# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*- --- - name: "base main.yml" debug: verbosity: 1 msg: "DEBUG: Including base main.yml ansible_connection={{ ansible_connection|default('') }}" - name: "Fix Gentoo" set_fact: ansible_distribution_major_version: 2 when: ansible_distribution == 'Gentoo' - name: "Fix Windows" set_fact: # ansible_distribution_major_version: 9 ansible_distribution: Msys ansible_bios_version: "mbr" # i.e. not Virtualbox when: ansible_distribution == 'MSYS_NT-6.3-9600' - name: "Fix Linux" set_fact: null_env: TERM: linux - name: check entropy state shell: | [ -e /proc/sys/kernel/random/entropy_avail ] || exit 0 cat /proc/sys/kernel/random/entropy_avail changed_when: false register: entropy2 # FixMe why dows this sometimes fail ignore_errors: true - name: entropy state debug: var=entropy2 ignore_errors: true - name: "include base by-platform vars" include_vars: "{{item}}.yml" with_items: - "Linux" - "{{ ansible_distribution }}{{ ansible_distribution_major_version }}" tags: always - name: "include_tasks base bootstrap" include_tasks: file: "{{ LOOP_FILE }}.yml" apply: environment: "{{ null_env }}" when: - LOOP_FILE != '' and LOOP_FILE != [] with_items: - "{{ 'bootstrap' if ansible_distribution != 'Msys' and '{{nbd_disk}}' == '' else '' }}" # - "{{ 'bootstrap_nbd' if ansible_distribution != 'Msys' and '{{nbd_disk}}' != '' else '' }}" loop_control: loop_var: LOOP_FILE - name: "make /var/tmp/.ansible" file: path: "{{ item }}" state: directory mode: 01777 with_items: - /var/tmp/.ansible - "{{BASE_LOG_DIR}}/pip" - "{{BASE_LOG_DIR}}/pip/pip2" - "{{BASE_LOG_DIR}}/pip/pip3" - name: "rsync base root_overlay" synchronize: src: "roles/base/overlay/{{item}}/" dest: / compress: no copy_links: yes archive: false recursive: yes links: true owner: no perms: true times: true rsync_opts: "{{ base_rsync_opts }} + ['--log-file=/tmp/rsync-base_{{BOX_HOST_NAME}}.log']" with_items: - Linux - "{{ ansible_distribution }}" notify: - "chmod /usr/local" - update-ca-certificates when: - not ansible_check_mode # FixAns: This remote host is being accessed via chroot instead so it cannot work # synchronize uses rsync to function. rsync needs to connect to the remote host via ssh, docker client or a direct filesystem copy. This remote host is being accessed via community.libvirt.libvirt_qemu instead so it cannot work. - ansible_connection|default('') not in PLAY_NORSYNC_CONNECTIONS tags: - always ignore_errors: "{{ansible_distribution == 'Msys'}}" - name: "rsync root_overlay - the tar gets made by a make before running" unarchive: dest: / src: "{{item}}.tar" keep_newer: true owner: "{{BASE_ROOT_USER}}" group: "{{BOX_ROOT_GROUP}}" # extra_opts: "{{ BASE_UNTAR_ARGS }}" with_items: - Linux - "{{ ansible_distribution }}" notify: - update-ca-certificates ignore_errors: true when: - not ansible_check_mode # msg: synchronize uses rsync to function. rsync needs to connect to the remote host via ssh, docker client or a direct filesystem copy. This remote host is being accessed via community.libvirt.libvirt_qemu instead so it cannot work. - ansible_connection|default('') in PLAY_NORSYNC_CONNECTIONS - name: "include_tasks base before" include_tasks: file: "{{ LOOP_FILE }}.yml" apply: environment: "{{ null_env }}" when: - LOOP_FILE != '' and LOOP_FILE != [] with_items: - base - "{{ 'ansible' if ansible_distribution != 'Msys' else '' }}" loop_control: loop_var: LOOP_FILE - name: "ansible-{{BOX_ANSIBLE_VERSION}}" environment: "{{ shell_env }}" shell: | cd /usr/local/src [ ! -d "ansible-{{BOX_ANSIBLE_VERSION}}" ] && \ [ ! -f "ansible-{{BOX_ANSIBLE_VERSION}}/setup.py" ] && \ [ -f /usr/local/tmp/wheels/ansible-{{BOX_ANSIBLE_VERSION}}.tar.gz ] && \ tar xvfz /usr/local/tmp/wheels/ansible-{{BOX_ANSIBLE_VERSION}}.tar.gz && \ chown -R {{BOX_USER_GROUP}}.{{BOX_USER_GROUP}} ansible-{{BOX_ANSIBLE_VERSION}} exit 0 - name: "patch /usr/local/" environment: "{{ shell_env }}" shell: | cd /usr/local/patches/base || exit 1 # this vacuumns all diff files below the root {{ BASE_SCRIPT_DIR }}/base_patch_from_diff.bash {{item}} when: - item != '' - not ansible_check_mode with_items: - usr/local/src/ansible-{{BOX_ANSIBLE_VERSION}} - name: chown vagrant ~vagrant environment: "{{ shell_env }}" shell: | [ -d ~{{LOOP_USER}} ] || mkdir ~{{LOOP_USER}} chown -R {{LOOP_USER}} ~{{LOOP_USER}} #? [ -n "{{BOX_ALSO_GROUP}}" ] && chmod -R g+rw,o-w ~{{LOOP_USER}} exit 0 loop_control: loop_var: LOOP_USER when: LOOP_USER != '' and LOOP_USER != [] with_items: # not root - "{{ base_system_users }}" check_mode: false - name: openssl.cnf cacert.pem # FixMe: PLAY_CA_CERT or /etc/ssl/certs/ca-certificates.crt environment: "{{ shell_env }}" shell: | PIP_CERT="{{ PLAY_CA_CERT }}" ignore_errors: true - block: # host or guest - name: /boot/grub/grub.cfg environment: "{{ shell_env }}" shell: | grep -q quiet /boot/grub/grub.cfg || exit 0 sed -e 's/ quiet//' -i /boot/grub/grub.cfg exit 0 - name: "include_tasks base users.yml" include_tasks: file: "users.yml" apply: environment: "{{ null_env }}" become: yes become_user: "{{ LOOP_USER }}" check_mode: false tags: always loop_control: loop_var: LOOP_USER when: - LOOP_USER != '' and LOOP_USER != [] - false # FixMe : filters with_items: - "base_system_users" - "'root' if ansible_distribution != 'Msys' else ''" #? when: CHROOT_GENTOO_STAGE3|default('') == '' tags: always - name: "include_tasks base after" include_tasks: file: "{{ LOOP_FILE }}.yml" when: - "LOOP_FILE != ''" with_items: # FixMe: WTF? - "base_proxy" # or # before Gentoo.yml - "{{ 'lati' if ansible_virtualization_role|replace('NA', 'host') == 'host' and HOSTNAME_HARDWARE|default('') == 'lati' else '' }}" - "{{ ansible_distribution }}" # - "{{ ansible_distribution }}/{{ BOX_SERVICE_MGR }}" - "{{ 'guest_virtualbox' if ansible_bios_version|default('') == 'VirtualBox' else '' }}" # - "{{ 'guest_whonix' if ansible_virtualization_type == 'kvm' and BOX_OS_FLAVOR|default('') in ['WhonixGateway','WhonixWorkstation'] }}" - "{{ 'guest_whonix' if ansible_connection in ['chroot', 'libvirt_qemu'] and BOX_OS_FLAVOR|default('') in ['WhonixGateway','WhonixWorkstation'] else ''}}" loop_control: loop_var: LOOP_FILE # "ansible_service_mgr": "systemd",