sandwich/Ansible-Bootstrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Split bootstrap by OS

Browse Source
This commit is contained in:
Sandwich
2025-12-25 22:12:19 +01:00
parent a71d27c29d
commit 732784fa2d
9 changed files with 296 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
roles/bootstrap/tasks/almalinux.yml Normal file
View File

@@ -0,0 +1,25 @@
---
- name: Bootstrap AlmaLinux 9
vars:
bootstrap_alma_extra: >-
{{
(
(
lookup('vars', bootstrap_var_key)
| difference(bootstrap_guest_agent_remove_packages)
)
+ bootstrap_guest_agent_packages
)
| join(' ')
}}
ansible.builtin.command: "{{ item }}"
loop:
- >-
dnf --releasever=9 --best --repo=alma-baseos --installroot=/mnt
--setopt=install_weak_deps=False groupinstall -y base core
- ln -sf /run/NetworkManager/resolv.conf /mnt/etc/resolv.conf
- >-
arch-chroot /mnt dnf --releasever=9 --setopt=install_weak_deps=False
install -y {{ bootstrap_alma_extra }}
register: bootstrap_result
changed_when: bootstrap_result.rc == 0

15
roles/bootstrap/tasks/archlinux.yml Normal file
View File

@@ -0,0 +1,15 @@
---
- name: Bootstrap ArchLinux
vars:
bootstrap_archlinux_packages: >-
{{
(
lookup('vars', bootstrap_var_key)
| difference(bootstrap_guest_agent_remove_packages)
)
+ bootstrap_guest_agent_packages
}}
ansible.builtin.command: >-
pacstrap /mnt {{ bootstrap_archlinux_packages | join(' ') }} --asexplicit
register: bootstrap_result
changed_when: bootstrap_result.rc == 0

29
roles/bootstrap/tasks/debian.yml Normal file
View File

@@ -0,0 +1,29 @@
---
- name: Bootstrap Debian System
vars:
bootstrap_debian_release: >-
{{
'bullseye' if bootstrap_os_key == 'debian11'
else 'bookworm' if bootstrap_os_key == 'debian12'
else 'trixie'
}}
bootstrap_debian_base_list: "{{ lookup('vars', bootstrap_var_key).base | default([]) }}"
bootstrap_debian_extra_list: "{{ lookup('vars', bootstrap_var_key).extra | default([]) }}"
bootstrap_debian_base: "{{ (bootstrap_debian_base_list | difference(bootstrap_guest_agent_remove_packages)) | join(',') }}"
bootstrap_debian_extra: >-
{{
(
(bootstrap_debian_extra_list | difference(bootstrap_guest_agent_remove_packages))
+ bootstrap_guest_agent_packages
)
| join(' ')
}}
ansible.builtin.command: "{{ item }}"
loop:
- >-
debootstrap --include={{ bootstrap_debian_base }}
{{ bootstrap_debian_release }} /mnt http://deb.debian.org/debian/
- "arch-chroot /mnt apt install -y {{ bootstrap_debian_extra }}"
- arch-chroot /mnt apt remove -y libcups2 libavahi-common3 libavahi-common-data
register: bootstrap_result
changed_when: bootstrap_result.rc == 0

27
roles/bootstrap/tasks/fedora.yml Normal file
View File

@@ -0,0 +1,27 @@
---
- name: Bootstrap Fedora 42
vars:
bootstrap_fedora_extra: >-
{{
(
(
lookup('vars', bootstrap_var_key)
| difference(bootstrap_guest_agent_remove_packages)
)
+ bootstrap_guest_agent_packages
)
| join(' ')
}}
ansible.builtin.command: "{{ item }}"
loop:
- >-
dnf --releasever=42 --best --repo=fedora --repo=fedora-updates
--installroot=/mnt --setopt=install_weak_deps=False
groupinstall -y critical-path-base core
- ln -sf /run/NetworkManager/resolv.conf /mnt/etc/resolv.conf
- >-
arch-chroot /mnt dnf --releasever=42 --setopt=install_weak_deps=False
install -y {{ bootstrap_fedora_extra }}
- arch-chroot /mnt dnf reinstall -y kernel-core
register: bootstrap_result
changed_when: bootstrap_result.rc == 0

126
roles/bootstrap/tasks/main.yml
View File

@@ -1,101 +1,43 @@
---
- name: Run OS-specific bootstrap process
vars:
bootstrap_os_key: "{{ os | lower }}"
bootstrap_var_key: "{{ 'bootstrap_' + (os | lower | replace('-', '_')) }}"
bootstrap_hypervisor_key: "{{ hypervisor | default('none') | lower }}"
bootstrap_guest_agent_packages: >-
{{
['qemu-guest-agent'] if bootstrap_hypervisor_key in ['libvirt', 'proxmox']
else ['open-vm-tools'] if bootstrap_hypervisor_key == 'vmware'
else []
}}
bootstrap_guest_agent_remove_packages:
- open-vm-tools
- qemu-guest-agent
block:
- name: Bootstrap ArchLinux
when: os | lower == 'archlinux'
ansible.builtin.command: pacstrap /mnt {{ archlinux | join(' ') }} --asexplicit
changed_when: result.rc == 0
register: result
- name: Include AlmaLinux bootstrap tasks
when: bootstrap_os_key == 'almalinux'
ansible.builtin.include_tasks: almalinux.yml
- name: Bootstrap Debian System
when: os | lower in ['debian11', 'debian12', 'debian13']
ansible.builtin.command: "{{ item }}"
changed_when: result.rc == 0
register: result
with_items:
- debootstrap --include={{ vars[os].base | join(',') }} {{ 'bullseye' if os == 'debian11' else 'bookworm' if os == 'debian12' else 'trixie' }}
/mnt http://deb.debian.org/debian/
- arch-chroot /mnt apt install -y {{ vars[os].extra | join(' ') }}
- arch-chroot /mnt apt remove -y libcups2 libavahi-common3 libavahi-common-data
- name: Include ArchLinux bootstrap tasks
when: bootstrap_os_key == 'archlinux'
ansible.builtin.include_tasks: archlinux.yml
- name: Bootstrap Ubuntu System
when: os | lower in ['ubuntu', 'ubuntu-lts']
ansible.builtin.command: "{{ item }}"
changed_when: result.rc == 0
register: result
with_items:
- debootstrap --include={{ vars[os].base | join(',') }} {{ 'plucky' if os == 'ubuntu' else 'noble' }}
/mnt http://archive.ubuntu.com/ubuntu/
- ln -sf /run/NetworkManager/resolv.conf /mnt/etc/resolv.conf
- arch-chroot /mnt sed -i '1s|$| universe|' /etc/apt/sources.list
- arch-chroot /mnt apt update -y
- arch-chroot /mnt apt install -y {{ vars[os].extra | join(' ') }}
- name: Include Debian bootstrap tasks
when: bootstrap_os_key in ['debian11', 'debian12', 'debian13']
ansible.builtin.include_tasks: debian.yml
- name: Bootstrap AlmaLinux 9
when: os | lower == 'almalinux'
ansible.builtin.command: "{{ item }}"
changed_when: result.rc == 0
register: result
with_items:
- dnf --releasever=9 --best --repo=alma-baseos --installroot=/mnt --setopt=install_weak_deps=False groupinstall -y base core
- ln -sf /run/NetworkManager/resolv.conf /mnt/etc/resolv.conf
- arch-chroot /mnt dnf --releasever=9 --setopt=install_weak_deps=False install -y {{ almalinux | join(' ') }}
- name: Include Fedora bootstrap tasks
when: bootstrap_os_key == 'fedora'
ansible.builtin.include_tasks: fedora.yml
- name: Bootstrap Fedora 42
when: os | lower == 'fedora'
ansible.builtin.command: "{{ item }}"
changed_when: result.rc == 0
register: result
with_items:
- dnf --releasever=42 --best --repo=fedora --repo=fedora-updates
--installroot=/mnt --setopt=install_weak_deps=False groupinstall -y critical-path-base core
- ln -sf /run/NetworkManager/resolv.conf /mnt/etc/resolv.conf
- arch-chroot /mnt dnf --releasever=42 --setopt=install_weak_deps=False install -y {{ fedora | join(' ') }}
- arch-chroot /mnt dnf reinstall -y kernel-core
- name: Include Rocky bootstrap tasks
when: bootstrap_os_key == 'rocky'
ansible.builtin.include_tasks: rocky.yml
- name: Bootstrap RockyLinux 9
when: os | lower == 'rocky'
ansible.builtin.command: "{{ item }}"
changed_when: result.rc == 0
register: result
with_items:
- dnf --releasever=9 --best --repo=rocky-baseos --installroot=/mnt
--setopt=install_weak_deps=False --setopt=optional_metadata_types=filelists
groupinstall -y base core
- ln -sf /run/NetworkManager/resolv.conf /mnt/etc/resolv.conf
- arch-chroot /mnt dnf --releasever=9 --setopt=install_weak_deps=False install -y {{ rocky | join(' ') }}
- name: Include RHEL bootstrap tasks
when: bootstrap_os_key in ['rhel8', 'rhel9', 'rhel10']
ansible.builtin.include_tasks: rhel.yml
- name: Bootstrap RHEL System
when: os | lower in ['rhel8', 'rhel9', 'rhel10']
block:
- name: Install base packages in chroot environment
ansible.builtin.command: >-
dnf --releasever={{ os | lower | replace('rhel', '') }} --repo={{ os | lower }}-baseos
--installroot=/mnt
--setopt=install_weak_deps=False --setopt=optional_metadata_types=filelists
groupinstall -y core base standard
changed_when: result.rc == 0
register: result
- name: Prepare chroot environment
ansible.builtin.shell: |
ln -sf /run/NetworkManager/resolv.conf /mnt/etc/resolv.conf
mkdir -p /mnt/usr/local/install/redhat/dvd
mount --bind /usr/local/install/redhat/dvd /mnt/usr/local/install/redhat/dvd
arch-chroot /mnt rpm --rebuilddb
changed_when: result.rc == 0
register: result
- name: Copy RHEL repo file into chroot environment
ansible.builtin.copy:
src: /etc/yum.repos.d/{{ os | lower }}.repo
dest: /mnt/etc/yum.repos.d/redhat.repo
mode: "0644"
remote_src: true
- name: Install additional packages in chroot
ansible.builtin.command: >-
arch-chroot /mnt dnf --releasever={{ os | lower | replace('rhel', '') }}
--setopt=install_weak_deps=False install -y {{ vars[os] | join(' ') }}
changed_when: result.rc == 0
register: result
- name: Include Ubuntu bootstrap tasks
when: bootstrap_os_key in ['ubuntu', 'ubuntu-lts']
ansible.builtin.include_tasks: ubuntu.yml

71
roles/bootstrap/tasks/rhel.yml Normal file
View File

@@ -0,0 +1,71 @@
---
- name: Bootstrap RHEL System
block:
- name: Install base packages in chroot environment
vars:
bootstrap_rhel_release: "{{ bootstrap_os_key | replace('rhel', '') }}"
ansible.builtin.command: >-
dnf --releasever={{ bootstrap_rhel_release }} --repo={{ bootstrap_os_key }}-baseos
--installroot=/mnt
--setopt=install_weak_deps=False --setopt=optional_metadata_types=filelists
groupinstall -y core base standard
register: bootstrap_result
changed_when: bootstrap_result.rc == 0
- name: Ensure chroot has resolv.conf
ansible.builtin.file:
src: /run/NetworkManager/resolv.conf
dest: /mnt/etc/resolv.conf
state: link
force: true
- name: Ensure chroot RHEL DVD directory exists
ansible.builtin.file:
path: /mnt/usr/local/install/redhat/dvd
state: directory
mode: "0755"
- name: Bind mount RHEL DVD into chroot
ansible.posix.mount:
src: /usr/local/install/redhat/dvd
path: /mnt/usr/local/install/redhat/dvd
fstype: none
opts: bind
state: mounted
- name: Rebuild RPM database inside chroot
ansible.builtin.command:
argv:
- arch-chroot
- /mnt
- rpm
- --rebuilddb
register: bootstrap_rpm_rebuild_result
changed_when: bootstrap_rpm_rebuild_result.rc == 0
- name: Copy RHEL repo file into chroot environment
ansible.builtin.copy:
src: /etc/yum.repos.d/{{ bootstrap_os_key }}.repo
dest: /mnt/etc/yum.repos.d/redhat.repo
mode: "0644"
remote_src: true
- name: Install additional packages in chroot
vars:
bootstrap_rhel_release: "{{ bootstrap_os_key | replace('rhel', '') }}"
bootstrap_rhel_extra: >-
{{
(
(
lookup('vars', bootstrap_var_key)
| difference(bootstrap_guest_agent_remove_packages)
)
+ bootstrap_guest_agent_packages
)
| join(' ')
}}
ansible.builtin.command: >-
arch-chroot /mnt dnf --releasever={{ bootstrap_rhel_release }}
--setopt=install_weak_deps=False install -y {{ bootstrap_rhel_extra }}
register: bootstrap_result
changed_when: bootstrap_result.rc == 0

26
roles/bootstrap/tasks/rocky.yml Normal file
View File

@@ -0,0 +1,26 @@
---
- name: Bootstrap RockyLinux 9
vars:
bootstrap_rocky_extra: >-
{{
(
(
lookup('vars', bootstrap_var_key)
| difference(bootstrap_guest_agent_remove_packages)
)
+ bootstrap_guest_agent_packages
)
| join(' ')
}}
ansible.builtin.command: "{{ item }}"
loop:
- >-
dnf --releasever=9 --best --repo=rocky-baseos --installroot=/mnt
--setopt=install_weak_deps=False --setopt=optional_metadata_types=filelists
groupinstall -y base core
- ln -sf /run/NetworkManager/resolv.conf /mnt/etc/resolv.conf
- >-
arch-chroot /mnt dnf --releasever=9 --setopt=install_weak_deps=False
install -y {{ bootstrap_rocky_extra }}
register: bootstrap_result
changed_when: bootstrap_result.rc == 0

27
roles/bootstrap/tasks/ubuntu.yml Normal file
View File

@@ -0,0 +1,27 @@
---
- name: Bootstrap Ubuntu System
vars:
bootstrap_ubuntu_release: >-
{{ 'plucky' if bootstrap_os_key == 'ubuntu' else 'noble' }}
bootstrap_ubuntu_base_list: "{{ lookup('vars', bootstrap_var_key).base | default([]) }}"
bootstrap_ubuntu_extra_list: "{{ lookup('vars', bootstrap_var_key).extra | default([]) }}"
bootstrap_ubuntu_base: "{{ (bootstrap_ubuntu_base_list | difference(bootstrap_guest_agent_remove_packages)) | join(',') }}"
bootstrap_ubuntu_extra: >-
{{
(
(bootstrap_ubuntu_extra_list | difference(bootstrap_guest_agent_remove_packages))
+ bootstrap_guest_agent_packages
)
| join(' ')
}}
ansible.builtin.command: "{{ item }}"
loop:
- >-
debootstrap --include={{ bootstrap_ubuntu_base }}
{{ bootstrap_ubuntu_release }} /mnt http://archive.ubuntu.com/ubuntu/
- ln -sf /run/NetworkManager/resolv.conf /mnt/etc/resolv.conf
- arch-chroot /mnt sed -i '1s|$| universe|' /etc/apt/sources.list
- arch-chroot /mnt apt update
- "arch-chroot /mnt apt install -y {{ bootstrap_ubuntu_extra }}"
register: bootstrap_result
changed_when: bootstrap_result.rc == 0

67
roles/bootstrap/vars/main.yml
View File

@@ -1,5 +1,7 @@
almalinux:
---
bootstrap_almalinux:
- bind-utils
- cryptsetup
- dbus-daemon
- dhcp-client
- efibootmgr
@@ -13,19 +15,20 @@ almalinux:
- nfs-utils
- nfsv4-client-utils
- mtr
- open-vm-tools
- ppp
- shim
- tmux
- tpm2-tools
- vim
- wget
- zram-generator
- zstd
archlinux:
bootstrap_archlinux:
- base
- btrfs-progs
- cronie
- cryptsetup
- dhcpcd
- efibootmgr
- fastfetch
@@ -43,27 +46,28 @@ archlinux:
- ncdu
- networkmanager
- nfs-utils
- open-vm-tools
- openssh
- ppp
- prometheus-node-exporter
- python-psycopg2
- qemu-guest-agent
- reflector
- rsync
- sudo
- tldr
- tmux
- tpm2-tools
- vim
- wireguard-tools
- zram-generator
debian11:
bootstrap_debian11:
base:
- apparmor-utils
- btrfs-progs
- chrony
- cron
- cryptsetup
- cryptsetup-initramfs
- gnupg
- grub-efi
- grub-efi-amd64-signed
@@ -93,7 +97,6 @@ debian11:
- ncdu
- neofetch
- network-manager
- open-vm-tools
- python-is-python3
- ripgrep
- rsync
@@ -102,14 +105,17 @@ debian11:
- syslog-ng
- tcpd
- tldr
- tpm2-tools
- vim
- wget
- zstd
debian12:
bootstrap_debian12:
base:
- btrfs-progs
- cron
- cryptsetup
- cryptsetup-initramfs
- gnupg
- grub-efi
- grub-efi-amd64-signed
@@ -140,7 +146,6 @@ debian12:
- neofetch
- net-tools
- network-manager
- open-vm-tools
- openssh-server
- python-is-python3
- python3
@@ -153,14 +158,17 @@ debian12:
- systemd-zram-generator
- tcpd
- tldr
- tpm2-tools
- vim
- wget
- zstd
debian13:
bootstrap_debian13:
base:
- btrfs-progs
- cron
- cryptsetup
- cryptsetup-initramfs
- gnupg
- grub-efi
- grub-efi-amd64-signed
@@ -191,7 +199,6 @@ debian13:
- ncdu
- net-tools
- network-manager
- open-vm-tools
- openssh-server
- python-is-python3
- python3
@@ -202,15 +209,17 @@ debian13:
- syslog-ng
- systemd-zram-generator
- tcpd
- tpm2-tools
- vim
- wget
- zstd
fedora:
bootstrap_fedora:
- bat
- bind-utils
- btrfs-progs
- cronie
- cryptsetup
- dhcp-client
- duf
- efibootmgr
@@ -229,20 +238,21 @@ fedora:
- nc
- nfs-utils
- nfsv4-client-utils
- open-vm-tools
- polkit
- ppp
- ripgrep
- shim
- tmux
- tpm2-tools
- vim-default-editor
- wget
- zoxide
- zram-generator
- zstd
rhel8:
bootstrap_rhel8:
- bind-utils
- cryptsetup
- dhcp-client
- efibootmgr
- glibc-langpack-de
@@ -255,16 +265,17 @@ rhel8:
- mtr
- ncurses-term
- nfs-utils
- open-vm-tools
- policycoreutils-python-utils
- python39
- shim
- tmux
- tpm2-tools
- vim
- zstd
rhel9:
bootstrap_rhel9:
- bind-utils
- cryptsetup
- dhcp-client
- efibootmgr
- glibc-langpack-de
@@ -277,17 +288,18 @@ rhel9:
- mtr
- ncurses-term
- nfs-utils
- open-vm-tools
- policycoreutils-python-utils
- python
- shim
- tmux
- tpm2-tools
- vim
- zram-generator
- zstd
rhel10:
bootstrap_rhel10:
- bind-utils
- cryptsetup
- efibootmgr
- glibc-langpack-de
- glibc-langpack-en
@@ -299,17 +311,18 @@ rhel10:
- mtr
- ncurses-term
- nfs-utils
- open-vm-tools
- policycoreutils-python-utils
- python
- shim
- tmux
- tpm2-tools
- vim
- zram-generator
- zstd
rocky:
bootstrap_rocky:
- bind-utils
- cryptsetup
- dbus-daemon
- dhcp-client
- efibootmgr
@@ -323,21 +336,23 @@ rocky:
- nc
- nfs-utils
- nfsv4-client-utils
- open-vm-tools
- ppp
- shim
- telnet
- tmux
- tpm2-tools
- util-linux-core
- vim
- wget
- zram-generator
- zstd
ubuntu:
bootstrap_ubuntu:
base:
- btrfs-progs
- cron
- cryptsetup
- cryptsetup-initramfs
- gnupg
- grub-efi
- grub-efi-amd64-signed
@@ -372,7 +387,6 @@ ubuntu:
- ncurses-term
- net-tools
- network-manager
- open-vm-tools
- openssh-server
- python-is-python3
- python3
@@ -386,6 +400,7 @@ ubuntu:
- tcpd
- tldr
- tmux
- tpm2-tools
- traceroute
- util-linux-extra
- vim
@@ -394,10 +409,12 @@ ubuntu:
- zoxide
- zstd
ubuntu-lts:
bootstrap_ubuntu_lts:
base:
- btrfs-progs
- cron
- cryptsetup
- cryptsetup-initramfs
- gnupg
- grub-efi
- grub-efi-amd64-signed
@@ -432,7 +449,6 @@ ubuntu-lts:
- ncurses-term
- net-tools
- network-manager
- open-vm-tools
- openssh-server
- python-is-python3
- python3
@@ -446,6 +462,7 @@ ubuntu-lts:
- tcpd
- tldr
- tmux
- tpm2-tools
- traceroute
- util-linux-extra
- vim