diff --git a/cookbooks/base/attributes.rb b/cookbooks/base/attributes.rb index 18a755b..d50ecfb 100644 --- a/cookbooks/base/attributes.rb +++ b/cookbooks/base/attributes.rb @@ -9,7 +9,7 @@ end node.reverse_merge!({ 'base' => { - 'LXC' => lxc + 'lxc' => lxc } }) diff --git a/cookbooks/base/default.rb b/cookbooks/base/default.rb index f81b098..f6e1980 100644 --- a/cookbooks/base/default.rb +++ b/cookbooks/base/default.rb @@ -1,3 +1,5 @@ +include_recipe './attributes.rb' + [ # only install amd64 package # http://d.hatena.ne.jp/ritchey/20121229 @@ -33,6 +35,17 @@ remote_file '/etc/update-motd.d/99-motd-update' do mode '755' end +# If it is inside an LXC, change the apt repository settings: +if node['base']['lxc'] + %w( /etc/apt/sources.list /etc/apt/sources.list.d/ubuntu.sources ).each do |conf| + remote_file conf do + mode "0644" + owner "root" + group "root" + end + end +end + # Install the necessary packages: include_recipe './packages.rb' include_recipe './eget.rb' @@ -49,85 +62,52 @@ include_recipe './ufw.rb' # `sshd` configurations: include_recipe './ssh.rb' -# `fortune` configurations: -include_recipe './fortune.rb' - # timezone configurations: include_recipe './timezone.rb' +include_recipe './ntp.rb' -# kernel configurations: -include_recipe './kernel.rb' +# If it is a VM, do the followings. +# If it is inside an LXC container, do NOTHING. +unless node['base']['lxc'] + # `fortune` configurations: + include_recipe './fortune.rb' -# Install mc command: -include_recipe './mc.rb' + # kernel configurations: + include_recipe './kernel.rb' -# Install lsyncd command: -include_recipe './lsyncd.rb' + # Install mc command: + include_recipe './mc.rb' -# Install starship command: -include_recipe './starship.rb' + # Install lsyncd command: + include_recipe './lsyncd.rb' -# Install cloudflared command: -include_recipe './cloudflared.rb' + # Install starship command: + include_recipe './starship.rb' -# Disable Ubuntu Pro -include_recipe './ubuntupro.rb' + # Install cloudflared command: + include_recipe './cloudflared.rb' -# recipes for Ubuntu 20.04 and later -case node['platform_version'] -when "20.04", "22.04", "24.04" - remote_file '/etc/multipath.conf' do - owner 'root' - group 'root' - mode '0644' - - notifies :restart, 'service[multipath-tools]' - end - - service 'multipath-tools' do - action :nothing - end - - package 'systemd-timesyncd' - - service 'systemd-timesyncd' do - action :enable - end + # Disable Ubuntu Pro + include_recipe './ubuntupro.rb' + # recipes for Ubuntu 20.04 and later case node['platform_version'] - when "20.04" - remote_file '/etc/systemd/timesyncd.conf' do + when "20.04", "22.04", "24.04" + remote_file '/etc/multipath.conf' do owner 'root' group 'root' - mode '0644' + mode '0644' - notifies :restart, 'service[systemd-timesyncd]' + notifies :restart, 'service[multipath-tools]' end - when "22.04" - remote_file '/etc/systemd/timesyncd.conf' do - owner 'root' - group 'root' - mode '0644' - source 'files/etc/systemd/timesyncd.2204.conf' - - notifies :restart, 'service[systemd-timesyncd]' - end - when "24.04" - remote_file '/etc/systemd/timesyncd.conf' do - owner 'root' - group 'root' - mode '0644' - - source 'files/etc/systemd/timesyncd.2404.conf' - - notifies :restart, 'service[systemd-timesyncd]' + service 'multipath-tools' do + action :nothing end end -end - -# AWS EC2 Swap Setting: -if node['is_ec2'] - include_recipe './aws_ec2.rb' + # AWS EC2 Swap Setting: + if node['is_ec2'] + include_recipe './aws_ec2.rb' + end end diff --git a/cookbooks/base/files/etc/apt/sources.list b/cookbooks/base/files/etc/apt/sources.list new file mode 100644 index 0000000..a2dee82 --- /dev/null +++ b/cookbooks/base/files/etc/apt/sources.list @@ -0,0 +1,6 @@ +# deb http://archive.ubuntu.com/ubuntu noble main restricted universe multiverse + +# deb http://archive.ubuntu.com/ubuntu noble-updates main restricted universe multiverse + +# deb http://archive.ubuntu.com/ubuntu noble-security main restricted universe multiverse + diff --git a/cookbooks/base/files/etc/apt/sources.list.d/ubuntu.sources b/cookbooks/base/files/etc/apt/sources.list.d/ubuntu.sources new file mode 100644 index 0000000..8757a2f --- /dev/null +++ b/cookbooks/base/files/etc/apt/sources.list.d/ubuntu.sources @@ -0,0 +1,11 @@ +Types: deb +URIs: http://192.168.10.200:8080/ubuntu/apt-mirror/mirror/jp.archive.ubuntu.com/ubuntu/ +Suites: noble noble-updates noble-backports +Components: main restricted universe multiverse +Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg + +Types: deb +URIs: http://security.ubuntu.com/ubuntu/ +Suites: noble-security +Components: main restricted universe multiverse +Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg diff --git a/cookbooks/base/ntp.rb b/cookbooks/base/ntp.rb new file mode 100644 index 0000000..eeebd2b --- /dev/null +++ b/cookbooks/base/ntp.rb @@ -0,0 +1,39 @@ +package 'systemd-timesyncd' + +service 'systemd-timesyncd' do + action :enable +end + +case node['platform_version'] +when "20.04", "22.04", "24.04" + case node['platform_version'] + when "20.04" + remote_file '/etc/systemd/timesyncd.conf' do + owner 'root' + group 'root' + mode '0644' + + notifies :restart, 'service[systemd-timesyncd]' + end + when "22.04" + remote_file '/etc/systemd/timesyncd.conf' do + owner 'root' + group 'root' + mode '0644' + + source 'files/etc/systemd/timesyncd.2204.conf' + + notifies :restart, 'service[systemd-timesyncd]' + end + when "24.04" + remote_file '/etc/systemd/timesyncd.conf' do + owner 'root' + group 'root' + mode '0644' + + source 'files/etc/systemd/timesyncd.2404.conf' + + notifies :restart, 'service[systemd-timesyncd]' + end + end +end diff --git a/cookbooks/base/packages.rb b/cookbooks/base/packages.rb index 11b917e..70979a5 100644 --- a/cookbooks/base/packages.rb +++ b/cookbooks/base/packages.rb @@ -2,7 +2,7 @@ execute 'apt update' # Install the necessary packages: -%w[build-essential zsh vim-nox debian-keyring curl direnv jq avahi-daemon wget gpg coreutils].each do |pkg| +%w[build-essential zsh vim-nox debian-keyring curl direnv jq avahi-daemon wget gpg coreutils software-properties-common].each do |pkg| package pkg end