feat: create basic debian VM, pre-load it with my SSH keys, install

nginx, ufw, setup docker and test it all
This commit is contained in:
Aravinth Manivannan 2022-10-30 00:32:01 +05:30
commit ed4d3a4420
Signed by: realaravinth
GPG key ID: AD9F0F08E855ED88
16 changed files with 1805 additions and 0 deletions

6
debian/debian/.gitignore vendored Normal file
View file

@ -0,0 +1,6 @@
plan
.terraform/
.pytest_cache/
venv/
__pycache__/
ansible/inventory/hosts.ini

60
debian/debian/.terraform.lock.hcl vendored Normal file
View file

@ -0,0 +1,60 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/dmacvicar/libvirt" {
version = "0.7.0"
constraints = "~> 0.7.0"
hashes = [
"h1:1RiomFBEdgi6GvqaAf16mW6bRqrxAV0P47HKKwETH3E=",
"zh:1161bfcac075d5790c9b36145811d95241622636b859222f995888471ba04efa",
"zh:317bca5edd36e2497e0ac2ed07dd5e7f09cfd5561a96607cb53fe1af6b0632c0",
"zh:4fa67e3baf6845148f2b4e617fb01c47f0971ce2d945efa805ac5c3820bb0ca6",
"zh:6e17f5f24373e21c0ff463d36d9caa4f08528e13764c5d1d7eceb719dcef6a14",
"zh:84622e2aca8bc91d71d3596fcd1b298c5dfe572c8722ab98084495d26b5c5e7d",
"zh:8ce125d872b26ce9b71a729437eb8ab36944a86da3784edaab7368af43ca3858",
"zh:8fc7eee76776d515c023d013c018a7b9816f0e840578af01bfaf58e49f020c03",
"zh:a4d6fccc0188746be35488396c431e4b313cd1221df408871c710d3a7382b02e",
"zh:b575bb2d2f8987043aecbb22ac3bbf1e9c8b9da49b201b6b225baf2b4595dae4",
"zh:b65b1733c29a09491912a98a829b19c9842af5971fbb358bc0e979b95bf33248",
"zh:b8266ed7b4bce4791fee5433d102d89187974a273574d69f637cfdeb913462c2",
"zh:bd0b842d6f694c6d558d3329a2c157dd9d84074d618d5ced891ef36798b1c97b",
"zh:dacf0299c2c11d84bdaa2f614ca14aeac36ffba0f20dff5a63437a81a61f6867",
"zh:e8c92794a06df42c15ff071859e99c6e95e93dcb40797c4128d31d3a47a27923",
]
}
provider "registry.terraform.io/hashicorp/local" {
version = "2.2.3"
hashes = [
"h1:aWp5iSUxBGgPv1UnV5yag9Pb0N+U1I0sZb38AXBFO8A=",
"zh:04f0978bb3e052707b8e82e46780c371ac1c66b689b4a23bbc2f58865ab7d5c0",
"zh:6484f1b3e9e3771eb7cc8e8bab8b35f939a55d550b3f4fb2ab141a24269ee6aa",
"zh:78a56d59a013cb0f7eb1c92815d6eb5cf07f8b5f0ae20b96d049e73db915b238",
"zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
"zh:8aa9950f4c4db37239bcb62e19910c49e47043f6c8587e5b0396619923657797",
"zh:996beea85f9084a725ff0e6473a4594deb5266727c5f56e9c1c7c62ded6addbb",
"zh:9a7ef7a21f48fabfd145b2e2a4240ca57517ad155017e86a30860d7c0c109de3",
"zh:a63e70ac052aa25120113bcddd50c1f3cfe61f681a93a50cea5595a4b2cc3e1c",
"zh:a6e8d46f94108e049ad85dbed60354236dc0b9b5ec8eabe01c4580280a43d3b8",
"zh:bb112ce7efbfcfa0e65ed97fa245ef348e0fd5bfa5a7e4ab2091a9bd469f0a9e",
"zh:d7bec0da5c094c6955efed100f3fe22fca8866859f87c025be1760feb174d6d9",
"zh:fb9f271b72094d07cef8154cd3d50e9aa818a0ea39130bc193132ad7b23076fd",
]
}
provider "registry.terraform.io/hashicorp/template" {
version = "2.2.0"
hashes = [
"h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
"zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
"zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
"zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
"zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
"zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
"zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
"zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
"zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
"zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
"zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
]
}

33
debian/debian/Makefile vendored Normal file
View file

@ -0,0 +1,33 @@
default:
echo yes | terraform destroy
terraform plan --out=plan
terraform apply plan
inventory:
terraform plan --out=plan
terraform apply plan
configure:
ansible-playbook -i ./ansible/inventory/hosts.ini -f 10 ./ansible/playbook.yml
check:
ansible-playbook --check ./ansible/playbook.yml
lint:
terraform fmt
ansible-lint --write ./ansible/playbook.yml
ansible-lint --write ./ansible/shutdown.yml
. ./venv/bin/activate && black tests/
shutdown:
ansible-playbook -i ./ansible/inventory/hosts.ini -f 10 ./ansible/shutdown.yml
# ./ansible/playbook.yml
test:
. ./venv/bin/activate && \
cd tests/ && \
py.test --hosts='ansible://all' \
-n 10 \
--verbose \
--ansible-inventory='../ansible/inventory/hosts.ini'

158
debian/debian/ansible/.gitignore vendored Normal file
View file

@ -0,0 +1,158 @@
inventory/
.env
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class
# C extensions
*.so
# Distribution / packaging
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
share/python-wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST
# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec
# Installer logs
pip-log.txt
pip-delete-this-directory.txt
# Unit test / coverage reports
htmlcov/
.tox/
.nox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
*.py,cover
.hypothesis/
.pytest_cache/
cover/
# Translations
*.mo
*.pot
# Django stuff:
*.log
local_settings.py
db.sqlite3
db.sqlite3-journal
# Flask stuff:
instance/
.webassets-cache
# Scrapy stuff:
.scrapy
# Sphinx documentation
docs/_build/
# PyBuilder
.pybuilder/
target/
# Jupyter Notebook
.ipynb_checkpoints
# IPython
profile_default/
ipython_config.py
# pyenv
# For a library or package, you might want to ignore these files since the code is
# intended to run in multiple environments; otherwise, check them in:
# .python-version
# pipenv
# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
# However, in case of collaboration, if having platform-specific dependencies or dependencies
# having no cross-platform support, pipenv may install dependencies that don't work, or not
# install all needed dependencies.
#Pipfile.lock
# poetry
# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
# This is especially recommended for binary packages to ensure reproducibility, and is more
# commonly ignored for libraries.
# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
#poetry.lock
# PEP 582; used by e.g. github.com/David-OConnor/pyflow
__pypackages__/
# Celery stuff
celerybeat-schedule
celerybeat.pid
# SageMath parsed files
*.sage.py
# Environments
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/
# Spyder project settings
.spyderproject
.spyproject
# Rope project settings
.ropeproject
# mkdocs documentation
/site
# mypy
.mypy_cache/
.dmypy.json
dmypy.json
# Pyre type checker
.pyre/
# pytype static type analyzer
.pytype/
# Cython debug symbols
cython_debug/
# PyCharm
# JetBrains specific template is maintained in a separate JetBrains.gitignore that can
# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
# and can be added to the global gitignore or merged into this file. For a more nuclear
# option (not recommended) you can uncomment the following to ignore the entire idea folder.
#.idea/
keys
htmlcov/
tmp/
static/

19
debian/debian/ansible/init.sh vendored Executable file
View file

@ -0,0 +1,19 @@
#!/bin/bash
ansible live \
-m ansible.builtin.ping \
-i ./ansible/inventory
ansible live \
-m ansible.builtin.apt \
-f 10 \
-a "update_cache=yes upgrade=safe" \
-i ./ansible/inventory/
ansible live \
-m ansible.builtin.apt \
-f 10 \
-a "name=nginx,git,curl,wget,vim,zip,nginx" \
-i ./ansible/inventory/

92
debian/debian/ansible/playbook.yml vendored Normal file
View file

@ -0,0 +1,92 @@
---
- name: Configure webservers
hosts: debainbasic
remote_user: root
tasks:
- name: Ensure all VMs are reachable
ansible.builtin.ping:
- name: Update package cache
ansible.builtin.apt:
update_cache: true
upgrade: safe
- name: Install git, zip, nginx, wget, curl & other utils
ansible.builtin.apt:
update_cache: true
pkg:
- git
- nginx
- wget
- curl
- gpg
- ca-certificates
- zip
- python3-pip
- virtualenv
- ufw
- fail2ban
- nginx
- python3-setuptools
- name: Create /etc/apt/keyrings dir
ansible.builtin.file:
path: /etc/apt/keyrings
state: directory
recurse: true
- name: Add Docker GPG apt Key
ansible.builtin.apt_key:
url: https://download.docker.com/linux/debian/gpg
state: present
- name: Add Docker Repository
ansible.builtin.apt_repository:
repo: deb https://download.docker.com/linux/debian buster stable
state: present
- name: Update apt and install docker-ce
ansible.builtin.apt:
name: docker-ce
update_cache: true
- name: Install Docker Module for Python
ansible.builtin.pip:
name: docker
- name: Set logging
community.general.ufw:
logging: "on"
- name: Allow port 22 and enable UFW
community.general.ufw:
state: enabled
rule: allow
proto: tcp
port: "22"
- name: Allow port 80
community.general.ufw:
state: enabled
proto: tcp
rule: allow
port: "80"
- name: Allow port 443
community.general.ufw:
state: enabled
proto: tcp
rule: allow
port: "443"
- name: Enable and start ufw service
ansible.builtin.service:
name: ufw
enabled: true
state: started
- name: Enable and start nginx service
ansible.builtin.service:
name: nginx
enabled: true
state: started

8
debian/debian/ansible/shutdown.yml vendored Normal file
View file

@ -0,0 +1,8 @@
---
- name: Shutdown machines
hosts: debainbasic
remote_user: root
tasks:
- name: Ensure all VMs are reachable
community.general.shutdown:

51
debian/debian/cloud_init.cfg vendored Normal file
View file

@ -0,0 +1,51 @@
#cloud-config
# vim: syntax=yaml
#
# ***********************
# ---- for more examples look at: ------
# ---> https://cloudinit.readthedocs.io/en/latest/topics/examples.html
# ******************************
#
# This is the configuration syntax that the write_files module
# will know how to understand. encoding can be given b64 or gzip or (gz+b64).
# The content will be decoded accordingly and then written to the path that is
# provided.
#
# Note: Content strings here are truncated for example purposes.
#users:
# - default
## - name: root
#### plain_text_passwd: foobar12
## ssh_import_id:
## - gh:realaravinth
# - name: atm
# plain_text_passwd: foobar12
# gecos: Aravinth Manivannan
# groups: users, admin
# sudo: ALL=(ALL) NOPASSWD:ALL
# lock_password: false
# ssh_import_id:
# - gh:realaravinth
users:
- name: root
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com
- name: atm
gecos: Aravinth Manivannan
groups: users, admin
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
lock_passwd: true
plain_text_passwd: fooabr12
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com
ssh_pwauth: true
chpasswd:
list: |
root:foobar12
atm:foobar12
expire: False

141
debian/debian/conf.tf vendored Normal file
View file

@ -0,0 +1,141 @@
terraform {
required_version = ">= 0.13"
required_providers {
libvirt = {
source = "dmacvicar/libvirt"
version = "~> 0.7.0"
}
}
}
# instance the provider
provider "libvirt" {
uri = "qemu:///system"
}
resource "libvirt_pool" "debian_basic" {
name = "debian_basic"
type = "dir"
path = "/home/atm/code/libvirt/pool/debian_basic"
}
# We fetch the latest debian_basic release image from their mirrors
resource "libvirt_volume" "debian-qcow2" {
name = "debian-qcow2"
pool = libvirt_pool.debian_basic.name
source = "https://cloud.debian.org/images/cloud/buster/latest/debian-10-genericcloud-amd64.qcow2"
format = "qcow2"
}
variable "vm_count" {
default = 5
}
resource "libvirt_volume" "domain_debian_basic_volume" {
name = "domain_debian_basic_volume-${count.index}"
base_volume_id = libvirt_volume.debian-qcow2.id
count = var.vm_count
size = 5368709120
}
data "template_file" "user_data" {
template = file("${path.module}/cloud_init.cfg")
}
data "template_file" "network_config" {
template = file("${path.module}/network_config.cfg")
}
# for more info about paramater check this out
# https://github.com/dmacvicar/terraform-provider-libvirt/blob/master/website/docs/r/cloudinit.html.markdown
# Use CloudInit to add our ssh-key to the instance
# you can add also meta_data field
resource "libvirt_cloudinit_disk" "commoninit" {
name = "commoninit.iso"
user_data = data.template_file.user_data.rendered
network_config = data.template_file.network_config.rendered
pool = libvirt_pool.debian_basic.name
}
# Create the machine
resource "libvirt_domain" "domain_debian_basic" {
count = var.vm_count
name = "debian_basic_${count.index}"
memory = "3000"
vcpu = 4
cloudinit = libvirt_cloudinit_disk.commoninit.id
network_interface {
network_name = "default"
wait_for_lease = true
}
# IMPORTANT: this is a known bug on cloud images, since they expect a console
# we need to pass it
# https://bugs.launchpad.net/cloud-images/+bug/1573095
console {
type = "pty"
target_port = "0"
target_type = "serial"
}
console {
type = "pty"
target_type = "virtio"
target_port = "1"
}
disk {
volume_id = element(libvirt_volume.domain_debian_basic_volume.*.id, count.index)
}
graphics {
type = "spice"
listen_type = "address"
autoport = true
}
}
locals {
vm_ips = [for i in libvirt_domain.domain_debian_basic : i.network_interface.0.addresses[0]]
vm_names = [for i in libvirt_domain.domain_debian_basic : i.name]
# vm_names = zipmap(vm_names, vm_ips)
vm_map = [for i in libvirt_domain.domain_debian_basic : {
ip = i.network_interface.0.addresses[0],
name = i.name
}]
# libvirt_domain.domain_debian_basic.*.network_interface.0.addresses[0]
}
output "debian_ip" {
#value = [local.vm_ips, local.vm_names]
value = local.vm_map
}
resource "local_file" "hosts_yml" {
# content = <<-EOT
#[debain_basic_webservers]:
# hosts:
# %{ for vm in libvirt_domain.domain_debian_basic ~}
# ${vm.name}:
# ansible_host: ${vm.network_interface.0.addresses[0]}
# ansible_user: root
# %{ endfor ~}
# EOT
content = templatefile("./templates/hosts.yml.tftpl",
{
vm_ips = local.vm_ips,
vm_names = local.vm_names,
vms = local.vm_map
})
filename = "./ansible/inventory/hosts.ini"
}

4
debian/debian/network_config.cfg vendored Normal file
View file

@ -0,0 +1,4 @@
version: 2
ethernets:
ens3:
dhcp4: true

286
debian/debian/requirements.txt vendored Normal file
View file

@ -0,0 +1,286 @@
airdrop-ng==1.1
airgraph-ng==1.1
alabaster==0.7.12
aniso8601==9.0.1
ansible==6.5.0
ansible-compat==2.2.1
ansible-core==2.13.5
ansible-lint==6.8.2
anytree==2.8.0
apipkg==3.0.1
apparmor==3.1.1
appdirs==1.4.4
astroid==2.12.12
attrs==20.3.0
autocommand==2.2.1
autopage==0.5.1
Babel==2.9.0
Beaker==1.11.0
beautifulsoup4==4.11.1
binwalk==2.3.3
black==22.10.0
borgbackup==1.2.2
bracex==2.3.post1
Brlapi==0.8.4
btrfsutil==6.0
CacheControl==0.12.11
cached-property==1.5.2
cachetools==5.2.0
certifi==2020.12.5
cffi==1.14.5
chardet==4.0.0
charset-normalizer==2.1.1
cheroot==8.6.0
CherryPy==18.8.0
click==8.1.3
cliff==3.5.0
clipboard==0.0.4
cmd2==1.5.0
codespell==2.2.1
colorama==0.4.5
commonmark==0.9.1
ConfigArgParse==1.5.2
contextlib2==21.6.0
coursera-dl==0.11.5
coverage==6.5.0
crit==3.17.1
cryptography==3.4.7
cupshelpers==1.0
cycler==0.11.0
Cython==0.29.32
debtcollector==2.2.0
decorator==5.0.7
defusedxml==0.7.1
Deprecated==1.2.13
deprecation==2.1.0
dill==0.3.5.1
distlib==0.3.6
distro==1.5.0
Django==2.2
django-debug-toolbar==1.4
dnspython==2.2.1
docker==4.4.1
dockerpty==0.4.1
docopt==0.6.2
docutils==0.19
dogpile.cache==1.1.2
elasticsearch==7.9.0
filelock==3.8.0
Flask==2.2.2
Flask-RESTful==0.3.9
fonttools==4.38.0
future==0.18.2
gevent==22.10.1
git-filter-repo==2.34.0
google-api-core==2.10.0
google-api-python-client==2.60.0
google-auth==2.6.0
google-auth-httplib2==0.1.0
googleapis-common-protos==1.56.4
gpg==1.18.0
greenlet==1.1.3
grpcio==1.50.0
html5lib==1.1
httpie==3.2.1
httplib2==0.20.4
idna==2.10
imagesize==1.4.1
importlib-metadata==5.0.0
inflect==6.0.2
iniconfig==1.1.1
iso8601==0.1.14
isodate==0.6.1
isort==5.10.1
itsdangerous==2.1.2
jaraco.classes==3.2.3
jaraco.collections==3.5.1
jaraco.context==4.1.2
jaraco.functools==3.5.2
jaraco.text==3.10.0
jedi==0.18.1
Jinja2==3.1.2
jmespath==0.10.0
joblib==1.2.0
jsonpatch==1.32
jsonpointer==2.1
jsonschema==4.16.0
keystoneauth1==4.3.1
kiwisolver==1.4.4
lazy-object-proxy==1.7.1
lensfun==0.3.3
LibAppArmor==3.1.1
libfdt==1.6.1
libvirt-python==8.8.0
lit==14.0.6.dev0
logutils==0.3.5
louis==3.23.0
lxml==4.9.1
Mako==1.2.3
mallard-ducktype==1.0.2
Markdown==3.4.1
MarkupSafe==2.1.1
matplotlib==3.5.2
mccabe==0.7.0
MemoizeDB==2021.11.20.2.41.2
mercurial==6.2.3
meson==0.63.3
mock==3.0.5
more-itertools==9.0.0
msgpack==1.0.2
multidict==6.0.2
munch==2.5.0
mypy-extensions==0.4.3
netaddr==0.7.19
netifaces==0.10.9
nftables==0.1
nose==1.3.7
nspektr==0.4.0
numpy==1.23.4
oauthlib==3.1.0
openshot-qt==2.6.1
openstacksdk==0.52.0
ordered-set==4.1.0
os-client-config==2.1.0
os-service-types==1.7.0
osc-lib==2.3.1
oslo.config==8.5.0
oslo.i18n==5.0.1
oslo.serialization==4.1.0
oslo.utils==4.8.0
packaging==20.9
paramiko==2.7.2
parso==0.8.3
pathspec==0.10.1
pbr==5.5.1
pecan==1.4.2
pep517==0.13.0
Pillow==9.2.0
pipenv==2022.10.4
pkgconfig==1.5.5
platformdirs==2.5.2
pluggy==1.0.0
ply==3.11
pm2ml==2021.11.20.2.41.2
portend==3.1.0
Powerpill==2021.11.20.2.41.2
prettytable==0.7.2
progress==1.6
prometheus-client==0.15.0
protobuf==4.21.7
psutil==5.9.2
pwquality==1.4.4
py==1.11.0
pyalpm==0.10.6
pyasn1==0.4.8
pyasn1-modules==0.2.8
pycairo==1.21.0
pycodestyle==2.9.1
pycparser==2.20
pycups==2.0.1
pycurl==7.45.1
pydantic==1.10.2
Pygments==2.13.0
PyGObject==3.42.2
PyJWT==2.5.0
pylint==2.14.5
pynvim==0.4.3
pyOpenSSL==20.0.1
pyparsing==2.4.7
pyperclip==1.8.2
PyQt5==5.15.7
PyQt5-sip==12.11.0
pyrsistent==0.17.3
PySocks==1.7.1
pytest==7.1.3
pytest-cov==4.0.0
pytest-testinfra==6.8.0
python-cinderclient==7.4.0
python-dateutil==2.8.2
python-dotenv==0.17.0
python-glanceclient==3.3.0
python-heatclient==2.3.0
python-keystoneclient==4.2.0
python-novaclient==17.4.0
python-openstackclient==5.4.0
python-swiftclient==3.11.1
python3-openid==3.2.0
pytz==2021.1
pyvenv==0.2.2
pyxdg==0.28
PyYAML==5.4.1
pyzmq==24.0.1
redis==4.3.4
Reflector==2021.11.20.2.41.3
repoze.lru==0.7
requests==2.25.1
requests-oauthlib==1.3.0
requests-toolbelt==0.10.0
requestsexceptions==1.4.0
resolvelib==0.8.1
retrying==1.3.3
rfc3986==1.4.0
rich==12.6.0
Routes==2.5.1
rpm==4.18.0
rsa==4.9
ruamel.yaml==0.17.21
ruamel.yaml.clib==0.2.7
scikit-learn==1.1.2
scipy==1.9.3
sh==1.12.14
shade==1.30.0
simplejson==3.17.2
six==1.15.0
snowballstemmer==2.2.0
soupsieve==2.2.1
Sphinx==5.3.0
sphinxcontrib-applehelp==1.0.2
sphinxcontrib-devhelp==1.0.2
sphinxcontrib-htmlhelp==2.0.0
sphinxcontrib-jsmath==1.0.1
sphinxcontrib-qthelp==1.0.3
sphinxcontrib-serializinghtml==1.1.5
sqlparse==0.4.1
stevedore==3.3.0
subprocess-tee==0.3.5
TBB==0.2
tblib==1.7.0
team==1.0
tempora==5.0.2
tenacity==8.1.0
termcolor==1.1.0
texttable==1.6.3
threadpoolctl==3.1.0
toml==0.10.2
tomli==2.0.1
tomlkit==0.11.5
torbrowser-launcher==0.3.5
trash-cli==0.22.8.27
trove-classifiers==2022.10.19
typing_extensions==4.4.0
ufw==0.36.1
uritemplate==4.1.1
urllib3==1.26.4
validate-pyproject==0.10.1
vboxapi==1.0
virtualenv==20.16.4
virtualenv-clone==0.5.7
waitress==2.1.2
warlock==1.3.3
wcmatch==8.4.1
wcwidth==0.2.5
webencodings==0.5.1
WebOb==1.8.7
websocket-client==0.58.0
WebTest==3.0.0
Werkzeug==2.2.2
wrapt==1.12.1
XCGF==2021.11.20.2.41.3
XCPF==2021.12.24.10.22.41
xmlsec==1.3.13
yamllint==1.28.0
youtube-dl==2021.12.17
zc.lockfile==2.0
zipp==3.4.1
zope.event==4.5.0
zope.interface==5.5.0

View file

@ -0,0 +1,4 @@
[debainbasic]
%{ for vm in vms ~}
${vm.name} ansible_host=${vm.ip} ansible_user=root
%{ endfor ~}

848
debian/debian/terraform.tfstate vendored Normal file
View file

@ -0,0 +1,848 @@
{
"version": 4,
"terraform_version": "1.3.2",
"serial": 423,
"lineage": "d7bbd0fb-c4f6-2cbc-eae2-1b3e8831d4cc",
"outputs": {
"debian_ip": {
"value": [
{
"ip": "192.168.122.88",
"name": "debian_basic_0"
},
{
"ip": "192.168.122.241",
"name": "debian_basic_1"
},
{
"ip": "192.168.122.228",
"name": "debian_basic_2"
},
{
"ip": "192.168.122.104",
"name": "debian_basic_3"
},
{
"ip": "192.168.122.95",
"name": "debian_basic_4"
}
],
"type": [
"tuple",
[
[
"object",
{
"ip": "string",
"name": "string"
}
],
[
"object",
{
"ip": "string",
"name": "string"
}
],
[
"object",
{
"ip": "string",
"name": "string"
}
],
[
"object",
{
"ip": "string",
"name": "string"
}
],
[
"object",
{
"ip": "string",
"name": "string"
}
]
]
]
}
},
"resources": [
{
"mode": "data",
"type": "template_file",
"name": "network_config",
"provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"filename": null,
"id": "b36a1372ce4ea68b514354202c26c0365df9a17f25cd5acdeeaea525cd913edc",
"rendered": "version: 2\nethernets:\n ens3:\n dhcp4: true\n",
"template": "version: 2\nethernets:\n ens3:\n dhcp4: true\n",
"vars": null
},
"sensitive_attributes": []
}
]
},
{
"mode": "data",
"type": "template_file",
"name": "user_data",
"provider": "provider[\"registry.terraform.io/hashicorp/template\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"filename": null,
"id": "0803bce6fdae67bc50101596e1ce03ca05fc5c9cb1feecbb9ebd2780b84a2569",
"rendered": "#cloud-config\n# vim: syntax=yaml\n#\n# ***********************\n# \t---- for more examples look at: ------\n# ---\u003e https://cloudinit.readthedocs.io/en/latest/topics/examples.html\n# ******************************\n#\n# This is the configuration syntax that the write_files module\n# will know how to understand. encoding can be given b64 or gzip or (gz+b64).\n# The content will be decoded accordingly and then written to the path that is\n# provided.\n#\n# Note: Content strings here are truncated for example purposes.\n#users:\n# - default\n## - name: root\n####\tplain_text_passwd: foobar12\n##\tssh_import_id:\n##\t\t- gh:realaravinth\n# - name: atm\n#\tplain_text_passwd: foobar12\n#\tgecos: Aravinth Manivannan\n#\tgroups: users, admin\n#\tsudo: ALL=(ALL) NOPASSWD:ALL\n#\tlock_password: false\n#\tssh_import_id:\n#\t\t- gh:realaravinth\n\n\n\nusers:\n- name: root\n ssh_authorized_keys:\n - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com\n- name: atm\n gecos: Aravinth Manivannan\n groups: users, admin\n sudo: ALL=(ALL) NOPASSWD:ALL\n shell: /bin/bash\n lock_passwd: true\n plain_text_passwd: fooabr12\n ssh_authorized_keys: \n - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com\n\nssh_pwauth: true\nchpasswd:\n list: |\n root:foobar12\n atm:foobar12\n expire: False\n",
"template": "#cloud-config\n# vim: syntax=yaml\n#\n# ***********************\n# \t---- for more examples look at: ------\n# ---\u003e https://cloudinit.readthedocs.io/en/latest/topics/examples.html\n# ******************************\n#\n# This is the configuration syntax that the write_files module\n# will know how to understand. encoding can be given b64 or gzip or (gz+b64).\n# The content will be decoded accordingly and then written to the path that is\n# provided.\n#\n# Note: Content strings here are truncated for example purposes.\n#users:\n# - default\n## - name: root\n####\tplain_text_passwd: foobar12\n##\tssh_import_id:\n##\t\t- gh:realaravinth\n# - name: atm\n#\tplain_text_passwd: foobar12\n#\tgecos: Aravinth Manivannan\n#\tgroups: users, admin\n#\tsudo: ALL=(ALL) NOPASSWD:ALL\n#\tlock_password: false\n#\tssh_import_id:\n#\t\t- gh:realaravinth\n\n\n\nusers:\n- name: root\n ssh_authorized_keys:\n - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com\n- name: atm\n gecos: Aravinth Manivannan\n groups: users, admin\n sudo: ALL=(ALL) NOPASSWD:ALL\n shell: /bin/bash\n lock_passwd: true\n plain_text_passwd: fooabr12\n ssh_authorized_keys: \n - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com\n\nssh_pwauth: true\nchpasswd:\n list: |\n root:foobar12\n atm:foobar12\n expire: False\n",
"vars": null
},
"sensitive_attributes": []
}
]
},
{
"mode": "managed",
"type": "libvirt_cloudinit_disk",
"name": "commoninit",
"provider": "provider[\"registry.terraform.io/dmacvicar/libvirt\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "/home/atm/code/libvirt/pool/debian_basic/commoninit.iso;2f81ba89-6c07-4842-b34e-eb2c34da04ed",
"meta_data": "",
"name": "commoninit.iso",
"network_config": "version: 2\nethernets:\n ens3:\n dhcp4: true\n",
"pool": "debian_basic",
"user_data": "#cloud-config\n# vim: syntax=yaml\n#\n# ***********************\n# \t---- for more examples look at: ------\n# ---\u003e https://cloudinit.readthedocs.io/en/latest/topics/examples.html\n# ******************************\n#\n# This is the configuration syntax that the write_files module\n# will know how to understand. encoding can be given b64 or gzip or (gz+b64).\n# The content will be decoded accordingly and then written to the path that is\n# provided.\n#\n# Note: Content strings here are truncated for example purposes.\n#users:\n# - default\n## - name: root\n####\tplain_text_passwd: foobar12\n##\tssh_import_id:\n##\t\t- gh:realaravinth\n# - name: atm\n#\tplain_text_passwd: foobar12\n#\tgecos: Aravinth Manivannan\n#\tgroups: users, admin\n#\tsudo: ALL=(ALL) NOPASSWD:ALL\n#\tlock_password: false\n#\tssh_import_id:\n#\t\t- gh:realaravinth\n\n\n\nusers:\n- name: root\n ssh_authorized_keys:\n - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com\n- name: atm\n gecos: Aravinth Manivannan\n groups: users, admin\n sudo: ALL=(ALL) NOPASSWD:ALL\n shell: /bin/bash\n lock_passwd: true\n plain_text_passwd: fooabr12\n ssh_authorized_keys: \n - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com\n\nssh_pwauth: true\nchpasswd:\n list: |\n root:foobar12\n atm:foobar12\n expire: False\n"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"data.template_file.network_config",
"data.template_file.user_data",
"libvirt_pool.debian_basic"
]
}
]
},
{
"mode": "managed",
"type": "libvirt_domain",
"name": "domain_debian_basic",
"provider": "provider[\"registry.terraform.io/dmacvicar/libvirt\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"arch": "x86_64",
"autostart": false,
"boot_device": [],
"cloudinit": "/home/atm/code/libvirt/pool/debian_basic/commoninit.iso;2f81ba89-6c07-4842-b34e-eb2c34da04ed",
"cmdline": null,
"console": [
{
"source_host": "127.0.0.1",
"source_path": "",
"source_service": "0",
"target_port": "0",
"target_type": "serial",
"type": "pty"
},
{
"source_host": "127.0.0.1",
"source_path": "",
"source_service": "0",
"target_port": "1",
"target_type": "virtio",
"type": "pty"
}
],
"coreos_ignition": null,
"cpu": [
{
"mode": "custom"
}
],
"description": "",
"disk": [
{
"block_device": "",
"file": "",
"scsi": false,
"url": "",
"volume_id": "/var/lib/libvirt/images/domain_debian_basic_volume-0",
"wwn": ""
}
],
"emulator": "/usr/bin/qemu-system-x86_64",
"filesystem": [],
"firmware": null,
"fw_cfg_name": "opt/com.coreos/config",
"graphics": [
{
"autoport": true,
"listen_address": "127.0.0.1",
"listen_type": "address",
"type": "spice",
"websocket": 0
}
],
"id": "4c4cae68-02c4-40a4-b96b-5049c2ce28f3",
"initrd": "",
"kernel": "",
"machine": "pc",
"memory": 3000,
"metadata": null,
"name": "debian_basic_0",
"network_interface": [
{
"addresses": [
"192.168.122.88"
],
"bridge": "",
"hostname": "",
"mac": "52:54:00:7E:B4:99",
"macvtap": "",
"network_id": "f50e127a-7413-4d45-80de-587b22da0aa6",
"network_name": "default",
"passthrough": "",
"vepa": "",
"wait_for_lease": true
}
],
"nvram": [],
"qemu_agent": false,
"running": true,
"timeouts": null,
"tpm": [],
"vcpu": 4,
"video": [],
"xml": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"data.template_file.network_config",
"data.template_file.user_data",
"libvirt_cloudinit_disk.commoninit",
"libvirt_pool.debian_basic",
"libvirt_volume.debian-qcow2",
"libvirt_volume.domain_debian_basic_volume"
]
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"arch": "x86_64",
"autostart": false,
"boot_device": [],
"cloudinit": "/home/atm/code/libvirt/pool/debian_basic/commoninit.iso;2f81ba89-6c07-4842-b34e-eb2c34da04ed",
"cmdline": null,
"console": [
{
"source_host": "127.0.0.1",
"source_path": "",
"source_service": "0",
"target_port": "0",
"target_type": "serial",
"type": "pty"
},
{
"source_host": "127.0.0.1",
"source_path": "",
"source_service": "0",
"target_port": "1",
"target_type": "virtio",
"type": "pty"
}
],
"coreos_ignition": null,
"cpu": [
{
"mode": "custom"
}
],
"description": "",
"disk": [
{
"block_device": "",
"file": "",
"scsi": false,
"url": "",
"volume_id": "/var/lib/libvirt/images/domain_debian_basic_volume-1",
"wwn": ""
}
],
"emulator": "/usr/bin/qemu-system-x86_64",
"filesystem": [],
"firmware": null,
"fw_cfg_name": "opt/com.coreos/config",
"graphics": [
{
"autoport": true,
"listen_address": "127.0.0.1",
"listen_type": "address",
"type": "spice",
"websocket": 0
}
],
"id": "08087b25-acba-4e37-a318-299d374fb657",
"initrd": "",
"kernel": "",
"machine": "pc",
"memory": 3000,
"metadata": null,
"name": "debian_basic_1",
"network_interface": [
{
"addresses": [
"192.168.122.241"
],
"bridge": "",
"hostname": "",
"mac": "52:54:00:82:14:10",
"macvtap": "",
"network_id": "f50e127a-7413-4d45-80de-587b22da0aa6",
"network_name": "default",
"passthrough": "",
"vepa": "",
"wait_for_lease": true
}
],
"nvram": [],
"qemu_agent": false,
"running": true,
"timeouts": null,
"tpm": [],
"vcpu": 4,
"video": [],
"xml": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"data.template_file.network_config",
"data.template_file.user_data",
"libvirt_cloudinit_disk.commoninit",
"libvirt_pool.debian_basic",
"libvirt_volume.debian-qcow2",
"libvirt_volume.domain_debian_basic_volume"
]
},
{
"index_key": 2,
"schema_version": 0,
"attributes": {
"arch": "x86_64",
"autostart": false,
"boot_device": [],
"cloudinit": "/home/atm/code/libvirt/pool/debian_basic/commoninit.iso;2f81ba89-6c07-4842-b34e-eb2c34da04ed",
"cmdline": null,
"console": [
{
"source_host": "127.0.0.1",
"source_path": "",
"source_service": "0",
"target_port": "0",
"target_type": "serial",
"type": "pty"
},
{
"source_host": "127.0.0.1",
"source_path": "",
"source_service": "0",
"target_port": "1",
"target_type": "virtio",
"type": "pty"
}
],
"coreos_ignition": null,
"cpu": [
{
"mode": "custom"
}
],
"description": "",
"disk": [
{
"block_device": "",
"file": "",
"scsi": false,
"url": "",
"volume_id": "/var/lib/libvirt/images/domain_debian_basic_volume-2",
"wwn": ""
}
],
"emulator": "/usr/bin/qemu-system-x86_64",
"filesystem": [],
"firmware": null,
"fw_cfg_name": "opt/com.coreos/config",
"graphics": [
{
"autoport": true,
"listen_address": "127.0.0.1",
"listen_type": "address",
"type": "spice",
"websocket": 0
}
],
"id": "9a9eb7c4-9561-46af-a374-8bd84c2260d4",
"initrd": "",
"kernel": "",
"machine": "pc",
"memory": 3000,
"metadata": null,
"name": "debian_basic_2",
"network_interface": [
{
"addresses": [
"192.168.122.228"
],
"bridge": "",
"hostname": "",
"mac": "52:54:00:EA:3E:61",
"macvtap": "",
"network_id": "f50e127a-7413-4d45-80de-587b22da0aa6",
"network_name": "default",
"passthrough": "",
"vepa": "",
"wait_for_lease": true
}
],
"nvram": [],
"qemu_agent": false,
"running": true,
"timeouts": null,
"tpm": [],
"vcpu": 4,
"video": [],
"xml": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"data.template_file.network_config",
"data.template_file.user_data",
"libvirt_cloudinit_disk.commoninit",
"libvirt_pool.debian_basic",
"libvirt_volume.debian-qcow2",
"libvirt_volume.domain_debian_basic_volume"
]
},
{
"index_key": 3,
"schema_version": 0,
"attributes": {
"arch": "x86_64",
"autostart": false,
"boot_device": [],
"cloudinit": "/home/atm/code/libvirt/pool/debian_basic/commoninit.iso;2f81ba89-6c07-4842-b34e-eb2c34da04ed",
"cmdline": null,
"console": [
{
"source_host": "127.0.0.1",
"source_path": "",
"source_service": "0",
"target_port": "0",
"target_type": "serial",
"type": "pty"
},
{
"source_host": "127.0.0.1",
"source_path": "",
"source_service": "0",
"target_port": "1",
"target_type": "virtio",
"type": "pty"
}
],
"coreos_ignition": null,
"cpu": [
{
"mode": "custom"
}
],
"description": "",
"disk": [
{
"block_device": "",
"file": "",
"scsi": false,
"url": "",
"volume_id": "/var/lib/libvirt/images/domain_debian_basic_volume-3",
"wwn": ""
}
],
"emulator": "/usr/bin/qemu-system-x86_64",
"filesystem": [],
"firmware": null,
"fw_cfg_name": "opt/com.coreos/config",
"graphics": [
{
"autoport": true,
"listen_address": "127.0.0.1",
"listen_type": "address",
"type": "spice",
"websocket": 0
}
],
"id": "56e8ff0e-3048-4b1b-ab90-84095daad920",
"initrd": "",
"kernel": "",
"machine": "pc",
"memory": 3000,
"metadata": null,
"name": "debian_basic_3",
"network_interface": [
{
"addresses": [
"192.168.122.104"
],
"bridge": "",
"hostname": "",
"mac": "52:54:00:36:DD:3C",
"macvtap": "",
"network_id": "f50e127a-7413-4d45-80de-587b22da0aa6",
"network_name": "default",
"passthrough": "",
"vepa": "",
"wait_for_lease": true
}
],
"nvram": [],
"qemu_agent": false,
"running": true,
"timeouts": null,
"tpm": [],
"vcpu": 4,
"video": [],
"xml": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"data.template_file.network_config",
"data.template_file.user_data",
"libvirt_cloudinit_disk.commoninit",
"libvirt_pool.debian_basic",
"libvirt_volume.debian-qcow2",
"libvirt_volume.domain_debian_basic_volume"
]
},
{
"index_key": 4,
"schema_version": 0,
"attributes": {
"arch": "x86_64",
"autostart": false,
"boot_device": [],
"cloudinit": "/home/atm/code/libvirt/pool/debian_basic/commoninit.iso;2f81ba89-6c07-4842-b34e-eb2c34da04ed",
"cmdline": null,
"console": [
{
"source_host": "127.0.0.1",
"source_path": "",
"source_service": "0",
"target_port": "0",
"target_type": "serial",
"type": "pty"
},
{
"source_host": "127.0.0.1",
"source_path": "",
"source_service": "0",
"target_port": "1",
"target_type": "virtio",
"type": "pty"
}
],
"coreos_ignition": null,
"cpu": [
{
"mode": "custom"
}
],
"description": "",
"disk": [
{
"block_device": "",
"file": "",
"scsi": false,
"url": "",
"volume_id": "/var/lib/libvirt/images/domain_debian_basic_volume-4",
"wwn": ""
}
],
"emulator": "/usr/bin/qemu-system-x86_64",
"filesystem": [],
"firmware": null,
"fw_cfg_name": "opt/com.coreos/config",
"graphics": [
{
"autoport": true,
"listen_address": "127.0.0.1",
"listen_type": "address",
"type": "spice",
"websocket": 0
}
],
"id": "45bc53cd-0fd0-402b-bb8e-8692f96ed59e",
"initrd": "",
"kernel": "",
"machine": "pc",
"memory": 3000,
"metadata": null,
"name": "debian_basic_4",
"network_interface": [
{
"addresses": [
"192.168.122.95"
],
"bridge": "",
"hostname": "",
"mac": "52:54:00:92:5E:B3",
"macvtap": "",
"network_id": "f50e127a-7413-4d45-80de-587b22da0aa6",
"network_name": "default",
"passthrough": "",
"vepa": "",
"wait_for_lease": true
}
],
"nvram": [],
"qemu_agent": false,
"running": true,
"timeouts": null,
"tpm": [],
"vcpu": 4,
"video": [],
"xml": []
},
"sensitive_attributes": [],
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDB9fQ==",
"dependencies": [
"data.template_file.network_config",
"data.template_file.user_data",
"libvirt_cloudinit_disk.commoninit",
"libvirt_pool.debian_basic",
"libvirt_volume.debian-qcow2",
"libvirt_volume.domain_debian_basic_volume"
]
}
]
},
{
"mode": "managed",
"type": "libvirt_pool",
"name": "debian_basic",
"provider": "provider[\"registry.terraform.io/dmacvicar/libvirt\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"allocation": 572792553472,
"available": 410558586880,
"capacity": 983351140352,
"id": "2a5404ca-a1f2-4799-bac3-1869ca3085b1",
"name": "debian_basic",
"path": "/home/atm/code/libvirt/pool/debian_basic",
"type": "dir",
"xml": []
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"mode": "managed",
"type": "libvirt_volume",
"name": "debian-qcow2",
"provider": "provider[\"registry.terraform.io/dmacvicar/libvirt\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"base_volume_id": null,
"base_volume_name": null,
"base_volume_pool": null,
"format": "qcow2",
"id": "/home/atm/code/libvirt/pool/debian_basic/debian-qcow2",
"name": "debian-qcow2",
"pool": "debian_basic",
"size": 2147483648,
"source": "https://cloud.debian.org/images/cloud/buster/latest/debian-10-genericcloud-amd64.qcow2",
"xml": []
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"libvirt_pool.debian_basic"
]
}
]
},
{
"mode": "managed",
"type": "libvirt_volume",
"name": "domain_debian_basic_volume",
"provider": "provider[\"registry.terraform.io/dmacvicar/libvirt\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"base_volume_id": "/home/atm/code/libvirt/pool/debian_basic/debian-qcow2",
"base_volume_name": null,
"base_volume_pool": null,
"format": "qcow2",
"id": "/var/lib/libvirt/images/domain_debian_basic_volume-0",
"name": "domain_debian_basic_volume-0",
"pool": "default",
"size": 5368709120,
"source": null,
"xml": []
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"libvirt_pool.debian_basic",
"libvirt_volume.debian-qcow2"
]
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"base_volume_id": "/home/atm/code/libvirt/pool/debian_basic/debian-qcow2",
"base_volume_name": null,
"base_volume_pool": null,
"format": "qcow2",
"id": "/var/lib/libvirt/images/domain_debian_basic_volume-1",
"name": "domain_debian_basic_volume-1",
"pool": "default",
"size": 5368709120,
"source": null,
"xml": []
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"libvirt_pool.debian_basic",
"libvirt_volume.debian-qcow2"
]
},
{
"index_key": 2,
"schema_version": 0,
"attributes": {
"base_volume_id": "/home/atm/code/libvirt/pool/debian_basic/debian-qcow2",
"base_volume_name": null,
"base_volume_pool": null,
"format": "qcow2",
"id": "/var/lib/libvirt/images/domain_debian_basic_volume-2",
"name": "domain_debian_basic_volume-2",
"pool": "default",
"size": 5368709120,
"source": null,
"xml": []
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"libvirt_pool.debian_basic",
"libvirt_volume.debian-qcow2"
]
},
{
"index_key": 3,
"schema_version": 0,
"attributes": {
"base_volume_id": "/home/atm/code/libvirt/pool/debian_basic/debian-qcow2",
"base_volume_name": null,
"base_volume_pool": null,
"format": "qcow2",
"id": "/var/lib/libvirt/images/domain_debian_basic_volume-3",
"name": "domain_debian_basic_volume-3",
"pool": "default",
"size": 5368709120,
"source": null,
"xml": []
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"libvirt_pool.debian_basic",
"libvirt_volume.debian-qcow2"
]
},
{
"index_key": 4,
"schema_version": 0,
"attributes": {
"base_volume_id": "/home/atm/code/libvirt/pool/debian_basic/debian-qcow2",
"base_volume_name": null,
"base_volume_pool": null,
"format": "qcow2",
"id": "/var/lib/libvirt/images/domain_debian_basic_volume-4",
"name": "domain_debian_basic_volume-4",
"pool": "default",
"size": 5368709120,
"source": null,
"xml": []
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"libvirt_pool.debian_basic",
"libvirt_volume.debian-qcow2"
]
}
]
},
{
"mode": "managed",
"type": "local_file",
"name": "hosts_yml",
"provider": "provider[\"registry.terraform.io/hashicorp/local\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"content": "[debainbasic]\ndebian_basic_0 ansible_host=192.168.122.88 ansible_user=root\ndebian_basic_1 ansible_host=192.168.122.241 ansible_user=root\ndebian_basic_2 ansible_host=192.168.122.228 ansible_user=root\ndebian_basic_3 ansible_host=192.168.122.104 ansible_user=root\ndebian_basic_4 ansible_host=192.168.122.95 ansible_user=root\n",
"content_base64": null,
"directory_permission": "0777",
"file_permission": "0777",
"filename": "./ansible/inventory/hosts.ini",
"id": "50f2415c82988af03183475899cee396b19473a4",
"sensitive_content": null,
"source": null
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"data.template_file.network_config",
"data.template_file.user_data",
"libvirt_cloudinit_disk.commoninit",
"libvirt_domain.domain_debian_basic",
"libvirt_pool.debian_basic",
"libvirt_volume.debian-qcow2",
"libvirt_volume.domain_debian_basic_volume"
]
}
]
}
],
"check_results": []
}

View file

@ -0,0 +1,9 @@
{
"version": 4,
"terraform_version": "1.3.2",
"serial": 408,
"lineage": "d7bbd0fb-c4f6-2cbc-eae2-1b3e8831d4cc",
"outputs": {},
"resources": [],
"check_results": []
}

9
debian/debian/tests/requirements.txt vendored Normal file
View file

@ -0,0 +1,9 @@
attrs==22.1.0
iniconfig==1.1.1
packaging==21.3
pluggy==1.0.0
py==1.11.0
pyparsing==3.0.9
pytest==7.1.3
pytest-testinfra==6.8.0
tomli==2.0.1

77
debian/debian/tests/test_basic.py vendored Normal file
View file

@ -0,0 +1,77 @@
import os
def test_packages_are_installed(host):
packages = [
"nginx",
"ufw",
"docker-ce",
"git",
"nginx",
"wget",
"curl",
"gpg",
"ca-certificates",
"zip",
"python3-pip",
"virtualenv",
"python3-setuptools",
]
for p in packages:
print(f"[*] Checking if {p} is installed")
pkg = host.package(p)
assert pkg.is_installed
def test_ssh_is_listening(host):
socket = host.socket(f"tcp://0.0.0.0:22")
assert socket.is_listening
def docker_is_installed(host):
keyring_dir = host.file("/etc/apt/keyrings")
assert keyring_dir.exists()
assert keyring_dir.is_dir()
def test_ufw_service_running_and_enabled(host):
service = host.service("ufw")
assert service.is_running
assert service.is_enabled
def test_ssh_service_running_and_enabled(host):
service = host.service("ssh")
assert service.is_running
assert service.is_enabled
def test_nginx_service_running_and_enabled(host):
service = host.service("nginx")
assert service.is_running
assert service.is_enabled
#
#
# def test_fail2ban_is_installed(host):
# pkg = host.package("fail2ban")
# assert pkg.is_installed
#
#
# def test_fail2ban_is_enabled_and_running(host):
# service = host.service("fail2ban")
# assert service.is_running
# assert service.is_enabled
#
#
def test_ssh_is_installed(host):
pkg = host.package("openssh-server")
assert pkg.is_installed
#
# def test_ssh_is_enabled_and_running(host):
# service = host.service("sshd")
# assert service.is_running
# assert service.is_enabled