Merge branch 'ansible' into 'master'
Ansible See merge request fablab/labsync!9
This commit is contained in:
jalr
commit
f5d73057f4
58 changed files with 944 additions and 92 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
|
@ -1,4 +1,5 @@
|
|||
/**/ansible/**/*.retry
|
||||
/**/ansible/inventories/test/
|
||||
bin
|
||||
images
|
||||
tmp
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ dockerimage:
|
|||
tags:
|
||||
- fablab
|
||||
|
||||
squashfs:
|
||||
.squashfs_template: &squashfs_template
|
||||
stage: build
|
||||
script:
|
||||
- make images/debian-stretch.squashfs
|
||||
|
|
@ -41,3 +41,17 @@ squashfs:
|
|||
expire_in: 2 weeks
|
||||
tags:
|
||||
- fablab
|
||||
|
||||
squashfs_featurebranch:
|
||||
<<: *squashfs_template
|
||||
variables:
|
||||
COMPRESSION_LEVEL: 5
|
||||
except:
|
||||
- master
|
||||
|
||||
squashfs_master:
|
||||
<<: *squashfs_template
|
||||
variables:
|
||||
COMPRESSION_LEVEL: 7
|
||||
only:
|
||||
- master
|
||||
|
|
|
|||
38
Makefile
38
Makefile
|
|
@ -6,6 +6,11 @@ DOCKER_IMAGE ?= labsync-builder
|
|||
|
||||
CWD=$(abspath $(patsubst %/,%,$(dir $(abspath $(lastword $(MAKEFILE_LIST))))))
|
||||
|
||||
COMPRESSION_LEVEL ?= 5
|
||||
|
||||
ANSIBLE_LIMIT ?= qemumachine
|
||||
ANSIBLE_TAGS ?=
|
||||
|
||||
qemu_ifname_br = brlabsync
|
||||
qemu_ifname_tap = taplabsync
|
||||
qemu_hostname = qemumachine
|
||||
|
|
@ -18,7 +23,7 @@ qemu_target ?= debian-stretch
|
|||
qemu_kernel = $(qemu_target).linux
|
||||
qemu_torrent = $(qemu_target).torrent
|
||||
qemu_initramfs = $(shell \
|
||||
if [ -e $(qemu_target).initramfs.dev ] && [ `date -r $(qemu_target).initramfs.dev +%s` -gt `date -r $(qemu_target).initramfs +%s` ]; then \
|
||||
if [ -e images/$(qemu_target).initramfs.dev ] && [ `date -r images/$(qemu_target).initramfs.dev +%s` -gt `date -r images/$(qemu_target).initramfs +%s` ]; then \
|
||||
echo "$(qemu_target).initramfs.dev"; \
|
||||
else \
|
||||
echo "$(qemu_target).initramfs"; \
|
||||
|
|
@ -36,7 +41,7 @@ clean:
|
|||
|
||||
.PHONY: dockerimg
|
||||
dockerimg:
|
||||
docker build -t "$(DOCKER_IMAGE)" --build-arg "PACKER_VERSION=$(PACKER_VERSION)" docker
|
||||
docker build --pull -t "$(DOCKER_IMAGE)" --cache-from "$(DOCKER_IMAGE)" --build-arg "PACKER_VERSION=$(PACKER_VERSION)" docker
|
||||
|
||||
images:
|
||||
[ ! -d "$@" ] && mkdir "$@"
|
||||
|
|
@ -50,8 +55,10 @@ images/debian-stretch.squashfs: images
|
|||
-v "${PWD}/images:/images" \
|
||||
-e "user=`id -u`" \
|
||||
-e "group=`id -g`" \
|
||||
-e "IMAGES=${PWD}/images" \
|
||||
-e "ANNOUNCE=$(ANNOUNCE)" \
|
||||
-e "WEBSEED=$(WEBSEED)" \
|
||||
-e "COMPRESSION_LEVEL=$(COMPRESSION_LEVEL)" \
|
||||
$(ci_environment) \
|
||||
"$(DOCKER_IMAGE)" \
|
||||
debian-stretch
|
||||
|
|
@ -68,6 +75,25 @@ images/debian-stretch.torrent: images
|
|||
"$(DOCKER_IMAGE)" \
|
||||
debian-stretch
|
||||
|
||||
.PHONY: ansible
|
||||
ansible:
|
||||
docker run \
|
||||
--rm \
|
||||
-v "${PWD}/packer/ansible:/ansible" \
|
||||
-e "user=`id -u`" \
|
||||
-e "group=`id -g`" \
|
||||
-e "ANNOUNCE=$(ANNOUNCE)" \
|
||||
-e "WEBSEED=$(WEBSEED)" \
|
||||
-e "TASK=ansible" \
|
||||
-v "${SSH_AUTH_SOCK}:/var/run/ssh_auth_sock" \
|
||||
-e "SSH_AUTH_SOCK=/var/run/ssh_auth_sock" \
|
||||
"$(DOCKER_IMAGE)" \
|
||||
-i inventories \
|
||||
$(if $(ANSIBLE_TAGS),-t $(ANSIBLE_TAGS),) \
|
||||
-l $(ANSIBLE_LIMIT) \
|
||||
--ssh-extra-args="-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" \
|
||||
playbook.yml
|
||||
|
||||
# updates the initramfs
|
||||
# only used for development
|
||||
images/debian-stretch.initramfs.dev: tmp/initramfs-extracted/debian-stretch packer/initramfs/labsync
|
||||
|
|
@ -84,7 +110,7 @@ tmp/initramfs-extracted/debian-stretch: images/debian-stretch.initramfs
|
|||
touch tmp/initramfs-extracted/debian-stretch
|
||||
|
||||
$(qemu_disk): tmp
|
||||
qemu-img create "$@" 4G
|
||||
qemu-img create "$@" 20G
|
||||
|
||||
tmp/netboot.tar.gz: tmp
|
||||
wget -c -O "$@" https://cdn-aws.deb.debian.org/debian/dists/stretch/main/installer-amd64/current/images/netboot/netboot.tar.gz
|
||||
|
|
@ -122,7 +148,9 @@ qemu-network: /sys/devices/virtual/net/$(qemu_ifname_br)/brif/$(qemu_ifname_tap
|
|||
fi
|
||||
sudo ip link set $(qemu_ifname_tap) up
|
||||
sudo ip link set $(qemu_ifname_br) up
|
||||
sudo iptables -t nat -A POSTROUTING -s $(qemu_network)/$(qemu_netmask) ! -o $(qemu_ifname_br) -j MASQUERADE
|
||||
if ! sudo iptables -t nat -L POSTROUTING | grep -q "$(qemu_network)/$(qemu_netmask)"; then \
|
||||
sudo iptables -t nat -A POSTROUTING -s $(qemu_network)/$(qemu_netmask) ! -o $(qemu_ifname_br) -j MASQUERADE; \
|
||||
fi
|
||||
|
||||
.PHONY: qemu
|
||||
qemu: qemu-network $(qemu_disk) docker-services
|
||||
|
|
@ -130,7 +158,7 @@ qemu: qemu-network $(qemu_disk) docker-services
|
|||
-kernel "images/$(qemu_kernel)" \
|
||||
-initrd "images/$(qemu_initramfs)" \
|
||||
-drive format=raw,file="$(qemu_disk)" \
|
||||
-append "boot=labsync labsync_disk=/dev/sda labsync_partsize_boot=512 labsync_torrent=http://10.2.2.1/$(qemu_torrent) quiet vga=792 ip=$(qemu_vm_ip):::255.255.255.0:$(qemu_hostname):ens3:off labsync_wait=pause" \
|
||||
-append "boot=labsync labsync_disk=sda labsync_partsize_boot=512 labsync_torrent=http://10.2.2.1/$(qemu_torrent) quiet vga=792 ip=$(qemu_vm_ip):::255.255.255.0:$(qemu_hostname):ens3:off labsync_wait=pause" \
|
||||
-enable-kvm \
|
||||
-m 1G \
|
||||
-net nic \
|
||||
|
|
|
|||
7
README.md
Normal file
7
README.md
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
## Testing
|
||||
|
||||
### ansible
|
||||
|
||||
root: `packer/ansible`
|
||||
|
||||
`ansible-playbook -i inventories/qemu playbook.yml [-t TAG]`
|
||||
|
|
@ -1,11 +1,25 @@
|
|||
FROM docker:dind
|
||||
FROM docker
|
||||
|
||||
RUN apk add --no-cache \
|
||||
ansible \
|
||||
mktorrent \
|
||||
openssh-client \
|
||||
rsync \
|
||||
squashfs-tools
|
||||
ca-certificates \
|
||||
libffi \
|
||||
mktorrent \
|
||||
openssh-client \
|
||||
openssl \
|
||||
python2 \
|
||||
rsync \
|
||||
squashfs-tools \
|
||||
&& apk add --no-cache --virtual .build-deps \
|
||||
gcc \
|
||||
libffi-dev \
|
||||
make \
|
||||
musl-dev \
|
||||
openssl-dev \
|
||||
py2-pip \
|
||||
python-dev \
|
||||
&& pip install --upgrade pip \
|
||||
&& pip install ansible==2.4.3.0 \
|
||||
&& apk del .build-deps
|
||||
|
||||
ARG PACKER_VERSION
|
||||
|
||||
|
|
|
|||
|
|
@ -37,36 +37,10 @@ make_torrent() {
|
|||
}
|
||||
|
||||
run_packer() {
|
||||
packer build "$PACKER_JSON"
|
||||
|
||||
mkdir -p build/rootfs
|
||||
tar xf build/rootfs.tar -C build/rootfs
|
||||
|
||||
mv build/rootfs/artifacts/initramfs "/images/$INITRAMFS_FILE"
|
||||
mv build/rootfs/artifacts/linux "/images/$LINUX_FILE"
|
||||
|
||||
rm -rf build/rootfs/artifacts
|
||||
|
||||
rm -- \
|
||||
build/rootfs/.dockerenv \
|
||||
build/rootfs/initrd.* \
|
||||
build/rootfs/vmlinuz*
|
||||
|
||||
if [ -e "/images/$SQUASHFS_FILE" ]; then
|
||||
rm "/images/$SQUASHFS_FILE"
|
||||
fi
|
||||
|
||||
mksquashfs build/rootfs "/images/$SQUASHFS_FILE" \
|
||||
-comp lzo \
|
||||
-Xcompression-level 9
|
||||
|
||||
rm -rf build
|
||||
packer build "$NAME.json"
|
||||
|
||||
if [ "$user" != "" ] && [ "$group" != "" ]; then
|
||||
chown $user:$group \
|
||||
"/images/$INITRAMFS_FILE" \
|
||||
"/images/$LINUX_FILE" \
|
||||
"/images/$SQUASHFS_FILE"
|
||||
chown $user:$group "/images/${NAME}."*
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
@ -77,10 +51,7 @@ if [ "$NAME" = "" ]; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
export PACKER_JSON="$NAME.json"
|
||||
export INITRAMFS_FILE="$NAME.initramfs"
|
||||
export LINUX_FILE="$NAME.linux"
|
||||
export SQUASHFS_FILE="$NAME.squashfs"
|
||||
export NAME
|
||||
|
||||
if [ -z "$TASK" ] || [ "$TASK" == "packer" ]; then
|
||||
run_packer
|
||||
|
|
@ -88,4 +59,8 @@ fi
|
|||
if [ -z "$TASK" ] || [ "$TASK" == "torrent" ]; then
|
||||
make_torrent "$NAME.squashfs"
|
||||
fi
|
||||
if [ "$TASK" == "ansible" ]; then
|
||||
cd /ansible
|
||||
/usr/bin/ansible-playbook "$@"
|
||||
fi
|
||||
|
||||
|
|
|
|||
|
|
@ -1,3 +1,2 @@
|
|||
[default]
|
||||
qemumachine ansible_host=10.2.2.10
|
||||
spielkiste ansible_host=10.105.255.154
|
||||
qemumachine ansible_host=10.2.2.10 ansible_user=root
|
||||
|
|
|
|||
|
|
@ -2,18 +2,66 @@
|
|||
- hosts: default
|
||||
any_errors_fatal: yes
|
||||
roles:
|
||||
- role: packages
|
||||
tags:
|
||||
- packages
|
||||
- role: superuser
|
||||
tags:
|
||||
- superuser
|
||||
- role: auth
|
||||
tags:
|
||||
- auth
|
||||
- role: base
|
||||
tags:
|
||||
- base
|
||||
- role: packages
|
||||
tags:
|
||||
- packages
|
||||
- role: labsync
|
||||
tags:
|
||||
- labsync
|
||||
- role: windowmanager
|
||||
tags:
|
||||
- windowmanager
|
||||
- role: l10n
|
||||
tags:
|
||||
- l10n
|
||||
- role: inkscape
|
||||
tags:
|
||||
- inkscape
|
||||
- role: fablab
|
||||
tags:
|
||||
- fablab
|
||||
- role: hardware
|
||||
tags:
|
||||
- hardware
|
||||
- role: docker
|
||||
tags:
|
||||
- docker
|
||||
vars:
|
||||
auth:
|
||||
sudo:
|
||||
group: fablab
|
||||
l10n:
|
||||
keyboard:
|
||||
layout: de
|
||||
variant:
|
||||
model: pc105
|
||||
options: ""
|
||||
locale:
|
||||
generate:
|
||||
- en_US.UTF-8 UTF-8
|
||||
- de_DE.UTF-8 UTF-8
|
||||
default: de_DE.UTF-8
|
||||
tasksel:
|
||||
- english
|
||||
- german
|
||||
fablab:
|
||||
arduino:
|
||||
version: 1.8.5
|
||||
visicut:
|
||||
url: "https://github.com/t-oster/VisiCut/releases/download/1.7_310/visicut_1.7-310-gcf8c087-1_all.deb"
|
||||
cura:
|
||||
version: 3.2.1
|
||||
debian_sections:
|
||||
- main
|
||||
- contrib
|
||||
- non-free
|
||||
debian_mirror: http://ftp.de.debian.org/debian
|
||||
hardware:
|
||||
firmware:
|
||||
- firmware-amd-graphics
|
||||
|
|
|
|||
7
packer/ansible/roles/auth/files/sudoers
Normal file
7
packer/ansible/roles/auth/files/sudoers
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
Defaults env_reset
|
||||
Defaults mail_badpass
|
||||
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
||||
|
||||
root ALL=(ALL:ALL) ALL
|
||||
|
||||
%fablab ALL=(ALL:ALL) ALL
|
||||
|
|
@ -1,2 +1,3 @@
|
|||
---
|
||||
- import_tasks: debug.yml
|
||||
- import_tasks: sudo.yml
|
||||
|
|
|
|||
13
packer/ansible/roles/auth/tasks/sudo.yml
Normal file
13
packer/ansible/roles/auth/tasks/sudo.yml
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
- name: install sudo
|
||||
package:
|
||||
name: sudo
|
||||
state: present
|
||||
|
||||
- name: configure sudoers
|
||||
copy:
|
||||
src: sudoers
|
||||
dest: "/etc/sudoers"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0440'
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
- name: configure fstab
|
||||
template:
|
||||
src: fstab.j2
|
||||
dest: /etc/fstab
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
---
|
||||
- import_tasks: filesystem.yml
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
# device mountpoint type options dump pass
|
||||
/dev/sda1 / ext4 defaults 0 0
|
||||
62
packer/ansible/roles/docker/files/docker.asc
Normal file
62
packer/ansible/roles/docker/files/docker.asc
Normal file
|
|
@ -0,0 +1,62 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth
|
||||
lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh
|
||||
38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq
|
||||
L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7
|
||||
UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N
|
||||
cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht
|
||||
ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo
|
||||
vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD
|
||||
G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ
|
||||
XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj
|
||||
q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB
|
||||
tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3
|
||||
BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO
|
||||
v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd
|
||||
tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk
|
||||
jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m
|
||||
6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P
|
||||
XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc
|
||||
FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8
|
||||
g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm
|
||||
ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh
|
||||
9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5
|
||||
G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW
|
||||
FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB
|
||||
EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF
|
||||
M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx
|
||||
Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu
|
||||
w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk
|
||||
z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8
|
||||
eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb
|
||||
VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa
|
||||
1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X
|
||||
zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ
|
||||
pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7
|
||||
ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ
|
||||
BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY
|
||||
1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp
|
||||
YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI
|
||||
mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES
|
||||
KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7
|
||||
JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ
|
||||
cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0
|
||||
6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5
|
||||
U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z
|
||||
VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f
|
||||
irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk
|
||||
SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz
|
||||
QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W
|
||||
9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw
|
||||
24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe
|
||||
dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y
|
||||
Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR
|
||||
H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh
|
||||
/nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ
|
||||
M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S
|
||||
xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O
|
||||
jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG
|
||||
YT90qFF93M3v01BbxP+EIY2/9tiIPbrd
|
||||
=0YYh
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
4
packer/ansible/roles/docker/tasks/main.yml
Normal file
4
packer/ansible/roles/docker/tasks/main.yml
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- import_tasks: packages.yml
|
||||
tags:
|
||||
- docker:packages
|
||||
24
packer/ansible/roles/docker/tasks/packages.yml
Normal file
24
packer/ansible/roles/docker/tasks/packages.yml
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
- name: install dependencies
|
||||
apt:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
|
||||
- name: Add apt key
|
||||
apt_key:
|
||||
data: "{{ lookup('file', 'docker.asc') }}"
|
||||
state: present
|
||||
|
||||
- name: Add repository
|
||||
apt_repository:
|
||||
repo: "deb [arch=amd64] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
|
||||
filename: docker
|
||||
state: present
|
||||
|
||||
- name: install docker-ce
|
||||
apt:
|
||||
name: "docker-ce"
|
||||
state: present
|
||||
9
packer/ansible/roles/fablab/files/cura.desktop
Normal file
9
packer/ansible/roles/fablab/files/cura.desktop
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
[Desktop Entry]
|
||||
Name=Cura
|
||||
GenericName=Cura
|
||||
Comment=3D slicer
|
||||
Exec=/opt/cura.AppImage
|
||||
Icon=/opt/cura.png
|
||||
Terminal=false
|
||||
Type=Application
|
||||
Categories=Graphics
|
||||
BIN
packer/ansible/roles/fablab/files/cura.png
Normal file
BIN
packer/ansible/roles/fablab/files/cura.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 2.6 KiB |
14
packer/ansible/roles/fablab/tasks/arduino.yml
Normal file
14
packer/ansible/roles/fablab/tasks/arduino.yml
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
- import_tasks: java.yml
|
||||
|
||||
- name: download and extract arduino
|
||||
unarchive:
|
||||
src: "https://downloads.arduino.cc/arduino-{{ fablab.arduino.version }}-linux64.tar.xz"
|
||||
dest: /opt/
|
||||
remote_src: yes
|
||||
|
||||
- name: add arduino to applications menu
|
||||
template:
|
||||
src: arduino.desktop.j2
|
||||
dest: /usr/share/applications/arduino.dekstop
|
||||
|
||||
21
packer/ansible/roles/fablab/tasks/cad.yml
Normal file
21
packer/ansible/roles/fablab/tasks/cad.yml
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
---
|
||||
- name: install freecad
|
||||
apt:
|
||||
name: freecad
|
||||
state: present
|
||||
tags:
|
||||
- fablab:cad:freecad
|
||||
|
||||
- name: install openscad
|
||||
apt:
|
||||
name: openscad
|
||||
state: present
|
||||
tags:
|
||||
- fablab:cad:openscad
|
||||
|
||||
- name: install meshlab
|
||||
apt:
|
||||
name: meshlab
|
||||
state: present
|
||||
tags:
|
||||
- fablab:cad:meshlab
|
||||
16
packer/ansible/roles/fablab/tasks/cura.yml
Normal file
16
packer/ansible/roles/fablab/tasks/cura.yml
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
- name: install cura
|
||||
get_url:
|
||||
url: "http://software.ultimaker.com/current/Cura-{{ fablab.cura.version }}.AppImage"
|
||||
dest: /opt/cura.AppImage
|
||||
mode: 775
|
||||
|
||||
- name: get cura icon
|
||||
copy:
|
||||
src: cura.png
|
||||
dest: /opt/cura.png
|
||||
|
||||
- name: install cura dekstop file
|
||||
copy:
|
||||
src: cura.desktop
|
||||
dest: /usr/share/applications/cura.desktop
|
||||
5
packer/ansible/roles/fablab/tasks/fritzing.yml
Normal file
5
packer/ansible/roles/fablab/tasks/fritzing.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- name: install fritzing
|
||||
apt:
|
||||
name: fritzing
|
||||
state: present
|
||||
5
packer/ansible/roles/fablab/tasks/java.yml
Normal file
5
packer/ansible/roles/fablab/tasks/java.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- name: install java
|
||||
apt:
|
||||
name: default-jre
|
||||
state: present
|
||||
5
packer/ansible/roles/fablab/tasks/kicad.yml
Normal file
5
packer/ansible/roles/fablab/tasks/kicad.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- name: install kicad
|
||||
apt:
|
||||
name: kicad
|
||||
state: present
|
||||
19
packer/ansible/roles/fablab/tasks/main.yml
Normal file
19
packer/ansible/roles/fablab/tasks/main.yml
Normal file
|
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
- import_tasks: arduino.yml
|
||||
tags:
|
||||
- fablab:arduino
|
||||
- import_tasks: cad.yml
|
||||
tags:
|
||||
- fablab:cad
|
||||
- import_tasks: cura.yml
|
||||
tags:
|
||||
- fablab:cura
|
||||
- import_tasks: fritzing.yml
|
||||
tags:
|
||||
- fablab:fritzing
|
||||
- import_tasks: kicad.yml
|
||||
tags:
|
||||
- fablab:kicad
|
||||
- import_tasks: visicut.yml
|
||||
tags:
|
||||
- fablab:visicut
|
||||
7
packer/ansible/roles/fablab/tasks/visicut.yml
Normal file
7
packer/ansible/roles/fablab/tasks/visicut.yml
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
- import_tasks: java.yml
|
||||
|
||||
- name: install visicut
|
||||
apt:
|
||||
deb: "{{ fablab.visicut.url }}"
|
||||
state: present
|
||||
10
packer/ansible/roles/fablab/templates/arduino.desktop.j2
Normal file
10
packer/ansible/roles/fablab/templates/arduino.desktop.j2
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
[Desktop Entry]
|
||||
Type=Application
|
||||
Name=Arduino IDE
|
||||
GenericName=Create physical computing projects
|
||||
Exec=/opt/arduino-{{ fablab.arduino.version }}/arduino
|
||||
Icon=/opt/arduino-{{ fablab.arduino.version }}/lib/icons/128x128/apps/arduino.png
|
||||
Terminal=false
|
||||
Categories=Development;Engineering;Electronics;
|
||||
MimeType=text/x-arduino
|
||||
Keywords=embedded electronics;electronics;avr;microcontroller;
|
||||
6
packer/ansible/roles/hardware/tasks/firmware.yml
Normal file
6
packer/ansible/roles/hardware/tasks/firmware.yml
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
- name: install firmware
|
||||
apt:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items: "{{ hardware.firmware }}"
|
||||
2
packer/ansible/roles/hardware/tasks/main.yml
Normal file
2
packer/ansible/roles/hardware/tasks/main.yml
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
---
|
||||
- import_tasks: firmware.yml
|
||||
5
packer/ansible/roles/inkscape/tasks/base.yml
Normal file
5
packer/ansible/roles/inkscape/tasks/base.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- name: install inkscape
|
||||
apt:
|
||||
name: "inkscape"
|
||||
state: present
|
||||
2
packer/ansible/roles/inkscape/tasks/main.yml
Normal file
2
packer/ansible/roles/inkscape/tasks/main.yml
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
---
|
||||
- import_tasks: base.yml
|
||||
4
packer/ansible/roles/l10n/handlers/main.yml
Normal file
4
packer/ansible/roles/l10n/handlers/main.yml
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
- name: generate locales
|
||||
command: locale-gen
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- name: configure keyboard
|
||||
template:
|
||||
src: keyboard.j2
|
||||
dest: /etc/default/keyboard
|
||||
17
packer/ansible/roles/l10n/tasks/locale.yml
Normal file
17
packer/ansible/roles/l10n/tasks/locale.yml
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
- name: install locales
|
||||
apt:
|
||||
name: locales
|
||||
state: present
|
||||
|
||||
- name: configure locales to be generated
|
||||
template:
|
||||
src: locale.gen.j2
|
||||
dest: /etc/locale.gen
|
||||
notify: generate locales
|
||||
|
||||
- name: set default locale
|
||||
lineinfile:
|
||||
path: /etc/default/locale
|
||||
regexp: "^LANG="
|
||||
line: "LANG={{ l10n.locale.default }}"
|
||||
3
packer/ansible/roles/l10n/tasks/main.yml
Normal file
3
packer/ansible/roles/l10n/tasks/main.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
- import_tasks: keyboard-configuration.yml
|
||||
- import_tasks: locale.yml
|
||||
6
packer/ansible/roles/l10n/templates/keyboard.j2
Normal file
6
packer/ansible/roles/l10n/templates/keyboard.j2
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
XKBMODEL="{{ l10n.keyboard.model }}"
|
||||
XKBLAYOUT="{{ l10n.keyboard.layout }}"
|
||||
XKBVARIANT="{{ l10n.keyboard.variant }}"
|
||||
XKBOPTIONS="{{ l10n.keyboard.options }}"
|
||||
|
||||
BACKSPACE="guess"
|
||||
3
packer/ansible/roles/l10n/templates/locale.gen.j2
Normal file
3
packer/ansible/roles/l10n/templates/locale.gen.j2
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
{% for locale in l10n.locale.generate %}
|
||||
{{ locale }}
|
||||
{% endfor %}
|
||||
|
|
@ -1,14 +1,16 @@
|
|||
#!/bin/sh
|
||||
boot_partition='/dev/sda1'
|
||||
boot_partition="/dev/${LABSYNC_DISK}1"
|
||||
localboot="$(sed -n 's/^.*labsync_localboot=\([^ ]*\).*$/\1/p' /proc/cmdline)"
|
||||
|
||||
if [ -z "$localboot" ]; then
|
||||
umount "$boot_partition" || true
|
||||
echo "$boot_partition /boot ext2 defaults 0 0" > /etc/fstab
|
||||
if ! grep -q ' /boot ' /etc/fstab; then
|
||||
echo "$boot_partition /boot ext2 defaults 0 0" >> /etc/fstab
|
||||
fi
|
||||
mke2fs -t ext2 -F "$boot_partition"
|
||||
mount /boot
|
||||
rsync -av /usr/local/boot/ /boot/
|
||||
grub-install /dev/sda
|
||||
grub-install /dev/$LABSYNC_DISK
|
||||
sed -i 's/^\(GRUB_DEVICE=\).*$/\1""/' /usr/sbin/grub-mkconfig
|
||||
#sed -i 's/^\(GRUB_CMDLINE_LINUX_DEFAULT=\).*$/\1'"'quiet boot=labsync labsync_localboot=\"$LABSYNC\"'/" /etc/default/grub
|
||||
sed -i 's/^\(GRUB_CMDLINE_LINUX=\).*$/\1'"'boot=labsync labsync_localboot=\"$LABSYNC\"'/" /etc/default/grub
|
||||
|
|
|
|||
8
packer/ansible/roles/network-manager/tasks/main.yml
Normal file
8
packer/ansible/roles/network-manager/tasks/main.yml
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
- name: install network-manager
|
||||
apt:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- network-manager
|
||||
- network-manager-gnome
|
||||
4
packer/ansible/roles/packages/defaults/main.yml
Normal file
4
packer/ansible/roles/packages/defaults/main.yml
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
debian_mirror: http://deb.debian.org/debian
|
||||
debian_mirror_security: http://security.debian.org/
|
||||
debian_sections:
|
||||
- main
|
||||
|
|
@ -10,3 +10,8 @@
|
|||
- htop
|
||||
- systemd-sysv
|
||||
- vim-nox
|
||||
- pciutils
|
||||
- usbutils
|
||||
- strace
|
||||
- net-tools
|
||||
- lshw
|
||||
|
|
|
|||
|
|
@ -1,2 +1,3 @@
|
|||
---
|
||||
- import_tasks: sources.yml
|
||||
- import_tasks: debian.yml
|
||||
|
|
|
|||
30
packer/ansible/roles/packages/tasks/sources.yml
Normal file
30
packer/ansible/roles/packages/tasks/sources.yml
Normal file
|
|
@ -0,0 +1,30 @@
|
|||
---
|
||||
- name: install python-apt
|
||||
apt:
|
||||
name: "python-apt"
|
||||
state: present
|
||||
|
||||
- name: clear sources.list
|
||||
copy:
|
||||
content: ""
|
||||
dest: /etc/apt/sources.list
|
||||
|
||||
- name: configure main repo
|
||||
apt_repository:
|
||||
filename: "{{ ansible_distribution_release }}"
|
||||
repo: "deb {{ debian_mirror }} {{ ansible_distribution_release }} {{ debian_sections | join(' ') }}"
|
||||
state: present
|
||||
|
||||
- name: configure updates repo
|
||||
apt_repository:
|
||||
filename: "{{ ansible_distribution_release }}-updates"
|
||||
repo: "deb {{ mirror }} {{ ansible_distribution_release }}-updates {{ debian_sections | join(' ') }}"
|
||||
state: present
|
||||
vars:
|
||||
mirror: "{{ debian_mirror_updates | default(debian_mirror) }}"
|
||||
|
||||
- name: configure security updates repo
|
||||
apt_repository:
|
||||
filename: "{{ ansible_distribution_release }}-security"
|
||||
repo: "deb {{ debian_mirror_security }} {{ ansible_distribution_release }}/updates {{ debian_sections | join(' ') }}"
|
||||
state: present
|
||||
3
packer/ansible/roles/readme_roles.md
Normal file
3
packer/ansible/roles/readme_roles.md
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
* alle „maker-tools“ in fablab
|
||||
* großer Kram in eigene role
|
||||
+ inkscape
|
||||
17
packer/ansible/roles/windowmanager/files/autostart
Executable file
17
packer/ansible/roles/windowmanager/files/autostart
Executable file
|
|
@ -0,0 +1,17 @@
|
|||
#!/bin/bash
|
||||
# set background image
|
||||
gsettings set org.mate.background picture-filename '/etc/lightdm/bg.jpg'
|
||||
|
||||
# set fonts
|
||||
#gsettings set org.mate.interface monospace-font-name 'Monospace 10'
|
||||
gsettings set org.mate.interface font-name 'Roboto 10'
|
||||
gsettings set org.mate.interface document-font-name 'Roboto 10'
|
||||
|
||||
if echo $USER | grep -E 'guest-*'; then
|
||||
gsettings set org.mate.screensaver lock-enabled false
|
||||
zenity \
|
||||
--title="Willkomen im FabLab Bad Windsheim" \
|
||||
--info \
|
||||
--width=500 \
|
||||
--text='Hallo!\n\nDu hast Dich mit einem Gast-Account angemeldet. Alle Daten werden nach der Anmeldung gelöscht. Wenn Du Deine Daten dauerhaft speichern möchtest, lege Dir bitte einene Account an!'
|
||||
fi
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[Desktop Entry]
|
||||
Name=Autostart
|
||||
Type=Application
|
||||
NoDisplay=true
|
||||
Exec=/usr/local/bin/autostart
|
||||
BIN
packer/ansible/roles/windowmanager/files/bg.jpg
Normal file
BIN
packer/ansible/roles/windowmanager/files/bg.jpg
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 231 KiB |
232
packer/ansible/roles/windowmanager/files/guest-account.sh
Normal file
232
packer/ansible/roles/windowmanager/files/guest-account.sh
Normal file
|
|
@ -0,0 +1,232 @@
|
|||
#!/bin/sh -e
|
||||
# (C) 2008 Canonical Ltd.
|
||||
# Author: Martin Pitt <martin.pitt@ubuntu.com>
|
||||
# License: GPL v2 or later
|
||||
# modified by David D Lowe and Thomas Detoux
|
||||
#
|
||||
# Setup user and temporary home directory for guest session.
|
||||
# If this succeeds, this script needs to print the username as the last line to
|
||||
# stdout.
|
||||
|
||||
# github.com/CanonicalLtd/lightdm
|
||||
# debian/guest-account.sh
|
||||
|
||||
export TEXTDOMAINDIR=/usr/share/locale-langpack
|
||||
export TEXTDOMAIN=lightdm
|
||||
|
||||
# set the system wide locale for gettext calls
|
||||
if [ -f /etc/default/locale ]; then
|
||||
. /etc/default/locale
|
||||
LANGUAGE=
|
||||
export LANG LANGUAGE
|
||||
fi
|
||||
|
||||
is_system_user ()
|
||||
{
|
||||
UID_MIN=$(cat /etc/login.defs | grep UID_MIN | awk '{print $2}')
|
||||
SYS_UID_MIN=$(cat /etc/login.defs | grep SYS_UID_MIN | awk '{print $2}')
|
||||
SYS_UID_MAX=$(cat /etc/login.defs | grep SYS_UID_MAX | awk '{print $2}')
|
||||
|
||||
SYS_UID_MIN=${SYS_UID_MIN:-101}
|
||||
SYS_UID_MAX=${SYS_UID_MAX:-$(( UID_MIN - 1 ))}
|
||||
|
||||
[ ${1} -ge ${SYS_UID_MIN} ] && [ ${1} -le ${SYS_UID_MAX} ]
|
||||
}
|
||||
|
||||
add_account ()
|
||||
{
|
||||
temp_home=$(mktemp -td guest-XXXXXX)
|
||||
GUEST_HOME=$(echo ${temp_home} | tr '[:upper:]' '[:lower:]')
|
||||
GUEST_USER=${GUEST_HOME#/tmp/}
|
||||
if [ "${GUEST_HOME}" != "${temp_home}" ]; then
|
||||
mkdir -m 700 "${GUEST_HOME}" || {
|
||||
echo "Failed to create ${GUEST_USER}'s home directory (${GUEST_HOME})"
|
||||
exit 1
|
||||
}
|
||||
rmdir "${temp_home}"
|
||||
fi
|
||||
|
||||
# if ${GUEST_USER} already exists, it must be a locked system account with no existing
|
||||
# home directory
|
||||
if PWSTAT=$(passwd -S ${GUEST_USER}) 2>/dev/null; then
|
||||
if [ $(echo ${PWSTAT} | cut -f2 -d' ') != L ]; then
|
||||
echo "User account ${GUEST_USER} already exists and is not locked"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PWENT=$(getent passwd ${GUEST_USER}) || {
|
||||
echo "getent passwd ${GUEST_USER} failed"
|
||||
exit 1
|
||||
}
|
||||
|
||||
GUEST_UID=$(echo ${PWENT} | cut -f3 -d:)
|
||||
|
||||
if ! is_system_user ${GUEST_UID}; then
|
||||
echo "Account ${GUEST_USER} is not a system user"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
GUEST_HOME=$(echo ${PWENT} | cut -f6 -d:)
|
||||
|
||||
if [ ${GUEST_HOME} != / ] && [ ${GUEST_HOME#/tmp} = ${GUEST_HOME} ] && [ -d ${GUEST_HOME} ]; then
|
||||
echo "Home directory of ${GUEST_USER} already exists"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
# does not exist, so create it
|
||||
useradd --system --home-dir ${GUEST_HOME} --comment $(gettext "Guest") --user-group --shell /bin/bash ${GUEST_USER} || {
|
||||
rm -rf ${GUEST_HOME}
|
||||
exit 1
|
||||
}
|
||||
fi
|
||||
|
||||
dist_gs=/usr/share/lightdm/guest-session
|
||||
site_gs=/etc/guest-session
|
||||
|
||||
# create temporary home directory
|
||||
mount -t tmpfs -o mode=700,uid=${GUEST_USER} none ${GUEST_HOME} || {
|
||||
rm -rf ${GUEST_HOME}
|
||||
exit 1
|
||||
}
|
||||
|
||||
if [ -d ${site_gs}/skel ] && [ "$(ls -A ${site_gs}/skel)" ]; then
|
||||
# Only perform union-mounting if BindFS is available
|
||||
if [ -x /usr/bin/bindfs ]; then
|
||||
bindfs_mount=true
|
||||
|
||||
# Try OverlayFS first
|
||||
if modinfo -n overlay >/dev/null 2>&1; then
|
||||
mkdir ${GUEST_HOME}/upper ${GUEST_HOME}/work
|
||||
chown ${GUEST_USER}:${GUEST_USER} ${GUEST_HOME}/upper ${GUEST_HOME}/work
|
||||
|
||||
mount -t overlay -o lowerdir=${dist_gs}/skel:${site_gs}/skel,upperdir=${GUEST_HOME}/upper,workdir=${GUEST_HOME}/work overlay ${GUEST_HOME} || {
|
||||
umount ${GUEST_HOME}
|
||||
rm -rf ${GUEST_HOME}
|
||||
exit 1
|
||||
}
|
||||
# If OverlayFS is not available, try AuFS
|
||||
elif [ -x /sbin/mount.aufs ]; then
|
||||
mount -t aufs -o br=${GUEST_HOME}:${dist_gs}/skel:${site_gs}/skel none ${GUEST_HOME} || {
|
||||
umount ${GUEST_HOME}
|
||||
rm -rf ${GUEST_HOME}
|
||||
exit 1
|
||||
}
|
||||
# If none of them is available, fall back to copy over
|
||||
else
|
||||
cp -rT ${site_gs}/skel/ ${GUEST_HOME}
|
||||
cp -rT ${dist_gs}/skel/ ${GUEST_HOME}
|
||||
chown -R ${GUEST_USER}:${GUEST_USER} ${GUEST_HOME}
|
||||
bindfs_mount=false
|
||||
fi
|
||||
|
||||
if ${bindfs_mount}; then
|
||||
# Wrap ${GUEST_HOME} in a BindFS mount, so that
|
||||
# ${GUEST_USER} will be seen as the owner of ${GUEST_HOME}'s contents.
|
||||
bindfs -u ${GUEST_USER} -g ${GUEST_USER} ${GUEST_HOME} ${GUEST_HOME} || {
|
||||
umount ${GUEST_HOME} # union mount
|
||||
umount ${GUEST_HOME} # tmpfs mount
|
||||
rm -rf ${GUEST_HOME}
|
||||
exit 1
|
||||
}
|
||||
fi
|
||||
# If BindFS is not available, just fall back to copy over
|
||||
else
|
||||
cp -rT ${site_gs}/skel/ ${GUEST_HOME}
|
||||
cp -rT ${dist_gs}/skel/ ${GUEST_HOME}
|
||||
chown -R ${GUEST_USER}:${GUEST_USER} ${GUEST_HOME}
|
||||
fi
|
||||
else
|
||||
cp -rT /etc/skel/ ${GUEST_HOME}
|
||||
cp -rT ${dist_gs}/skel/ ${GUEST_HOME}
|
||||
chown -R ${GUEST_USER}:${GUEST_USER} ${GUEST_HOME}
|
||||
fi
|
||||
|
||||
# setup session
|
||||
su ${GUEST_USER} -c "env HOME=${GUEST_HOME} site_gs=${site_gs} ${dist_gs}/setup.sh"
|
||||
|
||||
# set possible local guest session preferences
|
||||
source_local_prefs() {
|
||||
local USER=${GUEST_USER}
|
||||
local HOME=${GUEST_HOME}
|
||||
. ${site_gs}/prefs.sh
|
||||
chown -R ${USER}:${USER} ${HOME}
|
||||
}
|
||||
if [ -f ${site_gs}/prefs.sh ]; then
|
||||
source_local_prefs
|
||||
fi
|
||||
|
||||
echo ${GUEST_USER}
|
||||
}
|
||||
|
||||
remove_account ()
|
||||
{
|
||||
GUEST_USER=${1}
|
||||
|
||||
PWENT=$(getent passwd ${GUEST_USER}) || {
|
||||
echo "Error: invalid user ${GUEST_USER}"
|
||||
exit 1
|
||||
}
|
||||
|
||||
GUEST_UID=$(echo ${PWENT} | cut -f3 -d:)
|
||||
|
||||
if ! is_system_user ${GUEST_UID}; then
|
||||
echo "Error: user ${GUEST_USER} is not a system user."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
GUEST_HOME=$(echo ${PWENT} | cut -f6 -d:)
|
||||
|
||||
# kill all remaining processes
|
||||
if [ -x /bin/loginctl ] || [ -x /usr/bin/loginctl ]; then
|
||||
loginctl --signal=9 kill-user ${GUEST_USER} >/dev/null || true
|
||||
else
|
||||
while ps h -u ${GUEST_USER} >/dev/null
|
||||
do
|
||||
killall -9 -u ${GUEST_USER} || true
|
||||
sleep 0.2;
|
||||
done
|
||||
fi
|
||||
|
||||
if [ ${GUEST_HOME} = ${GUEST_HOME#/tmp/} ]; then
|
||||
echo "Warning: home directory ${GUEST_HOME} is not in /tmp/. It won't be removed."
|
||||
else
|
||||
umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # BindFS mount
|
||||
umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # union mount
|
||||
umount ${GUEST_HOME} || umount -l ${GUEST_HOME} || true # tmpfs mount
|
||||
rm -rf ${GUEST_HOME}
|
||||
fi
|
||||
|
||||
# remove leftovers in /tmp
|
||||
find /tmp -mindepth 1 -maxdepth 1 -uid ${GUEST_UID} -print0 | xargs -0 rm -rf || true
|
||||
|
||||
# remove possible {/run,}/media/guest-XXXXXX folder
|
||||
for media_dir in /run/media/${GUEST_USER} /media/${GUEST_USER}; do
|
||||
if [ -d ${media_dir} ]; then
|
||||
for dir in $(find ${media_dir} -mindepth 1 -maxdepth 1); do
|
||||
umount ${dir} || true
|
||||
done
|
||||
|
||||
rmdir ${media_dir} || true
|
||||
fi
|
||||
done
|
||||
|
||||
userdel --force ${GUEST_USER}
|
||||
}
|
||||
|
||||
case ${1} in
|
||||
add)
|
||||
add_account
|
||||
;;
|
||||
remove)
|
||||
if [ -z ${2} ] ; then
|
||||
echo "Usage: ${0} remove [account]"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
remove_account ${2}
|
||||
;;
|
||||
*)
|
||||
echo "Usage: ${0} add"
|
||||
echo " ${0} remove [account]"
|
||||
exit 1
|
||||
esac
|
||||
|
|
@ -0,0 +1,36 @@
|
|||
#!/bin/sh
|
||||
|
||||
# github.com/CanonicalLtd/lightdm
|
||||
# debian/guest-session-setup.sh
|
||||
|
||||
HOME=${HOME:-$(getent passwd $(whoami) | cut -f6 -d:)}
|
||||
|
||||
# disable some services that are unnecessary for the guest session
|
||||
services="jockey-kde.desktop jockey-gtk.desktop update-notifier.desktop user-dirs-update-gtk.desktop"
|
||||
|
||||
for service in ${services}; do
|
||||
if [ -e /etc/xdg/autostart/${service} ]; then
|
||||
[ -f ${HOME}/.config/autostart/${service} ] || cp /etc/xdg/autostart/${service} ${HOME}/.config/autostart
|
||||
echo "X-GNOME-Autostart-enabled=false" >> ${HOME}/.config/autostart/${service}
|
||||
fi
|
||||
done
|
||||
|
||||
# disable Unity shortcut hint
|
||||
[ -d ${HOME}/.cache/unity ] || mkdir -p ${HOME}/.cache/unity
|
||||
touch ${HOME}/.cache/unity/first_run.stamp
|
||||
|
||||
[ -d ${HOME}/.kde/share/config ] || mkdir -p ${HOME}/.kde/share/config
|
||||
echo "[Basic Settings]" >> ${HOME}/.kde/share/config/nepomukserverrc
|
||||
echo "Start Nepomuk=false" >> ${HOME}/.kde/share/config/nepomukserverrc
|
||||
|
||||
echo "[Event]" >> ${HOME}/.kde/share/config/notificationhelper
|
||||
echo "hideHookNotifier=true" >> ${HOME}/.kde/share/config/notificationhelper
|
||||
echo "hideInstallNotifier=true" >> ${HOME}/.kde/share/config/notificationhelper
|
||||
echo "hideRestartNotifier=true" >> ${HOME}/.kde/share/config/notificationhelper
|
||||
|
||||
# Load restricted session
|
||||
#dmrc='[Desktop]\nSession=guest-restricted'
|
||||
#/bin/echo -e ${dmrc} > ${HOME}/.dmrc
|
||||
|
||||
# delay the launch of info dialog
|
||||
echo "export DIALOG_SLEEP=4" >> ${HOME}/.profile
|
||||
5
packer/ansible/roles/windowmanager/tasks/awesome.yml
Normal file
5
packer/ansible/roles/windowmanager/tasks/awesome.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- name: install awesome
|
||||
apt:
|
||||
name: "awesome"
|
||||
state: present
|
||||
70
packer/ansible/roles/windowmanager/tasks/lightdm.yml
Normal file
70
packer/ansible/roles/windowmanager/tasks/lightdm.yml
Normal file
|
|
@ -0,0 +1,70 @@
|
|||
---
|
||||
- name: install lightdm
|
||||
apt:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items:
|
||||
- lightdm
|
||||
- lightdm-gtk-greeter
|
||||
- fonts-roboto
|
||||
|
||||
- name: get background image for lightdm
|
||||
copy:
|
||||
src: bg.jpg
|
||||
dest: /etc/lightdm/bg.jpg
|
||||
|
||||
- name: configure lightdm-gtk-greeter
|
||||
ini_file:
|
||||
path: /etc/lightdm/lightdm-gtk-greeter.conf
|
||||
section: greeter
|
||||
option: "{{ item.option }}"
|
||||
value: "{{ item.value }}"
|
||||
with_items:
|
||||
- option: background
|
||||
value: /etc/lightdm/bg.jpg
|
||||
- option: font-name
|
||||
value: Roboto
|
||||
- option: hide-user-image
|
||||
value: "true"
|
||||
- option: panel-position
|
||||
value: bottom
|
||||
- option: clock-format
|
||||
value: "%A, %d.%m.%Y %H:%M:%S"
|
||||
|
||||
- name: genereate guest-session directory
|
||||
file:
|
||||
path: /usr/share/lightdm/guest-session
|
||||
state: directory
|
||||
|
||||
- name: link guest-session configs
|
||||
file:
|
||||
src: /etc/skel
|
||||
dest: /usr/share/lightdm/guest-session/skel
|
||||
state: link
|
||||
|
||||
- name: copy guest-account scripts
|
||||
copy:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
mode: "0755"
|
||||
with_items:
|
||||
- src: guest-session-setup.sh
|
||||
dest: /usr/share/lightdm/guest-session/setup.sh
|
||||
- src: guest-account.sh
|
||||
dest: /usr/local/sbin/guest-account
|
||||
|
||||
- name: configure lightdm
|
||||
ini_file:
|
||||
path: /etc/lightdm/lightdm.conf
|
||||
section: "Seat:*"
|
||||
option: "{{ item.option }}"
|
||||
value: "{{ item.value }}"
|
||||
with_items:
|
||||
- option: allow-guest
|
||||
value: "true"
|
||||
- option: greeter-allow-guest
|
||||
value: "true"
|
||||
- option: user-session
|
||||
value: MATE
|
||||
- option: guest-session
|
||||
value: MATE
|
||||
10
packer/ansible/roles/windowmanager/tasks/main.yml
Normal file
10
packer/ansible/roles/windowmanager/tasks/main.yml
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
- import_tasks: lightdm.yml
|
||||
tags:
|
||||
- windowmanager:lightdm
|
||||
- import_tasks: awesome.yml
|
||||
tags:
|
||||
- windowmanager:awesome
|
||||
- import_tasks: mate.yml
|
||||
tags:
|
||||
- windowmanager:mate
|
||||
21
packer/ansible/roles/windowmanager/tasks/mate.yml
Normal file
21
packer/ansible/roles/windowmanager/tasks/mate.yml
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
---
|
||||
- name: install mate
|
||||
apt:
|
||||
name: "task-mate-desktop"
|
||||
state: present
|
||||
|
||||
- name: copy autostart script
|
||||
copy:
|
||||
src: autostart
|
||||
dest: /usr/local/bin/autostart
|
||||
mode: "0775"
|
||||
|
||||
- name: create autostart directory
|
||||
file:
|
||||
path: /etc/skel/.config/autostart/
|
||||
state: directory
|
||||
|
||||
- name: copy autostart desktop file
|
||||
copy:
|
||||
src: autostart.desktop
|
||||
dest: /etc/skel/.config/autostart/autostart.desktop
|
||||
|
|
@ -1,5 +1,11 @@
|
|||
{
|
||||
"variables": {
|
||||
"name": "{{env `NAME`}}",
|
||||
"squashfs_file": "{{env `NAME`}}.squashfs",
|
||||
"initramfs_file": "{{env `NAME`}}.initramfs",
|
||||
"linux_file": "{{env `NAME`}}.linux",
|
||||
"compression_level": "{{env `COMPRESSION_LEVEL`}}",
|
||||
"images": "{{env `IMAGES`}}",
|
||||
"ci_job_id": "{{env `CI_JOB_ID`}}",
|
||||
"ci_commit_sha": "{{env `CI_COMMIT_SHA`}}",
|
||||
"ci_commit_tag": "{{env `CI_COMMIT_TAG`}}",
|
||||
|
|
@ -16,7 +22,15 @@
|
|||
{
|
||||
"type": "docker",
|
||||
"image": "debian:stretch",
|
||||
"export_path": "build/rootfs.tar"
|
||||
"discard": true,
|
||||
"run_command": [
|
||||
"-d",
|
||||
"-i",
|
||||
"-t",
|
||||
"-v", "{{user `images`}}:/tmp/images",
|
||||
"{{.Image}}",
|
||||
"/bin/bash"
|
||||
]
|
||||
}
|
||||
],
|
||||
"provisioners": [
|
||||
|
|
@ -59,9 +73,8 @@
|
|||
"echo 'RESUME=none' > /etc/initramfs-tools/conf.d/resume",
|
||||
"mkdir /usr/local/boot",
|
||||
"apt-get -f -y install aria2 linux-image-amd64 lvm2",
|
||||
"mkdir /artifacts",
|
||||
"cp $(find /boot/ -name 'initrd.img-*' | sort -V | tail -n 1) /artifacts/initramfs",
|
||||
"cp $(find /boot/ -name 'vmlinuz-*' | sort -V | tail -n 1) /artifacts/linux"
|
||||
"cp $(find /boot/ -name 'initrd.img-*' | sort -V | tail -n 1) '/tmp/images/{{user `initramfs_file`}}'",
|
||||
"cp $(find /boot/ -name 'vmlinuz-*' | sort -V | tail -n 1) '/tmp/images/{{user `linux_file`}}'"
|
||||
]
|
||||
},
|
||||
{
|
||||
|
|
@ -76,6 +89,31 @@
|
|||
{
|
||||
"type": "shell",
|
||||
"inline": [ "rm /boot && mkdir /boot" ]
|
||||
},
|
||||
{
|
||||
"type": "shell",
|
||||
"inline": [
|
||||
"set -x",
|
||||
"apt-get -y install squashfs-tools",
|
||||
"dpkg -L squashfs-tools liblzo2-2 | while read f; do [ -f \"$f\" ] && echo \"$f\"; done > /tmp/ignore_files",
|
||||
"echo '/etc/resolv.conf' >> /tmp/ignore_files",
|
||||
"echo '/etc/hostname' >> /tmp/ignore_files",
|
||||
"echo '/etc/hosts' >> /tmp/ignore_files",
|
||||
"mkdir -p /tmp/extra/tmp /tmp/extra/proc /tmp/extra/sys /tmp/extra/etc"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "file",
|
||||
"source": "hosts",
|
||||
"destination": "/tmp/extra/etc/hosts"
|
||||
},
|
||||
{
|
||||
"type": "shell",
|
||||
"inline": [
|
||||
"if [ -e '/tmp/images/{{user `squashfs_file`}}' ]; then rm '/tmp/images/{{user `squashfs_file`}}'; fi",
|
||||
"squashfs_content=\"$(find / -mindepth 1 -maxdepth 1 | grep -vE '^/(proc|sys|tmp|[.]dockerenv|packer-files)$')\"",
|
||||
"mksquashfs $squashfs_content /tmp/extra/* '/tmp/images/{{user `squashfs_file`}}' -comp lzo -Xcompression-level {{user `compression_level`}} -ef /tmp/ignore_files"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
|||
6
packer/hosts
Normal file
6
packer/hosts
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
127.0.0.1 localhost
|
||||
127.0.1.1 @@HOSTNAME@@
|
||||
|
||||
::1 localhost ip6-localhost ip6-loopback
|
||||
ff02::1 ip6-allnodes
|
||||
ff02::2 ip6-allrouters
|
||||
|
|
@ -1,10 +1,10 @@
|
|||
#!/bin/sh
|
||||
|
||||
labsync_set_environment() {
|
||||
if grep -q "^${1}=" /root/etc/environment; then
|
||||
sed -i "s/^\(${1}\)=.*$/\1='${2}'/" /root/etc/environment
|
||||
if grep -q "^${1}=" /${rootmnt}/etc/environment; then
|
||||
sed -i "s/^\(${1}\)=.*$/\1='${2}'/" /${rootmnt}/etc/environment
|
||||
else
|
||||
echo "${1}='${2}'" >> /root/etc/environment
|
||||
echo "${1}='${2}'" >> /${rootmnt}/etc/environment
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
@ -95,38 +95,36 @@ labsync_mount_root() {
|
|||
lv_name_overlay="ovly-$torrent_name"
|
||||
|
||||
labsync_info "Updating partitions"
|
||||
size_disk=$(blockdev --getsz ${labsync_disk})
|
||||
size_disk=$(blockdev --getsz /dev/${labsync_disk})
|
||||
size_part_1=$((labsync_partsize_boot * 1024 * 1024 / 512))
|
||||
size_part_2=$(((size_disk - labsync_partsize_boot) * 1024 * 1024 / 512))
|
||||
start_part_2=$((size_part_1 + 2048))
|
||||
|
||||
dmsetup ls --tree
|
||||
|
||||
lvm vgs -o NAME --noheadings | while read vg; do
|
||||
if [ "$vg" != "$vg_name" ]; then
|
||||
lvm vgchange -an "$vg"
|
||||
find /dev -mindepth 1 -maxdepth 1 -name "$vg" -exec dmsetup remove '{}' \;
|
||||
lvm pvs -o PV_NAME,VG_NAME --noheadings | while read pv vg; do
|
||||
if echo "$pv" | grep -q "^/dev/${labsync_disk}"; then
|
||||
lvm vgchange -a n "$vg"
|
||||
lvm vgexport $vg
|
||||
fi
|
||||
done
|
||||
|
||||
dmsetup ls --tree
|
||||
|
||||
sfdisk --force -q ${labsync_disk} << PARTTABLE
|
||||
sfdisk --force -q /dev/${labsync_disk} << PARTTABLE
|
||||
label: dos
|
||||
label-id: 0xdeadbeef
|
||||
device: ${labsync_disk}
|
||||
device: /dev/${labsync_disk}
|
||||
unit: sectors
|
||||
|
||||
${labsync_disk}1 : start= 2048, size= $size_part_1, type=83
|
||||
${labsync_disk}2 : start=$start_part_2, size= $size_part_2, type=8e
|
||||
/dev/${labsync_disk}1 : start= 2048, size= $size_part_1, type=83
|
||||
/dev/${labsync_disk}2 : start=$start_part_2, size= $size_part_2, type=8e
|
||||
PARTTABLE
|
||||
|
||||
while ! blockdev --rereadpt /dev/sda; do
|
||||
sleep 1
|
||||
done
|
||||
lvm vgimport -a
|
||||
|
||||
labsync_info "Doing lvm stuff"
|
||||
pv_device="${labsync_disk}2"
|
||||
pv_device="/dev/${labsync_disk}2"
|
||||
|
||||
lvm pvcreate -t "$pv_device"
|
||||
pvstatus=$?
|
||||
|
|
@ -141,8 +139,10 @@ PARTTABLE
|
|||
lvm vgcreate "$vg_name" "$pv_device"
|
||||
fi
|
||||
|
||||
lvm lvchange -ay vglab
|
||||
|
||||
labsync_create_or_resize_lv "$vg_name" "$lv_name_sqashfs" $((image_size_bytes * 2)) $image_size_bytes
|
||||
labsync_create_or_resize_lv "$vg_name" "$lv_name_overlay" $((500 * 1024 * 1024))
|
||||
labsync_create_or_resize_lv "$vg_name" "$lv_name_overlay" $((10000 * 1024 * 1024))
|
||||
|
||||
#lvm vgchange -ay "$vg_name"
|
||||
#lvm lvscan -a --ignorelockingfailure
|
||||
|
|
@ -175,18 +175,25 @@ PARTTABLE
|
|||
|
||||
labsync_info "Mounting squashfs and overlay"
|
||||
modprobe overlay
|
||||
mkdir -p /root
|
||||
mkdir /ro_root /rw_root
|
||||
mount -t squashfs "$(realpath "$lv_path_squashfs")" /ro_root
|
||||
mount -t ext4 "$lv_path_overlay" /rw_root
|
||||
mkdir -p /rw_root/upper /rw_root/work
|
||||
mount -t overlay overlay -o lowerdir=/ro_root,upperdir=/rw_root/upper,workdir=/rw_root/work /root
|
||||
mkdir -p /rom /overlay
|
||||
mount -t squashfs "$(realpath "$lv_path_squashfs")" /rom
|
||||
mount -t ext4 "$lv_path_overlay" /overlay
|
||||
mkdir -p /overlay/upper /overlay/work
|
||||
mount -t overlay overlay -o lowerdir=/rom,upperdir=/overlay/upper,workdir=/overlay/work ${rootmnt}
|
||||
mkdir -p ${rootmnt}/overlay ${rootmnt}/rom
|
||||
mount -n -o move /overlay ${rootmnt}/overlay
|
||||
mount -n -o move /rom ${rootmnt}/rom
|
||||
|
||||
hostname=$(ip -o link show | sed -ne 's#^.*link/ether \([0-9a-f:]*\).*$#\1#p' | sed -ne '1{s/://g;p}')
|
||||
echo $hostname > ${rootmnt}/etc/hostname
|
||||
sed -i "s/@@HOSTNAME@@/$hostname/" ${rootmnt}/etc/hosts
|
||||
|
||||
if [ -z "$labsync_localboot" ]; then
|
||||
labsync_set_environment LABSYNC "$torrent_name"
|
||||
labsync_set_environment LABSYNC_TORRENT "${labsync_torrent}"
|
||||
labsync_set_environment LABSYNC_SQUASHFS_FILE "$squashfs_file"
|
||||
labsync_set_environment LABSYNC_SQUASHFS_LV "$lv_path_squashfs"
|
||||
labsync_set_environment LABSYNC_DISK "$labsync_disk"
|
||||
fi
|
||||
|
||||
case "$labsync_wait" in
|
||||
|
|
|
|||
2
txt.cfg
2
txt.cfg
|
|
@ -1,7 +1,7 @@
|
|||
label labsync
|
||||
menu label ^labsync
|
||||
kernel images/debian-stretch.linux
|
||||
append initrd=images/debian-stretch.initramfs.dev boot=labsync labsync_disk=/dev/sda labsync_partsize_boot=512 labsync_torrent=http://10.2.2.1/debian-stretch.torrent quiet vga=792 ip=10.2.2.10:::255.255.255.0:qemu-host:ens3:off labsync_wait=pause
|
||||
append initrd=images/debian-stretch.initramfs.dev boot=labsync labsync_disk=sda labsync_partsize_boot=512 labsync_torrent=http://10.2.2.1/debian-stretch.torrent quiet vga=792 ip=10.2.2.10:::255.255.255.0:qemu-host:ens3:off labsync_wait=pause
|
||||
|
||||
label install
|
||||
menu label ^Install
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue