171 lines
6.1 KiB
YAML
171 lines
6.1 KiB
YAML
- name: Configuration
|
|
block:
|
|
- name: Generate fstab
|
|
shell: genfstab -LU /mnt > /mnt/etc/fstab
|
|
|
|
- name: Append TempFS to fstab
|
|
lineinfile:
|
|
path: /mnt/etc/fstab
|
|
line: "{{ item }}"
|
|
insertafter: EOF
|
|
with_items:
|
|
- ""
|
|
- "# TempFS"
|
|
- "tmpfs /tmp tmpfs defaults,nosuid,nodev,noexec 0 0"
|
|
- "tmpfs /var/tmp tmpfs defaults,nosuid,nodev,noexec 0 0"
|
|
- "tmpfs /dev/shm tmpfs defaults,noexec 0 0"
|
|
|
|
- name: Set local timezone
|
|
command: '{{ item }}'
|
|
with_items:
|
|
- systemctl daemon-reload
|
|
- arch-chroot /mnt ln -sf /usr/share/zoneinfo/Europe/Vienna /etc/localtime
|
|
|
|
- name: Generate adjtime file
|
|
command: arch-chroot /mnt /usr/sbin/hwclock --systohc
|
|
|
|
- name: Setup locales
|
|
block:
|
|
- name: Configure locale.gen
|
|
when: os | lower != "rocky"
|
|
lineinfile:
|
|
dest: /mnt/etc/locale.gen
|
|
regexp: '{{ item.regex }}'
|
|
line: '{{ item.line }}'
|
|
loop:
|
|
- {regex: en_US\.UTF-8 UTF-8, line: en_US.UTF-8 UTF-8}
|
|
|
|
- name: Generate locales\
|
|
when: os | lower != "rocky"
|
|
command: arch-chroot /mnt /usr/sbin/locale-gen
|
|
|
|
- name: Set hostname
|
|
copy:
|
|
content: "{{ hostname }}"
|
|
dest: /mnt/etc/hostname
|
|
|
|
- name: Add host entry to /etc/hosts
|
|
lineinfile:
|
|
path: /mnt/etc/hosts
|
|
line: "{{ ansible_host }} {{ hostname }}"
|
|
state: present
|
|
|
|
- name: Create vconsole.conf
|
|
copy:
|
|
content: "KEYMAP=de-latin1-nodeadkeys"
|
|
dest: /mnt/etc/vconsole.conf
|
|
|
|
- name: Create locale.conf
|
|
copy:
|
|
content: "LANG=en_US.UTF-8"
|
|
dest: /mnt/etc/locale.conf
|
|
|
|
- name: SSH permit Password
|
|
replace:
|
|
path: /mnt/etc/ssh/sshd_config
|
|
regexp: '#PasswordAuthentication yes'
|
|
replace: 'PasswordAuthentication yes'
|
|
|
|
- name: Enable Systemd Services
|
|
block:
|
|
- name: Enable sshd
|
|
when: os | lower == "archlinux"
|
|
command: arch-chroot /mnt systemctl enable sshd logrotate systemd-resolved systemd-timesyncd NetworkManager
|
|
|
|
- name: Configure grub
|
|
when: os | lower not in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
|
|
block:
|
|
- name: Add commandline information to grub config
|
|
lineinfile:
|
|
dest: /mnt/etc/default/grub
|
|
regexp: ^GRUB_CMDLINE_LINUX_DEFAULT=
|
|
line: 'GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3"'
|
|
|
|
- name: Change Grub time
|
|
lineinfile:
|
|
dest: /mnt/etc/default/grub
|
|
regexp: ^GRUB_TIMEOUT=
|
|
line: 'GRUB_TIMEOUT=0'
|
|
|
|
- name: Configure Bootloader
|
|
block:
|
|
- name: Install Bootloader
|
|
command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/sbin/efibootmgr -c -L '{{ os }}' -d "{{ install_drive }}" -wwp 1 -l '\efi\EFI\{{ os }}\shimx64.efi'{% else %}/usr/sbin/grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id={{ os }}{% endif %}
|
|
|
|
- name: Generate grub config
|
|
command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/sbin/grub2-mkconfig -o /boot/efi/EFI/{{ os }}/grub.cfg{% else %}/usr/sbin/grub-mkconfig -o /boot/grub/grub.cfg{% endif %}
|
|
|
|
- name: Regenerate initramfs
|
|
command: arch-chroot /mnt {% if os | lower not in ["archlinux", "debian11", "debian12"] %}/usr/bin/dracut --regenerate-all --force{% else %}/usr/sbin/mkinitcpio -P{% endif %}
|
|
|
|
- name: Extra Configuration
|
|
when: os | lower != "archlinux"
|
|
block:
|
|
- name: Append lines to vimrc
|
|
ignore_errors: true
|
|
lineinfile:
|
|
path: "{{ '/mnt/etc/vim/vimrc' if os|lower in ['debian11' ,'debian12'] else '/mnt/etc/vimrc' }}"
|
|
line: "{{ item }}"
|
|
insertafter: EOF
|
|
with_items:
|
|
- "set encoding=utf-8"
|
|
- "set number"
|
|
- "set autoindent"
|
|
- "set smartindent"
|
|
- "set mouse=a"
|
|
|
|
- name: Copy FirstRun Script
|
|
template:
|
|
src: firstrun.sh.j2
|
|
dest: /mnt/root/firstrun.sh
|
|
mode: '0755'
|
|
|
|
- name: Copy Custom Shell config
|
|
template:
|
|
src: custom.sh.j2
|
|
dest: /mnt/etc/profile.d/custom.sh
|
|
|
|
- name: Setup Network
|
|
block:
|
|
- name: Generate UUID for Network Profile
|
|
command: "uuidgen"
|
|
register: net_uuid
|
|
|
|
- name: Retrieve Network Interface Name
|
|
shell: "ip r | awk 'NR==1 {print $5}'"
|
|
register: net_inf
|
|
|
|
- name: Copy NetworkManager keyfile
|
|
template:
|
|
src: network.j2
|
|
dest: /mnt/etc/NetworkManager/system-connections/LAN.nmconnection
|
|
mode: '0600'
|
|
|
|
- name: Setup user account
|
|
block:
|
|
- name: Create user account
|
|
command: '{{ item }}'
|
|
with_items:
|
|
- arch-chroot /mnt /usr/sbin/useradd --create-home --user-group --groups {{ "sudo" if os|lower in ["debian11", "debian12"] else "wheel" }} {{ user_name }} --password {{ user_password | password_hash('sha512') }} --shell /bin/bash
|
|
- arch-chroot /mnt /usr/sbin/usermod --password '{{ root_password | password_hash('sha512') }}' root --shell /bin/bash
|
|
|
|
- name: Add SSH public key to authorized_keys
|
|
when: user_public_key is defined
|
|
lineinfile:
|
|
path: "/mnt/home/{{ user_name }}/.ssh/authorized_keys"
|
|
line: "{{ user_public_key }}"
|
|
owner: 1000
|
|
group: 1000
|
|
mode: "0600"
|
|
create: yes
|
|
|
|
- name: Give sudo access to wheel group
|
|
copy:
|
|
content: "{{ '%sudo ALL=(ALL) ALL' if os|lower in ['debian11', 'debian12'] else '%wheel ALL=(ALL) ALL' }}"
|
|
dest: /mnt/etc/sudoers.d/01-wheel
|
|
mode: 0440
|
|
validate: /usr/sbin/visudo --check --file=%s
|
|
|
|
- name: Fix SELinux
|
|
when: os | lower in ['almalinux', 'fedora', 'rhel8', 'rhel9', 'rocky']
|
|
command: touch /mnt/.autorelabel |