build provisionning roles

This commit is contained in:
vincent 2021-03-18 22:35:44 +01:00
parent 25b7f91097
commit bdb76c3935
3 changed files with 156 additions and 12 deletions

View File

@ -7,8 +7,68 @@ partition_table:
part_end: 512MB
name: boot
flags: [boot, esp]
fstype: vfat
format: yes
- number: 2
part_start: 512MB
part_end: 1524MB
name: swap
flags: [swap]
fstype: swap
format: yes
- number: 3
part_start: 1524MB
name: root
flags: [lvm]
fstype: ext4
format: yes
#- device: "/dev/sdb"
#settings:
#- number: 1
#name: home
#fstype: ext4
#format:
mount_table:
- device: "/dev/sda"
settings:
- number: 3
mountpath: /mnt
fstype: ext4
- number: 1
mountpath: /mnt/boot
fstype: vfat
provissionning_pacstrap_software:
- base
- base-devel
- net-tools
- wireless_tools
- dialog
- wpa_supplicant
- openssh
- git
- grub
- ansible
- dhcpcd
- efibootmgr
- linux
- linux-firmware
- lvm2
- netctl
provissionning_initramfs_hooks:
- base
- udev
- autodetect
- modconf
- block
- keyboard
- lvm2
- resume
- filesystems
- fsck
provissionning_enable_service:
- sshd
- dhcpcd
system_arch_local_mirror:

View File

@ -1,31 +1,116 @@
---
# tasks file for ansible-arch-provissionning
# tasks file for ansible-arch-provissionninga
#
- name: debug
debug:
var: item
loop: '{{ partition_table|subelements("settings") }}'
- name: Abort if the host is not booted from the Arch install media
fail:
msg: "This host is not booted from the Arch install media!"
msg: "This host {{ ansible_nodename }} is not booted from the Arch install media!"
when: ansible_nodename != 'archiso'
- name: Synchronize clock via NTP
command: timedatectl set-ntp true
- name: wipe drives
j
command: wipefs -a {{ item.device }}
loop: '{{ partition_table }}'
- name: create partition
parted:
device: "{{ item.0.device }}"
label: gpt
number: "{{ item.1.number }}"
part_start: "{{ item.1.part_start | default('0%') }}"
part_end: "{{ item.1.part_end | default('100%') }}"
name: "{{ item.1.name }}"
flags: "{{ item.1.flags }}"
state: present
loop: '{{ partition_table|subelements("settings") }}'
- name: create filesystems
filesystem:
dev: "{{ item.0.device }}{{ item.1.number }}"
fstype: "{{ item.1.fstype }}"
force: yes
loop: '{{ partition_table|subelements("settings") }}'
when: item.1.format == True
- name: mount
- name: Mount filesystems
mount:
src: "{{ item.0.device }}{{ item.1.number }}"
fstype: "{{ item.1.fstype }}"
path: "{{ item.1.mountpath }}"
state: "mounted"
loop: '{{ mount_table|subelements("settings") }}'
when: item.1.mountpath is defined
- name: add local mirror
- name: enable swap
command: mkswap "{{ item.0.device }}{{ item.1.number }}"
loop: '{{ partition_table|subelements("settings") }}'
when: item.1.fstype == "swap"
- name: pacstrap
- name: add local repo to mirrorlist
become: yes
lineinfile:
path: /etc/pacman.d/mirrorlist
line: "Server= {{system_arch_local_mirror}}/$repo/os/$arch"
state: present
insertbefore: BOF
when: system_arch_local_mirror is defined
- name: update archlinux-keyring
pacman:
name: archlinux-keyring
state: latest
- name: populate key
command: "{{ item }}"
loop:
- pacman-key --init
- pacman-key --populate archlinux
- name: pacstrap
shell:
cmd: "pacstrap /mnt {{ provissionning_pacstrap_software | join(' ') }}"
- name: Generate fstab
shell:
cmd: genfstab -U /mnt >> /mnt/etc/fstab
- name: Enable sshd
command: arch-chroot /mnt systemctl enable sshd
- name: Enable service
command: "arch-chroot /mnt systemctl enable {{ item }}"
loop: "{{ provissionning_enable_service }}"
- name: Set up initramfs
block:
- name: Add mkinitcpio.conf hooks
lineinfile:
dest: /mnt/etc/mkinitcpio.conf
regexp: ^HOOKS=
line: "HOOKS=( {{provissionning_initramfs_hooks | join(' ')}} )"
- name: Create new initramfs
command: arch-chroot /mnt mkinitcpio -p linux
- name: Set up grub
block:
- name: Install grub
command: arch-chroot /mnt grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB
- name: Create grub config
command: arch-chroot /mnt grub-mkconfig -o /boot/grub/grub.cfg
- name: Remove root SSH access
become: yes
lineinfile:
dest: /mnt/etc/ssh/sshd_config
regexp: "^PermitRootLogin"
line: "PermitRootLogin yes"
state: present
- name: Reboot
reboot:
connect_timeout: 1
reboot_timeout: 1
failed_when: false

View File

@ -1,5 +1,4 @@
---
- hosts: localhost
remote_user: root
roles:
- ansible-arch-provissionning
- ../../ansible-arch-provissionning