10 changed files with 239 additions and 67 deletions
Unified View
Diff Options
-
+3 -1.gitignore
-
+18 -0Makefile
-
+9 -8base.json
-
+1 -1http/answers
-
+42 -0provision.json
-
+69 -0setup.yml
-
+16 -0templates/init.d/unifi
-
+5 -0templates/unifi/log/run
-
+19 -0templates/unifi/run
+ 3
- 1
.gitignore
View File
| @ -1 +1,3 @@ | |||||
| packer_cache/ | |||||
| packer_cache/ | |||||
| output/ | |||||
| *.retry | |||||
+ 18
- 0
Makefile
View File
| @ -0,0 +1,18 @@ | |||||
| ROOT_PASSWORD=uuunifi | |||||
| OUTPUT_IMAGE=$(shell find output/base -type f -name '*.ova' | head -1) | |||||
| all: output/unifi/ | |||||
| output/base/: | |||||
| packer build -var root_password=$(ROOT_PASSWORD) base.json | |||||
| output/unifi/: output/base/ | |||||
| packer build -var root_password=$(ROOT_PASSWORD) \ | |||||
| -var source_image=$(OUTPUT_IMAGE) provision.json | |||||
| clean: clean_base clean_provisioned | |||||
| clean_base: | |||||
| rm -r output/base | |||||
| clean_provisioned: | |||||
| rm -r output/unifi | |||||
| .PHONY: all clean | |||||
build.json → base.json
View File
+ 1
- 1
http/answers
View File
+ 42
- 0
provision.json
View File
| @ -0,0 +1,42 @@ | |||||
| { | |||||
| "variables": { | |||||
| "source_image": null, | |||||
| "root_password": null, | |||||
| "boot_wait": "10s", | |||||
| "output_directory": "output/unifi/" | |||||
| }, | |||||
| "builders": [ | |||||
| { | |||||
| "type": "virtualbox-ovf", | |||||
| "format": "ova", | |||||
| "source_path": "{{user `source_image`}}", | |||||
| "checksum_type": "none", | |||||
| "output_directory": "{{user `output_directory`}}", | |||||
| "boot_wait": "{{user `boot_wait`}}", | |||||
| "shutdown_command": "echo '{{user `root_password`}}' | sudo -S poweroff", | |||||
| "communicator": "ssh", | |||||
| "ssh_username": "root", | |||||
| "ssh_password": "{{user `root_password`}}" | |||||
| } | |||||
| ], | |||||
| "provisioners": [ | |||||
| { | |||||
| "type": "shell", | |||||
| "inline": [ | |||||
| "apk update", | |||||
| "apk add python sudo" | |||||
| ] | |||||
| }, | |||||
| { | |||||
| "type": "ansible", | |||||
| "extra_arguments": [], | |||||
| "user": "root", | |||||
| "playbook_file": "./setup.yml" | |||||
| } | |||||
| ] | |||||
| } | |||||
+ 69
- 0
setup.yml
View File
| @ -0,0 +1,69 @@ | |||||
| - hosts: default | |||||
| debugger: on_failed | |||||
| vars: | |||||
| unifi_software_url: https://dl.ubnt.com/unifi/5.10.21/UniFi.unix.zip | |||||
| tasks: | |||||
| - replace: | |||||
| path: /etc/apk/repositories | |||||
| regexp: '^#(.*v\d+.\d+/community.*)$' | |||||
| replace: '\1' | |||||
| - apk: | |||||
| name: openjdk8-jre | |||||
| state: present | |||||
| update_cache: yes | |||||
| - apk: | |||||
| name: '{{item}}' | |||||
| state: present | |||||
| loop: | |||||
| - shadow | |||||
| - mongodb | |||||
| - s6 | |||||
| - unzip | |||||
| - user: | |||||
| name: unifi | |||||
| home: /srv/unifi | |||||
| - get_url: | |||||
| url: '{{unifi_software_url}}' | |||||
| dest: /tmp/UniFi.unix.zip | |||||
| - command: unzip /tmp/UniFi.unix.zip | |||||
| args: | |||||
| chdir: /tmp | |||||
| warn: false | |||||
| - shell: mv /tmp/UniFi/* /srv/unifi | |||||
| - command: rm /srv/unifi/bin/mongod | |||||
| - file: | |||||
| path: /srv/unifi | |||||
| owner: unifi | |||||
| mode: o-rwx | |||||
| recurse: yes | |||||
| - file: | |||||
| dest: /srv/unifi/bin/mongod | |||||
| src: /usr/bin/mongod | |||||
| state: link | |||||
| - file: | |||||
| path: /etc/unifi/log | |||||
| state: directory | |||||
| - template: | |||||
| src: templates/unifi/run | |||||
| dest: /etc/unifi/run | |||||
| mode: 755 | |||||
| - template: | |||||
| src: templates/unifi/log/run | |||||
| dest: /etc/unifi/log/run | |||||
| mode: 755 | |||||
| - user: | |||||
| name: log | |||||
| home: /var/log | |||||
| - file: | |||||
| path: /var/log/unifi | |||||
| state: directory | |||||
| owner: log | |||||
| mode: 750 | |||||
| - template: | |||||
| src: templates/init.d/unifi | |||||
| dest: /etc/init.d/unifi | |||||
| mode: 755 | |||||
| - service: | |||||
| name: unifi | |||||
| state: started | |||||
| enabled: yes | |||||
+ 16
- 0
templates/init.d/unifi
View File
| @ -0,0 +1,16 @@ | |||||
| #!/sbin/openrc-run | |||||
| name="unifi" | |||||
| supervisor=s6 | |||||
| s6_service_path="${RC_SVCDIR}/s6-scan/${name}" | |||||
| depend() { | |||||
| need net s6-svscan | |||||
| after firewall | |||||
| } | |||||
| start_pre() { | |||||
| if [ ! -L "${RC_SVCDIR}/s6-scan/${name}" ]; then | |||||
| ln -s "/etc/${name}" "${RC_SVCDIR}/s6-scan/${name}" | |||||
| fi | |||||
| } | |||||
+ 5
- 0
templates/unifi/log/run
View File
| @ -0,0 +1,5 @@ | |||||
| #!/bin/ash | |||||
| log_user='log' | |||||
| exec s6-setuidgid $log_user s6-log -b n20 s1000000 t /var/log/unifi | |||||
+ 19
- 0
templates/unifi/run
View File
| @ -0,0 +1,19 @@ | |||||
| #!/bin/ash | |||||
| user='unifi' | |||||
| group='unifi' | |||||
| exec 2>&1 | |||||
| base='/srv/unifi' | |||||
| if [ -d $base ]; then | |||||
| cd $base | |||||
| chown -R $user:$group . | |||||
| version=`head -1 webapps/ROOT/app-unifi/.version` | |||||
| echo "Starting UniFi Controller $version" | |||||
| exec s6-setuidgid $user java -jar lib/ace.jar start | |||||
| else | |||||
| echo "Missing $base ... aborting" | |||||
| touch down | |||||
| fi | |||||