Recette de construction de l'image "Quid" basée sur Debian 12 #6
|
@ -0,0 +1,2 @@
|
||||||
|
/output
|
||||||
|
/packer-manifest.json
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"ansible.python.interpreterPath": "/bin/python"
|
||||||
|
}
|
6
build
6
build
|
@ -1,5 +1,7 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -eo pipefail
|
||||||
|
|
||||||
# Simple build wrapper
|
# Simple build wrapper
|
||||||
|
|
||||||
ACTION=${1}
|
ACTION=${1}
|
||||||
|
@ -25,8 +27,8 @@ initPacker() {
|
||||||
# First the "base" image then the provisionned ones
|
# First the "base" image then the provisionned ones
|
||||||
#
|
#
|
||||||
run() {
|
run() {
|
||||||
${PACKER} build ${PACKER_OPTS} -var-file="${RCP_DIR}/${OS}/${VERSION}.pkrvars.hcl" -only="base.${BUILDER}.${OS}" "${RCP_DIR}/${OS}/."
|
${PACKER} build ${PACKER_OPTS} -on-error=abort -var-file="${RCP_DIR}/${OS}/${VERSION}.pkrvars.hcl" -only="base.*.${OS}" "${RCP_DIR}/${OS}/."
|
||||||
${PACKER} build ${PACKER_OPTS} -force -var-file="${RCP_DIR}/${OS}/${VERSION}.pkrvars.hcl" -except="base.${BUILER}.${OS}" "${RCP_DIR}/${OS}/."
|
${PACKER} build ${PACKER_OPTS} -on-error=abort -force -var-file="${RCP_DIR}/${OS}/${VERSION}.pkrvars.hcl" -except="base.*.${OS}" "${RCP_DIR}/${OS}/."
|
||||||
}
|
}
|
||||||
|
|
||||||
#
|
#
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
name = "debian"
|
||||||
|
version = "12.2.0"
|
||||||
|
short_version = "12"
|
||||||
|
code_name = "bookworm"
|
||||||
|
arch = "amd64"
|
||||||
|
source_url = "https://cdimage.debian.org/cdimage/release/12.2.0"
|
||||||
|
image_dir_name= "latest"
|
|
@ -0,0 +1,6 @@
|
||||||
|
locals {
|
||||||
|
builder_config = {
|
||||||
|
TemplateDir = "/usr/share/builder/templates"
|
||||||
|
ValueDir = "/usr/share/builder/values"
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,5 @@
|
||||||
|
locals {
|
||||||
|
Globals = {
|
||||||
|
Vars = {}
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,20 @@
|
||||||
|
# "timestamp" template function replacement
|
||||||
|
locals {
|
||||||
|
locations = {
|
||||||
|
recipes = "${path.cwd}/recipes/${var.name}"
|
||||||
|
templates = "${path.cwd}/recipes/${var.name}/templates"
|
||||||
|
provisionning = "${path.cwd}/recipes/${var.name}/provisionning"
|
||||||
|
post-processors = "${path.cwd}/recipes/${var.name}/post-processor"
|
||||||
|
tools = "${path.cwd}/tools"
|
||||||
|
}
|
||||||
|
dirs = local.locations
|
||||||
|
timestamp = regex_replace(timestamp(), "[- TZ:]", "")
|
||||||
|
output_name = "${var.name}"
|
||||||
|
source_iso = "${var.source_url}/${var.arch}/iso-cd/debian-${var.version}-${var.arch}-netinst.iso"
|
||||||
|
iso_cd_checksum = "file:${var.source_url}/${var.arch}/iso-cd/SHA256SUMS"
|
||||||
|
ssh_user = "root"
|
||||||
|
ssh_password = "toor"
|
||||||
|
disk_size = 8000
|
||||||
|
memory = 512
|
||||||
|
headless = var.headless
|
||||||
|
}
|
|
@ -0,0 +1,43 @@
|
||||||
|
#Flavour base
|
||||||
|
build {
|
||||||
|
name = "base"
|
||||||
|
description = <<EOF
|
||||||
|
This builder builds a QEMU image from a Debian cloud image.
|
||||||
|
EOF
|
||||||
|
|
||||||
|
source "vmware-iso.debian" {
|
||||||
|
output_directory = "${var.output_dir}/${var.version}/base"
|
||||||
|
vm_name = "${local.output_name}-${var.version}"
|
||||||
|
disk_size = 10240
|
||||||
pcaseiro marked this conversation as resolved
|
|||||||
|
iso_url = "${local.source_iso}"
|
||||||
|
iso_checksum = "${var.iso_cd_checksum}"
|
||||||
|
guest_os_type = "ubuntu-64"
|
||||||
|
http_content = {
|
||||||
|
"/ssh-packer-pub.key" = data.sshkey.install.public_key
|
||||||
|
"/preseed.cfg" = templatefile("${local.locations.provisionning}/${var.name}/http/preseed.cfg.pkrtpl.hcl", { data: data, var: var, local: local })
|
||||||
|
}
|
||||||
|
boot_command = [
|
||||||
|
"<esc><wait>",
|
||||||
|
"auto url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg<enter><wait10s>",
|
||||||
|
"<enter>"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
provisioner "shell" {
|
||||||
|
script = "${local.locations.provisionning}/${var.name}/${var.name}-${var.short_version}-install.sh"
|
||||||
|
}
|
||||||
|
|
||||||
|
provisioner "shell" {
|
||||||
|
script = "${local.locations.provisionning}/letsencrypt.sh"
|
||||||
|
}
|
||||||
|
|
||||||
|
post-processor "shell-local" {
|
||||||
|
inline = [
|
||||||
|
"/bin/sh ${path.cwd}/post-processors/sparsify.sh ${var.output_dir}/${var.version}/base ${var.image_version}",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
post-processor "manifest" {
|
||||||
|
keep_input_artifact = true
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,24 @@
|
||||||
|
packer {
|
||||||
|
required_plugins {
|
||||||
|
sshkey = {
|
||||||
|
version = ">= 1.0.1"
|
||||||
|
source = "github.com/ivoronin/sshkey"
|
||||||
|
}
|
||||||
|
vmware = {
|
||||||
|
version = ">= 1.0.8"
|
||||||
|
source = "github.com/hashicorp/vmware"
|
||||||
|
}
|
||||||
|
qemu = {
|
||||||
|
source = "github.com/hashicorp/qemu"
|
||||||
|
version = "~> 1"
|
||||||
|
}
|
||||||
|
ansible = {
|
||||||
|
version = "~> 1"
|
||||||
|
source = "github.com/hashicorp/ansible"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
data "sshkey" "install" {
|
||||||
|
type = "ed25519"
|
||||||
|
}
|
|
@ -0,0 +1,31 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
if [ "${#}" -ne 2 ]; then
|
||||||
|
echo Missing arguments
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
|
||||||
|
WORKDIR=${1}
|
||||||
|
VERSION=${2}
|
||||||
|
|
||||||
|
findImages() {
|
||||||
|
find ${1} -iname "*.img"
|
||||||
|
}
|
||||||
|
|
||||||
|
sleep 5
|
||||||
|
|
||||||
|
for imageName in $(findImages ${WORKDIR} ${DOMAIN}); do
|
||||||
|
if [ $(which virt-sparsify) ]; then
|
||||||
|
newName=$(echo $imageName | sed "s/.img/_${VERSION}.img/g")
|
||||||
|
virt-sparsify --compress --tmp ./ --format qcow2 ${imageName} ${newName}
|
||||||
|
if [ "${?}" -eq 0 ]; then
|
||||||
|
rm -rf ${imageName}
|
||||||
|
cd ${WORKDIR}
|
||||||
|
ln -s $(basename ${newName}) $(basename ${imageName})
|
||||||
|
echo ${newName} ${imageName}
|
||||||
|
cd -
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "Sparsify skipped 'virt-sparsify' command is missing"
|
||||||
|
fi
|
||||||
|
done
|
|
@ -0,0 +1,104 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
#
|
||||||
|
# Generate all the configuration files
|
||||||
|
# Get all the values from the VLS_DIR
|
||||||
|
# Process each template from the TPL_DIR with this values
|
||||||
|
#
|
||||||
|
|
||||||
|
ENV_FILE=${ENV_FILE:-/var/run/one-context/one_env}
|
||||||
|
TPL_DIR="/usr/share/builder/templates"
|
||||||
|
VLS_DIR="/usr/share/builder/values"
|
||||||
|
CONFIG=""
|
||||||
|
|
||||||
|
if [ -f "${ENV_FILE}" ]; then
|
||||||
|
. ${ENV_FILE}
|
||||||
|
fi
|
||||||
|
|
||||||
|
BTR="$(command -v btr)"
|
||||||
|
if [ "${?}" -ne 0 ]; then
|
||||||
|
echo "Warning: Nothing to do the templater is not installed"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${TPL_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${TPL_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${VLS_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${VLS_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
jsonQuery() {
|
||||||
|
local data="${1}"
|
||||||
|
local query="${2}"
|
||||||
|
echo "${data}" | jq -cr "${query}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# NAME: @jsonMerge
|
||||||
|
# AIM: Merge two json structures
|
||||||
|
# NOTES:
|
||||||
|
# The last one has de last word
|
||||||
|
# if you have the same key in A and B
|
||||||
|
# this keeps the value of the B structure.
|
||||||
|
# PARAMS:
|
||||||
|
# $1: original JSON Structure
|
||||||
|
# $2: updated JSON Structure
|
||||||
|
jsonMerge() {
|
||||||
|
local data="${1}"
|
||||||
|
local data2="${2}"
|
||||||
|
|
||||||
|
echo "${data} ${data2}" | jq -cr -s ".[0] * .[1]"
|
||||||
|
}
|
||||||
|
|
||||||
|
jsonUpdateVal() {
|
||||||
|
local json="${1}"
|
||||||
|
local key="${2}"
|
||||||
|
local value="${3}"
|
||||||
|
|
||||||
|
echo "${json}" | jq --arg a "${value}" "${key} = \$a"
|
||||||
|
}
|
||||||
|
|
||||||
|
getValues() {
|
||||||
|
|
||||||
|
local values=""
|
||||||
|
|
||||||
|
for file in $(find ${VLS_DIR} -name "*.json"); do
|
||||||
|
values="${values}$(cat ${file})"
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ -n "${RAW_CONFIG}" ]; then
|
||||||
|
values="$(jsonMerge ${values} ${RAW_CONFIG})"
|
||||||
|
fi
|
||||||
|
|
||||||
|
for svc in $(echo ${values} | jq -cr '.Services|keys[]'); do
|
||||||
|
for key in $(echo ${values} | jq -cr ".Services.${svc}.Vars|keys[]"); do
|
||||||
|
ukey=${key^^}
|
||||||
|
vkeys="$(echo ${values} | jq -cr \".Services.${svc}.Vars.${key}\|keys[]\")"
|
||||||
|
if [ ${?} -eq 0 ]; then
|
||||||
|
for var in $(echo ${values} | jq -cr ".Services.${svc}.Vars.${key}|keys[]"); do
|
||||||
|
uvar=${var^^}
|
||||||
|
val=$(eval echo "\$${ukey}_${uvar}")
|
||||||
|
if [ -n "${val}" ]; then
|
||||||
|
values=$(jsonUpdateVal "${values}" ".Services.${svc}.Vars.${key}.${var}" "${val}")
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
values=$(jsonUpdateVal "${values}" ".Services.${svc}.Vars.${key}" "${!ukey}")
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
done
|
||||||
|
echo ${values}
|
||||||
|
}
|
||||||
|
|
||||||
|
processTemplates() {
|
||||||
|
${BTR} -t ${TPL_DIR} -c "${1}"
|
||||||
|
}
|
||||||
|
|
||||||
|
VALUES=$(getValues)
|
||||||
|
file=$(mktemp)
|
||||||
|
echo "${VALUES}" > "${file}"
|
||||||
|
processTemplates "${file}"
|
||||||
|
rm -rf "${file}"
|
|
@ -0,0 +1,80 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
#
|
||||||
|
# Generate all the configuration files
|
||||||
|
# Get all the values from the VLS_DIR
|
||||||
|
# Process each template from the TPL_DIR with this values
|
||||||
|
#
|
||||||
|
|
||||||
|
ENV_FILE=${ENV_FILE:-/var/run/one-context/one_env}
|
||||||
|
TPL_DIR="/usr/share/builder/templates"
|
||||||
|
VLS_DIR="/usr/share/builder/values"
|
||||||
|
CONFIG=""
|
||||||
|
|
||||||
|
. ${ENV_FILE}
|
||||||
|
|
||||||
|
BTR="$(command -v btr)"
|
||||||
|
if [ "${?}" -ne 0 ]; then
|
||||||
|
echo "Warning: Nothing to do the templater is not installed"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${TPL_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${TPL_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${VLS_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${VLS_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
jsonQuery() {
|
||||||
|
local data="${1}"
|
||||||
|
local query="${2}"
|
||||||
|
echo "${data}" | jq -cr "${query}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# NAME: @jsonMerge
|
||||||
|
# AIM: Merge two json structures
|
||||||
|
# NOTES:
|
||||||
|
# The last one has de last word
|
||||||
|
# if you have the same key in A and B
|
||||||
|
# this keeps the value of the B structure.
|
||||||
|
# PARAMS:
|
||||||
|
# $1: original JSON Structure
|
||||||
|
# $2: updated JSON Structure
|
||||||
|
jsonMerge() {
|
||||||
|
local data="${1}"
|
||||||
|
local data2="${2}"
|
||||||
|
|
||||||
|
echo "${data} ${data2}" | jq -cr -s ".[0] * .[1]"
|
||||||
|
}
|
||||||
|
|
||||||
|
getValues() {
|
||||||
|
|
||||||
|
local values=""
|
||||||
|
|
||||||
|
for file in $(find ${VLS_DIR} -name "*.json"); do
|
||||||
|
values="${values}$(cat ${file})"
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ -n "${RAW_CONFIG}" ]; then
|
||||||
|
values="$(jsonMerge ${values} ${RAW_CONFIG})"
|
||||||
|
fi
|
||||||
|
|
||||||
|
for key in $(echo ${values} | jq -cr '.|keys[]'); do
|
||||||
|
ukey=${key^^}
|
||||||
|
if [ -n "${!ukey}" ]; then
|
||||||
|
values="$(jsonMerge "${values}" "{\"${key}\":\"${!ukey}\"}")"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
echo ${values}
|
||||||
|
}
|
||||||
|
|
||||||
|
processTemplates() {
|
||||||
|
${BTR} -t ${TPL_DIR} -c "${1}"
|
||||||
|
}
|
||||||
|
VALUES=$(getValues)
|
||||||
|
echo ${VALUES}
|
||||||
|
processTemplates "${VALUES}"
|
|
@ -0,0 +1,3 @@
|
||||||
|
{
|
||||||
|
"instance-id": "iid-local01"
|
||||||
|
}
|
|
@ -0,0 +1,11 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
echo "${1}" >/etc/hostname
|
||||||
|
|
||||||
|
apt-get update
|
||||||
|
apt-get -y dist-upgrade
|
||||||
|
apt-get install wget curl open-vm-tools -y
|
||||||
|
|
||||||
|
systemctl enable --now open-vm-tools.service
|
||||||
|
|
||||||
|
touch /etc/cloud/cloud-init.disabled
|
|
@ -0,0 +1,115 @@
|
||||||
|
# To see all available options execute this command once the install is done:
|
||||||
|
# sudo less /var/log/installer/cdebconf/questions.dat
|
||||||
|
# If you need information about an option use the command below (example for keymap):
|
||||||
|
# grep -A 4 "keyboard-configuration/xkb-keymap" /var/log/installer/cdebconf/templates.dat
|
||||||
|
|
||||||
|
# Use network mirror for package installation
|
||||||
|
# d-i apt-setup/use_mirror boolean true
|
||||||
|
|
||||||
|
# Automatic installation
|
||||||
|
d-i auto-install/enable boolean true
|
||||||
|
|
||||||
|
# "linux-server" is substituted by "linux-image-amd64"
|
||||||
|
# Possible options : "linux-image-amd64"(default) or "linux-image-rt-amd64"
|
||||||
|
d-i base-installer/kernel/override-image string linux-server
|
||||||
|
|
||||||
|
# Configure hardware clock
|
||||||
|
d-i clock-setup/utc boolean true
|
||||||
|
d-i clock-setup/utc-auto boolean true
|
||||||
|
|
||||||
|
d-i netcfg/choose_interface select auto
|
||||||
|
d-i netcfg/use_dhcp boolean true
|
||||||
|
|
||||||
|
# d-i console-setup/ask_detect boolean false
|
||||||
|
|
||||||
|
# d-i debconf/frontend select noninteractive
|
||||||
|
|
||||||
|
# Set OS locale
|
||||||
|
d-i debian-installer/language string fr
|
||||||
|
d-i debian-installer/country string FR
|
||||||
|
d-i debian-installer/locale string fr_FR.UTF-8
|
||||||
|
|
||||||
|
# d-i debian-installer/framebuffer boolean false
|
||||||
|
|
||||||
|
# Reboot once the install is done
|
||||||
|
d-i finish-install/reboot_in_progress note
|
||||||
|
|
||||||
|
# Bootloader options
|
||||||
|
d-i grub-installer/only_debian boolean true
|
||||||
|
d-i grub-installer/with_other_os boolean true
|
||||||
|
d-i grub-installer/bootdev string /dev/sda
|
||||||
|
|
||||||
|
# Set the keyboard layout
|
||||||
|
d-i console-setup/ask_detect boolean false
|
||||||
|
d-i keyboard-configuration/variant select France
|
||||||
|
d-i keyboard-configuration/xkb-keymap select fr
|
||||||
|
d-i console-keymaps-at/keymap select fr-latin9
|
||||||
|
d-i debian-installer/keymap string fr-latin9
|
||||||
|
|
||||||
|
# Mirror from which packages will be downloaded
|
||||||
|
d-i mirror/country string manual
|
||||||
|
d-i mirror/http/directory string /debian
|
||||||
|
d-i mirror/http/hostname string httpredir.debian.org
|
||||||
|
|
||||||
|
# Configure http proxy if needed "http://[[user][:pass]@]host[:port]/"
|
||||||
|
d-i mirror/http/proxy string
|
||||||
|
|
||||||
|
# Disk configuration
|
||||||
|
d-i partman-efi/non_efi_system boolean true
|
||||||
|
d-i partman-auto-lvm/guided_size string max
|
||||||
|
d-i partman-auto/choose_recipe select atomic
|
||||||
|
d-i partman-auto/method string lvm
|
||||||
|
d-i partman-lvm/confirm boolean true
|
||||||
|
d-i partman-lvm/confirm_nooverwrite boolean true
|
||||||
|
d-i partman-lvm/device_remove_lvm boolean true
|
||||||
|
d-i partman/choose_partition select finish
|
||||||
|
d-i partman/confirm boolean true
|
||||||
|
d-i partman/confirm_nooverwrite boolean true
|
||||||
|
d-i partman/confirm_write_new_label boolean true
|
||||||
|
|
||||||
|
# User configuration
|
||||||
|
d-i passwd/root-login boolean true
|
||||||
|
d-i passwd/root-password password ${local.ssh_password}
|
||||||
|
d-i passwd/root-password-again password ${local.ssh_password}
|
||||||
|
d-i passwd/user-fullname string packer
|
||||||
|
d-i passwd/user-uid string 1000
|
||||||
|
d-i passwd/username string packer
|
||||||
|
d-i passwd/user-password password ${local.ssh_password}
|
||||||
|
d-i passwd/user-password-again password ${local.ssh_password}
|
||||||
|
|
||||||
|
# Extra packages to be installed
|
||||||
|
d-i pkgsel/include string sudo
|
||||||
|
d-i pkgsel/include string openssh-server
|
||||||
|
d-i pkgsel/include string wget
|
||||||
|
d-i pkgsel/include string cloud-init
|
||||||
|
|
||||||
|
d-i pkgsel/install-language-support boolean false
|
||||||
|
d-i pkgsel/update-policy select none
|
||||||
|
|
||||||
|
# Whether to upgrade packages after debootstrap
|
||||||
|
d-i pkgsel/upgrade select full-upgrade
|
||||||
|
|
||||||
|
# Set timezone
|
||||||
|
d-i time/zone string Europe/Paris
|
||||||
|
|
||||||
|
# Allow weak user password
|
||||||
|
d-i user-setup/allow-password-weak boolean true
|
||||||
|
|
||||||
|
# Home folder encryption
|
||||||
|
d-i user-setup/encrypt-home boolean false
|
||||||
|
|
||||||
|
# Do not scan additional CDs
|
||||||
|
apt-cdrom-setup apt-setup/cdrom/set-first boolean false
|
||||||
|
|
||||||
|
# Use network mirror
|
||||||
|
apt-mirror-setup apt-setup/use_mirror boolean true
|
||||||
|
|
||||||
|
# Disable polularity contest
|
||||||
|
popularity-contest popularity-contest/participate boolean false
|
||||||
|
|
||||||
|
# Select base install
|
||||||
|
tasksel tasksel/first multiselect standard, ssh-server
|
||||||
|
|
||||||
|
d-i preseed/late_command string in-target mkdir -p /root/.ssh; \
|
||||||
|
in-target /bin/sh -c "echo '${data.sshkey.install.public_key}' >> /root/.ssh/authorized_keys"; \
|
||||||
|
in-target chown -R root:root /root/.ssh/
|
|
@ -0,0 +1,26 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -eo pipefail
|
||||||
|
|
||||||
|
DESTDIR=/usr/local/share/ca-certificates
|
||||||
|
UPDATE_CERTS_CMD=update-ca-certificates
|
||||||
|
CERTS="$(cat <<EOF
|
||||||
|
https://letsencrypt.org/certs/isrgrootx1.pem
|
||||||
|
https://letsencrypt.org/certs/isrg-root-x2.pem
|
||||||
|
https://letsencrypt.org/certs/lets-encrypt-r3.pem
|
||||||
|
https://letsencrypt.org/certs/lets-encrypt-e1.pem
|
||||||
|
https://letsencrypt.org/certs/lets-encrypt-r4.pem
|
||||||
|
https://letsencrypt.org/certs/lets-encrypt-e2.pem
|
||||||
|
EOF
|
||||||
|
)"
|
||||||
|
|
||||||
|
cd "$DESTDIR"
|
||||||
|
|
||||||
|
for cert in $CERTS; do
|
||||||
|
echo "Downloading '$cert'..."
|
||||||
|
filename=$(basename "$cert")
|
||||||
|
wget --tries=10 --timeout=30 -O "$filename" "$cert"
|
||||||
|
openssl x509 -in "$filename" -inform PEM -out "$filename.crt"
|
||||||
|
done
|
||||||
|
|
||||||
|
$UPDATE_CERTS_CMD
|
|
@ -0,0 +1,12 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
ONE_CONTEXT_VERSION="6.4.0"
|
||||||
|
ONE_CONTEXT_PKG_VERSION="1"
|
||||||
|
PKG="one-context-${ONE_CONTEXT_VERSION}-r${ONE_CONTEXT_PKG_VERSION}.apk"
|
||||||
|
PKG_URL="https://github.com/OpenNebula/addon-context-linux/releases/download/v${ONE_CONTEXT_VERSION}/${PKG}"
|
||||||
|
|
||||||
|
cd /tmp || exit 3
|
||||||
|
wget -q --no-check-certificate ${PKG_URL}
|
||||||
|
apk add --allow-untrusted --no-cache ${PKG}
|
||||||
pcaseiro marked this conversation as resolved
pcaseiro
commented
Pas certain que ce fichier soit à jour pour Debian ... :'D Pas certain que ce fichier soit à jour pour Debian ... :'D
|
|
@ -0,0 +1,102 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
#
|
||||||
|
# Generate all the configuration files
|
||||||
|
# Get all the values from the VLS_DIR
|
||||||
|
# Process each template from the TPL_DIR with this values
|
||||||
|
#
|
||||||
|
|
||||||
|
ENV_FILE=${ENV_FILE:-/var/run/one-context/one_env}
|
||||||
|
TPL_DIR="/usr/share/builder/templates"
|
||||||
|
VLS_DIR="/usr/share/builder/values"
|
||||||
|
CONFIG=""
|
||||||
|
|
||||||
|
. ${ENV_FILE}
|
||||||
|
|
||||||
|
BTR="$(command -v btr)"
|
||||||
|
if [ "${?}" -ne 0 ]; then
|
||||||
|
echo "Warning: Nothing to do the templater is not installed"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${TPL_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${TPL_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -e "${VLS_DIR}" ]; then
|
||||||
|
echo "Error: The template dir is missing (${VLS_DIR})"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
jsonQuery() {
|
||||||
|
local data="${1}"
|
||||||
|
local query="${2}"
|
||||||
|
echo "${data}" | jq -cr "${query}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# NAME: @jsonMerge
|
||||||
|
# AIM: Merge two json structures
|
||||||
|
# NOTES:
|
||||||
|
# The last one has de last word
|
||||||
|
# if you have the same key in A and B
|
||||||
|
# this keeps the value of the B structure.
|
||||||
|
# PARAMS:
|
||||||
|
# $1: original JSON Structure
|
||||||
|
# $2: updated JSON Structure
|
||||||
|
jsonMerge() {
|
||||||
|
local data="${1}"
|
||||||
|
local data2="${2}"
|
||||||
|
|
||||||
|
echo "${data} ${data2}" | jq -cr -s ".[0] * .[1]"
|
||||||
|
}
|
||||||
|
|
||||||
|
jsonUpdateVal() {
|
||||||
|
local json="${1}"
|
||||||
|
local key="${2}"
|
||||||
|
local value="${3}"
|
||||||
|
|
||||||
|
echo "${json}" | jq --arg a "${value}" "${key} = \$a"
|
||||||
|
}
|
||||||
|
|
||||||
|
getValues() {
|
||||||
|
|
||||||
|
local values=""
|
||||||
|
|
||||||
|
for file in $(find ${VLS_DIR} -name "*.json"); do
|
||||||
|
values="${values}$(cat ${file})"
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ -n "${RAW_CONFIG}" ]; then
|
||||||
|
values="$(jsonMerge ${values} ${RAW_CONFIG})"
|
||||||
|
fi
|
||||||
|
|
||||||
|
for svc in $(echo ${values} | jq -cr '.Services|keys[]'); do
|
||||||
|
for key in $(echo ${values} | jq -cr ".Services.${svc}.Vars|keys[]"); do
|
||||||
|
ukey=${key^^}
|
||||||
|
vkeys="$(echo ${values} | jq -cr \".Services.${svc}.Vars.${key}\|keys[]\")"
|
||||||
|
if [ ${?} -eq 0 ]; then
|
||||||
|
for var in $(echo ${values} | jq -cr ".Services.${svc}.Vars.${key}|keys[]"); do
|
||||||
|
uvar=${var^^}
|
||||||
|
val=$(eval echo "\$${ukey}_${uvar}")
|
||||||
|
if [ -n "${val}" ]; then
|
||||||
|
values=$(jsonUpdateVal "${values}" ".Services.${svc}.Vars.${key}.${var}" "${val}")
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
values=$(jsonUpdateVal "${values}" ".Services.${svc}.Vars.${key}" "${!ukey}")
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
done
|
||||||
|
echo ${values}
|
||||||
|
}
|
||||||
|
|
||||||
|
processTemplates() {
|
||||||
|
${BTR} -t ${TPL_DIR} -c "${1}"
|
||||||
|
}
|
||||||
|
|
||||||
|
VALUES=$(getValues)
|
||||||
|
file=$(mktemp)
|
||||||
|
echo "${VALUES}" > "${file}"
|
||||||
|
processTemplates "${file}"
|
||||||
|
rm -rf "${file}"
|
|
@ -0,0 +1,2 @@
|
||||||
|
/quid-ansible
|
||||||
|
/.ansible_vault_passphrase
|
|
@ -0,0 +1,137 @@
|
||||||
|
---
|
||||||
|
quid_ansible_repo_private_key: !vault |
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
63356330363932313165663737383634623039383935333233316532643433643930663630663337
|
||||||
|
3938373061393535383638356438396264363132333939320a616463333939643036396266653435
|
||||||
|
32373265633439633663306433393037376235323965343530333239356633326266336333333961
|
||||||
|
6663613239393639370a663135333562663264376533336166323062656333613636393263356233
|
||||||
|
66653132386131613436356364636432336166353938373837333036393931343063343632613832
|
||||||
|
32303862623536356638396337373661623666393839303861653837393032666366396334383466
|
||||||
|
66373866366662353062653939393631373535666261323965666465383566343064653838313237
|
||||||
|
64396466393834373538613430636134663463313331336330393238636561663566343535663537
|
||||||
|
35643434313030636139326362613832346536333166613061653136346439653231336239626363
|
||||||
|
33376362383034303033343539306134313033386434366534633033306564636661386530306431
|
||||||
|
34656461323164656135303931626536643330653338656162386262633033393030363333336534
|
||||||
|
31343732636363623061303238386137316464333030343733316262646639366531633566383635
|
||||||
|
64653166393134623835363865326639613732353562303665643331663431333034373337653336
|
||||||
|
65313563333439613938396264626464393037396264646237303034356638323139373665613265
|
||||||
|
62623933623064333332313265326431333931643332393166373765383962333639643033393736
|
||||||
|
39666365666662396334316666323933306561343032386436613932396666653330653936656635
|
||||||
|
64353361366539363034316434306239646463336564643939353238393264633235633737656365
|
||||||
|
31313130396532313839613764393636656365303636323437643939313030373464353636363037
|
||||||
|
35376439383531633265613734383463643562333763646131643134383262313736613261346237
|
||||||
|
36633839323833316165393439386136343161306266666331396163363464343132393936313231
|
||||||
|
35663530633132386633313138333835346630383265666638373836663737623933376661633936
|
||||||
|
31623863396439623661396135633537306132306435303430613433346362333934383033656434
|
||||||
|
31363437626463383039336438666662316664353536393139383236323835333738393332623138
|
||||||
|
30343264633964393461616633313837353632373935623462326461663965363962306337396231
|
||||||
|
36623661333934616237306137663130316533613461616136306334666138656534383539393331
|
||||||
|
32623464333030653930393563343031383362383233373235623433643037636463656638386334
|
||||||
|
38316362643736313038366339396165626164336230663538303166316332633337396231646663
|
||||||
|
35303130666135313632326162643632356534646630383163653966346365646334396532313335
|
||||||
|
38353539383630663936313939613638346536623739366164313132636463353666636338353562
|
||||||
|
65336663333937353630636565396537366261646464626163623465313962353039623432653335
|
||||||
|
39653662366335646437366639303736653434623137613633353664336534373965616436643837
|
||||||
|
37396239633533616136636165396333366162313736666366396363303536373235656234393332
|
||||||
|
34663330653738643931373465313939313236363935316237303566363234346330303534353736
|
||||||
|
35336639313233346437666236653931366331393530363432303065323234376436373830346664
|
||||||
|
30613335333062633563643565383065663361613737343537396230353339656234613264666232
|
||||||
|
36393831663264393437316362653734356236333165666361623134626438653536303862653965
|
||||||
|
62636431643738393437663762376261653231633038343365666361626466653634353030356566
|
||||||
|
65333436353939623233623964393833363461356133653564633164366630303034633237653138
|
||||||
|
64343230383036336430306164636134623930656532366232353561656237306435353839396661
|
||||||
|
36633861363830633964376165633339376264363735613965376437303666326665303839363566
|
||||||
|
36306239376230303463663836653931656231353531383561353838383565356363376134343334
|
||||||
|
33363430613935643839316137333765383537326231343734643766373865306262336166313763
|
||||||
|
33666530633938636537663539616334643933396232653665373335663964343631623233366430
|
||||||
|
63306361383332323936343461313231343730373333346337656461346136656531326332613537
|
||||||
|
39323335313061376439343034336466643934306538333030616139353564323432376531663464
|
||||||
|
35613462396430346533383061636132323961303938613365306531386462313730326639363461
|
||||||
|
36313839336232373938353537356663363034356238383264303462396534343035633461336334
|
||||||
|
38613737373430396132313465366363386365303265396261303434653463623265323237393734
|
||||||
|
38616262326461383739353235353835316638653263383938653233326336633532323561656433
|
||||||
|
34326634623130336135333931633635316464383139393639353731636432613832633265376332
|
||||||
|
32346161396332356530316365316362393130643833633264643136623733313963326161333535
|
||||||
|
61623835643931613461333033643636386339323137306663366563393463383266356433306362
|
||||||
|
32626430316137336536663232633061396232313935656562346437653238313130383837336361
|
||||||
|
61323865646637333037336335656462303065616237356463616631663539633433613263623932
|
||||||
|
61333236653836653436616161666330616239393331393139333231626464326339666433663461
|
||||||
|
33343539356634613363616662333562653162366532396337643163373738363637313738386362
|
||||||
|
30356634626536336264616263313438366336373962636438303634333130626433366536366436
|
||||||
|
33393461386337663366663132336136343930623464663062663930363663333566323734336631
|
||||||
|
63643866643262333735386433386662303263323038613862653563363230643065356439663264
|
||||||
|
36323666323331613663626533366130663766643036366430643734303561393234623539646463
|
||||||
|
38376132653234346633363238303265376431653663363861653037323436393037306436623962
|
||||||
|
66376536343032303863323138326334626166363930323530353161333737616261346631326364
|
||||||
|
36343239373365306266323832303531313037316234353537383436363866326533663437373537
|
||||||
|
31353038326439303839353139303362613264386434303236363336386665303861663438626135
|
||||||
|
39633361656130316335333965643966616263303563326639653534653931343261356133616461
|
||||||
|
63353664633636343438303936636632393963343235323537393064646138623934633237646139
|
||||||
|
33366664636664373135316366316163343266646435626636366534343061323464633464666430
|
||||||
|
36653231633565346334333362343734613861313465366530376266653939656163323236613139
|
||||||
|
31363165646134343236326663343534383031323431323162343566353938666365323265663931
|
||||||
|
62396466333730363261626465366431316332626236346364396536636165653330653531306330
|
||||||
|
63633564613330323637633761613066623135396132316636303130663534306562326535363733
|
||||||
|
31636639643632633232383938363563643732623364303732663133386434326236353635326439
|
||||||
|
37656138663166616231383264353763623066646337656363663839376536633235353838373465
|
||||||
|
37343237376138326337623565306137363833333165383166343233373438373261306433653734
|
||||||
|
65376361633165383034666337623832336262393831313831626564346231376561393365633437
|
||||||
|
65383236633036616538623861656439323866633864666434643262346632343865643462393237
|
||||||
|
36386463393936376437643065356461306235656233373561393965613461643035356634626335
|
||||||
|
38633664323265303563363636613130383236393339333330613239633765636232326265653864
|
||||||
|
31346361346364396166663930663435313230366631623363306136353833346138346433373730
|
||||||
|
36326536323166396562303733353835663234636136383539356139623433316537343039623761
|
||||||
|
66373231353639623533323837386339323462366137376363373030333762323830623535626433
|
||||||
|
36636162396439363436343330636162383864383837663236626237396562333032383162636165
|
||||||
|
36663833343062613362663739303639396139376166376234646663316239306261356561396535
|
||||||
|
30316331656464333137313333396132656636653932363834336336303635633865313165316434
|
||||||
|
63376461333137343164333634333139336539613839393237343336646261643038643833303461
|
||||||
|
30663763653864626133356439646664663331613666616133383830346331636438656639633065
|
||||||
|
38346562343531633166666436643138366235373562386137326535333936383832313962313233
|
||||||
|
65613265313538626565666339643866393165316363663664373066623962303435663635653738
|
||||||
|
65363262633236333339633636363233333232333332643837326163633061656135653763663539
|
||||||
|
39346365356266353336316461613336343039656330306530303961346133343765363036633734
|
||||||
|
65643563633631373133633031343532356461633461616430313331306335336131333062643230
|
||||||
|
33623331313566646130373833373137333733343534383239306630396335383539373736613862
|
||||||
|
39323265393438376437386261636162303535346638316464366431316439643463623237323563
|
||||||
|
31326633373964626266356435376231333933646139666166663232633132323832353034626132
|
||||||
|
37316235376265633762613536323735653134616233396439326239323933623465613932363332
|
||||||
|
61663862613330366134633534653632343865666562376438386563653066363635666136613534
|
||||||
|
62356433653861666634653536353163306539613061373936346538306134326561323564353936
|
||||||
|
62666139646238663230376132613334323138313261336338666433613231323633623636333938
|
||||||
|
31356334613334383839396535643764393938303931613835643037626530333534323063646164
|
||||||
|
33346363366334333063363564663638306461613838616564643938396234373961613130373738
|
||||||
|
32636533653666626261336138326335623366643737633763353066643263663161396239663432
|
||||||
|
66646233303739623032313439643763656464623865353963333330653833323763633362303434
|
||||||
|
61343530613530336461363038383731646663343764383262393534623530613033636665656233
|
||||||
|
38666162336332376436363335626365666134646532356534346264316465613336653664326461
|
||||||
|
66626537643465326661636164313166393761343231643831366362386431323664633134303062
|
||||||
|
37623863616165633236643139633736336537326533636632646666633466336230653165666333
|
||||||
|
39326566326665366364636631646237663534393631646633316231303835343837303233333565
|
||||||
|
65663163646566306331343766636461326333306662633337356135663938383166303532313566
|
||||||
|
31393932333037366237663465626434643564663036336139316636313163646439643934343436
|
||||||
|
65343462393337333161323236303233376532363963616433343133383631643937333662363063
|
||||||
|
39646536373865626230633466616162613333623462616139386166316662343034393761343339
|
||||||
|
63313263316662626563343130633837303932383134656432383232626163323634636462343662
|
||||||
|
62326665366431656239663564663838653631396366313861323935623364633266333739383861
|
||||||
|
63326264333236373333313566323937336232326461343839616533633639346435333162313237
|
||||||
|
38646638373735663163623231313463326263656531373536393934626632326433363634616337
|
||||||
|
61303035356263366166656565393565343733626439376533316266343038366366656538663830
|
||||||
|
61656661323936633964333433306165613334306436343832666561363565343631383538643631
|
||||||
|
35623839643133376335393331643962386532346437313933366133336364326533373436613833
|
||||||
|
66326237386161623332323130333839336363373330313435636634663532346130626230393333
|
||||||
|
61323361646537623235376135363033636261343365343735623963643066373631343235356536
|
||||||
|
39653136376661353837383839663965643334393861373235353035356235396235613562363061
|
||||||
|
33353339663165656432383230663033363861343032326663373632346634303231346462663836
|
||||||
|
65313963373139383765303838666634666431343734313532626438373961393839656236646263
|
||||||
|
32623264636434636531663138373466663032333463373232353333363534336435353664353238
|
||||||
|
66663562653238396637613463636133656133386163376637353439626133373032373762623465
|
||||||
|
63316335336662623039633837613666363766363931343865313330316362316561626438626533
|
||||||
|
65383465396536306562363163653132343263636363613434333966346166326263373038653266
|
||||||
|
62353734326365616361303135303561313131633637633461636539636666363162646238343265
|
||||||
|
32363065326330303666336638333439356135633764643830353135346139306366353831613564
|
||||||
|
36303763363031613531623336656637393337323035343532623239623735383932626463643866
|
||||||
|
30363138313964643664653834363861616565393065633231623961353532623434623832343930
|
||||||
|
66666330633633653030613237383063353064373661393965373333323565336434653837616336
|
||||||
|
32613737623064316233613434363031623238326132653434646237306234663538616463643230
|
||||||
|
3261376331343330613739346434313636613561626230656334
|
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
- name: Ciblage de la machine locale
|
||||||
|
hosts: localhost
|
||||||
|
connection: local
|
||||||
|
tasks:
|
||||||
|
- name: Clonage du projet "EFS/quid-ansible"
|
||||||
|
ansible.builtin.git:
|
||||||
|
repo: "ssh://git@forge.cadoles.com:2222/EFS/quid-ansible.git"
|
||||||
|
dest: "quid-ansible"
|
||||||
|
version: "master"
|
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
- import_playbook: quid-ansible/deploy.yml
|
|
@ -0,0 +1 @@
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDph3zh6ojSvH44k13z9B6xj+Hargo3uzkxnYv5s5NI4yagNuBXEc3aS++KdocND+FtVfLK+iVE8qHo2bvmpMmVkqU6WU2apN7DfIP0QGLlSGeo+UOZ9hGeEDlgVO4AOnZKZ5kPGBEPZ84JXuE9CmhKfwEVCK8w3B8XQttA8alFl4A4/4F14x2w4njsSLY1H3b0qah7hgYKU5zHIGLg8Lxx+1BxGIF0l5n5m5rqAskRNaF+aYbs0CcWHv49bPK0sJJ0qPV2r2sq8BlzuZFHExnZRIxpsIXdce4Bm4rdlGi7tBmmurLk4OOtDkwvhD0LMaNJf10k6QLSmRUTVzgsYz/dmGxopbMtwwIXkwi014uSZgi8wAuznXx5I4j2TUGPZHOVf+1iw/yaxWlgTVOSoX7ZxyhDgW5cCgZZGNzU5UWe0vUuVTB+hfSMj50/Q6+Vi92/mDMbPhm4nBoVzD5DT15mB+yGyN45Ej61m0JzVUyZexfvVaffEug1/u5dnwilP0WGKr4i2OXxOXtvSdAs5rlZjvppZk6IxRCwXIcPwEFL97ZrQZAxlVS5Nh+ZnlSwTe3zfQhzHj1ao0AdCAHFPUEdoUPJhSb0OjyCvZ9XZ1KCkXhuhuN/3IUhuoWl4soNCeC3KmU/USx1wda438Exj0hM1mTyBZScDPGyD9nw78DGw== Philippe Caseiro
|
|
@ -0,0 +1 @@
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDZxr8C81Dm5Zl2AtDzTVa8hFs04aV1z8ANrXYVHnLf7gEG4c1BI9iWbm94gVCQT4IvoKR5oZxjxGnx1a7VaX6h6dt33+p/s2IJiwG+9/DykPnImw+ALTcnMcyrwOYh68jnQIOGkYzK/VaHRzrvFNuoVWIU+FqfN+sW+bLQWi9v/K5oiup83xQBze6kjMEL2PT48bJwT/dQgP5cnTTEYwcOK/Yes1Cmb+VqjAs5B3uiHDoch10fy4b4duuALozPGhgoOfTLqe9Ekbt8PdIhUzGxFCw79W7IBA9vw79tYBy4B2et8Zb9sf+sMmxPINDkouYmfSnU0PjNjida7Tii2IEWbrb/qbSkRNcyIBmpGKz6VnSIvomv4FA9dGkOLYRyvTjAM6Shy5aiGV8F7T9hMxm3zGDjiVseyPVtMdSjM2SCx95uPCH5oSrj8M1OIjC2D+w3DsmTPFvTjA1gmKEYnXfFj82DvO+wDcbb6/DF2qS6y5rNpdnPWDb57iBqKeZISQ5x+h8arV0U3yItHoi7z4Cb51V29pdBE0xgFx5DE5akuPO3RC+BP0CK242HBdb94YXQCfmoQ1dV59mvu0ObAhP4CH/efOqONHXjTG9eurQyJWUr8yYO9DI7HkQHwvYDS7xuEO9yvs7gizm22FOTcxBPc4M/KFhPfnUs7Nyfw6I0Nw== vfebvre@cadoles.com
|
|
@ -0,0 +1,23 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
TOOL_DIR="${1:-/usr/local/bin}"
|
||||||
|
TOOL_USER="${2:-root}"
|
||||||
|
TOOL_GROUP="${3:-root}"
|
||||||
|
ATTACHMENT_URL="https://forge.cadoles.com/attachments/"
|
||||||
|
|
||||||
|
installTool() {
|
||||||
|
NAME="${1}"
|
||||||
|
URL="${2}"
|
||||||
|
|
||||||
|
curl -k -o ${TOOL_DIR}/${NAME} ${URL}
|
||||||
|
chmod +x ${TOOL_DIR}/${NAME}
|
||||||
|
}
|
||||||
|
|
||||||
|
apk add curl
|
||||||
pcaseiro marked this conversation as resolved
pcaseiro
commented
Ce fichier n'est pas non plus à jour pour Debian, mais d'un autre côté pas certain qu'il y ai un paquet templater pour Debian :D Ce fichier n'est pas non plus à jour pour Debian, mais d'un autre côté pas certain qu'il y ai un paquet templater pour Debian :D
|
|||||||
|
|
||||||
|
# Install templater
|
||||||
|
installTool "tpr" "https://forge.cadoles.com/attachments/242b3cba-8d07-4b89-80ab-7c12253a8524"
|
||||||
|
# Install bootstraper
|
||||||
|
installTool "btr" "https://forge.cadoles.com/attachments/e8442b2a-2065-4282-b4a4-648681fa044c"
|
|
@ -0,0 +1,27 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
#
|
||||||
|
# Quick and dirty script to add disk space
|
||||||
|
# It creates a new PV (with the additionnal disk),
|
||||||
|
# a new VG and a new LV with 100% disk space
|
||||||
|
# The names and devices are provided with env variables:
|
||||||
|
# - PV_DEVICE : The /dev/xxx device
|
||||||
|
# - VG_NAME: The new vg name
|
||||||
|
# - LV_NAME: Then new lv name
|
||||||
|
# - LV_MTP: The mount point for the FS created on the LV
|
||||||
|
# - LV_FS: The fstype of the new FS
|
||||||
|
#
|
||||||
|
if [ -e ${PV_DEVICE} ]; then
|
||||||
|
pvcreate ${PV_DEVICE}
|
||||||
|
vgcreate ${VG_NAME} ${PV_DEVICE}
|
||||||
|
lvcreate -Ay -l 100%FREE -n ${LV_NAME} ${VG_NAME}
|
||||||
|
mkfs.${LV_FS} /dev/${VG_NAME}/${LV_NAME}
|
||||||
|
if [ ! -d ${LV_MTP} ]; then
|
||||||
|
mkdir -p ${LV_MTP}
|
||||||
|
fi
|
||||||
|
mount /dev/${VG_NAME}/${LV_NAME} ${LV_MTP}
|
||||||
|
echo "/dev/${VG_NAME}/${LV_NAME} ${LV_MTP} ${LV_FS} rw,relatime 0 1" >> /etc/fstab
|
||||||
|
else
|
||||||
|
echo "${PV_DEVICE} is missing"
|
||||||
|
exit 3
|
||||||
|
fi
|
|
@ -0,0 +1,74 @@
|
||||||
|
#Flavour base
|
||||||
|
build {
|
||||||
|
name = "quid"
|
||||||
|
description = <<EOF
|
||||||
|
This builder builds a QEMU image from a Debian cloud image.
|
||||||
|
EOF
|
||||||
|
source "vmware-vmx.debian" {
|
||||||
|
output_directory = "${var.output_dir}/${var.version}/quid"
|
||||||
|
vm_name = "quid-${local.output_name}-${var.version}"
|
||||||
|
source_path = "${var.output_dir}/${var.version}/base/${local.output_name}-${var.version}.vmx"
|
||||||
|
boot_command = [ "<enter><enter><wait>" ]
|
||||||
|
ssh_clear_authorized_keys = true
|
||||||
|
disk_additional_size = [ 102400 ]
|
||||||
|
vmx_data = {
|
||||||
|
"scsi1.pcislotnumber" = "16"
|
||||||
|
"scsi1.present" = "TRUE"
|
||||||
|
"scsi1.virtualdev" = "lsilogic"
|
||||||
|
"scsi1:0.filename" = "disk-1.vmdk"
|
||||||
|
"scsi1:0.present" = "TRUE"
|
||||||
|
"scsi1:0.redo" = ""
|
||||||
|
}
|
||||||
|
vmx_data_post = {
|
||||||
|
"memsize" = "4096",
|
||||||
|
"numvcpus" = "2",
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Extend root logical volume with additional disk space
|
||||||
|
provisioner "shell" {
|
||||||
|
inline = [
|
||||||
|
"pvcreate /dev/sdb",
|
||||||
|
"vgextend debian-vg /dev/sdb",
|
||||||
|
"lvextend -l +100%FREE /dev/debian-vg/root",
|
||||||
|
"resize2fs /dev/debian-vg/root"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Store temporarily ansible vault password in local file
|
||||||
|
provisioner "shell-local" {
|
||||||
|
inline = ["echo '${var.quid_ansible_vault_passphrase}' > '${local.locations.provisionning}/quid/.ansible_vault_passphrase'"]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Clone quid-ansible repository
|
||||||
|
provisioner "ansible" {
|
||||||
|
playbook_file = "${local.locations.provisionning}/quid/clone-quid-ansible.yml"
|
||||||
|
// Manjaro/Arch OpenSSH version compatibility mode
|
||||||
|
// See https://github.com/hashicorp/packer/issues/11783
|
||||||
|
extra_arguments = [ "--scp-extra-args", "'-O'", "-v" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Run quid-ansible playbook from cloned repository
|
||||||
|
provisioner "ansible" {
|
||||||
|
playbook_file = "${local.locations.provisionning}/quid/run-quid-ansible.yml"
|
||||||
|
groups = ["quid_server"]
|
||||||
|
// Manjaro/Arch OpenSSH version compatibility mode
|
||||||
|
// See https://github.com/hashicorp/packer/issues/11783
|
||||||
|
extra_arguments = [ "--scp-extra-args", "'-O'", "-v", "--vault-password-file=${local.locations.provisionning}/quid/.ansible_vault_passphrase", "--extra-vars=@${local.locations.provisionning}/quid/ansible-vars.yml" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Remove ansible vault password file
|
||||||
|
provisioner "shell-local" {
|
||||||
|
inline = ["rm -f '${local.locations.provisionning}/quid/.ansible_vault_passphrase'"]
|
||||||
|
}
|
||||||
|
|
||||||
|
post-processor "shell-local" {
|
||||||
|
inline = [
|
||||||
|
"/bin/sh ${path.cwd}/post-processors/sparsify.sh ${var.output_dir}/${var.version}/quid ${var.image_version}",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
post-processor "manifest" {
|
||||||
|
keep_input_artifact = true
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,37 @@
|
||||||
|
# Flavor "Quid"
|
||||||
|
|
||||||
|
## Construction de l'image
|
||||||
|
|
||||||
|
1. Récupérer la phrase de passe pour les données chiffrées via `ansible-vault` dans le coffre-fort partagé (Section "Cadoles" -> "Kube").
|
||||||
|
|
||||||
|
2. Lancer la construction de l'image de la machine virtuelle
|
||||||
|
|
||||||
|
```
|
||||||
|
QUID_ANSIBLE_VAULT_PASSPHRASE="<passphrase>" PACKER_OPTS="-var headless=false" ./build start debian 12
|
||||||
|
```
|
||||||
|
|
||||||
|
ou si l'image Debian de base est déjà construite
|
||||||
|
|
||||||
|
```
|
||||||
|
QUID_ANSIBLE_VAULT_PASSPHRASE="<passphrase>" PACKER_OPTS="-var headless=false" BUILDER="vmware-vmx" ./build run debian 12 quid
|
||||||
|
```
|
||||||
|
|
||||||
|
> **Tip** Le paramètre `PACKER_OPTS="-var headless=false"` n'est nécessaire que dans le cas où vous souhaitez l'exécuteur VMWare avec son interface graphique.
|
||||||
|
|
||||||
|
## Générer le fichier OVF à partir de l'OVA
|
||||||
|
|
||||||
|
```
|
||||||
|
ovftool output/debian/12.2.0/quid/quid-debian-12.2.0.ova output/debian/12.2.0/quid/quid-debian-12.2.0.ovf
|
||||||
|
```
|
||||||
|
|
||||||
|
## Configuration de l'environnement Quid sur la machine virtuelle
|
||||||
|
|
||||||
|
1. Ajouter l'image de la machine sur votre environnement de virtualisation. Les fichiers sont normalement générés dans le répertoire `output/debian/12.2.0/quid`.
|
||||||
|
|
||||||
|
2. Démarrer la machine virtuelle. Le mot de passe par défaut du compte administrateur est `toor`.
|
||||||
|
|
||||||
|
3. Éditer le fichier `/etc/quid-ansible/config.yml` avec les valeurs correspondant à votre environnement de déploiement ([voir les valeurs par défaut](https://forge.cadoles.com/EFS/quid-ansible/src/branch/master/roles/quid-server/files/quid_ansible_default_config.yml))
|
||||||
|
|
||||||
|
4. Exécuter la commande `apply-config` pour mettre à jour la machine avec les valeurs présentes dans le fichier précédemment édité.
|
||||||
|
|
||||||
|
Pour plus d'informations voir la documentation du projet [`quid-ansible`](https://forge.cadoles.com/EFS/quid-ansible).
|
|
@ -0,0 +1,101 @@
|
||||||
|
source qemu "debian" {
|
||||||
|
cpus = 1
|
||||||
|
memory = "${local.memory}"
|
||||||
|
accelerator = "kvm"
|
||||||
|
vnc_bind_address = "0.0.0.0"
|
||||||
|
|
||||||
|
headless = local.headless
|
||||||
|
|
||||||
|
# Serve the `http` directory via HTTP, used for preseeding the Debian installer.
|
||||||
|
#http_directory = "${path.cwd}/recipes/${var.name}/provisionning/${var.name}/http"
|
||||||
|
http_port_min = 9990
|
||||||
|
http_port_max = 9999
|
||||||
|
|
||||||
|
# SSH ports to redirect to the VM being built
|
||||||
|
host_port_min = 2222
|
||||||
|
host_port_max = 2229
|
||||||
|
|
||||||
|
# This user is configured in the preseed file.
|
||||||
|
ssh_username = "${local.ssh_user}"
|
||||||
|
ssh_private_key_file = data.sshkey.install.private_key_path
|
||||||
|
ssh_wait_timeout = "1000s"
|
||||||
|
|
||||||
|
shutdown_command = "/sbin/poweroff"
|
||||||
|
|
||||||
|
# Builds a compact image
|
||||||
|
disk_compression = true
|
||||||
|
disk_discard = "unmap"
|
||||||
|
skip_compaction = false
|
||||||
|
disk_detect_zeroes = "unmap"
|
||||||
|
|
||||||
|
format = "qcow2"
|
||||||
|
|
||||||
|
boot_wait = "5s"
|
||||||
|
}
|
||||||
|
|
||||||
|
source "vmware-iso" "debian" {
|
||||||
|
cpus = 1
|
||||||
|
disk_type_id = 0
|
||||||
|
memory = "${local.memory}"
|
||||||
|
vnc_bind_address = "0.0.0.0"
|
||||||
|
|
||||||
|
headless = local.headless
|
||||||
|
|
||||||
|
# Serve the `http` directory via HTTP, used for preseeding the Debian installer.
|
||||||
|
#http_directory = "${path.cwd}/recipes/${var.name}/provisionning/${var.name}/http"
|
||||||
|
http_port_min = 9990
|
||||||
|
http_port_max = 9999
|
||||||
|
|
||||||
|
# SSH ports to redirect to the VM being built
|
||||||
|
#host_port_min = 2222
|
||||||
|
#host_port_max = 2229
|
||||||
|
|
||||||
|
# This user is configured in the preseed file.
|
||||||
|
ssh_username = "${local.ssh_user}"
|
||||||
|
ssh_private_key_file = data.sshkey.install.private_key_path
|
||||||
|
ssh_wait_timeout = "1000s"
|
||||||
|
|
||||||
|
shutdown_command = "/sbin/poweroff"
|
||||||
|
|
||||||
|
# Builds a compact image
|
||||||
|
#disk_compression = true
|
||||||
|
#disk_discard = "unmap"
|
||||||
|
skip_compaction = false
|
||||||
|
#disk_detect_zeroes = "unmap"
|
||||||
|
|
||||||
|
format = "ova"
|
||||||
|
|
||||||
|
boot_wait = "5s"
|
||||||
|
}
|
||||||
|
|
||||||
|
source "vmware-vmx" "debian" {
|
||||||
|
vnc_bind_address = "0.0.0.0"
|
||||||
|
|
||||||
|
headless = local.headless
|
||||||
|
|
||||||
|
# Serve the `http` directory via HTTP, used for preseeding the Debian installer.
|
||||||
|
#http_directory = "${path.cwd}/recipes/${var.name}/provisionning/${var.name}/http"
|
||||||
|
http_port_min = 9990
|
||||||
|
http_port_max = 9999
|
||||||
|
|
||||||
|
# SSH ports to redirect to the VM being built
|
||||||
|
#host_port_min = 2222
|
||||||
|
#host_port_max = 2229
|
||||||
|
|
||||||
|
# This user is configured in the preseed file.
|
||||||
|
ssh_username = "${local.ssh_user}"
|
||||||
|
ssh_private_key_file = data.sshkey.install.private_key_path
|
||||||
|
ssh_wait_timeout = "1000s"
|
||||||
|
|
||||||
|
shutdown_command = "/sbin/poweroff"
|
||||||
|
|
||||||
|
# Builds a compact image
|
||||||
|
#disk_compression = true
|
||||||
|
#disk_discard = "unmap"
|
||||||
|
skip_compaction = false
|
||||||
|
#disk_detect_zeroes = "unmap"
|
||||||
|
|
||||||
|
format = "ova"
|
||||||
|
|
||||||
|
boot_wait = "5s"
|
||||||
|
}
|
|
@ -0,0 +1,12 @@
|
||||||
|
#cloud-config
|
||||||
|
ssh_pwauth: True
|
||||||
|
user: ${user}
|
||||||
|
password: ${password}
|
||||||
|
chpasswd:
|
||||||
|
expire: False
|
||||||
|
|
||||||
|
# Work around network interface down after boot
|
||||||
|
runcmd:
|
||||||
|
%{ for cmd in runcmd ~}
|
||||||
|
- ${cmd}
|
||||||
|
%{ endfor ~}
|
|
@ -0,0 +1,64 @@
|
||||||
|
variable "name" {
|
||||||
|
type = string
|
||||||
|
default = "debian"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "version" {
|
||||||
|
type = string
|
||||||
|
default = "12.2.0"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "short_version" {
|
||||||
|
type = string
|
||||||
|
default = "12"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "arch" {
|
||||||
|
type = string
|
||||||
|
default = "amd64"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "output_dir" {
|
||||||
|
type = string
|
||||||
|
default = "output/debian/"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "source_url" {
|
||||||
|
type = string
|
||||||
|
default = "https://cdimage.debian.org/cdimage/release/12.2.0"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "iso_cd_checksum" {
|
||||||
|
type = string
|
||||||
|
default = "file:https://cdimage.debian.org/cdimage/release/12.2.0/amd64/iso-cd/SHA256SUMS"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "image_version" {
|
||||||
|
type = string
|
||||||
|
default = "0.0.1"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "one_user" {
|
||||||
|
type = string
|
||||||
|
default = env("ONE_USER")
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "one_token" {
|
||||||
|
type = string
|
||||||
|
default = env("ONE_TOKEN")
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "boot_command" {
|
||||||
|
type = list(string)
|
||||||
|
default = []
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "cloud_init_runcmd" {
|
||||||
|
type = list(string)
|
||||||
|
default = [ "uname" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "headless" {
|
||||||
|
type = bool
|
||||||
|
default = true
|
||||||
|
}
|
|
@ -0,0 +1,6 @@
|
||||||
|
|
||||||
|
variable "quid_ansible_vault_passphrase" {
|
||||||
|
type = string
|
||||||
|
default = env("QUID_ANSIBLE_VAULT_PASSPHRASE")
|
||||||
|
sensitive = true
|
||||||
|
}
|
Loading…
Reference in New Issue
Je ne penses pas que la VM fasse le resize automatique des partitions au boot, du coup peut importe la taille selectionnée par l'utilisateur lors de l'import de l'OVF, les fs feront toujours 10Go.
Je vais tester un import sur ma machine pour voir.