From 9a26e723b428ca12526887b6573b783025a3e614 Mon Sep 17 00:00:00 2001 From: c0de Date: Thu, 15 Dec 2022 20:45:20 -0600 Subject: [PATCH] Initial Commit --- .gitignore | 3 + arch.nomad | 48 +++++++++++++++ arch.pkr.hcl | 104 ++++++++++++++++++++++++++++++++ files/99-dhcp-wildcard.network | 16 +++++ http/.gitkeep | 0 readme.md | 14 +++++ scripts/add_deploy_user.sh | 12 ++++ scripts/enable_services.sh | 10 +++ scripts/finalization.sh | 6 ++ scripts/install_bootloader.sh | 10 +++ scripts/install_system.sh | 11 ++++ scripts/partition_disk.sh | 23 +++++++ scripts/timezone_and_locale.sh | 17 ++++++ scripts/truncate_empty_space.sh | 9 +++ 14 files changed, 283 insertions(+) create mode 100644 .gitignore create mode 100644 arch.nomad create mode 100644 arch.pkr.hcl create mode 100644 files/99-dhcp-wildcard.network create mode 100644 http/.gitkeep create mode 100644 readme.md create mode 100644 scripts/add_deploy_user.sh create mode 100644 scripts/enable_services.sh create mode 100644 scripts/finalization.sh create mode 100644 scripts/install_bootloader.sh create mode 100644 scripts/install_system.sh create mode 100644 scripts/partition_disk.sh create mode 100644 scripts/timezone_and_locale.sh create mode 100755 scripts/truncate_empty_space.sh diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a04e939 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*.checksum +cache/* +output/* diff --git a/arch.nomad b/arch.nomad new file mode 100644 index 0000000..937823a --- /dev/null +++ b/arch.nomad @@ -0,0 +1,48 @@ +job "archlinux" { + datacenters = ["dc1"] + + type = "service" + + group "vms" { + count = 1 + + // network { + // port "ssh" { to = 22 } + // } + + task "archlinux" { + driver = "qemu" + + resources { + cpu = 500 + memory = 1024 + } + + config { + accelerator = "kvm" + guest_agent = true + graceful_shutdown = true + image_path = "local/arch.img" + args = ["-nodefaults"] + } + + // service { + // port = "ssh" + // } + + artifact { + source = "http://localhost:8000/output/arch.img" + } + } + } +} + + + + + + + + + + diff --git a/arch.pkr.hcl b/arch.pkr.hcl new file mode 100644 index 0000000..9d590a6 --- /dev/null +++ b/arch.pkr.hcl @@ -0,0 +1,104 @@ +variable "cpus" { + type = number + default = 2 +} + +variable "memory" { + type = number + default = 1024 +} + +variable "disk_size" { + type = string + default = "3G" +} + +variable "iso_url" { + type = string + default = "https://mirrors.edge.kernel.org/archlinux/iso/latest/archlinux-x86_64.iso" +} + +variable "iso_checksum" { + type = string + default = "file:https://mirrors.edge.kernel.org/archlinux/iso/latest/sha256sums.txt" +} + +variable "ssh_username" { + type = string + default = "root" +} + +variable "ssh_password" { + type = string + default = "password" +} + +source "qemu" "arch" { + headless = true + accelerator = "kvm" + vm_name = "arch.img" + http_directory = "http" + output_directory = "output" + + cpus = var.cpus + memory = var.memory + + disk_size = var.disk_size + format = "raw" + + iso_url = var.iso_url + iso_checksum = var.iso_checksum + iso_target_path = "cache/arch.iso" + + boot_wait = "2s" + boot_key_interval = "25ms" + boot_command = [ + "", + "", + "echo '${var.ssh_username}:${var.ssh_password}' | chpasswd" + ] + + ssh_username = var.ssh_username + ssh_password = var.ssh_password + + shutdown_command = "sudo -S shutdown -P now" +} + +build { + sources = ["source.qemu.arch"] + + provisioner "shell" { + pause_before = "5s" + scripts = [ + "${path.root}/scripts/partition_disk.sh", + "${path.root}/scripts/install_system.sh", + "${path.root}/scripts/timezone_and_locale.sh", + "${path.root}/scripts/add_deploy_user.sh", + ] + } + + provisioner "file" { + source = "files/99-dhcp-wildcard.network" + destination = "/mnt/etc/systemd/network/99-dhcp-wildcard.network" + } + + provisioner "shell" { + pause_before = "10s" + scripts = [ + "${path.root}/scripts/enable_services.sh", + "${path.root}/scripts/install_bootloader.sh", + "${path.root}/scripts/truncate_empty_space.sh", + "${path.root}/scripts/finalization.sh" + ] + } + + post-processor "checksum" { + checksum_types = ["sha256"] + keep_input_artifact = true + } + + # Validate that the image is good + // post-processor "shell-local" { + // inline = ["qemu-system-x86_64 -drive file=output/arch.img -m 1024"] + // } +} diff --git a/files/99-dhcp-wildcard.network b/files/99-dhcp-wildcard.network new file mode 100644 index 0000000..02147a8 --- /dev/null +++ b/files/99-dhcp-wildcard.network @@ -0,0 +1,16 @@ +[DHCP] +SendHostname = yes +UseDNS = yes +UseDomains = yes +UseHostname = yes +UseNTP = yes + +[Match] +Name = en* eth* veth* + +[Network] +DHCP = yes +IPForward = no +IPv6AcceptRA = no +LLMNR = no +LinkLocalAddressing = no diff --git a/http/.gitkeep b/http/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/readme.md b/readme.md new file mode 100644 index 0000000..b84750a --- /dev/null +++ b/readme.md @@ -0,0 +1,14 @@ +# Arch Linux built with Packer + +Creates a minimal arch linux raw disk image that can be cloned directly to bare metal + +## Requirements + +1. [Packer](https://www.packer.io/) +1. QEMU and KVM installed + +## Usage + +`packer build arch.pkr.hcl` + +On my machine, it takes about 5 minutes to build (without downloading the arch iso) diff --git a/scripts/add_deploy_user.sh b/scripts/add_deploy_user.sh new file mode 100644 index 0000000..a7dfb14 --- /dev/null +++ b/scripts/add_deploy_user.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash +set -eux + +readonly USERNAME="deploy" + +arch-chroot /mnt useradd --create-home --user-group $USERNAME +arch-chroot /mnt bash -c "echo $USERNAME:$USERNAME | chpasswd" + +arch-chroot /mnt mkdir -p /etc/sudoers.d +arch-chroot /mnt touch /etc/sudoers.d/99_$USERNAME +arch-chroot /mnt chmod 0440 /etc/sudoers.d/99_$USERNAME +arch-chroot /mnt echo "$USERNAME ALL=(ALL) NOPASSWD: ALL" > /mnt/etc/sudoers.d/99_$USERNAME diff --git a/scripts/enable_services.sh b/scripts/enable_services.sh new file mode 100644 index 0000000..e1f01e3 --- /dev/null +++ b/scripts/enable_services.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash +set -eux + +systemctl unmask systemd-networkd systemd-resolved +systemctl enable --now systemd-networkd systemd-resolved +ln -sf /run/systemd/resolve/resolv.conf /mnt/etc/resolv.conf +arch-chroot /mnt systemctl unmask systemd-networkd systemd-resolved +arch-chroot /mnt systemctl enable systemd-networkd systemd-resolved + +arch-chroot /mnt systemctl enable sshd diff --git a/scripts/finalization.sh b/scripts/finalization.sh new file mode 100644 index 0000000..e2a5c95 --- /dev/null +++ b/scripts/finalization.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash +set -eux + +umount -R /mnt + +echo "All done! You should have a freshly baked raw disk image now" diff --git a/scripts/install_bootloader.sh b/scripts/install_bootloader.sh new file mode 100644 index 0000000..b0ecf6d --- /dev/null +++ b/scripts/install_bootloader.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash +set -eux + +genfstab -t PARTUUID -p /mnt > "/mnt/etc/fstab" + +# Remove quiet boot +arch-chroot /mnt sed -i 's,GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet",GRUB_CMDLINE_LINUX_DEFAULT="",' /etc/default/grub + +arch-chroot /mnt grub-install /dev/vda +arch-chroot /mnt grub-mkconfig -o /boot/grub/grub.cfg diff --git a/scripts/install_system.sh b/scripts/install_system.sh new file mode 100644 index 0000000..d7df110 --- /dev/null +++ b/scripts/install_system.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash +set -eux + +pacman-key --init + +# Install the system +pacstrap -K /mnt base linux linux-firmware rng-tools grub sudo \ + openssh ufw git vim python-pip nomad nomad-driver-nspawn + +# Clear the cache +arch-chroot /mnt pacman -Scc --noconfirm diff --git a/scripts/partition_disk.sh b/scripts/partition_disk.sh new file mode 100644 index 0000000..55a232f --- /dev/null +++ b/scripts/partition_disk.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash +set -eux + +readonly DISK="/dev/vda" +readonly BOOT="${DISK}2" +readonly ROOT="${DISK}3" + +# Wipe the target disk of all partitions and filesystems +sgdisk --zap-all "${DISK}" +dd if=/dev/zero of="${DISK}" bs=512 count=2048 +wipefs --all "${DISK}" + +# Create /boot (512M) and / (100%) +sgdisk --new=1:0:+1M --typecode=0:ef02 --change-name=0:bios "${DISK}" +sgdisk --new=2:0:+512M --typecode=0:8300 --change-name=0:boot --attributes=0:set:1 "${DISK}" +sgdisk --new=3:0:0 --typecode=0:8300 --change-name=0:root "${DISK}" + +mkfs.ext4 -e remount-ro -q -L boot ${BOOT} +mkfs.ext4 -e remount-ro -q ${ROOT} + +mount -o noatime "${ROOT}" /mnt +mkdir -p /mnt/boot +mount -o noatime "${BOOT}" /mnt/boot diff --git a/scripts/timezone_and_locale.sh b/scripts/timezone_and_locale.sh new file mode 100644 index 0000000..1403efb --- /dev/null +++ b/scripts/timezone_and_locale.sh @@ -0,0 +1,17 @@ +#!/usr/bin/env bash +set -eux + +readonly KEYBOARD="us" +readonly ENCODING="UTF-8" +readonly TIMEZONE="US/Central" +readonly LANGUAGE="en_US.${ENCODING}" + +export KEYBOARD ENCODING TIMEZONE LANGUAGE + +arch-chroot /mnt ln -sf /usr/share/zoneinfo/$TIMEZONE /etc/localtime + +arch-chroot /mnt sed -i "s/#${LANGUAGE}/${LANGUAGE}/" /etc/locale.gen +arch-chroot /mnt locale-gen +arch-chroot /mnt echo "${LANGUAGE}" > /etc/locale.conf + +arch-chroot /mnt echo "KEYMAP=${KEYBOARD}" > /etc/vconsole.conf diff --git a/scripts/truncate_empty_space.sh b/scripts/truncate_empty_space.sh new file mode 100755 index 0000000..bcfb924 --- /dev/null +++ b/scripts/truncate_empty_space.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash +set -eux + +while read mountp; do + cat /dev/zero | dd of=${mountp}/EMPTY || true + rm -f ${mountp}/EMPTY +done < <(mount -l -t ext4 | awk '{print $3}') + +sync