tidy up

2022-11-01 22:50:18 +13:00
parent 29e722d1b5
commit a07565128e
18 changed files with 34 additions and 41 deletions
--- a/zz_archived/packer/libvirt/arch/arch-minimal.auto.pkrvars.hcl
+++ b/zz_archived/packer/libvirt/arch/arch-minimal.auto.pkrvars.hcl
@ -0,0 +1,37 @@
+image_url					= "https://geo.mirror.pkgbuild.com/images/latest/Arch-Linux-x86_64-cloudimg.qcow2"
+checksum_url				=	"https://geo.mirror.pkgbuild.com/images/latest/Arch-Linux-x86_64-cloudimg.qcow2.SHA256"
+
+host_ssh_user				=	"michael"
+host_ssh_address			=	"server.balsillie.net"
+host_ssh_private_key		=	"/home/michael/.ssh/conf.d/home/michael_server_copy.key"
+host_ssh_known_hosts		= "/home/michael/.ssh/known_hosts_server"
+
+guest_hostname				=	"arch-minimal-template"
+cpu_count					=	2
+memory						=	2048
+domain_type					=	"kvm"
+arch						=	"x86_64"
+chipset						=	"pc-q35-6.1"
+loader_type					=	"pflash"
+loader_path					=	"/usr/share/edk2-ovmf/x64/OVMF_CODE.secboot.fd"
+secure_boot					=	false
+nvram_template				=	"/usr/share/edk2-ovmf/x64/OVMF_VARS.fd"
+nvram_path_base			    =	"/var/lib/libvirt/qemu/nvram"
+
+volume_name					= "arch_minimal_template"
+volume_pool					=	"default"
+volume_capacity				= "30G"
+
+bridge_name					= "br21"
+
+ssh_source					=	"192.168.20.0/24"
+
+guest_ssh_user				= "arch"
+guest_ssh_port				= 22
+guest_ssh_private_key		=	"/home/michael/.ssh/conf.d/home/arch@arch_template.key"
+guest_ssh_public_key		=	"~/.ssh/conf.d/home/arch@arch_template.key.pub"
+
+network_address				=	"192.168.21.200/24"
+network_gateway				=	"192.168.20.254"
+network_nameserver			=	"192.168.30.20"
+network_domain				=	"balsillie.net"
--- a/zz_archived/packer/libvirt/arch/arch-minimal.build.pkr.hcl
+++ b/zz_archived/packer/libvirt/arch/arch-minimal.build.pkr.hcl
@ -0,0 +1,150 @@
+# -------------------------------------------------------------------------
+# Name: vm-libvirt-arch-minimal
+# Desc: Create a minimal Arch Linux VM install on a libvirt/kvm hypervisor.
+# -------------------------------------------------------------------------
+
+#--------------------
+# Requirements block.
+#--------------------
+
+packer {
+  required_plugins {
+    libvirt = {
+      version = ">= 0.3.4"
+      source  = "github.com/thomasklein94/libvirt"
+    }
+  }
+}
+
+# ----------------
+# Variables block.
+# ----------------
+
+data "http" "image_checksum" {
+	url							= var.checksum_url
+}
+
+locals {
+	image_checksum	=	split(" ",data.http.image_checksum.body)[0]
+  libvirt_uri			= "qemu+ssh://${var.host_ssh_user}@${var.host_ssh_address}/system?keyfile=${var.host_ssh_private_key}&no_verify=1"
+	nvram_path			=	"${var.nvram_path_base}/${var.guest_hostname}_VARS.fd"
+	cidata_name			= "${var.volume_name}_cidata"
+}
+
+#---------------
+# Sources block.
+#---------------
+
+source "libvirt" "arch-minimal" {
+	libvirt_uri			= local.libvirt_uri
+	domain_name			= var.guest_hostname
+	vcpu						= var.cpu_count
+	memory					= var.memory
+	boot_devices		=	["hd"]
+	shutdown_mode		=	"guest"
+	domain_type			=	var.domain_type
+	arch						=	var.arch
+	chipset					=	var.chipset
+	loader_type			=	var.loader_type
+	loader_path			= var.loader_path
+	// nvram_template	=	var.nvram_template
+	// nvram_path			=	local.nvram_path
+	nvram_template	=	local.nvram_path
+	nvram_path			=	var.nvram_template
+	secure_boot			=	var.secure_boot
+
+	volume {
+		alias				=	"artifact"
+		name				=	var.volume_name
+		pool				= var.volume_pool
+		readonly		=	false
+		target_dev	=	"vda"
+		bus					=	"virtio"
+		format			=	"qcow2"
+		size				=	"2G"
+		capacity		=	var.volume_capacity
+		source {
+			type			=	"external"
+			urls			=	[var.image_url]
+			checksum	= local.image_checksum
+			// checksum	= "f237ada9ba61431f6aebb066d2b3f0b5b432ea21da6034d98248725df1417545"
+		}
+	}
+
+	volume {
+		alias				=	"cidata"
+		name				=	local.cidata_name
+		pool				=	var.volume_pool
+		readonly		= true
+		source {
+			type						=	"cloud-init"
+			
+			meta_data				=	jsonencode({
+				"instance-id" = "${var.guest_hostname}"
+				"hostname"		= "${var.guest_hostname}"
+			})
+
+			user_data				=	format("#cloud-config\n%s", jsonencode({
+				"packages" = [
+					"qemu-guest-agent",
+					"ufw"
+				]
+				"runcmd" =	[
+					["systemctl", "enable", "--now", "qemu-guest-agent"],
+					["ufw", "enable"],
+					["ufw", "allow", "from", "${var.ssh_source}", "to", "port", "22", "proto", "tcp"],
+					["systemctl", "enable", "--now", "ufw"]
+				]
+			}))
+
+			network_config	=	jsonencode({
+				renderer = "networkd"
+				version	=	2
+				ethernets	=	{
+					eth0 = {
+						match	=	{
+							name	=	"en*"
+						}
+						dhcp4	=	false
+						addresses = ["${var.network_address}"]
+						gateway4 = "${var.network_gateway}"
+						nameservers = {
+							addresses = ["${var.network_nameserver}"]
+							search = ["${var.network_domain}"]
+						}
+					}
+				}
+			})
+		}
+	}
+
+	artifact_volume_alias		=	"artifact"
+
+	network_interface	{
+		type		=	"bridge"
+		bridge	= var.bridge_name
+		model		=	"virtio"
+		alias		= "default-network"
+	}
+	network_address_source	=	"agent"
+
+	graphics {
+		type		=	"vnc"
+		port		=	5902
+	}
+
+	communicator {
+		ssh_username					= var.guest_ssh_user
+		ssh_port							= var.guest_ssh_port
+		ssh_private_key_file	= var.guest_ssh_private_key
+	}
+	communicator_interface	=	"default-network"
+}
+
+#-------------
+# Build block.
+#-------------
+
+build {
+	sources		=	["source.libvirt.arch-minimal"]
+}
--- a/zz_archived/packer/libvirt/arch/arch-minimal.variables.pkr.hcl
+++ b/zz_archived/packer/libvirt/arch/arch-minimal.variables.pkr.hcl
@ -0,0 +1,161 @@
+variable "image_url" {
+  type	= string
+	description = "The URL to retrieve the backing image from." 
+}
+
+variable "checksum_url" {
+  type	= string
+	description = "The URL to retrieve the checksum value of the backing image from." 
+}
+
+variable "cpu_count" {
+	type = number
+	description = "Number of vCPUs to create guest with."
+}
+
+variable "memory" {
+	type = number
+	description = "Amount of RAM in MiB to create guest with."
+}
+
+variable "domain_type" {
+	type = string
+	description = "Type of hypervisor to use."
+	default = "kvm"
+}
+
+variable "arch" {
+	type				=	string
+	description	=	"Domain architecture."
+	default			=	"x86_64"
+}
+
+variable "chipset" {
+	type	=	string
+	description	=	"Libvirt Machine Type Value for domain XML's machine type."
+	default = "q35"
+}
+
+variable "loader_type" {
+	type = string
+	description = "Where loader should be stored in guest. rom or pflash"
+	default = "pflash"
+}
+
+variable "loader_path" {
+	type = string
+	description = "File path where the OVMF firmware files are stored on the host."
+}
+
+variable "secure_boot" {
+	type = bool
+	description = "Whether to enable secure boot."
+}
+
+variable "nvram_template" {
+	type = string
+	description = "File path where the OVMF_VARS template file is stored on the host."
+}
+
+variable "nvram_path_base" {
+	type = string
+	description = "Parent dir where the guest OVMF_VARS copy will be stored. No trailing /"
+}
+
+variable "volume_name" {
+	type = string
+	description = "Name of the final template image artifact."
+}
+
+variable "volume_pool" {
+	type = string
+	description = "Host storage pool where the template image will be kept."
+}
+
+variable "volume_capacity" {
+	type = string
+	description = "Size of the template image drive."
+}
+
+variable "bridge_name" {
+	type = string
+	description = "Name of the bridge netdev on the host."
+}
+
+variable "guest_ssh_user" {
+	type = string
+	description = "User account for connecing to the guest VM, eg for provisioners."
+}
+
+variable "guest_ssh_pass" {
+	type = string
+	sensitive = true
+	description = "Password for SSH connection to the guest VM."
+	default = "placeholder"
+}
+
+variable "guest_ssh_port" {
+	type = number
+	description = "SSH port for connecting to the guest VM."
+	default = 22
+}
+
+variable "guest_ssh_private_key" {
+	type = string
+	description = "File path to the private key used for SSH pubkey auth to the guest VM."
+}
+
+variable "guest_ssh_public_key" {
+	type = string
+	description = "File path to the public key to be added to authoried_keys on the guest VM during cloud-init."
+}
+
+variable "guest_hostname" {
+	type	=	string
+	description	=	"The hostname of the virtual machine"
+}
+
+variable "ssh_source" {
+	type	=	string
+	description	=	"The subnet that will be added to the firewall SSH exception during cloud-init."
+}
+
+variable "host_ssh_user" {
+	type	=	string
+	description	=	"The user to connect to the hypervisor as, used to construct the libvirt URI."
+}
+
+variable "host_ssh_address" {
+	type	=	string
+	description	=	"The address of the hypervisor, used to construct the libvirt URI."
+}
+
+variable "host_ssh_private_key" {
+	type	=	string
+	description	=	"File path to the SSH key used to authenticate to the hypervisor host."
+}
+
+variable "host_ssh_known_hosts" {
+	type	=	string
+	description	=	"File path to the known_hosts file for validating the hypervisor host connection."
+}
+
+variable "network_address" {
+	type	=	string
+	description	=	"Network address assigned to the guest."
+}
+
+variable "network_gateway" {
+	type	=	string
+	description	=	"Default gateway assigned to the guest."
+}
+
+variable "network_nameserver" {
+	type	=	string
+	description	=	"DNS/Nameserver assigned to the guest."
+}
+
+variable "network_domain" {
+	type	=	string
+	description	=	"Search domain assigned to the guest."
+}