diff --git a/debian-13/Makefile b/debian-13/Makefile index 91d253f..45b5ce9 100644 --- a/debian-13/Makefile +++ b/debian-13/Makefile @@ -1,10 +1,9 @@ -.PHONY: install clean +.PHONY: default base vagrant clean HEADLESS ?= true -default: install - -install: base +default: + @echo "Please run 'make base' or 'make vagrant'" base: PKR_VAR_headless="$(HEADLESS)" packer build x86_64-qemu-base.pkr.hcl @@ -12,5 +11,8 @@ base: vagrant: PKR_VAR_headless="$(HEADLESS)" packer build x86_64-qemu-vagrant.pkr.hcl +package: + ./scripts/package.sh + clean: rm -rf ./builds diff --git a/debian-13/README.md b/debian-13/README.md index 9698e38..ba9a81f 100644 --- a/debian-13/README.md +++ b/debian-13/README.md @@ -1,24 +1,34 @@ # Debian Trixie Builds This directory contains Packer configuration for building Debian 13 (Trixie) -images -## Usage +### Overview -Build the image: +These builds use a multi-stage Packer workflow: -``` -make -``` +- The first stage creates a minimal base image from the installer ISO +- The second stage reuses that base image to produce a Vagrant-ready box -Remove build artifacts: +### Usage -``` -make clean -``` +Build the base qemu image: -Build with a visible VM console for debugging: + make base -``` -make HEADLESS=false -``` +Build vagrant image: + + make vagrant + +Package vagrant box: + + make package + +Build with visible console: + + make base HEADLESS=false + +### Publishing + +Built boxes from this configuration are published at +[krislamo.org/debian13](https://portal.cloud.hashicorp.com/vagrant/discover/krislamo.org/debian13) +on Vagrant Cloud diff --git a/debian-13/scripts/clean.sh b/debian-13/scripts/clean.sh new file mode 100644 index 0000000..25af9ec --- /dev/null +++ b/debian-13/scripts/clean.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash +set -eux + +export DEBIAN_FRONTEND=noninteractive +apt-get clean -y +apt-get autoclean -y +rm -f /var/lib/dhcpcd/* +rm -rf /var/cache/apt/archives/* +rm -rf /var/lib/apt/lists/* +rm -rf /var/tmp/* /var/tmp/.[!.]* + +truncate -s 0 /var/log/wtmp + +dd if=/dev/zero of=/EMPTY bs=1M || true +sync +rm -rf /EMPTY diff --git a/debian-13/scripts/networkd.sh b/debian-13/scripts/networkd.sh new file mode 100644 index 0000000..5a78674 --- /dev/null +++ b/debian-13/scripts/networkd.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +install -d -m 755 -o root -g root /etc/systemd/network +cat > /etc/systemd/network/lan0.network << 'EOF' +[Match] +Name=e* +Type=ether + +[Network] +DHCP=ipv4 +EOF + +chown root:root /etc/systemd/network/lan0.network +chmod 644 /etc/systemd/network/lan0.network + +mv /etc/network/interfaces /etc/network/interfaces.save +mv /etc/network/interfaces.d /etc/network/interfaces.d.save +systemctl enable systemd-networkd +systemctl disable networking diff --git a/debian-13/scripts/package.sh b/debian-13/scripts/package.sh new file mode 100755 index 0000000..8d5475d --- /dev/null +++ b/debian-13/scripts/package.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash +set -xu + +IMG_DIR="./builds/qemu/debian-13-64-vagrant" +if [ ! -f "$IMG_DIR/debian-13-64-vagrant" ]; then + echo "[ERROR]: debian-13-64-vagrant doesn't exist" + exit 1 +fi + +cat > "$IMG_DIR/metadata.json" < "$IMG_DIR/Vagrantfile" <<'EOF' +Vagrant.configure("2") do |config| + config.vm.synced_folder ".", "/vagrant", type: "nfs", nfs_version: 4 +end +EOF + +mkdir -p ./builds/vagrant + +if [ ! -f ./builds/vagrant/box.img ]; then + cp -l $IMG_DIR/debian-13-64-vagrant \ + $IMG_DIR/box.img +fi + +if [ ! -f ./builds/vagrant/debian-13-64-vagrant.box ]; then + tar -C "$IMG_DIR" -cvzf ./builds/vagrant/debian-13-64-vagrant.box \ + box.img metadata.json Vagrantfile + exit 0 +fi + +echo "[ERROR]: debian-13-64-vagrant.box already exists" +exit 1 diff --git a/debian-13/scripts/aptupdate.sh b/debian-13/scripts/upgrade.sh similarity index 100% rename from debian-13/scripts/aptupdate.sh rename to debian-13/scripts/upgrade.sh diff --git a/debian-13/scripts/vagrant.sh b/debian-13/scripts/vagrant.sh index 0c51431..74ec814 100644 --- a/debian-13/scripts/vagrant.sh +++ b/debian-13/scripts/vagrant.sh @@ -3,9 +3,9 @@ set -eu export DEBIAN_FRONTEND=noninteractive apt-get update -apt-get install -y openssl curl sudo +apt-get install -y qemu-guest-agent nfs-common openssl curl sudo vim -useradd -m -p "$(openssl passwd -1 vagrant)" vagrant +useradd -m -s /bin/bash -p "$(openssl passwd -1 vagrant)" vagrant echo "vagrant ALL=(ALL) NOPASSWD:ALL" >/etc/sudoers.d/vagrant chmod 440 /etc/sudoers.d/vagrant @@ -15,6 +15,7 @@ BASE_GH_URL="https://raw.githubusercontent.com/hashicorp/vagrant/refs/heads" curl -fsSL "${BASE_GH_URL}/main/keys/vagrant.pub" \ -o /home/vagrant/.ssh/authorized_keys chmod 600 /home/vagrant/.ssh/authorized_keys +chown vagrant:vagrant /home/vagrant/.ssh/authorized_keys sed -i 's/PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config passwd -d root diff --git a/debian-13/x86_64-qemu-base.pkr.hcl b/debian-13/x86_64-qemu-base.pkr.hcl index 2ba47d5..8ba590c 100644 --- a/debian-13/x86_64-qemu-base.pkr.hcl +++ b/debian-13/x86_64-qemu-base.pkr.hcl @@ -69,7 +69,9 @@ build { provisioner "shell" { scripts = [ - "scripts/aptupdate.sh", + "scripts/upgrade.sh", + "scripts/networkd.sh", + "scripts/clean.sh" ] } } diff --git a/debian-13/x86_64-qemu-vagrant.pkr.hcl b/debian-13/x86_64-qemu-vagrant.pkr.hcl index 950c662..850d09f 100644 --- a/debian-13/x86_64-qemu-vagrant.pkr.hcl +++ b/debian-13/x86_64-qemu-vagrant.pkr.hcl @@ -39,7 +39,7 @@ source "qemu" "debian-13-64-vagrant" { ssh_username = "root" ssh_password = var.ssh_password ssh_timeout = "60m" - vm_name = "debian-13-64-base" + vm_name = "debian-13-64-vagrant" net_device = "virtio-net" boot_wait = "5s" } @@ -50,7 +50,8 @@ build { provisioner "shell" { scripts = [ - "scripts/vagrant.sh" + "scripts/vagrant.sh", + "scripts/clean.sh" ] } }