Compare commits
No commits in common. "e37b5a535b1ad943b4a809737796abc11dc7151f" and "a3b772c5434f591a895663eba06889026e8c9938" have entirely different histories.
e37b5a535b
...
a3b772c543
4
main.yml
4
main.yml
@ -87,6 +87,4 @@
|
||||
- name: Reboot system
|
||||
when: hypervisor != "libvirt"
|
||||
ansible.builtin.command: reboot
|
||||
failed_when: false
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
ignore_errors: true
|
||||
|
@ -9,14 +9,9 @@
|
||||
- name: Bootstrap ArchLinux
|
||||
when: os | lower == 'archlinux'
|
||||
ansible.builtin.command: pacstrap /mnt {{ role_packages.archlinux | join(' ') }} --asexplicit
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Bootstrap Debian System
|
||||
when: os | lower in ['debian11', 'debian12']
|
||||
ansible.builtin.command: "{{ item }}"
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
with_items:
|
||||
- |
|
||||
debootstrap --include={{ role_packages[os].base | join(',') }} {{ 'bullseye' if os == 'debian11' else 'bookworm' }} \
|
||||
@ -27,8 +22,6 @@
|
||||
- name: Bootstrap Ubuntu System
|
||||
when: os | lower in ['ubuntu', 'ubuntu-lts']
|
||||
ansible.builtin.command: "{{ item }}"
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
with_items:
|
||||
- |
|
||||
debootstrap --include={{ role_packages[os].base | join(',') }} {{ 'mantic' if os == 'ubuntu' else 'jammy' }} \
|
||||
@ -40,8 +33,6 @@
|
||||
- name: Bootstrap AlmaLinux 9
|
||||
when: os | lower == 'almalinux'
|
||||
ansible.builtin.command: "{{ item }}"
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
with_items:
|
||||
- dnf --releasever=9 --best --repo=alma-baseos --installroot=/mnt --setopt=install_weak_deps=False groupinstall -y base core
|
||||
- echo "nameserver 1.0.0.1" > /mnt/etc/resolv.conf
|
||||
@ -50,8 +41,6 @@
|
||||
- name: Bootstrap Fedora 40
|
||||
when: os | lower == 'fedora'
|
||||
ansible.builtin.command: "{{ item }}"
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
with_items:
|
||||
- |
|
||||
dnf --releasever=40 --best --repo=fedora --repo=fedora-updates \
|
||||
@ -62,8 +51,6 @@
|
||||
- name: Bootstrap RockyLinux 9
|
||||
when: os | lower == 'rocky'
|
||||
ansible.builtin.command: "{{ item }}"
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
with_items:
|
||||
- dnf --releasever=9 --best --repo=rocky-baseos --installroot=/mnt --setopt=install_weak_deps=False groupinstall -y base core
|
||||
- echo "nameserver 1.0.0.1" > /mnt/etc/resolv.conf
|
||||
@ -72,8 +59,6 @@
|
||||
- name: Bootstrap RHEL System
|
||||
when: os | lower in ['rhel8', 'rhel9']
|
||||
ansible.builtin.command: "{{ item }}"
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
with_items:
|
||||
- dnf --releasever={{ '8' if os == 'rhel8' else '9' }} --installroot=/mnt --setopt=install_weak_deps=False groupinstall -y base core
|
||||
- echo 'nameserver 1.0.0.1' > /mnt/etc/resolv.conf
|
||||
|
@ -20,7 +20,7 @@
|
||||
- name: Remove CD-ROM from VM in vCenter
|
||||
when: hypervisor == "vmware"
|
||||
delegate_to: localhost
|
||||
failed_when: false
|
||||
ignore_errors: true
|
||||
community.vmware.vmware_guest:
|
||||
hostname: "{{ hypervisor_url }}"
|
||||
username: "{{ hypervisor_username }}"
|
||||
@ -64,8 +64,6 @@
|
||||
when: cdrom_devices.stdout_lines | length > 0
|
||||
ansible.builtin.command: virsh --connect qemu:///system detach-disk {{ hostname }} {{ item }} --persistent
|
||||
with_items: "{{ cdrom_devices.stdout_lines }}"
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Start the VM
|
||||
community.libvirt.virt:
|
||||
|
@ -3,9 +3,6 @@
|
||||
block:
|
||||
- name: Generate fstab
|
||||
ansible.builtin.shell: genfstab -LU /mnt > /mnt/etc/fstab
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Append TempFS to fstab
|
||||
ansible.builtin.lineinfile:
|
||||
path: /mnt/etc/fstab
|
||||
@ -20,8 +17,6 @@
|
||||
|
||||
- name: Set local timezone
|
||||
ansible.builtin.command: "{{ item }}"
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
with_items:
|
||||
- systemctl daemon-reload
|
||||
- arch-chroot /mnt ln -sf /usr/share/zoneinfo/Europe/Vienna /etc/localtime
|
||||
@ -37,12 +32,9 @@
|
||||
loop:
|
||||
- { regex: en_US\.UTF-8 UTF-8, line: en_US.UTF-8 UTF-8 }
|
||||
|
||||
- name: Generate locales
|
||||
- name: Generate locales\
|
||||
when: os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
|
||||
ansible.builtin.command: arch-chroot /mnt /usr/sbin/locale-gen
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Set hostname
|
||||
ansible.builtin.copy:
|
||||
content: "{{ hostname }}"
|
||||
@ -78,9 +70,6 @@
|
||||
- name: Enable sshd
|
||||
when: os | lower == "archlinux"
|
||||
ansible.builtin.command: arch-chroot /mnt systemctl enable sshd logrotate systemd-resolved systemd-timesyncd NetworkManager
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Configure grub
|
||||
when: os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
|
||||
block:
|
||||
@ -105,9 +94,6 @@
|
||||
{% else %}/usr/sbin/grub-install --target=x86_64-efi --efi-directory={{ "/boot/efi" if os | lower in ["ubuntu", "ubuntu-lts"] else "/boot" }}
|
||||
--bootloader-id={{ "ubuntu" if os | lower in ["ubuntu", "ubuntu-lts"] else os }}
|
||||
{% endif %}
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Generate grub config
|
||||
ansible.builtin.command: arch-chroot /mnt
|
||||
{% if os | lower not in ["archlinux", "debian11", "debian12", "ubuntu", "ubuntu-lts"] %} /usr/sbin/grub2-mkconfig
|
||||
@ -115,9 +101,6 @@
|
||||
{% else %}/usr/sbin/grub-mkconfig -o
|
||||
{{ "/boot/efi/EFI/ubuntu/grub.cfg" if os | lower in ["ubuntu", "ubuntu-lts"] else "/boot/grub/grub.cfg" }}
|
||||
{% endif %}
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Regenerate initramfs
|
||||
when: os | lower not in ["debian11", "debian12", "ubuntu", "ubuntu-lts"]
|
||||
ansible.builtin.command: arch-chroot /mnt
|
||||
@ -125,13 +108,10 @@
|
||||
{% elif os | lower not in ["debian11", "debian12", "ubuntu", "ubuntu-lts", "archlinux"] %} /usr/bin/dracut --regenerate-all --force
|
||||
{% else %} echo "Skipping initramfs regeneration"
|
||||
{% endif %}
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Extra Configuration
|
||||
block:
|
||||
- name: Append lines to vimrc
|
||||
failed_when: false
|
||||
ignore_errors: true
|
||||
ansible.builtin.lineinfile:
|
||||
path: "{{ '/mnt/etc/vim/vimrc' if os | lower in ['debian11', 'debian12', 'ubuntu', 'ubuntu-lts'] else '/mnt/etc/vimrc' }}"
|
||||
line: "{{ item }}"
|
||||
@ -160,12 +140,10 @@
|
||||
block:
|
||||
- name: Generate UUID for Network Profile
|
||||
ansible.builtin.command: uuidgen
|
||||
changed_when: net_uuid.rc == 0
|
||||
register: net_uuid
|
||||
|
||||
- name: Retrieve Network Interface Name
|
||||
ansible.builtin.shell: set -o pipefail && ip r | awk 'NR==1 {print $5}'
|
||||
changed_when: net_inf.rc == 0
|
||||
register: net_inf
|
||||
|
||||
- name: Copy NetworkManager keyfile
|
||||
@ -183,8 +161,6 @@
|
||||
{{ "sudo" if os | lower in ["debian11", "debian12", "ubuntu", "ubuntu-lts"] else "wheel" }}
|
||||
{{ user_name }} --password {{ user_password | password_hash('sha512') }} --shell /bin/bash
|
||||
- arch-chroot /mnt /usr/sbin/usermod --password '{{ root_password | password_hash('sha512') }}' root --shell /bin/bash
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Add SSH public key to authorized_keys
|
||||
when: user_public_key is defined
|
||||
@ -208,9 +184,6 @@
|
||||
- name: Relabel the filesystem
|
||||
when: os | lower in ['almalinux', 'rhel8', 'rhel9', 'rocky']
|
||||
ansible.builtin.command: touch /mnt/.autorelabel
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Disable SELinux
|
||||
when: os | lower == "fedora"
|
||||
ansible.builtin.lineinfile:
|
||||
|
@ -23,26 +23,16 @@
|
||||
- name: Setect Interface
|
||||
when: hypervisor == "vmware"
|
||||
ansible.builtin.shell: "set -o pipefail && ip l | awk -F': ' '!/lo/{print $2; exit}'"
|
||||
changed_when: interface_name.rc == 0
|
||||
register: interface_name
|
||||
|
||||
- name: Set IP-Address
|
||||
when: hypervisor == "vmware"
|
||||
ansible.builtin.command: ip addr replace {{ ansible_host }}/24 dev {{ interface_name.stdout }}
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Set Default Gateway
|
||||
when: hypervisor == "vmware"
|
||||
ansible.builtin.command: ip route replace default via {{ vm_gw }}
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Synchronize clock via NTP
|
||||
ansible.builtin.command: timedatectl set-ntp true
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Speed-up Bootstrap process
|
||||
ansible.builtin.lineinfile:
|
||||
path: /etc/pacman.conf
|
||||
|
@ -17,14 +17,10 @@
|
||||
|
||||
- name: Enable quotas on Btrfs filesystem
|
||||
ansible.builtin.command: btrfs quota enable /mnt
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Make root subvolumes
|
||||
when: cis | bool or item.subvol not in ['var_log', 'var_log_audit']
|
||||
ansible.builtin.command: btrfs su cr /mnt/{{ '@' if item.subvol == 'root' else '@' + item.subvol }}
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
loop:
|
||||
- { subvol: root }
|
||||
- { subvol: home }
|
||||
@ -35,8 +31,6 @@
|
||||
- name: Set quotas for subvolumes
|
||||
when: cis | bool or item.subvol not in ['var_log', 'var_log_audit']
|
||||
ansible.builtin.command: btrfs qgroup limit {{ item.quota }} /mnt/{{ '@' if item.subvol == 'root' else '@' + item.subvol }}
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
loop:
|
||||
- { subvol: home, quota: 2G }
|
||||
|
||||
|
@ -15,8 +15,6 @@
|
||||
- name: Remove Unsupported features for older Systems
|
||||
when: (os | lower in ['almalinux', 'debian11', 'rhel8', 'rhel9', 'rocky', 'ubuntu-lts']) and (cis | bool or item.lv not in ['var_log', 'var_log_audit'])
|
||||
ansible.builtin.command: tune2fs -O "^orphan_file,^metadata_csum_seed" "/dev/sys/{{ item.lv }}"
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
loop:
|
||||
- { lv: root }
|
||||
- { lv: home }
|
||||
|
@ -2,10 +2,8 @@
|
||||
- name: Partition install drive
|
||||
block:
|
||||
- name: Prepare partitions
|
||||
failed_when: false
|
||||
ignore_errors: true
|
||||
ansible.builtin.command: "{{ item.cmd }}"
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
loop:
|
||||
- { cmd: umount -l /mnt }
|
||||
- { cmd: vgremove -f sys }
|
||||
|
@ -9,8 +9,6 @@
|
||||
when: not vm_disk_stat.stat.exists
|
||||
delegate_to: localhost
|
||||
ansible.builtin.command: qemu-img create -f qcow2 {{ vm_path | default('/var/lib/libvirt/images/') }}{{ hostname }}.qcow2 {{ vm_size }}G
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Generate Random MAC Address
|
||||
delegate_to: localhost
|
||||
@ -34,8 +32,6 @@
|
||||
{{ vm_path | default('/var/lib/libvirt/images/') }}
|
||||
{{ hostname }}-cloudinit.iso /tmp/cloud-user-data-{{ hostname }}.yml
|
||||
-N /tmp/cloud-network-config-{{ hostname }}.yml
|
||||
changed_when: result.rc == 0
|
||||
register: result
|
||||
|
||||
- name: Create VM using libvirt
|
||||
delegate_to: localhost
|
||||
|
Loading…
Reference in New Issue
Block a user