Chuck Nemeth

User Tools

Site Tools

Trace: Gruvbox Light Colorscheme
proxmox:kvm:kvm-automated

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
proxmox:kvm:kvm-automated [2020/05/27 21:55] – [CLI] chuckproxmox:kvm:kvm-automated [2021/11/10 06:58] (current) – ↷ Links adapted because of a move operation 173.245.52.212
Line 1: Line 1:
 ======Speedy KVM Creation====== ======Speedy KVM Creation======
-I created a special [[linux:distribution:debian:debian-10-preseed|Debian 10 preseed]] iso just for my Proxmox kvm machines. I can go from zero to ready to rock in under 10 minutes!+I created a special [[linux:distribution:debian:preseed:debian-10-preseed|Debian 10 preseed]] iso just for my Proxmox kvm machines. I can go from zero to ready to rock in under 10 minutes!
  
 ---- ----
Line 7: Line 7:
 The preseeded iso starts automatically, installs a few key packages, sets vim as my default editor and copies my ssh public key to my authorized_keys file so I can run the Ansible playbook right after install. The preseeded iso starts automatically, installs a few key packages, sets vim as my default editor and copies my ssh public key to my authorized_keys file so I can run the Ansible playbook right after install.
  
-  * I created the preseed file then added it to the ISO using my [[:linux:distribution:debian:debian-10-preseed#zero-interaction|Zero Interaction]] method.+  * I created the preseed file then added it to the ISO using my [[linux:distribution:debian:preseed:debian-10-preseed#zero-interaction|Zero Interaction]] method.
   * https://gitlab.com/preseed/preseed-kvm/-/blob/da3402a1f9331fd23816703f62057091b7a36045/preseed.cfg   * https://gitlab.com/preseed/preseed-kvm/-/blob/da3402a1f9331fd23816703f62057091b7a36045/preseed.cfg
  
Line 15: Line 15:
 I created a small playbook to configure the system for me so it's set up the way I like. I created a small playbook to configure the system for me so it's set up the way I like.
  
 +  * https://gitlab.com/ansible9/ansible-kvm/-/blob/master/basic_kvm.yml
   * Run it like so:<code>   * Run it like so:<code>
-ansible-playbook -v -b --ask-become-pass -i xxx.xxx.xxx.xxx, ansible.yml+ansible-playbook -v -b --ask-become-pass -i xxx.xxx.xxx.xxx, basic_kvm.yml
 </code> </code>
-  * The file: <file ansible kvm_init.yml> 
---- 
-- name: Initialize KVM VM 
-  hosts: all 
-  vars: 
-    admin_user: chuck 
-    admin_group: chuck 
-  tasks: 
-    - name: Create ssh-user group 
-      group: 
-        name: ssh-user 
-        gid: 1010 
-        state: present 
  
-    - name: Add {{ admin_user }} to ssh-user group 
-      user: 
-        name: "{{ admin_user }}" 
-        groups: ssh-user 
-        append: yes 
-        
-    - name: Create dotfiles directory 
-      become: yes 
-      become_user: "{{ admin_user }}" 
-      file: 
-        path: "/home/{{ admin_user }}/.dotfiles" 
-        owner: "{{ admin_user }}" 
-        group: "{{ admin_group }}" 
-        state: directory 
-        mode: '0755' 
  
-    name: Delete default dotfiles +----
-      become: yes +
-      become_user: "{{ admin_user }}" +
-      file: +
-        path: "/home/{{ admin_user }}/{{ item }}" +
-        state: absent +
-      with_items: +
-        .bashrc +
-        .bash_profile +
-        .bash_logout +
- +
-    - name: Clone dotfiles +
-      become: yes +
-      become_user: "{{ admin_user }}" +
-      git: +
-        repo: "{{ item.repo }}" +
-        dest: "/home/{{ admin_user }}/.dotfiles/{{ item.name }}" +
-      loop: +
-        - { name: 'bash', repo: 'https://gitlab.com/dotfiles1/dotfiles-bash.git'+
-        - { name: 'screen', repo: 'https://gitlab.com/dotfiles1/dotfiles-screen.git' }  +
-        - { name: 'vim', repo: 'https://gitlab.com/dotfiles1/dotfiles-vim.git'+
-        - { name: 'git', repo: 'https://gitlab.com/dotfiles1/dotfiles-git.git'+
-        - { name: 'motd', repo: 'https://gitlab.com/dotfiles1/dotfiles-motd.git'+
- +
-    - name: Stow dotfiles +
-      become: yes +
-      become_user: "{{ admin_user }}" +
-      command: stow "{{ item }}" +
-      args: +
-        chdir: "/home/{{ admin_user }}/.dotfiles" +
-      loop:  +
-        - bash +
-        - git +
-        - screen +
-        - vim +
- +
-    - name: Install MOTD +
-      become: yes +
-      copy: +
-        src: "/home/{{ admin_user }}/.dotfiles/motd/{{ item }}" +
-        dest: "/etc/update-motd.d/{{ item }}" +
-        remote_src: yes +
-        owner: root +
-        group: root +
-        mode: 0755 +
-      loop: +
-        - 10-uname +
-        - 20-sysinfo +
-        - 90-fortune +
- +
-    - name: Set PAM motd +
-      become: yes +
-      lineinfile: +
-        backup: yes +
-        path: /etc/pam.d/sshd +
-        regexp: 'noupdate$' +
-        line: '#session    optional      pam_motd.so noupdate' +
- +
-    - name: Disable password ssh +
-      become: yes +
-      lineinfile: +
-        path: /etc/ssh/sshd_config +
-        regexp: "#PasswordAuthenticaiton yes" +
-        line: "PasswordAuthentication no" +
- +
-    - name: Restrict ssh to ssh-user group +
-      become: yes +
-      blockinfile: +
-        path: /etc/ssh/sshd_config +
-        block: "AllowGroups ssh-user"+
  
-    - name: Add {{ admin_user }} to /etc/security/access.conf +=====Configure pfSense===== 
-      become: yes +If it's a VM that I plan on keeping around for a while, I'll give it a static IP address in pfSense before installing Debian. The preseed will use the hostname I assigned it in pfSense as the system hostname when configuring the network via DHCP. 
-      blockinfile: +
-        path: /etc/security/access.conf +
-        block: '+:{{ admin_user }}:ALL'+
  
-    - name: Configure PAM +Otherwise, the system's hostname will be set as //hostname// and it will be assigned an ip address outside of the 'reservedaddresses for the vlan I added it to.
-      become: yes +
-      lineinfile: +
-        path: /etc/pam.d/sshd +
-        regexp: 'pam_access.so$' +
-        line: 'account required    pam_access.so' +
-</file>+
  
 ---- ----
- 
 =====Create a VM===== =====Create a VM=====
 ====GUI==== ====GUI====
Line 156: Line 50:
   * Pick a free vmid and create a new VM with your preferred settings:<code>   * Pick a free vmid and create a new VM with your preferred settings:<code>
 sudo qm create 150 --cdrom sas-storage:iso/preseed-debian-10.4.iso \ sudo qm create 150 --cdrom sas-storage:iso/preseed-debian-10.4.iso \
---name preseed --numa 0 --ostype l26 \ +  --name preseed --numa 0 --ostype l26 \ 
---cpu cputype=host --cores 2 --sockets 2 \ +  --cpu cputype=host --cores 2 --sockets 2 \ 
---memory 4096  \ +  --memory 4096  \ 
---net0 bridge=vmbr90,virtio \ +  --net0 bridge=vmbr90,virtio \ 
---bootdisk scsi0 --scsihw virtio-scsi-pci --scsi0 file=ssd-lvm:32 \ +  --bootdisk scsi0 --scsihw virtio-scsi-pci --scsi0 file=ssd-lvm:32 \ 
---serial0 socket --vga qxl --audio0 device=ich9-intel-hda,driver=spice+  --serial0 socket --vga qxl --audio0 device=ich9-intel-hda,driver=spice 
 + 
 +# I'll add macaddr=XX:XX:XX:XX:XX:XX to the --net0 section if I want to pre-configure the ip in pfSense beforehand.
 </code> </code>
   * Start the vm:<code>   * Start the vm:<code>
Line 168: Line 64:
   * Wait for it to complete.   * Wait for it to complete.
   * Run the ansible playbook.   * Run the ansible playbook.
 +  * Enjoy!
 +  * See ''%%man qm%%'' for more info
  
 ---- ----
proxmox/kvm/kvm-automated.1590616503.txt.gz · Last modified: by chuck