diff --git a/packer/.gitignore b/packer/.gitignore new file mode 100644 index 0000000..5afe6ad --- /dev/null +++ b/packer/.gitignore @@ -0,0 +1,6 @@ +*-manifest.json +*.pem +*.sig +*.asc +secret* + diff --git a/packer/archlinux.pkr.hcl b/packer/archlinux.pkr.hcl index 65674a8..9d9ed35 100644 --- a/packer/archlinux.pkr.hcl +++ b/packer/archlinux.pkr.hcl @@ -1,6 +1,6 @@ variable "extra-packages" { type = list(string) - default = [] + default = ["python","sudo","inetutils","zsh"] } variable "hcloud-servertype" { diff --git a/packer/files/archlinux/install.sh b/packer/files/archlinux/install.sh index f85104b..c01355f 100644 --- a/packer/files/archlinux/install.sh +++ b/packer/files/archlinux/install.sh @@ -34,7 +34,7 @@ set -euo pipefail echo 'Server = ${ARCH_MIRROR}/\$repo/os/\$arch' > /etc/pacman.d/mirrorlist pacman-key --init pacman-key --populate archlinux -pacstrap /mnt base linux grub nano btrfs-progs openssh curl jq python-yaml $EXTRA_PACKAGES +pacstrap /mnt base linux grub nano btrfs-progs openssh curl jq python-yaml systemd-resolvconf $EXTRA_PACKAGES # fstab genfstab -U /mnt > /mnt/etc/fstab @@ -53,7 +53,9 @@ hwclock --systohc # locale echo 'KEYMAP=${KEYMAP}' > /etc/vconsole.conf echo '${LOCALE} UTF-8' > /etc/locale.gen -echo 'LANG=${LOCALE}' > /etc/locale.conf +if [ "$LOCALE" != "en_US.UTF-8" ]; then + echo 'en_US.UTF-8 UTF8' >> /etc/locale.gen +fi locale-gen # network @@ -79,10 +81,15 @@ done # misc systemctl set-default multi-user.target usermod -L root +useradd -m -s /bin/bash ansible +mkdir /home/ansible/.ssh +echo 'ansible ALL = (ALL) NOPASSWD:ALL' > /etc/sudoers.d/ansible + echo 'archlinux' > /etc/hostname EOF +ln -sf ../run/systemd/resolve/stub-resolv.conf /mnt/etc/resolv.conf # clean up rm /mnt/root/.bash_history rm -r /mnt/var/cache/* diff --git a/packer/files/archlinux/root/etc/systemd/system/hcloud-ssh-keys.service b/packer/files/archlinux/root/etc/systemd/system/hcloud-ssh-keys.service index bace375..ac3151f 100644 --- a/packer/files/archlinux/root/etc/systemd/system/hcloud-ssh-keys.service +++ b/packer/files/archlinux/root/etc/systemd/system/hcloud-ssh-keys.service @@ -8,7 +8,7 @@ ConditionPathExists=!/root/.ssh/authorized_keys Type=oneshot DynamicUser=yes ExecStart=/usr/bin/jq -r '.ssh_keys|join("\n")' /etc/hcloud-metadata.json -StandardOutput=truncate:/root/.ssh/authorized_keys +StandardOutput=truncate:/home/ansible/.ssh/authorized_keys [Install] WantedBy=multi-user.target