-local", + "script": "{{ template_dir }}/../../../../post-processors/compress-qcow2.sh", + "execute_command": [ + "/bin/bash", + "-c", + "{{.Vars}} {{.Script}} {{ user `image_output_directory` }}/../ {{ user `vm_name` }} {{ user `image_version` }}" + ] + } + ] +} diff --git a/packer/recipes/ubuntu/18.04/http/preseed-minimal.cfg b/packer/recipes/ubuntu/18.04/http/preseed-minimal.cfg new file mode 100644 index 0000000..7aa61eb --- /dev/null +++ b/packer/recipes/ubuntu/18.04/http/preseed-minimal.cfg @@ -0,0 +1,174 @@ +### Preseed for Ubuntu 18.04 +# Derived from: https://help.ubuntu.com/lts/installation-guide/example-preseed.txt + +### Compatibility +# Tested with the netboot image: +# http://archive.ubuntu.com/ubuntu/dists/bionic/main/installer-amd64/current/images/netboot/mini.iso +# Might work with the regular image (not tested): +# http://cdimage.ubuntu.com/releases/18.04/release/ubuntu-18.04-server-amd64.iso + +### Authentication +# We recommend to use public key authentication and therefore disabled the root +# password. The build-iso.sh script will do all the hard work for you. +# +# In case you still want to use password authentication, you need to set the +# passwd/root-password-crypted variable. See below for further instructions. + +### Usage +# We recommend to use the build-iso.sh script to build an image with embedded +# preseed and other required files. In that case the preseed file gets loaded +# automatically and all additional files are available to the installer. +# +# In case you want to use a vanilla ISO image, please use the following boot +# instructions to load the preseed file (press ESC and enter in boot prompt): +# +# install auto=true priority=critical url=https://raw.githubusercontent.com/core-process/linux-unattended-installation/master/ubuntu/18.04/custom/preseed.cfg +# +# Note: you will need to adjust the "preseed/late_command" variable to match +# your environment in case you do not use the build-iso.sh script. + + +### Unattended Installation +d-i auto-install/enable boolean true +d-i debconf/priority select critical + +### Localization +d-i debian-installer/locale string fr_FR.UTF-8 +d-i localechooser/supported-locales multiselect en_US.UTF-8, fr_FR.UTF-8 +d-i console-setup/ask_detect boolean false +d-i keyboard-configuration/xkb-keymap select fr + +### Network configuration +d-i netcfg/choose_interface select auto +d-i netcfg/hostname string ubt1804 +d-i netcfg/get_hostname string ubt1804 +d-i netcfg/get_domain string cadol.es +d-i hw-detect/load_firmware boolean true + +### Mirror settings +d-i mirror/country string manual +d-i mirror/http/hostname string archive.ubuntu.com +d-i mirror/http/directory string /ubuntu +d-i mirror/http/proxy string + +### Account setup +d-i passwd/root-login boolean true +d-i passwd/root-password-crypted password $1$41q22ku0$lM57h3xPuGwoiBHD4Neqg. +d-i passwd/make-user boolean false + +# The root password is disabled by default. In case you want to use a root +# password, please generate a password with the following command +# printf "please-change-password" | mkpasswd -s -m sha-512 +# and update the passwd/root-password-crypted variable accordingly. Furthermore +# you need to remove the call to "usermod" below. + +### Normal account setup +d-i passwd/user-fullname string Cadoles User +d-i passwd/username string cadoles +d-i passwd/user-password-crypted password $1$41q22ku0$lM57h3xPuGwoiBHD4Neqg. +d-i passwd/user-uid string 1000 +d-i passwd/user-default-groups string wheel + +### Clock and time zone setup +d-i clock-setup/utc boolean true +d-i time/zone string Europe/Paris +d-i clock-setup/ntp boolean true +d-i clock-setup/ntp-server string ntp.ubuntu.com + +### Partitioning +d-i preseed/early_command string umount /media || true +d-i partman-auto/disk string /dev/vda +d-i partman-auto/method string lvm +d-i partman-auto-lvm/guided_size string max +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true +d-i partman-auto-lvm/new_vg_name string main +d-i partman-md/device_remove_md boolean true +d-i partman-md/confirm boolean true +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true +d-i partman-basicmethods/method_only boolean false + +### GPT +d-i partman-basicfilesystems/choose_label string gpt +d-i partman-basicfilesystems/default_label string gpt +d-i partman-partitioning/choose_label string gpt +d-i partman-partitioning/default_label string gpt +d-i partman/choose_label string gpt +d-i partman/default_label string gpt + +### EFI +d-i partman-efi/non_efi_system boolean true + +### Grub +d-i grub-installer/bootdev string /dev/vda +d-i grub-installer/only_debian boolean true +d-i grub-installer/with_other_os boolean true + +### Disk layout + +# Use entire disk +d-i partman-auto/expert_recipe string \ + boot-root :: \ + 1 1 1 free \ + $bios_boot{ } \ + method{ biosgrub } \ + . \ + 256 256 256 fat32 \ + $primary{ } \ + $iflabel{ gpt } \ + $reusemethod{ } \ + method{ efi } format{ } \ + mountpoint{ /boot/efi } \ + . \ + 512 512 512 ext4 \ + $primary{ } \ + $bootable{ } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ /boot } \ + . \ + 1024 102400000 1000000000 ext4 \ + $lvmok{ } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ / } \ + lv_name{ root } \ + . \ + 200% 200% 200% linux-swap \ + $lvmok{ } \ + method{ swap } format{ } \ + lv_name{ swap } \ + . + +### Base system installation +d-i base-installer/install-recommends boolean true +d-i base-installer/kernel/image string linux-generic + +### Apt setup +d-i apt-setup/restricted boolean true +d-i apt-setup/universe boolean true +d-i apt-setup/backports boolean true +d-i apt-setup/use_mirror boolean false +d-i apt-setup/services-select multiselect security, updates +d-i apt-setup/security_host string security.ubuntu.com +d-i apt-setup/security_path string /ubuntu + +### Package selection +d-i tasksel/first multiselect none +d-i pkgsel/include string openssh-server python +d-i pkgsel/upgrade select full-upgrade +d-i pkgsel/update-policy select unattended-upgrades + +### Finishing up the installation +d-i preseed/late_command string \ + in-target sh -c "sed -i '/PermitRootLogin/c PermitRootLogin yes' /etc/ssh/sshd_config"; \ + in-target sh -c 'echo "IPv4: \\\4" >> /etc/issue && echo "IPv6: \\\6" >> /etc/issue && echo "" >> /etc/issue'; +d-i debian-installer/splash boolean false +d-i cdrom-detect/eject boolean true + +### Shutdown machine +d-i finish-install/reboot_in_progress note \ No newline at end of file diff --git a/packer/recipes/ubuntu/18.04/packer.json b/packer/recipes/ubuntu/18.04/packer.json new file mode 100644 index 0000000..ea8811a --- /dev/null +++ b/packer/recipes/ubuntu/18.04/packer.json @@ -0,0 +1,70 @@ +{ + "variables": { + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "vm_name": "ubuntu-18.04", + "packer_images_output_dir": "{{ template_dir }}/../../../images/ubuntu/18.04", + "cpus": "2", + "memory": "4096", + "ubuntu_codename": "bionic", + "ubuntu_mirror": "http://archive.ubuntu.com/ubuntu/dists/", + "ssh_username": "root", + "ssh_password": "cadoles", + "preseed_file_name": "preseed-minimal.cfg", + "disk_size": "10240", + "headless": "true" + }, + + "builders": + [ + { + "name": "{{ user `vm_name` }}", + "vm_name": "{{ user `vm_name` }}.img", + "type": "qemu", + "iso_checksum": "file:{{ user `ubuntu_mirror` }}{{ user `ubuntu_codename` }}-updates/main/installer-amd64/current/images/SHA256SUMS", + "iso_urls": [ "{{ user `ubuntu_mirror` }}{{ user `ubuntu_codename` }}-updates/main/installer-amd64/current/images/netboot/mini.iso" ], + "ssh_username": "{{ user `ssh_username` }}", + "ssh_password": "{{ user `ssh_password` }}", + "ssh_wait_timeout": "60m", + "headless": "{{ user `headless` }}", + "output_directory": "{{ template_dir }}/../../../images/ubuntu/18.04", + "accelerator": "kvm", + "cpus": "{{ user `cpus` }}", + "memory": "{{user `memory`}}", + "boot_wait": "5s", + "boot_command": + [ + "", + "url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/{{ user `preseed_file_name` }} ", + "auto=true ", + "language=fr ", + "country=FR ", + "locale=fr_FR.UTF-8 ", + "method=fr ", + "net.ifnames=0 ", + "hostname={{user `vm_name` }} ", + "" + ], + "disk_size": "{{ user `disk_size` }}", + "disk_additional_size": [ "10G", "20G", "30G", "40G", "50G", "60G" ], + "http_directory": "{{template_dir}}/http" + } + ], + "provisioners": [ + { + "type": "shell", + "scripts": [ + "{{ template_dir }}/scripts/provision-minimal.sh" + ], + "environment_vars": [ + "VM_NAME={{user `vm_name`}}", + "HTTP_PROXY={{user `HTTP_PROXY`}}", + "HTTPS_PROXY={{user `HTTPS_PROXY`}}", + "http_proxy={{user `http_proxy`}}", + "https_proxy={{user `https_proxy`}}" + ] + } + ] +} diff --git a/packer/recipes/ubuntu/18.04/scripts/provision-minimal.sh b/packer/recipes/ubuntu/18.04/scripts/provision-minimal.sh new file mode 100644 index 0000000..5065bff --- /dev/null +++ b/packer/recipes/ubuntu/18.04/scripts/provision-minimal.sh @@ -0,0 +1,57 @@ + #!/bin/bash -e + +set -xeo pipefail + +# For SHASUM +apt-get -y install perl ifupdown + +# Download OpenNebula context package +ONE_CONTEXT_VERSION=5.8.0 +ONE_CONTEXT_BUILD_SUFFIX=-1 +ONE_CONTEXT_SHASUM=cfcc8aa2e51396935e8d2a507f996838201515b5 +ONE_CONTEXT_URL="https://github.com/OpenNebula/addon-context-linux/releases/download/v${ONE_CONTEXT_VERSION}/one-context_${ONE_CONTEXT_VERSION}${ONE_CONTEXT_BUILD_SUFFIX}.deb" +ONE_CONTEXT_PACKAGE_DEST=/tmp/one-context.deb + +wget -O- "${ONE_CONTEXT_URL}" > "${ONE_CONTEXT_PACKAGE_DEST}" +echo "${ONE_CONTEXT_SHASUM} ${ONE_CONTEXT_PACKAGE_DEST}" | shasum -c + +# Purge cloud-init +apt-get purge -y cloud-init perl + +# Install onecontext +dpkg -i "${ONE_CONTEXT_PACKAGE_DEST}" || apt-get install -fy + +# Update hostname +hostnamectl set-hostname "${VM_NAME}" + +# Disable root login with password +# sed -i 's/^PermitRootLogin.*$/PermitRootLogin without-password/' /etc/ssh/sshd_config + +# Run dhclient on one-context service failure +mkdir -p /etc/systemd/system/one-context.service.d +cat > /etc/systemd/system/one-context.service.d/dhclient-on-fail.conf < /etc/systemd/system/one-dhclient.service <> /etc/issue && echo "IPv6: \\\6" >> /etc/issue && echo "" >> /etc/issue'; +d-i debian-installer/splash boolean false +d-i cdrom-detect/eject boolean true + +### Shutdown machine +d-i finish-install/reboot_in_progress note diff --git a/packer/recipes/ubuntu/20.04/packer.json b/packer/recipes/ubuntu/20.04/packer.json new file mode 100644 index 0000000..b64cf7a --- /dev/null +++ b/packer/recipes/ubuntu/20.04/packer.json @@ -0,0 +1,72 @@ +{ + "variables": { + "HTTP_PROXY": "{{ env `HTTP_PROXY` }}", + "HTTPS_PROXY": "{{ env `HTTPS_PROXY` }}", + "http_proxy": "{{ env `http_proxy` }}", + "https_proxy": "{{ env `https_proxy` }}", + "packer_images_output_dir": "{{ template_dir }}/../../../images/ubuntu/20.04", + "provisionning_dir": "{{ template_dir }}/../../../provisioning", + "cpus": "2", + "memory": "4096", + "ubuntu_codename": "focal", + "ubuntu_version": "20.04", + "ubuntu_mirror": "http://archive.ubuntu.com/ubuntu/dists/", + "ssh_username": "root", + "ssh_password": "cadoles", + "preseed_file_name": "preseed-minimal.cfg", + "disk_size": "10240", + "headless": "true", + "vm_name": "ubuntu-{{ user `ubuntu_version` }}" + }, + + "builders": + [ + { + "name": "{{ user `vm_name` }}", + "vm_name": "{{ user `vm_name` }}.img", + "type": "qemu", + "iso_checksum": "file:{{ user `ubuntu_mirror` }}{{ user `ubuntu_codename` }}-updates/main/installer-amd64/current/legacy-images/SHA256SUMS", + "iso_urls": [ "{{ user `ubuntu_mirror` }}{{ user `ubuntu_codename` }}-updates/main/installer-amd64/current/legacy-images/netboot/mini.iso" ], + "ssh_username": "{{ user `ssh_username` }}", + "ssh_password": "{{ user `ssh_password` }}", + "ssh_wait_timeout": "60m", + "headless": "{{ user `headless` }}", + "output_directory": "{{ template_dir }}/../../../images/ubuntu/20.04", + "accelerator": "kvm", + "cpus": "{{ user `cpus` }}", + "memory": "{{user `memory`}}", + "boot_wait": "5s", + "boot_command": + [ + "", + "url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/{{ user `preseed_file_name` }} ", + "auto=true ", + "language=fr ", + "country=FR ", + "locale=fr_FR.UTF-8 ", + "method=fr ", + "net.ifnames=0 ", + "hostname={{user `vm_name` }} ", + "" + ], + "disk_size": "{{ user `disk_size` }}", + "disk_additional_size": [ "10G", "20G", "30G", "40G", "50G", "60G" ], + "http_directory": "{{template_dir}}/http" + } + ], + "provisioners": [ + { + "type": "shell", + "scripts": [ + "{{ user `provisionning_dir` }}/ubuntu/{{ user `ubuntu_version` }}/provision-minimal.sh" + ], + "environment_vars": [ + "VM_NAME={{user `vm_name`}}", + "HTTP_PROXY={{user `HTTP_PROXY`}}", + "HTTPS_PROXY={{user `HTTPS_PROXY`}}", + "http_proxy={{user `http_proxy`}}", + "https_proxy={{user `https_proxy`}}" + ] + } + ] +} diff --git a/packer/recipes/ubuntu/20.04/scripts/provision-minimal.sh b/packer/recipes/ubuntu/20.04/scripts/provision-minimal.sh new file mode 100644 index 0000000..5065bff --- /dev/null +++ b/packer/recipes/ubuntu/20.04/scripts/provision-minimal.sh @@ -0,0 +1,57 @@ + #!/bin/bash -e + +set -xeo pipefail + +# For SHASUM +apt-get -y install perl ifupdown + +# Download OpenNebula context package +ONE_CONTEXT_VERSION=5.8.0 +ONE_CONTEXT_BUILD_SUFFIX=-1 +ONE_CONTEXT_SHASUM=cfcc8aa2e51396935e8d2a507f996838201515b5 +ONE_CONTEXT_URL="https://github.com/OpenNebula/addon-context-linux/releases/download/v${ONE_CONTEXT_VERSION}/one-context_${ONE_CONTEXT_VERSION}${ONE_CONTEXT_BUILD_SUFFIX}.deb" +ONE_CONTEXT_PACKAGE_DEST=/tmp/one-context.deb + +wget -O- "${ONE_CONTEXT_URL}" > "${ONE_CONTEXT_PACKAGE_DEST}" +echo "${ONE_CONTEXT_SHASUM} ${ONE_CONTEXT_PACKAGE_DEST}" | shasum -c + +# Purge cloud-init +apt-get purge -y cloud-init perl + +# Install onecontext +dpkg -i "${ONE_CONTEXT_PACKAGE_DEST}" || apt-get install -fy + +# Update hostname +hostnamectl set-hostname "${VM_NAME}" + +# Disable root login with password +# sed -i 's/^PermitRootLogin.*$/PermitRootLogin without-password/' /etc/ssh/sshd_config + +# Run dhclient on one-context service failure +mkdir -p /etc/systemd/system/one-context.service.d +cat > /etc/systemd/system/one-context.service.d/dhclient-on-fail.conf < /etc/systemd/system/one-dhclient.service < + Construit l'image correspondante au template Packer donné +EOF + exit 1 +} + +[ -z "${PACKER_TEMPLATE}" ] && usage + +# Validate template +packer validate ${PACKER_TEMPLATE} +[[ $? -ne 0 ]] && exit 123 + +packer build $@ ${PACKER_TEMPLATE} diff --git a/packer/script/clean b/packer/script/clean new file mode 100755 index 0000000..954a1d3 --- /dev/null +++ b/packer/script/clean @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set -eo pipefail + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" > /dev/null && pwd )" + +rm -rf "${DIR}/../images" +rm -rf "${DIR}/../.bin" +rm -rf "${DIR}/../packer_cache" diff --git a/packer/script/install b/packer/script/install new file mode 100755 index 0000000..28d5a06 --- /dev/null +++ b/packer/script/install @@ -0,0 +1,37 @@ +#!/usr/bin/env bash + +#set -eo pipefail +set -o pipefail + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" > /dev/null && pwd )" + +sparsify=$(which virt-sparsify) +if [ $? -ne 0 ] +then + echo "!!!" + echo "!!! Warning : virt-sparsify is not present, you may encounter build issues with cadoles recipes !" + echo "!!! Please install libguestfs if you want to build cadoles production images" + echo "!!!" +fi + +# Install a local copy of packer +PACKER_VERSION=1.6.6 +PACKER_ARCH=amd64 +#PACKER_ARCHIVE_SHA256SUM=30da8dab9c526a6d15b037e2234f6f12cf3accfad77eb2c130738ec1a54cab6d +#PACKER_ARCHIVE_SHA256SUM=a678c995cb8dc232db3353881723793da5acc15857a807d96c52e96e671309d9 +PACKER_ARCHIVE_SHA256SUM=721d119fd70e38d6f2b4ccd8a39daf6b4d36bf5f7640036acafcaaa967b00c3b + +wget -O- https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_${PACKER_ARCH}.zip > packer.zip +echo "${PACKER_ARCHIVE_SHA256SUM} packer.zip" | sha256sum -c + +mkdir -p "${DIR}/../.bin" +unzip -o -d "${DIR}/../.bin" packer.zip +rm -f packer.zip + +# Cadoles Packer plugins + +# OpenNebula - Post-Processor Image Template +PLUGIN_ARCHIVE=https://forge.cadoles.com/Cadoles/packer-opennebula/releases/download/4fa5cbc782/packer-post-processor-opennebula-image-template-rev.4fa5cbc-linux-amd64.tar.gz +wget -O- "$PLUGIN_ARCHIVE" > plugin.tar.gz +tar -C "$DIR/../.bin" --strip=1 --wildcards -xzf plugin.tar.gz --wildcards packer-*/packer-post-processor-opennebula-image-template +rm -f plugin.tar.gz diff --git a/packer/script/onepublish b/packer/script/onepublish new file mode 100755 index 0000000..181522f --- /dev/null +++ b/packer/script/onepublish @@ -0,0 +1,131 @@ +#!/bin/bash + +# +# Publish builed images to OpenNebula +# Based on the work of "Julien Marchetti" from here : https://dev-eole.ac-dijon.fr/projects/packer/repository +# + +set -eo pipefail + +function help () +{ + + cat <> ${file} + echo ${cmd} ${action} ${file} + rm ${file} + + if [[ ${ENDING} == "CLEAN" ]] + then + echo "MUST CLEAN IMAGE FROM DATASTORE" + fi + + return 0 +} + +[ $# -eq 0 ] && help && exit 1 +while getopts ":hU:u:n:D:p:t:P:d:m:M:" opt; do + case $opt in + U) url="${OPTARG}" >&2 ;; + u) user="${OPTARG}" >&2 ;; + n) name="${OPTARG}" >&2 ;; + D) desc="${OPTARG}" >&2 ;; + p) path="${OPTARG}" >&2 ;; + t) itype="${OPTARG}" >&2 ;; + P) prefix="${OPTARG}" >&2 ;; + d) datastore="${OPTARG}" >&2 ;; + m) market="${OPTARG}" >&2 ;; + M) mode="${OPTARG}" >&2 ;; + \?) + echo "Invalid option : -'${OPTARG}'" >&2 + help + ;; + h) help ; exit >&2 ;; + esac +done + +[[ -z ${mode} ]] && errorMsg "Missing option -M" 2 "help" +[[ -z ${path} ]] && errorMsg "Missing option -p" 2 "help" +[[ -z ${name} ]] && name=$(basename ${path}) +[[ -z ${desc} ]] && desc="Image ${name} ..." +[[ -z ${itype} ]] && itype="OS" +[[ -z ${prefix} ]] && prefix="vd" +[[ -z ${driver} ]] && driver="qcow2" +[[ -z ${url} ]] && url="http://127.0.0.1:2633/XMLRPC2" + +case ${mode} in + all) + marketPush "KEEP" + ;; + datastore) datastorePush ;; + market) + marketPush "CLEAN" ;; +esac diff --git a/packer/script/run b/packer/script/run new file mode 100755 index 0000000..9ef78d3 --- /dev/null +++ b/packer/script/run @@ -0,0 +1,55 @@ +#!/usr/bin/env bash + +set -eo pipefail + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" > /dev/null && pwd )" +ORIG_DISK_IMAGE=$1 + +function usage { + cat< + Éxecute l'image disque donnée avec Qemu +EOF + exit 1 +} + +function find_available_port { + read lower_port upper_port < /proc/sys/net/ipv4/ip_local_port_range + while :; do + for (( port = lower_port ; port <= upper_port ; port++ )); do + (echo > /dev/tcp/0.0.0.0/$port) 2>/dev/null >/dev/null + if [ $? -ne 0 ]; then + echo $port + return + fi + done + done +} + +[ -z "$ORIG_DISK_IMAGE" ] && usage + +DISK_IMAGE_DIR="$DIR/../.run/$(dirname $ORIG_DISK_IMAGE)" +ORIG_DISK_IMAGE=$(readlink -f "$ORIG_DISK_IMAGE") +DISK_IMAGE_NAME=$(date -r "$ORIG_DISK_IMAGE" | shasum - | cut -f1 -d ' ').img +DISK_IMAGE="$DISK_IMAGE_DIR/$DISK_IMAGE_NAME" + +if [ -f "$DISK_IMAGE" ]; then + echo "Using existing qcow2 image '$DISK_IMAGE'..." +else + mkdir -p "$(dirname $DISK_IMAGE)" + rm -f "$DISK_IMAGE_DIR"/*.img + cd "$(dirname $DISK_IMAGE)" + echo "Generating qcow2 image '$DISK_IMAGE'..." + qemu-img create -f qcow2 -b "$ORIG_DISK_IMAGE" "$(basename $DISK_IMAGE)" + cd - +fi + +SSH_PORT=$(find_available_port) +echo "Starting VM... SSH will be available on '127.0.0.1:${SSH_PORT}'" + +qemu-system-x86_64 -boot once=d \ + -device virtio-net,netdev=user.0 \ + -m 1024M -machine type=pc,accel=kvm \ + -display sdl \ + -hda "${DISK_IMAGE}" \ + -netdev user,id=user.0,hostfwd=tcp::${SSH_PORT}-:22 diff --git a/packer/targets/alpine.mk b/packer/targets/alpine.mk new file mode 100644 index 0000000..72fd0d4 --- /dev/null +++ b/packer/targets/alpine.mk @@ -0,0 +1,27 @@ +# Images Alpine +ALPINE_DEPS=images/alpine/3.10/alpine-virt/alpine-virt-3.10.img images/alpine/3.12/alpine-virt/alpine-virt-3.12.img + +build: alpine +deploy: deploy-alpine + +alpine: $(ALPINE_DEPS) +deploy-alpine: deploy-alpine-virt +deploy-alpine-virt: deploy-alpine-virt-3.10 deploy-alpine-virt-3.12 + +images/alpine/3.10/alpine-virt/alpine-virt-3.10.img: + rm -rf images/alpine/3.10/alpine-virt + script/build recipes/alpine/3.10/virt.json + +images/alpine/3.12/alpine-virt/alpine-virt-3.12.img: + rm -rf images/alpine/3.12/alpine-virt + script/build recipes/alpine/3.12/virt.json + +deploy-alpine-virt-3.10: + IMAGE_NAME=alpine-virt-3.10 \ + IMAGE_HTTP_PATH=alpine/3.10/alpine-virt/alpine-virt-3.10.img \ + script/build recipes/deploy.json + +deploy-alpine-virt-3.12: images/alpine/3.12/alpine-virt/alpine-virt-3.12.img + IMAGE_NAME=alpine-virt-3.12 \ + IMAGE_HTTP_PATH=alpine/3.12/alpine-virt/alpine-virt-3.12.img \ + script/build recipes/deploy.json diff --git a/packer/targets/eole-2.7.2.mk b/packer/targets/eole-2.7.2.mk new file mode 100644 index 0000000..addae4b --- /dev/null +++ b/packer/targets/eole-2.7.2.mk @@ -0,0 +1,54 @@ +# Images EOLE 2.7.2 +EOLE_2.7.2_DEPS=images/eole/2.7.2/eolebase/eolebase-2.7.2.img +AMON_2.7.2_DEPS=images/eole/2.7.2/amon/amon-2.7.2.img +SETH_2.7.2_DEPS=images/eole/2.7.2/seth/seth-2.7.2.img +MINIO_2.7.2_DEPS=images/eole/2.7.2/minio/minio-2.7.2.img +LEMON_2.7.2_DEPS=images/eole/2.7.2/lemonldap/lemonldap-2.7.2.img +TENJIN_2.7.2_DEPS=images/eole/2.7.2/tenjin/tenjin-2.7.2.img +ZEPHIR_2.7.2_DEPS=images/eole/2.7.2/zephir/zephir-2.7.2.img +UBUNTU=images/ubuntu/18.04/ubuntu-18.04.img +EOLEBASE272=images/eole/2.7.2/eolebase/eolebase-2.7.2.img + +build: eole-2.7.2 + +eole-2.7.2: $(EOLE_2.7.2_DEPS) + +amon-2.7.2: $(AMON_2.7.2_DEPS) + +seth-2.7.2: $(SETH_2.7.2_DEPS) + +minio-2.7.2: $(MINIO_2.7.2_DEPS) + +lemonldap-2.7.2: $(LEMON_2.7.2_DEPS) + +tenjin-2.7.2: $(TENJIN_2.7.2_DEPS) + +zephir-2.7.2: $(ZEPHIR_2.7.2_DEPS) + +images/eole/2.7.2/eolebase/eolebase-2.7.2.img: $(UBUNTU) + rm -rf images/eole/2.7.2/eolebase + script/build recipes/eole/2.7.2/eolebase.json ${BUILD_OPTS} ${BUILD_OPT} + +images/eole/2.7.2/amon/amon-2.7.2.img: $(EOLEBASE272) + rm -rf images/eole/2.7.2/amon + script/build recipes/eole/2.7.2/amon.json ${BUILD_OPTS} ${BUILD_OPT} + +images/eole/2.7.2/seth/seth-2.7.2.img: $(EOLEBASE272) + rm -rf images/eole/2.7.2/seth + script/build recipes/eole/2.7.2/seth.json ${BUILD_OPTS} ${BUILD_OPT} + +images/eole/2.7.2/minio/minio-2.7.2.img: $(EOLEBASE272) + rm -rf images/eole/2.7.2/minio + script/build recipes/eole/2.7.2/minio.json ${BUILD_OPTS} ${BUILD_OPT} + +images/eole/2.7.2/lemonldap/lemonldap-2.7.2.img: $(EOLEBASE272) + rm -rf images/eole/2.7.2/lemonldap + script/build recipes/eole/2.7.2/lemonldap.json ${BUILD_OPTS} ${BUILD_OPT} + +images/eole/2.7.2/tenjin/tenjin-2.7.2.img: $(EOLEBASE272) + rm -rf images/eole/2.7.2/tenjin + script/build recipes/eole/2.7.2/tenjin.json ${BUILD_OPTS} ${BUILD_OPT} + +images/eole/2.7.2/zephir/zephir-2.7.2.img: $(EOLEBASE272) + rm -rf images/eole/2.7.2/zephir + script/build recipes/eole/2.7.2/zephir.json ${BUILD_OPTS} ${BUILD_OPT} \ No newline at end of file diff --git a/packer/targets/infra.mk b/packer/targets/infra.mk new file mode 100644 index 0000000..68bd8ad --- /dev/null +++ b/packer/targets/infra.mk @@ -0,0 +1,47 @@ + +DOMAIN ?= cadoles.com +OUTPUT_DIR = images/infra/$(DOMAIN)/production +SYSDIR = $(OUTPUT_DIR)/$*.$(DOMAIN)/system +DATADIR = $(OUTPUT_DIR)/$*.$(DOMAIN)/data +SYSSIZE ?= 10240 +DATASIZE ?= 20480 +EOLEBASE = images/eole/2.7.2/eolebase/eolebase-2.7.2.img +SETHBASE = images/eole/2.7.2/seth/seth-2.7.2.img +AMONBASE = images/eole/2.7.2/amon/amon-2.7.2.img + +PSOURCE ?= ./images/infra/$(DOMAIN)/production +PUBDIR ?= /var/www/html/market/master/ber/ +PROVDIR ?= ./recipes/provisioning/infra + +build: infra + +infra: dns.$(DOMAIN).img \ + amon.$(DOMAIN).img \ + dc.$(DOMAIN).img \ + sso.$(DOMAIN).img \ + ninegate.$(DOMAIN).img \ + limesurvey.$(DOMAIN).img \ + dokuwiki.$(DOMAIN).img \ + dolibarr.$(DOMAIN).img \ + nextcloud.$(DOMAIN).img \ + nineboard.$(DOMAIN).img \ + piwigo.$(DOMAIN).img \ + syspass.$(DOMAIN).img \ + jorani.$(DOMAIN).img + +%.$(DOMAIN): %.$(DOMAIN).img + @echo Building : $* + +%.$(DOMAIN).img: $(EOLEBASE) $(SETHBASE) $(AMONBASE) + @rm -rf $(SYSDIR) + @mkdir -p $(PROVDIR)/$*.$(DOMAIN)/eole-db + VM_NAME=$*.$(DOMAIN) DOMAIN=$(DOMAIN) SYS_DISK_SIZE=$(SYSSIZE) \ + script/build recipes/infra/$(DOMAIN)/production/$*.json ${BUILD_OPTS} ${BUILD_OPT} + +%.$(DOMAIN)-publish: + @echo cp -r $(PSOURCE)/$*.$(DOMAIN) $(PUBDIR)production/ + @cp -r $(PSOURCE)/$*.$(DOMAIN) $(PUBDIR)production/ + +ber-publish: + @echo cp -r $(PSOURCE) $(PUBDIR) + @cp -r $(PSOURCE) $(PUBDIR) diff --git a/packer/targets/services.mk b/packer/targets/services.mk new file mode 100644 index 0000000..8a71367 --- /dev/null +++ b/packer/targets/services.mk @@ -0,0 +1,34 @@ + +SDOMAIN = services +SOUTPUT_DIR = images/services +SSYSSIZE ?= 10240 +SEOLEBASE = images/eole/2.7.2/eolebase/eolebase-2.7.2.img +SALPINEBASE = images/alpine/3.12/alpine-virt/alpine-virt-3.12.img + +SPUBUSER ?= root +SPSERVER ?= hephy.service +SPSOURCE ?= ./images/cadoles/services +SPUBDIR ?= /var/www/html/market/master/cadoles/ +SPROVDIR ?= ./recipes/cadoles/production/provisioning + +build: services +deploy: deploy-services + +services: bitwarden.services.img + + +%.$(SDOMAIN): %.services.img + @echo Building : $* + +%.$(SDOMAIN).img: $(SEOLEBASE) $(SALPINEBASE) + @rm -rf $(SOUTPUT_DIR) + VM_NAME=$*.$(SDOMAIN) SYS_DISK_SIZE=$(SSYSSIZE) \ + script/build recipes/services/$*.json ${BUILD_OPTS} ${BUILD_OPT} + +%.$(SDOMAIN)-publish: + @echo scp -r $(SPSOURCE)/$*.$(SDOMAIN) $(SPUBUSER)@$(SPSERVER):$(SPUBDIR)production/ + @scp -r $(SPSOURCE)/$*.$(SDOMAIN) $(SPUBUSER)@$(SPSERVER):$(SPUBDIR)production/ + +services-publish: + @echo scp -r $(SPSOURCE) $(SPUBUSER)@$(SPSERVER):$(PUBDIR) + @scp -r $(SPSOURCE) $(SPUBUSER)@$(SPSERVER):$(SPUBDIR) diff --git a/packer/targets/ubuntu.mk b/packer/targets/ubuntu.mk new file mode 100644 index 0000000..53c92a6 --- /dev/null +++ b/packer/targets/ubuntu.mk @@ -0,0 +1,15 @@ +# Images Ubuntu +UBUNTU_DEPS=images/ubuntu/20.04/ubuntu-20.04.img images/ubuntu/18.04/ubuntu-18.04.img + +build: ubuntu +deploy: deploy-ubuntu + +ubuntu: $(UBUNTU_DEPS) + +images/ubuntu/20.04/ubuntu-20.04.img: + rm -rf images/ubuntu/20.04 + script/build recipes/ubuntu/20.04/packer.json + +images/ubuntu/18.04/ubuntu-18.04.img: + rm -rf images/ubuntu/18.04 + script/build recipes/ubuntu/18.04/packer.json \ No newline at end of file