diff --git a/.drone.yml b/.drone.yml index de2bf48..0bb530d 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,6 +1,6 @@ kind: pipeline type: exec -name: packer +name: packer-ubuntu platform: os: linux @@ -9,4 +9,17 @@ platform: steps: - name: ubuntu commands: - - packer build ubuntu/ubuntu-20.04-amd64.json \ No newline at end of file + - packer build ubuntu/ubuntu-20.04-amd64.json +--- +kind: pipeline +type: exec +name: packer-debian + +platform: + os: linux + arch: amd64 + +steps: + - name: debian + commands: + - packer build debian/debian-11.2-amd64.json \ No newline at end of file diff --git a/debian/debian-11.2-amd64.json b/debian/debian-11.2-amd64.json new file mode 100644 index 0000000..0e6f254 --- /dev/null +++ b/debian/debian-11.2-amd64.json @@ -0,0 +1,94 @@ +{ + "builders": [ + { + "boot_command": [ + "", + "install ", + " preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/{{user `preseed_path`}} ", + "debian-installer=en_US.UTF-8 ", + "auto ", + "locale=en_US.UTF-8 ", + "kbd-chooser/method=us ", + "keyboard-configuration/xkb-keymap=us ", + "netcfg/get_hostname={{ .Name }} ", + "netcfg/get_domain=vagrantup.com ", + "fb=false ", + "debconf/frontend=noninteractive ", + "console-setup/ask_detect=false ", + "console-keymaps-at/keymap=us ", + "grub-installer/bootdev=/dev/vda ", + "" + ], + "boot_wait": "5s", + "cpus": "{{ user `cpus` }}", + "disk_size": "{{user `disk_size`}}", + "headless": "{{ user `headless` }}", + "http_directory": "{{user `http_directory`}}", + "iso_checksum": "{{user `iso_checksum`}}", + "iso_url": "{{user `mirror`}}/{{user `mirror_directory`}}/{{user `iso_name`}}", + "memory": "{{ user `memory` }}", + "output_directory": "{{ user `build_directory` }}/packer-{{user `template`}}-qemu", + "shutdown_command": "echo 'debian' | sudo -S /sbin/shutdown -hP now", + "ssh_password": "debian", + "ssh_port": 22, + "ssh_timeout": "10000s", + "ssh_username": "debian", + "type": "qemu", + "vm_name": "{{ user `template` }}", + "qemuargs": [ + [ "-m", "{{ user `memory` }}" ], + [ "-display", "{{ user `qemu_display` }}" ] + ] + } + ], + "post-processors": [ + { + "output": "{{ user `build_directory` }}/{{user `box_basename`}}.img.gz", + "type": "compress" + } + ], + "provisioners": [ + { + "environment_vars": [ + "HOME_DIR=/home/debian", + "http_proxy={{user `http_proxy`}}", + "https_proxy={{user `https_proxy`}}", + "no_proxy={{user `no_proxy`}}" + ], + "execute_command": "echo 'debian' | {{.Vars}} sudo -S -E sh -eux '{{.Path}}'", + "expect_disconnect": true, + "scripts": [ + "{{template_dir}}/scripts/update.sh", + "{{template_dir}}/scripts/networking.sh", + "{{template_dir}}/scripts/systemd.sh", + "{{template_dir}}/scripts/cleanup.sh", + "{{template_dir}}/../_common/minimize.sh" + ], + "type": "shell" + } + ], + "variables": { + "box_basename": "debian-11.2", + "build_directory": "../../builds", + "build_timestamp": "{{isotime \"20060102150405\"}}", + "cpus": "2", + "disk_size": "65536", + "git_revision": "__unknown_git_revision__", + "guest_additions_url": "", + "headless": "", + "http_directory": "{{template_dir}}/http", + "http_proxy": "{{env `http_proxy`}}", + "https_proxy": "{{env `https_proxy`}}", + "iso_checksum": "45c9feabba213bdc6d72e7469de71ea5aeff73faea6bfb109ab5bad37c3b43bd", + "iso_name": "debian-11.2.0-amd64-netinst.iso", + "memory": "1024", + "mirror": "http://cdimage.debian.org/cdimage/release", + "mirror_directory": "11.2.0/amd64/iso-cd", + "name": "debian-11.2", + "no_proxy": "{{env `no_proxy`}}", + "preseed_path": "debian-9/preseed.cfg", + "qemu_display": "none", + "template": "debian-11.2-amd64", + "version": "TIMESTAMP" + } +} diff --git a/debian/http/debian-9/preseed.cfg b/debian/http/debian-9/preseed.cfg new file mode 100644 index 0000000..34eb977 --- /dev/null +++ b/debian/http/debian-9/preseed.cfg @@ -0,0 +1,47 @@ +choose-mirror-bin mirror/http/proxy string +d-i apt-setup/use_mirror boolean true +d-i base-installer/kernel/override-image string linux-server +d-i clock-setup/utc boolean true +d-i clock-setup/utc-auto boolean true +d-i finish-install/reboot_in_progress note +d-i grub-installer/only_debian boolean true +d-i grub-installer/with_other_os boolean true +d-i keymap select us +d-i mirror/country string manual +d-i mirror/http/directory string /debian +d-i mirror/http/hostname string httpredir.debian.org +d-i mirror/http/proxy string +d-i partman-auto-lvm/guided_size string max +d-i partman-auto/choose_recipe select atomic +d-i partman-auto/method string lvm +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true +d-i partman-lvm/device_remove_lvm boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true +d-i partman/confirm_write_new_label boolean true +d-i passwd/root-login boolean false +d-i passwd/root-password-again password debian +d-i passwd/root-password password debian +d-i passwd/user-fullname string debian +d-i passwd/user-uid string 1000 +d-i passwd/user-password password debian +d-i passwd/user-password-again password debian +d-i passwd/username string debian +d-i pkgsel/include string sudo bzip2 acpid cryptsetup zlib1g-dev wget curl dkms fuse make nfs-common net-tools cifs-utils rsync +d-i pkgsel/install-language-support boolean false +d-i pkgsel/update-policy select none +d-i pkgsel/upgrade select full-upgrade +# Prevent packaged version of VirtualBox Guest Additions being installed: +d-i preseed/early_command string sed -i \ + '/in-target/idiscover(){/sbin/discover|grep -v VirtualBox;}' \ + /usr/lib/pre-pkgsel.d/20install-hwpackages +d-i time/zone string UTC +d-i user-setup/allow-password-weak boolean true +d-i user-setup/encrypt-home boolean false +d-i preseed/late_command string sed -i '/^deb cdrom:/s/^/#/' /target/etc/apt/sources.list +apt-cdrom-setup apt-setup/cdrom/set-first boolean false +apt-mirror-setup apt-setup/use_mirror boolean true +popularity-contest popularity-contest/participate boolean false +tasksel tasksel/first multiselect standard, ssh-server diff --git a/debian/scripts/cleanup.sh b/debian/scripts/cleanup.sh new file mode 100644 index 0000000..5b589a6 --- /dev/null +++ b/debian/scripts/cleanup.sh @@ -0,0 +1,61 @@ +#!/bin/sh -eux + +echo "remove linux-headers" +dpkg --list \ + | awk '{ print $2 }' \ + | grep 'linux-headers' \ + | xargs apt-get -y purge; + +echo "remove specific Linux kernels, such as linux-image-4.9.0-13-amd64 but keeps the current kernel and does not touch the virtual packages" +dpkg --list \ + | awk '{ print $2 }' \ + | grep 'linux-image-[234].*' \ + | grep -v `uname -r` \ + | xargs apt-get -y purge; + +echo "remove linux-source package" +dpkg --list \ + | awk '{ print $2 }' \ + | grep linux-source \ + | xargs apt-get -y purge; + +echo "remove all development packages" +dpkg --list \ + | awk '{ print $2 }' \ + | grep -- '-dev\(:[a-z0-9]\+\)\?$' \ + | xargs apt-get -y purge; + +echo "remove X11 libraries" +apt-get -y purge libx11-data xauth libxmuu1 libxcb1 libx11-6 libxext6; + +echo "remove obsolete networking packages" +apt-get -y purge ppp pppconfig pppoeconf; + +echo "remove popularity-contest package" +apt-get -y purge popularity-contest; + +echo "remove installation-report package" +apt-get -y purge installation-report; + +echo "autoremoving packages and cleaning apt data" +apt-get -y autoremove; +apt-get -y clean; + +echo "remove /var/cache" +find /var/cache -type f -exec rm -rf {} \; + +echo "truncate any logs that have built up during the install" +find /var/log -type f -exec truncate --size=0 {} \; + +echo "blank netplan machine-id (DUID) so machines get unique ID generated on boot" +truncate -s 0 /etc/machine-id + +echo "remove the contents of /tmp and /var/tmp" +rm -rf /tmp/* /var/tmp/* + +echo "force a new random seed to be generated" +rm -f /var/lib/systemd/random-seed + +echo "clear the history so our install isn't there" +rm -f /root/.wget-hsts +export HISTSIZE=0 \ No newline at end of file diff --git a/debian/scripts/networking.sh b/debian/scripts/networking.sh new file mode 100644 index 0000000..a574c69 --- /dev/null +++ b/debian/scripts/networking.sh @@ -0,0 +1,9 @@ +#!/bin/sh -eux + +# Disable Predictable Network Interface names and use eth0 +sed -i 's/en[[:alnum:]]*/eth0/g' /etc/network/interfaces; +sed -i 's/GRUB_CMDLINE_LINUX="\(.*\)"/GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0 \1"/g' /etc/default/grub; +update-grub; + +# Adding a 2 sec delay to the interface up, to make the dhclient happy +echo "pre-up sleep 2" >> /etc/network/interfaces diff --git a/debian/scripts/systemd.sh b/debian/scripts/systemd.sh new file mode 100644 index 0000000..2d1b5a7 --- /dev/null +++ b/debian/scripts/systemd.sh @@ -0,0 +1,4 @@ +#!/bin/sh -eux + +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751636 +apt-get install libpam-systemd diff --git a/debian/scripts/update.sh b/debian/scripts/update.sh new file mode 100644 index 0000000..2053de6 --- /dev/null +++ b/debian/scripts/update.sh @@ -0,0 +1,28 @@ +#!/bin/sh -eux + +arch="`uname -r | sed 's/^.*[0-9]\{1,\}\.[0-9]\{1,\}\.[0-9]\{1,\}\(-[0-9]\{1,2\}\)-//'`" +debian_version="`lsb_release -r | awk '{print $2}'`"; +major_version="`echo $debian_version | awk -F. '{print $1}'`"; + +# Disable systemd apt timers/services +systemctl stop apt-daily.timer; +systemctl stop apt-daily-upgrade.timer; +systemctl disable apt-daily.timer; +systemctl disable apt-daily-upgrade.timer; +systemctl mask apt-daily.service; +systemctl mask apt-daily-upgrade.service; +systemctl daemon-reload; + +# Disable periodic activities of apt +cat </etc/apt/apt.conf.d/10periodic; +APT::Periodic::Enable "0"; +APT::Periodic::Update-Package-Lists "0"; +APT::Periodic::Download-Upgradeable-Packages "0"; +APT::Periodic::AutocleanInterval "0"; +APT::Periodic::Unattended-Upgrade "0"; +EOF + +apt-get update; + +apt-get -y upgrade linux-image-$arch; +apt-get -y install linux-headers-`uname -r`;