diff options
| author | clyhtsuriva <aimeric@adjutor.xyz> | 2025-02-01 02:12:10 +0100 |
|---|---|---|
| committer | clyhtsuriva <aimeric@adjutor.xyz> | 2025-02-01 02:12:10 +0100 |
| commit | f246600cbb66834c1289bf52cf7bd95cc6428b02 (patch) | |
| tree | 2672aa9539cad83ae3c8861ebc0571c398a397f6 /packer/debian-server-bookworm | |
| parent | 97f55e590c58a3f252497df23bcec97c9352ff06 (diff) | |
Working debian packer template w/ ansible to set up fw rules after reboot
Diffstat (limited to 'packer/debian-server-bookworm')
| -rw-r--r-- | packer/debian-server-bookworm/debian-server-bookworm.pkr.hcl | 36 | ||||
| -rw-r--r-- | packer/debian-server-bookworm/http/preseed.cfg | 5 |
2 files changed, 28 insertions, 13 deletions
diff --git a/packer/debian-server-bookworm/debian-server-bookworm.pkr.hcl b/packer/debian-server-bookworm/debian-server-bookworm.pkr.hcl index d91d308..d93af5e 100644 --- a/packer/debian-server-bookworm/debian-server-bookworm.pkr.hcl +++ b/packer/debian-server-bookworm/debian-server-bookworm.pkr.hcl @@ -21,6 +21,11 @@ variable "vm_hostname" { default = "debian-server-bookworm-test-1" } +variable "ssh_private_key_file" { + type = string + default = "~/.ssh/id_ecdsa" +} + # Resource Definition for the VM Template source "proxmox-iso" "debian-server-bookworm-test-1" { @@ -60,11 +65,11 @@ source "proxmox-iso" "debian-server-bookworm-test-1" { scsi_controller = "virtio-scsi-single" disks { - disk_size = "20G" - format = "raw" - storage_pool = "local-lvm" - type = "virtio" - iothread = true + disk_size = "20G" + format = "raw" + storage_pool = "local-lvm" + type = "virtio" + io_thread = true } # VM CPU Settings @@ -75,9 +80,9 @@ source "proxmox-iso" "debian-server-bookworm-test-1" { # VM Network Settings network_adapters { - model = "virtio" - bridge = "vmbr0" - firewall = "false" + model = "virtio" + bridge = "vmbr0" + firewall = "false" } # VM Cloud-Init Settings @@ -91,7 +96,7 @@ source "proxmox-iso" "debian-server-bookworm-test-1" { ] boot = "c" - boot_wait = "10s" + boot_wait = "20s" communicator = "ssh" # PACKER Autoinstall Settings @@ -107,7 +112,7 @@ source "proxmox-iso" "debian-server-bookworm-test-1" { # ssh_password = "your-password" # - or - # (Option 2) Add your Private SSH KEY file here - ssh_private_key_file = "~/.ssh/id_ecdsa" + ssh_private_key_file = "${var.ssh_private_key_file}" # Raise the timeout, when installation takes longer ssh_timeout = "30m" @@ -119,6 +124,17 @@ build { name = "debian-server-bookworm-test-1" sources = ["source.proxmox-iso.debian-server-bookworm-test-1"] + # Using ansible playbooks to configure common base + provisioner "ansible" { + playbook_file = "../../ansible/playbooks/common.yml" + use_proxy = false + user = "mas" + ansible_env_vars = [ + "ANSIBLE_HOST_KEY_CHECKING=False", + "ANSIBLE_CONFIG=${path.root}/../../ansible/ansible.cfg", + ] + } + # Copy default cloud-init config provisioner "file" { source = "files/cloud.cfg" diff --git a/packer/debian-server-bookworm/http/preseed.cfg b/packer/debian-server-bookworm/http/preseed.cfg index e5dd8c6..a63e4ab 100644 --- a/packer/debian-server-bookworm/http/preseed.cfg +++ b/packer/debian-server-bookworm/http/preseed.cfg @@ -34,6 +34,7 @@ d-i apt-setup/use_mirror boolean true d-i partman-auto/method string lvm d-i partman-lvm/device_remove_lvm boolean true d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true d-i partman-auto-lvm/guided_size string max d-i partman-auto/choose_recipe select atomic d-i partman-partitioning/confirm_write_new_label boolean true @@ -68,14 +69,12 @@ d-i preseed/late_command string \ in-target sed -i 's/^#\?PubkeyAuthentication.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config && \ in-target sed -i 's|^#\?AuthorizedKeysFile.*|AuthorizedKeysFile %h/.ssh/authorized_keys|' /etc/ssh/sshd_config && \ in-target sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config && \ - in-targer sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config && \ + in-target sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config && \ in-target systemctl restart ssh && \ in-target apt-get purge -y snapd unattended-upgrades && \ in-target apt-get autoremove -y && \ in-target apt-get clean && \ in-target cloud-init clean --logs && \ - in-target ufw allow ssh && \ - in-target ufw enable && \ in-target sed -i '/^deb cdrom:/s/^/#/' /etc/apt/sources.list ### Configure GRUB bootloader |