127 lines
3.7 KiB
YAML
127 lines
3.7 KiB
YAML
---
|
|
# tasks file for ansible-arch-provissionninga
|
|
#
|
|
- name: Abort if the host is not booted from the Arch install media
|
|
fail:
|
|
msg: "This host {{ ansible_nodename }} is not booted from the Arch install media!"
|
|
when: ansible_nodename != 'archiso'
|
|
|
|
- name: Synchronize clock via NTP
|
|
command: timedatectl set-ntp true
|
|
|
|
- name: wipe drives
|
|
command: wipefs -a {{ item.device }}
|
|
loop: '{{ partition_table }}'
|
|
|
|
|
|
- name: create partition
|
|
parted:
|
|
device: "{{ item.0.device }}"
|
|
label: "{% if provissionning_UEFI_Enable == True %}GPT{% else %}msdos{% endif %}"
|
|
number: "{{ item.1.number }}"
|
|
part_start: "{{ item.1.part_start | default('0%') }}"
|
|
part_end: "{{ item.1.part_end | default('100%') }}"
|
|
#name: "{{ item.1.name }} |default('none')"
|
|
flags: "{{ item.1.flags }}"
|
|
state: present
|
|
loop: '{{ partition_table|subelements("settings") }}'
|
|
|
|
- name: create filesystems
|
|
filesystem:
|
|
dev: "{{ item.0.device }}{{ item.1.number }}"
|
|
fstype: "{{ item.1.fstype }}"
|
|
force: yes
|
|
loop: '{{ partition_table|subelements("settings") }}'
|
|
when: item.1.format == True
|
|
|
|
- name: Mount filesystems
|
|
mount:
|
|
src: "{{ item.0.device }}{{ item.1.number }}"
|
|
fstype: "{{ item.1.fstype }}"
|
|
path: "{{ item.1.mountpath }}"
|
|
state: "mounted"
|
|
loop: '{{ mount_table|subelements("settings") }}'
|
|
when: item.1.mountpath is defined
|
|
|
|
- name: enable swap
|
|
command: mkswap "{{ item.0.device }}{{ item.1.number }}"
|
|
loop: '{{ partition_table|subelements("settings") }}'
|
|
when: item.1.fstype == "swap"
|
|
|
|
- name: add local repo to mirrorlist
|
|
become: yes
|
|
lineinfile:
|
|
path: /etc/pacman.d/mirrorlist
|
|
line: "Server= {{system_arch_local_mirror}}/$repo/os/$arch"
|
|
state: present
|
|
insertbefore: BOF
|
|
when: system_arch_local_mirror is defined
|
|
- name: update archlinux-keyring
|
|
pacman:
|
|
update_cache: yes
|
|
name: archlinux-keyring
|
|
state: latest
|
|
|
|
- name: populate key
|
|
command: "{{ item }}"
|
|
loop:
|
|
- pacman-key --init
|
|
- pacman-key --populate archlinux
|
|
|
|
|
|
- name: pacstrap
|
|
shell:
|
|
cmd: "pacstrap /mnt {{ provissionning_pacstrap_software | join(' ') }}"
|
|
|
|
- name: Generate fstab
|
|
shell:
|
|
cmd: genfstab -U /mnt >> /mnt/etc/fstab
|
|
- name: Enable sshd
|
|
command: arch-chroot /mnt systemctl enable sshd
|
|
|
|
- name: Enable service
|
|
command: "arch-chroot /mnt systemctl enable {{ item }}"
|
|
loop: "{{ provissionning_enable_service }}"
|
|
|
|
- name: Set up initramfs
|
|
block:
|
|
- name: Add mkinitcpio.conf hooks
|
|
lineinfile:
|
|
dest: /mnt/etc/mkinitcpio.conf
|
|
regexp: ^HOOKS=
|
|
line: "HOOKS=( {{provissionning_initramfs_hooks | join(' ')}} )"
|
|
- name: Create new initramfs
|
|
command: arch-chroot /mnt mkinitcpio -p linux
|
|
- name: Set up grub
|
|
block:
|
|
- name: Install uefi grub
|
|
command: arch-chroot /mnt grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id=GRUB
|
|
when: provissionning_UEFI_Enable == True
|
|
|
|
- name: Install legacy grub
|
|
command: "arch-chroot /mnt grub-install {{ item.0.device }} "
|
|
when: provissionning_UEFI_Enable == False
|
|
loop: '{{ mount_table|subelements("settings") }}'
|
|
when: item.1.mountpath == "/mnt/boot"
|
|
|
|
- name: Create grub config
|
|
command: arch-chroot /mnt grub-mkconfig -o /boot/grub/grub.cfg
|
|
|
|
- name: Remove root SSH access
|
|
become: yes
|
|
lineinfile:
|
|
dest: /mnt/etc/ssh/sshd_config
|
|
regexp: "^PermitRootLogin"
|
|
line: "PermitRootLogin yes"
|
|
state: present
|
|
- name: change root password
|
|
shell:
|
|
cmd: "echo 'root:{{ vault_default_root | password_hash('sha512')}}' |arch-chroot /mnt chpasswd -e"
|
|
when: vault_default_root is defined
|
|
- name: Reboot
|
|
reboot:
|
|
msg: reboot in new system
|
|
reboot_timeout: 60
|
|
ignore_errors: yes
|
|
|