sandwich/Ansible-Bootstrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Playbook flow and environment prep

Browse Source
This commit is contained in:
Sandwich
2025-12-25 20:47:37 +01:00
parent 7953c2c285
commit a71d27c29d
2 changed files with 209 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

133
main.yml
View File

@@ -1,7 +1,7 @@
---
- name: Create and configure VMs
hosts: all
strategy: free
strategy: free # noqa: run-once[play]
gather_facts: false
become: true
vars_prompt:
@@ -26,36 +26,65 @@
confirm: true
vars_files: vars.yml
pre_tasks:
- name: Set ansible_python_interpreter
when: os | lower in ["almalinux", "rhel8", "rhel9", "rhel10", "rocky"]
- name: Validate variables
ansible.builtin.assert:
that:
- install_type in ["virtual", "physical"]
- hypervisor in ["libvirt", "proxmox", "vmware", "none"]
- filesystem in ["btrfs", "ext4", "xfs"]
- install_drive is defined
- install_type == "physical" or vm_size is defined
- install_type == "physical" or vm_memory is defined
- os in ["archlinux", "almalinux", "debian11", "debian12", "debian13", "fedora", "rhel8", "rhel9", "rhel10", "rocky", "ubuntu", "ubuntu-lts"]
- os not in ["rhel8", "rhel9", "rhel10"] or rhel_iso is defined
- >-
install_type == "physical"
or (
(filesystem == "btrfs" and (vm_size | default(0) | int) >= 10)
or (filesystem != "btrfs" and (vm_size | default(0) | int) >= 20)
)
- >-
install_type == "physical"
or (
(vm_size | default(0) | float)
>= (
(vm_memory | default(0) | float / 1024 >= 16.0)
| ternary(
(vm_memory | default(0) | float / 2048),
[vm_memory | default(0) | float / 1024, 4.0] | max
)
+ 16
)
)
fail_msg: Invalid input specified, please try again.
- name: Normalize optional flags
ansible.builtin.set_fact:
cis: "{{ cis | default(false) | bool }}"
custom_iso: "{{ custom_iso | default(false) | bool }}"
is_rhel: "{{ os | default('') | lower in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rhel10', 'rocky'] }}"
is_debian: "{{ os | default('') | lower in ['debian11', 'debian12', 'debian13', 'ubuntu', 'ubuntu-lts'] }}"
changed_when: false
- name: Set Python interpreter for RHEL-based installers
when:
- ansible_python_interpreter is not defined
- os | lower in ["almalinux", "rhel8", "rhel9", "rhel10", "rocky"]
ansible.builtin.set_fact:
ansible_python_interpreter: /usr/bin/python3
changed_when: false
- name: Set default variables
ansible.builtin.set_fact:
cis: false
- name: Set SSH Access
when: hypervisor != "vmware"
- name: Set SSH access
when:
- install_type == "virtual"
- hypervisor != "vmware"
ansible.builtin.set_fact:
ansible_user: "{{ user_name }}"
ansible_password: "{{ user_password }}"
ansible_become_password: "{{ user_password }}"
ansible_ssh_extra_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
- name: Validate variables
ansible.builtin.assert:
that:
- hypervisor in ["libvirt", "proxmox", "vmware", "none"]
- filesystem in ["btrfs", "ext4", "xfs"]
- install_drive is defined
- os in ["archlinux", "almalinux", "debian11", "debian12", "debian13", "fedora", "rhel8", "rhel9", "rhel10", "rocky", "ubuntu", "ubuntu-lts"]
- os not in ["rhel8", "rhel9", "rhel10"] or rhel_iso is defined
- (filesystem == "btrfs" and (vm_size | int) >= 10) or (filesystem != "btrfs" and (vm_size | int) >= 20)
- (vm_size | float) >= ((vm_memory | float / 1024 >= 16.0) | ternary((vm_memory | float / 2048), [vm_memory | float / 1024, 4.0] | max) + 16)
fail_msg: Invalid input specified, please try again.
- name: Set connection
- name: Set connection for VMware
when: hypervisor == "vmware"
ansible.builtin.set_fact:
ansible_connection: vmware_tools
@@ -73,31 +102,65 @@
- role: partitioning
vars:
boot_partition_suffix: 1
main_partition_suffix: 2
partitioning_boot_partition_suffix: 1
partitioning_main_partition_suffix: 2
- role: bootstrap
- role: configuration
- role: cis
when: cis | bool
when: cis | default(false) | bool
- role: cleanup
when: install_type == "virtual"
vars:
ansible_connection: local
when: install_type in ["virtual", "physical"]
become: false
tasks:
- name: Set final SSH Credentials
when: hypervisor != 'vmware' or (hypervisor == 'vmware' and vmware_ssh | bool)
post_tasks:
- name: Set post-reboot connection flags
ansible.builtin.set_fact:
post_reboot_can_connect: >-
{{
(ansible_connection | default('ssh')) != 'ssh'
or ((vm_ip | default('') | string | length) > 0)
or (
install_type == 'physical'
and (ansible_host | default('') | string | length) > 0
)
}}
changed_when: false
- name: Set final SSH credentials for post-reboot tasks
when:
- post_reboot_can_connect | default(false) | bool
ansible.builtin.set_fact:
ansible_user: "{{ user_name }}"
ansible_password: "{{ user_password }}"
ansible_become_password: "{{ user_password }}"
ansible_ssh_extra_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
- name: Check if VM is back and running
when: not (hypervisor == 'vmware' and cis | bool)
ansible.builtin.wait_for_connection:
timeout: 300
- name: Install post-reboot extra packages
when:
- extra_packages is defined
- post_reboot_can_connect | default(false) | bool
block:
- name: Normalize extra package list
ansible.builtin.set_fact:
post_install_extra_packages: >-
{{
(
extra_packages
if (extra_packages is iterable and extra_packages is not string)
else (extra_packages | default('') | string).split(',')
)
| map('trim')
| reject('equalto', '')
| list
}}
changed_when: false
- name: Install extra packages
when: post_install_extra_packages | length > 0
ansible.builtin.package:
name: "{{ post_install_extra_packages }}"
state: present