hashi-pi.json (5334B)
1 { 2 "variables": { 3 "hostname": "HashiPi0", 4 "username": "in0rdr", 5 "authorized_keys": "", 6 "img_url": "https://downloads.raspberrypi.org/raspios_lite_arm64/images/raspios_lite_arm64-2023-10-10/2023-10-10-raspios-bookworm-arm64-lite.img.xz", 7 "img_name": "raspi.img", 8 "flash_device_path": "/dev/sda", 9 "img_size": "4G", 10 "consul_version": "1.18.2", 11 "consul_server": "true", 12 "consul_encrypt": "", 13 "consul_tls_ca": "./tls/consul/consul-agent-ca.pem", 14 "consul_tls_certs": "./tls/consul/certs/", 15 "consul_retry_join": "\"pi0.lan\", \"pi1.lan\", \"pi2.lan\", \"pi3.lan\", \"pi4.lan\"", 16 "nomad_version": "1.7.7", 17 "nomad_server": "true", 18 "nomad_client": "true", 19 "nomad_nfs_server": "", 20 "nomad_nfs_mount": "", 21 "nomad_nfs_target": "", 22 "nomad_podman_driver_version": "0.5.2", 23 "nomad_vault_token": "", 24 "nomad_jenkins_uid": "1312", 25 "nomad_jenkins_gid": "1312", 26 "vault_version": "1.16.2", 27 "vault_tls_ca_cert": "./tls/vault/ca/vault_ca.pem", 28 "vault_tls_ca_key": "./tls/vault/ca/vault_ca.key", 29 "vault_tls_subj_alt_name": "IP:127.0.0.1", 30 "vault_transit_server": "", 31 "vault_transit_token": "" 32 }, 33 "sensitive-variables": [ 34 "consul_encrypt", 35 "consul_tls_server_key", 36 "consul_tls_client_key", 37 "consul_tls_cli_key", 38 "vault_transit_token" 39 ], 40 "builders": [{ 41 "type": "arm", 42 "file_urls" : ["{{ user `img_url` }}"], 43 "file_checksum_url": "{{ user `img_url` }}.sha256", 44 "file_checksum_type": "sha256", 45 "file_unarchive_cmd": ["xz", "-d", "$ARCHIVE_PATH"], 46 "file_target_extension": "xz", 47 "image_build_method": "resize", 48 "image_path": "{{ user `img_name` }}", 49 "image_size": "{{ user `img_size` }}", 50 "image_type": "dos", 51 "image_partitions": [ 52 { 53 "name": "boot", 54 "type": "c", 55 "start_sector": "8192", 56 "filesystem": "vfat", 57 "size": "256M", 58 "mountpoint": "/boot" 59 }, 60 { 61 "name": "root", 62 "type": "83", 63 "start_sector": "532480", 64 "filesystem": "ext4", 65 "size": "0", 66 "mountpoint": "/" 67 } 68 ], 69 "image_chroot_env": ["PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin"], 70 "qemu_binary_source_path": "/usr/bin/qemu-aarch64-static", 71 "qemu_binary_destination_path": "/usr/bin/qemu-aarch64-static" 72 }], 73 "provisioners": [ 74 { 75 "type": "file", 76 "source": "arm-builder/scripts/resizerootfs/resizerootfs", 77 "destination": "/tmp/resizerootfs" 78 }, 79 { 80 "type": "file", 81 "source": "arm-builder/scripts/resizerootfs/resizerootfs.service", 82 "destination": "/tmp/resizerootfs.service" 83 }, 84 { 85 "type": "shell", 86 "script": "bootstrap.sh", 87 "environment_vars": [ 88 "HOSTNAME={{ user `hostname` }}", 89 "USERNAME={{ user `username` }}", 90 "AUTHORIZED_KEYS={{ user `authorized_keys` }}", 91 "NOMAD_VERSION={{ user `nomad_version` }}", 92 "CONSUL_VERSION={{ user `consul_version` }}", 93 "VAULT_VERSION={{ user `vault_version` }}" 94 ] 95 }, 96 { 97 "type": "shell", 98 "inline": ["mkdir /tmp/tls"] 99 }, 100 { 101 "type": "file", 102 "source": "{{ user `consul_tls_ca` }}", 103 "destination": "/tmp/tls/consul-agent-ca.pem" 104 }, 105 { 106 "type": "file", 107 "source": "{{ user `consul_tls_certs` }}", 108 "destination": "/tmp/tls/" 109 }, 110 { 111 "type": "shell", 112 "script": "consul.sh", 113 "remote_folder": "/home/{{ user `username` }}", 114 "environment_vars": [ 115 "USERNAME={{ user `username` }}", 116 "CONSUL_SERVER={{ user `consul_server` }}", 117 "CONSUL_ENCRYPT={{ user `consul_encrypt` }}", 118 "CONSUL_RETRY_JOIN={{ user `consul_retry_join` }}" 119 ] 120 }, 121 { 122 "type": "shell", 123 "script": "nomad.sh", 124 "remote_folder": "/home/{{ user `username` }}", 125 "environment_vars": [ 126 "USERNAME={{ user `username` }}", 127 "NFS_SERVER={{ user `nomad_nfs_server` }}", 128 "NFS_MOUNT={{ user `nomad_nfs_mount` }}", 129 "NFS_MOUNT_TARGET={{ user `nomad_nfs_target` }}", 130 "NOMAD_SERVER={{ user `nomad_server` }}", 131 "NOMAD_CLIENT={{ user `nomad_client` }}", 132 "NOMAD_PODMAN_DRIVER_VERSION={{ user `nomad_podman_driver_version` }}", 133 "NOMAD_VAULT_TOKEN={{ user `nomad_vault_token` }}", 134 "NOMAD_JENKINS_UID={{ user `nomad_jenkins_uid` }}", 135 "NOMAD_JENKINS_GID={{ user `nomad_jenkins_gid` }}" 136 ] 137 }, 138 { 139 "destination": "/tmp/vault_ca.pem", 140 "source": "{{ user `vault_tls_ca_cert` }}", 141 "type": "file" 142 }, 143 { 144 "destination": "/tmp/vault_ca.key", 145 "source": "{{ user `vault_tls_ca_key` }}", 146 "type": "file" 147 }, 148 { 149 "type": "shell", 150 "script": "vault.sh", 151 "remote_folder": "/home/{{ user `username` }}", 152 "environment_vars": [ 153 "USERNAME={{ user `username` }}", 154 "HOSTNAME={{ user `hostname` }}", 155 "NOMAD_CLIENT={{ user `nomad_client` }}", 156 "VAULT_TLS_CA_CERT=/tmp/vault_ca.pem", 157 "VAULT_TLS_CA_KEY=/tmp/vault_ca.key", 158 "VAULT_TLS_SUBJ_ALT_NAME={{ user `vault_tls_subj_alt_name` }}", 159 "VAULT_TRANSIT_SERVER={{ user `vault_transit_server` }}", 160 "VAULT_TRANSIT_TOKEN={{ user `vault_transit_token` }}" 161 ] 162 } 163 ] 164 }