jrivera
/
packer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Working rl8 & rl9 templates

main
Jaromir Rivera 2023-10-31 15:55:32 -04:00
parent 4d5463145e
commit 502fd3019e
8 changed files with 376 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
rocky-linux-9-test/files/99-pve.cfg → rocky-linux-8/files/99-pve.cfg
View File

30
rocky-linux-9-test/files/inst.ks → rocky-linux-8/http/kickstart.cfg
View File

@ -1,14 +1,19 @@
#version=RHEL8
ignoredisk --only-use=sda
ignoredisk --only-use=vda
autopart
# Partition clearing information
clearpart --none --initlabel
# Use graphical install
# graphical
# Use CDROM installation media
cdrom
text
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8
@ -16,21 +21,24 @@ lang en_US.UTF-8
network --bootproto=dhcp --ipv6=auto --activate
network --hostname=localhost.localdomain
repo --name="AppStream" --baseurl=file:///run/install/repo/AppStream
# Root password
rootpw Packer
rootpw --iscrypted $6$lVFG3WA8AqEXLM7v$L2Ah5x1gy9Z1BosC5I/Jn8R0YDqnXacZ4o9TC.8NUgDjglJHzV6Hcf7SKhB6WI/qmZ6ji0Ne3VCUvA/ciyfTD0
user --groups=wheel --name=cnorris --password=$6$KEyeHOUYzZf9pJHJ$7Fx6s/jYpj9mnVAiTHYVp2cmqLx8x8zrEZHk/vCLiJvyQ1JzXPMVbh5BaY6tNCfNsGckIN3s..KwIYtLBm1Ox0 --iscrypted --gecos="Chuck Norris"
# Run the Setup Agent on first boot
firstboot --disabled
# Do not configure the X Window System
skipx
# System services
services --disabled="kdump" --enabled="sshd,rsyslog,chronyd"
# System timezone
timezone Etc/UTC --isUtc
# Disk partitioning information
part / --fstype="xfs" --grow --size=6144
part swap --fstype="swap" --size=512
reboot
reboot
%packages
@^minimal-environment
@ -51,15 +59,7 @@ python3-libselinux
-ipw2100-firmware
-ipw2200-firmware
-ivtv-firmware
-iwl100-firmware
-iwl1000-firmware
-iwl3945-firmware
-iwl4965-firmware
-iwl5000-firmware
-iwl5150-firmware
-iwl6000-firmware
-iwl6000g2a-firmware
-iwl6050-firmware
-iwl*firmware
-libertas-usb8388-firmware
-ql2100-firmware
-ql2200-firmware

0
rocky-linux-8/http/meta-data Normal file
View File

166
rocky-linux-8/rocky-linux-8.pkr.hcl Normal file
View File

@ -0,0 +1,166 @@
# Rocky Linux 9 Server
# ---
# Packer Template to create an Rocky Linux 9 Server on Proxmox
packer {
required_plugins {
proxmox = {
version = ">= 1.1.3"
source = "github.com/hashicorp/proxmox"
}
}
}
# Variable Definitions
variable "proxmox_api_url" {
type = string
}
variable "proxmox_api_token_id" {
type = string
}
variable "proxmox_api_token_secret" {
type = string
sensitive = true
}
variable "proxmox_ssh_username" {
type = string
sensitive = true
}
variable "proxmox_ssh_password" {
type = string
sensitive = true
}
source "proxmox-iso" "rocky-linux-8" {
# Proxmox Connection Settings
proxmox_url = "${var.proxmox_api_url}"
username = "${var.proxmox_api_token_id}"
token = "${var.proxmox_api_token_secret}"
# (Optional) Skip TLS Verification
insecure_skip_tls_verify = true
# VM General Settings
node = "boba"
vm_id = "4800"
vm_name = "rocky-linux-8"
template_description = "Rocky Linux 8 Server Image"
machine = "q35"
bios = "ovmf"
os = "l26"
efi_config {
efi_storage_pool = "fast"
}
# VM OS Settings
# (Option 1) Local ISO File
# iso_file = "local:iso/ubuntu-20.04.2-live-server-amd64.iso"
# - or -
# (Option 2) Download ISO
# iso_url = "https://releases.ubuntu.com/20.04/ubuntu-20.04.3-live-server-amd64.iso"
# iso_checksum = "f8e3086f3cea0fb3fefb29937ab5ed9d19e767079633960ccb50e76153effc98"
iso_file = "data:iso/rocky-8.8-x86_64-dvd1.iso"
iso_storage_pool = "data"
unmount_iso = true
# VM System Settings
qemu_agent = true
# VM Hard Disk Settings
scsi_controller = "virtio-scsi-pci"
disks {
disk_size = "40G"
format = "raw"
storage_pool = "fast"
type = "virtio"
}
# VM CPU Settings
cores = "2"
cpu_type = "host"
# VM Memory Settings
memory = "2048"
# VM Network Settings
network_adapters {
model = "virtio"
bridge = "vmbr0"
firewall = "false"
}
# VM Cloud-Init Settings
cloud_init = true
cloud_init_storage_pool = "fast"
# PACKER Boot Commands
boot_command = ["e<down><down><end><bs><bs><bs><bs><bs>inst.text inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/kickstart.cfg<leftCtrlOn>x<leftCtrlOff>"]
boot_wait = "5s"
# PACKER Autoinstall Settings
http_directory = "http"
# (Optional) Bind IP Address and Port
http_bind_address = "0.0.0.0"
http_port_min = 8802
http_port_max = 8802
ssh_username = "${var.proxmox_ssh_username}"
# (Option 1) Add your Password here
ssh_password = "${var.proxmox_ssh_password}"
# - or -
# (Option 2) Add your Private SSH KEY file here
# ssh_private_key_file = "~/.ssh/id_rsa"
# Raise the timeout, when installation takes longer
ssh_timeout = "20m"
}
# Build Definition to create the VM Template
build {
name = "rocky-linux-8"
sources = ["source.proxmox-iso.rocky-linux-8"]
# Provisioning the VM Template for Cloud-Init Integration in Proxmox #1
provisioner "shell" {
inline = [
"echo 'Updating system...'",
"dnf -y update",
"dnf install -y cloud-init qemu-guest-agent cloud-utils-growpart gdisk",
"systemctl enable qemu-guest-agent",
"echo 'manual_cache_clean: True' > /etc/cloud/cloud.cfg.d/99-manual.cfg",
"shred -u /etc/ssh/*_key /etc/ssh/*_key.pub",
"rm -f /var/run/utmp",
">/var/log/lastlog",
">/var/log/wtmp",
">/var/log/btmp",
"rm -rf /tmp/* /var/tmp/*",
"unset HISTFILE; rm -rf /home/*/.*history /root/.*history",
"rm -f /root/*ks",
"passwd -d root",
"passwd -l root",
"rm -f /etc/ssh/ssh_config.d/allow-root-ssh.conf"
]
}
# Provisioning the VM Template for Cloud-Init Integration in Proxmox #2
provisioner "file" {
source = "files/99-pve.cfg"
destination = "/tmp/99-pve.cfg"
}
# Provisioning the VM Template for Cloud-Init Integration in Proxmox #3
provisioner "shell" {
inline = [ "sudo cp /tmp/99-pve.cfg /etc/cloud/cloud.cfg.d/99-pve.cfg" ]
}
# Add additional provisioning scripts here
# ...
}

1
rocky-linux-9/files/99-pve.cfg Normal file
View File

@ -0,0 +1 @@
datasource_list: [ConfigDrive, NoCloud]

149
rocky-linux-9/http/kickstart.cfg Normal file
View File

@ -0,0 +1,149 @@
#version=RHEL8
ignoredisk --only-use=vda
autopart
# Partition clearing information
clearpart --none --initlabel
# Use graphical install
# graphical
# Use CDROM installation media
cdrom
text
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --ipv6=auto --activate
network --hostname=localhost.localdomain
repo --name="AppStream" --baseurl=file:///run/install/repo/AppStream
# Root password
rootpw --iscrypted $6$lVFG3WA8AqEXLM7v$L2Ah5x1gy9Z1BosC5I/Jn8R0YDqnXacZ4o9TC.8NUgDjglJHzV6Hcf7SKhB6WI/qmZ6ji0Ne3VCUvA/ciyfTD0
user --groups=wheel --name=cnorris --password=$6$KEyeHOUYzZf9pJHJ$7Fx6s/jYpj9mnVAiTHYVp2cmqLx8x8zrEZHk/vCLiJvyQ1JzXPMVbh5BaY6tNCfNsGckIN3s..KwIYtLBm1Ox0 --iscrypted --gecos="Chuck Norris"
# Run the Setup Agent on first boot
firstboot --disabled
# Do not configure the X Window System
skipx
# System services
services --disabled="kdump" --enabled="sshd,rsyslog,chronyd"
# System timezone
timezone Etc/UTC --isUtc
reboot
%packages
@^minimal-environment
openssh-server
openssh-clients
sudo
kexec-tools
curl
# allow for ansible
python3
python3-libselinux
# unnecessary firmware
-aic94xx-firmware
-atmel-firmware
-b43-openfwwf
-bfa-firmware
-ipw2100-firmware
-ipw2200-firmware
-ivtv-firmware
-iwl*firmware
-libertas-usb8388-firmware
-ql2100-firmware
-ql2200-firmware
-ql23xx-firmware
-ql2400-firmware
-ql2500-firmware
-rt61pci-firmware
-rt73usb-firmware
-xorg-x11-drv-ati-firmware
-zd1211-firmware
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%post
# this is installed by default but we don't need it in virt
echo "Removing linux-firmware package."
yum -C -y remove linux-firmware
# Remove firewalld; it is required to be present for install/image building.
echo "Removing firewalld."
yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
# remove avahi and networkmanager
echo "Removing avahi/zeroconf and NetworkManager"
yum -C -y remove avahi\*
echo -n "Getty fixes"
# although we want console output going to the serial console, we don't
# actually have the opportunity to login there. FIX.
# we don't really need to auto-spawn _any_ gettys.
sed -i '/^#NAutoVTs=.*/ a\
NAutoVTs=0' /etc/systemd/logind.conf
# set virtual-guest as default profile for tuned
echo "virtual-guest" > /etc/tuned/active_profile
# Because memory is scarce resource in most cloud/virt environments,
# and because this impedes forensics, we are differing from the Fedora
# default of having /tmp on tmpfs.
echo "Disabling tmpfs for /tmp."
systemctl mask tmp.mount
cat <<EOL > /etc/sysconfig/kernel
# UPDATEDEFAULT specifies if new-kernel-pkg should make
# new kernels the default
UPDATEDEFAULT=yes
# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel
EOL
# make sure firstboot doesn't start
echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
echo "Fixing SELinux contexts."
touch /var/log/cron
touch /var/log/boot.log
mkdir -p /var/cache/yum
/usr/sbin/fixfiles -R -a restore
# reorder console entries
sed -i 's/console=tty0/console=tty0 console=ttyS0,115200n8/' /boot/grub2/grub.cfg
#echo "Zeroing out empty space."
# This forces the filesystem to reclaim space from deleted files
# dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
# rm -f /var/tmp/zeros
# echo "(Don't worry -- that out-of-space error was expected.)"
yum update -y
sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers
echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/allow-root-ssh.conf
yum clean all
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end

0
rocky-linux-9/http/meta-data Normal file
View File

63
rocky-linux-9-test/rocky-linux-9-test.pkr.hcl → rocky-linux-9/rocky-linux-9.pkr.hcl
View File

@ -1,6 +1,14 @@
# Rocky Linux 9 Server
# ---
# Packer Template to create an Rocky Linux 9 Server on Proxmox
packer {
required_plugins {
proxmox = {
version = ">= 1.1.3"
source = "github.com/hashicorp/proxmox"
}
}
}
# Variable Definitions
variable "proxmox_api_url" {
@ -16,7 +24,18 @@ variable "proxmox_api_token_secret" {
sensitive = true
}
source "proxmox" "rocky-linux-9" {
variable "proxmox_ssh_username" {
type = string
sensitive = true
}
variable "proxmox_ssh_password" {
type = string
sensitive = true
}
source "proxmox-iso" "rocky-linux-9" {
# Proxmox Connection Settings
proxmox_url = "${var.proxmox_api_url}"
@ -27,9 +46,16 @@ source "proxmox" "rocky-linux-9" {
# VM General Settings
node = "boba"
vm_id = "4500"
vm_id = "4900"
vm_name = "rocky-linux-9"
template_description = "Rocky Linux 9 Server Image"
machine = "q35"
bios = "ovmf"
os = "l26"
efi_config {
efi_storage_pool = "fast"
}
# VM OS Settings
# (Option 1) Local ISO File
@ -50,14 +76,14 @@ source "proxmox" "rocky-linux-9" {
disks {
disk_size = "40G"
format = "qcow2"
format = "raw"
storage_pool = "fast"
storage_pool_type = "storage"
type = "virtio"
}
# VM CPU Settings
cores = "2"
cpu_type = "host"
# VM Memory Settings
memory = "2048"
@ -74,23 +100,23 @@ source "proxmox" "rocky-linux-9" {
cloud_init_storage_pool = "fast"
# PACKER Boot Commands
boot_command = ["<tab> text inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/files/inst.ks<enter><wait>"]
boot_wait = "10s"
boot_command = ["e<down><down><end><bs><bs><bs><bs><bs>inst.text inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/kickstart.cfg<leftCtrlOn>x<leftCtrlOff>"]
boot_wait = "5s"
# PACKER Autoinstall Settings
http_directory = "http"
# (Optional) Bind IP Address and Port
# http_bind_address = "0.0.0.0"
# http_port_min = 8802
# http_port_max = 8802
http_bind_address = "0.0.0.0"
http_port_min = 8802
http_port_max = 8802
ssh_username = "cnorris"
ssh_username = "${var.proxmox_ssh_username}"
# (Option 1) Add your Password here
# ssh_password = "your-password"
ssh_password = "${var.proxmox_ssh_password}"
# - or -
# (Option 2) Add your Private SSH KEY file here
ssh_private_key_file = "~/.ssh/id_rsa"
# ssh_private_key_file = "~/.ssh/id_rsa"
# Raise the timeout, when installation takes longer
ssh_timeout = "20m"
@ -100,26 +126,27 @@ source "proxmox" "rocky-linux-9" {
build {
name = "rocky-linux-9"
sources = ["source.proxmox.rocky-linux-9"]
sources = ["source.proxmox-iso.rocky-linux-9"]
# Provisioning the VM Template for Cloud-Init Integration in Proxmox #1
provisioner "shell" {
inline = [
"echo "Updating system...",
"echo 'Updating system...'",
"dnf -y update",
"echo "Installing python and ansible...",
"echo 'Installing python and ansible...'",
"dnf -y install python3",
"dnf -y install python3-pip",
"pip3 install ansible",
"echo "Installing cloud-init...",
"echo 'Installing cloud-init...'",
"dnf -y install cloud-init",
"echo "manual_cache_clean: True" > /etc/cloud/cloud.cfg.d/99-manual.cfg"
"echo 'manual_cache_clean: True' > /etc/cloud/cloud.cfg.d/99-manual.cfg",
]
}
provisioner "shell" {
inline = [
"dnf install -y cloud-init qemu-guest-agent cloud-utils-growpart gdisk", "systemctl enable qemu-guest-agent",
"dnf install -y cloud-init qemu-guest-agent cloud-utils-growpart gdisk",
"systemctl enable qemu-guest-agent",
"shred -u /etc/ssh/*_key /etc/ssh/*_key.pub",
"rm -f /var/run/utmp",
">/var/log/lastlog",