5.5 KiB
5.5 KiB
Packer based PVE image templates
Table of Contents
Repository structure
❯ la 4 -I .git
Permissions Size User Group Date Modified Git Name
drwxr-xr-x@ - phg staff 23 Jan 22:36 -M ./
drwxr-xr-x@ - phg staff 22 Jan 18:19 -- ├── debian/ Debian template definitions and assets (Packer templates, cloud-init/KS files, provisioning files).
drwxr-xr-x@ - phg staff 24 Jan 00:25 -- │ └── 13-trixie/ Template definition and assets for the Trixie template.
drwxr-xr-x@ - phg staff 24 Jan 00:26 -- │ ├── files/ Files used for the file provisioner.
.rw-r--r--@ 39 phg staff 24 Jan 00:26 -- │ │ ├── 99-pve.cfg Configures the data sources for cloud-init.
.rw-r--r--@ 539 phg staff 24 Jan 00:26 -- │ │ └── debian.sources Debian package sources.
drwxr-xr-x@ - phg staff 23 Jan 23:07 -- │ ├── http/ Files that Packer provides during build via http.
.rw-r--r--@ 2.4k phg staff 23 Jan 23:09 -- │ │ ├── ks.cfg Kickstart configuration.
.rw-r--r--@ 0 phg staff 23 Jan 22:51 -- │ │ ├── meta-data cloud-init configuration.
.rw-r--r--@ 596 phg staff 23 Jan 23:08 -- │ │ └── user-data cloud-init configuration.
lrwxr-xr-x - phg staff 23 Jan 14:47 -I │ ├── credentials.auto.pkrvars.hcl -> ../../credentials.auto.pkrvars.hcl Local secrets for Packer (API token, endpoints) used at build time.
.rw-r--r--@ 3.7k phg staff 24 Jan 00:53 -- │ ├── debian-trixie.pkr.hcl The build template.
lrwxr-xr-x - phg staff 23 Jan 16:03 -- │ ├── variables-common.pkr.hcl -> ../../variables-common.pkr.hcl Shared Packer variables used by templates.
.rw-r--r--@ 1.9k phg staff 23 Jan 23:00 -- │ └── variables.pkr.hcl Packer variables only used for this template
drwxr-xr-x@ - phg staff 23 Jan 21:41 -I ├── downloaded_iso_path/ Packer ISO cache directory (downloaded ISOs and lock files).
.rw-r--r--@ 791M phg staff 23 Jan 21:38 -I │ ├── dfbf02854ab0b0b828230f78a14eab621dcc09a8.iso
.rw-------@ 0 phg staff 23 Jan 21:41 -I │ └── dfbf02854ab0b0b828230f78a14eab621dcc09a8.iso.lock
.rw-r--r--@ 1.7k phg staff 23 Jan 21:44 -- ├── .gitignore
.rw-r--r--@ 111 phg staff 23 Jan 15:56 -I ├── credentials.auto.pkrvars.hcl Local secrets for Packer (API token, endpoints) used at build time.
.rw-r--r--@ 1.3k phg staff 23 Jan 22:48 -- ├── mise.toml Task runner definitions for init/build/setup.
.rw-r--r--@ 1.8k phg staff 24 Jan 09:24 -M ├── README.md
.rw-r--r--@ 60 phg staff 23 Jan 16:01 -- ├── template-credentials.pkrvars.hcl Template to create `credentials.auto.pkrvars.hcl`.
.rw-r--r--@ 303 phg staff 23 Jan 16:58 -- └── variables-common.pkr.hcl Shared Packer variables used by templates.
Initial Setup
Create Token
- Copy
template-credentials.pkr.hcltocredentials.auto.pkrvars.hcl - Open your Proxmox VE web interface & Login.
- Navigate to:
Datacenter->Permissions->API Tokens - Click: Add
- Configure in the dialog:
- User:
root@pam(or the user you like, but It needs administrative permissions) - Token ID:
packer - Privilege Separation: false
- User:
- Click: Add
- Copy the displayed Token ID and Token Secret to
credentials.auto.pkrvars.hcl
Initialize Packer
Run packer init to initialize Packer according to a HCL template
configuration. It's downloads and installs the required Plugins according to
the required_plugins block in Packer templates.
mise run init <path-to-template-directory>
Build
To build a template run:
mise run build <path-to-template-directory>
Setup new templates
Run:
mise run setup <distribution name> <version>
E.g. mise run setup debian 13-trixie or mise run setup nixos 25.11.
ToDo
- Setup image with LUKS (check if the passphrase slots can be empty to be set later during provision)
- Setup dropbear
- Setup Clevis/Tang
- Lock down root user (remove password, prohibit all logins)
- Lock down SSH Server