Skip to content
Snippets Groups Projects

Test CSB Praktikum - Ubuntu 24.04 Autoinstall.Yaml - Full (Self-Admin)

  • Clone with SSH
  • Clone with HTTPS
  • Embed
  • Share
    The snippet can be accessed without any authentication.
    Authored by baumann

    Variante 3 - Self-Administration

    • Passwort muss nach Insllation neu gesetzt werden
    • Alle Anwendungen, sowie Extensions sind vorinstalliert
    • Auch ARCitect & die VSCode Extension
    • Fehlen tut derzeit xRDP
    Edited
    autoinstall.yaml 7.06 KiB
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145 
    #cloud-config
autoinstall:
  version: 1
  source:
    id: ubuntu-desktop

  locale: en_US.UTF-8
  keyboard:
    layout: de
  timezone: Europe/Berlin

  storage:
    layout:
      name: lvm  # Verwende LVM für die gesamte Festplatte
      sizing-policy: all  # Nutze den gesamten verfügbaren Speicherplatz

  network:
    version: 2
    ethernets:
      ens33:
        dhcp4: true
        dhcp6: true

  identity:
    username: csb_admin
    hostname: localhost
    password: "$6$rkn5j4nIIyVU7ocJ$rNFpRNfm5aQ7Uyecsvt.ChjAcRLMSWgofU9p/gZvTlsZlkbcvKu115/JAn5GgPOXtGVbCTlj/J4PqfkS6esxo."


  drivers:
    install: true  # Automatische Installation der Treiber | Im Test wurden Nvidia-Treiber + CUDA installiert 

  ssh:
    install-server: true
    allow-pw: false  # Passwort-Authentifizierung deaktiviert für erhöhte Sicherheit
    authorized-keys:
      - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVZWi4m9PxvCKtatG+CM8NO4H94mrcKITkvcAg2tYEN2kokG4BuHwakfAWzIBU2XhWZodknCAbwXwYBbFa1mtvNEn5bEYQtv6zs9tb3SFOqwmg9/ldbA0Q9bBbVTRFkBGuvv0z/NJ7VKPm+OVjVL+JxT8IAj6XQI87SznmGoH/90cH/baXsJeDZlvjwhi7u8N5Slb533OX/RA/OIfYqjJO2x05eHGHyrCbIU24wzCrfO+sx2EjP4yQ1oy2tue+WmYUNrdMvG2YwfAmuEE21SNcBoYZIpJi63MqtUAklc3JtfJqe1ZdNno0yeoX1h39au6UwHntCKB66GUTA7o+jiowmUOoE88AFPUBpJBksHznW1J1BFaWt2RcdDJXhWONg0cBXWH0DFQJygsIx4tO0OwYT10JYQsOScQIemjRududmBqa1S54jCsz9sNLRdqkEWqyNFMYC5Hv+EhmVSSeWtpqYCkBpG0i4K3aUIIPsmViXxXxNOhZ8eRM8tg707bptNlVW7z10hMDAh5GAOToTKDL1IWyRjLhd23gqkAyAT2v3ZZSbulO6Yaiyh7m7EAAWuz7QFWa99+eBnCYTHL4XB80Ge3LoAsVE62Fow7juvAHAV37ZjM+YkYXORTx1rq8HPvUxAeXOGqBhyi7lWQDFGnW7kLPC1Vq/YbHXTPX69JScw==

  user-data:
    users:
      - name: csb_user
        shell: /bin/bash
        lock_passwd: false
        passwd: "$6$NAC8WrL4TH0Cd82B$CqNILbIn2wqw7hDWEKXDdFGdhjyvMY8lxJFSYHe18vuuIZn7Ta1QT7np9rEO6TYJTE8i7wzv7ptUorBxkBQu3."
        groups: users
        ssh_authorized_keys:
          - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVZWi4m9PxvCKtatG+CM8NO4H94mrcKITkvcAg2tYEN2kokG4BuHwakfAWzIBU2XhWZodknCAbwXwYBbFa1mtvNEn5bEYQtv6zs9tb3SFOqwmg9/ldbA0Q9bBbVTRFkBGuvv0z/NJ7VKPm+OVjVL+JxT8IAj6XQI87SznmGoH/90cH/baXsJeDZlvjwhi7u8N5Slb533OX/RA/OIfYqjJO2x05eHGHyrCbIU24wzCrfO+sx2EjP4yQ1oy2tue+WmYUNrdMvG2YwfAmuEE21SNcBoYZIpJi63MqtUAklc3JtfJqe1ZdNno0yeoX1h39au6UwHntCKB66GUTA7o+jiowmUOoE88AFPUBpJBksHznW1J1BFaWt2RcdDJXhWONg0cBXWH0DFQJygsIx4tO0OwYT10JYQsOScQIemjRududmBqa1S54jCsz9sNLRdqkEWqyNFMYC5Hv+EhmVSSeWtpqYCkBpG0i4K3aUIIPsmViXxXxNOhZ8eRM8tg707bptNlVW7z10hMDAh5GAOToTKDL1IWyRjLhd23gqkAyAT2v3ZZSbulO6Yaiyh7m7EAAWuz7QFWa99+eBnCYTHL4XB80Ge3LoAsVE62Fow7juvAHAV37ZjM+YkYXORTx1rq8HPvUxAeXOGqBhyi7lWQDFGnW7kLPC1Vq/YbHXTPX69JScw==

      
      - name: csb_admin
        shell: /bin/bash
        lock_passwd: false
        sudo: "ALL=(ALL) NOPASSWD:ALL"  # Admin-Benutzer mit Sudo-Rechten
        groups: sudo
        passwd: "$6$rkn5j4nIIyVU7ocJ$rNFpRNfm5aQ7Uyecsvt.ChjAcRLMSWgofU9p/gZvTlsZlkbcvKu115/JAn5GgPOXtGVbCTlj/J4PqfkS6esxo."
        ssh_authorized_keys:
          - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVZWi4m9PxvCKtatG+CM8NO4H94mrcKITkvcAg2tYEN2kokG4BuHwakfAWzIBU2XhWZodknCAbwXwYBbFa1mtvNEn5bEYQtv6zs9tb3SFOqwmg9/ldbA0Q9bBbVTRFkBGuvv0z/NJ7VKPm+OVjVL+JxT8IAj6XQI87SznmGoH/90cH/baXsJeDZlvjwhi7u8N5Slb533OX/RA/OIfYqjJO2x05eHGHyrCbIU24wzCrfO+sx2EjP4yQ1oy2tue+WmYUNrdMvG2YwfAmuEE21SNcBoYZIpJi63MqtUAklc3JtfJqe1ZdNno0yeoX1h39au6UwHntCKB66GUTA7o+jiowmUOoE88AFPUBpJBksHznW1J1BFaWt2RcdDJXhWONg0cBXWH0DFQJygsIx4tO0OwYT10JYQsOScQIemjRududmBqa1S54jCsz9sNLRdqkEWqyNFMYC5Hv+EhmVSSeWtpqYCkBpG0i4K3aUIIPsmViXxXxNOhZ8eRM8tg707bptNlVW7z10hMDAh5GAOToTKDL1IWyRjLhd23gqkAyAT2v3ZZSbulO6Yaiyh7m7EAAWuz7QFWa99+eBnCYTHL4XB80Ge3LoAsVE62Fow7juvAHAV37ZjM+YkYXORTx1rq8HPvUxAeXOGqBhyi7lWQDFGnW7kLPC1Vq/YbHXTPX69JScw==


    runcmd:
      # VSCode-Erweiterungen für alle Nutzer installieren
      - |
        export PATH=$PATH:/snap/bin
        for user in csb_user csb_admin; do
          sudo -u $user code --install-extension ms-dotnettools.dotnet-interactive-vscode
          sudo -u $user code --install-extension ms-vscode-remote.remote-containers
        done

      # Benutzer zur docker-Gruppe hinzufügen
      - |
        for user in csb_user csb_admin; do
          usermod -aG docker $user
        done

      # ARCitect (Latest) installieren und konfigurieren
      - |
        mkdir -p /opt/ARCitect
        # Holen der neuesten Version von ARCitect
        LATEST_URL=$(curl -s https://api.github.com/repos/nfdi4plants/ARCitect/releases/latest | grep browser_download_url | grep AppImage | cut -d '"' -f 4)
        if [ -n "$LATEST_URL" ]; then
          wget -O /opt/ARCitect/ARCitect.AppImage "$LATEST_URL"
          chmod +x /opt/ARCitect/ARCitect.AppImage
          # AppImage extrahieren -->Die Schritte sind notwendig, da ARCitect sonst nur im --no-sandbox Modus startet
          cd /opt/ARCitect
          ./ARCitect.AppImage --appimage-extract
          # Berechtigungen setzen
          chown root:root squashfs-root/chrome-sandbox
          chmod 4755 squashfs-root/chrome-sandbox
          # Wrapper-Skript erstellen
          echo '#!/bin/bash' > /usr/local/bin/ARCitect
          echo '/opt/ARCitect/squashfs-root/AppRun "$@"' >> /usr/local/bin/ARCitect
          chmod +x /usr/local/bin/ARCitect
          # Berechtigungen für /opt/ARCitect setzen
          chmod -R a+rx /opt/ARCitect
        else
          echo "Konnte die neueste Version von ARCitect nicht finden."
          exit 1
        fi

      # Passwortänderung beim ersten Login erzwingen - Funktioniert nur im runcmd Block
      - |
        for user in csb_user csb_admin; do
          chage -d 0 $user
        done

  packages:
    - git 
    - git-lfs
    - python3-pip
    - net-tools
    - libfuse2  # Notwendig für AppImage-Unterstützung von ARCitect unter Ubuntu
    - curl      # Für das dynamische Herunterladen von ARCitect

  snaps:
    - name: pycharm-community
      channel: stable
      classic: true
    - name: code  # VSCode
      channel: stable
      classic: true

  late-commands:
    # .NET 8.0 SDK und Runtime installieren für Ubuntu 24.04
    - |
      curtin in-target --target=/target -- bash -c '
        apt-get update && \
        apt-get install -y dotnet-sdk-8.0 && \
        apt-get install -y aspnetcore-runtime-8.0
      '
    # Docker installieren (aus dem offiziellen Docker-Repo)
    - |
      curtin in-target --target=/target -- bash -c '
        apt-get remove -y docker docker-engine docker.io containerd runc || true
        apt-get update
        apt-get install -y ca-certificates curl gnupg lsb-release
        mkdir -p /etc/apt/keyrings
        curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
        echo \
          "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
          $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
        apt-get update
        apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
        systemctl enable docker
        systemctl start docker
      '
    0% or .
    You are about to add 0 people to the discussion. Proceed with caution.
    Please register or to comment