diff options
37 files changed, 2739 insertions, 5 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..aa49f16 --- /dev/null +++ b/.gitignore @@ -0,0 +1,10 @@ +local.pkrvars.hcl +.env +output-* +iso/* +*.code-workspace +dev/ +*.checksum +.vm_name +iso +output @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..e8feee0 --- /dev/null +++ b/Makefile @@ -0,0 +1,183 @@ +#!make + +# if not set, set defaults +#PARALLEL_BUILDS ?= 0 +PACKER_LOG ?= 0 +# always use DISPLAY :99 +DISPLAY=:99 +#export DISPLAY +# include .env vars +-include .env +# export all +export + +VM_NAME_FILE := .vm_name +VM_NAME := $(shell cat $(VM_NAME_FILE)) +SRC_QCOW2 := iso/$(VM_NAME)-build1.qcow2 +DST_QCOW2 := iso/$(VM_NAME)-build2.qcow2 +SRC_CHECKSUM := iso/$(VM_NAME)-build1.qcow2.checksum +DST_CHECKSUM := iso/$(VM_NAME)-build2.qcow2.checksum + + +.PHONY: help +help: + @echo "make working:" + @echo "- will use local.pkrvars.hcl if exists or vyos.pkrvars.hcl" + @echo "- will load .env if file exists" + + @echo "make usage:" + @echo " make build - build image with 'packer build'" + @echo " make init - init 'packer init'" + @echo " make upgrade - init 'packer init -upgrade'" + @echo " make clean - remove output files" + @echo " make x11server - start Xvfb X11 server on DISPLAY=:99. Require apt install xvfb" + + + + + +# ifneq ("$(wildcard .env)","") +# include .env +# export +# endif + + +.PHONY: build1-1.3 +build1-1.3: +# if exist local.pkrvars.hcl load it +ifneq ($(wildcard local-vyos-1.3.pkrvars.hcl),) + packer build \ + -var-file=local-vyos-1.3.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image1-1.3.pkr.hcl +else + packer build \ + -var-file=vyos-1.3.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image1-1.3.pkr.hcl +endif + +.PHONY: build1-1.4 +build1-1.4: +# if exist local.pkrvars.hcl load it +ifneq ($(wildcard local-vyos-1.4.pkrvars.hcl),) + packer build \ + -var-file=local-vyos-1.4.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image1-1.4.pkr.hcl +else + packer build \ + -var-file=vyos-1.4.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image1-1.4.pkr.hcl +endif + + +.PHONY: build1-1.5 +build1-1.5: +# if exist local.pkrvars.hcl load it +ifneq ($(wildcard local-vyos-1.5.pkrvars.hcl),) + packer build \ + -var-file=local-vyos-1.5.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image1-1.5.pkr.hcl +else + packer build \ + -var-file=vyos-1.5.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image1-1.5.pkr.hcl +endif + + +.PHONY: build2-1.3 +build2-1.3: +# create a copy of qcow2 - if build2 fail you can run again + cp -f $(SRC_QCOW2) $(DST_QCOW2) + cp -f $(SRC_CHECKSUM) $(DST_CHECKSUM) + sed -i 's/$(VM_NAME)-build1.qcow2/$(VM_NAME)-build2.qcow2/' $(DST_CHECKSUM) + cat iso/*.checksum > iso/SHA256SUM + +# if exist local.pkrvars.hcl load it +ifneq ($(wildcard local-vyos-1.3.pkrvars.hcl),) + packer build \ + -var-file=local-vyos-1.3.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image2-1.3.pkr.hcl +else + packer build \ + -var-file=vyos-1.3.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image2-1.3.pkr.hcl +endif + + +.PHONY: build2-1.4 +build2-1.4: +# create a copy of qcow2 - if build2 fail you can run again + cp -f $(SRC_QCOW2) $(DST_QCOW2) + cp -f $(SRC_CHECKSUM) $(DST_CHECKSUM) + sed -i 's/$(VM_NAME)-build1.qcow2/$(VM_NAME)-build2.qcow2/' $(DST_CHECKSUM) + cat iso/*.checksum > iso/SHA256SUM + +# if exist local.pkrvars.hcl load it +ifneq ($(wildcard local-vyos-1.4.pkrvars.hcl),) + packer build \ + -var-file=local-vyos-1.4.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image2-1.4.pkr.hcl +else + packer build \ + -var-file=vyos-1.4.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image2-1.4.pkr.hcl +endif + +.PHONY: build2-1.5 +build2-1.5: +# create a copy of qcow2 - if build2 fail you can run again + cp -f $(SRC_QCOW2) $(DST_QCOW2) + cp -f $(SRC_CHECKSUM) $(DST_CHECKSUM) + sed -i 's/$(VM_NAME)-build1.qcow2/$(VM_NAME)-build2.qcow2/' $(DST_CHECKSUM) + cat iso/*.checksum > iso/SHA256SUM + +# if exist local.pkrvars.hcl load it +ifneq ($(wildcard local-vyos-1.5.pkrvars.hcl),) + packer build \ + -var-file=local-vyos-1.5.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image2-1.5.pkr.hcl +else + packer build \ + -var-file=vyos-1.5.pkrvars.hcl \ + -parallel-builds=0 \ + vyos-image2-1.5.pkr.hcl +endif + + +.PHONY: init +init: + packer init vyos-image1-1.3.pkr.hcl + packer init vyos-image1-1.4.pkr.hcl + packer init vyos-image1-1.5.pkr.hcl + packer init vyos-image2-1.3.pkr.hcl + packer init vyos-image2-1.4.pkr.hcl + packer init vyos-image2-1.5.pkr.hcl + +.PHONY: upgrade +upgrade: + packer init -upgrade vyos-image1-1.3.pkr.hcl + packer init -upgrade vyos-image1-1.4.pkr.hcl + packer init -upgrade vyos-image1-1.5.pkr.hcl + packer init -upgrade vyos-image2-1.3.pkr.hcl + packer init -upgrade vyos-image2-1.4.pkr.hcl + packer init -upgrade vyos-image2-1.5.pkr.hcl + +.PHONY: clean +clean: + rm -rf output/* + +# you need to run this first to use headless=false +.PHONY: x11server +x11server: + Xvfb :99 -screen 0 1024x768x16 & + export DISPLAY=:99 @@ -1,7 +1,152 @@ -# Repository Moved -The repository `robertoberto/packer-vyos` has been moved to `vyos-contrib/packer-vyos`. -Please update your bookmarks and references to point to the new location: -[https://github.com/vyos-contrib/packer-vyos](https://github.com/vyos-contrib/packer-vyos) -Thank you for your understanding and continued support! +# Introduction +As VyOS is becoming more popular, building and automating images are essential. Packer is flexible and +can create custom images easily for any cloud and bare metal needs. + +While VyOS has its own tools for creating images and building like [vyos-vm-images](https://github.com/vyos/vyos-vm-images) +or [vyos-build](https://github.com/vyos/vyos-build), they lack features hashicorp packer can provide for automating images. +vyos-vm-images use ansible for build images, you can do almost any lower level customatization using this great tool. +vyos-build can be customizated and create custom images as well. + +Some notes about packer-vyos: +* packer-vyos audience is for devops who understand how packer works +* packer-vyos use qemu for default building +* packer-vyos image can access internet inside building VM and download custom packages + + +## How build process works: + +* you should provides an vyos.iso for builder +* iso can be a LTS/oficial one or nightly iso or you can use [vyos-build](https://docs.vyos.io/en/equuleus/contributing/build-vyos.html) to build an iso +* packer-vyos will install VyOS same way than manually installations + * packer-vyos will start vyos.iso image in a qemu VM, VyOS will run in Live CD mode inside a qemu VM + * packer will provide DHCP server, 1 ipv4, 1 gateway with NAT for qemu images + * packer will provide a http server serving http/* folder files to VyOS, so we can use it to customize image + * packer can provide for development with headless=false mode a vnc server, so we can see what is running on VM console + * packer-vyos will send keyboard commands to VyOS Live CD like default vyos / vyos username/password + * packer-vyos will configure networking to use dhcp ```set interface ethernet eth0 address dhcp```, than ```commit``` + * packer-vyos will customize images using scripts/vyos/*.sh according to rules inside vyos.pkr.hcl + * after all scripts packer-vyos will install image to disk using VyOS ```install image``` + * packer will write image on output-* folder + +# Features + +* add debian 11/12 sources in apt-sources.d before install +* remove debian 11/12 sources in apt-sources.d before install +* install custom packages using apt install +* install cloud-init from the upstream Debian repository or the custom version provided by VyOS +* do any shell command or vyos command before to install +* cleanup and prepare everything to turn vyos into cloud image +* simple parameters as disk size or image name can be customized easily +* install qemu-guest-agent +* customize to install any other agent or package as needed +* grub with kvm/serial +* disable/enable ssh +* disable/enable dhcp +* set interface/gateway +* keep vyos/vyos user/password or customize it +* it is possible to build custom images for bare metal, docker or any virtualization or cloud providers +* also it is possible to integrate building process using other [packer builders](https://developer.hashicorp.com/packer/integrations?components=builder) +besides qemu like aws, azure, cloudstack, docker, gcp, proxmox, vagrant, virtualbox, vmware and others + +# Requirements + +* packer-vyos is develop using ubuntu 24 LTS, but should run in debian, you can try other distros +* packer-vyos use qemu, build inside a VM needs vmx/svm instruction. VMs inside proxmox need cpu=host + * check if virtualization is enabled + ``` + egrep '(vmx|svm)' --color=always /proc/cpuinfo + ``` + * enabling neasted virtualization in proxmox: + ``` + qm set <vmid> --cpu host + ``` +* use root to build, for production use a dedicated vm only for packer build with cpu=host + + +## Packages requirements: + +``` +apt install make +apt install qemu-system +``` + +## headless=false + +For headless=false follow development instructions bellow. + +# Debugging / development + +* headless=true is recommended +* to turn headless=true use vncviewer (apt install tigervnc-viewer) +* for compilling packages remotely use Xvfb (apt install xvfb) +* for forward X11 ports use ssh forwarding (ssh -X -v or ssh -Y -v if -X doesn't works) +* edit vnc-connect.sh and ajuste VNC ports, it is possible to get ports dinamicly saving packer log to a file and parsing, but for now put VNC_PORT_FIXED=5900 on .env and it will work. As soon as VNC server open port vncviewer will run and it. If you connect to ssh using X11 port forwarding, it should open console on your local desktop. Windows WSL2 offer X11 Server native and it works. +* in headless/remote ssh, before make build you need to start Xvfb. ```make x11server``` start X11 server, but you can put on init with something like https://gist.github.com/jterrace/2911875 +* for SSH access put in .env SLEEP_BEFORE_SHUTDOWN=600 to keep SSH on for 10 minutes after scripts run. Also put HOST_PORT_FIXED=2222 for open SSH in VM 127.0.0.1 in port 2222. ```ssh vyos@127.0.0.1 -p 2222``` default password is vyos. + +# Usage + +## Edit Variables +* local.pkrvars.hcl if exists or will use default vars vyos.pkrvars.hcl if local not exists +* if .env exists will load + * example.env is provided in git repo as base of .env. .env file has building vars, which control building process + +## Initialize packer +Packer need to load plugins first. + +Use: +* ```make init```, for first time init +* ```make upgrade```, when want to upgrade plugins + +## Build images +* ```make build1-x.x``` + * build first stage image + * create a new qcow2 image + * mount iso as cdrom + * use vyos installer + * ```install image``` + * files generated: + * source: iso/vyos-1.3.6.iso + * output: iso/vyos-1.3.6.qcow2 + * checksum: iso/SHA256SUM +* ```make build2-x.x``` + * build second stage image + * use same qcow2 image from first stage + * customize image + * files generated: + * source: iso/vyos-1.3.6.qcow2 + * output: iso/vyos-1.3.6.qcow2 + * checksum: iso/SHA256SUM + +## Vyos releases supported +* subscribe to [commercial edition](https://vyos.io/subscriptions/software) and use an LTS iso +* use [rolling releases](https://vyos.net/get/nightly-builds/) +* use [vyos-build](https://github.com/vyos/vyos-build) to build an iso from source from desired branch (1.3/equuleus, 1.4/sagitta, 1.5/circinus or current) + +### Build instructions for each release +* common: use ubuntu 24 in a vm with virtualization host cpu instruction to build +``` +apt update +# apt install -y make qemu-system # for headless=true +apt install -y make qemu-system xvfb tigervnc-viewer # for headless=false +make x11server # will turn on x11 server, you can use headless=false in pkrvars.hcl to build without vnc +make init # install packer plugins +``` + +* 1.3 +``` +make build1-1.3 +make build2-1.3 +``` +* 1.4 +``` +make build1-1.4 +make build2-1.4 +``` +* 1.5 +``` +make build1-1.5 +make build2-1.5 +``` diff --git a/example.env b/example.env new file mode 100644 index 0000000..1149b10 --- /dev/null +++ b/example.env @@ -0,0 +1,38 @@ + +# vars: +# - .env building vars: control building process +# - vyos.pkrvars.hcl image vars: define image parameters - git default +# - local.pkrvars.hcl image vars: define image parameters - clone vyos.pkrvars.hcl to override it locally + + +# PACKER_LOG=1 will show more packer output (leave 0 for automated packer deployments reduce verbosity) +PACKER_LOG=1 + +# PARALLEL_BUILDS=0 unlimited build in parallel (leave 0 for automated packer deployments to turn on parallels builds) +PARALLEL_BUILDS=1 + +# Choose a fixed vnc port or unset to chose random port (leave unset for automated packer deployments) +VNC_PORT_FIXED=5900 + +# Choose a fixed host/ssh port or unset to chose random port (leave unset for automated packer deployments) +HOST_PORT_FIXED=2222 + +# Seconds before shutdown (put few 300 or 600 if need to access ssh for developing on packer-vyos) +SLEEP_BEFORE_SHUTDOWN=0 + + + +# Recommendation for development: +# VNC_PORT_FIXED=5900 +# HOST_PORT_FIXED=2222 +# PACKER_LOG=1 +# PARALLEL_BUILDS=1 +# SLEEP_BEFORE_SHUTDOWN=300 + +# Recommendation for automated building/production: +# PARALLEL_BUILDS=1 +# PACKER_LOG=0 +# SLEEP_BEFORE_SHUTDOWN=0 +# and comment those to undefine vars: +# #VNC_PORT_FIXED +# #HOST_PORT_FIXED diff --git a/http/cleanup-vyos-configure.py b/http/cleanup-vyos-configure.py new file mode 100644 index 0000000..b58b03b --- /dev/null +++ b/http/cleanup-vyos-configure.py @@ -0,0 +1,25 @@ +import json +from vyos.configtree import ConfigTree + +config_path = '/config/config.boot' + +with open(config_path, 'r') as file: + config_string = file.read() + +config = ConfigTree(config_string=config_string) + +interfaces = config.list_nodes(['interfaces', 'ethernet']) + +# remove all hw-id from interfaces ethernet since it cause issue on interface order +# for interface in interfaces: +# hw_id_path = ['interfaces', 'ethernet', interface, 'hw-id'] +# if config.exists(hw_id_path): +# config.delete(hw_id_path) + +# remove all interfaces ethernet +for interface in interfaces: + hw_id_path = ['interfaces', 'ethernet', interface] + config.delete(hw_id_path) + +with open(config_path, 'w') as config_file: + config_file.write(config.to_string()) diff --git a/http/debian_11-vyos.list b/http/debian_11-vyos.list new file mode 100644 index 0000000..5c94539 --- /dev/null +++ b/http/debian_11-vyos.list @@ -0,0 +1,6 @@ +# temporary debian list to add debian software +deb http://deb.debian.org/debian buster main contrib non-free +#deb-src http://deb.debian.org/debian buster main contrib non-free +deb http://security.debian.org/debian-security/ buster/updates main contrib non-free +#deb-src http://security.debian.org/debian-security/ buster/updates main contrib non-free +deb http://dev.packages.vyos.net/repositories/equuleus equuleus main diff --git a/http/debian_11.list b/http/debian_11.list new file mode 100644 index 0000000..a5315c9 --- /dev/null +++ b/http/debian_11.list @@ -0,0 +1,5 @@ +# temporary debian list to add debian software +deb http://deb.debian.org/debian buster main contrib non-free +#deb-src http://deb.debian.org/debian buster main contrib non-free +deb http://security.debian.org/debian-security/ buster/updates main contrib non-free +#deb-src http://security.debian.org/debian-security/ buster/updates main contrib non-free diff --git a/http/debian_12-vyos.list b/http/debian_12-vyos.list new file mode 100644 index 0000000..2bbf859 --- /dev/null +++ b/http/debian_12-vyos.list @@ -0,0 +1,7 @@ +# temporary debian list to add debian software +deb http://deb.debian.org/debian bookworm contrib main non-free non-free-firmware +deb http://deb.debian.org/debian bookworm-updates contrib main non-free non-free-firmware +# deb http://deb.debian.org/debian bookworm-backports contrib main non-free non-free-firmware +deb http://deb.debian.org/debian-security bookworm-security contrib main non-free non-free-firmware + +deb http://dev.packages.vyos.net/repositories/current current main diff --git a/http/debian_12.list b/http/debian_12.list new file mode 100644 index 0000000..22f08cd --- /dev/null +++ b/http/debian_12.list @@ -0,0 +1,13 @@ +# temporary debian list to add debian software +deb http://deb.debian.org/debian bookworm contrib main non-free non-free-firmware +deb http://deb.debian.org/debian bookworm-updates contrib main non-free non-free-firmware +# deb http://deb.debian.org/debian bookworm-backports contrib main non-free non-free-firmware +deb http://deb.debian.org/debian-security bookworm-security contrib main non-free non-free-firmware + + + +# deb http://deb.debian.org/debian bookworm main contrib non-free +# deb-src http://deb.debian.org/debian bookworm main contrib non-free +# deb http://security.debian.org/debian-security/ bookworm/updates main contrib non-free +# deb-src http://security.debian.org/debian-security/ bookworm/updates main contrib non-free + diff --git a/http/install-image.py b/http/install-image.py new file mode 100644 index 0000000..6a7f314 --- /dev/null +++ b/http/install-image.py @@ -0,0 +1,55 @@ +#!/usr/bin/python + +import pexpect +import time +import sys +import os + +var_vm_name = os.getenv("VM_NAME", "vyos") +var_ssh_password = os.getenv("VM_PASSWORD", "vyos") + +install_process = pexpect.spawn("/opt/vyatta/sbin/install-image", logfile=sys.stdout, encoding='utf-8') + +install_process.expect("Would you like to continue") +time.sleep(0.2) +install_process.sendline("Yes") + +install_process.expect("Partition") +time.sleep(0.2) +install_process.sendline("Auto") + +install_process.expect("Install the image on") +time.sleep(0.2) +install_process.sendline("") + +install_process.expect("Continue") +time.sleep(0.2) +install_process.sendline("Yes") + +install_process.expect("How big of a root partition should I create") +time.sleep(0.2) +install_process.sendline("") + +install_process.expect("What would you like to name this image") +time.sleep(0.2) +install_process.sendline(var_vm_name) + +install_process.expect("Which one should I copy to") +time.sleep(0.2) +install_process.sendline("") + +install_process.expect("Enter password for user") +time.sleep(0.2) +install_process.sendline(var_ssh_password) + +install_process.expect("Retype password for user") +time.sleep(0.2) +install_process.sendline(var_ssh_password) + +install_process.expect("Which drive should GRUB modify the boot partition on") +time.sleep(0.2) +install_process.sendline("") + +# wait until process ends +install_process.wait() + diff --git a/scripts/vyos/apt-install.sh b/scripts/vyos/apt-install.sh new file mode 100644 index 0000000..22f28dc --- /dev/null +++ b/scripts/vyos/apt-install.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +set -e +set -x + +export DEBIAN_FRONTEND=noninteractive + +# install missing vyos features, you can comment it if not needed +apt install -y \ + vim \ + net-tools + diff --git a/scripts/vyos/apt-repo-debian.sh b/scripts/vyos/apt-repo-debian.sh new file mode 100644 index 0000000..be360fb --- /dev/null +++ b/scripts/vyos/apt-repo-debian.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +set -e +set -x + +if [[ "${CLOUD_INIT}" != "debian" ]]; then + echo "$0 - info: cloud_init not debian, skipping" + exit 0 +fi + +# set debian list according VYOS_VERSION_MAIN +if [[ "$VYOS_RELEASE" == "equuleus" ]]; then + debian_list_url="http://${PACKER_HTTP_IP}:${PACKER_HTTP_PORT}/debian_11.list" +elif [[ "$VYOS_RELEASE" == "current" || "$VYOS_RELEASE" == "sagitta" || "$VYOS_RELEASE" == "circinus" ]]; then + debian_list_url="http://${PACKER_HTTP_IP}:${PACKER_HTTP_PORT}/debian_12.list" +else + echo "vyos version unsupported, get github repo, fork and send a pull request" + exit 1 +fi + +tmp_file=$(mktemp) + +wget -O "$tmp_file" "$debian_list_url" || { echo "cant download debian.list from packer http repo"; exit 1; } + +mv "$tmp_file" /etc/apt/sources.list.d/debian.list + +apt update + + +#sudo bash -c 'echo "deb http://deb.debian.org/debian buster main contrib non-free" > /etc/apt/sources.list.d/debian.list' +#sudo bash -c 'echo "deb-src http://deb.debian.org/debian buster main contrib non-free" >> /etc/apt/sources.list.d/debian.list' +#sudo bash -c 'echo "deb http://security.debian.org/debian-security/ buster/updates main contrib non-free" >> /etc/apt/sources.list.d/debian.list' +#sudo bash -c 'echo "deb-src http://security.debian.org/debian-security/ buster/updates main contrib non-free" >> /etc/apt/sources.list.d/debian.list' diff --git a/scripts/vyos/apt-repo-vyos.sh b/scripts/vyos/apt-repo-vyos.sh new file mode 100644 index 0000000..db7d58a --- /dev/null +++ b/scripts/vyos/apt-repo-vyos.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +set -e +set -x + +if [[ "${CLOUD_INIT}" != "vyos" ]]; then + echo "$0 - info: cloud_init not vyos, skipping" + exit 0 +fi + +# set debian list according VYOS_VERSION_MAIN +if [[ "$VYOS_RELEASE" == "equuleus" ]]; then + debian_list_url="http://${PACKER_HTTP_IP}:${PACKER_HTTP_PORT}/debian_11-vyos.list" +elif [[ "$VYOS_RELEASE" == "current" || "$VYOS_RELEASE" == "sagitta" || "$VYOS_RELEASE" == "circinus" ]]; then + debian_list_url="http://${PACKER_HTTP_IP}:${PACKER_HTTP_PORT}/debian_12-vyos.list" +else + echo "vyos version unsupported, get github repo, fork and send a pull request" + exit 1 +fi + +tmp_file=$(mktemp) + +wget -O "$tmp_file" "$debian_list_url" || { echo "cant download debian.list from packer http repo"; exit 1; } + +mv "$tmp_file" /etc/apt/sources.list.d/debian.list + +apt update + + +#sudo bash -c 'echo "deb http://deb.debian.org/debian buster main contrib non-free" > /etc/apt/sources.list.d/debian.list' +#sudo bash -c 'echo "deb-src http://deb.debian.org/debian buster main contrib non-free" >> /etc/apt/sources.list.d/debian.list' +#sudo bash -c 'echo "deb http://security.debian.org/debian-security/ buster/updates main contrib non-free" >> /etc/apt/sources.list.d/debian.list' +#sudo bash -c 'echo "deb-src http://security.debian.org/debian-security/ buster/updates main contrib non-free" >> /etc/apt/sources.list.d/debian.list' diff --git a/scripts/vyos/cleanup-vyos-configure.sh b/scripts/vyos/cleanup-vyos-configure.sh new file mode 100644 index 0000000..26f3bfd --- /dev/null +++ b/scripts/vyos/cleanup-vyos-configure.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +set -e +set -x + +export DEBIAN_FRONTEND=noninteractive + +# delete interfaces ethernet eth0 address +# delete interfaces ethernet eth0 hw-id +# delete system name-server + +cat <<EOF > /home/vyos/cleanup-vyos.sh +#!/bin/vbash +source /opt/vyatta/etc/functions/script-template +configure +set system host-name 'vyosbuild' +commit +save +exit +EOF +chmod 0700 /home/vyos/cleanup-vyos.sh +chown vyos:users /home/vyos/cleanup-vyos.sh +su - vyos -c "/home/vyos/cleanup-vyos.sh" + +# run cleanup on vyos configure using python vyos.configtree, since can't remove interfaces via configure cli +config_update_url="http://${PACKER_HTTP_IP}:${PACKER_HTTP_PORT}/cleanup-vyos-configure.py" +wget $config_update_url -O /home/vyos/cleanup-vyos-configure.py +chown vyos:users /home/vyos/cleanup-vyos-configure.py +chmod 0664 /home/vyos/cleanup-vyos-configure.py +python3 /home/vyos/cleanup-vyos-configure.py +rm -rf /home/vyos/cleanup-vyos-configure.py diff --git a/scripts/vyos/cleanup.sh b/scripts/vyos/cleanup.sh new file mode 100644 index 0000000..15e67b6 --- /dev/null +++ b/scripts/vyos/cleanup.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +set -e +set -x + +export DEBIAN_FRONTEND=noninteractive + +rm -rf /home/vyos/cleanup-vyos.sh + +# fix config permissions since if we edited with root user +# sudo chown -R root:vyattacfg /opt/vyatta/config/active/ + +# reconfiguring ssh +rm -f /etc/ssh/ssh_host_* +dpkg-reconfigure openssh-server + +# cleanup apt +rm -f /etc/apt/sources.list.d/debian.list +apt -y autoremove --purge +apt-get clean + +# cleanup machine-id +truncate -s 0 /etc/machine-id + +# removing /tmp files +rm -rf /tmp/* + +# removing log files +rm -rf /var/log/* + +# removing history +export HISTFILE=0 +rm -f /home/vyos/.bash_history +rm -f /root/.bash_history + +# removing disk data +dd if=/dev/zero of=/EMPTY bs=1M || : +rm -f /EMPTY +sync diff --git a/scripts/vyos/cloud-init-datasource.sh b/scripts/vyos/cloud-init-datasource.sh new file mode 100644 index 0000000..2573a19 --- /dev/null +++ b/scripts/vyos/cloud-init-datasource.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +set -e +set -x + +if [[ "${CLOUD_INIT}" == "debian" || "${CLOUD_INIT}" == "vyos" ]]; then + if [[ "${CLOUD_INIT_DATASOURCE}" == "nocloud_configdrive" ]]; then + cat <<EOF > /etc/cloud/cloud.cfg.d/99-datasource.cfg +datasource_list: [ NoCloud, ConfigDrive ] +EOF + else + echo "$0 - info: cloud_init_datasource will not run, not supported cloud_init_datasource" + exit 0 + fi +else + echo "$0 - info: cloud_init_datasource will not run, not supported cloud_init" +fi diff --git a/scripts/vyos/cloud-init-debian.sh b/scripts/vyos/cloud-init-debian.sh new file mode 100644 index 0000000..0f12066 --- /dev/null +++ b/scripts/vyos/cloud-init-debian.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +set -e +set -x + +if [[ "${CLOUD_INIT}" != "debian" ]]; then + echo "$0 - info: cloud_init not debian, skipping" + exit 0 +fi + +export DEBIAN_FRONTEND=noninteractive + +apt purge -y \ + cloud-init \ + cloud-utils \ + ifupdown + +apt install -y \ + cloud-init \ + cloud-utils \ + ifupdown + +systemctl enable cloud-init + +cat <<EOF > /etc/cloud/cloud.cfg.d/99-disable_network_config.cfg +network: {config: disabled} +EOF + +rm -rf /etc/network/interfaces.d/50-cloud-init || : diff --git a/scripts/vyos/cloud-init-vyos.sh b/scripts/vyos/cloud-init-vyos.sh new file mode 100644 index 0000000..0d10668 --- /dev/null +++ b/scripts/vyos/cloud-init-vyos.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +set -e +set -x + +if [[ "${CLOUD_INIT}" != "vyos" ]]; then + echo "$0 - info: cloud_init not vyos, skipping" + exit 0 +fi + +export DEBIAN_FRONTEND=noninteractive + +apt purge -y \ + cloud-init \ + cloud-utils \ + ifupdown + +apt install -t "$VYOS_RELEASE" --force-yes -y \ + cloud-init \ + cloud-utils \ + ifupdown + +systemctl enable cloud-init + +cat <<EOF > /etc/cloud/cloud.cfg.d/99-disable_network_config.cfg +network: {config: disabled} +EOF + +cat <<EOF > /etc/cloud/cloud.cfg.d/90-disable_config_stage.cfg +# Disable all config-stage modules +cloud_config_modules: +EOF + +rm -rf /etc/network/interfaces.d/50-cloud-init || : diff --git a/scripts/vyos/configure.sh b/scripts/vyos/configure.sh new file mode 100644 index 0000000..f52c336 --- /dev/null +++ b/scripts/vyos/configure.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +set -e +set -x + +# export DEBIAN_FRONTEND=noninteractive + +# delete interfaces ethernet eth0 address +# delete interfaces ethernet eth0 hw-id +# delete system name-server + +cat <<EOF > /home/vyos/configure-vyos.sh +#!/bin/vbash +source /opt/vyatta/etc/functions/script-template +configure +set system host-name 'vyoshost' +commit +save +exit +EOF +chmod 0700 /home/vyos/configure-vyos.sh +chown vyos:users /home/vyos/configure-vyos.sh +su - vyos -c "/home/vyos/configure-vyos.sh" +rm -rf /home/vyos/configure-vyos.sh diff --git a/scripts/vyos/grub-serial.sh b/scripts/vyos/grub-serial.sh new file mode 100644 index 0000000..5beb889 --- /dev/null +++ b/scripts/vyos/grub-serial.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +set -e +set -x + +#GRUB_SERIAL=1 +if [[ "${GRUB_SERIAL}" -ne 1 ]]; then + echo "$0 - info: grub will keep default=0 (kvm). to use serial add to .env: GRUB_SERIAL=1" + exit 0 +fi + +GRUB_CFG="/boot/grub/grub.cfg" +GRUB_DEFAULT="/etc/default/grub" + +sed -i 's/^set default=.*/set default=1/' $GRUB_CFG + +if grep -q "^GRUB_DEFAULT=" $GRUB_DEFAULT; then + sed -i 's/^GRUB_DEFAULT=.*/GRUB_DEFAULT=1/' $GRUB_DEFAULT +else + echo "GRUB_DEFAULT=1" >> $GRUB_DEFAULT +fi + +# update-grub + + diff --git a/scripts/vyos/init.sh b/scripts/vyos/init.sh new file mode 100644 index 0000000..863692c --- /dev/null +++ b/scripts/vyos/init.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +set -e +set -x + +# configure machine-id +dbus-uuidgen > /etc/machine-id +ln -fs /etc/machine-id /var/lib/dbus/machine-id + +# disable logs +systemctl stop rsyslog + diff --git a/scripts/vyos/osprep.sh b/scripts/vyos/osprep.sh new file mode 100644 index 0000000..bb2c448 --- /dev/null +++ b/scripts/vyos/osprep.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +set -e +set -x + +# vimrc no mouse +cat <<EOF > /home/vyos/.vimrc +set mouse= +EOF + +cat <<EOF > /root/.vimrc +set mouse= +EOF + diff --git a/scripts/vyos/platform-qemu.sh b/scripts/vyos/platform-qemu.sh new file mode 100644 index 0000000..d4049fa --- /dev/null +++ b/scripts/vyos/platform-qemu.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +set -e +set -x + +if [[ "${PLATFORM}" != "qemu" ]]; then + echo "$0 - info: platform not qemu, skipping" + exit 0 +fi + +export DEBIAN_FRONTEND=noninteractive +apt install -y \ + qemu-guest-agent diff --git a/scripts/vyos/vyos-install-expect.sh b/scripts/vyos/vyos-install-expect.sh new file mode 100644 index 0000000..aa23064 --- /dev/null +++ b/scripts/vyos/vyos-install-expect.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +set -e +set -x + +# answers_url=http://${PACKER_HTTP_IP}:${PACKER_HTTP_PORT}/answers.expect +# install_url=http://${PACKER_HTTP_IP}:${PACKER_HTTP_PORT}/install-image.vsh +install_url=http://${PACKER_HTTP_IP}:${PACKER_HTTP_PORT}/install-image.py + +# touch /root/answers.expect +# chmod 0600 /root/answers.expect +# wget $answers_url -O /root/answers.expect + +touch /root/install-image.py +chmod 0700 /root/install-image.py +wget $install_url -O /root/install-image.py + +python3 /root/install-image.py + diff --git a/scripts/vyos/vyos-install-post.sh b/scripts/vyos/vyos-install-post.sh new file mode 100644 index 0000000..15b723e --- /dev/null +++ b/scripts/vyos/vyos-install-post.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +set -e +set -x + +# removing temp scripts +#rm -f /root/answers.expect +rm -f /root/install-image.py + +#sleep 1000
\ No newline at end of file diff --git a/tools/vnc-connect.sh b/tools/vnc-connect.sh new file mode 100755 index 0000000..abb4f2c --- /dev/null +++ b/tools/vnc-connect.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +#export DISPLAY=:99 + +VNC_HOST=127.0.0.1 +VNC_PORT=5900 + +while ! nc -z $VNC_HOST $VNC_PORT; do + sleep 1 + echo "waiting for vnc in $VNC_HOST:$VNC_PORT ..." +done +echo "vnc on." + +vncviewer -shared $VNC_HOST:$VNC_PORT diff --git a/vyos-1.3.pkrvars.hcl b/vyos-1.3.pkrvars.hcl new file mode 100644 index 0000000..c74c136 --- /dev/null +++ b/vyos-1.3.pkrvars.hcl @@ -0,0 +1,56 @@ + +# vars: +# - .env building vars: control building process +# - vyos.pkrvars.hcl image vars: define image parameters - git default +# - local.pkrvars.hcl image vars: define image parameters - clone vyos.pkrvars.hcl to override it locally + + + +ssh_username = "vyos" +ssh_password = "vyos" + +# same as file name without .iso +vm_name = "vyos-1.3.7-amd64" + +# platform = "none" # will not install any specific platform +# - qemu will install qemu-guest-agent +platform = "qemu" + +# cloud-init values: +# debian - will install/replace cloud-init packages +# vyos - will keep cloud-init packages from vyos +# comment - don't install cloud-init at all +cloud_init = "debian" + +# which kind of datasource should be used +# nocloud_configdrive => use this as default, will turn on NoCloud, ConfigDrive on cloud-init datasource_list +# blank - don't set default datasource_list +cloud_init_datasource = "nocloud_configdrive" + +# Set grub_serial=1 to turn grub default=1, ie: use serial console. it is need to adjust on hypervisor +# +# for proxmox: +# qm set 9000 --serial0 socket --vga serial0 +grub_serial = 0 + +# equuleus: debian 11 (branch 1.3.*) +# sagitta: debian 12 (branch 1.4.*) +# circinus: debian 12 (branch 1.5.*) +# current: debian 12 (branch 1.5.*) +vyos_release = "equuleus" + +# false will start vnc for console +headless = false + +# in MB (10GB x 1024 = 10240, minimum 2048) +disk_size = 2048 + + + +# todo: +# - disable/enable ssh +# - disable/enable dhcp +# - set interface/gateway +# - keep vyos/vyos user/password or customize it +# - customize to install any other agent or package as needed like +# extra_packages = []
\ No newline at end of file diff --git a/vyos-1.4.pkrvars.hcl b/vyos-1.4.pkrvars.hcl new file mode 100644 index 0000000..5d9eb8a --- /dev/null +++ b/vyos-1.4.pkrvars.hcl @@ -0,0 +1,56 @@ + +# vars: +# - .env building vars: control building process +# - vyos.pkrvars.hcl image vars: define image parameters - git default +# - local.pkrvars.hcl image vars: define image parameters - clone vyos.pkrvars.hcl to override it locally + + + +ssh_username = "vyos" +ssh_password = "vyos" + +# same as file name without .iso +vm_name = "vyos-1.4.0-epa3-amd64" + +# platform = "none" # will not install any specific platform +# - qemu will install qemu-guest-agent +platform = "qemu" + +# cloud-init values: +# debian - will install/replace cloud-init packages +# vyos - will keep cloud-init packages from vyos +# comment - don't install cloud-init at all +cloud_init = "debian" + +# which kind of datasource should be used +# nocloud_configdrive => use this as default, will turn on NoCloud, ConfigDrive on cloud-init datasource_list +# blank - don't set default datasource_list +cloud_init_datasource = "nocloud_configdrive" + +# Set grub_serial=1 to turn grub default=1, ie: use serial console. it is need to adjust on hypervisor +# +# for proxmox: +# qm set 9000 --serial0 socket --vga serial0 +grub_serial = 0 + +# equuleus: debian 11 (branch 1.3.*) +# sagitta: debian 12 (branch 1.4.*) +# circinus: debian 12 (branch 1.5.*) +# current: debian 12 (branch 1.5.*) +vyos_release = "sagitta" + +# false will start vnc for console +headless = false + +# in MB (10GB x 1024 = 10240, minimum 2048) +disk_size = 2048 + + + +# todo: +# - disable/enable ssh +# - disable/enable dhcp +# - set interface/gateway +# - keep vyos/vyos user/password or customize it +# - customize to install any other agent or package as needed like +# extra_packages = []
\ No newline at end of file diff --git a/vyos-1.5.pkrvars.hcl b/vyos-1.5.pkrvars.hcl new file mode 100644 index 0000000..b307b9e --- /dev/null +++ b/vyos-1.5.pkrvars.hcl @@ -0,0 +1,56 @@ + +# vars: +# - .env building vars: control building process +# - vyos.pkrvars.hcl image vars: define image parameters - git default +# - local.pkrvars.hcl image vars: define image parameters - clone vyos.pkrvars.hcl to override it locally + + + +ssh_username = "vyos" +ssh_password = "vyos" + +# same as file name without .iso +vm_name = "vyos-1.5-rolling-202405140019-amd64" + +# platform = "none" # will not install any specific platform +# - qemu will install qemu-guest-agent +platform = "qemu" + +# cloud-init values: +# debian - will install/replace cloud-init packages +# vyos - will keep cloud-init packages from vyos +# comment - don't install cloud-init at all +cloud_init = "debian" + +# which kind of datasource should be used +# nocloud_configdrive => use this as default, will turn on NoCloud, ConfigDrive on cloud-init datasource_list +# blank - don't set default datasource_list +cloud_init_datasource = "nocloud_configdrive" + +# Set grub_serial=1 to turn grub default=1, ie: use serial console. it is need to adjust on hypervisor +# +# for proxmox: +# qm set 9000 --serial0 socket --vga serial0 +grub_serial = 0 + +# equuleus: debian 11 (branch 1.3.*) +# sagitta: debian 12 (branch 1.4.*) +# circinus: debian 12 (branch 1.5.*) +# current: debian 12 (branch 1.5.*) +vyos_release = "circinus" + +# false will start vnc for console +headless = false + +# in MB (10GB x 1024 = 10240, minimum 2048) +disk_size = 2048 + + + +# todo: +# - disable/enable ssh +# - disable/enable dhcp +# - set interface/gateway +# - keep vyos/vyos user/password or customize it +# - customize to install any other agent or package as needed like +# extra_packages = []
\ No newline at end of file diff --git a/vyos-image1-1.3.pkr.hcl b/vyos-image1-1.3.pkr.hcl new file mode 100644 index 0000000..6d2d0ab --- /dev/null +++ b/vyos-image1-1.3.pkr.hcl @@ -0,0 +1,218 @@ +packer { + required_plugins { + qemu = { + version = "~> 1" + source = "github.com/hashicorp/qemu" + } + } +} + +# dont edit those vars below, customize in local.auto.pkrvars.hcl using local.example.pkrvars.hcl +variable "vm_name" { + default = "vyos-1.3.6" +} + +variable "numvcpus" { + default = "4" +} + +variable "memsize" { + default = "2048" +} + +variable "disk_size" { + default = "10240" +} + +variable "iso_checksum" { + default = "file:iso/SHA256SUM" +} + +variable "ssh_username" { + default = "vyos" +} + +variable "ssh_password" { + default = "vyos" +} + +variable "boot_wait" { + default = "5s" +} + +# - qemu: will build qcow2 image +# - none: not supported +variable "platform" { + type = string + default = "qemu" +} + +# cloud-init values: +# debian - will install/replace cloud-init packages +# vyos - will keep cloud-init packages from vyos +variable "cloud_init" { + type = string + default = "vyos" +} + +# equuleus: debian 11 (branch 1.3.*) +# sagitta: debian 12 (branch 1.4.*) +# circinus: debian 12 (branch 1.5.*) +# current: debian 12 (branch 1.5.*) +variable "vyos_release" { + default = "equuleus" +} + +# build will fail if headless is false, only use headless false if you prepared X11/vnc setup +variable "headless" { + default = true +} + +variable "host_port_min" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 2222 +} +variable "host_port_max" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 4444 +} + +variable "vnc_port_min" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 5900 +} +variable "vnc_port_max" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 6000 +} + +variable "sleep_before_shutdown" { + default = env("SLEEP_BEFORE_SHUTDOWN") != "" ? env("SLEEP_BEFORE_SHUTDOWN") : 0 +} + +# this is actually boot time between grub and user login. Need to be increased if your system in heavy load. A wait time too long will increase build time. +variable "sleep_after_grub" { + default = "60" # in seconds +} + +# set grub_serial=1 to turn grub default=1, ie: use serial console. it is need to adjust on hypervisor +variable "grub_serial" { + type = string + default = 1 +} + +locals { + iso_path = "iso/${var.vm_name}.iso" + output_dir = "output/vyos-image1/${regex_replace(timestamp(), "[: ]", "-")}" +} + +source "qemu" "vyos" { + boot_command = [ + "<enter>", + "<wait${var.sleep_after_grub}s>", + "${var.ssh_username}<enter><wait>", + "${var.ssh_password}<enter><wait>", + "configure<enter><wait>", + "set interfaces ethernet eth0 address 'dhcp'<enter><wait>", + "set system name-server '8.8.8.8'<enter><wait>", + "set service ssh port '22'<enter><wait>", + "commit<enter><wait>", + "save<enter><wait>", + "exit<enter><wait>", + "install image<enter><wait3s>", + "Yes<enter><wait3s>", + "Auto<enter><wait3s>", + "<enter><wait3s>", # vda + "Yes<enter><wait5s>", + "<enter><wait15s>", #disk size + "${var.vm_name}<enter><wait10s>", + "<enter><wait2s>", + "${var.ssh_password}<enter><wait>", + "${var.ssh_password}<enter><wait>", + "<enter><wait10s>", # wait 10 seconds before reboot (dev purposes) + ] + + accelerator = "kvm" + + iso_checksum = var.iso_checksum + iso_url = local.iso_path + + boot_wait = var.boot_wait + + http_directory = "http" + + shutdown_command = "sleep ${var.sleep_before_shutdown}; sudo shutdown -P now" + + communicator = "ssh" + + host_port_min = var.host_port_min + host_port_max = var.host_port_max + + ssh_username = var.ssh_username + ssh_password = var.ssh_password + + ssh_timeout = "30m" + + memory = var.memsize + cpus = var.numvcpus + disk_size = var.disk_size + + vnc_port_min = var.vnc_port_min + vnc_port_max = var.vnc_port_max + + headless = var.headless + + output_directory = "${local.output_dir}" + + net_device = "virtio-net" + disk_interface = "virtio" + + qemuargs = [ + ["-m", "2048"], + ["-smp", "4"], + ["-cpu", "host"], + ["-netdev", "user,id=user.0,", "hostfwd=tcp::{{ .SSHHostPort }}-:22"], + ["-device", "virtio-net,netdev=user.0"] + ] +} + +build { + name = "vyos" + + source "source.qemu.vyos" { + name = "vyos_qemu_qcow2" + vm_name = "${var.vm_name}-${source.name}.qcow2" + format = "qcow2" + } + + provisioner "shell-local" { + inline = [ + "mkdir -p iso/", + "mkdir -p ${local.output_dir}" + ] + } + + # checksum + post-processors { + post-processor "checksum" { + checksum_types = ["sha256"] + keep_input_artifact = true + } + + post-processor "shell-local" { + inline = [ + "mv packer_vyos_qemu_sha256.checksum iso/${var.vm_name}-build1.qcow2.checksum.tmp", + "awk '{print $1, \" ${var.vm_name}-build1.qcow2\"}' iso/${var.vm_name}-build1.qcow2.checksum.tmp > iso/${var.vm_name}-build1.qcow2.checksum", + "rm -f iso/${var.vm_name}-build1.qcow2.checksum.tmp", + "cat iso/*.checksum > iso/SHA256SUM", + "echo '${var.vm_name}' > .vm_name" + ] + } + } + + # copy from output to iso/ for vyos-image2.pkr.hcl customize + post-processors { + post-processor "shell-local" { + inline = [ + "cp '${local.output_dir}/${var.vm_name}-${source.name}.qcow2' iso/${var.vm_name}-build1.qcow2", + "rm -rf '${local.output_dir}'" + ] + } + } +} diff --git a/vyos-image1-1.4.pkr.hcl b/vyos-image1-1.4.pkr.hcl new file mode 100644 index 0000000..d8c0186 --- /dev/null +++ b/vyos-image1-1.4.pkr.hcl @@ -0,0 +1,218 @@ +packer { + required_plugins { + qemu = { + version = "~> 1" + source = "github.com/hashicorp/qemu" + } + } +} + +# dont edit those vars below, customize in local.auto.pkrvars.hcl using local.example.pkrvars.hcl +variable "vm_name" { + default = "vyos-1.3.6" +} + +variable "numvcpus" { + default = "4" +} + +variable "memsize" { + default = "2048" +} + +variable "disk_size" { + default = "10240" +} + +variable "iso_checksum" { + default = "file:iso/SHA256SUM" +} + +variable "ssh_username" { + default = "vyos" +} + +variable "ssh_password" { + default = "vyos" +} + +variable "boot_wait" { + default = "5s" +} + +# - qemu: will build qcow2 image +# - none: not supported +variable "platform" { + type = string + default = "qemu" +} + +# cloud-init values: +# debian - will install/replace cloud-init packages +# vyos - will keep cloud-init packages from vyos +variable "cloud_init" { + type = string + default = "vyos" +} + +# equuleus: debian 11 (branch 1.3.*) +# sagitta: debian 12 (branch 1.4.*) +# circinus: debian 12 (branch 1.5.*) +# current: debian 12 (branch 1.5.*) +variable "vyos_release" { + default = "sagitta" +} + +# build will fail if headless is false, only use headless false if you prepared X11/vnc setup +variable "headless" { + default = true +} + +variable "host_port_min" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 2222 +} +variable "host_port_max" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 4444 +} + +variable "vnc_port_min" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 5900 +} +variable "vnc_port_max" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 6000 +} + +variable "sleep_before_shutdown" { + default = env("SLEEP_BEFORE_SHUTDOWN") != "" ? env("SLEEP_BEFORE_SHUTDOWN") : 0 +} + +# this is actually boot time between grub and user login. Need to be increased if your system in heavy load. A wait time too long will increase build time. +variable "sleep_after_grub" { + default = "60" # in seconds +} + +# set grub_serial=1 to turn grub default=1, ie: use serial console. it is need to adjust on hypervisor +variable "grub_serial" { + type = string + default = 1 +} + +locals { + iso_path = "iso/${var.vm_name}.iso" + output_dir = "output/vyos-image1/${regex_replace(timestamp(), "[: ]", "-")}" +} + +source "qemu" "vyos" { + boot_command = [ + "<enter>", + "<wait${var.sleep_after_grub}s>", + "${var.ssh_username}<enter><wait>", + "${var.ssh_password}<enter><wait>", + "configure<enter><wait>", + "set interfaces ethernet eth0 address 'dhcp'<enter><wait>", + "set system name-server '8.8.8.8'<enter><wait>", + "set service ssh port '22'<enter><wait>", + "commit<enter><wait2s>", + "save<enter><wait2s>", + "exit<enter><wait1s>", + "install image<enter><wait3s>", + "Yes<enter><wait3s>", # would like to continue + "<enter><wait3s>", # name of this image, using default + "${var.ssh_password}<enter><wait>", + "${var.ssh_password}<enter><wait>", + "K<enter><wait3s>", # which console kvm=K or serial=S + "<enter><wait2s>", # disk name using default (vda) + "Y<enter><wait3s>", # will delete all data, continue=Y + "Y<enter><wait3s>", # will use all free space, continue=Y + "1<enter><wait3s>", # which file to use as boot, using first one=1 + "<enter><wait10s>", # wait 10 seconds before reboot (dev purposes) + ] + + accelerator = "kvm" + + iso_checksum = var.iso_checksum + iso_url = local.iso_path + + boot_wait = var.boot_wait + + http_directory = "http" + + shutdown_command = "sleep ${var.sleep_before_shutdown}; sudo shutdown -P now" + + communicator = "ssh" + + host_port_min = var.host_port_min + host_port_max = var.host_port_max + + ssh_username = var.ssh_username + ssh_password = var.ssh_password + + ssh_timeout = "30m" + + memory = var.memsize + cpus = var.numvcpus + disk_size = var.disk_size + + vnc_port_min = var.vnc_port_min + vnc_port_max = var.vnc_port_max + + headless = var.headless + + output_directory = "${local.output_dir}" + + net_device = "virtio-net" + disk_interface = "virtio" + + qemuargs = [ + ["-m", "2048"], + ["-smp", "4"], + ["-cpu", "host"], + ["-netdev", "user,id=user.0,", "hostfwd=tcp::{{ .SSHHostPort }}-:22"], + ["-device", "virtio-net,netdev=user.0"] + ] +} + +build { + name = "vyos" + + source "source.qemu.vyos" { + name = "vyos_qemu_qcow2" + vm_name = "${var.vm_name}-${source.name}.qcow2" + format = "qcow2" + } + + provisioner "shell-local" { + inline = [ + "mkdir -p iso/", + "mkdir -p ${local.output_dir}" + ] + } + + # checksum + post-processors { + post-processor "checksum" { + checksum_types = ["sha256"] + keep_input_artifact = true + } + + post-processor "shell-local" { + inline = [ + "mv packer_vyos_qemu_sha256.checksum iso/${var.vm_name}-build1.qcow2.checksum.tmp", + "awk '{print $1, \" ${var.vm_name}-build1.qcow2\"}' iso/${var.vm_name}-build1.qcow2.checksum.tmp > iso/${var.vm_name}-build1.qcow2.checksum", + "rm -f iso/${var.vm_name}-build1.qcow2.checksum.tmp", + "cat iso/*.checksum > iso/SHA256SUM", + "echo '${var.vm_name}' > .vm_name" + ] + } + } + + # copy from output to iso/ for vyos-image2.pkr.hcl customize + post-processors { + post-processor "shell-local" { + inline = [ + "cp '${local.output_dir}/${var.vm_name}-${source.name}.qcow2' iso/${var.vm_name}-build1.qcow2", + "rm -rf '${local.output_dir}'" + ] + } + } +} diff --git a/vyos-image1-1.5.pkr.hcl b/vyos-image1-1.5.pkr.hcl new file mode 100644 index 0000000..8b603b4 --- /dev/null +++ b/vyos-image1-1.5.pkr.hcl @@ -0,0 +1,218 @@ +packer { + required_plugins { + qemu = { + version = "~> 1" + source = "github.com/hashicorp/qemu" + } + } +} + +# dont edit those vars below, customize in local.auto.pkrvars.hcl using local.example.pkrvars.hcl +variable "vm_name" { + default = "vyos-1.3.6" +} + +variable "numvcpus" { + default = "4" +} + +variable "memsize" { + default = "2048" +} + +variable "disk_size" { + default = "10240" +} + +variable "iso_checksum" { + default = "file:iso/SHA256SUM" +} + +variable "ssh_username" { + default = "vyos" +} + +variable "ssh_password" { + default = "vyos" +} + +variable "boot_wait" { + default = "5s" +} + +# - qemu: will build qcow2 image +# - none: not supported +variable "platform" { + type = string + default = "qemu" +} + +# cloud-init values: +# debian - will install/replace cloud-init packages +# vyos - will keep cloud-init packages from vyos +variable "cloud_init" { + type = string + default = "vyos" +} + +# equuleus: debian 11 (branch 1.3.*) +# sagitta: debian 12 (branch 1.4.*) +# circinus: debian 12 (branch 1.5.*) +# current: debian 12 (branch 1.5.*) +variable "vyos_release" { + default = "circinus" +} + +# build will fail if headless is false, only use headless false if you prepared X11/vnc setup +variable "headless" { + default = true +} + +variable "host_port_min" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 2222 +} +variable "host_port_max" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 4444 +} + +variable "vnc_port_min" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 5900 +} +variable "vnc_port_max" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 6000 +} + +variable "sleep_before_shutdown" { + default = env("SLEEP_BEFORE_SHUTDOWN") != "" ? env("SLEEP_BEFORE_SHUTDOWN") : 0 +} + +# this is actually boot time between grub and user login. Need to be increased if your system in heavy load. A wait time too long will increase build time. +variable "sleep_after_grub" { + default = "60" # in seconds +} + +# set grub_serial=1 to turn grub default=1, ie: use serial console. it is need to adjust on hypervisor +variable "grub_serial" { + type = string + default = 1 +} + +locals { + iso_path = "iso/${var.vm_name}.iso" + output_dir = "output/vyos-image1/${regex_replace(timestamp(), "[: ]", "-")}" +} + +source "qemu" "vyos" { + boot_command = [ + "<enter>", + "<wait${var.sleep_after_grub}s>", + "${var.ssh_username}<enter><wait>", + "${var.ssh_password}<enter><wait>", + "configure<enter><wait>", + "set interfaces ethernet eth0 address 'dhcp'<enter><wait>", + "set system name-server '8.8.8.8'<enter><wait>", + "set service ssh port '22'<enter><wait>", + "commit<enter><wait2s>", + "save<enter><wait2s>", + "exit<enter><wait1s>", + "install image<enter><wait3s>", + "Yes<enter><wait3s>", # would like to continue + "<enter><wait3s>", # name of this image, using default + "${var.ssh_password}<enter><wait>", + "${var.ssh_password}<enter><wait>", + "K<enter><wait3s>", # which console kvm=K or serial=S + "<enter><wait2s>", # disk name using default (vda) + "Y<enter><wait3s>", # will delete all data, continue=Y + "Y<enter><wait3s>", # will use all free space, continue=Y + "1<enter><wait3s>", # which file to use as boot, using first one=1 + "<enter><wait10s>", # wait 10 seconds before reboot (dev purposes) + ] + + accelerator = "kvm" + + iso_checksum = var.iso_checksum + iso_url = local.iso_path + + boot_wait = var.boot_wait + + http_directory = "http" + + shutdown_command = "sleep ${var.sleep_before_shutdown}; sudo shutdown -P now" + + communicator = "ssh" + + host_port_min = var.host_port_min + host_port_max = var.host_port_max + + ssh_username = var.ssh_username + ssh_password = var.ssh_password + + ssh_timeout = "30m" + + memory = var.memsize + cpus = var.numvcpus + disk_size = var.disk_size + + vnc_port_min = var.vnc_port_min + vnc_port_max = var.vnc_port_max + + headless = var.headless + + output_directory = "${local.output_dir}" + + net_device = "virtio-net" + disk_interface = "virtio" + + qemuargs = [ + ["-m", "2048"], + ["-smp", "4"], + ["-cpu", "host"], + ["-netdev", "user,id=user.0,", "hostfwd=tcp::{{ .SSHHostPort }}-:22"], + ["-device", "virtio-net,netdev=user.0"] + ] +} + +build { + name = "vyos" + + source "source.qemu.vyos" { + name = "vyos_qemu_qcow2" + vm_name = "${var.vm_name}-${source.name}.qcow2" + format = "qcow2" + } + + provisioner "shell-local" { + inline = [ + "mkdir -p iso/", + "mkdir -p ${local.output_dir}" + ] + } + + # checksum + post-processors { + post-processor "checksum" { + checksum_types = ["sha256"] + keep_input_artifact = true + } + + post-processor "shell-local" { + inline = [ + "mv packer_vyos_qemu_sha256.checksum iso/${var.vm_name}-build1.qcow2.checksum.tmp", + "awk '{print $1, \" ${var.vm_name}-build1.qcow2\"}' iso/${var.vm_name}-build1.qcow2.checksum.tmp > iso/${var.vm_name}-build1.qcow2.checksum", + "rm -f iso/${var.vm_name}-build1.qcow2.checksum.tmp", + "cat iso/*.checksum > iso/SHA256SUM", + "echo '${var.vm_name}' > .vm_name" + ] + } + } + + # copy from output to iso/ for vyos-image2.pkr.hcl customize + post-processors { + post-processor "shell-local" { + inline = [ + "cp '${local.output_dir}/${var.vm_name}-${source.name}.qcow2' iso/${var.vm_name}-build1.qcow2", + "rm -rf '${local.output_dir}'" + ] + } + } +} diff --git a/vyos-image2-1.3.pkr.hcl b/vyos-image2-1.3.pkr.hcl new file mode 100644 index 0000000..a25eb2b --- /dev/null +++ b/vyos-image2-1.3.pkr.hcl @@ -0,0 +1,270 @@ +packer { + required_plugins { + qemu = { + version = "~> 1" + source = "github.com/hashicorp/qemu" + } + } +} + + +# dont edit those vars below, customize in local.auto.pkrvars.hcl using local.example.pkrvars.hcl +variable "vm_name" { + default = "vyos-image-1.3.6" +} + +variable "numvcpus" { + default = "4" +} + +variable "memsize" { + default = "2048" +} + +variable "disk_size" { + default = "1024" +} + +variable "iso_checksum" { + default = "file:iso/SHA256SUM" +} + +variable "ssh_username" { + default = "vyos" +} + +variable "ssh_password" { + default = "vyos" +} + +variable "boot_wait" { + default = "5s" +} + +# - qemu: will build qcow2 image +# - none: not supported +variable "platform" { + type = string + default = "qemu" +} + +# cloud-init values: +# debian - will install/replace cloud-init packages +# vyos - will keep cloud-init packages from vyos +variable "cloud_init" { + type = string + default = "vyos" +} + +# equuleus: debian 11 (branch 1.3.*) +# sagitta: debian 12 (branch 1.4.*) +# circinus: debian 12 (branch 1.5.*) +# current: debian 12 (branch 1.5.*) +variable "vyos_release" { + default = "equuleus" +} + +# build will fail if headless is false, only use headless false if you prepared X11/vnc setup +variable "headless" { + default = true +} + +variable "host_port_min" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 2222 +} +variable "host_port_max" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 4444 +} + +variable "vnc_port_min" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 5900 +} +variable "vnc_port_max" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 6000 +} + +variable "sleep_before_shutdown" { + default = env("SLEEP_BEFORE_SHUTDOWN") != "" ? env("SLEEP_BEFORE_SHUTDOWN") : 0 +} + +# this is actually boot time between grub and user login. Need to be increased if your system in heavy load. A wait time too long will increase build time. +variable "sleep_after_grub" { + default = "45" # in seconds +} + +# set grub_serial=1 to turn grub default=1, ie: use serial console. it is need to adjust on hypervisor +variable "grub_serial" { + type = string + default = 1 +} + +# which kind of datasource should be used +# nocloud_configdrive => use this as default, will turn on NoCloud, ConfigDrive on cloud-init datasource_list +# blank - don't set default datasource_list +variable "cloud_init_datasource" { + default = "nocloud_configdrive" +} + +locals { + iso_path = "iso/${var.vm_name}-build2.qcow2" # not used at all since qemuargs -drive override it + output_dir = "output/vyos-image2/${regex_replace(timestamp(), "[: ]", "-")}" +} + +source "qemu" "vyos" { + boot_command = [ + "<wait2s><enter>", + "<wait${var.sleep_after_grub}s>", + "${var.ssh_username}<enter><wait>", + "${var.ssh_password}<enter><wait>", + "configure<enter><wait>", + "set interfaces ethernet eth0 address 'dhcp'<enter><wait>", + "set system name-server '8.8.8.8'<enter><wait>", + "set service ssh port '22'<enter><wait>", + "commit<enter><wait>", + "save<enter><wait>", + "exit<enter><wait10s>", # wait 10 seconds before reboot (dev purposes) + ] + + accelerator = "kvm" + + iso_checksum = var.iso_checksum + iso_url = local.iso_path # not used at all since qemuargs -drive override it + + boot_wait = var.boot_wait + + http_directory = "http" + + shutdown_command = "sleep ${var.sleep_before_shutdown}; sudo shutdown -P now" + + communicator = "ssh" + + host_port_min = var.host_port_min + host_port_max = var.host_port_max + + ssh_username = var.ssh_username + ssh_password = var.ssh_password + + ssh_timeout = "30m" + + memory = var.memsize + cpus = var.numvcpus + disk_size = var.disk_size + + vnc_port_min = var.vnc_port_min + vnc_port_max = var.vnc_port_max + + headless = var.headless + + output_directory = "${local.output_dir}" + + net_device = "virtio-net" + disk_interface = "virtio" + + qemuargs = [ + ["-m", "2048"], + ["-smp", "4"], + ["-cpu", "host"], + ["-netdev", "user,id=user.0,", "hostfwd=tcp::{{ .SSHHostPort }}-:22"], + ["-device", "virtio-net,netdev=user.0"], + #["-drive", "file=iso/${var.vm_name}.qcow2,if=virtio,cache=writeback,discard=ignore,format=qcow2"] + #["-drive", "file=iso/${var.vm_name}.qcow2,if=none,id=drive-virtio0,format=qcow2,cache=writeback,aio=io_uring,detect-zeroes=on"] + ["-drive", "file=iso/${var.vm_name}-build2.qcow2,if=virtio,cache=writeback,format=qcow2,aio=io_uring,detect-zeroes=on"] + ] +} + +build { + name = "vyos" + + source "source.qemu.vyos" { + name = "vyos_qemu_qcow2" + vm_name = "${var.vm_name}-${source.name}.qcow2" + format = "qcow2" + } + + provisioner "shell-local" { + inline = [ + "mkdir -p ${local.output_dir}" + ] + } + + # preparing provisioner + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/init.sh", + ] + } + + # prepare os - general customizations here + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/osprep.sh", + ] + } + + # configure vyos + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/configure.sh", + ] + } + + # installing apt repos and custom packages + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' CLOUD_INIT='${var.cloud_init}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/apt-repo-debian.sh", + "scripts/vyos/apt-repo-vyos.sh", + "scripts/vyos/apt-install.sh", + ] + } + + # preparing cloud-init + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' CLOUD_INIT='${var.cloud_init}' CLOUD_INIT_DATASOURCE='${var.cloud_init_datasource}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/cloud-init-debian.sh", + "scripts/vyos/cloud-init-vyos.sh", + "scripts/vyos/cloud-init-datasource.sh", + ] + } + + # if PLATFORM=qemu will install qemu packages + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' PLATFORM='${var.platform}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/platform-qemu.sh" + ] + } + + # if grub_serial=1 change grub default to serial + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' GRUB_SERIAL='${var.grub_serial}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/grub-serial.sh" + ] + } + + # image cleanup + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/cleanup-vyos-configure.sh", + "scripts/vyos/cleanup.sh", + ] + } + + # copy qcow2 to final destination + post-processors { + post-processor "shell-local" { + inline = [ + "cp 'iso/${var.vm_name}-build2.qcow2' iso/${var.vm_name}.img", + "cd iso/ && sha256sum ${var.vm_name}.img > ${var.vm_name}.img.checksum && cd ../" , + "cat iso/*.checksum > iso/SHA256SUM", + "rm -rf '${local.output_dir}'" + ] + } + } +}
\ No newline at end of file diff --git a/vyos-image2-1.4.pkr.hcl b/vyos-image2-1.4.pkr.hcl new file mode 100644 index 0000000..39f9c0c --- /dev/null +++ b/vyos-image2-1.4.pkr.hcl @@ -0,0 +1,270 @@ +packer { + required_plugins { + qemu = { + version = "~> 1" + source = "github.com/hashicorp/qemu" + } + } +} + + +# dont edit those vars below, customize in local.auto.pkrvars.hcl using local.example.pkrvars.hcl +variable "vm_name" { + default = "vyos-image-1.3.6" +} + +variable "numvcpus" { + default = "4" +} + +variable "memsize" { + default = "2048" +} + +variable "disk_size" { + default = "1024" +} + +variable "iso_checksum" { + default = "file:iso/SHA256SUM" +} + +variable "ssh_username" { + default = "vyos" +} + +variable "ssh_password" { + default = "vyos" +} + +variable "boot_wait" { + default = "5s" +} + +# - qemu: will build qcow2 image +# - none: not supported +variable "platform" { + type = string + default = "qemu" +} + +# cloud-init values: +# debian - will install/replace cloud-init packages +# vyos - will keep cloud-init packages from vyos +variable "cloud_init" { + type = string + default = "vyos" +} + +# equuleus: debian 11 (branch 1.3.*) +# sagitta: debian 12 (branch 1.4.*) +# circinus: debian 12 (branch 1.5.*) +# current: debian 12 (branch 1.5.*) +variable "vyos_release" { + default = "sagitta" +} + +# build will fail if headless is false, only use headless false if you prepared X11/vnc setup +variable "headless" { + default = true +} + +variable "host_port_min" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 2222 +} +variable "host_port_max" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 4444 +} + +variable "vnc_port_min" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 5900 +} +variable "vnc_port_max" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 6000 +} + +variable "sleep_before_shutdown" { + default = env("SLEEP_BEFORE_SHUTDOWN") != "" ? env("SLEEP_BEFORE_SHUTDOWN") : 0 +} + +# this is actually boot time between grub and user login. Need to be increased if your system in heavy load. A wait time too long will increase build time. +variable "sleep_after_grub" { + default = "45" # in seconds +} + +# set grub_serial=1 to turn grub default=1, ie: use serial console. it is need to adjust on hypervisor +variable "grub_serial" { + type = string + default = 1 +} + +# which kind of datasource should be used +# nocloud_configdrive => use this as default, will turn on NoCloud, ConfigDrive on cloud-init datasource_list +# blank - don't set default datasource_list +variable "cloud_init_datasource" { + default = "nocloud_configdrive" +} + +locals { + iso_path = "iso/${var.vm_name}-build2.qcow2" # not used at all since qemuargs -drive override it + output_dir = "output/vyos-image2/${regex_replace(timestamp(), "[: ]", "-")}" +} + +source "qemu" "vyos" { + boot_command = [ + "<wait2s><enter>", + "<wait${var.sleep_after_grub}s>", + "${var.ssh_username}<enter><wait>", + "${var.ssh_password}<enter><wait>", + "configure<enter><wait>", + "set interfaces ethernet eth0 address 'dhcp'<enter><wait>", + "set system name-server '8.8.8.8'<enter><wait>", + "set service ssh port '22'<enter><wait>", + "commit<enter><wait>", + "save<enter><wait>", + "exit<enter><wait10s>", # wait 10 seconds before reboot (dev purposes) + ] + + accelerator = "kvm" + + iso_checksum = var.iso_checksum + iso_url = local.iso_path # not used at all since qemuargs -drive override it + + boot_wait = var.boot_wait + + http_directory = "http" + + shutdown_command = "sleep ${var.sleep_before_shutdown}; sudo shutdown -P now" + + communicator = "ssh" + + host_port_min = var.host_port_min + host_port_max = var.host_port_max + + ssh_username = var.ssh_username + ssh_password = var.ssh_password + + ssh_timeout = "30m" + + memory = var.memsize + cpus = var.numvcpus + disk_size = var.disk_size + + vnc_port_min = var.vnc_port_min + vnc_port_max = var.vnc_port_max + + headless = var.headless + + output_directory = "${local.output_dir}" + + net_device = "virtio-net" + disk_interface = "virtio" + + qemuargs = [ + ["-m", "2048"], + ["-smp", "4"], + ["-cpu", "host"], + ["-netdev", "user,id=user.0,", "hostfwd=tcp::{{ .SSHHostPort }}-:22"], + ["-device", "virtio-net,netdev=user.0"], + #["-drive", "file=iso/${var.vm_name}.qcow2,if=virtio,cache=writeback,discard=ignore,format=qcow2"] + #["-drive", "file=iso/${var.vm_name}.qcow2,if=none,id=drive-virtio0,format=qcow2,cache=writeback,aio=io_uring,detect-zeroes=on"] + ["-drive", "file=iso/${var.vm_name}-build2.qcow2,if=virtio,cache=writeback,format=qcow2,aio=io_uring,detect-zeroes=on"] + ] +} + +build { + name = "vyos" + + source "source.qemu.vyos" { + name = "vyos_qemu_qcow2" + vm_name = "${var.vm_name}-${source.name}.qcow2" + format = "qcow2" + } + + provisioner "shell-local" { + inline = [ + "mkdir -p ${local.output_dir}" + ] + } + + # preparing provisioner + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/init.sh", + ] + } + + # prepare os - general customizations here + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/osprep.sh", + ] + } + + # configure vyos + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/configure.sh", + ] + } + + # installing apt repos and custom packages + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' CLOUD_INIT='${var.cloud_init}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/apt-repo-debian.sh", + "scripts/vyos/apt-repo-vyos.sh", + "scripts/vyos/apt-install.sh", + ] + } + + # preparing cloud-init + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' CLOUD_INIT='${var.cloud_init}' CLOUD_INIT_DATASOURCE='${var.cloud_init_datasource}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/cloud-init-debian.sh", + "scripts/vyos/cloud-init-vyos.sh", + "scripts/vyos/cloud-init-datasource.sh", + ] + } + + # if PLATFORM=qemu will install qemu packages + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' PLATFORM='${var.platform}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/platform-qemu.sh" + ] + } + + # if grub_serial=1 change grub default to serial + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' GRUB_SERIAL='${var.grub_serial}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/grub-serial.sh" + ] + } + + # image cleanup + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/cleanup-vyos-configure.sh", + "scripts/vyos/cleanup.sh", + ] + } + + # copy qcow2 to final destination + post-processors { + post-processor "shell-local" { + inline = [ + "cp 'iso/${var.vm_name}-build2.qcow2' iso/${var.vm_name}.img", + "cd iso/ && sha256sum ${var.vm_name}.img > ${var.vm_name}.img.checksum && cd ../" , + "cat iso/*.checksum > iso/SHA256SUM", + "rm -rf '${local.output_dir}'" + ] + } + } +}
\ No newline at end of file diff --git a/vyos-image2-1.5.pkr.hcl b/vyos-image2-1.5.pkr.hcl new file mode 100644 index 0000000..70c81f8 --- /dev/null +++ b/vyos-image2-1.5.pkr.hcl @@ -0,0 +1,270 @@ +packer { + required_plugins { + qemu = { + version = "~> 1" + source = "github.com/hashicorp/qemu" + } + } +} + + +# dont edit those vars below, customize in local.auto.pkrvars.hcl using local.example.pkrvars.hcl +variable "vm_name" { + default = "vyos-image-1.3.6" +} + +variable "numvcpus" { + default = "4" +} + +variable "memsize" { + default = "2048" +} + +variable "disk_size" { + default = "1024" +} + +variable "iso_checksum" { + default = "file:iso/SHA256SUM" +} + +variable "ssh_username" { + default = "vyos" +} + +variable "ssh_password" { + default = "vyos" +} + +variable "boot_wait" { + default = "5s" +} + +# - qemu: will build qcow2 image +# - none: not supported +variable "platform" { + type = string + default = "qemu" +} + +# cloud-init values: +# debian - will install/replace cloud-init packages +# vyos - will keep cloud-init packages from vyos +variable "cloud_init" { + type = string + default = "vyos" +} + +# equuleus: debian 11 (branch 1.3.*) +# sagitta: debian 12 (branch 1.4.*) +# circinus: debian 12 (branch 1.5.*) +# current: debian 12 (branch 1.5.*) +variable "vyos_release" { + default = "circinus" +} + +# build will fail if headless is false, only use headless false if you prepared X11/vnc setup +variable "headless" { + default = true +} + +variable "host_port_min" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 2222 +} +variable "host_port_max" { + default = env("HOST_PORT_FIXED") != "" ? env("HOST_PORT_FIXED") : 4444 +} + +variable "vnc_port_min" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 5900 +} +variable "vnc_port_max" { + default = env("VNC_PORT_FIXED") != "" ? env("VNC_PORT_FIXED") : 6000 +} + +variable "sleep_before_shutdown" { + default = env("SLEEP_BEFORE_SHUTDOWN") != "" ? env("SLEEP_BEFORE_SHUTDOWN") : 0 +} + +# this is actually boot time between grub and user login. Need to be increased if your system in heavy load. A wait time too long will increase build time. +variable "sleep_after_grub" { + default = "45" # in seconds +} + +# set grub_serial=1 to turn grub default=1, ie: use serial console. it is need to adjust on hypervisor +variable "grub_serial" { + type = string + default = 1 +} + +# which kind of datasource should be used +# nocloud_configdrive => use this as default, will turn on NoCloud, ConfigDrive on cloud-init datasource_list +# blank - don't set default datasource_list +variable "cloud_init_datasource" { + default = "nocloud_configdrive" +} + +locals { + iso_path = "iso/${var.vm_name}-build2.qcow2" # not used at all since qemuargs -drive override it + output_dir = "output/vyos-image2/${regex_replace(timestamp(), "[: ]", "-")}" +} + +source "qemu" "vyos" { + boot_command = [ + "<wait2s><enter>", + "<wait${var.sleep_after_grub}s>", + "${var.ssh_username}<enter><wait>", + "${var.ssh_password}<enter><wait>", + "configure<enter><wait>", + "set interfaces ethernet eth0 address 'dhcp'<enter><wait>", + "set system name-server '8.8.8.8'<enter><wait>", + "set service ssh port '22'<enter><wait>", + "commit<enter><wait>", + "save<enter><wait>", + "exit<enter><wait10s>", # wait 10 seconds before reboot (dev purposes) + ] + + accelerator = "kvm" + + iso_checksum = var.iso_checksum + iso_url = local.iso_path # not used at all since qemuargs -drive override it + + boot_wait = var.boot_wait + + http_directory = "http" + + shutdown_command = "sleep ${var.sleep_before_shutdown}; sudo shutdown -P now" + + communicator = "ssh" + + host_port_min = var.host_port_min + host_port_max = var.host_port_max + + ssh_username = var.ssh_username + ssh_password = var.ssh_password + + ssh_timeout = "30m" + + memory = var.memsize + cpus = var.numvcpus + disk_size = var.disk_size + + vnc_port_min = var.vnc_port_min + vnc_port_max = var.vnc_port_max + + headless = var.headless + + output_directory = "${local.output_dir}" + + net_device = "virtio-net" + disk_interface = "virtio" + + qemuargs = [ + ["-m", "2048"], + ["-smp", "4"], + ["-cpu", "host"], + ["-netdev", "user,id=user.0,", "hostfwd=tcp::{{ .SSHHostPort }}-:22"], + ["-device", "virtio-net,netdev=user.0"], + #["-drive", "file=iso/${var.vm_name}.qcow2,if=virtio,cache=writeback,discard=ignore,format=qcow2"] + #["-drive", "file=iso/${var.vm_name}.qcow2,if=none,id=drive-virtio0,format=qcow2,cache=writeback,aio=io_uring,detect-zeroes=on"] + ["-drive", "file=iso/${var.vm_name}-build2.qcow2,if=virtio,cache=writeback,format=qcow2,aio=io_uring,detect-zeroes=on"] + ] +} + +build { + name = "vyos" + + source "source.qemu.vyos" { + name = "vyos_qemu_qcow2" + vm_name = "${var.vm_name}-${source.name}.qcow2" + format = "qcow2" + } + + provisioner "shell-local" { + inline = [ + "mkdir -p ${local.output_dir}" + ] + } + + # preparing provisioner + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/init.sh", + ] + } + + # prepare os - general customizations here + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/osprep.sh", + ] + } + + # configure vyos + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/configure.sh", + ] + } + + # installing apt repos and custom packages + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' CLOUD_INIT='${var.cloud_init}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/apt-repo-debian.sh", + "scripts/vyos/apt-repo-vyos.sh", + "scripts/vyos/apt-install.sh", + ] + } + + # preparing cloud-init + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' CLOUD_INIT='${var.cloud_init}' CLOUD_INIT_DATASOURCE='${var.cloud_init_datasource}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/cloud-init-debian.sh", + "scripts/vyos/cloud-init-vyos.sh", + "scripts/vyos/cloud-init-datasource.sh", + ] + } + + # if PLATFORM=qemu will install qemu packages + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' PLATFORM='${var.platform}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/platform-qemu.sh" + ] + } + + # if grub_serial=1 change grub default to serial + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' GRUB_SERIAL='${var.grub_serial}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/grub-serial.sh" + ] + } + + # image cleanup + provisioner "shell" { + execute_command = "VYOS_RELEASE='${var.vyos_release}' {{ .Vars }} sudo -E bash '{{ .Path }}'" + scripts = [ + "scripts/vyos/cleanup-vyos-configure.sh", + "scripts/vyos/cleanup.sh", + ] + } + + # copy qcow2 to final destination + post-processors { + post-processor "shell-local" { + inline = [ + "cp 'iso/${var.vm_name}-build2.qcow2' iso/${var.vm_name}.img", + "cd iso/ && sha256sum ${var.vm_name}.img > ${var.vm_name}.img.checksum && cd ../" , + "cat iso/*.checksum > iso/SHA256SUM", + "rm -rf '${local.output_dir}'" + ] + } + } +}
\ No newline at end of file diff --git a/vyos.pkrvars.hcl b/vyos.pkrvars.hcl new file mode 100644 index 0000000..91bdb2a --- /dev/null +++ b/vyos.pkrvars.hcl @@ -0,0 +1,55 @@ + +# vars: +# - .env building vars: control building process +# - vyos.pkrvars.hcl image vars: define image parameters - git default +# - local.pkrvars.hcl image vars: define image parameters - clone vyos.pkrvars.hcl to override it locally + + + +ssh_username = "vyos" +ssh_password = "vyos" + +vm_name = "vyos-1.3.6" + +# platform = "none" # will not install any specific platform +# - qemu will install qemu-guest-agent +platform = "qemu" + +# cloud-init values: +# debian - will install/replace cloud-init packages +# vyos - will keep cloud-init packages from vyos +# comment - don't install cloud-init at all +cloud_init = "debian" + +# which kind of datasource should be used +# nocloud_configdrive => use this as default, will turn on NoCloud, ConfigDrive on cloud-init datasource_list +# blank - don't set default datasource_list +cloud_init_datasource = "nocloud_configdrive" + +# Set grub_serial=1 to turn grub default=1, ie: use serial console. it is need to adjust on hypervisor +# +# for proxmox: +# qm set 9000 --serial0 socket --vga serial0 +grub_serial = 1 + +# equuleus: debian 11 (branch 1.3.*) +# sagitta: debian 12 (branch 1.4.*) +# circinus: debian 12 (branch 1.5.*) +# current: debian 12 (branch 1.5.*) +vyos_release = "equuleus" + +# false will start vnc for console +headless = false + +# in MB (10GB x 1024 = 10240, minimum 2048) +disk_size = 2048 + + + +# todo: +# - disable/enable ssh +# - disable/enable dhcp +# - set interface/gateway +# - keep vyos/vyos user/password or customize it +# - customize to install any other agent or package as needed like +# extra_packages = []
\ No newline at end of file |