phg/packer
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactor Debian 13 Trixie Packer templates for LUKS support

Browse source 
- Removed obsolete variable files: variables-common.pkr.hcl and variables.pkr.hcl.
- Updated debian-trixie.pkr.hcl to include local values for LUKS configuration.
- Modified boot command to include LUKS arguments based on the enable_luks variable.
- Enhanced initial-setup.sh to support LUKS detection and resizing.
- Replaced preseed.cfg with preseed.cfg.pkrtpl for dynamic LUKS configuration.
- Added enable_luks variable to control LUKS encryption during image build.
- Introduced luks.pkrvars.hcl for LUKS-specific variable settings.
- Updated mise.toml to support new variable file argument for Packer builds.
This commit is contained in:
Philip Henning 2026-05-11 19:13:11 +02:00
parent e57f2d977b
commit eded7180dc
20 changed files with 281 additions and 2445 deletions
Download patch file Download diff file Expand all files Collapse all files

55
_scripts/unlock-luks-after-install.py
View file

@ -32,11 +32,24 @@ def load_hcl(path: Path) -> dict:
return hcl2.load(handle)
def get_variable_default(hcl_data: dict, name: str) -> str | None:
for variable_block in hcl_data.get("variable", []):
if name in variable_block:
return variable_block[name].get("default")
return None
def resolve_input_path(path: str, script_root: Path) -> Path:
resolved = Path(path)
if not resolved.is_absolute():
resolved = script_root / resolved
return resolved
def merge_values(*hcl_data_items: dict) -> dict:
values = {}
for hcl_data in hcl_data_items:
for variable_block in hcl_data.get("variable", []):
for name, body in variable_block.items():
if isinstance(body, dict) and "default" in body:
values[name] = body["default"]
for name, value in hcl_data.items():
if name != "variable":
values[name] = value
return values
def main() -> int:
@ -55,29 +68,32 @@ def main() -> int:
default=45,
help="Seconds to wait before sending the LUKS password (default: 45).",
)
parser.add_argument(
"--var-file",
action="append",
default=[],
help="Path to an HCL var-file passed through to the Packer build.",
)
args = parser.parse_args()
script_root = Path(__file__).resolve().parents[1]
variables_common_path = script_root / "variables-common.pkr.hcl"
credentials_path = script_root / "credentials.auto.pkrvars.hcl"
vars_dir = Path(args.template)
if not vars_dir.is_absolute():
vars_dir = script_root / vars_dir
vars_dir = resolve_input_path(args.template, script_root)
variables_path = vars_dir / "variables.pkr.hcl"
var_file_paths = [resolve_input_path(var_file, script_root) for var_file in args.var_file]
variables_common = load_hcl(variables_common_path)
credentials = load_hcl(credentials_path)
variables = load_hcl(variables_path)
var_files = [load_hcl(var_file_path) for var_file_path in var_file_paths]
values = merge_values(variables_common, variables, credentials, *var_files)
proxmox_api_url = get_variable_default(variables_common, "proxmox_api_url")
proxmox_skip_tls_verify = (
get_variable_default(variables_common, "proxmox_skip_tls_verify") or False
)
default_luks_passphrase = get_variable_default(
variables_common, "default_luks_passphrase"
)
proxmox_node = get_variable_default(variables, "proxmox_node")
template_vm_id = get_variable_default(variables, "template_vm_id")
proxmox_api_url = values.get("proxmox_api_url")
proxmox_skip_tls_verify = values.get("proxmox_skip_tls_verify", False)
default_luks_passphrase = values.get("default_luks_passphrase")
proxmox_node = values.get("proxmox_node")
template_vm_id = values.get("template_vm_id")
_ = (
proxmox_api_url,
@ -149,7 +165,10 @@ def main() -> int:
log(f"Listening for POST on /install_finished at port {port}")
build_cmd = ["mise", "build", args.template, "-i", str(port)]
build_cmd = ["mise", "run", "build", args.template]
for var_file_path in var_file_paths:
build_cmd.extend(["--var-file", str(var_file_path)])
build_cmd.extend(["-i", str(port)])
build_proc = subprocess.Popen(
build_cmd,
stdout=subprocess.PIPE,