Compare commits
13 Commits
d17f4f92a7
...
29568f5a05
Author | SHA1 | Date |
---|---|---|
rockstable | 29568f5a05 | |
rockstable | d2f5548a57 | |
rockstable | 99d449b0eb | |
rockstable | 3dea14759d | |
rockstable | 814c81c3b6 | |
rockstable | 604a862d0e | |
rockstable | 3139977afb | |
rockstable | b8ce01d646 | |
rockstable | b5fede2d46 | |
rockstable | fd4b90e010 | |
rockstable | 52e046011c | |
rockstable | 6ee0e6cca2 | |
rockstable | 89c992b78b |
|
@ -56,6 +56,10 @@ repos:
|
||||||
origin: "deb.debian.org"
|
origin: "deb.debian.org"
|
||||||
release_name: "sid"
|
release_name: "sid"
|
||||||
pin_priority: 120
|
pin_priority: 120
|
||||||
|
- package: '/^dracut-?.*/'
|
||||||
|
origin: "deb.debian.org"
|
||||||
|
release_name: "sid"
|
||||||
|
pin_priority: 500
|
||||||
- repo: "deb http://deb.debian.org/debian experimental main contrib non-free"
|
- repo: "deb http://deb.debian.org/debian experimental main contrib non-free"
|
||||||
filename: "experimental"
|
filename: "experimental"
|
||||||
preferences:
|
preferences:
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
all:
|
all:
|
||||||
vars:
|
vars:
|
||||||
ansible_nopasswd: true
|
ansible_nopasswd: true
|
||||||
use_apt_cache_for_server: true
|
|
||||||
# interface for a internet connection
|
# interface for a internet connection
|
||||||
wan_interface: "{{ ansible_default_ipv4.interface }}"
|
wan_interface: "{{ ansible_default_ipv4.interface }}"
|
||||||
# ip of the server of the installer network
|
# ip of the server of the installer network
|
||||||
|
@ -13,17 +12,7 @@ all:
|
||||||
|
|
||||||
hosts:
|
hosts:
|
||||||
hw4f-fai:
|
hw4f-fai:
|
||||||
# interface to the clients to install
|
# interface to install the clients
|
||||||
dhcp_interface: ens19
|
dhcp_interface: ens19
|
||||||
# customized server name
|
# customized server name
|
||||||
server_name: "hw4f-fai"
|
server_name: "hw4f-fai"
|
||||||
# ip of the server of the installer network
|
|
||||||
hw4f-fai-vagrant:
|
|
||||||
ansible_host: "192.168.33.9"
|
|
||||||
#ansible_connection: "local"
|
|
||||||
#python_interpreter: "/usr/bin/python3"
|
|
||||||
# interface to the clients to install
|
|
||||||
dhcp_interface: eth1
|
|
||||||
# customized server name
|
|
||||||
server_name: "hw4f-fai-vagrant"
|
|
||||||
#localhost:
|
|
||||||
|
|
|
@ -0,0 +1,23 @@
|
||||||
|
all:
|
||||||
|
vars:
|
||||||
|
ansible_nopasswd: true
|
||||||
|
# interface for a internet connection
|
||||||
|
wan_interface: "{{ ansible_default_ipv4.interface }}"
|
||||||
|
# ip of the server of the installer network
|
||||||
|
server_ip: "192.168.33.8/24"
|
||||||
|
routers:
|
||||||
|
- "192.168.33.1"
|
||||||
|
#nameservers:
|
||||||
|
fai_config_git: "https://git.dezentrale.cloud/HW4F/fai-config.git"
|
||||||
|
|
||||||
|
hosts:
|
||||||
|
hw4f-fai-vagrant:
|
||||||
|
ansible_host: "192.168.33.9"
|
||||||
|
#ansible_connection: "local"
|
||||||
|
#python_interpreter: "/usr/bin/python3"
|
||||||
|
# interface to install the clients
|
||||||
|
dhcp_interface: eth1
|
||||||
|
# customized server name
|
||||||
|
server_name: "hw4f-fai-vagrant"
|
||||||
|
#localhost:
|
||||||
|
|
|
@ -20,7 +20,7 @@ timeservers:
|
||||||
ntpservers:
|
ntpservers:
|
||||||
- "{{ server_address }}"
|
- "{{ server_address }}"
|
||||||
apt_cacher_offline_mode: false
|
apt_cacher_offline_mode: false
|
||||||
use_apt_cache_for_server: false
|
use_apt_cache_for_server: true
|
||||||
|
|
||||||
fai_etc_dir: "/etc/fai"
|
fai_etc_dir: "/etc/fai"
|
||||||
fai_dir: "/srv/fai"
|
fai_dir: "/srv/fai"
|
||||||
|
@ -30,9 +30,11 @@ fai_dir_nfsroot_boot: "{{ fai_dir_nfsroot }}/boot"
|
||||||
fai_config_archive: "config.tar"
|
fai_config_archive: "config.tar"
|
||||||
fai_squashfs_file: "squash.img"
|
fai_squashfs_file: "squash.img"
|
||||||
fai_squashfs_path: "{{ fai_dir_download + '/' + fai_squashfs_file }}"
|
fai_squashfs_path: "{{ fai_dir_download + '/' + fai_squashfs_file }}"
|
||||||
#fai_loguser: "fai"
|
fai_loguser:
|
||||||
fai_menu_default: 'HW4F Desktop Jammy'
|
fai_menu_default: 'HW4F Desktop Jammy'
|
||||||
|
fai_nfsroot_force_rebuild: false
|
||||||
|
|
||||||
|
fai_hw4f_password_salt: "toXu6kiez1haetan"
|
||||||
fai_hw4f_rootpw_fai: "fai"
|
fai_hw4f_rootpw_fai: "fai"
|
||||||
fai_hw4f_profile_username: "user"
|
fai_hw4f_profile_username: "user"
|
||||||
fai_hw4f_profile_password: "dezentrale"
|
fai_hw4f_profile_password: "dezentrale"
|
||||||
|
|
|
@ -70,3 +70,8 @@
|
||||||
name: unbound
|
name: unbound
|
||||||
state: reloaded
|
state: reloaded
|
||||||
listen: reload unbound
|
listen: reload unbound
|
||||||
|
|
||||||
|
- name: "Force rebuild nfsroot"
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
fai_nfsroot_force_rebuild: true
|
||||||
|
|
||||||
|
|
|
@ -1,22 +1,19 @@
|
||||||
|
---
|
||||||
galaxy_info:
|
galaxy_info:
|
||||||
author: Alexander Böhm
|
author: Alexander Böhm
|
||||||
description: FAI server for Hardware For Future
|
description: FAI server for Hardware For Future
|
||||||
company: Hardware For Future
|
company: Hardware For Future
|
||||||
|
|
||||||
# issue_tracker_url: http://example.com/issue/tracker
|
# issue_tracker_url: http://example.com/issue/tracker
|
||||||
|
|
||||||
license: MIT
|
license: MIT
|
||||||
|
|
||||||
min_ansible_version: 2.9
|
min_ansible_version: 2.9
|
||||||
|
|
||||||
platforms:
|
platforms:
|
||||||
- name: Debian
|
- name: Debian
|
||||||
versions:
|
versions:
|
||||||
- 10
|
- 10
|
||||||
|
- 11
|
||||||
|
- 12
|
||||||
galaxy_tags:
|
galaxy_tags:
|
||||||
- hw4f
|
- hw4f
|
||||||
|
|
||||||
collections:
|
collections:
|
||||||
- ansible.posix
|
- ansible.posix
|
||||||
|
|
||||||
|
|
|
@ -61,7 +61,7 @@
|
||||||
- name: "Set apt cache also for installer host"
|
- name: "Set apt cache also for installer host"
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
dest: "/etc/apt/apt.conf.d/00proxy"
|
dest: "/etc/apt/apt.conf.d/02proxy"
|
||||||
content: |
|
content: |
|
||||||
Acquire::http::Proxy "http://localhost:3142";
|
Acquire::http::Proxy "http://localhost:3142";
|
||||||
owner: root
|
owner: root
|
||||||
|
|
|
@ -8,19 +8,6 @@
|
||||||
group: root
|
group: root
|
||||||
mode: '0755'
|
mode: '0755'
|
||||||
|
|
||||||
- name: "Copy fai profiles to '{{ fai_dir_config }}'"
|
|
||||||
become: true
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: "profiles/"
|
|
||||||
dest: "{{ fai_dir_config }}"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0755'
|
|
||||||
force: true
|
|
||||||
#recursive: true
|
|
||||||
notify: pack fai-config
|
|
||||||
when: false
|
|
||||||
|
|
||||||
- name: "Git checkout fai-config to '{{ fai_dir_config }}'"
|
- name: "Git checkout fai-config to '{{ fai_dir_config }}'"
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
|
@ -40,6 +27,90 @@
|
||||||
mode: '0755'
|
mode: '0755'
|
||||||
#recursive: true
|
#recursive: true
|
||||||
|
|
||||||
|
- name: "Set APT proxy"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "etc/apt/apt.conf.d/02proxy.j2"
|
||||||
|
dest: "{{ fai_dir_config }}/files/etc/apt/apt.conf.d/02proxy/HW4F_DESKTOP"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
notify: pack fai-config
|
||||||
|
when: false
|
||||||
|
|
||||||
|
- name: "Set default menu entry to profile"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.copy:
|
||||||
|
content: |
|
||||||
|
Default: {{ fai_menu_default }}
|
||||||
|
dest: "{{ fai_dir_config + '/class/zz_menu_default.profile' }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
when:
|
||||||
|
- fai_menu_default is defined
|
||||||
|
- fai_menu_default is not none
|
||||||
|
|
||||||
|
- name: "Create class specific directories"
|
||||||
|
become: true
|
||||||
|
vars:
|
||||||
|
paths:
|
||||||
|
- "scripts/HW4F_DESKTOP"
|
||||||
|
- "scripts/HW4F_DESKTOP_LAST"
|
||||||
|
ansible.builtin.file:
|
||||||
|
dest: "{{ fai_dir_config + '/' + item }}"
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0755'
|
||||||
|
loop: "{{ paths }}"
|
||||||
|
notify: pack fai-config
|
||||||
|
|
||||||
|
- name: "Define files in '{{ fai_dir_config }}'"
|
||||||
|
become: true
|
||||||
|
vars:
|
||||||
|
scripts:
|
||||||
|
- src: "class/HW4F_DESKTOP.var.j2"
|
||||||
|
dest: "class/HW4F_DESKTOP.var"
|
||||||
|
mode: '0644'
|
||||||
|
- src: "scripts/00-remove-proxy.j2"
|
||||||
|
dest: "scripts/HW4F_DESKTOP_LAST/00-remove-proxy"
|
||||||
|
mode: "0755"
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "srv/fai/config/{{ item.src }}"
|
||||||
|
dest: "{{ fai_dir_config + '/' + item.dest }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: "{{ item.mode }}"
|
||||||
|
notify: pack fai-config
|
||||||
|
loop: "{{ scripts }}"
|
||||||
|
|
||||||
|
- name: "Define files in '{{ fai_dir_config }}' without templating"
|
||||||
|
become: true
|
||||||
|
vars:
|
||||||
|
scripts:
|
||||||
|
- src: "scripts/04-snaps"
|
||||||
|
dest: "scripts/HW4F_DESKTOP/04-snaps"
|
||||||
|
mode: '0755'
|
||||||
|
### TRICK COPY TO FIND THE "FILE"
|
||||||
|
### IN THE DIRECTORY "templates" NOT IN "files"
|
||||||
|
search_prefix: "templates/"
|
||||||
|
- src: "scripts/91-misc"
|
||||||
|
dest: "scripts/HW4F_DESKTOP/91-misc"
|
||||||
|
mode: '0755'
|
||||||
|
### TRICK COPY TO FIND THE "FILE"
|
||||||
|
### IN THE DIRECTORY "templates" NOT IN "files"
|
||||||
|
search_prefix: "templates/"
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: "{{ item.search_prefix | default('') +
|
||||||
|
'srv/fai/config/' + item.src }}"
|
||||||
|
dest: "{{ fai_dir_config + '/' + item.dest }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: "{{ item.mode }}"
|
||||||
|
notify: pack fai-config
|
||||||
|
loop: "{{ scripts }}"
|
||||||
|
|
||||||
- name: "Define FAI classes for BASEFILES"
|
- name: "Define FAI classes for BASEFILES"
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
|
@ -55,37 +126,3 @@
|
||||||
- basefile: "FOCAL64"
|
- basefile: "FOCAL64"
|
||||||
dist: "focal"
|
dist: "focal"
|
||||||
mirror_url: "{{ ubuntu_mirror_url }}"
|
mirror_url: "{{ ubuntu_mirror_url }}"
|
||||||
|
|
||||||
- name: "Set APT proxy"
|
|
||||||
become: true
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "etc/apt/apt.conf.d/02proxy.j2"
|
|
||||||
dest: "{{ fai_dir_config }}/files/etc/apt/apt.conf.d/02proxy/HW4F_DESKTOP"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0644'
|
|
||||||
notify: pack fai-config
|
|
||||||
when: false
|
|
||||||
|
|
||||||
- name: "Define fai CLASS 'HW4F_DESKTOP'"
|
|
||||||
become: true
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "srv/fai/config/class/HW4F_DESKTOP.var"
|
|
||||||
dest: "{{ fai_dir_config }}/class/HW4F_DESKTOP.var"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0644'
|
|
||||||
notify: pack fai-config
|
|
||||||
|
|
||||||
- name: "Set default menu entry to profile"
|
|
||||||
become: true
|
|
||||||
ansible.builtin.copy:
|
|
||||||
content: |
|
|
||||||
Default: {{ fai_menu_default }}
|
|
||||||
dest: "{{ fai_dir_config + '/class/zz_menu_default.profile' }}"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0644'
|
|
||||||
when:
|
|
||||||
- fai_menu_default is defined
|
|
||||||
- fai_menu_default is not none
|
|
|
@ -7,24 +7,43 @@
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
|
notify:
|
||||||
|
- Force rebuild nfsroot
|
||||||
tags:
|
tags:
|
||||||
- fai_conf
|
- fai_conf
|
||||||
|
|
||||||
### "/etc/fai/apt" GETS COPIED TO NFSROOT BY "fai-make-nfsroot"
|
### "/etc/fai/apt" GETS COPIED TO NFSROOT BY "fai-make-nfsroot"
|
||||||
|
|
||||||
|
- name: "Create apt configuration directories for nfsroot"
|
||||||
|
become: true
|
||||||
|
vars:
|
||||||
|
paths:
|
||||||
|
- "{{ fai_etc_dir }}/apt/sources.list.d"
|
||||||
|
- "{{ fai_etc_dir }}/apt/preferences.d"
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0755'
|
||||||
|
loop: "{{ paths }}"
|
||||||
|
|
||||||
- name: "Copy hosts '{{ src }}' to nfsroot"
|
- name: "Copy hosts '{{ src }}' to nfsroot"
|
||||||
become: true
|
become: true
|
||||||
vars:
|
vars:
|
||||||
src: "/etc/apt/sources.list.d"
|
src: "/etc/apt/sources.list.d/"
|
||||||
dest: "/etc/fai/apt/sources.list.d"
|
dest: "{{ fai_etc_dir }}/apt/sources.list.d"
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
remote_src: true
|
remote_src: true
|
||||||
recursive: true
|
|
||||||
src: "{{ src }}"
|
src: "{{ src }}"
|
||||||
dest: "{{ dest }}"
|
dest: "{{ dest }}"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
|
mode: '0755'
|
||||||
when:
|
when:
|
||||||
- debian_release_fai == debian_release_nfsroot
|
- debian_release_fai == debian_release_nfsroot
|
||||||
|
notify:
|
||||||
|
- Force rebuild nfsroot
|
||||||
tags:
|
tags:
|
||||||
- fai_nfsroot_sources_list
|
- fai_nfsroot_sources_list
|
||||||
|
|
||||||
|
@ -32,14 +51,16 @@
|
||||||
become: true
|
become: true
|
||||||
vars:
|
vars:
|
||||||
paths:
|
paths:
|
||||||
- "/etc/fai/apt/sources.list"
|
- "{{ fai_etc_dir }}/apt/sources.list"
|
||||||
- "/etc/fai/apt/sources.list~"
|
- "{{ fai_etc_dir }}/apt/sources.list~"
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ item }}"
|
path: "{{ item }}"
|
||||||
state: absent
|
state: absent
|
||||||
loop: "{{ paths }}"
|
loop: "{{ paths }}"
|
||||||
when:
|
when:
|
||||||
- debian_release_fai == debian_release_nfsroot
|
- debian_release_fai == debian_release_nfsroot
|
||||||
|
notify:
|
||||||
|
- Force rebuild nfsroot
|
||||||
|
|
||||||
- name: "Set repositories for nfsroot in '{{ dest }}'"
|
- name: "Set repositories for nfsroot in '{{ dest }}'"
|
||||||
become: true
|
become: true
|
||||||
|
@ -54,6 +75,8 @@
|
||||||
group: root
|
group: root
|
||||||
when:
|
when:
|
||||||
- debian_release_fai != debian_release_nfsroot
|
- debian_release_fai != debian_release_nfsroot
|
||||||
|
notify:
|
||||||
|
- Force rebuild nfsroot
|
||||||
tags:
|
tags:
|
||||||
- fai_nfsroot_sources_list
|
- fai_nfsroot_sources_list
|
||||||
|
|
||||||
|
@ -68,6 +91,8 @@
|
||||||
loop:
|
loop:
|
||||||
- "{{ fai_etc_dir }}/apt"
|
- "{{ fai_etc_dir }}/apt"
|
||||||
- "{{ fai_etc_dir }}/apt/preferences.d"
|
- "{{ fai_etc_dir }}/apt/preferences.d"
|
||||||
|
notify:
|
||||||
|
- Force rebuild nfsroot
|
||||||
|
|
||||||
- name: "Set apt preferences for nfsroot in '{{ dest }}'"
|
- name: "Set apt preferences for nfsroot in '{{ dest }}'"
|
||||||
become: true
|
become: true
|
||||||
|
@ -79,6 +104,10 @@
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
when:
|
||||||
|
- debian_release_fai == debian_release_nfsroot
|
||||||
|
notify:
|
||||||
|
- Force rebuild nfsroot
|
||||||
tags:
|
tags:
|
||||||
- fai_nfsroot_apt_preferences
|
- fai_nfsroot_apt_preferences
|
||||||
|
|
||||||
|
@ -94,6 +123,31 @@
|
||||||
group: root
|
group: root
|
||||||
tags:
|
tags:
|
||||||
- fai_nfsroot_apt_preferences
|
- fai_nfsroot_apt_preferences
|
||||||
|
notify:
|
||||||
|
- Force rebuild nfsroot
|
||||||
when:
|
when:
|
||||||
- falsen
|
- debian_release_fai != debian_release_nfsroot
|
||||||
|
|
||||||
|
- name: "Create configuration for nfsroot"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "etc/fai/nfsroot.conf.j2"
|
||||||
|
dest: "{{ fai_etc_dir }}/nfsroot.conf"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
notify:
|
||||||
|
- Force rebuild nfsroot
|
||||||
|
|
||||||
|
- name: "Create package_config for nfsroot"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "etc/fai/NFSROOT.j2"
|
||||||
|
dest: "{{ fai_etc_dir }}/NFSROOT"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
register: "etc_fai_NFSROOT"
|
||||||
|
notify:
|
||||||
|
- Force rebuild nfsroot
|
||||||
|
|
|
@ -1,21 +1,11 @@
|
||||||
---
|
---
|
||||||
- name: "Create configuration for nfsroot"
|
- name: "Delete nfsroot '{{ fai_dir_nfsroot }}' to force rebuilt"
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.template:
|
ansible.builtin.file:
|
||||||
src: "etc/fai/nfsroot.conf.j2"
|
path: "{{ fai_dir_nfsroot }}"
|
||||||
dest: "{{ fai_etc_dir }}/nfsroot.conf"
|
state: absent
|
||||||
owner: root
|
when:
|
||||||
group: root
|
- fai_nfsroot_force_rebuild
|
||||||
mode: '0644'
|
|
||||||
|
|
||||||
- name: "Create package_config for nfsroot"
|
|
||||||
become: true
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "etc/fai/NFSROOT.j2"
|
|
||||||
dest: "{{ fai_etc_dir }}/NFSROOT"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0644'
|
|
||||||
|
|
||||||
- name: "Test if nfsroot dir '{{ fai_dir_nfsroot }}' already exists"
|
- name: "Test if nfsroot dir '{{ fai_dir_nfsroot }}' already exists"
|
||||||
become: true
|
become: true
|
||||||
|
@ -45,7 +35,7 @@
|
||||||
- "FOCAL64"
|
- "FOCAL64"
|
||||||
- "JAMMY64"
|
- "JAMMY64"
|
||||||
tags:
|
tags:
|
||||||
- unbound_configure
|
- basefiles
|
||||||
|
|
||||||
- name: "Allow '{{ fai_loguser }}' to write to '{{ tftp_dir }}' to ship logs"
|
- name: "Allow '{{ fai_loguser }}' to write to '{{ tftp_dir }}' to ship logs"
|
||||||
become: true
|
become: true
|
||||||
|
|
|
@ -20,111 +20,92 @@
|
||||||
- debug_hostvars
|
- debug_hostvars
|
||||||
|
|
||||||
- name: "Configure operating system"
|
- name: "Configure operating system"
|
||||||
include_tasks:
|
import_tasks: os.yml
|
||||||
file: os.yml
|
tags:
|
||||||
apply:
|
- os
|
||||||
tags:
|
- ansible_nopasswd
|
||||||
- os
|
|
||||||
- ansible_nopasswd
|
|
||||||
|
|
||||||
- name: "Configure networking"
|
- name: "Configure networking"
|
||||||
include_tasks:
|
import_tasks: network.yml
|
||||||
file: network.yml
|
tags:
|
||||||
apply:
|
- network
|
||||||
tags:
|
|
||||||
- network
|
|
||||||
|
|
||||||
- name: "Configure package management"
|
- name: "Configure package management"
|
||||||
include_tasks:
|
import_tasks: package_mgmt.yml
|
||||||
file: package_mgmt.yml
|
tags:
|
||||||
apply:
|
- package_mgmt
|
||||||
tags:
|
|
||||||
- package_mgmt.yml
|
- name: "Configure zsh"
|
||||||
|
import_tasks: zsh.yml
|
||||||
|
tags:
|
||||||
|
- zsh
|
||||||
|
|
||||||
- name: "Setup apt proxy cache"
|
- name: "Setup apt proxy cache"
|
||||||
include_tasks:
|
import_tasks: apt-cacher-ng.yml
|
||||||
file: apt-cacher-ng.yml
|
tags:
|
||||||
apply:
|
- apt-cacher-ng
|
||||||
tags:
|
|
||||||
- apt-cacher-ng.yml
|
|
||||||
|
|
||||||
- name: "Configure a time server"
|
- name: "Configure a time server"
|
||||||
include_tasks:
|
import_tasks: time-server.yml
|
||||||
file: time-server.yml
|
tags:
|
||||||
apply:
|
- time-server
|
||||||
tags:
|
|
||||||
- time-server.yml
|
|
||||||
|
|
||||||
- name: "Configure the web server"
|
- name: "Configure the web server"
|
||||||
include_tasks:
|
import_tasks: nginx.yml
|
||||||
file: nginx.yml
|
tags:
|
||||||
apply:
|
- nginx
|
||||||
tags:
|
|
||||||
- nginx
|
|
||||||
|
|
||||||
- name: "Configure the tftp server"
|
- name: "Configure the tftp server"
|
||||||
include_tasks:
|
import_tasks: tftpd-hpa.yml
|
||||||
file: tftpd-hpa.yml
|
tags:
|
||||||
apply:
|
- tftpd-hpa
|
||||||
tags:
|
|
||||||
- tftpd-hpa.yml
|
|
||||||
|
|
||||||
- name: "Configure dns server"
|
- name: "Configure dns server"
|
||||||
include_tasks:
|
import_tasks: unbound.yml
|
||||||
file: unbound.yml
|
tags:
|
||||||
apply:
|
- unbound
|
||||||
tags:
|
|
||||||
- unbound
|
|
||||||
|
|
||||||
- name: "Configure dhcp"
|
- name: "Configure dhcp"
|
||||||
include_tasks:
|
import_tasks: isc-dhcp-server.yml
|
||||||
file: isc-dhcp-server.yml
|
tags:
|
||||||
apply:
|
- dhcp
|
||||||
tags:
|
- isc-dhcp-server
|
||||||
- dhcp
|
|
||||||
|
|
||||||
### RUN ALL SO FAR NOTIFIED HANDLERS NOW
|
### RUN ALL SO FAR NOTIFIED HANDLERS NOW
|
||||||
- name: "######## Flush handlers ########"
|
- name: "######## Flush handlers ########"
|
||||||
ansible.builtin.meta: flush_handlers
|
ansible.builtin.meta: flush_handlers
|
||||||
|
|
||||||
- name: "Prepare FAI"
|
- name: "Prepare FAI"
|
||||||
include_tasks:
|
import_tasks: fai-prepare.yml
|
||||||
file: fai-prepare.yml
|
tags:
|
||||||
apply:
|
- fai_prepare
|
||||||
tags:
|
|
||||||
- fai_prepare
|
|
||||||
|
|
||||||
- name: "Configure FAI"
|
- name: "Configure '{{ fai_dir_etc }}'"
|
||||||
include_tasks:
|
import_tasks: fai-etc-dir.yml
|
||||||
file: fai-configure.yml
|
tags:
|
||||||
apply:
|
- fai_etc_dir
|
||||||
tags:
|
- fai_nfsroot
|
||||||
- fai_configure
|
|
||||||
|
|
||||||
- name: "Transfer FAI profiles"
|
- name: "Configure '{{ fai_dir_config }}'"
|
||||||
include_tasks:
|
import_tasks: fai-config-dir.yml
|
||||||
file: fai-profiles.yml
|
tags:
|
||||||
apply:
|
- fai_config_dir
|
||||||
tags:
|
|
||||||
- fai_profiles
|
### RUN ALL SO FAR NOTIFIED HANDLERS NOW
|
||||||
|
- name: "######## Flush handlers ########"
|
||||||
|
ansible.builtin.meta: flush_handlers
|
||||||
|
|
||||||
- name: "Create FAI nfsroot"
|
- name: "Create FAI nfsroot"
|
||||||
include_tasks:
|
import_tasks: fai-nfsroot.yml
|
||||||
file: fai-nfsroot.yml
|
tags:
|
||||||
apply:
|
- fai_nfsroot
|
||||||
tags:
|
|
||||||
- fai_nfsroot
|
|
||||||
|
|
||||||
- name: "Configure FAI PXE"
|
- name: "Configure FAI PXE"
|
||||||
include_tasks:
|
import_tasks: fai-pxe.yml
|
||||||
file: fai-pxe.yml
|
tags:
|
||||||
apply:
|
- fai_pxe
|
||||||
tags:
|
|
||||||
- fai_pxe
|
|
||||||
|
|
||||||
- name: "Configure FAI iPXE"
|
- name: "Configure FAI iPXE"
|
||||||
include_tasks:
|
import_tasks: fai-ipxe.yml
|
||||||
file: fai-ipxe.yml
|
tags:
|
||||||
apply:
|
- fai_ipxe
|
||||||
tags:
|
|
||||||
- fai_ipxe
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
- name: "Ensure systemd-resolved is stopped and disabled"
|
- name: "Ensure systemd-resolved is stopped and disabled"
|
||||||
ansible.buildin.service:
|
ansible.builtin.service:
|
||||||
name: systemd-resolved
|
name: systemd-resolved
|
||||||
enabled: false
|
enabled: false
|
||||||
state: stopped
|
state: stopped
|
||||||
|
|
|
@ -0,0 +1,120 @@
|
||||||
|
### ZSH
|
||||||
|
- name: "zsh - grml-config"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.git:
|
||||||
|
repo: 'git://git.grml.org/grml-etc-core.git'
|
||||||
|
dest: "/opt/grml-etc-core"
|
||||||
|
version: HEAD
|
||||||
|
tags:
|
||||||
|
- grml
|
||||||
|
- zsh
|
||||||
|
- zshrc
|
||||||
|
|
||||||
|
- name: "zsh - stat '/etc/zsh'"
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: "/etc/zsh"
|
||||||
|
register: etc_zsh
|
||||||
|
tags:
|
||||||
|
- grml
|
||||||
|
- zsh
|
||||||
|
- zshrc
|
||||||
|
|
||||||
|
- name: "zsh - debug variable 'etc_zsh'"
|
||||||
|
ansible.builtin.debug:
|
||||||
|
var: etc_zsh
|
||||||
|
verbosity: 2
|
||||||
|
when:
|
||||||
|
- etc_zsh.stat.exists
|
||||||
|
tags:
|
||||||
|
- debug
|
||||||
|
- grml
|
||||||
|
- zsh
|
||||||
|
- zshrc
|
||||||
|
|
||||||
|
- name: "zsh - debug path '/etc/zsh' and path type"
|
||||||
|
ansible.builtin.debug:
|
||||||
|
msg: >
|
||||||
|
"zsh - path '/etc/zsh' exists"
|
||||||
|
"and the chack for symlink is {{ etc_zsh.stat.islnk }}"
|
||||||
|
verbosity: 2
|
||||||
|
when:
|
||||||
|
- etc_zsh.stat.islnk is defined
|
||||||
|
tags:
|
||||||
|
- debug
|
||||||
|
- grml
|
||||||
|
- zsh
|
||||||
|
- zshrc
|
||||||
|
|
||||||
|
- name: "zsh - move '/etc/zsh' to '/etc/zsh.dist'"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command: >
|
||||||
|
mv -v "/etc/zsh" "/etc/zsh.dist"
|
||||||
|
when:
|
||||||
|
- etc_zsh.stat.islnk is defined
|
||||||
|
- not etc_zsh.stat.islnk
|
||||||
|
register: etc_zsh_mv
|
||||||
|
tags:
|
||||||
|
- grml
|
||||||
|
- zsh
|
||||||
|
- zshrc
|
||||||
|
|
||||||
|
- name: "zsh - debug variable 'etc_zsh_mv'"
|
||||||
|
ansible.builtin.debug:
|
||||||
|
var: etc_zsh_mv
|
||||||
|
verbosity: 2
|
||||||
|
when:
|
||||||
|
- etc_zsh_mv.changed
|
||||||
|
|
||||||
|
- name: "zsh - sym-link '/etc/zsh' to '/opt/grml-etc-core/etc/zsh'"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.file:
|
||||||
|
src: "/opt/grml-etc-core/etc/zsh"
|
||||||
|
path: "/etc/zsh"
|
||||||
|
state: link
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
when:
|
||||||
|
- etc_zsh_mv.changed
|
||||||
|
- etc_zsh_mv.failed is defined
|
||||||
|
- not etc_zsh_mv.failed
|
||||||
|
tags:
|
||||||
|
- grml
|
||||||
|
- zsh
|
||||||
|
- zshrc
|
||||||
|
|
||||||
|
- name: "zsh - stat '/etc/zsh'"
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: "/etc/zsh"
|
||||||
|
register: etc_zsh
|
||||||
|
when:
|
||||||
|
tags:
|
||||||
|
- grml
|
||||||
|
- zsh
|
||||||
|
- zshrc
|
||||||
|
|
||||||
|
- name: "Show variable 'etc_zsh'"
|
||||||
|
ansible.builtin.debug:
|
||||||
|
var: etc_zsh
|
||||||
|
verbosity: 2
|
||||||
|
when:
|
||||||
|
- etc_zsh.stat.exists
|
||||||
|
tags:
|
||||||
|
- grml
|
||||||
|
- zsh
|
||||||
|
- zshrc
|
||||||
|
|
||||||
|
- name: "zsh - make zsh default shell for selected users"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.user:
|
||||||
|
name: "{{ item }}"
|
||||||
|
shell: "/bin/zsh"
|
||||||
|
loop:
|
||||||
|
- rockstable
|
||||||
|
when:
|
||||||
|
- etc_zsh.stat.exists is defined
|
||||||
|
- etc_zsh.stat.exists
|
||||||
|
tags:
|
||||||
|
- grml
|
||||||
|
- zsh
|
||||||
|
- zshrc
|
||||||
|
|
|
@ -49,11 +49,15 @@
|
||||||
# For example, you can use write permissions for the group linuxadm.
|
# For example, you can use write permissions for the group linuxadm.
|
||||||
# chgrp linuxadm /srv/tftp/fai;chmod g+w /srv/tftp/fai.
|
# chgrp linuxadm /srv/tftp/fai;chmod g+w /srv/tftp/fai.
|
||||||
# If the variable is undefined, this feature is disabled.
|
# If the variable is undefined, this feature is disabled.
|
||||||
{% if fai_loguser is defined %}
|
{% if fai_loguser is defined and
|
||||||
LOGUSER={{ fai_loguser }}
|
fai_loguser is none %}
|
||||||
{% else %}
|
|
||||||
### DISABLE LOG UPLOAD
|
### DISABLE LOG UPLOAD
|
||||||
LOGUSER=
|
LOGUSER=
|
||||||
|
{% elif fai_loguser is defined and
|
||||||
|
fai_loguser is not none %}
|
||||||
|
LOGUSER={{ fai_loguser }}
|
||||||
|
{% else %}
|
||||||
|
#LOGUSER=
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
# Protocol for saving logs
|
# Protocol for saving logs
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
# Example:
|
# Example:
|
||||||
# FAI_DEBOOTSTRAP="bullseye http://deb.debian.org/debian"
|
# FAI_DEBOOTSTRAP="bullseye http://deb.debian.org/debian"
|
||||||
FAI_DEBOOTSTRAP="{{ debian_release_nfsroot +
|
FAI_DEBOOTSTRAP="{{ debian_release_nfsroot +
|
||||||
'http://' + server_name + ':3142/debian' }}"
|
' http://' + server_name + ':3142/debian' }}"
|
||||||
|
|
||||||
# Options that will be passed to debootstrap(8).
|
# Options that will be passed to debootstrap(8).
|
||||||
# Used for excluding packages and for specifying a different architecture.
|
# Used for excluding packages and for specifying a different architecture.
|
||||||
|
@ -24,8 +24,8 @@ FAI_DEBOOTSTRAP_OPTS="--exclude=wget"
|
||||||
#
|
#
|
||||||
# echo "yoursecrectpassword" | mkpasswd -m md5 -s
|
# echo "yoursecrectpassword" | mkpasswd -m md5 -s
|
||||||
|
|
||||||
FAI_ROOTPW="{{ fai_hw4f_rootpw_fai | password_hash("sha512") }}"
|
FAI_ROOTPW="{{ fai_hw4f_rootpw_fai
|
||||||
#FAI_ROOTPW='$y$j9T$9Gpl96oNFKz9us5aM5iCb.$v/JHwnHRfaxMCPK/nsxu.DAmoGB1hlgRQBDIxTeMd9/'
|
| password_hash("sha512", fai_hw4f_password_salt ) }}"
|
||||||
|
|
||||||
# Directory on the install server where the nfsroot is created.
|
# Directory on the install server where the nfsroot is created.
|
||||||
NFSROOT="{{ fai_dir_nfsroot }}"
|
NFSROOT="{{ fai_dir_nfsroot }}"
|
||||||
|
|
|
@ -1,23 +0,0 @@
|
||||||
### CONFIGURE TIME
|
|
||||||
UTC=yes
|
|
||||||
TIMEZONE=Europe/Berlin
|
|
||||||
|
|
||||||
### INSTALL PARAMETERS
|
|
||||||
STOP_ON_ERROR=700
|
|
||||||
MAXPACKAGES=800
|
|
||||||
|
|
||||||
HOSTNAME="user-pc"
|
|
||||||
KEYMAP=de-latin1-nodeadkeys
|
|
||||||
|
|
||||||
|
|
||||||
ROOTPW='{{ fai_hw4f_profile_password |password_hash("sha512") }}'
|
|
||||||
|
|
||||||
# START USER AND PASSWORD
|
|
||||||
username={{ fai_hw4f_profile_username }}
|
|
||||||
USERPW='{{ fai_hw4f_profile_password |password_hash("sha512") }}'
|
|
||||||
|
|
||||||
SUPRESS_GNOME_INITIAL_SCREEN=1
|
|
||||||
|
|
||||||
FAI_ALLOW_UNSIGNED=0
|
|
||||||
APTPROXY=http://{{ server_name }}:3142
|
|
||||||
|
|
|
@ -0,0 +1,36 @@
|
||||||
|
### CONFIGURE TIME
|
||||||
|
UTC=yes
|
||||||
|
TIMEZONE=Europe/Berlin
|
||||||
|
|
||||||
|
### INSTALL PARAMETERS
|
||||||
|
STOP_ON_ERROR=700
|
||||||
|
MAXPACKAGES=800
|
||||||
|
|
||||||
|
HOSTNAME="user-pc"
|
||||||
|
KEYMAP=de-latin1-nodeadkeys
|
||||||
|
|
||||||
|
|
||||||
|
ROOTPW='{{ fai_hw4f_profile_password
|
||||||
|
| password_hash("sha512", fai_hw4f_password_salt ) }}'
|
||||||
|
|
||||||
|
# START USER AND PASSWORD
|
||||||
|
username={{ fai_hw4f_profile_username }}
|
||||||
|
USERPW='{{ fai_hw4f_profile_password
|
||||||
|
| password_hash("sha512", fai_hw4f_password_salt ) }}'
|
||||||
|
|
||||||
|
SUPRESS_GNOME_INITIAL_SCREEN=1
|
||||||
|
|
||||||
|
FAI_ALLOW_UNSIGNED=0
|
||||||
|
APTPROXY=http://{{ server_name }}:3142
|
||||||
|
|
||||||
|
### CONFIGURE LOG UPLOAD
|
||||||
|
{% if fai_loguser is defined and
|
||||||
|
fai_loguser is none %}
|
||||||
|
### DISABLE LOG UPLOAD
|
||||||
|
LOGUSER=
|
||||||
|
{% elif fai_loguser is defined and
|
||||||
|
fai_loguser is not none %}
|
||||||
|
LOGUSER={{ fai_loguser }}
|
||||||
|
{% else %}
|
||||||
|
#LOGUSER=
|
||||||
|
{% endif %}
|
|
@ -0,0 +1,5 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
[ -f $target/etc/apt/apt.conf.d/02proxy ] && \
|
||||||
|
rm $target/etc/apt/apt.conf.d/02proxy
|
||||||
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
if [ "${#SNAPS[*]}" -eq 0 ]; then
|
||||||
|
SNAPS=( firefox )
|
||||||
|
fi
|
||||||
|
|
||||||
|
function package_exists() {
|
||||||
|
return dpkg -l "$1" &> /dev/null
|
||||||
|
}
|
||||||
|
|
||||||
|
for SNAP in $SNAPS; do
|
||||||
|
if ! package_exists "snapd"; then
|
||||||
|
snap install "$SNAP"
|
||||||
|
fi
|
||||||
|
done
|
|
@ -0,0 +1,7 @@
|
||||||
|
#! /bin/bash
|
||||||
|
|
||||||
|
# disable the first login screen
|
||||||
|
$ROOTCMD dpkg-divert --local --rename --add /etc/xdg/autostart/gnome-initial-setup-first-login.desktop
|
||||||
|
$ROOTCMD dpkg-divert --local --rename --add /etc/xdg/autostart/gnome-initial-setup-copy-worker.desktop
|
||||||
|
$ROOTCMD deluser --system gnome-initial-setup
|
||||||
|
$ROOTCMD dpkg-reconfigure keyboard-configuration
|
Loading…
Reference in New Issue