# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*- --- - name: "base main.yml" debug: verbosity: 1 msg: "DEBUG: Including base main.yml ansible_connection={{ ansible_connection|default('') }}" - name: "Fix Gentoo" set_fact: ansible_distribution_major_version: 2 when: ansible_distribution == 'Gentoo' - name: "Fix Windows" set_fact: # ansible_distribution_major_version: 9 ansible_distribution: Msys ansible_bios_version: "mbr" # i.e. not Virtualbox when: ansible_distribution == 'MSYS_NT-6.3-9600' - name: "Fix Linux" set_fact: null_env: TERM: linux - name: check entropy state shell: | [ -e /proc/sys/kernel/random/entropy_avail ] || exit 0 cat /proc/sys/kernel/random/entropy_avail changed_when: false register: entropy2 # FixMe why dows this sometimes fail ignore_errors: true - name: entropy state debug: var=entropy2 ignore_errors: true - name: "include base by-platform vars" include_vars: "{{item}}.yml" with_items: - "Linux" - "{{ ansible_distribution }}{{ ansible_distribution_major_version }}" tags: always - name: "include_tasks base bootstrap" include_tasks: file: "{{ LOOP_FILE }}.yml" apply: environment: "{{ null_env }}" when: - LOOP_FILE != '' and LOOP_FILE != [] with_items: - "{{ 'bootstrap' if ansible_distribution != 'Msys' and '{{nbd_disk}}' == '' else '' }}" # - "{{ 'bootstrap_nbd' if ansible_distribution != 'Msys' and '{{nbd_disk}}' != '' else '' }}" loop_control: loop_var: LOOP_FILE - name: "make /var/tmp/.ansible" file: path: "{{ item }}" state: directory mode: 01777 with_items: - /run/tmp - /var/tmp/.ansible - "{{BASE_LOG_DIR}}/pip" - "{{BASE_LOG_DIR}}/pip/pip2" - "{{BASE_LOG_DIR}}/pip/pip3" - /usr/local/share/genkernel/overlay/bin - name: "/usr/local/etc/testforge/testforge.ini BOF" lineinfile: dest: "/usr/local/etc/testforge/testforge.ini" insertbefore: BOF mode: 0755 owner: "{{BOX_ROOT_USER}}" group: "{{BOX_ROOT_GROUP}}" create: yes regexp: "# -.- mode: sh; tab-width: 0; coding: utf-8-unix -.-" line: "# -*- mode: sh; tab-width: 0; coding: utf-8-unix -*-" - name: /usr/local/etc/testforge/testforge.ini proxy blockinfile: dest: /usr/local/etc/testforge/testforge.ini create: yes marker: "# {mark} ANSIBLE MANAGED BLOCK ini [base]" block: | [base] BASE_USER_NAME: "{{ BOX_USER_NAME }}" BASE_USER_HOME: "{{ BOX_USER_HOME }}" BASE_ALSO_GROUP: "{{ BOX_ALSO_GROUP }}" BASE_ALSO_USERS: "{{BOX_ALSO_USERS}}" BASE_USER_CONFIG_DIR: ".config/testforge" BASE_PYTHON2_MINOR: "{{BASE_PYTHON2_MINOR}}" BASE_PYTHON3_MINOR: "{{BASE_PYTHON3_MINOR}}" - name: "rsync base root_overlay" synchronize: src: "roles/base/overlay/{{item}}/" dest: / compress: no copy_links: yes archive: false recursive: yes links: true owner: no perms: true times: true rsync_opts: "{{ base_rsync_opts }} + ['--log-file=/tmp/rsync-base_{{BOX_HOST_NAME}}.log']" with_items: - Linux - "{{ ansible_distribution }}" notify: - "chmod /usr/local" - update-ca-certificates when: - not ansible_check_mode # FixAns: This remote host is being accessed via chroot instead so it cannot work # synchronize uses rsync to function. rsync needs to connect to the remote host via ssh, docker client or a direct filesystem copy. This remote host is being accessed via community.libvirt.libvirt_qemu instead so it cannot work. - ansible_connection|default('') not in PLAY_NORSYNC_CONNECTIONS tags: - always ignore_errors: "{{ansible_distribution == 'Msys'}}" - name: "rsync root_overlay - the tar gets made by a make before running" unarchive: dest: / src: "{{item}}.tar" keep_newer: true owner: "{{BASE_ROOT_USER}}" group: "{{BOX_ROOT_GROUP}}" # extra_opts: "{{ BASE_UNTAR_ARGS }}" with_items: - Linux - "{{ ansible_distribution }}" notify: - update-ca-certificates ignore_errors: true when: - not ansible_check_mode # msg: synchronize uses rsync to function. rsync needs to connect to the remote host via ssh, docker client or a direct filesystem copy. This remote host is being accessed via community.libvirt.libvirt_qemu instead so it cannot work. - ansible_connection|default('') in PLAY_NORSYNC_CONNECTIONS - name: "include_tasks base before" include_tasks: file: "{{ LOOP_FILE }}.yml" apply: environment: "{{ null_env }}" when: - LOOP_FILE != '' and LOOP_FILE != [] with_items: - base - "{{ 'ansible' if ansible_distribution != 'Msys' else '' }}" loop_control: loop_var: LOOP_FILE - name: "ansible-{{BOX_ANSIBLE_VERSION}}" environment: "{{ shell_env }}" shell: | cd /usr/local/src [ ! -d "ansible-{{BOX_ANSIBLE_VERSION}}" ] && \ [ ! -f "ansible-{{BOX_ANSIBLE_VERSION}}/setup.py" ] && \ [ -f {{USR_LOCAL}}/tmp/wheels/ansible-{{BOX_ANSIBLE_VERSION}}.tar.gz ] && \ tar xvfz {{USR_LOCAL}}/tmp/wheels/ansible-{{BOX_ANSIBLE_VERSION}}.tar.gz && \ chown -R {{BOX_USER_GROUP}}.{{BOX_USER_GROUP}} ansible-{{BOX_ANSIBLE_VERSION}} exit 0 - name: "patch /usr/local/" environment: "{{ shell_env }}" shell: | cd {{USR_LOCAL}}/patches/base || exit 1 # this vacuumns all diff files below the root {{ BASE_SCRIPT_DIR }}/base_patch_from_diff.bash {{item}} when: - item != '' - not ansible_check_mode - false # FixMe not up to date with_items: - usr/local/src/ansible-{{BOX_ANSIBLE_VERSION}} - name: chown vagrant ~vagrant environment: "{{ shell_env }}" shell: | [ -d ~{{LOOP_USER}} ] || mkdir ~{{LOOP_USER}} chown -R {{LOOP_USER}} ~{{LOOP_USER}} #? [ -n "{{BOX_ALSO_GROUP}}" ] && chmod -R g+rw,o-w ~{{LOOP_USER}} exit 0 loop_control: loop_var: LOOP_USER when: LOOP_USER != '' and LOOP_USER != [] with_items: # not root - "{{ base_system_users }}" check_mode: false - block: - name: "make vagrant RO directories base" file: path: "{{ item|expanduser }}" state: directory owner: "{{ BOX_USER_NAME }}" mode: 0700 with_items: - "{{ BOX_USER_HOME }}/.cache" - "{{ BOX_USER_HOME }}/.config" - "{{ BOX_USER_HOME }}/.gpg" - "{{ BOX_USER_HOME }}/.local/lib" - "{{ BOX_USER_HOME }}/.ssh" - name: "I think this is right make .local symlinks lib dirs" file: src: "{{ item.src | expanduser }}" dest: "{{ item.dest | expanduser }}" state: link with_items: - dest: "{{ BOX_USER_HOME }}/.local/lib64" src: "{{ BOX_USER_HOME }}/.local/lib" mode: "0755" - dest: "{{ BOX_USER_HOME }}/.local/lib/python{{BASE_PYTHON3_MINOR}}" src: "{{ USR_LOCAL }}/lib/python{{BASE_PYTHON3_MINOR}}" mode: "0755" - dest: "{{ BOX_USER_HOME }}/.local/lib/python{{BASE_PYTHON2_MINOR}}" src: "{{ USR_LOCAL }}/lib/python{{BASE_PYTHON2_MINOR}}" mode: "0755" ignore_errors: true - name: "make vagrant RO files base" copy: dest: "{{ BOX_USER_HOME }}/{{ item }}" src: "{{ lookup('env','HOME') }}/{{ item }}" force: no mode: 0600 with_items: - ".bashrc" - ".bash_profile" ignore_errors: true # template or skel this when: - not ansible_check_mode # libvirt become is not working? - name: openssl.cnf cacert.pem # FixMe: PLAY_CA_CERT or /etc/ssl/certs/ca-certificates.crt environment: "{{ shell_env }}" shell: | PIP_CERT="{{ PLAY_CA_CERT }}" ignore_errors: true - block: # host or guest - name: /boot/grub/grub.cfg environment: "{{ shell_env }}" shell: | grep -q quiet /boot/grub/grub.cfg || exit 0 sed -e 's/ quiet//' -i /boot/grub/grub.cfg exit 0 - name: "include_tasks base users.yml" include_tasks: file: "users.yml" apply: environment: "{{ null_env }}" become: yes become_user: "{{ LOOP_USER }}" check_mode: false tags: always loop_control: loop_var: LOOP_USER when: - LOOP_USER != '' and LOOP_USER != [] - false # FixMe : filters with_items: - "base_system_users" - "'root' if ansible_distribution != 'Msys' else ''" #? when: CHROOT_GENTOO_STAGE3|default('') == '' tags: always - name: "include_tasks base after" include_tasks: file: "{{ LOOP_FILE }}.yml" when: - "LOOP_FILE != ''" with_items: # FixMe: WTF? - "base_proxy" # or # before Gentoo.yml - "{{ 'lati' if ansible_virtualization_role|replace('NA', 'host') == 'host' and HOSTNAME_HARDWARE|default('') == 'lati' else '' }}" - "{{ ansible_distribution }}" # - "{{ ansible_distribution }}/{{ BOX_SERVICE_MGR }}" - "{{ 'guest_virtualbox' if ansible_bios_version|default('') == 'VirtualBox' else '' }}" # - "{{ 'guest_whonix' if ansible_virtualization_type == 'kvm' and BOX_OS_FLAVOR|default('') in ['WhonixGateway','WhonixWorkstation'] }}" - "{{ 'guest_whonix' if ansible_connection in ['chroot', 'libvirt_qemu'] and BOX_OS_FLAVOR|default('') in ['WhonixGateway','WhonixWorkstation'] else ''}}" loop_control: loop_var: LOOP_FILE # "ansible_service_mgr": "systemd",