sandwich/Ansible-Bootstrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add RockyLinux support

Browse Source
This commit is contained in:
Sandwich 2024-04-16 01:14:05 +02:00
parent 344753fa5b
commit cc40bae858
7 changed files with 42 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
main.yml
View File

@ -38,7 +38,7 @@
vars_files: vars.yml vars_files: vars.yml
pre_tasks: pre_tasks:
- name: Set ansible_python_interpreter - name: Set ansible_python_interpreter
when: os | lower in ["almalinux", "rhel9", "rhel8"] when: os | lower in ["almalinux", "rhel9", "rhel8", "rocky"]
set_fact: set_fact:
ansible_python_interpreter: /usr/bin/python3 ansible_python_interpreter: /usr/bin/python3
@ -47,7 +47,7 @@
that: that:
- hypervisor in ["libvirt", "proxmox", "vmware", "none"] - hypervisor in ["libvirt", "proxmox", "vmware", "none"]
- filesystem in ["btrfs", "ext4", "xfs"] - filesystem in ["btrfs", "ext4", "xfs"]
- os in ["archlinux", "almalinux", "debian11", "debian12", "fedora"] - os in ["archlinux", "almalinux", "debian11", "debian12", "fedora", "rocky"]
fail_msg: "Invalid input specified, please try again" fail_msg: "Invalid input specified, please try again"
- name: Set connection - name: Set connection

8
roles/bootstrap/tasks/main.yml
View File

@ -34,6 +34,14 @@
- arch-chroot /mnt dnf --releasever=39 --setopt=install_weak_deps=False install -y {{ role_packages.fedora | join(' ') }} - arch-chroot /mnt dnf --releasever=39 --setopt=install_weak_deps=False install -y {{ role_packages.fedora | join(' ') }}
- arch-chroot /mnt dnf reinstall -y grub2-efi-x64 kernel - arch-chroot /mnt dnf reinstall -y grub2-efi-x64 kernel
- name: Bootstrap RockyLinux 9
when: os | lower == 'rocky'
shell: "{{ item }}"
with_items:
- dnf --releasever=9 --best --repo=rocky-baseos --installroot=/mnt --setopt=install_weak_deps=False groupinstall -y base core
- echo "nameserver 1.0.0.1" > /mnt/etc/resolv.conf
- arch-chroot /mnt dnf --releasever=9 --setopt=install_weak_deps=False install -y {{ role_packages.rocky | join(' ') }}
- name: Bootstrap RHEL System - name: Bootstrap RHEL System
when: os | lower in ['rhel8', 'rhel9'] when: os | lower in ['rhel8', 'rhel9']
shell: "{{ item }}" shell: "{{ item }}"

16
roles/bootstrap/vars/packages.yml
View File

@ -130,7 +130,7 @@ almalinux:
- lrzsz - lrzsz
- nfs-utils - nfs-utils
- open-vm-tools - open-vm-tools
- shims - shim
- telnet - telnet
- vim - vim
- zstd - zstd
@ -158,3 +158,17 @@ rhel9:
- shim - shim
- telnet - telnet
- zstd - zstd
rocky:
- dhcp-client
- efibootmgr
- grub2
- grub2-efi
- lrzsz
- nfs-utils
- open-vm-tools
- shim
- telnet
- util-linux-core
- vim-minimal
- zstd

22
roles/configuration/tasks/main.yml
View File

@ -27,6 +27,7 @@
- name: Setup locales - name: Setup locales
block: block:
- name: Configure locale.gen - name: Configure locale.gen
when: os | lower != "rocky"
lineinfile: lineinfile:
dest: /mnt/etc/locale.gen dest: /mnt/etc/locale.gen
regexp: '{{ item.regex }}' regexp: '{{ item.regex }}'
@ -34,7 +35,8 @@
loop: loop:
- {regex: en_US\.UTF-8 UTF-8, line: en_US.UTF-8 UTF-8} - {regex: en_US\.UTF-8 UTF-8, line: en_US.UTF-8 UTF-8}
- name: Generate locales - name: Generate locales\
when: os | lower != "rocky"
command: arch-chroot /mnt /usr/sbin/locale-gen command: arch-chroot /mnt /usr/sbin/locale-gen
- name: Set hostname - name: Set hostname
@ -71,7 +73,7 @@
command: arch-chroot /mnt systemctl enable sshd logrotate systemd-resolved systemd-timesyncd NetworkManager command: arch-chroot /mnt systemctl enable sshd logrotate systemd-resolved systemd-timesyncd NetworkManager
- name: Configure grub - name: Configure grub
when: os | lower != "fedora" and os | lower != "almalinux" and os | lower != "rhel8" and os | lower != "rhel9" when: os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
block: block:
- name: Add commandline information to grub config - name: Add commandline information to grub config
lineinfile: lineinfile:
@ -88,17 +90,21 @@
- name: Configure Bootloader - name: Configure Bootloader
block: block:
- name: Install Bootloader - name: Install Bootloader
command: arch-chroot /mnt {% if os | lower != "archlinux" and os | lower != "debian11" and os | lower != "debian12" %}/usr/sbin/efibootmgr -c -L '{{ os }}' -d "{{ install_drive }}" -wwp 1 -l '\efi\EFI\{{ os }}\shimx64.efi'{% else %}/usr/sbin/grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id={{ os }}{% endif %} command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/sbin/efibootmgr -c -L '{{ os }}' -d "{{ install_drive }}" -wwp 1 -l '\efi\EFI\{{ os }}\shimx64.efi'{% else %}/usr/sbin/grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id={{ os }}{% endif %}
- name: Generate grub config - name: Generate grub config
command: arch-chroot /mnt {% if os | lower != "archlinux" and os | lower != "debian11" and os | lower != "debian12" %}/usr/sbin/grub2-mkconfig -o /boot/efi/EFI/{{ os }}/grub.cfg{% else %}/usr/sbin/grub-mkconfig -o /boot/grub/grub.cfg{% endif %} command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/sbin/grub2-mkconfig -o /boot/efi/EFI/{{ os }}/grub.cfg{% else %}/usr/sbin/grub-mkconfig -o /boot/grub/grub.cfg{% endif %}
- name: Regenerate initramfs
command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/bin/dracut --regenerate-all --force{% else %}/usr/sbin/mkinitcpio -P{% endif %}
- name: Extra Configuration - name: Extra Configuration
when: os | lower != "archlinux" when: os | lower != "archlinux"
block: block:
- name: Append lines to vimrc - name: Append lines to vimrc
ignore_errors: true
lineinfile: lineinfile:
path: "{{ '/mnt/etc/vim/vimrc' if os|lower == 'debian11' or os|lower == 'debian12' else '/mnt/etc/vimrc' }}" path: "{{ '/mnt/etc/vim/vimrc' if os|lower in ['debian11' ,'debian12'] else '/mnt/etc/vimrc' }}"
line: "{{ item }}" line: "{{ item }}"
insertafter: EOF insertafter: EOF
with_items: with_items:
@ -140,7 +146,7 @@
- name: Create user account - name: Create user account
command: '{{ item }}' command: '{{ item }}'
with_items: with_items:
- arch-chroot /mnt /usr/sbin/useradd --create-home --user-group --groups {{ "sudo" if os|lower == "debian11" or os|lower == "debian12" else "wheel" }} {{ user_name }} --password {{ user_password | password_hash('sha512') }} --shell /bin/bash - arch-chroot /mnt /usr/sbin/useradd --create-home --user-group --groups {{ "sudo" if os|lower in ["debian11", "debian12"] else "wheel" }} {{ user_name }} --password {{ user_password | password_hash('sha512') }} --shell /bin/bash
- arch-chroot /mnt /usr/sbin/usermod --password '{{ root_password | password_hash('sha512') }}' root --shell /bin/bash - arch-chroot /mnt /usr/sbin/usermod --password '{{ root_password | password_hash('sha512') }}' root --shell /bin/bash
- name: Add SSH public key to authorized_keys - name: Add SSH public key to authorized_keys
@ -155,11 +161,11 @@
- name: Give sudo access to wheel group - name: Give sudo access to wheel group
copy: copy:
content: "{{ '%sudo ALL=(ALL) ALL' if os|lower == 'debian11' or os|lower == 'debian12' else '%wheel ALL=(ALL) ALL' }}" content: "{{ '%sudo ALL=(ALL) ALL' if os|lower in ['debian11', 'debian12'] else '%wheel ALL=(ALL) ALL' }}"
dest: /mnt/etc/sudoers.d/01-wheel dest: /mnt/etc/sudoers.d/01-wheel
mode: 0440 mode: 0440
validate: /usr/sbin/visudo --check --file=%s validate: /usr/sbin/visudo --check --file=%s
- name: Fix SELinux - name: Fix SELinux
when: (os | lower == "almalinux" or os | lower == "fedora" or os | lower == "rhel8" or os | lower == "rhel9") when: os | lower in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
command: touch /mnt/.autorelabel command: touch /mnt/.autorelabel

4
roles/environment/tasks/main.yml
View File

@ -53,7 +53,7 @@
state: latest state: latest
loop: loop:
- { name: 'glibc' } - { name: 'glibc' }
- { name: 'dnf', os: ['almalinux', 'rhel9', 'rhel8'] } - { name: 'dnf', os: ['almalinux', 'rhel9', 'rhel8', 'rocky'] }
- { name: 'debootstrap', os: ['debian11', 'debian12'] } - { name: 'debootstrap', os: ['debian11', 'debian12'] }
- { name: 'debian-archive-keyring', os: ['debian11', 'debian12'] } - { name: 'debian-archive-keyring', os: ['debian11', 'debian12'] }
when: "'os' not in item or os in item.os" when: "'os' not in item or os in item.os"
@ -61,7 +61,7 @@
delay: 15 delay: 15
- name: Configure RHEL Repos for installation - name: Configure RHEL Repos for installation
when: os | lower == "almalinux" or os | lower == "fedora" when: os | lower in ["almalinux", "fedora", "rocky"]
block: block:
- name: Create directories for repository files and RPM GPG keys - name: Create directories for repository files and RPM GPG keys
file: file:

2
roles/partitioning/tasks/ext4.yml
View File

@ -13,7 +13,7 @@
- { lv: var_log_audit } - { lv: var_log_audit }
- name: Remove Unsupported features for older Systems - name: Remove Unsupported features for older Systems
when: (os | lower == 'debian11') and (cis == true or item.lv not in ['var_log', 'var_log_audit']) when: (os | lower in ['almalinux', 'debian11', 'rhel8', 'rhel9', 'rocky']) and (cis == true or item.lv not in ['var_log', 'var_log_audit'])
command: tune2fs -O "^orphan_file,^metadata_csum_seed" "/dev/sys/{{ item.lv }}" command: tune2fs -O "^orphan_file,^metadata_csum_seed" "/dev/sys/{{ item.lv }}"
loop: loop:
- { lv: root } - { lv: root }

10
templates/rockylinux.repo.j2
View File

@ -1,10 +0,0 @@
[rocky-baseos]
name=Rocky Linux $releasever - BaseOS
mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=BaseOS-$releasever
#baseurl=http://dl.rockylinux.org/$contentdir/$releasever/BaseOS/$basearch/os/
gpgcheck=1
enabled=1
countme=1
gpgkey=https://dl.rockylinux.org/pub/rocky/RPM-GPG-KEY-Rocky-$releasever
metadata_expire=86400
enabled_metadata=1