{"id":13930019,"url":"https://github.com/jktr/hcloud-packer-templates","last_synced_at":"2025-07-19T12:31:21.639Z","repository":{"id":144350022,"uuid":"186118922","full_name":"jktr/hcloud-packer-templates","owner":"jktr","description":"packer templates for arch \u0026 nixos on hetzner cloud","archived":true,"fork":false,"pushed_at":"2022-03-29T23:36:37.000Z","size":71,"stargazers_count":16,"open_issues_count":0,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-08-08T18:25:43.510Z","etag":null,"topics":["archlinux","hetzner-cloud","nixos","packer","packer-template"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jktr.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2019-05-11T10:28:11.000Z","updated_at":"2024-06-22T21:31:40.000Z","dependencies_parsed_at":"2023-07-06T15:45:40.862Z","dependency_job_id":null,"html_url":"https://github.com/jktr/hcloud-packer-templates","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jktr%2Fhcloud-packer-templates","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jktr%2Fhcloud-packer-templates/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jktr%2Fhcloud-packer-templates/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jktr%2Fhcloud-packer-templates/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jktr","download_url":"https://codeload.github.com/jktr/hcloud-packer-templates/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":226607583,"owners_count":17658477,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["archlinux","hetzner-cloud","nixos","packer","packer-template"],"created_at":"2024-08-07T18:02:40.955Z","updated_at":"2024-11-26T19:30:45.982Z","avatar_url":"https://github.com/jktr.png","language":"HCL","funding_links":[],"categories":["others"],"sub_categories":[],"readme":"# hcloud-packer-templates\n\nThis repo is used to build linux images (as snapshots) for use with\n[Hetzner Cloud](https://www.hetzner.de/cloud) by means of HashiCorp's\n[Packer](https://packer.io/).\n\nTemplates for the following distros are currently provided:\n\n  - archlinux\n  - nixos\n\nI recommend the use of Hetzner's\n[hcloud](https://github.com/hetznercloud/cli/tree/master/cli) command\nline tool to manage the resulting images. Hetzner also provides a dedicated\n[Terraform Provider](https://www.terraform.io/docs/providers/hcloud/index.html)\nthat you can use to build servers from these images. Please note that\nyour images cannot yet be (easily) exported from Hetzner's Cloud.\n\n## Building Images using this Repo\n\nPlease ensure that you have done the following:\n\n  - installed `packer` on your development machine\n  - set the `HCLOUD_TOKEN` environment variable to your API token\n  - reviewed/overriden the templates' variables (as necessary)\n\n### Getting Started\n\nTo build VM images:\n\n  - `$ packer build templates/archlinux.pkr.hcl`\n  - `$ packer build templates/nixos.pkr.hcl`\n\nTo view info about past builds:\n\n  - `$ less packer-manifest.json`\n\nTo debug a build:\n\n  - `$ packer build -debug -on-error=ask packer/nixos.pkr.hcl`\n  - `$ ssh -F/dev/null -i ssh_key_hcloud.pem root@XXX.XXX.XXX.XXX -o StrictHostKeyChecking=no`\n\n### Internals\n\nThe resulting images are intended to support a Terraform-based (or\ncustom) workflow that feels close to the one of native Hetzner VMs.\n\nHetzner's server infrastructure (mirrors, repos, DNS, NTP, DHCP) and\nconfiguration endpoints are used where possible.  This necessarily\ninvolves some analysis of their (partially undocumented) setups and\ntranslations of these to our images, so this may become outdated, may\nbreak, or may not work completely as expected. Error handling is also\npretty bare-bones.\n\nIn particular, support for the following features available on\nstandard Hetzner VMs is desired:\n\n  - dynamic hostname\n  - dynamic root ssh keys\n  - free-form cloud-init userdata\n  - full IPv6/IPv4 support\n  - Hetzner Cloud Networks\n  - Hetzner Cloud Volumes\n\nThe following features are notably unsupported:\n\n  - dynamic initial root passwords (please prefer ssh keys)\n  - automatic server resizing (use rescue mode, or a new server)\n\nA general problem is that much of the data necessary for the features\nin the lists above is only allocated after a server is instantiated\nfrom a given image and thus can't be taken into account at image\nbuilt-time. Hetzer VMs use an hcloud-specific `cloud-init` provider\nfor this initialization after their instantiation.\n\nHowever, the current state of `cloud-init` on Archlinux is less than\nideal, and NixOS has a workflow that's not really compatible. Thus,\nthese images instead use `hcloud-dl-metadata.service`, which\naggregates and outputs the data normally available to Hetzner VMs to\n`/etc/hcloud-metadata.json`, which can then be used in further\ndistro-specific mechanisms (or directly by you).\n\nFinally, your custom `cloud-init` userdata, which the Hetzner VMs\nhappen to treat as an execute-on-boot script, is instead handled by\n`hcloud-dl-userdata.service`, which only transcribes it into\n`/etc/hcloud-userdata` and nothing else.\n\n#### Archlinux\n\nArchlinux images use the file `/etc/hcloud-metadata.json` to drive a\nfew systemd services, which in turn implement the dynamic features\nmentioned above:\n\n  - hcloud-hostname.service (sets hostname)\n  - hcloud-network.service (configures primary and attached networks)\n  - hcloud-ssh-keys.service (sets ssh root keys)\n  \nAny further configuration is up to your provisioning tool.\n\n#### NixOS\n\nNixOS images export the metadata from `/etc/hcloud-metadata.json` as\nthe `config.hcloud.*` hierarchy. Since not all `config.hcloud.*` data\nis known at snapshop build-time, the system configuration is initially\npartially stubbed out at built-time, and the freshly instantiated\nserver runs `nix-channel --update` and `nixos-rebuild` after\n`hcloud-dl-metadata.service` has finished.\n\nThe dynamic features mentioned above are implemented with a few nix\nexpressions in `/etc/nixos/` using these `config.hcloud.*`\nattributes. These settings use the `mkDefaultOption` mechanism, so\nyou're free to override them as you see fit.\n\nIn general, you can provide the `nix-config-path` packer variable to\npoint to a directory of nix expression and other data, like the one\nyou would place in `/etc/nixos`, which is then baked into the built\nimage. Note that the whole directory is included in this, including\nany `.git/` folder and other data, and that it uses the file\n`configuration.nix` as its entrypoint. You do not need to manage\n`hardware-configuration.nix` here.\n\nThis `nix-config-path` mechanism allows both small customizations to\nthe barebones image (producing images primarily intended for\nadditional provisioning), while also enabling fully baked system\nimages (for rapid deployment / autoscaling).\n\nIt is planned to transition some or all of the above NixOS workflow\nto use flakes instead, but this isn't implemented yet.\n\n### Known Issues\n\n- The upstream archlinux bootstrap image's filename is derived from\n  its release day. I know of no good way to automatically get this\n  date. Set `-var arch-image=archlinux-bootstrap-20XX.XX.XX-x86_64.tar.gz`\n  if your builds are failing because of this issue.\n\n- Verifying the archlinux bootstrap image is relatively complex due to\n  the trust setup the archlinux team uses. We don't properly derive\n  developer key trust from the master key(s), but instead pin the key of\n  the developer that usually signs the releases.\n\n## GPG Keys\n\nThe upstream for the GPG keys used by the installation scripts can be\nfound on these pages:\n\n  - Archlinux: https://www.archlinux.org/master-keys/\n  - Nixos: https://nixos.org/nix/download.html\n\n## License\n\nYou can redistribute and/or modify these files unter the terms of the\nGNU General Public License as published by the Free Software\nFoundation, either version 3 of the License, or (at your option) any\nlater version. See the LICENSE file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjktr%2Fhcloud-packer-templates","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjktr%2Fhcloud-packer-templates","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjktr%2Fhcloud-packer-templates/lists"}