2024-01-06 01:38:28 +00:00
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name : "base main.yml"
debug :
verbosity : 1
msg : "DEBUG: Including base main.yml ansible_connection={{ ansible_connection|default('') }}"
- name : "Fix Gentoo"
set_fact :
ansible_distribution_major_version : 2
when : ansible_distribution == 'Gentoo'
- name : "Fix Windows"
set_fact :
# ansible_distribution_major_version: 9
ansible_distribution : Msys
ansible_bios_version : "mbr" # i.e. not Virtualbox
when : ansible_distribution == 'MSYS_NT-6.3-9600'
- name : "Fix Linux"
set_fact :
null_env :
TERM : linux
- name : check entropy state
shell : |
[ -e /proc/sys/kernel/random/entropy_avail ] || exit 0
cat /proc/sys/kernel/random/entropy_avail
changed_when : false
register : entropy2
# FixMe why dows this sometimes fail
ignore_errors : true
- name : entropy state
debug : var=entropy2
ignore_errors : true
- name : "include base by-platform vars"
include_vars : "{{item}}.yml"
with_items :
- "Linux"
- "{{ ansible_distribution }}{{ ansible_distribution_major_version }}"
tags : always
- name : "include_tasks base bootstrap"
include_tasks :
file : "{{ LOOP_FILE }}.yml"
apply :
environment : "{{ null_env }}"
when :
- LOOP_FILE != '' and LOOP_FILE != []
with_items :
- "{{ 'bootstrap' if ansible_distribution != 'Msys' and '{{nbd_disk}}' == '' else '' }}"
# - "{{ 'bootstrap_nbd' if ansible_distribution != 'Msys' and '{{nbd_disk}}' != '' else '' }}"
loop_control :
loop_var : LOOP_FILE
- name : "make /var/tmp/.ansible"
file :
path : "{{ item }}"
state : directory
mode : 01777
with_items :
2024-01-09 15:39:19 +00:00
- /run/tmp
2024-01-06 01:38:28 +00:00
- /var/tmp/.ansible
- "{{BASE_LOG_DIR}}/pip"
- "{{BASE_LOG_DIR}}/pip/pip2"
- "{{BASE_LOG_DIR}}/pip/pip3"
2024-01-09 15:39:19 +00:00
- /usr/local/share/genkernel/overlay/bin
- name : "/usr/local/etc/testforge/testforge.ini BOF"
lineinfile :
dest : "/usr/local/etc/testforge/testforge.ini"
insertbefore : BOF
mode : 0755
owner : "{{BOX_ROOT_USER}}"
group : "{{BOX_ROOT_GROUP}}"
create : yes
regexp : "# -.- mode: sh; tab-width: 0; coding: utf-8-unix -.-"
line : "# -*- mode: sh; tab-width: 0; coding: utf-8-unix -*-"
- name : /usr/local/etc/testforge/testforge.ini proxy
blockinfile :
dest : /usr/local/etc/testforge/testforge.ini
create : yes
marker : "# {mark} ANSIBLE MANAGED BLOCK ini [base]"
block : |
[ base]
BASE_USER_NAME : "{{ BOX_USER_NAME }}"
BASE_USER_HOME : "{{ BOX_USER_HOME }}"
BASE_ALSO_GROUP : "{{ BOX_ALSO_GROUP }}"
BASE_ALSO_USERS : "{{BOX_ALSO_USERS}}"
BASE_USER_CONFIG_DIR : ".config/testforge"
BASE_PYTHON2_MINOR : "{{BASE_PYTHON2_MINOR}}"
BASE_PYTHON3_MINOR : "{{BASE_PYTHON3_MINOR}}"
2024-01-06 01:38:28 +00:00
- name : "rsync base root_overlay"
synchronize :
src : "roles/base/overlay/{{item}}/"
dest : /
compress : no
copy_links : yes
archive : false
recursive : yes
links : true
owner : no
perms : true
times : true
rsync_opts : "{{ base_rsync_opts }} + ['--log-file=/tmp/rsync-base_{{BOX_HOST_NAME}}.log']"
with_items :
- Linux
- "{{ ansible_distribution }}"
notify :
- "chmod /usr/local"
- update-ca-certificates
when :
- not ansible_check_mode
# FixAns: This remote host is being accessed via chroot instead so it cannot work
# synchronize uses rsync to function. rsync needs to connect to the remote host via ssh, docker client or a direct filesystem copy. This remote host is being accessed via community.libvirt.libvirt_qemu instead so it cannot work.
- ansible_connection|default('') not in PLAY_NORSYNC_CONNECTIONS
tags :
- always
ignore_errors : "{{ansible_distribution == 'Msys'}}"
- name : "rsync root_overlay - the tar gets made by a make before running"
unarchive :
dest : /
src : "{{item}}.tar"
keep_newer : true
owner : "{{BASE_ROOT_USER}}"
group : "{{BOX_ROOT_GROUP}}"
# extra_opts: "{{ BASE_UNTAR_ARGS }}"
with_items :
- Linux
- "{{ ansible_distribution }}"
notify :
- update-ca-certificates
ignore_errors : true
when :
- not ansible_check_mode
# msg: synchronize uses rsync to function. rsync needs to connect to the remote host via ssh, docker client or a direct filesystem copy. This remote host is being accessed via community.libvirt.libvirt_qemu instead so it cannot work.
- ansible_connection|default('') in PLAY_NORSYNC_CONNECTIONS
- name : "include_tasks base before"
include_tasks :
file : "{{ LOOP_FILE }}.yml"
apply :
environment : "{{ null_env }}"
when :
- LOOP_FILE != '' and LOOP_FILE != []
with_items :
- base
- "{{ 'ansible' if ansible_distribution != 'Msys' else '' }}"
loop_control :
loop_var : LOOP_FILE
- name : "ansible-{{BOX_ANSIBLE_VERSION}}"
environment : "{{ shell_env }}"
shell : |
cd /usr/local/src
[ ! -d "ansible-{{BOX_ANSIBLE_VERSION}}" ] && \
[ ! -f "ansible-{{BOX_ANSIBLE_VERSION}}/setup.py" ] && \
2024-01-09 15:39:19 +00:00
[ -f {{USR_LOCAL}}/tmp/wheels/ansible-{{BOX_ANSIBLE_VERSION}}.tar.gz ] && \
tar xvfz {{USR_LOCAL}}/tmp/wheels/ansible-{{BOX_ANSIBLE_VERSION}}.tar.gz && \
2024-01-06 01:38:28 +00:00
chown -R {{BOX_USER_GROUP}}.{{BOX_USER_GROUP}} ansible-{{BOX_ANSIBLE_VERSION}}
exit 0
- name : "patch /usr/local/"
environment : "{{ shell_env }}"
shell : |
2024-01-09 15:39:19 +00:00
cd {{USR_LOCAL}}/patches/base || exit 1
2024-01-06 01:38:28 +00:00
# this vacuumns all diff files below the root
{{ BASE_SCRIPT_DIR }}/base_patch_from_diff.bash {{item}}
when :
- item != ''
- not ansible_check_mode
2024-01-09 15:39:19 +00:00
- false # FixMe not up to date
2024-01-06 01:38:28 +00:00
with_items :
- usr/local/src/ansible-{{BOX_ANSIBLE_VERSION}}
- name : chown vagrant ~vagrant
environment : "{{ shell_env }}"
shell : |
[ -d ~{{LOOP_USER}} ] || mkdir ~{{LOOP_USER}}
chown -R {{LOOP_USER}} ~{{LOOP_USER}}
#? [ -n "{{BOX_ALSO_GROUP}}" ] && chmod -R g+rw,o-w ~{{LOOP_USER}}
exit 0
loop_control :
loop_var : LOOP_USER
when : LOOP_USER != '' and LOOP_USER != []
with_items :
# not root
- "{{ base_system_users }}"
check_mode : false
2024-01-09 15:39:19 +00:00
- block :
- name : "make vagrant RO directories base"
file :
path : "{{ item|expanduser }}"
state : directory
owner : "{{ BOX_USER_NAME }}"
mode : 0700
with_items :
- "{{ BOX_USER_HOME }}/.cache"
- "{{ BOX_USER_HOME }}/.config"
- "{{ BOX_USER_HOME }}/.gpg"
- "{{ BOX_USER_HOME }}/.local/lib"
- "{{ BOX_USER_HOME }}/.ssh"
- name : "I think this is right make .local symlinks lib dirs"
file :
src : "{{ item.src | expanduser }}"
dest : "{{ item.dest | expanduser }}"
state : link
with_items :
- dest : "{{ BOX_USER_HOME }}/.local/lib64"
src : "{{ BOX_USER_HOME }}/.local/lib"
mode : "0755"
- dest : "{{ BOX_USER_HOME }}/.local/lib/python{{BASE_PYTHON3_MINOR}}"
src : "{{ USR_LOCAL }}/lib/python{{BASE_PYTHON3_MINOR}}"
mode : "0755"
- dest : "{{ BOX_USER_HOME }}/.local/lib/python{{BASE_PYTHON2_MINOR}}"
src : "{{ USR_LOCAL }}/lib/python{{BASE_PYTHON2_MINOR}}"
mode : "0755"
ignore_errors : true
- name : "make vagrant RO files base"
copy :
dest : "{{ BOX_USER_HOME }}/{{ item }}"
src : "{{ lookup('env','HOME') }}/{{ item }}"
force : no
mode : 0600
with_items :
- ".bashrc"
- ".bash_profile"
ignore_errors : true
# template or skel this
when :
- not ansible_check_mode
# libvirt become is not working?
2024-01-06 01:38:28 +00:00
- name : openssl.cnf cacert.pem
# FixMe: PLAY_CA_CERT or /etc/ssl/certs/ca-certificates.crt
environment : "{{ shell_env }}"
shell : |
PIP_CERT="{{ PLAY_CA_CERT }}"
ignore_errors : true
- block :
# host or guest
- name : /boot/grub/grub.cfg
environment : "{{ shell_env }}"
shell : |
grep -q quiet /boot/grub/grub.cfg || exit 0
sed -e 's/ quiet//' -i /boot/grub/grub.cfg
exit 0
- name : "include_tasks base users.yml"
include_tasks :
file : "users.yml"
apply :
environment : "{{ null_env }}"
become : yes
become_user : "{{ LOOP_USER }}"
check_mode : false
tags : always
loop_control :
loop_var : LOOP_USER
when :
- LOOP_USER != '' and LOOP_USER != []
- false # FixMe : filters
with_items :
- "base_system_users"
- "'root' if ansible_distribution != 'Msys' else ''"
#? when: CHROOT_GENTOO_STAGE3|default('') == ''
tags : always
- name : "include_tasks base after"
include_tasks :
file : "{{ LOOP_FILE }}.yml"
when :
- "LOOP_FILE != ''"
with_items :
# FixMe: WTF?
- "base_proxy"
# or
# before Gentoo.yml
- "{{ 'lati' if ansible_virtualization_role|replace('NA', 'host') == 'host' and HOSTNAME_HARDWARE|default('') == 'lati' else '' }}"
- "{{ ansible_distribution }}"
# - "{{ ansible_distribution }}/{{ BOX_SERVICE_MGR }}"
- "{{ 'guest_virtualbox' if ansible_bios_version|default('') == 'VirtualBox' else '' }}"
# - "{{ 'guest_whonix' if ansible_virtualization_type == 'kvm' and BOX_OS_FLAVOR|default('') in ['WhonixGateway','WhonixWorkstation'] }}"
- "{{ 'guest_whonix' if ansible_connection in ['chroot', 'libvirt_qemu'] and BOX_OS_FLAVOR|default('') in ['WhonixGateway','WhonixWorkstation'] else ''}}"
loop_control :
loop_var : LOOP_FILE
# "ansible_service_mgr": "systemd",