adding missing ssh keys

Reviewed-on: #7

README.md

@@ -23,6 +23,8 @@ With this tool you can publish all the images and the necessary templates to act
 * Packer >= 1.6.0
 * virt-sparsify (optional)
 * Ruby
+
+### For OpenNebula you will need : 
 * These ruby gems:
   * opennebula
   * opennebula-cli
@@ -35,6 +37,15 @@ With this tool you can publish all the images and the necessary templates to act
   * create/manage services templates
   * create/manage network templates
 
+### For Local qemu buidls you will need:
+  * qemu-kvm
+
+### For Local Virtualbox builds you will need:
+  * virtualbox
+
+### For Local VMWare Workstation builds you will need:
+  * vmware-workstation (with a valid licence, 30 trial is fine)
+
 ## How to use the "build" tool ?
 
 First you need to create the "publisher" "tools/one-templates" configuration.

recipes/debian/hydra.pkr.hcl

@@ -0,0 +1,63 @@
+#Flavour base
+build {
+  name = "hydra"
+  description = <<EOF
+This builder build a Debian 12 image for Ory Hydra
+EOF
+  source "hydra.vmware-vmx.debian" {
+    output_directory = "${var.output_dir}/${var.version}/hydra"
+    vm_name          = "hydra-${local.output_name}-${var.version}"
+    source_path      = "${var.output_dir}/${var.version}/base/${local.output_name}-${var.version}.vmx"
+    boot_command     = [ "<enter><enter><wait>" ]
+    ssh_clear_authorized_keys = true
+    vmx_data_post = {
+      "memsize" = "2048",
+      "numvcpus" = "2",
+    }
+  }
+
+  // Clone ansible-role-sso repository
+  provisioner "ansible" {
+    playbook_file = "${local.locations.provisionning}/hydra/clone-role-sso.yml"
+    // Manjaro/Arch OpenSSH version compatibility mode
+    // See https://github.com/hashicorp/packer/issues/11783
+    extra_arguments = [ "--scp-extra-args", "'-O'", "-v" ]
+  }
+
+  // Run ansible-role-sso playbook from cloned repository
+  provisioner "ansible" {
+    playbook_file = "${local.locations.provisionning}/hydra/run-role-sso.yml"
+    // Manjaro/Arch OpenSSH version compatibility mode
+    // See https://github.com/hashicorp/packer/issues/11783
+    extra_arguments = [ "--scp-extra-args", "'-O'", "-v", "--extra-vars=@${local.locations.provisionning}/hydra/ansible-vars.yml" ]
+  }
+
+  // Copy ssh Cadoles keys
+  provisioner "file" {
+    destination = "/tmp"
+    source = "${local.locations.provisionning}/ssh/cadoles/"
+  }
+
+  // Copy CNOUS SSH keys
+  provisioner "file" {
+    destination = "/tmp"
+    source = "${local.locations.provisionning}/ssh/cnous/"
+  }
+
+  provisioner "shell" {
+    inline = [
+      "sh -cx 'cat /tmp/*.pub >> /root/.ssh/authorized_keys'",
+      "sh -cx 'chmod -R 600 /root/.ssh/authorized_keys'"
+    ]
+  }
+
+  post-processor "shell-local" {
+    inline = [
+      "/bin/sh ${path.cwd}/post-processors/sparsify.sh ${var.output_dir}/${var.version}/hydra ${var.image_version}",
+    ]
+  }
+
+  post-processor "manifest" {
+    keep_input_artifact = true
+  }
+}

recipes/debian/provisionning/hydra/.gitignore

@@ -0,0 +1 @@
+/role-sso

recipes/debian/provisionning/hydra/ansible-vars.yml

@@ -0,0 +1,11 @@
+---
+hydra_use_external_database: true
+
+enable_hydra_dispatcher: true
+enable_hydra_passwordless: false
+enable_hydra_saml: true
+enable_hydra_oidc: true
+enable_hydra_ldap: false
+enable_oidc_test_app: false
+
+install_only: true

recipes/debian/provisionning/hydra/clone-role-sso.yml

@@ -0,0 +1,10 @@
+---
+- name: Ciblage de la machine locale
+  hosts: localhost
+  connection: local
+  tasks:
+    - name: Clonage du projet "Cadoles/ansible-role-sso"
+      ansible.builtin.git:
+        repo: "ssh://git@forge.cadoles.com:2222/Cadoles/ansible-role-sso.git"
+        dest: "role-sso"
+        version: "master"

recipes/debian/provisionning/hydra/run-role-sso.yml

@@ -0,0 +1,3 @@
+---
+- hosts: all
+  roles: [ role-sso ]

recipes/debian/provisionning/ssh/cnous/nmelin.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOsoXFfQcqFp6+5QbB1o1ZpjCGeiPMM9aOK2DoZoMM/7 nicolas.melin@cnous.fr

recipes/debian/provisionning/ssh/cnous/operrot.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwyKvtyfZibpHNDDsfg7N6PHPnv9AzA2PowGd7iqF6YRv6CgGPnUixWE791bmekr57TR1QwW58aSEPSQMfLBwo0OwZ7GXYbOb9Fdb6WHAUJHSyMNsFvakgjq0g7TERMw3UksiYpUBCLgvWhF5jNjKsXgK3LyMUVqJs9KlUBt6elxy3CWoMYaWVJTQwXqLEbvr7W9F1rb9PQi80vxcSZXgk5XPPZH4vh7oN7GLB5UwaTFRh4lcup0xnV938gSgLxttPg4t5li5cmvXXMgtCrIDj7JPh9Cic+UXo80cV14nOpX23nuu408Veys/4p5tYiYFCg6NnUtW2dJrfyga9W1h6nc/6JaY8aXdoE+pi7lL7XrMvJPQxVYdwA9rPUBSZAIOmZQQx2aKFMsXocyVXQDzLQyg8lAF9gbMkjXH7DluXd+s0OAdijW9VFxhjutojaC76vhH+ZqSq511vdCTuq+6juW/By/pYQRtKiL1jJqfQoC+JU8RmOVOml5ciT7I0OM/0dakdIMYINX1FaRuSYb8wm0k3pKh+PGmMigja5lY7Bv8M89gRRw+8bJ42h5XkR0Jd04Wagd9eFXvaLa9OdarwF5rE2d6NM5Gfr2wJ4XuDMC7C3r/b6U3sZr6CWvQ5URrXS9OLtZG09DtEGIIuMcu0pgqclitVDi06Ffz5dZMnVQ== olivier.perrot@cnous.fr

recipes/debian/readme.hydra.md

@@ -0,0 +1,23 @@
+# Flavor "Hydra"
+
+## Construction de l'image
+
+1. Lancer la construction de l'image de la machine virtuelle
+
+    ```
+    PACKER_OPTS="-var headless=false" ./build start debian 12
+    ```
+
+    ou si l'image Debian de base est déjà construite:
+
+    ```
+    BUILDER="vmware-vmx" PACKER_OPTS="-var headless=false" ./build run debian 12 hydra
+    ```
+
+    > **Tip** Le paramètre `PACKER_OPTS="-var headless=false"` n'est nécessaire que dans le cas où vous souhaitez l'exécuteur VMWare avec son interface graphique.
+
+## Générer le fichier OVF à partir de l'OVA
+
+```
+ovftool output/debian/12.2.0/hydra/hydra-debian-12.2.0.ova output/debian/12.2.0/hydra/hydra-debian-12.2.0.ovf
+```