Specify changed_when for shell commands
This commit is contained in:
parent
5312ec8cc6
commit
e37b5a535b
2
main.yml
2
main.yml
@ -88,3 +88,5 @@
|
|||||||
when: hypervisor != "libvirt"
|
when: hypervisor != "libvirt"
|
||||||
ansible.builtin.command: reboot
|
ansible.builtin.command: reboot
|
||||||
failed_when: false
|
failed_when: false
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|||||||
@ -9,9 +9,14 @@
|
|||||||
- name: Bootstrap ArchLinux
|
- name: Bootstrap ArchLinux
|
||||||
when: os | lower == 'archlinux'
|
when: os | lower == 'archlinux'
|
||||||
ansible.builtin.command: pacstrap /mnt {{ role_packages.archlinux | join(' ') }} --asexplicit
|
ansible.builtin.command: pacstrap /mnt {{ role_packages.archlinux | join(' ') }} --asexplicit
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Bootstrap Debian System
|
- name: Bootstrap Debian System
|
||||||
when: os | lower in ['debian11', 'debian12']
|
when: os | lower in ['debian11', 'debian12']
|
||||||
ansible.builtin.command: "{{ item }}"
|
ansible.builtin.command: "{{ item }}"
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
with_items:
|
with_items:
|
||||||
- |
|
- |
|
||||||
debootstrap --include={{ role_packages[os].base | join(',') }} {{ 'bullseye' if os == 'debian11' else 'bookworm' }} \
|
debootstrap --include={{ role_packages[os].base | join(',') }} {{ 'bullseye' if os == 'debian11' else 'bookworm' }} \
|
||||||
@ -22,6 +27,8 @@
|
|||||||
- name: Bootstrap Ubuntu System
|
- name: Bootstrap Ubuntu System
|
||||||
when: os | lower in ['ubuntu', 'ubuntu-lts']
|
when: os | lower in ['ubuntu', 'ubuntu-lts']
|
||||||
ansible.builtin.command: "{{ item }}"
|
ansible.builtin.command: "{{ item }}"
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
with_items:
|
with_items:
|
||||||
- |
|
- |
|
||||||
debootstrap --include={{ role_packages[os].base | join(',') }} {{ 'mantic' if os == 'ubuntu' else 'jammy' }} \
|
debootstrap --include={{ role_packages[os].base | join(',') }} {{ 'mantic' if os == 'ubuntu' else 'jammy' }} \
|
||||||
@ -33,6 +40,8 @@
|
|||||||
- name: Bootstrap AlmaLinux 9
|
- name: Bootstrap AlmaLinux 9
|
||||||
when: os | lower == 'almalinux'
|
when: os | lower == 'almalinux'
|
||||||
ansible.builtin.command: "{{ item }}"
|
ansible.builtin.command: "{{ item }}"
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
with_items:
|
with_items:
|
||||||
- dnf --releasever=9 --best --repo=alma-baseos --installroot=/mnt --setopt=install_weak_deps=False groupinstall -y base core
|
- dnf --releasever=9 --best --repo=alma-baseos --installroot=/mnt --setopt=install_weak_deps=False groupinstall -y base core
|
||||||
- echo "nameserver 1.0.0.1" > /mnt/etc/resolv.conf
|
- echo "nameserver 1.0.0.1" > /mnt/etc/resolv.conf
|
||||||
@ -41,6 +50,8 @@
|
|||||||
- name: Bootstrap Fedora 40
|
- name: Bootstrap Fedora 40
|
||||||
when: os | lower == 'fedora'
|
when: os | lower == 'fedora'
|
||||||
ansible.builtin.command: "{{ item }}"
|
ansible.builtin.command: "{{ item }}"
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
with_items:
|
with_items:
|
||||||
- |
|
- |
|
||||||
dnf --releasever=40 --best --repo=fedora --repo=fedora-updates \
|
dnf --releasever=40 --best --repo=fedora --repo=fedora-updates \
|
||||||
@ -51,6 +62,8 @@
|
|||||||
- name: Bootstrap RockyLinux 9
|
- name: Bootstrap RockyLinux 9
|
||||||
when: os | lower == 'rocky'
|
when: os | lower == 'rocky'
|
||||||
ansible.builtin.command: "{{ item }}"
|
ansible.builtin.command: "{{ item }}"
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
with_items:
|
with_items:
|
||||||
- dnf --releasever=9 --best --repo=rocky-baseos --installroot=/mnt --setopt=install_weak_deps=False groupinstall -y base core
|
- dnf --releasever=9 --best --repo=rocky-baseos --installroot=/mnt --setopt=install_weak_deps=False groupinstall -y base core
|
||||||
- echo "nameserver 1.0.0.1" > /mnt/etc/resolv.conf
|
- echo "nameserver 1.0.0.1" > /mnt/etc/resolv.conf
|
||||||
@ -59,6 +72,8 @@
|
|||||||
- name: Bootstrap RHEL System
|
- name: Bootstrap RHEL System
|
||||||
when: os | lower in ['rhel8', 'rhel9']
|
when: os | lower in ['rhel8', 'rhel9']
|
||||||
ansible.builtin.command: "{{ item }}"
|
ansible.builtin.command: "{{ item }}"
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
with_items:
|
with_items:
|
||||||
- dnf --releasever={{ '8' if os == 'rhel8' else '9' }} --installroot=/mnt --setopt=install_weak_deps=False groupinstall -y base core
|
- dnf --releasever={{ '8' if os == 'rhel8' else '9' }} --installroot=/mnt --setopt=install_weak_deps=False groupinstall -y base core
|
||||||
- echo 'nameserver 1.0.0.1' > /mnt/etc/resolv.conf
|
- echo 'nameserver 1.0.0.1' > /mnt/etc/resolv.conf
|
||||||
|
|||||||
@ -64,6 +64,8 @@
|
|||||||
when: cdrom_devices.stdout_lines | length > 0
|
when: cdrom_devices.stdout_lines | length > 0
|
||||||
ansible.builtin.command: virsh --connect qemu:///system detach-disk {{ hostname }} {{ item }} --persistent
|
ansible.builtin.command: virsh --connect qemu:///system detach-disk {{ hostname }} {{ item }} --persistent
|
||||||
with_items: "{{ cdrom_devices.stdout_lines }}"
|
with_items: "{{ cdrom_devices.stdout_lines }}"
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Start the VM
|
- name: Start the VM
|
||||||
community.libvirt.virt:
|
community.libvirt.virt:
|
||||||
|
|||||||
@ -3,6 +3,9 @@
|
|||||||
block:
|
block:
|
||||||
- name: Generate fstab
|
- name: Generate fstab
|
||||||
ansible.builtin.shell: genfstab -LU /mnt > /mnt/etc/fstab
|
ansible.builtin.shell: genfstab -LU /mnt > /mnt/etc/fstab
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Append TempFS to fstab
|
- name: Append TempFS to fstab
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
path: /mnt/etc/fstab
|
path: /mnt/etc/fstab
|
||||||
@ -17,6 +20,8 @@
|
|||||||
|
|
||||||
- name: Set local timezone
|
- name: Set local timezone
|
||||||
ansible.builtin.command: "{{ item }}"
|
ansible.builtin.command: "{{ item }}"
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
with_items:
|
with_items:
|
||||||
- systemctl daemon-reload
|
- systemctl daemon-reload
|
||||||
- arch-chroot /mnt ln -sf /usr/share/zoneinfo/Europe/Vienna /etc/localtime
|
- arch-chroot /mnt ln -sf /usr/share/zoneinfo/Europe/Vienna /etc/localtime
|
||||||
@ -32,9 +37,12 @@
|
|||||||
loop:
|
loop:
|
||||||
- { regex: en_US\.UTF-8 UTF-8, line: en_US.UTF-8 UTF-8 }
|
- { regex: en_US\.UTF-8 UTF-8, line: en_US.UTF-8 UTF-8 }
|
||||||
|
|
||||||
- name: Generate locales\
|
- name: Generate locales
|
||||||
when: os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
|
when: os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
|
||||||
ansible.builtin.command: arch-chroot /mnt /usr/sbin/locale-gen
|
ansible.builtin.command: arch-chroot /mnt /usr/sbin/locale-gen
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Set hostname
|
- name: Set hostname
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
content: "{{ hostname }}"
|
content: "{{ hostname }}"
|
||||||
@ -70,6 +78,9 @@
|
|||||||
- name: Enable sshd
|
- name: Enable sshd
|
||||||
when: os | lower == "archlinux"
|
when: os | lower == "archlinux"
|
||||||
ansible.builtin.command: arch-chroot /mnt systemctl enable sshd logrotate systemd-resolved systemd-timesyncd NetworkManager
|
ansible.builtin.command: arch-chroot /mnt systemctl enable sshd logrotate systemd-resolved systemd-timesyncd NetworkManager
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Configure grub
|
- name: Configure grub
|
||||||
when: os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
|
when: os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
|
||||||
block:
|
block:
|
||||||
@ -94,6 +105,9 @@
|
|||||||
{% else %}/usr/sbin/grub-install --target=x86_64-efi --efi-directory={{ "/boot/efi" if os | lower in ["ubuntu", "ubuntu-lts"] else "/boot" }}
|
{% else %}/usr/sbin/grub-install --target=x86_64-efi --efi-directory={{ "/boot/efi" if os | lower in ["ubuntu", "ubuntu-lts"] else "/boot" }}
|
||||||
--bootloader-id={{ "ubuntu" if os | lower in ["ubuntu", "ubuntu-lts"] else os }}
|
--bootloader-id={{ "ubuntu" if os | lower in ["ubuntu", "ubuntu-lts"] else os }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Generate grub config
|
- name: Generate grub config
|
||||||
ansible.builtin.command: arch-chroot /mnt
|
ansible.builtin.command: arch-chroot /mnt
|
||||||
{% if os | lower not in ["archlinux", "debian11", "debian12", "ubuntu", "ubuntu-lts"] %} /usr/sbin/grub2-mkconfig
|
{% if os | lower not in ["archlinux", "debian11", "debian12", "ubuntu", "ubuntu-lts"] %} /usr/sbin/grub2-mkconfig
|
||||||
@ -101,6 +115,9 @@
|
|||||||
{% else %}/usr/sbin/grub-mkconfig -o
|
{% else %}/usr/sbin/grub-mkconfig -o
|
||||||
{{ "/boot/efi/EFI/ubuntu/grub.cfg" if os | lower in ["ubuntu", "ubuntu-lts"] else "/boot/grub/grub.cfg" }}
|
{{ "/boot/efi/EFI/ubuntu/grub.cfg" if os | lower in ["ubuntu", "ubuntu-lts"] else "/boot/grub/grub.cfg" }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Regenerate initramfs
|
- name: Regenerate initramfs
|
||||||
when: os | lower not in ["debian11", "debian12", "ubuntu", "ubuntu-lts"]
|
when: os | lower not in ["debian11", "debian12", "ubuntu", "ubuntu-lts"]
|
||||||
ansible.builtin.command: arch-chroot /mnt
|
ansible.builtin.command: arch-chroot /mnt
|
||||||
@ -108,6 +125,9 @@
|
|||||||
{% elif os | lower not in ["debian11", "debian12", "ubuntu", "ubuntu-lts", "archlinux"] %} /usr/bin/dracut --regenerate-all --force
|
{% elif os | lower not in ["debian11", "debian12", "ubuntu", "ubuntu-lts", "archlinux"] %} /usr/bin/dracut --regenerate-all --force
|
||||||
{% else %} echo "Skipping initramfs regeneration"
|
{% else %} echo "Skipping initramfs regeneration"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Extra Configuration
|
- name: Extra Configuration
|
||||||
block:
|
block:
|
||||||
- name: Append lines to vimrc
|
- name: Append lines to vimrc
|
||||||
@ -140,10 +160,12 @@
|
|||||||
block:
|
block:
|
||||||
- name: Generate UUID for Network Profile
|
- name: Generate UUID for Network Profile
|
||||||
ansible.builtin.command: uuidgen
|
ansible.builtin.command: uuidgen
|
||||||
|
changed_when: net_uuid.rc == 0
|
||||||
register: net_uuid
|
register: net_uuid
|
||||||
|
|
||||||
- name: Retrieve Network Interface Name
|
- name: Retrieve Network Interface Name
|
||||||
ansible.builtin.shell: set -o pipefail && ip r | awk 'NR==1 {print $5}'
|
ansible.builtin.shell: set -o pipefail && ip r | awk 'NR==1 {print $5}'
|
||||||
|
changed_when: net_inf.rc == 0
|
||||||
register: net_inf
|
register: net_inf
|
||||||
|
|
||||||
- name: Copy NetworkManager keyfile
|
- name: Copy NetworkManager keyfile
|
||||||
@ -161,6 +183,8 @@
|
|||||||
{{ "sudo" if os | lower in ["debian11", "debian12", "ubuntu", "ubuntu-lts"] else "wheel" }}
|
{{ "sudo" if os | lower in ["debian11", "debian12", "ubuntu", "ubuntu-lts"] else "wheel" }}
|
||||||
{{ user_name }} --password {{ user_password | password_hash('sha512') }} --shell /bin/bash
|
{{ user_name }} --password {{ user_password | password_hash('sha512') }} --shell /bin/bash
|
||||||
- arch-chroot /mnt /usr/sbin/usermod --password '{{ root_password | password_hash('sha512') }}' root --shell /bin/bash
|
- arch-chroot /mnt /usr/sbin/usermod --password '{{ root_password | password_hash('sha512') }}' root --shell /bin/bash
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Add SSH public key to authorized_keys
|
- name: Add SSH public key to authorized_keys
|
||||||
when: user_public_key is defined
|
when: user_public_key is defined
|
||||||
@ -184,6 +208,9 @@
|
|||||||
- name: Relabel the filesystem
|
- name: Relabel the filesystem
|
||||||
when: os | lower in ['almalinux', 'rhel8', 'rhel9', 'rocky']
|
when: os | lower in ['almalinux', 'rhel8', 'rhel9', 'rocky']
|
||||||
ansible.builtin.command: touch /mnt/.autorelabel
|
ansible.builtin.command: touch /mnt/.autorelabel
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Disable SELinux
|
- name: Disable SELinux
|
||||||
when: os | lower == "fedora"
|
when: os | lower == "fedora"
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
|
|||||||
@ -23,16 +23,26 @@
|
|||||||
- name: Setect Interface
|
- name: Setect Interface
|
||||||
when: hypervisor == "vmware"
|
when: hypervisor == "vmware"
|
||||||
ansible.builtin.shell: "set -o pipefail && ip l | awk -F': ' '!/lo/{print $2; exit}'"
|
ansible.builtin.shell: "set -o pipefail && ip l | awk -F': ' '!/lo/{print $2; exit}'"
|
||||||
|
changed_when: interface_name.rc == 0
|
||||||
register: interface_name
|
register: interface_name
|
||||||
|
|
||||||
- name: Set IP-Address
|
- name: Set IP-Address
|
||||||
when: hypervisor == "vmware"
|
when: hypervisor == "vmware"
|
||||||
ansible.builtin.command: ip addr replace {{ ansible_host }}/24 dev {{ interface_name.stdout }}
|
ansible.builtin.command: ip addr replace {{ ansible_host }}/24 dev {{ interface_name.stdout }}
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Set Default Gateway
|
- name: Set Default Gateway
|
||||||
when: hypervisor == "vmware"
|
when: hypervisor == "vmware"
|
||||||
ansible.builtin.command: ip route replace default via {{ vm_gw }}
|
ansible.builtin.command: ip route replace default via {{ vm_gw }}
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Synchronize clock via NTP
|
- name: Synchronize clock via NTP
|
||||||
ansible.builtin.command: timedatectl set-ntp true
|
ansible.builtin.command: timedatectl set-ntp true
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Speed-up Bootstrap process
|
- name: Speed-up Bootstrap process
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
path: /etc/pacman.conf
|
path: /etc/pacman.conf
|
||||||
|
|||||||
@ -17,10 +17,14 @@
|
|||||||
|
|
||||||
- name: Enable quotas on Btrfs filesystem
|
- name: Enable quotas on Btrfs filesystem
|
||||||
ansible.builtin.command: btrfs quota enable /mnt
|
ansible.builtin.command: btrfs quota enable /mnt
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Make root subvolumes
|
- name: Make root subvolumes
|
||||||
when: cis | bool or item.subvol not in ['var_log', 'var_log_audit']
|
when: cis | bool or item.subvol not in ['var_log', 'var_log_audit']
|
||||||
ansible.builtin.command: btrfs su cr /mnt/{{ '@' if item.subvol == 'root' else '@' + item.subvol }}
|
ansible.builtin.command: btrfs su cr /mnt/{{ '@' if item.subvol == 'root' else '@' + item.subvol }}
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
loop:
|
loop:
|
||||||
- { subvol: root }
|
- { subvol: root }
|
||||||
- { subvol: home }
|
- { subvol: home }
|
||||||
@ -31,6 +35,8 @@
|
|||||||
- name: Set quotas for subvolumes
|
- name: Set quotas for subvolumes
|
||||||
when: cis | bool or item.subvol not in ['var_log', 'var_log_audit']
|
when: cis | bool or item.subvol not in ['var_log', 'var_log_audit']
|
||||||
ansible.builtin.command: btrfs qgroup limit {{ item.quota }} /mnt/{{ '@' if item.subvol == 'root' else '@' + item.subvol }}
|
ansible.builtin.command: btrfs qgroup limit {{ item.quota }} /mnt/{{ '@' if item.subvol == 'root' else '@' + item.subvol }}
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
loop:
|
loop:
|
||||||
- { subvol: home, quota: 2G }
|
- { subvol: home, quota: 2G }
|
||||||
|
|
||||||
|
|||||||
@ -15,6 +15,8 @@
|
|||||||
- name: Remove Unsupported features for older Systems
|
- name: Remove Unsupported features for older Systems
|
||||||
when: (os | lower in ['almalinux', 'debian11', 'rhel8', 'rhel9', 'rocky', 'ubuntu-lts']) and (cis | bool or item.lv not in ['var_log', 'var_log_audit'])
|
when: (os | lower in ['almalinux', 'debian11', 'rhel8', 'rhel9', 'rocky', 'ubuntu-lts']) and (cis | bool or item.lv not in ['var_log', 'var_log_audit'])
|
||||||
ansible.builtin.command: tune2fs -O "^orphan_file,^metadata_csum_seed" "/dev/sys/{{ item.lv }}"
|
ansible.builtin.command: tune2fs -O "^orphan_file,^metadata_csum_seed" "/dev/sys/{{ item.lv }}"
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
loop:
|
loop:
|
||||||
- { lv: root }
|
- { lv: root }
|
||||||
- { lv: home }
|
- { lv: home }
|
||||||
|
|||||||
@ -4,6 +4,8 @@
|
|||||||
- name: Prepare partitions
|
- name: Prepare partitions
|
||||||
failed_when: false
|
failed_when: false
|
||||||
ansible.builtin.command: "{{ item.cmd }}"
|
ansible.builtin.command: "{{ item.cmd }}"
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
loop:
|
loop:
|
||||||
- { cmd: umount -l /mnt }
|
- { cmd: umount -l /mnt }
|
||||||
- { cmd: vgremove -f sys }
|
- { cmd: vgremove -f sys }
|
||||||
|
|||||||
@ -9,6 +9,8 @@
|
|||||||
when: not vm_disk_stat.stat.exists
|
when: not vm_disk_stat.stat.exists
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
ansible.builtin.command: qemu-img create -f qcow2 {{ vm_path | default('/var/lib/libvirt/images/') }}{{ hostname }}.qcow2 {{ vm_size }}G
|
ansible.builtin.command: qemu-img create -f qcow2 {{ vm_path | default('/var/lib/libvirt/images/') }}{{ hostname }}.qcow2 {{ vm_size }}G
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Generate Random MAC Address
|
- name: Generate Random MAC Address
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
@ -32,6 +34,8 @@
|
|||||||
{{ vm_path | default('/var/lib/libvirt/images/') }}
|
{{ vm_path | default('/var/lib/libvirt/images/') }}
|
||||||
{{ hostname }}-cloudinit.iso /tmp/cloud-user-data-{{ hostname }}.yml
|
{{ hostname }}-cloudinit.iso /tmp/cloud-user-data-{{ hostname }}.yml
|
||||||
-N /tmp/cloud-network-config-{{ hostname }}.yml
|
-N /tmp/cloud-network-config-{{ hostname }}.yml
|
||||||
|
changed_when: result.rc == 0
|
||||||
|
register: result
|
||||||
|
|
||||||
- name: Create VM using libvirt
|
- name: Create VM using libvirt
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user