Updates to Alpine build scripts

2025-04-03 16:36:10 -04:00 · 2025-04-03 16:36:10 -04:00 · ac06a8829a
commit ac06a8829a
parent ed22728354
10 changed files with 161 additions and 14 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
 .DS_Store
-alpine-iso
+alpine-iso
 keys
--- a/README.md
+++ b/README.md
@ -121,10 +121,55 @@ Update the parameters provided to the below plan run command as needed.
 ```bash
 cd bolt_vm_automation
-bolt plan run bolt_vm_automation::create_vm \
+bolt plan run bolt_vm_automation::create_ubuntu \
-  target=siderack \
+  target=vortex \
  vm_name=moeny-bank01 \
  ip_with_cidr=100.40.223.189/24 \
-  hostname=moeny-bank01 \
+  hostname=moeny-bank01
-  network=br0
+```
 ## Alpine VMs
 There are now separate plans for generating a VM using Alpine and Ubuntu. [create_alpine](bolt_vm_automation/plans/create_alpine.yaml) should be run for Alpine and [create_ubuntu](bolt_vm_automation/plans/create_ubuntu.yaml) should be run for Ubuntu. These plans each run tasks tailored for the appropriate distribution.
 Below is a sample command to run the Alpine bolt plan.
 ```bash
 bolt plan run bolt_vm_automation::create_alpine \
  vm_name=moeny-service \
  ip_with_cidr=100.40.223.189/24 \
  hostname=moeny-service \
  add_a_record_bool=true \
  dns_hostname=service
 ```
 Note that `add_a_record_bool` must be set to `true` if you would like an A record for the VM to be added to the DNS server zone file, as it is `false` by default. If using this functionality, `dns_hostname` should also be provided and optionally `dns_ttl` if you do not want the default of `3600`. The ability to interact with the DNS server depends on having set up a TSIG key on your DNS server for dynamic updates and storing a copy of your `tsig.key` file in a directory called `keys` at the root of this project. If either of these conditions have not been met, do not attempt to use this functionality. For more information on setting up dynamic DNS with a TSIG key, see our [bind9](https://gitea.moeny.ai/moeny/bind9) repo.
 Similarly, `install_docker_bool` can be set to `false` if you do not want docker to be installed on the VM. It is true by default.
 For more detailed logging on the `bolt plan run` add the `-v` flag at the end of the command.
 If you want to delete an A record that you have added, you can use the [`delete_dns_a_record`](bolt_vm_automation/tasks/delete_dns_a_record.sh) task. You'll just need to provide it with the dns_hostname you set. Here's a sample command.
 ```bash
 bolt task run bolt_vm_automation::delete_dns_a_record dns_hostname=service --targets localhost
 ```
 Lastly, even though it is designed to be run with the `create_alpine` plan, you can also run the [`add_dns_a_record`](bolt_vm_automation/tasks/add_dns_a_record.sh) task on its own. You'll just need to provide it a few parameters. Here's a sample command.
 ```bash
 bolt task run bolt_vm_automation::add_dns_a_record add_a_record_bool=true ip_with_cidr=100.40.223.189/24 dns_hostname=service dns_ttl=3600 --targets localhost
 ```
 Alternatively, to update DNS with the `nsupdate` command directly from the terminal, run something like the following with the path to your `tsig.key`:
 ```bash
 nsupdate -k ../../keys/tsig.key << EOF
 server ns1.moeny.ai
 zone moeny.ai
 update add service.moeny.ai 3600 A 6.5.2.5
 send
 EOF
 ssh moeny@ns1.moeny.ai "sudo rndc sync moeny.ai"
 ```
--- a/bolt_vm_automation/plans/create_alpine.yaml
+++ b/bolt_vm_automation/plans/create_alpine.yaml
@ -27,7 +27,7 @@ parameters:
  disk_path:
    type: String
    description: "Base path for disk images"
-    default: "/mnt/nfs/kvm-images"
+    default: "/mnt/nfs/moeny-images"
  network:
    type: String
    description: "Network to connect the VM to"
@ -67,6 +67,23 @@ parameters:
    type: String
    description: "Tertiary nameserver for the VM"
    default: "1.1.1.1"
  install_docker_bool:
    type: Boolean
    description: "Whether to install Docker on the VM"
    default: true
  # DNS Variables
  add_a_record_bool:
    type: Boolean
    description: "Whether to add a DNS A record for the VM"
    default: false
  dns_hostname:
    type: String
    description: "Hostname for the DNS A record"
    default: "vm-template-staging"
  dns_ttl:
    type: Integer
    description: "TTL for the DNS A record"
    default: 3600
 steps:
  - name: create_vm
@ -103,6 +120,7 @@ steps:
    task: bolt_vm_automation::install_docker_alpine
    targets: localhost
    parameters:
      install_docker_bool: $install_docker_bool
      staging_ip: $staging_ip
  - name: system_setup
@ -118,5 +136,15 @@ steps:
      nameserver3: $nameserver3
      staging_ip: $staging_ip
  - name: add_dns_a_record
    description: Add a DNS A record for the VM
    task: bolt_vm_automation::add_dns_a_record
    targets: localhost
    parameters:
      add_a_record_bool: $add_a_record_bool
      ip_with_cidr: $ip_with_cidr
      dns_hostname: $dns_hostname
      dns_ttl: $dns_ttl
 return:
  message: "VM ${vm_name} created and updated successfully!"
--- a/bolt_vm_automation/plans/create_ubuntu.yaml
+++ b/bolt_vm_automation/plans/create_ubuntu.yaml
@ -27,7 +27,7 @@ parameters:
  disk_path:
    type: String
    description: "Base path for disk images"
-    default: "/mnt/nfs/kvm-images"
+    default: "/mnt/nfs/moeny-images"
  network:
    type: String
    description: "Network to connect the VM to"
--- a/bolt_vm_automation/tasks/add_dns_a_record.sh
+++ b/bolt_vm_automation/tasks/add_dns_a_record.sh
@ -0,0 +1,33 @@
 #!/bin/bash
 # Bolt environment variables
 ADD_A_RECORD="${PT_add_a_record_bool}"
 IP="${PT_ip_with_cidr}"
 HOSTNAME="${PT_dns_hostname}"
 TTL="${PT_dns_ttl}"
 # Check if Docker installation is requested
 if [ "$ADD_A_RECORD" != "true" ]; then
    echo '{"status": "skipped", "message": "A Record addition not requested, skipping..."}'
    exit 0
 fi
 # Check if required parameters are provided
 if [ -z "$IP" ] || [ -z "$HOSTNAME" ] || [ -z "$TTL" ]; then
    echo '{"status": "failure", "message": "Error: Both ip_with_cidr, dns_hostname and ttl parameters must be provided"}'
    exit 1
 fi
 # Create DNS A record
 IP_ADDRESS=$(echo ${IP} | cut -d'/' -f1)
 nsupdate -k ../../keys/tsig.key << EOF
 server ns1.moeny.ai
 zone moeny.ai
 update add ${HOSTNAME}.moeny.ai ${TTL} A ${IP_ADDRESS}
 send
 EOF
 # Force zone file update on DNS server
 ssh moeny@ns1.moeny.ai "sudo rndc sync moeny.ai"
 echo '{"status": "success", "message": "A Record successfully added."}'
--- a/bolt_vm_automation/tasks/delete_dns_a_record.sh
+++ b/bolt_vm_automation/tasks/delete_dns_a_record.sh
@ -0,0 +1,23 @@
 #!/bin/bash
 # Bolt environment variables
 HOSTNAME="${PT_dns_hostname}"
 # Check if required parameters are provided
 if [ -z "$HOSTNAME" ]; then
    echo '{"status": "failure", "message": "Error: dns_hostname parameter must be provided"}'
    exit 1
 fi
 # Delete DNS A record
 nsupdate -k ../../keys/tsig.key << EOF
 server ns1.moeny.ai
 zone moeny.ai
 update delete ${HOSTNAME}.moeny.ai A
 send
 EOF
 # Force zone file update on DNS server
 ssh moeny@ns1.moeny.ai "sudo rndc sync moeny.ai"
 echo '{"status": "success", "message": "A Record successfully deleted."}'
--- a/bolt_vm_automation/tasks/install_alpine.sh
+++ b/bolt_vm_automation/tasks/install_alpine.sh
@ -49,9 +49,9 @@ sleep 30
 # Verify installation by trying to SSH
 if ssh -o StrictHostKeyChecking=no -o ConnectTimeout=5 root@${STAGING_IP} "echo 'VM is running'"; then
-  echo "Alpine installation completed successfully"
+  echo '{"status": "success", "message": "Alpine installation completed successfully"}'
  exit 0
 else
-  echo "Failed to install Alpine"
+  echo '{"status": "failure", "message": "Failed to install Alpine"}'
  exit 1
 fi 
--- a/bolt_vm_automation/tasks/install_docker_alpine.sh
+++ b/bolt_vm_automation/tasks/install_docker_alpine.sh
@ -1,8 +1,16 @@
 #!/bin/bash
 # Input Variables
 INSTALL_DOCKER="${PT_install_docker_bool}"
 STAGING_IP="${PT_staging_ip}"
 # Check if Docker installation is requested
 if [ "$INSTALL_DOCKER" != "true" ]; then
    # Output JSON that Bolt will understand
    echo '{"status": "skipped", "message": "Docker installation not requested, skipping..."}'
    exit 0
 fi
 # Update package list and install Docker
 ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "apk update && apk add --no-cache docker docker-cli docker-cli-compose"
@ -14,9 +22,9 @@ ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rc-service docker start && r
 # Verify installation
 if ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "docker --version" > /dev/null 2>&1; then
-    echo "Docker installed successfully"
+    echo '{"status": "success", "message": "Docker installed successfully"}'
    exit 0
 else
-    echo "Docker installation failed"
+    echo '{"status": "failure", "message": "Docker installation failed"}'
    exit 1
 fi 
--- a/bolt_vm_automation/tasks/install_packages_alpine.sh
+++ b/bolt_vm_automation/tasks/install_packages_alpine.sh
@ -7,7 +7,7 @@ STAGING_IP="${PT_staging_ip}"
 ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "sed -i '3s/^#//' /etc/apk/repositories"
 # Install required packages
-ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "apk update && apk add --no-cache vim fping htop sudo bash mtr"
+ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "apk update && apk add --no-cache vim fping htop sudo bash mtr rsync tmux"
 # Change default shell to bash
 ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "sed -i -E '/^(root|moeny):/ s:/bin/sh$:/bin/bash:' /etc/passwd"
@ -20,3 +20,6 @@ ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "addgroup sudo;addgroup moeny
 # Set no password to sudo group
 ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "echo '%sudo ALL=(ALL) NOPASSWD: ALL' | tee -a /etc/sudoers.d/nopasswd_sudo_group"
 # Aliases for ll and la
 ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "sudo sed -i '1i # set ls -l and ls -a aliases\nalias ll='\''ls -l'\''\nalias la='\''ls -a'\''\n' /etc/bash/bashrc"
--- a/bolt_vm_automation/tasks/system_setup_alpine.sh
+++ b/bolt_vm_automation/tasks/system_setup_alpine.sh
@ -12,7 +12,7 @@ STAGING_IP="${PT_staging_ip}"
 # Check if all required parameters are provided
 if [ -z "$IP" ] || [ -z "$HOSTNAME" ] || [ -z "$DHCP" ] || [ -z "$GATEWAY" ] || [ -z "$NAMESERVER1" ] || [ -z "$NAMESERVER2" ] || [ -z "$NAMESERVER3" ]; then
-  echo "Missing required parameters. All parameters must be provided."
+  echo '{"status": "failure", "message": "Missing required parameters. All parameters must be provided."}'
  exit 1
 fi
@ -54,7 +54,13 @@ ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "sed -i 's/127.0.0.1.*/127.0.
 # Enable and start iptables service
 ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rc-update add iptables default && rc-service iptables start"
-echo "System configuration completed successfully"
+# Generate new SSH host keys
 ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "rm /etc/ssh/ssh_host_* && \
  ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N \"\" && \
  ssh-keygen -t ecdsa -b 521 -f /etc/ssh/ssh_host_ecdsa_key -N \"\" && \
  ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N \"\""
 echo '{"status": "success", "message": "System configuration completed successfully"}'
 # Reboot the system
 ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "nohup sh -c '(sleep 2 && reboot) &' > /dev/null 2>&1"