- Read the comments.
- Write comments.
Future Cleanup:
- After virtualbox reaches testing and/or stable
- After salt>=3004.0 reaches stable
Roadmap/Goldplating:
- Move "teckhost_agent" to salt states
- MOK certificate (for virtualbox)
Install dependencies:
apt install virtualbox libarchive-tools syslinux xorriso isolinux
Download and cache "latest" debian-netinst.iso:
# TH_SRC can also be a local path (TH_CKSUM will be ignored) export TH_SRC='https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/current/amd64/iso-cd/firmware-11.3.0-amd64-netinst.iso' export TH_CKSUM='eba7ce7823681a610f9f23d6468976517ed92b6b90acec4ac55df62b0a090050bba0145ef5c07f544b92569cd10e9572f4e9f7c3415b3323abffa51cd7c5d4f4'
Build the Default ISO:
make teckhost.iso
Run tests:
make test
Build and log in to dev box (requires virtualbox):
make testpc1 make testpc1-ssh
- cicd-release: Production Deployment
- master: Root of CI/CD Pipeline
All changes are pushed to master and then promoted to cicd-release after
the CI/CD (build+install+validate) tests pass. The cicd-release branch should
be protected to prevent unexpected changes.
The devdir is a salt grain that provides salt-minion a local file
system path where states should be found--instead of git.
Note
The devdir variable will have different values in different scripts.
1) /srv/salt inside the vm; 2) $PWD outside the vm
Salt is the primary tool for maintaining systems. Most of the deployment process
is wrapper processes meant to get salt installed and running as quickly as
possible. Salt installation is meant to be done using the bootstrap script
which can be triggered at the end of a machine installation or VPS creation.
General Process:
- Obtain netinstall iso (most likely version w/ firmware)
- Build ISO with
build_iso(Step 1 can be replaced with env vars) - Copy ISO to flash drive (with
mbufferordd) - Boot to installer and choose either LVM or Encrypted
- Provide network/hostname/keys
The iso/build_iso script will take a debian installer iso as input and
produce a custom ISO which includes automated installer options (and one menu
item for recovery).
Usage Example:
./build_iso -i ~/downloads/debian-11.3.0-amd64-netinst.iso -o ~/teckhost.iso sudo mbuffer -i teckhost.iso -o /dev/sda
In order to provide as few prompts as possible, the default teckhost.iso
includes a preseed file that makes assumptions about hardware (nvme, >100G).
This preseed file has two primary goals: 1) get minimum information (wifi,
hostname, decryption key(s)) from the user, and 2) use :ref:`Salt Bootstrap
<bootstrap>` to run a highstate.
Key Targets:
make teckhost.isomake testmake testpc1_<version>make ssh-testpc1-usermake ssh-testpc1-adminmake clean