265 lines
8.3 KiB
YAML
Executable File
265 lines
8.3 KiB
YAML
Executable File
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
|
||
|
||
---
|
||
|
||
- name: "DEBUG: base bootstrap.yml inventory_hostname"
|
||
debug:
|
||
verbosity: 1
|
||
msg: "DEBUG: Including bootstrap bootstrap.yml"
|
||
|
||
# have to install sudo
|
||
|
||
# N.B. raw or delegate_to: localhost only until bootstrap is complete!!!
|
||
|
||
- name: boostrap bootstrap_chroot_kicksecure.bash
|
||
shell: |
|
||
/usr/local/sbin/bootstrap_chroot_kicksecure.bash
|
||
args:
|
||
creates: /usr/local/etc/ssl/cacert-testforge.pem
|
||
delegate_to: localhost
|
||
when:
|
||
- ansible_connection|default('') == 'chroot'
|
||
- inventory_hostname == 'linuxKick150154'
|
||
- ansible_remote_addr != ''
|
||
check_mode: false
|
||
|
||
# cache='none' io='native'
|
||
|
||
- name: bootstrap env
|
||
set_fact:
|
||
proxy_env:
|
||
TERM: "linux"
|
||
shell_env:
|
||
TERM: "linux"
|
||
|
||
- block:
|
||
|
||
- name: bin/update_chroot.bash
|
||
shell: |
|
||
root="{{ ansible_remote_addr }}"
|
||
[ -n "$root" ] || \
|
||
{ echo "ERROR: ansible_remote_addr is undefined" ; exit 1 ; }
|
||
[ -d "$root/" ] || \
|
||
{ echo "ERROR: directory not found: $root" ; exit 2 ; }
|
||
|
||
if [ -x {{VAR_LOCAL}}/sbin/update_chroot.bash ]; then
|
||
{{VAR_LOCAL}}/sbin/update_chroot.bash "$root/" pwd || \
|
||
{ echo ERROR: {{VAR_LOCAL}}/sbin/update_chroot.bash $root/ pwd $? ; exit 3 ; }
|
||
elif [ -x /usr/local/sbin/base_chroot.bash ]; then
|
||
/usr/local/sbin/base_chroot.bash "$root/" pwd || \
|
||
{ echo ERROR: /usr/local/sbin/base_chroot.bash "$root/" pwd $? ; exit 4 ; }
|
||
fi
|
||
|
||
i=$( df -a | sed -e 's/.* //'| sort -u | grep -c "$root" )
|
||
if [ $i -lt 3 ] ; then
|
||
echo "WARN: first run to establish bind mounts - bin/update_chroot.bash $root"
|
||
fi
|
||
exit 0
|
||
# FixMe: 3 stderr: '/usr/bin/env: ‘a’: No such file or directory'
|
||
ignore_errors: true
|
||
|
||
- name: "mount mountpoint dirs"
|
||
shell: |
|
||
df -a | grep -q {{item}} || \
|
||
mount -o bind {{item}} {{ansible_remote_addr}}/{{item}}
|
||
exit 0
|
||
args:
|
||
creates: "{{ansible_remote_addr}}/{{item}}"
|
||
with_items: "{{BASE_HOST_CONTAINER_MOUNTS|default([])}}"
|
||
when: "BASE_HOST_CONTAINER_MOUNTS|default([])|length > 0"
|
||
|
||
delegate_to: localhost
|
||
when:
|
||
- ansible_connection|default('') == 'chroot'
|
||
- ansible_remote_addr != ''
|
||
check_mode: false
|
||
|
||
- name: boostrap bootstrap_proxy.bash
|
||
raw: |
|
||
export TERM=linux
|
||
export http_proxy="{{ http_proxy }}"
|
||
export https_proxy="{{ https_proxy }}"
|
||
export socks_proxy="{{ socks_proxy }}"
|
||
export no_proxy="{{no_proxy}}"
|
||
{{lookup('file', BASE_SCRIPT_DIR+'/bootstrap_proxy.bash')}}
|
||
# >> {{ BASE_USR_LOCAL }}/tmp/bootstrap_proxy.log 2>&1 || exit 3
|
||
exit 0
|
||
args:
|
||
executable: /bin/bash
|
||
chdir: "{{ BASE_USR_LOCAL }}/"
|
||
when:
|
||
# FixMe: figure something better than wgetrc - /etc/apt/conf.d - not needed on kicksecure
|
||
- http_proxy != "" and https_proxy != ""
|
||
check_mode: false
|
||
ignore_errors: true
|
||
|
||
- name: boostrap bootstrap_wheels.bash
|
||
copy:
|
||
src: /usr/local/sbin/bootstrap_wheels.bash
|
||
dest: /usr/local/sbin/bootstrap_wheels.bash
|
||
mode: '0755'
|
||
|
||
- name: boostrap bootstrap_wheels.bash raw
|
||
script: "{{BASE_SCRIPT_DIR+'/bootstrap_wheels.bash'}}"
|
||
# "{{lookup('file', BASE_SCRIPT_DIR+'/bootstrap_wheels.bash')}}"
|
||
# >> {{ BASE_USR_LOCAL }}/tmp/bootstrap_wheels.log 2>&1 || exit 3
|
||
args:
|
||
executable: /bin/bash
|
||
chdir: "{{ BASE_USR_LOCAL }}/"
|
||
creates: "{{ BASE_USR_LOCAL }}/tmp/wheels/ansible-{{BOX_ANSIBLE_VERSION}}.tar.gz"
|
||
when:
|
||
- not ansible_check_mode
|
||
check_mode: false
|
||
ignore_errors: true
|
||
|
||
- name: /etc/hostname
|
||
raw: grep -q localhost /etc/hostname && echo {{inventory_hostname}} > /etc/hostname || true
|
||
when:
|
||
- ansible_distribution in ['Ubuntu', 'Debian', 'Devuan']
|
||
ignore_errors: true
|
||
check_mode: false
|
||
|
||
- name: "stat {{ BASE_USR_LOCAL }}/bin/python3.sh"
|
||
stat:
|
||
path: "{{ BASE_USR_LOCAL }}/lib/python{{BASE_PYTHON3_MINOR}}/site-packages/pip/__init__.py"
|
||
register: base_python3_sh_exists
|
||
when:
|
||
- not ansible_check_mode
|
||
check_mode: false
|
||
|
||
- name: boostrap bootstrap_pip_ansible.sh
|
||
# $https_proxy = http://localhost:9999 to prevent downloads - not
|
||
shell: |
|
||
cd "{{ BASE_USR_LOCAL }}"
|
||
export PYTHONPATH=''
|
||
export BOX_UBUNTU16_VAR_APT_ARCHIVES="{{BOX_UBUNTU16_VAR_APT_ARCHIVES|default('') }}"
|
||
export BOX_UBUNTU16_VAR_APT_ARCHIVES="{{ BOX_UBUNTU16_VAR_APT_ARCHIVES|default('') }}"
|
||
export BOX_DEBIAN10_VAR_APT_ARCHIVES="{{ BOX_UBUNTU16_VAR_APT_ARCHIVES|default('') }}"
|
||
export BOX_GENTOO_DISTFILES_ARCHIVES="{{ BOX_GENTOO_DISTFILES_ARCHIVES|default('') }}"
|
||
export BOX_BOXUSER_PIP_CACHE="{{ BOX_BOXUSER_PIP_CACHE }}"
|
||
export BOX_ROOT_PIP_CACHE="{{ BOX_ROOT_PIP_CACHE }}"
|
||
export PLAY_PIP_CERT="{{ PLAY_CA_CERT }}"
|
||
export LOG_DIR="{{ BASE_USR_LOCAL }}/tmp"
|
||
export BASE_USER_NAME="{{ BASE_USER_NAME }}"
|
||
export BASE_USER_HOME="{{ BASE_USER_HOME }}"
|
||
export BASE_ALSO_GROUP="{{ BASE_ALSO_GROUP }}"
|
||
export http_proxy="{{ http_proxy }}"
|
||
export https_proxy="{{ https_proxy }}"
|
||
export socks_proxy="{{ socks_proxy }}"
|
||
export no_proxy="{{no_proxy}}"
|
||
ls {{BASE_SCRIPT_DIR}}
|
||
{{BASE_SCRIPT_DIR+'/bootstrap_pip_ansible.bash'}}
|
||
# "{{lookup('file', BASE_SCRIPT_DIR+'/bootstrap_pip_ansible.bash')}}"
|
||
# >> {{ BASE_USR_LOCAL }}/tmp/bootstrap_pip_ansible.log 2>&1 || exit 3
|
||
exit 0
|
||
|
||
when:
|
||
- not ansible_check_mode
|
||
- not base_python3_sh_exists.stat.exists
|
||
- false
|
||
#hangs
|
||
register: bootstrap_pip
|
||
#? check_mode: false
|
||
|
||
- name: rc boostrap wheels.sh and ansible.sh
|
||
debug:
|
||
msg: "WARN: boostrap wheels.sh and ansible.sh FAILED - {{bootstrap_pip.stdout}} - {{ bootstrap_pip.stderr}}"
|
||
when:
|
||
- not ansible_check_mode
|
||
- bootstrap_pip is failed
|
||
ignore_errors: true
|
||
|
||
# N.B. raw or delegate_to: localhost only until bootstrap is complete!!!
|
||
|
||
- name: test boostrap wheels.sh
|
||
shell: |
|
||
LELTS=""
|
||
PYVER=3
|
||
if [ -f {{ BASE_USR_LOCAL }}/bin/python$PYVER.sh ] ; then
|
||
{{ BASE_USR_LOCAL }}/bin/python$PYVER.sh --version || exit 2$PYVER$?
|
||
fi
|
||
exit 0
|
||
|
||
- block:
|
||
|
||
- name: "make /etc/portage dirs"
|
||
file:
|
||
path: "/etc/portage/{{item}}"
|
||
state: directory
|
||
mode: 0755
|
||
with_items:
|
||
#? make.profile
|
||
- package.accept_keywords
|
||
- package.license
|
||
- package.mask
|
||
- package.unmask
|
||
- package.use
|
||
- postsync.d
|
||
- profile
|
||
- repo.postsync.d
|
||
- repos.conf
|
||
- savedconfig
|
||
- sets
|
||
|
||
# really bootstrap
|
||
# - include_tasks: Gentoo/Funtoo/portage.yml
|
||
|
||
when:
|
||
- "ansible_distribution == 'Gentoo'"
|
||
|
||
- block:
|
||
|
||
- name: "make /mnt mountpoints"
|
||
# maybe prologue
|
||
shell: |
|
||
[ -d /mnt ] || mkdir /mnt || exit 1
|
||
for elt in {{ BASE_HOST_CONTAINER_MOUNTS|join(' ') }} ; do
|
||
[ -d $elt ] || mkdir $elt
|
||
done
|
||
exit 0
|
||
# with_items: "{{ BASE_HOST_CONTAINER_MOUNTS }}"
|
||
when: BASE_HOST_CONTAINER_MOUNTS|default([])|length > 0
|
||
|
||
- name: HOST_MOUNT_SYMLINKS
|
||
shell: |
|
||
{% for elt in HOST_MOUNT_SYMLINKS %}
|
||
[ -h {{ elt.to }} ] && continue
|
||
[ -d {{ elt.to }} ] && echo "WARN: {{ elt.to }} exists as a directory" && continue
|
||
parent=`dirname {{ elt.to }}`
|
||
[ -d $parent ] || mkdir -p $parent
|
||
#? -h-e
|
||
[ -h {{ elt.to }} ] || \
|
||
ln -s {{ elt.from }} {{ elt.to }}
|
||
{% endfor %}
|
||
# FixMe:
|
||
ignore_errors: true
|
||
when:
|
||
- HOST_MOUNT_SYMLINKS|default([])|length > 0
|
||
# actually the condition is weaker: anything with mounts - sshfs vagrant/virtualbox kvm? lxd?
|
||
- BASE_HOST_CONTAINER_MOUNTS|default([])|length > 0
|
||
|
||
# FixMe: make this a box_command for use with packer
|
||
- name: HOST_MOUNT_SYMLINK_CONTENTS
|
||
shell: |
|
||
{% for elt in HOST_MOUNT_SYMLINK_CONTENTS %}
|
||
[ -n "{{ elt.to }}" ] || continue
|
||
[ -d "{{ elt.to }}" ] || mkdir -p "{{ elt.to }}"
|
||
find -L "{{ elt.to }}" -type f -delete
|
||
for file in "{{ elt.from }}/"* ; do
|
||
[ -e "$file" ] || continue
|
||
[ -d "$file" ] && continue
|
||
base=`basename "$file"`
|
||
[ -e "{{ elt.to }}/$base" ] && continue
|
||
ln -s "$file" "{{ elt.to }}"
|
||
done
|
||
{% endfor %}
|
||
exit 0
|
||
when:
|
||
- HOST_MOUNT_SYMLINK_CONTENTS|default({})|length > 0
|
||
# FixMe:
|
||
ignore_errors: true
|
||
|
||
when:
|
||
# actually the condition is weaker: anything with mounts - sshfs vagrant/virtualbox kvm? lxd?
|
||
- BASE_HOST_CONTAINER_MOUNTS|default([])|length > 0
|