Differences

This shows you the differences between two versions of the page.

--- lab:nuc_1 [2023/04/10 00:49] – updated user
+++ lab:nuc_1 [2023/04/28 21:15] (current) – replaced user
@@ Line 1: / Line 1: @@
-====== NUC 1 ======
-This is the first NUC in the [[Stack of NUCs]]. This NUC will be a user-friendly desktop installation used to create the rest of the environment.
-References:
-  * [[https://www.jimangel.io/posts/automate-ubuntu-22-04-lts-bare-metal/]]
-Hardware:
-  * 7i3
-  * 32GB RAM
-  * 32GB storage
-  * Wireless
-Software:
-  * Ubuntu 22.04 LTS desktop
-Purpose:
-  * Linux machine to facilitate:
-    * creating the modified ISO for the boot USB stick
-    * create the modified ISO for the USB
-    * create SSH management keys
-Steps:
-  - Install Ubuntu Desktop - [[https://ubuntu.com/tutorials/install-ubuntu-desktop#1-overview]]
-  - Log in to the NUC
-  - Do the usual software updates and install software packages
-    * ''sudo apt update && sudo apt upgrade -y''
-    * ''sudo apt install xorriso squashfs-tools python3-debian gpg liblz4-tool arp-scan notepadqq python3-pip -y''
-  - Generate key for ssh: ''ssh-keygen -o''
-    * accept default settings and don't enter a passphrase
-  - Download the latest __live-server__ ISO from [[https://releases.ubuntu.com/22.04/|Ubuntu 22.04 releases page]] (name similar to ubuntu-22.04.2-live-server-amd64.iso)
-    * move this file to your home directory
-  - Open the terminal (you should be in your home directory)
-  - Install livefs-editor, which we will use to modify the iso
-    * <file bash>
-git clone https://github.com/mwhudson/livefs-editor
-cd livefs-editor''
-python3 -m pip install
-# not sure if you will need to use ''sudo''
-</file>
-    * Return to your home directory (i.e., ''cd ~'' or ''cd ..'')
-  - Create modified live-server ISO
-    - Copy the grub.cfg file from the ISO file
-      * Set the ORIG_ISO filename to the actual file you downloaded. In this example I will use ''ubuntu-22.04.2-live-server-amd64.iso''
-      * <code>
-export ORIG_ISO="ubuntu-22.04.2-live-server-amd64.iso"
-mkdir mnt
-mount -o loop $(ORIG_ISO) mnt
-cp --no-preserve=all mnt/boot/grub/grub.cfg ./grub.cfg
-umount nnt
-sed -i 's/linux	\/casper\/vmlinuz  ---/linux	\/casper\/vmlinuz autoinstall quiet ---/g' ./grub.cfg
-sed -i 's/timeout=30/timeout=1/g' /tmp/grub.cfg
-export MODDED_ISO="${ORIG_ISO::-4}-modded.iso"
-livefs-edit ../$ORIG_ISO ../$MODDED_ISO --cp ./grub.cfg new/iso/boot/grub/grub.cfg
-</code>
-  - Create bootable USB from the modified ISO
-    * Use [[https://www.balena.io/etcher|Balena Etcher]] or [[https://ubuntu.com/tutorials/create-a-usb-stick-on-ubuntu#1-overview|Startup Disk Creator]]
-  - Create a USB stick named CIDATA for a cloud-init datasource
-    - Unplug the bootable USB stick you just created
-    - Plug in the USB that will be erased and used as the cloud-init datasource
-    - Identify the USB stick device name
-      * ''lsblk''
-      * it will probably be sda or sdb
-      * be SURE you pick the right one!
-    - Format the USB disk (assuming it's sdb in this example)
-      - Unmount it: ''sudo umount /dev/sdb''
-      - Format it: ''sudo mkfs.vfat -I -F 32 -n 'CIDATA /dev/sdb'''
-      - Confirm: ''ls /dev/disk/by-label/''
-    - Create meta-data file on CIDATA (assuming it's sdb in this example)
-      - ''mkdir /tmp/cidata''
-      - ''sudo mount /dev/sdb /tmp/cidata''
-      - ''cd /tmp/cidata''
-      - ''touch meta-data''
-    - Create user-data file on CIDATA
-      * You can create the use using a text editor (notepadqq was installed earlier) or use the command line
-      * Replace the key(s) in the example with the output from your computer for:
-        * ''cat ~/.ssh/id_rsa.pub''
-      * Replace the wifi SSID name and PASSWORD with your wifi SSID and passphrase
-      * <file yaml>
-#cloud-config
-autoinstall:
-  version: 1
-  ssh:
-    install-server: true
-    # option "allow-pw" defaults to `true` if authorized_keys is empty, `false` otherwise.
-    allow-pw: false
-  # "[late-commands] are run in the installer environment with the installed system mounted at /target."
-  late-commands:
-    # randomly generate the hostname & show the IP at boot
-    - echo nuc-host-$(openssl rand -hex 3) > /target/etc/hostname
-    # dump the IP out at login screen
-    - echo "Ubuntu 22.04 LTS \nIP - $(hostname -I)\n" > /target/etc/issue
-    # storage was a pain in the ass and merged multiple things, I just want a 100% use of the fs. (alt option: https://gist.github.com/anedward01/b68e00bb2dcfa4f1335cd4590cbc8484#file-user-data-L97-L199)
-    - curtin in-target --target=/target -- lvextend -l +100%FREE /dev/mapper/ubuntu--vg-ubuntu--lv
-    - curtin in-target --target=/target -- resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv
-    # shut-down the host to avoid an infinite installer loop
-    - shutdown -h now
-  user-data:
-    disable_root: true
-    timezone: America/New_York
-    package_upgrade: false
-    packages:
-    - network-manager
-    runcmd:
-    - nmcli d wifi connect SSID password PASSWORD
-    users:
-      - name: tux
-        primary_group: users
-        groups: sudo
-        lock_passwd: true
-        # don't need PW since using SSH, leaving this in though...
-        # password is "changeme" - created with `docker run -it --rm alpine mkpasswd --method=SHA-512`
-        # passwd: "$5$IWwNqL9VUSDoc4Jv$DEUGR.cZQcbz/QvdCOmU13fX5ZW0rANg8LqkAtX3nBA"
-        shell: /bin/bash
-        # use cat ~/.ssh/id_rsa.pub or generate to get your public key
-        ssh_authorized_keys:
-          - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTK3YYoKho9SvTejt9430NRwu5ZQpwtAQGBbX8piLvLfsrJzzXxWljTvmC63VMAbCy3ii/Z4yReeCt4h7JiFNf+4ggfUmG+SN+6WvRlfKdaQBXKqojNNxVDg/M73CYF/CYjifJYombA1WIFYoZwMSnd4pzuS7pSiMFKEYTznmImgqa40uZfK6My98KTFpbuebeRvF1u/2Q2ISEYRQmHbm79NAj2WPoI73vNDtkKOPn8NU13xQgC4EMlk/Yu0p36THYlMl30iJePhFgNNBTxXBZL41+nn6W9wgfwo78VDNSa0A2Cambad/lYEerSWevsPATU7bf2an7RsDJhvCx58hI4BMl0KQ3/R0MT2OSGU+GHjBzL/T9UHIxN1FynzmwYpI96MEmEqETjG2DzboO93Oo5EkuX/e6wo/ptQ1g9Qarmk66E0shYpTtwQn2mz0Lhv8PD9C/CbZl9QqcQ43yah1MD9PH/OaCj32FpBqDNJp+NuyYbjBDhG5TgGza4yrgww8= jimangel@Jims-MacBook-Pro.local"
-        sudo: ALL=(ALL) NOPASSWD:ALL
-      - name: ansible
-        gecos: Ansible User
-        primary_group: users
-        groups: sudo
-        sudo: ALL=(ALL) NOPASSWD:ALL
-        shell: /bin/bash
-        lock_passwd: true
-        ssh_authorized_keys:
-          - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTK3YYoKho9SvTejt9430NRwu5ZQpwtAQGBbX8piLvLfsrJzzXxWljTvmC63VMAbCy3ii/Z4yReeCt4h7JiFNf+4ggfUmG+SN+6WvRlfKdaQBXKqojNNxVDg/M73CYF/CYjifJYombA1WIFYoZwMSnd4pzuS7pSiMFKEYTznmImgqa40uZfK6My98KTFpbuebeRvF1u/2Q2ISEYRQmHbm79NAj2WPoI73vNDtkKOPn8NU13xQgC4EMlk/Yu0p36THYlMl30iJePhFgNNBTxXBZL41+nn6W9wgfwo78VDNSa0A2Cambad/lYEerSWevsPATU7bf2an7RsDJhvCx58hI4BMl0KQ3/R0MT2OSGU+GHjBzL/T9UHIxN1FynzmwYpI96MEmEqETjG2DzboO93Oo5EkuX/e6wo/ptQ1g9Qarmk66E0shYpTtwQn2mz0Lhv8PD9C/CbZl9QqcQ43yah1MD9PH/OaCj32FpBqDNJp+NuyYbjBDhG5TgGza4yrgww8= jimangel@Jims-MacBook-Pro.local"
-    # shutdown after first host initial provisioning
-    power_state:
-      mode: poweroff
-</file>
-    - Unmount the USB stick
-      - ''sudo umount /tmp/cidata''
-      - Remove the USB stick
-  - Test boot setup on a different NUC
-    - Insert both USBs into the (powered off) test NUC
-    - Connect the test NUC to your wired Lab network (which has Internet access)
-    - Power on
-    - Press F10 when prompted and select the USB bootable USB stick ("USB UEFI")
-    - If no physical internet connection, it will delay the setup greatly
-    - If user-data is configured to update packages, be aware this requires an internet connection, and takes additional time
-    - When the NUC powers down the first time, remove the USB sticks, then power back on
-    - When the NUC powers down the second time, it is ready to deploy. Power back on when you are ready.
-    - Test ssh from NUC 1 to the test NUC
-      * identify the IP address on the NUC
-      * ''ssh tux@[IPADDRESS]''
-  - Set up SSH management keys
-    * once all your NUCs are up, you can use this script to add all of them to your ssh known_hosts file
-    * <code>
-IPs=$(sudo arp-scan --localnet --numeric --quiet --ignoredups | grep -E '([a-f0-9]{2}:){5}[a-f0-9]{2}' | awk '{print $1}')
-for i in $(IPs"); do ssh-keygen -R $i && ssh-keyscan -H $i >> ~/.ssh/known_hosts; done
-</code>