{"id":18808800,"url":"https://github.com/nimbolus/packer-images","last_synced_at":"2026-01-26T01:32:56.833Z","repository":{"id":181628088,"uuid":"663692949","full_name":"nimbolus/packer-images","owner":"nimbolus","description":"OpenStack Glance images build with Packer","archived":false,"fork":false,"pushed_at":"2024-08-12T11:09:43.000Z","size":33,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-22T02:11:22.562Z","etag":null,"topics":["openstack","openstack-glance","packer"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nimbolus.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-07-07T22:22:44.000Z","updated_at":"2024-08-12T11:09:43.000Z","dependencies_parsed_at":null,"dependency_job_id":"aeaf1400-75e8-4748-b401-0f4d2448c84d","html_url":"https://github.com/nimbolus/packer-images","commit_stats":null,"previous_names":["nimbolus/packer-images"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/nimbolus/packer-images","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nimbolus%2Fpacker-images","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nimbolus%2Fpacker-images/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nimbolus%2Fpacker-images/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nimbolus%2Fpacker-images/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nimbolus","download_url":"https://codeload.github.com/nimbolus/packer-images/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nimbolus%2Fpacker-images/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28763947,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-26T00:37:26.264Z","status":"ssl_error","status_checked_at":"2026-01-26T00:37:25.959Z","response_time":113,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["openstack","openstack-glance","packer"],"created_at":"2024-11-07T23:14:20.115Z","updated_at":"2026-01-26T01:32:56.818Z","avatar_url":"https://github.com/nimbolus.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Packer Images\n\n```sh\nexport PKR_VAR_flavor_id=\"\u003cflavor-id\u003e\"\nexport PKR_VAR_networks='[\"\u003cnetwork-id\u003e\"]'\npacker init images/ansible\npacker build -only \"ansible.openstack.ubuntu-22_04\" images/ansible\n```\n\n## GitLab CI\n\nCheckout `example.gitlab-ci.yml` for an example pipeline definition.\n\n## Images\n\n### Ansible\n\nImages with Ansible preinstalled and optional certificate-based user authentication for SSH (e.g. with [HashiCorp Vault SSH Engine](https://developer.hashicorp.com/vault/docs/secrets/ssh/signed-ssh-certificates)).\n\nTo enable the certificate user authentication, set the following metadata properties when creating the OpenStack instance:\n\n| Property                    | Description                                     | Example                                                 |\n| --------------------------- | ----------------------------------------------- | ------------------------------------------------------- |\n| `ssh_trusted_user_ca_url`   | URL for downloading the CAs public key          | `https://vault.example.com/v1/ssh/public_key`           |\n| `ssh_authorized_principals` | Mapping for certificate entities to local users | `{\"debian\":[\"admin\"]}` while `debian` is the local user |\n\nThese properties can also be set via [OpenStack vendordata](https://docs.openstack.org/nova/latest/user/metadata.html#metadata-vendordata).\nNote that `ssh_trusted_user_ca_url` in vendordata gets overridden by the instance metadata while `ssh_authorized_principals` will be merged.\n\nFor example to create an OpenStack instance with these properties run:\n```sh\nopenstack server create debian-test \\                          \n    --image debian-12-ansible --flavor m1.small --network \u003cnetwork-id\u003e \\\n    --property \"ssh_trusted_user_ca_url=https://vault.example.com/v1/ssh/public_key\" \\\n    --property 'ssh_authorized_principals={\"debian\":[\"admin\"]}'\n```\n\n### Podman\n\nAll features of the Ansible image plus preinstalled Podman container runtime. Also includes a Ansible playbook for installing Podman Compose stacks. The playbook fetches environment secrets from [HashiCorp Vault Key/Value v2 Engine](https://developer.hashicorp.com/vault/docs/secrets/kv/kv-v2) by authenticating against the [OpenStack auth plugin](https://github.com/nimbolus/vault-plugin-auth-openstack) and creating a systemd service file for each stack. The playbook gets configured by the instance metadata attribute `podman_compose_stacks` which contains a list of the stack names, ordered by the desired start sequence.\n\nIt assumes that Podman Compose files are located at `/opt/\u003cstack-name\u003e/compose.yml` and creates an `.env` file in the same folder with the key/value pairs found in the Vault secret at `\u003cvault_kv_engine_path\u003e/\u003cvault_kv_prefix\u003e/\u003cstack-name\u003e`. The playbook needs to be triggered by running `ansible-playbook /etc/ansible/podman-compose-up.yml` (e.g. with [cloud-init runcmd](https://cloudinit.readthedocs.io/en/latest/reference/modules.html#runcmd)).\n\n| Property                | Description                                   | Example                              |\n| ----------------------- | --------------------------------------------- | ------------------------------------ |\n| `vault_addr`            | URL of the Vault server                       | `https://vault.example.com`          |\n| `vault_auth_path`       | Mount path of the OpenStack auth plugin       | `openstack` (default: `openstack`)   |\n| `vault_auth_role`       | Role name for the OpenStack auth plugin       | `example-container-host`             |\n| `vault_kv_engine_path`  | Mount path of the Vault K/V secrets v2 engine | `kv` (default: `projects`)           |\n| `vault_kv_prefix`       | Path prefix for secrets                       | `project-a/instances/container-host` |\n| `podman_compose_stacks` | Names of Compose stacks                       | `{1=\"traefik\",2=\"myapp\"}`            |\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnimbolus%2Fpacker-images","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnimbolus%2Fpacker-images","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnimbolus%2Fpacker-images/lists"}