diff options
author | Jonathan Bauer | 2022-03-25 15:47:33 +0100 |
---|---|---|
committer | Jonathan Bauer | 2022-03-25 15:47:33 +0100 |
commit | f65626b1ff08d6dd6eb278f9ba5ebec9b819250b (patch) | |
tree | be4175a5a0e493120058fef4ff1c9d118d28cf01 | |
parent | include ssh-rsa as key algo for ansible (diff) | |
download | packer-templates-f65626b1ff08d6dd6eb278f9ba5ebec9b819250b.tar.gz packer-templates-f65626b1ff08d6dd6eb278f9ba5ebec9b819250b.tar.xz packer-templates-f65626b1ff08d6dd6eb278f9ba5ebec9b819250b.zip |
initial rocky8 support
based on the Manuel (Messner)'s work
l--------- | http/rocky-8 | 1 | ||||
-rw-r--r-- | http/rocky/anaconda-ks.cfg | 107 | ||||
-rw-r--r-- | rocky-8-x86_64.json | 46 |
3 files changed, 154 insertions, 0 deletions
diff --git a/http/rocky-8 b/http/rocky-8 new file mode 120000 index 0000000..c8dbb8c --- /dev/null +++ b/http/rocky-8 @@ -0,0 +1 @@ +rocky
\ No newline at end of file diff --git a/http/rocky/anaconda-ks.cfg b/http/rocky/anaconda-ks.cfg new file mode 100644 index 0000000..6a8b152 --- /dev/null +++ b/http/rocky/anaconda-ks.cfg @@ -0,0 +1,107 @@ +# install +# text +# reboot +# # url --mirrorlist="https://mirrors.rockylinux.org/metalink?repo=rocky-$releasever&arch=$basearch" +# # url --url="https://ftp.gwdg.de/pub/linux/rocky/$releasever/Minimal/$basearch/os/" +# lang en_US.UTF-8 +# keyboard --vckeymap=us --xlayouts='us' +# timezone Europe/Berlin --isUtc --nontp +# auth --enableshadow --passalgo=sha512 +# clearpart --none --initlabel +# bootloader --location=mbr --boot-drive=sda +# part biosboot --fstype="biosboot" --ondisk=sda --size=1 +# part / --fstype="ext4" --ondisk=sda --grow --label=SLX_SYS + + +# url --mirrorlist="https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch" +clearpart --none --initlabel +bootloader --location=mbr --boot-drive=sda +part biosboot --fstype=biosboot --ondisk=sda --size=1 +part / --fstype=xfs --asprimary --ondisk=sda --grow --label=SLX_SYS +lang en_US.UTF-8 +keyboard --vckeymap=us --xlayouts='us' +timezone Europe/Berlin --isUtc --nontp +text +reboot + + +%packages +@minimal-environment +@core +curl +kexec-tools +openssh +strace +tmux +%end + +%pre --interpreter=/usr/bin/perl +use strict; +use warnings; +use feature 'say'; + +open(my $fp, '<', '/proc/cmdline') or die $!; +chomp(my $line = scalar <$fp>); +close($fp); + +my @tokens = map {/^rootpw=(.*)/ ? $1 : () } + split / /, $line; + +exit if @tokens < 1; + +my $pw = crypt($tokens[0], "\$6\$1U9v8hxj6xmYNJBA\$"); + +open($fp, '>', '/tmp/setup-root-pass') or die $!; +say $fp "rootpw --iscrypted $pw"; +close($fp); +%end + +# small python script to extract the password from the kernel command line +# expects the password given as: rootpw=<password> +# %pre --interpreter=/usr/bin/python +# import shlex, crypt +# arg = 'rootpw=' +# with open('/proc/cmdline', 'r') as f: +# kcl = f.read().split() +# # extract the password +# passwords = [x[len(arg):] for x in kcl if x.startswith(arg)] +# if len(passwords) == 1: +# kclpass = passwords[0] +# # TODO sane fallbacks. This should work most of the time though :) +# # generate SHA512 hash +# hash = crypt.crypt(kclpass, crypt.mksalt(crypt.METHOD_SHA512)) +# with open('/tmp/setup-root-pass', 'w') as f: +# f.write('rootpw --iscrypted ' + hash) +# %end +# include the created password file +%include /tmp/setup-root-pass + +%post --erroronfail +set -x +# rpm --import 'https://www.elrepo.org/RPM-GPG-KEY-elrepo.org' +# yum -y install 'http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm' +# yum-config-manager --enable elrepo-kernel +# yum -y makecache +# yum -y install kernel-ml kernel-ml-devel kernel-ml-headers +# sed -i 's,^GRUB_DEFAULT=.*$,GRUB_DEFAULT=0,' /etc/default/grub +# grub2-mkconfig -o /boot/grub2/grub.cfg +# dnf -y install epel-release +# +dnf -y install epel-release +dnf -y update +dnf -y install ansible atop git htop iftop jq mutt nmap nmap-ncat systemd-networkd tcpdump vim wget +systemctl enable sshd +alternatives --set python /usr/bin/python3 + +# allow root login for ansible +sed -i 's,^[[:blank:]]*#*PermitRootLogin.*,PermitRootLogin yes,g' /etc/ssh/sshd_config + +ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules +cat > /etc/sysconfig/network-scripts/ifcfg-eth0 <<EOF +DEVICE="eth0" +BOOTPROTO="dhcp" +ONBOOT="yes" +TYPE="Ethernet" +EOF +set +x +%end diff --git a/rocky-8-x86_64.json b/rocky-8-x86_64.json new file mode 100644 index 0000000..575f64a --- /dev/null +++ b/rocky-8-x86_64.json @@ -0,0 +1,46 @@ +{ + "variables": { + "iso_url": "https://mirror1.hs-esslingen.de/pub/Mirrors/rocky/8/isos/x86_64/Rocky-8.5-x86_64-minimal.iso", + "iso_checksum_url": "https://mirror1.hs-esslingen.de/pub/Mirrors/rocky/8/isos/x86_64/CHECKSUM", + "iso_checksum_type": "sha256", + "vm_name": "rocky-8-x86_64", + "boot_wait": "5s", + "http_dir": "http", + "kickstart_path": "rocky-8/anaconda-ks.cfg", + "shutdown_command": "systemctl poweroff", + "ssh_password": "{{ env `ROOTPW` }}" + }, + "builders": [{ + "type": "qemu", + "accelerator": "kvm", + "iso_url": "{{ user `iso_url` }}", + "iso_checksum": "file:{{ user `iso_checksum_url` }}", + "output_directory": "{{ user `output_directory` }}", + "vm_name": "{{ user `vm_name` }}", + "format": "qcow2", + "disk_interface": "virtio-scsi", + "disk_size": "{{ user `disk_size` }}", + "headless": "{{ user `headless` }}", + "boot_wait": "{{ user `boot_wait` }}", + "ssh_timeout": "{{ user `ssh_timeout` }}", + "ssh_username": "{{ user `ssh_username` }}", + "ssh_password": "{{ user `ssh_password` }}", + "shutdown_command": "{{ user `shutdown_command` }}", + "http_directory": "{{ user `http_dir` }}", + "boot_command": [ + "<esc><wait>", + "linux inst.gpt biosdevname=0 net.ifnames=0 ", + "rootpw={{ user `ssh_password` }} ", + "inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/{{ user `kickstart_path` }}", + "<enter>" + ], + "qemuargs": [ + ["-m", "{{ user `memory` }}"], + ["-smp", "{{ user `cpus` }}"] + ] + }], + "post-processors": [{ + "type": "manifest", + "output": "{{ user `output_directory` }}/manifest.json" + }] +} |