Ansible-Bootstrap/roles/environment/tasks/main.yml

---
- name: Configure work environment
  become: "{{ hypervisor != 'vmware' }}"
  block:
    - name: Wait for connection
      ansible.builtin.wait_for_connection:
        timeout: 180
        delay: 5

    - name: Gather facts
      ansible.builtin.setup:

    - name: Check if host is booted from the Arch install media
      ansible.builtin.stat:
        path: /run/archiso
      register: environment_archiso_stat

    - name: Abort if the host is not booted from the Arch install media
      when:
        - not custom_iso_enabled
        - not environment_archiso_stat.stat.exists
      ansible.builtin.fail:
        msg: This host is not booted from the Arch install media!

    - name: Select primary Network Interface
      when: hypervisor == "vmware"
      ansible.builtin.set_fact:
        environment_interface_name: >-
          {{
            (
              (ansible_facts.interfaces | default(ansible_facts['ansible_interfaces'] | default([])))
              | reject('equalto', 'lo')
              | list
              | first
            )
            | default('')
          }}
      changed_when: false

    - name: Set IP-Address
      when:
        - hypervisor == "vmware"
        - vm_ip is defined and vm_ip | length > 0
      ansible.builtin.command: >-
        ip addr replace {{ vm_ip }}/{{ vm_nms }}
        dev {{ environment_interface_name }}
      register: environment_ip_result
      changed_when: environment_ip_result.rc == 0

    - name: Set Default Gateway
      when:
        - hypervisor == "vmware"
        - vm_gw is defined and vm_gw | length > 0
        - vm_ip is defined and vm_ip | length > 0
      ansible.builtin.command: "ip route replace default via {{ vm_gw }}"
      register: environment_gateway_result
      changed_when: environment_gateway_result.rc == 0

    - name: Synchronize clock via NTP
      ansible.builtin.command: timedatectl set-ntp true
      register: environment_ntp_result
      changed_when: false

    - name: Configure SSH for root login
      when: hypervisor == "vmware" and vmware_ssh | bool
      block:
        - name: Allow login
          ansible.builtin.replace:
            path: /etc/ssh/sshd_config
            regexp: "{{ item.regexp }}"
            replace: "{{ item.replace }}"
          loop:
            - regexp: "^#?PermitEmptyPasswords.*"
              replace: "PermitEmptyPasswords yes"
            - regexp: "^#?PermitRootLogin.*"
              replace: "PermitRootLogin yes"

        - name: Reload SSH service to apply changes
          ansible.builtin.service:
            name: sshd
            state: reloaded

        - name: Set SSH connection for VMware
          ansible.builtin.set_fact:
            ansible_connection: ssh
            ansible_user: root

    - name: Prepare installer environment
      block:
        - name: Speed-up Bootstrap process
          when: not custom_iso_enabled
          ansible.builtin.lineinfile:
            path: /etc/pacman.conf
            regexp: ^#ParallelDownloads =
            line: ParallelDownloads = 20

        - name: Wait for pacman lock to be released
          when: not custom_iso_enabled
          ansible.builtin.wait_for:
            path: /var/lib/pacman/db.lck
            state: absent
            timeout: 120
          changed_when: false

        - name: Setup Pacman
          when:
            - not custom_iso_enabled
            - "'os' not in item or os in item.os"
          community.general.pacman:
            update_cache: true
            force: true
            name: "{{ item.name }}"
            state: latest
          loop:
            - {name: glibc}
            - {name: dnf, os: [almalinux, fedora, rhel8, rhel9, rhel10, rocky]}
            - {name: debootstrap, os: [debian11, debian12, debian13, ubuntu, ubuntu-lts]}
            - {name: debian-archive-keyring, os: [debian11, debian12, debian13]}
            - {name: ubuntu-keyring, os: [ubuntu, ubuntu-lts]}
          retries: 4
          delay: 15

        - name: Prepare /iso mount and repository for RHEL-based systems
          when: os | lower in ["rhel8", "rhel9", "rhel10"]
          block:
            - name: Create /iso directory
              ansible.builtin.file:
                path: /usr/local/install/redhat/dvd
                state: directory
                mode: "0755"

            - name: Mount RHEL ISO
              ansible.posix.mount:
                src: "{{ '/dev/sr1' if hypervisor == 'vmware' else '/dev/sr2' }}"
                path: /usr/local/install/redhat/dvd
                fstype: iso9660
                opts: "ro,loop"
                state: mounted

        - name: Configure RHEL Repos for installation
          when: is_rhel | bool
          block:
            - name: Create directories for repository files and RPM GPG keys
              ansible.builtin.file:
                path: /etc/yum.repos.d
                state: directory
                mode: "0755"

            - name: Create RHEL repository file
              ansible.builtin.template:
                src: "{{ os | lower }}.repo.j2"
                dest: /etc/yum.repos.d/{{ os | lower }}.repo
                mode: "0644"