-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
9b25b58
commit a3191bd
Showing
15 changed files
with
238 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
http/ | ||
output-*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
#!/bin/sh -eux | ||
|
||
export DEBIAN_FRONTEND=noninteractive | ||
|
||
echo "==> Disable release-upgrades" | ||
sed -i.bak 's/^Prompt=.*$/Prompt=never/' /etc/update-manager/release-upgrades; | ||
|
||
echo "==> Disable systemd apt timers/services" | ||
systemctl stop apt-daily.timer; | ||
systemctl stop apt-daily-upgrade.timer; | ||
systemctl disable apt-daily.timer; | ||
systemctl disable apt-daily-upgrade.timer; | ||
systemctl mask apt-daily.service; | ||
systemctl mask apt-daily-upgrade.service; | ||
systemctl daemon-reload; | ||
|
||
# Disable periodic activities of apt to be safe | ||
cat <<EOF >/etc/apt/apt.conf.d/10periodic; | ||
APT::Periodic::Enable "0"; | ||
APT::Periodic::Update-Package-Lists "0"; | ||
APT::Periodic::Download-Upgradeable-Packages "0"; | ||
APT::Periodic::AutocleanInterval "0"; | ||
APT::Periodic::Unattended-Upgrade "0"; | ||
EOF | ||
|
||
# Disable snapd updates | ||
echo "==> Disable snap updates" | ||
systemctl stop snapd.service; | ||
systemctl stop snapd.socket; | ||
systemctl mask snapd.service; | ||
systemctl mask snapd.socket; | ||
|
||
echo "==> Remove the unattended-upgrades and ubuntu-release-upgrader-core packages" | ||
apt-get -y purge unattended-upgrades ubuntu-release-upgrader-core; | ||
rm -rf /var/log/unattended-upgrades; | ||
|
||
apt-get update; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
#!/bin/sh -eux | ||
export DEBIAN_FRONTEND=noninteractive | ||
|
||
echo "==> Install qemu guest agent" | ||
apt-get install -y qemu-guest-agent | ||
apt-get -y autoremove |
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
efi_boot = false | ||
iso_checksum = "file:https://releases.ubuntu.com/22.04.3/SHA256SUMS" | ||
iso_url = "https://releases.ubuntu.com/22.04.3/ubuntu-22.04.3-live-server-amd64.iso" | ||
vm_name = "ubuntu-22.04-bios-x86_64.qcow2" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
efi_boot = true | ||
efi_firmware_code = "/usr/share/OVMF/OVMF_CODE.fd" | ||
efi_firmware_vars = "/usr/share/OVMF/OVMF_VARS.fd" | ||
iso_checksum = "file:https://releases.ubuntu.com/22.04.3/SHA256SUMS" | ||
iso_url = "https://releases.ubuntu.com/22.04.3/ubuntu-22.04.3-live-server-amd64.iso" | ||
vm_name = "ubuntu-22.04-x86_64.qcow2" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,158 @@ | ||
variable "ssh_username" { | ||
description = "The username to connect to SSH with." | ||
type = string | ||
default = "packer" | ||
} | ||
|
||
variable "ssh_password" { | ||
description = "A plaintext password to use to authenticate with SSH." | ||
type = string | ||
default = "packer" | ||
} | ||
|
||
# openssl passwd -6 <password> | ||
variable "ssh_crypted_password" { | ||
type = string | ||
default = "$6$T2/U.GUdeHTEXzE1$dE31iksnl.JuMIhZEHxIZPiHngerJS.NuDw4UQ4v7Ih7SEvtSavmg4efqCxRxoM0hc0SQesLdQMYpK95eMwu4." | ||
} | ||
|
||
variable "http_directory" { | ||
description = "Path to a directory to serve using an HTTP server." | ||
type = string | ||
default = "http" | ||
} | ||
|
||
# https://ubuntu.com/server/docs/install/autoinstall | ||
source "file" "user_data" { | ||
content = <<EOF | ||
#cloud-config | ||
autoinstall: | ||
version: 1 | ||
identity: | ||
hostname: packer | ||
username: ${var.ssh_username} | ||
password: ${var.ssh_crypted_password} | ||
early-commands: | ||
# otherwise packer tries to connect and exceeds max attempts | ||
- systemctl stop ssh.service | ||
- systemctl stop ssh.socket | ||
ssh: | ||
install-server: yes | ||
allow-pw: yes | ||
late-commands: | ||
- echo '${var.ssh_username} ALL=(ALL) NOPASSWD:ALL' > /target/etc/sudoers.d/${var.ssh_username} | ||
- | | ||
if [ -d /sys/firmware/efi ]; then | ||
apt-get install -y efibootmgr | ||
efibootmgr -o $(efibootmgr | sed -n 's/Boot\(.*\)\* ubuntu/\1/p') | ||
fi | ||
EOF | ||
target = "${var.http_directory}/user-data" | ||
} | ||
|
||
source "file" "meta_data" { | ||
content = <<EOF | ||
EOF | ||
target = "${var.http_directory}/meta-data" | ||
} | ||
|
||
build { | ||
sources = ["sources.file.user_data", "sources.file.meta_data"] | ||
} | ||
|
||
variable "efi_boot" { | ||
description = "Boot in EFI mode instead of BIOS." | ||
type = bool | ||
default = false | ||
} | ||
|
||
variable "efi_firmware_code" { | ||
description = "Path to the CODE part of the firmware." | ||
type = string | ||
default = null | ||
} | ||
|
||
variable "efi_firmware_vars" { | ||
description = "Path to the VARS corresponding to the code file." | ||
type = string | ||
default = null | ||
} | ||
|
||
variable "iso_checksum" { | ||
description = "The checksum for the ISO file or virtual hard drive." | ||
type = string | ||
default = "file:https://releases.ubuntu.com/22.04.3/SHA256SUMS" | ||
} | ||
|
||
variable "iso_url" { | ||
description = "A URL to the ISO containing the installation image or virtual hard drive file to clone." | ||
type = string | ||
default = "https://releases.ubuntu.com/22.04.3/ubuntu-22.04.3-live-server-amd64.iso" | ||
} | ||
|
||
variable "vm_name" { | ||
description = "The name of the image file for the new virtual machine." | ||
type = string | ||
default = "ubuntu-22.04-bios-x86_64.qcow2" | ||
} | ||
|
||
source "qemu" "ubuntu" { | ||
# Ubuntu 20.04 image default timeout is 5s, so we need to be fast | ||
boot_wait = "5s" | ||
boot_command = [ | ||
"c<wait>", | ||
"linux /casper/vmlinuz autoinstall 'ds=nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/' ---", | ||
"<enter>", | ||
"initrd /casper/initrd", | ||
"<enter>", | ||
"boot<enter><wait>", | ||
] | ||
accelerator = "kvm" | ||
cpus = 2 | ||
disk_interface = "virtio-scsi" | ||
disk_size = "16G" | ||
disk_compression = true | ||
format = "qcow2" | ||
headless = false | ||
http_directory = var.http_directory | ||
iso_checksum = var.iso_checksum | ||
iso_url = var.iso_url | ||
machine_type = "q35" | ||
memory = 4096 | ||
net_device = "virtio-net" | ||
output_directory = "output-${trimsuffix(var.vm_name, ".qcow2")}" | ||
shutdown_command = "echo '${var.ssh_password}' | sudo -S shutdown -P now" | ||
ssh_password = var.ssh_password | ||
ssh_timeout = "30m" | ||
ssh_username = var.ssh_username | ||
vm_name = var.vm_name | ||
efi_boot = var.efi_boot | ||
efi_firmware_code = var.efi_firmware_code | ||
efi_firmware_vars = var.efi_firmware_vars | ||
qemuargs = [ | ||
["-cpu", "host"] | ||
] | ||
} | ||
|
||
build { | ||
sources = ["source.qemu.ubuntu"] | ||
|
||
# cloud-init may still be running when we start executing scripts | ||
# To avoid race conditions, make sure cloud-init is done first | ||
provisioner "shell" { | ||
inline = [ | ||
"echo '==> Waiting for cloud-init to finish'", | ||
"/usr/bin/cloud-init status --wait", | ||
"echo '==> Cloud-init complete'", | ||
] | ||
} | ||
|
||
provisioner "shell" { | ||
execute_command = "echo '${var.ssh_password}' | {{ .Vars }} sudo -S -E sh -eux '{{ .Path }}'" | ||
expect_disconnect = true | ||
scripts = [ | ||
"../../scripts/disable-updates.sh", | ||
"../../scripts/qemu.sh", | ||
] | ||
} | ||
} |