Merge pull request 'Recette de construction de l'image "Quid" basée sur Debian 12' (#6) from feat/efs-quid into feat/first-recipes
Reviewed-on: #6
This commit is contained in:
commit
41d457ed11
|
@ -0,0 +1,2 @@
|
||||||
|
/output
|
||||||
|
/packer-manifest.json
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"ansible.python.interpreterPath": "/bin/python"
|
||||||
|
}
|
6
build
6
build
|
@ -1,5 +1,7 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -eo pipefail
|
||||||
|
|
||||||
# Simple build wrapper
|
# Simple build wrapper
|
||||||
|
|
||||||
ACTION=${1}
|
ACTION=${1}
|
||||||
|
@ -25,8 +27,8 @@ initPacker() {
|
||||||
# First the "base" image then the provisionned ones
|
# First the "base" image then the provisionned ones
|
||||||
#
|
#
|
||||||
run() {
|
run() {
|
||||||
${PACKER} build ${PACKER_OPTS} -var-file="${RCP_DIR}/${OS}/${VERSION}.pkrvars.hcl" -only="base.${BUILDER}.${OS}" "${RCP_DIR}/${OS}/."
|
${PACKER} build ${PACKER_OPTS} -on-error=abort -var-file="${RCP_DIR}/${OS}/${VERSION}.pkrvars.hcl" -only="base.*.${OS}" "${RCP_DIR}/${OS}/."
|
||||||
${PACKER} build ${PACKER_OPTS} -force -var-file="${RCP_DIR}/${OS}/${VERSION}.pkrvars.hcl" -except="base.${BUILER}.${OS}" "${RCP_DIR}/${OS}/."
|
${PACKER} build ${PACKER_OPTS} -on-error=abort -force -var-file="${RCP_DIR}/${OS}/${VERSION}.pkrvars.hcl" -except="base.*.${OS}" "${RCP_DIR}/${OS}/."
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
name = "debian"
|
||||||
|
version = "12.2.0"
|
||||||
|
short_version = "12"
|
||||||
|
code_name = "bookworm"
|
||||||
|
arch = "amd64"
|
||||||
|
source_url = "https://cdimage.debian.org/cdimage/release/12.2.0"
|
||||||
|
image_dir_name= "latest"
|
|
@ -0,0 +1,6 @@
|
||||||
|
locals {
|
||||||
|
builder_config = {
|
||||||
|
TemplateDir = "/usr/share/builder/templates"
|
||||||
|
ValueDir = "/usr/share/builder/values"
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,5 @@
|
||||||
|
locals {
|
||||||
|
Globals = {
|
||||||
|
Vars = {}
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,20 @@
|
||||||
|
# "timestamp" template function replacement
|
||||||
|
locals {
|
||||||
|
locations = {
|
||||||
|
recipes = "${path.cwd}/recipes/${var.name}"
|
||||||
|
templates = "${path.cwd}/recipes/${var.name}/templates"
|
||||||
|
provisionning = "${path.cwd}/recipes/${var.name}/provisionning"
|
||||||
|
post-processors = "${path.cwd}/recipes/${var.name}/post-processor"
|
||||||
|
tools = "${path.cwd}/tools"
|
||||||
|
}
|
||||||
|
dirs = local.locations
|
||||||
|
timestamp = regex_replace(timestamp(), "[- TZ:]", "")
|
||||||
|
output_name = "${var.name}"
|
||||||
|
source_iso = "${var.source_url}/${var.arch}/iso-cd/debian-${var.version}-${var.arch}-netinst.iso"
|
||||||
|
iso_cd_checksum = "file:${var.source_url}/${var.arch}/iso-cd/SHA256SUMS"
|
||||||
|
ssh_user = "root"
|
||||||
|
ssh_password = "toor"
|
||||||
|
disk_size = 8000
|
||||||
|
memory = 512
|
||||||
|
headless = var.headless
|
||||||
|
}
|
|
@ -0,0 +1,43 @@
|
||||||
|
#Flavour base
|
||||||
|
build {
|
||||||
|
name = "base"
|
||||||
|
description = <<EOF
|
||||||
|
This builder builds a QEMU image from a Debian cloud image.
|
||||||
|
EOF
|
||||||
|
|
||||||
|
source "vmware-iso.debian" {
|
||||||
|
output_directory = "${var.output_dir}/${var.version}/base"
|
||||||
|
vm_name = "${local.output_name}-${var.version}"
|
||||||
|
disk_size = 10240
|
||||||
|
iso_url = "${local.source_iso}"
|
||||||
|
iso_checksum = "${var.iso_cd_checksum}"
|
||||||
|
guest_os_type = "ubuntu-64"
|
||||||
|
http_content = {
|
||||||
|
"/ssh-packer-pub.key" = data.sshkey.install.public_key
|
||||||
|
"/preseed.cfg" = templatefile("${local.locations.provisionning}/${var.name}/http/preseed.cfg.pkrtpl.hcl", { data: data, var: var, local: local })
|
||||||
|
}
|
||||||
|
boot_command = [
|
||||||
|
"<esc><wait>",
|
||||||
|
"auto url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg<enter><wait10s>",
|
||||||
|
"<enter>"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
provisioner "shell" {
|
||||||
|
script = "${local.locations.provisionning}/${var.name}/${var.name}-${var.short_version}-install.sh"
|
||||||
|
}
|
||||||
|
|
||||||
|
provisioner "shell" {
|
||||||
|
script = "${local.locations.provisionning}/letsencrypt.sh"
|
||||||
|
}
|
||||||
|
|
||||||
|
post-processor "shell-local" {
|
||||||
|
inline = [
|
||||||
|
"/bin/sh ${path.cwd}/post-processors/sparsify.sh ${var.output_dir}/${var.version}/base ${var.image_version}",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
post-processor "manifest" {
|
||||||
|
keep_input_artifact = true
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,24 @@
|
||||||
|
packer {
|
||||||
|
required_plugins {
|
||||||
|
sshkey = {
|
||||||
|
version = ">= 1.0.1"
|
||||||
|
source = "github.com/ivoronin/sshkey"
|
||||||
|
}
|
||||||
|
vmware = {
|
||||||
|
version = ">= 1.0.8"
|
||||||
|
source = "github.com/hashicorp/vmware"
|
||||||
|
}
|
||||||
|
qemu = {
|
||||||
|
source = "github.com/hashicorp/qemu"
|
||||||
|
version = "~> 1"
|
||||||
|
}
|
||||||
|
ansible = {
|
||||||
|
version = "~> 1"
|
||||||
|
source = "github.com/hashicorp/ansible"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
data "sshkey" "install" {
|
||||||
|
type = "ed25519"
|
||||||
|
}
|
|
@ -0,0 +1,31 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
if [ "${#}" -ne 2 ]; then
|
||||||
|
echo Missing arguments
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
|
||||||
|
WORKDIR=${1}
|
||||||
|
VERSION=${2}
|
||||||
|
|
||||||
|
findImages() {
|
||||||
|
find ${1} -iname "*.img"
|
||||||
|
}
|
||||||
|
|
||||||
|
sleep 5
|
||||||
|
|
||||||
|
for imageName in $(findImages ${WORKDIR} ${DOMAIN}); do
|
||||||
|
if [ $(which virt-sparsify) ]; then
|
||||||
|
newName=$(echo $imageName | sed "s/.img/_${VERSION}.img/g")
|
||||||
|
virt-sparsify --compress --tmp ./ --format qcow2 ${imageName} ${newName}
|
||||||
|
if [ "${?}" -eq 0 ]; then
|
||||||
|
rm -rf ${imageName}
|
||||||
|
cd ${WORKDIR}
|
||||||
|
ln -s $(basename ${newName}) $(basename ${imageName})
|
||||||
|
echo ${newName} ${imageName}
|
||||||
|
cd -
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "Sparsify skipped 'virt-sparsify' command is missing"
|
||||||
|
fi
|
||||||
|
done
|
|
@ -0,0 +1,104 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
#
|
||||||
|
# Generate all the configuration files
|
||||||
|
# Get all the values from the VLS_DIR
|
||||||
|
# Process each template from the TPL_DIR with this values
|
||||||
|
#
|
||||||
|
|
||||||
|
ENV_FILE=${ENV_FILE:-/var/run/one-context/one_env}
|
||||||
|
TPL_DIR="/usr/share/builder/templates"
|
||||||
|
VLS_DIR="/usr/share/builder/values"
|
||||||
|
CONFIG=""
|
||||||
|
|
||||||
|
if [ -f "${ENV_FILE}" ]; then
|
||||||
|
. ${ENV_FILE}
|
||||||
|
fi
|
||||||
|
|
||||||
|
BTR="$(command -v btr)"
|
||||||
|
if [ "${?}" -ne 0 ]; then
|
||||||
|
echo "Warning: Nothing to do the templater is not installed"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${TPL_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${TPL_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${VLS_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${VLS_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
jsonQuery() {
|
||||||
|
local data="${1}"
|
||||||
|
local query="${2}"
|
||||||
|
echo "${data}" | jq -cr "${query}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# NAME: @jsonMerge
|
||||||
|
# AIM: Merge two json structures
|
||||||
|
# NOTES:
|
||||||
|
# The last one has de last word
|
||||||
|
# if you have the same key in A and B
|
||||||
|
# this keeps the value of the B structure.
|
||||||
|
# PARAMS:
|
||||||
|
# $1: original JSON Structure
|
||||||
|
# $2: updated JSON Structure
|
||||||
|
jsonMerge() {
|
||||||
|
local data="${1}"
|
||||||
|
local data2="${2}"
|
||||||
|
|
||||||
|
echo "${data} ${data2}" | jq -cr -s ".[0] * .[1]"
|
||||||
|
}
|
||||||
|
|
||||||
|
jsonUpdateVal() {
|
||||||
|
local json="${1}"
|
||||||
|
local key="${2}"
|
||||||
|
local value="${3}"
|
||||||
|
|
||||||
|
echo "${json}" | jq --arg a "${value}" "${key} = \$a"
|
||||||
|
}
|
||||||
|
|
||||||
|
getValues() {
|
||||||
|
|
||||||
|
local values=""
|
||||||
|
|
||||||
|
for file in $(find ${VLS_DIR} -name "*.json"); do
|
||||||
|
values="${values}$(cat ${file})"
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ -n "${RAW_CONFIG}" ]; then
|
||||||
|
values="$(jsonMerge ${values} ${RAW_CONFIG})"
|
||||||
|
fi
|
||||||
|
|
||||||
|
for svc in $(echo ${values} | jq -cr '.Services|keys[]'); do
|
||||||
|
for key in $(echo ${values} | jq -cr ".Services.${svc}.Vars|keys[]"); do
|
||||||
|
ukey=${key^^}
|
||||||
|
vkeys="$(echo ${values} | jq -cr \".Services.${svc}.Vars.${key}\|keys[]\")"
|
||||||
|
if [ ${?} -eq 0 ]; then
|
||||||
|
for var in $(echo ${values} | jq -cr ".Services.${svc}.Vars.${key}|keys[]"); do
|
||||||
|
uvar=${var^^}
|
||||||
|
val=$(eval echo "\$${ukey}_${uvar}")
|
||||||
|
if [ -n "${val}" ]; then
|
||||||
|
values=$(jsonUpdateVal "${values}" ".Services.${svc}.Vars.${key}.${var}" "${val}")
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
values=$(jsonUpdateVal "${values}" ".Services.${svc}.Vars.${key}" "${!ukey}")
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
done
|
||||||
|
echo ${values}
|
||||||
|
}
|
||||||
|
|
||||||
|
processTemplates() {
|
||||||
|
${BTR} -t ${TPL_DIR} -c "${1}"
|
||||||
|
}
|
||||||
|
|
||||||
|
VALUES=$(getValues)
|
||||||
|
file=$(mktemp)
|
||||||
|
echo "${VALUES}" > "${file}"
|
||||||
|
processTemplates "${file}"
|
||||||
|
rm -rf "${file}"
|
|
@ -0,0 +1,80 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
#
|
||||||
|
# Generate all the configuration files
|
||||||
|
# Get all the values from the VLS_DIR
|
||||||
|
# Process each template from the TPL_DIR with this values
|
||||||
|
#
|
||||||
|
|
||||||
|
ENV_FILE=${ENV_FILE:-/var/run/one-context/one_env}
|
||||||
|
TPL_DIR="/usr/share/builder/templates"
|
||||||
|
VLS_DIR="/usr/share/builder/values"
|
||||||
|
CONFIG=""
|
||||||
|
|
||||||
|
. ${ENV_FILE}
|
||||||
|
|
||||||
|
BTR="$(command -v btr)"
|
||||||
|
if [ "${?}" -ne 0 ]; then
|
||||||
|
echo "Warning: Nothing to do the templater is not installed"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${TPL_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${TPL_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${VLS_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${VLS_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
jsonQuery() {
|
||||||
|
local data="${1}"
|
||||||
|
local query="${2}"
|
||||||
|
echo "${data}" | jq -cr "${query}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# NAME: @jsonMerge
|
||||||
|
# AIM: Merge two json structures
|
||||||
|
# NOTES:
|
||||||
|
# The last one has de last word
|
||||||
|
# if you have the same key in A and B
|
||||||
|
# this keeps the value of the B structure.
|
||||||
|
# PARAMS:
|
||||||
|
# $1: original JSON Structure
|
||||||
|
# $2: updated JSON Structure
|
||||||
|
jsonMerge() {
|
||||||
|
local data="${1}"
|
||||||
|
local data2="${2}"
|
||||||
|
|
||||||
|
echo "${data} ${data2}" | jq -cr -s ".[0] * .[1]"
|
||||||
|
}
|
||||||
|
|
||||||
|
getValues() {
|
||||||
|
|
||||||
|
local values=""
|
||||||
|
|
||||||
|
for file in $(find ${VLS_DIR} -name "*.json"); do
|
||||||
|
values="${values}$(cat ${file})"
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ -n "${RAW_CONFIG}" ]; then
|
||||||
|
values="$(jsonMerge ${values} ${RAW_CONFIG})"
|
||||||
|
fi
|
||||||
|
|
||||||
|
for key in $(echo ${values} | jq -cr '.|keys[]'); do
|
||||||
|
ukey=${key^^}
|
||||||
|
if [ -n "${!ukey}" ]; then
|
||||||
|
values="$(jsonMerge "${values}" "{\"${key}\":\"${!ukey}\"}")"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
echo ${values}
|
||||||
|
}
|
||||||
|
|
||||||
|
processTemplates() {
|
||||||
|
${BTR} -t ${TPL_DIR} -c "${1}"
|
||||||
|
}
|
||||||
|
VALUES=$(getValues)
|
||||||
|
echo ${VALUES}
|
||||||
|
processTemplates "${VALUES}"
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"instance-id": "iid-local01"
|
||||||
|
}
|
|
@ -0,0 +1,11 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
echo "${1}" >/etc/hostname
|
||||||
|
|
||||||
|
apt-get update
|
||||||
|
apt-get -y dist-upgrade
|
||||||
|
apt-get install wget curl open-vm-tools -y
|
||||||
|
|
||||||
|
systemctl enable --now open-vm-tools.service
|
||||||
|
|
||||||
|
touch /etc/cloud/cloud-init.disabled
|
|
@ -0,0 +1,115 @@
|
||||||
|
# To see all available options execute this command once the install is done:
|
||||||
|
# sudo less /var/log/installer/cdebconf/questions.dat
|
||||||
|
# If you need information about an option use the command below (example for keymap):
|
||||||
|
# grep -A 4 "keyboard-configuration/xkb-keymap" /var/log/installer/cdebconf/templates.dat
|
||||||
|
|
||||||
|
# Use network mirror for package installation
|
||||||
|
# d-i apt-setup/use_mirror boolean true
|
||||||
|
|
||||||
|
# Automatic installation
|
||||||
|
d-i auto-install/enable boolean true
|
||||||
|
|
||||||
|
# "linux-server" is substituted by "linux-image-amd64"
|
||||||
|
# Possible options : "linux-image-amd64"(default) or "linux-image-rt-amd64"
|
||||||
|
d-i base-installer/kernel/override-image string linux-server
|
||||||
|
|
||||||
|
# Configure hardware clock
|
||||||
|
d-i clock-setup/utc boolean true
|
||||||
|
d-i clock-setup/utc-auto boolean true
|
||||||
|
|
||||||
|
d-i netcfg/choose_interface select auto
|
||||||
|
d-i netcfg/use_dhcp boolean true
|
||||||
|
|
||||||
|
# d-i console-setup/ask_detect boolean false
|
||||||
|
|
||||||
|
# d-i debconf/frontend select noninteractive
|
||||||
|
|
||||||
|
# Set OS locale
|
||||||
|
d-i debian-installer/language string fr
|
||||||
|
d-i debian-installer/country string FR
|
||||||
|
d-i debian-installer/locale string fr_FR.UTF-8
|
||||||
|
|
||||||
|
# d-i debian-installer/framebuffer boolean false
|
||||||
|
|
||||||
|
# Reboot once the install is done
|
||||||
|
d-i finish-install/reboot_in_progress note
|
||||||
|
|
||||||
|
# Bootloader options
|
||||||
|
d-i grub-installer/only_debian boolean true
|
||||||
|
d-i grub-installer/with_other_os boolean true
|
||||||
|
d-i grub-installer/bootdev string /dev/sda
|
||||||
|
|
||||||
|
# Set the keyboard layout
|
||||||
|
d-i console-setup/ask_detect boolean false
|
||||||
|
d-i keyboard-configuration/variant select France
|
||||||
|
d-i keyboard-configuration/xkb-keymap select fr
|
||||||
|
d-i console-keymaps-at/keymap select fr-latin9
|
||||||
|
d-i debian-installer/keymap string fr-latin9
|
||||||
|
|
||||||
|
# Mirror from which packages will be downloaded
|
||||||
|
d-i mirror/country string manual
|
||||||
|
d-i mirror/http/directory string /debian
|
||||||
|
d-i mirror/http/hostname string httpredir.debian.org
|
||||||
|
|
||||||
|
# Configure http proxy if needed "http://[[user][:pass]@]host[:port]/"
|
||||||
|
d-i mirror/http/proxy string
|
||||||
|
|
||||||
|
# Disk configuration
|
||||||
|
d-i partman-efi/non_efi_system boolean true
|
||||||
|
d-i partman-auto-lvm/guided_size string max
|
||||||
|
d-i partman-auto/choose_recipe select atomic
|
||||||
|
d-i partman-auto/method string lvm
|
||||||
|
d-i partman-lvm/confirm boolean true
|
||||||
|
d-i partman-lvm/confirm_nooverwrite boolean true
|
||||||
|
d-i partman-lvm/device_remove_lvm boolean true
|
||||||
|
d-i partman/choose_partition select finish
|
||||||
|
d-i partman/confirm boolean true
|
||||||
|
d-i partman/confirm_nooverwrite boolean true
|
||||||
|
d-i partman/confirm_write_new_label boolean true
|
||||||
|
|
||||||
|
# User configuration
|
||||||
|
d-i passwd/root-login boolean true
|
||||||
|
d-i passwd/root-password password ${local.ssh_password}
|
||||||
|
d-i passwd/root-password-again password ${local.ssh_password}
|
||||||
|
d-i passwd/user-fullname string packer
|
||||||
|
d-i passwd/user-uid string 1000
|
||||||
|
d-i passwd/username string packer
|
||||||
|
d-i passwd/user-password password ${local.ssh_password}
|
||||||
|
d-i passwd/user-password-again password ${local.ssh_password}
|
||||||
|
|
||||||
|
# Extra packages to be installed
|
||||||
|
d-i pkgsel/include string sudo
|
||||||
|
d-i pkgsel/include string openssh-server
|
||||||
|
d-i pkgsel/include string wget
|
||||||
|
d-i pkgsel/include string cloud-init
|
||||||
|
|
||||||
|
d-i pkgsel/install-language-support boolean false
|
||||||
|
d-i pkgsel/update-policy select none
|
||||||
|
|
||||||
|
# Whether to upgrade packages after debootstrap
|
||||||
|
d-i pkgsel/upgrade select full-upgrade
|
||||||
|
|
||||||
|
# Set timezone
|
||||||
|
d-i time/zone string Europe/Paris
|
||||||
|
|
||||||
|
# Allow weak user password
|
||||||
|
d-i user-setup/allow-password-weak boolean true
|
||||||
|
|
||||||
|
# Home folder encryption
|
||||||
|
d-i user-setup/encrypt-home boolean false
|
||||||
|
|
||||||
|
# Do not scan additional CDs
|
||||||
|
apt-cdrom-setup apt-setup/cdrom/set-first boolean false
|
||||||
|
|
||||||
|
# Use network mirror
|
||||||
|
apt-mirror-setup apt-setup/use_mirror boolean true
|
||||||
|
|
||||||
|
# Disable polularity contest
|
||||||
|
popularity-contest popularity-contest/participate boolean false
|
||||||
|
|
||||||
|
# Select base install
|
||||||
|
tasksel tasksel/first multiselect standard, ssh-server
|
||||||
|
|
||||||
|
d-i preseed/late_command string in-target mkdir -p /root/.ssh; \
|
||||||
|
in-target /bin/sh -c "echo '${data.sshkey.install.public_key}' >> /root/.ssh/authorized_keys"; \
|
||||||
|
in-target chown -R root:root /root/.ssh/
|
|
@ -0,0 +1,26 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -eo pipefail
|
||||||
|
|
||||||
|
DESTDIR=/usr/local/share/ca-certificates
|
||||||
|
UPDATE_CERTS_CMD=update-ca-certificates
|
||||||
|
CERTS="$(cat <<EOF
|
||||||
|
https://letsencrypt.org/certs/isrgrootx1.pem
|
||||||
|
https://letsencrypt.org/certs/isrg-root-x2.pem
|
||||||
|
https://letsencrypt.org/certs/lets-encrypt-r3.pem
|
||||||
|
https://letsencrypt.org/certs/lets-encrypt-e1.pem
|
||||||
|
https://letsencrypt.org/certs/lets-encrypt-r4.pem
|
||||||
|
https://letsencrypt.org/certs/lets-encrypt-e2.pem
|
||||||
|
EOF
|
||||||
|
)"
|
||||||
|
|
||||||
|
cd "$DESTDIR"
|
||||||
|
|
||||||
|
for cert in $CERTS; do
|
||||||
|
echo "Downloading '$cert'..."
|
||||||
|
filename=$(basename "$cert")
|
||||||
|
wget --tries=10 --timeout=30 -O "$filename" "$cert"
|
||||||
|
openssl x509 -in "$filename" -inform PEM -out "$filename.crt"
|
||||||
|
done
|
||||||
|
|
||||||
|
$UPDATE_CERTS_CMD
|
|
@ -0,0 +1,12 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
ONE_CONTEXT_VERSION="6.4.0"
|
||||||
|
ONE_CONTEXT_PKG_VERSION="1"
|
||||||
|
PKG="one-context-${ONE_CONTEXT_VERSION}-r${ONE_CONTEXT_PKG_VERSION}.apk"
|
||||||
|
PKG_URL="https://github.com/OpenNebula/addon-context-linux/releases/download/v${ONE_CONTEXT_VERSION}/${PKG}"
|
||||||
|
|
||||||
|
cd /tmp || exit 3
|
||||||
|
wget -q --no-check-certificate ${PKG_URL}
|
||||||
|
apk add --allow-untrusted --no-cache ${PKG}
|
|
@ -0,0 +1,102 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
#
|
||||||
|
# Generate all the configuration files
|
||||||
|
# Get all the values from the VLS_DIR
|
||||||
|
# Process each template from the TPL_DIR with this values
|
||||||
|
#
|
||||||
|
|
||||||
|
ENV_FILE=${ENV_FILE:-/var/run/one-context/one_env}
|
||||||
|
TPL_DIR="/usr/share/builder/templates"
|
||||||
|
VLS_DIR="/usr/share/builder/values"
|
||||||
|
CONFIG=""
|
||||||
|
|
||||||
|
. ${ENV_FILE}
|
||||||
|
|
||||||
|
BTR="$(command -v btr)"
|
||||||
|
if [ "${?}" -ne 0 ]; then
|
||||||
|
echo "Warning: Nothing to do the templater is not installed"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${TPL_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${TPL_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${VLS_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${VLS_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
jsonQuery() {
|
||||||
|
local data="${1}"
|
||||||
|
local query="${2}"
|
||||||
|
echo "${data}" | jq -cr "${query}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# NAME: @jsonMerge
|
||||||
|
# AIM: Merge two json structures
|
||||||
|
# NOTES:
|
||||||
|
# The last one has de last word
|
||||||
|
# if you have the same key in A and B
|
||||||
|
# this keeps the value of the B structure.
|
||||||
|
# PARAMS:
|
||||||
|
# $1: original JSON Structure
|
||||||
|
# $2: updated JSON Structure
|
||||||
|
jsonMerge() {
|
||||||
|
local data="${1}"
|
||||||
|
local data2="${2}"
|
||||||
|
|
||||||
|
echo "${data} ${data2}" | jq -cr -s ".[0] * .[1]"
|
||||||
|
}
|
||||||
|
|
||||||
|
jsonUpdateVal() {
|
||||||
|
local json="${1}"
|
||||||
|
local key="${2}"
|
||||||
|
local value="${3}"
|
||||||
|
|
||||||
|
echo "${json}" | jq --arg a "${value}" "${key} = \$a"
|
||||||
|
}
|
||||||
|
|
||||||
|
getValues() {
|
||||||
|
|
||||||
|
local values=""
|
||||||
|
|
||||||
|
for file in $(find ${VLS_DIR} -name "*.json"); do
|
||||||
|
values="${values}$(cat ${file})"
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ -n "${RAW_CONFIG}" ]; then
|
||||||
|
values="$(jsonMerge ${values} ${RAW_CONFIG})"
|
||||||
|
fi
|
||||||
|
|
||||||
|
for svc in $(echo ${values} | jq -cr '.Services|keys[]'); do
|
||||||
|
for key in $(echo ${values} | jq -cr ".Services.${svc}.Vars|keys[]"); do
|
||||||
|
ukey=${key^^}
|
||||||
|
vkeys="$(echo ${values} | jq -cr \".Services.${svc}.Vars.${key}\|keys[]\")"
|
||||||
|
if [ ${?} -eq 0 ]; then
|
||||||
|
for var in $(echo ${values} | jq -cr ".Services.${svc}.Vars.${key}|keys[]"); do
|
||||||
|
uvar=${var^^}
|
||||||
|
val=$(eval echo "\$${ukey}_${uvar}")
|
||||||
|
if [ -n "${val}" ]; then
|
||||||
|
values=$(jsonUpdateVal "${values}" ".Services.${svc}.Vars.${key}.${var}" "${val}")
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
values=$(jsonUpdateVal "${values}" ".Services.${svc}.Vars.${key}" "${!ukey}")
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
done
|
||||||
|
echo ${values}
|
||||||
|
}
|
||||||
|
|
||||||
|
processTemplates() {
|
||||||
|
${BTR} -t ${TPL_DIR} -c "${1}"
|
||||||
|
}
|
||||||
|
|
||||||
|
VALUES=$(getValues)
|
||||||
|
file=$(mktemp)
|
||||||
|
echo "${VALUES}" > "${file}"
|
||||||
|
processTemplates "${file}"
|
||||||
|
rm -rf "${file}"
|
|
@ -0,0 +1,2 @@
|
||||||
|
/quid-ansible
|
||||||
|
/.ansible_vault_passphrase
|
|
@ -0,0 +1,137 @@
|
||||||
|
---
|
||||||
|
quid_ansible_repo_private_key: !vault |
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
63356330363932313165663737383634623039383935333233316532643433643930663630663337
|
||||||
|
3938373061393535383638356438396264363132333939320a616463333939643036396266653435
|
||||||
|
32373265633439633663306433393037376235323965343530333239356633326266336333333961
|
||||||
|
6663613239393639370a663135333562663264376533336166323062656333613636393263356233
|
||||||
|
66653132386131613436356364636432336166353938373837333036393931343063343632613832
|
||||||
|
32303862623536356638396337373661623666393839303861653837393032666366396334383466
|
||||||
|
66373866366662353062653939393631373535666261323965666465383566343064653838313237
|
||||||
|
64396466393834373538613430636134663463313331336330393238636561663566343535663537
|
||||||
|
35643434313030636139326362613832346536333166613061653136346439653231336239626363
|
||||||
|
33376362383034303033343539306134313033386434366534633033306564636661386530306431
|
||||||
|
34656461323164656135303931626536643330653338656162386262633033393030363333336534
|
||||||
|
31343732636363623061303238386137316464333030343733316262646639366531633566383635
|
||||||
|
64653166393134623835363865326639613732353562303665643331663431333034373337653336
|
||||||
|
65313563333439613938396264626464393037396264646237303034356638323139373665613265
|
||||||
|
62623933623064333332313265326431333931643332393166373765383962333639643033393736
|
||||||
|
39666365666662396334316666323933306561343032386436613932396666653330653936656635
|
||||||
|
64353361366539363034316434306239646463336564643939353238393264633235633737656365
|
||||||
|
31313130396532313839613764393636656365303636323437643939313030373464353636363037
|
||||||
|
35376439383531633265613734383463643562333763646131643134383262313736613261346237
|
||||||
|
36633839323833316165393439386136343161306266666331396163363464343132393936313231
|
||||||
|
35663530633132386633313138333835346630383265666638373836663737623933376661633936
|
||||||
|
31623863396439623661396135633537306132306435303430613433346362333934383033656434
|
||||||
|
31363437626463383039336438666662316664353536393139383236323835333738393332623138
|
||||||
|
30343264633964393461616633313837353632373935623462326461663965363962306337396231
|
||||||
|
36623661333934616237306137663130316533613461616136306334666138656534383539393331
|
||||||
|
32623464333030653930393563343031383362383233373235623433643037636463656638386334
|
||||||
|
38316362643736313038366339396165626164336230663538303166316332633337396231646663
|
||||||
|
35303130666135313632326162643632356534646630383163653966346365646334396532313335
|
||||||
|
38353539383630663936313939613638346536623739366164313132636463353666636338353562
|
||||||
|
65336663333937353630636565396537366261646464626163623465313962353039623432653335
|
||||||
|
39653662366335646437366639303736653434623137613633353664336534373965616436643837
|
||||||
|
37396239633533616136636165396333366162313736666366396363303536373235656234393332
|
||||||
|
34663330653738643931373465313939313236363935316237303566363234346330303534353736
|
||||||
|
35336639313233346437666236653931366331393530363432303065323234376436373830346664
|
||||||
|
30613335333062633563643565383065663361613737343537396230353339656234613264666232
|
||||||
|
36393831663264393437316362653734356236333165666361623134626438653536303862653965
|
||||||
|
62636431643738393437663762376261653231633038343365666361626466653634353030356566
|
||||||
|
65333436353939623233623964393833363461356133653564633164366630303034633237653138
|
||||||
|
64343230383036336430306164636134623930656532366232353561656237306435353839396661
|
||||||
|
36633861363830633964376165633339376264363735613965376437303666326665303839363566
|
||||||
|
36306239376230303463663836653931656231353531383561353838383565356363376134343334
|
||||||
|
33363430613935643839316137333765383537326231343734643766373865306262336166313763
|
||||||
|
33666530633938636537663539616334643933396232653665373335663964343631623233366430
|
||||||
|
63306361383332323936343461313231343730373333346337656461346136656531326332613537
|
||||||
|
39323335313061376439343034336466643934306538333030616139353564323432376531663464
|
||||||
|
35613462396430346533383061636132323961303938613365306531386462313730326639363461
|
||||||
|
36313839336232373938353537356663363034356238383264303462396534343035633461336334
|
||||||
|
38613737373430396132313465366363386365303265396261303434653463623265323237393734
|
||||||
|
38616262326461383739353235353835316638653263383938653233326336633532323561656433
|
||||||
|
34326634623130336135333931633635316464383139393639353731636432613832633265376332
|
||||||
|
32346161396332356530316365316362393130643833633264643136623733313963326161333535
|
||||||
|
61623835643931613461333033643636386339323137306663366563393463383266356433306362
|
||||||
|
32626430316137336536663232633061396232313935656562346437653238313130383837336361
|
||||||
|
61323865646637333037336335656462303065616237356463616631663539633433613263623932
|
||||||
|
61333236653836653436616161666330616239393331393139333231626464326339666433663461
|
||||||
|
33343539356634613363616662333562653162366532396337643163373738363637313738386362
|
||||||
|
30356634626536336264616263313438366336373962636438303634333130626433366536366436
|
||||||
|
33393461386337663366663132336136343930623464663062663930363663333566323734336631
|
||||||
|
63643866643262333735386433386662303263323038613862653563363230643065356439663264
|
||||||
|
36323666323331613663626533366130663766643036366430643734303561393234623539646463
|
||||||
|
38376132653234346633363238303265376431653663363861653037323436393037306436623962
|
||||||
|
66376536343032303863323138326334626166363930323530353161333737616261346631326364
|
||||||
|
36343239373365306266323832303531313037316234353537383436363866326533663437373537
|
||||||
|
31353038326439303839353139303362613264386434303236363336386665303861663438626135
|
||||||
|
39633361656130316335333965643966616263303563326639653534653931343261356133616461
|
||||||
|
63353664633636343438303936636632393963343235323537393064646138623934633237646139
|
||||||
|
33366664636664373135316366316163343266646435626636366534343061323464633464666430
|
||||||
|
36653231633565346334333362343734613861313465366530376266653939656163323236613139
|
||||||
|
31363165646134343236326663343534383031323431323162343566353938666365323265663931
|
||||||
|
62396466333730363261626465366431316332626236346364396536636165653330653531306330
|
||||||
|
63633564613330323637633761613066623135396132316636303130663534306562326535363733
|
||||||
|
31636639643632633232383938363563643732623364303732663133386434326236353635326439
|
||||||
|
37656138663166616231383264353763623066646337656363663839376536633235353838373465
|
||||||
|
37343237376138326337623565306137363833333165383166343233373438373261306433653734
|
||||||
|
65376361633165383034666337623832336262393831313831626564346231376561393365633437
|
||||||
|
65383236633036616538623861656439323866633864666434643262346632343865643462393237
|
||||||
|
36386463393936376437643065356461306235656233373561393965613461643035356634626335
|
||||||
|
38633664323265303563363636613130383236393339333330613239633765636232326265653864
|
||||||
|
31346361346364396166663930663435313230366631623363306136353833346138346433373730
|
||||||
|
36326536323166396562303733353835663234636136383539356139623433316537343039623761
|
||||||
|
66373231353639623533323837386339323462366137376363373030333762323830623535626433
|
||||||
|
36636162396439363436343330636162383864383837663236626237396562333032383162636165
|
||||||
|
36663833343062613362663739303639396139376166376234646663316239306261356561396535
|
||||||
|
30316331656464333137313333396132656636653932363834336336303635633865313165316434
|
||||||
|
63376461333137343164333634333139336539613839393237343336646261643038643833303461
|
||||||
|
30663763653864626133356439646664663331613666616133383830346331636438656639633065
|
||||||
|
38346562343531633166666436643138366235373562386137326535333936383832313962313233
|
||||||
|
65613265313538626565666339643866393165316363663664373066623962303435663635653738
|
||||||
|
65363262633236333339633636363233333232333332643837326163633061656135653763663539
|
||||||
|
39346365356266353336316461613336343039656330306530303961346133343765363036633734
|
||||||
|
65643563633631373133633031343532356461633461616430313331306335336131333062643230
|
||||||
|
33623331313566646130373833373137333733343534383239306630396335383539373736613862
|
||||||
|
39323265393438376437386261636162303535346638316464366431316439643463623237323563
|
||||||
|
31326633373964626266356435376231333933646139666166663232633132323832353034626132
|
||||||
|
37316235376265633762613536323735653134616233396439326239323933623465613932363332
|
||||||
|
61663862613330366134633534653632343865666562376438386563653066363635666136613534
|
||||||
|
62356433653861666634653536353163306539613061373936346538306134326561323564353936
|
||||||
|
62666139646238663230376132613334323138313261336338666433613231323633623636333938
|
||||||
|
31356334613334383839396535643764393938303931613835643037626530333534323063646164
|
||||||
|
33346363366334333063363564663638306461613838616564643938396234373961613130373738
|
||||||
|
32636533653666626261336138326335623366643737633763353066643263663161396239663432
|
||||||
|
66646233303739623032313439643763656464623865353963333330653833323763633362303434
|
||||||
|
61343530613530336461363038383731646663343764383262393534623530613033636665656233
|
||||||
|
38666162336332376436363335626365666134646532356534346264316465613336653664326461
|
||||||
|
66626537643465326661636164313166393761343231643831366362386431323664633134303062
|
||||||
|
37623863616165633236643139633736336537326533636632646666633466336230653165666333
|
||||||
|
39326566326665366364636631646237663534393631646633316231303835343837303233333565
|
||||||
|
65663163646566306331343766636461326333306662633337356135663938383166303532313566
|
||||||
|
31393932333037366237663465626434643564663036336139316636313163646439643934343436
|
||||||
|
65343462393337333161323236303233376532363963616433343133383631643937333662363063
|
||||||
|
39646536373865626230633466616162613333623462616139386166316662343034393761343339
|
||||||
|
63313263316662626563343130633837303932383134656432383232626163323634636462343662
|
||||||
|
62326665366431656239663564663838653631396366313861323935623364633266333739383861
|
||||||
|
63326264333236373333313566323937336232326461343839616533633639346435333162313237
|
||||||
|
38646638373735663163623231313463326263656531373536393934626632326433363634616337
|
||||||
|
61303035356263366166656565393565343733626439376533316266343038366366656538663830
|
||||||
|
61656661323936633964333433306165613334306436343832666561363565343631383538643631
|
||||||
|
35623839643133376335393331643962386532346437313933366133336364326533373436613833
|
||||||
|
66326237386161623332323130333839336363373330313435636634663532346130626230393333
|
||||||
|
61323361646537623235376135363033636261343365343735623963643066373631343235356536
|
||||||
|
39653136376661353837383839663965643334393861373235353035356235396235613562363061
|
||||||
|
33353339663165656432383230663033363861343032326663373632346634303231346462663836
|
||||||
|
65313963373139383765303838666634666431343734313532626438373961393839656236646263
|
||||||
|
32623264636434636531663138373466663032333463373232353333363534336435353664353238
|
||||||
|
66663562653238396637613463636133656133386163376637353439626133373032373762623465
|
||||||
|
63316335336662623039633837613666363766363931343865313330316362316561626438626533
|
||||||
|
65383465396536306562363163653132343263636363613434333966346166326263373038653266
|
||||||
|
62353734326365616361303135303561313131633637633461636539636666363162646238343265
|
||||||
|
32363065326330303666336638333439356135633764643830353135346139306366353831613564
|
||||||
|
36303763363031613531623336656637393337323035343532623239623735383932626463643866
|
||||||
|
30363138313964643664653834363861616565393065633231623961353532623434623832343930
|
||||||
|
66666330633633653030613237383063353064373661393965373333323565336434653837616336
|
||||||
|
32613737623064316233613434363031623238326132653434646237306234663538616463643230
|
||||||
|
3261376331343330613739346434313636613561626230656334
|
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
- name: Ciblage de la machine locale
|
||||||
|
hosts: localhost
|
||||||
|
connection: local
|
||||||
|
tasks:
|
||||||
|
- name: Clonage du projet "EFS/quid-ansible"
|
||||||
|
ansible.builtin.git:
|
||||||
|
repo: "ssh://git@forge.cadoles.com:2222/EFS/quid-ansible.git"
|
||||||
|
dest: "quid-ansible"
|
||||||
|
version: "master"
|
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
- import_playbook: quid-ansible/deploy.yml
|
|
@ -0,0 +1 @@
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDph3zh6ojSvH44k13z9B6xj+Hargo3uzkxnYv5s5NI4yagNuBXEc3aS++KdocND+FtVfLK+iVE8qHo2bvmpMmVkqU6WU2apN7DfIP0QGLlSGeo+UOZ9hGeEDlgVO4AOnZKZ5kPGBEPZ84JXuE9CmhKfwEVCK8w3B8XQttA8alFl4A4/4F14x2w4njsSLY1H3b0qah7hgYKU5zHIGLg8Lxx+1BxGIF0l5n5m5rqAskRNaF+aYbs0CcWHv49bPK0sJJ0qPV2r2sq8BlzuZFHExnZRIxpsIXdce4Bm4rdlGi7tBmmurLk4OOtDkwvhD0LMaNJf10k6QLSmRUTVzgsYz/dmGxopbMtwwIXkwi014uSZgi8wAuznXx5I4j2TUGPZHOVf+1iw/yaxWlgTVOSoX7ZxyhDgW5cCgZZGNzU5UWe0vUuVTB+hfSMj50/Q6+Vi92/mDMbPhm4nBoVzD5DT15mB+yGyN45Ej61m0JzVUyZexfvVaffEug1/u5dnwilP0WGKr4i2OXxOXtvSdAs5rlZjvppZk6IxRCwXIcPwEFL97ZrQZAxlVS5Nh+ZnlSwTe3zfQhzHj1ao0AdCAHFPUEdoUPJhSb0OjyCvZ9XZ1KCkXhuhuN/3IUhuoWl4soNCeC3KmU/USx1wda438Exj0hM1mTyBZScDPGyD9nw78DGw== Philippe Caseiro
|
|
@ -0,0 +1 @@
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDZxr8C81Dm5Zl2AtDzTVa8hFs04aV1z8ANrXYVHnLf7gEG4c1BI9iWbm94gVCQT4IvoKR5oZxjxGnx1a7VaX6h6dt33+p/s2IJiwG+9/DykPnImw+ALTcnMcyrwOYh68jnQIOGkYzK/VaHRzrvFNuoVWIU+FqfN+sW+bLQWi9v/K5oiup83xQBze6kjMEL2PT48bJwT/dQgP5cnTTEYwcOK/Yes1Cmb+VqjAs5B3uiHDoch10fy4b4duuALozPGhgoOfTLqe9Ekbt8PdIhUzGxFCw79W7IBA9vw79tYBy4B2et8Zb9sf+sMmxPINDkouYmfSnU0PjNjida7Tii2IEWbrb/qbSkRNcyIBmpGKz6VnSIvomv4FA9dGkOLYRyvTjAM6Shy5aiGV8F7T9hMxm3zGDjiVseyPVtMdSjM2SCx95uPCH5oSrj8M1OIjC2D+w3DsmTPFvTjA1gmKEYnXfFj82DvO+wDcbb6/DF2qS6y5rNpdnPWDb57iBqKeZISQ5x+h8arV0U3yItHoi7z4Cb51V29pdBE0xgFx5DE5akuPO3RC+BP0CK242HBdb94YXQCfmoQ1dV59mvu0ObAhP4CH/efOqONHXjTG9eurQyJWUr8yYO9DI7HkQHwvYDS7xuEO9yvs7gizm22FOTcxBPc4M/KFhPfnUs7Nyfw6I0Nw== vfebvre@cadoles.com
|
|
@ -0,0 +1,23 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
TOOL_DIR="${1:-/usr/local/bin}"
|
||||||
|
TOOL_USER="${2:-root}"
|
||||||
|
TOOL_GROUP="${3:-root}"
|
||||||
|
ATTACHMENT_URL="https://forge.cadoles.com/attachments/"
|
||||||
|
|
||||||
|
installTool() {
|
||||||
|
NAME="${1}"
|
||||||
|
URL="${2}"
|
||||||
|
|
||||||
|
curl -k -o ${TOOL_DIR}/${NAME} ${URL}
|
||||||
|
chmod +x ${TOOL_DIR}/${NAME}
|
||||||
|
}
|
||||||
|
|
||||||
|
apk add curl
|
||||||
|
|
||||||
|
# Install templater
|
||||||
|
installTool "tpr" "https://forge.cadoles.com/attachments/242b3cba-8d07-4b89-80ab-7c12253a8524"
|
||||||
|
# Install bootstraper
|
||||||
|
installTool "btr" "https://forge.cadoles.com/attachments/e8442b2a-2065-4282-b4a4-648681fa044c"
|
|
@ -0,0 +1,27 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
#
|
||||||
|
# Quick and dirty script to add disk space
|
||||||
|
# It creates a new PV (with the additionnal disk),
|
||||||
|
# a new VG and a new LV with 100% disk space
|
||||||
|
# The names and devices are provided with env variables:
|
||||||
|
# - PV_DEVICE : The /dev/xxx device
|
||||||
|
# - VG_NAME: The new vg name
|
||||||
|
# - LV_NAME: Then new lv name
|
||||||
|
# - LV_MTP: The mount point for the FS created on the LV
|
||||||
|
# - LV_FS: The fstype of the new FS
|
||||||
|
#
|
||||||
|
if [ -e ${PV_DEVICE} ]; then
|
||||||
|
pvcreate ${PV_DEVICE}
|
||||||
|
vgcreate ${VG_NAME} ${PV_DEVICE}
|
||||||
|
lvcreate -Ay -l 100%FREE -n ${LV_NAME} ${VG_NAME}
|
||||||
|
mkfs.${LV_FS} /dev/${VG_NAME}/${LV_NAME}
|
||||||
|
if [ ! -d ${LV_MTP} ]; then
|
||||||
|
mkdir -p ${LV_MTP}
|
||||||
|
fi
|
||||||
|
mount /dev/${VG_NAME}/${LV_NAME} ${LV_MTP}
|
||||||
|
echo "/dev/${VG_NAME}/${LV_NAME} ${LV_MTP} ${LV_FS} rw,relatime 0 1" >> /etc/fstab
|
||||||
|
else
|
||||||
|
echo "${PV_DEVICE} is missing"
|
||||||
|
exit 3
|
||||||
|
fi
|
|
@ -0,0 +1,74 @@
|
||||||
|
#Flavour base
|
||||||
|
build {
|
||||||
|
name = "quid"
|
||||||
|
description = <<EOF
|
||||||
|
This builder builds a QEMU image from a Debian cloud image.
|
||||||
|
EOF
|
||||||
|
source "vmware-vmx.debian" {
|
||||||
|
output_directory = "${var.output_dir}/${var.version}/quid"
|
||||||
|
vm_name = "quid-${local.output_name}-${var.version}"
|
||||||
|
source_path = "${var.output_dir}/${var.version}/base/${local.output_name}-${var.version}.vmx"
|
||||||
|
boot_command = [ "<enter><enter><wait>" ]
|
||||||
|
ssh_clear_authorized_keys = true
|
||||||
|
disk_additional_size = [ 102400 ]
|
||||||
|
vmx_data = {
|
||||||
|
"scsi1.pcislotnumber" = "16"
|
||||||
|
"scsi1.present" = "TRUE"
|
||||||
|
"scsi1.virtualdev" = "lsilogic"
|
||||||
|
"scsi1:0.filename" = "disk-1.vmdk"
|
||||||
|
"scsi1:0.present" = "TRUE"
|
||||||
|
"scsi1:0.redo" = ""
|
||||||
|
}
|
||||||
|
vmx_data_post = {
|
||||||
|
"memsize" = "4096",
|
||||||
|
"numvcpus" = "2",
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Extend root logical volume with additional disk space
|
||||||
|
provisioner "shell" {
|
||||||
|
inline = [
|
||||||
|
"pvcreate /dev/sdb",
|
||||||
|
"vgextend debian-vg /dev/sdb",
|
||||||
|
"lvextend -l +100%FREE /dev/debian-vg/root",
|
||||||
|
"resize2fs /dev/debian-vg/root"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Store temporarily ansible vault password in local file
|
||||||
|
provisioner "shell-local" {
|
||||||
|
inline = ["echo '${var.quid_ansible_vault_passphrase}' > '${local.locations.provisionning}/quid/.ansible_vault_passphrase'"]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Clone quid-ansible repository
|
||||||
|
provisioner "ansible" {
|
||||||
|
playbook_file = "${local.locations.provisionning}/quid/clone-quid-ansible.yml"
|
||||||
|
// Manjaro/Arch OpenSSH version compatibility mode
|
||||||
|
// See https://github.com/hashicorp/packer/issues/11783
|
||||||
|
extra_arguments = [ "--scp-extra-args", "'-O'", "-v" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Run quid-ansible playbook from cloned repository
|
||||||
|
provisioner "ansible" {
|
||||||
|
playbook_file = "${local.locations.provisionning}/quid/run-quid-ansible.yml"
|
||||||
|
groups = ["quid_server"]
|
||||||
|
// Manjaro/Arch OpenSSH version compatibility mode
|
||||||
|
// See https://github.com/hashicorp/packer/issues/11783
|
||||||
|
extra_arguments = [ "--scp-extra-args", "'-O'", "-v", "--vault-password-file=${local.locations.provisionning}/quid/.ansible_vault_passphrase", "--extra-vars=@${local.locations.provisionning}/quid/ansible-vars.yml" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Remove ansible vault password file
|
||||||
|
provisioner "shell-local" {
|
||||||
|
inline = ["rm -f '${local.locations.provisionning}/quid/.ansible_vault_passphrase'"]
|
||||||
|
}
|
||||||
|
|
||||||
|
post-processor "shell-local" {
|
||||||
|
inline = [
|
||||||
|
"/bin/sh ${path.cwd}/post-processors/sparsify.sh ${var.output_dir}/${var.version}/quid ${var.image_version}",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
post-processor "manifest" {
|
||||||
|
keep_input_artifact = true
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,37 @@
|
||||||
|
# Flavor "Quid"
|
||||||
|
|
||||||
|
## Construction de l'image
|
||||||
|
|
||||||
|
1. Récupérer la phrase de passe pour les données chiffrées via `ansible-vault` dans le coffre-fort partagé (Section "Cadoles" -> "Kube").
|
||||||
|
|
||||||
|
2. Lancer la construction de l'image de la machine virtuelle
|
||||||
|
|
||||||
|
```
|
||||||
|
QUID_ANSIBLE_VAULT_PASSPHRASE="<passphrase>" PACKER_OPTS="-var headless=false" ./build start debian 12
|
||||||
|
```
|
||||||
|
|
||||||
|
ou si l'image Debian de base est déjà construite
|
||||||
|
|
||||||
|
```
|
||||||
|
QUID_ANSIBLE_VAULT_PASSPHRASE="<passphrase>" PACKER_OPTS="-var headless=false" BUILDER="vmware-vmx" ./build run debian 12 quid
|
||||||
|
```
|
||||||
|
|
||||||
|
> **Tip** Le paramètre `PACKER_OPTS="-var headless=false"` n'est nécessaire que dans le cas où vous souhaitez l'exécuteur VMWare avec son interface graphique.
|
||||||
|
|
||||||
|
## Générer le fichier OVF à partir de l'OVA
|
||||||
|
|
||||||
|
```
|
||||||
|
ovftool output/debian/12.2.0/quid/quid-debian-12.2.0.ova output/debian/12.2.0/quid/quid-debian-12.2.0.ovf
|
||||||
|
```
|
||||||
|
|
||||||
|
## Configuration de l'environnement Quid sur la machine virtuelle
|
||||||
|
|
||||||
|
1. Ajouter l'image de la machine sur votre environnement de virtualisation. Les fichiers sont normalement générés dans le répertoire `output/debian/12.2.0/quid`.
|
||||||
|
|
||||||
|
2. Démarrer la machine virtuelle. Le mot de passe par défaut du compte administrateur est `toor`.
|
||||||
|
|
||||||
|
3. Éditer le fichier `/etc/quid-ansible/config.yml` avec les valeurs correspondant à votre environnement de déploiement ([voir les valeurs par défaut](https://forge.cadoles.com/EFS/quid-ansible/src/branch/master/roles/quid-server/files/quid_ansible_default_config.yml))
|
||||||
|
|
||||||
|
4. Exécuter la commande `apply-config` pour mettre à jour la machine avec les valeurs présentes dans le fichier précédemment édité.
|
||||||
|
|
||||||
|
Pour plus d'informations voir la documentation du projet [`quid-ansible`](https://forge.cadoles.com/EFS/quid-ansible).
|
|
@ -0,0 +1,101 @@
|
||||||
|
source qemu "debian" {
|
||||||
|
cpus = 1
|
||||||
|
memory = "${local.memory}"
|
||||||
|
accelerator = "kvm"
|
||||||
|
vnc_bind_address = "0.0.0.0"
|
||||||
|
|
||||||
|
headless = local.headless
|
||||||
|
|
||||||
|
# Serve the `http` directory via HTTP, used for preseeding the Debian installer.
|
||||||
|
#http_directory = "${path.cwd}/recipes/${var.name}/provisionning/${var.name}/http"
|
||||||
|
http_port_min = 9990
|
||||||
|
http_port_max = 9999
|
||||||
|
|
||||||
|
# SSH ports to redirect to the VM being built
|
||||||
|
host_port_min = 2222
|
||||||
|
host_port_max = 2229
|
||||||
|
|
||||||
|
# This user is configured in the preseed file.
|
||||||
|
ssh_username = "${local.ssh_user}"
|
||||||
|
ssh_private_key_file = data.sshkey.install.private_key_path
|
||||||
|
ssh_wait_timeout = "1000s"
|
||||||
|
|
||||||
|
shutdown_command = "/sbin/poweroff"
|
||||||
|
|
||||||
|
# Builds a compact image
|
||||||
|
disk_compression = true
|
||||||
|
disk_discard = "unmap"
|
||||||
|
skip_compaction = false
|
||||||
|
disk_detect_zeroes = "unmap"
|
||||||
|
|
||||||
|
format = "qcow2"
|
||||||
|
|
||||||
|
boot_wait = "5s"
|
||||||
|
}
|
||||||
|
|
||||||
|
source "vmware-iso" "debian" {
|
||||||
|
cpus = 1
|
||||||
|
disk_type_id = 0
|
||||||
|
memory = "${local.memory}"
|
||||||
|
vnc_bind_address = "0.0.0.0"
|
||||||
|
|
||||||
|
headless = local.headless
|
||||||
|
|
||||||
|
# Serve the `http` directory via HTTP, used for preseeding the Debian installer.
|
||||||
|
#http_directory = "${path.cwd}/recipes/${var.name}/provisionning/${var.name}/http"
|
||||||
|
http_port_min = 9990
|
||||||
|
http_port_max = 9999
|
||||||
|
|
||||||
|
# SSH ports to redirect to the VM being built
|
||||||
|
#host_port_min = 2222
|
||||||
|
#host_port_max = 2229
|
||||||
|
|
||||||
|
# This user is configured in the preseed file.
|
||||||
|
ssh_username = "${local.ssh_user}"
|
||||||
|
ssh_private_key_file = data.sshkey.install.private_key_path
|
||||||
|
ssh_wait_timeout = "1000s"
|
||||||
|
|
||||||
|
shutdown_command = "/sbin/poweroff"
|
||||||
|
|
||||||
|
# Builds a compact image
|
||||||
|
#disk_compression = true
|
||||||
|
#disk_discard = "unmap"
|
||||||
|
skip_compaction = false
|
||||||
|
#disk_detect_zeroes = "unmap"
|
||||||
|
|
||||||
|
format = "ova"
|
||||||
|
|
||||||
|
boot_wait = "5s"
|
||||||
|
}
|
||||||
|
|
||||||
|
source "vmware-vmx" "debian" {
|
||||||
|
vnc_bind_address = "0.0.0.0"
|
||||||
|
|
||||||
|
headless = local.headless
|
||||||
|
|
||||||
|
# Serve the `http` directory via HTTP, used for preseeding the Debian installer.
|
||||||
|
#http_directory = "${path.cwd}/recipes/${var.name}/provisionning/${var.name}/http"
|
||||||
|
http_port_min = 9990
|
||||||
|
http_port_max = 9999
|
||||||
|
|
||||||
|
# SSH ports to redirect to the VM being built
|
||||||
|
#host_port_min = 2222
|
||||||
|
#host_port_max = 2229
|
||||||
|
|
||||||
|
# This user is configured in the preseed file.
|
||||||
|
ssh_username = "${local.ssh_user}"
|
||||||
|
ssh_private_key_file = data.sshkey.install.private_key_path
|
||||||
|
ssh_wait_timeout = "1000s"
|
||||||
|
|
||||||
|
shutdown_command = "/sbin/poweroff"
|
||||||
|
|
||||||
|
# Builds a compact image
|
||||||
|
#disk_compression = true
|
||||||
|
#disk_discard = "unmap"
|
||||||
|
skip_compaction = false
|
||||||
|
#disk_detect_zeroes = "unmap"
|
||||||
|
|
||||||
|
format = "ova"
|
||||||
|
|
||||||
|
boot_wait = "5s"
|
||||||
|
}
|
|
@ -0,0 +1,12 @@
|
||||||
|
#cloud-config
|
||||||
|
ssh_pwauth: True
|
||||||
|
user: ${user}
|
||||||
|
password: ${password}
|
||||||
|
chpasswd:
|
||||||
|
expire: False
|
||||||
|
|
||||||
|
# Work around network interface down after boot
|
||||||
|
runcmd:
|
||||||
|
%{ for cmd in runcmd ~}
|
||||||
|
- ${cmd}
|
||||||
|
%{ endfor ~}
|
|
@ -0,0 +1,64 @@
|
||||||
|
variable "name" {
|
||||||
|
type = string
|
||||||
|
default = "debian"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "version" {
|
||||||
|
type = string
|
||||||
|
default = "12.2.0"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "short_version" {
|
||||||
|
type = string
|
||||||
|
default = "12"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "arch" {
|
||||||
|
type = string
|
||||||
|
default = "amd64"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "output_dir" {
|
||||||
|
type = string
|
||||||
|
default = "output/debian/"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "source_url" {
|
||||||
|
type = string
|
||||||
|
default = "https://cdimage.debian.org/cdimage/release/12.2.0"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "iso_cd_checksum" {
|
||||||
|
type = string
|
||||||
|
default = "file:https://cdimage.debian.org/cdimage/release/12.2.0/amd64/iso-cd/SHA256SUMS"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "image_version" {
|
||||||
|
type = string
|
||||||
|
default = "0.0.1"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "one_user" {
|
||||||
|
type = string
|
||||||
|
default = env("ONE_USER")
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "one_token" {
|
||||||
|
type = string
|
||||||
|
default = env("ONE_TOKEN")
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "boot_command" {
|
||||||
|
type = list(string)
|
||||||
|
default = []
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "cloud_init_runcmd" {
|
||||||
|
type = list(string)
|
||||||
|
default = [ "uname" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "headless" {
|
||||||
|
type = bool
|
||||||
|
default = true
|
||||||
|
}
|
|
@ -0,0 +1,6 @@
|
||||||
|
|
||||||
|
variable "quid_ansible_vault_passphrase" {
|
||||||
|
type = string
|
||||||
|
default = env("QUID_ANSIBLE_VAULT_PASSPHRASE")
|
||||||
|
sensitive = true
|
||||||
|
}
|
Loading…
Reference in New Issue