Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add cloud-init capability for Ubuntu #2

Open
wants to merge 35 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 32 commits
Commits
Show all changes
35 commits
Select commit Hold shift + click to select a range
cfb7e20
add cloud init ability for ubunut. Fix issues when setting hostname/u…
windrad6 Nov 27, 2021
0e72923
Changed create_image.sh
vincent-bareiss Dec 22, 2021
cc6e0fd
flash iamge script
Jan 7, 2022
0f3ae46
Flash image script and support for branches
vincent-bareiss Jan 9, 2022
0b5daaa
Fix branch and access token options
vincent-bareiss Jan 9, 2022
6d8727f
Changed vault pass generation
vincent-bareiss Jan 9, 2022
33b2f6e
Add automatic vault decryption
vincent-bareiss Jan 9, 2022
19a4b16
Rename flash_image to update image
vincent-bareiss Jan 12, 2022
d5e661f
Add git options
vincent-bareiss Jan 12, 2022
5d31615
Added git
vincent-bareiss Jan 17, 2022
cab9cb5
WIP: encrypting files with vaul
vincent-bareiss Jan 17, 2022
da224c0
Add password store and GPG
vincent-bareiss Jan 26, 2022
e5ab674
replace tab with 2 spaces
vincent-bareiss Jan 26, 2022
d3ed475
changed how vault passwords are created/handeled
vincent-bareiss Jan 26, 2022
6512bf4
various fixes
stv0g Jan 31, 2022
169b4e2
Update Readme
vincent-bareiss Feb 1, 2022
2e12022
Change acslab to openvpn and make ovpn+snmp opt
vincent-bareiss Feb 14, 2022
b8c36a2
Add dependency checks
vincent-bareiss Feb 14, 2022
fadb7b1
Fix wrong setting dialog
vincent-bareiss Feb 14, 2022
3bde8a1
fix small errors
vincent-bareiss Feb 14, 2022
f0fc2eb
add docker functionality
vincent-bareiss Feb 15, 2022
dd75d85
small fixes
windrad6 Feb 16, 2022
e40be71
strip color bytes from pass output
vincent-bareiss Apr 10, 2022
42e5764
Changes to reflect new structure of pass repo
vincent-bareiss Jul 19, 2022
1167b2f
fix spelling mistake in gpg key import
Sep 15, 2022
1d23764
update for docker compose
windrad6 Mar 14, 2024
cc52e9b
added env to create script
windrad6 Apr 16, 2024
b577c35
add ansible vault secret generation, fix hostname setting, update readme
windrad6 Apr 17, 2024
b1614b3
remove git token. Now part of the git url
windrad6 Apr 17, 2024
223e09f
Merge pull request #6 from windrad6/development
windrad6 Apr 23, 2024
69d3da0
Allow generation of images based on ubuntu 24.04
Hobbbbes Apr 30, 2024
39911c7
Merge pull request #7 from Hobbbbes/ubuntu24.04
windrad6 May 14, 2024
0535c6b
Added support for a VAULT_KEY env variable
May 27, 2024
b684ce2
Added info about VAULT_KEY variable to README.md and fixed the flavor…
May 27, 2024
37eeadd
Merge pull request #8 from Hobbbbes/vaultkey
windrad6 Jul 2, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
out/*
env
16 changes: 16 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
FROM ubuntu:22.04

#Get dependencies
RUN DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt update && apt-get -y install tzdata
ENV LIBGUESTFS_BACKEND=direct

WORKDIR /tmp
RUN apt-get install --no-install-recommends --no-install-suggests -y libguestfs-tools qemu-utils linux-image-generic wget unzip zip
# RUN git clone https://github.com/cl0-de/riasc-provisioning.git -b development
ENV FLAVOR=raspios
ENV REPOFOLDER=/tmp
# ENV LIBGUESTFS_DEBUG=1
# ENV LIBGUESTFS_TRACE=1
# RUN ./riasc-provisioning/rpi/create_image.sh

CMD ${REPOFOLDER}/riasc/rpi/create_image.sh
79 changes: 67 additions & 12 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,30 +1,85 @@
# RIasC Provisioning Scripts
# Raspberry PI Image generation

[![GitHub](https://img.shields.io/github/license/ERIGrid2/riasc-provisioning)](https://github.com/ERIGrid2/riasc-provisioning/blob/master/LICENSE)
This project generates and customizes a Raspberry Pi image, either for Ubuntu or Raspberry Pi OS. The script is build for running within a docker container.

The customizations include:
* Generating or adding a `vaultkey.secret` file
* Updating Ansible configuration in `/boot/firmware/riasc.yaml`
* Updating cloud-init file in `/boot/firmware/user-data`
* Setting GIT Ansible repor in `/boot/firmware/riasc.yaml`
* Adding and enabling GIT based Ansible updates on reboot

- **Based on:** <https://github.com/k3s-io/k3s-ansible>

## Introduction
## Usage

1) Switch to direcory with Dockerfile to build image
```
docker build --tag "imagebuilder" .
```
2) Create `env` file:
```
GIT_URL=https://mygiturl
FLAVOR=ubuntu22.04
GIT_BRANCH=mybranch
NODENAME=myhost
TAG=test
```
3) Run docker container to generate image
```
docker run \
--volume ./:/tmp/riasc \
--volume ./out/:/tmp/data \
--env-file ./env \
imagebuilder
```
4) Image is placed in ´out/output´ folder
5) Copy image to SD card. Either using dd or the Raspberry Pi Imiger

## Documentation

For further documentation, please consult: https://riasc.eu/docs/
## List of available variables
| Variable | Info |
| - | - |
|GIT_URL | URL to ansible git repository|
|FLAVOR | Falvor of os. See list of flavors|
|GIT_BRANCH | Branch used in ansible git pull|
|NODENAME | The hostname of the device|
|TAG | A tag that is added to the name|
|RAW_OUTPOUT | Set to yes to get the .img file as output|
|TOKEN | A token used by Ansible|

## System requirements
### List of flavors

The scripts have been tested with the following operating systems:
ubuntu22.04

- Ubuntu 20.03
- Raspbian Buster
ubuntu20.04

## Usage
raspios


# Help

## How to mount the generated image to check the content?

Check for the partitions in the image file:

`fdisk -lu ubuntu-22.04.4-preinstalled-server-arm64+raspi.img`

Run mount command. Make sure to update the offset (526336) for the correct value

`mount ubuntu-22.04.4-preinstalled-server-arm64+raspi.img -o loop,offset=$(( 512 * 526336)) /mnt/`

## How to add my custom secrets file for ansible vaults?
Copy the file in `out/output`. and make sure that the name is NODENAME-vaultkey.secret


[![GitHub](https://img.shields.io/github/license/ERIGrid2/riasc-provisioning)](https://github.com/ERIGrid2/riasc-provisioning/blob/master/LICENSE)

See: https://riasc.eu/docs/setup/agent/manual

## Credits

- [Steffen Vogel](https://github.com/stv0g) [📧](mailto:post@steffenvogel.de), [Institute for Automation of Complex Power Systems](https://www.acs.eonerc.rwth-aachen.de), [RWTH Aachen University](https://www.rwth-aachen.de)
- [Vincent Bareiß]() [📧](mailto:), [Institute for Automation of Complex Power Systems](https://www.acs.eonerc.rwth-aachen.de), [RWTH Aachen University](https://www.rwth-aachen.de)
- [Manuel Pitz](https://https://github.com/windrad6) [📧](mailto:post@cl0.de), [Institute for Automation of Complex Power Systems](https://www.acs.eonerc.rwth-aachen.de), [RWTH Aachen University](https://www.rwth-aachen.de)

### Funding acknowledment

Expand Down
8 changes: 8 additions & 0 deletions common/riasc-update.sh
Original file line number Diff line number Diff line change
Expand Up @@ -150,11 +150,19 @@ ANSIBLE_EXTRA_VARS="$(config --tojson --indent 0 .ansible.variables)"
ANSIBLE_OPTS=" --url $(config .ansible.url)"
ANSIBLE_OPTS+=" --inventory $(config .ansible.inventory)"
ANSIBLE_OPTS+=" $(config '.ansible.extra_args // [ ] | join(" ")')"
if [ -f /boot/firmware/vaultkey.secret ]; then
ANSIBLE_OPTS+=" --vault-password-file /boot/firmware/vaultkey.secret"
fi


if [ $(config '.ansible.verify_commit') == "true" ]; then
ANSIBLE_OPTS+="--verify-commit"
fi

if ! [ $(config '.ansible.branch') = null ]; then
ANSIBLE_OPTS+=" --checkout $(config '.ansible.branch')"
fi

# Run Ansible playbook
log "Running Ansible playbook..."
ANSIBLE_FORCE_COLOR=1 \
Expand Down
37 changes: 0 additions & 37 deletions common/riasc.edgeflex.yaml

This file was deleted.

File renamed without changes.
40 changes: 40 additions & 0 deletions common/riasc.ubuntu.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
---
# RIasC configuration file
# See also: https://erigrid2.github.io/riasc/docs/setup/config

# A unique hostname to identify the node
hostname: dummyHostname

ansible:
# List of PGP keys which are used to verify the commits in the Ansible repo
keys: []

keyserver: keys.openpgp.org

# A repository containing ansible playbooks which will be fetched via ansible-pull
url: dummyGitUrl

verify_commit: false

# The playbook which should be provision the node
playbook: playbook.yml

# A path to the Ansible inventory within the repo from above
inventory: inventory/edgeflex/hosts.yml

# extra_args:
# - --only-if-changed

# Additional variables which are passed to the Ansible playbook for provisioning
variables:

# A list of SSH keys which will be added to the 'pi' user
#additional_ssh_keys:
#- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDOmn+2RUo3XrHmm7h3w647+f6DlV5wXzBJSYLa7NBVlEasBd6Gxp4HDh1iKmNgZrneqXWOAH19P41k1qiwAx8/gUYDlnoah30RWp3qlXXIN+RUCUyUx34tatGTSDynuAyYKAOg0CawK066pSaRsMan2JdhL+r0YAKDXswMU8NVdc32AFTJLrZyGzlrFn4y7hSgHCtOy2RvoULWcjVtcF0GLuSr3WCLUwm1Qy83tft++5FJCcNtg986or5OOeWtZxFU035Q+2Khd2JqyweFTmCMRXEXAzUMv6Lqxuw19qpK4eOOU59oybXlga5yLFZY0CVBK8XVVnA0pkCnabQPHvVJWL7tcDVvzfnd0JdHpQ6oMsYFM7MdncKbHay5/g/tUz34WXPPAPWvciyLkI1NMV++JpaPeMEkAvrsUUZMko+4EQ75ZErUOY3PAJG+2Jilb79QTRMzpCVWfQ0A/Zx1O7Y0sLks+f5VDJaPnHl0vXetFIkEpv9XjomNZgp81m3XRItJh0+BwGqoYtc+MTLelAu0oap1LyHSbpBWGzKxi2tW9VOrX7/pI18f0AhhCc/BG/6UFjMhyYzGj9wg6HWAo1N8hlhdeuNic004hbADX7qzXJMyVEol5AL0rpu3j3j5zTeULY3HxiE+FC6yKg1DKvcxHkmwXoWJYwW9yAgYDyjhbw==" # Manuel Pitz
# Set this to true if you want to login via SSH keys only.
# If you dont have an SSH key, set this to false.
# Important: Dont forget to change the default password after your first login!
disable_password_login: false

# Replace this token with the token provided by your RIasC provider
token: XXXXX # changeme!
3 changes: 3 additions & 0 deletions common/villas_docker.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
hostname: villas-box

ansible:
1 change: 1 addition & 0 deletions rpi/.gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,4 @@ patch.fish
riasc.yaml
fallback-ntp.conf
keys/
edgepmu*/
Loading