Configuration role refactor and network template

2025-12-26 20:38:42 +01:00
parent 732784fa2d
commit efad1b9a67
11 changed files with 498 additions and 330 deletions
--- a/roles/configuration/tasks/locales.yml
+++ b/roles/configuration/tasks/locales.yml
@@ -0,0 +1,88 @@
+---
+- name: Set local timezone
+  ansible.builtin.command: "{{ item }}"
+  loop:
+    - systemctl daemon-reload
+    - arch-chroot /mnt ln -sf /usr/share/zoneinfo/Europe/Vienna /etc/localtime
+  register: configuration_timezone_result
+  changed_when: configuration_timezone_result.rc == 0
+
+- name: Setup locales
+  block:
+    - name: Configure locale.gen
+      when: not is_rhel | default(false)
+      ansible.builtin.lineinfile:
+        dest: /mnt/etc/locale.gen
+        regexp: "{{ item.regex }}"
+        line: "{{ item.line }}"
+      loop:
+        - {regex: en_US\.UTF-8 UTF-8, line: en_US.UTF-8 UTF-8}
+
+    - name: Generate locales
+      when: not is_rhel | default(false)
+      ansible.builtin.command: arch-chroot /mnt /usr/sbin/locale-gen
+      register: configuration_locale_result
+      changed_when: configuration_locale_result.rc == 0
+
+    - name: Set hostname
+      vars:
+        configuration_hostname_fqdn: >-
+          {{
+            hostname
+            if '.' in hostname
+            else (
+              hostname + '.' + vm_dns_search
+              if vm_dns_search is defined and vm_dns_search | length
+              else hostname
+            )
+          }}
+      ansible.builtin.copy:
+        content: "{{ configuration_hostname_fqdn }}"
+        dest: /mnt/etc/hostname
+        mode: "0644"
+
+    - name: Add host entry to /etc/hosts
+      vars:
+        configuration_hostname_fqdn: >-
+          {{
+            hostname
+            if '.' in hostname
+            else (
+              hostname + '.' + vm_dns_search
+              if vm_dns_search is defined and vm_dns_search | length
+              else hostname
+            )
+          }}
+        configuration_hostname_short: "{{ hostname.split('.')[0] }}"
+        configuration_hostname_entries: >-
+          {{ [configuration_hostname_fqdn, configuration_hostname_short] | unique | join(' ') }}
+        configuration_hosts_line: >-
+          {{ vm_ip | default(inventory_hostname) }}    {{ configuration_hostname_entries }}
+      ansible.builtin.lineinfile:
+        path: /mnt/etc/hosts
+        line: "{{ configuration_hosts_line }}"
+        state: present
+
+    - name: Create vconsole.conf
+      ansible.builtin.copy:
+        content: KEYMAP=us
+        dest: /mnt/etc/vconsole.conf
+        mode: "0644"
+
+    - name: Create locale.conf
+      ansible.builtin.copy:
+        content: LANG=en_US.UTF-8
+        dest: /mnt/etc/locale.conf
+        mode: "0644"
+
+    - name: Ensure SSH password authentication is enabled
+      ansible.builtin.lineinfile:
+        path: /mnt/etc/ssh/sshd_config
+        regexp: "^#?PasswordAuthentication\\s+"
+        line: "PasswordAuthentication yes"
+
+    - name: SSH permit root login
+      ansible.builtin.replace:
+        path: /mnt/etc/ssh/sshd_config
+        regexp: "^#?PermitRootLogin.*"
+        replace: "PermitRootLogin yes"