From 348c01aae52857cccb389eb27e372427ce6c2aed Mon Sep 17 00:00:00 2001 From: Matt Snow Date: Sat, 28 Sep 2024 10:48:40 -0600 Subject: [PATCH] Create template.yaml --- template.yaml | 102 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 template.yaml diff --git a/template.yaml b/template.yaml new file mode 100644 index 0000000..2e3c110 --- /dev/null +++ b/template.yaml @@ -0,0 +1,102 @@ +--- +apiVersion: tinkerbell.org/v1alpha1 +kind: Template +metadata: + name: ubuntu + namespace: tink-system +spec: + data: | + version: "0.1" + name: ubuntu + global_timeout: 1800 + tasks: + - name: "OS Installation" + worker: "{{.device_1}}" + volumes: + - /dev:/dev + - /dev/console:/dev/console + - /lib/firmware:/lib/firmware + actions: + - name: "Stream Ubuntu image with actions/image2disk" + image: quay.io/tinkerbell/actions/image2disk:latest + timeout: 600 + environment: + DEST_DISK: {{ index .Hardware.Disks 0}} + IMG_URL: "http://192.168.1.250:8080/jammy-server-cloudimg-amd64.raw.gz" + COMPRESSED: true + - name: "Grow-partition" + image: quay.io/tinkerbell/actions/cexec:latest + timeout: 90 + environment: + BLOCK_DEVICE: {{ index .Hardware.Disks 0 }} + FS_TYPE: ext4 + CHROOT: y + DEFAULT_INTERPRETER: "/bin/sh -c" + CMD_LINE: "growpart {{ index .Hardware.Disks 0 }} 1 && resize2fs {{ index .Hardware.Disks 0 }}1" + - name: "install openssl" + image: quay.io/tinkerbell/actions/cexec:latest + timeout: 90 + environment: + BLOCK_DEVICE: {{ index .Hardware.Disks 0 }}1 + FS_TYPE: ext4 + CHROOT: y + DEFAULT_INTERPRETER: "/bin/sh -c" + CMD_LINE: "apt -y update && apt -y install openssl" + - name: "create tink user and tink password" + image: quay.io/tinkerbell/actions/cexec:latest + timeout: 90 + environment: + BLOCK_DEVICE: {{ index .Hardware.Disks 0 }}1 + FS_TYPE: ext4 + CHROOT: y + DEFAULT_INTERPRETER: "/bin/sh -c" + CMD_LINE: "useradd -p $(openssl passwd -1 tink) -s /bin/bash -d /home/tink/ -m -G sudo tink" + - name: "enable ssh" + image: quay.io/tinkerbell/actions/cexec:latest + timeout: 90 + environment: + BLOCK_DEVICE: {{ index .Hardware.Disks 0 }}1 + FS_TYPE: ext4 + CHROOT: y + DEFAULT_INTERPRETER: "/bin/sh -c" + CMD_LINE: "ssh-keygen -A; systemctl enable ssh.service; echo 'PasswordAuthentication yes' > /etc/ssh/sshd_config.d/60-cloudimg-settings.conf" + - name: "disable apparmor" + image: quay.io/tinkerbell/actions/cexec:latest + timeout: 90 + environment: + BLOCK_DEVICE: {{ index .Hardware.Disks 0 }}1 + FS_TYPE: ext4 + CHROOT: y + DEFAULT_INTERPRETER: "/bin/sh -c" + CMD_LINE: "systemctl disable apparmor; systemctl disable snapd" + - name: "write netplan" + image: quay.io/tinkerbell/actions/writefile:latest + timeout: 90 + environment: + DEST_DISK: {{ index .Hardware.Disks 0 }}1 + FS_TYPE: ext4 + DEST_PATH: /etc/netplan/config.yaml + CONTENTS: | + network: + version: 2 + renderer: networkd + ethernets: + id0: + match: + name: en* + dhcp4: true + UID: 0 + GID: 0 + MODE: 0644 + DIRMODE: 0755 + - name: "kexec into os" + image: ghcr.io/jacobweinstock/waitdaemon:latest + timeout: 90 + pid: host + environment: + BLOCK_DEVICE: {{ formatPartition ( index .Hardware.Disks 0 ) 1 }} + FS_TYPE: ext4 + IMAGE: quay.io/tinkerbell/actions/kexec:latest + WAIT_SECONDS: 10 + volumes: + - /var/run/docker.sock:/var/run/docker.sock