diff --git a/README.md b/README.md index 1ee6654..3dd71ce 100644 --- a/README.md +++ b/README.md @@ -18,9 +18,6 @@ Still some mad regexp about how to the find the connected tap(4) interface If you find something, please use ``make vmb'' and include the log. -## ports(7) -A ports Makefile is under development and might pop up with 6.7 latest. - # Remarks This is heavily based on https://github.com/m110/packer-builder-hcloud and https://github.com/prep/packer-builder-vmm diff --git a/builder/openbsd-vmm/config.go b/builder/openbsd-vmm/config.go index 1c1c0ef..18f3029 100644 --- a/builder/openbsd-vmm/config.go +++ b/builder/openbsd-vmm/config.go @@ -15,8 +15,8 @@ import ( ) const ( - _DISK_QCOW2 = "qcow2" - _DISK_RAW = "raw" + _DISK_QCOW2 = "qcow2" + _DISK_RAW = "raw" _GENFILES_DEFAULT_EXT = "pkr.in" ) @@ -30,7 +30,6 @@ type Config struct { VMName string `mapstructure:"vm_name" required:"true"` VMTemplate string `mapstructure:"vm_template" required:"true"` // vmctl -t - Console bool `mapstructure:"console"` // vmctl -c BootDevice string `mapstructure:"boot_device"` // vmctl -B Boot string `mapstructure:"boot"` // vmctl -b CdRom string `mapstructure:"cdrom"` // vmctl -r @@ -44,7 +43,7 @@ type Config struct { UserData string `mapstructure:"user_data"` GenFilesExtension string `mapstructure:"gen_files_extension"` - GenFilesPattern string `mapstructure:"gen_files_pattern"` + GenFilesPattern string `mapstructure:"gen_files_pattern"` ctx interpolate.Context } diff --git a/builder/openbsd-vmm/config.hcl2spec.go b/builder/openbsd-vmm/config.hcl2spec.go index be759c4..3db0db8 100644 --- a/builder/openbsd-vmm/config.hcl2spec.go +++ b/builder/openbsd-vmm/config.hcl2spec.go @@ -67,7 +67,6 @@ type FlatConfig struct { WinRMUseNTLM *bool `mapstructure:"winrm_use_ntlm" cty:"winrm_use_ntlm"` VMName *string `mapstructure:"vm_name" required:"true" cty:"vm_name"` VMTemplate *string `mapstructure:"vm_template" required:"true" cty:"vm_template"` - Console *bool `mapstructure:"console" cty:"console"` BootDevice *string `mapstructure:"boot_device" cty:"boot_device"` Boot *string `mapstructure:"boot" cty:"boot"` CdRom *string `mapstructure:"cdrom" cty:"cdrom"` @@ -152,7 +151,6 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec { "winrm_use_ntlm": &hcldec.AttrSpec{Name: "winrm_use_ntlm", Type: cty.Bool, Required: false}, "vm_name": &hcldec.AttrSpec{Name: "vm_name", Type: cty.String, Required: false}, "vm_template": &hcldec.AttrSpec{Name: "vm_template", Type: cty.String, Required: false}, - "console": &hcldec.AttrSpec{Name: "console", Type: cty.Bool, Required: false}, "boot_device": &hcldec.AttrSpec{Name: "boot_device", Type: cty.String, Required: false}, "boot": &hcldec.AttrSpec{Name: "boot", Type: cty.String, Required: false}, "cdrom": &hcldec.AttrSpec{Name: "cdrom", Type: cty.String, Required: false}, diff --git a/builder/openbsd-vmm/step_gen_files.go b/builder/openbsd-vmm/step_gen_files.go index d0726f4..3ec3e28 100644 --- a/builder/openbsd-vmm/step_gen_files.go +++ b/builder/openbsd-vmm/step_gen_files.go @@ -68,7 +68,7 @@ func (step *stepGenFiles) Run(ctx context.Context, state multistep.StateBag) mul return nil } - matched, err := filepath.Match(GenFilesPattern + "*." + GenFilesExtension, fileinfo.Name()) + matched, err := filepath.Match(GenFilesPattern+"*."+GenFilesExtension, fileinfo.Name()) if matched { lines, err := scanLines(path) @@ -77,7 +77,7 @@ func (step *stepGenFiles) Run(ctx context.Context, state multistep.StateBag) mul return err } - newfile, err := os.OpenFile(strings.TrimSuffix(path, "." + GenFilesExtension), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600) + newfile, err := os.OpenFile(strings.TrimSuffix(path, "."+GenFilesExtension), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600) if err != nil { state.Put("error", fmt.Errorf("Error writing output file: %s", err)) return err diff --git a/docroot/packer-auto_install-http.conf b/docroot/packer-auto_install-http.conf deleted file mode 100644 index 8e701aa..0000000 --- a/docroot/packer-auto_install-http.conf +++ /dev/null @@ -1,12 +0,0 @@ -keyboard layout = us -Password for root = vagrant -ntpd = yes -X Window System = no -Allow root ssh = yes -Use (W)hole disk = W -Location of sets = http -# cdn.openbsd.org -HTTP Server = 2 -Set = -x* -Continue without verification = yes -timezone = Europe/Berlin diff --git a/docroot/packer-auto_install-iso.conf b/docroot/packer-auto_install-iso.conf deleted file mode 100644 index ee9c06b..0000000 --- a/docroot/packer-auto_install-iso.conf +++ /dev/null @@ -1,10 +0,0 @@ -keyboard layout = us -Password for root = vagrant -ntpd = yes -X Window System = no -Allow root ssh = yes -Use (W)hole disk = W -Location of sets = cd0 -Set = -x* -Continue without verification = yes -timezone = Europe/Berlin diff --git a/examples/Makefile.ports b/examples/Makefile.ports deleted file mode 100644 index 0cd0ead..0000000 --- a/examples/Makefile.ports +++ /dev/null @@ -1,40 +0,0 @@ -# $OpenBSD$ - -COMMENT= packer-builder-openbsd-vmm - -GH_ACCOUNT= double-p -GH_PROJECT= packer-builder-openbsd-vmm -GH_COMMIT= 04f261659d2583393835fd904383dde6b134f049 -DISTNAME= packer-builder-openbsd-vmm-0.0.20191130 - -MODGO_GHMOD= hashicorp packer v1.4.0 \ - mitchellh go-homedir v1.0.0 \ - pkg errors v0.8.1 - -DISTFILES= packer-builder-openbsd-vmm-{}${GH_COMMIT}.tar.gz - -.for _a _p _c in ${MODGO_GHMOD} -DISTFILES+= ${_p}-{${_a}/${_p}/archive/}${_c}.tar.gz:0 -.endfor - -CATEGORIES= sysutils - -# BSD -PERMIT_PACKAGE= Yes -PERMIT_PACKAGE_CDROM= Yes - -WANTLIB= c pthread - -MASTER_SITES0= https://github.com/ - -MODULES= lang/go -MODGO_TYPE= bin -NO_TEST= Yes - -post-extract: -.for _a _p _c in ${MODGO_GHMOD} - mkdir -p ${WRKDIR}/go/src/github.com/${_a} - mv ${WRKDIR}/${_p}-${_c:S/v//} ${WRKDIR}/go/src/github.com/${_a}/${_p} -.endfor - -.include diff --git a/examples/README.examples b/examples/README.examples new file mode 100644 index 0000000..07046e0 --- /dev/null +++ b/examples/README.examples @@ -0,0 +1,47 @@ +To test/use example templates located in packer folder: + +1. Configure vmd(8), httpd(8), unbound(8) and pf(4) appropriately. + +DNS queries from VMs are redirected using pf(4) to host's unbound(8) which also +serves serves "local." DNS zone. Host's httpd(8) serves OpenBSD installation +files and packages and is available for VMs as at http://openbsd.local. + +Both httpd(8) and unbound(8) are configured to listen on vether0 (100.64.0.1/10). + +Packer dynamically creates VM instances using parent VM template defined in +vm.conf(5). Example templates use VM "generic" as parent VM template and +"packer_user" as template owner and packer builder account, change it to your +preference. + +2. Create directories for ISO images, packer templates, logs and output: + + # mkdir /home/_vmd/_iso + # chown -R packer_user /home/_vmd + + $ mkdir -p ~/.config/packer + $ mkdir -p ~/.log/packer + +and set your environment, see packer.env.sample + +3. Download/copy/check required ISO images and installation files to configured +locations. + +4. Copy Packer templates to $PACKER_CONFIG_DIR: + + $ cp -R packer/* $PACKER_CONFIG_DIR + +5. Check templates configuration, change vars where necessary (paths, ssh_user, +etc). Note that common vars are defined/set in $PACKER_CONFIG_DIR/*.hcl files +and symlinked from each template direcrory. OS/build-specific variables are set +in template's pkr.hcl config. + +6. Check/edit _http/* autoinstall templates; copy your authorized_keys file +to $PACKER_CONFIG_DIR/_http. + +7. Run packer: + + $ cd $PACKER_CONFIG_DIR + $ packer build alpine-base + $ packer build centos-base + $ packer build openbsd-base + $ packer build openbsd-dev diff --git a/examples/etc/hostname.vether0.sample b/examples/etc/hostname.vether0.sample new file mode 100644 index 0000000..433aad1 --- /dev/null +++ b/examples/etc/hostname.vether0.sample @@ -0,0 +1,2 @@ +inet 100.64.0.1 255.192.0.0 NONE +!ifconfig bridge0 add \$if up diff --git a/examples/etc/httpd.conf.sample b/examples/etc/httpd.conf.sample new file mode 100644 index 0000000..b8315d8 --- /dev/null +++ b/examples/etc/httpd.conf.sample @@ -0,0 +1,10 @@ +server "openbsd.local" { + listen on vether0 port www + log style combined + root "/htdocs/openbsd" + location "/snapshots/amd64/" { directory auto index } + location "/snapshots/packages/amd64/all/" { directory auto index } + location "/snapshots/amd64/SHA256.sig" { no log } +} + +types { include "/usr/share/misc/mime.types" } diff --git a/examples/etc/pf.conf.sample b/examples/etc/pf.conf.sample new file mode 100644 index 0000000..88e7535 --- /dev/null +++ b/examples/etc/pf.conf.sample @@ -0,0 +1,12 @@ +vmd_local_prefix = "100.64.0.0/10" +vmd_dns = "100.64.0.1" + +set skip on vether0 + +match out on egress inet from $vmd_local_prefix to any nat-to (egress:0) + +pass in quick on tap inet proto tcp from $vmd_local_prefix to any port domain rdr-to $vmd_dns port domain +pass in quick on tap inet proto udp from $vmd_local_prefix to any port domain rdr-to $vmd_dns port domain +pass out + +block in log diff --git a/examples/etc/unbound/unbound.conf b/examples/etc/unbound/unbound.conf new file mode 100644 index 0000000..a8137a3 --- /dev/null +++ b/examples/etc/unbound/unbound.conf @@ -0,0 +1,76 @@ +# $OpenBSD: unbound.conf,v 1.19 2019/11/07 15:46:37 sthen Exp $ + +server: + #interface: 127.0.0.1 + #interface: 127.0.0.1@5353 # listen on alternative port + #interface: ::1 + #do-ip6: no + + # override the default "any" address to send queries; if multiple + # addresses are available, they are used randomly to counter spoofing + #outgoing-interface: 192.0.2.1 + #outgoing-interface: 2001:db8::53 + + access-control: 0.0.0.0/0 refuse + access-control: 127.0.0.0/8 allow + access-control: ::0/0 refuse + access-control: ::1 allow + + hide-identity: yes + hide-version: yes + + # Perform DNSSEC validation. Comment out the below option to disable. + # + auto-trust-anchor-file: "/var/unbound/db/root.key" + val-log-level: 2 + + # Uncomment to synthesize NXDOMAINs from DNSSEC NSEC chains + # https://tools.ietf.org/html/rfc8198 + # + aggressive-nsec: yes + + include: "/var/unbound/etc/unbound.conf.local" + + # Serve zones authoritatively from Unbound to resolver clients. + # Not for external service. + # + #local-zone: "local." static + #local-data: "mycomputer.local. IN A 192.0.2.51" + #local-zone: "2.0.192.in-addr.arpa." static + #local-data-ptr: "192.0.2.51 mycomputer.local" + + # UDP EDNS reassembly buffer advertised to peers. Default 4096. + # May need lowering on broken networks with fragmentation/MTU issues, + # particularly if validating DNSSEC. + # + #edns-buffer-size: 1480 + + # Use TCP for "forward-zone" requests. Useful if you are making + # DNS requests over an SSH port forwarding. + # + #tcp-upstream: yes + + # CA Certificates used for forward-tls-upstream (RFC7858) hostname + # verification. Since it's outside the chroot it is only loaded at + # startup and thus cannot be changed via a reload. + #tls-cert-bundle: "/etc/ssl/cert.pem" + +remote-control: + control-enable: yes + control-interface: /var/run/unbound.sock + +# Use an upstream forwarder (recursive resolver) for some or all zones. +# +#forward-zone: +# name: "." # use for ALL queries +# forward-addr: 192.0.2.53 # example address only +# forward-first: yes # try direct if forwarder fails + +# Use an upstream DNS-over-TLS forwarder and do not fall back to cleartext +# if that fails. +#forward-zone: +# name: "." +# forward-tls-upstream: yes # use DNS-over-TLS forwarder +# forward-first: no # do NOT send direct +# # the hostname after "#" is not a comment, it is used for TLS checks: +# forward-addr: 192.0.2.53@853#resolver.hostname.example diff --git a/examples/etc/unbound/unbound.conf.local b/examples/etc/unbound/unbound.conf.local new file mode 100644 index 0000000..387d3aa --- /dev/null +++ b/examples/etc/unbound/unbound.conf.local @@ -0,0 +1,14 @@ +interface: 100.64.0.1 +access-control: 100.64.0.0/10 allow + +private-address: 10.0.0.0/8 +private-address: 100.64.0.0/10 +private-address: 172.16.0.0/12 +private-address: 192.168.0.0/16 +private-address: 169.254.0.0/16 +private-address: fd00::/8 +private-address: fe80::/10 + +private-domain: "local" +local-zone: "local." static +include: "/var/unbound/etc/zone.local" diff --git a/examples/etc/unbound/zone.local b/examples/etc/unbound/zone.local new file mode 100644 index 0000000..d93fce4 --- /dev/null +++ b/examples/etc/unbound/zone.local @@ -0,0 +1,2 @@ +local-data: "openbsd.local. IN A 100.64.0.1" +local-data: "dev.local. IN A 100.64.0.100" diff --git a/examples/etc/vm.conf.sample b/examples/etc/vm.conf.sample new file mode 100644 index 0000000..b8e301e --- /dev/null +++ b/examples/etc/vm.conf.sample @@ -0,0 +1,18 @@ +switch "local" { + interface bridge0 +} + +vm generic { + disable + owner packer_user + allow instance { boot, cdrom, disk, instance, interface, memory } + memory 1G + disk /dev/null +} + +#vm generic instance dev { +# disable +# memory 4G +# disk /home/_vmd/openbsd-dev.qcow2 +# interface tap { switch "local" } +#} diff --git a/examples/openbsd-nonauto.json b/examples/openbsd-nonauto.json deleted file mode 100644 index 74779f4..0000000 --- a/examples/openbsd-nonauto.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "builders": [ - { - "type": "openbsd-vmm", - "vm_name": "VMnameinput", - "name": "packer-obsd64-vmm-amd64", - "disk_size": "1500M", - "disk_format": "raw", - "output_directory": "tempbuilds", - "image_name": "OpenBSD-VMM-image", - "http_directory": ".", - "boot_image": "/bsd.rd", - "boot_wait": "5s", - "boot_command": [ - "S", - "# HELLO AsiaBSDCon", - "dhclient vio0", - "ftp -o install.conf http://{{ .HTTPIP }}:{{ .HTTPPort }}/" - ], - "ssh_username": "root", - "iso_url": "file:///Users/pbuehler/Software/ISOs/install59.iso", - "iso_checksum": "685262fc665425c61a2952b2820389a2d331ac5558217080e6d564d2ce88eecb", - "iso_checksum_type": "sha256" - } - ] -} diff --git a/examples/openbsd.json b/examples/openbsd.json deleted file mode 100644 index 644b8b0..0000000 --- a/examples/openbsd.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "builders": [ - { - "type": "openbsd-vmm", - "vm_name": "openbsd", - "vm_template": "generic", - "disk_format": "qcow2", - "disk_size": "20G", - "boot": "/var/www/htdocs/openbsd/snapshots/amd64/bsd.rd", - "log_directory": "/home/packer_user/.log/packer", - "output_directory": "/home/packer_user/.local/share/packer", - "boot_wait": "15s", - "boot_command": [ - "http://{{ .HTTPIP }}:{{ .HTTPPort }}/packer-auto_install-iso.conf", - "I" - ], - "ssh_username": "root" - } - ] -} diff --git a/examples/openbsd.pkr.hcl b/examples/openbsd.pkr.hcl deleted file mode 100644 index 6e20966..0000000 --- a/examples/openbsd.pkr.hcl +++ /dev/null @@ -1,43 +0,0 @@ -variable "log_directory" { default = "/home/packer_user/.log/packer" } -variable "output_directory" { default = "/home/packer_user/.local/share/packer" } -variable "http_directory" { default = "/home/packer_user/.config/packer/autoinstall" } -variable "vm_template" { default = "generic" } -variable "disk_format" { default = "qcow2" } -variable "boot_device" { default = "net" } -variable "boot" { default = "/var/www/htdocs/openbsd.tristero.se/snapshots/amd64/bsd.rd" } -variable "boot_wait" { default = "10s" } -variable "ssh_username" { default = "packer_user" } -variable "ssh_agent_auth" { default = "true" } -variable "trusted_pkg_path" { default = "http://192.168.255.1/pub/OpenBSD/%c/packages/%a/all" } -variable "shutdown_command" { default = "doas /sbin/halt -p" } - -source "openbsd-vmm" "openbsd" { - vm_name = "openbsd" - vm_template = "${var.vm_template}" - memory = "2G" - disk_size = "20G" - disk_format = "${var.disk_format}" - boot_device = "${var.boot_device}" - boot = "${var.boot}" - boot_wait = "${var.boot_wait}" - boot_command = [ - "http://{{ .HTTPIP }}:{{ .HTTPPort }}/autoinstall", - "I" - ] - log_directory = "${var.log_directory}" - output_directory = "${var.output_directory}" - http_directory = "${var.http_directory}" - ssh_username = "${var.ssh_username}" - ssh_agent_auth = "${var.ssh_agent_auth}" - communicator = "ssh" - shutdown_command = "${var.shutdown_command}" -} - -build { - sources = [ "source.openbsd-vmm.openbsd" ] - #provisioner "breakpoint" { note = "Debug" } - provisioner "shell" { inline = [ - "sleep 300", - "env TRUSTED_PKG_PATH='${var.trusted_pkg_path}' doas pkg_add unzip" - ]} -} diff --git a/examples/packer.env.sample b/examples/packer.env.sample new file mode 100644 index 0000000..edee794 --- /dev/null +++ b/examples/packer.env.sample @@ -0,0 +1,11 @@ +XDG_CACHE_HOME=$HOME/.cache +XDG_CONFIG_HOME=$HOME/.config +export XDG_CACHE_HOME XDG_CONFIG_HOME + +CHECKPOINT_DISABLE=1 +PACKER_CACHE_DIR=$XDG_CACHE_HOME/packer +PACKER_CONFIG_DIR=$XDG_CONFIG_HOME/packer +PACKER_LOG=1 +PACKER_LOG_PATH=~/.log/packer.log +PACKER_NO_COLOR=1 +export CHECKPOINT_DISABLE PACKER_CACHE_DIR PACKER_CONFIG_DIR PACKER_LOG PACKER_LOG_PATH PACKER_NO_COLOR diff --git a/examples/packer/_http/.gitignore b/examples/packer/_http/.gitignore new file mode 100644 index 0000000..0f4fdd6 --- /dev/null +++ b/examples/packer/_http/.gitignore @@ -0,0 +1 @@ +*.autoinstall diff --git a/examples/packer/_http/alpine.autoinstall.pkr.in b/examples/packer/_http/alpine.autoinstall.pkr.in new file mode 100644 index 0000000..c809fb7 --- /dev/null +++ b/examples/packer/_http/alpine.autoinstall.pkr.in @@ -0,0 +1,32 @@ +# Use US layout with US variant +KEYMAPOPTS="us us" + +# Set hostname to {{ .VMName }} +HOSTNAMEOPTS="-n {{ .VMName }}" + +# Contents of /etc/network/interfaces +INTERFACESOPTS="auto lo +iface lo inet loopback + +auto eth0 +iface eth0 inet dhcp + hostname {{ .VMName }} +" + +# Set timezone to UTC +TIMEZONEOPTS="-z Europe/Moscow" + +# set http/ftp proxy +PROXYOPTS="none" + +# Use dl-cdn.alpinelinux.org +APKREPOSOPTS="-1" + +# Install Openssh +SSHDOPTS="-c openssh" + +# Use chrony +NTPOPTS="-c chrony" + +# Use /dev/vda as system disk, disable swap +DISKOPTS="-s 0 -m sys /dev/vda" diff --git a/examples/packer/_http/centos.autoinstall.pkr.in b/examples/packer/_http/centos.autoinstall.pkr.in new file mode 100644 index 0000000..85a7c42 --- /dev/null +++ b/examples/packer/_http/centos.autoinstall.pkr.in @@ -0,0 +1,78 @@ +text +skipx +cdrom + +lang en_US.UTF-8 +keyboard us +timezone Europe/Moscow --utc + +network --hostname={{ .VMName }} --onboot yes --bootproto dhcp --noipv6 --activate +firewall --enabled --service=ssh + +zerombr +clearpart --all --initlabel +autopart --type=lvm +bootloader --append="console=ttyS0,115200 no_timer_check net.ifnames=0" --location=mbr + +auth --enableshadow --passalgo=sha512 --kickstart +rootpw packer +user --name=p --uid 1001 --gid 1001 --groups=wheel --plaintext --password packer + +selinux --permissive +services --disabled=kdump --enabled=chronyd,rsyslog,sshd + +firstboot --disabled +reboot + +%post --erroronfail +dnf clean all +dnf update -y +sed -i /^HWADDR=.*/d /etc/sysconfig/network-scripts/ifcfg-eth0 +mkdir -m 700 /root/.ssh +curl http://{{ .HTTPIP }}:{{ .HTTPPort }}/authorized_keys -o /root/.ssh/authorized_keys +chmod 600 /root/.ssh/authorized_keys +restorecon -R /root/.ssh/ +%end + +%packages --excludedocs +@core +NetworkManager +chrony +curl +dnf-utils +dracut-config-generic +firewalld +grub2 +kernel +net-tools +openssh-clients +rsync +sudo +tar +vim +wget +-biosdevname +-dracut-config-rescue +-iprutils +-irqbalance +-iwl100-firmware +-iwl1000-firmware +-iwl105-firmware +-iwl135-firmware +-iwl2000-firmware +-iwl2030-firmware +-iwl3160-firmware +-iwl3945-firmware +-iwl4965-firmware +-iwl5000-firmware +-iwl5150-firmware +-iwl6000-firmware +-iwl6000g2a-firmware +-iwl6050-firmware +-iwl7260-firmware +-plymouth +-trousers +%end + +%addon com_redhat_kdump --disable +%end diff --git a/docroot/autoinstall.pkr.in b/examples/packer/_http/openbsd.autoinstall.pkr.in similarity index 69% rename from docroot/autoinstall.pkr.in rename to examples/packer/_http/openbsd.autoinstall.pkr.in index a139e37..fb27dbd 100644 --- a/docroot/autoinstall.pkr.in +++ b/examples/packer/_http/openbsd.autoinstall.pkr.in @@ -1,8 +1,8 @@ -System hostname = {{ .VMName }} +System hostname = openbsd Which network interface do you wish to configure = vio0 IPv4 address for vio0 = dhcp IPv6 address for vio0 = none -DNS domain = tristero.local +DNS domain = local Which network interface do you wish to configure = done IPv6 default router = none Password for root = ************* @@ -10,9 +10,9 @@ X Window System = no Which speed should com0 use = 115200 Allow root ssh login = prohibit-password What timezone are you in = Europe/Moscow -URL to autopartitioning template for disklabel = http://{{ .HTTPIP }}:{{ .HTTPPort }}/{{ .VMName }}.disklabel +URL to autopartitioning template for disklabel = http://{{ .HTTPIP }}:{{ .HTTPPort }}/openbsd_20G.disklabel Location of sets = http -HTTP Server = http://192.168.255.1 -Server directory = pub/OpenBSD/snapshots/amd64/ -Set name(s) = -game* -x* +site* +HTTP Server = http://openbsd.local +Server directory = snapshots/amd64/ +Set name(s) = -game* -x* +xbase* +xshare* +site* Continue without verification = yes diff --git a/docroot/openbsd.disklabel b/examples/packer/_http/openbsd_20G.disklabel similarity index 100% rename from docroot/openbsd.disklabel rename to examples/packer/_http/openbsd_20G.disklabel diff --git a/examples/packer/_vars.auto.pkrvars.hcl b/examples/packer/_vars.auto.pkrvars.hcl new file mode 100644 index 0000000..9e1e15a --- /dev/null +++ b/examples/packer/_vars.auto.pkrvars.hcl @@ -0,0 +1,11 @@ +# default variables for all builds +boot_wait = "10s" +communicator = "ssh" +disk_format = "qcow2" +http_directory = "/home/packer_user/.config/packer/_http" +log_directory = "/home/packer_user/.log/packer" +output_directory = "/home/_vmd" +shutdown_command = "/sbin/halt -p" +ssh_agent_auth = "true" +ssh_username = "root" +vm_template = "generic" diff --git a/examples/packer/_vars.pkr.hcl b/examples/packer/_vars.pkr.hcl new file mode 100644 index 0000000..677c05b --- /dev/null +++ b/examples/packer/_vars.pkr.hcl @@ -0,0 +1,11 @@ +# variable definitions for all builds +variable "boot_wait" { default = "10s" } +variable "communicator" { default = "ssh" } +variable "disk_format" { default = "qcow2" } +variable "http_directory" { default = "/home/packer_user/.config/packer/_http" } +variable "log_directory" { default = "/home/packer_user/.log/packer" } +variable "output_directory" { default = "/home/_vmd" } +variable "shutdown_command" { default = "/sbin/halt -p" } +variable "ssh_agent_auth" { default = "true" } +variable "ssh_username" { default = "root" } +variable "vm_template" { default = "generic" } diff --git a/examples/packer/alpine-base/_vars.auto.pkrvars.hcl b/examples/packer/alpine-base/_vars.auto.pkrvars.hcl new file mode 120000 index 0000000..4bcd0dc --- /dev/null +++ b/examples/packer/alpine-base/_vars.auto.pkrvars.hcl @@ -0,0 +1 @@ +../_vars.auto.pkrvars.hcl \ No newline at end of file diff --git a/examples/packer/alpine-base/_vars.pkr.hcl b/examples/packer/alpine-base/_vars.pkr.hcl new file mode 120000 index 0000000..954702f --- /dev/null +++ b/examples/packer/alpine-base/_vars.pkr.hcl @@ -0,0 +1 @@ +../_vars.pkr.hcl \ No newline at end of file diff --git a/examples/packer/alpine-base/alpine-base.pkr.hcl b/examples/packer/alpine-base/alpine-base.pkr.hcl new file mode 100644 index 0000000..3b9d44f --- /dev/null +++ b/examples/packer/alpine-base/alpine-base.pkr.hcl @@ -0,0 +1,40 @@ +# +source "openbsd-vmm" "alpine-base" { + vm_name = "alpine-base-{{ isotime \"2006-01-02\" }}" + vm_template = var.vm_template + disk_format = var.disk_format + disk_size = "10G" + boot_device = "cdrom" + cdrom = "/home/_vmd/_iso/alpine-virt-3.11.5-x86_64.iso" + boot_wait = var.boot_wait + boot_command = [ + "", + "root", + "ifconfig eth0 up && udhcpc -i eth0", + "wget http://{{ .HTTPIP }}:{{ .HTTPPort }}/alpine.autoinstall", + "wget http://{{ .HTTPIP }}:{{ .HTTPPort }}/authorized_keys", + "setup-alpine -ef alpine.autoinstall", + "y", + "", + "mount /dev/vda2 /mnt", + "mkdir -m 700 /mnt/root/.ssh && cp authorized_keys /mnt/root/.ssh/", + "umount /dev/vda2", + "/sbin/poweroff" + ] + + gen_files_pattern = "alpine" + + communicator = var.communicator + ssh_agent_auth = var.ssh_agent_auth + ssh_username = var.ssh_username + + shutdown_command = "/sbin/poweroff" + + http_directory = var.http_directory + log_directory = var.log_directory + output_directory = var.output_directory +} + +build { + sources = [ "source.openbsd-vmm.alpine-base" ] +} diff --git a/examples/packer/centos-base/_vars.auto.pkrvars.hcl b/examples/packer/centos-base/_vars.auto.pkrvars.hcl new file mode 120000 index 0000000..4bcd0dc --- /dev/null +++ b/examples/packer/centos-base/_vars.auto.pkrvars.hcl @@ -0,0 +1 @@ +../_vars.auto.pkrvars.hcl \ No newline at end of file diff --git a/examples/packer/centos-base/_vars.pkr.hcl b/examples/packer/centos-base/_vars.pkr.hcl new file mode 120000 index 0000000..954702f --- /dev/null +++ b/examples/packer/centos-base/_vars.pkr.hcl @@ -0,0 +1 @@ +../_vars.pkr.hcl \ No newline at end of file diff --git a/examples/packer/centos-base/centos-base.pkr.hcl b/examples/packer/centos-base/centos-base.pkr.hcl new file mode 100644 index 0000000..43a889e --- /dev/null +++ b/examples/packer/centos-base/centos-base.pkr.hcl @@ -0,0 +1,40 @@ +# +source "openbsd-vmm" "centos-base" { + vm_name = "centos-base-{{ isotime \"2006-01-02\" }}" + vm_template = var.vm_template + disk_format = var.disk_format + disk_size = "20G" + boot_device = "cdrom" + cdrom = "/home/_vmd/_iso/CentOS-8.1.1911-x86_64-dvd1.iso" + boot_wait = var.boot_wait + boot_command = [ + "", + "vmlinuz", + " initrd=initrd.img", + " inst.text", + " nomodeset", + " console=ttyS0,115200", + " no_timer_check", + " net.ifnames=0", + " modprobe.blacklist=intel_pmc_core", + " ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/centos.autoinstall", + "" + ] + + gen_files_pattern = "centos" + + communicator = var.communicator + ssh_agent_auth = var.ssh_agent_auth + ssh_timeout = "1h" + ssh_username = var.ssh_username + + shutdown_command = var.shutdown_command + + http_directory = var.http_directory + log_directory = var.log_directory + output_directory = var.output_directory +} + +build { + sources = [ "source.openbsd-vmm.centos-base" ] +} diff --git a/examples/packer/openbsd-base/_vars.auto.pkrvars.hcl b/examples/packer/openbsd-base/_vars.auto.pkrvars.hcl new file mode 120000 index 0000000..4bcd0dc --- /dev/null +++ b/examples/packer/openbsd-base/_vars.auto.pkrvars.hcl @@ -0,0 +1 @@ +../_vars.auto.pkrvars.hcl \ No newline at end of file diff --git a/examples/packer/openbsd-base/_vars.pkr.hcl b/examples/packer/openbsd-base/_vars.pkr.hcl new file mode 120000 index 0000000..954702f --- /dev/null +++ b/examples/packer/openbsd-base/_vars.pkr.hcl @@ -0,0 +1 @@ +../_vars.pkr.hcl \ No newline at end of file diff --git a/examples/packer/openbsd-base/openbsd-base.pkr.hcl b/examples/packer/openbsd-base/openbsd-base.pkr.hcl new file mode 100644 index 0000000..726d9f3 --- /dev/null +++ b/examples/packer/openbsd-base/openbsd-base.pkr.hcl @@ -0,0 +1,34 @@ +# +source "openbsd-vmm" "openbsd-base" { + vm_name = "openbsd-base-{{ isotime \"2006-01-02\" }}" + vm_template = var.vm_template + disk_format = var.disk_format + disk_size = "20G" + boot = "/var/www/htdocs/openbsd/snapshots/amd64/bsd.rd" + boot_device = "net" + boot_wait = var.boot_wait + boot_command = [ + "http://{{ .HTTPIP }}:{{ .HTTPPort }}/openbsd.autoinstall", + "I" + ] + + gen_files_pattern = "openbsd" + + communicator = var.communicator + ssh_agent_auth = var.ssh_agent_auth + ssh_username = "packer" + + shutdown_command = "doas /sbin/halt -p" + + http_directory = var.http_directory + log_directory = var.log_directory + output_directory = var.output_directory +} + +build { + sources = [ "source.openbsd-vmm.openbsd-base" ] + provisioner "shell" { inline = [ + "sleep 180", + "doas su root -c \"echo 'boot -s' >> /etc/boot.conf\"" + ]} +} diff --git a/examples/packer/openbsd-dev/_vars.auto.pkrvars.hcl b/examples/packer/openbsd-dev/_vars.auto.pkrvars.hcl new file mode 120000 index 0000000..4bcd0dc --- /dev/null +++ b/examples/packer/openbsd-dev/_vars.auto.pkrvars.hcl @@ -0,0 +1 @@ +../_vars.auto.pkrvars.hcl \ No newline at end of file diff --git a/examples/packer/openbsd-dev/_vars.pkr.hcl b/examples/packer/openbsd-dev/_vars.pkr.hcl new file mode 120000 index 0000000..954702f --- /dev/null +++ b/examples/packer/openbsd-dev/_vars.pkr.hcl @@ -0,0 +1 @@ +../_vars.pkr.hcl \ No newline at end of file diff --git a/examples/packer/openbsd-dev/openbsd-dev.pkr.hcl b/examples/packer/openbsd-dev/openbsd-dev.pkr.hcl new file mode 100644 index 0000000..55416aa --- /dev/null +++ b/examples/packer/openbsd-dev/openbsd-dev.pkr.hcl @@ -0,0 +1,48 @@ +# +source "openbsd-vmm" "openbsd-dev" { + vm_name = "openbsd-dev" + vm_template = var.vm_template + memory = "2G" + disk_base = "/home/_vmd/openbsd-base-2020-04-19.qcow2" + disk_format = var.disk_format + boot_wait = var.boot_wait + boot_command = [ + "", + "mount -a -t ffs", + "", + "rm /etc/ssh/*key* /etc/iked/private/local.key /etc/iked/local.pub /etc/isakmpd/private/local.key /etc/isakmpd/local.pub /etc/soii.key", + "", + "sed -i /boot/d /etc/boot.conf", + "", + "echo dev.local > /etc/myname", + "", + "halt -p", + "" + ] + + ssh_agent_auth = var.ssh_agent_auth + ssh_username = "packer" + + shutdown_command = "doas /sbin/halt -p" + + http_directory = var.http_directory + log_directory = var.log_directory + output_directory = var.output_directory +} + +build { + sources = [ "source.openbsd-vmm.openbsd-dev" ] + provisioner "shell" { + inline = [ + "env TRUSTED_PKG_PATH='http://openbsd.local/%c/packages/%a/all' doas pkg_add go--", + "touch ~/.hushlogin", + "doas su root -c \"echo 'inet 100.64.0.100 255.192.0.0 NONE' > /etc/hostname.vio0\"", + "doas su root -c \"echo 'nameserver 100.64.0.1' > /etc/resolv.conf\"", + "doas su root -c \"echo 'lookup file bind' >> /etc/resolv.conf\"", + "doas su root -c \"echo 'search local my.domain' >> /etc/resolv.conf\"", + "doas su root -c \"echo '100.64.0.1' > /etc/mygate\"", + "doas rm /etc/resolv.conf.tail", + "doas install -c -o root -g wheel -m 664 /dev/null /etc/motd" + ] + } +} diff --git a/examples/vm.conf.sample b/examples/vm.conf.sample deleted file mode 100644 index dae960e..0000000 --- a/examples/vm.conf.sample +++ /dev/null @@ -1,22 +0,0 @@ -local prefix 192.168.255.128/28 -sets="/var/www/htdocs/openbsd/snapshots/amd64/" -iso="install66.iso" - -switch "local" { - interface bridge0 -} - -vm generic { - disable - owner packer_user - disk /dev/null - cdrom $sets $iso - allow instance { - boot, - cdrom, - disk, - instance, - interface, - memory - } -} diff --git a/go.sum b/go.sum index f9b88d8..57be345 100644 --- a/go.sum +++ b/go.sum @@ -90,6 +90,7 @@ github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7 github.com/exoscale/egoscale v0.18.1/go.mod h1:Z7OOdzzTOz1Q1PjQXumlz9Wn/CddH0zSYdCF3rnBKXE= github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= +github.com/fatih/structtag v1.0.0 h1:pTHj65+u3RKWYPSGaU290FpI/dXxTaHdVwVwbcPKmEc= github.com/fatih/structtag v1.0.0/go.mod h1:IKitwq45uXL/yqi5mYghiD3w9H6eTOvI9vnk8tXMphA= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -449,6 +450,7 @@ golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa h1:5E4dL8+NgFOgjwbTKz+OOEGGhP+ectTmF842l6KjupQ= golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=