103 lines
3.1 KiB
YAML
103 lines
3.1 KiB
YAML
---
|
|
- name: Speed-up Bootstrap process
|
|
when: not (custom_iso | bool)
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/pacman.conf
|
|
regexp: ^#ParallelDownloads =
|
|
line: "ParallelDownloads = {{ environment_parallel_downloads }}"
|
|
|
|
- name: Wait for pacman lock to be released
|
|
when: not (custom_iso | bool)
|
|
ansible.builtin.wait_for:
|
|
path: /var/lib/pacman/db.lck
|
|
state: absent
|
|
timeout: "{{ environment_pacman_lock_timeout }}"
|
|
changed_when: false
|
|
|
|
- name: Setup Pacman
|
|
when:
|
|
- not (custom_iso | bool)
|
|
- item.os is not defined or os in item.os
|
|
community.general.pacman:
|
|
update_cache: true
|
|
force: true
|
|
name: "{{ item.name }}"
|
|
state: latest
|
|
loop:
|
|
- { name: glibc }
|
|
- { name: dnf, os: [almalinux, fedora, rhel, rocky] }
|
|
- { name: debootstrap, os: [debian, ubuntu, ubuntu-lts] }
|
|
- { name: debian-archive-keyring, os: [debian] }
|
|
- { name: ubuntu-keyring, os: [ubuntu, ubuntu-lts] }
|
|
loop_control:
|
|
label: "{{ item.name }}"
|
|
retries: "{{ environment_pacman_retries }}"
|
|
delay: "{{ environment_pacman_retry_delay }}"
|
|
|
|
- name: Prepare /iso mount and repository for RHEL-based systems
|
|
when: os == "rhel"
|
|
block:
|
|
- name: Create /iso directory
|
|
ansible.builtin.file:
|
|
path: /usr/local/install/redhat/dvd
|
|
state: directory
|
|
mode: "0755"
|
|
|
|
- name: Detect RHEL ISO device
|
|
ansible.builtin.command: lsblk -rno NAME,TYPE
|
|
register: environment_lsblk_result
|
|
changed_when: false
|
|
|
|
- name: Select RHEL ISO device
|
|
vars:
|
|
_rom_devices: >-
|
|
{{
|
|
environment_lsblk_result.stdout_lines
|
|
| map('split', ' ')
|
|
| selectattr('1', 'equalto', 'rom')
|
|
| map('first')
|
|
| map('regex_replace', '^', '/dev/')
|
|
| list
|
|
}}
|
|
ansible.builtin.set_fact:
|
|
environment_rhel_iso_device: >-
|
|
{{
|
|
_rom_devices[-1]
|
|
if _rom_devices | length > 1
|
|
else (_rom_devices[0] | default('/dev/sr1'))
|
|
}}
|
|
|
|
- name: Mount RHEL ISO
|
|
ansible.posix.mount:
|
|
src: "{{ environment_rhel_iso_device }}"
|
|
path: /usr/local/install/redhat/dvd
|
|
fstype: iso9660
|
|
opts: "ro,loop"
|
|
state: mounted
|
|
|
|
# Security note: RPM Sequoia signature policy is relaxed to allow
|
|
# bootstrapping RHEL-family distros from the Arch ISO, where the
|
|
# host rpm/dnf does not trust target distro GPG keys. Package
|
|
# integrity is verified by the target system's own rpm after reboot.
|
|
- name: Relax RPM Sequoia signature policy for RHEL bootstrap
|
|
when: is_rhel | bool
|
|
ansible.builtin.copy:
|
|
dest: /etc/rpm/macros
|
|
content: "%_pkgverify_level none\n"
|
|
mode: "0644"
|
|
|
|
- name: Configure RHEL Repos for installation
|
|
when: is_rhel | bool
|
|
block:
|
|
- name: Create directories for repository files and RPM GPG keys
|
|
ansible.builtin.file:
|
|
path: /etc/yum.repos.d
|
|
state: directory
|
|
mode: "0755"
|
|
|
|
- name: Create RHEL repository file
|
|
ansible.builtin.template:
|
|
src: "{{ os }}.repo.j2"
|
|
dest: /etc/yum.repos.d/{{ os }}.repo
|
|
mode: "0644"
|