--- - name: Create and configure VMs hosts: all strategy: free # noqa: run-once[play] gather_facts: false become: true vars_prompt: - name: user_name prompt: | What is your username? private: false - name: user_public_key prompt: | What is your ssh key? private: false - name: user_password prompt: | What is your password? confirm: true - name: root_password prompt: | What is your root password? confirm: true vars_files: vars.yml pre_tasks: - name: Load global defaults ansible.builtin.import_role: name: global_defaults - name: Validate variables ansible.builtin.assert: that: - install_type is defined and install_type in ["virtual", "physical"] - hypervisor in ["libvirt", "proxmox", "vmware", "none"] - install_type is defined and (install_type == "physical" or hypervisor in ["libvirt", "proxmox", "vmware"]) - filesystem is defined and filesystem in ["btrfs", "ext4", "xfs"] - install_drive is defined and install_drive | length > 0 - hostname is defined and hostname | length > 0 - os is defined and os in ["archlinux", "almalinux", "debian11", "debian12", "debian13", "fedora", "rhel8", "rhel9", "rhel10", "rocky", "ubuntu", "ubuntu-lts"] - os is defined and (os not in ["rhel8", "rhel9", "rhel10"] or (rhel_iso is defined and rhel_iso | length > 0)) - install_type is defined and (install_type == "physical" or (boot_iso is defined and boot_iso | length > 0)) - install_type is defined and (install_type == "physical" or (vm_cpus is defined and (vm_cpus | int) > 0)) - install_type is defined and (install_type == "physical" or (vm_size is defined and (vm_size | float) > 0)) - install_type is defined and (install_type == "physical" or (vm_memory is defined and (vm_memory | float) > 0)) - >- install_type is defined and filesystem is defined and ( install_type == "physical" or ( vm_size is defined and ( (filesystem == "btrfs" and (vm_size | int) >= 10) or (filesystem != "btrfs" and (vm_size | int) >= 20) ) ) ) - >- install_type is defined and ( install_type == "physical" or ( vm_size is defined and vm_memory is defined and ( (vm_size | float) >= ( (vm_memory | float / 1024 >= 16.0) | ternary( (vm_memory | float / 2048), [vm_memory | float / 1024, 4.0] | max ) + 16 ) ) ) ) - >- vm_ip is not defined or vm_ip | length == 0 or (vm_nms is defined and (vm_nms | int) > 0) fail_msg: Invalid input specified, please try again. - name: Set OS family flags ansible.builtin.set_fact: is_rhel: "{{ os | lower in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rhel10', 'rocky'] }}" is_debian: "{{ os | lower in ['debian11', 'debian12', 'debian13', 'ubuntu', 'ubuntu-lts'] }}" changed_when: false - name: Set Python interpreter for RHEL-based installers when: - ansible_python_interpreter is not defined - os | lower in ["almalinux", "rhel8", "rhel9", "rhel10", "rocky"] ansible.builtin.set_fact: ansible_python_interpreter: /usr/bin/python3 changed_when: false - name: Set SSH access when: - install_type == "virtual" - hypervisor != "vmware" ansible.builtin.set_fact: ansible_user: "{{ user_name }}" ansible_password: "{{ user_password }}" ansible_become_password: "{{ user_password }}" ansible_ssh_extra_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" - name: Set connection for VMware when: hypervisor == "vmware" ansible.builtin.set_fact: ansible_connection: vmware_tools roles: - role: virtualization when: install_type == "virtual" become: false vars: ansible_connection: local - role: environment vars: ansible_connection: "{{ 'vmware_tools' if hypervisor == 'vmware' else 'ssh' }}" - role: partitioning vars: partitioning_boot_partition_suffix: 1 partitioning_main_partition_suffix: 2 - role: bootstrap - role: configuration - role: cis when: cis_enabled - role: cleanup when: install_type in ["virtual", "physical"] become: false post_tasks: - name: Set post-reboot connection flags ansible.builtin.set_fact: post_reboot_can_connect: >- {{ (ansible_connection | default('ssh')) != 'ssh' or (vm_ip is defined and (vm_ip | string | length) > 0) or ( install_type == 'physical' and (ansible_host | default('') | string | length) > 0 ) }} changed_when: false - name: Set final SSH credentials for post-reboot tasks when: - post_reboot_can_connect | bool ansible.builtin.set_fact: ansible_user: "{{ user_name }}" ansible_password: "{{ user_password }}" ansible_become_password: "{{ user_password }}" ansible_ssh_extra_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" - name: Install post-reboot extra packages when: - post_reboot_can_connect | bool - extra_packages is defined - extra_packages | length > 0 block: - name: Normalize extra package list ansible.builtin.set_fact: post_install_extra_packages: >- {{ ( extra_packages if (extra_packages is iterable and extra_packages is not string) else (extra_packages | string).split(',') ) | map('trim') | reject('equalto', '') | list }} changed_when: false - name: Install extra packages when: post_install_extra_packages | length > 0 ansible.builtin.package: name: "{{ post_install_extra_packages }}" state: present