diff --git a/.gitignore b/.gitignore index bb05696..29ffce3 100644 --- a/.gitignore +++ b/.gitignore @@ -42,3 +42,5 @@ terraform.rc ## Kubernetes /kubernetes/cluster/apps/staging +## Packer +credentials.pkr.hcl diff --git a/README.md b/README.md index 61d6502..97ba441 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,8 @@ Currently migrating [Auto-Homelab](https://git.mafyuh.dev/mafyuh/Auto-Homelab), ToDo - [ ] Update Readme -- [x] Migrate all containers to use this repo (DB migrations) +- [ ] Update Issue Templates +- [x] Migrate all containers to use this repo - [x] Get OpenTofu migrated to this repo - [ ] Get Kubernetes repo migrated over - [ ] Re-bootstrap Flux diff --git a/ansible/playbooks/alias.yml b/ansible/playbooks/alias.yml new file mode 100644 index 0000000..4d46e62 --- /dev/null +++ b/ansible/playbooks/alias.yml @@ -0,0 +1,15 @@ +--- +- hosts: all + become: true + tasks: + - name: Add alias for docker compose up -d in .bashrc + lineinfile: + path: "/home/{{ ansible_user }}/.bashrc" + line: "alias dcu='docker compose up -d'" + state: present + + - name: Add alias for docker compose down in .bashrc + lineinfile: + path: "/home/{{ ansible_user }}/.bashrc" + line: "alias dcd='docker compose down'" + state: present \ No newline at end of file diff --git a/ansible/playbooks/apt.yml b/ansible/playbooks/apt.yml index 05311be..673acbe 100644 --- a/ansible/playbooks/apt.yml +++ b/ansible/playbooks/apt.yml @@ -1,5 +1,5 @@ - hosts: "*" - become: yes + become: true tasks: - name: apt apt: diff --git a/docker/AI/docker-compose.yml b/docker/AI/docker-compose.yml index e713044..c2cdc88 100644 --- a/docker/AI/docker-compose.yml +++ b/docker/AI/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.8" services: ollama: - image: ollama/ollama:0.3.1 + image: ollama/ollama:0.3.2 container_name: ollama restart: unless-stopped volumes: diff --git a/docker/authentik/docker-compose.yml b/docker/authentik/docker-compose.yml index e70cf5b..ed049d2 100644 --- a/docker/authentik/docker-compose.yml +++ b/docker/authentik/docker-compose.yml @@ -32,7 +32,7 @@ services: volumes: - redis:/data server: - image: ghcr.io/goauthentik/server@sha256:a98f95518269d01bb812eb0e12c6647f3d08a36e37b9fdbdccf9345d4431b9f0 + image: ghcr.io/goauthentik/server@sha256:f79b6cf35b29a8591136afb633ddd46da303e9cd2ca82c7cdfbd020a780e15e8 restart: unless-stopped command: server environment: @@ -53,7 +53,7 @@ services: - postgresql - redis worker: - image: ghcr.io/goauthentik/server@sha256:a98f95518269d01bb812eb0e12c6647f3d08a36e37b9fdbdccf9345d4431b9f0 + image: ghcr.io/goauthentik/server@sha256:f79b6cf35b29a8591136afb633ddd46da303e9cd2ca82c7cdfbd020a780e15e8 restart: unless-stopped command: worker environment: diff --git a/docker/downloaders/docker-compose.yml b/docker/downloaders/docker-compose.yml index 07042d0..50c698a 100644 --- a/docker/downloaders/docker-compose.yml +++ b/docker/downloaders/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.9' services: sabnzbd: - image: ghcr.io/linuxserver/sabnzbd@sha256:d6a2a967d47b495c5342bc23de76d35eeb2f3ceb53c7be51885ad25f95dffe9b + image: ghcr.io/linuxserver/sabnzbd@sha256:dda700370ad4281d8ffda4fbdad8ac3f720a2829936eafc794fca652095ed4be container_name: sabnzbd environment: - PUID=1000 diff --git a/packer/ubuntu-jammy/files/pve.cfg b/packer/ubuntu-jammy/files/pve.cfg new file mode 100644 index 0000000..a78672c --- /dev/null +++ b/packer/ubuntu-jammy/files/pve.cfg @@ -0,0 +1 @@ +datasource_list: [ConfigDrive, NoCloud] \ No newline at end of file diff --git a/packer/ubuntu-jammy/ubuntu-jammy.pkr.hcl b/packer/ubuntu-jammy/ubuntu-jammy.pkr.hcl new file mode 100644 index 0000000..ee624ed --- /dev/null +++ b/packer/ubuntu-jammy/ubuntu-jammy.pkr.hcl @@ -0,0 +1,120 @@ +packer { + required_plugins { + name = { + version = "~> 1" + source = "github.com/hashicorp/proxmox" + } + } +} + +variable "proxmox_api_url" { + type = string +} + +variable "proxmox_api_token_id" { + type = string +} + +variable "proxmox_api_token_secret" { + type = string + sensitive = true +} + +# Resource Definiation for the VM Template +source "proxmox-clone" "ubuntu-server-jammy" { + + # Proxmox Connection Settings + proxmox_url = "${var.proxmox_api_url}" + username = "${var.proxmox_api_token_id}" + token = "${var.proxmox_api_token_secret}" + insecure_skip_tls_verify = true + + # VM General Settings + node = "pve2" + + ## See https://git.mafyuh.dev/mafyuh/iac/src/branch/main/terraform/ubuntu22-template2.tf + clone_vm_id = "8101" + + vm_id = "9999" + vm_name = "ubuntu-server-jammy" + template_description = "Custom Ubuntu Server see https://git.mafyuh.dev/mafyuh/iac/src/branch/main/packer/ubuntu-jammy/ubuntu-jammy.pkr.hcl" + + # VM System Settings + qemu_agent = true + + # VM Hard Disk Settings + scsi_controller = "virtio-scsi-pci" + + disks { + disk_size = "4G" + format = "raw" + storage_pool = "Fast500Gb" + type = "virtio" + } + + # VM CPU Settings + cores = "2" + cpu_type = "x86-64-v2-AES" + + # VM Memory Settings + memory = "2048" + + # VM Network Settings + network_adapters { + model = "virtio" + bridge = "vmbr0" + firewall = "false" + } + + + ssh_username = "mafyuh" + # WSL Filesystem + ssh_private_key_file = "~/.ssh/id_rsa" +} + + +build { + + name = "ubuntu-server-jammy" + sources = ["source.proxmox-clone.ubuntu-server-jammy"] + + ## Cleanup for re-template + provisioner "shell" { + inline = [ + "while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done", + "sudo rm /etc/ssh/ssh_host_*", + "sudo truncate -s 0 /etc/machine-id", + "sudo apt -y autoremove --purge", + "sudo apt -y clean", + "sudo apt -y autoclean", + "sudo cloud-init clean", + "sudo rm -f /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg", + "sudo rm -f /etc/netplan/00-installer-config.yaml", + "sudo sync" + ] + } + + + provisioner "file" { + source = "files/pve.cfg" + destination = "/tmp/pve.cfg" + } + + + provisioner "shell" { + inline = [ "sudo cp /tmp/pve.cfg /etc/cloud/cloud.cfg.d/pve.cfg" ] + } + + # Install Commonly Used Things - add alias's - set git config + provisioner "shell" { + inline = [ + "sudo apt-get install -y ca-certificates curl gnupg lsb-release nfs-common qemu-guest-agent net-tools", + "curl -fsSL https://get.docker.com | sudo sh", + "echo \"alias dcu='docker compose up -d'\" >> ~/.bashrc", + "echo \"alias dcd='docker compose down'\" >> ~/.bashrc", + "git config --global user.name \"Mafyuh\"", + "git config --global user.email \"matt@mafyuh.com\"", + "sudo apt-get -y update" + ] + } +} \ No newline at end of file diff --git a/packer/ubuntu-noble/files/pve.cfg b/packer/ubuntu-noble/files/pve.cfg new file mode 100644 index 0000000..a78672c --- /dev/null +++ b/packer/ubuntu-noble/files/pve.cfg @@ -0,0 +1 @@ +datasource_list: [ConfigDrive, NoCloud] \ No newline at end of file diff --git a/terraform/cloud-init.tf b/terraform/cloud-init.tf index ae35cdd..f322133 100644 --- a/terraform/cloud-init.tf +++ b/terraform/cloud-init.tf @@ -2,6 +2,10 @@ data "local_file" "ssh_public_key" { filename = "/home/mafyuh/.ssh/main_key.pub" } +data "local_file" "ssh_public_key_2" { + filename = "/home/mafyuh/.ssh/id_rsa.pub" +} + resource "proxmox_virtual_environment_file" "cloud_config" { content_type = "snippets" datastore_id = "Slow4tb" @@ -19,6 +23,7 @@ resource "proxmox_virtual_environment_file" "cloud_config" { shell: /bin/bash ssh_authorized_keys: - ${trimspace(data.local_file.ssh_public_key.content)} + - ${trimspace(data.local_file.ssh_public_key_2.content)} sudo: ALL=(ALL) NOPASSWD:ALL runcmd: - apt update @@ -30,8 +35,6 @@ resource "proxmox_virtual_environment_file" "cloud_config" { - su - mafyuh -c 'git clone https://git.mafyuh.dev/mafyuh/iac.git /home/mafyuh/iac' - su - mafyuh -c 'git config --global user.name "Mafyuh"' - su - mafyuh -c 'git config --global user.email "matt@mafyuh.com"' - - su - mafyuh -c 'echo "alias dcu=\'docker compose up -d\'" >> /home/mafyuh/.bashrc - - su - mafyuh -c 'echo "alias dcd=\'docker compose down\'" >> /home/mafyuh/.bashrc - echo "done" > /tmp/cloud-config.done EOF @@ -56,19 +59,15 @@ resource "proxmox_virtual_environment_file" "cloud_config2" { shell: /bin/bash ssh_authorized_keys: - ${trimspace(data.local_file.ssh_public_key.content)} + - ${trimspace(data.local_file.ssh_public_key_2.content)} sudo: ALL=(ALL) NOPASSWD:ALL runcmd: - apt update - - apt install -y qemu-guest-agent net-tools nfs-common - timedatectl set-timezone America/New_York - systemctl enable qemu-guest-agent - systemctl start qemu-guest-agent - - curl -fsSL https://get.docker.com | sudo sh + - apt upgrade -y - su - mafyuh -c 'git clone https://git.mafyuh.dev/mafyuh/iac.git /home/mafyuh/iac' - - su - mafyuh -c 'git config --global user.name "Mafyuh"' - - su - mafyuh -c 'git config --global user.email "matt@mafyuh.com"' - - su - mafyuh -c 'echo "alias dcu=\'docker compose up -d\'" >> /home/mafyuh/.bashrc - - su - mafyuh -c 'echo "alias dcd=\'docker compose down\'" >> /home/mafyuh/.bashrc - echo "done" > /tmp/cloud-config.done EOF diff --git a/terraform/kasm.tf b/terraform/kasm.tf index c5cd0c8..7429341 100644 --- a/terraform/kasm.tf +++ b/terraform/kasm.tf @@ -1,63 +1,76 @@ resource "proxmox_virtual_environment_vm" "Kasm" { + # VM General Settings + node_name = "pve2" + vm_id = 333 + name = "Kasm" + description = "kasm" + tags = ["tofu", "ubuntu-22", "iac-repo"] + started = true - # VM General Settings - node_name = "pve2" - vm_id = 333 - name = "Kasm" - description = "kasm" - tags = ["tofu", "ubuntu-22", "auto-homelab-repo"] - started = true + agent { + enabled = true + } - agent { - enabled = true + clone { + vm_id = 9999 + } + + # VM CPU Settings + cpu { + cores = 4 + type = "host" + architecture = "x86_64" + } + + # VM Memory Settings + memory { + dedicated = 4096 + } + + # VM Network Settings + network_device { + bridge = "vmbr0" + vlan_id = 1 + } + + # VM Disk Settings + disk { + datastore_id = "local-lvm" + size = 100 + interface = "scsi0" + } + + initialization { + ip_config { + ipv4 { + address = var.kasm_ip + gateway = var.vlan_gateway + } } - clone { - vm_id = 8101 - } - - # VM CPU Settings - cpu { - cores = 4 - type = "host" - architecture = "x86_64" - } - - # VM Memory Settings - memory { - dedicated = 4096 - } + user_data_file_id = proxmox_virtual_environment_file.cloud_config2.id + } - # VM Network Settings - network_device { - bridge = "vmbr0" - vlan_id = 1 - } - - # VM Disk Settings - disk { - datastore_id = "local-lvm" - size = 100 - interface = "scsi0" - } - - initialization { - ip_config { - ipv4 { - address = "dhcp" - } - } - - user_data_file_id = proxmox_virtual_environment_file.cloud_config2.id - } - - lifecycle { - ignore_changes = [ - initialization[0].user_account[0].keys, - initialization[0].user_account[0].password, - initialization[0].user_account[0].username, - initialization[0].user_data_file_id - ] - } + lifecycle { + ignore_changes = [ + initialization[0].user_account[0].keys, + initialization[0].user_account[0].password, + initialization[0].user_account[0].username, + initialization[0].user_data_file_id + ] + } +provisioner "remote-exec" { + inline = [ + "cd /home/mafyuh/iac/docker/kasm", + "git pull", + "docker compose up -d" + ] + connection { + type = "ssh" + user = "mafyuh" + private_key = file("/home/mafyuh/.ssh/id_rsa") + host = var.kasm_ssh_ip + } } +} \ No newline at end of file diff --git a/terraform/vars.tf b/terraform/vars.tf index 3462ab1..cb9fecd 100644 --- a/terraform/vars.tf +++ b/terraform/vars.tf @@ -44,4 +44,12 @@ variable "init_username" { variable "init_password" { type = string +} + +variable "kasm_ip" { + type = string +} + +variable "kasm_ssh_ip" { + type = string } \ No newline at end of file