switch from Ubuntu to Debian

Author: kringkaste

Makefile

@@ -1,11 +1,14 @@
 init:
-	packer init packer.pkr.hcl
+	packer init baseimage.pkr.hcl
+	packer init webserver.pkr.hcl
 
 test: init
-	packer validate packer.pkr.hcl
+	packer validate baseimage.pkr.hcl
+	packer validate webserver.pkr.hcl
 	ansible-lint
 
 build: test
-	packer build packer.pkr.hcl
+	packer build baseimage.pkr.hcl
+	packer build webserver.pkr.hcl
 
 all: build

README.md

@@ -6,26 +6,27 @@ to generate the AWS AMI, which we use at [codemonauts](https://codemonauts.com/)
 If you find some problems or errors in this repositoy feel free to open an issue or directly fix it with an pull request if you want to.  
 
 ## Content
-As a basis we choose the latest Ubuntu LTS from the official AWS AMI store. On top of this we did the following for the **base** images:
+As a basis we choose the latest Debian from the official AWS AMI store. On top of this we did the following for the **base** images:
 
-  * Deactivate the default 'ubuntu' user
+  * Deactivate the default 'admin' user
   * Create our own 'codemonauts' user with our current SSH public key
   * Activate daily unattended-updates for security patches
   * Install the AWS Codedeploy agent
-  * Activate systemd-timesyncd to get a correct clock
+  * Install the AWS SSM agent
   * Install some basic CLI tools
 
-Additionaly on top for the **web** images:
+Additionaly on top for the **webserver** images:
   * Install Nginx and add our config snippets
+  * Install mozjpeg for improved JPEG encoding
   * Install PHP-FPM and some PHP Modules which are used by CraftCMS
 
 ## Images build by this repo
 All images are public and available in eu-central-1 and eu-west-1. The *XXX* in the AMI name is the timestamp during build in the format `YYYY-MM-DD-hh-mm`.
 
 **arm64**
-* Ubuntu Jammy, Base (codemonauts-arm-base-jammy_XXX)
-* Ubuntu Jammy, Web with PHP 8.3 (codemonauts-arm-web-jammy-php83_XXX)
+* Debian Bookworm, Base (codemonauts-arm64-bookworm-base_XXX)
+* Debian Bookworm, Webserver with PHP 8.3 (codemonauts-arm64-bookworm-webserver-php83_XXX)
 
 **amd64**
-* Ubuntu Jammy, Base (codemonauts-base-jammy_XXX)
-* Ubuntu Jammy, Web with PHP 7.4 (codemonauts-web-jammy-php74_XXX)
+* Debian Bookworm, Base (codemonauts-amd64-bookworm-base_XXX)
+* Debian Bookworm, Webserver with PHP 8.3 (codemonauts-amd64-bookworm-webserver-php83_XXX)

baseimage.pkr.hcl

@@ -0,0 +1,127 @@
+packer {
+  required_plugins {
+    amazon = {
+      source  = "github.com/hashicorp/amazon"
+      version = "~> 1"
+    }
+    amazon-ami-management = {
+      version = ">= 1.6.1"
+      source  = "github.com/wata727/amazon-ami-management"
+    }
+    ansible = {
+      source  = "github.com/hashicorp/ansible"
+      version = "~> 1"
+    }
+  }
+}
+
+# Instance types to use
+variable "amd64_instance_type" {
+  default = "c7a.large"
+}
+variable "arm64_instance_type" {
+  default = "c7g.large"
+}
+
+# Provider of the Debian base images
+variable "account_id" {
+  default = "136693071363"
+}
+
+data "amazon-ami" "debian-amd64-bookworm" {
+  filters = {
+    name                = "debian-12-amd64-*"
+    root-device-type    = "ebs"
+    virtualization-type = "hvm"
+  }
+  most_recent = true
+  owners      = ["${var.account_id}"]
+  region      = "eu-central-1"
+}
+
+data "amazon-ami" "debian-arm64-bookworm" {
+  filters = {
+    name                = "debian-12-arm64-*"
+    root-device-type    = "ebs"
+    virtualization-type = "hvm"
+  }
+  most_recent = true
+  owners      = ["${var.account_id}"]
+  region      = "eu-central-1"
+}
+
+# codemonauts-amd64-bookworm-base
+source "amazon-ebs" "codemonauts-amd64-bookworm-base" {
+  ami_groups    = ["all"]
+  ami_name      = "codemonauts-amd64-bookworm-base_${formatdate("YYYY-MM-DD-hh-mm", timestamp())}"
+  ami_regions   = ["eu-west-1"]
+  instance_type = "${var.amd64_instance_type}"
+  region        = "eu-central-1"
+  source_ami    = "${data.amazon-ami.debian-amd64-bookworm.id}"
+  ssh_username  = "admin"
+  tags = {
+    Amazon_AMI_Management_Identifier = "codemonauts-amd64-bookworm-base"
+  }
+}
+build {
+  name    = "codemonauts-amd64-bookworm-base"
+  sources = ["source.amazon-ebs.codemonauts-amd64-bookworm-base"]
+
+  provisioner "shell" {
+    pause_before = "10s"
+    inline = [
+      "sudo apt-get update",
+      "sudo DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\" dist-upgrade",
+      "sudo DEBIAN_FRONTEND=noninteractive apt-get -y install ansible"
+    ]
+  }
+
+  provisioner "ansible-local" {
+    playbook_dir  = "./"
+    playbook_file = "baseimage.yaml"
+  }
+
+  post-processor "amazon-ami-management" {
+    identifier    = "codemonauts-amd64-bookworm-base"
+    keep_releases = "3"
+    regions       = ["eu-central-1", "eu-west-1"]
+  }
+}
+
+# codemonauts-arm64-bookworm-base
+source "amazon-ebs" "codemonauts-arm64-bookworm-base" {
+  ami_groups    = ["all"]
+  ami_name      = "codemonauts-arm64-bookworm-base_${formatdate("YYYY-MM-DD-hh-mm", timestamp())}"
+  ami_regions   = ["eu-west-1"]
+  instance_type = "${var.arm64_instance_type}"
+  region        = "eu-central-1"
+  source_ami    = "${data.amazon-ami.debian-arm64-bookworm.id}"
+  ssh_username  = "admin"
+  tags = {
+    Amazon_AMI_Management_Identifier = "codemonauts-arm64-bookworm-base"
+  }
+}
+build {
+  name    = "codemonauts-arm64-bookworm-base"
+  sources = ["source.amazon-ebs.codemonauts-arm64-bookworm-base"]
+
+  provisioner "shell" {
+    pause_before = "10s"
+    inline = [
+      "sudo apt-get update",
+      "sudo DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\" dist-upgrade",
+      "sudo DEBIAN_FRONTEND=noninteractive apt-get -y install ansible"
+    ]
+  }
+
+  provisioner "ansible-local" {
+    playbook_dir  = "./"
+    playbook_file = "baseimage.yaml"
+  }
+
+  post-processor "amazon-ami-management" {
+    identifier    = "codemonauts-arm64-bookworm-base"
+    keep_releases = "3"
+    regions       = ["eu-central-1", "eu-west-1"]
+  }
+}