feat(environment): VMware network config, DNS resolvers, and SSH switchover

2026-03-12 07:43:46 +01:00
parent 335534176f
commit 54ffe5ff91
3 changed files with 47 additions and 3 deletions
--- a/roles/environment/tasks/_configure_network.yml
+++ b/roles/environment/tasks/_configure_network.yml
@@ -13,6 +13,14 @@
        | default('')
      }}

+- name: Bring up network interface
+  when:
+    - hypervisor_type == "vmware"
+    - environment_interface_name | default('') | length > 0
+  ansible.builtin.command: "ip link set {{ environment_interface_name }} up"
+  register: environment_link_result
+  changed_when: environment_link_result.rc == 0
+
 - name: Set IP-Address
  when:
    - hypervisor_type == "vmware"
@@ -32,13 +40,31 @@
  register: environment_gateway_result
  changed_when: environment_gateway_result.rc == 0

+- name: Configure DNS resolvers
+  when:
+    - hypervisor_type == "vmware"
+    - system_cfg.network.dns.servers | default([]) | length > 0
+  ansible.builtin.copy:
+    dest: /etc/resolv.conf
+    content: |
+      {% for server in system_cfg.network.dns.servers %}
+      nameserver {{ server }}
+      {% endfor %}
+      {% if system_cfg.network.dns.search | default([]) | length > 0 %}
+      search {{ system_cfg.network.dns.search | join(' ') }}
+      {% endif %}
+    mode: "0644"
+
 - name: Synchronize clock via NTP
  ansible.builtin.command: timedatectl set-ntp true
  register: environment_ntp_result
  changed_when: environment_ntp_result.rc == 0

 - name: Configure SSH for root login
-  when: hypervisor_type == "vmware" and hypervisor_cfg.ssh | bool
+  when:
+    - hypervisor_type == "vmware"
+    - hypervisor_cfg.ssh | default(false) | bool
+    - system_cfg.network.ip is defined and system_cfg.network.ip | string | length > 0
  block:
    - name: Allow login
      ansible.builtin.replace:
@@ -58,7 +84,18 @@
        name: sshd
        state: reloaded

-    - name: Set SSH connection for VMware
+    - name: Switch to SSH connection
      ansible.builtin.set_fact:
        ansible_connection: ssh
        ansible_user: root
+        ansible_password: ""
+        ansible_host: "{{ system_cfg.network.ip }}"
+        ansible_ssh_extra_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
+
+    - name: Reset connection for SSH switchover
+      ansible.builtin.meta: reset_connection
+
+    - name: Verify SSH connectivity
+      ansible.builtin.wait_for_connection:
+        timeout: 30
+        delay: 2
--- a/roles/environment/tasks/_prepare_installer.yml
+++ b/roles/environment/tasks/_prepare_installer.yml
@@ -79,6 +79,13 @@
 # bootstrapping RHEL-family distros from the Arch ISO, where the
 # host rpm/dnf does not trust target distro GPG keys. Package
 # integrity is verified by the target system's own rpm after reboot.
+- name: Create RPM macros directory
+  when: is_rhel | bool
+  ansible.builtin.file:
+    path: /etc/rpm
+    state: directory
+    mode: "0755"
+
 - name: Relax RPM Sequoia signature policy for RHEL bootstrap
  when: is_rhel | bool
  ansible.builtin.copy:
--- a/roles/environment/tasks/main.yml
+++ b/roles/environment/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: Configure work environment
-  become: "{{ hypervisor_type != 'vmware' }}"
+  become: "{{ (hypervisor_type | default('none')) != 'vmware' }}"
  block:
    - name: Detect and validate live environment
      ansible.builtin.include_tasks: _detect_live.yml