--- # tasks file for ansible-arch-provissionninga # - name: Abort if the host is not booted from the Arch install media fail: msg: "This host {{ ansible_nodename }} is not booted from the Arch install media!" when: ansible_nodename != 'archiso' - name: Synchronize clock via NTP command: timedatectl set-ntp true - name: wipe drives command: wipefs -a {{ item.device }} loop: '{{ partition_table }}' - name: create partition parted: device: "{{ item.0.device }}" label: "{% if provissionning_UEFI_Enable == True %}gpt{% else %}msdos{% endif %}" number: "{{ item.1.number }}" part_start: "{{ item.1.part_start | default('0%') }}" part_end: "{{ item.1.part_end | default('100%') }}" #name: "{{ item.1.name }} |default('none')" flags: "{{ item.1.flags }}" state: present loop: '{{ partition_table|subelements("settings") }}' - name: create filesystems filesystem: dev: "{{ item.0.device }}{{ item.1.number }}" fstype: "{{ item.1.fstype }}" force: yes loop: '{{ partition_table|subelements("settings") }}' when: item.1.format == True - name: Mount filesystems mount: src: "{{ item.0.device }}{{ item.1.number }}" fstype: "{{ item.1.fstype }}" path: "{{ item.1.mountpath }}" state: "mounted" loop: '{{ mount_table|subelements("settings") }}' when: item.1.mountpath is defined - name: enable swap command: mkswap "{{ item.0.device }}{{ item.1.number }}" loop: '{{ partition_table|subelements("settings") }}' when: item.1.fstype == "swap" - name: add local repo to mirrorlist become: yes lineinfile: path: /etc/pacman.d/mirrorlist line: "Server= {{system_arch_local_mirror}}/$repo/os/$arch" state: present insertbefore: BOF when: system_arch_local_mirror is defined - name: update archlinux-keyring pacman: update_cache: yes name: archlinux-keyring state: latest - name: populate key command: "{{ item }}" loop: - pacman-key --init - pacman-key --populate archlinux - name: pacstrap shell: cmd: "pacstrap /mnt {{ provissionning_pacstrap_software | join(' ') }}" - name: Generate fstab shell: cmd: genfstab -U /mnt >> /mnt/etc/fstab - name: Enable sshd command: arch-chroot /mnt systemctl enable sshd - name: Enable service command: "arch-chroot /mnt systemctl enable {{ item }}" loop: "{{ provissionning_enable_service }}" - name: Set up initramfs block: - name: Add mkinitcpio.conf hooks lineinfile: dest: /mnt/etc/mkinitcpio.conf regexp: ^HOOKS= line: "HOOKS=( {{provissionning_initramfs_hooks | join(' ')}} )" - name: Create new initramfs command: arch-chroot /mnt mkinitcpio -p linux - name: Set up grub block: - name: Install uefi grub command: arch-chroot /mnt grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB when: provissionning_UEFI_Enable == True - name: Install legacy grub command: "arch-chroot /mnt grub-install {{ item.0.device }} " loop: '{{ mount_table|subelements("settings") }}' when: item.1.mountpath == "/mnt/boot" and provissionning_UEFI_Enable == False - name: Create grub config command: arch-chroot /mnt grub-mkconfig -o /boot/grub/grub.cfg - name: Remove root SSH access become: yes lineinfile: dest: /mnt/etc/ssh/sshd_config regexp: "^PermitRootLogin" line: "PermitRootLogin yes" state: present - name: change root password shell: cmd: "echo 'root:{{ vault_default_root | password_hash('sha512')}}' |arch-chroot /mnt chpasswd -e" when: vault_default_root is defined - name: Reboot reboot: msg: reboot in new system reboot_timeout: 60 ignore_errors: yes