diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-01-01 23:00:13 +0100 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-01-01 23:00:13 +0100 |
| commit | b26b8e0a686c6fbd9a777120537def1015a074fa (patch) | |
| tree | 40ac42fe51b72e0ba2c9a649c947e8a0f63eb703 | |
| download | nspawn-b26b8e0a686c6fbd9a777120537def1015a074fa.tar.gz nspawn-b26b8e0a686c6fbd9a777120537def1015a074fa.tar.xz | |
Setup nspawn?
| -rw-r--r-- | manifests/machine.pp | 40 | ||||
| -rw-r--r-- | manifests/os/arch.pp | 58 | ||||
| -rw-r--r-- | manifests/os/debian.pp | 61 | ||||
| -rw-r--r-- | manifests/setup.pp | 14 |
4 files changed, 173 insertions, 0 deletions
diff --git a/manifests/machine.pp b/manifests/machine.pp new file mode 100644 index 0000000..b308b74 --- /dev/null +++ b/manifests/machine.pp @@ -0,0 +1,40 @@ +define nspawn::machine ( + String $os, + String $os_version, + String $machine = $name, + Boolean $enable = false, +) { + + require ::nspawn::setup + + file { "/etc/systemd/nspawn/${machine}.nspawn": + content => @("EOF") + [Exec] + Hostname=${machine}.adrift.space + Boot=true + # /usr/lib/systemd/resolv.conf + ResolvConf=copy-static + + [Network] + Bridge=br0 + | EOF + } + + case $os { + 'debian': { + nspawn::os::debian { $machine: + os_version => $os_version, + } + } + 'arch': { + nspawn::os::arch { $machine: + } + } + # TODO default fail + } + + service { "systemd-nspawn@${machine}.service": + enable => true, + } + +} diff --git a/manifests/os/arch.pp b/manifests/os/arch.pp new file mode 100644 index 0000000..4f83546 --- /dev/null +++ b/manifests/os/arch.pp @@ -0,0 +1,58 @@ +define nspawn::os::arch ( + String $machine = $name, +) { + + ensure_packages(['arch-install-scripts']) + + exec { "/usr/bin/pacstrap /var/lib/machines/${machine} base puppet": + creates => "/var/lib/machines/${machine}/etc/os-release", + } + + file { "/var/lib/machines/${machine}/etc/systemd/network.d/20-puppet.conf": + content => @(EOF) + [Match] + Name=host0 + + [Network] + Address=10.0.0.43/23 + Gateway=10.0.0.1 + IPv6AcceptRA=1 + | EOF + } + + $symlinks = [ + [ '/etc/systemd/system/dbus-org.freedesktop.network1.service', + '/usr/lib/systemd/system/systemd-networkd.service' ], + [ '/etc/systemd/system/multi-user.target.wants/systemd-networkd.service', + '/usr/lib/systemd/system/systemd-networkd.service' ], + [ '/etc/systemd/system/sockets.target.wants/systemd-networkd.socket', + '/usr/lib/systemd/system/systemd-networkd.socket' ], + [ '/etc/systemd/system/sysinit.target.wants/systemd-network-generator.service', + '/usr/lib/systemd/system/systemd-network-generator.service' ], + [ '/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service', + '/usr/lib/systemd/system/systemd-networkd-wait-online.service' ], + ] + + $symlinks.each |$pair| { + $where = $pair[0] + $target = $pair[1] + file { "/var/lib/machines/${machine}/${where}": + ensure => link, + target => $target, + } + } + + + file { "/var/lib/machines/${machine}/etc/systemd/network.d/20-puppet.conf": + content => @(EOF) + [Match] + Name=host0 + + [Network] + Address=10.0.0.43/23 + Gateway=10.0.0.1 + IPv6AcceptRA=1 + | EOF + } + +} diff --git a/manifests/os/debian.pp b/manifests/os/debian.pp new file mode 100644 index 0000000..c821ba6 --- /dev/null +++ b/manifests/os/debian.pp @@ -0,0 +1,61 @@ +define nspawn::os::debian ( + String $os_version, + String $machine = $name, +) { + ensure_packages(['debootstrap']) + + exec { "/usr/bin/deboostrap ${os_version} /var/lib/machines/${machine}": + creates => "/var/lib/machines/${machine}/etc/os-release", + } + + file { "/var/lib/machines/${machine}/etc/network/interfaces": + ensure => file, + content => @(EOF) + # File managed by puppet + # See interfaces(5) + source-directory /etc/network/interfaces.d + | EOF + } + + file { "/var/lib/machines/${machine}/etc/network/interfaces.d": + ensure => directory, + } + + file { "/var/lib/machines/${machine}/etc/network/interfaces.d/puppet": + ensure => file, + content => @(EOF) + # File managed by puppet + auto host0 + # allow-hotplug host0 + + iface host0 inet static + address 10.0.0.42/23 + gateway 10.0.0.1 + + iface host0 inet6 auto + private 0 + | EOF + } + + file { "/var/lib/machines/${machine}/tmp/puppet7-release/${os_version}.deb": + ensure => file, + source => "https://apt.puppet.com/puppet7-release-${os_version}.deb" + } + ~> exec { "Set up puppet repo for ${machine}": + command => [ '/usr/bin/systemd-nspawn', + '-M', $machine, + '--quiet', + '/bin/sh', '-c', + "dpkg -i '/tmp/puppet7-release-${os_version}.deb' && apt update" + ], + } + + exec { "install puppet-agent on ${machine}": + command => [ '/usr/bin/systemd-nspawn', + '-M', $machine, + '--quiet', + 'apt', 'install', 'puppet-agent', + ], + creates => "/var/lib/machines/${machine}/opt/puppetlabs/bin/puppet", + } +} diff --git a/manifests/setup.pp b/manifests/setup.pp new file mode 100644 index 0000000..ffd90ee --- /dev/null +++ b/manifests/setup.pp @@ -0,0 +1,14 @@ +class nspawn::setup { + + file { '/usr/lib/systemd/resolv.conf': + ensure => file, + content => @(EOF) + # File /usr/lib/systemd/resolv.conf managed by puppet + # Local changes will be overwritten + nameserver 10.0.0.40 + search adrift.space + | EOF + } + + +} |