comfy.lab
/
ubifi-vm
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Merge branch 'alpine' of comfy.lab/ubifi-vm into master

master
3moon 7 years ago
committed by Gitea
parent
f649b31656 205fe9ccdb
commit
c995e078dc
11 changed files with 257 additions and 127 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -1
      .gitignore
  2. +18
    -0
      Makefile
  3. +0
    -64
      build.json
  4. +19
    -0
      http/answers
  5. +0
    -62
      http/preseed.cfg
  6. +66
    -0
      packer/base.json
  7. +42
    -0
      packer/provision.json
  8. +69
    -0
      provisioning/setup.yml
  9. +16
    -0
      provisioning/templates/init.d/unifi
  10. +5
    -0
      provisioning/templates/unifi/log/run
  11. +19
    -0
      provisioning/templates/unifi/run

+ 3
- 1
.gitignore View File

@ -1 +1,3 @@
packer_cache/
packer_cache/
output/
*.retry

+ 18
- 0
Makefile View File

@ -0,0 +1,18 @@
ROOT_PASSWORD=uuunifi
OUTPUT_IMAGE=$(shell find output/base -type f -name '*.ova' | head -1)
all: output/unifi/
output/base/:
packer build -var root_password=$(ROOT_PASSWORD) packer/base.json
output/unifi/: output/base/
packer build -var root_password=$(ROOT_PASSWORD) \
-var source_image=$(OUTPUT_IMAGE) packer/provision.json
clean: clean_base clean_provisioned
clean_base:
rm -r output/base
clean_provisioned:
rm -r output/unifi
.PHONY: all clean

+ 0
- 64
build.json View File

@ -1,64 +0,0 @@
{
"variables": {
"memory": "4G",
"cpus": "2",
"iso_url": "https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-9.8.0-amd64-netinst.iso",
"iso_checksum": "cc4a6bd50925c1c4af98049060e304494bc9da61eb5eb272c556d67608de14d4e6a4b8bc1c9412a0f810083912e228569f3771ffffa7174538f3e26f45a05245",
"iso_checksum_type": "sha512",
"boot_wait": "3s",
"boot_key_interval": "10ms",
"ssh_username": "unifi",
"ssh_password": "uuunifi",
"ssh_timeout": "60m",
"machine_hostname": "unifi-controller",
"machine_domain": "lab.uncomfortably.online",
"http_directory": "http/",
"preseed_file": "preseed.cfg"
},
"builders": [
{
"type": "qemu",
"accelerator": "kvm",
"qemuargs": [
[ "-m", "{{ user `memory` }}" ],
[ "-smp", "cpus={{ user `cpus`}}"]
],
"iso_url": "{{user `iso_url`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"http_directory": "{{user `http_directory`}}",
"boot_wait": "{{user `boot_wait`}}",
"boot_key_interval": "{{user `boot_key_interval`}}",
"boot_command": [
"<esc><wait>",
"install ",
"auto=true ",
"url=http://{{.HTTPIP}}:{{.HTTPPort}}/{{user `preseed_file`}} ",
"hostname={{user `machine_hostname`}} ",
"domain={{user `machine_domain`}} ",
"interface=auto ",
"passwd/user-fullname={{user `ssh_username`}} ",
"passwd/username={{user `ssh_username`}} ",
"passwd/user-password={{user `ssh_password`}} ",
"passwd/user-password-again={{user `ssh_password`}} ",
"<enter>"
],
"communicator": "ssh",
"ssh_username": "{{user `ssh_username`}}",
"ssh_password": "{{user `ssh_password`}}",
"ssh_timeout": "{{user `ssh_timeout`}}"
}
]
}

+ 19
- 0
http/answers View File

@ -0,0 +1,19 @@
KEYMAPOPTS="us us"
HOSTNAMEOPTS="-n :hostname:"
INTERFACESOPTS="auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
hostname :hostname:"
DNSOPTS="-d 8.8.8.8"
TIMEZONEOPTS="-z UTC"
PROXYOPTS="none"
APKREPOSOPTS="-1"
SSHDOPTS="-c openssh"
NTPOPTS="-c chrony"
DISKOPTS="-m sys /dev/sda"

+ 0
- 62
http/preseed.cfg View File

@ -1,62 +0,0 @@
### Localization
# Preseeding only locale sets language, country and locale.
d-i debian-installer/locale string en_US
# Keyboard selection.
d-i keyboard-configuration/xkb-keymap select us
### Network configuration
# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
d-i netcfg/choose_interface select auto
# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string
### Mirror settings
d-i mirror/country string manual
d-i mirror/http/hostname string http.us.debian.org
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string
### Account setup
# Skip creation of a root account (normal user account will be able to
# use sudo).
d-i passwd/root-login boolean false
## Package setup
d-i hw-detect/load_firmware boolean false
d-i hw-detect/load_media boolean false
apt-cdrom-setup apt-setup/cdrom/set-first boolean false
tasksel tasksel/first multiselect print-server, ssh-server, standard
d-i pkgsel/include string sudo, unattended-upgrades
popularity-contest popularity-contest/participate boolean false
### Clock and time zone setup
d-i clock-setup/utc boolean true
d-i time/zone string UTC
d-i clock-setup/ntp boolean true
### Partitioning
d-i partman-auto/method string lvm
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-auto/choose_recipe select atomic
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
# This makes partman automatically partition without confirmation.
d-i partman-md/confirm boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
### Boot loader installation
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i finish-install/reboot_in_progress note

+ 66
- 0
packer/base.json View File

@ -0,0 +1,66 @@
{
"variables": {
"iso_url": "http://dl-cdn.alpinelinux.org/alpine/v3.9/releases/x86_64/alpine-standard-3.9.3-x86_64.iso",
"iso_checksum": "6e28c5c902ccb6db24596dfb6a1c255c7989d0b9be4e92e87a8eff523201a459",
"iso_checksum_type": "sha256",
"boot_wait": "10s",
"root_password": null,
"ssh_timeout": "60m",
"machine_hostname": "unifi",
"http_directory": "http/",
"output_directory": "output/base/"
},
"builders": [
{
"type": "virtualbox-iso",
"guest_os_type": "Linux_64",
"format": "ova",
"iso_url": "{{user `iso_url`}}",
"iso_checksum": "{{user `iso_checksum`}}",
"iso_checksum_type": "{{user `iso_checksum_type`}}",
"http_directory": "{{user `http_directory`}}",
"output_directory": "{{user `output_directory`}}",
"boot_wait": "{{user `boot_wait`}}",
"boot_command": [
"root<enter><wait>",
"ifconfig eth0 up && ",
"udhcpc -i eth0<enter>",
"<wait5>",
"wget http://{{ .HTTPIP }}:{{ .HTTPPort }}/answers<enter><wait>",
"sed -i ",
"-e \"s/:hostname:/{{user `machine_hostname`}}/g\" ",
"answers<enter>",
"sed -i \"s/rc-service \\$svc start/#&/\" /sbin/setup-sshd<enter>",
"setup-alpine -f answers && ",
"mount /dev/sda3 /mnt && ",
"echo 'PermitRootLogin yes' >> /mnt/etc/ssh/sshd_config && ",
"rc-update add acpid && ",
"umount /mnt && ",
"reboot",
"<enter>",
"<wait5>",
"{{user `root_password`}}<enter><wait>",
"{{user `root_password`}}<enter><wait20>",
"y<enter>"
],
"communicator": "ssh",
"ssh_username": "root",
"ssh_password": "{{user `root_password`}}",
"ssh_timeout": "{{user `ssh_timeout`}}"
}
]
}

+ 42
- 0
packer/provision.json View File

@ -0,0 +1,42 @@
{
"variables": {
"source_image": null,
"root_password": null,
"boot_wait": "10s",
"output_directory": "output/unifi/"
},
"builders": [
{
"type": "virtualbox-ovf",
"format": "ova",
"source_path": "{{user `source_image`}}",
"checksum_type": "none",
"output_directory": "{{user `output_directory`}}",
"boot_wait": "{{user `boot_wait`}}",
"shutdown_command": "echo '{{user `root_password`}}' | sudo -S poweroff",
"communicator": "ssh",
"ssh_username": "root",
"ssh_password": "{{user `root_password`}}"
}
],
"provisioners": [
{
"type": "shell",
"inline": [
"apk update",
"apk add python sudo"
]
},
{
"type": "ansible",
"extra_arguments": [],
"user": "root",
"playbook_file": "./provisioning/setup.yml"
}
]
}

+ 69
- 0
provisioning/setup.yml View File

@ -0,0 +1,69 @@
- hosts: default
debugger: on_failed
vars:
unifi_software_url: https://dl.ubnt.com/unifi/5.10.21/UniFi.unix.zip
tasks:
- replace:
path: /etc/apk/repositories
regexp: '^#(.*v\d+.\d+/community.*)$'
replace: '\1'
- apk:
name: openjdk8-jre
state: present
update_cache: yes
- apk:
name: '{{item}}'
state: present
loop:
- shadow
- mongodb
- s6
- unzip
- user:
name: unifi
home: /srv/unifi
- get_url:
url: '{{unifi_software_url}}'
dest: /tmp/UniFi.unix.zip
- command: unzip /tmp/UniFi.unix.zip
args:
chdir: /tmp
warn: false
- shell: mv /tmp/UniFi/* /srv/unifi
- command: rm /srv/unifi/bin/mongod
- file:
path: /srv/unifi
owner: unifi
mode: o-rwx
recurse: yes
- file:
dest: /srv/unifi/bin/mongod
src: /usr/bin/mongod
state: link
- file:
path: /etc/unifi/log
state: directory
- template:
src: templates/unifi/run
dest: /etc/unifi/run
mode: 755
- template:
src: templates/unifi/log/run
dest: /etc/unifi/log/run
mode: 755
- user:
name: log
home: /var/log
- file:
path: /var/log/unifi
state: directory
owner: log
mode: 750
- template:
src: templates/init.d/unifi
dest: /etc/init.d/unifi
mode: 755
- service:
name: unifi
state: started
enabled: yes

+ 16
- 0
provisioning/templates/init.d/unifi View File

@ -0,0 +1,16 @@
#!/sbin/openrc-run
name="unifi"
supervisor=s6
s6_service_path="${RC_SVCDIR}/s6-scan/${name}"
depend() {
need net s6-svscan
after firewall
}
start_pre() {
if [ ! -L "${RC_SVCDIR}/s6-scan/${name}" ]; then
ln -s "/etc/${name}" "${RC_SVCDIR}/s6-scan/${name}"
fi
}

+ 5
- 0
provisioning/templates/unifi/log/run View File

@ -0,0 +1,5 @@
#!/bin/ash
log_user='log'
exec s6-setuidgid $log_user s6-log -b n20 s1000000 t /var/log/unifi

+ 19
- 0
provisioning/templates/unifi/run View File

@ -0,0 +1,19 @@
#!/bin/ash
user='unifi'
group='unifi'
exec 2>&1
base='/srv/unifi'
if [ -d $base ]; then
cd $base
chown -R $user:$group .
version=`head -1 webapps/ROOT/app-unifi/.version`
echo "Starting UniFi Controller $version"
exec s6-setuidgid $user java -jar lib/ace.jar start
else
echo "Missing $base ... aborting"
touch down
fi

Write Preview
Loading…
Cancel
Save