actcur-ansible/build_scripts
2
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

adding to git

Browse source
This commit is contained in:
Beth Parker 2025-03-23 06:12:34 -05:00
commit 6df2ce9d3f
7 changed files with 595 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

58
base_files/kickstart.cfg2 Normal file
View file

@ -0,0 +1,58 @@
# Generated by Anaconda 34.25.5.9
# Generated by pykickstart v3.32
#version=RHEL9
# Use graphical install
graphical
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
# Keyboard layouts
keyboard --xlayouts='us'
# System language
lang en_US.UTF-8
# Netwrok
network --bootproto=dhcp --hostname REPLACE_HOSTNAME
# Use CDROM installation media
cdrom
%packages
@^minimal-environment
%end
# Run the Setup Agent on first boot
firstboot --enable
# Generated using Blivet version 3.6.0
ignoredisk --only-use=sda
# System bootloader configuration
bootloader --append="crashkernel=1G-4G:192M,4G-64G:256M,64G-:512M" --location=mbr --boot-drive=sda
# Partition clearing information
clearpart --none --initlabel
# Disk partitioning information
part / --fstype="ext4" --ondisk=sda --grow --size=5000
# System timezone
timezone America/Chicago --utc
#Root password
rootpw --lock
sshkey --username=root "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILG56T1k766Cru14kyXI8WXSJwlO2sVhmH6JeRWy+mfe root@host.actcur.com"
user --groups=wheel --name=no --password=$6$pZnQonMmlKoyuv8c$E7THwTYjb4E65r0dRReXV/jKHuKXQSULhpf/DPyQJZkap5KPXKOAiaO2iVF2dHDxnYQDwqpysPnHQ6sh4AJBg0 --iscrypted --gecos="no"
%post
#Add root ssh for completing build
mkdir /root/.ssh/
cat <<EOF >/root/.ssh/authorized_keys
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILG56T1k766Cru14kyXI8WXSJwlO2sVhmH6JeRWy+mfe root@host.actcur.com
EOF
chmod 0700 /root/.ssh/
chmod 0600 /root/.ssh/authorized_keys
restorecon -R /root/.ssh/
%end

114
base_files/user_configuration.json.bak Normal file
View file

@ -0,0 +1,114 @@
{
"additional-repositories": [],
"archinstall-language": "English",
"bootloader": "Grub",
"config_version": "2.8.1",
"debug": false,
"disk_config": {
"config_type": "default_layout",
"device_modifications": [
{
"device": "/dev/sda",
"partitions": [
{
"btrfs": [],
"dev_path": null,
"flags": [
"Boot"
],
"fs_type": "fat32",
"mount_options": [],
"mountpoint": "/boot",
"obj_id": "cd3a20e8-6f45-47a9-9363-688690b3b04e",
"size": {
"sector_size": {
"unit": "B",
"value": 512
},
"unit": "MiB",
"value": 203
},
"start": {
"sector_size": {
"unit": "B",
"value": 512
},
"unit": "MiB",
"value": 3
},
"status": "create",
"type": "primary"
},
{
"btrfs": [],
"dev_path": null,
"flags": [],
"fs_type": "ext4",
"mount_options": [],
"mountpoint": "/",
"obj_id": "c7975d1b-3818-436d-8ce6-1e37a1fe11c5",
"size": {
"sector_size": {
"unit": "B",
"value": 512
},
"unit": "MiB",
"value": REPLACE_SIZE
},
"start": {
"sector_size": {
"unit": "B",
"value": 512
},
"unit": "B",
"value": 216006656
},
"status": "create",
"type": "primary"
}
],
"wipe": true
}
]
},
"hostname": "REPLACE_HOSTNAME",
"kernels": [
"linux"
],
"mirror_config": {
"custom_mirrors": [
{
"name": "aur-local",
"sign_check": "Never",
"sign_option": "TrustAll",
"url": "https://pkg.actcur.com/repo/archlinux/$repo/os/$arch"
}
],
"mirror_regions": {}
},
"locale_config": {
"kb_layout": "us",
"sys_enc": "UTF-8",
"sys_lang": "en_US"
},
"network_config": {
"type": "iso"
},
"no_pkg_lookups": false,
"ntp": true,
"offline": false,
"packages": [
"openssh"
],
"parallel downloads": 0,
"profile_config": null,
"script": "guided",
"silent": false,
"skip_ntp": false,
"skip_version_check": false,
"swap": false,
"timezone": "America/Chicago",
"uki": false,
"version": "2.8.1",
"!root-password": "trash"
}

142
scripts/create.sh Normal file
View file

@ -0,0 +1,142 @@
#!/bin/bash
cd "$(dirname "$(readlink -f "$0")")"
#change to prompts w/ default values
# set defaults
cpu=1
memory=1024
root_disk=10
variant="archlinux"
path="default"
dhcp_opts=""
ssh_key_dir="../identity_files"
mac=52:54:00:`openssl rand -hex 1`:`openssl rand -hex 1`:`openssl rand -hex 1`
branch="prod"
usage="$(basename "$0") [options] -n server_name
where:
-n name Name of new vm/server (required, caps allowed, not fqdn)
-c number Numver of CPU cores (default $cpu)
-r number Ram in MB (default $memory)
-d size Root disk size in GB (default 10)
-v variant Linux variant (default archlinux - note should add list of optional variants)
-p image_path Path to image (default /virtual/disks/[name].qcow2)
-m mac_addr Specify mac address to use - if not specified, will use 52:54:00:*:*:*
-s subnet Subnet to place server on (default to 172.16.99.xx)
-i ip_address Specify IP address to assign (default to next available in subnet)
-b branch Specify branch of build_ansible to use (defult prod)
-a attach Attach existing extra disk (use full path to disK, default none)"
# process flags
while getopts "h:n:c:r:d:v:p:m:s:i:b:a:" flag
do
case "$flag" in
n) name=${OPTARG};;
c) cpu=${OPTARG};;
r) memory=${OPTARG};;
d) root_disk=${OPTARG};;
v) variant=${OPTARG};;
p) path=${OPTARG};;
m) mac=${OPTARG};;
s) subnet=${OPTARG};dhcp_opts+=" -s $subnet";;
i) ip=${OPTARG};dhcp_opts+=" -i $ip";;
b) branch=${OPTARG};;
a) attach=${OPTARG};;
h) ;&
*) echo "$usage";exit;;
esac
done
dhcp_opts+=" -m $mac"
# get name
shift $(($OPTIND - 1))
if [[ -z "$name" ]];then echo "Server name undefined";echo "$usage";exit;fi
lname=`echo $name | tr '[:upper:]' '[:lower:]'`
if [[ "$path" -eq "default" ]];then path=/virtual/disks/${name}.qcow2;fi
img=`./shared_scripts/download_install_image.sh $variant`
#update DHCP
./shared_scripts/update_dhcp.sh $dhcp_opts $lname
case "$variant" in
"arch")
;;
"alma")
;;
esac
# create cloud-init - replace by grabbing these directly from git
mkdir -p /tmp/cloud-init
echo "#cloud-config
users:
- name: root
ssh_authorized_keys:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILG56T1k766Cru14kyXI8WXSJwlO2sVhmH6JeRWy+mfe root@host.actcur.com" > /tmp/cloud-init/user-data
# ensure correct variant name
if [[ "$variant" -eq "alma" ]];then variant="almalinux9";fi
# determine if extra disk should be attached
if [ -n "$attach" ]; then attach="--disk ${attach},discard=unmap";fi
# create new base VM
virt-install --name=$name --vcpus=$cpu --memory=$memory --disk path=$path,size=$root_disk,sparse=true,discard=unmap,bus=scsi ${attach} --os-variant=$variant --network bridge=br1,mac=$mac --memballoon model=virtio,autodeflate=on --cdrom=$img --graphics vnc --cloud-init user-data="/tmp/cloud-init/user-data" --autoconsole=none
#wait until server is available
echo "Waiting for server to be available"
while true
do
sleep 1
ping -c 1 ${lname}.actcur.com 2>&1 > /dev/null
if [ $? -eq 0 ]; then break;fi
done
echo "server up, waiting for ssh"
sleep 30
sed "s/REPLACE_HOSTNAME/${lname}.actcur.com/g" ../base_files/user_configuration.json > /tmp/user_configuration.json
rs=$((root_disk*1024-206))
sed -i "s/REPLACE_SIZE/${rs}/g" /tmp/user_configuration.json
ssh-keygen -R ${lname}.actcur.com
ssh-keyscan ${lname}.actcur.com >> ~/.ssh/known_hosts
scp -i $ssh_key_dir/id_arch_builder /tmp/user_configuration.json ${lname}.actcur.com:/tmp/user_configuration.json
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "systemctl mask reflector.service; echo 'Server = https://pkg.actcur.com/repo/archlinux/\$repo/os/\$arch' > /etc/pacman.d/mirrorlist"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "archinstall --config /tmp/user_configuration.json --silent"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "ln -s /usr/lib/systemd/system/sshd.service /mnt/archinstall/etc/systemd/system/multi-user.target.wants/sshd.service"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "cp -r /root/.ssh/ /mnt/archinstall/root/;reboot"
sleep 10
virsh start $name
#wait until server is available
echo "Waiting for server to be available"
while true
do
sleep 1
ping -c 1 ${lname}.actcur.com 2>&1 > /dev/null
if [ $? -eq 0 ]; then break;fi
done
echo "server up, waiting for ssh"
sleep 30
ssh-keygen -R ${lname}.actcur.com
ssh-keyscan ${lname}.actcur.com | grep -v "#" | grep "ecdsa-sha2-nistp256" >> ~/.ssh/known_hosts
# install some dependencies
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "pacman -Sy --noconfirm ansible-core git"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "ansible-galaxy collection install community.general"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "ansible-galaxy collection install community.crypto"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "ansible-galaxy collection install ansible.posix"
# run ansible
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "mkdir /ansible/; curl -k 'https://git.actcur.com/actcur-ansible/playbook-builder/raw/branch/$branch/build_ansible.sh' -H 'accept: application/raw' -o /ansible/build_ansible.sh;echo "$branch" > /ansible/branch;/bin/bash /ansible/build_ansible.sh"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "/bin/bash /ansible/build_ansible.sh"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "git config --global user.email 'ejparker@actcur.com';git config --global user.name 'Beth Parker'"
systemctl restart nfs-server

162
scripts/create_alma.sh Normal file
View file

@ -0,0 +1,162 @@
#!/bin/bash
cd "$(dirname "$(readlink -f "$0")")"
#change to prompts w/ default values
# set defaults
cpu=1
memory=1024
root_disk=10
variant="archlinux"
path="default"
dhcp_opts=""
ssh_key_dir="../identity_files"
mac=52:54:00:`openssl rand -hex 1`:`openssl rand -hex 1`:`openssl rand -hex 1`
branch="prod"
usage="$(basename "$0") [options] -n server_name
where:
-n name Name of new vm/server (required, caps allowed, not fqdn)
-c number Numver of CPU cores (default $cpu)
-r number Ram in MB (default $memory)
-d size Root disk size in GB (default 10)
-v variant Linux variant (default archlinux - note should add list of optional variants)
-p image_path Path to image (default /virtual/disks/[name].qcow2)
-m mac_addr Specify mac address to use - if not specified, will use 52:54:00:*:*:*
-s subnet Subnet to place server on (default to 172.16.99.xx)
-i ip_address Specify IP address to assign (default to next available in subnet)
-b branch Specify branch of build_ansible to use (defult prod)
-a attach Attach existing extra disk (use full path to disK, default none)"
# process flags
while getopts "h:n:c:r:d:v:p:m:s:i:b:" flag
do
case "$flag" in
n) name=${OPTARG};;
c) cpu=${OPTARG};;
r) memory=${OPTARG};;
d) root_disk=${OPTARG};;
v) variant=${OPTARG};;
p) path=${OPTARG};;
m) mac=${OPTARG};;
s) subnet=${OPTARG};dhcp_opts+=" -s $subnet";;
i) ip=${OPTARG};dhcp_opts+=" -i $ip";;
b) branch=${OPTARG};;
a) attach=${OPTARG};;
h) ;&
*) echo "$usage";exit;;
esac
done
dhcp_opts+=" -m $mac"
# get name
shift $(($OPTIND - 1))
if [[ -z "$name" ]];then echo "Server name undefined";echo "$usage";exit;fi
lname=`echo $name | tr '[:upper:]' '[:lower:]'`
if [[ "$path" -eq "default" ]];then path=/virtual/disks/${name}.qcow2;fi
img=`./shared_scripts/download_install_image.sh $variant`
#update DHCP
./shared_scripts/update_dhcp.sh $dhcp_opts $lname
case "$variant" in
"arch")
# create cloud-init - replace by grabbing these directly from git
mkdir -p /tmp/cloud-init
echo "#cloud-config
users:
- name: root
ssh_authorized_keys:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILG56T1k766Cru14kyXI8WXSJwlO2sVhmH6JeRWy+mfe root@host.actcur.com" > /tmp/cloud-init/user-data
# create new VM
virt-install --name=$name --vcpus=$cpu --memory=$memory --disk path=$path,size=$root_disk,sparse=true,discard=unmap,bus=scsi --os-variant=arch --network bridge=br1,mac=$mac --memballoon model=virtio,autodeflate=on --cdrom=$img --graphics vnc --cloud-init user-data="/tmp/cloud-init/user-data" --autoconsole=none
#wait until server is available
echo "Waiting for server to be available"
while true
do
sleep 1
ping -c 1 ${lname}.actcur.com 2>&1 > /dev/null
if [ $? -eq 0 ]; then break;fi
done
echo "server up, waiting for ssh"
sleep 30
sed "s/REPLACE_HOSTNAME/${lname}.actcur.com/g" ../base_files/user_configuration.json > /tmp/user_configuration.json
rs=$((root_disk*1024-206))
sed -i "s/REPLACE_SIZE/${rs}/g" /tmp/user_configuration.json
ssh-keygen -R ${lname}.actcur.com
ssh-keyscan ${lname}.actcur.com | grep -v "#" | grep "ecdsa-sha2-nistp256" >> ~/.ssh/known_hosts
scp -i $ssh_key_dir/id_arch_builder /tmp/user_configuration.json ${lname}.actcur.com:/tmp/user_configuration.json
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "archinstall --config /tmp/user_configuration.json --silent"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "ln -s /usr/lib/systemd/system/sshd.service /mnt/archinstall/etc/systemd/system/multi-user.target.wants/sshd.service"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "cp -r /root/.ssh/ /mnt/archinstall/root/;reboot"
;;
"alma")
# set up kickstart file
sed "s/REPLACE_HOSTNAME/${lname}.actcur.com/g" ../base_files/kickstart.cfg > /tmp/kickstart.cfg
# create new VM
virt-install --name=$name --vcpus=$cpu --memory=$memory --disk path=$path,size=$root_disk,sparse=true,discard=unmap,bus=scsi --os-variant=almalinux9 --network bridge=br1,mac=$mac --memballoon model=virtio,autodeflate=on --location=$img --graphics vnc --initrd-inject /tmp/kickstart.cfg --extra-args "inst.ks=file:/kickstart.cfg" --autoconsole=none
echo "server up, waiting for install to complete"
sleep 60
# wait for install to complete and server to shut down/reboot
while true
do
sleep 1
ping -c 1 ${lname}.actcur.com 2>&1 > /dev/null
if [ $? -ne 0 ]; then break;fi
done
;;
esac
sleep 10
virsh start $name
#wait until server is available
echo "Waiting for server to be available"
while true
do
sleep 1
ping -c 1 ${lname}.actcur.com 2>&1 > /dev/null
if [ $? -eq 0 ]; then break;fi
done
echo "server up, waiting for ssh"
sleep 30
ssh-keygen -R ${lname}.actcur.com
ssh-keyscan ${lname}.actcur.com | grep -v "#" | grep "ecdsa-sha2-nistp256" >> ~/.ssh/known_hosts
exit
# install some dependencies
case "$variant" in
"arch")
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "pacman -Sy --noconfirm ansible-core git"
;;
"alma")
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "dnf config-manager --set-enabled crb;yum install -y ansible-core git epel-release"
;;
esac
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "ansible-galaxy collection install community.general"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "ansible-galaxy collection install community.crypto"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "ansible-galaxy collection install ansible.posix"
# run ansible
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "mkdir /ansible/; curl -k 'https://git.actcur.com/actcur-ansible/playbook-builder/raw/branch/$branch/build_ansible.sh' -H 'accept: application/raw' -o /ansible/build_ansible.sh;echo "$branch" > /ansible/branch;/bin/bash /ansible/build_ansible.sh"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "/bin/bash /ansible/build_ansible.sh"
ssh -i $ssh_key_dir/id_arch_builder ${lname}.actcur.com "git config --global user.email 'ejparker@actcur.com';git config --global user.name 'Beth Parker'"
systemctl restart nfs-server

26
scripts/shared_scripts/build_dhcp.sh Executable file
View file

@ -0,0 +1,26 @@
#!/bin/bash
cd "$(dirname "$(readlink -f "$0")")"
dhcp_dir="../../dhcp_files"
# use files to build dhcp config file
cat $dhcp_dir/base
echo ""
dhcp_entries=`cat $dhcp_dir/subnets/* | grep -v "#" | sort -t . -k 3,3n -k 4,4n `
while IFS= read -r line; do
echo "
config host
option name '`echo "$line" | cut -f3`'
option mac '`echo "$line" | cut -f2`'
option ip '`echo "$line" | cut -f1`'
option dns '1'"
done <<< "$dhcp_entries"
dns_entries=`cat $dhcp_dir/alias`
while IFS= read -r line; do
alias=`echo "$line" | cut -f2`
ip=`echo "$dhcp_entries" | grep -P " $alias$" | grep -Po "172\.16\.\d+\.\d+"`
echo "
config domain
option name '`echo "$line" | cut -f1`'
option ip '$ip'"
done <<< "$dns_entries"

22
scripts/shared_scripts/download_install_image.sh Executable file
View file

@ -0,0 +1,22 @@
#!/bin/bash
# download latest ISO if not already in /tmp
case $1 in
alma)
latest="9"
if [ ! -f /tmp/alma-${latest}.iso ];then
wget http://mirror.wdc2.us.leaseweb.net/almalinux/${latest}/isos/x86_64/AlmaLinux-${latest}-latest-x86_64-minimal.iso -O /tmp/alma-${latest}.iso
fi
echo "/tmp/alma-${latest}.iso"
;;
archlinux)
;&
*)
#defaults to arch
latest=`date -d yesterday +"%Y.%m.01"`
if [ ! -f /tmp/arch-${latest}.iso ];then
wget https://mirror.arizona.edu/archlinux/iso/${latest}/archlinux-${latest}-x86_64.iso -O /tmp/arch-${latest}.iso
fi
echo "/tmp/arch-${latest}.iso"
;;
esac

71
scripts/shared_scripts/update_dhcp.sh Executable file
View file

@ -0,0 +1,71 @@
#!/bin/bash
cd "$(dirname "$(readlink -f "$0")")"
mac=52:54:00:`openssl rand -hex 1`:`openssl rand -hex 1`:`openssl rand -hex 1`
subnet="172.16.99"
ip=generate
ssh_key_dir="../../identity_files/"
dhcp_dir="../../dhcp_files"
usage="$(basename "$0") [options] server_name
where:
-m mac_addr Specify mac address to use - if not specified, will use 52:54:00:*:*:*
-s subnet Subnet to place server on (default to 172.16.99.xx)
-i ip_address Specify IP address to assign (default to next available in subnet)"
# process flags
while getopts "h:m:s:i" flag
do
case "$flag" in
m) mac=${OPTARG};;
s) subnet=${OPTARG};;
i) ip=${OPTARG};;
h) ;&
*) echo "$usage";exit;;
esac
done
# get name
shift $(($OPTIND - 1))
if [ $# -eq 0 ];then echo "Server name undefined";echo "$usage";exit;else name=$1;fi
lname=`echo $name | tr '[:upper:]' '[:lower:]'`
# remove any existing entries for hostname
for f in $dhcp_dir/subnets/*
do
sed -i "/\t$lname\$/d" $f
done
# determine next available ip in subnet (if not provided)
if [[ "$ip" -eq "generate" ]];then
if [ -f "$dhcp_dir/subnets/$subnet" ]
then
array=(`awk 'match($0,/'$subnet'\.[0-9]+/){print substr($0, RSTART, RLENGTH)}' $dhcp_dir/subnets/$subnet | awk 'match($0,/[0-9]+$/){print substr($0, RSTART, RLENGTH)}' | sort -n`)
for (( i = 2;i < 255;i++));do
if [[ ! " ${array[*]} " =~ [[:space:]]${i}[[:space:]] ]]; then
break;
fi
done
ip="${subnet}.$i"
else
ip="${subnet}.2"
fi
else
subnet=`echo $ip | grep -Po "\d+\.\d+\.\d+"`
fi
touch $dhcp_dir/subnets/$subnet
# add dhcp info to file
echo "$ip $mac $name" | cat $dhcp_dir/subnets/$subnet - | sort -t . -k 3,3n -k 4,4n > /tmp/$subnet
cp /tmp/$subnet $dhcp_dir/subnets/$subnet
# build dhcp
./build_dhcp.sh > /tmp/dhcp
# copy dhcp file to router
scp -i $ssh_key_dir/id_router -O /tmp/dhcp r.actcur.com:/etc/config/dhcp
# remove active leases for ip
ssh -i $ssh_key_dir/id_router r.actcur.com "sed -i '/$ip/d' /tmp/dhcp.leases"
# restart dnsmasq
ssh -i $ssh_key_dir/id_router r.actcur.com 'service dnsmasq restart'