Merge branch 'main' into fix/old-releases

.github/workflows/build-publish.yml

@@ -5,6 +5,7 @@ name: Build & Publish
 on:
   push:
   pull_request:
+  workflow_dispatch:
   release:
     types:
       - created

README.md

@@ -3,7 +3,7 @@
 ## Structure
 This repo contains the iso builder for Potos. 
  * [`container`](container) contains the source for the docker image `ghcr.io/projectpotos/potos-iso-builder`
- * [`config`](container) contains an example config
+ * [`config`](config) contains an example config
  * [`output`](output) is the directory where using the default commands the final iso is stored into
 
 

config/config.yml

@@ -19,6 +19,10 @@ environment: "production"
 first_boot_ansible:
   runtype: "setup"
 full_unattended_install: false
+# wifi:
+#   interface: "wlp1s0"
+#   ssid: "REDACTED"
+#   pw: "REDACTED"
 os: "jammy"
 output:
   version: "%Y%m%d"

container/autoinstall-user-data.j2

@@ -10,6 +10,23 @@ autoinstall:
     hostname: {{ config['initial_hostname'] | default('potoshostname01') }}
     password: {{ config['initial_user']['password'] | default('$6$L36BiUuVCSipvlO8$oGI0C.LXZegkbftFkVDXXaasTM6zs9LM71BkqZToKw5aOZ7Yr70pkzH3P9Xz5R.n0ULJ0Zf8v5ZQ/eH8flDR7/') }}
     username: {{ config['initial_user']['username'] | default('admin') }}
+{% if config['wifi']['interface'] is defined and config['wifi']['interface'] != None %}
+  early-commands:
+    - apt-get -y install wpasupplicant
+  drivers:
+    install: true
+  network:
+    # https://ubuntu.com/server/docs/install/autoinstall-reference#network
+    # https://netplan.readthedocs.io/en/stable/netplan-yaml/#properties-for-device-type-wifis
+    version: 2
+    wifis:
+      {{ config['wifi']['interface'] }}:
+        access-points:
+          "{{ config['wifi']['ssid'] }}":
+            password: "{{ config['wifi']['pw'] }}"
+        dhcp4: true
+        dhcp6: true
+{% endif %}
   ssh:
     allow-pw: true
     authorized-keys: []
@@ -53,7 +70,7 @@ autoinstall:
         size: 1GB
         preserve: false
         number: 2
-{% if config['disk_encryption']['enable']  is defined and config['disk_encryption']['enable']  == 'true' %}
+{% if config['disk_encryption']['enable']  is defined and config['disk_encryption']['enable']  == true %}
       - id: partition_crypt
         type: partition
         device: disk_primary
@@ -127,15 +144,19 @@ autoinstall:
         device: format_boot
         path: /boot
         type: mount
+      - id: mount_swap
+        device: format_swap
+        path: none
+        type: mount
       - id: mount_root
         device: format_root
         path: /
         type: mount
-  packages:
+  late-commands:
+    - curtin in-target --target=/target -- apt update
 {% for package in config['packages']['preinstall']  %}
-    - {{ package }}
+    - curtin in-target --target=/target -- apt install {{ package }} -y
 {% endfor %}
-  late-commands:
     - |
       for arg in $(cat /proc/cmdline); do
         case "${arg}" in
@@ -147,6 +168,7 @@ autoinstall:
     - sed -ie 's|GRUB_CMDLINE_LINUX_DEFAULT=.*|GRUB_CMDLINE_LINUX_DEFAULT="quiet splash gnome.initial-setup=1 systemd.debug_shell"|' /target/etc/default/grub
     - rm -f /target/etc/netplan/*
     - cp /cdrom/setup/default-netplan.yml /target/etc/netplan/01-network-manager-all.yaml
+    - curtin in-target --target=/target -- rm /etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service
     - cp /cdrom/setup/gnome-sudo /target/etc/sudoers.d/01_gnome-initial-setup
     - mkdir -p /target/etc/potos/ && chown 0:0 /target/etc/potos/ && chmod 0700 /target/etc/potos/
 {% if config['specs']['ssh_key'] != "" %}

container/build-iso.py

@@ -35,6 +35,10 @@
         config['initial_user'] = {}
         config['initial_user']['username'] = ymlconfig.get("initial_user",{}).get('username',"admin")
         config['initial_user']['password'] = ymlconfig.get("initial_user",{}).get('password',"$6$L36BiUuVCSipvlO8$oGI0C.LXZegkbftFkVDXXaasTM6zs9LM71BkqZToKw5aOZ7Yr70pkzH3P9Xz5R.n0ULJ0Zf8v5ZQ/eH8flDR7/")
+        config['wifi'] = {}
+        config['wifi']['interface'] = ymlconfig.get("wifi",{}).get('interface')
+        config['wifi']['ssid'] = ymlconfig.get("wifi",{}).get('ssid')
+        config['wifi']['pw'] = ymlconfig.get("wifi",{}).get('pw')
         config['environment'] = ymlconfig.get("environment","production")
         config['first_boot_ansible'] = {}
         config['first_boot_ansible']['runtype'] = ymlconfig.get("first_boot_ansible",{}).get('runtype',"setup")
@@ -57,7 +61,7 @@
 # switch iso by selected os
 if config['os'] == "jammy":
     config['input'] = {}
-    config['input']['iso_filename'] = "ubuntu-22.04.2-live-server-amd64.iso"
+    config['input']['iso_filename'] = "ubuntu-22.04.3-live-server-amd64.iso"
     config['input']['iso_url'] = "https://releases.ubuntu.com/22.04/" + config['input']['iso_filename']
     config['input']['sha256_filename'] = "SHA256SUMS"
     config['input']['sha256_url'] = "https://releases.ubuntu.com/22.04/SHA256SUMS"
@@ -69,7 +73,7 @@
         "plymouth-theme-ubuntu-logo",
         "ldap-utils",
         "yad",
-]
+    ]
     #Test the URL, if 404 use old-releases.ubuntu.com
     response = requests.get(config['input']['iso_url'])
     if response.status_code == 404:
@@ -80,18 +84,18 @@
         config['input']['sha256_url'] = "https://old-releases.ubuntu.com/releases/" + version + "/" + config['input']['sha256_filename']
 elif config['os'] == "focal":
     config['input'] = {}
-    config['input']['iso_filename'] = "ubuntu-20.04.5-live-server-amd64.iso"
+    config['input']['iso_filename'] = "ubuntu-20.04.6-live-server-amd64.iso"
     config['input']['iso_url'] = "https://releases.ubuntu.com/20.04/" + config['input']['iso_filename'] 
     config['input']['sha256_filename'] = "SHA256SUMS"
     config['input']['sha256_url'] = "https://releases.ubuntu.com/20.04/SHA256SUMS"
     config['packages'] = {}
     config['packages']['preinstall'] = [
-        "python3-virtualenv",
         "linux-generic-hwe-20.04",
         "ubuntu-desktop",
         "plymouth-theme-ubuntu-logo",
         "ldap-utils",
         "yad",
+        "python3-virtualenv",
     ]
 else:
     print("Invalid base os: %s"%(config['os']))
@@ -106,7 +110,7 @@
 # Print config info
 if config['environment'] == "develop":
     print(
-        "*** config.environment is %s, going to print some more informations for you:"%(
+        "*** config.environment is %s, going to print some more information for you:"%(
             config['environment'],
         )
     )

container/finish.sh.j2

@@ -52,11 +52,11 @@ cd "${ANSIBLE_WORKDIR}"
 
 virtualenv .
 source bin/activate
-pip3 install ansible-core==2.12.3
+pip3 install ansible-core==2.12.10
 
 {# Verbose ansible if develop #}
 ansible-playbook prepare.yml {% if config['specs']['ansible_vault_key_file'] != "" %}--vault-password-file=/etc/potos/ansible_vault_key {% endif %}{% if POTOS_ENV is defined and POTOS_ENV == 'develop' %}-vvv {% endif %}| sed -u 's/^/# /'
-ansible-playbook playbook.yml {% if config['specs']['ansible_vault_key_file'] != "" %}--vault-password-file=/etc/potos/ansible_vault_key {% endif %}{% if POTOS_ENV is defined and POTOS_ENV == 'develop' %}-vvv {% endif %}-e "{{ config['client_name']['short'] }}_runtype"="{{ config['first_boot_ansible']['runtype'] }}" | sed -u 's/^/# /'
+ansible-playbook playbook.yml {% if config['specs']['ansible_vault_key_file'] != "" %}--vault-password-file=/etc/potos/ansible_vault_key {% endif %}{% if POTOS_ENV is defined and POTOS_ENV == 'develop' %}-vvv {% endif %}-e "potos_runtype"="{{ config['first_boot_ansible']['runtype'] }}" | sed -u 's/^/# /'
 
 deactivate