├── .github
├── runs-on.yml
└── aws_marketplace_change_set.json.template
├── ansible
├── roles
│ ├── gcp_guest
│ │ ├── meta
│ │ │ └── main.yml
│ │ └── tasks
│ │ │ └── main.yml
│ ├── setup_cloud_init
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── files
│ │ │ ├── 10-azure-kvp.cfg
│ │ │ ├── 91-azure_datasource.cfg
│ │ │ └── 99_oci.cfg
│ │ ├── tasks
│ │ │ ├── oci.yaml
│ │ │ ├── azure.yml
│ │ │ └── main.yml
│ │ └── README.md
│ ├── cleanup_vm
│ │ ├── defaults
│ │ │ └── main.yml
│ │ └── README.md
│ ├── ami_10_x86_64
│ │ ├── templates
│ │ │ ├── cmdline.j2
│ │ │ ├── grub_defaults.j2
│ │ │ ├── grubenv.j2
│ │ │ ├── fstab.j2
│ │ │ └── grub.cfg.j2
│ │ ├── defaults
│ │ │ └── main.yaml
│ │ └── tasks
│ │ │ ├── selinux.yaml
│ │ │ ├── main.yaml
│ │ │ └── chroot.yaml
│ ├── ami_8_aarch64
│ │ ├── templates
│ │ │ ├── cmdline.j2
│ │ │ ├── grub_defaults.j2
│ │ │ ├── fstab.j2
│ │ │ ├── grubenv.j2
│ │ │ └── grub.cfg.j2
│ │ ├── defaults
│ │ │ └── main.yaml
│ │ ├── files
│ │ │ └── ifcfg-eth0
│ │ └── tasks
│ │ │ ├── selinux.yaml
│ │ │ ├── main.yaml
│ │ │ ├── os.yaml
│ │ │ ├── storage.yaml
│ │ │ └── chroot.yaml
│ ├── ami_8_x86_64
│ │ ├── templates
│ │ │ ├── cmdline.j2
│ │ │ ├── grub_defaults.j2
│ │ │ ├── grub_stub.j2
│ │ │ ├── fstab.j2
│ │ │ ├── grubenv.j2
│ │ │ └── grub.cfg.j2
│ │ ├── defaults
│ │ │ └── main.yaml
│ │ ├── files
│ │ │ └── ifcfg-eth0
│ │ └── tasks
│ │ │ ├── selinux.yaml
│ │ │ ├── main.yaml
│ │ │ ├── os.yaml
│ │ │ └── chroot.yaml
│ ├── ami_9_aarch64
│ │ ├── templates
│ │ │ ├── cmdline.j2
│ │ │ ├── grub_defaults.j2
│ │ │ ├── grubenv.j2
│ │ │ ├── fstab.j2
│ │ │ └── grub.cfg.j2
│ │ ├── defaults
│ │ │ └── main.yaml
│ │ └── tasks
│ │ │ ├── selinux.yaml
│ │ │ ├── main.yaml
│ │ │ ├── bootloader.yaml
│ │ │ ├── storage.yaml
│ │ │ └── chroot.yaml
│ ├── ami_9_x86_64
│ │ ├── templates
│ │ │ ├── cmdline.j2
│ │ │ ├── grub_defaults.j2
│ │ │ ├── grubenv.j2
│ │ │ ├── fstab.j2
│ │ │ └── grub.cfg.j2
│ │ ├── defaults
│ │ │ └── main.yaml
│ │ └── tasks
│ │ │ ├── selinux.yaml
│ │ │ ├── main.yaml
│ │ │ └── chroot.yaml
│ ├── ami_10_aarch64
│ │ ├── templates
│ │ │ ├── cmdline.j2
│ │ │ ├── grub_defaults.j2
│ │ │ ├── grubenv.j2
│ │ │ ├── fstab.j2
│ │ │ └── grub.cfg.j2
│ │ ├── defaults
│ │ │ └── main.yaml
│ │ └── tasks
│ │ │ ├── selinux.yaml
│ │ │ ├── main.yaml
│ │ │ ├── bootloader.yaml
│ │ │ └── storage.yaml
│ ├── ami_kitten_10_aarch64
│ │ ├── templates
│ │ │ ├── cmdline.j2
│ │ │ ├── grub_defaults.j2
│ │ │ ├── grubenv.j2
│ │ │ ├── fstab.j2
│ │ │ └── grub.cfg.j2
│ │ ├── defaults
│ │ │ └── main.yaml
│ │ └── tasks
│ │ │ ├── selinux.yaml
│ │ │ ├── main.yaml
│ │ │ ├── bootloader.yaml
│ │ │ └── storage.yaml
│ ├── ami_kitten_10_x86_64
│ │ ├── templates
│ │ │ ├── cmdline.j2
│ │ │ ├── grub_defaults.j2
│ │ │ ├── grubenv.j2
│ │ │ ├── fstab.j2
│ │ │ └── grub.cfg.j2
│ │ ├── defaults
│ │ │ └── main.yaml
│ │ └── tasks
│ │ │ ├── selinux.yaml
│ │ │ └── main.yaml
│ ├── vmware_guest
│ │ ├── README.md
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── meta
│ │ │ └── main.yml
│ ├── azure_guest
│ │ ├── files
│ │ │ ├── azure.dracut.conf
│ │ │ ├── 99-azure-unmanaged-devices.conf
│ │ │ └── 99-azure-hyperv-ptp.rules
│ │ └── meta
│ │ │ └── main.yml
│ ├── qemu_guest
│ │ ├── README.md
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── meta
│ │ │ └── main.yml
│ ├── hyperv_guest
│ │ ├── README.md
│ │ └── tasks
│ │ │ └── main.yml
│ ├── gencloud_guest
│ │ └── meta
│ │ │ └── main.yml
│ ├── unified_boot
│ │ ├── templates
│ │ │ ├── grub_cfg_stub.j2
│ │ │ └── grub_cfg_main.j2
│ │ ├── meta
│ │ │ └── main.yaml
│ │ └── README.md
│ ├── digitalocean_guest
│ │ ├── meta
│ │ │ └── main.yml
│ │ └── files
│ │ │ └── ifcfg-eth0
│ ├── aws_guest
│ │ ├── files
│ │ │ ├── ifcfg-eth0
│ │ │ └── amazon-ssm-agent.gpg
│ │ └── README.md
│ ├── oci_guest
│ │ ├── meta
│ │ │ └── main.yaml
│ │ └── defaults
│ │ │ └── main.yaml
│ ├── vagrant_guest
│ │ ├── meta
│ │ │ └── main.yaml
│ │ ├── files
│ │ │ └── vagrant.pub
│ │ └── tasks
│ │ │ └── main.yaml
│ ├── dump_repo_metadata
│ │ ├── files
│ │ │ └── dump_repo_metadata.py
│ │ └── tasks
│ │ │ └── main.yml
│ └── sbom_data
│ │ └── tasks
│ │ └── main.yml
├── ami_8_x86_64.yaml
├── ami_9_x86_64.yaml
├── ami_10_x86_64.yaml
├── ami_8_aarch64.yaml
├── ami_9_aarch64.yaml
├── ami_10_aarch64.yaml
├── requirements.yml
├── ami_kitten_10_x86_64.yaml
├── ami_kitten_10_aarch64.yaml
├── gcp.yml
├── opennebula.yml
├── digitalocean.yml
├── oci.yml
├── gencloud.yml
├── azure.yml
└── vagrant.yml
├── tools
├── requirements-aws.txt
└── digitalocean-import_latest_image.bash
├── requirements.txt
├── tests
├── genericcloud
│ ├── upload_image
│ │ ├── Upload_Image.md
│ │ ├── amd64
│ │ │ └── upload_image.tf
│ │ └── aarch64
│ │ │ └── upload_image.tf
│ └── launch_test_instances
│ │ ├── amd64
│ │ ├── output.tf
│ │ ├── ssh-config.tftpl
│ │ └── launch_instances.tf
│ │ ├── aarch64
│ │ ├── output.tf
│ │ ├── ssh-config.tftpl
│ │ └── launch_instances.tf
│ │ └── GenericCloud.md
├── test-values.pkrvars.hcl
├── ami
│ ├── launch_test_instances
│ │ ├── aarch64
│ │ │ ├── output.tf
│ │ │ ├── ssh-config.tftpl
│ │ │ └── launch_test_instances.tf
│ │ └── amd64
│ │ │ ├── output.tf
│ │ │ ├── ssh-config.tftpl
│ │ │ └── launch_test_instances.tf
│ ├── ssh-config.tftpl
│ └── AMI.md
├── opennebula
│ ├── create_test_vms
│ │ ├── aarch64
│ │ │ ├── ssh-config.tftpl
│ │ │ ├── upload_image.tf
│ │ │ ├── create_template.tf
│ │ │ ├── launch_vm.tf
│ │ │ └── variables.tf
│ │ └── amd64
│ │ │ ├── ssh-config.tftpl
│ │ │ ├── create_template.tf
│ │ │ ├── upload_image.tf
│ │ │ ├── launch_vm.tf
│ │ │ └── variables.tf
│ └── OpenNebula.md
└── vagrant
│ ├── Vagrantfile
│ └── Vagrant.md
├── almalinux_oz.cfg
├── tpl
├── vagrant
│ └── vagrantfile-libvirt.rb
└── edk2
│ └── OVMF_VARS.secboot.fd_20220126gitbb1bba3d77-6.el8_9.6.alma.aws
├── .gitattributes
├── vm-scripts
├── digitalocean
│ └── README.md
└── gcp
│ ├── almalinux_8_arm64.publish.json
│ ├── almalinux_9_arm64.publish.json
│ ├── almalinux_10_arm64.publish.json
│ ├── almalinux_8.publish.json
│ ├── almalinux_9.publish.json
│ └── almalinux_10.publish.json
├── .gitignore
├── almalinux_8_gencloud_s390x.xml.tmpl
├── almalinux_9_gencloud_s390x.xml.tmpl
├── almalinux_kitten_10_gencloud_s390x.xml.tmpl
├── almalinux_10_gencloud_s390x.xml.tmpl
├── http
├── almalinux-10.gencloud-ppc64le.ks
├── almalinux-9.gencloud-ppc64le.ks
├── almalinux-10.gencloud-aarch64.ks
├── almalinux-9.gencloud-aarch64.ks
├── almalinux-10.azure-aarch64.ks
├── almalinux-9.azure-aarch64.ks
├── almalinux-kitten-10.azure-aarch64.ks
├── almalinux-8.oci-aarch64.ks
├── almalinux-8.gencloud-ppc64le.ks
├── almalinux-8.gencloud-aarch64.ks
├── almalinux-10.azure-64k-aarch64.ks
├── almalinux-10.oci-aarch64.ks
├── almalinux-kitten-10.gencloud-ppc64le.ks
├── almalinux-9.oci-aarch64.ks
├── almalinux-9.azure-64k-aarch64.ks
├── almalinux-kitten-10.azure-64k-aarch64.ks
├── almalinux-kitten-10.gencloud-aarch64.ks
├── almalinux-8.azure-aarch64.ks
├── almalinux-10.vagrant-aarch64.ks
├── almalinux-9.vagrant-aarch64.ks
├── almalinux-kitten-10.vagrant-aarch64.ks
├── almalinux-8.vagrant-x86_64-bios.ks
├── almalinux-10.azure-x86_64.ks
├── almalinux-10.gencloud-x86_64.ks
├── almalinux-10.gencloud-x86_64_v2.ks
├── almalinux-9.azure-x86_64.ks
├── almalinux-9.gencloud-x86_64.ks
├── almalinux-kitten-10.azure-x86_64.ks
├── almalinux-8.oci-x86_64.ks
├── almalinux-10.oci-x86_64.ks
├── almalinux-9.oci-x86_64.ks
├── almalinux-8.azure-x86_64.ks
├── almalinux-kitten-10.gencloud-x86_64.ks
├── almalinux-kitten-10.gencloud-x86_64_v2.ks
├── almalinux-8.gencloud-x86_64.ks
├── almalinux-10.vagrant-x86_64.ks
├── almalinux-10.vagrant-x86_64_v2.ks
├── almalinux-9.vagrant-x86_64-bios.ks
├── almalinux-9.vagrant-x86_64.ks
├── almalinux-kitten-10.vagrant-x86_64.ks
├── almalinux-kitten-10.vagrant-x86_64_v2.ks
└── almalinux-8.vagrant-x86_64.ks
├── versions.pkr.hcl
└── LICENSE
/.github/runs-on.yml:
--------------------------------------------------------------------------------
1 | _extends: .github
2 |
--------------------------------------------------------------------------------
/ansible/roles/gcp_guest/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | dependencies:
3 |
--------------------------------------------------------------------------------
/tools/requirements-aws.txt:
--------------------------------------------------------------------------------
1 | boto3>=1.34.62
2 | markdown-table==2020.12.3
3 |
--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
1 | pytest-testinfra>=10.1.0
2 | paramiko>=3.4.0
3 | pyyaml>=6.0.1
4 |
--------------------------------------------------------------------------------
/tests/genericcloud/upload_image/Upload_Image.md:
--------------------------------------------------------------------------------
1 | # Upload image to the OpenStack
2 |
--------------------------------------------------------------------------------
/ansible/roles/setup_cloud_init/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | cloud_init_user: ''
3 | cloud_platform: ''
4 |
--------------------------------------------------------------------------------
/ansible/roles/cleanup_vm/defaults/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | cleanup_ssh_host_keys: true
3 | collect_sbom_data: true
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_x86_64/templates/cmdline.j2:
--------------------------------------------------------------------------------
1 | root=UUID={{ root_uuid.stdout }} {{ ami_10_x86_64_kernel_opts }}
2 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/templates/cmdline.j2:
--------------------------------------------------------------------------------
1 | root=UUID={{ root_uuid.stdout }} {{ ami_8_aarch64_kernel_opts }}
2 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/templates/cmdline.j2:
--------------------------------------------------------------------------------
1 | root=UUID={{ root_uuid.stdout }} {{ ami_8_x86_64_kernel_opts }}
2 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_aarch64/templates/cmdline.j2:
--------------------------------------------------------------------------------
1 | root=UUID={{ root_uuid.stdout }} {{ ami_9_aarch64_kernel_opts }}
2 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_x86_64/templates/cmdline.j2:
--------------------------------------------------------------------------------
1 | root=UUID={{ root_uuid.stdout }} {{ ami_9_x86_64_kernel_opts }}
2 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_aarch64/templates/cmdline.j2:
--------------------------------------------------------------------------------
1 | root=UUID={{ root_uuid.stdout }} {{ ami_10_aarch64_kernel_opts }}
2 |
--------------------------------------------------------------------------------
/almalinux_oz.cfg:
--------------------------------------------------------------------------------
1 | [libvirt]
2 | cpus = 2
3 | memory = 3072
4 | image_type = qcow2
5 |
6 | [cache]
7 | original_media = no
8 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_aarch64/templates/cmdline.j2:
--------------------------------------------------------------------------------
1 | root=UUID={{ root_uuid.stdout }} {{ ami_kitten_10_aarch64_kernel_opts }}
2 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_x86_64/templates/cmdline.j2:
--------------------------------------------------------------------------------
1 | root=UUID={{ root_uuid.stdout }} {{ ami_kitten_10_x86_64_kernel_opts }}
2 |
--------------------------------------------------------------------------------
/ansible/roles/cleanup_vm/README.md:
--------------------------------------------------------------------------------
1 | # cleanup_vm
2 |
3 | An Ansible role that removes unnecessary data to produce a smaller VM.
4 |
--------------------------------------------------------------------------------
/ansible/roles/vmware_guest/README.md:
--------------------------------------------------------------------------------
1 | # vmware_guest
2 |
3 | An Ansible role that installs `open-vm-tools` on a virtual machine.
4 |
--------------------------------------------------------------------------------
/ansible/roles/azure_guest/files/azure.dracut.conf:
--------------------------------------------------------------------------------
1 | add_drivers+=" hv_vmbus hv_netvsc hv_storvsc "
2 | add_drivers+=" nvme pci-hyperv "
3 |
--------------------------------------------------------------------------------
/ansible/roles/qemu_guest/README.md:
--------------------------------------------------------------------------------
1 | # qemu_guest
2 |
3 | An Ansible role that installs `qemu-guest-agent` and `rsync` on a virtual machine.
4 |
--------------------------------------------------------------------------------
/ansible/roles/setup_cloud_init/files/10-azure-kvp.cfg:
--------------------------------------------------------------------------------
1 | reporting:
2 | logging:
3 | type: log
4 | telemetry:
5 | type: hyperv
6 |
--------------------------------------------------------------------------------
/tpl/vagrant/vagrantfile-libvirt.rb:
--------------------------------------------------------------------------------
1 | Vagrant.configure('2') do |config|
2 | config.vm.synced_folder '.', '/vagrant', type: 'rsync'
3 | end
4 |
--------------------------------------------------------------------------------
/ansible/ami_8_x86_64.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: AlmaLinux OS 8 AMI x86_64
3 | hosts: all
4 | become: true
5 |
6 | roles:
7 | - ami_8_x86_64
8 |
--------------------------------------------------------------------------------
/ansible/ami_9_x86_64.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: AlmaLinux OS 9 AMI x86_64
3 | hosts: all
4 | become: true
5 |
6 | roles:
7 | - ami_9_x86_64
8 |
--------------------------------------------------------------------------------
/ansible/roles/azure_guest/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | dependencies:
3 | - role: setup_cloud_init
4 | vars:
5 | cloud_platform: 'azure'
6 |
--------------------------------------------------------------------------------
/ansible/ami_10_x86_64.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: AlmaLinux OS 10 AMI x86_64
3 | hosts: all
4 | become: true
5 |
6 | roles:
7 | - ami_10_x86_64
8 |
--------------------------------------------------------------------------------
/ansible/ami_8_aarch64.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: AlmaLinux OS 8 AMI AArch64
3 | hosts: all
4 | become: true
5 |
6 | roles:
7 | - ami_8_aarch64
8 |
--------------------------------------------------------------------------------
/ansible/ami_9_aarch64.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: AlmaLinux OS 9 AMI AArch64
3 | hosts: all
4 | become: true
5 |
6 | roles:
7 | - ami_9_aarch64
8 |
--------------------------------------------------------------------------------
/ansible/ami_10_aarch64.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: AlmaLinux OS 10 AMI AArch64
3 | hosts: all
4 | become: true
5 |
6 | roles:
7 | - ami_10_aarch64
8 |
--------------------------------------------------------------------------------
/ansible/roles/hyperv_guest/README.md:
--------------------------------------------------------------------------------
1 | # hyperv_guest
2 |
3 | An Ansible role that installs Microsoft Hyper-V support packages on a virtual
4 | machine.
5 |
--------------------------------------------------------------------------------
/ansible/roles/setup_cloud_init/files/91-azure_datasource.cfg:
--------------------------------------------------------------------------------
1 | datasource_list: [ Azure ]
2 | datasource:
3 | Azure:
4 | apply_network_config: false
5 |
--------------------------------------------------------------------------------
/ansible/requirements.yml:
--------------------------------------------------------------------------------
1 | ---
2 | collections:
3 | - ansible.posix
4 | - almalinux.ci
5 | - community.general
6 |
7 | roles:
8 | - ezamriy.vbox_guest
9 |
--------------------------------------------------------------------------------
/ansible/ami_kitten_10_x86_64.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: AlmaLinux OS Kitten 10 AMI x86_64
3 | hosts: all
4 | become: true
5 |
6 | roles:
7 | - ami_kitten_10_x86_64
8 |
--------------------------------------------------------------------------------
/ansible/ami_kitten_10_aarch64.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: AlmaLinux OS Kitten 10 AMI AArch64
3 | hosts: all
4 | become: true
5 |
6 | roles:
7 | - ami_kitten_10_aarch64
8 |
--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | # Line endings are converted from LF to CRLF on Windows.
2 | # Anaconda installer doesn't understand kickstart files with CRLF line endings.
3 | *.ks text eol=lf
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_aarch64/templates/grub_defaults.j2:
--------------------------------------------------------------------------------
1 | GRUB_CMDLINE_LINUX="{{ ami_10_aarch64_kernel_opts }}"
2 | GRUB_TIMEOUT=0
3 | GRUB_ENABLE_BLSCFG=true
4 | GRUB_DEFAULT=saved
5 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_x86_64/templates/grub_defaults.j2:
--------------------------------------------------------------------------------
1 | GRUB_CMDLINE_LINUX="{{ ami_10_x86_64_kernel_opts }}"
2 | GRUB_TIMEOUT=0
3 | GRUB_ENABLE_BLSCFG=true
4 | GRUB_DEFAULT=saved
5 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/templates/grub_defaults.j2:
--------------------------------------------------------------------------------
1 | GRUB_CMDLINE_LINUX="{{ ami_8_aarch64_kernel_opts }}"
2 | GRUB_TIMEOUT=0
3 | GRUB_ENABLE_BLSCFG=true
4 | GRUB_DEFAULT=saved
5 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/templates/grub_defaults.j2:
--------------------------------------------------------------------------------
1 | GRUB_CMDLINE_LINUX="{{ ami_8_x86_64_kernel_opts }}"
2 | GRUB_TIMEOUT=0
3 | GRUB_ENABLE_BLSCFG=true
4 | GRUB_DEFAULT=saved
5 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_aarch64/templates/grub_defaults.j2:
--------------------------------------------------------------------------------
1 | GRUB_CMDLINE_LINUX="{{ ami_9_aarch64_kernel_opts }}"
2 | GRUB_TIMEOUT=0
3 | GRUB_ENABLE_BLSCFG=true
4 | GRUB_DEFAULT=saved
5 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_x86_64/templates/grub_defaults.j2:
--------------------------------------------------------------------------------
1 | GRUB_CMDLINE_LINUX="{{ ami_9_x86_64_kernel_opts }}"
2 | GRUB_TIMEOUT=0
3 | GRUB_ENABLE_BLSCFG=true
4 | GRUB_DEFAULT=saved
5 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_x86_64/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | ami_10_x86_64_kernel_opts: console=tty0 console=ttyS0,115200n8 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295
3 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | ami_8_x86_64_kernel_opts: console=tty0 console=ttyS0,115200n8 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295
3 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_x86_64/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | ami_9_x86_64_kernel_opts: console=tty0 console=ttyS0,115200n8 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295
3 |
--------------------------------------------------------------------------------
/ansible/roles/gencloud_guest/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | dependencies:
3 | # - role: almalinux.ci.disable_firstboot
4 | - role: "setup_cloud_init"
5 | cloud_init_user: "almalinux"
6 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/templates/grub_stub.j2:
--------------------------------------------------------------------------------
1 | search --no-floppy --fs-uuid --set=dev {{ boot_uuid.stdout }}
2 | set prefix=($dev)/grub2
3 | export $prefix
4 | configfile $prefix/grub.cfg
5 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_aarch64/templates/grub_defaults.j2:
--------------------------------------------------------------------------------
1 | GRUB_CMDLINE_LINUX="{{ ami_kitten_10_aarch64_kernel_opts }}"
2 | GRUB_TIMEOUT=0
3 | GRUB_ENABLE_BLSCFG=true
4 | GRUB_DEFAULT=saved
5 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_x86_64/templates/grub_defaults.j2:
--------------------------------------------------------------------------------
1 | GRUB_CMDLINE_LINUX="{{ ami_kitten_10_x86_64_kernel_opts }}"
2 | GRUB_TIMEOUT=0
3 | GRUB_ENABLE_BLSCFG=true
4 | GRUB_DEFAULT=saved
5 |
--------------------------------------------------------------------------------
/ansible/roles/unified_boot/templates/grub_cfg_stub.j2:
--------------------------------------------------------------------------------
1 | search --no-floppy --fs-uuid --set=dev {{ boot_uuid.stdout }}
2 | set prefix=($dev)/grub2
3 | export $prefix
4 | configfile $prefix/grub.cfg
5 |
--------------------------------------------------------------------------------
/vm-scripts/digitalocean/README.md:
--------------------------------------------------------------------------------
1 | # DigitalOcean Marketplace Image Validation Tool
2 |
3 | This script is used for the generation of the DigitalOcean image. They're not meant to be ran locally.
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | ami_8_aarch64_kernel_opts: console=tty0 console=ttyS0,115200n8 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 iommu.strict=0
3 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_aarch64/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | ami_9_aarch64_kernel_opts: console=tty0 console=ttyS0,115200n8 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 iommu.strict=0
3 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_x86_64/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | ami_kitten_10_x86_64_kernel_opts: console=tty0 console=ttyS0,115200n8 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295
3 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_aarch64/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | ami_10_aarch64_kernel_opts: console=tty0 console=ttyS0,115200n8 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 iommu.strict=0
3 |
--------------------------------------------------------------------------------
/ansible/roles/digitalocean_guest/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | dependencies:
3 | - role: almalinux.ci.disable_firstboot
4 | - role: 'setup_cloud_init'
5 | cloud_init_user: 'almalinux'
6 | - role: pvgrub_config
7 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/files/ifcfg-eth0:
--------------------------------------------------------------------------------
1 | TYPE=Ethernet
2 | DEVICE=eth0
3 | BOOTPROTO=dhcp
4 | PERSISTENT_DHCLIENT=1
5 | IPV6INIT=yes
6 | IPV6_FAILURE_FATAL=no
7 | PEERDNS=yes
8 | USERCTL=yes
9 | ONBOOT=yes
10 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/files/ifcfg-eth0:
--------------------------------------------------------------------------------
1 | TYPE=Ethernet
2 | DEVICE=eth0
3 | BOOTPROTO=dhcp
4 | PERSISTENT_DHCLIENT=1
5 | IPV6INIT=yes
6 | IPV6_FAILURE_FATAL=no
7 | PEERDNS=yes
8 | USERCTL=yes
9 | ONBOOT=yes
10 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_aarch64/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | ami_kitten_10_aarch64_kernel_opts: console=tty0 console=ttyS0,115200n8 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 iommu.strict=0
3 |
--------------------------------------------------------------------------------
/ansible/roles/aws_guest/files/ifcfg-eth0:
--------------------------------------------------------------------------------
1 | TYPE=Ethernet
2 | DEVICE=eth0
3 | BOOTPROTO=dhcp
4 | PERSISTENT_DHCLIENT=1
5 | IPV6INIT=yes
6 | IPV6_FAILURE_FATAL=no
7 | PEERDNS=yes
8 | USERCTL=yes
9 | ONBOOT=yes
10 |
--------------------------------------------------------------------------------
/ansible/roles/oci_guest/meta/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | dependencies:
3 | # - role: almalinux.ci.disable_firstboot
4 | - role: "setup_cloud_init"
5 | vars:
6 | cloud_init_user: "opc"
7 | cloud_platform: "oci"
8 |
--------------------------------------------------------------------------------
/ansible/gcp.yml:
--------------------------------------------------------------------------------
1 | # An Ansible playbook that configures an AlmaLinux OS GCP image
2 | ---
3 | - name: AlmaLinux GCP
4 | hosts: default
5 | become: true
6 |
7 | roles:
8 | - gcp_guest
9 | - cleanup_vm
10 |
--------------------------------------------------------------------------------
/ansible/roles/digitalocean_guest/files/ifcfg-eth0:
--------------------------------------------------------------------------------
1 | TYPE=Ethernet
2 | DEVICE=eth0
3 | BOOTPROTO=dhcp
4 | PERSISTENT_DHCLIENT=1
5 | IPV6INIT=yes
6 | IPV6_FAILURE_FATAL=no
7 | PEERDNS=yes
8 | USERCTL=yes
9 | ONBOOT=yes
10 |
--------------------------------------------------------------------------------
/ansible/roles/azure_guest/files/99-azure-unmanaged-devices.conf:
--------------------------------------------------------------------------------
1 | # Ignore SR-IOV interface on Azure, since it's transparently bonded
2 | # to the synthetic interface
3 | [keyfile]
4 | unmanaged-devices=driver:mlx4_core;driver:mlx5_core
5 |
--------------------------------------------------------------------------------
/ansible/roles/aws_guest/README.md:
--------------------------------------------------------------------------------
1 | # aws_guest
2 |
3 | An Ansible role that configures a virtual machine for AWS EC2.
4 |
5 |
6 | ## License
7 |
8 | MIT
9 |
10 |
11 | ## Authors
12 |
13 | * [Eugene Zamriy](https://github.com/ezamriy)
14 |
--------------------------------------------------------------------------------
/ansible/roles/vmware_guest/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install open-vm-tools
3 | dnf:
4 | install_weak_deps: "{{ false if ansible_facts['distribution_major_version'] | int >= 9 else omit }}"
5 | name: open-vm-tools
6 | state: latest
7 |
--------------------------------------------------------------------------------
/ansible/roles/qemu_guest/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install qemu-guest-agent
3 | dnf:
4 | install_weak_deps: "{{ false if ansible_facts['distribution_major_version'] | int >= 9 else omit }}"
5 | name: qemu-guest-agent
6 | state: latest
7 |
--------------------------------------------------------------------------------
/tests/genericcloud/launch_test_instances/amd64/output.tf:
--------------------------------------------------------------------------------
1 | output "gc_test-1" {
2 | value = openstack_compute_instance_v2.gc_test-1.access_ip_v4
3 | }
4 |
5 |
6 | output "gc_test-2" {
7 | value = openstack_compute_instance_v2.gc_test-2.access_ip_v4
8 | }
9 |
--------------------------------------------------------------------------------
/ansible/roles/azure_guest/files/99-azure-hyperv-ptp.rules:
--------------------------------------------------------------------------------
1 | # Mellanox VFs also produce a /dev/ptp device. To avoid the conflict,
2 | # we will rename the hyperv ptp interface "ptp_hyperv"
3 | SUBSYSTEM=="ptp", ATTR{clock_name}=="hyperv", SYMLINK += "ptp_hyperv"
4 |
--------------------------------------------------------------------------------
/ansible/roles/setup_cloud_init/tasks/oci.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Configure Oracle Cloud-init Datasource
3 | ansible.builtin.copy:
4 | src: 99_oci.cfg
5 | dest: /etc/cloud/cloud.cfg.d/99_oci.cfg
6 | owner: root
7 | group: root
8 | mode: "0644"
9 |
--------------------------------------------------------------------------------
/tests/genericcloud/launch_test_instances/aarch64/output.tf:
--------------------------------------------------------------------------------
1 | output "gc_test-1" {
2 | value = openstack_compute_instance_v2.gc_test-1.access_ip_v4
3 | }
4 |
5 |
6 | output "gc_test-2" {
7 | value = openstack_compute_instance_v2.gc_test-2.access_ip_v4
8 | }
9 |
--------------------------------------------------------------------------------
/ansible/roles/setup_cloud_init/files/99_oci.cfg:
--------------------------------------------------------------------------------
1 | datasource_list: ['Oracle', 'OpenStack']
2 | datasource:
3 | Oracle:
4 | configure_secondary_nics: true
5 | OpenStack:
6 | metadata_urls: ['http://169.254.169.254']
7 | timeout: 10
8 | max_wait: 20
9 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_x86_64/templates/grubenv.j2:
--------------------------------------------------------------------------------
1 | {% set grubenv_block = "# GRUB Environment Block" ~ "\n" ~ "saved_entry=ffffffffffffffffffffffffffffffff-" ~ kernel_ver.stdout ~ "\n" -%}
2 | {% set grubenv_padded = grubenv_block.ljust(1024, '#') -%}
3 | {{ grubenv_padded }}
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_aarch64/templates/grubenv.j2:
--------------------------------------------------------------------------------
1 | {% set grubenv_block = "# GRUB Environment Block" ~ "\n" ~ "saved_entry=ffffffffffffffffffffffffffffffff-" ~ kernel_ver.stdout ~ "\n" -%}
2 | {% set grubenv_padded = grubenv_block.ljust(1024, '#') -%}
3 | {{ grubenv_padded }}
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_x86_64/templates/grubenv.j2:
--------------------------------------------------------------------------------
1 | {% set grubenv_block = "# GRUB Environment Block" ~ "\n" ~ "saved_entry=ffffffffffffffffffffffffffffffff-" ~ kernel_ver.stdout ~ "\n" -%}
2 | {% set grubenv_padded = grubenv_block.ljust(1024, '#') -%}
3 | {{ grubenv_padded }}
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_aarch64/templates/grubenv.j2:
--------------------------------------------------------------------------------
1 | {% set grubenv_block = "# GRUB Environment Block" ~ "\n" ~ "saved_entry=ffffffffffffffffffffffffffffffff-" ~ kernel_ver.stdout ~ "\n" -%}
2 | {% set grubenv_padded = grubenv_block.ljust(1024, '#') -%}
3 | {{ grubenv_padded }}
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_aarch64/templates/grubenv.j2:
--------------------------------------------------------------------------------
1 | {% set grubenv_block = "# GRUB Environment Block" ~ "\n" ~ "saved_entry=ffffffffffffffffffffffffffffffff-" ~ kernel_ver.stdout ~ "\n" -%}
2 | {% set grubenv_padded = grubenv_block.ljust(1024, '#') -%}
3 | {{ grubenv_padded }}
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_x86_64/templates/grubenv.j2:
--------------------------------------------------------------------------------
1 | {% set grubenv_block = "# GRUB Environment Block" ~ "\n" ~ "saved_entry=ffffffffffffffffffffffffffffffff-" ~ kernel_ver.stdout ~ "\n" -%}
2 | {% set grubenv_padded = grubenv_block.ljust(1024, '#') -%}
3 | {{ grubenv_padded }}
4 |
--------------------------------------------------------------------------------
/tests/test-values.pkrvars.hcl:
--------------------------------------------------------------------------------
1 | # DigitalOcean
2 | do_api_token = "foo"
3 | do_spaces_key = "foo"
4 | do_spaces_secret = "foo"
5 | do_spaces_region = "foo"
6 | do_space_name = "foo"
7 | do_image_name_8 = "foo"
8 | do_image_name_9 = "foo"
9 | do_image_regions = ["foo", "bar"]
10 |
--------------------------------------------------------------------------------
/ansible/opennebula.yml:
--------------------------------------------------------------------------------
1 | # An Ansible playbook that configures a OpenNebula image
2 | ---
3 | - name: AlmaLinux OpenNebula
4 | hosts: default
5 | become: true
6 |
7 | roles:
8 | - role: unified_boot
9 | when: is_unified_boot is defined
10 | - opennebula_guest
11 | - cleanup_vm
12 |
--------------------------------------------------------------------------------
/ansible/digitalocean.yml:
--------------------------------------------------------------------------------
1 | # An Ansible playbook that configures a DigitalOcean image
2 | ---
3 | - name: AlmaLinux DigitalOcean Image
4 | hosts: default
5 | become: true
6 |
7 | roles:
8 | - role: unified_boot
9 | when: is_unified_boot is defined
10 | - digitalocean_guest
11 | - cleanup_vm
12 |
--------------------------------------------------------------------------------
/ansible/oci.yml:
--------------------------------------------------------------------------------
1 | # An Ansible playbook that configures a Oracle Cloud Infrastructure image
2 | ---
3 | - name: AlmaLinux Oracle Cloud Infrastructure
4 | hosts: all
5 | become: true
6 |
7 | roles:
8 | - role: unified_boot
9 | when: is_unified_boot is defined
10 | - oci_guest
11 | - cleanup_vm
12 |
--------------------------------------------------------------------------------
/ansible/gencloud.yml:
--------------------------------------------------------------------------------
1 | # An Ansible playbook that configures a Generic Cloud (Cloud-init) image
2 | ---
3 | - name: AlmaLinux OS Generic Cloud Image
4 | hosts: all
5 | become: true
6 |
7 | roles:
8 | - role: unified_boot
9 | when: is_unified_boot is defined
10 | - gencloud_guest
11 | - cleanup_vm
12 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_aarch64/templates/fstab.j2:
--------------------------------------------------------------------------------
1 | UUID={{ root_uuid.stdout }} / xfs defaults 0 0
2 | UUID={{ boot_uuid.stdout }} /boot xfs defaults 0 0
3 | UUID={{ esp_uuid.stdout }} /boot/efi vfat defaults,uid=0,gid=0,umask=077,shortname=winnt 0 2
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_x86_64/templates/fstab.j2:
--------------------------------------------------------------------------------
1 | UUID={{ root_uuid.stdout }} / xfs defaults 0 0
2 | UUID={{ boot_uuid.stdout }} /boot xfs defaults 0 0
3 | UUID={{ esp_uuid.stdout }} /boot/efi vfat defaults,uid=0,gid=0,umask=077,shortname=winnt 0 2
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/templates/fstab.j2:
--------------------------------------------------------------------------------
1 | UUID={{ root_uuid.stdout }} / xfs defaults 0 0
2 | UUID={{ boot_uuid.stdout }} /boot xfs defaults 0 0
3 | UUID={{ esp_uuid.stdout }} /boot/efi vfat defaults,uid=0,gid=0,umask=077,shortname=winnt 0 2
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/templates/fstab.j2:
--------------------------------------------------------------------------------
1 | UUID={{ root_uuid.stdout }} / xfs defaults 0 0
2 | UUID={{ boot_uuid.stdout }} /boot xfs defaults 0 0
3 | UUID={{ esp_uuid.stdout }} /boot/efi vfat defaults,uid=0,gid=0,umask=077,shortname=winnt 0 2
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_aarch64/templates/fstab.j2:
--------------------------------------------------------------------------------
1 | UUID={{ root_uuid.stdout }} / xfs defaults 0 0
2 | UUID={{ boot_uuid.stdout }} /boot xfs defaults 0 0
3 | UUID={{ esp_uuid.stdout }} /boot/efi vfat defaults,uid=0,gid=0,umask=077,shortname=winnt 0 2
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_x86_64/templates/fstab.j2:
--------------------------------------------------------------------------------
1 | UUID={{ root_uuid.stdout }} / xfs defaults 0 0
2 | UUID={{ boot_uuid.stdout }} /boot xfs defaults 0 0
3 | UUID={{ esp_uuid.stdout }} /boot/efi vfat defaults,uid=0,gid=0,umask=077,shortname=winnt 0 2
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_x86_64/templates/fstab.j2:
--------------------------------------------------------------------------------
1 | UUID={{ root_uuid.stdout }} / xfs defaults 0 0
2 | UUID={{ boot_uuid.stdout }} /boot xfs defaults 0 0
3 | UUID={{ esp_uuid.stdout }} /boot/efi vfat defaults,uid=0,gid=0,umask=077,shortname=winnt 0 2
4 |
--------------------------------------------------------------------------------
/ansible/roles/vagrant_guest/meta/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: AlmaLinux OS Cloud SIG
4 | description: Configuration and optimizations for a Vagrant guest
5 | company: AlmaLinux OS Foundation
6 | # https://almalinux.org/p/the-almalinux-os-licensing-policy
7 | license: GPL-3.0-only
8 | min_ansible_version: "2.14"
9 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_aarch64/templates/fstab.j2:
--------------------------------------------------------------------------------
1 | UUID={{ root_uuid.stdout }} / xfs defaults 0 0
2 | UUID={{ boot_uuid.stdout }} /boot xfs defaults 0 0
3 | UUID={{ esp_uuid.stdout }} /boot/efi vfat defaults,uid=0,gid=0,umask=077,shortname=winnt 0 2
4 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/templates/grubenv.j2:
--------------------------------------------------------------------------------
1 | {% set grubenv_block = "# GRUB Environment Block" ~ "\n" ~ "kernelopts=root=UUID=" ~ root_uuid.stdout ~ " " ~ ami_8_x86_64_kernel_opts ~ "\n" ~ "saved_entry=ffffffffffffffffffffffffffffffff-" ~ kernel_ver.stdout ~ "\n" -%}
2 | {% set grubenv_padded = grubenv_block.ljust(1024, '#') -%}
3 | {{ grubenv_padded }}
4 |
--------------------------------------------------------------------------------
/ansible/roles/unified_boot/meta/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | author: AlmaLinux OS Cloud SIG
4 | description: Unify bootloader configuration for BIOS and UEFI support
5 | company: AlmaLinux OS Foundation
6 | license: GPL-3.0-only
7 | min_ansible_version: 2.13.9
8 | galaxy_tags:
9 | - unifiedboot
10 | - bios
11 | - uefi
12 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/templates/grubenv.j2:
--------------------------------------------------------------------------------
1 | {% set grubenv_block = "# GRUB Environment Block" ~ "\n" ~ "kernelopts=root=UUID=" ~ root_uuid.stdout ~ " " ~ ami_8_aarch64_kernel_opts ~ "\n" ~ "saved_entry=ffffffffffffffffffffffffffffffff-" ~ kernel_ver.stdout ~ "\n" -%}
2 | {% set grubenv_padded = grubenv_block.ljust(1024, '#') -%}
3 | {{ grubenv_padded }}
4 |
--------------------------------------------------------------------------------
/ansible/roles/vmware_guest/meta/main.yml:
--------------------------------------------------------------------------------
1 | galaxy_info:
2 | role_name: vmware_guest
3 | author: Eugene Zamriy
4 | description: Installs open-vm-tools
5 | license: MIT
6 | min_ansible_version: 2.5
7 | platforms:
8 | - name: EL
9 | versions:
10 | - 8
11 | galaxy_tags:
12 | - guest
13 | - system
14 | - vmware
15 |
16 | dependencies: []
17 |
--------------------------------------------------------------------------------
/ansible/roles/qemu_guest/meta/main.yml:
--------------------------------------------------------------------------------
1 | galaxy_info:
2 | role_name: qemu_guest
3 | author: Elkhan Mammadli
4 | description: Installs qemu-guest-agent and rsync
5 | license: MIT
6 | min_ansible_version: 2.5
7 | platforms:
8 | - name: EL
9 | versions:
10 | - 8
11 | galaxy_tags:
12 | - guest
13 | - system
14 | - qemu
15 |
16 | dependencies: []
17 |
--------------------------------------------------------------------------------
/tests/ami/launch_test_instances/aarch64/output.tf:
--------------------------------------------------------------------------------
1 | output "instance1_public_ip" {
2 | value = aws_instance.ami_test-1.public_ip
3 | }
4 |
5 | output "instance2_public_ip" {
6 | value = aws_instance.ami_test-2.public_ip
7 | }
8 |
9 | output "instance_id1" {
10 | value = aws_instance.ami_test-1.id
11 | }
12 |
13 | output "instance_id2" {
14 | value = aws_instance.ami_test-2.id
15 | }
16 |
--------------------------------------------------------------------------------
/tests/ami/launch_test_instances/amd64/output.tf:
--------------------------------------------------------------------------------
1 | output "instance1_public_ip" {
2 | value = aws_instance.ami_test-1.public_ip
3 | }
4 |
5 | output "instance2_public_ip" {
6 | value = aws_instance.ami_test-2.public_ip
7 | }
8 |
9 | output "instance_id1" {
10 | value = aws_instance.ami_test-1.id
11 | }
12 |
13 | output "instance_id2" {
14 | value = aws_instance.ami_test-2.id
15 | }
16 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Packer
2 | *.auto.pkrvars.hcl
3 | *.auto.pkrvars.json
4 | *.pkrvars.hcl
5 | *.pkrvars.json
6 | packer_cache
7 | output-*
8 | *.box
9 |
10 | # Ansible
11 | ansible/collections
12 | ansible/roles/ezamriy*
13 |
14 | # Tools and Tests
15 | .venv
16 | venv
17 | **/.pytest_cache
18 | **/__pycache__
19 | **/aws_amis*.csv
20 | **/AWS_AMIS*.md
21 |
22 | # Editors
23 | .idea
24 | .vscode
25 |
--------------------------------------------------------------------------------
/ansible/roles/oci_guest/defaults/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | # https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/manage-plugins.htm#install-agent__manual-linux
3 | # Click on "Oracle Linux" >> "Oracle Linux 8.x, Oracle Linux Cloud Developer 8.x"
4 | # The public download links of Oracle Cloud Agent are not available anymore
5 | # ol8_gpg_key_url: ""
6 | # oracle_cloud_agent_url_x86_64: ""
7 | # oracle_cloud_agent_url_aarch64: ""
8 |
--------------------------------------------------------------------------------
/ansible/roles/setup_cloud_init/README.md:
--------------------------------------------------------------------------------
1 | # setup_cloud_init
2 |
3 | An Ansible role that installs and configures [cloud-init](https://cloud-init.io/).
4 |
5 |
6 | ## Role Variables
7 |
8 | The role variables and their default values are listed below:
9 |
10 | * `cloud_init_user: ''` - a name of a user managed by cloud-init.
11 |
12 |
13 | ## License
14 |
15 | MIT
16 |
17 |
18 | ## Authors
19 |
20 | * [Eugene Zamriy](https://github.com/ezamriy)
21 |
--------------------------------------------------------------------------------
/ansible/azure.yml:
--------------------------------------------------------------------------------
1 | # An Ansible playbook that configures an AlmaLinux OS Azure image
2 | ---
3 | - name: AlmaLinux Azure
4 | hosts: default
5 | become: true
6 |
7 | roles:
8 | - role: unified_boot
9 | vars:
10 | unified_boot_kernel_opts: loglevel=3 console=tty1 console=ttyS0 earlyprintk=ttyS0 rootdelay=300 no_timer_check biosdevname=0 net.ifnames=0
11 | when: is_unified_boot is defined
12 | - azure_guest
13 | - cleanup_vm
14 |
--------------------------------------------------------------------------------
/ansible/roles/setup_cloud_init/tasks/azure.yml:
--------------------------------------------------------------------------------
1 | - name: Configure cloud-init Azure datasource
2 | copy:
3 | src: 91-azure_datasource.cfg
4 | dest: /etc/cloud/cloud.cfg.d/91-azure_datasource.cfg
5 | owner: root
6 | group: root
7 | mode: 0644
8 |
9 | - name: Enable Hyper-V telemetry logging
10 | copy:
11 | src: 10-azure-kvp.cfg
12 | dest: /etc/cloud/cloud.cfg.d/10-azure-kvp.cfg
13 | owner: root
14 | group: root
15 | mode: 0644
16 |
--------------------------------------------------------------------------------
/ansible/roles/hyperv_guest/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install Hyper-V dependencies
3 | dnf:
4 | install_weak_deps: "{{ false if ansible_facts['distribution_major_version'] | int >= 9 else omit }}"
5 | name:
6 | - cifs-utils
7 | - hyperv-daemons
8 | state: installed
9 |
10 | - name: Enable Hyper-V services
11 | service:
12 | name: "{{ item }}"
13 | enabled: yes
14 | with_items:
15 | - hypervvssd
16 | - hypervkvpd
17 | - hypervfcopyd
18 |
--------------------------------------------------------------------------------
/ansible/roles/dump_repo_metadata/files/dump_repo_metadata.py:
--------------------------------------------------------------------------------
1 | import dnf
2 |
3 | base = dnf.Base()
4 | base.read_all_repos()
5 |
6 | # Iterate through all enabled repositories
7 | for repo in base.repos.iter_enabled():
8 | try:
9 | repo.load()
10 | content = repo.get_metadata_content('primary')
11 | print(f"--- Metadata for {repo.id} ---")
12 | print(content)
13 | print("\n")
14 | except Exception as e:
15 | print(f"Could not load metadata for repo {repo.id}: {e}")
16 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/tasks/selinux.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Disable relabel on boot
3 | ansible.builtin.file:
4 | path: /rootfs/.autorelabel
5 | state: absent
6 | force: true
7 |
8 | - name: Relabel filesystem
9 | ansible.builtin.command:
10 | cmd: chroot /rootfs /sbin/fixfiles -f -F relabel
11 | changed_when: true
12 |
13 | - name: Install SELinux
14 | ansible.builtin.command:
15 | cmd: dnf --installroot=/rootfs --nogpgcheck -y reinstall selinux-policy-targeted libselinux-utils policycoreutils
16 | changed_when: true
17 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/tasks/selinux.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Disable relabel on boot
3 | ansible.builtin.file:
4 | path: /rootfs/.autorelabel
5 | state: absent
6 | force: true
7 |
8 | - name: Relabel filesystem
9 | ansible.builtin.command:
10 | cmd: chroot /rootfs /sbin/fixfiles -f -F relabel
11 | changed_when: true
12 |
13 | - name: Install SELinux
14 | ansible.builtin.command:
15 | cmd: dnf --installroot=/rootfs --nogpgcheck -y reinstall selinux-policy-targeted libselinux-utils policycoreutils
16 | changed_when: true
17 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_aarch64/tasks/selinux.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Disable relabel on boot
3 | ansible.builtin.file:
4 | path: /rootfs/.autorelabel
5 | state: absent
6 | force: true
7 |
8 | - name: Relabel filesystem
9 | ansible.builtin.command:
10 | cmd: chroot /rootfs /sbin/fixfiles -f -F relabel
11 | changed_when: true
12 |
13 | - name: Install SELinux
14 | ansible.builtin.command:
15 | cmd: dnf --installroot=/rootfs --nogpgcheck -y reinstall selinux-policy-targeted libselinux-utils policycoreutils
16 | changed_when: true
17 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_x86_64/tasks/selinux.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Disable relabel on boot
3 | ansible.builtin.file:
4 | path: /rootfs/.autorelabel
5 | state: absent
6 | force: true
7 |
8 | - name: Relabel filesystem
9 | ansible.builtin.command:
10 | cmd: chroot /rootfs /sbin/fixfiles -f -F relabel
11 | changed_when: true
12 |
13 | - name: Install SELinux
14 | ansible.builtin.command:
15 | cmd: dnf --installroot=/rootfs --nogpgcheck -y reinstall selinux-policy-targeted libselinux-utils policycoreutils
16 | changed_when: true
17 |
--------------------------------------------------------------------------------
/ansible/roles/vagrant_guest/files/vagrant.pub:
--------------------------------------------------------------------------------
1 | ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
2 | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN1YdxBpNlzxDqfJyw/QKow1F+wvG9hXGoqiysfJOn5Y vagrant insecure public key
3 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_aarch64/tasks/selinux.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Disable relabel on boot
3 | ansible.builtin.file:
4 | path: /rootfs/.autorelabel
5 | state: absent
6 | force: true
7 |
8 | - name: Relabel filesystem
9 | ansible.builtin.command:
10 | cmd: chroot /rootfs /sbin/fixfiles -f -F relabel
11 | changed_when: true
12 |
13 | - name: Install SELinux
14 | ansible.builtin.command:
15 | cmd: dnf --installroot=/rootfs --nogpgcheck -y reinstall selinux-policy-targeted libselinux-utils policycoreutils
16 | changed_when: true
17 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_x86_64/tasks/selinux.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Disable relabel on boot
3 | ansible.builtin.file:
4 | path: /rootfs/.autorelabel
5 | state: absent
6 | force: true
7 |
8 | - name: Relabel filesystem
9 | ansible.builtin.command:
10 | cmd: chroot /rootfs /sbin/fixfiles -f -F relabel
11 | changed_when: true
12 |
13 | - name: Install SELinux
14 | ansible.builtin.command:
15 | cmd: dnf --installroot=/rootfs --nogpgcheck -y reinstall selinux-policy-targeted libselinux-utils policycoreutils
16 | changed_when: true
17 |
--------------------------------------------------------------------------------
/tests/ami/ssh-config.tftpl:
--------------------------------------------------------------------------------
1 | Host almalinux-test-1
2 | HostName ${Host1}
3 | User ec2-user
4 | Port 22
5 | UserKnownHostsFile /dev/null
6 | StrictHostKeyChecking no
7 | PasswordAuthentication no
8 | IdentityFile ~/.ssh/alcib_rsa4096
9 | IdentitiesOnly yes
10 | LogLevel FATAL
11 |
12 | Host almalinux-test-2
13 | HostName ${Host2}
14 | User ec2-user
15 | Port 22
16 | UserKnownHostsFile /dev/null
17 | StrictHostKeyChecking no
18 | PasswordAuthentication no
19 | IdentityFile ~/.ssh/alcib_rsa4096
20 | IdentitiesOnly yes
21 | LogLevel FATAL
22 |
--------------------------------------------------------------------------------
/almalinux_8_gencloud_s390x.xml.tmpl:
--------------------------------------------------------------------------------
1 |
2 | AlmaLinux-8-GenericCloud-8.MINOR_VERSION-TIMESTAMP.s390x
3 |
4 | CentOS-8
5 | 1
6 | s390x
7 |
8 | https://repo.almalinux.org/almalinux/8/BaseOS/s390x/kickstart/
9 |
10 |
11 | AlmaLinux-8-GenericCloud-8.MINOR_VERSION-TIMESTAMP.s390x
12 |
13 | 10G
14 |
15 |
16 |
--------------------------------------------------------------------------------
/almalinux_9_gencloud_s390x.xml.tmpl:
--------------------------------------------------------------------------------
1 |
2 | AlmaLinux-9-GenericCloud-9.MINOR_VERSION-TIMESTAMP.s390x
3 |
4 | CentOS-9
5 | 1
6 | s390x
7 |
8 | https://repo.almalinux.org/almalinux/9/BaseOS/s390x/kickstart/
9 |
10 |
11 | AlmaLinux-9-GenericCloud-9.MINOR_VERSION-TIMESTAMP.s390x
12 |
13 | 10G
14 |
15 |
16 |
--------------------------------------------------------------------------------
/tests/ami/launch_test_instances/amd64/ssh-config.tftpl:
--------------------------------------------------------------------------------
1 | Host almalinux-test-1
2 | HostName ${Host1}
3 | User ec2-user
4 | Port 22
5 | UserKnownHostsFile /dev/null
6 | StrictHostKeyChecking no
7 | PasswordAuthentication no
8 | IdentityFile ~/.ssh/alcib_rsa4096
9 | IdentitiesOnly yes
10 | LogLevel FATAL
11 |
12 | Host almalinux-test-2
13 | HostName ${Host2}
14 | User ec2-user
15 | Port 22
16 | UserKnownHostsFile /dev/null
17 | StrictHostKeyChecking no
18 | PasswordAuthentication no
19 | IdentityFile ~/.ssh/alcib_rsa4096
20 | IdentitiesOnly yes
21 | LogLevel FATAL
22 |
--------------------------------------------------------------------------------
/tests/ami/launch_test_instances/aarch64/ssh-config.tftpl:
--------------------------------------------------------------------------------
1 | Host almalinux-test-1
2 | HostName ${Host1}
3 | User ec2-user
4 | Port 22
5 | UserKnownHostsFile /dev/null
6 | StrictHostKeyChecking no
7 | PasswordAuthentication no
8 | IdentityFile ~/.ssh/alcib_rsa4096
9 | IdentitiesOnly yes
10 | LogLevel FATAL
11 |
12 | Host almalinux-test-2
13 | HostName ${Host2}
14 | User ec2-user
15 | Port 22
16 | UserKnownHostsFile /dev/null
17 | StrictHostKeyChecking no
18 | PasswordAuthentication no
19 | IdentityFile ~/.ssh/alcib_rsa4096
20 | IdentitiesOnly yes
21 | LogLevel FATAL
22 |
--------------------------------------------------------------------------------
/tests/opennebula/create_test_vms/aarch64/ssh-config.tftpl:
--------------------------------------------------------------------------------
1 | Host almalinux-test-1
2 | HostName ${Host1}
3 | User almalinux
4 | Port 22
5 | UserKnownHostsFile /dev/null
6 | StrictHostKeyChecking no
7 | PasswordAuthentication no
8 | IdentityFile ~/.ssh/alcib_rsa4096
9 | IdentitiesOnly yes
10 | LogLevel FATAL
11 |
12 | Host almalinux-test-2
13 | HostName ${Host2}
14 | User almalinux
15 | Port 22
16 | UserKnownHostsFile /dev/null
17 | StrictHostKeyChecking no
18 | PasswordAuthentication no
19 | IdentityFile ~/.ssh/alcib_rsa4096
20 | IdentitiesOnly yes
21 | LogLevel FATAL
22 |
--------------------------------------------------------------------------------
/tests/opennebula/create_test_vms/amd64/ssh-config.tftpl:
--------------------------------------------------------------------------------
1 | Host almalinux-test-1
2 | HostName ${Host1}
3 | User almalinux
4 | Port 22
5 | UserKnownHostsFile /dev/null
6 | StrictHostKeyChecking no
7 | PasswordAuthentication no
8 | IdentityFile ~/.ssh/alcib_rsa4096
9 | IdentitiesOnly yes
10 | LogLevel FATAL
11 |
12 | Host almalinux-test-2
13 | HostName ${Host2}
14 | User almalinux
15 | Port 22
16 | UserKnownHostsFile /dev/null
17 | StrictHostKeyChecking no
18 | PasswordAuthentication no
19 | IdentityFile ~/.ssh/alcib_rsa4096
20 | IdentitiesOnly yes
21 | LogLevel FATAL
22 |
--------------------------------------------------------------------------------
/tests/genericcloud/launch_test_instances/amd64/ssh-config.tftpl:
--------------------------------------------------------------------------------
1 | Host almalinux-test-1
2 | HostName ${Host1}
3 | User almalinux
4 | Port 22
5 | UserKnownHostsFile /dev/null
6 | StrictHostKeyChecking no
7 | PasswordAuthentication no
8 | IdentityFile ~/.ssh/alcib_rsa4096
9 | IdentitiesOnly yes
10 | LogLevel FATAL
11 |
12 | Host almalinux-test-2
13 | HostName ${Host2}
14 | User almalinux
15 | Port 22
16 | UserKnownHostsFile /dev/null
17 | StrictHostKeyChecking no
18 | PasswordAuthentication no
19 | IdentityFile ~/.ssh/alcib_rsa4096
20 | IdentitiesOnly yes
21 | LogLevel FATAL
22 |
--------------------------------------------------------------------------------
/tests/genericcloud/launch_test_instances/aarch64/ssh-config.tftpl:
--------------------------------------------------------------------------------
1 | Host almalinux-test-1
2 | HostName ${Host1}
3 | User almalinux
4 | Port 22
5 | UserKnownHostsFile /dev/null
6 | StrictHostKeyChecking no
7 | PasswordAuthentication no
8 | IdentityFile ~/.ssh/alcib_rsa4096
9 | IdentitiesOnly yes
10 | LogLevel FATAL
11 |
12 | Host almalinux-test-2
13 | HostName ${Host2}
14 | User almalinux
15 | Port 22
16 | UserKnownHostsFile /dev/null
17 | StrictHostKeyChecking no
18 | PasswordAuthentication no
19 | IdentityFile ~/.ssh/alcib_rsa4096
20 | IdentitiesOnly yes
21 | LogLevel FATAL
22 |
--------------------------------------------------------------------------------
/almalinux_kitten_10_gencloud_s390x.xml.tmpl:
--------------------------------------------------------------------------------
1 |
2 | AlmaLinux-Kitten-GenericCloud-10-TIMESTAMP.IMGBUILDNUMBER.s390x
3 |
4 | CentOS-9
5 | 1
6 | s390x
7 |
8 | https://kitten.repo.almalinux.org/10-kitten/BaseOS/s390x/kickstart/
9 |
10 |
11 | AlmaLinux-Kitten-GenericCloud-10-TIMESTAMP.IMGBUILDNUMBER.s390x
12 |
13 | 10G
14 |
15 |
16 |
--------------------------------------------------------------------------------
/almalinux_10_gencloud_s390x.xml.tmpl:
--------------------------------------------------------------------------------
1 |
2 | AlmaLinux-10-GenericCloud-10.MINOR_VERSION-TIMESTAMP.IMGBUILDNUMBER.s390x
3 |
4 | CentOS-9
5 | 1
6 | s390x
7 |
8 | https://repo.almalinux.org/almalinux/10/BaseOS/s390x/kickstart/
9 |
10 |
11 | AlmaLinux-10-GenericCloud-10.MINOR_VERSION-TIMESTAMP.IMGBUILDNUMBER.s390x
12 |
13 | 10G
14 |
15 |
16 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_aarch64/tasks/selinux.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Disable relabel on boot
3 | ansible.builtin.file:
4 | path: /rootfs/.autorelabel
5 | state: absent
6 | force: true
7 |
8 | - name: Relabel filesystem
9 | ansible.builtin.command:
10 | cmd: chroot /rootfs /sbin/fixfiles -f -F relabel
11 | changed_when: true
12 |
13 | - name: Install SELinux
14 | ansible.builtin.command:
15 | cmd: >
16 | dnf -y --installroot=/rootfs --nogpgcheck --setopt=install_weak_deps=False --setopt=cachedir=/var/cache/dnf reinstall
17 | selinux-policy-targeted
18 | libselinux-utils
19 | policycoreutils
20 | changed_when: true
21 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_x86_64/tasks/selinux.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Disable relabel on boot
3 | ansible.builtin.file:
4 | path: /rootfs/.autorelabel
5 | state: absent
6 | force: true
7 |
8 | - name: Relabel filesystem
9 | ansible.builtin.command:
10 | cmd: chroot /rootfs /sbin/fixfiles -f -F relabel
11 | changed_when: true
12 |
13 | - name: Install SELinux
14 | ansible.builtin.command:
15 | cmd: >
16 | dnf -y --installroot=/rootfs --nogpgcheck --setopt=install_weak_deps=False --setopt=cachedir=/var/cache/dnf reinstall
17 | selinux-policy-targeted
18 | libselinux-utils
19 | policycoreutils
20 | changed_when: true
21 |
--------------------------------------------------------------------------------
/tests/genericcloud/upload_image/amd64/upload_image.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">= 0.14.0"
3 | required_providers {
4 | openstack = {
5 | source = "terraform-provider-openstack/openstack"
6 | version = ">= 1.40"
7 | }
8 | }
9 | }
10 |
11 |
12 | provider "openstack" {
13 | cloud = "openstack-amd64"
14 | }
15 |
16 |
17 | resource "openstack_images_image_v2" "almalinux-gc" {
18 | name = "AlmaLinux OS 8.7.${formatdate("YYYYMMDD", timestamp())}"
19 | container_format = "bare"
20 | disk_format = "qcow2"
21 | local_file_path = "AlmaLinux-8-GenericCloud-8.7-${formatdate("YYYYMMDD", timestamp())}.x86_64.qcow2"
22 | }
23 |
--------------------------------------------------------------------------------
/tests/genericcloud/upload_image/aarch64/upload_image.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">= 0.14.0"
3 | required_providers {
4 | openstack = {
5 | source = "terraform-provider-openstack/openstack"
6 | version = ">= 1.40"
7 | }
8 | }
9 | }
10 |
11 |
12 | provider "openstack" {
13 | cloud = "openstack-aarch64"
14 | }
15 |
16 |
17 | resource "openstack_images_image_v2" "almalinux-gc" {
18 | name = "AlmaLinux OS 8.7.${formatdate("YYYYMMDD", timestamp())}"
19 | container_format = "bare"
20 | disk_format = "qcow2"
21 | local_file_path = "AlmaLinux-8-GenericCloud-8.7-${formatdate("YYYYMMDD", timestamp())}.aarch64.qcow2"
22 | }
23 |
--------------------------------------------------------------------------------
/ansible/roles/dump_repo_metadata/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Copy repo metadata dump script
3 | ansible.builtin.copy:
4 | src: files/dump_repo_metadata.py
5 | dest: /dev/shm/dump_repo_metadata.py
6 |
7 | - name: Dump repo metadata for SBOMs
8 | ansible.builtin.shell: python3 /dev/shm/dump_repo_metadata.py > /dev/shm/repo-metadata.txt
9 | register: dump_repo_metadata
10 | failed_when: false
11 |
12 | - name: Write repo metadata for SBOMs to artifact file
13 | ansible.builtin.fetch:
14 | src: /dev/shm/repo-metadata.txt
15 | dest: /tmp/repo-metadata-{{ packer_build_name }}.txt
16 | flat: true
17 | become: false
18 | when: dump_repo_metadata.changed
19 |
--------------------------------------------------------------------------------
/ansible/roles/sbom_data/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Copy SBOM data collector into the system
3 | ansible.builtin.copy:
4 | src: "{{ playbook_dir }}/../sbom-tools/sbom_data_collector.py"
5 | dest: /dev/shm/sbom_data_collector.py
6 |
7 | - name: Collect SBOM data from the system
8 | ansible.builtin.shell: python3 /dev/shm/sbom_data_collector.py -o /dev/shm/sbom-data.json -v
9 | register: sbom_data_collector
10 | failed_when: false
11 |
12 | - name: Write SBOM data to artifact file
13 | ansible.builtin.fetch:
14 | src: /dev/shm/sbom-data.json
15 | dest: /tmp/sbom-data-{{ packer_build_name }}.json
16 | flat: true
17 | become: false
18 | when: sbom_data_collector.changed
19 |
--------------------------------------------------------------------------------
/ansible/vagrant.yml:
--------------------------------------------------------------------------------
1 | # An Ansible playbook that configures a Vagrant box
2 | ---
3 | - name: "AlmaLinux Vagrant Box"
4 | hosts: default
5 | become: true
6 | collections:
7 | - almalinux.ci
8 |
9 | roles:
10 | - role: unified_boot
11 | when: is_unified_boot is defined
12 | - vagrant_guest
13 | - role: ezamriy.vbox_guest
14 | when: packer_provider == 'virtualbox-iso'
15 | - role: vmware_guest
16 | when: packer_provider == 'vmware-iso'
17 | - role: qemu_guest
18 | when: packer_provider == 'qemu'
19 | - role: hyperv_guest
20 | when: packer_provider == 'hyperv-iso'
21 | - role: cleanup_vm
22 | cleanup_ssh_host_keys: "{{ packer_provider != 'hyperv-iso' }}"
23 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_aarch64/templates/grub.cfg.j2:
--------------------------------------------------------------------------------
1 | set timeout=0
2 |
3 | # load the grubenv file
4 | load_env
5 |
6 | # selection of the next boot entry via variables 'next_entry' and
7 | # `saved_entry` present in the 'grubenv' file. Both variables are
8 | # set by grub tools, like grub2-reboot, grub2-set-default
9 |
10 | if [ "${next_entry}" ] ; then
11 | set default="${next_entry}"
12 | set next_entry=
13 | save_env next_entry
14 | set boot_once=true
15 | else
16 | set default="${saved_entry}"
17 | fi
18 |
19 | search --no-floppy --set=root --fs-uuid {{ boot_uuid.stdout }}
20 | set boot=${root}
21 | function load_video {
22 | insmod all_video
23 | }
24 | ${serial}${terminal_input}${terminal_output}
25 | blscfg
26 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_x86_64/templates/grub.cfg.j2:
--------------------------------------------------------------------------------
1 | set timeout=0
2 |
3 | # load the grubenv file
4 | load_env
5 |
6 | # selection of the next boot entry via variables 'next_entry' and
7 | # `saved_entry` present in the 'grubenv' file. Both variables are
8 | # set by grub tools, like grub2-reboot, grub2-set-default
9 |
10 | if [ "${next_entry}" ] ; then
11 | set default="${next_entry}"
12 | set next_entry=
13 | save_env next_entry
14 | set boot_once=true
15 | else
16 | set default="${saved_entry}"
17 | fi
18 |
19 | search --no-floppy --set=root --fs-uuid {{ boot_uuid.stdout }}
20 | set boot=${root}
21 | function load_video {
22 | insmod all_video
23 | }
24 | ${serial}${terminal_input}${terminal_output}
25 | blscfg
26 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/templates/grub.cfg.j2:
--------------------------------------------------------------------------------
1 | set timeout=0
2 |
3 | # load the grubenv file
4 | load_env
5 |
6 | # selection of the next boot entry via variables 'next_entry' and
7 | # `saved_entry` present in the 'grubenv' file. Both variables are
8 | # set by grub tools, like grub2-reboot, grub2-set-default
9 |
10 | if [ "${next_entry}" ] ; then
11 | set default="${next_entry}"
12 | set next_entry=
13 | save_env next_entry
14 | set boot_once=true
15 | else
16 | set default="${saved_entry}"
17 | fi
18 |
19 | search --no-floppy --set=root --fs-uuid {{ boot_uuid.stdout }}
20 | set boot=${root}
21 | function load_video {
22 | insmod all_video
23 | }
24 | ${serial}${terminal_input}${terminal_output}
25 | blscfg
26 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/templates/grub.cfg.j2:
--------------------------------------------------------------------------------
1 | set timeout=0
2 |
3 | # load the grubenv file
4 | load_env
5 |
6 | # selection of the next boot entry via variables 'next_entry' and
7 | # `saved_entry` present in the 'grubenv' file. Both variables are
8 | # set by grub tools, like grub2-reboot, grub2-set-default
9 |
10 | if [ "${next_entry}" ] ; then
11 | set default="${next_entry}"
12 | set next_entry=
13 | save_env next_entry
14 | set boot_once=true
15 | else
16 | set default="${saved_entry}"
17 | fi
18 |
19 | search --no-floppy --set=root --fs-uuid {{ boot_uuid.stdout }}
20 | set boot=${root}
21 | function load_video {
22 | insmod all_video
23 | }
24 | ${serial}${terminal_input}${terminal_output}
25 | blscfg
26 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_aarch64/templates/grub.cfg.j2:
--------------------------------------------------------------------------------
1 | set timeout=0
2 |
3 | # load the grubenv file
4 | load_env
5 |
6 | # selection of the next boot entry via variables 'next_entry' and
7 | # `saved_entry` present in the 'grubenv' file. Both variables are
8 | # set by grub tools, like grub2-reboot, grub2-set-default
9 |
10 | if [ "${next_entry}" ] ; then
11 | set default="${next_entry}"
12 | set next_entry=
13 | save_env next_entry
14 | set boot_once=true
15 | else
16 | set default="${saved_entry}"
17 | fi
18 |
19 | search --no-floppy --set=root --fs-uuid {{ boot_uuid.stdout }}
20 | set boot=${root}
21 | function load_video {
22 | insmod all_video
23 | }
24 | ${serial}${terminal_input}${terminal_output}
25 | blscfg
26 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_x86_64/templates/grub.cfg.j2:
--------------------------------------------------------------------------------
1 | set timeout=0
2 |
3 | # load the grubenv file
4 | load_env
5 |
6 | # selection of the next boot entry via variables 'next_entry' and
7 | # `saved_entry` present in the 'grubenv' file. Both variables are
8 | # set by grub tools, like grub2-reboot, grub2-set-default
9 |
10 | if [ "${next_entry}" ] ; then
11 | set default="${next_entry}"
12 | set next_entry=
13 | save_env next_entry
14 | set boot_once=true
15 | else
16 | set default="${saved_entry}"
17 | fi
18 |
19 | search --no-floppy --set=root --fs-uuid {{ boot_uuid.stdout }}
20 | set boot=${root}
21 | function load_video {
22 | insmod all_video
23 | }
24 | ${serial}${terminal_input}${terminal_output}
25 | blscfg
26 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_x86_64/templates/grub.cfg.j2:
--------------------------------------------------------------------------------
1 | set timeout=0
2 |
3 | # load the grubenv file
4 | load_env
5 |
6 | # selection of the next boot entry via variables 'next_entry' and
7 | # `saved_entry` present in the 'grubenv' file. Both variables are
8 | # set by grub tools, like grub2-reboot, grub2-set-default
9 |
10 | if [ "${next_entry}" ] ; then
11 | set default="${next_entry}"
12 | set next_entry=
13 | save_env next_entry
14 | set boot_once=true
15 | else
16 | set default="${saved_entry}"
17 | fi
18 |
19 | search --no-floppy --set=root --fs-uuid {{ boot_uuid.stdout }}
20 | set boot=${root}
21 | function load_video {
22 | insmod all_video
23 | }
24 | ${serial}${terminal_input}${terminal_output}
25 | blscfg
26 |
--------------------------------------------------------------------------------
/ansible/roles/unified_boot/templates/grub_cfg_main.j2:
--------------------------------------------------------------------------------
1 | set timeout=0
2 |
3 | # load the grubenv file
4 | load_env
5 |
6 | # selection of the next boot entry via variables 'next_entry' and
7 | # `saved_entry` present in the 'grubenv' file. Both variables are
8 | # set by grub tools, like grub2-reboot, grub2-set-default
9 |
10 | if [ "${next_entry}" ] ; then
11 | set default="${next_entry}"
12 | set next_entry=
13 | save_env next_entry
14 | set boot_once=true
15 | else
16 | set default="${saved_entry}"
17 | fi
18 |
19 | search --no-floppy --set=root --fs-uuid {{ boot_uuid.stdout }}
20 | set boot=${root}
21 | function load_video {
22 | insmod all_video
23 | }
24 | ${serial}${terminal_input}${terminal_output}
25 | blscfg
26 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create partition table, partitions and filesystems
3 | ansible.builtin.import_tasks:
4 | file: storage.yaml
5 |
6 | - name: Create chroot
7 | ansible.builtin.import_tasks:
8 | file: chroot.yaml
9 |
10 | - name: Install OS
11 | ansible.builtin.import_tasks:
12 | file: os.yaml
13 |
14 | - name: Configure guest
15 | ansible.builtin.import_tasks:
16 | file: guest.yaml
17 |
18 | - name: Configure bootloader
19 | ansible.builtin.import_tasks:
20 | file: bootloader.yaml
21 |
22 | - name: Configure SELinux
23 | ansible.builtin.import_tasks:
24 | file: selinux.yaml
25 |
26 | - name: Cleanup
27 | ansible.builtin.import_tasks:
28 | file: cleanup.yaml
29 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_x86_64/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create partition table, partitions and filesystems
3 | ansible.builtin.import_tasks:
4 | file: storage.yaml
5 |
6 | - name: Create chroot
7 | ansible.builtin.import_tasks:
8 | file: chroot.yaml
9 |
10 | - name: Install OS
11 | ansible.builtin.import_tasks:
12 | file: os.yaml
13 |
14 | - name: Configure guest
15 | ansible.builtin.import_tasks:
16 | file: guest.yaml
17 |
18 | - name: Configure bootloader
19 | ansible.builtin.import_tasks:
20 | file: bootloader.yaml
21 |
22 | - name: Configure SELinux
23 | ansible.builtin.import_tasks:
24 | file: selinux.yaml
25 |
26 | - name: Cleanup
27 | ansible.builtin.import_tasks:
28 | file: cleanup.yaml
29 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_aarch64/templates/grub.cfg.j2:
--------------------------------------------------------------------------------
1 | set timeout=0
2 |
3 | # load the grubenv file
4 | load_env
5 |
6 | # selection of the next boot entry via variables 'next_entry' and
7 | # `saved_entry` present in the 'grubenv' file. Both variables are
8 | # set by grub tools, like grub2-reboot, grub2-set-default
9 |
10 | if [ "${next_entry}" ] ; then
11 | set default="${next_entry}"
12 | set next_entry=
13 | save_env next_entry
14 | set boot_once=true
15 | else
16 | set default="${saved_entry}"
17 | fi
18 |
19 | search --no-floppy --set=root --fs-uuid {{ boot_uuid.stdout }}
20 | set boot=${root}
21 | function load_video {
22 | insmod all_video
23 | }
24 | ${serial}${terminal_input}${terminal_output}
25 | blscfg
26 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_aarch64/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create partition table, partitions and filesystems
3 | ansible.builtin.import_tasks:
4 | file: storage.yaml
5 |
6 | - name: Create chroot
7 | ansible.builtin.import_tasks:
8 | file: chroot.yaml
9 |
10 | - name: Install OS
11 | ansible.builtin.import_tasks:
12 | file: os.yaml
13 |
14 | - name: Configure guest
15 | ansible.builtin.import_tasks:
16 | file: guest.yaml
17 |
18 | - name: Configure bootloader
19 | ansible.builtin.import_tasks:
20 | file: bootloader.yaml
21 |
22 | - name: Configure SELinux
23 | ansible.builtin.import_tasks:
24 | file: selinux.yaml
25 |
26 | - name: Cleanup
27 | ansible.builtin.import_tasks:
28 | file: cleanup.yaml
29 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_x86_64/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create partition table, partitions and filesystems
3 | ansible.builtin.import_tasks:
4 | file: storage.yaml
5 |
6 | - name: Create chroot
7 | ansible.builtin.import_tasks:
8 | file: chroot.yaml
9 |
10 | - name: Install OS
11 | ansible.builtin.import_tasks:
12 | file: os.yaml
13 |
14 | - name: Configure guest
15 | ansible.builtin.import_tasks:
16 | file: guest.yaml
17 |
18 | - name: Configure bootloader
19 | ansible.builtin.import_tasks:
20 | file: bootloader.yaml
21 |
22 | - name: Configure SELinux
23 | ansible.builtin.import_tasks:
24 | file: selinux.yaml
25 |
26 | - name: Cleanup
27 | ansible.builtin.import_tasks:
28 | file: cleanup.yaml
29 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create partition table, partitions and filesystems
3 | ansible.builtin.import_tasks:
4 | file: storage.yaml
5 |
6 | - name: Create chroot
7 | ansible.builtin.import_tasks:
8 | file: chroot.yaml
9 |
10 | - name: Install OS
11 | ansible.builtin.import_tasks:
12 | file: os.yaml
13 |
14 | - name: Configure guest
15 | ansible.builtin.import_tasks:
16 | file: guest.yaml
17 |
18 | - name: Configure bootloader
19 | ansible.builtin.import_tasks:
20 | file: bootloader.yaml
21 |
22 | - name: Configure SELinux
23 | ansible.builtin.import_tasks:
24 | file: selinux.yaml
25 |
26 | - name: Cleanup
27 | ansible.builtin.import_tasks:
28 | file: cleanup.yaml
29 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_aarch64/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create partition table, partitions and filesystems
3 | ansible.builtin.import_tasks:
4 | file: storage.yaml
5 |
6 | - name: Create chroot
7 | ansible.builtin.import_tasks:
8 | file: chroot.yaml
9 |
10 | - name: Install OS
11 | ansible.builtin.import_tasks:
12 | file: os.yaml
13 |
14 | - name: Configure guest
15 | ansible.builtin.import_tasks:
16 | file: guest.yaml
17 |
18 | - name: Configure bootloader
19 | ansible.builtin.import_tasks:
20 | file: bootloader.yaml
21 |
22 | - name: Configure SELinux
23 | ansible.builtin.import_tasks:
24 | file: selinux.yaml
25 |
26 | - name: Cleanup
27 | ansible.builtin.import_tasks:
28 | file: cleanup.yaml
29 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_aarch64/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create partition table, partitions and filesystems
3 | ansible.builtin.import_tasks:
4 | file: storage.yaml
5 |
6 | - name: Create chroot
7 | ansible.builtin.import_tasks:
8 | file: chroot.yaml
9 |
10 | - name: Install OS
11 | ansible.builtin.import_tasks:
12 | file: os.yaml
13 |
14 | - name: Configure guest
15 | ansible.builtin.import_tasks:
16 | file: guest.yaml
17 |
18 | - name: Configure bootloader
19 | ansible.builtin.import_tasks:
20 | file: bootloader.yaml
21 |
22 | - name: Configure SELinux
23 | ansible.builtin.import_tasks:
24 | file: selinux.yaml
25 |
26 | - name: Cleanup
27 | ansible.builtin.import_tasks:
28 | file: cleanup.yaml
29 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_x86_64/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create partition table, partitions and filesystems
3 | ansible.builtin.import_tasks:
4 | file: storage.yaml
5 |
6 | - name: Create chroot
7 | ansible.builtin.import_tasks:
8 | file: chroot.yaml
9 |
10 | - name: Install OS
11 | ansible.builtin.import_tasks:
12 | file: os.yaml
13 |
14 | - name: Configure guest
15 | ansible.builtin.import_tasks:
16 | file: guest.yaml
17 |
18 | - name: Configure bootloader
19 | ansible.builtin.import_tasks:
20 | file: bootloader.yaml
21 |
22 | - name: Configure SELinux
23 | ansible.builtin.import_tasks:
24 | file: selinux.yaml
25 |
26 | - name: Cleanup
27 | ansible.builtin.import_tasks:
28 | file: cleanup.yaml
29 |
--------------------------------------------------------------------------------
/tests/opennebula/create_test_vms/amd64/create_template.tf:
--------------------------------------------------------------------------------
1 | resource "opennebula_template" "opennebula-amd64" {
2 | name = "OpenNebula x86_64 ALCIB Template"
3 | description = "This template will be tested as a part of AlmalInux Cloud Image Builder"
4 | cpu = 1
5 | vcpu = 1
6 | memory = 2048
7 | group = var.group
8 |
9 | context = {
10 | NETWORK = "YES"
11 | USERNAME = "almalinux"
12 | SSH_PUBLIC_KEY = "${var.ssh_pub_key}"
13 | }
14 |
15 | os {
16 | arch = "x86_64"
17 | boot = ""
18 | }
19 |
20 | disk {
21 | image_id = opennebula_image.opennebula-amd64.id
22 | size = "10240"
23 | }
24 |
25 | nic {
26 | network_id = var.network_id
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/ansible/roles/setup_cloud_init/tasks/main.yml:
--------------------------------------------------------------------------------
1 | - name: Install cloud-init
2 | dnf:
3 | name:
4 | - cloud-init
5 | - cloud-utils-growpart
6 | - dracut-config-generic
7 |
8 | - name: Enable cloud-init services
9 | service:
10 | name: "{{ item }}"
11 | enabled: true
12 | with_items:
13 | - cloud-config
14 | - cloud-init
15 | - cloud-init-local
16 | - cloud-final
17 |
18 | - name: Configure cloud-init user name
19 | replace:
20 | dest: /etc/cloud/cloud.cfg
21 | regexp: '^(\s+name:).*$'
22 | replace: "\\1 {{ cloud_init_user }}"
23 | when: cloud_init_user | length > 0
24 |
25 |
26 | - include_tasks: azure.yml
27 | when: cloud_platform == 'azure'
28 |
29 | - ansible.builtin.include_tasks: oci.yaml
30 | when: cloud_platform == 'oci'
31 |
--------------------------------------------------------------------------------
/ansible/roles/gcp_guest/tasks/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Install GCP guest packages
3 | dnf:
4 | name:
5 | - google-compute-engine
6 | - google-osconfig-agent
7 | - gce-disk-expand
8 | state: present
9 |
10 | - name: Install google-cloud-cli
11 | dnf:
12 | name: google-cloud-cli
13 | state: present
14 | when: ansible_distribution_major_version | int >= 10
15 |
16 | - name: Disable root login via SSH
17 | lineinfile:
18 | path: /etc/ssh/sshd_config
19 | regexp: '^PermitRootLogin'
20 | line: 'PermitRootLogin no'
21 | state: present
22 |
23 | - name: Disable password authentication via SSH
24 | lineinfile:
25 | path: /etc/ssh/sshd_config
26 | regexp: '^PasswordAuthentication'
27 | line: 'PasswordAuthentication no'
28 | state: present
29 |
--------------------------------------------------------------------------------
/tests/opennebula/create_test_vms/amd64/upload_image.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">= 0.14.0"
3 | required_providers {
4 | opennebula = {
5 | source = "OpenNebula/opennebula"
6 | version = ">= 0.5.1"
7 | }
8 | }
9 | }
10 |
11 | provider "opennebula" {
12 | endpoint = var.one_endpoint
13 | username = var.one_username
14 | password = var.one_password
15 | }
16 |
17 | resource "opennebula_image" "opennebula-amd64" {
18 | name = "OpenNebula x86_64 ALCIB Image"
19 | description = "This image will be tested as a part of AlmalInux Cloud Image Builder"
20 | datastore_id = var.datastore_id
21 | persistent = false
22 | path = "AlmaLinux-8-OpenNebula-8.7-${formatdate("YYYYMMDD", timestamp())}.x86_64.qcow2"
23 | type = "OS"
24 | dev_prefix = "vd"
25 | format = "qcow2"
26 | }
27 |
--------------------------------------------------------------------------------
/tests/opennebula/create_test_vms/aarch64/upload_image.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">= 0.14.0"
3 | required_providers {
4 | opennebula = {
5 | source = "OpenNebula/opennebula"
6 | version = ">= 0.5.1"
7 | }
8 | }
9 | }
10 |
11 | provider "opennebula" {
12 | endpoint = var.one_endpoint
13 | username = var.one_username
14 | password = var.one_password
15 | }
16 |
17 | resource "opennebula_image" "opennebula-aarch64" {
18 | name = "OpenNebula aarch64 ALCIB Image"
19 | description = "This image will be tested as a part of AlmalInux Cloud Image Builder"
20 | datastore_id = var.datastore_id
21 | persistent = false
22 | path = "AlmaLinux-8-OpenNebula-8.7-${formatdate("YYYYMMDD", timestamp())}.aarch64.qcow2"
23 | type = "OS"
24 | dev_prefix = "vd"
25 | format = "qcow2"
26 | }
27 |
--------------------------------------------------------------------------------
/ansible/roles/unified_boot/README.md:
--------------------------------------------------------------------------------
1 | Unify Bootloader Configuration
2 | =========
3 |
4 | Unify bootloader configuration to support BIOS and UEFI boot at the same time.
5 |
6 | Requirements
7 | ------------
8 |
9 | None
10 |
11 | Role Variables
12 | --------------
13 |
14 | None
15 |
16 | Dependencies
17 | ------------
18 |
19 | None
20 |
21 | Example Playbook
22 | ----------------
23 |
24 | Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
25 |
26 | - name: AlmaLinux Generic Cloud
27 | hosts: all
28 | become: true
29 |
30 | roles:
31 | - role: unified_boot
32 | when: is_unified_boot is defined
33 | - gencloud_guest
34 | - cleanup_vm
35 |
36 | License
37 | -------
38 |
39 | GPL-3.0-only
40 |
41 | Author Information
42 | ------------------
43 |
44 | Cloud Special Interest Group (Cloud SIG) of AlmaLinux OS Foundation
45 |
--------------------------------------------------------------------------------
/.github/aws_marketplace_change_set.json.template:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "ChangeType": "AddDeliveryOptions",
4 | "Entity": {
5 | "Type": "AmiProduct@1.0",
6 | "Identifier": "{{ .product_id }}"
7 | },
8 | "Details": "{\"Version\": {\"VersionTitle\": \"{{ .version }}\", \"ReleaseNotes\": \"{{ .release_notes }}\"}, \"DeliveryOptions\": [{\"Details\": {\"AmiDeliveryOptionDetails\": {\"AmiSource\": {\"AmiId\": \"{{ .ami_id }}\", \"AccessRoleArn\": \"{{ .access_role_arn }}\", \"OperatingSystemName\": \"OTHERLINUX\", \"OperatingSystemVersion\": \"{{ .os_release }}\", \"UserName\": \"ec2-user\"}, \"RecommendedInstanceType\": \"{{ .instance_type }}\", \"SecurityGroups\": [{\"IpProtocol\": \"tcp\", \"FromPort\": 22, \"ToPort\": 22, \"IpRanges\": [\"0.0.0.0/0\"]}], \"UsageInstructions\": \"1. Launch an instance and select a key pair.\\n2. Use SSH client software with the private key from your key pair to connect to the instance:\\n- Username: ec2-user\\n- Port: TCP/22 (default)\"}}}]}"
9 | }
10 | ]
11 |
--------------------------------------------------------------------------------
/tools/digitalocean-import_latest_image.bash:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | # settings
4 | url=${URL:-https://repo.almalinux.org/almalinux/8/cloud/x86_64/images/AlmaLinux-8-GenericCloud-latest.x86_64.qcow2}
5 | name=${NAME:-AlmaLinux 8 latest x86_64}
6 | region=${REGION:-nyc3}
7 | tags=${TAGS:-AlmaLinux}
8 | distribution=${DISTRIBUTION:-CentOS}
9 |
10 | #checks
11 | if ! command -v doctl &> /dev/null; then
12 | echo "You haven't installed doctl. Please do so."
13 | exit 1
14 | fi
15 |
16 | # do it!
17 | output=$(
18 | doctl compute image create "$name" \
19 | --image-url="$url" \
20 | --region="$region" \
21 | --tag-names="$tags" \
22 | --image-distribution="$distribution"
23 | )
24 |
25 | # export image ID
26 | DIGITALOCEAN_IMAGE=$( echo -e "$output" | tail -n 1 | cut -d ' ' -f 1 )
27 | echo "image ID: $DIGITALOCEAN_IMAGE"
28 | echo "export DIGITALOCEAN_IMAGE=$DIGITALOCEAN_IMAGE" > .env.digitalocean
29 |
30 | # sleep for 5 minutes
31 | echo "Sleeping 5 minutes to alow the image be downloaded by DigitalOcean..."
32 | sleep 5m
33 |
--------------------------------------------------------------------------------
/tests/opennebula/create_test_vms/aarch64/create_template.tf:
--------------------------------------------------------------------------------
1 | resource "opennebula_template" "opennebula-aarch64" {
2 | name = "OpenNebula aarch64 ALCIB Template"
3 | description = "This template will be tested as a part of AlmalInux Cloud Image Builder"
4 | cpu = 1
5 | vcpu = 1
6 | memory = 2048
7 | group = var.group
8 |
9 | context = {
10 | DEV_PREFIX = "vd"
11 | NETWORK = "YES"
12 | USERNAME = "almalinux"
13 | SSH_PUBLIC_KEY = "${var.ssh_pub_key}"
14 | }
15 |
16 | os {
17 | arch = "aarch64"
18 | boot = ""
19 | }
20 |
21 | disk {
22 | image_id = opennebula_image.opennebula-aarch64.id
23 | }
24 |
25 | nic {
26 | network_id = var.network_id
27 | }
28 |
29 | raw {
30 | type = "kvm"
31 | data = "/usr/share/AAVMF/AAVMF_CODE.fd"
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/tests/opennebula/create_test_vms/amd64/launch_vm.tf:
--------------------------------------------------------------------------------
1 | resource "opennebula_virtual_machine" "opennebula-test-1" {
2 | name = "ALCIB x86_64 Test 1"
3 | description = "Testing OpemNebula Images on x86_64"
4 | template_id = opennebula_template.opennebula-amd64.id
5 | group = var.group
6 |
7 | context = {
8 | NETWORK = "YES"
9 | SET_HOSTNAME = "almalinux-test-1"
10 | }
11 | }
12 |
13 | resource "opennebula_virtual_machine" "opennebula-test-2" {
14 | name = "ALCIB x86_64 Test 2"
15 | description = "Testing OpemNebula Images on x86_64"
16 | template_id = opennebula_template.opennebula-amd64.id
17 | group = var.group
18 |
19 | context = {
20 | NETWORK = "YES"
21 | SET_HOSTNAME = "almalinux-test-1"
22 | }
23 | }
24 |
25 | resource "local_file" "ssh_client_config" {
26 | content = templatefile("ssh-config.tftpl", {
27 | "Host1" = opennebula_virtual_machine.opennebula-test-1.ip
28 | "Host2" = opennebula_virtual_machine.opennebula-test-2.ip
29 | }
30 | )
31 | filename = "${path.module}/ssh-config"
32 | }
33 |
--------------------------------------------------------------------------------
/tests/opennebula/create_test_vms/aarch64/launch_vm.tf:
--------------------------------------------------------------------------------
1 | resource "opennebula_virtual_machine" "opennebula-test-1" {
2 | name = "ALCIB aarch64 Test 1"
3 | description = "Testing OpemNebula Images on aarch64"
4 | template_id = opennebula_template.opennebula-aarch64.id
5 | group = var.group
6 |
7 | context = {
8 | NETWORK = "YES"
9 | SET_HOSTNAME = "almalinux-test-1"
10 | }
11 | }
12 |
13 | resource "opennebula_virtual_machine" "opennebula-test-2" {
14 | name = "ALCIB aarch64 Test 2"
15 | description = "Testing OpemNebula Images on aarch64"
16 | template_id = opennebula_template.opennebula-aarch64.id
17 | group = var.group
18 |
19 | context = {
20 | NETWORK = "YES"
21 | SET_HOSTNAME = "almalinux-test-1"
22 | }
23 | }
24 |
25 | resource "local_file" "ssh_client_config" {
26 | content = templatefile("ssh-config.tftpl", {
27 | "Host1" = opennebula_virtual_machine.opennebula-test-1.ip
28 | "Host2" = opennebula_virtual_machine.opennebula-test-2.ip
29 | }
30 | )
31 | filename = "${path.module}/ssh-config"
32 | }
33 |
--------------------------------------------------------------------------------
/tests/opennebula/create_test_vms/aarch64/variables.tf:
--------------------------------------------------------------------------------
1 | variable "one_endpoint" {
2 | default = ""
3 | type = string
4 | description = "OpenNebula XML-RPC Endpoint API URL"
5 | }
6 |
7 | variable "one_username" {
8 | default = ""
9 | type = string
10 | description = "OpenNebula Username"
11 | }
12 |
13 | variable "one_password" {
14 | default = ""
15 | type = string
16 | description = "Opennebula Password or Login Token of the username"
17 | }
18 |
19 | variable "datastore_id" {
20 | type = number
21 | description = "ID of the datastore used to store the image"
22 | nullable = false
23 | }
24 |
25 | variable "group" {
26 | type = string
27 | description = "Name of the group which owns the template"
28 | nullable = false
29 | }
30 |
31 | variable "network_id" {
32 | type = number
33 | description = "ID of the virtual network to attach to the virtual machine"
34 | nullable = false
35 | }
36 |
37 | variable "ssh_pub_key" {
38 | type = string
39 | description = "SSH Public key of the ALCIB"
40 | nullable = false
41 | }
42 |
--------------------------------------------------------------------------------
/tests/opennebula/create_test_vms/amd64/variables.tf:
--------------------------------------------------------------------------------
1 | variable "one_endpoint" {
2 | default = ""
3 | type = string
4 | description = "OpenNebula XML-RPC Endpoint API URL"
5 | }
6 |
7 | variable "one_username" {
8 | default = ""
9 | type = string
10 | description = "OpenNebula Username"
11 | }
12 |
13 | variable "one_password" {
14 | default = ""
15 | type = string
16 | description = "Opennebula Password or Login Token of the username"
17 | }
18 |
19 | variable "datastore_id" {
20 | type = number
21 | description = "ID of the datastore used to store the image"
22 | nullable = false
23 | }
24 |
25 | variable "group" {
26 | type = string
27 | description = "Name of the group which owns the template"
28 | nullable = false
29 | }
30 |
31 | variable "network_id" {
32 | type = number
33 | description = "ID of the virtual network to attach to the virtual machine"
34 | nullable = false
35 | }
36 |
37 | variable "ssh_pub_key" {
38 | type = string
39 | description = "SSH Public key of the ALCIB"
40 | nullable = false
41 | }
42 |
--------------------------------------------------------------------------------
/http/almalinux-10.gencloud-ppc64le.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images on ppc64le
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/ppc64le/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --leavebootorder --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | reqpart
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | dracut-config-generic
25 | tar
26 | -*firmware
27 | -dracut-config-rescue
28 | -firewalld
29 | %end
30 |
31 | # disable kdump service
32 | %addon com_redhat_kdump --disable
33 | %end
34 |
35 | %post --erroronfail
36 |
37 | # permit root login via SSH with password authetication
38 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
39 |
40 | %end
41 |
--------------------------------------------------------------------------------
/versions.pkr.hcl:
--------------------------------------------------------------------------------
1 | packer {
2 | required_version = ">= 1.7.0"
3 | required_plugins {
4 | amazon = {
5 | version = ">= 1.1.0"
6 | source = "github.com/hashicorp/amazon"
7 | }
8 | ansible = {
9 | version = ">= 1.1.0"
10 | source = "github.com/hashicorp/ansible"
11 | }
12 | digitalocean = {
13 | version = ">= 1.2.0"
14 | source = "github.com/digitalocean/digitalocean"
15 | }
16 | hyperv = {
17 | version = ">= 1.0.3"
18 | source = "github.com/hashicorp/hyperv"
19 | }
20 | parallels = {
21 | version = ">= 1.1.2"
22 | source = "github.com/Parallels/parallels"
23 | }
24 | qemu = {
25 | version = ">= 1.0.7"
26 | source = "github.com/hashicorp/qemu"
27 | }
28 | vagrant = {
29 | version = ">= 1.1.0"
30 | source = "github.com/hashicorp/vagrant"
31 | }
32 | virtualbox = {
33 | version = ">= 1.0.3"
34 | source = "github.com/hashicorp/virtualbox"
35 | }
36 | vmware = {
37 | version = ">= 1.1.0"
38 | source = "github.com/hashicorp/vmware"
39 | }
40 | }
41 | }
42 |
--------------------------------------------------------------------------------
/http/almalinux-9.gencloud-ppc64le.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 9 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images on ppc64le
2 |
3 | url --url https://repo.almalinux.org/almalinux/9/BaseOS/ppc64le/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | reqpart
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | dracut-config-generic
25 | tar
26 | rsyslog-logrotate
27 | -*firmware
28 | -dracut-config-rescue
29 | -firewalld
30 | %end
31 |
32 | # disable kdump service
33 | %addon com_redhat_kdump --disable
34 | %end
35 |
36 | %post --erroronfail
37 |
38 | # permit root login via SSH with password authetication
39 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
40 |
41 | %end
42 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2021 AlmaLinux
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/http/almalinux-10.gencloud-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | dracut-config-generic
25 | tar
26 | -*firmware
27 | -dracut-config-rescue
28 | -firewalld
29 | %end
30 |
31 | # disable kdump service
32 | %addon com_redhat_kdump --disable
33 | %end
34 |
35 | %post --erroronfail
36 |
37 | # permit root login via SSH with password authetication
38 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
39 |
40 | %end
41 |
--------------------------------------------------------------------------------
/http/almalinux-9.gencloud-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 9 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/9/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | dracut-config-generic
25 | tar
26 | rsyslog-logrotate
27 | -*firmware
28 | -dracut-config-rescue
29 | -firewalld
30 | %end
31 |
32 | # disable kdump service
33 | %addon com_redhat_kdump --disable
34 | %end
35 |
36 | %post --erroronfail
37 |
38 | # permit root login via SSH with password authetication
39 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
40 |
41 | %end
42 |
--------------------------------------------------------------------------------
/http/almalinux-10.azure-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Azure VM images on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="loglevel=3 console=tty1 console=ttyAMA0 earlycon=pl011,0xeffec000 initcall_blacklist=arm_pmu_acpi_init rootdelay=300 no_timer_check net.ifnames=0 nvme_core.io_timeout=240"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | dracut-config-generic
25 | tar
26 | -*firmware
27 | -dracut-config-rescue
28 | -firewalld
29 | -qemu-guest-agent
30 | %end
31 |
32 | # disable kdump service
33 | %addon com_redhat_kdump --disable
34 | %end
35 |
36 | %post --erroronfail
37 |
38 | # permit root login via SSH with password authetication
39 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
40 |
41 | %end
42 |
--------------------------------------------------------------------------------
/http/almalinux-9.azure-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 9 kickstart file for Azure VM images on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/9/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="loglevel=3 console=tty1 console=ttyAMA0 earlycon=pl011,0xeffec000 initcall_blacklist=arm_pmu_acpi_init rootdelay=300 no_timer_check net.ifnames=0 nvme_core.io_timeout=240"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | dracut-config-generic
25 | tar
26 | rsyslog-logrotate
27 | -*firmware
28 | -dracut-config-rescue
29 | -firewalld
30 | -qemu-guest-agent
31 | %end
32 |
33 | # disable kdump service
34 | %addon com_redhat_kdump --disable
35 | %end
36 |
37 | %post --erroronfail
38 |
39 | # permit root login via SSH with password authetication
40 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
41 |
42 | %end
43 |
--------------------------------------------------------------------------------
/http/almalinux-kitten-10.azure-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS Kitten 10 kickstart file for Azure VM images on AArch64
2 |
3 | url --url https://kitten.repo.almalinux.org/10-kitten/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="loglevel=3 console=tty1 console=ttyAMA0 earlycon=pl011,0xeffec000 initcall_blacklist=arm_pmu_acpi_init rootdelay=300 no_timer_check net.ifnames=0 nvme_core.io_timeout=240"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | dracut-config-generic
25 | tar
26 | -*firmware
27 | -dracut-config-rescue
28 | -firewalld
29 | -qemu-guest-agent
30 | %end
31 |
32 | # disable kdump service
33 | %addon com_redhat_kdump --disable
34 | %end
35 |
36 | %post --erroronfail
37 |
38 | # permit root login via SSH with password authetication
39 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
40 |
41 | %end
42 |
--------------------------------------------------------------------------------
/http/almalinux-8.oci-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 8 kickstart file for Oracle Cloud Infrastructure (OCI) images on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/8/BaseOS/aarch64/os
4 |
5 | text
6 | skipx
7 | eula --agreed
8 | firstboot --disabled
9 | lang en_US.UTF-8
10 | keyboard us
11 | timezone UTC --isUtc
12 | network --bootproto=dhcp
13 | firewall --disabled
14 | services --disabled="kdump" --enabled="chronyd,rsyslog,sshd"
15 | selinux --enforcing
16 |
17 | bootloader --timeout=0 --location=mbr --append="console=ttyAMA0 console=ttyAMA0,115200n8 no_timer_check net.ifnames=0 netroot=iscsi:169.254.0.2:::1:iqn.2015-02.oracle.boot:uefi rd.iscsi.param=node.session.timeo.replacement_timeout=6000 libiscsi.debug_libiscsi_eh=1 nvme_core.shutdown_timeout=10"
18 |
19 | zerombr
20 | clearpart --all --initlabel
21 | part /boot/efi --fstype=efi --size=200
22 | part /boot --fstype=xfs --size=1024
23 | part / --fstype=xfs --grow
24 |
25 | rootpw --plaintext almalinux
26 | reboot --eject
27 |
28 | %packages
29 | @core
30 | tar
31 | -biosdevname
32 | -open-vm-tools
33 | -plymouth
34 | -dnf-plugin-spacewalk
35 | -rhn*
36 | -iprutils
37 | -iwl*-firmware
38 | %end
39 |
40 | # disable kdump service
41 | %addon com_redhat_kdump --disable
42 | %end
43 |
--------------------------------------------------------------------------------
/http/almalinux-8.gencloud-ppc64le.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 8 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images on ppc64le
2 |
3 | url --url https://repo.almalinux.org/almalinux/8/BaseOS/ppc64le/kickstart/
4 | repo --name=BaseOS --baseurl=https://repo.almalinux.org/almalinux/8/BaseOS/ppc64le/os/
5 | repo --name=AppStream --baseurl=https://repo.almalinux.org/almalinux/8/AppStream/ppc64le/os/
6 |
7 | text
8 | skipx
9 | eula --agreed
10 | firstboot --disabled
11 | lang en_US.UTF-8
12 | keyboard us
13 | timezone UTC --isUtc
14 | network --bootproto=dhcp
15 | firewall --disabled
16 | services --disabled="kdump" --enabled="chronyd,rsyslog,sshd"
17 | selinux --enforcing
18 |
19 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
20 |
21 | zerombr
22 | clearpart --all --initlabel
23 | reqpart
24 | part /boot --fstype=xfs --size=1024
25 | part / --fstype=xfs --grow
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages
31 | @core
32 | tar
33 | -biosdevname
34 | -open-vm-tools
35 | -plymouth
36 | -dnf-plugin-spacewalk
37 | -rhn*
38 | -iprutils
39 | -iwl*-firmware
40 | %end
41 |
42 | # disable kdump service
43 | %addon com_redhat_kdump --disable
44 | %end
45 |
--------------------------------------------------------------------------------
/http/almalinux-8.gencloud-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 8 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/8/BaseOS/aarch64/kickstart/
4 | repo --name=BaseOS --baseurl=https://repo.almalinux.org/almalinux/8/BaseOS/aarch64/os/
5 | repo --name=AppStream --baseurl=https://repo.almalinux.org/almalinux/8/AppStream/aarch64/os/
6 |
7 | text
8 | skipx
9 | eula --agreed
10 | firstboot --disabled
11 | lang en_US.UTF-8
12 | keyboard us
13 | timezone UTC --isUtc
14 | network --bootproto=dhcp
15 | firewall --disabled
16 | services --disabled="kdump" --enabled="chronyd,rsyslog,sshd"
17 | selinux --enforcing
18 |
19 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
20 |
21 | zerombr
22 | clearpart --all --initlabel
23 | part /boot/efi --fstype=efi --size=200
24 | part /boot --fstype=xfs --size=1024
25 | part / --fstype=xfs --grow
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages
31 | @core
32 | tar
33 | -biosdevname
34 | -open-vm-tools
35 | -plymouth
36 | -dnf-plugin-spacewalk
37 | -rhn*
38 | -iprutils
39 | -iwl*-firmware
40 | %end
41 |
42 | # disable kdump service
43 | %addon com_redhat_kdump --disable
44 | %end
45 |
--------------------------------------------------------------------------------
/http/almalinux-10.azure-64k-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Azure VM images with 64k page size kernel on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="loglevel=3 console=tty1 console=ttyAMA0 earlycon=pl011,0xeffec000 initcall_blacklist=arm_pmu_acpi_init rootdelay=300 no_timer_check net.ifnames=0 nvme_core.io_timeout=240"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | kernel-64k
25 | dracut-config-generic
26 | tar
27 | -kmod-kvdo
28 | -vdo
29 | -kernel
30 | -*firmware
31 | -dracut-config-rescue
32 | -firewalld
33 | -qemu-guest-agent
34 | %end
35 |
36 | # disable kdump service
37 | %addon com_redhat_kdump --disable
38 | %end
39 |
40 | %post --erroronfail
41 |
42 | # permit root login via SSH with password authetication
43 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
44 |
45 | %end
46 |
--------------------------------------------------------------------------------
/http/almalinux-10.oci-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Oracle Cloud Infrastructure (OCI) images on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=ttyAMA0 console=ttyAMA0,115200n8 no_timer_check net.ifnames=0 netroot=iscsi rd.iscsi.firmware=1 rd.iscsi.param=node.session.timeo.replacement_timeout=6000 libiscsi.debug_libiscsi_eh=1 nvme_core.shutdown_timeout=10"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | dracut-config-generic
25 | dracut-network
26 | tar
27 | rsyslog-logrotate
28 | -*firmware
29 | -dracut-config-rescue
30 | -firewalld
31 | %end
32 |
33 | # disable kdump service
34 | %addon com_redhat_kdump --disable
35 | %end
36 |
37 | %post --erroronfail
38 |
39 | # permit root login via SSH with password authetication
40 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
41 |
42 | %end
43 |
--------------------------------------------------------------------------------
/http/almalinux-kitten-10.gencloud-ppc64le.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS Kitten 10 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images on ppc64le
2 |
3 | url --url https://kitten.repo.almalinux.org/10-kitten/BaseOS/ppc64le/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --leavebootorder --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | reqpart
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | dracut-config-generic
25 | tar
26 | -*firmware
27 | -dracut-config-rescue
28 | -firewalld
29 | %end
30 |
31 | # disable kdump service
32 | %addon com_redhat_kdump --disable
33 | %end
34 |
35 | %post --erroronfail
36 |
37 | # permit root login via SSH with password authetication
38 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
39 |
40 | # To fix the OpenSSH version 9.9p1-16.el10 issue:
41 | # ssh: unexpected packet in response to channel open:
42 | dnf -y reinstall openssh-server
43 |
44 | %end
45 |
--------------------------------------------------------------------------------
/http/almalinux-9.oci-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 9 kickstart file for Oracle Cloud Infrastructure (OCI) images on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/9/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=ttyAMA0 console=ttyAMA0,115200n8 no_timer_check net.ifnames=0 netroot=iscsi:169.254.0.2:::1:iqn.2015-02.oracle.boot:uefi rd.iscsi.param=node.session.timeo.replacement_timeout=6000 libiscsi.debug_libiscsi_eh=1 nvme_core.shutdown_timeout=10"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | dracut-config-generic
25 | tar
26 | rsyslog-logrotate
27 | -*firmware
28 | -dracut-config-rescue
29 | -firewalld
30 | %end
31 |
32 | # disable kdump service
33 | %addon com_redhat_kdump --disable
34 | %end
35 |
36 | %post --erroronfail
37 |
38 | # permit root login via SSH with password authetication
39 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
40 |
41 | %end
42 |
--------------------------------------------------------------------------------
/http/almalinux-9.azure-64k-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 9 kickstart file for Azure VM images with 64k page size kernel on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/9/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="loglevel=3 console=tty1 console=ttyAMA0 earlycon=pl011,0xeffec000 initcall_blacklist=arm_pmu_acpi_init rootdelay=300 no_timer_check net.ifnames=0 nvme_core.io_timeout=240"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | kernel-64k
25 | dracut-config-generic
26 | tar
27 | rsyslog-logrotate
28 | -kmod-kvdo
29 | -vdo
30 | -kernel
31 | -*firmware
32 | -dracut-config-rescue
33 | -firewalld
34 | -qemu-guest-agent
35 | %end
36 |
37 | # disable kdump service
38 | %addon com_redhat_kdump --disable
39 | %end
40 |
41 | %post --erroronfail
42 |
43 | # permit root login via SSH with password authetication
44 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
45 |
46 | %end
47 |
--------------------------------------------------------------------------------
/http/almalinux-kitten-10.azure-64k-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS Kitten 10 kickstart file for Azure VM images with 64k page size kernel on AArch64
2 |
3 | url --url https://kitten.repo.almalinux.org/10-kitten/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="loglevel=3 console=tty1 console=ttyAMA0 earlycon=pl011,0xeffec000 initcall_blacklist=arm_pmu_acpi_init rootdelay=300 no_timer_check net.ifnames=0 nvme_core.io_timeout=240"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | kernel-64k
25 | dracut-config-generic
26 | tar
27 | -kmod-kvdo
28 | -vdo
29 | -kernel
30 | -*firmware
31 | -dracut-config-rescue
32 | -firewalld
33 | -qemu-guest-agent
34 | %end
35 |
36 | # disable kdump service
37 | %addon com_redhat_kdump --disable
38 | %end
39 |
40 | %post --erroronfail
41 |
42 | # permit root login via SSH with password authetication
43 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
44 |
45 | %end
46 |
--------------------------------------------------------------------------------
/http/almalinux-kitten-10.gencloud-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS Kitten 10 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images on AArch64
2 |
3 | url --url https://kitten.repo.almalinux.org/10-kitten/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw --plaintext almalinux
21 | reboot --eject
22 |
23 | %packages --exclude-weakdeps --inst-langs=en
24 | dracut-config-generic
25 | tar
26 | -*firmware
27 | -dracut-config-rescue
28 | -firewalld
29 | %end
30 |
31 | # disable kdump service
32 | %addon com_redhat_kdump --disable
33 | %end
34 |
35 | %post --erroronfail
36 |
37 | # permit root login via SSH with password authetication
38 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
39 |
40 | # To fix the OpenSSH version 9.9p1-16.el10 issue:
41 | # ssh: unexpected packet in response to channel open:
42 | dnf -y reinstall openssh-server
43 |
44 | %end
45 |
--------------------------------------------------------------------------------
/http/almalinux-8.azure-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 8 kickstart file for Azure VM images on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/8/BaseOS/aarch64/kickstart/
4 | repo --name=BaseOS --baseurl=https://repo.almalinux.org/almalinux/8/BaseOS/aarch64/os/
5 | repo --name=AppStream --baseurl=https://repo.almalinux.org/almalinux/8/AppStream/aarch64/os/
6 |
7 | text
8 | skipx
9 | eula --agreed
10 | firstboot --disabled
11 | lang en_US.UTF-8
12 | keyboard us
13 | timezone UTC --isUtc
14 | network --bootproto=dhcp
15 | firewall --disabled
16 | services --disabled="kdump" --enabled="chronyd,rsyslog,sshd"
17 | selinux --enforcing
18 |
19 | bootloader --timeout=0 --location=mbr --append="loglevel=3 console=tty1 console=ttyAMA0 earlycon=pl011,0xeffec000 initcall_blacklist=arm_pmu_acpi_init rootdelay=300 no_timer_check net.ifnames=0 nvme_core.io_timeout=240"
20 |
21 | zerombr
22 | clearpart --all --initlabel
23 | part /boot/efi --fstype=efi --size=200
24 | part /boot --fstype=xfs --size=1024
25 | part / --fstype=xfs --grow
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages
31 | @core
32 | tar
33 | -biosdevname
34 | -open-vm-tools
35 | -plymouth
36 | -dnf-plugin-spacewalk
37 | -rhn*
38 | -iprutils
39 | -iwl*-firmware
40 | %end
41 |
42 | # disable kdump service
43 | %addon com_redhat_kdump --disable
44 | %end
45 |
--------------------------------------------------------------------------------
/ansible/roles/vagrant_guest/tasks/main.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Disable SSH reverse DNS lookup
3 | ansible.builtin.lineinfile:
4 | path: /etc/ssh/sshd_config
5 | regexp: "(.*UseDNS.*)"
6 | line: "UseDNS no"
7 | backrefs: true
8 | state: present
9 | create: false
10 |
11 | - name: Install additional packages
12 | ansible.builtin.dnf:
13 | install_weak_deps: "{{ false if ansible_facts['distribution_major_version'] | int >= 9 else omit }}"
14 | name:
15 | - cifs-utils
16 | - jq
17 | - nfs-utils
18 | - rsync
19 | - tcpdump
20 | - tuned
21 | state: present
22 |
23 | - name: Install Vagrant public SSH key
24 | when: ansible_facts['distribution_major_version'] | int <= 9
25 | ansible.posix.authorized_key:
26 | user: vagrant
27 | key: https://raw.githubusercontent.com/hashicorp/vagrant/main/keys/vagrant.pub
28 | state: present
29 |
30 | # Temporary workaround error on fetching a key from a URL on AlmaLinux OS Kitten 10
31 | # Error output: Error getting key from
32 | # See: https://github.com/ansible-collections/ansible.posix/blob/main/plugins/modules/authorized_key.py
33 | - name: Install Vagrant public SSH key
34 | when: ansible_facts['distribution_major_version'] == '10'
35 | ansible.posix.authorized_key:
36 | user: vagrant
37 | key: "{{ lookup('ansible.builtin.file', 'vagrant.pub') }}"
38 | state: present
39 |
--------------------------------------------------------------------------------
/http/almalinux-10.vagrant-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Vagrant boxes on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 no_timer_check net.ifnames=0"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw vagrant
21 | user --name=vagrant --plaintext --password vagrant
22 | reboot --eject
23 |
24 | %packages --exclude-weakdeps --inst-langs=en
25 | dracut-config-generic
26 | tar
27 | -*firmware
28 | -dracut-config-rescue
29 | -firewalld
30 | %end
31 |
32 | # disable kdump service
33 | %addon com_redhat_kdump --disable
34 | %end
35 |
36 | %post --erroronfail
37 |
38 | # allow vagrant user to run everything without a password
39 | echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
40 |
41 | # see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
42 | # for details about the requiretty.
43 | sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
44 |
45 | # permit root login via SSH with password authetication
46 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
47 |
48 | %end
49 |
--------------------------------------------------------------------------------
/tests/vagrant/Vagrantfile:
--------------------------------------------------------------------------------
1 | # -*- mode: ruby -*-
2 | # vi: set ft=ruby :
3 |
4 |
5 | OS_MAJOR_VER = ENV['OS_MAJOR_VER']
6 |
7 | nodes = [
8 | {
9 | vm_name: "almalinux-test-1",
10 | hostname: "almalinux-test-1.test"
11 | },
12 | {
13 | vm_name: "almalinux-test-2",
14 | hostname: "almalinux-test-2.test"
15 | }
16 | ]
17 |
18 |
19 | Vagrant.configure("2") do |config|
20 | config.vm.box = "almalinux-#{OS_MAJOR_VER}-test"
21 | config.ssh.insert_key = false
22 |
23 | nodes.each do |node|
24 | config.vm.define node[:vm_name] do |machine|
25 | machine.vm.hostname = node[:hostname]
26 | end
27 | end
28 |
29 | config.vm.provider "libvirt" do |v, override|
30 | override.vm.synced_folder ".", "/vagrant",
31 | type: "nfs",
32 | nfs_version: 4,
33 | nfs_udp: false
34 |
35 | v.qemu_use_session = false
36 | v.channel :type => 'unix', :target_name => 'org.qemu.guest_agent.0', :target_type => 'virtio'
37 | v.memory = 2048
38 | v.cpus = 2
39 | end
40 | config.vm.provider "virtualbox" do |v, override|
41 | end
42 | config.vm.provider "vmware_desktop" do |v, override|
43 | end
44 | config.vm.provider "hyperv" do |v, override|
45 | override.vm.synced_folder ".", "/vagrant",
46 | type: "smb",
47 | smb_username: ENV["SMB_USERNAME"],
48 | smb_password: ENV["SMB_PASSWORD"]
49 |
50 | v.vm_integration_services = {
51 | guest_service_interface: true
52 | }
53 | end
54 | end
55 |
--------------------------------------------------------------------------------
/http/almalinux-9.vagrant-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 9 kickstart file for Vagrant boxes on AArch64
2 |
3 | url --url https://repo.almalinux.org/almalinux/9/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw vagrant
21 | user --name=vagrant --plaintext --password vagrant
22 | reboot --eject
23 |
24 | %packages --exclude-weakdeps --inst-langs=en
25 | dracut-config-generic
26 | tar
27 | rsyslog-logrotate
28 | -*firmware
29 | -dracut-config-rescue
30 | -firewalld
31 | %end
32 |
33 | # disable kdump service
34 | %addon com_redhat_kdump --disable
35 | %end
36 |
37 | %post --erroronfail
38 |
39 | # allow vagrant user to run everything without a password
40 | echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
41 |
42 | # see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
43 | # for details about the requiretty.
44 | sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
45 |
46 | # permit root login via SSH with password authetication
47 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
48 |
49 | %end
50 |
--------------------------------------------------------------------------------
/http/almalinux-kitten-10.vagrant-aarch64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS Kitten 10 kickstart file for Vagrant boxes on AArch64
2 |
3 | url --url https://kitten.repo.almalinux.org/10-kitten/BaseOS/aarch64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | zerombr
15 | clearpart --all --initlabel
16 | part /boot/efi --fstype=efi --size=200
17 | part /boot --fstype=xfs --size=1024
18 | part / --fstype=xfs --grow
19 |
20 | rootpw vagrant
21 | user --name=vagrant --plaintext --password vagrant
22 | reboot --eject
23 |
24 | %packages --exclude-weakdeps --inst-langs=en
25 | dracut-config-generic
26 | tar
27 | -*firmware
28 | -dracut-config-rescue
29 | -firewalld
30 | %end
31 |
32 | # disable kdump service
33 | %addon com_redhat_kdump --disable
34 | %end
35 |
36 | %post --erroronfail
37 |
38 | # allow vagrant user to run everything without a password
39 | echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
40 |
41 | # see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
42 | # for details about the requiretty.
43 | sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
44 |
45 | # permit root login via SSH with password authetication
46 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
47 |
48 | %end
49 |
--------------------------------------------------------------------------------
/tests/genericcloud/launch_test_instances/amd64/launch_instances.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">= 0.14.0"
3 | required_providers {
4 | openstack = {
5 | source = "terraform-provider-openstack/openstack"
6 | version = ">= 1.40"
7 | }
8 | local = {
9 | source = "hashicorp/local"
10 | version = ">= 2.0"
11 | }
12 | }
13 | }
14 |
15 |
16 | provider "openstack" {
17 | cloud = "openstack-amd64"
18 | }
19 |
20 |
21 | resource "openstack_compute_instance_v2" "gc_test-1" {
22 | name = "GenericCloud Test 1"
23 | image_name = "AlmaLinux OS 8.7.${formatdate("YYYYMMDD", timestamp())}"
24 | flavor_name = "s1-2"
25 | security_groups = ["default"]
26 | key_pair = "alcib"
27 |
28 |
29 | network {
30 | name = "Ext-Net"
31 | }
32 | }
33 |
34 |
35 | resource "openstack_compute_instance_v2" "gc_test-2" {
36 | name = "GenericCloud Test 2"
37 | image_name = "AlmaLinux OS 8.7.${formatdate("YYYYMMDD", timestamp())}"
38 | flavor_name = "s1-2"
39 | security_groups = ["default"]
40 | key_pair = "alcib"
41 |
42 |
43 | network {
44 | name = "Ext-Net"
45 | }
46 | }
47 |
48 |
49 | resource "local_file" "ssh_client_config" {
50 | content = templatefile("ssh-config.tftpl", {
51 | "Host1" = openstack_compute_instance_v2.gc_test-1.access_ip_v4
52 | "Host2" = openstack_compute_instance_v2.gc_test-2.access_ip_v4
53 | }
54 | )
55 | filename = "${path.module}/ssh-config"
56 | }
57 |
--------------------------------------------------------------------------------
/tests/genericcloud/launch_test_instances/aarch64/launch_instances.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_version = ">= 0.14.0"
3 | required_providers {
4 | openstack = {
5 | source = "terraform-provider-openstack/openstack"
6 | version = ">= 1.40"
7 | }
8 | local = {
9 | source = "hashicorp/local"
10 | version = ">= 2.0"
11 | }
12 | }
13 | }
14 |
15 |
16 | provider "openstack" {
17 | cloud = "openstack-aarch64"
18 | }
19 |
20 |
21 | resource "openstack_compute_instance_v2" "gc_test-1" {
22 | name = "GenericCloud Test 1"
23 | image_name = "AlmaLinux OS 8.7.${formatdate("YYYYMMDD", timestamp())}"
24 | flavor_name = "m1.small"
25 | security_groups = ["SSH"]
26 | key_pair = "alcib"
27 |
28 |
29 | network {
30 | name = "public5"
31 | }
32 | }
33 |
34 |
35 | resource "openstack_compute_instance_v2" "gc_test-2" {
36 | name = "GenericCloud Test 2"
37 | image_name = "AlmaLinux OS 8.7.${formatdate("YYYYMMDD", timestamp())}"
38 | flavor_name = "m1.small"
39 | security_groups = ["SSH"]
40 | key_pair = "alcib"
41 |
42 |
43 | network {
44 | name = "public5"
45 | }
46 | }
47 |
48 |
49 | resource "local_file" "ssh_client_config" {
50 | content = templatefile("ssh-config.tftpl", {
51 | "Host1" = openstack_compute_instance_v2.gc_test-1.access_ip_v4
52 | "Host2" = openstack_compute_instance_v2.gc_test-2.access_ip_v4
53 | }
54 | )
55 | filename = "${path.module}/ssh-config"
56 | }
57 |
--------------------------------------------------------------------------------
/http/almalinux-8.vagrant-x86_64-bios.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 8 kickstart file for Vagrant boxes with BIOS boot on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/8/BaseOS/x86_64/kickstart/
4 | repo --name=BaseOS --baseurl=https://repo.almalinux.org/almalinux/8/BaseOS/x86_64/os/
5 | repo --name=AppStream --baseurl=https://repo.almalinux.org/almalinux/8/AppStream/x86_64/os/
6 |
7 | text
8 | skipx
9 | eula --agreed
10 | firstboot --disabled
11 | lang en_US.UTF-8
12 | keyboard us
13 | timezone UTC --isUtc
14 | network --bootproto=dhcp
15 | firewall --disabled
16 | services --enabled=sshd
17 | selinux --enforcing
18 |
19 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
20 |
21 | zerombr
22 | clearpart --all --initlabel
23 | reqpart
24 | part /boot --fstype=xfs --size=1024
25 | part / --fstype=xfs --grow
26 |
27 | rootpw vagrant
28 | user --name=vagrant --plaintext --password vagrant
29 |
30 | reboot --eject
31 |
32 | %packages --ignoremissing --excludedocs --instLangs=en_US.UTF-8
33 | bzip2
34 | tar
35 | -microcode_ctl
36 | -iwl*-firmware
37 | %end
38 |
39 | # disable kdump service
40 | %addon com_redhat_kdump --disable
41 | %end
42 |
43 | %post --erroronfail
44 |
45 | # allow vagrant user to run everything without a password
46 | echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
47 |
48 | # see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
49 | # for details about the requiretty.
50 | sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
51 |
52 | %end
53 |
--------------------------------------------------------------------------------
/tests/ami/launch_test_instances/amd64/launch_test_instances.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_providers {
3 | aws = {
4 | source = "hashicorp/aws"
5 | version = ">= 3.0"
6 | }
7 | local = {
8 | source = "hashicorp/local"
9 | version = ">= 2.0"
10 | }
11 | }
12 | }
13 |
14 |
15 | provider "aws" {
16 | region = "us-east-1"
17 | profile = "default"
18 | }
19 |
20 |
21 | data "aws_ami" "ami_test" {
22 | owners = ["764336703387"]
23 | most_recent = true
24 | name_regex = "AlmaLinux OS 8.*x86_64"
25 | }
26 |
27 |
28 | resource "aws_instance" "ami_test-1" {
29 | ami = data.aws_ami.ami_test.id
30 | associate_public_ip_address = true
31 | instance_type = "t2.micro"
32 | key_name = "alcib-user-prod"
33 | vpc_security_group_ids = ["sg-0b52b43429d9b1845"]
34 |
35 | tags = {
36 | "Name" = "AMI Test 1"
37 | }
38 | }
39 |
40 |
41 | resource "aws_instance" "ami_test-2" {
42 | ami = data.aws_ami.ami_test.id
43 | associate_public_ip_address = true
44 | instance_type = "t2.micro"
45 | key_name = "alcib-user-prod"
46 | vpc_security_group_ids = ["sg-0b52b43429d9b1845"]
47 |
48 | tags = {
49 | "Name" = "AMI Test 2"
50 | }
51 | }
52 |
53 |
54 | resource "local_file" "ssh_client_config" {
55 | content = templatefile("ssh-config.tftpl", {
56 | "Host1" = aws_instance.ami_test-1.public_dns
57 | "Host2" = aws_instance.ami_test-2.public_dns
58 | }
59 | )
60 | filename = "${path.module}/ssh-config"
61 | }
62 |
--------------------------------------------------------------------------------
/tests/ami/launch_test_instances/aarch64/launch_test_instances.tf:
--------------------------------------------------------------------------------
1 | terraform {
2 | required_providers {
3 | aws = {
4 | source = "hashicorp/aws"
5 | version = ">= 3.0"
6 | }
7 | local = {
8 | source = "hashicorp/local"
9 | version = ">= 2.0"
10 | }
11 | }
12 | }
13 |
14 |
15 | provider "aws" {
16 | region = "us-east-1"
17 | profile = "default"
18 | }
19 |
20 |
21 | data "aws_ami" "ami_test" {
22 | owners = ["764336703387"]
23 | most_recent = true
24 | name_regex = "AlmaLinux OS 8.*aarch64"
25 | }
26 |
27 |
28 | resource "aws_instance" "ami_test-1" {
29 | ami = data.aws_ami.ami_test.id
30 | associate_public_ip_address = true
31 | instance_type = "t4g.micro"
32 | key_name = "alcib-user-prod"
33 | vpc_security_group_ids = ["sg-0b52b43429d9b1845"]
34 |
35 | tags = {
36 | "Name" = "AMI Test 1"
37 | }
38 | }
39 |
40 |
41 | resource "aws_instance" "ami_test-2" {
42 | ami = data.aws_ami.ami_test.id
43 | associate_public_ip_address = true
44 | instance_type = "t4g.micro"
45 | key_name = "alcib-user-prod"
46 | vpc_security_group_ids = ["sg-0b52b43429d9b1845"]
47 |
48 | tags = {
49 | "Name" = "AMI Test 2"
50 | }
51 | }
52 |
53 |
54 | resource "local_file" "ssh_client_config" {
55 | content = templatefile("ssh-config.tftpl", {
56 | "Host1" = aws_instance.ami_test-1.public_dns
57 | "Host2" = aws_instance.ami_test-2.public_dns
58 | }
59 | )
60 | filename = "${path.module}/ssh-config"
61 | }
62 |
--------------------------------------------------------------------------------
/tests/ami/AMI.md:
--------------------------------------------------------------------------------
1 | # Tests for AlmaLinux Amazon Machine Images (AMI)
2 |
3 | This [Testinfra](https://testinfra.readthedocs.io/) test checks the facts below:
4 |
5 | - [x] `ec2-user` user created in a `ec2-user` group and its `UID` and `GUID` values is `1000`.
6 | - [x] `ec2-user` user's `/etc/sudoers.d/90-cloud-init-users` file is present and it's content is `ec2-user ALL=(ALL) NOPASSWD:ALL`.
7 | - [x] Amazon SSM Agent is installed, its services running and enabled.
8 | - [x] Only key-pair's public key present in `/home/ec2-user/.ssh/authorized_keys`.
9 | - [x] Installer logs and kickstart files removed after the installation.
10 | - [x] Networking works properly.
11 | - [x] [machine-id](https://www.freedesktop.org/software/systemd/man/machine-id.html) is unique on each instance created from the AMI.
12 | - [x] SSH host keys are unique on each instance created from the AMI.
13 |
14 |
15 | ## How to run
16 |
17 | Create two instances with Terraform:
18 |
19 | `x86_64`
20 |
21 | ```sh
22 | $ cd tests/ami/launch_test_instances/amd64/
23 | $ terraform apply -auto-approve
24 | ```
25 |
26 | `aarch64`
27 |
28 | ```sh
29 | $ cd tests/ami/launch_test_instances/aarch64/
30 | $ terraform apply -auto-approve
31 | ```
32 |
33 | Run tests with the generated `ssh-config` file.
34 |
35 | `x86_64`
36 |
37 | ```sh
38 | $ py.test -v --hosts=almalinux-test-1,almalinux-test-2 --ssh-config=tests/ami/launch_test_instances/amd64/ssh-config test_ami.py
39 | ```
40 |
41 | `aarch64`
42 |
43 | ```sh
44 | $ py.test -v --hosts=almalinux-test-1,almalinux-test-2 --ssh-config=tests/ami/launch_test_instances/aarch64/ssh-config test_ami.py
45 | ```
46 |
--------------------------------------------------------------------------------
/tests/genericcloud/launch_test_instances/GenericCloud.md:
--------------------------------------------------------------------------------
1 | # Tests for AlmaLinux Generic Cloud / OpenStack Image
2 |
3 | This [Testinfra](https://testinfra.readthedocs.io/) test checks the facts below:
4 |
5 | - [x] `almalinux` user created in a `almalinux` group and its `UID` and `GUID` values is `1000`.
6 | - [x] `almalinux` user's `/etc/sudoers.d/90-cloud-init-users` file is present and it's content is `almalinux ALL=(ALL) NOPASSWD:ALL`.
7 | - [x] QEMU Guest Agent is installed, its services enabled.
8 | - [x] Only key-pair's public key present in `/home/almalinux/.ssh/authorized_keys`.
9 | - [x] Installer logs and kickstart files removed after the installation.
10 | - [x] Networking works properly.
11 | - [x] [machine-id](https://www.freedesktop.org/software/systemd/man/machine-id.html) is unique on each instance created from the AMI.
12 | - [x] SSH host keys are unique on each instance created from the AMI.
13 |
14 |
15 | ## How to run
16 |
17 | Create two instances with Terraform:
18 |
19 | `x86_64`
20 |
21 | ```sh
22 | $ cd tests/genericcloud/launch_test_instances/amd64/
23 | $ terraform apply -auto-approve
24 | ```
25 |
26 | `aarch64`
27 |
28 | ```sh
29 | $ cd tests/genericcloud/launch_test_instances/aarch64/
30 | $ terraform apply -auto-approve
31 | ```
32 |
33 | Run tests with the auto-generated `ssh-config` file.
34 |
35 | `x86_64`
36 |
37 | ```sh
38 | $ py.test -v --hosts=almalinux-test-1,almalinux-test-2 --ssh-config=tests/genericcloud/launch_test_instances/amd64/ssh-config test_genericcloud.py
39 | ```
40 |
41 | `aarch64`
42 |
43 | ```sh
44 | $ py.test -v --hosts=almalinux-test-1,almalinux-test-2 --ssh-config=tests/genericcloud/launch_test_instances/aarch64/ssh-config test_genericcloud.py
45 | ```
46 |
--------------------------------------------------------------------------------
/vm-scripts/gcp/almalinux_8_arm64.publish.json:
--------------------------------------------------------------------------------
1 | {{/*
2 | Template to publish UEFI-enabled AlmaLinux images.
3 | By default this template is setup to publish to the 'gce-image-builder'
4 | project, the 'environment' variable can be used to publish to 'test', 'prod'
5 | DeleteAfter is set to 180 days for all environments other than prod where no
6 | time period is set.
7 | */}}
8 | {
9 | "Name": "almalinux-8-arm64",
10 | {{$work_project := printf "%q" "gce-image-builder" -}}
11 | {{$endpoint := `"https://www.googleapis.com/compute/alpha/projects/"` -}}
12 | {{$delete_after := `"24h*30*2"` -}}
13 | {{if eq .environment "test" -}}
14 | "WorkProject": {{$work_project}},
15 | "PublishProject": "almalinux-dev-images-469421",
16 | "ComputeEndpoint": {{$endpoint}},
17 | "DeleteAfter": {{$delete_after}},
18 | {{- else if eq .environment "prod" -}}
19 | "WorkProject": {{$work_project}},
20 | "PublishProject": "almalinux-cloud",
21 | "ComputeEndpoint": {{$endpoint}},
22 | {{- else -}}
23 | "WorkProject": {{$work_project}},
24 | "PublishProject": {{$work_project}},
25 | "ComputeEndpoint": {{$endpoint}},
26 | "DeleteAfter": {{$delete_after}},
27 | {{- end}}
28 | {{$guest_features := `["UEFI_COMPATIBLE", "GVNIC", "IDPF"]` -}}
29 | {{$time := trimPrefix .publish_version "v"}}
30 | "Images": [
31 | {
32 | "Family": "almalinux-8-arm64",
33 | "Prefix": "almalinux-8-arm64",
34 | "Description": "AlmaLinux, AlmaLinux, 8, aarch64 built on {{$time}}",
35 | "Architecture": "ARM64",
36 | "Licenses": [
37 | "projects/almalinux-cloud/global/licenses/almalinux-8"
38 | ],
39 | "Labels": {
40 | "public-image": "true"
41 | },
42 | "GuestOsFeatures": {{$guest_features}}
43 | }
44 | ]
45 | }
46 |
--------------------------------------------------------------------------------
/vm-scripts/gcp/almalinux_9_arm64.publish.json:
--------------------------------------------------------------------------------
1 | {{/*
2 | Template to publish UEFI-enabled AlmaLinux images.
3 | By default this template is setup to publish to the 'gce-image-builder'
4 | project, the 'environment' variable can be used to publish to 'test', 'prod'
5 | DeleteAfter is set to 180 days for all environments other than prod where no
6 | time period is set.
7 | */}}
8 | {
9 | "Name": "almalinux-9-arm64",
10 | {{$work_project := printf "%q" "gce-image-builder" -}}
11 | {{$endpoint := `"https://www.googleapis.com/compute/alpha/projects/"` -}}
12 | {{$delete_after := `"24h*30*2"` -}}
13 | {{if eq .environment "test" -}}
14 | "WorkProject": {{$work_project}},
15 | "PublishProject": "almalinux-dev-images-469421",
16 | "ComputeEndpoint": {{$endpoint}},
17 | "DeleteAfter": {{$delete_after}},
18 | {{- else if eq .environment "prod" -}}
19 | "WorkProject": {{$work_project}},
20 | "PublishProject": "almalinux-cloud",
21 | "ComputeEndpoint": {{$endpoint}},
22 | {{- else -}}
23 | "WorkProject": {{$work_project}},
24 | "PublishProject": {{$work_project}},
25 | "ComputeEndpoint": {{$endpoint}},
26 | "DeleteAfter": {{$delete_after}},
27 | {{- end}}
28 | {{$guest_features := `["UEFI_COMPATIBLE", "GVNIC", "IDPF"]` -}}
29 | {{$time := trimPrefix .publish_version "v"}}
30 | "Images": [
31 | {
32 | "Family": "almalinux-9-arm64",
33 | "Prefix": "almalinux-9-arm64",
34 | "Description": "AlmaLinux, AlmaLinux, 9, aarch64 built on {{$time}}",
35 | "Architecture": "ARM64",
36 | "Licenses": [
37 | "projects/almalinux-cloud/global/licenses/almalinux-9"
38 | ],
39 | "Labels": {
40 | "public-image": "true"
41 | },
42 | "GuestOsFeatures": {{$guest_features}}
43 | }
44 | ]
45 | }
46 |
--------------------------------------------------------------------------------
/tpl/edk2/OVMF_VARS.secboot.fd_20220126gitbb1bba3d77-6.el8_9.6.alma.aws:
--------------------------------------------------------------------------------
1 | QU1aTlVFRkny5B/dAAAAAHj5a7fZ95OD1bJQ2jfEmQVpsgx9VpAdunAAZQ5NkgWH87FMtw0+sIeHYRTgBy+YR8OAgVAaHwU4AfpcPTOWUsQIZynChF6KGI2WIqOlyGgpMlqKYJYixjhLEWb0UsR4tBQZLUVGS5HRUgSzFDHBWYqwoJciJqOlyGgpMlqKjJYimKWIKc5ShBW9FDEdLUVGS5HRUmS0FMEsRcxwliJs6KWI2WgpMlqKjJYio6UIZilijrMUYUcvRcxHS5HRUmS0FBktRRgYYGuxPPMySzITc6AlhH9RSmoRByxooXvm0PfcYSuELHAWQhzohZDFaCE0WgiNFkKjhRCibABtBzMAAjsoH+tOK6wLbxVX6biJlDG7Nud1bfuSpmwIWj2KvqKGHakpFJKZm5pfWgKfd8aqGFYYBOQklqTlF+X6JOalw1J/ah5WLbDSD6SUBa40Ha/xYYlFrkVF+UVuOYnpsBT0H/0gMmTHe6dWgkKJDxGoSMcA4fM1RKMhpkZxHBph/U/n/Dz/0pJJUB4li5GotbYKdaEwNrezItzumXeYgNMJbuQYKM8BDUI+dASHX2HxBExHQy6e0DK/YQ5SYUqvPQrY3MWJ5C5wewh50Rw2DaJQed/U3PyiypDKglTPPFCxAV6GDz2vi+SjedCPAQKlU1iplZLkDi1DBuFGFJz7FWh6HBV1nUrZ0Z6YC6lHz5ugz3kT+LYcDPpTrtA2G+Awm8Jz1/5b6LlmfznwVGPHLdn+rtuc16WO+3CZpWX1vJG+zjJhhYT4ktk7HzkYmZUdORh1bP8TlgOvxC6vOZzxPmnN3ZCcAIOIZa9r/k1Z7tf35U1NW3H4oSDFYpOoz4u7wk6w3GLnfPuj+/G5L3V96z584+7i+G1/UraoPnjH633JDx7bGqZuaHz6ac1ZsSXzbVdsnH3I6cKElvgQ2f+dr3bJuk/I31Ds5zjfYX7804VamwQnFncpanw4d6/YMt5udUzCm/vMAisuc7788m1a67b6wI40d8neRRuEbBu1MljLd0/0SaredpD9+K6qdhNmPu+kqpkvT/0552V+UndJeI3MP9s7O/ijfl07spmplcnq1eabeU8yFc3vNV78VirJmn55cnicprTliXe6D88+cS2OvnDpXNVqMckmt4gLcXMbN6evzzH9tOepvcoj00VcpWzfJMJmXqnQucgq/fpCB+PcVQIfWe/vqtNJ3s42W1nxyM+KnEcR4mxm2hOFmM8suflJd9fPKXMd3kq4fjzXFZNtt5r5coGEFlfWg3j3i1eTuYw+rb9uJq9VEPXUKZKj0Dt8V11z4wdFmy8yB4/unDCZr8N1ctvLjQoz9804fXTqktikawuSORT2lgqU19p+dt05f/r80+EN+cYrWc6XL0mSiaxDrwYcoNWAChu2aoBNAFgN/IBVAxyXj4DVsmBUA4N42xqNzlzE5WbEoRLY3Ty6TW10m9rQ3abGyDB63M/IPu4HfZc7aHf8C3ZmVl5FxJZdBSLHeZjhnZQK2FmG1DzjkBZO9Xb1fsGJvUOFfCIxulPxnEg8qM5Boo6Vo5tFRzeLjuzNokOiZUyjAx1wuZnCA/lRSpDR0yIH6rTIkdfiHT22b2Qf24c+jk9JMxI2LB/gDWstUulei9FW5GgrcrQVOQhakdQsLeCz/6l5KflF3qmVxX5l8PUj6NcjYLtWgViLYLOMkBwLyrCueYlJOakwyxjR70xghk5TgifPS4tL8nN981PgyjEukQApBwBqeA1u
--------------------------------------------------------------------------------
/vm-scripts/gcp/almalinux_10_arm64.publish.json:
--------------------------------------------------------------------------------
1 | {{/*
2 | Template to publish UEFI-enabled AlmaLinux images.
3 | By default this template is setup to publish to the 'gce-image-builder'
4 | project, the 'environment' variable can be used to publish to 'test', 'prod'
5 | DeleteAfter is set to 180 days for all environments other than prod where no
6 | time period is set.
7 | */}}
8 | {
9 | "Name": "almalinux-10-arm64",
10 | {{$work_project := printf "%q" "gce-image-builder" -}}
11 | {{$endpoint := `"https://www.googleapis.com/compute/alpha/projects/"` -}}
12 | {{$delete_after := `"24h*30*2"` -}}
13 | {{if eq .environment "test" -}}
14 | "WorkProject": {{$work_project}},
15 | "PublishProject": "almalinux-dev-images-469421",
16 | "ComputeEndpoint": {{$endpoint}},
17 | "DeleteAfter": {{$delete_after}},
18 | {{- else if eq .environment "prod" -}}
19 | "WorkProject": {{$work_project}},
20 | "PublishProject": "almalinux-cloud",
21 | "ComputeEndpoint": {{$endpoint}},
22 | {{- else -}}
23 | "WorkProject": {{$work_project}},
24 | "PublishProject": {{$work_project}},
25 | "ComputeEndpoint": {{$endpoint}},
26 | "DeleteAfter": {{$delete_after}},
27 | {{- end}}
28 | {{$guest_features := `["UEFI_COMPATIBLE", "GVNIC", "IDPF"]` -}}
29 | {{$time := trimPrefix .publish_version "v"}}
30 | "Images": [
31 | {
32 | "Family": "almalinux-10-arm64",
33 | "Prefix": "almalinux-10-arm64",
34 | "Description": "AlmaLinux, AlmaLinux, 10, aarch64 built on {{$time}}",
35 | "Architecture": "ARM64",
36 | "Licenses": [
37 | "projects/almalinux-cloud/global/licenses/almalinux-10"
38 | ],
39 | "Labels": {
40 | "public-image": "true"
41 | },
42 | "GuestOsFeatures": {{$guest_features}}
43 | }
44 | ]
45 | }
46 |
--------------------------------------------------------------------------------
/vm-scripts/gcp/almalinux_8.publish.json:
--------------------------------------------------------------------------------
1 | {{/*
2 | Template to publish UEFI-enabled AlmaLinux images.
3 | By default this template is setup to publish to the 'gce-image-builder'
4 | project, the 'environment' variable can be used to publish to 'test', 'prod'
5 | DeleteAfter is set to 180 days for all environments other than prod where no
6 | time period is set.
7 | */}}
8 | {
9 | "Name": "almalinux-8",
10 | {{$work_project := printf "%q" "gce-image-builder" -}}
11 | {{$endpoint := `"https://www.googleapis.com/compute/alpha/projects/"` -}}
12 | {{$delete_after := `"24h*30*2"` -}}
13 | {{if eq .environment "test" -}}
14 | "WorkProject": {{$work_project}},
15 | "PublishProject": "almalinux-dev-images-469421",
16 | "ComputeEndpoint": {{$endpoint}},
17 | "DeleteAfter": {{$delete_after}},
18 | {{- else if eq .environment "prod" -}}
19 | "WorkProject": {{$work_project}},
20 | "PublishProject": "almalinux-cloud",
21 | "ComputeEndpoint": {{$endpoint}},
22 | {{- else -}}
23 | "WorkProject": {{$work_project}},
24 | "PublishProject": {{$work_project}},
25 | "ComputeEndpoint": {{$endpoint}},
26 | "DeleteAfter": {{$delete_after}},
27 | {{- end}}
28 | {{$guest_features := `["UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", "SEV_CAPABLE", "SEV_LIVE_MIGRATABLE", "GVNIC", "IDPF"]` -}}
29 | {{$time := trimPrefix .publish_version "v"}}
30 | "Images": [
31 | {
32 | "Family": "almalinux-8",
33 | "Prefix": "almalinux-8",
34 | "Description": "AlmaLinux, AlmaLinux, 8, x86_64 built on {{$time}}",
35 | "Architecture": "X86_64",
36 | "Licenses": [
37 | "projects/almalinux-cloud/global/licenses/almalinux-8"
38 | ],
39 | "Labels": {
40 | "public-image": "true"
41 | },
42 | "GuestOsFeatures": {{$guest_features}}
43 | }
44 | ]
45 | }
46 |
--------------------------------------------------------------------------------
/http/almalinux-10.azure-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Azure VM images on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="loglevel=3 console=tty1 console=ttyS0 earlyprintk=ttyS0 rootdelay=300 no_timer_check net.ifnames=0 nvme_core.io_timeout=240"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages --exclude-weakdeps --inst-langs=en
31 | dracut-config-generic
32 | grub2-pc
33 | tar
34 | -*firmware
35 | -dracut-config-rescue
36 | -firewalld
37 | -qemu-guest-agent
38 | %end
39 |
40 | # disable kdump service
41 | %addon com_redhat_kdump --disable
42 | %end
43 |
44 | %post --erroronfail
45 |
46 | EX_NOINPUT=66
47 |
48 | root_disk=$(grub2-probe --target=disk /boot/grub2)
49 |
50 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
51 | grub2-install --target=i386-pc "$root_disk"
52 | else
53 | exit "$EX_NOINPUT"
54 | fi
55 |
56 | # permit root login via SSH with password authetication
57 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
58 |
59 | %end
60 |
--------------------------------------------------------------------------------
/http/almalinux-10.gencloud-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images with unified (BIOS+UEFI) boot on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages --exclude-weakdeps --inst-langs=en
31 | dracut-config-generic
32 | grub2-pc
33 | tar
34 | -*firmware
35 | -dracut-config-rescue
36 | -firewalld
37 | %end
38 |
39 | # disable kdump service
40 | %addon com_redhat_kdump --disable
41 | %end
42 |
43 | %post --erroronfail
44 |
45 | EX_NOINPUT=66
46 |
47 | root_disk=$(grub2-probe --target=disk /boot/grub2)
48 |
49 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
50 | grub2-install --target=i386-pc "$root_disk"
51 | else
52 | exit "$EX_NOINPUT"
53 | fi
54 |
55 | # permit root login via SSH with password authetication
56 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
57 |
58 | %end
59 |
--------------------------------------------------------------------------------
/http/almalinux-10.gencloud-x86_64_v2.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images with unified (BIOS+UEFI) boot on x86_64_v2
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/x86_64_v2/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages --exclude-weakdeps --inst-langs=en
31 | dracut-config-generic
32 | grub2-pc
33 | tar
34 | -*firmware
35 | -dracut-config-rescue
36 | -firewalld
37 | %end
38 |
39 | # disable kdump service
40 | %addon com_redhat_kdump --disable
41 | %end
42 |
43 | %post --erroronfail
44 |
45 | EX_NOINPUT=66
46 |
47 | root_disk=$(grub2-probe --target=disk /boot/grub2)
48 |
49 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
50 | grub2-install --target=i386-pc "$root_disk"
51 | else
52 | exit "$EX_NOINPUT"
53 | fi
54 |
55 | # permit root login via SSH with password authetication
56 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
57 |
58 | %end
59 |
--------------------------------------------------------------------------------
/http/almalinux-9.azure-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 9 kickstart file for Azure VM images on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="loglevel=3 console=tty1 console=ttyS0 earlyprintk=ttyS0 rootdelay=300 no_timer_check net.ifnames=0 nvme_core.io_timeout=240"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages --exclude-weakdeps --inst-langs=en
31 | dracut-config-generic
32 | grub2-pc
33 | tar
34 | rsyslog-logrotate
35 | -*firmware
36 | -dracut-config-rescue
37 | -firewalld
38 | -qemu-guest-agent
39 | %end
40 |
41 | # disable kdump service
42 | %addon com_redhat_kdump --disable
43 | %end
44 |
45 | %post --erroronfail
46 |
47 | EX_NOINPUT=66
48 |
49 | root_disk=$(grub2-probe --target=disk /boot/grub2)
50 |
51 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
52 | grub2-install --target=i386-pc "$root_disk"
53 | else
54 | exit "$EX_NOINPUT"
55 | fi
56 |
57 | # permit root login via SSH with password authetication
58 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
59 |
60 | %end
61 |
--------------------------------------------------------------------------------
/http/almalinux-9.gencloud-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 9 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images with unified (BIOS+UEFI) boot on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages --exclude-weakdeps --inst-langs=en
31 | dracut-config-generic
32 | grub2-pc
33 | tar
34 | rsyslog-logrotate
35 | -*firmware
36 | -dracut-config-rescue
37 | -firewalld
38 | %end
39 |
40 | # disable kdump service
41 | %addon com_redhat_kdump --disable
42 | %end
43 |
44 | %post --erroronfail
45 |
46 | EX_NOINPUT=66
47 |
48 | root_disk=$(grub2-probe --target=disk /boot/grub2)
49 |
50 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
51 | grub2-install --target=i386-pc "$root_disk"
52 | else
53 | exit "$EX_NOINPUT"
54 | fi
55 |
56 | # permit root login via SSH with password authetication
57 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
58 |
59 | %end
60 |
--------------------------------------------------------------------------------
/http/almalinux-kitten-10.azure-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS Kitten 10 kickstart file for Azure VM images on x86_64
2 |
3 | url --url https://kitten.repo.almalinux.org/10-kitten/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="loglevel=3 console=tty1 console=ttyS0 earlyprintk=ttyS0 rootdelay=300 no_timer_check net.ifnames=0 nvme_core.io_timeout=240"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages --exclude-weakdeps --inst-langs=en
31 | dracut-config-generic
32 | grub2-pc
33 | tar
34 | -*firmware
35 | -dracut-config-rescue
36 | -firewalld
37 | -qemu-guest-agent
38 | %end
39 |
40 | # disable kdump service
41 | %addon com_redhat_kdump --disable
42 | %end
43 |
44 | %post --erroronfail
45 |
46 | EX_NOINPUT=66
47 |
48 | root_disk=$(grub2-probe --target=disk /boot/grub2)
49 |
50 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
51 | grub2-install --target=i386-pc "$root_disk"
52 | else
53 | exit "$EX_NOINPUT"
54 | fi
55 |
56 | # permit root login via SSH with password authetication
57 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
58 |
59 | %end
60 |
--------------------------------------------------------------------------------
/vm-scripts/gcp/almalinux_9.publish.json:
--------------------------------------------------------------------------------
1 | {{/*
2 | Template to publish UEFI-enabled AlmaLinux images.
3 | By default this template is setup to publish to the 'gce-image-builder'
4 | project, the 'environment' variable can be used to publish to 'test', 'prod'
5 | DeleteAfter is set to 180 days for all environments other than prod where no
6 | time period is set.
7 | */}}
8 | {
9 | "Name": "almalinux-9",
10 | {{$work_project := printf "%q" "gce-image-builder" -}}
11 | {{$endpoint := `"https://www.googleapis.com/compute/alpha/projects/"` -}}
12 | {{$delete_after := `"24h*30*2"` -}}
13 | {{if eq .environment "test" -}}
14 | "WorkProject": {{$work_project}},
15 | "PublishProject": "almalinux-dev-images-469421",
16 | "ComputeEndpoint": {{$endpoint}},
17 | "DeleteAfter": {{$delete_after}},
18 | {{- else if eq .environment "prod" -}}
19 | "WorkProject": {{$work_project}},
20 | "PublishProject": "almalinux-cloud",
21 | "ComputeEndpoint": {{$endpoint}},
22 | {{- else -}}
23 | "WorkProject": {{$work_project}},
24 | "PublishProject": {{$work_project}},
25 | "ComputeEndpoint": {{$endpoint}},
26 | "DeleteAfter": {{$delete_after}},
27 | {{- end}}
28 | {{$guest_features := `["UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", "SEV_CAPABLE", "SEV_SNP_CAPABLE", "SEV_LIVE_MIGRATABLE", "GVNIC", "IDPF", "TDX_CAPABLE"]` -}}
29 | {{$time := trimPrefix .publish_version "v"}}
30 | "Images": [
31 | {
32 | "Family": "almalinux-9",
33 | "Prefix": "almalinux-9",
34 | "Description": "AlmaLinux, AlmaLinux, 9, x86_64 built on {{$time}}",
35 | "Architecture": "X86_64",
36 | "Licenses": [
37 | "projects/almalinux-cloud/global/licenses/almalinux-9"
38 | ],
39 | "Labels": {
40 | "public-image": "true"
41 | },
42 | "GuestOsFeatures": {{$guest_features}}
43 | }
44 | ]
45 | }
46 |
--------------------------------------------------------------------------------
/ansible/roles/aws_guest/files/amazon-ssm-agent.gpg:
--------------------------------------------------------------------------------
1 | -----BEGIN PGP PUBLIC KEY BLOCK-----
2 | Version: GnuPG v2.0.22 (GNU/Linux)
3 |
4 | mQENBGIxF/8BCADv014neDCfkpdj79/XVeQVy0Wz9LSiB/iksc1jTPaCgD/9ojdQ
5 | 10LfEFEyLoeTEhX5WBu0Ry7oKW9AK51kscMjTHwdFnzXsT4tAoSXxh7lbgdfhpVm
6 | bJ0bVArrzKIQ8JOE2lrn6LgVcGTtbPGURNNNRD1nZEgZm6wni+ZoplsXmsj0wD7f
7 | I5zhk/e+OyrsolpNWBJB0vf6JXVV2MauZKGlwRR4pZoSw5yPOa0rZDtOTtPbUX5C
8 | lWGLtdQ3848YvgjMzK9GeEqK9n6yQx5potlvxJ6TCZsZTwXXF5LyPuv2y6U22075
9 | JjMMX7noNnVnipKMj+l7x5fis+X+gafF/PbTABEBAAG0J1NTTSBBZ2VudCA8c3Nt
10 | LWFnZW50LXNpZ25lckBhbWF6b24uY29tPokBPwQTAQIAKQUCYjEX/wIbLwUJAsaY
11 | gAcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEN2BphdWuqVJUKoIANHALkLq
12 | xsUco2JwymOorf+1icVtL8MSdi87lIhxfIGWaGN5CkzrkBAJlIyf/C+hVcLzR9rQ
13 | DWIJakLWE3XPb4g8fWyr5VlOoYbcGLCky0fL5O0pWEnF2ecQMMSpwkdv9zx7qUoo
14 | PssEpuwz5kIOYp2ENy21IPkMGpny8MCbzQ+sHysLWiJ/b0aWX9giPuMe5vTO3djM
15 | CPtyA5CeG3BMawPOaDQvjxB+DnWCg1HslgdzpZiSsusuZ8u3xKaehEMiB/Li2BO9
16 | yZMAeG6iok4Dn01ZVVpU9mftZKIm/T5WBX5x+TBhQ1b30MQcN61kFEe0Gll3ReTu
17 | CPEuDwAb4WruFkaJAhwEEAECAAYFAmIxGAAACgkQfdCXo9rX9fy5yQ/+PIBXWQc4
18 | D/a6/nEaGM/FrLDLgPSieBCbU4TpvB7qPg6gJUX8CA+h8cZ06wDgcdi9sJ3MwTnQ
19 | Ze1OzZ8AJroRP6XhwVeNEbeedBbmr7irSg8lIdyXZed0G0T+7SX/MDEyup16vRxW
20 | k2UyBCXYqnxBHXeTKf9GxH0nODpcGPGByqjfmSB3nj2wZN0g8SWWz6oEWcXv218B
21 | FJyJj7W2bQsbMXoHlILP28Ec5QN1r8cC1b1nQsmx4120XSKFWvi8trG2+dDb58LR
22 | 1afsEW8OhJwsJcba1YIMznxMbWpfyZww2S6g7rFahm1wKCxMkHIZ+Fca6axKoK9Y
23 | KJaEPn9rbhh11XsgKBNIIP1h0eGmQTAvM01dWI9895fiaK3pQkCxV7in6dTxi8Jy
24 | 7iJBbORStxsospBJzLf+0Ca3yvILxySg1Q2EuOKuN2VW7N/l3IffJ85DVjjQgh6A
25 | T4L6ViK/0L6ww5n8tboKB/Jz9OUDGf2idxhQe8WenIogAU3y4ZGUyzcZHMg9lRke
26 | hdLYGtqRATdWuwFQbwjPeBNovulqKOPXU9BLEezz8gMtd6/aW/UQA33xuZlh959o
27 | DHhGwWDXEJzhrIlFAljkb7rsIhhjrg/R2usSIi78i1jFkGsVqRET2/avn7/kBcgL
28 | yIk43DugjkN04nzHfULMJmEm02uVumgSJzQ=
29 | =rGEs
30 | -----END PGP PUBLIC KEY BLOCK-----
31 |
--------------------------------------------------------------------------------
/vm-scripts/gcp/almalinux_10.publish.json:
--------------------------------------------------------------------------------
1 | {{/*
2 | Template to publish UEFI-enabled AlmaLinux images.
3 | By default this template is setup to publish to the 'gce-image-builder'
4 | project, the 'environment' variable can be used to publish to 'test', 'prod'
5 | DeleteAfter is set to 180 days for all environments other than prod where no
6 | time period is set.
7 | */}}
8 | {
9 | "Name": "almalinux-10",
10 | {{$work_project := printf "%q" "gce-image-builder" -}}
11 | {{$endpoint := `"https://www.googleapis.com/compute/alpha/projects/"` -}}
12 | {{$delete_after := `"24h*30*2"` -}}
13 | {{if eq .environment "test" -}}
14 | "WorkProject": {{$work_project}},
15 | "PublishProject": "almalinux-dev-images-469421",
16 | "ComputeEndpoint": {{$endpoint}},
17 | "DeleteAfter": {{$delete_after}},
18 | {{- else if eq .environment "prod" -}}
19 | "WorkProject": {{$work_project}},
20 | "PublishProject": "almalinux-cloud",
21 | "ComputeEndpoint": {{$endpoint}},
22 | {{- else -}}
23 | "WorkProject": {{$work_project}},
24 | "PublishProject": {{$work_project}},
25 | "ComputeEndpoint": {{$endpoint}},
26 | "DeleteAfter": {{$delete_after}},
27 | {{- end}}
28 | {{$guest_features := `["UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE", "SEV_CAPABLE", "SEV_SNP_CAPABLE", "SEV_LIVE_MIGRATABLE", "SEV_LIVE_MIGRATABLE_V2", "GVNIC", "IDPF", "TDX_CAPABLE"]` -}}
29 | {{$time := trimPrefix .publish_version "v"}}
30 | "Images": [
31 | {
32 | "Family": "almalinux-10",
33 | "Prefix": "almalinux-10",
34 | "Description": "AlmaLinux, AlmaLinux, 10, x86_64 built on {{$time}}",
35 | "Architecture": "X86_64",
36 | "Licenses": [
37 | "projects/almalinux-cloud/global/licenses/almalinux-10"
38 | ],
39 | "Labels": {
40 | "public-image": "true"
41 | },
42 | "GuestOsFeatures": {{$guest_features}}
43 | }
44 | ]
45 | }
46 |
--------------------------------------------------------------------------------
/http/almalinux-8.oci-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 8 kickstart file for Oracle Cloud Infrastructure (OCI) images with unified (BIOS+UEFI) boot on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/8/BaseOS/x86_64/os
4 |
5 | text
6 | skipx
7 | eula --agreed
8 | firstboot --disabled
9 | lang en_US.UTF-8
10 | keyboard us
11 | timezone UTC --isUtc
12 | network --bootproto=dhcp
13 | firewall --disabled
14 | services --disabled="kdump" --enabled="chronyd,rsyslog,sshd"
15 | selinux --enforcing
16 |
17 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0 netroot=iscsi:169.254.0.2:::1:iqn.2015-02.oracle.boot:uefi rd.iscsi.param=node.session.timeo.replacement_timeout=6000 libiscsi.debug_libiscsi_eh=1 nvme_core.shutdown_timeout=10"
18 |
19 | %pre --erroronfail
20 |
21 | parted -s -a optimal /dev/sda -- mklabel gpt
22 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
23 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
24 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
25 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
26 |
27 | %end
28 |
29 | part biosboot --fstype=biosboot --onpart=sda1
30 | part /boot/efi --fstype=efi --onpart=sda2
31 | part /boot --fstype=xfs --onpart=sda3
32 | part / --fstype=xfs --onpart=sda4
33 |
34 | rootpw --plaintext almalinux
35 |
36 | reboot --eject
37 |
38 | %packages
39 | @core
40 | grub2-pc
41 | tar
42 | -biosdevname
43 | -open-vm-tools
44 | -plymouth
45 | -dnf-plugin-spacewalk
46 | -rhn*
47 | -iprutils
48 | -iwl*-firmware
49 | %end
50 |
51 | # disable kdump service
52 | %addon com_redhat_kdump --disable
53 | %end
54 |
55 | %post --erroronfail
56 |
57 | EX_NOINPUT=66
58 |
59 | root_disk=$(grub2-probe --target=disk /boot/grub2)
60 |
61 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
62 | grub2-install --target=i386-pc "$root_disk"
63 | else
64 | exit "$EX_NOINPUT"
65 | fi
66 |
67 | %end
68 |
--------------------------------------------------------------------------------
/http/almalinux-10.oci-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Oracle Cloud Infrastructure (OCI) images with unified (BIOS+UEFI) boot on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0 netroot=iscsi rd.iscsi.firmware=1 rd.iscsi.param=node.session.timeo.replacement_timeout=6000 libiscsi.debug_libiscsi_eh=1 nvme_core.shutdown_timeout=10"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages --exclude-weakdeps --inst-langs=en
31 | dracut-config-generic
32 | dracut-network
33 | grub2-pc
34 | tar
35 | rsyslog-logrotate
36 | -*firmware
37 | -dracut-config-rescue
38 | -firewalld
39 | %end
40 |
41 | # disable kdump service
42 | %addon com_redhat_kdump --disable
43 | %end
44 |
45 | %post --erroronfail
46 |
47 | EX_NOINPUT=66
48 |
49 | root_disk=$(grub2-probe --target=disk /boot/grub2)
50 |
51 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
52 | grub2-install --target=i386-pc "$root_disk"
53 | else
54 | exit "$EX_NOINPUT"
55 | fi
56 |
57 | # permit root login via SSH with password authetication
58 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
59 |
60 | %end
61 |
--------------------------------------------------------------------------------
/http/almalinux-9.oci-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 9 kickstart file for Oracle Cloud Infrastructure (OCI) images with unified (BIOS+UEFI) boot on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0 netroot=iscsi:169.254.0.2:::1:iqn.2015-02.oracle.boot:uefi rd.iscsi.param=node.session.timeo.replacement_timeout=6000 libiscsi.debug_libiscsi_eh=1 nvme_core.shutdown_timeout=10"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages --exclude-weakdeps --inst-langs=en
31 | dracut-config-generic
32 | grub2-pc
33 | tar
34 | rsyslog-logrotate
35 | -*firmware
36 | -dracut-config-rescue
37 | -firewalld
38 | %end
39 |
40 | # disable kdump service
41 | %addon com_redhat_kdump --disable
42 | %end
43 |
44 | %post --erroronfail
45 |
46 | EX_NOINPUT=66
47 |
48 | root_disk=$(grub2-probe --target=disk /boot/grub2)
49 |
50 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
51 | grub2-install --target=i386-pc "$root_disk"
52 | else
53 | exit "$EX_NOINPUT"
54 | fi
55 |
56 | # permit root login via SSH with password authetication
57 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
58 |
59 | %end
60 |
--------------------------------------------------------------------------------
/http/almalinux-8.azure-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 8 kickstart file for Azure VM images on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/8/BaseOS/x86_64/kickstart/
4 | repo --name=BaseOS --baseurl=https://repo.almalinux.org/almalinux/8/BaseOS/x86_64/os/
5 | repo --name=AppStream --baseurl=https://repo.almalinux.org/almalinux/8/AppStream/x86_64/os/
6 |
7 | text
8 | skipx
9 | eula --agreed
10 | firstboot --disabled
11 | lang en_US.UTF-8
12 | keyboard us
13 | timezone UTC --isUtc
14 | network --bootproto=dhcp
15 | firewall --disabled
16 | services --disabled="kdump" --enabled="chronyd,rsyslog,sshd"
17 | selinux --enforcing
18 |
19 | bootloader --timeout=0 --location=mbr --append="loglevel=3 console=tty1 console=ttyS0 earlyprintk=ttyS0 rootdelay=300 no_timer_check net.ifnames=0 nvme_core.io_timeout=240"
20 |
21 | %pre --erroronfail
22 |
23 | parted -s -a optimal /dev/sda -- mklabel gpt
24 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
25 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
26 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
27 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
28 |
29 | %end
30 |
31 | part biosboot --fstype=biosboot --onpart=sda1
32 | part /boot/efi --fstype=efi --onpart=sda2
33 | part /boot --fstype=xfs --onpart=sda3
34 | part / --fstype=xfs --onpart=sda4
35 |
36 | rootpw --plaintext almalinux
37 | reboot --eject
38 |
39 | %packages
40 | @core
41 | grub2-pc
42 | tar
43 | -biosdevname
44 | -open-vm-tools
45 | -plymouth
46 | -dnf-plugin-spacewalk
47 | -rhn*
48 | -iprutils
49 | -iwl*-firmware
50 | %end
51 |
52 | # disable kdump service
53 | %addon com_redhat_kdump --disable
54 | %end
55 |
56 | %post --erroronfail
57 |
58 | EX_NOINPUT=66
59 |
60 | root_disk=$(grub2-probe --target=disk /boot/grub2)
61 |
62 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
63 | grub2-install --target=i386-pc "$root_disk"
64 | else
65 | exit "$EX_NOINPUT"
66 | fi
67 |
68 | %end
69 |
--------------------------------------------------------------------------------
/http/almalinux-kitten-10.gencloud-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS Kitten 10 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images with unified (BIOS+UEFI) boot on x86_64
2 |
3 | url --url https://kitten.repo.almalinux.org/10-kitten/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages --exclude-weakdeps --inst-langs=en
31 | dracut-config-generic
32 | grub2-pc
33 | tar
34 | -*firmware
35 | -dracut-config-rescue
36 | -firewalld
37 | %end
38 |
39 | # disable kdump service
40 | %addon com_redhat_kdump --disable
41 | %end
42 |
43 | %post --erroronfail
44 |
45 | EX_NOINPUT=66
46 |
47 | root_disk=$(grub2-probe --target=disk /boot/grub2)
48 |
49 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
50 | grub2-install --target=i386-pc "$root_disk"
51 | else
52 | exit "$EX_NOINPUT"
53 | fi
54 |
55 | # permit root login via SSH with password authetication
56 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
57 |
58 | # To fix the OpenSSH version 9.9p1-16.el10 issue:
59 | # ssh: unexpected packet in response to channel open:
60 | dnf -y reinstall openssh-server
61 |
62 | %end
63 |
--------------------------------------------------------------------------------
/http/almalinux-kitten-10.gencloud-x86_64_v2.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS Kitten 10 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images with unified (BIOS+UEFI) boot on x86_64_v2
2 |
3 | url --url https://kitten.repo.almalinux.org/10-kitten/BaseOS/x86_64_v2/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw --plaintext almalinux
28 | reboot --eject
29 |
30 | %packages --exclude-weakdeps --inst-langs=en
31 | dracut-config-generic
32 | grub2-pc
33 | tar
34 | -*firmware
35 | -dracut-config-rescue
36 | -firewalld
37 | %end
38 |
39 | # disable kdump service
40 | %addon com_redhat_kdump --disable
41 | %end
42 |
43 | %post --erroronfail
44 |
45 | EX_NOINPUT=66
46 |
47 | root_disk=$(grub2-probe --target=disk /boot/grub2)
48 |
49 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
50 | grub2-install --target=i386-pc "$root_disk"
51 | else
52 | exit "$EX_NOINPUT"
53 | fi
54 |
55 | # permit root login via SSH with password authetication
56 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
57 |
58 | # To fix the OpenSSH version 9.9p1-16.el10 issue:
59 | # ssh: unexpected packet in response to channel open:
60 | dnf -y reinstall openssh-server
61 |
62 | %end
63 |
--------------------------------------------------------------------------------
/tests/vagrant/Vagrant.md:
--------------------------------------------------------------------------------
1 | # Tests for AlmaLinux Vagrant Boxes
2 |
3 | This [Testinfra](https://testinfra.readthedocs.io/) test checks the facts below:
4 |
5 | - [x] `vagrant` user created in a `vagrant` group and its `UID` and `GUID` values is `1000`.
6 | - [x] `vagrant` user's `/etc/sudoers.d/vagrant` file is present and it's content is `vagrant ALL=(ALL) NOPASSWD: ALL`.
7 | - [x] Hypervisor Guest Additions/Tools/Agents/Kernel modules installed based on the provider of the box.
8 | - [x] Guest agents services running and enabled.
9 | - [x] Only [Vagrant insecure public key](https://github.com/hashicorp/vagrant/tree/main/keys) present in `/home/vagrant/.ssh/authorized_keys`.
10 | - [x] Vagrant [synced folders](https://www.vagrantup.com/docs/synced-folders) are working.
11 | - [x] Installer logs and kickstart files removed after the installation.
12 | - [x] Networking works properly.
13 | - [x] [machine-id](https://www.freedesktop.org/software/systemd/man/machine-id.html) is unique on each machine created from the boxes.
14 | - [x] SSH host keys are unique on each machine created from the boxes.
15 |
16 |
17 | ## How to run
18 |
19 | Set the major version (8 or 9) of the AlmaLinux OS to the `OS_MAJOR_VER` variable before running the vagrant:
20 |
21 | Linux:
22 |
23 | ```sh
24 | export OS_MAJOR_VER=8
25 | vagrant box add --name almalinux-$OS_MAJOR_VER-test *.box
26 | vagrant up
27 | vagrant ssh-config > .vagrant/ssh-config
28 | py.test -v --hosts=almalinux-test-1,almalinux-test-2 --ssh-config=.vagrant/ssh-config test_vagrant.py
29 | ```
30 | Windows:
31 |
32 | ```powershell
33 | # If you don't want to enter username and password on each vagrant up:
34 | $Env:SMB_USERNAME = 'USER'
35 | $Env:SMB_PASSWORD = 'PASSWORD'
36 | $Env:OS_MAJOR_VER = '8'
37 | vagrant box add --name almalinux-$OS_MAJOR_VER-test *.box
38 | vagrant up
39 | vagrant ssh-config | Out-File -Encoding ascii -FilePath .vagrant/ssh-config
40 | py.test -v --hosts=almalinux-test-1,almalinux-test-2 --ssh-config=.vagrant/ssh-config test_vagrant.py
41 | ```
42 |
--------------------------------------------------------------------------------
/http/almalinux-8.gencloud-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 8 kickstart file for Cloud-init included and OpenStack compatible Generic Cloud images with unified (BIOS+UEFI) boot on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/8/BaseOS/x86_64/kickstart/
4 | repo --name=BaseOS --baseurl=https://repo.almalinux.org/almalinux/8/BaseOS/x86_64/os/
5 | repo --name=AppStream --baseurl=https://repo.almalinux.org/almalinux/8/AppStream/x86_64/os/
6 |
7 | text
8 | skipx
9 | eula --agreed
10 | firstboot --disabled
11 | lang en_US.UTF-8
12 | keyboard us
13 | timezone UTC --isUtc
14 | network --bootproto=dhcp
15 | firewall --disabled
16 | services --disabled="kdump" --enabled="chronyd,rsyslog,sshd"
17 | selinux --enforcing
18 |
19 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
20 |
21 | %pre --erroronfail
22 |
23 | parted -s -a optimal /dev/sda -- mklabel gpt
24 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
25 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
26 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
27 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
28 |
29 | %end
30 |
31 | part biosboot --fstype=biosboot --onpart=sda1
32 | part /boot/efi --fstype=efi --onpart=sda2
33 | part /boot --fstype=xfs --onpart=sda3
34 | part / --fstype=xfs --onpart=sda4
35 |
36 | rootpw --plaintext almalinux
37 |
38 | reboot --eject
39 |
40 | %packages
41 | @core
42 | grub2-pc
43 | tar
44 | -biosdevname
45 | -open-vm-tools
46 | -plymouth
47 | -dnf-plugin-spacewalk
48 | -rhn*
49 | -iprutils
50 | -iwl*-firmware
51 | %end
52 |
53 | # disable kdump service
54 | %addon com_redhat_kdump --disable
55 | %end
56 |
57 | %post --erroronfail
58 |
59 | EX_NOINPUT=66
60 |
61 | root_disk=$(grub2-probe --target=disk /boot/grub2)
62 |
63 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
64 | grub2-install --target=i386-pc "$root_disk"
65 | else
66 | exit "$EX_NOINPUT"
67 | fi
68 |
69 | %end
70 |
--------------------------------------------------------------------------------
/http/almalinux-10.vagrant-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Vagrant boxes with unified (BIOS+UEFI) boot on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 no_timer_check net.ifnames=0"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw vagrant
28 | user --name=vagrant --plaintext --password vagrant
29 | reboot --eject
30 |
31 | %packages --exclude-weakdeps --inst-langs=en
32 | dracut-config-generic
33 | grub2-pc
34 | tar
35 | -*firmware
36 | -dracut-config-rescue
37 | -firewalld
38 | %end
39 |
40 | # disable kdump service
41 | %addon com_redhat_kdump --disable
42 | %end
43 |
44 | %post --erroronfail
45 |
46 | EX_NOINPUT=66
47 |
48 | root_disk=$(grub2-probe --target=disk /boot/grub2)
49 |
50 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
51 | grub2-install --target=i386-pc "$root_disk"
52 | else
53 | exit "$EX_NOINPUT"
54 | fi
55 |
56 | # allow vagrant user to run everything without a password
57 | echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
58 |
59 | # see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
60 | # for details about the requiretty.
61 | sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
62 |
63 | # permit root login via SSH with password authetication
64 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
65 |
66 | %end
67 |
--------------------------------------------------------------------------------
/http/almalinux-10.vagrant-x86_64_v2.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 10 kickstart file for Vagrant boxes with unified (BIOS+UEFI) boot on x86_64_v2
2 |
3 | url --url https://repo.almalinux.org/almalinux/10/BaseOS/x86_64_v2/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 no_timer_check net.ifnames=0"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw vagrant
28 | user --name=vagrant --plaintext --password vagrant
29 | reboot --eject
30 |
31 | %packages --exclude-weakdeps --inst-langs=en
32 | dracut-config-generic
33 | grub2-pc
34 | tar
35 | -*firmware
36 | -dracut-config-rescue
37 | -firewalld
38 | %end
39 |
40 | # disable kdump service
41 | %addon com_redhat_kdump --disable
42 | %end
43 |
44 | %post --erroronfail
45 |
46 | EX_NOINPUT=66
47 |
48 | root_disk=$(grub2-probe --target=disk /boot/grub2)
49 |
50 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
51 | grub2-install --target=i386-pc "$root_disk"
52 | else
53 | exit "$EX_NOINPUT"
54 | fi
55 |
56 | # allow vagrant user to run everything without a password
57 | echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
58 |
59 | # see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
60 | # for details about the requiretty.
61 | sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
62 |
63 | # permit root login via SSH with password authetication
64 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
65 |
66 | %end
67 |
--------------------------------------------------------------------------------
/http/almalinux-9.vagrant-x86_64-bios.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 9 kickstart file for Vagrant boxes with BIOS boot on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw vagrant
28 | user --name=vagrant --plaintext --password vagrant
29 | reboot --eject
30 |
31 | %packages --exclude-weakdeps --inst-langs=en
32 | dracut-config-generic
33 | grub2-pc
34 | tar
35 | rsyslog-logrotate
36 | -*firmware
37 | -dracut-config-rescue
38 | -firewalld
39 | %end
40 |
41 | # disable kdump service
42 | %addon com_redhat_kdump --disable
43 | %end
44 |
45 | %post --erroronfail
46 |
47 | EX_NOINPUT=66
48 |
49 | root_disk=$(grub2-probe --target=disk /boot/grub2)
50 |
51 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
52 | grub2-install --target=i386-pc "$root_disk"
53 | else
54 | exit "$EX_NOINPUT"
55 | fi
56 |
57 | # allow vagrant user to run everything without a password
58 | echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
59 |
60 | # see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
61 | # for details about the requiretty.
62 | sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
63 |
64 | # permit root login via SSH with password authetication
65 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
66 |
67 | %end
68 |
--------------------------------------------------------------------------------
/http/almalinux-9.vagrant-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 9 kickstart file for Vagrant boxes with unified (BIOS+UEFI) boot on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/9/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw vagrant
28 | user --name=vagrant --plaintext --password vagrant
29 | reboot --eject
30 |
31 | %packages --exclude-weakdeps --inst-langs=en
32 | dracut-config-generic
33 | grub2-pc
34 | tar
35 | rsyslog-logrotate
36 | -*firmware
37 | -dracut-config-rescue
38 | -firewalld
39 | %end
40 |
41 | # disable kdump service
42 | %addon com_redhat_kdump --disable
43 | %end
44 |
45 | %post --erroronfail
46 |
47 | EX_NOINPUT=66
48 |
49 | root_disk=$(grub2-probe --target=disk /boot/grub2)
50 |
51 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
52 | grub2-install --target=i386-pc "$root_disk"
53 | else
54 | exit "$EX_NOINPUT"
55 | fi
56 |
57 | # allow vagrant user to run everything without a password
58 | echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
59 |
60 | # see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
61 | # for details about the requiretty.
62 | sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
63 |
64 | # permit root login via SSH with password authetication
65 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
66 |
67 | %end
68 |
--------------------------------------------------------------------------------
/http/almalinux-kitten-10.vagrant-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS Kitten 10 kickstart file for Vagrant boxes with unified (BIOS+UEFI) boot on x86_64
2 |
3 | url --url https://kitten.repo.almalinux.org/10-kitten/BaseOS/x86_64/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw vagrant
28 | user --name=vagrant --plaintext --password vagrant
29 | reboot --eject
30 |
31 | %packages --exclude-weakdeps --inst-langs=en
32 | dracut-config-generic
33 | grub2-pc
34 | tar
35 | -*firmware
36 | -dracut-config-rescue
37 | -firewalld
38 | %end
39 |
40 | # disable kdump service
41 | %addon com_redhat_kdump --disable
42 | %end
43 |
44 | %post --erroronfail
45 |
46 | EX_NOINPUT=66
47 |
48 | root_disk=$(grub2-probe --target=disk /boot/grub2)
49 |
50 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
51 | grub2-install --target=i386-pc "$root_disk"
52 | else
53 | exit "$EX_NOINPUT"
54 | fi
55 |
56 | # allow vagrant user to run everything without a password
57 | echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
58 |
59 | # see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
60 | # for details about the requiretty.
61 | sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
62 |
63 | # permit root login via SSH with password authetication
64 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
65 |
66 | %end
67 |
--------------------------------------------------------------------------------
/http/almalinux-kitten-10.vagrant-x86_64_v2.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS Kitten 10 kickstart file for Vagrant boxes with unified (BIOS+UEFI) boot on x86_64_v2
2 |
3 | url --url https://kitten.repo.almalinux.org/10-kitten/BaseOS/x86_64_v2/os
4 | text
5 | lang en_US.UTF-8
6 | keyboard us
7 | timezone UTC --utc
8 | selinux --enforcing
9 | firewall --disabled
10 | services --enabled=sshd
11 |
12 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
13 |
14 | %pre --erroronfail
15 | parted -s -a optimal /dev/sda -- mklabel gpt
16 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
17 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
18 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
19 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
20 | %end
21 |
22 | part biosboot --fstype=biosboot --onpart=sda1
23 | part /boot/efi --fstype=efi --onpart=sda2
24 | part /boot --fstype=xfs --onpart=sda3
25 | part / --fstype=xfs --onpart=sda4
26 |
27 | rootpw vagrant
28 | user --name=vagrant --plaintext --password vagrant
29 | reboot --eject
30 |
31 | %packages --exclude-weakdeps --inst-langs=en
32 | dracut-config-generic
33 | grub2-pc
34 | tar
35 | -*firmware
36 | -dracut-config-rescue
37 | -firewalld
38 | %end
39 |
40 | # disable kdump service
41 | %addon com_redhat_kdump --disable
42 | %end
43 |
44 | %post --erroronfail
45 |
46 | EX_NOINPUT=66
47 |
48 | root_disk=$(grub2-probe --target=disk /boot/grub2)
49 |
50 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
51 | grub2-install --target=i386-pc "$root_disk"
52 | else
53 | exit "$EX_NOINPUT"
54 | fi
55 |
56 | # allow vagrant user to run everything without a password
57 | echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
58 |
59 | # see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
60 | # for details about the requiretty.
61 | sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
62 |
63 | # permit root login via SSH with password authetication
64 | echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/01-permitrootlogin.conf
65 |
66 | %end
67 |
--------------------------------------------------------------------------------
/http/almalinux-8.vagrant-x86_64.ks:
--------------------------------------------------------------------------------
1 | # AlmaLinux OS 8 kickstart file for Vagrant boxes with unified (BIOS+UEFI) boot on x86_64
2 |
3 | url --url https://repo.almalinux.org/almalinux/8/BaseOS/x86_64/kickstart/
4 | repo --name=BaseOS --baseurl=https://repo.almalinux.org/almalinux/8/BaseOS/x86_64/os/
5 | repo --name=AppStream --baseurl=https://repo.almalinux.org/almalinux/8/AppStream/x86_64/os/
6 |
7 | text
8 | skipx
9 | eula --agreed
10 | firstboot --disabled
11 | lang en_US.UTF-8
12 | keyboard us
13 | timezone UTC --isUtc
14 | network --bootproto=dhcp
15 | firewall --disabled
16 | services --enabled=sshd
17 | selinux --enforcing
18 |
19 | bootloader --timeout=0 --location=mbr --append="console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
20 |
21 | %pre --erroronfail
22 |
23 | parted -s -a optimal /dev/sda -- mklabel gpt
24 | parted -s -a optimal /dev/sda -- mkpart biosboot 1MiB 2MiB set 1 bios_grub on
25 | parted -s -a optimal /dev/sda -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 2 esp on
26 | parted -s -a optimal /dev/sda -- mkpart boot xfs 202MiB 1226MiB
27 | parted -s -a optimal /dev/sda -- mkpart root xfs 1226MiB 100%
28 |
29 | %end
30 |
31 | part biosboot --fstype=biosboot --onpart=sda1
32 | part /boot/efi --fstype=efi --onpart=sda2
33 | part /boot --fstype=xfs --onpart=sda3
34 | part / --fstype=xfs --onpart=sda4
35 |
36 | rootpw vagrant
37 | user --name=vagrant --plaintext --password vagrant
38 | reboot --eject
39 |
40 | %packages
41 | @core
42 | grub2-pc
43 | bzip2
44 | tar
45 | -biosdevname
46 | -open-vm-tools
47 | -plymouth
48 | -dnf-plugin-spacewalk
49 | -rhn*
50 | -iprutils
51 | -iwl*-firmware
52 | %end
53 |
54 | # disable kdump service
55 | %addon com_redhat_kdump --disable
56 | %end
57 |
58 | %post --erroronfail
59 |
60 | # allow vagrant user to run everything without a password
61 | echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/vagrant
62 |
63 | # see Vagrant documentation (https://docs.vagrantup.com/v2/boxes/base.html)
64 | # for details about the requiretty.
65 | sed -i "s/^.*requiretty/# Defaults requiretty/" /etc/sudoers
66 |
67 | EX_NOINPUT=66
68 |
69 | root_disk=$(grub2-probe --target=disk /boot/grub2)
70 |
71 | if [[ "$root_disk" =~ ^"/dev/" ]]; then
72 | grub2-install --target=i386-pc "$root_disk"
73 | else
74 | exit "$EX_NOINPUT"
75 | fi
76 |
77 | %end
78 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_aarch64/tasks/bootloader.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Generate GRUB defaults
3 | ansible.builtin.template:
4 | src: grub_defaults.j2
5 | dest: /rootfs/etc/default/grub
6 | mode: "0644"
7 |
8 | - name: Configure the latest kernel as default
9 | ansible.builtin.lineinfile:
10 | path: /rootfs/etc/sysconfig/kernel
11 | line: "{{ item }}"
12 | state: present
13 | create: true
14 | mode: "0644"
15 | loop:
16 | - DEFAULTKERNEL=kernel
17 | - UPDATEDEFAULT=yes
18 |
19 | - name: Generate GRUB configuration
20 | ansible.builtin.template:
21 | src: grub.cfg.j2
22 | dest: /rootfs/boot/grub2/grub.cfg
23 | mode: "0600"
24 |
25 | - name: Get kernel version
26 | ansible.builtin.command:
27 | cmd: chroot /rootfs rpm -qa --queryformat "%{VERSION}-%{RELEASE}.%{ARCH}" kernel
28 | register: kernel_ver
29 | changed_when: false
30 |
31 | - name: Delete old GRUB environment block
32 | ansible.builtin.file:
33 | path: /rootfs/boot/grub2/grubenv
34 | state: absent
35 |
36 | - name: Generate new GRUB environment block
37 | ansible.builtin.command:
38 | cmd: >
39 | chroot /rootfs grub2-editenv -v - set
40 | saved_entry=ffffffffffffffffffffffffffffffff-{{ kernel_ver.stdout }}
41 | creates: /rootfs/boot/grub2/grubenv
42 |
43 | - name: Set permissions of GRUB environment block
44 | ansible.builtin.file:
45 | path: /rootfs/boot/grub2/grubenv
46 | owner: root
47 | group: root
48 | mode: "0600"
49 |
50 | # Template based approach
51 | # - name: Generate new GRUB environment block
52 | # ansible.builtin.template:
53 | # src: grubenv.j2
54 | # dest: /rootfs/boot/grub2/grubenv
55 | # mode: "0600"
56 |
57 | # - name: Remove trailing newline in GRUB environment block
58 | # ansible.builtin.command:
59 | # cmd: truncate -s -1 /rootfs/boot/grub2/grubenv
60 | # changed_when: true
61 |
62 | - name: Get size of GRUB environment block
63 | ansible.builtin.stat:
64 | path: /rootfs/boot/grub2/grubenv
65 | register: grubenv
66 |
67 | - name: Check if GRUB environment block file size is 1024 bytes
68 | ansible.builtin.assert:
69 | that:
70 | - grubenv.stat.size == 1024
71 | fail_msg: The size of GRUB environment block file is not 1024 bytes
72 | success_msg: The size of GRUB environment block file is 1024 bytes
73 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_aarch64/tasks/bootloader.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Generate GRUB defaults
3 | ansible.builtin.template:
4 | src: grub_defaults.j2
5 | dest: /rootfs/etc/default/grub
6 | mode: "0644"
7 |
8 | - name: Configure the latest kernel as default
9 | ansible.builtin.lineinfile:
10 | path: /rootfs/etc/sysconfig/kernel
11 | line: "{{ item }}"
12 | state: present
13 | create: true
14 | mode: "0644"
15 | loop:
16 | - DEFAULTKERNEL=kernel
17 | - UPDATEDEFAULT=yes
18 |
19 | - name: Generate GRUB configuration
20 | ansible.builtin.template:
21 | src: grub.cfg.j2
22 | dest: /rootfs/boot/grub2/grub.cfg
23 | mode: "0600"
24 |
25 | - name: Get kernel version
26 | ansible.builtin.command:
27 | cmd: chroot /rootfs rpm -qa --queryformat "%{VERSION}-%{RELEASE}.%{ARCH}" kernel
28 | register: kernel_ver
29 | changed_when: false
30 |
31 | - name: Delete old GRUB environment block
32 | ansible.builtin.file:
33 | path: /rootfs/boot/grub2/grubenv
34 | state: absent
35 |
36 | - name: Generate new GRUB environment block
37 | ansible.builtin.command:
38 | cmd: >
39 | chroot /rootfs grub2-editenv -v - set
40 | saved_entry=ffffffffffffffffffffffffffffffff-{{ kernel_ver.stdout }}
41 | creates: /rootfs/boot/grub2/grubenv
42 |
43 | - name: Set permissions of GRUB environment block
44 | ansible.builtin.file:
45 | path: /rootfs/boot/grub2/grubenv
46 | owner: root
47 | group: root
48 | mode: "0600"
49 |
50 | # Template based approach
51 | # - name: Generate new GRUB environment block
52 | # ansible.builtin.template:
53 | # src: grubenv.j2
54 | # dest: /rootfs/boot/grub2/grubenv
55 | # mode: "0600"
56 |
57 | # - name: Remove trailing newline in GRUB environment block
58 | # ansible.builtin.command:
59 | # cmd: truncate -s -1 /rootfs/boot/grub2/grubenv
60 | # changed_when: true
61 |
62 | - name: Get size of GRUB environment block
63 | ansible.builtin.stat:
64 | path: /rootfs/boot/grub2/grubenv
65 | register: grubenv
66 |
67 | - name: Check if GRUB environment block file size is 1024 bytes
68 | ansible.builtin.assert:
69 | that:
70 | - grubenv.stat.size == 1024
71 | fail_msg: The size of GRUB environment block file is not 1024 bytes
72 | success_msg: The size of GRUB environment block file is 1024 bytes
73 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_aarch64/tasks/bootloader.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Generate GRUB defaults
3 | ansible.builtin.template:
4 | src: grub_defaults.j2
5 | dest: /rootfs/etc/default/grub
6 | mode: "0644"
7 |
8 | - name: Configure the latest kernel as default
9 | ansible.builtin.lineinfile:
10 | path: /rootfs/etc/sysconfig/kernel
11 | line: "{{ item }}"
12 | state: present
13 | create: true
14 | mode: "0644"
15 | loop:
16 | - DEFAULTKERNEL=kernel
17 | - UPDATEDEFAULT=yes
18 |
19 | - name: Generate GRUB configuration
20 | ansible.builtin.template:
21 | src: grub.cfg.j2
22 | dest: /rootfs/boot/grub2/grub.cfg
23 | mode: "0600"
24 |
25 | - name: Get kernel version
26 | ansible.builtin.command:
27 | cmd: chroot /rootfs rpm -qa --queryformat "%{VERSION}-%{RELEASE}.%{ARCH}" kernel
28 | register: kernel_ver
29 | changed_when: false
30 |
31 | - name: Delete old GRUB environment block
32 | ansible.builtin.file:
33 | path: /rootfs/boot/grub2/grubenv
34 | state: absent
35 |
36 | - name: Generate new GRUB environment block
37 | ansible.builtin.command:
38 | cmd: >
39 | chroot /rootfs grub2-editenv -v - set
40 | saved_entry=ffffffffffffffffffffffffffffffff-{{ kernel_ver.stdout }}
41 | creates: /rootfs/boot/grub2/grubenv
42 |
43 | - name: Set permissions of GRUB environment block
44 | ansible.builtin.file:
45 | path: /rootfs/boot/grub2/grubenv
46 | owner: root
47 | group: root
48 | mode: "0600"
49 |
50 | # Template based approach
51 | # - name: Generate new GRUB environment block
52 | # ansible.builtin.template:
53 | # src: grubenv.j2
54 | # dest: /rootfs/boot/grub2/grubenv
55 | # mode: "0600"
56 |
57 | # - name: Remove trailing newline in GRUB environment block
58 | # ansible.builtin.command:
59 | # cmd: truncate -s -1 /rootfs/boot/grub2/grubenv
60 | # changed_when: true
61 |
62 | - name: Get size of GRUB environment block
63 | ansible.builtin.stat:
64 | path: /rootfs/boot/grub2/grubenv
65 | register: grubenv
66 |
67 | - name: Check if GRUB environment block file size is 1024 bytes
68 | ansible.builtin.assert:
69 | that:
70 | - grubenv.stat.size == 1024
71 | fail_msg: The size of GRUB environment block file is not 1024 bytes
72 | success_msg: The size of GRUB environment block file is 1024 bytes
73 |
--------------------------------------------------------------------------------
/tests/opennebula/OpenNebula.md:
--------------------------------------------------------------------------------
1 | # Tests for AlmaLinux OpenNebula Images
2 |
3 | This [Testinfra](https://testinfra.readthedocs.io/) test checks the facts below:
4 |
5 | - [x] `almalinux` user created in a `almalinux` group and its `UID` and `GUID` values is `1000`.
6 | - [x] `almalinux` user's `/etc/sudoers.d/one-context` file is present and it's content is `almalinux ALL=(ALL) NOPASSWD:ALL`.
7 | - [x] QEMU Guest Agent is installed, its services running and enabled.
8 | - [x] OpenNebula Linux VM Contextualization installed.
9 | - [x] The `network.service` running and enabled.
10 | - [x] Only one `authorized_keys` file present on the system and it only includes the `almalinux` user's ssh public key.
11 | - [x] Installer logs and kickstart files removed after the installation.
12 | - [x] Networking works properly.
13 | - [x] [machine-id](https://www.freedesktop.org/software/systemd/man/machine-id.html) is unique on each machine created from the boxes.
14 | - [x] SSH host keys are unique on each machine created from the boxes.
15 |
16 |
17 | ## How to run
18 | Use one of methods to Assign the needed Terraform variables:
19 |
20 | See: https://www.terraform.io/language/values/variables#assigning-values-to-root-module-variables
21 |
22 |
23 | One of the methods is Variable Definitions (.tfvars) Files:
24 |
25 | `tests/opennebula/create_test_vms/amd64/terraform.tfvars`
26 |
27 | `tests/opennebula/create_test_vms/aarch64/terraform.tfvars`
28 | ```hcl
29 | one_endpoint = "https://HOSTNAME:2633/RPC2"
30 | one_username = "exampleuser"
31 | one_password = "passwordofexampleuser"
32 | datastore_id = "1234"
33 | network_id = "1234"
34 | group = "groupname"
35 | ssh_pub_key = "ssh-rsa ..."
36 | ```
37 | Create two virtual machines with Terraform:
38 |
39 | `x86_64`
40 |
41 | ```sh
42 | cd tests/opennebula/create_test_vms/amd64
43 | terraform apply -auto-approve
44 | ```
45 |
46 | `aarch64`
47 |
48 | ```sh
49 | cd tests/opennebula/create_test_vms/aarch64
50 | terraform apply -auto-approve
51 | ```
52 |
53 | Run tests with the generated `ssh-config` file.
54 |
55 | `x86_64`
56 |
57 | ```sh
58 | py.test -v --hosts=almalinux-test-1,almalinux-test-2 --ssh-config=tests/opennebula/create_test_vms/amd64/ssh-config test_opennebula.py
59 | ```
60 |
61 | `aarch64`
62 |
63 | ```sh
64 | py.test -v --hosts=almalinux-test-1,almalinux-test-2 --ssh-config=tests/opennebula/create_test_vms/aarch64/ssh-config test_opennebula.py
65 | ```
66 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/tasks/os.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create /etc/kernel directories
3 | ansible.builtin.file:
4 | path: /rootfs/etc/kernel
5 | state: directory
6 | mode: "0755"
7 |
8 | - name: Configure kernel parameters
9 | ansible.builtin.template:
10 | src: cmdline.j2
11 | dest: /rootfs/etc/kernel/cmdline
12 | mode: "0644"
13 |
14 | - name: Generate fake machine-id
15 | ansible.builtin.lineinfile:
16 | path: /rootfs/etc/machine-id
17 | line: ffffffffffffffffffffffffffffffff
18 | create: true
19 | state: present
20 | mode: "0444"
21 |
22 | - name: Installing the system release files # noqa: command-instead-of-module
23 | ansible.builtin.command:
24 | cmd: rpm --root=/rootfs --nodeps -ivh https://repo.almalinux.org/almalinux/almalinux-release-latest-8.aarch64.rpm
25 | changed_when: true
26 |
27 | - name: Update the system # noqa: package-latest
28 | ansible.builtin.dnf:
29 | installroot: /rootfs
30 | disable_gpg_check: true
31 | name: "*"
32 | state: latest
33 |
34 | - name: Creating fstab
35 | ansible.builtin.template:
36 | src: fstab.j2
37 | dest: /rootfs/etc/fstab
38 | mode: "0644"
39 |
40 | - name: Install Base System on chroot
41 | ansible.builtin.shell:
42 | cmd: >
43 | dnf -y --installroot=/rootfs --nogpgcheck --setopt=cachedir=/var/cache/dnf install
44 | langpacks-en
45 | kernel
46 | dracut-config-generic
47 | grub2-efi-aa64
48 | shim-aa64
49 | efibootmgr
50 | chrony
51 | NetworkManager-cloud-setup
52 | @core
53 | --exclude="kexec-tools"
54 | --exclude="biosdevname"
55 | --exclude="open-vm-tools"
56 | --exclude="rhn*"
57 | --exclude="iprutils"
58 | --exclude="iwl*-firmware"
59 | --exclude="dnf-plugin-spacewalk"
60 | --exclude="plymouth*"
61 | --exclude="dracut-config-rescue"
62 | --exclude="mdadm"
63 | changed_when: true
64 |
65 | - name: Set default target/runlevel and disable tmp.mount
66 | ansible.builtin.command:
67 | cmd: chroot /rootfs systemctl {{ item.cmd }} {{ item.unit }}
68 | loop:
69 | - { cmd: set-default, unit: multi-user.target }
70 | - { cmd: mask, unit: tmp.mount }
71 | changed_when: true
72 |
73 | - name: Set default locale to en_US.UTF-8
74 | ansible.builtin.copy:
75 | content: LANG=en_US.UTF-8
76 | dest: /rootfs/etc/locale.conf
77 | mode: "0644"
78 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/tasks/os.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create /etc/kernel directories
3 | ansible.builtin.file:
4 | path: /rootfs/etc/kernel
5 | state: directory
6 | mode: "0755"
7 |
8 | - name: Configure kernel parameters
9 | ansible.builtin.template:
10 | src: cmdline.j2
11 | dest: /rootfs/etc/kernel/cmdline
12 | mode: "0644"
13 |
14 | - name: Generate fake machine-id
15 | ansible.builtin.lineinfile:
16 | path: /rootfs/etc/machine-id
17 | line: ffffffffffffffffffffffffffffffff
18 | create: true
19 | state: present
20 | mode: "0444"
21 |
22 | - name: Installing the system release files # noqa: command-instead-of-module
23 | ansible.builtin.command:
24 | cmd: rpm --root=/rootfs --nodeps -ivh https://repo.almalinux.org/almalinux/almalinux-release-latest-8.x86_64.rpm
25 | changed_when: true
26 |
27 | - name: Update the system # noqa: package-latest
28 | ansible.builtin.dnf:
29 | installroot: /rootfs
30 | disable_gpg_check: true
31 | name: "*"
32 | state: latest
33 |
34 | - name: Creating fstab
35 | ansible.builtin.template:
36 | src: fstab.j2
37 | dest: /rootfs/etc/fstab
38 | mode: "0644"
39 |
40 | - name: Install Base System on chroot
41 | ansible.builtin.shell:
42 | cmd: >
43 | dnf -y --installroot=/rootfs --nogpgcheck --setopt=cachedir=/var/cache/dnf install
44 | langpacks-en
45 | kernel
46 | dracut-config-generic
47 | grub2-pc
48 | grub2-efi-x64
49 | efibootmgr
50 | shim-x64
51 | chrony
52 | NetworkManager-cloud-setup
53 | @core
54 | --exclude="kexec-tools"
55 | --exclude="biosdevname"
56 | --exclude="open-vm-tools"
57 | --exclude="rhn*"
58 | --exclude="iprutils"
59 | --exclude="iwl*-firmware"
60 | --exclude="dnf-plugin-spacewalk"
61 | --exclude="plymouth*"
62 | --exclude="dracut-config-rescue"
63 | --exclude="mdadm"
64 | changed_when: true
65 |
66 | - name: Set default target/runlevel and disable tmp.mount
67 | ansible.builtin.command:
68 | cmd: chroot /rootfs systemctl {{ item.cmd }} {{ item.unit }}
69 | loop:
70 | - { cmd: set-default, unit: multi-user.target }
71 | - { cmd: mask, unit: tmp.mount }
72 | changed_when: true
73 |
74 | - name: Set default locale to en_US.UTF-8
75 | ansible.builtin.copy:
76 | content: LANG=en_US.UTF-8
77 | dest: /rootfs/etc/locale.conf
78 | mode: "0644"
79 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_aarch64/tasks/storage.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Gather disk information
3 | ansible.builtin.command:
4 | cmd: parted -s -a optimal /dev/nvme1n1 -- unit MiB print
5 | register: parted_output
6 | failed_when: '"Error: Could not stat device" in parted_output.stderr'
7 | changed_when: false
8 |
9 | - name: Show disk information before the operations
10 | ansible.builtin.debug:
11 | var: parted_output.stdout_lines
12 |
13 | - name: Create GPT Partition Table
14 | ansible.builtin.command:
15 | cmd: parted -s -a optimal /dev/nvme1n1 -- mklabel gpt
16 | changed_when: true
17 |
18 | - name: Create ESP partition
19 | ansible.builtin.command:
20 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 1 esp on
21 | changed_when: true
22 |
23 | - name: Create Boot Partition
24 | ansible.builtin.command:
25 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart boot xfs 202MiB 1226MiB
26 | changed_when: true
27 |
28 | - name: Create Root Partition
29 | ansible.builtin.command:
30 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart root xfs 1226MiB 100%
31 | changed_when: true
32 |
33 | - name: Format ESP partition as FAT32
34 | community.general.filesystem:
35 | dev: /dev/nvme1n1p1
36 | fstype: vfat
37 | state: present
38 |
39 | - name: Format Boot partition as XFS
40 | community.general.filesystem:
41 | dev: /dev/nvme1n1p2
42 | fstype: xfs
43 | state: present
44 |
45 | - name: Format Root partition as XFS
46 | community.general.filesystem:
47 | dev: /dev/nvme1n1p3
48 | fstype: xfs
49 | state: present
50 |
51 | - name: Gather disk information
52 | ansible.builtin.command:
53 | cmd: parted -s -a optimal /dev/nvme1n1 -- unit MiB print
54 | register: parted_output
55 | changed_when: false
56 |
57 | - name: Show disk information after the operations
58 | ansible.builtin.debug:
59 | var: parted_output.stdout_lines
60 |
61 | - name: Get UUID of ESP
62 | ansible.builtin.command:
63 | cmd: blkid /dev/nvme1n1p1 -s UUID -o value
64 | register: esp_uuid
65 | changed_when: false
66 |
67 | - name: Get UUID of Boot
68 | ansible.builtin.command:
69 | cmd: blkid /dev/nvme1n1p2 -s UUID -o value
70 | register: boot_uuid
71 | changed_when: false
72 |
73 | - name: Get UUID of Root
74 | ansible.builtin.command:
75 | cmd: blkid /dev/nvme1n1p3 -s UUID -o value
76 | register: root_uuid
77 | changed_when: false
78 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/tasks/storage.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Gather disk information
3 | ansible.builtin.command:
4 | cmd: parted -s -a optimal /dev/nvme1n1 -- unit MiB print
5 | register: parted_output
6 | failed_when: '"Error: Could not stat device" in parted_output.stderr'
7 | changed_when: false
8 |
9 | - name: Show disk information before the operations
10 | ansible.builtin.debug:
11 | var: parted_output.stdout_lines
12 |
13 | - name: Create GPT Partition Table
14 | ansible.builtin.command:
15 | cmd: parted -s -a optimal /dev/nvme1n1 -- mklabel gpt
16 | changed_when: true
17 |
18 | - name: Create ESP partition
19 | ansible.builtin.command:
20 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 1 esp on
21 | changed_when: true
22 |
23 | - name: Create Boot Partition
24 | ansible.builtin.command:
25 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart boot xfs 202MiB 1226MiB
26 | changed_when: true
27 |
28 | - name: Create Root Partition
29 | ansible.builtin.command:
30 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart root xfs 1226MiB 100%
31 | changed_when: true
32 |
33 | - name: Format ESP partition as FAT32
34 | community.general.filesystem:
35 | dev: /dev/nvme1n1p1
36 | fstype: vfat
37 | state: present
38 |
39 | - name: Format Boot partition as XFS
40 | community.general.filesystem:
41 | dev: /dev/nvme1n1p2
42 | fstype: xfs
43 | state: present
44 |
45 | - name: Format Root partition as XFS
46 | community.general.filesystem:
47 | dev: /dev/nvme1n1p3
48 | fstype: xfs
49 | state: present
50 |
51 | - name: Gather disk information
52 | ansible.builtin.command:
53 | cmd: parted -s -a optimal /dev/nvme1n1 -- unit MiB print
54 | register: parted_output
55 | changed_when: false
56 |
57 | - name: Show disk information after the operations
58 | ansible.builtin.debug:
59 | var: parted_output.stdout_lines
60 |
61 | - name: Get UUID of ESP
62 | ansible.builtin.command:
63 | cmd: blkid /dev/nvme1n1p1 -s UUID -o value
64 | register: esp_uuid
65 | changed_when: false
66 |
67 | - name: Get UUID of Boot
68 | ansible.builtin.command:
69 | cmd: blkid /dev/nvme1n1p2 -s UUID -o value
70 | register: boot_uuid
71 | changed_when: false
72 |
73 | - name: Get UUID of Root
74 | ansible.builtin.command:
75 | cmd: blkid /dev/nvme1n1p3 -s UUID -o value
76 | register: root_uuid
77 | changed_when: false
78 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_aarch64/tasks/storage.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Gather disk information
3 | ansible.builtin.command:
4 | cmd: parted -s -a optimal /dev/nvme1n1 -- unit MiB print
5 | register: parted_output
6 | failed_when: '"Error: Could not stat device" in parted_output.stderr'
7 | changed_when: false
8 |
9 | - name: Show disk information before the operations
10 | ansible.builtin.debug:
11 | var: parted_output.stdout_lines
12 |
13 | - name: Create GPT Partition Table
14 | ansible.builtin.command:
15 | cmd: parted -s -a optimal /dev/nvme1n1 -- mklabel gpt
16 | changed_when: true
17 |
18 | - name: Create ESP partition
19 | ansible.builtin.command:
20 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 1 esp on
21 | changed_when: true
22 |
23 | - name: Create Boot Partition
24 | ansible.builtin.command:
25 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart boot xfs 202MiB 1226MiB
26 | changed_when: true
27 |
28 | - name: Create Root Partition
29 | ansible.builtin.command:
30 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart root xfs 1226MiB 100%
31 | changed_when: true
32 |
33 | - name: Format ESP partition as FAT32
34 | community.general.filesystem:
35 | dev: /dev/nvme1n1p1
36 | fstype: vfat
37 | state: present
38 |
39 | - name: Format Boot partition as XFS
40 | community.general.filesystem:
41 | dev: /dev/nvme1n1p2
42 | fstype: xfs
43 | state: present
44 |
45 | - name: Format Root partition as XFS
46 | community.general.filesystem:
47 | dev: /dev/nvme1n1p3
48 | fstype: xfs
49 | state: present
50 |
51 | - name: Gather disk information
52 | ansible.builtin.command:
53 | cmd: parted -s -a optimal /dev/nvme1n1 -- unit MiB print
54 | register: parted_output
55 | changed_when: false
56 |
57 | - name: Show disk information after the operations
58 | ansible.builtin.debug:
59 | var: parted_output.stdout_lines
60 |
61 | - name: Get UUID of ESP
62 | ansible.builtin.command:
63 | cmd: blkid /dev/nvme1n1p1 -s UUID -o value
64 | register: esp_uuid
65 | changed_when: false
66 |
67 | - name: Get UUID of Boot
68 | ansible.builtin.command:
69 | cmd: blkid /dev/nvme1n1p2 -s UUID -o value
70 | register: boot_uuid
71 | changed_when: false
72 |
73 | - name: Get UUID of Root
74 | ansible.builtin.command:
75 | cmd: blkid /dev/nvme1n1p3 -s UUID -o value
76 | register: root_uuid
77 | changed_when: false
78 |
--------------------------------------------------------------------------------
/ansible/roles/ami_kitten_10_aarch64/tasks/storage.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Gather disk information
3 | ansible.builtin.command:
4 | cmd: parted -s -a optimal /dev/nvme1n1 -- unit MiB print
5 | register: parted_output
6 | failed_when: '"Error: Could not stat device" in parted_output.stderr'
7 | changed_when: false
8 |
9 | - name: Show disk information before the operations
10 | ansible.builtin.debug:
11 | var: parted_output.stdout_lines
12 |
13 | - name: Create GPT Partition Table
14 | ansible.builtin.command:
15 | cmd: parted -s -a optimal /dev/nvme1n1 -- mklabel gpt
16 | changed_when: true
17 |
18 | - name: Create ESP partition
19 | ansible.builtin.command:
20 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart '"EFI System Partition"' fat32 2MiB 202MiB set 1 esp on
21 | changed_when: true
22 |
23 | - name: Create Boot Partition
24 | ansible.builtin.command:
25 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart boot xfs 202MiB 1226MiB
26 | changed_when: true
27 |
28 | - name: Create Root Partition
29 | ansible.builtin.command:
30 | cmd: parted -s -a optimal /dev/nvme1n1 -- mkpart root xfs 1226MiB 100%
31 | changed_when: true
32 |
33 | - name: Format ESP partition as FAT32
34 | community.general.filesystem:
35 | dev: /dev/nvme1n1p1
36 | fstype: vfat
37 | state: present
38 |
39 | - name: Format Boot partition as XFS
40 | community.general.filesystem:
41 | dev: /dev/nvme1n1p2
42 | fstype: xfs
43 | state: present
44 |
45 | - name: Format Root partition as XFS
46 | community.general.filesystem:
47 | dev: /dev/nvme1n1p3
48 | fstype: xfs
49 | state: present
50 |
51 | - name: Gather disk information
52 | ansible.builtin.command:
53 | cmd: parted -s -a optimal /dev/nvme1n1 -- unit MiB print
54 | register: parted_output
55 | changed_when: false
56 |
57 | - name: Show disk information after the operations
58 | ansible.builtin.debug:
59 | var: parted_output.stdout_lines
60 |
61 | - name: Get UUID of ESP
62 | ansible.builtin.command:
63 | cmd: blkid /dev/nvme1n1p1 -s UUID -o value
64 | register: esp_uuid
65 | changed_when: false
66 |
67 | - name: Get UUID of Boot
68 | ansible.builtin.command:
69 | cmd: blkid /dev/nvme1n1p2 -s UUID -o value
70 | register: boot_uuid
71 | changed_when: false
72 |
73 | - name: Get UUID of Root
74 | ansible.builtin.command:
75 | cmd: blkid /dev/nvme1n1p3 -s UUID -o value
76 | register: root_uuid
77 | changed_when: false
78 |
--------------------------------------------------------------------------------
/ansible/roles/ami_10_x86_64/tasks/chroot.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create chroot directory
3 | ansible.builtin.file:
4 | path: /rootfs
5 | state: directory
6 | mode: "0555"
7 |
8 | - name: Mount chroot root partition
9 | ansible.posix.mount:
10 | src: /dev/nvme1n1p4
11 | path: /rootfs
12 | fstype: xfs
13 | state: ephemeral
14 |
15 | - name: Create /boot directory
16 | ansible.builtin.file:
17 | path: /rootfs/boot
18 | state: directory
19 | mode: "0555"
20 |
21 | - name: Mount chroot boot partition
22 | ansible.posix.mount:
23 | src: /dev/nvme1n1p3
24 | path: /rootfs/boot
25 | fstype: xfs
26 | state: ephemeral
27 |
28 | - name: Create ESP directory
29 | ansible.builtin.file:
30 | path: /rootfs/boot/efi
31 | state: directory
32 | mode: "0700"
33 |
34 | - name: Mount chroot esp partition
35 | ansible.posix.mount:
36 | src: /dev/nvme1n1p2
37 | path: /rootfs/boot/efi
38 | fstype: vfat
39 | state: ephemeral
40 |
41 | - name: Create chroot device directory
42 | ansible.builtin.file:
43 | path: /rootfs/dev
44 | state: directory
45 | mode: "0755"
46 |
47 | - name: Mount chroot device filesystem
48 | ansible.posix.mount:
49 | src: /dev
50 | path: /rootfs/dev
51 | opts: bind
52 | fstype: none
53 | state: ephemeral
54 |
55 | - name: Create chroot sys directory
56 | ansible.builtin.file:
57 | path: /rootfs/sys
58 | state: directory
59 | mode: "0555"
60 |
61 | - name: Mount chroot sysfs
62 | ansible.posix.mount:
63 | src: sysfs
64 | path: /rootfs/sys
65 | fstype: sysfs
66 | state: ephemeral
67 |
68 | - name: Creating the rootfs directories
69 | ansible.builtin.file:
70 | path: "{{ item.path }}"
71 | state: directory
72 | mode: "{{ item.mode }}"
73 | loop:
74 | - { path: /rootfs/dev/pts, mode: "0755" }
75 | - { path: /rootfs/dev/shm, mode: "1777" }
76 | - { path: /rootfs/proc, mode: "0555" }
77 | - { path: /rootfs/sys/fs/selinux, mode: "0555" }
78 |
79 | - name: Mount chroot pseudo filesystems
80 | ansible.posix.mount:
81 | src: "{{ item.src }}"
82 | path: "{{ item.path }}"
83 | fstype: "{{ item.fstype }}"
84 | state: ephemeral
85 | loop:
86 | - { src: devpts, path: /rootfs/dev/pts, fstype: devpts }
87 | - { src: tmpfs, path: /rootfs/dev/shm, fstype: tmpfs }
88 | - { src: proc, path: /rootfs/proc, fstype: proc }
89 | - { src: selinuxfs, path: /rootfs/sys/fs/selinux, fstype: selinuxfs }
90 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_aarch64/tasks/chroot.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create chroot directory
3 | ansible.builtin.file:
4 | path: /rootfs
5 | state: directory
6 | mode: "0555"
7 |
8 | - name: Mount chroot root partition
9 | ansible.posix.mount:
10 | src: /dev/nvme1n1p3
11 | path: /rootfs
12 | fstype: xfs
13 | state: ephemeral
14 |
15 | - name: Create /boot directory
16 | ansible.builtin.file:
17 | path: /rootfs/boot
18 | state: directory
19 | mode: "0555"
20 |
21 | - name: Mount chroot boot partition
22 | ansible.posix.mount:
23 | src: /dev/nvme1n1p2
24 | path: /rootfs/boot
25 | fstype: xfs
26 | state: ephemeral
27 |
28 | - name: Create ESP directory
29 | ansible.builtin.file:
30 | path: /rootfs/boot/efi
31 | state: directory
32 | mode: "0700"
33 |
34 | - name: Mount chroot esp partition
35 | ansible.posix.mount:
36 | src: /dev/nvme1n1p1
37 | path: /rootfs/boot/efi
38 | fstype: vfat
39 | state: ephemeral
40 |
41 | - name: Create chroot device directory
42 | ansible.builtin.file:
43 | path: /rootfs/dev
44 | state: directory
45 | mode: "0755"
46 |
47 | - name: Mount chroot device filesystem
48 | ansible.posix.mount:
49 | src: /dev
50 | path: /rootfs/dev
51 | opts: bind
52 | fstype: none
53 | state: ephemeral
54 |
55 | - name: Create chroot sys directory
56 | ansible.builtin.file:
57 | path: /rootfs/sys
58 | state: directory
59 | mode: "0555"
60 |
61 | - name: Mount chroot sysfs
62 | ansible.posix.mount:
63 | src: sysfs
64 | path: /rootfs/sys
65 | fstype: sysfs
66 | state: ephemeral
67 |
68 | - name: Creating the rootfs directories
69 | ansible.builtin.file:
70 | path: "{{ item.path }}"
71 | state: directory
72 | mode: "{{ item.mode }}"
73 | loop:
74 | - { path: /rootfs/dev/pts, mode: "0755" }
75 | - { path: /rootfs/dev/shm, mode: "1777" }
76 | - { path: /rootfs/proc, mode: "0555" }
77 | - { path: /rootfs/sys/fs/selinux, mode: "0555" }
78 |
79 | - name: Mount chroot pseudo filesystems
80 | ansible.posix.mount:
81 | src: "{{ item.src }}"
82 | path: "{{ item.path }}"
83 | fstype: "{{ item.fstype }}"
84 | state: ephemeral
85 | loop:
86 | - { src: devpts, path: /rootfs/dev/pts, fstype: devpts }
87 | - { src: tmpfs, path: /rootfs/dev/shm, fstype: tmpfs }
88 | - { src: proc, path: /rootfs/proc, fstype: proc }
89 | - { src: selinuxfs, path: /rootfs/sys/fs/selinux, fstype: selinuxfs }
90 |
--------------------------------------------------------------------------------
/ansible/roles/ami_8_x86_64/tasks/chroot.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create chroot directory
3 | ansible.builtin.file:
4 | path: /rootfs
5 | state: directory
6 | mode: "0555"
7 |
8 | - name: Mount chroot root partition
9 | ansible.posix.mount:
10 | src: /dev/nvme1n1p4
11 | path: /rootfs
12 | fstype: xfs
13 | state: ephemeral
14 |
15 | - name: Create /boot directory
16 | ansible.builtin.file:
17 | path: /rootfs/boot
18 | state: directory
19 | mode: "0555"
20 |
21 | - name: Mount chroot boot partition
22 | ansible.posix.mount:
23 | src: /dev/nvme1n1p3
24 | path: /rootfs/boot
25 | fstype: xfs
26 | state: ephemeral
27 |
28 | - name: Create ESP directory
29 | ansible.builtin.file:
30 | path: /rootfs/boot/efi
31 | state: directory
32 | mode: "0700"
33 |
34 | - name: Mount chroot esp partition
35 | ansible.posix.mount:
36 | src: /dev/nvme1n1p2
37 | path: /rootfs/boot/efi
38 | fstype: vfat
39 | state: ephemeral
40 |
41 | - name: Create chroot device directory
42 | ansible.builtin.file:
43 | path: /rootfs/dev
44 | state: directory
45 | mode: "0755"
46 |
47 | - name: Mount chroot device filesystem
48 | ansible.posix.mount:
49 | src: /dev
50 | path: /rootfs/dev
51 | opts: bind
52 | fstype: none
53 | state: ephemeral
54 |
55 | - name: Create chroot sys directory
56 | ansible.builtin.file:
57 | path: /rootfs/sys
58 | state: directory
59 | mode: "0555"
60 |
61 | - name: Mount chroot sysfs
62 | ansible.posix.mount:
63 | src: sysfs
64 | path: /rootfs/sys
65 | fstype: sysfs
66 | state: ephemeral
67 |
68 | - name: Creating the rootfs directories
69 | ansible.builtin.file:
70 | path: "{{ item.path }}"
71 | state: directory
72 | mode: "{{ item.mode }}"
73 | loop:
74 | - { path: /rootfs/dev/pts, mode: "0755" }
75 | - { path: /rootfs/dev/shm, mode: "1777" }
76 | - { path: /rootfs/proc, mode: "0555" }
77 | - { path: /rootfs/sys/fs/selinux, mode: "0555" }
78 |
79 | - name: Mount chroot pseudo filesystems
80 | ansible.posix.mount:
81 | src: "{{ item.src }}"
82 | path: "{{ item.path }}"
83 | fstype: "{{ item.fstype }}"
84 | state: ephemeral
85 | loop:
86 | - { src: devpts, path: /rootfs/dev/pts, fstype: devpts }
87 | - { src: tmpfs, path: /rootfs/dev/shm, fstype: tmpfs }
88 | - { src: proc, path: /rootfs/proc, fstype: proc }
89 | - { src: selinuxfs, path: /rootfs/sys/fs/selinux, fstype: selinuxfs }
90 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_aarch64/tasks/chroot.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create chroot directory
3 | ansible.builtin.file:
4 | path: /rootfs
5 | state: directory
6 | mode: "0555"
7 |
8 | - name: Mount chroot root partition
9 | ansible.posix.mount:
10 | src: /dev/nvme1n1p3
11 | path: /rootfs
12 | fstype: xfs
13 | state: ephemeral
14 |
15 | - name: Create /boot directory
16 | ansible.builtin.file:
17 | path: /rootfs/boot
18 | state: directory
19 | mode: "0555"
20 |
21 | - name: Mount chroot boot partition
22 | ansible.posix.mount:
23 | src: /dev/nvme1n1p2
24 | path: /rootfs/boot
25 | fstype: xfs
26 | state: ephemeral
27 |
28 | - name: Create ESP directory
29 | ansible.builtin.file:
30 | path: /rootfs/boot/efi
31 | state: directory
32 | mode: "0700"
33 |
34 | - name: Mount chroot esp partition
35 | ansible.posix.mount:
36 | src: /dev/nvme1n1p1
37 | path: /rootfs/boot/efi
38 | fstype: vfat
39 | state: ephemeral
40 |
41 | - name: Create chroot device directory
42 | ansible.builtin.file:
43 | path: /rootfs/dev
44 | state: directory
45 | mode: "0755"
46 |
47 | - name: Mount chroot device filesystem
48 | ansible.posix.mount:
49 | src: /dev
50 | path: /rootfs/dev
51 | opts: bind
52 | fstype: none
53 | state: ephemeral
54 |
55 | - name: Create chroot sys directory
56 | ansible.builtin.file:
57 | path: /rootfs/sys
58 | state: directory
59 | mode: "0555"
60 |
61 | - name: Mount chroot sysfs
62 | ansible.posix.mount:
63 | src: sysfs
64 | path: /rootfs/sys
65 | fstype: sysfs
66 | state: ephemeral
67 |
68 | - name: Creating the rootfs directories
69 | ansible.builtin.file:
70 | path: "{{ item.path }}"
71 | state: directory
72 | mode: "{{ item.mode }}"
73 | loop:
74 | - { path: /rootfs/dev/pts, mode: "0755" }
75 | - { path: /rootfs/dev/shm, mode: "1777" }
76 | - { path: /rootfs/proc, mode: "0555" }
77 | - { path: /rootfs/sys/fs/selinux, mode: "0555" }
78 |
79 | - name: Mount chroot pseudo filesystems
80 | ansible.posix.mount:
81 | src: "{{ item.src }}"
82 | path: "{{ item.path }}"
83 | fstype: "{{ item.fstype }}"
84 | state: ephemeral
85 | loop:
86 | - { src: devpts, path: /rootfs/dev/pts, fstype: devpts }
87 | - { src: tmpfs, path: /rootfs/dev/shm, fstype: tmpfs }
88 | - { src: proc, path: /rootfs/proc, fstype: proc }
89 | - { src: selinuxfs, path: /rootfs/sys/fs/selinux, fstype: selinuxfs }
90 |
--------------------------------------------------------------------------------
/ansible/roles/ami_9_x86_64/tasks/chroot.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | - name: Create chroot directory
3 | ansible.builtin.file:
4 | path: /rootfs
5 | state: directory
6 | mode: "0555"
7 |
8 | - name: Mount chroot root partition
9 | ansible.posix.mount:
10 | src: /dev/nvme1n1p4
11 | path: /rootfs
12 | fstype: xfs
13 | state: ephemeral
14 |
15 | - name: Create /boot directory
16 | ansible.builtin.file:
17 | path: /rootfs/boot
18 | state: directory
19 | mode: "0555"
20 |
21 | - name: Mount chroot boot partition
22 | ansible.posix.mount:
23 | src: /dev/nvme1n1p3
24 | path: /rootfs/boot
25 | fstype: xfs
26 | state: ephemeral
27 |
28 | - name: Create ESP directory
29 | ansible.builtin.file:
30 | path: /rootfs/boot/efi
31 | state: directory
32 | mode: "0700"
33 |
34 | - name: Mount chroot esp partition
35 | ansible.posix.mount:
36 | src: /dev/nvme1n1p2
37 | path: /rootfs/boot/efi
38 | fstype: vfat
39 | state: ephemeral
40 |
41 | - name: Create chroot device directory
42 | ansible.builtin.file:
43 | path: /rootfs/dev
44 | state: directory
45 | mode: "0755"
46 |
47 | - name: Mount chroot device filesystem
48 | ansible.posix.mount:
49 | src: /dev
50 | path: /rootfs/dev
51 | opts: bind
52 | fstype: none
53 | state: ephemeral
54 |
55 | - name: Create chroot sys directory
56 | ansible.builtin.file:
57 | path: /rootfs/sys
58 | state: directory
59 | mode: "0555"
60 |
61 | - name: Mount chroot sysfs
62 | ansible.posix.mount:
63 | src: sysfs
64 | path: /rootfs/sys
65 | fstype: sysfs
66 | state: ephemeral
67 |
68 | - name: Creating the rootfs directories
69 | ansible.builtin.file:
70 | path: "{{ item.path }}"
71 | state: directory
72 | mode: "{{ item.mode }}"
73 | loop:
74 | - { path: /rootfs/dev/pts, mode: "0755" }
75 | - { path: /rootfs/dev/shm, mode: "1777" }
76 | - { path: /rootfs/proc, mode: "0555" }
77 | - { path: /rootfs/sys/fs/selinux, mode: "0555" }
78 |
79 | - name: Mount chroot pseudo filesystems
80 | ansible.posix.mount:
81 | src: "{{ item.src }}"
82 | path: "{{ item.path }}"
83 | fstype: "{{ item.fstype }}"
84 | state: ephemeral
85 | loop:
86 | - { src: devpts, path: /rootfs/dev/pts, fstype: devpts }
87 | - { src: tmpfs, path: /rootfs/dev/shm, fstype: tmpfs }
88 | - { src: proc, path: /rootfs/proc, fstype: proc }
89 | - { src: selinuxfs, path: /rootfs/sys/fs/selinux, fstype: selinuxfs }
90 |
--------------------------------------------------------------------------------