#!/usr/bin/bash # Update the guest operating system echo '> Updating the guest operating system ...' sudo -u root apt update sudo -u root DEBIAN_FRONTEND=noninteractive apt -y upgrade sudo -u root apt autoremove -y # install rc.local script cat << 'EOL' | sudo tee /etc/rc.local #!/bin/sh -ef # test -f /etc/ssh/ssh_host_dsa_key || sudo -u root dpkg-reconfigure openssh-server exit 0 EOL sudo -u root chmod +x /etc/rc.local # grow disk echo '> grow disk ...' sudo -u root lvresize --resizefs -l+100%FREE /dev/mapper/ubuntu--vg-ubuntu--lv # cloud-init cleanup while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo '> Waiting for cloud-init...'; sleep 1; done sudo -u root rm -f /etc/cloud/cloud.cfg.d/99-installer.cfg sudo -u root cloud-init clean # cleaning logs echo '> cleaning logs ...' sudo -u root rm -rf /var/log/* # cleans persistent udev rules echo '> cleaning persistent udev rules ...' if [ -f /etc/udev/rules.d/70-persistent-net.rules ]; then sudo -u root rm /etc/udev/rules.d/70-persistent-net.rules fi # cleans /tmp directories echo '> cleaning /tmp directories ...' sudo -u root rm -rf /tmp/* sudo -u root rm -rf /var/tmp/* # cleans SSH keys echo '> cleaning ssh host keys ...' sudo -u root rm -f /etc/ssh/ssh_host_* # sets hostname to localhost echo '> setting hostname to localhost ...' sudo -u root bash -c "cat /dev/null > /etc/hostname" sudo -u root hostnamectl set-hostname localhost # cleans apt. echo '> cleaning apt-get ...' sudo -u root apt clean # cleans the machine-id echo '> cleaning the machine-id ...' sudo -u root truncate -s 0 /etc/machine-id sudo -u root rm /var/lib/dbus/machine-id sudo -u root ln -s /etc/machine-id /var/lib/dbus/machine-id # cleans shell history echo '> cleaning shell history ...' unset HISTFILE history -cw echo > ~/.bash_history sudo -u root rm -fr /root/.bash_history # install the ansible user echo '> create ansible user ...' sudo -u root useradd -m ansible # configure ansible user sudo -u root mkdir -p /home/ansible/.ssh sudo -u root bash -c "echo \"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH9H3XK4IaK2pd8xegsbCm0at70kCi33vYkHDccV3Iyn\" >> /home/ansible/.ssh/authorized_keys" sudo -u root chmod 700 /home/ansible/.ssh sudo -u root chmod 600 /home/ansible/.ssh/authorized_keys sudo -u root chown -R ansible:ansible /home/ansible # configure sudo for ansible sudo -u root bash -c "echo \"ansible ALL=(ALL) NOPASSWD: ALL\" >> /etc/sudoers.d/ansible" # zero fill the disk echo '> zero fill disk ...' sudo -u root bash -c "cat /dev/zero > /zero.file | exit 0 && sync && rm -f /zero.file" # all done echo '> done.' echo '> packer template build -- complete'