2024-03-19 23:02:50 +01:00
- name : Configuration
block :
- name : Generate fstab
shell : genfstab -LU /mnt > /mnt/etc/fstab
- name : Append TempFS to fstab
lineinfile :
path : /mnt/etc/fstab
line : "{{ item }}"
insertafter : EOF
with_items :
- ""
- "# TempFS"
- "tmpfs /tmp tmpfs defaults,nosuid,nodev,noexec 0 0"
- "tmpfs /var/tmp tmpfs defaults,nosuid,nodev,noexec 0 0"
- "tmpfs /dev/shm tmpfs defaults,noexec 0 0"
- name : Set local timezone
command : '{{ item }}'
with_items :
- systemctl daemon-reload
- arch-chroot /mnt ln -sf /usr/share/zoneinfo/Europe/Vienna /etc/localtime
- name : Setup locales
block :
- name : Configure locale.gen
2024-04-17 05:06:45 +02:00
when : os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
2024-03-19 23:02:50 +01:00
lineinfile :
dest : /mnt/etc/locale.gen
regexp : '{{ item.regex }}'
line : '{{ item.line }}'
loop :
- {regex: en_US\.UTF-8 UTF-8, line : en_US.UTF-8 UTF-8}
2024-04-16 01:14:05 +02:00
- name : Generate locales\
2024-04-17 05:06:45 +02:00
when : os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
2024-03-19 23:02:50 +01:00
command : arch-chroot /mnt /usr/sbin/locale-gen
- name : Set hostname
copy :
content : "{{ hostname }}"
dest : /mnt/etc/hostname
- name : Add host entry to /etc/hosts
lineinfile :
path : /mnt/etc/hosts
line : "{{ ansible_host }} {{ hostname }}"
state : present
- name : Create vconsole.conf
copy :
2024-04-17 04:19:32 +02:00
content : "KEYMAP=us-intl"
2024-03-19 23:02:50 +01:00
dest : /mnt/etc/vconsole.conf
- name : Create locale.conf
copy :
content : "LANG=en_US.UTF-8"
dest : /mnt/etc/locale.conf
- name : SSH permit Password
replace :
path : /mnt/etc/ssh/sshd_config
regexp : '#PasswordAuthentication yes'
replace : 'PasswordAuthentication yes'
- name : Enable Systemd Services
block :
- name : Enable sshd
when : os | lower == "archlinux"
2024-03-28 03:50:04 +01:00
command : arch-chroot /mnt systemctl enable sshd logrotate systemd-resolved systemd-timesyncd NetworkManager
2024-03-19 23:02:50 +01:00
- name : Configure grub
2024-04-16 01:14:05 +02:00
when : os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
2024-03-19 23:02:50 +01:00
block :
- name : Add commandline information to grub config
lineinfile :
dest : /mnt/etc/default/grub
regexp : ^GRUB_CMDLINE_LINUX_DEFAULT=
line : 'GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3"'
- name : Change Grub time
lineinfile :
dest : /mnt/etc/default/grub
regexp : ^GRUB_TIMEOUT=
2024-04-17 12:17:19 +02:00
line : 'GRUB_TIMEOUT=1'
2024-03-19 23:02:50 +01:00
- name : Configure Bootloader
block :
- name : Install Bootloader
2024-04-17 12:17:19 +02:00
command : arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12", "ubuntu", "ubuntu-lts"] %}/usr/sbin/efibootmgr -c -L '{{ os }}' -d "{{ install_drive }}" -p 1 -l '\efi\EFI\{{ os }}\shimx64.efi'{% else %}/usr/sbin/grub-install --target=x86_64-efi --efi-directory={{ "/boot/efi" if os | lower in ["ubuntu", "ubuntu-lts"] else "/boot" }} --bootloader-id={{ "ubuntu" if os | lower in ["ubuntu", "ubuntu-lts"] else os }}{% endif %}
2024-03-19 23:02:50 +01:00
- name : Generate grub config
2024-04-17 12:17:19 +02:00
command : arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12", "ubuntu", "ubuntu-lts"] %}/usr/sbin/grub2-mkconfig -o /boot/efi/EFI/{{ os }}/grub.cfg{% else %}/usr/sbin/grub-mkconfig -o {{ "/boot/efi/EFI/ubuntu/grub.cfg" if os | lower in ["ubuntu", "ubuntu-lts"] else "/boot/grub/grub.cfg" }}{% endif %}
2024-04-16 01:14:05 +02:00
- name : Regenerate initramfs
2024-04-17 10:53:09 +02:00
when : os | lower not in ["debian11", "debian12", "ubuntu", "ubuntu-lts"]
command : arch-chroot /mnt {% if os | lower == "archlinux" %}/usr/sbin/mkinitcpio -P{% elif os | lower not in ["debian11", "debian12", "ubuntu", "ubuntu-lts", "archlinux"] %}/usr/bin/dracut --regenerate-all --force{% else %}echo "Skipping initramfs regeneration"{% endif %}
2024-03-19 23:02:50 +01:00
- name : Extra Configuration
when : os | lower != "archlinux"
block :
- name : Append lines to vimrc
2024-04-16 01:14:05 +02:00
ignore_errors : true
2024-03-19 23:02:50 +01:00
lineinfile :
2024-04-17 10:53:09 +02:00
path : "{{ '/mnt/etc/vim/vimrc' if os|lower in ['debian11' ,'debian12', 'ubuntu', 'ubuntu-lts'] else '/mnt/etc/vimrc' }}"
2024-03-19 23:02:50 +01:00
line : "{{ item }}"
insertafter : EOF
with_items :
- "set encoding=utf-8"
- "set number"
- "set autoindent"
- "set smartindent"
- "set mouse=a"
- name : Copy FirstRun Script
template :
src : firstrun.sh.j2
dest : /mnt/root/firstrun.sh
mode : '0755'
- name : Copy Custom Shell config
template :
src : custom.sh.j2
dest : /mnt/etc/profile.d/custom.sh
- name : Setup Network
block :
- name : Generate UUID for Network Profile
command : "uuidgen"
register : net_uuid
- name : Retrieve Network Interface Name
shell : "ip r | awk 'NR==1 {print $5}'"
register : net_inf
- name : Copy NetworkManager keyfile
template :
src : network.j2
dest : /mnt/etc/NetworkManager/system-connections/LAN.nmconnection
mode : '0600'
- name : Setup user account
block :
- name : Create user account
command : '{{ item }}'
with_items :
2024-04-17 10:53:09 +02:00
- arch-chroot /mnt /usr/sbin/useradd --create-home --user-group --groups {{ "sudo" if os|lower in ["debian11", "debian12", "ubuntu", "ubuntu-lts"] else "wheel" }} {{ user_name }} --password {{ user_password | password_hash('sha512') }} --shell /bin/bash
2024-03-19 23:02:50 +01:00
- arch-chroot /mnt /usr/sbin/usermod --password '{{ root_password | password_hash('sha512') }}' root --shell /bin/bash
- name : Add SSH public key to authorized_keys
when : user_public_key is defined
lineinfile :
path : "/mnt/home/{{ user_name }}/.ssh/authorized_keys"
line : "{{ user_public_key }}"
owner : 1000
group : 1000
mode : "0600"
create : yes
- name : Give sudo access to wheel group
copy :
2024-04-17 10:53:09 +02:00
content : "{{ '%sudo ALL=(ALL) ALL' if os|lower in ['debian11', 'debian12', 'ubuntu', 'ubuntu-lts'] else '%wheel ALL=(ALL) ALL' }}"
2024-03-19 23:02:50 +01:00
dest : /mnt/etc/sudoers.d/01-wheel
mode : 0440
validate : /usr/sbin/visudo --check --file=%s
- name : Fix SELinux
2024-04-17 06:02:32 +02:00
block :
- name : Relabel the filesystem
when : os | lower in ['almalinux', 'rhel8', 'rhel9', 'rocky']
command : touch /mnt/.autorelabel
- name : Disable SELinux
when : os | lower == "fedora"
lineinfile :
path : /mnt/etc/selinux/config
regexp : '^SELINUX='
line : 'SELINUX=permissive'