- name: Configuration block: - name: Generate fstab shell: genfstab -LU /mnt > /mnt/etc/fstab - name: Append TempFS to fstab lineinfile: path: /mnt/etc/fstab line: "{{ item }}" insertafter: EOF with_items: - "" - "# TempFS" - "tmpfs /tmp tmpfs defaults,nosuid,nodev,noexec 0 0" - "tmpfs /var/tmp tmpfs defaults,nosuid,nodev,noexec 0 0" - "tmpfs /dev/shm tmpfs defaults,noexec 0 0" - name: Set local timezone command: '{{ item }}' with_items: - systemctl daemon-reload - arch-chroot /mnt ln -sf /usr/share/zoneinfo/Europe/Vienna /etc/localtime - name: Generate adjtime file command: arch-chroot /mnt /usr/sbin/hwclock --systohc - name: Setup locales block: - name: Configure locale.gen when: os | lower != "rocky" lineinfile: dest: /mnt/etc/locale.gen regexp: '{{ item.regex }}' line: '{{ item.line }}' loop: - {regex: en_US\.UTF-8 UTF-8, line: en_US.UTF-8 UTF-8} - name: Generate locales\ when: os | lower != "rocky" command: arch-chroot /mnt /usr/sbin/locale-gen - name: Set hostname copy: content: "{{ hostname }}" dest: /mnt/etc/hostname - name: Add host entry to /etc/hosts lineinfile: path: /mnt/etc/hosts line: "{{ ansible_host }} {{ hostname }}" state: present - name: Create vconsole.conf copy: content: "KEYMAP=de-latin1-nodeadkeys" dest: /mnt/etc/vconsole.conf - name: Create locale.conf copy: content: "LANG=en_US.UTF-8" dest: /mnt/etc/locale.conf - name: SSH permit Password replace: path: /mnt/etc/ssh/sshd_config regexp: '#PasswordAuthentication yes' replace: 'PasswordAuthentication yes' - name: Enable Systemd Services block: - name: Enable sshd when: os | lower == "archlinux" command: arch-chroot /mnt systemctl enable sshd logrotate systemd-resolved systemd-timesyncd NetworkManager - name: Configure grub when: os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky'] block: - name: Add commandline information to grub config lineinfile: dest: /mnt/etc/default/grub regexp: ^GRUB_CMDLINE_LINUX_DEFAULT= line: 'GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3"' - name: Change Grub time lineinfile: dest: /mnt/etc/default/grub regexp: ^GRUB_TIMEOUT= line: 'GRUB_TIMEOUT=0' - name: Configure Bootloader block: - name: Install Bootloader command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/sbin/efibootmgr -c -L '{{ os }}' -d "{{ install_drive }}" -wwp 1 -l '\efi\EFI\{{ os }}\shimx64.efi'{% else %}/usr/sbin/grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id={{ os }}{% endif %} - name: Generate grub config command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/sbin/grub2-mkconfig -o /boot/efi/EFI/{{ os }}/grub.cfg{% else %}/usr/sbin/grub-mkconfig -o /boot/grub/grub.cfg{% endif %} - name: Regenerate initramfs command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/bin/dracut --regenerate-all --force{% else %}/usr/sbin/mkinitcpio -P{% endif %} - name: Extra Configuration when: os | lower != "archlinux" block: - name: Append lines to vimrc ignore_errors: true lineinfile: path: "{{ '/mnt/etc/vim/vimrc' if os|lower in ['debian11' ,'debian12'] else '/mnt/etc/vimrc' }}" line: "{{ item }}" insertafter: EOF with_items: - "set encoding=utf-8" - "set number" - "set autoindent" - "set smartindent" - "set mouse=a" - name: Copy FirstRun Script template: src: firstrun.sh.j2 dest: /mnt/root/firstrun.sh mode: '0755' - name: Copy Custom Shell config template: src: custom.sh.j2 dest: /mnt/etc/profile.d/custom.sh - name: Setup Network block: - name: Generate UUID for Network Profile command: "uuidgen" register: net_uuid - name: Retrieve Network Interface Name shell: "ip r | awk 'NR==1 {print $5}'" register: net_inf - name: Copy NetworkManager keyfile template: src: network.j2 dest: /mnt/etc/NetworkManager/system-connections/LAN.nmconnection mode: '0600' - name: Setup user account block: - name: Create user account command: '{{ item }}' with_items: - arch-chroot /mnt /usr/sbin/useradd --create-home --user-group --groups {{ "sudo" if os|lower in ["debian11", "debian12"] else "wheel" }} {{ user_name }} --password {{ user_password | password_hash('sha512') }} --shell /bin/bash - arch-chroot /mnt /usr/sbin/usermod --password '{{ root_password | password_hash('sha512') }}' root --shell /bin/bash - name: Add SSH public key to authorized_keys when: user_public_key is defined lineinfile: path: "/mnt/home/{{ user_name }}/.ssh/authorized_keys" line: "{{ user_public_key }}" owner: 1000 group: 1000 mode: "0600" create: yes - name: Give sudo access to wheel group copy: content: "{{ '%sudo ALL=(ALL) ALL' if os|lower in ['debian11', 'debian12'] else '%wheel ALL=(ALL) ALL' }}" dest: /mnt/etc/sudoers.d/01-wheel mode: 0440 validate: /usr/sbin/visudo --check --file=%s - name: Fix SELinux when: os | lower in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky'] command: touch /mnt/.autorelabel