diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index 981158c..1f4f2dd 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -2,23 +2,23 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/dmacvicar/libvirt" { - version = "0.7.6" - constraints = "0.7.6" + version = "0.8.1" + constraints = "0.8.1" hashes = [ - "h1:mmbm4vTyC/DCGO4Ed/vbp5AKvy1gmVn/94fzB9VmR08=", - "zh:0bde54f6f658b20b620b875daf106b5b25b1bae4d15408d6c5f06d58360e254d", - "zh:0c97c6930015918b8a34b6d7a2b0c3d17a649c226fcd1874fcba5bbbc0f35972", - "zh:1bdd7aa0011c5f024a09a124836ee9bc8e71b05a6ece810c61824275fd3f695f", - "zh:2b0cc7c794e4caf395d84ffff0b380d17e4b3219a4696264271bfe5059450efe", - "zh:2f8633f7fe07f76c188836ed6f93321ec5fbf5c004bc7699e1741d9b21ed5f37", - "zh:5bf47eed286ce55ed10a5cf657de49a34ab21cc8677c56fef3aab69cdde41a27", - "zh:7dca790fc5fd1d42bc4bc7170be003a7093602026d0f95c8aab84ad551fdf2a4", - "zh:80476b68bc84e3d661d1390025f83879b88f9cdc836de9751af09bd5716089cb", - "zh:82f3e2f3f50176cd6041c8ba36e295cbda1b289ef52ab75b5eceb0f921f64f7b", - "zh:a179b165f3b9bb9a67ebbbf9d73157ded33f02d476b2f58906389dca03b653c9", - "zh:acae54a5d0616f22b3180ddd8e8aad39af664e604394fdacf1f7b337bca2d5b4", - "zh:da4406a2428a9a7e98272c032cb93431c3919253af2fe9934b532d26c0deab09", - "zh:f63dbd8e579ab5268d01ffab4503b8a8e736b70d1a04e4f271559ba8dd133dcd", - "zh:f85c1d9e51a94ecde137435c9d6b0fb7be590437ea8a725334d1577eebbc550c", + "h1:IKy4tvKIxwGjzvLwVp/gfm9Ce8Iegqx0u3tuPXlwYLM=", + "zh:126b9c265f5c2c4faf9b6ea6abfd3f86639d6301ba99d11cb87caae65e91eca4", + "zh:282527a99f75468fe20a59e207ccc71f5de545548f1b0c6a4d235cc3664ff095", + "zh:3b44aba6825ef5c909607ac5ec7e2f286de4e8ecc36cc00e3a0780bba372f248", + "zh:41dfed618ef200061d2b7c991fbda7dd8c9c3a919d5952a4ce26315fa2f698e0", + "zh:43e628f793bef68892eefbd9afc571d2314df225c7dd78485a75fbc9e2869442", + "zh:478bb7bd04df95b8d71a33c1bc0d0f8b5ff2fc807c118ca3129ba6b3507fdb70", + "zh:65a5b3c1497e1b12b6d6b9feab2174fc58e861c164c08cdecf2bca10e4612fd4", + "zh:6f07753897cc9e3e9031597548e8716e39bfe7b348d7f271f67a477e1f5c9c22", + "zh:72282261a35e81895d002d6ec2b799404183803f55f5a4ecdb85ab2925196f5d", + "zh:7a7853515f4b9a30f76c10f3c38df4d7562b6b55332a9c07477364a49d2b462f", + "zh:a14dbc814c8aa5ba26b7a4195c28c4822f5024767a10f643de3822b0e32f7be1", + "zh:baa396ad19bb486ac356a89ec759b9355c4fb0a94fd67e49980a2e57fc243960", + "zh:ec626cc9e0e30321313c0ce80aea0dcca9f468da0530ee66beb217526fe8f8ea", + "zh:f4ee4844f3b8ef3d2c13fea620cc816f725daccb596cea0a2f6b18301b9f1d1a", ] } diff --git a/flake.nix b/flake.nix index 206ec36..432e4b9 100644 --- a/flake.nix +++ b/flake.nix @@ -18,6 +18,7 @@ cdrtools kubectl openlens + kubernetes-helm ]; }; }; diff --git a/main.tf b/main.tf index c0d095e..93cbc1d 100644 --- a/main.tf +++ b/main.tf @@ -67,20 +67,38 @@ resource "libvirt_cloudinit_disk" "commoninit" { name = "commoninit.iso" user_data = <<-EOF #cloud-config - password: passw0rd - chpasswd: { expire: False } - ssh_pwauth: True + ssh_pwauth: false + disable_root: false + chpasswd: + list: | + root:password + expire: false + users: + - name: ubuntu + sudo: ALL=(ALL) NOPASSWD:ALL + groups: users, admin + home: /home/ubuntu + shell: /bin/bash + lock_passwd: false + ssh-authorized-keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDFJXEiOlfpKVRYpKvD7e3MlCv+8I0wR9Ed6dPzkCH/0sdUya6cS2Cyh69ctw94CZZ35d0ahhbiDphe8Dz4KeWOdP9WcgG+88JhOEQBiz3tqXT4sP9a2jitdyCkLNnqkrcz9WokC/l8M/RbmFrMJxBhnE5xq++5CcOq/CPxIqtgTiCb6w0R+QxAtjB6jrZ8iuDujmeDHtts+TJ9iDDaS+vckkM5g4M8fprP1/CHIM4rQH2kD8LPy8XLUlPgr3hpJq+FH/2k7dxd7yYUdQG/CYr31x2NfYPAArgosmZHVPttjGljkS5IPr1WDBugXBMian5Oi/7iYE1pRo73NJTarFdfvegTz+emZbOId5O50LofZY7eacGD2XOiN995wStXYUlINjHVCARERk2JCCKoiCaR49aGTala6h2RspkumK46kMvUsrhSPhUu19z8phqYnohEKgmJJfpZeRIFAfZzsX47acAW4MzyJhDFPo53PRKn34sqL1SnL0plqfACeKJbhz8= alex@camulodunum runcmd: - swapoff -a - sed -i '/ swap / s/^/#/' /etc/fstab - apt-get update && apt-get install -y apt-transport-https curl - - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - - - add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" + - install -m 0755 -d /etc/apt/keyrings + - curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc + - chmod a+r /etc/apt/keyrings/docker.asc + - echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null - apt-get update && apt-get install -y docker-ce docker-ce-cli containerd.io - - curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - - - echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | tee -a /etc/apt/sources.list.d/kubernetes.list - - apt-get update - - apt-get install -y kubelet kubeadm + - sed -i 's/disabled_plugins = \["cri"\]/disabled_plugins = []/' /etc/containerd/config.toml + - systemctl restart containerd + - curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg + - echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list + - apt-get update && apt-get install -y kubelet kubeadm kubectl + - curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 + - chmod 700 get_helm.sh + - ./get_helm.sh EOF network_config = <<-EOF version: 2