From 2444c5d7aff1e17bdf7d659955e65c38e34d78e9 Mon Sep 17 00:00:00 2001
From: Sandwich <sandwich@archworks.co>
Date: Wed, 17 Apr 2024 10:53:09 +0200
Subject: [PATCH] add ubuntu support

---
 README.md                          |   2 +-
 main.yml                           |   2 +-
 roles/bootstrap/tasks/main.yml     |   9 ++
 roles/bootstrap/vars/packages.yml  | 145 +++++++++++++++++++++++------
 roles/configuration/tasks/main.yml |  16 ++--
 roles/environment/tasks/main.yml   |   3 +-
 roles/partitioning/tasks/ext4.yml  |   2 +-
 roles/partitioning/tasks/main.yml  |   2 +-
 8 files changed, 140 insertions(+), 41 deletions(-)

diff --git a/README.md b/README.md
index 4e7c537..89f0ae5 100644
--- a/README.md
+++ b/README.md
@@ -52,7 +52,7 @@ Inventory variables are defined for individual hosts or VMs in the inventory fil
 | `cis` (optional)        | Adjusts the installation to be CIS level 3 conformant.                            | `true`, `false`                                    |
 | `filesystem`            | Filesystem type for the VM's primary storage.                                     | `btrfs`, `ext4`, `xfs`                             |
 | `hostname`              | The hostname assigned to the virtual machine or system.                           | `vm01`                                             |
-| `os`                    | Operating system to be installed on the VM.                                       | `archlinux`, `almalinux`, `debian11`, `debian12`, `fedora`, `rocky` |
+| `os`                    | Operating system to be installed on the VM.                                       | `archlinux`, `almalinux`, `debian11`, `debian12`, `fedora`, `rocky`, `ubuntu`, `ubuntu-lts` |
 | `root_password`         | Root password for the VM or system, used for initial setup or secure access.      | `SecurePass123`                                    |
 | `user_name`             | Username for a user account within the VM, often used with cloud-init.            | `adminuser`                                        |
 | `user_password`         | Password for the user account within the VM.                                      | `UserPass123`                                      |
diff --git a/main.yml b/main.yml
index 5804187..92ea0b4 100644
--- a/main.yml
+++ b/main.yml
@@ -47,7 +47,7 @@
         that:
           - hypervisor in ["libvirt", "proxmox", "vmware", "none"]
           - filesystem in ["btrfs", "ext4", "xfs"]
-          - os in ["archlinux", "almalinux", "debian11", "debian12", "fedora", "rocky"]
+          - os in ["archlinux", "almalinux", "debian11", "debian12", "fedora", "rocky", "ubuntu", "ubuntu-lts"]
         fail_msg: "Invalid input specified, please try again"
 
     - name: Set connection
diff --git a/roles/bootstrap/tasks/main.yml b/roles/bootstrap/tasks/main.yml
index b94788e..ece840a 100644
--- a/roles/bootstrap/tasks/main.yml
+++ b/roles/bootstrap/tasks/main.yml
@@ -18,6 +18,15 @@
         - arch-chroot /mnt apt install -y {{ role_packages[os].extra | join(' ') }}
         - arch-chroot /mnt apt remove -y libcups2 libavahi-common3 libavahi-common-data
 
+    - name: Bootstrap Ubuntu System
+      when: os | lower in ['ubuntu', 'ubuntu-lts']
+      shell: "{{ item }}"
+      with_items:
+        - debootstrap --include={{ role_packages[os].base | join(',') }} {{ 'mantic' if os == 'ubuntu' else 'jammy' }} /mnt http://archive.ubuntu.com/ubuntu/
+        - arch-chroot /mnt sed -i '1s|$| universe|' /etc/apt/sources.list
+        - arch-chroot /mnt apt update -y
+        - arch-chroot /mnt apt install -y {{ role_packages[os].extra | join(' ') }}
+
     - name: Bootstrap AlmaLinux 9
       when: os | lower == 'almalinux'
       shell: "{{ item }}"
diff --git a/roles/bootstrap/vars/packages.yml b/roles/bootstrap/vars/packages.yml
index a980392..1bebed1 100644
--- a/roles/bootstrap/vars/packages.yml
+++ b/roles/bootstrap/vars/packages.yml
@@ -1,11 +1,10 @@
----
 almalinux:
   - bind-utils
   - cloud-init
   - dhcp-client
   - efibootmgr
-  - glibc-langpack-en
   - glibc-langpack-de
+  - glibc-langpack-en
   - grub2
   - grub2-efi
   - lrzsz
@@ -56,13 +55,12 @@ debian11:
   base:
     - apparmor-utils
     - btrfs-progs
-    - xfsprogs
     - chrony
     - cron
+    - gnupg
     - grub-efi
     - grub-efi-amd64-signed
     - grub2-common
-    - gnupg
     - linux-image-amd64
     - locales
     - logrotate
@@ -71,67 +69,72 @@ debian11:
     - openssh-server
     - python3
     - sudo
+    - xfsprogs
+
   extra:
     - cloud-init
     - curl
     - firewalld
+    - fish
     - htop
-    - network-manager
-    - screen
-    - open-vm-tools
-    - python-is-python3
+    - libpam-pwquality
+    - lrzsz
     - ncdu
     - neofetch
-    - lrzsz
-    - libpam-pwquality
+    - network-manager
+    - open-vm-tools
+    - python-is-python3
     - rsync
+    - screen
     - software-properties-common
     - syslog-ng
     - tcpd
-    - fish
     - vim
     - wget
+    - zstd
 
 debian12:
   base:
     - btrfs-progs
-    - xfsprogs
     - cron
+    - gnupg
     - grub-efi
     - grub-efi-amd64-signed
     - grub2-common
-    - gnupg
     - linux-image-amd64
     - locales
+    - logrotate
     - lvm2
+    - xfsprogs
 
   extra:
-    - cloud-init
     - apparmor-utils
     - chrony
+    - cloud-init
     - curl
     - firewalld
     - fish
     - htop
-    - network-manager
-    - screen
-    - open-vm-tools
-    - python-is-python3
-    - ncdu
-    - neofetch
+    - libpam-pwquality
     - logrotate
     - lrzsz
-    - libpam-pwquality
+    - ncdu
+    - neofetch
+    - net-tools
+    - network-manager
+    - open-vm-tools
+    - openssh-server
+    - python-is-python3
+    - python3
     - rsync
+    - screen
     - software-properties-common
     - sudo
     - syslog-ng
     - tcpd
-    - net-tools
-    - openssh-server
-    - python3
     - vim
     - wget
+    - zstd
 
 fedora:
   - bind-utils
@@ -139,8 +142,8 @@ fedora:
   - cloud-init
   - dhcp-client
   - efibootmgr
-  - glibc-langpack-en
   - glibc-langpack-de
+  - glibc-langpack-en
   - grub2
   - grub2-efi
   - lrzsz
@@ -188,8 +191,8 @@ rocky:
   - cloud-init
   - dhcp-client
   - efibootmgr
-  - glibc-langpack-en
   - glibc-langpack-de
+  - glibc-langpack-en
   - grub2
   - grub2-efi
   - lrzsz
@@ -203,4 +206,92 @@ rocky:
   - util-linux-core
   - vim
   - wget
-  - zstd
\ No newline at end of file
+  - zstd
+
+ubuntu:
+  base:
+    - btrfs-progs
+    - cron
+    - gnupg
+    - grub-efi
+    - grub-efi-amd64-signed
+    - grub2-common
+    - initramfs-tools
+    - linux-image-generic
+    - locales
+    - lvm2
+    - xfsprogs
+
+  extra:
+    - apparmor-utils
+    - bash-completion
+    - chrony
+    - cloud-init
+    - curl
+    - dnsutils
+    - firewalld
+    - fish
+    - htop
+    - libpam-pwquality
+    - logrotate
+    - lrzsz
+    - ncdu
+    - net-tools
+    - network-manager
+    - open-vm-tools
+    - openssh-server
+    - python-is-python3
+    - python3
+    - rsync
+    - screen
+    - software-properties-common
+    - sudo
+    - syslog-ng
+    - tcpd
+    - vim
+    - wget
+    - zstd
+
+ubuntu-lts:
+  base:
+    - btrfs-progs
+    - cron
+    - gnupg
+    - grub-efi
+    - grub-efi-amd64-signed
+    - grub2-common
+    - initramfs-tools
+    - linux-image-generic
+    - locales
+    - lvm2
+    - xfsprogs
+
+  extra:
+    - apparmor-utils
+    - bash-completion
+    - chrony
+    - cloud-init
+    - curl
+    - dnsutils
+    - firewalld
+    - fish
+    - htop
+    - libpam-pwquality
+    - logrotate
+    - lrzsz
+    - ncdu
+    - net-tools
+    - network-manager
+    - open-vm-tools
+    - openssh-server
+    - python-is-python3
+    - python3
+    - rsync
+    - screen
+    - software-properties-common
+    - sudo
+    - syslog-ng
+    - tcpd
+    - vim
+    - wget
+    - zstd
\ No newline at end of file
diff --git a/roles/configuration/tasks/main.yml b/roles/configuration/tasks/main.yml
index 8bf74b6..e3eaca7 100644
--- a/roles/configuration/tasks/main.yml
+++ b/roles/configuration/tasks/main.yml
@@ -21,9 +21,6 @@
         - systemctl daemon-reload
         - arch-chroot /mnt ln -sf /usr/share/zoneinfo/Europe/Vienna /etc/localtime
 
-    - name: Generate adjtime file
-      command: arch-chroot /mnt /usr/sbin/hwclock --systohc
-
     - name: Setup locales
       block:
         - name: Configure locale.gen
@@ -90,13 +87,14 @@
     - name: Configure Bootloader
       block:
         - name: Install Bootloader
-          command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/sbin/efibootmgr -c -L '{{ os }}' -d "{{ install_drive }}" -wwp 1 -l '\efi\EFI\{{ os }}\shimx64.efi'{% else %}/usr/sbin/grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id={{ os }}{% endif %}
+          command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12", "ubuntu", "ubuntu-lts"] %}/usr/sbin/efibootmgr -c -L '{{ os }}' -d "{{ install_drive }}" -wwp 1 -l '\efi\EFI\{{ os }}\shimx64.efi'{% else %}/usr/sbin/grub-install --target=x86_64-efi --efi-directory={{ "/boot/efi" if os | lower in ["ubuntu", "ubuntu-lts"] else "/boot" }} --bootloader-id={{ os }}{% endif %}
 
         - name: Generate grub config
-          command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/sbin/grub2-mkconfig -o /boot/efi/EFI/{{ os }}/grub.cfg{% else %}/usr/sbin/grub-mkconfig -o /boot/grub/grub.cfg{% endif %}
+          command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12", "ubuntu", "ubuntu-lts"] %}/usr/sbin/grub2-mkconfig -o /boot/efi/EFI/{{ os }}/grub.cfg{% else %}/usr/sbin/grub-mkconfig -o {{ "/boot/efi/EFI/" + os + "/grub.cfg" if os | lower in ["ubuntu", "ubuntu-lts"] else "/boot/grub/grub.cfg" }}{% endif %}
 
         - name: Regenerate initramfs
-          command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/bin/dracut --regenerate-all --force{% else %}/usr/sbin/mkinitcpio -P{% endif %}
+          when: os | lower not in ["debian11", "debian12", "ubuntu", "ubuntu-lts"]
+          command: arch-chroot /mnt {% if os | lower == "archlinux" %}/usr/sbin/mkinitcpio -P{% elif os | lower not in ["debian11", "debian12", "ubuntu", "ubuntu-lts", "archlinux"] %}/usr/bin/dracut --regenerate-all --force{% else %}echo "Skipping initramfs regeneration"{% endif %}
 
     - name: Extra Configuration
       when: os | lower != "archlinux"
@@ -104,7 +102,7 @@
         - name: Append lines to vimrc
           ignore_errors: true
           lineinfile:
-            path: "{{ '/mnt/etc/vim/vimrc' if os|lower in ['debian11' ,'debian12'] else '/mnt/etc/vimrc' }}"
+            path: "{{ '/mnt/etc/vim/vimrc' if os|lower in ['debian11' ,'debian12', 'ubuntu', 'ubuntu-lts'] else '/mnt/etc/vimrc' }}"
             line: "{{ item }}"
             insertafter: EOF
           with_items:
@@ -146,7 +144,7 @@
         - name: Create user account
           command: '{{ item }}'
           with_items:
-          - arch-chroot /mnt /usr/sbin/useradd --create-home --user-group --groups {{ "sudo" if os|lower in ["debian11", "debian12"] else "wheel" }} {{ user_name }} --password {{ user_password | password_hash('sha512') }} --shell /bin/bash
+          - arch-chroot /mnt /usr/sbin/useradd --create-home --user-group --groups {{ "sudo" if os|lower in ["debian11", "debian12", "ubuntu", "ubuntu-lts"] else "wheel" }} {{ user_name }} --password {{ user_password | password_hash('sha512') }} --shell /bin/bash
           - arch-chroot /mnt /usr/sbin/usermod --password '{{ root_password | password_hash('sha512') }}' root --shell /bin/bash
 
         - name: Add SSH public key to authorized_keys
@@ -161,7 +159,7 @@
 
     - name: Give sudo access to wheel group
       copy:
-        content: "{{ '%sudo ALL=(ALL) ALL' if os|lower in ['debian11', 'debian12'] else '%wheel ALL=(ALL) ALL' }}"
+        content: "{{ '%sudo ALL=(ALL) ALL' if os|lower in ['debian11', 'debian12', 'ubuntu', 'ubuntu-lts'] else '%wheel ALL=(ALL) ALL' }}"
         dest: /mnt/etc/sudoers.d/01-wheel
         mode: 0440
         validate: /usr/sbin/visudo --check --file=%s
diff --git a/roles/environment/tasks/main.yml b/roles/environment/tasks/main.yml
index bc46aad..8537339 100644
--- a/roles/environment/tasks/main.yml
+++ b/roles/environment/tasks/main.yml
@@ -54,8 +54,9 @@
       loop:
         - { name: 'glibc' }
         - { name: 'dnf', os: ['almalinux', 'fedora', 'rhel9', 'rhel8', 'rocky'] }
-        - { name: 'debootstrap', os: ['debian11', 'debian12'] }
+        - { name: 'debootstrap', os: ['debian11', 'debian12', 'ubuntu', 'ubuntu-lts'] }
         - { name: 'debian-archive-keyring', os: ['debian11', 'debian12'] }
+        - { name: 'ubuntu-keyring', os: ['ubuntu', 'ubuntu-lts'] }
       when: "'os' not in item or os in item.os"
       retries: 4
       delay: 15
diff --git a/roles/partitioning/tasks/ext4.yml b/roles/partitioning/tasks/ext4.yml
index 0611315..0e29b19 100644
--- a/roles/partitioning/tasks/ext4.yml
+++ b/roles/partitioning/tasks/ext4.yml
@@ -13,7 +13,7 @@
     - { lv: var_log_audit }
 
 - name: Remove Unsupported features for older Systems
-  when: (os | lower in ['almalinux', 'debian11', 'rhel8', 'rhel9', 'rocky']) and (cis == true or item.lv not in ['var_log', 'var_log_audit'])
+  when: (os | lower in ['almalinux', 'debian11', 'rhel8', 'rhel9', 'rocky', 'ubuntu-lts']) and (cis == true or item.lv not in ['var_log', 'var_log_audit'])
   command: tune2fs -O "^orphan_file,^metadata_csum_seed" "/dev/sys/{{ item.lv }}"
   loop:
     - { lv: root }
diff --git a/roles/partitioning/tasks/main.yml b/roles/partitioning/tasks/main.yml
index 4bb4c2f..8c5a125 100644
--- a/roles/partitioning/tasks/main.yml
+++ b/roles/partitioning/tasks/main.yml
@@ -119,7 +119,7 @@
 
     - name: Mount boot filesystem
       mount:
-        path: /mnt/boot
+        path: "{{ '/mnt/boot/efi' if os | lower in ['ubuntu', 'ubuntu-lts'] else '/mnt/boot' }}"
         src: UUID={{ boot_uuid.stdout }}
         fstype: vfat
         state: mounted
\ No newline at end of file