sk4nz/skz-opack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

opack cloud ?

Browse Source
This commit is contained in:
Samuel Aubertin 2023-09-24 23:48:17 +02:00
parent 48e79ad400
commit 52028964f2
11 changed files with 205 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored
View File

@ -1,2 +1,5 @@
src/cache/
.vagrant
src/boxes/
examples/*/.vagrant
examples/cloud/id_ed25519
examples/cloud/id_ed25519.pub
examples/cloud/*.json

27
README.md
View File

@ -9,7 +9,6 @@
░ ░ ░ ░ ░ ░ ░ ░ ░░ ░ ░ ░
░ ░
```
-----
*Samuel 'sk4nz' AUBERTIN*
**skz-opack** is an automated [OpenBSD](https://www.openbsd.org) bootstrapper.
@ -27,8 +26,9 @@ To get started with **skz-opack**, follow these steps:
2. Ensure you have the following dependencies installed:
- [GNU Make](https://www.gnu.org/software/make/)
- [libvirt](https://libvirt.org/)
- [Vagrant](https://www.vagrantup.com/)
- [Vagrant](https://developer.hashicorp.com/vagrant/downloads)
- [Vagrant-Libvirt module](https://github.com/vagrant-libvirt/vagrant-libvirt)
- [Terraform](https://developer.hashicorp.com/terraform/downloads) (for `opack-cloud`)
3. Use the project by including `path/to/skz-opack/src/opack.mk` and invoking the `opack` target in your Makefile to create a local OpenBSD virtual machine with Packer and Vagrant. Use the 'opack-cloud' target to run the same virtual machine in GCP with Terraform.
@ -41,7 +41,7 @@ To get started with **skz-opack**, follow these steps:
## Overridable default options
Every default option ending with an `?` in "src/options.mk" can be overrided in the invoking Makefile. Here is an short list of theses:
Every default option ending with an `?` in "src/options.mk" can be overrided in the invoking Makefile. Here is an short excerpt of theses:
- `OPACK_SYS_HOSTNAME`: VM hostname
- `OPACK_SYS_USER`: username to create
@ -65,7 +65,9 @@ Every default option ending with an `?` in "src/options.mk" can be overrided in
- `OPACK_AUTODISKLABEL_FILE`: OpenBSD partitioning scheme for installation
- `OPACK_PROVISION_FILE`: Script executed after installation
- `OPACK_RUNTIME_PROVISION_FILE`: Script executed after VM creation
- `OPACK_GCE_PROJECT`: The Google Cloud project name where the VM will be created
- `OPACK_GCE_JSON_KEY`: The filename of the Google Cloud service account JSON key
- `OPACK_GCE_BUCKET`: The Google Cloud Storage bucket name to use for the image import
## Examples
@ -74,8 +76,8 @@ Every default option ending with an `?` in "src/options.mk" can be overrided in
Here is the shortest Makefile that can be used to leverage skz-opack:
```make
OPACK_TARGET= demo # the VM name
include path/to/src/opack.mk # mandatory
OPACK_TARGET= demo
include path/to/src/opack.mk
```
After invokation with `make opack`, it will download, install, and run the latest OpenBSD release in a local VM with the default options.
@ -108,7 +110,7 @@ Making "opack" a dependency target of "all" will ensure **skz-opack** operates b
Once the "opack" target dependency is finished, the VM is running and the system kernel version is outputted. This example showcases how to customize and run **skz-opack** for your specific needs.
### GCP example
### GCE example
TODO
@ -132,9 +134,9 @@ In the "src" directory, are located the following files:
- **autodisklabel**: This file provides the partitioning layout for the installer and can be customized by using the `OPACK_AUTODISKLABEL_FILE` option.
- **defines.mk**: Contains internal skz-opack definitions for Packer and Vagrant.
- **opack.mk**: To use skz-opack in your projects, simply include this file in your Makefiles.
- **opack-provision.sh**: This file is executed for post-installation provisioning with Packer and can be customized using the `OPACK_PROVISION_FILE` option.
- **packer-provision.sh**: This file is executed for post-installation provisioning with Packer and can be customized using the `OPACK_PROVISION_FILE` option.
- **options.mk**: This file is where all skz-opack options are declared. Options are always in the `OPACK_[OPTION NAME]` format.
- **packerfile-gcp.mk**: Special Packerfile for Google Cloud Compute upload.
- **packerfile-gcp.mk**: Special Packerfile for Google Compute Platform upload.
- **packerfile.mk**: Generic Packerfile for local execution.
- **vagrantfile.mk**: Contains Vagrantfile definitions for local execution.
- **vagrant-provision.sh**: This file is executed for pre-run provisioning with Vagrant and can be customized using the `OPACK_RUNTIME_PROVISION_FILE` option.
@ -143,10 +145,3 @@ In the "src" directory, are located the following files:
**skz-opack** is distributed under the [OpenBSD License](https://www.openbsd.org/policy.html). See the [LICENSE](LICENSE) file for more details.
## References
For more information on the tools used in this project, refer to the following resources:
- [Packer](https://www.packer.io/)
- [Vagrant](https://www.vagrantup.com/)

2
examples/cloud/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
opack_deploy_*
opack_installer_*

11
examples/cloud/Makefile Normal file
View File

@ -0,0 +1,11 @@
OPACK_TARGET=testopack-cloud
OPACK_SYS_HEADLESS=false
OPACK_SYS_DISK_SIZE=10000
OPACK_SYS_VERSION=snapshots
OPACK_GCE_PROJECT=testopack
OPACK_GCE_JSON_KEY=testopack-d1757c226a45.json
OPACK_GCE_BUCKET=testopack
include ../../src/opack.mk
all: opack-cloud

2
Makefile → examples/shortest/Makefile
View File

@ -1,3 +1,3 @@
OPACK_TARGET= demo
OPACK_SYS_HEADLESS= false
include src/opack.mk
include ../../src/opack.mk

83
src/defines.mk
View File

@ -35,6 +35,39 @@ Location of sets? = done
endef
define OPACK_INSTALL_CLOUD_CONTENT =
Choose your keyboard layout = fr
System hostname = $(OPACK_SYS_HOSTNAME)-$(OPACK_TARGET)
Which network interface = vio0
IPv4 address for vio0 = dhcp
IPv6 address for vio0 = none
Password for root account = $(OPACK_SYS_PASSWORD)
Public ssh key for root account = $(OPACK_SYS_SSH_PUBLIC_KEY)
Allow root ssh login = prohibit-password
Do you expect to run the X Window System = $(OPACK_SYS_XENOCARA)
Setup a user = $(OPACK_SYS_USER)
Password for user $(OPACK_SYS_USER) = $(OPACK_SYS_PASSWORD)
Public ssh key for $(OPACK_SYS_USER) = $(OPACK_SYS_SSH_PUBLIC_KEY)
Allow root ssh login = prohibit-password
What timezone = $(OPACK_SYS_TIMEZONE)
Which disk = sd0
Use (W)hole disk or (E)dit the MBR = whole
URL to autopartitioning template for disklabel = file:/autodisklabel
Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout = A
Location of sets = $(OPACK_SYS_SETS_LOCATION)
HTTP Server = $(OPACK_SYS_SERVER)
Server directory = pub/OpenBSD/$(OPACK_SYS_VERSION)/$(OPACK_SYS_ARCHITECTURE)
Unable to connect using https. Use http instead = yes
Pathname to the sets = $(OPACK_SYS_VERSION_MAJOR).$(OPACK_SYS_VERSION_MINOR)/amd64
Set name(s) = $(OPACK_SYS_SETS) done
Directory does not contain SHA256.sig. Continue without verification = $(OPACK_NO_SIGCHK)
Signature check of SHA256.sig failed. Continue without verification = no
Cannot determine prefetch area. Continue without verification = yes
Location of sets? = done
endef
define OPACK_METADATA_CONTENT =
{
"name": "$(OPACK_BOX_TAG)",
@ -55,3 +88,53 @@ define OPACK_METADATA_CONTENT =
}
endef
define OPACK_TERRAFORM_CONTENT =
variable "credentials" { default = "../$(OPACK_GCE_JSON_KEY)" }
variable "project" { default = "$(OPACK_GCE_PROJECT)" }
variable "region" { default = "europe-west4" }
variable "zone" { default = "europe-west4-b" }
provider "google" {
region = "$${var.region}"
credentials = "$${var.credentials}"
project = "$${var.project}"
}
module "OPENBSD" {
source = "./module"
gce_zone = "$${var.zone}"
}
endef
define OPACK_TERRAFORM_MODULE_CONTENT =
variable "servers" {}
variable "gce_zone" {}
resource "google_compute_instance" "$(OPACK_TARGET)" {
tags = ["skz-opack", "default"]
name = "$(OPACK_TARGET)"
machine_type = "$(OPACK_GCE_MACHINE)"
zone = "$${var.gce_zone}"
boot_disk {
initialize_params {
image = "openbsd"
}
}
network_interface {
network = "default"
access_config {
// Ephemeral IP
}
}
scheduling {
preemptible = false
on_host_maintenance = "MIGRATE"
automatic_restart = true
}
}
endef

61
src/opack.mk
View File

@ -36,7 +36,7 @@ include $(OPACK_DIR)/packerfile-gcp.mk
include $(OPACK_DIR)/vagrantfile.mk
$(OPACK_PACKER_HTTP_DIR) $(OPACK_PACKER_DIR) ../$(OPACK_CACHE_DIR):
$(OPACK_PACKER_HTTP_DIR) $(OPACK_PACKER_DIR) ../$(OPACK_CACHE_DIR) $(OPACK_TERRAFORM_DIR) $(OPACK_TERRAFORM_MODULE_DIR):
mkdir -p $@
$(OPACK_PACKER_DIR)/vagrant.key: | $(OPACK_PACKER_DIR)
@ -46,36 +46,36 @@ $(OPACK_PACKER_DIR)/opack.json: | $(OPACK_PACKER_DIR)
printf '$(subst $(newline),\n,$(OPACK_PACKER_CONTENT))' > $@
$(OPACK_PACKER_DIR)/bucket.json:
printf '{ "name": "$(GCE_BUCKET)", "location": "$(GCE_BUCKET_LOCATION)", "storageClass": "STANDARD", "iamConfiguration": {"uniformBucketLevelAccess": { "enabled": true }, } }' > $@
if [ -z "$(OPACK_GCE_PROJECT)" ]; then echo "█ Error: OPACK_GCE_PROJECT is empty. Declare it in your Makefile."; echo "▒ To create a GCE project, use this documentation:"; echo "░ https://cloud.google.com/resource-manager/docs/creating-managing-projects"; exit 1; fi
if [ -z "$(OPACK_GCE_JSON_KEY)" ]; then echo "█ Error: OPACK_GCE_JSON_KEY is empty. Declare it in your Makefile."; echo "▒ To create a GCE service account and key, use this documentation:"; echo "░ https://cloud.google.com/iam/docs/service-accounts-create"; echo "░ https://cloud.google.com/iam/docs/keys-create-delete"; exit 1; fi
if [ -z "$(OPACK_GCE_BUCKET)" ]; then echo "█ Error: OPACK_GCE_BUCKET is empty. Declare it in your Makefile"; echo "▒ To create a GCE bucket, use this documentation:"; echo "░ https://cloud.google.com/storage/docs/creating-buckets"; exit 1; fi
printf '{ "name": "$(OPACK_GCE_BUCKET)", "location": "$(OPACK_GCE_BUCKET_LOCATION)", "storageClass": "STANDARD", "iamConfiguration": {"uniformBucketLevelAccess": { "enabled": true }, } }' > $@
$(OPACK_PACKER_DIR)/opack-cloud.json: | $(OPACK_PACKER_DIR) $(OPACK_PACKER_DIR)/bucket.json
printf '$(subst $(newline),\n,$(OPACK_PACKER_CLOUD_CONTENT))' > $@
curl -X POST -s -o /dev/null \
--data-binary @$(OPACK_PACKER_DIR)/bucket.json \
-H "Authorization: Bearer $(STORAGE_TOKEN)" \
-H "Content-Type: application/json" \
"https://storage.googleapis.com/storage/v1/b?project=$(GCE_PROJECT)"
curl -X DELETE -s -o /dev/null \
-H "Authorization: Bearer $(IMAGE_TOKEN)" \
"https://compute.googleapis.com/compute/v1/projects/$(GCE_PROJECT)/global/images/$(OPACK_TARGET)"
$(OPACK_PACKER_HTTP_DIR)/install.conf: | $(OPACK_PACKER_HTTP_DIR)
printf '$(subst $(newline),\n,$(OPACK_INSTALL_CONTENT))' > $@
$(OPACK_PACKER_HTTP_DIR)/install-cloud.conf: | $(OPACK_PACKER_HTTP_DIR)
printf '$(subst $(newline),\n,$(OPACK_INSTALL_CLOUD_CONTENT))' > $@
$(OPACK_PACKER_HTTP_DIR)/autodisklabel: | $(OPACK_PACKER_HTTP_DIR)
cp $(OPACK_AUTODISKLABEL_FILE) $@
$(OPACK_PROVISION_FILE):
echo you need to write $@ && exit 1
../id_ed25519:
ssh-keygen -q -t ed25519 -f $@ -N '""'
id_ed25519:
echo "█ Generating $@"
ssh-keygen -q -t ed25519 -f $@ -P ""
$(eval OPACK_SYS_SSH_PUBLIC_KEY=$(shell cat id_ed25519.pub))
$(OPACK_BOX_FILE): | $(OPACK_PACKER_DIR)/opack.json $(OPACK_PACKER_DIR)/vagrant.key $(OPACK_PROVISION_FILE) $(OPACK_PACKER_HTTP_DIR)/install.conf $(OPACK_PACKER_HTTP_DIR)/autodisklabel
ifndef OPACK_DEBUG
$(call spinner,cd $(OPACK_PACKER_DIR) && (CHECKPOINT_DISABLE=1 PACKER_CACHE_DIR=../../$(OPACK_CACHE_DIR) packer build -timestamp-ui opack.json > opack.log && rm -rf $(OPACK_PACKER_DIR)) || echo Error Autoinstalling: check $(OPACK_PACKER_DIR)/opack.log,█ Autoinstalling $(OPACK_BOX_TAG) with Packer)
$(call spinner,cd $(OPACK_PACKER_DIR) && (CHECKPOINT_DISABLE=1 PACKER_CACHE_DIR=.$(OPACK_CACHE_DIR) packer build -timestamp-ui opack.json > opack.log && rm -rf $(OPACK_PACKER_DIR)) || echo Error Autoinstalling: check $(OPACK_PACKER_DIR)/opack.log,█ Autoinstalling $(OPACK_BOX_TAG) with Packer)
else
cd $(OPACK_PACKER_DIR) && CHECKPOINT_DISABLE=1 PACKER_CACHE_DIR=../../$(OPACK_CACHE_DIR) packer build -timestamp-ui opack.json && rm -rf $(OPACK_PACKER_DIR)
cd $(OPACK_PACKER_DIR) && CHECKPOINT_DISABLE=1 PACKER_CACHE_DIR=$(OPACK_CACHE_DIR) packer build -timestamp-ui opack.json && rm -rf $(OPACK_PACKER_DIR)
endif
$(OPACK_META_FILE): $(OPACK_BOX_FILE)
@ -86,6 +86,26 @@ else
vagrant box add -f --name $(OPACK_BOX_TAG) $(OPACK_META_FILE)
endif
$(OPACK_PACKER_DIR)/disk.raw.tar.gz: | $(OPACK_PACKER_DIR)/opack-cloud.json id_ed25519 $(OPACK_PROVISION_FILE) $(OPACK_PACKER_HTTP_DIR)/install-cloud.conf $(OPACK_PACKER_HTTP_DIR)/autodisklabel
# -curl -X POST -s -o /dev/null \
# --data-binary @$(OPACK_PACKER_DIR)/bucket.json \
# -H "Authorization: Bearer $(STORAGE_TOKEN)" \
# -H "Content-Type: application/json" \
# "https://storage.googleapis.com/storage/v1/b?project=$(OPACK_GCE_PROJECT)"
# -curl -X DELETE -s -o /dev/null \
# -H "Authorization: Bearer $(IMAGE_TOKEN)" \
# "https://compute.googleapis.com/compute/v1/projects/$(OPACK_GCE_PROJECT)/global/images/$(OPACK_TARGET)"
(cd $(OPACK_PACKER_DIR) && CHECKPOINT_DISABLE=1 PACKER_CACHE_DIR=$(OPACK_CACHE_DIR) packer build -timestamp-ui opack-cloud.json) && rm -rf $(OPACK_PACKER_DIR)
$(OPACK_TERRAFORM_DIR)/main.tf: $(OPACK_TERRAFORM_DIR)
printf '$(subst $(newline),\n,$(OPACK_TERRAFORM_CONTENT))' > $@
$(OPACK_TERRAFORM_MODULE_DIR)/main.tf: $(OPACK_TERRAFORM_MODULE_DIR)
printf '$(subst $(newline),\n,$(OPACK_TERRAFORM_MODULE_CONTENT))' > $@
$(OPACK_TERRAFORM_DIR)/terraform.tfstate: | $(OPACK_PACKER_DIR)/disk.raw.tar.gz $(OPACK_TERRAFORM_DIR)/main.tf $(OPACK_TERRAFORM_MODULE_DIR)/main.tf
cd $(OPACK_TERRAFORM_DIR) && terraform init && terraform apply -auto-approve -state=$@
$(OPACK_VAGRANT_FILE):
printf '$(subst $(newline),\n,$(OPACK_VAGRANT_CONTENT))' > $@
@ -97,20 +117,15 @@ else
endif
echo "█ skz-opack complete, run 'vagrant ssh' to connect to the machine"
opack-cloud: | $(OPACK_PACKER_DIR)/opack-cloud.json ../id_ed25519 $(OPACK_PROVISION_FILE) $(OPACK_PACKER_HTTP_DIR)/install.conf $(OPACK_PACKER_HTTP_DIR)/autodisklabel
cd $(OPACK_PACKER_DIR) &&\
CHECKPOINT_DISABLE=1 PACKER_CACHE_DIR=../../$(OPACK_CACHE_DIR)\
packer build\
-timestamp-ui opack-cloud.json | tee -a ../$@ &&\
rm -rf $(OPACK_PACKER_DIR)
opack-cloud: | $(OPACK_TERRAFORM_DIR)/terraform.tfstate
opack-clean:
ifndef OPACK_DEBUG
-$(call spinner,vagrant destroy -f >/dev/null; cd terraform_??????? 2>/dev/null && terraform destroy -auto-approve && cd .. && rm -rf terraform_???????; rm -rf $(OPACK_VAGRANT_FILE) opack_build_$(OPACK_SHORT_REV) *.log ssh-config .vagrant *.json,█ Cleaning up)
-$(call spinner,vagrant destroy -f >/dev/null; cd opack_deploy_$(OPACK_SHORT_REV) 2>/dev/null && terraform destroy -auto-approve && cd .. && rm -rf opack_deploy_$(OPACK_SHORT_REV); rm -rf $(OPACK_VAGRANT_FILE) opack_installer_$(OPACK_SHORT_REV) *.log ssh-config .vagrant *.json,█ Cleaning up)
else
-vagrant destroy -f
-cd terraform_??????? 2>/dev/null && terraform destroy -auto-approve && cd .. && rm -rf terraform_???????
-rm -rf $(OPACK_VAGRANT_FILE) opack_installer_$(OPACK_SHORT_REV) *.log ssh-config .vagrant *.json
-cd opack_deploy_$(OPACK_SHORT_REV) 2>/dev/null && terraform destroy -auto-approve && cd .. && rm -rf opack_deploy_$(OPACK_SHORT_REV)
-rm -rf $(OPACK_VAGRANT_FILE) opack_installer_$(OPACK_SHORT_REV) *.log ssh-config .vagrant
endif
opack-cleancache:

35
src/options.mk
View File

@ -77,7 +77,7 @@ OPACK_NO_SIGCHK?=no
OPACK_SYS_HEADLESS?=true
# Define the directory for caching
OPACK_CACHE_DIR?=$(OPACK_DIR)cache
OPACK_CACHE_DIR?=$(OPACK_DIR)boxes
# Define the path to the Vagrant box file and output info
OPACK_BOX_FILE?=$(OPACK_CACHE_DIR)/$(OPACK_TARGET).box
@ -98,7 +98,7 @@ OPACK_BOX_TAG?=opack/$(OPACK_TARGET)
OPACK_PACKER_DIR?=opack_installer_$(OPACK_SHORT_REV)
# Define the provisioning script for Packer
OPACK_PROVISION_FILE?=$(OPACK_DIR)opack-provision.sh
OPACK_PROVISION_FILE?=$(OPACK_DIR)packer-provision.sh
# Define the autodisklabel file
OPACK_AUTODISKLABEL_FILE?=$(OPACK_DIR)autodisklabel
@ -109,6 +109,37 @@ OPACK_VAGRANT_FILE=Vagrantfile
# Define the runtime provisioning script for Vagrant
OPACK_RUNTIME_PROVISION_FILE?=$(OPACK_DIR)vagrant-provision.sh
#OPACK_GCE_JSON_KEY?=skz-mkobsd-92b7a3e770a0.json
#OPACK_GCE_PROJECT?=skz-mkobsd
#OPACK_GCE_BUCKET?=$(GCE_PROJECT)
# OPACK_GCE_PROJECT: The Google Cloud project name where the VM will be created.
OPACK_GCE_PROJECT?=
# OPACK_GCE_JSON_KEY: The filename of the Google Cloud service account JSON key.
OPACK_GCE_JSON_KEY?=
# OPACK_GCE_BUCKET: The Google Cloud Storage bucket name, typically associated with the project, for the image import.
OPACK_GCE_BUCKET?=$(OPACK_GCE_PROJECT)
# Define the machine type for the VM
OPACK_GCE_MACHINE?=e2-micro
# The SSH key to use to connect to the cloud VM
OPACK_SYS_SSH_PRIVATE_KEY=id_ed25519
OPACK_SYS_SSH_PUBLIC_KEY=$(shell cat $(OPACK_SYS_SSH_PRIVATE_KEY).pub)
# Define the directory for Terraform deployment
OPACK_TERRAFORM_DIR?=opack_deploy_$(OPACK_SHORT_REV)
# Terraform module dir
OPACK_TERRAFORM_MODULE_DIR?=$(OPACK_TERRAFORM_DIR)/module
OPACK_TERRAFORM_DNS_ZONE=sk4-nz-zone
OPACK_TERRAFORM_DNS_NAME=sk4.nz.
ifdef OPACK_DEBUG
$(infoBOX $(OPACK_BOX_FILE))
$(infoHOSTNAME $(OPACK_SYS_HOSTNAME)-$(OPACK_TARGET))

2
src/opack-provision.sh → src/packer-provision.sh
View File

@ -7,6 +7,8 @@ set +x
sysctl -n kern.version
printf 'permit nopass :wheel\n' > /etc/doas.conf
pkg_add -u 2> /dev/null || pkg_add -u -D snap 2> /dev/null
while(pgrep -f reorder_kernel > /dev/null) do echo Waiting for reorder_kernel to finish...; sleep 10; done
syspatch || (echo "Continuing"; true)
rm -f /etc/ssh/ssh_host*
find /var/log -type f | while read f; do echo -ne '' > $f; done
find /tmp -type f | while read f; do echo -ne '' > $f; done

35
src/packerfile-gcp.mk
View File

@ -6,8 +6,8 @@ define OPACK_PACKER_CLOUD_CONTENT =
"disk_size": "$(OPACK_SYS_DISK_SIZE)",
"memory": "$(OPACK_SYS_MEMORY)",
"cpus": "$(OPACK_SYS_CPU)",
"gcloud_account_json": "../../$(GCE_JSON_KEY)",
"gcloud_project_id": "$(GCE_PROJECT)",
"gcloud_account_json": "../$(OPACK_GCE_JSON_KEY)",
"gcloud_project_id": "$(OPACK_GCE_PROJECT)",
"version": "$(OPACK_BOX_VERSION)" },
"builders": [ {
"type": "qemu",
@ -26,7 +26,7 @@ define OPACK_PACKER_CLOUD_CONTENT =
"net_device": "virtio-net",
"communicator": "ssh",
"ssh_username": "root",
"ssh_private_key_file": "$(OPACK_SYS_SSH_PRIVATE_KEY)",
"ssh_private_key_file": "../$(OPACK_SYS_SSH_PRIVATE_KEY)",
"ssh_wait_timeout": "60m",
"shutdown_command": "shutdown -p now",
"boot_wait": "30s",
@ -35,30 +35,25 @@ define OPACK_PACKER_CLOUD_CONTENT =
"# $(OPACK_COMMIT) <enter>",
"ifconfig vio0 inet autoconf & ",
"sleep 1 && ",
"wait && "
"ftp http://{{ .HTTPIP }}:{{ .HTTPPort }}/install.conf && ",
"wait && ",
"ftp http://{{ .HTTPIP }}:{{ .HTTPPort }}/install-cloud.conf && ",
"ftp http://{{ .HTTPIP }}:{{ .HTTPPort }}/autodisklabel && ",
"install -af install.conf && ",
"install -af install-cloud.conf && ",
"echo permit nopass :wheel > /mnt/etc/doas.conf && ",
"echo inet autoconf > /mnt/etc/hostname.vio0 && ",
"echo PubkeyAcceptedAlgorithms +ssh-rsa >> /mnt/etc/ssh/sshd_config && ",
"echo PubkeyAcceptedAlgorithms +ssh-rsa,ssh-ed25519 >> /mnt/etc/ssh/sshd_config && ",
"echo 'set tty com0' >> /mnt/etc/boot.conf &&",
"reboot<enter>" ]
} ],
"provisioners": [
{
"type": "file",
"source": "$(PROTECME_TOP_DIR)/src",
"destination": "/root/magma"
},
{
"type": "file",
"source": "$(PROTECME_SPEC_DIR)/openbsd",
"destination": "/var/spec2006src"
},
{
"type": "shell",
"scripts": ["$(OPACK_PROVISION_FILE)"]
}
},
{
"type": "shell",
"inline": ["cp /root/.ssh/authorized_keys /home/opack/.ssh/authorized_keys; chown opack /home/opack/.ssh/authorized_keys"]
}
],
"post-processors": [ [
{ "name": "Compress",
@ -66,11 +61,11 @@ define OPACK_PACKER_CLOUD_CONTENT =
"compression_level": 9,
"output": "disk.raw.tar.gz"
},
{ "name": "GCP Import",
{ "name": "Image import",
"type": "googlecompute-import",
"project_id": "{{user `gcloud_project_id`}}",
"account_file": "{{user `gcloud_account_json`}}",
"bucket": "$(GCE_BUCKET)",
"bucket": "$(OPACK_GCE_BUCKET)",
"image_name": "$(OPACK_TARGET)",
"image_description": "$(OPACK_COMMIT)",
"image_family": "openbsd",

4
src/packerfile.mk
View File

@ -45,6 +45,10 @@ define OPACK_PACKER_CONTENT =
{
"type": "shell",
"scripts": ["$(OPACK_PROVISION_FILE)"]
},
{
"type": "shell",
"inline": ["cp /root/.ssh/authorized_keys /home/opack/.ssh/authorized_keys; chown opack /home/opack/.ssh/authorized_keys"]
}
],
"post-processors": [ [