gnuviech/gvavagrant
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Allow boostrap with Buster

Browse source 
- add script and Vagrantfile code to preseed salt minion keys
- add needed bootstrap_options for Python 3 support
- add grains files and populate those of the ldap and web node
- add script to fix systemd-networkd setup with Debian libvirt Vagrant
  images
- switch from VirtualBox to libvirt
This commit is contained in:
Jan Dittberner 2020-03-04 13:56:20 +01:00
parent c82ef85428
commit f48eb2caf0
15 changed files with 200 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1,2 +1,3 @@
repos/ repos/
.vagrant/ .vagrant/
/salt/keys

199
Vagrantfile vendored
View file

@ -1,122 +1,239 @@
# -*- mode: ruby -*- # -*- mode: ruby -*-
# vi: set ft=ruby : # vi: set ft=ruby :
system("scripts/pregen_keys.sh")
Vagrant.configure("2") do |config| Vagrant.configure("2") do |config|
config.vm.box = "debian/contrib-jessie64" config.vm.box = "debian/buster64"
config.vm.post_up_message = nil config.vm.post_up_message = nil
config.vm.synced_folder ".", "/vagrant", disabled: true config.vm.synced_folder ".", "/vagrant", disabled: true
config.vm.provision "shell", config.vm.provision :shell,
inline: "sed -i 's/^mesg n$/tty -s \\&\\& mesg n/g' /root/.profile" path: "scripts/change-vmdebootstrap-default-dhcp.sh"
#config.vm.provision "shell",
# inline: "sed -i 's/^mesg n$/tty -s \\&\\& mesg n/g' /root/.profile"
config.vm.provision "shell", config.vm.provision "shell",
path: "scripts/add_salt_to_etc_hosts.sh" path: "scripts/add_salt_to_etc_hosts.sh"
config.vm.provision :salt do |salt|
salt.masterless = false
salt.minion_config = "salt/minion"
salt.run_highstate = false
salt.install_type = "stable"
end
config.vm.define "salt" do |node| config.vm.define "salt" do |node|
node.vm.hostname = "salt.gva.dev" node.vm.hostname = "salt"
node.vm.synced_folder "repos/gvasalt/states", "/srv/salt" node.vm.synced_folder "../gvasalt/states", "/srv/salt"
node.vm.synced_folder "repos/gvasalt/pillar", "/srv/pillar" node.vm.synced_folder "../gvasalt/pillar", "/srv/pillar"
node.vm.network "private_network", ip: "172.16.4.10" node.vm.network "private_network", ip: "172.16.4.10"
node.vm.provider "virtualbox" do |vb| node.vm.provider :libvirt do |libvirt|
vb.memory = "256" libvirt.memory = 1024
end end
node.vm.provision :salt do |salt| node.vm.provision :salt do |salt|
salt.bootstrap_options = "-x python3"
salt.grains_config = "salt/grains/salt"
salt.install_master = true salt.install_master = true
salt.masterless = false
salt.minion_id = "salt" salt.minion_id = "salt"
salt.run_highstate = false
salt.minion_key = "salt/keys/salt.pem"
salt.minion_pub = "salt/keys/salt.pub"
salt.seed_master = {
dns: "salt/keys/dns.pub",
file: "salt/keys/file.pub",
ldap: "salt/keys/ldap.pub",
mail: "salt/keys/mail.pub",
mq: "salt/keys/mq.pub",
mysql: "salt/keys/mysql.pub",
pgsql: "salt/keys/pgsql.pub",
salt: "salt/keys/salt.pub",
service: "salt/keys/service.pub",
syslog: "salt/keys/syslog.pub",
web: "salt/keys/web.pub",
}
end end
end end
config.vm.define "mq" do |node| config.vm.define "mq" do |node|
node.vm.hostname = "mq.gva.dev" node.vm.hostname = "mq"
node.vm.network "private_network", ip: "172.16.4.20" node.vm.network "private_network", ip: "172.16.4.20"
node.vm.provider "virtualbox" do |vb| node.vm.provider :libvirt do |libvirt|
vb.memory = "256" libvirt.memory = 1024
end
node.vm.provision :salt do |salt|
salt.bootstrap_options = "-x python3"
salt.grains_config = "salt/grains/mq"
salt.masterless = false
salt.minion_id = "mq"
salt.minion_key = "salt/keys/mq.pem"
salt.minion_pub = "salt/keys/mq.pub"
salt.run_highstate = false
end end
end end
config.vm.define "syslog" do |node| config.vm.define "syslog" do |node|
node.vm.hostname = "syslog" node.vm.hostname = "syslog"
node.vm.network "private_network", ip: "172.16.4.30" node.vm.network "private_network", ip: "172.16.4.30"
node.vm.provider "virtualbox" do |vb| node.vm.provider :libvirt do |libvirt|
vb.memory = "256" libvirt.memory = 1024
end
node.vm.provision :salt do |salt|
salt.bootstrap_options = "-x python3"
salt.grains_config = "salt/grains/syslog"
salt.masterless = false
salt.minion_id = "syslog"
salt.minion_key = "salt/keys/syslog.pem"
salt.minion_pub = "salt/keys/syslog.pub"
salt.run_highstate = false
end end
end end
config.vm.define "pgsql" do |node| config.vm.define "pgsql" do |node|
node.vm.hostname = "pgsql" node.vm.hostname = "pgsql"
node.vm.synced_folder "repos/gvapgsql", "/srv/gvapgsql" #node.vm.synced_folder "repos/gvapgsql", "/srv/gvapgsql"
node.vm.network "private_network", ip: "172.16.4.40" node.vm.network "private_network", ip: "172.16.4.40"
node.vm.provider "virtualbox" do |vb| node.vm.provider :libvirt do |libvirt|
vb.memory = "256" libvirt.memory = 1024
end
node.vm.provision :salt do |salt|
salt.bootstrap_options = "-x python3"
salt.grains_config = "salt/grains/pgsql"
salt.masterless = false
salt.minion_id = "pgsql"
salt.minion_key = "salt/keys/pgsql.pem"
salt.minion_pub = "salt/keys/pgsql.pub"
salt.run_highstate = false
end end
end end
config.vm.define "dns" do |node| config.vm.define "dns" do |node|
node.vm.hostname = "dns" node.vm.hostname = "dns"
node.vm.network "private_network", ip: "172.16.4.50" node.vm.network "private_network", ip: "172.16.4.50"
node.vm.provider "virtualbox" do |vb| node.vm.provider :libvirt do |libvirt|
vb.memory = "256" libvirt.memory = 1024
end
node.vm.provision :salt do |salt|
salt.bootstrap_options = "-x python3"
salt.grains_config = "salt/grains/dns"
salt.masterless = false
salt.minion_id = "dns"
salt.minion_key = "salt/keys/dns.pem"
salt.minion_pub = "salt/keys/dns.pub"
salt.run_highstate = false
end end
end end
config.vm.define "ldap" do |node| config.vm.define "ldap" do |node|
node.vm.hostname = "ldap" node.vm.hostname = "ldap"
node.vm.synced_folder "repos/gvaldap", "/srv/gvaldap" #node.vm.synced_folder "repos/gvaldap", "/srv/gvaldap"
node.vm.network "private_network", ip: "172.16.4.60" node.vm.network "private_network", ip: "172.16.4.60"
node.vm.provider "virtualbox" do |vb| node.vm.provider :libvirt do |libvirt|
vb.memory = "256" libvirt.memory = 1024
end
node.vm.provision :salt do |salt|
salt.bootstrap_options = "-x python3"
salt.grains_config = "salt/grains/ldap"
salt.masterless = false
salt.minion_id = "ldap"
salt.minion_key = "salt/keys/ldap.pem"
salt.minion_pub = "salt/keys/ldap.pub"
salt.run_highstate = false
end end
end end
config.vm.define "file" do |node| config.vm.define "file" do |node|
node.vm.hostname = "file" node.vm.hostname = "file"
node.vm.synced_folder "repos/gvafile", "/srv/gvafile" #node.vm.synced_folder "repos/gvafile", "/srv/gvafile"
node.vm.network "private_network", ip: "172.16.4.70" node.vm.network "private_network", ip: "172.16.4.70"
node.vm.provider "virtualbox" do |vb| node.vm.provider :libvirt do |libvirt|
vb.memory = "256" libvirt.memory = 1024
end
node.vm.provision :salt do |salt|
salt.bootstrap_options = "-x python3"
salt.grains_config = "salt/grains/file"
salt.masterless = false
salt.minion_id = "file"
salt.minion_key = "salt/keys/file.pem"
salt.minion_pub = "salt/keys/file.pub"
salt.run_highstate = false
end end
end end
config.vm.define "mail" do |node| config.vm.define "mail" do |node|
node.vm.hostname = "mail" node.vm.hostname = "mail"
node.vm.network "private_network", ip: "172.16.4.80" node.vm.network "private_network", ip: "172.16.4.80"
node.vm.provider "virtualbox" do |vb| node.vm.provider :libvirt do |libvirt|
vb.memory = "256" libvirt.memory = 1024
end
node.vm.provision :salt do |salt|
salt.bootstrap_options = "-x python3"
salt.grains_config = "salt/grains/mail"
salt.masterless = false
salt.minion_id = "mail"
salt.minion_key = "salt/keys/mail.pem"
salt.minion_pub = "salt/keys/mail.pub"
salt.run_highstate = false
end end
end end
config.vm.define "mysql" do |node| config.vm.define "mysql" do |node|
node.vm.hostname = "mysql" node.vm.hostname = "mysql"
node.vm.synced_folder "repos/gvamysql", "/srv/gvamysql" #node.vm.synced_folder "repos/gvamysql", "/srv/gvamysql"
node.vm.network "private_network", ip: "172.16.4.90" node.vm.network "private_network", ip: "172.16.4.90"
node.vm.provider "virtualbox" do |vb| node.vm.provider :libvirt do |libvirt|
vb.memory = "256" libvirt.memory = 1024
end
node.vm.provision :salt do |salt|
salt.bootstrap_options = "-x python3"
salt.grains_config = "salt/grains/mysql"
salt.masterless = false
salt.minion_id = "mysql"
salt.minion_key = "salt/keys/mysql.pem"
salt.minion_pub = "salt/keys/mysql.pub"
salt.run_highstate = false
end end
end end
config.vm.define "web" do |node| config.vm.define "web" do |node|
node.vm.hostname = "web" node.vm.hostname = "web"
node.vm.synced_folder "repos/gvaweb", "/srv/gvaweb" #node.vm.synced_folder "repos/gvaweb", "/srv/gvaweb"
node.vm.network "private_network", ip: "172.16.4.100" node.vm.network "private_network", ip: "172.16.4.100"
node.vm.provider "virtualbox" do |vb| node.vm.provider :libvirt do |libvirt|
vb.memory = "256" libvirt.memory = 1024
end
node.vm.provision :salt do |salt|
salt.bootstrap_options = "-x python3"
salt.grains_config = "salt/grains/web"
salt.masterless = false
salt.minion_id = "web"
salt.minion_key = "salt/keys/web.pem"
salt.minion_pub = "salt/keys/web.pub"
salt.run_highstate = false
end end
end end
config.vm.define "service" do |node| config.vm.define "service" do |node|
node.vm.hostname = "service" node.vm.hostname = "service"
node.vm.synced_folder "repos/gva", "/srv/gva" #node.vm.synced_folder "repos/gva", "/srv/gva"
node.vm.network "forwarded_port", guest: 443, host:8443 node.vm.network "forwarded_port", guest: 443, host:8443
node.vm.network "private_network", ip: "172.16.4.110" node.vm.network "private_network", ip: "172.16.4.110"
node.vm.post_up_message = "Use https://localhost:8443/ to access the gva web interface" node.vm.post_up_message = "Use https://localhost:8443/ to access the gva web interface"
node.vm.provider "virtualbox" do |vb| node.vm.provider :libvirt do |libvirt|
vb.memory = "256" libvirt.memory = 1024
end
node.vm.provision :salt do |salt|
salt.bootstrap_options = "-x python3"
salt.grains_config = "salt/grains/service"
salt.masterless = false
salt.minion_id = "service"
salt.minion_key = "salt/keys/service.pem"
salt.minion_pub = "salt/keys/service.pub"
salt.run_highstate = false
end end
end end
end end

0
salt/grains/dns Normal file
View file

0
salt/grains/file Normal file
View file

4
salt/grains/ldap Normal file
View file

@ -0,0 +1,4 @@
roles:
- vagrant
- ldapserver
- gnuviechadmin.gvaldap

0
salt/grains/mail Normal file
View file

0
salt/grains/mq Normal file
View file

0
salt/grains/mysql Normal file
View file

0
salt/grains/pgsql Normal file
View file

0
salt/grains/salt Normal file
View file

0
salt/grains/service Normal file
View file

0
salt/grains/syslog Normal file
View file

7
salt/grains/web Normal file
View file

@ -0,0 +1,7 @@
roles:
- vagrant
- ldapclient
- webserver
- gnuviechadmin.gvaweb
nginx:
default_servername: web.local

15
scripts/change-vmdebootstrap-default-dhcp.sh Normal file
View file

@ -0,0 +1,15 @@
#!/bin/sh
set -e
debootstrap_network=/etc/systemd/network/99-dhcp.network
if grep -q '^Name=\\*' "${debootstrap_network}"; then
primary_nic=$(ls -1 /sys/class/net | grep -v lo |sort | head -1)
sed -i "s/^Name=e\\*/Name=${primary_nic}/" \
"${debootstrap_network}"
systemctl restart systemd-networkd.service
echo "Changed systemd network configuration"
else
echo "Systemd network configuration has already been changed"
fi

15
scripts/pregen_keys.sh Executable file
View file

@ -0,0 +1,15 @@
#!/bin/sh
set -e
if [ ! -d salt/keys ]; then
mkdir -p salt/keys
fi
ls -1 salt/grains | while read a; do
if [ ! -f salt/keys/$a.pem ]; then
openssl genrsa -out salt/keys/$a.pem 2048
fi
if [ ! -f salt/keys/$a.pub ]; then
openssl rsa -in salt/keys/$a.pem -pubout -out salt/keys/$a.pub
fi
done