Adding final ESXI deployment code

ESXi/Packer/scripts/cleanup.sh

@@ -0,0 +1,81 @@
+#!/bin/sh -eux
+
+# Delete all Linux headers
+dpkg --list \
+  | awk '{ print $2 }' \
+  | grep 'linux-headers' \
+  | xargs apt-get -y purge;
+
+# Remove specific Linux kernels, such as linux-image-3.11.0-15-generic but
+# keeps the current kernel and does not touch the virtual packages,
+# e.g. 'linux-image-generic', etc.
+dpkg --list \
+    | awk '{ print $2 }' \
+    | grep 'linux-image-.*-generic' \
+    | grep -v `uname -r` \
+    | xargs apt-get -y purge;
+
+# Delete Linux source
+dpkg --list \
+    | awk '{ print $2 }' \
+    | grep linux-source \
+    | xargs apt-get -y purge;
+
+# Delete development packages
+dpkg --list \
+    | awk '{ print $2 }' \
+    | grep -- '-dev$' \
+    | xargs apt-get -y purge;
+
+# delete docs packages
+dpkg --list \
+    | awk '{ print $2 }' \
+    | grep -- '-doc$' \
+    | xargs apt-get -y purge;
+
+# Delete X11 libraries
+apt-get -y purge libx11-data xauth libxmuu1 libxcb1 libx11-6 libxext6;
+
+# Delete obsolete networking
+apt-get -y purge ppp pppconfig pppoeconf;
+
+# Delete oddities
+apt-get -y purge popularity-contest installation-report command-not-found friendly-recovery bash-completion fonts-ubuntu-font-family-console laptop-detect;
+
+# 19.10+ don't have this package so fail gracefully
+apt-get -y purge command-not-found-data || true;
+
+# Exlude the files we don't need w/o uninstalling linux-firmware
+echo "==> Setup dpkg excludes for linux-firmware"
+cat <<_EOF_ | cat >> /etc/dpkg/dpkg.cfg.d/excludes
+#BENTO-BEGIN
+path-exclude=/lib/firmware/*
+path-exclude=/usr/share/doc/linux-firmware/*
+#BENTO-END
+_EOF_
+
+# Delete the massive firmware packages
+rm -rf /lib/firmware/*
+rm -rf /usr/share/doc/linux-firmware/*
+
+apt-get -y autoremove;
+apt-get -y clean;
+
+# Remove docs
+rm -rf /usr/share/doc/*
+
+# Remove caches
+find /var/cache -type f -exec rm -rf {} \;
+
+# truncate any logs that have built up during the install
+find /var/log -type f -exec truncate --size=0 {} \;
+
+# Blank netplan machine-id (DUID) so machines get unique ID generated on boot.
+truncate -s 0 /etc/machine-id
+
+# remove the contents of /tmp and /var/tmp
+rm -rf /tmp/* /var/tmp/*
+
+# clear the history so our install isn't there
+export HISTSIZE=0
+rm -f /root/.wget-hsts

ESXi/Packer/scripts/networking.sh

@@ -0,0 +1,25 @@
+#!/bin/sh -eux
+
+ubuntu_version="`lsb_release -r | awk '{print $2}'`";
+major_version="`echo $ubuntu_version | awk -F. '{print $1}'`";
+
+if [ "$major_version" -ge "18" ]; then
+echo "Create netplan config for eth0"
+cat <<EOF >/etc/netplan/01-netcfg.yaml;
+network:
+  version: 2
+  ethernets:
+    eth0:
+      dhcp4: true
+EOF
+else
+  # Adding a 2 sec delay to the interface up, to make the dhclient happy
+  echo "pre-up sleep 2" >> /etc/network/interfaces;
+fi
+
+if [ "$major_version" -ge "16" ]; then
+  # Disable Predictable Network Interface names and use eth0
+  sed -i 's/en[[:alnum:]]*/eth0/g' /etc/network/interfaces;
+  sed -i 's/GRUB_CMDLINE_LINUX="\(.*\)"/GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0 \1"/g' /etc/default/grub;
+  update-grub;
+fi

ESXi/Packer/scripts/sudoers.sh

@@ -0,0 +1,7 @@
+#!/bin/sh -eux
+
+sed -i -e '/Defaults\s\+env_reset/a Defaults\texempt_group=sudo' /etc/sudoers;
+
+# Set up password-less sudo for the vagrant user
+echo 'vagrant ALL=(ALL) NOPASSWD:ALL' >/etc/sudoers.d/99_vagrant;
+chmod 440 /etc/sudoers.d/99_vagrant;

ESXi/Packer/scripts/update.sh

@@ -0,0 +1,40 @@
+#!/bin/sh -eux
+export DEBIAN_FRONTEND=noninteractive
+
+ubuntu_version="`lsb_release -r | awk '{print $2}'`";
+major_version="`echo $ubuntu_version | awk -F. '{print $1}'`";
+
+# Disable release-upgrades
+sed -i.bak 's/^Prompt=.*$/Prompt=never/' /etc/update-manager/release-upgrades;
+
+# Disable systemd apt timers/services
+if [ "$major_version" -ge "16" ]; then
+  systemctl stop apt-daily.timer;
+  systemctl stop apt-daily-upgrade.timer;
+  systemctl disable apt-daily.timer;
+  systemctl disable apt-daily-upgrade.timer;
+  systemctl mask apt-daily.service;
+  systemctl mask apt-daily-upgrade.service;
+  systemctl daemon-reload;
+fi
+
+# Disable periodic activities of apt to be safe
+cat <<EOF >/etc/apt/apt.conf.d/10periodic;
+APT::Periodic::Enable "0";
+APT::Periodic::Update-Package-Lists "0";
+APT::Periodic::Download-Upgradeable-Packages "0";
+APT::Periodic::AutocleanInterval "0";
+APT::Periodic::Unattended-Upgrade "0";
+EOF
+
+# Clean and nuke the package from orbit
+rm -rf /var/log/unattended-upgrades;
+apt-get -y purge unattended-upgrades;
+
+# Update the package list
+apt-get -y update;
+
+# Upgrade all installed packages incl. kernel and kernel headers
+apt-get -y dist-upgrade -o Dpkg::Options::="--force-confnew";
+
+reboot

ESXi/Packer/scripts/vagrant.sh

@@ -0,0 +1,14 @@
+#!/bin/bash -eux
+
+pubkey_url="https://raw.githubusercontent.com/mitchellh/vagrant/master/keys/vagrant.pub";
+mkdir -p $HOME_DIR/.ssh;
+if command -v wget >/dev/null 2>&1; then
+    wget --no-check-certificate "$pubkey_url" -O $HOME_DIR/.ssh/authorized_keys;
+elif command -v curl >/dev/null 2>&1; then
+    curl --insecure --location "$pubkey_url" > $HOME_DIR/.ssh/authorized_keys;
+else
+    echo "Cannot download vagrant public key";
+    exit 1;
+fi
+chown -R vagrant $HOME_DIR/.ssh;
+chmod -R go-rwsx $HOME_DIR/.ssh;

ESXi/Packer/scripts/vmware.sh

@@ -0,0 +1,10 @@
+#!/bin/sh -eux
+
+case "$PACKER_BUILDER_TYPE" in
+vmware-iso|vmware-vmx)
+    apt-get install -y open-vm-tools;
+    mkdir /mnt/hgfs;
+    systemctl enable open-vm-tools
+    systemctl start open-vm-tools
+    echo "platform specific vmware.sh executed";
+esac