From 910a094152d2ed0c1279eef490beb55c1edfd1f7 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Tue, 25 Jul 2017 21:44:14 +0300 Subject: Add: files to build a stretch/amd64 base image A vmdb2 spec file, a corresponding Ansible playbook, and a script to run vmdb2 to produce an image. --- base.vmdb | 49 ++++++++++++++++++++++++++++++++++++++++++++++++ base.yml | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ build-all.sh | 8 ++++++++ 3 files changed, 118 insertions(+) create mode 100644 base.vmdb create mode 100644 base.yml create mode 100755 build-all.sh diff --git a/base.vmdb b/base.vmdb new file mode 100644 index 0000000..f0515ed --- /dev/null +++ b/base.vmdb @@ -0,0 +1,49 @@ +# This is a VMDB2 input file for a BIOS booting system, including most +# virtual machines. The goal is to have a system that can be managed +# via Ansible. + +steps: +- mkimg: "{{ output }}" + size: 8G + +- mklabel: msdos + device: "{{ output }}" + +- mkpart: primary + device: "{{ output }}" + start: 0% + end: 100% + part-tag: root-part + +- mkfs: ext4 + partition: root-part + +- mount: root-part + fs-tag: root-fs + +- unpack-rootfs: root-fs + +- debootstrap: stretch + mirror: http://http.debian.net/debian + target: root-fs + unless: rootfs_unpacked + +- apt: linux-image-amd64 + fs-tag: root-fs + unless: rootfs_unpacked + +- chroot: root-fs + shell: | + apt -y install python + unless: rootfs_unpacked + +- cache-rootfs: root-fs + unless: rootfs_unpacked + +- ansible: root-fs + playbook: base.yml + +- grub: bios + root-fs: root-fs + root-part: root-part + device: "{{ output }}" diff --git a/base.yml b/base.yml new file mode 100644 index 0000000..0a2b83d --- /dev/null +++ b/base.yml @@ -0,0 +1,61 @@ +- hosts: image + tasks: + - name: set /etc/hostname + copy: + content: "{{ hostname }}" + dest: /etc/hostname + owner: root + group: root + mode: 0600 + + - name: add hostname to /etc/hosts + lineinfile: + dest: /etc/hosts + regexp: '^127\.0\.1\.1' + line: "127.0.0.1 {{ hostname }}" + + - name: remove password for root + shell: | + sed -i 's/^root:x:/root::/' /etc/passwd + + - name: add ansible user + user: + name: ansible + comment: "Ansible config mangement" + shell: /bin/bash + + - name: add ssh key to ansible authorized keys + authorized_key: + user: ansible + state: present + key: "{{ ssh_key_for_ansible }}" + + - name: add dhcp client to eth0 + copy: + content: | + auto eth0 + iface eth0 inet dhcp + dest: /etc/network/interfaces.d/eth0 + owner: root + group: root + mode: 0644 + + - name: install sshd + apt: + name: ssh + + - name: install sudo + apt: + name: sudo + + - name: allow passwordless sudo for ansible + copy: + content: "ansible ALL=(ALL:ALL) NOPASSWD: ALL" + dest: /etc/sudoers.d/ansible + owner: root + group: root + mode: 0600 + + vars: + hostname: stretch-amd64 + ssh_key_for_ansible: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDAlECa3tbFGXhB3Zh/4/GhM11THOThVfiuLqqJ2dpWHEClzpKJHpzzwWt7g9z/MMQNMsUJLy+okz+De6hdjjmYJ9kG9Sr3H4YKq6itGQMj7L/cH3WS3ynp0uy0oW3hf932vDZKQ8iy9vczXH+ERYl+4TYae1Jp4Hyf4/2IYxEfuhKctvSvqySST3Qk9JNZ71HFGOWhjH/MmoCLoT1v+HkqmHdYf/GMKGRo3gqCEGgCgNErYYIyKm3OF3dHXK+hyGLE/cZNu6fU5woW3rvtUCFt08Ri2pm0cnXXJn9jQIMxfS5Kkf64svwgzKmPqgX1f4flopYPlsBXduCgzbJvj+lpgauAk/i1A5B01CFa9sI4C6pHZmwk1qxRwN+4IXL2CQt+tDgYC84ZDDd8R7cNyL22a3KhMQmdHtvog1beAa3Ab+J+cafkXXN+Es9f1wQjzk7DiHupmJIVofBvPP+cRcB46rwha6ati8Fa5QkT9rXFNqQsKk7jq8TIi54Bm15OOa0jInGG3TM17b9Ftu2WTJSAaqgBnDfZiInK7HEvC6K/IBljrN3oGagmFZPrAvzw7d6C2/nKFAQtfoMcE5oWVDrJyjsmJ8oaru0E8rwj7mMvyKPgEMnXTGXLWDgEo50+i291m4bkCxVwiOPbPRvdMll1Y8qfBAPT76sY4Ikgcw/2iw== openpgp:0xBBE80E50 diff --git a/build-all.sh b/build-all.sh new file mode 100755 index 0000000..814b292 --- /dev/null +++ b/build-all.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +set -eu + +opts="--verbose" + +vmdb2 base.vmdb $opts --output debian9-amd64.img --rootfs-tarball debian9-amd64.tar.gz +xz -f --verbose debian9-amd64.img -- cgit v1.2.1