Merge branch 'main' into renovate/ghcr.io-linuxserver-kasm

Author: Matt Reeves

.gitignore

@@ -42,3 +42,5 @@ terraform.rc
 ## Kubernetes
 /kubernetes/cluster/apps/staging
 
+## Packer
+credentials.pkr.hcl

README.md

@@ -3,7 +3,8 @@ Currently migrating [Auto-Homelab](https://git.mafyuh.dev/mafyuh/Auto-Homelab),
 
 ToDo
 - [ ] Update Readme
-- [x] Migrate all containers to use this repo (DB migrations)
+- [ ] Update Issue Templates
+- [x] Migrate all containers to use this repo
 - [x] Get OpenTofu migrated to this repo
 - [ ] Get Kubernetes repo migrated over
 - [ ] Re-bootstrap Flux

ansible/playbooks/alias.yml

@@ -0,0 +1,15 @@
+---
+- hosts: all
+  become: true
+  tasks:
+    - name: Add alias for docker compose up -d in .bashrc
+      lineinfile:
+        path: "/home/{{ ansible_user }}/.bashrc"
+        line: "alias dcu='docker compose up -d'"
+        state: present
+
+    - name: Add alias for docker compose down in .bashrc
+      lineinfile:
+        path: "/home/{{ ansible_user }}/.bashrc"
+        line: "alias dcd='docker compose down'"
+        state: present

ansible/playbooks/apt.yml

@@ -1,5 +1,5 @@
 - hosts: "*"
-  become: yes
+  become: true
   tasks:
     - name: apt
       apt:

docker/AI/docker-compose.yml

@@ -2,7 +2,7 @@ version: "3.8"
 
 services:
   ollama:
-    image: ollama/ollama:0.3.1
+    image: ollama/ollama:0.3.2
     container_name: ollama
     restart: unless-stopped
     volumes:

docker/authentik/docker-compose.yml

@@ -32,7 +32,7 @@ services:
     volumes:
       - redis:/data
   server:
-    image: ghcr.io/goauthentik/server@sha256:a98f95518269d01bb812eb0e12c6647f3d08a36e37b9fdbdccf9345d4431b9f0
+    image: ghcr.io/goauthentik/server@sha256:f79b6cf35b29a8591136afb633ddd46da303e9cd2ca82c7cdfbd020a780e15e8
     restart: unless-stopped
     command: server
     environment:
@@ -53,7 +53,7 @@ services:
       - postgresql
       - redis
   worker:
-    image: ghcr.io/goauthentik/server@sha256:a98f95518269d01bb812eb0e12c6647f3d08a36e37b9fdbdccf9345d4431b9f0
+    image: ghcr.io/goauthentik/server@sha256:f79b6cf35b29a8591136afb633ddd46da303e9cd2ca82c7cdfbd020a780e15e8
     restart: unless-stopped
     command: worker
     environment:

docker/downloaders/docker-compose.yml

@@ -1,7 +1,7 @@
 version: '3.9'
 services:
   sabnzbd:
-    image: ghcr.io/linuxserver/sabnzbd@sha256:d6a2a967d47b495c5342bc23de76d35eeb2f3ceb53c7be51885ad25f95dffe9b
+    image: ghcr.io/linuxserver/sabnzbd@sha256:dda700370ad4281d8ffda4fbdad8ac3f720a2829936eafc794fca652095ed4be
     container_name: sabnzbd
     environment:
       - PUID=1000

packer/ubuntu-jammy/files/pve.cfg

@@ -0,0 +1 @@
+datasource_list: [ConfigDrive, NoCloud]

packer/ubuntu-jammy/ubuntu-jammy.pkr.hcl

@@ -0,0 +1,120 @@
+packer {
+  required_plugins {
+    name = {
+      version = "~> 1"
+      source  = "github.com/hashicorp/proxmox"
+    }
+  }
+}
+
+variable "proxmox_api_url" {
+    type = string
+}
+
+variable "proxmox_api_token_id" {
+    type = string
+}
+
+variable "proxmox_api_token_secret" {
+    type = string
+    sensitive = true
+}
+
+# Resource Definiation for the VM Template
+source "proxmox-clone" "ubuntu-server-jammy" {
+ 
+    # Proxmox Connection Settings
+    proxmox_url = "${var.proxmox_api_url}"
+    username = "${var.proxmox_api_token_id}"
+    token = "${var.proxmox_api_token_secret}"
+    insecure_skip_tls_verify = true
+    
+    # VM General Settings
+    node = "pve2"
+
+    ## See https://git.mafyuh.dev/mafyuh/iac/src/branch/main/terraform/ubuntu22-template2.tf
+    clone_vm_id = "8101"
+
+    vm_id = "9999"
+    vm_name = "ubuntu-server-jammy"
+    template_description = "Custom Ubuntu Server see https://git.mafyuh.dev/mafyuh/iac/src/branch/main/packer/ubuntu-jammy/ubuntu-jammy.pkr.hcl"
+
+    # VM System Settings
+    qemu_agent = true
+
+    # VM Hard Disk Settings
+    scsi_controller = "virtio-scsi-pci"
+
+    disks {
+        disk_size = "4G"
+        format = "raw"
+        storage_pool = "Fast500Gb"
+        type = "virtio"
+    }
+
+    # VM CPU Settings
+    cores = "2"
+    cpu_type = "x86-64-v2-AES"
+    
+    # VM Memory Settings
+    memory = "2048" 
+
+    # VM Network Settings
+    network_adapters {
+        model = "virtio"
+        bridge = "vmbr0"
+        firewall = "false"
+    }
+    
+
+    ssh_username = "mafyuh"
+    # WSL Filesystem
+    ssh_private_key_file = "~/.ssh/id_rsa"
+}
+
+
+build {
+
+    name = "ubuntu-server-jammy"
+    sources = ["source.proxmox-clone.ubuntu-server-jammy"]
+
+    ## Cleanup for re-template
+    provisioner "shell" {
+        inline = [
+            "while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
+            "sudo rm /etc/ssh/ssh_host_*",
+            "sudo truncate -s 0 /etc/machine-id",
+            "sudo apt -y autoremove --purge",
+            "sudo apt -y clean",
+            "sudo apt -y autoclean",
+            "sudo cloud-init clean",
+            "sudo rm -f /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg",
+            "sudo rm -f /etc/netplan/00-installer-config.yaml",
+            "sudo sync"
+        ]
+    }
+
+    
+    provisioner "file" {
+        source = "files/pve.cfg"
+        destination = "/tmp/pve.cfg"
+    }
+
+    
+    provisioner "shell" {
+        inline = [ "sudo cp /tmp/pve.cfg /etc/cloud/cloud.cfg.d/pve.cfg" ]
+    }
+
+    # Install Commonly Used Things - add alias's - set git config
+    provisioner "shell" {
+        inline = [
+            "sudo apt-get install -y ca-certificates curl gnupg lsb-release nfs-common qemu-guest-agent net-tools",
+            "curl -fsSL https://get.docker.com | sudo sh",
+            "echo \"alias dcu='docker compose up -d'\" >> ~/.bashrc",
+            "echo \"alias dcd='docker compose down'\" >> ~/.bashrc",
+            "git config --global user.name \"Mafyuh\"",
+            "git config --global user.email \"matt@mafyuh.com\"",
+            "sudo apt-get -y update"
+        ]
+    }
+}

packer/ubuntu-noble/files/pve.cfg

@@ -0,0 +1 @@
+datasource_list: [ConfigDrive, NoCloud]

terraform/cloud-init.tf

@@ -2,6 +2,10 @@ data "local_file" "ssh_public_key" {
   filename = "/home/mafyuh/.ssh/main_key.pub"
 }
 
+data "local_file" "ssh_public_key_2" {
+  filename = "/home/mafyuh/.ssh/id_rsa.pub"
+}
+
 resource "proxmox_virtual_environment_file" "cloud_config" {
   content_type = "snippets"
   datastore_id = "Slow4tb"
@@ -19,6 +23,7 @@ resource "proxmox_virtual_environment_file" "cloud_config" {
         shell: /bin/bash
         ssh_authorized_keys:
           - ${trimspace(data.local_file.ssh_public_key.content)}
+          - ${trimspace(data.local_file.ssh_public_key_2.content)}
         sudo: ALL=(ALL) NOPASSWD:ALL
     runcmd:
         - apt update
@@ -30,8 +35,6 @@ resource "proxmox_virtual_environment_file" "cloud_config" {
         - su - mafyuh -c 'git clone https://git.mafyuh.dev/mafyuh/iac.git /home/mafyuh/iac'
         - su - mafyuh -c 'git config --global user.name "Mafyuh"'
         - su - mafyuh -c 'git config --global user.email "matt@mafyuh.com"'
-        - su - mafyuh -c 'echo "alias dcu=\'docker compose up -d\'" >> /home/mafyuh/.bashrc
-        - su - mafyuh -c 'echo "alias dcd=\'docker compose down\'" >> /home/mafyuh/.bashrc
         - echo "done" > /tmp/cloud-config.done
     EOF
 
@@ -56,19 +59,15 @@ resource "proxmox_virtual_environment_file" "cloud_config2" {
         shell: /bin/bash
         ssh_authorized_keys:
           - ${trimspace(data.local_file.ssh_public_key.content)}
+          - ${trimspace(data.local_file.ssh_public_key_2.content)}
         sudo: ALL=(ALL) NOPASSWD:ALL
     runcmd:
         - apt update
-        - apt install -y qemu-guest-agent net-tools nfs-common
         - timedatectl set-timezone America/New_York
         - systemctl enable qemu-guest-agent
         - systemctl start qemu-guest-agent
-        - curl -fsSL https://get.docker.com | sudo sh
+        - apt upgrade -y
         - su - mafyuh -c 'git clone https://git.mafyuh.dev/mafyuh/iac.git /home/mafyuh/iac'
-        - su - mafyuh -c 'git config --global user.name "Mafyuh"'
-        - su - mafyuh -c 'git config --global user.email "matt@mafyuh.com"'
-        - su - mafyuh -c 'echo "alias dcu=\'docker compose up -d\'" >> /home/mafyuh/.bashrc
-        - su - mafyuh -c 'echo "alias dcd=\'docker compose down\'" >> /home/mafyuh/.bashrc
         - echo "done" > /tmp/cloud-config.done
     EOF
 

terraform/kasm.tf

@@ -1,63 +1,76 @@
 resource "proxmox_virtual_environment_vm" "Kasm" {
+  # VM General Settings
+  node_name    = "pve2"
+  vm_id        = 333
+  name         = "Kasm"
+  description  = "kasm"
+  tags         = ["tofu", "ubuntu-22", "iac-repo"]
+  started      = true
 
-    # VM General Settings
-    node_name    = "pve2"
-    vm_id        = 333
-    name         = "Kasm"
-    description  = "kasm"
-    tags         = ["tofu", "ubuntu-22", "auto-homelab-repo"]
-    started      = true
+  agent {
+    enabled = true 
+  }
 
-    agent {
-      enabled = true 
-    }
+  clone {
+    vm_id = 9999
+  }
+  
+  # VM CPU Settings
+  cpu {
+    cores = 4
+    type  = "host"
+    architecture = "x86_64"
+  }
+  
+  # VM Memory Settings
+  memory {
+    dedicated = 4096
+  }
 
-    clone {
-        vm_id = 8101
-    }
-    
-    # VM CPU Settings
-    cpu {
-        cores = 4
-        type  = "host"
-        architecture = "x86_64"
-    }
-    
-    # VM Memory Settings
-    memory {
-        dedicated = 4096
-    }
+  # VM Network Settings
+  network_device {
+    bridge  = "vmbr0"
+    vlan_id = 1
+  }
 
-    # VM Network Settings
-    network_device {
-        bridge  = "vmbr0"
-        vlan_id = 1
-    }
+  # VM Disk Settings
+  disk {
+    datastore_id = "local-lvm"
+    size         = 100
+    interface    = "scsi0"
+  }
 
-    # VM Disk Settings
-    disk {
-        datastore_id = "local-lvm"
-        size         = 100
-        interface    = "scsi0"
+  initialization {
+    ip_config {
+      ipv4 {
+        address = var.kasm_ip
+        gateway = var.vlan_gateway
+      }
     }
 
-    initialization {
-        ip_config {
-            ipv4 {
-                address = "dhcp"
-            }
-        }
-
-        user_data_file_id = proxmox_virtual_environment_file.cloud_config2.id
-    }
+    user_data_file_id = proxmox_virtual_environment_file.cloud_config2.id
+  }
 
-    lifecycle {
-        ignore_changes = [
-            initialization[0].user_account[0].keys,
-            initialization[0].user_account[0].password,
-            initialization[0].user_account[0].username,
-            initialization[0].user_data_file_id
-        ]
-    }
+  lifecycle {
+    ignore_changes = [
+      initialization[0].user_account[0].keys,
+      initialization[0].user_account[0].password,
+      initialization[0].user_account[0].username,
+      initialization[0].user_data_file_id
+    ]
+  }
 
+provisioner "remote-exec" {
+  inline = [
+    "cd /home/mafyuh/iac/docker/kasm",
+    "git pull",
+    "docker compose up -d"
+  ]
+  connection {
+    type        = "ssh"
+    user        = "mafyuh"
+    private_key = file("/home/mafyuh/.ssh/id_rsa")
+    host        = var.kasm_ssh_ip
+  }
 }
+}

terraform/vars.tf

@@ -44,4 +44,12 @@ variable "init_username" {
 
 variable "init_password" {
         type = string
+}
+
+variable "kasm_ip" {
+        type = string
+}
+
+variable "kasm_ssh_ip" {
+        type = string
 }