--- - name: Gather minimal facts for safety checks ansible.builtin.setup: gather_subset: - "!all" - "min" - "mounts" changed_when: false - name: Production system protection check block: - name: Check for OS release information ansible.builtin.stat: path: /etc/os-release register: system_check_os_release_exists - name: Check for live environment markers ansible.builtin.stat: path: "{{ item }}" loop: - /run/archiso - /run/live - /run/initramfs - /run/initramfs/live register: system_check_live_markers changed_when: false - name: Determine root filesystem type ansible.builtin.set_fact: system_check_root_fstype: >- {{ ansible_mounts | selectattr('mount', 'equalto', '/') | map(attribute='fstype') | list | first | default('') | lower }} changed_when: false - name: Identify live environment indicators ansible.builtin.set_fact: system_check_is_live_environment: >- {{ (not system_check_os_release_exists.stat.exists) or ( system_check_live_markers.results | selectattr('stat.exists') | list | length > 0 ) or system_check_root_fstype in ['overlay', 'overlayfs', 'squashfs', 'aufs'] or (ansible_hostname | default('') | lower is search('live')) }} changed_when: false - name: Assert target is not a production system ansible.builtin.assert: that: - system_check_is_live_environment | bool fail_msg: | PRODUCTION SYSTEM DETECTED - ABORTING The target system appears to be a production environment with an already installed operating system. This playbook is designed to run ONLY on live installer environments (e.g., ArchLinux ISO, Debian netinst). DO NOT proceed on production systems. This could result in data loss. To use this playbook: 1. Boot from a live installer ISO (ArchLinux, Debian, Ubuntu, etc.) 2. Run playbook against live environment 3. Target an empty disk for installation If you are certain you want to proceed, you must verify you are running from a live environment, not an installed system. quiet: true - name: VM existence protection check when: install_type == "virtual" block: - name: Check if VM already exists on libvirt when: hypervisor == "libvirt" delegate_to: localhost become: false community.libvirt.virt: command: list_vms register: system_check_libvirt_existing_vms changed_when: false failed_when: false - name: Abort if VM already exists on libvirt when: hypervisor == "libvirt" ansible.builtin.assert: that: - hostname not in system_check_libvirt_existing_vms.domains | default([]) fail_msg: | VM {{ hostname }} already exists on libvirt hypervisor. To avoid data loss, the playbook will not overwrite or delete existing VMs. Please choose a different hostname or remove the existing VM manually before proceeding. quiet: true - name: Check if VM already exists on Proxmox when: hypervisor == "proxmox" delegate_to: localhost become: false community.proxmox.proxmox_vm_info: api_host: "{{ hypervisor_url }}" api_user: "{{ hypervisor_username }}" api_password: "{{ hypervisor_password }}" node: "{{ hypervisor_node }}" vmid: "{{ system_cfg.id }}" name: "{{ hostname }}" type: qemu register: system_check_proxmox_check_result changed_when: false - name: Abort if VM already exists on Proxmox when: hypervisor == "proxmox" ansible.builtin.assert: that: - system_check_proxmox_check_result.proxmox_vms | default([]) | length == 0 fail_msg: | VM {{ hostname }} (ID: {{ system_cfg.id }}) already exists on Proxmox hypervisor. To avoid data loss, the playbook will not overwrite or delete existing VMs. Please choose a different hostname or VM ID, or remove the existing VM manually before proceeding. quiet: true - name: Check if VM already exists in vCenter when: hypervisor == "vmware" delegate_to: localhost community.vmware.vmware_guest_info: hostname: "{{ hypervisor_url }}" username: "{{ hypervisor_username }}" password: "{{ hypervisor_password }}" validate_certs: "{{ hypervisor_validate_certs }}" datacenter: "{{ hypervisor_datacenter }}" name: "{{ hostname }}" folder: "{{ system_cfg.path if system_cfg.path | length > 0 else omit }}" register: system_check_vmware_check_result failed_when: false changed_when: false - name: Fail if vCenter lookup failed unexpectedly when: hypervisor == "vmware" ansible.builtin.assert: that: - not system_check_vmware_check_result.failed or (system_check_vmware_check_result.msg is search('non-existing VM')) fail_msg: | Unable to verify VM existence in vCenter. {{ system_check_vmware_check_result.msg | default('Unknown error') }} quiet: true - name: Abort if VM already exists in vCenter when: hypervisor == "vmware" ansible.builtin.assert: that: - system_check_vmware_check_result.instance is not defined fail_msg: | VM {{ hostname }} already exists in vCenter. To avoid data loss, the playbook will not overwrite or delete existing VMs. Please choose a different hostname or remove the existing VM manually before proceeding. quiet: true - name: Check if VM already exists on Xen when: hypervisor == "xen" delegate_to: localhost ansible.builtin.command: argv: - xl - list register: system_check_xen_existing_vms changed_when: false failed_when: false - name: Abort if VM already exists on Xen when: hypervisor == "xen" ansible.builtin.assert: that: - hostname not in system_check_xen_existing_vms.stdout | default('') fail_msg: | VM {{ hostname }} already exists on Xen hypervisor. To avoid data loss, the playbook will not overwrite or delete existing VMs. Please choose a different hostname or remove the existing VM manually before proceeding. quiet: true