https://github.com/perryflynn/iac

Infrastructure as Code
https://github.com/perryflynn/iac

ansible arch-iso arch-linux automated-installation automation debian ubuntu unattended-installation

Last synced: 6 days ago
JSON representation

Infrastructure as Code

• Host: GitHub
• URL: https://github.com/perryflynn/iac
• Owner: perryflynn
• License: mit
• Created: 2024-04-10T18:47:10.000Z (10 months ago)
• Default Branch: main
• Last Pushed: 2024-12-01T19:50:23.000Z (about 2 months ago)
• Last Synced: 2025-01-19T01:12:21.981Z (8 days ago)
• Topics: ansible, arch-iso, arch-linux, automated-installation, automation, debian, ubuntu, unattended-installation
• Language: Jinja
• Homepage: https://serverless.industries/projects.html#iac
• Size: 6.22 MB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# iac

Infrastructure as Code.

This project installs and configures Arch Linux, Debian or Ubuntu operating systems fully automated.

> ⚠ Make sure to create a `.env` file and reference to the correct code branch with the env vars in it!

Features:

- 💿 Build the installer ISO image in a Docker environment

- 💡 Read hostname and OS type from UEFI variables or use cloud-init

- 🔨 Install a minimal Arch Linux OS, Debian OS or Ubuntu OS

- ❓ Decide target disk for installation, etc by hostname

- 🔐 Setup root password, SSH keys and user accounts

- 🚀 Autostart OS configuration at first boot

- 💻 Autostart Desktop configuration at first Desktop logon

- ⏱ From blank disk to booted system in ~15 Minutes

Workflow base installation & hostname based configuration:

```mermaid

graph LR

    build["Build
ISO"] --> boot["Boot
ISO"]

    boot --> bootstrap["Run
bootstrap"]

    bootstrap --> reboot1["Reboot into
new OS"]

    autorun1["Autorun host
playbook on
first boot
(Install OS components)"]

    autorun1 --> reboot2["Reboot"]

    reboot2 --> xfce["Boot into
XFCE4"]

    xfce --> autorun2["Run host
playbook on
first XFCE Login
(Configure XFCE4)"]

    autorun2 --> logout["Logout
to load
XFCE settings"]

    logout --> done["Done!"]

```

## Known Issues

- `selfsignedcert` role is not idempotent

## Architecture

All packages are installed from the official sources.

- bash

- systemd

- systemd-networkd (DHCP on all ens* interfaces)

- systemd-timesyncd

- systemd-resolved

- net-tools + dnsutils

- nano + vim

- curl + wget

- Ansible

| OS                   | #Packages | #Processes | Size  | Memory |

|----------------------|-----------|------------|-------|--------|

| Ubuntu 24.04 "Noble" |      ~390 |         14 | 2.5GB |  280MB |

| Debian 12 "Bookworm" |      ~390 |         14 | 2.2GB |  270MB |

| Arch Linux           |      ~170 |         20 | 2.7GB |  300MB |

## archiso

[Archiso](https://wiki.archlinux.org/title/archiso) is used as a base for the Installer ISO. 

[archiso/](./archiso/) contains a Dockerfile and some scripts to build a custom Arch Linux installer 

ISO with additional scripts.

- `./archiso/build.sh` builds the container image

- `./archiso/pack.sh` runs the container image to build the Arch Linux ISO image

- ISO Image can be found in `./archiso/output/`

Requires Docker CE, `pack.sh` executes a container **in privileged mode**.

## Automatic configuration with Cloud-Init

Works with terraform, to be documented here.

## Automatic hostname detection with UEFI varables

The `perrys-bootstrapper.sh` script is using UEFI variables to fetch the hostname from the system and use the

correct ansible inventory variables.

Set hostname in UEFI variable:

```sh

echo -n myhostname > efi-hostname

efivar --name ed38a5bf-1135-4b0f-aa72-49d30b05dfd4-PerryHostname -w -f efi-hostname

```

Get the hostname from UEFI variable:

```sh

cat /sys/firmware/efi/efivars/PerryHostname-ed38a5bf-1135-4b0f-aa72-49d30b05dfd4

```

In addition the variable `PerryFlavor-ed38a5bf-1135-4b0f-aa72-49d30b05dfd4` can be used to

set the flavor (`debian` or `archlinux`).

## How to install a OS

- Build the Arch Linux ISO image

- Boot ISO in a virtual machine or on a physical system

- Ensure that the `diskdev` and `bootmode` are correct in the [inventoy](./inventory/defaults.yml)

- Run installer

    - Debian: `perrys-bootstrapper.sh --flavor debian --hostname biostest`

    - Arch Linux: `perrys-bootstrapper.sh --flavor archlinux --hostname biostest`

- Reboot into the new OS

## How to decide which settings should be used

The `bootstrapparameters` in the Ansible inventory decide which hostname uses which settings.

- `bootmode`: One of `uefi` or `bios`

- `diskdev`: For example `/dev/sda`

- `firstbootplaybook`: Boolean, running host-specific playbook on first boot?

- `networking`: One of `network-manager` or `systemd-networkd`

- `encryptedfs`: Boolean, encrypt the root filesystem?

## Configure OS

Run `perrys-ansible-apply.sh` as root.

It pulls automatically the correct playbook from this repo by the hostname of the operating system.

## Ansible Roles

Every role was created for a specific case and may support only a single OS, please see task code and readme file.