diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9c557b2..a5ffd29 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,6 +1,6 @@ variables: - packer_version: "1.9.4" - dind: 24.0-dind + packer_version: "1.10.3" + install_packer: "true" build_alma8: "false" build_alma9: "false" build_rocky8: "false" @@ -9,11 +9,11 @@ variables: build_oracle9: "false" build_ubuntu2004: "false" build_ubuntu2204: "false" + build_ubuntu2404: "false" build_windows2022_std: "false" build_windows2022_dc: "false" build_windows2019_std: "false" build_windows2019_dc: "false" - default: artifacts: expire_in: 4 hour @@ -24,171 +24,125 @@ default: - runner_system_failure - stuck_or_timeout_failure - api_failure + - script_failure stages: - - alma-validate - - rocky-validate - - oracle-validate - - ubuntu-validate - - windows-validate + - validate - install_packer - - alma8-build - - alma9-build - - rocky8-build - - rocky9-build - - oracle8-build - - oracle9-build - - windows2022-build - - windows2019-build - - ubuntu2004-build - - ubuntu2204-build - # - ansible-lint + - build + - alma_build + - rocky_build + - oracle_build + - windows_build + - ubuntu_build -alma8: - stage: alma-validate +.validate: + stage: validate + variables: + ACTION: verify + LOG: 0 script: - pwd - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version almalinux-8.9 -Template rhel -Log 0 + - .\hv_generic.ps1 -Action $ACTION -Version $VERSION -Template $TEMPLATE -Log $LOG tags: - windows - hyperv -alma9: - stage: alma-validate + +.build: + stage: build + variables: + ACTION: build + LOG: 0 script: - pwd - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version almalinux-9.3 -Template rhel -Log 0 + - Get-VM -Name packer-* | Remove-VM -Force -Verbose -ErrorAction SilentlyContinue;$true + - .\hv_generic.ps1 -Action $ACTION -Version $VERSION -Template $TEMPLATE -Log $LOG tags: - windows - hyperv + resource_group: build + +alma8: + variables: + VERSION: almalinux-8.9 + TEMPLATE: rhel + extends: .validate + +alma9: + variables: + VERSION: almalinux-9.4 + TEMPLATE: rhel + extends: .validate + rocky8: - stage: rocky-validate - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version rockylinux-8.9 -Template rhel -Log 0 - tags: - - windows - - hyperv + variables: + VERSION: rockylinux-8.9 + TEMPLATE: rhel + extends: .validate + rocky9: - stage: rocky-validate - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version rockylinux-9.3 -Template rhel -Log 0 - tags: - - windows - - hyperv + variables: + VERSION: rockylinux-9.4 + TEMPLATE: rhel + extends: .validate + oracle8: - stage: oracle-validate - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version oraclelinux-8.9 -Template rhel -Log 0 - tags: - - windows - - hyperv + variables: + VERSION: oraclelinux-8.9 + TEMPLATE: rhel + extends: .validate + oracle9: - stage: oracle-validate - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version oraclelinux-9.3 -Template rhel -Log 0 - tags: - - windows - - hyperv + variables: + VERSION: oraclelinux-9.4 + TEMPLATE: rhel + extends: .validate windows2022std: - stage: windows-validate - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version windows_server_2022_std -Template windows -Log 0 - tags: - - windows - - hyperv + variables: + VERSION: windows_server_2022_std + TEMPLATE: windows + extends: .validate windows2022dc: - stage: windows-validate - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version windows_server_2022_dc -Template windows -Log 0 - tags: - - windows - - hyperv + variables: + VERSION: windows_server_2022_dc + TEMPLATE: windows + extends: .validate windows2019std: - stage: windows-validate - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version windows_server_2019_std -Template windows -Log 0 - tags: - - windows - - hyperv + variables: + VERSION: windows_server_2019_std + TEMPLATE: windows + extends: .validate windows2019dc: - stage: windows-validate - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version windows_server_2019_dc -Template windows -Log 0 - tags: - - windows - - hyperv - + variables: + VERSION: windows_server_2019_dc + TEMPLATE: windows + extends: .validate ubuntu2004: - stage: ubuntu-validate - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version ubuntu-20.04 -Template ubuntu -Log 0 - tags: - - windows - - hyperv + variables: + VERSION: ubuntu-20.04 + TEMPLATE: ubuntu + extends: .validate ubuntu2204: - stage: ubuntu-validate - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action verify -Version ubuntu-22.04 -Template ubuntu -Log 0 - tags: - - windows - - hyperv + variables: + VERSION: ubuntu-22.04 + TEMPLATE: ubuntu + extends: .validate + +ubuntu2404: + variables: + VERSION: ubuntu-24.04 + TEMPLATE: ubuntu + extends: .validate -# ansible-lint: -# stage: ansible-lint -# image: ${PIPELINE_IMAGE}:${PIPELINE_IMAGE_TAG} -# allow_failure: true -# services: -# - docker:$dind -# before_script: -# - yamllint --version -# - ansible-lint --version -# script: -# - yamllint -c ./.yamllint ./extra/playbooks/*.yaml -# - yamllint -c ./.yamllint ./extra/playbooks/*.yml -# - ansible-lint ./extra/playbooks/*.yaml -# tags: -# - docker -# - packer -# needs: -# - get-packer # Here building starts # Install required packer choco package @@ -198,6 +152,7 @@ install_packer: stage: install_packer before_script: - pwd + - echo $CI_COMMIT_BRANCH - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff -Verbose" - Sleep 30 @@ -208,214 +163,136 @@ install_packer: tags: - windows - hyperv + rules: + - if: $CI_COMMIT_BRANCH == "build" || $install_packer == "true" + when: always + alma8_build: - stage: alma8-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version almalinux-8.9 -Template rhel -Log 0 + stage: alma_build + variables: + VERSION: almalinux-8.9 + TEMPLATE: rhel rules: - - if: $build_alma8 == "true" - when: on_success - tags: - - windows - - hyperv + - if: '$CI_COMMIT_BRANCH == "build" || $build_alma8 == "true"' + when: always + extends: .build alma9_build: - stage: alma9-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version almalinux-9.3 -Template rhel -Log 0 + stage: alma_build + variables: + VERSION: almalinux-9.4 + TEMPLATE: rhel rules: - - if: $build_alma9 == "true" - when: on_success - tags: - - windows - - hyperv + - if: '$CI_COMMIT_BRANCH == "build" || $build_alma9 == "true"' + when: always + extends: .build + rocky8_build: - stage: rocky8-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version rockylinux-8.9 -Template rhel -Log 0 + stage: rocky_build + variables: + VERSION: rockylinux-8.9 + TEMPLATE: rhel rules: - - if: $build_rocky8 == "true" - when: on_success - tags: - - windows - - hyperv + - if: '$CI_COMMIT_BRANCH == "build" || $build_rocky8 == "true"' + when: always + extends: .build + rocky9_build: - stage: rocky9-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version rockylinux-9.3 -Template rhel -Log 0 + stage: rocky_build + variables: + VERSION: rockylinux-9.4 + TEMPLATE: rhel rules: - - if: $build_rocky9 == "true" - when: on_success - tags: - - windows - - hyperv + - if: '$CI_COMMIT_BRANCH == "build" || $build_rocky9 == "true"' + when: always + extends: .build + oracle8_build: - stage: oracle8-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version oraclelinux-8.9 -Template rhel -Log 0 + stage: oracle_build + variables: + VERSION: oraclelinux-8.9 + TEMPLATE: rhel rules: - - if: $build_oracle8 == "true" - when: on_success - tags: - - windows - - hyperv + - if: '$CI_COMMIT_BRANCH == "build" || $build_oracle8 == "true"' + when: always + extends: .build + oracle9_build: - stage: oracle9-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version oraclelinux-9.3 -Template rhel -Log 0 + stage: oracle_build + variables: + VERSION: oraclelinux-9.4 + TEMPLATE: rhel rules: - - if: $build_oracle9 == "true" - when: on_success - tags: - - windows - - hyperv + - if: '$CI_COMMIT_BRANCH == "build" || $build_oracle9 == "true"' + when: always + extends: .build windows2022_std_build: - stage: windows2022-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version windows_server_2022_std -Template windows -Log 0 + stage: windows_build + variables: + VERSION: windows_server_2022_std + TEMPLATE: windows rules: - - if: $build_windows2022_std == "true" - when: on_success - needs: - - install_packer - tags: - - windows - - hyperv + - if: '$CI_COMMIT_BRANCH == "build" || $build_windows2022_std == "true"' + when: always + extends: .build windows2022_dc_build: - stage: windows2022-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version windows_server_2022_dc -Template windows -Log 0 + stage: windows_build + variables: + VERSION: windows_server_2022_dc + TEMPLATE: windows rules: - - if: $build_windows2022_dc == "true" - when: on_success - tags: - - windows - - hyperv - needs: - - install_packer + - if: '$CI_COMMIT_BRANCH == "build" || $build_windows2022_dc == "true"' + when: always + extends: .build windows2019_std_build: - stage: windows2019-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version windows_server_2019_std -Template windows -Log 0 + stage: windows_build + variables: + VERSION: windows_server_2019_std + TEMPLATE: windows rules: - - if: $build_windows2019_std == "true" - when: on_success - needs: - - install_packer - tags: - - windows - - hyperv + - if: '$CI_COMMIT_BRANCH == "build" || $build_windows2019_std == "true"' + when: always + extends: .build windows2019_dc_build: - stage: windows2019-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version windows_server_2019_dc -Template windows -Log 0 + stage: windows_build + variables: + VERSION: windows_server_2019_dc + TEMPLATE: windows rules: - - if: $build_windows2019_dc == "true" - when: on_success - tags: - - windows - - hyperv - needs: - - install_packer + - if: '$CI_COMMIT_BRANCH == "build" || $build_windows2019_dc == "true"' + when: always + extends: .build ubuntu2004_build: - stage: ubuntu2004-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version ubuntu-20.04 -Template ubuntu -Log 0 + stage: ubuntu_build + variables: + VERSION: ubuntu-20.04 + TEMPLATE: ubuntu rules: - - if: $build_ubuntu2004 == "true" - when: on_success - tags: - - windows - - hyperv - needs: - - install_packer + - if: '$CI_COMMIT_BRANCH == "build" || $build_ubuntu2004 == "true"' + when: always + extends: .build ubuntu2204_build: - stage: ubuntu2204-build - script: - - pwd - - '$env:PACKER_CACHE_DIR="d:\packer_cache"' - - "Get-Vm -name packer-*|Stop-VM -Force -TurnOff" - - Sleep 120 - - "Get-Vm -name packer-*|Remove-VM -Force" - - packer init config.pkr.hcl - - .\hv_generic.ps1 -Action build -Version ubuntu-22.04 -Template ubuntu -Log 0 + stage: ubuntu_build + variables: + VERSION: ubuntu-22.04 + TEMPLATE: ubuntu rules: - - if: $build_ubuntu2204 == "true" - when: on_success - tags: - - windows - - hyperv - needs: - - install_packer + - if: '$CI_COMMIT_BRANCH == "build" || $build_ubuntu2204 == "true"' + when: always + extends: .build + +ubuntu2404_build: + stage: ubuntu_build + variables: + VERSION: ubuntu-24.04 + TEMPLATE: ubuntu + rules: + - if: '$CI_COMMIT_BRANCH == "build" || $build_ubuntu2404 == "true"' + when: always + extends: .build diff --git a/CHANGELOG.md b/CHANGELOG.md index 25d0adc..dae9b9d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,21 @@ # Changelog +## Version 3.0.2 2024-05-23 + +Codename: Defying Gravity - [https://www.youtube.com/watch?v=l0Bs_eaXaCo](https://www.youtube.com/watch?v=l0Bs_eaXaCo) + +* [ANSIBLE] - permanent removal variables from playbook + * install_zabbix: false # install Zabbix-agent + * install_zabbix_as_root: false # install Zabbix-agent as root + * install_puppet: true # Install Puppet + * install_kubernetes_workaround: false # add `cgroup.memory=nokmem` to grub +* [ANSIBLE] - change playbook version to 20240404 +* [ANSIBLE] - removed `systemd.unified_cgroup_hierarchy` for RHEL anc clones above 8 as this is set by default in OS +* [AlmaLinux] - added support for AlmaLinux 9.4 +* [OracleLinux] - added support for Oracle Linux 9.4 +* [RockyLinux] - added support for Rocky Linux 9.4 +* [Ubuntu] - added support for Ubuntu 22.04 + ## Version 3.0.1 2023-12-08 Codename: Slip Away - [https://www.youtube.com/watch?v=G8g_7CDwbmI](https://www.youtube.com/watch?v=G8g_7CDwbmI) diff --git a/README.md b/README.md index 110f18c..880cfd0 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Set of Hashicorp's `Packer` templates to create Microsoft Hyper-V virtual machines +# Set of Hashicorp's `Packer's` templates to create Microsoft Hyper-V virtual machines ![RockyLinux](https://img.shields.io/badge/Linux-Rocky-brightgreen) ![OracleLinux](https://img.shields.io/badge/Linux-Oracle-brightgreen) @@ -13,7 +13,7 @@ Consider buying me a coffee if you like my work. All donations are appreciated. -- [Set of Hashicorp's Packer templates to create Microsoft Hyper-V virtual machines](#set-of-hashicorps-packer-templates-to-create-microsoft-hyper-v-virtual-machines) +- [Set of Hashicorp's Packer's templates to create Microsoft Hyper-V virtual machines](#set-of-hashicorps-packers-templates-to-create-microsoft-hyper-v-virtual-machines) - [Requirements](#requirements) - [Requirements - Quick Start](#requirements---quick-start) - [Install packer from Chocolatey](#install-packer-from-chocolatey) @@ -50,13 +50,14 @@ Consider buying me a coffee if you like my work. All donations are appreciated. - [I have problem how to find a proper WIM name in Windows ISO to pick proper version](#i-have-problem-how-to-find-a-proper-wim--name-in-windows-iso-to-pick-proper-version) - [On Windows machines, build break during updates phase, when update cycles are interfering with each other](#on-windows-machines-build-break-during-updates-phase-when-update-cycles-are-interfering-with-each-other) - [Why don't you use ansible instead of shell scripts for provisioning](#why-dont-you-use-ansible-instead-of-shell-scripts-for-provisioning) + - [Support me](#support-me) - [About](#about) ## Requirements -- packer <=`1.9.1`. Do not use packer below 1.7.0 version. For previous packer versions use previous releases from this repository +- packer >=`1.10.0`. Do not use packer below 1.7.0 version. For previous packer versions use previous releases from this repository - Microsoft Hyper-V Server 2016/2019 or Microsoft Windows Server 2016/2019 (not 2012/R2) with Hyper-V role installed as host to build your images - firewall exceptions for `packer` http server (look down below) - [OPTIONAL] Vagrant >= `2.3.4` - for `vagrant` version of scripts. Boxes (prebuilt) are already available here: [https://app.vagrantup.com/marcinbojko](https://app.vagrantup.com/marcinbojko) @@ -68,7 +69,7 @@ Consider buying me a coffee if you like my work. All donations are appreciated. ### Install packer from Chocolatey ```cmd -choco install packer --version=1.9.1 -y +choco install packer --version=1.10.0 -y ``` ### Install required plugins @@ -114,7 +115,6 @@ switch_name = "vSwitch" |Windows|Administrator|password| |CentOS/RHEL|root|password| |Ubuntu|ubuntu|password| -||| ## Scripts @@ -130,41 +130,17 @@ switch_name = "vSwitch" |sysinternals|latest|Mandatory| |tabby|latest|Optional| -- `phase3.ps1` Puppet agent settings will be customized (`server=foreman.example.com`) with parameters: - - `Version` - puppet chocolatey version, for example "6.26.0" - - `AddPrivateChoco` ($true/$false) - if set to true, private MyGet repository will be added as `public` - - `PuppetMaster` (foreman.example.com) - if set, in `puppet.conf` section server will point to that variable - - Example of usage: - - `.\phase3.ps1 -Version 7.14.0 -AddPrivateChoco $true -PuppetMaster foreman.example.com` - - Puppet is set to clear any temp SSL keys and to be stopped after generalize phase - -- `phase5b-docker.ps1` - Docker settings can be customised - - `requiredVersion` - which version of docker module to install - defaults to 19.03.1 - - `installCompose` ($true/$false) - install docker-compose from chocolatey packages - - `dockerLocation` - of set, will default docker images and settings there. On empty, docker location is not being set. - - `configDockerLocation` - default place for docker's config file - - Example of usage - - `.\phase5b-docker.ps1 -requiredVersion "19.03.1" -installCompose $true -dockerLocation "d:\docker" -configDockerLocation "C:\ProgramData\Docker\config"` - ### Linux Machines - Repositories: - |Repository|Package|switch|default + |Repository|Package|switch|default| |----------|------------|---|---| |Epel 7/8/9|epel-release|can be switched off by setting "install_epel" to `false`|true| - |Zabbix 6.0|zabbix-agent|can be switched on by setting "install_zabbix" to `true`|false| - |Puppet 7 |puppet-agent|can be switched off by setting "install_puppet" to false|false| |Webmin |webmin|can be switched on by setting "install_webmin" to `false`|false| |Cockpit |cockpit|can be switched on by setting "install_zabbix" to `true`|true| |Hyper-V |SCVMM Agent|can be switched off by setting "install_hyperv" to `false`|true| |Neofetch |neofetch|can be switched off by setting "install_neofetch" to `false`|true| - |||| Be aware, turning off latest System Center Virtual Machine Agent will cause System Center fail to deploy machines @@ -179,13 +155,8 @@ Playbooks are held in `/extra/playbooks` folder, with proper OS variables. install_epel: true # install Epel install_webmin: true # install Webmin install_hyperv: true # install Hyper-v and scvmm agent -install_zabbix: false # install Zabbix-agent -install_zabbix_as_root: false # install Zabbix-agent as root install_cockpit: false # install Cockpit -install_puppet: true # Install Puppet install_docker_workaround: true # add `fsck.repair=yes` to grub -install_kubernetes_workaround: false # add `cgroup.memory=nokmem` to grub -remove_puppet_ssl_keys: false # remove any ssl keys after puppet installation install_neofetch: true # install neofetch install_updates: true # install updates install_extra_groups: true # install extra groups @@ -261,42 +232,42 @@ Example for Windows 2022 Datacenter |Action|Version|Template|Log|OS| |-------|-------|--------|---|-| -|`build`|almalinux-8.8|rhel|0/1|Alma Linux 8.8| -|`build`|almalinux-9.2|rhel|0/1|Alma Linux 9.2| +|`build`|almalinux-8.9|rhel|0/1|Alma Linux 8.9| +|`build`|almalinux-9.4|rhel|0/1|Alma Linux 9.4| #### Examples for AlmaLinux ```powershell -.\hv_generic.ps1 -Action build -Version almalinux-8.8 -Template rhel -Log 0 -.\hv_generic.ps1 -Action build -Version almalinux-9.2 -Template rhel -Log 0 +.\hv_generic.ps1 -Action build -Version almalinux-8.9 -Template rhel -Log 0 +.\hv_generic.ps1 -Action build -Version almalinux-9.4 -Template rhel -Log 0 ``` ### Building RockyLinux Machines |Action|Version|Template|Log|OS| |-------|-------|--------|---|-| -|`build`|rockylinux-8.8|rhel|0/1|Rocky Linux 8.8| -|`build`|rockyinux-9.2|rhel|0/1|Rocky Linux 9.2| +|`build`|rockylinux-8.9|rhel|0/1|Rocky Linux 8.9| +|`build`|rockyinux-9.4|rhel|0/1|Rocky Linux 9.4| #### Examples for RockyLinux ```powershell -.\hv_generic.ps1 -Action build -Version rockylinux-8.8 -Template rhel -Log 0 -.\hv_generic.ps1 -Action build -Version rockylinux-9.2 -Template rhel -Log 0 +.\hv_generic.ps1 -Action build -Version rockylinux-8.9 -Template rhel -Log 0 +.\hv_generic.ps1 -Action build -Version rockylinux-9.4 -Template rhel -Log 0 ``` ### Building OracleLinux Machines |Action|Version|Template|Log|OS| |-------|-------|--------|---|-| -|`build`|oraclelinux-8.8|rhel|0/1|Oracle Linux 8.8| -|`build`|oraclelinux-9.2|rhel|0/1|Oracle Linux 9.2| +|`build`|oraclelinux-8.9|rhel|0/1|Oracle Linux 8.9| +|`build`|oraclelinux-9.4|rhel|0/1|Oracle Linux 9.4| #### Examples for OracleLinux ```powershell -.\hv_generic.ps1 -Action build -Version oraclelinux-8.8 -Template rhel -Log 0 -.\hv_generic.ps1 -Action build -Version oraclelinux-9.2 -Template rhel -Log 0 +.\hv_generic.ps1 -Action build -Version oraclelinux-8.9 -Template rhel -Log 0 +.\hv_generic.ps1 -Action build -Version oraclelinux-9.4 -Template rhel -Log 0 ``` ### Building Ubuntu Machines @@ -305,12 +276,14 @@ Example for Windows 2022 Datacenter |-------|-------|--------|---|-| |`build`|ubuntu-20.04|ubuntu|0/1|Ubuntu 20.04| |`build`|ubuntu-22.04|ubuntu|0/1|Ubuntu 22.04| +|`build`|ubuntu-24.04|ubuntu|0/1|Ubuntu 24.04| #### Examples for Ubuntu ```powershell .\hv_generic.ps1 -Action build -Version ubuntu-20.04 -Template ubuntu -Log 0 .\hv_generic.ps1 -Action build -Version ubuntu-22.04 -Template ubuntu -Log 0 +.\hv_generic.ps1 -Action build -Version ubuntu-24.04 -Template ubuntu -Log 0 ``` ## Known issues diff --git a/extra/.ansible-lint b/extra/.ansible-lint deleted file mode 100644 index 30e1623..0000000 --- a/extra/.ansible-lint +++ /dev/null @@ -1,9 +0,0 @@ -skip_list: - - package-latest - # - command-instead-of-shell - # - no-handler - # - risky-file-permissions - # - risky-shell-pipe - # - no-relative-paths - - experimental - - name[casing] \ No newline at end of file diff --git a/extra/.yamllint b/extra/.yamllint deleted file mode 100644 index 78e6ff4..0000000 --- a/extra/.yamllint +++ /dev/null @@ -1,11 +0,0 @@ -extends: relaxed - -rules: - comments-indentation: disable - colons: false - line-length: - max: 300 - level: warning -indentation: - spaces: consistent - indent-sequences: consistent diff --git a/extra/files/almalinux/8/virtualbox/ks.cfg b/extra/files/almalinux/8/virtualbox/ks.cfg new file mode 100644 index 0000000..957b36b --- /dev/null +++ b/extra/files/almalinux/8/virtualbox/ks.cfg @@ -0,0 +1,101 @@ +#version=RHEL8 +# X Window System configuration information +# License agreement +eula --agreed +# Use graphical install +text +# SELinux configuration +selinux --disabled +# Network information +network --bootproto=dhcp --noipv6 --activate +# Use CDROM installation media +cdrom +# Run the Setup Agent on first boot +firstboot --disable +# System services +services --enabled="chronyd" +services --enabled="sshd" +services --enabled="NetworkManager" + +# Keyboard layouts +keyboard --vckeymap=us --xlayouts='us' +# System language +lang en_US --addsupport=en_GB.UTF-8 + +repo --name="AppStream" --baseurl=file:///run/install/repo/AppStream +# Root password +rootpw --plaintext password +# System timezone +timezone UTC --isUtc --ntpservers=0.rhel.pool.ntp.org +# System bootloader configuration +bootloader --location=mbr +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="vfat" --size=400 +part /boot --fstype="ext4" --size=2048 +part swap --fstype="swap" --size=8192 +part / --fstype="ext4" --grow --size=1 + +%packages +@guest-agents +@legacy-unix +@system-tools +mc +curl +wget +tar +bzip2 +kernel-devel +kernel-headers +perl +gcc +git +make +elfutils-libelf-devel +langpacks-en +glibc-all-langpacks +openssh-server +openssh-clients +openssh +tuned +tuned-profiles-atomic +qemu-guest-agent +python3-pip +python3-setuptools +spice-vdagent +qemu-guest-agent +cloud-init +cloud-utils-growpart +%end + +%addon com_redhat_subscription_manager +%end +%addon ADDON_placeholder --disable --reserve-mb=auto +%end +%addon com_redhat_kdump --disable +%end + +%anaconda +pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty +pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok +pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty +%end + +# post part +%post --log=/var/log/anaconda/kickstart_post_sshd.log +sed -ri 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config +sed -ri 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config +sed -ri 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config +systemctl enable sshd --now +%end + +%post --log=/var/log/anaconda/kickstart_post.log +systemctl enable sshd --now +systemctl enable qemu-guest-agent +systemctl set-default multi-user.target +%end + +#reboot +reboot \ No newline at end of file diff --git a/extra/files/almalinux/9/virtualbox/ks.cfg b/extra/files/almalinux/9/virtualbox/ks.cfg new file mode 100644 index 0000000..0d42826 --- /dev/null +++ b/extra/files/almalinux/9/virtualbox/ks.cfg @@ -0,0 +1,100 @@ +#version=RHEL9 +# X Window System configuration information +# License agreement +eula --agreed +# Use graphical install +text +# SELinux configuration +selinux --disabled +# Network information +network --bootproto=dhcp --noipv6 --activate +# Use CDROM installation media +cdrom +# Run the Setup Agent on first boot +firstboot --disable +# System services +services --enabled="chronyd" +services --enabled="sshd" +services --enabled="NetworkManager" + +# Keyboard layouts +keyboard --vckeymap=us --xlayouts='us' +# System language +lang en_US --addsupport=en_GB.UTF-8 + +repo --name="AppStream" --baseurl=file:///run/install/repo/AppStream +# Root password +rootpw --plaintext password +# System timezone +timezone UTC --utc +# System bootloader configuration +bootloader +zerombr +# Partition clearing information +clearpart --all --initlabel +# # Disk partitioning information +part /boot/efi --fstype="vfat" --size=400 +part /boot --fstype="ext4" --size=2048 +part swap --fstype="swap" --size=8192 +part / --fstype="ext4" --grow --size=1 + +%packages +@guest-agents +@legacy-unix +@system-tools +bash +mc +curl +wget +tar +bzip2 +kernel-devel +kernel-headers +perl +gcc +git +make +elfutils-libelf-devel +langpacks-en +glibc-all-langpacks +openssh-server +openssh-clients +openssh +tuned +tuned-profiles-atomic +qemu-guest-agent +python3-pip +python3-setuptools +spice-vdagent +qemu-guest-agent +%end + +%addon com_redhat_subscription_manager +%end +%addon ADDON_placeholder --disable --reserve-mb=auto +%end +%addon com_redhat_kdump --disable +%end + +# post part +# post part +%post --log=/var/log/anaconda/kickstart_post_sshd.log +sed -ri 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config +sed -ri 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config +sed -ri 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config +systemctl enable sshd +%end + +# post part +%post --log=/var/log/anaconda/kickstart_post.log +systemctl enable qemu-guest-agent +systemctl set-default multi-user.target +%end + +# post part +%post --log=/var/log/anaconda/kickstart_post_efi.log +cp -pr /boot/efi/EFI/almalinux/* /boot/efi/EFI/BOOT/ +%end + +#reboot +reboot diff --git a/extra/files/gen2-rhel7/ks-kvm8.cfg b/extra/files/gen2-rhel7/ks-kvm8.cfg new file mode 100644 index 0000000..ef7b89d --- /dev/null +++ b/extra/files/gen2-rhel7/ks-kvm8.cfg @@ -0,0 +1,106 @@ +#version=RHEL8 +# X Window System configuration information +# License agreement +eula --agreed +# Use graphical install +text +# SELinux configuration +selinux --disabled +# Network information +network --bootproto=dhcp --noipv6 --activate +# firewall +firewall --disabled +# Use CDROM installation media +cdrom +# Run the Setup Agent on first boot +firstboot --disable +# System services +services --enabled="chronyd" +services --enabled="sshd" +services --enabled="NetworkManager" + +# Keyboard layouts +keyboard --vckeymap=us --xlayouts='us' +# System language +lang en_US --addsupport=en_GB.UTF-8 + +repo --name="AppStream" --baseurl=file:///run/install/repo/AppStream +# Root password +rootpw --plaintext password +# System timezone +timezone UTC --isUtc --ntpservers=0.rhel.pool.ntp.org +# System bootloader configuration +bootloader +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot --fstype="ext4" --size=2048 +part swap --fstype="swap" --size=8192 + +part pv.01 --size=1 --grow +volgroup vg_root pv.01 +logvol / --vgname=vg_root --size=1 --grow --name=lv_root +logvol /var --vgname=vg_root --size=8192 --name=lv_var + +%packages +@guest-agents +@legacy-unix +@system-tools +bash +mc +curl +wget +tar +bzip2 +kernel-devel +kernel-headers +perl +gcc +git +make +elfutils-libelf-devel +langpacks-en +glibc-all-langpacks +openssh-server +openssh-clients +openssh +python3-pip +python3-setuptools +tuned +tuned-profiles-atomic +tuned-utils +spice-vdagent +qemu-guest-agent +cloud-init +cloud-utils-growpart +%end + +%addon com_redhat_subscription_manager +%end +%addon ADDON_placeholder --disable --reserve-mb=auto +%end +%addon com_redhat_kdump --disable +%end + +%anaconda +pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty +pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok +pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty +%end + +# post part +%post --log=/var/log/anaconda/kickstart_post_sshd.log +sed -ri 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config +sed -ri 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config +sed -ri 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config +systemctl enable sshd +%end + +%post --log=/var/log/anaconda/kickstart_post.log +systemctl enable qemu-guest-agent +systemctl set-default multi-user.target +%end + +#reboot +reboot \ No newline at end of file diff --git a/extra/files/oraclelinux/8/virtualbox/ks.cfg b/extra/files/oraclelinux/8/virtualbox/ks.cfg new file mode 100644 index 0000000..77d2c7c --- /dev/null +++ b/extra/files/oraclelinux/8/virtualbox/ks.cfg @@ -0,0 +1,112 @@ +#version=RHEL8 +# X Window System configuration information +# License agreement +eula --agreed +# Use graphical install +text +# SELinux configuration +selinux --disabled +# Network information +network --bootproto=dhcp --noipv6 --activate +#network --bootproto=dhcp --hostname=localhost.localdomain +# firewall +firewall --disabled + +#ignoredisk --only-use=sda +# Use CDROM installation media +cdrom +# Run the Setup Agent on first boot +firstboot --disable +# System services +services --enabled="chronyd" +services --enabled="sshd" +services --enabled="NetworkManager" + +# Keyboard layouts +keyboard --vckeymap=us --xlayouts='us' +# System language +lang en_US --addsupport=en_GB.UTF-8 + +repo --name="AppStream" --baseurl=file:///run/install/repo/AppStream +# Root password +rootpw --plaintext password +# System timezone +timezone UTC --isUtc --ntpservers=0.rhel.pool.ntp.org +# System bootloader configuration +bootloader +#autopart --type=lvm +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information + +#Disk partitioning information +part /boot --fstype="ext4" --size=2048 +part swap --fstype="swap" --size=8192 + +part pv.01 --size=1 --grow +volgroup vg_root pv.01 +logvol / --vgname=vg_root --size=1 --grow --name=lv_root +logvol /var --vgname=vg_root --size=8192 --name=lv_var + + +%packages +@guest-agents +@legacy-unix +@system-tools +bash +mc +curl +wget +tar +bzip2 +kernel-devel +kernel-headers +kernel-uek-devel +perl +gcc +git +make +elfutils-libelf-devel +langpacks-en +glibc-all-langpacks +openssh-server +openssh-clients +openssh +python3-pip +python3-setuptools +tuned +tuned-profiles-atomic +tuned-utils +spice-vdagent +qemu-guest-agent +%end + +%addon com_redhat_subscription_manager +%end +%addon ADDON_placeholder --disable --reserve-mb=auto +%end +%addon com_redhat_kdump --disable +%end + +%anaconda +pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty +pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok +pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty +%end + +# post part +%post --log=/var/log/anaconda/kickstart_post_sshd.log +sed -ri 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config +sed -ri 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config +sed -ri 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config +systemctl enable sshd +%end + +%post --log=/var/log/anaconda/kickstart_post.log +systemctl enable qemu-guest-agent +systemctl set-default multi-user.target +%end + +#reboot +reboot \ No newline at end of file diff --git a/extra/files/oraclelinux/9/virtualbox/ks.cfg b/extra/files/oraclelinux/9/virtualbox/ks.cfg new file mode 100644 index 0000000..99faf0b --- /dev/null +++ b/extra/files/oraclelinux/9/virtualbox/ks.cfg @@ -0,0 +1,96 @@ +#version=RHEL8 +# X Window System configuration information +# License agreement +eula --agreed +# Use graphical install +text +# SELinux configuration +selinux --disabled +# Network information +network --bootproto=dhcp --noipv6 --activate +# Use CDROM installation media +cdrom +# Run the Setup Agent on first boot +firstboot --disable +# System services +services --enabled="chronyd" +services --enabled="sshd" +services --enabled="NetworkManager" + +# Keyboard layouts +keyboard --vckeymap=us --xlayouts='us' +# System language +lang en_US --addsupport=en_GB.UTF-8 + +repo --name="AppStream" --baseurl=file:///run/install/repo/AppStream +# Root password +rootpw --plaintext password +# System timezone +timezone UTC --utc +# System bootloader configuration +bootloader +#autopart --type=lvm +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part /boot/efi --fstype="vfat" --size=400 +part /boot --fstype="ext4" --size=2048 +part swap --fstype="swap" --size=8192 +part / --fstype="ext4" --grow --size=1 + +%packages +@guest-agents +@legacy-unix +@system-tools +bash +mc +curl +wget +tar +bzip2 +kernel-devel +kernel-headers +kernel-uek-devel +perl +gcc +git +make +elfutils-libelf-devel +langpacks-en +glibc-all-langpacks +openssh-server +openssh-clients +openssh +tuned +tuned-profiles-atomic +%end + +%addon com_redhat_subscription_manager +%end +%addon ADDON_placeholder --disable --reserve-mb=auto +%end +%addon com_redhat_kdump --disable +%end + +# post part +%post --log=/var/log/anaconda/kickstart_post_sshd.log +sed -ri 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config +sed -ri 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config +sed -ri 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config +systemctl enable sshd +%end + +# post part +%post --log=/var/log/anaconda/kickstart_post.log +systemctl enable qemu-guest-agent +systemctl set-default multi-user.target +%end + +# post part +%post --log=/var/log/anaconda/kickstart_post_efi.log +cp -pr /boot/efi/EFI/oraclelinux/* /boot/efi/EFI/BOOT/ +%end + +#reboot +reboot \ No newline at end of file diff --git a/extra/files/ubuntu/24.04/hyperv/meta-data b/extra/files/ubuntu/24.04/hyperv/meta-data new file mode 100644 index 0000000..e69de29 diff --git a/extra/files/ubuntu/24.04/hyperv/user-data b/extra/files/ubuntu/24.04/hyperv/user-data new file mode 100644 index 0000000..12ba14c --- /dev/null +++ b/extra/files/ubuntu/24.04/hyperv/user-data @@ -0,0 +1,109 @@ +#cloud-config + +autoinstall: + version: 1 + early-commands: + - systemctl stop ssh # otherwise packer tries to connect and exceed max attempts + network: + network: + version: 2 + ethernets: + eth0: + dhcp4: yes + dhcp-identifier: mac + update: no + apt: + geoip: true + preserve_sources_list: false + primary: + - arches: [amd64] + uri: "http://archive.ubuntu.com/ubuntu/" + packages: + - mc + - curl + - wget + - sudo + - tar + - bzip2 + - build-essential + - linux-image-virtual + - linux-tools-virtual + - net-tools + - qemu-guest-agent + locale: en_US.UTF-8 + timezone: Europe/Copenhagen + ssh: + install-server: true + allow-pw: true + user-data: + disable_root: false +# lock-passwd: false + ssh_pwauth: true + hostname: ubuntu2404 +# username: root + chpasswd: + expire: false + users: + - name: root + password: password + type: text + - name: ubuntu + password: password + type: text + late-commands: + #- echo 'ubuntu ALL=(ALL) NOPASSWD:ALL' > /target/etc/sudoers.d/ubuntu + - sed -ie 's/GRUB_CMDLINE_LINUX=.*/GRUB_CMDLINE_LINUX="net.ifnames=0 ipv6.disable=1 biosdevname=0"/' /target/etc/default/grub + - sed -ie 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /target/etc/ssh/sshd_config + - sed -ie 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/' /target/etc/ssh/sshd_config + - sed -ie 's/#AllowAgentForwarding yes/AllowAgentForwarding yes/' /target/etc/ssh/sshd_config + - curtin in-target -- update-grub2 + # virtual package is required for some cloud images. Lack of it causes failure in communication. + - curtin in-target -- apt-get -y install linux-cloud-tools-virtual||true + - curtin in-target -- systemctl enable qemu-guest-agent + storage: + config: + - type: disk + id: disk0 + ptable: gpt + wipe: superblock + grub_device: true + match: + size: largest + - id: efi-partition # create partitions on disk (like sda1) + type: partition + device: disk0 + size: 512MB + flag: boot # EFI system partition needs boot flag + - type: partition + id: boot-partition + device: disk0 + size: 2GB + - type: partition + device: disk0 + id: root-partition + size: -1 + - id: efi-partition-fs # format partitions on disk + type: format + volume: efi-partition + fstype: fat32 + label: EFI + - id: boot-partition-fs + type: format + fstype: ext4 + volume: boot-partition + - id: root-partition-fs + type: format + fstype: ext4 + volume: root-partition + - id: efi-partition-fs-mount # mount partitions + type: mount + device: efi-partition-fs + path: /boot/efi + - id: root-partition-fs-mount + type: mount + path: / + device: root-partition-fs + - id: boot-partition-fs-mount + type: mount + path: /boot + device: boot-partition-fs diff --git a/extra/files/ubuntu/24.04/proxmox/meta-data b/extra/files/ubuntu/24.04/proxmox/meta-data new file mode 100644 index 0000000..e69de29 diff --git a/extra/files/ubuntu/24.04/proxmox/user-data b/extra/files/ubuntu/24.04/proxmox/user-data new file mode 100644 index 0000000..e9421b4 --- /dev/null +++ b/extra/files/ubuntu/24.04/proxmox/user-data @@ -0,0 +1,100 @@ +#cloud-config + +autoinstall: + version: 1 + early-commands: + - systemctl stop ssh # otherwise packer tries to connect and exceed max attempts + network: + network: + version: 2 + ethernets: + eth0: + dhcp4: yes + dhcp-identifier: mac + update: no + apt: + geoip: true + preserve_sources_list: false + primary: + - arches: [amd64] + uri: "http://archive.ubuntu.com/ubuntu/" + packages: + - mc + - curl + - wget + - sudo + - tar + - bzip2 + - build-essential + - linux-image-virtual + - linux-tools-virtual + - net-tools + - qemu-guest-agent + locale: en_US.UTF-8 + timezone: Europe/Copenhagen + ssh: + install-server: true + allow-pw: true + user-data: + disable_root: false +# lock-passwd: false + ssh_pwauth: true + hostname: ubuntu2404 +# username: root + chpasswd: + expire: false + users: + - name: root + password: password + type: text + - name: ubuntu + password: password + type: text + late-commands: + #- echo 'ubuntu ALL=(ALL) NOPASSWD:ALL' > /target/etc/sudoers.d/ubuntu + - sed -ie 's/GRUB_CMDLINE_LINUX=.*/GRUB_CMDLINE_LINUX="net.ifnames=0 ipv6.disable=1 biosdevname=0"/' /target/etc/default/grub + - sed -ie 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /target/etc/ssh/sshd_config + - sed -ie 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/' /target/etc/ssh/sshd_config + - sed -ie 's/#AllowAgentForwarding yes/AllowAgentForwarding yes/' /target/etc/ssh/sshd_config + - curtin in-target -- update-grub2 + # virtual package is required for some cloud images. Lack of it causes failure in communication. + - curtin in-target -- apt-get -y install linux-cloud-tools-virtual||true + - curtin in-target -- systemctl enable qemu-guest-agent + storage: + config: + - type: disk + id: disk0 + ptable: gpt + wipe: superblock + grub_device: true + match: + size: largest + - id: bios-boot-partition + type: partition + device: disk0 + size: 1MB + flag: bios_grub + - id: boot-partition + type: partition + device: disk0 + size: 2GB + - id: root-partition + type: partition + device: disk0 + size: -1 + - id: boot-partition-fs + type: format + fstype: ext4 + volume: boot-partition + - id: root-partition-fs + type: format + fstype: ext4 + volume: root-partition + - id: boot-partition-fs-mount + type: mount + path: /boot + device: boot-partition-fs + - id: root-partition-fs-mount + type: mount + path: / + device: root-partition-fs diff --git a/extra/files/ubuntu/24.04/uefi.sh b/extra/files/ubuntu/24.04/uefi.sh new file mode 100644 index 0000000..16dc624 --- /dev/null +++ b/extra/files/ubuntu/24.04/uefi.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash +# try to deal with broken centos/ubuntu UEFI in Hyper-V + +# Let's find out which bootnumber we have currently in UEFI with Ubuntu label +bootnum=$(efibootmgr -v|grep -i ubuntu|awk '{print $1}'|cut -c5-8) + +if [ -d "/boot/efi/EFI/ubuntu" ]; then + echo "Ubuntu exists" + # now centos exists + if [ -z "$bootnum" ]; then + echo "Current Ubuntu boot number equals: $bootnum" + efibootmgr -b "$bootnum" -B + efibootmgr --create --label Ubuntu --disk /dev/sda1 --loader "\EFI\ubuntu\shim.efi" + sudo grub2-mkconfig -o /boot/efi/EFI/BOOT/grub.cfg + efibootmgr -v + fi +fi diff --git a/extra/files/ubuntu/shared/prepare_neofetch.sh b/extra/files/ubuntu/shared/prepare_neofetch.sh index 268d14a..c3f8951 100755 --- a/extra/files/ubuntu/shared/prepare_neofetch.sh +++ b/extra/files/ubuntu/shared/prepare_neofetch.sh @@ -12,9 +12,9 @@ if [ ! -d $config_dir ];then fi if [ ! -e $config ];then - if [ -e /root/.config/neofetch/config.conf ];then - echo "Copying config from root to /etc/neofetch" - cp -pv /root/.config/neofetch/config.conf $config + if [ -e /home/ubuntu/.config/neofetch/config.conf ];then + echo "Copying config from ubuntu to /etc/neofetch" + cp -pv /home/ubuntu/.config/neofetch/config.conf $config fi fi diff --git a/extra/files/windows/2019/proxmox/unattend.xml b/extra/files/windows/2019/proxmox/unattend.xml index 41d741c..b5f82aa 100755 --- a/extra/files/windows/2019/proxmox/unattend.xml +++ b/extra/files/windows/2019/proxmox/unattend.xml @@ -13,7 +13,7 @@ - windows-2022 + windows-2019 diff --git a/extra/files/windows/2022/virtualbox/std/Autounattend.xml b/extra/files/windows/2022/virtualbox/std/Autounattend.xml new file mode 100755 index 0000000..690fd4b --- /dev/null +++ b/extra/files/windows/2022/virtualbox/std/Autounattend.xml @@ -0,0 +1,172 @@ + + + + + + en-US + + en-US + en-US + en-US + en-US + en-US + + + + + + + 1 + 350 + Primary + + + 2 + 100 + EFI + + + 3 + 128 + MSR + + + 4 + true + Primary + + + + + 1 + 1 + + NTFS + de94bba4-06d1-4d40-a16a-bfd50179d6ac + + + 2 + 2 + + FAT32 + + + 3 + 3 + + + 4 + 4 + + NTFS + + + 0 + true + + OnError + + + + + + /IMAGE/NAME + Windows Server 2022 SERVERSTANDARD + + + + 0 + 4 + + + + + + + OnError + + true + Administrator + + + + + + + + false + + windows-2022 + Central European Standard Time + + + + true + + + false + false + + + true + + + + + + + password + true</PlainText> + </Password> + <Enabled>true</Enabled> + <Username>Administrator</Username> + </AutoLogon> + <FirstLogonCommands> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 64 Bit</Description> + <Order>1</Order> + <RequiresUserInput>false</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>C:\Windows\SysWOW64\cmd.exe /c powershell -Command "Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force"</CommandLine> + <Description>Set Execution Policy 32 Bit</Description> + <Order>2</Order> + <RequiresUserInput>false</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>powershell.exe -NoProfile -Command "Get-PSDrive -PSProvider 'FileSystem' | ForEach-Object { $scriptFile = Join-Path $_.Root 'bootstrap.ps1'; if (Test-Path $scriptFile) { &amp; $scriptFile } }"</CommandLine> + <Description>bootstrap</Description> + <Order>3</Order> + <RequiresUserInput>false</RequiresUserInput> + </SynchronousCommand> + <SynchronousCommand wcm:action="add"> + <CommandLine>cmd.exe /c wmic useraccount where "name='Administrator'" set PasswordExpires=FALSE</CommandLine> + <Order>4</Order> + <Description>Disable password expiration for Administrator user</Description> + <RequiresUserInput>false</RequiresUserInput> + </SynchronousCommand> + </FirstLogonCommands> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <HideLocalAccountScreen>true</HideLocalAccountScreen> + <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> + <HideOnlineAccountScreens>true</HideOnlineAccountScreens> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + <NetworkLocation>Home</NetworkLocation> + <ProtectYourPC>1</ProtectYourPC> + </OOBE> + <UserAccounts> + <AdministratorPassword> + <Value>password</Value> + <PlainText>true</PlainText> + </AdministratorPassword> + </UserAccounts> + </component> + </settings> + <settings pass="offlineServicing"> + <component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <EnableLUA>false</EnableLUA> + </component> + </settings> +</unattend> diff --git a/extra/files/windows/2022/virtualbox/std/unattend.xml b/extra/files/windows/2022/virtualbox/std/unattend.xml new file mode 100755 index 0000000..1da5496 --- /dev/null +++ b/extra/files/windows/2022/virtualbox/std/unattend.xml @@ -0,0 +1,52 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend"> + <settings pass="generalize"> + <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <SkipRearm>0</SkipRearm> + </component> + <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> + <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> + </component> + </settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <InputLocale>en-US</InputLocale> + <SystemLocale>en-US</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>en-US</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <OOBE> + <HideEULAPage>true</HideEULAPage> + <ProtectYourPC>1</ProtectYourPC> + <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> + </OOBE> + <TimeZone>Central European Standard Time</TimeZone> + <UserAccounts> + <AdministratorPassword> + <Value>dgBhAGcAcgBhAG4AdABBAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByAFAAYQBzAHMAdwBvAHIAZAA=</Value> + <PlainText>false</PlainText> + </AdministratorPassword> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Password> + <Value>dgBhAGcAcgBhAG4AdABQAGEAcwBzAHcAbwByAGQA</Value> + <PlainText>false</PlainText> + </Password> + <Group>administrators</Group> + <DisplayName>Vagrant</DisplayName> + <Name>vagrant</Name> + <Description>Vagrant User</Description> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + </component> + </settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <!--<ProductKey>6XBNX-4JQGW-QX6QG-74P76-72V67</ProductKey>--> + <ComputerName>vagrant-2022</ComputerName> + </component> + </settings> +</unattend> diff --git a/extra/playbooks/provision_alma8_variables.yml b/extra/playbooks/provision_alma8_variables.yml index 090bd7a..3e14de9 100644 --- a/extra/playbooks/provision_alma8_variables.yml +++ b/extra/playbooks/provision_alma8_variables.yml @@ -1,4 +1,5 @@ initial_packages: + - almalinux-release - curl - mc - wget @@ -57,10 +58,6 @@ yum_extra_epel_packages: - nmon - pv - rkhunter -epel: - priority: 60 - path: /etc/yum.repos.d/epel.repo - section: epel epel_package: - epel-release selinux: @@ -72,40 +69,6 @@ webmin: timeout: 120 mirrorlist: http://download.webmin.com/download/yum/mirrorlist enabled: 1 -zabbix: - repository: - - url: https://repo.zabbix.com/zabbix/6.2/rhel/8/x86_64/zabbix-release-6.2-1.el8.noarch.rpm - name: zabbix-agent2 - file: /etc/yum.repos.d/zabbix.repo - gpgkey: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591 - priorities: - - name: zabbix - priority: 20 - path: /etc/yum.repos.d/zabbix.repo - package: - service: zabbix-agent2 -puppet: - repository: - - url: https://yum.puppet.com/puppet7-release-el-8.noarch.rpm - gpgkey: https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406 - service: - - name: puppet - state: stopped - enabled: no - priorities: - - name: puppet7 - priority: 20 - path: /etc/yum.repos.d/puppet7.repo - package: - name: puppet-agent - config: - location: /etc/puppetlabs/puppet/puppet.conf - mode: "0644" - agent: - - key: runinterval - value: 1800 - - key: server - value: foreman.example.com neofetch: repository: - url: https://copr.fedorainfracloud.org/coprs/konimex/neofetch/repo/epel-8/konimex-neofetch-epel-8.repo @@ -124,8 +87,6 @@ firewalld: default_zone: work rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="22" protocol="tcp" accept' - zabbix_rich_rules: - - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10050-10051" protocol="tcp" accept' webmin_rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10000" protocol="tcp" accept' cockpit_rich_rules: @@ -168,3 +129,10 @@ motd: | fi export XAUTHORITY=$HOME/.Xauthority export PATH="/usr/local/bin:$PATH" +kernel_parameters: + - key: "fsck.repair" + value: "yes" + state: present + - key: "systemd.unified_cgroup_hierarchy" + value: "1" + state: present diff --git a/extra/playbooks/provision_alma9_variables.yml b/extra/playbooks/provision_alma9_variables.yml index 9fc7663..895523b 100644 --- a/extra/playbooks/provision_alma9_variables.yml +++ b/extra/playbooks/provision_alma9_variables.yml @@ -1,4 +1,5 @@ initial_packages: + - almalinux-release - curl - mc - wget @@ -58,10 +59,6 @@ yum_extra_epel_packages: - nmon - pv - rkhunter -epel: - priority: 60 - path: /etc/yum.repos.d/epel.repo - section: epel epel_package: - epel-release selinux: @@ -73,40 +70,6 @@ webmin: timeout: 120 mirrorlist: http://download.webmin.com/download/yum/mirrorlist enabled: 1 -zabbix: - repository: - - url: https://repo.zabbix.com/zabbix/6.2/rhel/9/x86_64/zabbix-release-6.2-2.el9.noarch.rpm - name: zabbix-agent2 - file: /etc/yum.repos.d/zabbix.repo - gpgkey: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591 - priorities: - - name: zabbix - priority: 20 - path: /etc/yum.repos.d/zabbix.repo - package: - service: zabbix-agent2 -puppet: - repository: - - url: https://yum.puppet.com/puppet7-release-el-9.noarch.rpm - gpgkey: https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406 - service: - - name: puppet - state: stopped - enabled: no - priorities: - - name: puppet7 - priority: 20 - path: /etc/yum.repos.d/puppet7.repo - package: - name: puppet-agent - config: - location: /etc/puppetlabs/puppet/puppet.conf - mode: "0644" - agent: - - key: runinterval - value: 1800 - - key: server - value: foreman.example.com neofetch: # repository: # - url: https://copr.fedorainfracloud.org/coprs/konimex/neofetch/repo/epel-8/konimex-neofetch-epel-8.repo @@ -125,8 +88,6 @@ firewalld: default_zone: work rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="22" protocol="tcp" accept' - zabbix_rich_rules: - - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10050-10051" protocol="tcp" accept' webmin_rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10000" protocol="tcp" accept' cockpit_rich_rules: @@ -169,3 +130,7 @@ motd: | fi export XAUTHORITY=$HOME/.Xauthority export PATH="/usr/local/bin:$PATH" +kernel_parameters: + - key: "fsck.repair" + value: "yes" + state: present diff --git a/extra/playbooks/provision_centos7_variables.yml b/extra/playbooks/provision_centos7_variables.yml index 1e8f897..4d97fd8 100644 --- a/extra/playbooks/provision_centos7_variables.yml +++ b/extra/playbooks/provision_centos7_variables.yml @@ -56,10 +56,6 @@ yum_extra_epel_packages: - nmon - pv - rkhunter -epel: - priority: 60 - path: /etc/yum.repos.d/epel.repo - section: epel epel_package: - epel-release selinux: @@ -71,40 +67,6 @@ webmin: timeout: 120 mirrorlist: http://download.webmin.com/download/yum/mirrorlist enabled: 1 -zabbix: - repository: - - url: https://repo.zabbix.com/zabbix/6.0/rhel/7/x86_64/zabbix-release-6.0-1.el7.noarch.rpm - name: zabbix-agent2 - file: /etc/yum.repos.d/zabbix.repo - gpgkey: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591 - priorities: - - name: zabbix - priority: 20 - path: /etc/yum.repos.d/zabbix.repo - package: - service: zabbix-agent2 -puppet: - repository: - - url: https://yum.puppet.com/puppet7-release-el-7.noarch.rpm - gpgkey: https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406 - service: - - name: puppet - state: stopped - enabled: no - priorities: - - name: puppet7 - priority: 10 - path: /etc/yum.repos.d/puppet7.repo - package: - name: puppet-agent - config: - location: /etc/puppetlabs/puppet/puppet.conf - mode: "0644" - agent: - - key: runinterval - value: 1800 - - key: server - value: foreman.example.com neofetch: repository: - url: https://copr.fedorainfracloud.org/coprs/konimex/neofetch/repo/epel-7/konimex-neofetch-epel-7.repo @@ -123,8 +85,6 @@ firewalld: default_zone: work rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="22" protocol="tcp" accept' - zabbix_rich_rules: - - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10050-10051" protocol="tcp" accept' webmin_rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10000" protocol="tcp" accept' cockpit_rich_rules: @@ -167,3 +127,10 @@ motd: | fi export XAUTHORITY=$HOME/.Xauthority export PATH="/usr/local/bin:$PATH" +kernel_parameters: + - key: "fsck.repair" + value: "yes" + state: present + - key: "systemd.unified_cgroup_hierarchy" + value: "1" + state: present diff --git a/extra/playbooks/provision_centos8_variables.yml b/extra/playbooks/provision_centos8_variables.yml index 9503e1f..691f888 100644 --- a/extra/playbooks/provision_centos8_variables.yml +++ b/extra/playbooks/provision_centos8_variables.yml @@ -57,10 +57,6 @@ yum_extra_epel_packages: - nmon - pv - rkhunter -epel: - priority: 60 - path: /etc/yum.repos.d/epel.repo - section: epel epel_package: - epel-release selinux: @@ -72,40 +68,6 @@ webmin: timeout: 120 mirrorlist: http://download.webmin.com/download/yum/mirrorlist enabled: 1 -zabbix: - repository: - - url: https://repo.zabbix.com/zabbix/6.2/rhel/8/x86_64/zabbix-release-6.2-1.el8.noarch.rpm - name: zabbix-agent2 - file: /etc/yum.repos.d/zabbix.repo - gpgkey: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591 - priorities: - - name: zabbix - priority: 20 - path: /etc/yum.repos.d/zabbix.repo - package: - service: zabbix-agent2 -puppet: - repository: - - url: https://yum.puppet.com/puppet7-release-el-8.noarch.rpm - gpgkey: https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406 - service: - - name: puppet - state: stopped - enabled: no - priorities: - - name: puppet7 - priority: 20 - path: /etc/yum.repos.d/puppet7.repo - package: - name: puppet-agent - config: - location: /etc/puppetlabs/puppet/puppet.conf - mode: "0644" - agent: - - key: runinterval - value: 1800 - - key: server - value: foreman.example.com neofetch: repository: - url: https://copr.fedorainfracloud.org/coprs/konimex/neofetch/repo/epel-8/konimex-neofetch-epel-8.repo @@ -124,8 +86,6 @@ firewalld: default_zone: work rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="22" protocol="tcp" accept' - zabbix_rich_rules: - - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10050-10051" protocol="tcp" accept' webmin_rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10000" protocol="tcp" accept' cockpit_rich_rules: @@ -168,3 +128,10 @@ motd: | fi export XAUTHORITY=$HOME/.Xauthority export PATH="/usr/local/bin:$PATH" +kernel_parameters: + - key: "fsck.repair" + value: "yes" + state: present + - key: "systemd.unified_cgroup_hierarchy" + value: "1" + state: present diff --git a/extra/playbooks/provision_oracle8_variables.yml b/extra/playbooks/provision_oracle8_variables.yml index fc0b7f6..6868d41 100644 --- a/extra/playbooks/provision_oracle8_variables.yml +++ b/extra/playbooks/provision_oracle8_variables.yml @@ -1,4 +1,5 @@ initial_packages: + - oracle-release-el8 - curl - mc - wget @@ -57,10 +58,6 @@ yum_extra_epel_packages: - nmon - pv - rkhunter -epel: - priority: 60 - path: /etc/yum.repos.d/oracle-epel-ol8.repo - section: ol8_developer_EPEL epel_package: - oracle-epel-release-el8 selinux: @@ -72,40 +69,6 @@ webmin: timeout: 120 mirrorlist: http://download.webmin.com/download/yum/mirrorlist enabled: 1 -zabbix: - repository: - - url: https://repo.zabbix.com/zabbix/6.2/rhel/8/x86_64/zabbix-release-6.2-1.el8.noarch.rpm - name: zabbix-agent2 - file: /etc/yum.repos.d/zabbix.repo - gpgkey: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591 - priorities: - - name: zabbix - priority: 20 - path: /etc/yum.repos.d/zabbix.repo - package: - service: zabbix-agent2 -puppet: - repository: - - url: https://yum.puppet.com/puppet7-release-el-8.noarch.rpm - gpgkey: https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406 - service: - - name: puppet - state: stopped - enabled: no - priorities: - - name: puppet7 - priority: 20 - path: /etc/yum.repos.d/puppet7.repo - package: - name: puppet-agent - config: - location: /etc/puppetlabs/puppet/puppet.conf - mode: "0644" - agent: - - key: runinterval - value: 1800 - - key: server - value: foreman.example.com neofetch: # repository: # - url: https://copr.fedorainfracloud.org/coprs/konimex/neofetch/repo/epel-8/konimex-neofetch-epel-8.repo @@ -124,8 +87,6 @@ firewalld: default_zone: work rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="22" protocol="tcp" accept' - zabbix_rich_rules: - - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10050-10051" protocol="tcp" accept' webmin_rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10000" protocol="tcp" accept' cockpit_rich_rules: @@ -168,3 +129,10 @@ motd: | fi export XAUTHORITY=$HOME/.Xauthority export PATH="/usr/local/bin:$PATH" +kernel_parameters: + - key: "fsck.repair" + value: "yes" + state: present + - key: "systemd.unified_cgroup_hierarchy" + value: "1" + state: present diff --git a/extra/playbooks/provision_oracle9_variables.yml b/extra/playbooks/provision_oracle9_variables.yml index 5d056bf..8908f64 100644 --- a/extra/playbooks/provision_oracle9_variables.yml +++ b/extra/playbooks/provision_oracle9_variables.yml @@ -1,4 +1,5 @@ initial_packages: + - oracle-epel-release-el9 - curl - mc - wget @@ -58,10 +59,6 @@ yum_extra_epel_packages: - nmon - pv - rkhunter -epel: - priority: 60 - path: /etc/yum.repos.d/oracle-epel-ol9.repo - section: ol9_developer_EPEL epel_package: - oracle-epel-release-el9 selinux: @@ -73,44 +70,7 @@ webmin: timeout: 120 mirrorlist: http://download.webmin.com/download/yum/mirrorlist enabled: 1 -zabbix: - repository: - - url: https://repo.zabbix.com/zabbix/6.2/rhel/9/x86_64/zabbix-release-6.2-2.el9.noarch.rpm - name: zabbix-agent2 - file: /etc/yum.repos.d/zabbix.repo - gpgkey: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591 - priorities: - - name: zabbix - priority: 20 - path: /etc/yum.repos.d/zabbix.repo - package: - service: zabbix-agent2 -puppet: - repository: - - url: https://yum.puppet.com/puppet7-release-el-9.noarch.rpm - gpgkey: https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406 - service: - - name: puppet - state: stopped - enabled: no - priorities: - - name: puppet7 - priority: 20 - path: /etc/yum.repos.d/puppet7.repo - package: - name: puppet-agent - config: - location: /etc/puppetlabs/puppet/puppet.conf - mode: "0644" - agent: - - key: runinterval - value: 1800 - - key: server - value: foreman.example.com neofetch: - # repository: - # - url: https://copr.fedorainfracloud.org/coprs/konimex/neofetch/repo/epel-8/konimex-neofetch-epel-9.repo - # dest: /etc/yum.repos.d/konimex-neofetch.repo package: name: neofetch options: @@ -125,8 +85,6 @@ firewalld: default_zone: work rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="22" protocol="tcp" accept' - zabbix_rich_rules: - - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10050-10051" protocol="tcp" accept' webmin_rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10000" protocol="tcp" accept' cockpit_rich_rules: @@ -169,3 +127,8 @@ motd: | fi export XAUTHORITY=$HOME/.Xauthority export PATH="/usr/local/bin:$PATH" +kernel_parameters: + - key: "fsck.repair" + value: "yes" + state: present + diff --git a/extra/playbooks/provision_rhel.yaml b/extra/playbooks/provision_rhel.yaml index 135dc0e..2410a83 100644 --- a/extra/playbooks/provision_rhel.yaml +++ b/extra/playbooks/provision_rhel.yaml @@ -1,20 +1,14 @@ -# Pass true in variables # ansible-galaxy collection install ansible.posix -- name: prepare_centos_machine +# ansible-galaxy collection install community.general +- name: prepare_rhel_machine hosts: all vars: install_epel: false - change_epel_priority: false install_webmin: false install_hyperv: false - install_zabbix: false - install_zabbix_as_root: false install_cockpit: false - install_puppet: false - install_docker_workaround: false - install_kubernetes_workaround: false + install_kernel_parameters: true install_motd: false - remove_puppet_ssl_keys: false install_neofetch: false install_updates: false install_extra_groups: false @@ -23,6 +17,7 @@ delay_time: 15 retries_count: 2 reboot_server: false + playbook_version: "20240404" become: true gather_facts: false pre_tasks: @@ -65,23 +60,24 @@ - "Extra volume prepare :{{ docker_prepare | lower }}" - "Install Cockpit :{{ install_cockpit | lower }}" - "Install EPEL :{{ install_epel | lower }}" - - "Change EPEL priority :{{ change_epel_priority | lower }}" - "Install extra groups :{{ install_extra_groups | lower }}" - "Install Hyperv :{{ install_hyperv | lower }}" - "Install MOTD :{{ install_motd | lower }}" - "Install Neofetch :{{ install_neofetch | lower }}" - - "Install Puppet :{{ install_puppet | lower }}" + - "Install kernel parameters :{{ install_kernel_parameters | lower }}" - "Install updates :{{ install_updates | lower }}" - "Install Webmin :{{ install_webmin | lower }}" - - "Install Zabbix :{{ install_zabbix | lower }}" - - "Install Zabbix Agent as root :{{ install_zabbix_as_root | lower }}" - "Reboot server :{{ reboot_server | lower }}" + - "Playbook version :{{ playbook_version }}" + # initial cleaning and refreshing metadata for packages - name: initial_clean ansible.builtin.debug: msg: "Starting provision" - notify: clean-metadata - changed_when: true + notify: + - clean-metadata + - makecache + changed_when: false - name: install_initial_packages ansible.builtin.package: name: "{{ item }}" @@ -110,38 +106,21 @@ - packages - base when: install_epel - - name: enable_epel - community.general.ini_file: - path: "{{ epel.path }} | default ('/etc/yum.repos.d/epel.repo')" - section: "{{ epel.section }} | default ('epel')" - option: enabled - value: "1" - mode: "0644" - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - when: r_install_epel is success and install_epel - register: r_enable_epel - until: r_enable_epel is success - tags: - - packages - - base - # change priority for epel repo - mandatory for other settings - - name: change_epel_priority - community.general.ini_file: - path: "{{ epel.path }} | default('/etc/yum.repos.d/epel.repo')" - section: epel - option: priority - value: "{{ epel.priority | int }}" - mode: "0644" - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - when: r_install_epel is success and r_enable_epel is success and install_epel - notify: makecache - register: r_change_epel_priority - until: r_change_epel_priority is success - tags: - - packages - - base + # - name: enable_epel + # community.general.ini_file: + # path: "{{ epel.path }} | default ('/etc/yum.repos.d/epel.repo')" + # section: "{{ epel.section }} | default ('epel')" + # option: enabled + # value: "1" + # mode: "0644" + # retries: "{{ retries_count }}" + # delay: "{{ delay_time }}" + # when: r_install_epel is success and install_epel + # register: r_enable_epel + # until: r_enable_epel is success + # tags: + # - packages + # - base # let's install extra yumgroups - name: refresh_repos ansible.builtin.debug: @@ -178,7 +157,7 @@ delay: "{{ delay_time }}" register: r_install_extra_packages until: r_install_extra_packages is success - when: r_install_epel is success and r_enable_epel is success and install_epel + when: r_install_epel is success and install_epel # set selinux policy - name: set_selinux_policy ansible.posix.selinux: @@ -222,91 +201,6 @@ delay: "{{ delay_time }}" until: r_start_webmin is success - # start zabbix block - - name: start_zabbix_block - when: install_zabbix - block: - - name: import_gpg_zabix_key - ansible.builtin.rpm_key: - key: "{{ item.gpgkey }}" - state: present - validate_certs: false - loop: "{{ zabbix.repository }}" - notify: - - clean-metadata - - makecache - - name: install_zabbix_repository - ansible.builtin.package: - name: "{{ item.url }}" - state: present - loop: "{{ zabbix.repository }}" - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - register: r_zabbix_repository - until: r_zabbix_repository is success - notify: makecache - - name: disable_zabbix_test_repos - community.general.ini_file: - path: /etc/yum.repos.d/zabbix.repo - section: zabbix-non-supported - option: enabled - value: "0" - mode: "0644" - when: r_zabbix_repository is success - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - register: r_zabbix_non_supported_disable - until: r_zabbix_non_supported_disable is success - - name: change_zabbix_priority - community.general.ini_file: - path: "{{ item.path }}" - section: "{{ item.name }}" - option: "priority" - value: "{{ item.priority }}" - mode: "0644" - when: r_zabbix_repository is success - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - register: r_change_zabbix_priority - loop: "{{ zabbix.priorities }}" - until: r_change_zabbix_priority is success - notify: makecache - - name: install_zabbix_agent_package - ansible.builtin.package: - name: "{{ item.name }}" - state: latest - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - register: r_zabbix_package - loop: "{{ zabbix.repository }}" - until: r_zabbix_package is success - - name: zabbix_agent_tweaks_folder - ansible.builtin.file: - path: "/etc/systemd/system/{{ zabbix.package.service }}.service.d" - state: directory - mode: '0755' - when: install_zabbix_as_root is defined and install_zabbix_as_root - - name: zabbix_agent_tweaks_content - ansible.builtin.copy: - dest: "/etc/systemd/system/{{ zabbix.package.service }}.service.d/override.conf" - content: | - [Service] - User=root - Group=root - mode: "0644" - when: install_zabbix_as_root is defined and install_zabbix_as_root - - name: start_zabbix - ansible.builtin.systemd: - name: "{{ zabbix.package.service }}" - state: restarted - enabled: true - daemon_reload: true - register: r_start_zabbix - delay: "{{ delay_time }}" - retries: "{{ retries_count }}" - until: r_start_zabbix is success - when: r_zabbix_package is success - changed_when: false - name: start_cockpit_block when: install_cockpit is defined and install_cockpit @@ -325,97 +219,6 @@ retries: "{{ retries_count }}" until: r_start_cockpit is success - # start puppet block - - name: start_puppet_block - when: install_puppet - block: - - name: import_gpg_puppet_key - ansible.builtin.rpm_key: - key: "{{ item.gpgkey }}" - state: present - loop: "{{ puppet.repository }}" - notify: - - clean-metadata - - makecache - - name: install_puppet_repository - ansible.builtin.yum: - name: "{{ item.url }}" - state: present - loop: "{{ puppet.repository }}" - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - register: r_puppet_repository - notify: makecache - until: r_puppet_repository is success - - name: puppet_repository_priority - community.general.ini_file: - path: "{{ item.path }}" - section: "{{ item.name }}" - option: "priority" - value: "{{ item.priority }}" - mode: "0644" - when: r_puppet_repository is success - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - register: r_puppet_repository_priority - loop: "{{ puppet.priorities }}" - until: r_puppet_repository_priority is success - notify: makecache - - name: install_puppet_package - ansible.builtin.yum: - name: "{{ puppet.package.name }}" - state: latest - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - register: r_install_puppet_package - until: r_install_puppet_package is success - - name: set_puppet_service_state - ansible.builtin.systemd: - name: "{{ item.name }}" - state: "{{ item.state }}" - enabled: "{{ item.enabled }}" - loop: "{{ puppet.service }}" - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - register: r_set_puppet_service - until: r_set_puppet_service is success - when: r_install_puppet_package is success - - name: remove_temp_ssl_keys - ansible.builtin.file: - path: /etc/puppetlabs/puppet/ssl - state: absent - register: r_remove_temp_ssl_keys - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - until: r_remove_temp_ssl_keys is success - when: r_install_puppet_package is success and remove_puppet_ssl_keys - - name: create_puppet_config - ansible.builtin.file: - path: "{{ puppet.config.location }}" - state: touch - mode: "{{ puppet.config.mode }}" - modification_time: preserve - access_time: preserve - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - register: r_create_puppet_config - until: r_create_puppet_config is success - when: r_install_puppet_package is success - - name: add_puppet_config_options - community.general.ini_file: - path: "{{ puppet.config.location }}" - state: present - section: main - option: "{{ item.key }}" - value: "{{ item.value }}" - mode: "0644" - loop: "{{ puppet.config.agent }}" - register: r_add_puppet_config_options - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - until: r_add_puppet_config_options is success - when: r_install_puppet_package is success - # start neofetch block - requires changes from script to 'per option' settings - name: start_neofetch_block when: install_neofetch @@ -680,20 +483,6 @@ until: r_add_rich_rules is success notify: reload_firewalld when: ansible_default_ipv4.interface is defined - - name: add_zabbix_rich_rules - ansible.posix.firewalld: - rich_rule: "{{ item.rule }}" - zone: "{{ firewalld.default_zone }}" - immediate: true - state: enabled - permanent: true - loop: "{{ firewalld.zabbix_rich_rules }}" - retries: "{{ retries_count }}" - delay: "{{ delay_time }}" - register: r_add_zabbix_rich_rules - until: r_add_zabbix_rich_rules is success - notify: reload_firewalld - when: ansible_default_ipv4.interface is defined and install_zabbix - name: add_webmin_rich_rules ansible.posix.firewalld: rich_rule: "{{ item.rule }}" @@ -737,6 +526,40 @@ until: r_remove_redundand_services is success notify: reload_firewalld when: ansible_default_ipv4.interface is defined + + # set kernel parameters + - name: set kernel parameters + when: (install_kernel_parameters is defined and install_kernel_parameters) + block: + # install grubby parameters + - name: get_info_from_grubby + ansible.builtin.command: grubby --info=ALL + register: r_grubby_info + any_errors_fatal: false + failed_when: false + changed_when: false + until: r_grubby_info is success + when: (install_kernel_parameters is defined and install_kernel_parameters) + - name: update_grub_kernel_options_for_all_machines + ansible.builtin.command: "grubby --args {{ item.key }}={{ item.value }} --update-kernel=ALL" + when: (item.key ~ "=" ~ item.value not in r_grubby_info.stdout) and (item.state is defined and item.state == "present") + loop: "{{ kernel_parameters }}" + changed_when: false + failed_when: false + - name: remove_grub_kernel_options_for_all_machines + ansible.builtin.command: "grubby --remove-args {{ item.key }}={{ item.value }} --update-kernel=ALL" + when: (item.key ~ "=" ~ item.value in r_grubby_info.stdout) and (item.state is defined and item.state == "absent") + loop: "{{ kernel_parameters }}" + changed_when: false + failed_when: false + - name: get_info_from_grubby + ansible.builtin.command: grubby --info=ALL + register: r_grubby_info + any_errors_fatal: false + failed_when: false + changed_when: false + until: r_grubby_info is success + # last touch and cleaning block - name: last_touch_and_cleaning_block block: @@ -795,14 +618,14 @@ when: machine_type != "guest" and machine_type is defined changed_when: false - name: Enable synchronize system clock - ansible.builtin.shell: timedatectl set-ntp true + ansible.builtin.command: timedatectl set-ntp true retries: "{{ retries_count }}" delay: "{{ delay_time }}" register: r_set_ntp until: r_set_ntp is success failed_when: false changed_when: false - - name: Restart chronyd service + - name: restart_chronyd_service ansible.builtin.systemd: name: chronyd state: restarted @@ -817,24 +640,7 @@ failed_when: false any_errors_fatal: false changed_when: false - - name: get_info_from_grubby - ansible.builtin.command: grubby --info=ALL - register: r_grubby_info - any_errors_fatal: false - failed_when: false - changed_when: false - until: r_grubby_info is success - when: (install_docker_workaround is defined and install_docker_workaround) or (install_kubernetes_workaround is defined and install_kubernetes_workaround) - - name: update_grub_fsck_options_for_all_machines - ansible.builtin.command: grubby --args "fsck.repair=yes" --update-kernel=ALL - when: (install_docker_workaround is defined and install_docker_workaround) and ("fsck.repair=yes" not in r_grubby_info.stdout) - changed_when: false - failed_when: false - - name: update_grub_accounting_options_for_kubernetes - ansible.builtin.command: grubby --args "cgroup.memory=nokmem" --update-kernel=ALL - when: (install_kubernetes_workaround is defined and install_kubernetes_workaround) and (r_grubby_info is defined and "cgroup.memory=nokmem" not in r_grubby_info.stdout) - changed_when: false - failed_when: false + # cleanup kernels in post 8 releases - name: cleanup_kernels_post_8 ansible.builtin.shell: "dnf -y remove --oldinstallonly --setopt installonly_limit=2 kernel|| true" @@ -846,6 +652,7 @@ changed_when: false ignore_errors: true any_errors_fatal: false + # cleanup kernels in pre 8 releases - name: cleanup_kernels_7 ansible.builtin.command: "package-cleanup --oldkernels --count=2 -y -v" register: r_cleanup_kernels_7 diff --git a/extra/playbooks/provision_rocky8_variables.yml b/extra/playbooks/provision_rocky8_variables.yml index 090bd7a..993c308 100644 --- a/extra/playbooks/provision_rocky8_variables.yml +++ b/extra/playbooks/provision_rocky8_variables.yml @@ -1,4 +1,5 @@ initial_packages: + - rocky-release - curl - mc - wget @@ -57,10 +58,6 @@ yum_extra_epel_packages: - nmon - pv - rkhunter -epel: - priority: 60 - path: /etc/yum.repos.d/epel.repo - section: epel epel_package: - epel-release selinux: @@ -72,40 +69,6 @@ webmin: timeout: 120 mirrorlist: http://download.webmin.com/download/yum/mirrorlist enabled: 1 -zabbix: - repository: - - url: https://repo.zabbix.com/zabbix/6.2/rhel/8/x86_64/zabbix-release-6.2-1.el8.noarch.rpm - name: zabbix-agent2 - file: /etc/yum.repos.d/zabbix.repo - gpgkey: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591 - priorities: - - name: zabbix - priority: 20 - path: /etc/yum.repos.d/zabbix.repo - package: - service: zabbix-agent2 -puppet: - repository: - - url: https://yum.puppet.com/puppet7-release-el-8.noarch.rpm - gpgkey: https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406 - service: - - name: puppet - state: stopped - enabled: no - priorities: - - name: puppet7 - priority: 20 - path: /etc/yum.repos.d/puppet7.repo - package: - name: puppet-agent - config: - location: /etc/puppetlabs/puppet/puppet.conf - mode: "0644" - agent: - - key: runinterval - value: 1800 - - key: server - value: foreman.example.com neofetch: repository: - url: https://copr.fedorainfracloud.org/coprs/konimex/neofetch/repo/epel-8/konimex-neofetch-epel-8.repo @@ -124,8 +87,6 @@ firewalld: default_zone: work rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="22" protocol="tcp" accept' - zabbix_rich_rules: - - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10050-10051" protocol="tcp" accept' webmin_rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10000" protocol="tcp" accept' cockpit_rich_rules: @@ -168,3 +129,10 @@ motd: | fi export XAUTHORITY=$HOME/.Xauthority export PATH="/usr/local/bin:$PATH" +kernel_parameters: + - key: "fsck.repair" + value: "yes" + state: present + - key: "systemd.unified_cgroup_hierarchy" + value: "1" + state: present \ No newline at end of file diff --git a/extra/playbooks/provision_rocky9_variables.yml b/extra/playbooks/provision_rocky9_variables.yml index 70f46c8..16dcb67 100644 --- a/extra/playbooks/provision_rocky9_variables.yml +++ b/extra/playbooks/provision_rocky9_variables.yml @@ -1,4 +1,5 @@ initial_packages: + - rocky-release - curl - mc - wget @@ -58,10 +59,6 @@ yum_extra_epel_packages: - nmon - pv - rkhunter -epel: - priority: 60 - path: /etc/yum.repos.d/epel.repo - section: epel epel_package: - epel-release selinux: @@ -73,44 +70,7 @@ webmin: timeout: 120 mirrorlist: http://download.webmin.com/download/yum/mirrorlist enabled: 1 -zabbix: - repository: - - url: https://repo.zabbix.com/zabbix/6.2/rhel/9/x86_64/zabbix-release-6.2-2.el9.noarch.rpm - name: zabbix-agent2 - file: /etc/yum.repos.d/zabbix.repo - gpgkey: https://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591 - priorities: - - name: zabbix - priority: 20 - path: /etc/yum.repos.d/zabbix.repo - package: - service: zabbix-agent2 -puppet: - repository: - - url: https://yum.puppet.com/puppet7-release-el-9.noarch.rpm - gpgkey: https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406 - service: - - name: puppet - state: stopped - enabled: no - priorities: - - name: puppet7 - priority: 20 - path: /etc/yum.repos.d/puppet7.repo - package: - name: puppet-agent - config: - location: /etc/puppetlabs/puppet/puppet.conf - mode: "0644" - agent: - - key: runinterval - value: 1800 - - key: server - value: foreman.example.com neofetch: -# repository: -# - url: https://copr.fedorainfracloud.org/coprs/konimex/neofetch/repo/epel-8/konimex-neofetch-epel-8.repo -# dest: /etc/yum.repos.d/konimex-neofetch.repo package: name: neofetch options: @@ -125,8 +85,6 @@ firewalld: default_zone: work rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="22" protocol="tcp" accept' - zabbix_rich_rules: - - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10050-10051" protocol="tcp" accept' webmin_rich_rules: - rule: 'rule family="ipv4" source address="0.0.0.0/0" port port="10000" protocol="tcp" accept' cockpit_rich_rules: @@ -169,3 +127,7 @@ motd: | fi export XAUTHORITY=$HOME/.Xauthority export PATH="/usr/local/bin:$PATH" +kernel_parameters: + - key: "fsck.repair" + value: "yes" + state: present diff --git a/extra/scripts/virtualbox/bootstrap.ps1 b/extra/scripts/virtualbox/bootstrap.ps1 index dd20657..429b6ff 100755 --- a/extra/scripts/virtualbox/bootstrap.ps1 +++ b/extra/scripts/virtualbox/bootstrap.ps1 @@ -4,18 +4,19 @@ # http://msdn.microsoft.com/en-us/library/windows/desktop/aa370750(v=vs.85).aspx # http://blogs.msdn.com/b/powershell/archive/2009/04/03/setting-network-location-to-private.aspx -Write-Output "Bootstrap: Copy unattend.xml to C:\Windows\Panther\Unattend\" +Write-Output "Bootstrap: Copy Autounattend.xml to C:\Windows\Panther\Unattend\" New-Item C:\Windows\Panther\Unattend -Type Directory New-Item c:\Scripts -Type Directory -Copy-Item a:\unattend.xml C:\Windows\Panther\Unattend\ -Force +Copy-Item f:\Autounattend.xml C:\Windows\Panther\Unattend\unattend.xml -Force New-Item -Path 'C:\Windows\Setup\Scripts' -ItemType Directory -Force -Write-Output "Bootstrap: Copy certificates" try { - Copy-Item a:\vbox-sha256.cer c:\Scripts -Force - Copy-Item a:\vbox-sha1.cer c:\Scripts -Force + Write-Output "Bootstrap: Copy certificates" + Copy-Item f:\vbox-sha256.cer c:\Scripts -Force + Copy-Item f:\vbox-sha1.cer c:\Scripts -Force certutil -addstore -f "TrustedPublisher" c:\Scripts\vbox-sha256.cer certutil -addstore -f "TrustedPublisher" c:\Scripts\vbox-sha1.cer } + catch { Write-Output "Bootstrap failed" } diff --git a/extra/scripts/virtualbox/generalize.ps1 b/extra/scripts/virtualbox/generalize.ps1 index 463d059..b9b1c58 100755 --- a/extra/scripts/virtualbox/generalize.ps1 +++ b/extra/scripts/virtualbox/generalize.ps1 @@ -1,31 +1,49 @@ -# Generalize -$vboxguestinstalled=$false - -Write-Output "Starting Phase 5a - generalize and prepare sysprep scripts" +Write-Output "Starting Phase 5a - Generalize and prepare sysprep scripts" New-Item -Path 'C:\Windows\Setup\Scripts' -ItemType Directory -Force +# Initialize variable to check if Guest Additions are installed +$vboxGuestInstalled = $false -# Installing Guest Additions -Write-Host 'Installing Virtualbox Guest Additions' -if (Test-Path d:\VBoxWindowsAdditions.exe) { - Write-Host "Mounting Drive D: with VBoxWindowsAdditions" - & d:\VBoxWindowsAdditions.exe /S - Write-Host "Sleeping for 60 seconds so we are sure the tools are installed before reboot" - Start-Sleep -s 60 - $vboxguestinstalled=$true -} -if (Test-Path e:\VBoxWindowsAdditions.exe) { - Write-Host "Mounting Drive E: with VBoxWindowsAdditions" - & E:\VBoxWindowsAdditions.exe /S - Write-Host "Sleeping for 60 seconds so we are sure the tools are installed before reboot" - Start-Sleep -s 60 - $vboxguestinstalled=$true +# Function to install VirtualBox Guest Additions +function Install-VBoxGuestAdditions { + param ( + [string]$driveLetter + ) + $installerPath = "${driveLetter}:\VBoxWindowsAdditions.exe" + if (Test-Path $installerPath) { + Write-Host "Found VBoxWindowsAdditions.exe at $installerPath" + Write-Host "Installing Virtualbox Guest Additions from $installerPath" + & $installerPath /S + if ($?) { + Write-Host "Installation successful. Sleeping for 60 seconds to ensure completion." + Start-Sleep -s 60 + $global:vboxGuestInstalled = $true + } else { + Write-Output "Error occurred during installation from $installerPath." + } + } else { + Write-Output "VBoxWindowsAdditions.exe not found at $installerPath" + } } -Write-Output "Ending Phase 5a - generalize and prepare sysprep scripts" -if ($vboxguestinstalled) { - exit 0 + + + + +# Enumerate all drives and attempt to install Guest Additions from the first match +Get-PSDrive -PSProvider 'FileSystem' | ForEach-Object { + if (-not $vboxGuestInstalled) { + Install-VBoxGuestAdditions -driveLetter $_.Name + } + $vboxGuestInstalled=$true } -else { - Write-Output "Virtualbox Guest Addition Failed - exiting" - exit (-1) + + + +Write-Output "Ending Phase 5a - Generalize and prepare sysprep scripts" +if ($vboxGuestInstalled) { + Write-Output "Virtualbox Guest Additions installed successfully." + exit 0 +} else { + Write-Output "Virtualbox Guest Addition installation failed - exiting." + exit -1 } diff --git a/extra/scripts/virtualbox/sysprep.cmd b/extra/scripts/virtualbox/sysprep.cmd index 7ba798e..51471ee 100644 --- a/extra/scripts/virtualbox/sysprep.cmd +++ b/extra/scripts/virtualbox/sysprep.cmd @@ -1,3 +1,3 @@ sc config winrm start=auto -C:/windows/system32/sysprep/sysprep.exe /generalize /oobe /unattend:C:/Windows/Panther/Unattend/unattend.xml /quiet /shutdown +C:/windows/system32/sysprep/sysprep.exe /generalize /oobe /quiet /shutdown diff --git a/templates/hv_rhel.pkr.hcl b/templates/hv_rhel.pkr.hcl index 66f69ab..a8ba38b 100644 --- a/templates/hv_rhel.pkr.hcl +++ b/templates/hv_rhel.pkr.hcl @@ -48,10 +48,10 @@ variable "output_directory" { type = string default = "" } -variable "provision_script_options" { - type = string - default = "" -} +// variable "provision_script_options" { +// type = string +// default = "" +// } variable "output_vagrant" { type = string default = "" diff --git a/vagrant/hv_almalinux92_g2.template b/vagrant/hv_almalinux94_g2.template similarity index 95% rename from vagrant/hv_almalinux92_g2.template rename to vagrant/hv_almalinux94_g2.template index 6e21b5c..3a38635 100644 --- a/vagrant/hv_almalinux92_g2.template +++ b/vagrant/hv_almalinux94_g2.template @@ -5,7 +5,7 @@ Vagrant.require_version ">= 1.6.2" Vagrant.configure("2") do |config| config.vm.define "vagrant-almalinux86" - config.vm.box = "almalinux92" + config.vm.box = "almalinux94" config.vm.communicator = "ssh" config.vm.synced_folder ".", "/vagrant", type: "rsync", disabled: "true" diff --git a/vagrant/hv_oraclelinux92_g2.template b/vagrant/hv_oraclelinux94_g2.template similarity index 94% rename from vagrant/hv_oraclelinux92_g2.template rename to vagrant/hv_oraclelinux94_g2.template index b2d2c53..4ab3ce1 100644 --- a/vagrant/hv_oraclelinux92_g2.template +++ b/vagrant/hv_oraclelinux94_g2.template @@ -4,7 +4,7 @@ Vagrant.require_version ">= 1.6.2" Vagrant.configure("2") do |config| - config.vm.define "vagrant-oraclelinux92" + config.vm.define "vagrant-oraclelinux94" config.vm.box = "oraclelinux92" config.vm.communicator = "ssh" config.vm.synced_folder ".", "/vagrant", type: "rsync", disabled: "true" diff --git a/vagrant/hv_rockylinux92_g2.template b/vagrant/hv_rockylinux94_g2.template similarity index 94% rename from vagrant/hv_rockylinux92_g2.template rename to vagrant/hv_rockylinux94_g2.template index 14fa742..9e3a28b 100644 --- a/vagrant/hv_rockylinux92_g2.template +++ b/vagrant/hv_rockylinux94_g2.template @@ -4,7 +4,7 @@ Vagrant.require_version ">= 1.6.2" Vagrant.configure("2") do |config| - config.vm.define "vagrant-rockylinux92" + config.vm.define "vagrant-rockylinux94" config.vm.box = "rockylinux92" config.vm.communicator = "ssh" config.vm.synced_folder ".", "/vagrant", type: "rsync", disabled: "true" diff --git a/variables/ansible/almalinux8.yml b/variables/ansible/almalinux8.yml index f4b6bdf..e94e2f8 100644 --- a/variables/ansible/almalinux8.yml +++ b/variables/ansible/almalinux8.yml @@ -1,17 +1,12 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false -install_docker_workaround: true +install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true docker_prepare: false extra_device: "" install_motd: true - diff --git a/variables/ansible/almalinux8_docker.yml b/variables/ansible/almalinux8_docker.yml index bebdc88..b581ef2 100644 --- a/variables/ansible/almalinux8_docker.yml +++ b/variables/ansible/almalinux8_docker.yml @@ -1,17 +1,12 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false -install_docker_workaround: true +install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true docker_prepare: true extra_device: "sdb" install_motd: true - diff --git a/variables/ansible/almalinux9.yml b/variables/ansible/almalinux9.yml index 21e7d29..e94e2f8 100644 --- a/variables/ansible/almalinux9.yml +++ b/variables/ansible/almalinux9.yml @@ -1,17 +1,12 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true docker_prepare: false extra_device: "" install_motd: true - diff --git a/variables/ansible/almalinux9_docker.yml b/variables/ansible/almalinux9_docker.yml index 74ed3ab..b581ef2 100644 --- a/variables/ansible/almalinux9_docker.yml +++ b/variables/ansible/almalinux9_docker.yml @@ -1,13 +1,9 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false -install_docker_workaround: true +install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true diff --git a/variables/ansible/centos7.yml b/variables/ansible/centos7.yml deleted file mode 100644 index bb4dd29..0000000 --- a/variables/ansible/centos7.yml +++ /dev/null @@ -1,17 +0,0 @@ -install_epel: true -install_webmin: true -install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false -install_cockpit: false -install_puppet: false -install_docker_workaround: true -install_kubernetes_workaround: false -remove_puppet_ssl_keys: false -install_neofetch: true -install_updates: true -install_extra_groups: true -docker_prepare: false -extra_device: "" -install_motd: true - diff --git a/variables/ansible/centos7_docker.yml b/variables/ansible/centos7_docker.yml deleted file mode 100644 index 1110961..0000000 --- a/variables/ansible/centos7_docker.yml +++ /dev/null @@ -1,17 +0,0 @@ -install_epel: true -install_webmin: true -install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false -install_cockpit: false -install_puppet: false -install_docker_workaround: true -install_kubernetes_workaround: false -remove_puppet_ssl_keys: false -install_neofetch: true -install_updates: true -install_extra_groups: true -docker_prepare: true -extra_device: "sdb" -install_motd: true - diff --git a/variables/ansible/oraclelinux8.yml b/variables/ansible/oraclelinux8.yml index f4b6bdf..e94e2f8 100644 --- a/variables/ansible/oraclelinux8.yml +++ b/variables/ansible/oraclelinux8.yml @@ -1,17 +1,12 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false -install_docker_workaround: true +install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true docker_prepare: false extra_device: "" install_motd: true - diff --git a/variables/ansible/oraclelinux8_docker.yml b/variables/ansible/oraclelinux8_docker.yml index bebdc88..b581ef2 100644 --- a/variables/ansible/oraclelinux8_docker.yml +++ b/variables/ansible/oraclelinux8_docker.yml @@ -1,17 +1,12 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false -install_docker_workaround: true +install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true docker_prepare: true extra_device: "sdb" install_motd: true - diff --git a/variables/ansible/oraclelinux9.yml b/variables/ansible/oraclelinux9.yml index f4b6bdf..e94e2f8 100644 --- a/variables/ansible/oraclelinux9.yml +++ b/variables/ansible/oraclelinux9.yml @@ -1,17 +1,12 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false -install_docker_workaround: true +install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true docker_prepare: false extra_device: "" install_motd: true - diff --git a/variables/ansible/oraclelinux9_docker.yml b/variables/ansible/oraclelinux9_docker.yml index bebdc88..b581ef2 100644 --- a/variables/ansible/oraclelinux9_docker.yml +++ b/variables/ansible/oraclelinux9_docker.yml @@ -1,17 +1,12 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false -install_docker_workaround: true +install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true docker_prepare: true extra_device: "sdb" install_motd: true - diff --git a/variables/ansible/rockylinux8.yml b/variables/ansible/rockylinux8.yml index f4b6bdf..474e324 100644 --- a/variables/ansible/rockylinux8.yml +++ b/variables/ansible/rockylinux8.yml @@ -1,13 +1,9 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false -install_docker_workaround: true +install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true diff --git a/variables/ansible/rockylinux8_docker.yml b/variables/ansible/rockylinux8_docker.yml index bebdc88..b581ef2 100644 --- a/variables/ansible/rockylinux8_docker.yml +++ b/variables/ansible/rockylinux8_docker.yml @@ -1,17 +1,12 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false -install_docker_workaround: true +install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true docker_prepare: true extra_device: "sdb" install_motd: true - diff --git a/variables/ansible/rockylinux9.yml b/variables/ansible/rockylinux9.yml index 89ffc37..e94e2f8 100644 --- a/variables/ansible/rockylinux9.yml +++ b/variables/ansible/rockylinux9.yml @@ -1,13 +1,9 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false -install_docker_workaround: true +install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true diff --git a/variables/ansible/rockylinux9_docker.yml b/variables/ansible/rockylinux9_docker.yml index bebdc88..b581ef2 100644 --- a/variables/ansible/rockylinux9_docker.yml +++ b/variables/ansible/rockylinux9_docker.yml @@ -1,17 +1,12 @@ install_epel: true install_webmin: false install_hyperv: true -install_zabbix: false -install_zabbix_as_root: false install_cockpit: true -install_puppet: false -install_docker_workaround: true +install_docker_workaround: false install_kubernetes_workaround: false -remove_puppet_ssl_keys: false install_neofetch: true install_updates: true install_extra_groups: true docker_prepare: true extra_device: "sdb" install_motd: true - diff --git a/variables/variables_almalinux-9.3.pkvars.hcl b/variables/variables_almalinux-9.4.pkvars.hcl similarity index 57% rename from variables/variables_almalinux-9.3.pkvars.hcl rename to variables/variables_almalinux-9.4.pkvars.hcl index e329349..2be306b 100644 --- a/variables/variables_almalinux-9.3.pkvars.hcl +++ b/variables/variables_almalinux-9.4.pkvars.hcl @@ -1,21 +1,21 @@ -iso_url = "https://repo.almalinux.org/almalinux/9.3/isos/x86_64/AlmaLinux-9.3-x86_64-dvd.iso" +iso_url = "https://repo.almalinux.org/almalinux/9.4/isos/x86_64/AlmaLinux-9.4-x86_64-dvd.iso" iso_checksum_type = "sha256" -iso_checksum = "4a8c4ed4b79edd0977d7f88be7c07e12c4b748671a7786eb636c6700e58068d5" -vm_name = "packer-almalinux93-g2" +iso_checksum = "34c4285d524605da6dbd76b0b475338f6ea0a28bb88929bf14b04db68f1e1620" +vm_name = "packer-almalinux94-g2" disk_size = "70000" disk_additional_size = ["150000"] switch_name = "vSwitch" -output_directory = "output-almalinux93" -output_vagrant = "./vbox/packer-almalinux93-g2.box" +output_directory = "output-almalinux94" +output_vagrant = "./vbox/packer-almalinux94-g2.box" vlan_id = "" memory = "4096" cpus = "4" -vagrantfile_template = "./vagrant/hv_almalinux92_g2.template" +vagrantfile_template = "./vagrant/hv_almalinux94_g2.template" ssh_password = "password" provision_script_options = "-z false" -boot_command = "c setparams 'kickstart' <enter> linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=AlmaLinux-9-3-x86_64-dvd inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/almalinux/9/hyperv/ks.cfg<enter> initrdefi /images/pxeboot/initrd.img<enter> boot<enter>" +boot_command = "c setparams 'kickstart' <enter> linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=AlmaLinux-9-4-x86_64-dvd inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/almalinux/9/hyperv/ks.cfg<enter> initrdefi /images/pxeboot/initrd.img<enter> boot<enter>" ansible_override = "variables/ansible/almalinux9.yml" ansible_variables= "extra/playbooks/provision_alma9_variables.yml" ansible_playbook = "extra/playbooks/provision_rhel.yaml" neofetch_file="extra/files/gen2-linux/prepare_neofetch.sh" -uefi_file="extra/files/almalinux/9/uefi.sh" \ No newline at end of file +uefi_file="extra/files/almalinux/9/uefi.sh" diff --git a/variables/variables_oraclelinux-9.3.pkvars.hcl b/variables/variables_oraclelinux-9.4.pkvars.hcl similarity index 57% rename from variables/variables_oraclelinux-9.3.pkvars.hcl rename to variables/variables_oraclelinux-9.4.pkvars.hcl index 7080883..3224d51 100644 --- a/variables/variables_oraclelinux-9.3.pkvars.hcl +++ b/variables/variables_oraclelinux-9.4.pkvars.hcl @@ -1,19 +1,19 @@ -iso_url = "https://yum.oracle.com/ISOS/OracleLinux/OL9/u3/x86_64/OracleLinux-R9-U3-x86_64-dvd.iso" +iso_url = "https://yum.oracle.com/ISOS/OracleLinux/OL9/u4/x86_64/OracleLinux-R9-U4-x86_64-dvd.iso" iso_checksum_type = "sha256" -iso_checksum = "242f0ecc37417995137507862cb170215c0b5bd512c47badd16b623686ef39e2" -vm_name = "packer-oraclelinux93-g2" +iso_checksum = "77034a4945474cb7c77820bd299cac9a557b8a298a5810c31d63ce404ad13c5e" +vm_name = "packer-oraclelinux94-g2" disk_size = "70000" disk_additional_size = ["150000"] switch_name = "vSwitch" -output_directory = "output-oraclelinux93" -output_vagrant = "./vbox/packer-oraclelinux93-g2.box" +output_directory = "output-oraclelinux94" +output_vagrant = "./vbox/packer-oraclelinux94-g2.box" vlan_id = "" memory = "4096" cpus = "4" -vagrantfile_template = "./vagrant/hv_oraclelinux92_g2.template" +vagrantfile_template = "./vagrant/hv_oraclelinux94_g2.template" ssh_password = "password" -provision_script_options = "-z false" -boot_command = "c setparams 'kickstart' <enter> linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=OL-9-3-0-BaseOS-x86_64 inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/oraclelinux/9/hyperv/ks.cfg<enter> initrdefi /images/pxeboot/initrd.img<enter> boot<enter>" +// provision_script_options = "-z false" +boot_command = "c setparams 'kickstart' <enter> linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=OL-9-4-0-BaseOS-x86_64 inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/oraclelinux/9/hyperv/ks.cfg<enter> initrdefi /images/pxeboot/initrd.img<enter> boot<enter>" ansible_override = "variables/ansible/oraclelinux9.yml" ansible_variables= "extra/playbooks/provision_oracle9_variables.yml" ansible_playbook = "extra/playbooks/provision_rhel.yaml" diff --git a/variables/variables_rockylinux-9.3.pkvars.hcl b/variables/variables_rockylinux-9.4.pkvars.hcl similarity index 63% rename from variables/variables_rockylinux-9.3.pkvars.hcl rename to variables/variables_rockylinux-9.4.pkvars.hcl index 743e9de..631562a 100644 --- a/variables/variables_rockylinux-9.3.pkvars.hcl +++ b/variables/variables_rockylinux-9.4.pkvars.hcl @@ -1,19 +1,19 @@ -iso_url = "https://download.rockylinux.org/pub/rocky/9/isos/x86_64/Rocky-9.3-x86_64-dvd.iso" +iso_url = "https://download.rockylinux.org/pub/rocky/9/isos/x86_64/Rocky-9.4-x86_64-dvd.iso" iso_checksum_type = "sha256" -iso_checksum = "82441c7c9630b313d4183106231b08e192382bb6c7827e62acd467a749f030b9" -vm_name = "packer-rockylinux93-g2" +iso_checksum = "e20445907daefbfcdb05ba034e9fc4cf91e0e8dc164ebd7266ffb8fdd8ea99e7" +vm_name = "packer-rockylinux94-g2" disk_size = "70000" disk_additional_size = ["150000"] switch_name = "vSwitch" -output_directory = "output-rockylinux93" -output_vagrant = "./vbox/packer-rockylinux93-g2.box" +output_directory = "output-rockylinux94" +output_vagrant = "./vbox/packer-rockylinux94-g2.box" vlan_id = "" memory = "4096" cpus = "4" -vagrantfile_template = "./vagrant/hv_rockylinux93_g2.template" +vagrantfile_template = "./vagrant/hv_rockylinux94_g2.template" ssh_password = "password" -provision_script_options = "-z false" -boot_command = "c setparams 'kickstart' <enter> linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=Rocky-9-3-x86_64-dvd inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/rockylinux/9/hyperv/ks.cfg<enter> initrdefi /images/pxeboot/initrd.img<enter> boot<enter>" +// provision_script_options = "-z false" +boot_command = "c setparams 'kickstart' <enter> linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=Rocky-9-4-x86_64-dvd inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/rockylinux/9/hyperv/ks.cfg<enter> initrdefi /images/pxeboot/initrd.img<enter> boot<enter>" ansible_override = "variables/ansible/rockylinux9.yml" ansible_variables= "extra/playbooks/provision_rocky9_variables.yml" ansible_playbook = "extra/playbooks/provision_rhel.yaml" diff --git a/variables/variables_ubuntu-24.04.pkvars.hcl b/variables/variables_ubuntu-24.04.pkvars.hcl new file mode 100644 index 0000000..743a2b3 --- /dev/null +++ b/variables/variables_ubuntu-24.04.pkvars.hcl @@ -0,0 +1,21 @@ +boot_command=["<wait3>c<wait3>","linux /casper/vmlinuz quiet autoinstall net.ifnames=0 biosdevname=0 ip=dhcp ipv6.disable=1 ds=nocloud-net\\;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ <enter>","initrd /casper/initrd <enter>","boot <enter>"] +disk_additional_size=["150000"] +disk_size="70000" +http_directory="./extra/files/ubuntu/24.04/hyperv" +iso_checksum_type="sha256" +iso_checksum="8762f7e74e4d64d72fceb5f70682e6b069932deedb4949c6975d0f0fe0a91be3" +iso_url="https://mirroronet.pl/pub/mirrors/ubuntu-releases/24.04/ubuntu-24.04-live-server-amd64.iso" +output_directory="output-ubuntu2204" +provision_script_options="-z false -h true -p false" +ssh_password="password" +ssh_username="ubuntu" +switch_name="vSwitch" +vlan_id="" +vm_name="packer-ubuntu2404-g2" +uefi_file="extra/files/ubuntu/24.04/uefi.sh" +provision_file="extra/files/ubuntu/shared/provision.sh" +motd_file="extra/files/ubuntu/shared/motd.sh" +zeroing_file="extra/files/ubuntu/shared/zeroing.sh" +neofetch_file="extra/files/ubuntu/shared/prepare_neofetch.sh" +memory = "2048" +cpus = "4" \ No newline at end of file