summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLars Wirzenius <liw@liw.fi>2017-07-25 21:44:14 +0300
committerLars Wirzenius <liw@liw.fi>2017-07-25 21:44:14 +0300
commit910a094152d2ed0c1279eef490beb55c1edfd1f7 (patch)
tree08ee51855deaa3422ea0713d926be6e710aee486
downloadbase-image-specs-910a094152d2ed0c1279eef490beb55c1edfd1f7.tar.gz
Add: files to build a stretch/amd64 base image
A vmdb2 spec file, a corresponding Ansible playbook, and a script to run vmdb2 to produce an image.
-rw-r--r--base.vmdb49
-rw-r--r--base.yml61
-rwxr-xr-xbuild-all.sh8
3 files changed, 118 insertions, 0 deletions
diff --git a/base.vmdb b/base.vmdb
new file mode 100644
index 0000000..f0515ed
--- /dev/null
+++ b/base.vmdb
@@ -0,0 +1,49 @@
+# This is a VMDB2 input file for a BIOS booting system, including most
+# virtual machines. The goal is to have a system that can be managed
+# via Ansible.
+
+steps:
+- mkimg: "{{ output }}"
+ size: 8G
+
+- mklabel: msdos
+ device: "{{ output }}"
+
+- mkpart: primary
+ device: "{{ output }}"
+ start: 0%
+ end: 100%
+ part-tag: root-part
+
+- mkfs: ext4
+ partition: root-part
+
+- mount: root-part
+ fs-tag: root-fs
+
+- unpack-rootfs: root-fs
+
+- debootstrap: stretch
+ mirror: http://http.debian.net/debian
+ target: root-fs
+ unless: rootfs_unpacked
+
+- apt: linux-image-amd64
+ fs-tag: root-fs
+ unless: rootfs_unpacked
+
+- chroot: root-fs
+ shell: |
+ apt -y install python
+ unless: rootfs_unpacked
+
+- cache-rootfs: root-fs
+ unless: rootfs_unpacked
+
+- ansible: root-fs
+ playbook: base.yml
+
+- grub: bios
+ root-fs: root-fs
+ root-part: root-part
+ device: "{{ output }}"
diff --git a/base.yml b/base.yml
new file mode 100644
index 0000000..0a2b83d
--- /dev/null
+++ b/base.yml
@@ -0,0 +1,61 @@
+- hosts: image
+ tasks:
+ - name: set /etc/hostname
+ copy:
+ content: "{{ hostname }}"
+ dest: /etc/hostname
+ owner: root
+ group: root
+ mode: 0600
+
+ - name: add hostname to /etc/hosts
+ lineinfile:
+ dest: /etc/hosts
+ regexp: '^127\.0\.1\.1'
+ line: "127.0.0.1 {{ hostname }}"
+
+ - name: remove password for root
+ shell: |
+ sed -i 's/^root:x:/root::/' /etc/passwd
+
+ - name: add ansible user
+ user:
+ name: ansible
+ comment: "Ansible config mangement"
+ shell: /bin/bash
+
+ - name: add ssh key to ansible authorized keys
+ authorized_key:
+ user: ansible
+ state: present
+ key: "{{ ssh_key_for_ansible }}"
+
+ - name: add dhcp client to eth0
+ copy:
+ content: |
+ auto eth0
+ iface eth0 inet dhcp
+ dest: /etc/network/interfaces.d/eth0
+ owner: root
+ group: root
+ mode: 0644
+
+ - name: install sshd
+ apt:
+ name: ssh
+
+ - name: install sudo
+ apt:
+ name: sudo
+
+ - name: allow passwordless sudo for ansible
+ copy:
+ content: "ansible ALL=(ALL:ALL) NOPASSWD: ALL"
+ dest: /etc/sudoers.d/ansible
+ owner: root
+ group: root
+ mode: 0600
+
+ vars:
+ hostname: stretch-amd64
+ ssh_key_for_ansible: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDAlECa3tbFGXhB3Zh/4/GhM11THOThVfiuLqqJ2dpWHEClzpKJHpzzwWt7g9z/MMQNMsUJLy+okz+De6hdjjmYJ9kG9Sr3H4YKq6itGQMj7L/cH3WS3ynp0uy0oW3hf932vDZKQ8iy9vczXH+ERYl+4TYae1Jp4Hyf4/2IYxEfuhKctvSvqySST3Qk9JNZ71HFGOWhjH/MmoCLoT1v+HkqmHdYf/GMKGRo3gqCEGgCgNErYYIyKm3OF3dHXK+hyGLE/cZNu6fU5woW3rvtUCFt08Ri2pm0cnXXJn9jQIMxfS5Kkf64svwgzKmPqgX1f4flopYPlsBXduCgzbJvj+lpgauAk/i1A5B01CFa9sI4C6pHZmwk1qxRwN+4IXL2CQt+tDgYC84ZDDd8R7cNyL22a3KhMQmdHtvog1beAa3Ab+J+cafkXXN+Es9f1wQjzk7DiHupmJIVofBvPP+cRcB46rwha6ati8Fa5QkT9rXFNqQsKk7jq8TIi54Bm15OOa0jInGG3TM17b9Ftu2WTJSAaqgBnDfZiInK7HEvC6K/IBljrN3oGagmFZPrAvzw7d6C2/nKFAQtfoMcE5oWVDrJyjsmJ8oaru0E8rwj7mMvyKPgEMnXTGXLWDgEo50+i291m4bkCxVwiOPbPRvdMll1Y8qfBAPT76sY4Ikgcw/2iw== openpgp:0xBBE80E50
diff --git a/build-all.sh b/build-all.sh
new file mode 100755
index 0000000..814b292
--- /dev/null
+++ b/build-all.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+set -eu
+
+opts="--verbose"
+
+vmdb2 base.vmdb $opts --output debian9-amd64.img --rootfs-tarball debian9-amd64.tar.gz
+xz -f --verbose debian9-amd64.img