packer/scripts/debian12.sh

# environment vars
DEBIAN_FRONTEND=noninteractive 

# make debconf noninteractive
echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections

# update guest
apt-get update
apt-get upgrade -y
apt-get autoremove -y

# install packages
apt-get install -y curl qemu-guest-agent sudo wget

# install rc.local script
cat << 'EOL' | tee /etc/rc.local
#!/bin/sh -ef
#
test -f /etc/ssh/ssh_host_dsa_key || dpkg-reconfigure openssh-server
exit 0
EOL
chmod +x /etc/rc.local

# install the ansible user
echo '> create ansible user ...'
useradd -m ansible

# configure ansible user
echo '> configure ansible user ...'
mkdir -p /home/ansible/.ssh
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH9H3XK4IaK2pd8xegsbCm0at70kCi33vYkHDccV3Iyn" >> /home/ansible/.ssh/authorized_keys
chmod 700 /home/ansible/.ssh
chmod 600 /home/ansible/.ssh/authorized_keys
chown -R ansible:ansible /home/ansible

# configure sudo for ansible
echo "ansible ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/ansible

# cleaning logs
echo '> cleaning logs ...'
rm -rf /var/log/*

# cleans persistent udev rules
echo '> cleaning persistent udev rules ...'
if [ -f /etc/udev/rules.d/70-persistent-net.rules ]; then
  rm /etc/udev/rules.d/70-persistent-net.rules
fi

# cleans /tmp directories
echo '> cleaning /tmp directories ...'
rm -rf /tmp/*
rm -rf /var/tmp/*

# cleans SSH keys
echo '> cleaning ssh host keys ...'
rm -f /etc/ssh/ssh_host_*

# sets hostname to localhost
echo '> setting hostname to localhost ...'
cat /dev/null > /etc/hostname
hostnamectl set-hostname localhost

# cleans apt.
echo '> cleaning apt-get ...'
apt-get clean

# cleans the machine-id
echo '> cleaning the machine-id ...'
truncate -s 0 /etc/machine-id
rm /var/lib/dbus/machine-id
ln -s /etc/machine-id /var/lib/dbus/machine-id

# disable root login over ssh
sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config

# cleans shell history
echo '> cleaning shell history ...'
unset HISTFILE
history -cw
echo > ~/.bash_history

# all done
echo '> done.'
echo '> packer template build -- complete'
[debian12] feat: added sudo and made debconf noninteractive 2024-08-13 11:22:33 +02:00			`# environment vars`
			`DEBIAN_FRONTEND=noninteractive`

			`# make debconf noninteractive`
			`echo 'debconf debconf/frontend select Noninteractive' \| debconf-set-selections`

[debian12] feat: add script 2024-07-15 18:10:56 +02:00			`# update guest`
			`apt-get update`
[debian12] feat: added sudo and made debconf noninteractive 2024-08-13 11:22:33 +02:00			`apt-get upgrade -y`
[debian12] feat: add script 2024-07-15 18:10:56 +02:00			`apt-get autoremove -y`

[debian12] feat: added some packages 2024-07-16 17:15:05 +02:00			`# install packages`
			`apt-get install -y curl qemu-guest-agent sudo wget`

[debian12] feat: add script 2024-07-15 18:10:56 +02:00			`# install rc.local script`
[debian12] fix: remove unused sudo remains 2024-07-15 18:18:42 +02:00			`cat << 'EOL' \| tee /etc/rc.local`
[debian12] feat: add script 2024-07-15 18:10:56 +02:00			`#!/bin/sh -ef`
			`#`
[debian12] fix: remove unused sudo remains 2024-07-15 18:18:42 +02:00			`test -f /etc/ssh/ssh_host_dsa_key \|\| dpkg-reconfigure openssh-server`
[debian12] feat: add script 2024-07-15 18:10:56 +02:00			`exit 0`
			`EOL`
			`chmod +x /etc/rc.local`

[scripts] feat: removed zero filling of the disk 2024-07-16 17:06:49 +02:00			`# install the ansible user`
			`echo '> create ansible user ...'`
			`useradd -m ansible`

			`# configure ansible user`
			`echo '> configure ansible user ...'`
			`mkdir -p /home/ansible/.ssh`
			`echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH9H3XK4IaK2pd8xegsbCm0at70kCi33vYkHDccV3Iyn" >> /home/ansible/.ssh/authorized_keys`
			`chmod 700 /home/ansible/.ssh`
			`chmod 600 /home/ansible/.ssh/authorized_keys`
			`chown -R ansible:ansible /home/ansible`

			`# configure sudo for ansible`
			`echo "ansible ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/ansible`

[debian12] feat: add script 2024-07-15 18:10:56 +02:00			`# cleaning logs`
			`echo '> cleaning logs ...'`
			`rm -rf /var/log/*`

			`# cleans persistent udev rules`
			`echo '> cleaning persistent udev rules ...'`
			`if [ -f /etc/udev/rules.d/70-persistent-net.rules ]; then`
			`rm /etc/udev/rules.d/70-persistent-net.rules`
			`fi`

			`# cleans /tmp directories`
			`echo '> cleaning /tmp directories ...'`
			`rm -rf /tmp/*`
			`rm -rf /var/tmp/*`

			`# cleans SSH keys`
			`echo '> cleaning ssh host keys ...'`
			`rm -f /etc/ssh/ssh_host_*`

			`# sets hostname to localhost`
			`echo '> setting hostname to localhost ...'`
			`cat /dev/null > /etc/hostname`
			`hostnamectl set-hostname localhost`

			`# cleans apt.`
			`echo '> cleaning apt-get ...'`
			`apt-get clean`

			`# cleans the machine-id`
			`echo '> cleaning the machine-id ...'`
			`truncate -s 0 /etc/machine-id`
			`rm /var/lib/dbus/machine-id`
			`ln -s /etc/machine-id /var/lib/dbus/machine-id`

			`# disable root login over ssh`
			`sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config`

			`# cleans shell history`
			`echo '> cleaning shell history ...'`
			`unset HISTFILE`
			`history -cw`
			`echo > ~/.bash_history`

			`# all done`
			`echo '> done.'`
			`echo '> packer template build -- complete'`