# Copyright 2024 Signal Messenger, LLC # SPDX-License-Identifier: AGPL-3.0-only # Builds our first image, which is just a default Debian image # with some pre-installed packages etc. to make things easier for # us. Most of the work here is done in the `debian1/preseed.txt` # file. Packer serves that up via HTTP and passes it to the Debian # installer for an "unattended install". { "builders": [ { "type": "qemu", "format": "raw", "headless": "false", "communicator": "ssh", "disk_size": "5G", "memory": 4096, # Using the default amount of memory will crash, we need more. # Use UEFI so our install can be more easily modified for secure-boot. "efi_boot": "true", "efi_firmware_code": "/usr/share/OVMF/OVMF_CODE_4M.ms.fd", "efi_firmware_vars": "/usr/share/OVMF/OVMF_VARS_4M.ms.fd", "machine_type": "q35", "accelerator": "kvm", "vm_name": "disk.raw", "net_device": "virtio-net", "disk_interface": "virtio", "output_directory": "build/debian1.out", "shutdown_command": "sudo shutdown -h now", "http_directory": "debian1", "ssh_username": "svr3", "ssh_password": "svr3", # Super secret, don't tell anyone. "ssh_timeout": "15m", "iso_url": "https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-12.4.0-amd64-netinst.iso", "iso_checksum": "64d727dd5785ae5fcfd3ae8ffbede5f40cca96f1580aaa2820e8b99dae989d94", # Our 'boot_steps' do all the actual work here. "boot_wait": "2s", "boot_key_interval": "10ms", "boot_steps": [ # These steps interact with the MSFT UEFI firmware and tell it # "don't boot into the UEFI shell, we actually want to boot to our disk". # It appears that as of 2024/02/16, the firmware may have updated # to no longer require this. # "", # "bcfg boot rm 0", # "bcfg boot rm 0", # "reset", # "", # Now we're in the Debian installer UI. We select "advanced", then # tell it to use a preseed, then once it's ready, we give it the URL # we're serving up over HTTP for the 'debian1/preseed.txt' file. "", "", "http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.txt" ] } ] }