2021-01-27 21:33:16 +01:00
# Packer.Images [](https://ci.spamasaurus.com/djpbessems/Packer.Images)
2021-02-15 09:24:21 +01:00
This OVA appliance allows deploying an Active Directory Certificate Authority fully automated:
The included `.ovf` file has the following XML contents (simplified for clarity) to facilitate the different `DeploymentOption` s:
```xml
< Envelope [ . . . ] >
[...]
< DeploymentOptionSection >
< Info > Deployment Type< / Info >
< Configuration ovf:id = "standalone-root" >
< Label > Root Certificate Authority< / Label >
< Description > Root CA with self-signed certificate; should be kept turned off< / Description >
< / Configuration >
< Configuration ovf:id = "enterprise-intermediate" >
< Label > Subordinate enterprise Certificate Authority< / Label >
< Description > Subordinate CA on domain-member server; kept online to service certificate requests/enrollment and host CRL< / Description >
< / Configuration >
< Configuration ovf:id = "standalone-intermediate" >
< Label > Subordinate standalone Certificate Authority< / Label >
< Description > Subordinate CA on standalone server; kept online to service certificate requests and host CRL< / Description >
< / Configuration >
< / DeploymentOptionSection >
< VirtualSystem ovf:id = "[...]" >
[...]
< ProductSection >
[...]
< Category > 1) Operating System< / Category >
< Property ovf:configuration = "standalone-root enterprise-intermediate standalone-intermediate" ovf:key = "guestinfo.hostname" [ . . . ] >
< Label > Hostname*< / Label >
< / Property >
[...]
< Category > 3) Active Directory Certificate Services< / Category >
< Property ovf:configuration = "secondary" ovf:key = "adcsconfig.foo" [ . . . ] >
< Label > Foo*< / Label >
< / Property >
[...]
< / Property >
< / ProductSection >
< / VirtualSystem >
< / Envelope >
```
When **provisioning** the appliance through the vCenter 'Deploy OVF template...' wizard, or through vApp-compatible *Infrastructure as code* tooling (e.g. HashiCorp Terraform), it is possible to provide all relevant configuration through vApp properties.
< table >
< tr >
< td >< em > vSphere 'Deploy OVF template...' wizard</ em ></ td > < td > < a href = "https://registry.terraform.io/providers/hashicorp/vsphere/latest/docs/resources/virtual_machine #deploying -vm-from-an-ovfova-template" > HashiCorp Terraform vSphere provider</ a > </ td >
< / tr >
< tr >
< td > < img src = ".assets/vAppConfigurations-ADCS-example.png" alt = "vApp properties" width = "400" / > < br / > < img src = ".assets/vAppProperties-ADCS-example.png" alt = "vApp properties" width = "400" / > < / td >
< td >
```hcl
vapp {
properties = {
# "deployment.type" = "standalone-root"
"guestinfo.hostname" = "CA01"
"guestinfo.ipaddress" = "10.0.0.42"
"guestinfo.prefixlength" = "24"
"guestinfo.dnsserver" = "10.0.0.21"
"guestinfo.gateway" = "10.0.0.1"
"adcsconfig.foo" = "..."
"adcsconfig.bar" = "..."
}
}
```
< / td >
< / tr >
< / table >
On first boot, the appliance will start **configuring** itself without any further user-input, by performing the following steps:
- *WIP*
