libvirt_cloud/roles/toxcore/tasks/main.yml

394 lines
12 KiB
YAML
Raw Permalink Normal View History

2023-12-30 12:52:24 +00:00
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "toxcore main.yml"
debug:
verbosity: 1
2023-12-30 22:09:49 +00:00
msg: "toxcore main.yml BOX_OS_FAMILY={{BOX_OS_FAMILY}} {{BOX_GENTOO_FROM_MP}} {{ansible_virtualization_role|replace('NA', 'host')}}"
2024-01-15 12:44:06 +00:00
- name: include toxcore by-platform vars
2023-12-30 12:52:24 +00:00
include_vars: "{{item}}.yml"
with_items:
- Linux
- "{{ ansible_distribution }}{{ ansible_distribution_major_version }}"
tags: always
2024-01-15 12:44:06 +00:00
check_mode: false
2023-12-30 12:52:24 +00:00
- name: "rsync toxcore root_overlay"
synchronize:
src: "roles/toxcore/overlay/{{item}}/"
dest: /
compress: no
copy_links: yes
archive: no
recursive: yes
links: no
owner: no
perms: no
times: yes
rsync_opts: "{{base_rsync_opts}}"
with_items:
- Linux
- "{{ ansible_distribution }}"
notify:
- chmod /var/local
when:
- not ansible_check_mode
# FixAns: This remote host is being accessed via chroot instead so it cannot work
- ansible_connection|default('') not in PLAY_NORSYNC_CONNECTIONS
tags:
- always
- name: rsync root_overlay - tar before running
unarchive:
dest: /
src: "{{item}}.tar"
keep_newer: true
owner: "{{BOX_ROOT_USER}}"
# extra_opts: "{{ BASE_UNTAR_ARGS }}"
with_items:
- Linux
- "{{ ansible_distribution }}"
notify:
- chmod /usr/local
ignore_errors: true
when:
- not ansible_check_mode
# FixAns: This remote host is being accessed via chroot instead so it cannot work
- ansible_connection|default('') in PLAY_NORSYNC_CONNECTIONS
- name: "make /var/local/var/log/testforge toxcore"
file:
path: "{{ item }}"
state: directory
mode: 0775
with_items:
- "{{ TOXCORE_LOG_DIR }}"
- "{{ TOXCORE_DAILY_LOG }}"
# - "{{ TOXCORE_WEEKLY_LOG }}"
# - "{{ TOXCORE_MONTHLY_LOG }}"
tags:
- hourly
- daily
- weekly
- monthly
- name: "/var/local/bin/toxcore_sign_modules.bash modules needed toxcore_kmods_in_host"
shell: |
KVER=`cat /proc/cmdline |sed -e 's/ .*//' -e 's/BOOT_IMAGE=//' -e 's/kernel-[a-z]*-x86_64-//'`
KDIR=/lib/modules/$KVER
DIR=$KDIR/misc
[ -d $DIR ] || { echo WARN: no directory $DIR ; exit 0 ; }
/var/local/bin/toxcore_sign_modules.bash {{ toxcore_kmods_in_host|flatten|join(' ') }}
2023-12-30 22:09:49 +00:00
2023-12-30 12:52:24 +00:00
when: false
# this changes with kernel 4 -> 5
- name: modprobe VM modules toxcore_kmods_in_host
modprobe:
name: "{{ item }}"
2024-01-04 14:53:42 +00:00
# "{{ 'absent' if ansible_virtualization_role|replace('NA', 'host') != 'host' else 'present'}}"
state: present
2023-12-30 12:52:24 +00:00
when:
- item != ''
with_items: "{{ toxcore_kmods_in_host }}"
ignore_errors: true
- name: modprobe VM modules toxcore_kmods_not_in_host
modprobe:
name: "{{ item }}"
state: absent
with_items: "{{ toxcore_kmods_not_in_host }}"
when: false
# I'm not sure kvm should be missing anymore 5+
ignore_errors: true
- name: include by-platform tasks
include_tasks: "{{ ansible_distribution }}.yml"
- name: add standard_users to groups
user:
name: "{{ item.0 }}"
append: true
groups: "{{ item.1 }}"
when:
- item != ''
2024-01-15 12:44:06 +00:00
- "toxcore_system_users != []"
2023-12-30 12:52:24 +00:00
# some groups may not be there
ignore_errors: true
with_nested:
2024-01-08 12:51:06 +00:00
-
- "{{ toxcore_system_users }}"
-
- "{{ toxcore_standard_users_groups_host if ansible_virtualization_role|replace('NA', 'host') == 'host' else [] }}"
- "{{ toxcore_standard_users_groups_guest if ansible_virtualization_role|replace('NA', 'host') != 'host' else [] }}"
2023-12-30 12:52:24 +00:00
- name: "make a directory for /data/Vms"
file:
path: "{{item }}"
state: directory
mode: 0775
with_items:
- "{{TOXCORE_VMS_DIR}}"
- "{{TOXCORE_VMS_DIR}}/Instances"
- "{{TOXCORE_VMS_DIR}}/Qemu"
- "{{TOXCORE_VMS_DIR}}/Boxes"
#? - "{{TOXCORE_VMS_DIR}}/vagrant.d/tmp"
check_mode: false
- name: "toxcore gpg keys system"
# Option --keyserver must be used to
environment: "{{ shell_proxy_env }}"
shell: |
/usr/bin/gpg --list-keys | grep "{{ item.primary }}" || \
/usr/bin/gpg --recv-keys "{{ item.uid }}" # --keyserver "{{ TOXCORE_GPG_SERVER }}"
with_items: "{{ toxcore_gpg_keys_system }}"
when:
- toxcore_gpg_keys_system|length > 0
- BASE_ARE_CONNECTED|default('') != ''
2024-01-08 12:51:06 +00:00
- false # none yet
2023-12-30 12:52:24 +00:00
ignore_errors: true
- name: "toxcore gpg keys gentoo"
environment: "{{ shell_proxy_env }}"
shell: |
[ -f /usr/share/openpgp-keys/gentoo-release.asc ] && exit 0
2023-12-30 22:09:49 +00:00
gpg --import /usr/local/share/openpgp-keys/gentoo-release.asc
2024-01-04 14:53:42 +00:00
# FixMe: does this do SSH?
- name: /usr/local/bin/gitproxy.sh
blockinfile:
dest: "/usr/local/bin/gitproxy.bash"
create: yes
mode: 0775
marker: "# {mark} ANSIBLE MANAGED BLOCK proxy"
block: |
exec corkscrew {{HTTP_PROXYHOST}} {{HTTP_PROXYPORT}} $1 $2
# $1 %h $2 %p
#? exec connect -4 -S {{HTTP_PROXYHOST}}:{{HTTP_PROXYPORT}} $(tor-resolve $1 {{HTTP_PROXYHOST}}:{{HTTP_PROXYPORT}}) $2
2023-12-30 12:52:24 +00:00
- name: "include_tasks toxcore vms as root"
include_tasks:
file: "{{LOOP_ITEM}}.yml"
apply:
environment: "{{ proxy_env }}"
when:
- LOOP_ITEM != '' and LOOP_ITEM != []
with_items:
- "vms"
2024-01-08 12:51:06 +00:00
- "{{ 'libvirt' if (BOX_WHONIX_PROXY_HOST != '' or 'libvirt' in BOX_TOXCORE_FEATURES or 'whonix' in BOX_TOXCORE_FEATURES) else [] }}"
2023-12-30 12:52:24 +00:00
loop_control:
loop_var: LOOP_ITEM
2024-01-08 12:51:06 +00:00
- name: install toxcore pips HOST
environment: "{{ portage_proxy_env }}"
2024-01-15 12:44:06 +00:00
become_user: "{{ BOX_USER_NAME }}"
2024-01-08 12:51:06 +00:00
shell: |
2024-01-15 12:44:06 +00:00
# sudo -u "{{ BOX_USER_NAME }}"
2024-01-08 12:51:06 +00:00
pip3.sh install {{' '.join(toxcore_pips3_inst_host if ansible_virtualization_role|replace('NA', 'host') == 'host' else toxcore_pips3_inst_guest)}}
ignore_errors: "{{ BASE_PKG_IGNORE_ERRORS }}"
2023-12-30 12:52:24 +00:00
when:
2024-01-08 12:51:06 +00:00
- BASE_ARE_CONNECTED|default('') != ''
2023-12-30 12:52:24 +00:00
- "ansible_virtualization_role|replace('NA', 'host') == 'host'"
2024-01-08 12:51:06 +00:00
- "len(toxcore_pips3_inst) > 0"
- name: install toxcore pips GUEST
environment: "{{ portage_proxy_env }}"
shell: |
[ -z "{{' '.join(toxcore_pips3_inst_guest)}}" ] || \
sudo -u "{{ BOX_USER_NAME }}" \
pip3.sh install {{' '.join(toxcore_pips3_inst_guest)}}
ignore_errors: "{{ BASE_PKG_IGNORE_ERRORS }}"
when:
- BASE_ARE_CONNECTED|default('') != ''
- "ansible_virtualization_role|replace('NA', 'host') != 'host'"
2023-12-30 12:52:24 +00:00
- name: "include_tasks toxcore users as user"
include_tasks:
file: "{{ LOOP_USER_F[1] }}.yml"
apply:
environment: "{{ proxy_env }}"
become_user: "{{ LOOP_USER_F[0] }}"
when:
- "LOOP_USER_F[1] != ''"
- "ansible_virtualization_role|replace('NA', 'host') == 'host'"
- false
with_nested:
-
#no - users
- "{{ 'libvirt_users' if 'libvirt' in TOXCORE_FEATURES else '' }}"
# - "{{ 'qemu_users' if 'qemu' in TOXCORE_FEATURES else '' }}"
# - "{{ 'docker_users' if 'docker' in TOXCORE_FEATURES else '' }}"
loop_control:
loop_var: LOOP_USER_F
2023-12-30 22:09:49 +00:00
2024-01-15 12:44:06 +00:00
# broken rc-update: service `qemu-quest-agent' does not exist
2023-12-30 12:52:24 +00:00
- name: enable and start toxcore services
service:
name: "{{ item }}"
enabled: yes
state: started
when:
- "item != ''"
- ansible_connection|default('') not in PLAY_CHROOT_CONNECTIONS
2024-01-08 12:51:06 +00:00
with_items: "{{ toxcore_services_enabled_host if ansible_virtualization_role|replace('NA', 'host') == 'host' else toxcore_services_enabled_guest }}"
2023-12-30 12:52:24 +00:00
ignore_errors: true
- name: start toxcore services
service:
name: "{{ item }}"
enabled: no
state: started
when:
- "item != ''"
- ansible_connection|default('') not in PLAY_CHROOT_CONNECTIONS
- false
with_items: "{{ toxcore_services_started }}"
ignore_errors: true
- name: stop toxcore services
service:
name: "{{ item }}"
enabled: no
state: stopped
failed_when: false
when:
- "item != ''"
- ansible_connection|default('') not in PLAY_CHROOT_CONNECTIONS
- false
with_items: "{{ toxcore_services_stopped }}"
2024-01-09 14:16:55 +00:00
# this should not run as root
- name: "usr_local_toxcore.bash"
2024-01-15 12:44:06 +00:00
become_user: "{{ BOX_USER_NAME }}"
2024-01-09 14:16:55 +00:00
environment: "{{ shell_proxy_env }}"
shell: |
umask 0002
sudo -u "{{ BOX_USER_NAME }}" \
bash {{TOXCORE_USR_LOCAL}}/src/usr_local_toxcore.bash \
{{ 'check' if ansible_check_mode }}
exit 0
args:
chdir: "{{TOXCORE_USR_LOCAL}}/src"
ignore_errors: true
check_mode: false
2023-12-30 12:52:24 +00:00
- name: run ansible-gentoo_install
include_role:
name: ansible-gentoo_install
when:
- "ansible_virtualization_role|replace('NA', 'host') == 'host'"
# - BOX_OS_FAMILY == 'Gentoo' or BOX_GENTOO_FROM_MP not in ['/', '']
# Set BOX_NBD_OVERLAY_DIR environment variable to override storage location for VMs
# -b Bridge interface to use (defaults to virbr0)
# -m MAC address to use (default is to use a randomly-generated MAC)
# -p ansible users plaintext password
# -k Full path and name of the ansible user's public key file (required)
2023-12-30 22:09:49 +00:00
2023-12-30 12:52:24 +00:00
- name: run toxcore_create-vm.bash
delegate_to: localhost
shell: |
export BOX_NBD_OVERLAY_DIR=${BOX_NBD_OVERLAY_DIR:-"${HOME}/vms/virsh"}
[ '{{BOX_NBD_OVERLAY_NAME}}' != '' ] || exit 1
[ '{{BOX_NBD_OVERLAY_DIR}}' != '' ] || exit 2
[ '{{BOX_NBD_BASE_PUBKEY}}' != '' ] || exit 3
[ '{{BOX_NBD_BASE_QCOW}}' != '' ] || exit 4
2023-12-31 07:39:01 +00:00
[ '{{BOX_NBD_OVERLAY_RAM}}' != '' ] || exit 5
[ '{{BOX_NBD_OVERLAY_BR}}' != '' ] || exit 6
[ '{{BOX_NBD_OVERLAY_GB}}' != '' ] || exit 7
[ '{{BOX_NBD_OVERLAY_CPUS}}' != '' ] || exit 8
[ '{{BOX_NBD_OVERLAY_PASS}}' != '' ] || exit 9
if [ ! -f '{{BOX_NBD_BASE_QCOW}}' ] ; then
echo WARN: '{{BOX_NBD_BASE_QCOW}}' not built yet - skipping
exit 0
fi
if [ -z '{{BOX_NBD_BASE_PASS}}' ] ; then
echo WARN: 'BOX_NBD_BASE_PASS' empty
exit 10
fi
2023-12-30 12:52:24 +00:00
toxcore_create-vm.bash \
-n {{BOX_NBD_OVERLAY_NAME}} \
-k {{BOX_NBD_BASE_PUBKEY}} \
-i {{BOX_NBD_BASE_QCOW}} \
-s {{BOX_NBD_OVERLAY_GB}} \
-c {{BOX_NBD_OVERLAY_CPUS}} \
-r {{BOX_NBD_OVERLAY_RAM}} \
-d {{BOX_NBD_OVERLAY_DIR}} \
2023-12-31 07:39:01 +00:00
-b {{BOX_NBD_OVERLAY_BR}} \
-p {{BOX_NBD_OVERLAY_PASS}} \
2023-12-30 22:09:49 +00:00
-o gentoo
2024-01-04 14:53:42 +00:00
args:
creates: "{{BOX_NBD_OVERLAY_DIR}}/{{BOX_NBD_OVERLAY_NAME}}.qcow2"
2023-12-30 12:52:24 +00:00
ignore_errors: true
when:
- "ansible_virtualization_role|replace('NA', 'host') == 'host'"
# run this last
# works with apply tags hourly
- name: toxcore hourly include_tasks
include_tasks:
file: "hourly.yml"
apply:
tags:
- always
with_items:
- "{{ toxcore_system_users }}"
loop_control:
loop_var: LOOP_USER
tags:
- always
- name: toxcore daily include_tasks
include_tasks:
file: "daily.yml"
apply:
environment: "{{ proxy_env }}"
tags:
- daily
tags:
- daily
- name: toxcore weekly include_tasks
include_tasks:
file: "weekly.yml"
apply:
environment: "{{ proxy_env }}"
tags:
- weekly
tags:
- weekly
when: false
# replace this ^A with a control-A to provoke an error in the error handler of yamlint
# yaml.reader.ReaderError: unacceptable character #x0001: special characters are not allowed
2024-01-04 14:53:42 +00:00
- block:
2024-01-08 12:51:06 +00:00
2024-01-04 14:53:42 +00:00
- name: ansible-keepassxc
ansible-keepassxc:
database: "{{ base_passwords_database }}"
2024-01-08 12:51:06 +00:00
entry: "TOXCORE_LXD_TRUST_PASSWORD"
group: "/Ansible/toxcore"
2024-01-04 14:53:42 +00:00
password: "{{ base_passwords_password }}"
no_log: False
2024-01-08 12:51:06 +00:00
register: toxcore_lxd_trust_password
2024-01-04 14:53:42 +00:00
- debug:
verbosity: 1
2024-01-08 12:51:06 +00:00
var: toxcore_lxd_trust_password
2024-01-04 14:53:42 +00:00
check_mode: false
rescue:
- debug:
verbosity: 1
2024-01-08 12:51:06 +00:00
msg: "toxcore vms.yml WARN RESCUE undefined or missing base_passwords_database "
2024-01-04 14:53:42 +00:00
- set_fact:
2024-01-08 12:51:06 +00:00
base_passwords_password: "{{TOXCORE_LXD_TRUST_PASSWORD}}"
2024-01-04 14:53:42 +00:00
when: false