├── packer └── ubuntu-18 │ ├── ansible │ ├── .gitignore │ ├── group_vars │ │ └── all │ │ │ ├── hosts.yaml │ │ │ └── proxy.yaml │ ├── ansible.cfg │ ├── playbook.yml │ └── roles │ │ ├── packer-cleanup │ │ └── tasks │ │ │ └── main.yml │ │ └── firstboot │ │ └── tasks │ │ └── main.yml │ ├── authorized_keys.pub │ ├── ssh-host-keygen.service │ ├── variables-lab.json │ ├── ubuntu-18.json │ └── preseed.cfg ├── terraform └── lab │ ├── .gitignore │ ├── tplt_kubernetes_node.tf │ ├── providers.tf │ ├── globals.tf │ ├── vcs_data.tf │ └── inst_my_vm.tf └── README.md /packer/ubuntu-18/ansible/.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | -------------------------------------------------------------------------------- /terraform/lab/.gitignore: -------------------------------------------------------------------------------- 1 | *.backup 2 | .terraform/ -------------------------------------------------------------------------------- /packer/ubuntu-18/ansible/group_vars/all/hosts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | HOST_ARCH: amd64 3 | shell: 'bash' 4 | -------------------------------------------------------------------------------- /packer/ubuntu-18/authorized_keys.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa l0l0l0l0l0l0l0l0l0l0l0l0l0l0l0l0l0l0l0l00l0l0l0l0l0l0l0l0l0l0ll0l0l0l0l0l0l0l0l00ll00l0l0l0ll0l0l0l0l0l0l0l0l0l0 me@laptop -------------------------------------------------------------------------------- /packer/ubuntu-18/ansible/ansible.cfg: -------------------------------------------------------------------------------- 1 | [default] 2 | remote_tmp = /tmp/.ansible/ 3 | filter_plugins = ./filter_plugins 4 | retry_files_enabled = False 5 | host_key_checking = False -------------------------------------------------------------------------------- /terraform/lab/tplt_kubernetes_node.tf: -------------------------------------------------------------------------------- 1 | data "vsphere_virtual_machine" "base_template" { 2 | name = "packer-base-u1804" 3 | datacenter_id = "${data.vsphere_datacenter.vsdc.id}" 4 | } 5 | 6 | -------------------------------------------------------------------------------- /packer/ubuntu-18/ssh-host-keygen.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=OpenSSH Server Key Generation 3 | Before=ssh.service 4 | 5 | [Service] 6 | ExecStart=/usr/bin/ssh-keygen -A 7 | Type=oneshot 8 | RemainAfterExit=yes 9 | 10 | [Install] 11 | WantedBy=multi-user.target 12 | -------------------------------------------------------------------------------- /terraform/lab/providers.tf: -------------------------------------------------------------------------------- 1 | provider "vsphere" { 2 | user = "${var.vsphere_user}" 3 | password = "${var.vsphere_password}" 4 | vsphere_server = "${var.vsphere_server}" 5 | 6 | # If you have a self-signed cert 7 | allow_unverified_ssl = true 8 | } 9 | -------------------------------------------------------------------------------- /packer/ubuntu-18/ansible/group_vars/all/proxy.yaml: -------------------------------------------------------------------------------- 1 | proxy_enabled: True 2 | proxy_ip: "192.168.1.3" 3 | proxy_env: 4 | http_proxy: 'http://{{ proxy_ip }}:8080' 5 | https_proxy: 'http://{{ proxy_ip }}:8080' 6 | no_proxy: '127.0.0.1,localhost,.mydomain.net,.svc,.local,/var/run/docker.sock,.sock,sock' 7 | 8 | -------------------------------------------------------------------------------- /packer/ubuntu-18/ansible/playbook.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # This playbook is used by the packer build to create Kubernetes-ready OS images. 3 | - name: build image 4 | hosts: all 5 | become: yes 6 | become_user: root 7 | become_method: sudo 8 | roles: 9 | - role: firstboot 10 | - role: packer-cleanup 11 | when: packer_build_name is defined 12 | environment: '{{ proxy_env | default ({}) }}' 13 | -------------------------------------------------------------------------------- /terraform/lab/globals.tf: -------------------------------------------------------------------------------- 1 | variable "vsphere_user" { 2 | } 3 | 4 | variable "vsphere_password" { 5 | } 6 | 7 | variable "vsphere_server" { 8 | default = "labvcs.mydomain.net" 9 | } 10 | 11 | variable "virtual_datacenter_name" { 12 | default = "lab" 13 | } 14 | 15 | variable "virtual_cluster_name" { 16 | default = "lab" 17 | } 18 | 19 | variable "datastore_cluster" { 20 | default = "lab" 21 | } 22 | 23 | variable "vm_folder" { 24 | default = "lab/my_folder" 25 | } 26 | 27 | variable "my_vnet_name" { 28 | default = "my_vm_portgroup" 29 | } 30 | 31 | 32 | variable "dns_server_1" { 33 | default = "192.168.1.2" 34 | } 35 | 36 | variable "dns_server_2" { 37 | default = "" 38 | } -------------------------------------------------------------------------------- /packer/ubuntu-18/variables-lab.json: -------------------------------------------------------------------------------- 1 | { 2 | "vcenter_server":"vcs_hostname.mydomain.net", 3 | "username":"{{env `PACKER_USER`}}", 4 | "password": "{{env `PACKER_PASS`}}", 5 | "datastore":"my_datastore_name", 6 | "iso_datastore":"my_iso_datastore_name", 7 | "folder": "Templates", 8 | "host":"an_esx_host.mydomain.net", 9 | "cluster": "lab", 10 | "network": "lab_portgroup_name", 11 | "net_ip": "192.168.1.50", 12 | "net_mask": "255.255.255.0", 13 | "net_gw": "192.168.1.1", 14 | "net_dns": "192.168.1.2", 15 | "site": "my_site_subdomain", 16 | "proxy_ip": "192.168.1.3", 17 | "ntp_ip": "192.168.1.2", 18 | "ssh_username": "packer", 19 | "ssh_password": "packerpass" 20 | } 21 | -------------------------------------------------------------------------------- /terraform/lab/vcs_data.tf: -------------------------------------------------------------------------------- 1 | data "vsphere_datacenter" "vsdc" { 2 | name = "${var.virtual_datacenter_name}" 3 | } 4 | 5 | data "vsphere_compute_cluster" "vscc" { 6 | name = "${var.virtual_cluster_name}" 7 | datacenter_id = "${data.vsphere_datacenter.vsdc.id}" 8 | } 9 | 10 | data "vsphere_datastore_cluster" "vsdsc" { 11 | name = "${var.datastore_cluster}" 12 | datacenter_id = "${data.vsphere_datacenter.vsdc.id}" 13 | } 14 | 15 | # maybe you dont have a datastore cluster. make sure you change the instance settings too... 16 | # 17 | # data "vsphere_datastore" "vsds" { 18 | # name = "${var.datastore}" 19 | # datacenter_id = "${data.vsphere_datacenter.vsdc.id}" 20 | # } 21 | 22 | data "vsphere_network" "vnet_my_thing" { 23 | name = "${var.my_vnet_name}" 24 | datacenter_id = "${data.vsphere_datacenter.vsdc.id}" 25 | } 26 | 27 | -------------------------------------------------------------------------------- /packer/ubuntu-18/ansible/roles/packer-cleanup/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: cleanup packer artifacts 3 | file: 4 | state: absent 5 | path: "{{ item }}" 6 | with_items: 7 | - /etc/machine-id 8 | - /var/lib/cloud 9 | - /var/log/cloud-init.log 10 | - /var/log/cloud-init-output.log 11 | 12 | - name: replace machine-id 13 | file: 14 | dest: /etc/machine-id 15 | state: touch 16 | 17 | - name: Clean up extraneous /etc/hosts entries 18 | lineinfile: 19 | path: /etc/hosts 20 | state: absent 21 | regexp: '^127\.0\.1\.1.*instance.*' 22 | 23 | - name: Check for saved iptables configuration 24 | stat: 25 | path: /etc/iptables/rules.v4 26 | register: iptablescfg 27 | 28 | - name: Remove overly restrictive iptables rules if saved configuration exists 29 | lineinfile: 30 | path: /etc/iptables/rules.v4 31 | state: absent 32 | regexp: "{{ item }}" 33 | with_items: 34 | - "^-A INPUT -j REJECT --reject-with icmp-host-prohibited$" 35 | - "^-A FORWARD -j REJECT --reject-with icmp-host-prohibited$" 36 | when: iptablescfg.stat.exists == True 37 | -------------------------------------------------------------------------------- /packer/ubuntu-18/ansible/roles/firstboot/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: set firstboot 2 | file: 3 | dest: /etc/firstboot 4 | state: touch 5 | 6 | - name: create firstboot script 7 | copy: 8 | mode: '500' 9 | owner: root 10 | group: root 11 | dest: /bin/myorg-firstboot.sh 12 | content: | 13 | #!/bin/bash 14 | 15 | # only run if /etc/fisrtboot exists 16 | if [ -f /etc/firstboot ]; then 17 | # rotate host keys 18 | rm -f /etc/ssh/ssh_host_* 19 | /usr/bin/ssh-keygen -A 20 | 21 | # remove the build user from sudoers 22 | rm /etc/sudoers.d/packer 23 | 24 | # delete the build user and home directory 25 | userdel --force --remove packer 26 | 27 | # disable the firstboot service 28 | systemctl disable firstboot 29 | 30 | # finally remove /etc/firstboot so this process never runs again 31 | rm -f /etc/firstboot 32 | fi 33 | 34 | - name: create firstboot service 35 | copy: 36 | mode: 644 37 | owner: root 38 | group: root 39 | dest: /etc/systemd/system/firstboot.service 40 | content: | 41 | [Unit] 42 | Description=Myorg Gold Image Firstboot Config 43 | 44 | [Service] 45 | Type=oneshot 46 | ExecStart=/bin/myorg-firstboot.sh 47 | 48 | [Install] 49 | WantedBy=multi-user.target 50 | 51 | - name: ensure firstboot service enabled for first boot 52 | service: 53 | name: firstboot 54 | enabled: yes 55 | -------------------------------------------------------------------------------- /terraform/lab/inst_my_vm.tf: -------------------------------------------------------------------------------- 1 | resource "vsphere_virtual_machine" "my_vm" { 2 | name = "my_vm_name" 3 | annotation = "My VM" 4 | folder = "/${var.vm_folder}" 5 | resource_pool_id = "${data.vsphere_compute_cluster.vscc.resource_pool_id}" 6 | datastore_cluster_id = "${data.vsphere_datastore_cluster.vsdsc.id}" 7 | cpu_hot_add_enabled = true 8 | memory_hot_add_enabled = true 9 | cpu_hot_remove_enabled = false 10 | enable_logging = true 11 | boot_retry_delay = 10 12 | 13 | num_cpus = 2 14 | memory = 4096 15 | guest_id = "${data.vsphere_virtual_machine.base_template.guest_id}" 16 | scsi_type = "${data.vsphere_virtual_machine.base_template.scsi_type}" 17 | 18 | network_interface { 19 | network_id = "${data.vsphere_network.vnet_my_thing.id}" 20 | adapter_type = "${data.vsphere_virtual_machine.base_template.network_interface_types[0]}" 21 | } 22 | 23 | cdrom { 24 | client_device = true 25 | } 26 | disk { 27 | label = "disk0" 28 | size = "${data.vsphere_virtual_machine.base_template.disks.0.size}" 29 | eagerly_scrub = "${data.vsphere_virtual_machine.base_template.disks.0.eagerly_scrub}" 30 | thin_provisioned = "${data.vsphere_virtual_machine.base_template.disks.0.thin_provisioned}" 31 | } 32 | wait_for_guest_net_timeout = 30 33 | 34 | clone { 35 | template_uuid = "${data.vsphere_virtual_machine.base_template.id}" 36 | customize { 37 | timeout = 10 38 | linux_options { 39 | host_name = "my_vm_name" 40 | domain = "mydomain.net" 41 | } 42 | network_interface { 43 | ipv4_address = "192.168.1.100" 44 | ipv4_netmask = 24 45 | } 46 | dns_server_list = [ "${var.dns_server_1}","${var.dns_server_2}" ] 47 | ipv4_gateway = "192.168.1.2" 48 | } 49 | } 50 | } 51 | 52 | output "my_vm_ip" { 53 | value = "${vsphere_virtual_machine.my_vm.default_ip_address}" 54 | } -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # packer-build-staticip 2 | Example repo to use packer against a VMware environment without DHCP and then setup instances using terraform and VM Customisation Spec. 3 | 4 | ## How to use me 5 | ### Packer 6 | #### Pre-reqs: 7 | * Install packer. We used v1.4.5 from [here](http://packer.io/downloads.html) 8 | * Install the JetBrains packer-builder-vsphere-iso module into ~/.packer.d/plugins - fetch from [here](https://github.com/jetbrains-infra/packer-builder-vsphere/releases) 9 | * An account in vSphere with the [correct permissions](https://github.com/jetbrains-infra/packer-builder-vsphere/issues/97#issuecomment-436063235) 10 | * A copy of the Ubuntu 18.04 Server iso. We use 18.04.3 from [here](http://cdimage.ubuntu.com/releases/18.04.3/release/). If you change that, update the shasum in [ubuntu-18.json](ubuntu-18.json) 11 | 12 | #### Process 13 | 1) Enter the packer/ubuntu-18 directory 14 | 2) Setup all the vars in the variables-lab.json to meet your environment. _Do not store your vcs creds in your variables!_ 15 | 3) Export the creds in your cli session 16 | ```bash 17 | export PACKER_USER='packer@vsphere.local' 18 | export PACKER_PASS='lololololololololo10!' 19 | ``` 20 | 4) Run the packer validate proces 21 | ```bash 22 | packer validate -var-file variables-lab.json ubuntu-18.json 23 | ``` 24 | 25 | 5) Assuming you have a valid template, execute. 26 | ```bash 27 | packer build -var-file variables-lab.json ubuntu-18.json 28 | ``` 29 | 30 | _Packer will now take about 15 mins to build your image and mark it as a template_ 31 | 32 | ### Terraform 33 | #### Pre-reqs 34 | * Install terraform. We used v1.12.13 from [here](https://www.terraform.io/downloads.html) 35 | * An account in vSphere with the [correct permissions](https://www.terraform.io/docs/providers/vsphere/) 36 | * A VM Customisation spec in vCenter for Ubuntu-18 - we used [this doc](https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.vm_admin.doc/GUID-9A5093A5-C54F-4502-941B-3F9C0F573A39.html) 37 | 38 | #### Process 39 | 1) Enter the terraform/lab directory 40 | 2) Setup all the vars in globals.tf _Do not store your vcs creds in your variables!_ 41 | 3) Validate/extend the vcs_data.tf to include any additional assets (like datastores/vm port groups) you want to reference in your builds 42 | 4) Setup your instance(s) you will build in inst_my_vm.tf 43 | 5) export the creds in your cli session 44 | ```bash 45 | export TF_VAR_vsphere_user='terraform@vsphere.local' 46 | export TF_VAR_vsphere_password='lololololololololololo10!' 47 | ``` 48 | 6) Run a terraform init 49 | ```bash 50 | terraform init 51 | ``` 52 | 7) Run a terraform validate 53 | ```bash 54 | terraform validate 55 | ``` 56 | 8) Assuming you have a valid tf env, execute a plan 57 | ```bash 58 | terraform plan 59 | ``` 60 | 9) Assuming your plan worked and you got the outcomes you expected, execute an apply 61 | ```bash 62 | terraform apply 63 | ``` 64 | 65 | ## How to extend me 66 | Since the JetBrains vSphere clone module doesnt support vm customisation, we just made a copy of the same ubuntu-18 folder, making a new one like ubuntu-18-k8s-node, (updating the name of the .json manifest as well), and then amending the ansible playbook section to include additional roles. There is a [PR](https://github.com/jetbrains-infra/packer-builder-vsphere/issues/37) open for the inclusion of vm customisation in the vsphere-clone method, but as yet, no interest from the maintainers (seems they dont have the problem, so fair enough). I have no Go chops or I would have a spin at it. Maybe one day. -------------------------------------------------------------------------------- /packer/ubuntu-18/ubuntu-18.json: -------------------------------------------------------------------------------- 1 | { 2 | "builders": [ 3 | { 4 | "type": "vsphere-iso", 5 | 6 | "vcenter_server": "{{user `vcenter_server`}}", 7 | "username": "{{user `username`}}", 8 | "password": "{{user `password`}}", 9 | "insecure_connection": "true", 10 | 11 | "vm_name": "packer-base-u1804", 12 | "datastore": "{{user `datastore`}}", 13 | "folder": "{{user `folder`}}", 14 | "convert_to_template": "true", 15 | "cluster": "{{user `cluster`}}", 16 | "network": "{{user `network`}}", 17 | "boot_order": "disk,cdrom", 18 | 19 | "guest_os_type": "ubuntu64Guest", 20 | 21 | "ssh_username": "{{user `ssh_username`}}", 22 | "ssh_password": "{{user `ssh_password`}}", 23 | 24 | "CPUs": 2, 25 | "RAM": 2048, 26 | "RAM_reserve_all": false, 27 | 28 | "disk_controller_type": "pvscsi", 29 | "disk_size": 36864, 30 | "disk_thin_provisioned": true, 31 | "cdrom_type": "sata", 32 | 33 | "network_card": "vmxnet3", 34 | 35 | "iso_paths": [ 36 | "[{{user `iso_datastore`}}] iso/ubuntu/ubuntu-18.04.3-server-amd64.iso" 37 | ], 38 | "iso_checksum": "7d8e0055d663bffa27c1718685085626cb59346e7626ba3d3f476322271f573e", 39 | "iso_checksum_type": "sha256", 40 | 41 | "floppy_files": [ 42 | "./preseed.cfg", 43 | "./authorized_keys.pub", 44 | "./ssh-host-keygen.service" 45 | ], 46 | "boot_command": [ 47 | "", 48 | "", 49 | "", 50 | "", 51 | "", 52 | "", 53 | "", 54 | "", 55 | "", 56 | "", 57 | "/install/vmlinuz", 58 | " initrd=/install/initrd.gz", 59 | " priority=critical", 60 | " locale=en_US", 61 | " file=/media/preseed.cfg", 62 | " netcfg/disable_dhcp=true", 63 | " netcfg/disable_autoconfig=true", 64 | " netcfg/confirm_static=true", 65 | " netcfg/get_ipaddress={{user `net_ip`}}", 66 | " netcfg/get_netmask={{user `net_mask`}}", 67 | " netcfg/get_gateway={{user `net_gw`}}", 68 | " netcfg/get_nameservers={{user `net_dns`}}", 69 | " mirror/http/proxy=http://{{user `proxy_ip`}}:8080", 70 | " clock-setup/ntp-server={{user `ntp_ip`}}", 71 | " netcfg/get_domain string {{user `site`}}.mydomain.net", 72 | "" 73 | ] 74 | } 75 | ], 76 | 77 | "provisioners": [ 78 | { 79 | "type": "shell", 80 | "inline": [ 81 | "sudo sh -c 'echo \"export http_proxy=http://{{user `proxy_ip`}}:8080\" >> /etc/profile'", 82 | "sudo sh -c 'echo \"export https_proxy=http://{{user `proxy_ip`}}:8080\" >> /etc/profile'", 83 | "sudo sh -c 'echo \"export no_proxy=127.0.0.1,localhost,.mydomain.net,.svc,.local,/var/run/docker.sock,.sock,sock\" >> /etc/profile'" 84 | ] 85 | }, 86 | { 87 | "type": "shell", 88 | "inline": ["sudo apt dist-upgrade -y"] 89 | }, 90 | { 91 | "type": "ansible", 92 | "playbook_file": "ansible/playbook.yml", 93 | "ansible_env_vars": [ 94 | "ANSIBLE_SSH_ARGS='{{user `existing_ansible_ssh_args`}} -o IdentitiesOnly=yes'", 95 | "ANSIBLE_REMOTE_TEMP='/tmp/.ansible/'" 96 | ], 97 | "extra_arguments": [ 98 | "-vvv", 99 | "--extra-vars", 100 | "common_upgrade_base=false", 101 | "--extra-vars", 102 | "proxy_ip={{user `proxy_ip`}}" 103 | ] 104 | }, 105 | { 106 | "type": "shell", 107 | "inline": ["sudo rm -rf /etc/netplan/*.yaml"] 108 | } 109 | ] 110 | } 111 | -------------------------------------------------------------------------------- /packer/ubuntu-18/preseed.cfg: -------------------------------------------------------------------------------- 1 | ### Unattended Installation 2 | d-i auto-install/enable boolean true 3 | d-i debconf/priority select critical 4 | 5 | ### Localization 6 | d-i debian-installer/locale string en_US.UTF-8 7 | d-i localechooser/supported-locales multiselect en_US.UTF-8, de_DE.UTF-8 8 | d-i console-setup/ask_detect boolean false 9 | d-i keyboard-configuration/xkb-keymap select us 10 | 11 | ### Network configuration 12 | d-i netcfg/choose_interface select auto 13 | d-i netcfg/hostname string packer-base-ubuntu-1804 14 | d-i netcfg/get_hostname string packer-base-ubuntu-1804 15 | # d-i netcfg/get_domain string mydomain.net # SENT IN PRESEED BOOT_COMMAND 16 | d-i netcfg/dhcp_options select Configure network manually 17 | d-i hw-detect/load_firmware boolean true 18 | 19 | # Static network configuration. 20 | # d-i netcfg/get_nameservers string 192.168.1.1 21 | # d-i netcfg/get_ipaddress string 192.168.1.50 22 | # d-i netcfg/get_netmask string 255.255.255.0 23 | # d-i netcfg/get_gateway string 192.168.1.1 24 | # d-i netcfg/confirm_static boolean true 25 | 26 | ### Mirror settings 27 | d-i mirror/country string manual 28 | d-i mirror/http/hostname string archive.ubuntu.com 29 | d-i mirror/http/mirror select archive.ubuntu.com 30 | d-i mirror/http/directory string /ubuntu 31 | # d-i mirror/http/proxy string http://192.168.1.3:8080 # SENT IN PRESEED BOOT_COMMAND 32 | 33 | ### Account setup 34 | d-i passwd/root-login boolean true 35 | d-i passwd/root-password-crypted password $6well_cool_crypted_password 36 | d-i passwd/shadow boolean true 37 | 38 | # Create packer user account. 39 | d-i passwd/make-user boolean true 40 | d-i passwd/user-fullname string packer 41 | d-i passwd/username string packer 42 | d-i passwd/user-password password packer 43 | d-i passwd/user-password-again password packer 44 | d-i user-setup/allow-password-weak boolean true 45 | d-i user-setup/encrypt-home boolean false 46 | d-i passwd/user-default-groups packer sudo 47 | d-i passwd/user-uid string 900 48 | 49 | ### Clock and time zone setup 50 | d-i clock-setup/utc boolean true 51 | d-i time/zone string Etc/UTC 52 | d-i clock-setup/ntp boolean true 53 | # d-i clock-setup/ntp-server string 192.168.1.2 # SENT IN PRESEED BOOT_COMMAND 54 | 55 | ### Do NOT install on the USB stick(!) 56 | # 57 | # The Debian installer will install on the first disk it finds which can 58 | # sometimes be the USB stick itself. Work around this by rolling our own auto 59 | # detect logic which disallows installing on USB devices. 60 | d-i partman/early_command string \ 61 | USBDEV_LIST="$(mktemp)"; \ 62 | list-devices usb-partition | sed "s/\(.*\)./\1/" > "$USBDEV_LIST"; \ 63 | BOOTDEV="$(list-devices disk | grep -vf "$USBDEV_LIST" | head -n 1)"; \ 64 | debconf-set partman-auto/disk "$BOOTDEV"; \ 65 | debconf-set grub-installer/bootdev "$BOOTDEV"; \ 66 | while /bin/true; do sleep 0.01; rm -f /target/etc/grub.d/30_os-prober; done & 67 | 68 | ### Partitioning 69 | d-i preseed/early_command string umount /media || true 70 | d-i partman-auto/method string lvm 71 | d-i partman-auto-lvm/guided_size string max 72 | d-i partman-lvm/device_remove_lvm boolean true 73 | d-i partman-lvm/confirm boolean true 74 | d-i partman-lvm/confirm_nooverwrite boolean true 75 | d-i partman-auto-lvm/new_vg_name string main 76 | d-i partman-md/device_remove_md boolean true 77 | d-i partman-md/confirm boolean true 78 | d-i partman-partitioning/confirm_write_new_label boolean true 79 | d-i partman/choose_partition select finish 80 | d-i partman/confirm boolean true 81 | d-i partman/confirm_nooverwrite boolean true 82 | d-i partman-basicmethods/method_only boolean false 83 | 84 | ### GPT 85 | d-i partman-basicfilesystems/choose_label string gpt 86 | d-i partman-basicfilesystems/default_label string gpt 87 | d-i partman-partitioning/choose_label string gpt 88 | d-i partman-partitioning/default_label string gpt 89 | d-i partman/choose_label string gpt 90 | d-i partman/default_label string gpt 91 | 92 | ### EFI 93 | d-i partman-efi/non_efi_system boolean true 94 | 95 | ### Grub 96 | d-i grub-installer/only_debian boolean true 97 | d-i grub-installer/with_other_os boolean true 98 | 99 | ### Disk layout 100 | # https://www.bishnet.net/tim/blog/2015/01/29/understanding-partman-autoexpert_recipe/ 101 | d-i partman-auto/expert_recipe string custom-lvm :: \ 102 | 512 512 512 xfs \ 103 | $primary{ } $bootable{ } method{ format } format{ } use_filesystem{ } \ 104 | filesystem{ xfs } mountpoint{ /boot } \ 105 | . \ 106 | 500 10000 -1 xfs \ 107 | $primary{ } method{ lvm } device{ /dev/sda2 } \ 108 | vg_name{ vg00 } \ 109 | . \ 110 | 2048 4090 4096 linux-swap \ 111 | $lvmok{ } in_vg{ vg00 } lv_name{ swap } method{ swap } format{ } \ 112 | . \ 113 | 4096 4090 8192 xfs \ 114 | $lvmok{ } in_vg{ vg00 } lv_name{ varlog } method{ format } format{ } \ 115 | use_filesystem{ } filesystem{ xfs } label{ varlog } mountpoint{ /var/log } \ 116 | . \ 117 | 2048 8190 -1 xfs \ 118 | $lvmok{ } in_vg{ vg00 } lv_name{ varlib } method{ format } format{ } \ 119 | use_filesystem{ } filesystem{ xfs } label{ varlib } mountpoint{ /var/lib } \ 120 | . \ 121 | 4096 8190 8192 xfs \ 122 | $lvmok{ } in_vg{ vg00 } lv_name{ usr } method{ format } format{ } \ 123 | use_filesystem{ } filesystem{ xfs } label{ usr } mountpoint{ /usr } \ 124 | . \ 125 | 2048 4090 4096 xfs \ 126 | $lvmok{ } in_vg{ vg00 } lv_name{ var } method{ format } format{ } \ 127 | use_filesystem{ } filesystem{ xfs } label{ var } mountpoint{ /var } \ 128 | . \ 129 | 2048 4090 4096 xfs \ 130 | $lvmok{ } in_vg{ vg00 } lv_name{ tmp } method{ format } format{ } \ 131 | use_filesystem{ } filesystem{ xfs } label{ tmp } mountpoint{ /tmp } \ 132 | . \ 133 | 2048 4090 4096 xfs \ 134 | $lvmok{ } in_vg{ vg00 } lv_name{ home } method{ format } format{ } \ 135 | use_filesystem{ } filesystem{ xfs } label{ home } mountpoint{ /home } \ 136 | . \ 137 | 2048 2048 2048 xfs \ 138 | $lvmok{ } in_vg{ vg00 } lv_name{ root } method{ format } format{ } \ 139 | use_filesystem{ } filesystem{ xfs } label{ root } mountpoint{ / } \ 140 | . 141 | 142 | ### Base system installation 143 | d-i base-installer/install-recommends boolean true 144 | d-i base-installer/kernel/image string linux-generic 145 | 146 | ### Apt setup 147 | d-i apt-setup/restricted boolean true 148 | d-i apt-setup/universe boolean true 149 | d-i apt-setup/backports boolean true 150 | d-i apt-setup/use_mirror boolean true 151 | d-i apt-setup/services-select multiselect security, updates 152 | d-i apt-setup/security_host string security.ubuntu.com 153 | d-i apt-setup/security_path string /ubuntu 154 | 155 | ### Package selection 156 | d-i tasksel/first multiselect none 157 | d-i pkgsel/include string open-vm-tools openssh-server git python python3 vim tmux software-properties-common python3-apt # THINGS I WANT IN MY IMAGES 158 | d-i pkgsel/upgrade select full-upgrade 159 | d-i pkgsel/update-policy select none 160 | 161 | ### Finishing up the installation 162 | d-i preseed/late_command string \ 163 | mount /dev/fd0 /media; \ 164 | cp -r /media /target/custom; \ 165 | in-target sh -c 'lvremove -f --noudevsync main/placeholder || true'; \ 166 | in-target sh -c 'mkdir -p --mode=0700 /root/.ssh && cat /custom/authorized_keys.pub > /root/.ssh/authorized_keys && chmod 0600 /root/.ssh/authorized_keys'; \ 167 | in-target sh -c 'echo "IPv4: \\\4" >> /etc/issue && echo "IPv6: \\\6" >> /etc/issue && echo "" >> /etc/issue'; \ 168 | in-target sh -c 'eject || true'; \ 169 | in-target sh -c 'echo "packer ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/packer'; \ 170 | in-target sh -c 'chmod 440 /etc/sudoers.d/packer'; 171 | 172 | d-i debian-installer/splash boolean false 173 | d-i cdrom-detect/eject boolean true 174 | 175 | ### Shutdown machine 176 | d-i finish-install/reboot_in_progress note 177 | # d-i debian-installer/exit/poweroff boolean true 178 | --------------------------------------------------------------------------------