From 204e819a2d72a9f350e754e2bbf87633433d74c4 Mon Sep 17 00:00:00 2001 From: Jan Schumacher Date: Mon, 29 Jan 2024 10:05:21 +0100 Subject: [PATCH] wire-in-a-box / hetzner deployments: adding missing package; setting dir ACLs, adding script check for existing internal IPs --- ansible/hetzner-single-deploy.yml | 12 ++++++++++++ bin/offline-vm-setup.sh | 15 +++++++++++++-- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/ansible/hetzner-single-deploy.yml b/ansible/hetzner-single-deploy.yml index 6b37d4635..410ae2e3e 100644 --- a/ansible/hetzner-single-deploy.yml +++ b/ansible/hetzner-single-deploy.yml @@ -30,6 +30,7 @@ - wget - whois - docker.io + - dnsmasq - qemu - qemu-kvm - qemu-utils @@ -78,6 +79,13 @@ dest: /etc/sudoers regexp: '^%sudo' line: "%sudo ALL=(ALL) NOPASSWD:ALL" + - name: set proper ACLs for libvirt and demo user + acl: + path: /home/demo + entity: libvirt-qemu + etype: user + permissions: x + state: present - name: deploy sshd config copy: src: files/hetzner_server_sshd_config @@ -117,6 +125,8 @@ - name: check if wire-server-deploy folder contents exist stat: path: /home/demo/wire-server-deploy/containers-helm.tar + get_checksum: False + get_md5: False register: artifact_folder_content_check - name: unpack wire-server-deploy archive unarchive: @@ -127,6 +137,8 @@ - name: check if ubuntu iso exists stat: path: /home/demo/wire-server-deploy/ubuntu.iso + get_checksum: False + get_md5: False register: iso_file_check - name: download ubuntu {{ ubuntu_version }} iso shell: diff --git a/bin/offline-vm-setup.sh b/bin/offline-vm-setup.sh index e5057b3d0..7981f4396 100755 --- a/bin/offline-vm-setup.sh +++ b/bin/offline-vm-setup.sh @@ -16,8 +16,7 @@ Usage: $(basename "${BASH_SOURCE[0]}") [-h] [-v] [--deploy-vm vmname] Non-interactive script for deploying the Wire standard set of Ubuntu Server VMs on a single dedicated server using libvirt. Script will create VMs with a sudo user "demo" and PW auth disabled. -All VMs are created with static IPs from default libvirt subnet. IPs and hostnames are appended to /etc/hosts for convenience. -For single VM deployment ("--deploy-vm" flag) a static IP is chosen randomly from .100 to .240 range. (Yes, this might collide if deploying many individual VMs.) +All VMs are created with static IPs from default libvirt subnet (192.168.122.0/24). IPs and hostnames are appended to /etc/hosts for convenience. For SSH access, it'll use two keys: * The first key found in ~/.ssh/authorized_keys. Will ask interactively if no key can be found (and accept any input, so be careful). @@ -37,6 +36,15 @@ Default mode with no arguments creates seven libvirt VMs using cloud-init: | ansnode2 | 192.168.122.32 | 8192 MiB | 4 | 350 GB | | ansnode3 | 192.168.122.33 | 8192 MiB | 4 | 350 GB | +For single VM deployment ("--deploy-vm" flag) a static IP is chosen randomly from .100 to .240 range. +If an IP from that range already exists in /etc/hosts, the shuffle will reiterate until an unused IP is found in order to avoid collisions. + +Single VM deployment will create a VM with the following resoures (can be editied in the script prior execution): + + | hostname | IP | RAM | VCPUs | disk space (thin provisioned) | + ------------------------------------------------------------------------------------------------------ + | (argument from flag) | (range from .100 to .240) | 8192 MiB | 4 | 100 GB | + Available options: -h, --help Print this help and exit -v, --verbose Print script debug info @@ -92,6 +100,9 @@ if [[ -n "${DEPLOY_SINGLE_VM-}" ]]; then VM_VCPU=(4) VM_RAM=(8192) VM_DISK=(100) + while grep -Fq "${VM_IP[0]}" /etc/hosts; do + VM_IP=("192.168.122.$(shuf -i100-240 -n1)") + done else VM_NAME=(assethost kubenode1 kubenode2 kubenode3 ansnode1 ansnode2 ansnode3) VM_IP=(192.168.122.10 192.168.122.21 192.168.122.22 192.168.122.23 192.168.122.31 192.168.122.32 192.168.122.33)