Initial Commit

.gitignore

@@ -0,0 +1,3 @@
+*.checksum
+cache/*
+output/*

arch.nomad

@@ -0,0 +1,48 @@
+job "archlinux" {
+    datacenters = ["dc1"]
+
+    type = "service"
+
+    group "vms" {
+        count = 1
+
+        // network {
+        //     port "ssh" { to = 22 }
+        // }
+
+        task "archlinux" {
+            driver = "qemu"
+
+            resources {
+                cpu = 500
+                memory = 1024
+            }
+
+            config {
+                accelerator = "kvm"
+                guest_agent = true
+                graceful_shutdown = true
+                image_path  = "local/arch.img"
+                args        = ["-nodefaults"]
+            }
+
+            // service {
+            //     port = "ssh"
+            // }
+
+            artifact {
+                source = "http://localhost:8000/output/arch.img"
+            }
+        }
+    }
+}
+
+
+
+
+
+
+
+
+
+

arch.pkr.hcl

@@ -0,0 +1,104 @@
+variable "cpus" {
+    type = number
+    default = 2
+}
+
+variable "memory" {
+    type = number
+    default = 1024
+}
+
+variable "disk_size" {
+    type = string
+    default = "3G"
+}
+
+variable "iso_url" {
+    type = string
+    default = "https://mirrors.edge.kernel.org/archlinux/iso/latest/archlinux-x86_64.iso"
+}
+
+variable "iso_checksum" {
+    type = string
+    default = "file:https://mirrors.edge.kernel.org/archlinux/iso/latest/sha256sums.txt"
+}
+
+variable "ssh_username" {
+    type = string
+    default = "root"
+}
+
+variable "ssh_password" {
+    type = string
+    default = "password"
+}
+
+source "qemu" "arch" {
+    headless = true
+    accelerator = "kvm"
+    vm_name = "arch.img"
+    http_directory = "http"
+    output_directory = "output"
+
+    cpus = var.cpus
+    memory = var.memory
+
+    disk_size = var.disk_size
+    format = "raw"
+
+    iso_url = var.iso_url
+    iso_checksum = var.iso_checksum
+    iso_target_path = "cache/arch.iso"
+
+    boot_wait = "2s"
+    boot_key_interval = "25ms"
+    boot_command = [
+        "<enter>",
+        "<wait30s>",
+        "echo '${var.ssh_username}:${var.ssh_password}' | chpasswd<enter>"
+    ]
+
+    ssh_username = var.ssh_username
+    ssh_password = var.ssh_password
+
+    shutdown_command = "sudo -S shutdown -P now"
+}
+
+build {
+    sources = ["source.qemu.arch"]
+
+    provisioner "shell" {
+        pause_before = "5s"
+        scripts = [
+            "${path.root}/scripts/partition_disk.sh",
+            "${path.root}/scripts/install_system.sh",
+            "${path.root}/scripts/timezone_and_locale.sh",
+            "${path.root}/scripts/add_deploy_user.sh",
+        ]
+    }
+
+    provisioner "file" {
+        source = "files/99-dhcp-wildcard.network"
+        destination = "/mnt/etc/systemd/network/99-dhcp-wildcard.network"
+    }
+
+    provisioner "shell" {
+        pause_before = "10s"
+        scripts = [
+            "${path.root}/scripts/enable_services.sh",
+            "${path.root}/scripts/install_bootloader.sh",
+            "${path.root}/scripts/truncate_empty_space.sh",
+            "${path.root}/scripts/finalization.sh"
+        ]
+    }
+
+    post-processor "checksum" {
+        checksum_types = ["sha256"]
+        keep_input_artifact = true
+    }
+
+    # Validate that the image is good
+    // post-processor "shell-local" {
+    //     inline = ["qemu-system-x86_64 -drive file=output/arch.img -m 1024"]
+    // }
+}

files/99-dhcp-wildcard.network

@@ -0,0 +1,16 @@
+[DHCP]
+SendHostname = yes
+UseDNS = yes
+UseDomains = yes
+UseHostname = yes
+UseNTP = yes
+
+[Match]
+Name = en* eth* veth*
+
+[Network]
+DHCP = yes
+IPForward = no
+IPv6AcceptRA = no
+LLMNR = no
+LinkLocalAddressing = no

readme.md

@@ -0,0 +1,14 @@
+# Arch Linux built with Packer
+
+Creates a minimal arch linux raw disk image that can be cloned directly to bare metal
+
+## Requirements
+
+1. [Packer](https://www.packer.io/)
+1. QEMU and KVM installed
+
+## Usage
+
+`packer build arch.pkr.hcl`
+
+On my machine, it takes about 5 minutes to build (without downloading the arch iso)

scripts/add_deploy_user.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+set -eux
+
+readonly USERNAME="deploy"
+
+arch-chroot /mnt useradd --create-home --user-group $USERNAME
+arch-chroot /mnt bash -c "echo $USERNAME:$USERNAME | chpasswd"
+
+arch-chroot /mnt mkdir -p /etc/sudoers.d
+arch-chroot /mnt touch /etc/sudoers.d/99_$USERNAME
+arch-chroot /mnt chmod 0440 /etc/sudoers.d/99_$USERNAME
+arch-chroot /mnt echo "$USERNAME ALL=(ALL) NOPASSWD: ALL" > /mnt/etc/sudoers.d/99_$USERNAME

scripts/enable_services.sh

@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+set -eux
+
+systemctl unmask systemd-networkd systemd-resolved
+systemctl enable --now systemd-networkd systemd-resolved
+ln -sf /run/systemd/resolve/resolv.conf /mnt/etc/resolv.conf
+arch-chroot /mnt systemctl unmask systemd-networkd systemd-resolved
+arch-chroot /mnt systemctl enable systemd-networkd systemd-resolved
+
+arch-chroot /mnt systemctl enable sshd

scripts/finalization.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+set -eux
+
+umount -R /mnt
+
+echo "All done! You should have a freshly baked raw disk image now"

scripts/install_bootloader.sh

@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+set -eux
+
+genfstab -t PARTUUID -p /mnt > "/mnt/etc/fstab"
+
+# Remove quiet boot
+arch-chroot /mnt sed -i 's,GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet",GRUB_CMDLINE_LINUX_DEFAULT="",' /etc/default/grub
+
+arch-chroot /mnt grub-install /dev/vda
+arch-chroot /mnt grub-mkconfig -o /boot/grub/grub.cfg

scripts/install_system.sh

@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+set -eux
+
+pacman-key --init
+
+# Install the system
+pacstrap -K /mnt base linux linux-firmware rng-tools grub sudo \
+    openssh ufw git vim python-pip nomad nomad-driver-nspawn
+
+# Clear the cache
+arch-chroot /mnt pacman -Scc --noconfirm

scripts/partition_disk.sh

@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+set -eux
+
+readonly DISK="/dev/vda"
+readonly BOOT="${DISK}2"
+readonly ROOT="${DISK}3"
+
+# Wipe the target disk of all partitions and filesystems
+sgdisk --zap-all "${DISK}"
+dd if=/dev/zero of="${DISK}" bs=512 count=2048
+wipefs --all "${DISK}"
+
+# Create /boot (512M) and / (100%)
+sgdisk --new=1:0:+1M --typecode=0:ef02 --change-name=0:bios "${DISK}"
+sgdisk --new=2:0:+512M --typecode=0:8300 --change-name=0:boot --attributes=0:set:1 "${DISK}"
+sgdisk --new=3:0:0 --typecode=0:8300 --change-name=0:root "${DISK}"
+
+mkfs.ext4 -e remount-ro -q -L boot ${BOOT}
+mkfs.ext4 -e remount-ro -q ${ROOT}
+
+mount -o noatime "${ROOT}" /mnt
+mkdir -p /mnt/boot
+mount -o noatime "${BOOT}" /mnt/boot

scripts/timezone_and_locale.sh

@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+set -eux
+
+readonly KEYBOARD="us"
+readonly ENCODING="UTF-8"
+readonly TIMEZONE="US/Central"
+readonly LANGUAGE="en_US.${ENCODING}"
+
+export KEYBOARD ENCODING TIMEZONE LANGUAGE
+
+arch-chroot /mnt ln -sf /usr/share/zoneinfo/$TIMEZONE /etc/localtime
+
+arch-chroot /mnt sed -i "s/#${LANGUAGE}/${LANGUAGE}/" /etc/locale.gen
+arch-chroot /mnt locale-gen
+arch-chroot /mnt echo "${LANGUAGE}" > /etc/locale.conf
+
+arch-chroot /mnt echo "KEYMAP=${KEYBOARD}" > /etc/vconsole.conf

scripts/truncate_empty_space.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+set -eux
+
+while read mountp; do
+    cat /dev/zero | dd of=${mountp}/EMPTY || true
+    rm -f ${mountp}/EMPTY
+done < <(mount -l -t ext4 | awk '{print $3}')
+
+sync