emdee/libvirt_cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
emdee 2024-01-02 02:13:28 +00:00
parent c417a6f3f9
commit 33a439173c
17 changed files with 1298 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Makefile
View File

@ -71,17 +71,20 @@ build_overlay::
# @virsh list | grep "${INST_BOX_NAME}.*running" && exit 1 # @virsh list | grep "${INST_BOX_NAME}.*running" && exit 1
@virsh list --all | grep ${INST_BOX_NAME} && \ @virsh list --all | grep ${INST_BOX_NAME} && \
virsh undefine ${INST_BOX_NAME} && \ virsh undefine ${INST_BOX_NAME} && \
rm -f /a/tmp/GentooImgr/create-vm/xml/gentoo1.xml \ rm -f \
${INST_BOX_DIR}/xml/${INST_BOX_NAME}.xml \ ${INST_BOX_DIR}/xml/${INST_BOX_NAME}.xml \
${INST_BOX_DIR}/images/${INST_BOX_NAME}.img ; true ${INST_BOX_DIR}/images/${INST_BOX_NAME}.img ; true
# /a/tmp/GentooImgr/create-vm/xml/gentoo1.xml
# ! virsh list --all | grep "${INST_BOX_NAME}" && exit 2 # ! virsh list --all | grep "${INST_BOX_NAME}" && exit 2
[ ! -f ${INST_BOX_DIR}/images/${INST_BOX_NAME}.img ] || { \ [ ! -f ${INST_BOX_DIR}/images/${INST_BOX_NAME}.img ] || { \
echo WARN ; echo rm -f ${INST_BOX_DIR}/images/${INST_BOX_NAME}.img ; \ echo WARN delete this file to continue; \
echo rm -f ${INST_BOX_DIR}/images/${INST_BOX_NAME}.img ; \
exit 3 ; } exit 3 ; }
[ ! -f ${INST_BOX_DIR}/xml/${INST_BOX_NAME}.xml ] || { \ [ ! -f ${INST_BOX_DIR}/xml/${INST_BOX_NAME}.xml ] || { \
echo WARN ; echo rm -f ${INST_BOX_DIR}/xml/${INST_BOX_NAME}.xml ; \ echo WARN delete this file to continue ; \
echo rm -f ${INST_BOX_DIR}/xml/${INST_BOX_NAME}.xml ; \
exit 4 ; } exit 4 ; }
PLAY_ANSIBLE_SRC=${PWD} bash /usr/local/bin/toxcore_build_overlay_qcow.bash PLAY_ANSIBLE_SRC=${PWD} bash bin/toxcore_build_overlay_qcow.bash
[ -f ${INST_BOX_DIR}/xml/${INST_BOX_NAME}.xml ] [ -f ${INST_BOX_DIR}/xml/${INST_BOX_NAME}.xml ]
xmllint -noout ${INST_BOX_DIR}/xml/${INST_BOX_NAME}.xml xmllint -noout ${INST_BOX_DIR}/xml/${INST_BOX_NAME}.xml

446
etc/hosts.yml Normal file
View File

@ -0,0 +1,446 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8 -*-
# use double quotes exclusively around strings and
# use single quotes exclusively with lists - for bash post-processing
all:
children:
vbox_winrm_group:
hosts:
y_UEFI_MediCat_VHD_DW:
# /var/lib/libvirt/qemu/channel/target/domain-37-y_UEFI_MediCat_VHD_D/org.qemu.guest_agent.0
# doesnt work: ansible_connection: "libvirt_qemu"
BOX_SERVICE_MGR: "win11"
BOX_HOST_NAME: "y_UEFI_MediCat_VHD_DW"
UPD_WINRM_CRT_PASSWORD: ""
UPD_WINRM_CRT_NAME: "WINRM_WIN11VBOX cert for "
UPD_WINRM_FILE_BASE: "winrm-win11vbox"
UPD_WINRM_KEY_BITS: 4096
UPD_WINRM_HOST_NAME: "y_UEFI_MediCat_VHD_D"
UPD_WINRM_HOST_DEV: "vboxnet0"
UPD_WINRM_ADMIN_NAME: "administrator"
UPD_WINRM_ADMIN_PASS: "<get from vault>"
# NOT remote_addr:
ansible_winrm_host: "192.168.56.1"
# remote_user
ansible_winrm_user: "administrator"
BOX_DEFAULT_OUTPUT_IF: fixme
UPD_WINRM_WINRM_ADMIN_NAME: "winrmadmin"
UPD_WINRM_WINRM_ADMIN_PASS: "winrmadmin"
# List of winrm transports to attempt to to use (ssl, plaintext, kerberos, etc)
# python2 -c 'import winrm;print winrm.FEATURE_SUPPORTED_AUTHTYPES'
# ['basic', 'certificate', 'ntlm', 'kerberos', 'plaintext', 'ssl', 'credssp']
# FixMe: which one works?
UPD_WINRM_WINRM_TRANSPORT: "basic"
# Lati sda Disk identifier: 0A00A495-684B-425E-823F-60257EBD6D3B
vars:
#maybe ansible_connection: "winrm"
BOX_ANSIBLE_CONNECTIONS: ["libvirt_qemu"]
ansible_winrm_port: 5985
ansible_winrm_scheme: http
ansible_winrm_transport: ['basic', 'plaintext', 'certificate', 'ssl']
# NOT remote_user
# ansible_user
ansible_winrm_user: "Administrator"
#? ansible_password: ""
ansible_winrm_server_cert_validation: ignore
validate_certs: false
# NO proxy from environment - or ensure no_proxy
no_proxy: "localhost,127.0.0.1,192.168.56.1"
linux_unix_group:
children:
linux_local_group:
hosts:
pentoo:
ansible_remote_addr: "/mnt/linuxPen19"
BOX_HOST_NAME: "pentoo"
BOX_SERVICE_MGR: "openrc"
BOX_USER_NAME: "vagrant"
BOX_USER_GROUP: "users"
BOX_USER_HOME: "/home/vagrant"
BOX_OS_FAMILY: Gentoo
BOX_OS_NAME: gentoo
BOX_OS_FLAVOR: "Pentoo"
BOX_USR_LIB: lib
BOX_DEFAULT_OUTPUT_IF: wlan4
BOX_PROXY_MODE: selektor
BOX_WHONIX_PROXY_HOST: ""
BOX_GENTOO_DISTFILES_ARCHIVES: "/i/net/Http/distfiles.gentoo.org/distfiles"
BOX_PROXY_JAVA_NET_PROPERTIES: /etc/java-config-2/current-system-vm/jre/lib/net.properties
# /usr/lib/jvm/openjdk-bin-*/conf/net.properties
BOX_ALSO_USERS:
- pentoo
BOX_PORTAGE_PYTHON_MINOR: "3.11"
BOX_PYTHON2_MINOR: "2.7"
BOX_PYTHON3_MINOR: "3.11"
BOX_GENTOO_FROM_MP: "/"
devuan:
ansible_remote_addr: "/mnt/linuxDev4" #ignored for local
BOX_HOST_NAME: "devuan"
BOX_SERVICE_MGR: "sysvinit"
BOX_USER_NAME: "devuan"
BOX_USER_GROUP: "adm"
BOX_USER_HOME: "/home/devuan"
BOX_OS_FAMILY: Debian
BOX_OS_NAME: Devuan
BOX_OS_FLAVOR: "Devuan"
BOX_USR_LIB: lib
BOX_DEFAULT_OUTPUT_IF: wlan6
BOX_DEVUAN5_VAR_APT_ARCHIVES: "/mnt/o/Cache/Devuan/5/var/cache/apt/archives"
BOX_ALSO_USERS: []
BOX_PORTAGE_PYTHON_MINOR: "3.11"
BOX_PYTHON2_MINOR: "2.7"
BOX_PYTHON3_MINOR: "3.11"
BOX_JAVA_NET_PROPERTIES: /etc/java-11-openjdk/net.properties
BOX_WHONIX_PROXY_HOST: ""
BOX_PROXY_MODE: tor
BOX_GENTOO_FROM_MP: "/mnt/linuxPen19"
vars:
BOX_ANSIBLE_CONNECTIONS: ["local"]
BOX_REMOTE_MOUNTS: ['/mnt/h', '/mnt/j','/mnt/i', '/mnt/o', '/mnt/mnt/linuxPen19']
BOX_BASE_FEATURES: ['insecure_sudo']
BOX_PROXY_FEATURES: ['run_dnsmasq', 'run_privoxy']
BOX_TOXCORE_FEATURES: []
# libvirt_group could also be ssh_group
linux_libvirt_group:
hosts:
gentoo1:
ansible_remote_addr: "gentoo1"
ansible_host: "gentoo1"
ansible_ssh_user: "gentoo"
BOX_SERVICE_MGR: "openrc"
BOX_HOST_NAME: "gentoo1"
BOX_USER_NAME: "gentoo"
BOX_USER_GROUP: "adm"
BOX_ALSO_GROUP: "adm"
BOX_USER_HOME: "/home/gentoo"
BOX_OS_NAME: Gentoo
BOX_OS_FAMILY: Gentoo
BOX_OS_FLAVOR: "Gentoo"
BOX_USR_LIB: lib64
BOX_DEFAULT_OUTPUT_IF: eth0
BOX_PYTHON2_MINOR: ""
BOX_PYTHON3_MINOR: "3.11"
BASE_PORTAGE_PYTHON_MINOR: 3.11
BOX_HOST_CONTAINER_MOUNTS: []
BOX_GENTOO_DISTFILES_ARCHIVES: "/mnt/linuxPen19/usr/portage/distfiles"
BOX_PROXY_JAVA_NET_PROPERTIES: /etc/java-config-2/current-system-vm/jre/lib/net.properties
BOX_ALSO_USERS:
- gentoo
BOX_BASE_FEATURES: []
BOX_TOXCORE_FEATURES: ['libvirt', 'docker']
BOX_GENTOO_FROM_MP: "/mnt/linuxPen19"
ubuntu18.04:
# /mnt
ansible_remote_addr: "ubuntu18.04"
# this is what the libvirt-qemu connector uses
ansible_host: "ubuntu18.04"
ansible_ssh_user: "vagrant"
BOX_SERVICE_MGR: systemd
BOX_HOST_NAME: "Ubuntu18.04"
BOX_USER_NAME: "vagrant"
BOX_USER_GROUP: "users"
BOX_USER_HOME: "/home/vagrant"
BOX_OS_FAMILY: Debian
BOX_OS_NAME: Ubuntu
BOX_OS_FLAVOR: "Ubuntu18"
BOX_USR_LIB: lib
BOX_DEFAULT_OUTPUT_IF: eth0
BOX_UBUNTU16_VAR_APT_ARCHIVES: "/o/Cache/Apt/Ubuntu/18/var/cache/apt/archives"
ansible_python_interpreter: "/usr/bin/python3.6"
BOX_PYTHON2_MINOR: ""
BOX_PYTHON3_MINOR: "3.6"
BOX_REMOTE_MOUNTS: ['/mnt/o']
# BOX_WHONIX_PROXY_HOST: "Whonix-Gateway"
# BOX_PROXY_MODE: ws
# FixMe
base_system_users: ['vagrant']
BOX_TOXCORE_FEATURES: ['libvirt', 'docker']
vars:
BOX_ANSIBLE_CONNECTIONS: ["ssh", "libvirt_qemu"]
# proxy from environment
# ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"
# ansible_ssh_host: "127.0.0.1"
BOX_ROOT_GROUP: root
BOX_PROXY_MODE: client
http_proxy: "http://127.0.0.1:3128"
https_proxy: "http://127.0.0.1:9128"
socks_proxy: "socks5://127.0.0.1:9050"
no_proxy: "localhost,127.0.0.1,127.0.0.1"
linux_chroot_group :
hosts:
linuxGentoo:
ansible_remote_addr: "/mnt/gentoo"
# required
ansible_host: "/mnt/gentoo"
BOX_SERVICE_MGR: "openrc"
BOX_HOST_NAME: "gentoo"
BOX_USER_NAME: "gentoo"
BOX_USER_GROUP: "adm"
BOX_USER_HOME: "/home/gentoo"
BOX_OS_FAMILY: Gentoo
BOX_OS_NAME: gentoo
BOX_OS_FLAVOR: "Gentoo"
BOX_USR_LIB: lib64
BOX_DEFAULT_OUTPUT_IF: wlan6
BASE_PORTAGE_PYTHON_MINOR: 3.11
ansible_python_interpreter: "/usr/bin/python3.11"
BOX_GENTOO_DISTFILES_ARCHIVES: "/mnt/linuxPen19/usr/portage/distfiles"
BOX_PROXY_JAVA_NET_PROPERTIES: /etc/java-config-2/current-system-vm/jre/lib/net.properties
BOX_ALSO_USERS:
- gentoo
BOX_PROXY_MODE: "{{lookup('env', 'MODE'|default('tor'}}"
BOX_GENTOO_FROM_MP: "/mnt/linuxPen19"
linuxPen19:
ansible_remote_addr: "/mnt/linuxPen19"
# required
ansible_host: "/mnt/linuxPen19"
BOX_SERVICE_MGR: "openrc"
BOX_HOST_NAME: "linuxPen19"
BOX_USER_NAME: "vagrant"
BOX_USER_GROUP: "adm"
BOX_USER_HOME: "/home/vagrant"
BOX_OS_FAMILY: Gentoo
BOX_OS_NAME: gentoo
BOX_OS_FLAVOR: "Pentoo"
BOX_USR_LIB: lib64
BOX_DEFAULT_OUTPUT_IF: wlan6
BASE_PORTAGE_PYTHON_MINOR: 3.11
ansible_python_interpreter: "/usr/bin/python3.11"
BOX_GENTOO_DISTFILES_ARCHIVES: "/mnt/i/net/Http/distfiles.gentoo.org/distfiles"
BOX_PROXY_JAVA_NET_PROPERTIES: /etc/java-config-2/current-system-vm/jre/lib/net.properties
BOX_ALSO_USERS:
- gentoo
BOX_BASE_FEATURES: []
BOX_TOXCORE_FEATURES: ['nbd', 'libvirt', 'docker']
BOX_PROXY_MODE: "{{lookup('env', 'MODE'|default('tor'}}"
# linux_chroot_group vars
vars:
BOX_ANSIBLE_CONNECTIONS: ["local", "chroot"]
# ignored? chroot_connection/exe in ansible.cfg?
ansible_chroot_exe: "/usr/local/sbin/base_chroot.bash"
#? ansible_ssh_common_args: "/usr/bin/env -i CHROOT=1"
# -i "PATH"
# -i "http_proxy https_proxy socks_proxy no_proxy"
#? -l
# for a non-root login: ansible_ssh_extra_args: "--userspec=foo:adm"
vars: # linux_unix_group
# toxcore
BOX_NBD_DEV: nbd1
BOX_NBD_MP: /mnt/gentoo
BOX_NBD_OVERLAY_NAME: "gentoo1"
BOX_NBD_FILES: "/i/data/Agile/tmp/Topics/GentooImgr"
BOX_NBD_PORTAGE_FILE: "{{AGI_NBD_FILES}}/portage-20231223.tar.xz"
BOX_NBD_STAGE3_FILE: "{{AGI_NBD_FILES}}/stage3-amd64-openrc-20231217T170203Z.tar.xz"
BOX_NBD_KERNEL_DIR: /usr/src/linux
BOX_NBD_BASE_PROFILE: openrc
BOX_NBD_BASE_DIR: "/a/tmp/GentooImgr"
BOX_NBD_BASE_QCOW: "{{BOX_NBD_BASE_DIR}}/gentoo.qcow2"
BOX_NBD_OVERLAY_QCOW: "/o/var/lib/libvirt/images/gentoo1.qcow2"
BOX_NBD_BASE_PUBKEY: "/root/.ssh/id_rsa-ansible.pub"
# libvirt overlay
BOX_NBD_OVERLAY_DIR: "/a/tmp/GentooImgr/create-vm"
BOX_NBD_LOGLEVEL: 10
BOX_NBD_OVERLAY_GB: "20"
BOX_NBD_OVERLAY_CPUS: 1
BOX_NBD_OVERLAY_RAM: 2048
BOX_NBD_OVERLAY_BR: virbr1
# unused?
BOX_NBD_OVERLAY_NETWORK: default
# plaintext
BOX_NBD_OVERLAY_PASS: "gentoo"
BOX_GENTOOIMGR_CONFIGFILE: "/g/Agile/tmp/Topics/GentooImgr/base.json"
vars:
# These come from the inventory overridden for connection = local,chroot in base_proxy.yml
http_proxy: ""
https_proxy: ""
socks_proxy: ""
ftp_proxy: ""
no_proxy: "localhost,127.0.0.1"
SSL_CERT_FILE: "/usr/local/etc/ssl/cacert-testforge.pem"
RSYNC_PROXY: ""
BOX_OS_FAMILY: ""
BOX_OS_NAME: ""
BOX_OS_FLAVOR: ""
BOX_DEFAULT_OUTPUT_IF: ""
BOX_ALSO_GROUP: "adm"
# only common to local and vagrant because /mnt/j is remote mounted - need a linux_group
BOX_ROOT_PIP_CACHE: "/mnt/o/Cache/Pip"
BOX_BOXUSER_PIP_CACHE: "/mnt/o/Cache/Pip"
HOST_MOUNT_SYMLINKS: []
HOST_MOUNT_SYMLINK_CONTENTS: {}
LXD_TRUST_PASSWORD: sekret
BOX_HOST_CONTAINER_MOUNTS:
- /mnt/l
- /mnt/e
- /mnt/h
- /mnt/i
- /mnt/j
- /mnt/q
- /mnt/w
- /mnt/o
BOX_DOS_SCAN_DIRS:
- /mnt/h
- /mnt/i
- /mnt/j
- /mnt/e
- /mnt/q
- /mnt/w
- /mnt/c
# These will fluctuate with what's been started - it's safe to open them all
# FixMe: should these go on no_proxy systematically
PRIV_TOR_LOCAL_NETS:
- "192.168.56.0/24"
BOX_ALSO_USERS: []
BOX_PYTHON2_MINOR: ""
BOX_PYTHON3_MINOR: "3.11"
BOX_BASH_SHELL: /bin/bash
BOX_IPV6_DISABLE: 1
BOX_EMACS_VERSION: 27
BOX_ROOT_USER: root
BOX_ROOT_GROUP: root
BOX_BYPASS_PROXY_GROUP: tor
BOX_FIREWALL_ALLOW_TRANS: false
BOX_PROXY_JAVA_NET_PROPERTIES: /etc/java-config-2/current-system-vm/jre/lib/net.properties
BOX_BASE_FEATURES: []
BOX_LOGG_FEATURES: []
BOX_KEYS_FEATURES: ['tpm2'] # truecrypt
BOX_HARDEN_FEATURES: ['bubblewrap', 'sysctl', 'jabber'] # 'clamscan', firejail
# libvirt means 'qemu'
BOX_HOSTVMS_FEATURES: []
BOX_MISP_FEATURES: [] # 'kitchen'
BOX_W3AF_FEATURES: [] # 'kitchen'
BOX_MISP_GPG_PASS: gpg_pass_to_change_fast
BOX_timezone: UTC
BOX_hwclock_local: false
BOX_hwclock_systohc: true
BOX_hwclock_hctosys: false
BOX_PROXY_MODE: ""
BOX_DNS_PROXY: dnsmasq
BOX_TIME_DAEMON: ntpd
BOX_NTP_GROUP: ntp
BOX_NET_MANAGER: "networkmanager"
BOX_HTTP_PROXY: privoxy
# toxcore
BOX_NBD_DEV: ""
BOX_NBD_MP: ""
BOX_NBD_FILES: ""
BOX_NBD_LOGLEVEL: 20
BOX_NBD_PORTAGE_FILE: "{{AGI_NBD_FILES}}/portage-20231223.tar.xz"
BOX_NBD_STAGE3_FILE: "{{AGI_NBD_FILES}}/stage3-amd64-openrc-20231217T170203Z.tar.xz"
BOX_NBD_KERNEL_DIR: /usr/src/linux
BOX_NBD_BASE_PROFILE: openrc
BOX_NBD_BASE_DIR: ""
BOX_NBD_BASE_QCOW: ""
BOX_NBD_BASE_PUBKEY: ""
# libvirt overlay
BOX_NBD_OVERLAY_QCOW: ""
BOX_NBD_OVERLAY_DIR: ""
BOX_NBD_OVERLAY_BR: ""
BOX_NBD_OVERLAY_GB: "20"
BOX_NBD_OVERLAY_NAME: ""
BOX_NBD_OVERLAY_CPUS: 1
BOX_NBD_OVERLAY_RAM: 2048
# plaintext
BOX_NBD_OVERLAY_PASS: ""
BOX_GENTOOIMGR_CONFIGFILE: ""
# Controls what compression method is used for new-style ansible modules when
# they are sent to the remote system. The compression types depend on having
# support compiled into both the controller's python and the client's python.
# The names should match with the python Zipfile compression types:
# * ZIP_STORED (no compression. available everywhere)
# * ZIP_DEFLATED (uses zlib, the default)
# These values may be set per host via the ansible_module_compression inventory variable.
#
ansible_module_compression: "ZIP_STORED"
ansible_python_interpreter: "/usr/local/bin/python3.sh"
BOX_ANSIBLE_VERSION: "2.9.22"
# Cannot communicate securely with peer: no common encryption algorithm(s).
# git.kernel.org/ sslversion = tlsv1.3
BOX_TLS_VERSION: "1.3"
BOX_SSL_GIT_SSLVERSION: "1.3"
# unused so far - needed by src/ansible_gentooimgr/gentooimgr/
BOX_ARCHITECTURE: amd64
BOX_SUBTYPE: -hardened
# https://distfiles.gentoo.org/releases/amd64/autobuilds/latest-stage3-amd64-hardened-openrc.txt
GENTOO_BASE_STAGE_OPENRC_TXT_URL: "https://distfiles.gentoo.org/releases/{{BOX_ARCHITECTURE}}/autobuilds/latest-stage3-{{BOX_ARCHITECTURE}}{{BOX_SUBTYPE}}-openrc.txt"
# plus .gpgsig and .md5sum
GENTOO_BASE_PORTAGE_URL: "https://distfiles.gentoo.org/snapshots/portage-latest.tar.xz"
BOX_GENTOO_DISTFILES_ARCHIVES: "/i/net/Http/distfiles.gentoo.org/distfiles"
#? Gentoo specific?
# unused so far
# missing HOSTVMS_LXD_TRUST_PASSWORD base_passwords_database
# /mnt/o/data/TestForge/src/ansible/roles/hostvms/tasks/vms.yml
box_passwords_database: "{{ lookup('env', 'USER')}}/Passwords.kdbx"
BOX_WHONIX_PROXY_HOST: ""
BOX_PROXY_FEATURES: []
BOX_GPG_SERVER: "keys.gnupg.net"
BOX_USR_LIB: lib
# if you are on a Gentoo, then / else the mp of a Gentoo if you have one, else ''
BOX_GENTOO_FROM_MP: ''
# bc
MOUNT_GENTOO_DISTFILES_ARCHIVES: "{{BOX_GENTOO_DISTFILES_ARCHIVES}}"
# # These are inventory overridden for connection = chroot in base_proxy.yml
# http_proxy: "{{ lookup('env', 'http_proxy')|default('http://127.0.0.1:3128') }}"
# https_proxy: "{{ lookup('env', 'https_proxy')|default('http://10.0.2.15:9128') }}"
# socks_proxy: "{{ lookup('env', 'socks_proxy')|default('socks5://10.0.2.15:9050') }}"
# no_proxy: "{{ lookup('env', 'no_proxy')|default('10.0.2.15,127.0.0.1,localhost') }}"

255
etc/libvirt/qemu/gentoo_bridge.xml Normal file
View File

@ -0,0 +1,255 @@
<domain type='kvm' id='20'>
<name>gentoo_bridge</name>
<metadata>
<libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
<libosinfo:os id="http://gentoo.org/gentoo/rolling"/>
</libosinfo:libosinfo>
</metadata>
<memory unit='KiB'>2097152</memory>
<currentMemory unit='KiB'>2097152</currentMemory>
<vcpu placement='static'>1</vcpu>
<resource>
<partition>/machine</partition>
</resource>
<os>
<type arch='x86_64' machine='pc-q35-7.2'>hvm</type>
<boot dev='hd'/>
</os>
<features>
<acpi/>
<apic/>
<vmport state='off'/>
</features>
<cpu mode='host-passthrough' check='none' migratable='on'/>
<clock offset='utc'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>
<timer name='hpet' present='no'/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<pm>
<suspend-to-mem enabled='no'/>
<suspend-to-disk enabled='no'/>
</pm>
<devices>
<emulator>/usr/bin/qemu-system-x86_64</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/root/vms/virsh/images/gentoo5.img' index='2'/>
<backingStore type='file' index='3'>
<format type='qcow2'/>
<source file='/g/Linux/net/Http/mirror.init7.net/gentoo/experimental/amd64/openstack/gentoo-openstack-amd64-hardened-latest.qcow2'/>
<backingStore/>
</backingStore>
<target dev='vda' bus='virtio'/>
<alias name='virtio-disk0'/>
<address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
</disk>
<disk type='file' device='cdrom'>
<driver name='qemu' type='raw'/>
<source file='/root/vms/virsh/images/gentoo5-cidata.img' index='1'/>
<backingStore/>
<target dev='sda' bus='sata'/>
<readonly/>
<alias name='sata0-0-0'/>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>
<controller type='usb' index='0' model='qemu-xhci' ports='15'>
<alias name='usb'/>
<address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='0' model='pcie-root'>
<alias name='pcie.0'/>
</controller>
<controller type='pci' index='1' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='1' port='0x10'/>
<alias name='pci.1'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='2' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='2' port='0x11'/>
<alias name='pci.2'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
</controller>
<controller type='pci' index='3' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='3' port='0x12'/>
<alias name='pci.3'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
</controller>
<controller type='pci' index='4' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='4' port='0x13'/>
<alias name='pci.4'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
</controller>
<controller type='pci' index='5' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='5' port='0x14'/>
<alias name='pci.5'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
</controller>
<controller type='pci' index='6' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='6' port='0x15'/>
<alias name='pci.6'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
</controller>
<controller type='pci' index='7' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='7' port='0x16'/>
<alias name='pci.7'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/>
</controller>
<controller type='pci' index='8' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='8' port='0x17'/>
<alias name='pci.8'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/>
</controller>
<controller type='pci' index='9' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='9' port='0x18'/>
<alias name='pci.9'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='10' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='10' port='0x19'/>
<alias name='pci.10'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/>
</controller>
<controller type='pci' index='11' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='11' port='0x1a'/>
<alias name='pci.11'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/>
</controller>
<controller type='pci' index='12' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='12' port='0x1b'/>
<alias name='pci.12'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/>
</controller>
<controller type='pci' index='13' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='13' port='0x1c'/>
<alias name='pci.13'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/>
</controller>
<controller type='pci' index='14' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='14' port='0x1d'/>
<alias name='pci.14'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/>
</controller>
<controller type='sata' index='0'>
<alias name='ide'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
</controller>
<controller type='virtio-serial' index='0'>
<alias name='virtio-serial0'/>
<address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='15' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='15' port='0x1e'/>
<alias name='pci.15'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x6'/>
</controller>
<controller type='pci' index='16' model='pcie-to-pci-bridge'>
<model name='pcie-pci-bridge'/>
<alias name='pci.16'/>
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
</controller>
<interface type='bridge'>
<mac address='52:54:00:e8:20:5a'/>
<source bridge='virbr0'/>
<target dev='vnet17'/>
<model type='virtio'/>
<alias name='net0'/>
<address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
</interface>
<serial type='pty'>
<source path='/dev/pts/12'/>
<target type='isa-serial' port='0'>
<model name='isa-serial'/>
</target>
<alias name='serial0'/>
</serial>
<console type='pty' tty='/dev/pts/12'>
<source path='/dev/pts/12'/>
<target type='serial' port='0'/>
<alias name='serial0'/>
</console>
<channel type='spicevmc'>
<target type='virtio' name='com.redhat.spice.0' state='disconnected'/>
<alias name='channel0'/>
<address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>
<channel type='unix'>
<source mode='bind' path='/var/lib/libvirt/qemu/channel/target/domain-20-gentoo5/org.qemu.guest_agent.0'/>
<target type='virtio' name='org.qemu.guest_agent.0' state='disconnected'/>
<alias name='channel1'/>
<address type='virtio-serial' controller='0' bus='0' port='2'/>
</channel>
<input type='tablet' bus='usb'>
<alias name='input0'/>
<address type='usb' bus='0' port='1'/>
</input>
<input type='mouse' bus='ps2'>
<alias name='input1'/>
</input>
<input type='keyboard' bus='ps2'>
<alias name='input2'/>
</input>
<graphics type='spice'>
<listen type='socket' socket='/var/lib/libvirt/qemu/domain-20-gentoo5/spice.sock'/>
<image compression='off'/>
</graphics>
<sound model='ich9'>
<alias name='sound0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/>
</sound>
<audio id='1' type='spice'/>
<video>
<model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
<alias name='video0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
</video>
<redirdev bus='usb' type='spicevmc'>
<alias name='redir0'/>
<address type='usb' bus='0' port='2'/>
</redirdev>
<redirdev bus='usb' type='spicevmc'>
<alias name='redir1'/>
<address type='usb' bus='0' port='3'/>
</redirdev>
<watchdog model='i6300esb' action='reset'>
<alias name='watchdog0'/>
<address type='pci' domain='0x0000' bus='0x10' slot='0x01' function='0x0'/>
</watchdog>
<memballoon model='virtio'>
<alias name='balloon0'/>
<address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
</memballoon>
<rng model='virtio'>
<backend model='random'>/dev/urandom</backend>
<alias name='rng0'/>
<address type='pci' domain='0x0000' bus='0x07' slot='0x00' function='0x0'/>
</rng>
</devices>
<seclabel type='dynamic' model='apparmor' relabel='yes'>
<label>libvirt-c7a5d87b-348e-412c-9e81-afce3232ff65</label>
<imagelabel>libvirt-c7a5d87b-348e-412c-9e81-afce3232ff65</imagelabel>
</seclabel>
<seclabel type='dynamic' model='dac' relabel='yes'>
<label>+0:+0</label>
<imagelabel>+0:+0</imagelabel>
</seclabel>
</domain>

255
etc/libvirt/qemu/gentoo_network.xml Normal file
View File

@ -0,0 +1,255 @@
<domain type='kvm' id='33'>
<name>gentoo_network</name>
<metadata>
<libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
<libosinfo:os id="http://gentoo.org/gentoo/rolling"/>
</libosinfo:libosinfo>
</metadata>
<memory unit='KiB'>2097152</memory>
<currentMemory unit='KiB'>2097152</currentMemory>
<vcpu placement='static'>1</vcpu>
<resource>
<partition>/machine</partition>
</resource>
<os>
<type arch='x86_64' machine='pc-q35-7.2'>hvm</type>
<boot dev='hd'/>
</os>
<features>
<acpi/>
<apic/>
<vmport state='off'/>
</features>
<cpu mode='host-passthrough' check='none' migratable='on'/>
<clock offset='utc'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>
<timer name='hpet' present='no'/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<pm>
<suspend-to-mem enabled='no'/>
<suspend-to-disk enabled='no'/>
</pm>
<devices>
<emulator>/usr/bin/qemu-system-x86_64</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/root/vms/virsh/images/gentoo6.img' index='2'/>
<backingStore type='file' index='3'>
<format type='qcow2'/>
<source file='/g/Linux/net/Http/mirror.init7.net/gentoo/experimental/amd64/openstack/gentoo-openstack-amd64-hardened-latest.qcow2'/>
<backingStore/>
</backingStore>
<target dev='vda' bus='virtio'/>
<alias name='virtio-disk0'/>
<address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
</disk>
<disk type='file' device='cdrom'>
<driver name='qemu' type='raw'/>
<source file='/root/vms/virsh/images/gentoo6-cidata.img' index='1'/>
<backingStore/>
<target dev='sda' bus='sata'/>
<readonly/>
<alias name='sata0-0-0'/>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>
<controller type='usb' index='0' model='qemu-xhci' ports='15'>
<alias name='usb'/>
<address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='0' model='pcie-root'>
<alias name='pcie.0'/>
</controller>
<controller type='pci' index='1' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='1' port='0x10'/>
<alias name='pci.1'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='2' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='2' port='0x11'/>
<alias name='pci.2'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
</controller>
<controller type='pci' index='3' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='3' port='0x12'/>
<alias name='pci.3'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
</controller>
<controller type='pci' index='4' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='4' port='0x13'/>
<alias name='pci.4'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
</controller>
<controller type='pci' index='5' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='5' port='0x14'/>
<alias name='pci.5'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
</controller>
<controller type='pci' index='6' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='6' port='0x15'/>
<alias name='pci.6'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
</controller>
<controller type='pci' index='7' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='7' port='0x16'/>
<alias name='pci.7'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/>
</controller>
<controller type='pci' index='8' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='8' port='0x17'/>
<alias name='pci.8'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/>
</controller>
<controller type='pci' index='9' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='9' port='0x18'/>
<alias name='pci.9'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='10' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='10' port='0x19'/>
<alias name='pci.10'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/>
</controller>
<controller type='pci' index='11' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='11' port='0x1a'/>
<alias name='pci.11'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/>
</controller>
<controller type='pci' index='12' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='12' port='0x1b'/>
<alias name='pci.12'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/>
</controller>
<controller type='pci' index='13' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='13' port='0x1c'/>
<alias name='pci.13'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/>
</controller>
<controller type='pci' index='14' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='14' port='0x1d'/>
<alias name='pci.14'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/>
</controller>
<controller type='sata' index='0'>
<alias name='ide'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
</controller>
<controller type='virtio-serial' index='0'>
<alias name='virtio-serial0'/>
<address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='15' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='15' port='0x1e'/>
<alias name='pci.15'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x6'/>
</controller>
<controller type='pci' index='16' model='pcie-to-pci-bridge'>
<model name='pcie-pci-bridge'/>
<alias name='pci.16'/>
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
</controller>
<interface type='network'>
<mac address='52:54:00:1d:9c:6f'/>
<source network='Whonix-External' portid='7748c5ca-d57c-4913-9d00-aa7884b87666' bridge='virbr1'/>
<target dev='vnet29'/>
<model type='virtio'/>
<alias name='net0'/>
<address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
</interface>
<serial type='pty'>
<source path='/dev/pts/0'/>
<target type='isa-serial' port='0'>
<model name='isa-serial'/>
</target>
<alias name='serial0'/>
</serial>
<console type='pty' tty='/dev/pts/0'>
<source path='/dev/pts/0'/>
<target type='serial' port='0'/>
<alias name='serial0'/>
</console>
<channel type='spicevmc'>
<target type='virtio' name='com.redhat.spice.0' state='disconnected'/>
<alias name='channel0'/>
<address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>
<channel type='unix'>
<source mode='bind' path='/var/lib/libvirt/qemu/channel/target/domain-33-gentoo6/org.qemu.guest_agent.0'/>
<target type='virtio' name='org.qemu.guest_agent.0' state='disconnected'/>
<alias name='channel1'/>
<address type='virtio-serial' controller='0' bus='0' port='2'/>
</channel>
<input type='tablet' bus='usb'>
<alias name='input0'/>
<address type='usb' bus='0' port='1'/>
</input>
<input type='mouse' bus='ps2'>
<alias name='input1'/>
</input>
<input type='keyboard' bus='ps2'>
<alias name='input2'/>
</input>
<graphics type='spice'>
<listen type='socket' socket='/var/lib/libvirt/qemu/domain-33-gentoo6/spice.sock'/>
<image compression='off'/>
</graphics>
<sound model='ich9'>
<alias name='sound0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/>
</sound>
<audio id='1' type='spice'/>
<video>
<model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
<alias name='video0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
</video>
<redirdev bus='usb' type='spicevmc'>
<alias name='redir0'/>
<address type='usb' bus='0' port='2'/>
</redirdev>
<redirdev bus='usb' type='spicevmc'>
<alias name='redir1'/>
<address type='usb' bus='0' port='3'/>
</redirdev>
<watchdog model='i6300esb' action='reset'>
<alias name='watchdog0'/>
<address type='pci' domain='0x0000' bus='0x10' slot='0x01' function='0x0'/>
</watchdog>
<memballoon model='virtio'>
<alias name='balloon0'/>
<address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
</memballoon>
<rng model='virtio'>
<backend model='random'>/dev/urandom</backend>
<alias name='rng0'/>
<address type='pci' domain='0x0000' bus='0x07' slot='0x00' function='0x0'/>
</rng>
</devices>
<seclabel type='dynamic' model='apparmor' relabel='yes'>
<label>libvirt-069ed70a-e004-4120-9987-81a4a2c650d2</label>
<imagelabel>libvirt-069ed70a-e004-4120-9987-81a4a2c650d2</imagelabel>
</seclabel>
<seclabel type='dynamic' model='dac' relabel='yes'>
<label>+0:+0</label>
<imagelabel>+0:+0</imagelabel>
</seclabel>
</domain>

1
hosts.yml
View File

@ -274,6 +274,7 @@ all:
# libvirt overlay # libvirt overlay
BOX_NBD_OVERLAY_DIR: "/a/tmp/GentooImgr/create-vm" BOX_NBD_OVERLAY_DIR: "/a/tmp/GentooImgr/create-vm"
BOX_NBD_OVERLAY_BASE: "/o/var/lib/libvirt/images/gentoo.qcow2.2"
BOX_NBD_LOGLEVEL: 10 BOX_NBD_LOGLEVEL: 10
BOX_NBD_OVERLAY_GB: "20" BOX_NBD_OVERLAY_GB: "20"
BOX_NBD_OVERLAY_CPUS: 1 BOX_NBD_OVERLAY_CPUS: 1

5
library/ansible_gentooimgr.py
View File

@ -216,9 +216,8 @@ def run_module():
# is stdout already in result? how can it be? # is stdout already in result? how can it be?
except Exception as e: except Exception as e:
result['message'] = str(e) result['message'] = str(e)
e = traceback.print_exc() result['original_message'] = f"{traceback.print_exc()}"
if e: result['original_message'] += f"{e}" module.fail_json(msg=f'Exception {e.__class__}', **result)
module.fail_json(msg='Exception', **result)
else: else:
result['message'] = str(retval) result['message'] = str(retval)

87
roles/ansible-gentoo_install/defaults/main.yml
View File

@ -28,9 +28,92 @@ AGI_install_network_interfaces:
config: dhcp config: dhcp
AGI_container_disk: /dev/vda AGI_container_disk: /dev/vda
AGI_install_root_password: root
AGI_install_syslog_daemon: syslog-ng # app-admin/sysklogd AGI_install_syslog_daemon: syslog-ng # app-admin/sysklogd
AGI_install_cron_daemon: sys-process/cronie AGI_install_cron_daemon: cronie
AGI_install_bootloader: syslinux
AGI_install_syslinux_kernel_line:
# this is required I think
- console=tty1
# this is required I think
- text
# adjust these to suit
- lang=en
- keymap=us
- rootfstype=ext2
# remove this if you want IPV6
- ipv6.disable=1
# fsck should NOT be done by the bootloader
- rd.skipfsck=1
# =0x37f works too
- vga=789
# these may not all be needed or useful in a container
- pti=on
- iommu=pt
- amd_iommu=on
- intel_iommu=on
- debug
# remove the unused ones:
AGI_install_syslinux_c32:
- vesa.c32
- vesainfo.c32
- vesamenu.c32
- cat.c32
- chain.c32
- cmd.c32
- cmenu.c32
- cptime.c32
- cpu.c32
- cpuid.c32
- cpuidtest.c32
- debug.c32
- dir.c32
- disk.c32
- dmi.c32
- dmitest.c32
- elf.c32
- ethersel.c32
- gfxboot.c32
- gpxecmd.c32
- hdt.c32
- host.c32
- ifcpu.c32
- ifcpu64.c32
- ifmemdsk.c32
- ifplop.c32
- kbdmap.c32
- kontron_wdt.c32
- ldlinux.c32
- lfs.c32
- libcom32.c32
- libgpl.c32
- liblua.c32
- libmenu.c32
- libutil.c32
- linux.c32
- ls.c32
- mboot.c32
- meminfo.c32
- menu.c32
- pci.c32
- pcitest.c32
- pmload.c32
- poweroff.c32
- prdhcp.c32
- pwd.c32
- pxechn.c32
- reboot.c32
- rosh.c32
- sanboot.c32
- sdi.c32
- sysdump.c32
- syslinux.c32
- vpdtest.c32
- whichsys.c32
AGI_install_root_password: root
AGI_bootstrap_mountpoints: [] AGI_bootstrap_mountpoints: []

142
roles/ansible-gentoo_install/tasks/bootloader.yml
View File

@ -7,35 +7,107 @@
- name: test we are in the chroot - name: test we are in the chroot
shell: | shell: |
df | grep {{AGI_NBD_MP}} && exit 1 df | grep {{AGI_install_disk}} && exit 1
check_mode: false check_mode: false
- name: install grub - name: install grub or syslinx
portage: portage:
package: sys-boot/grub:2 package: sys-boot/{{AGI_install_bootloader}}
state: installed state: installed
- name: install grub to MBR - block:
command: grub-install {{ AGI_install_disk }}
args:
creates: /boot/grub
- name: generate grub config - name: setup syslinux
shell: grub-mkconfig -o /boot/grub/grub.cfg shell: |
args: [ -d /boot/syslinux ] || mkdir /boot/syslinux
creates: /boot/grub/grub.cfg [ -f /boot/syslinux/syslinux.cfg ] || \
cat > /boot/syslinux/syslinux.cfg << EOF
# -*-mode: sh; tab-width: 8; coding: utf-8-dos -*-
default vesamenu.c32
prompt 0
# timeout 150
menu title nbd2
menu background splash.png
menu color title 1;36;44 #c0ffffff #00000000 std
menu color sel 7;37;40 #e0000000 #20ECEAC7 all
menu rows 15
menu tabmsgrow 21
menu timeoutrow 23
menu helpmsgrow 23
# drm.debug=0xe
# rd.shell rd.debug
label pentoo2019-Pen19-6.1.52-pentoo_2023_09_30_0x037f
menu label pentoo2019_Pen19_6.1.52-pentoo_2023_09_30_0x037f
menu default
kernel vmlinuz-6.1.52-pentoo_2023_09_30
INITRD initramfs-pentoo-x86_64-6.1.52-pentoo_2023_09_30.img
# was vga=0x315
APPEND root=LABEL=root {{''.join(AGI_install_syslinux_kernel_commands)}}
label MAIN hd0 MBR
menu label MAIN hd0 0
com32 chain.c32
APPEND hd0
EOF
[ ! -d /usr/share/syslinux/ ] || \
for elt in {{' '.join(AGI_install_syslinux_c32)}}; do
[ -f /boot/syslinux/$elt ] && continue
cp -np /usr/share/syslinux/$elt /boot/syslinux
done
exit 0
- name: edit grub config - name: do syslinux install manually
shell: | shell: |
[ -f /etc/default/grub.dst ] || cp -p /etc/default/grub /etc/default/grub.dst df | grep {{AGI_install_disk}} && \
a=$(cat /proc/cmdline | sed -e 's/ BOOT_IMAGE=[^ ]*/ /' \ echo ERROR: somethings wrong - {{AGI_install_disk}} isnt mounted
-e 's/ initrd=[^ ]*/ /' && exit 1
-e 's/ resume=[^ ]*/ /' # should unmount it?
-e 's/ root=[^ ]*/ /') dd if={{AGI_install_disk}}p1 count=440 bs=1|strings|grep SYSLINUX
sed -e "s/^#*GRUB_CMDLINE_LINUX=\"\"/GRUB_CMDLINE_LINUX=\"$a\"/" \ [ $? -eq 0 ] && exit 0
-i /etc/default/grub echo HALT: YOU MUST INSTALL THE MBR YOURSELF - do this
grub-script-check /etc/default/grub echo dd if=/usr/share/syslinux/mbr.bin of={{AGI_install_disk}}p1 count=440 bs=1 conv=notrunc
echo HALT: YOU MUST INSTALL SYSLINUX YOURSELF - do this
syslinux -d syslinux --install {{AGI_install_disk}}p1
exit 999
register: syslinux_out
failed_when: false
- name: install syslinux install manually
fail:
msg: "HALT: install syslinux install manually"
when: syslinux_out.rc != 0
when: AGI_install_bootloader == 'syslinux'
- block:
- name: install grub to MBR
command: grub-install {{ AGI_install_disk }}
args:
creates: /boot/grub
- name: generate grub config
shell: grub-mkconfig -o /boot/grub/grub.cfg
args:
creates: /boot/grub/grub.cfg
- name: edit grub config
shell: |
[ -f /etc/default/grub.dst ] || cp -p /etc/default/grub /etc/default/grub.dst
a=$(cat /proc/cmdline | sed -e 's/ BOOT_IMAGE=[^ ]*/ /' \
-e 's/ initrd=[^ ]*/ /'
-e 's/ resume=[^ ]*/ /'
-e 's/ root=[^ ]*/ /')
sed -e "s/^#*GRUB_CMDLINE_LINUX=\"\"/GRUB_CMDLINE_LINUX=\"$a\"/" \
-i /etc/default/grub
grub-script-check /etc/default/grub
when: AGI_install_bootloader == 'grub:2'
- name: fstab root - name: fstab root
lineinfile: lineinfile:
dest: /etc/fstab dest: /etc/fstab
@ -80,6 +152,27 @@
line: 'consolefont="ter-v{{AGI_consolefont_font_size}}b"' line: 'consolefont="ter-v{{AGI_consolefont_font_size}}b"'
regexp: '^consolefont=.*' regexp: '^consolefont=.*'
- name: /etc/default/grub
lineinfile:
dest: /etc/default/grub
line: '{{item.from}}="{{item.to}}"'
regexp: '^#*{{item.from}}=.*'
with_items:
# Append parameters to the linux kernel command line for non-recovery entries
- from: GRUB_CMDLINE_LINUX_DEFAULT
to: " rd.skipfsck=1 ipv6.disable=1 console=tty1 lang=en keymap=us intel_iommu=on vga=0x315 text"
# The resolution used on graphical terminal.
# Note that you can use only modes which your graphic card supports via VBE.
# You can see them in real GRUB with the command `vbeinfo'.
- from: GRUB_GFXMODE
to: 640x480
# Set to 'text' to force the Linux kernel to boot in normal text
- from: GRUB_GFXPAYLOAD_LINUX
to: text
# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to kernel
- from: GRUB_DISABLE_LINUX_UUID
to: true
- name: roles/ansible-gentoo_install/tasks/ - name: roles/ansible-gentoo_install/tasks/
shell: | shell: |
LINE="rd.skipfsck=1 ipv6.disable=1 console=tty1 lang=en keymap=us " LINE="rd.skipfsck=1 ipv6.disable=1 console=tty1 lang=en keymap=us "
@ -88,11 +181,13 @@
df | grep /boot || mount /dev/vda1 /boot df | grep /boot || mount /dev/vda1 /boot
[ -d /boot/grub ] || exit 2 [ -d /boot/grub ] || exit 2
[ -f /boot/grub/grub.cfg ] || exit 3 [ -f /boot/grub/grub.cfg ] || exit 3
sed -e "s@ ro *$@ $LINE ro@" -i /boot/grub/grub.cfg cd /
# ln -s boot/vmlinuz* vmlinuz
# boot/initramfs-pentoo-x86_64-6.1.52-pentoo_2023_09_30.img
ln -s boot/initramfs* initrd.img
- name: consolefont - name: consolefont
shell: | shell: |
rc-update add consolefont
cat >> /etc/rc.local << EOF cat >> /etc/rc.local << EOF
/etc/init.d consolefont stop /etc/init.d consolefont stop
/etc/init.d consolefont start /etc/init.d consolefont start
@ -103,6 +198,7 @@
- name: rc-update add bootlogd boot - name: rc-update add bootlogd boot
shell: | shell: |
rc-update add consolefont
rc-update | grep -q 'bootlogd .* boot' || \ rc-update | grep -q 'bootlogd .* boot' || \
rc-update add bootlogd boot rc-update add bootlogd boot
exit 0 exit 0

46
roles/ansible-gentoo_install/tasks/disk.yml
View File

@ -16,8 +16,16 @@
[ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5 [ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5
check_mode: false check_mode: false
- name: check for partitions
shell: |
grep '/dev/{{AGI_NBD_DEV}}p3' /proc/partitions && exit 0
exit 1
register: partitions_out
failed_when: false
- block: - block:
# old code
- name: create disklabel - name: create disklabel
command: parted -s {{ AGI_install_disk }} mklabel {{ AGI_install_disklabel }} command: parted -s {{ AGI_install_disk }} mklabel {{ AGI_install_disklabel }}
register: disklabel_out register: disklabel_out
@ -44,7 +52,7 @@
# able to install to the MBR # able to install to the MBR
- name: create boot partition - name: create boot partition
shell: | shell: |
parted -s {{ AGI_install_disk }} mkpart primary ext2 1M 200M parted -s {{ AGI_install_disk }} mkpart primary {{'ext2' if AGI_install_bootloader != 'syslinux' else 'fat32'}} 1M 200M
args: args:
creates: "{{ AGI_install_disk }}p1" creates: "{{ AGI_install_disk }}p1"
@ -65,7 +73,7 @@
creates: "{{ AGI_install_disk }}p3" creates: "{{ AGI_install_disk }}p3"
- name: format boot partition - name: format boot partition
filesystem: dev={{ AGI_install_disk }}p1 fstype=ext2 force=yes filesystem: dev={{ AGI_install_disk }}p1 fstype={{'ext2' if AGI_install_bootloader != 'syslinux' else 'vfat'}} force=yes
check_mode: false check_mode: false
when: not ansible_check_mode when: not ansible_check_mode
@ -85,7 +93,15 @@
e2label {{ AGI_install_disk }}p3 root e2label {{ AGI_install_disk }}p3 root
e2label {{ AGI_install_disk }}p1 boot e2label {{ AGI_install_disk }}p1 boot
mkswap -L swap "{{ AGI_install_disk }}p2" mkswap -L swap "{{ AGI_install_disk }}p2"
sync when: AGI_install_bootloader != 'syslinux'
- name: label partitions syslinux
shell: |
partprobe
fatlabel {{ AGI_install_disk }}p3 root
e2label {{ AGI_install_disk }}p1 boot
mkswap -L swap "{{ AGI_install_disk }}p2"
when: AGI_install_bootloader == 'syslinux'
when: false when: false
@ -100,15 +116,29 @@
unit: sectors unit: sectors
sector-size: 512 sector-size: 512
{{ AGI_install_disk }}p1 : start= 2048, size= 819200, type=83, bootable {{ AGI_install_disk }}p1 : start= 2048, size= 819200, type={{'83' if AGI_install_bootloader != 'syslinux' else 'c'}}, bootable
{{ AGI_install_disk }}p2 : start= 821248, size= 4096000, type=82 {{ AGI_install_disk }}p2 : start= 821248, size= 4096000, type=82
{{ AGI_install_disk }}p3 : start= 4917248, size= 37025792, type=83 {{ AGI_install_disk }}p3 : start= 4917248, size= 37025792, type=83
EOF EOF
partprobe partprobe
- name: format disk partitions grub:2
shell: |
mke2fs -L boot {{ AGI_install_disk }}p1 mke2fs -L boot {{ AGI_install_disk }}p1
mke2fs -L root {{ AGI_install_disk }}p3 mke2fs -L root {{ AGI_install_disk }}p3
mkswap -L swap "{{ AGI_install_disk }}p2" mkswap -L swap "{{ AGI_install_disk }}p2"
sync
when: AGI_install_bootloader != 'syslinux'
when: true
- name: format disk partitions syslinux
shell: |
mkfs.vfat -F 32 -n boot {{ AGI_install_disk }}p1
mke2fs -L root {{ AGI_install_disk }}p3
mkswap -L swap "{{ AGI_install_disk }}p2"
when: AGI_install_bootloader == 'syslinux'
when:
- partitions_out.rc != 0

2
roles/ansible-gentoo_install/tasks/local.yml
View File

@ -143,7 +143,7 @@
check_mode: false check_mode: false
when: when:
- "ansible_connection in ['chroot'] or (ansible_connection in ['local'] or and chroot_out.rc|default(1) == 0)" - "ansible_connection in ['chroot'] or (ansible_connection in ['local'] and chroot_out.rc|default(1) == 0)"
rescue: rescue:
- debug: - debug:
msg: "ERROR: error during chroot execution" msg: "ERROR: error during chroot execution"

3
roles/ansible-gentoo_install/tasks/main.yml
View File

@ -113,7 +113,8 @@
action: status action: status
loglevel: "{{BOX_NBD_LOGLEVEL}}" loglevel: "{{BOX_NBD_LOGLEVEL}}"
threads: 1 threads: 1
config: "{{AGI_GENTOOIMGR_CONFIGFILE}}" # base.json - bare filename in configs # base.json - bare filename in configs
config: "{{AGI_GENTOOIMGR_CONFIGFILE}}"
profile: "{{BOX_NBD_BASE_PROFILE}}" profile: "{{BOX_NBD_BASE_PROFILE}}"
kernel_dir: "{{BOX_NBD_KERNEL_DIR}}" kernel_dir: "{{BOX_NBD_KERNEL_DIR}}"
portage: "{{BOX_NBD_PORTAGE_FILE}}" portage: "{{BOX_NBD_PORTAGE_FILE}}"

14
roles/ansible-gentoo_install/tasks/misc.yml
View File

@ -86,6 +86,13 @@
user: user:
name: gentoo name: gentoo
password: "{{ gentoo_password_out.stdout }}" password: "{{ gentoo_password_out.stdout }}"
group: "{{ BOX_USER_GROUP }}"
append: true
groups: ['{{ BOX_ALSO_GROUP }}', 'wheel']
create_home: yes
shell: /bin/bash
#? usermod: user vagrant is currently used by process 2190
ignore_errors: true
- name: configure sudoers - name: configure sudoers
lineinfile: lineinfile:
@ -96,6 +103,13 @@
owner: root owner: root
mode: '0640' mode: '0640'
- name: make symlinks
shell: |
[ -e /var/db/repos/gentoo ] || \
ln -s /usr/portage /var/db/repos/gentoo
grep -q ^tmpfs /etc/fstab || \
echo >> /etc/fstab 'tmpfs /dev/shm tmpfs defaults,noexec,size=5% 0 0'
- block: - block:
- name: make symlinks - name: make symlinks

5
roles/ansible-gentoo_install/tasks/portage.yml
View File

@ -5,11 +5,6 @@
verbosity: 1 verbosity: 1
msg: "DEBUG: ansible-gentoo_install portage ansible_shell_executable={{ansible_shell_executable}}" msg: "DEBUG: ansible-gentoo_install portage ansible_shell_executable={{ansible_shell_executable}}"
- name: reenable chroot wrapper
set_fact:
ansible_shell_executable: /var/tmp/chroot_wrapper.sh
ansible_python_interpreter: "/usr/bin/python3"
- name: test we are in the chroot - name: test we are in the chroot
shell: | shell: |
df | grep /mnt/gentoo && exit 1 df | grep /mnt/gentoo && exit 1

15
roles/ansible-gentoo_install/vars/target_Gentoo2.yml
View File

@ -16,6 +16,7 @@ AGI_install_portage_makeconf_default:
MAKEOPTS: "-j{{ ansible_processor_vcpus | default(1) }}" MAKEOPTS: "-j{{ ansible_processor_vcpus | default(1) }}"
USE: "-X verify-sig" USE: "-X verify-sig"
CFLAGS: "-march=native -O2 -pipe" CFLAGS: "-march=native -O2 -pipe"
AGI_install_portage_conf_files: AGI_install_portage_conf_files:
'package.accept_keywords': | 'package.accept_keywords': |
=sys-kernel/genkernel-4.3* ~amd64 =sys-kernel/genkernel-4.3* ~amd64
@ -41,6 +42,8 @@ AGI_bootstrap_dirs:
- etc/portage/repos.conf - etc/portage/repos.conf
- etc/portage/savedconfig - etc/portage/savedconfig
- etc/portage/sets - etc/portage/sets
- usr/local/tmp/bootstrap/logs
- usr/local/tmp/bootstrap/distfiles
AGI_bootstrap_files: AGI_bootstrap_files:
- usr/local/etc/local.d/local.bash - usr/local/etc/local.d/local.bash
@ -59,8 +62,9 @@ AGI_bootstrap_pkgs:
- app-editors/mg - app-editors/mg
- qemu-guest-agent - qemu-guest-agent
- app-admin/logrotate - app-admin/logrotate
- "{{ AGI_install_cron_daemon }}" - "sys-process/{{ AGI_install_cron_daemon }}"
- "{{AGI_install_syslog_daemon}}" - "{{ AGI_install_syslog_daemon}}"
- "sys-boot/{{ AGI_install_bootloader }}"
- media-fonts/terminus-font - media-fonts/terminus-font
- sys-apps/gptfdisk - sys-apps/gptfdisk
- net-analyzer/openbsd-netcat - net-analyzer/openbsd-netcat
@ -68,7 +72,7 @@ AGI_bootstrap_pkgs:
- dev-util/strace - dev-util/strace
- sys-libs/gpm - sys-libs/gpm
- app-portage/eix - app-portage/eix
- www-client/lynx - net-misc/curl
- linux-firmware - linux-firmware
AGI_cloud_pkgs: AGI_cloud_pkgs:
@ -83,12 +87,11 @@ AGI_cloud_pkgs:
- tmux - tmux
- app-misc/screen - app-misc/screen
- dev-vcs/git - dev-vcs/git
- net-misc/curl
- usbutils - usbutils
- pciutils - pciutils
- net-misc/ntp - net-misc/ntp
- net-fs/nfs-utils - net-fs/nfs-utils
# get these from config.json # get these from config.json
- app-emulation/cloud-init # - app-emulation/cloud-init
- sys-block/open-iscsi # - sys-block/open-iscsi

29
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_build_overlay_qcow.bash
View File

@ -23,11 +23,22 @@ yamllint -c $BASE_SRC_ANSIBLE/.yamllint.rc $BASE_SRC_ANSIBLE/hosts.yml|| {
# put these values in $BASE_SRC_ANSIBLE/hosts.yml # put these values in $BASE_SRC_ANSIBLE/hosts.yml
[ -n "$BOX_NBD_OVERLAY_NAME" ] || \ [ -n "$BOX_NBD_OVERLAY_NAME" ] || \
BOX_NBD_OVERLAY_NAME=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_NAME $BOX) BOX_NBD_OVERLAY_NAME=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_NAME $BOX)
if virsh list | grep "$BOX_NBD_OVERLAY_NAME" ; then
ERROR "$BOX_NBD_OVERLAY_NAME" is running - please virsh destroy "$BOX_NBD_OVERLAY_NAME"
exit 2
fi
if virsh list --all | grep "$BOX_NBD_OVERLAY_NAME" ; then
ERROR "$BOX_NBD_OVERLAY_NAME" is running - please virsh undefine "$BOX_NBD_OVERLAY_NAME"
exit 3
fi
[ -n "$BOX_NBD_BASE_PUBKEY" ] || \ [ -n "$BOX_NBD_BASE_PUBKEY" ] || \
BOX_NBD_BASE_PUBKEY=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_BASE_PUBKEY $BOX) BOX_NBD_BASE_PUBKEY=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_BASE_PUBKEY $BOX)
[ -n "$BOX_NBD_BASE_QCOW" ] || \ [ -n "$BOX_NBD_OVERLAY_BASE" ] || \
BOX_NBD_BASE_QCOW=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_BASE_QCOW $BOX) BOX_NBD_OVERLAY_BASE=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_BASE $BOX)
[ -n "$BOX_NBD_OVERLAY_GB" ] || \ [ -n "$BOX_NBD_OVERLAY_GB" ] || \
BOX_NBD_OVERLAY_GB=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_GB $BOX) BOX_NBD_OVERLAY_GB=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_GB $BOX)
[ -n "$BOX_NBD_OVERLAY_CPUS" ] || \ [ -n "$BOX_NBD_OVERLAY_CPUS" ] || \
@ -43,8 +54,8 @@ yamllint -c $BASE_SRC_ANSIBLE/.yamllint.rc $BASE_SRC_ANSIBLE/hosts.yml|| {
[ -n "$BOX_NBD_OVERLAY_PASS" ] || \ [ -n "$BOX_NBD_OVERLAY_PASS" ] || \
BOX_NBD_OVERLAY_PASS=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_PASS $BOX) BOX_NBD_OVERLAY_PASS=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_PASS $BOX)
[ ! -f "$BOX_NBD_BASE_QCOW" ] && \ [ ! -f "$BOX_NBD_OVERLAY_BASE" ] && \
ERROR BOX_NBD_BASE_QCOW=$BOX_NBD_BASE_QCOW must exist && exit 3 ERROR BOX_NBD_OVERLAY_BASE=$BOX_NBD_OVERLAY_BASE must exist && exit 3
[ ! -d "$BOX_NBD_OVERLAY_DIR" ] && \ [ ! -d "$BOX_NBD_OVERLAY_DIR" ] && \
ERROR BOX_NBD_OVERLAY_DIR=$BOX_NBD_OVERLAY_DIR must exist && exit 5 ERROR BOX_NBD_OVERLAY_DIR=$BOX_NBD_OVERLAY_DIR must exist && exit 5
@ -58,7 +69,7 @@ export BOX_NBD_OVERLAY_DIR
DBUG bash toxcore_create-vm.bash \ DBUG bash toxcore_create-vm.bash \
-n $BOX_NBD_OVERLAY_NAME \ -n $BOX_NBD_OVERLAY_NAME \
-k $BOX_NBD_BASE_PUBKEY \ -k $BOX_NBD_BASE_PUBKEY \
-i $BOX_NBD_BASE_QCOW \ -i $BOX_NBD_OVERLAY_BASE \
-s $BOX_NBD_OVERLAY_GB \ -s $BOX_NBD_OVERLAY_GB \
-b $BOX_NBD_OVERLAY_BR \ -b $BOX_NBD_OVERLAY_BR \
-c $BOX_NBD_OVERLAY_CPUS \ -c $BOX_NBD_OVERLAY_CPUS \
@ -69,7 +80,7 @@ DBUG bash toxcore_create-vm.bash \
bash toxcore_create-vm.bash \ bash toxcore_create-vm.bash \
-n $BOX_NBD_OVERLAY_NAME \ -n $BOX_NBD_OVERLAY_NAME \
-k $BOX_NBD_BASE_PUBKEY \ -k $BOX_NBD_BASE_PUBKEY \
-i $BOX_NBD_BASE_QCOW \ -i $BOX_NBD_OVERLAY_BASE \
-s $BOX_NBD_OVERLAY_GB \ -s $BOX_NBD_OVERLAY_GB \
-b $BOX_NBD_OVERLAY_BR \ -b $BOX_NBD_OVERLAY_BR \
-c $BOX_NBD_OVERLAY_CPUS \ -c $BOX_NBD_OVERLAY_CPUS \
@ -83,8 +94,8 @@ retval=$?
INFO $BOX_NBD_OVERLAY_DIR/images/$BOX_NBD_OVERLAY_NAME.img || { INFO $BOX_NBD_OVERLAY_DIR/images/$BOX_NBD_OVERLAY_NAME.img || {
ERROR NO $BOX_NBD_OVERLAY_DIR/images/$BOX_NBD_OVERLAY_NAME.img ; exit 2$retval ; } ERROR NO $BOX_NBD_OVERLAY_DIR/images/$BOX_NBD_OVERLAY_NAME.img ; exit 2$retval ; }
INFO virsh define $BOX_NBD_OVERLAY_NAME INFO virsh define $BOX_NBD_OVERLAY_DIR/xml/$BOX_NBD_OVERLAY_NAME.xml
virsh define $BOX_NBD_OVERLAY_DIR/$BOX_NBD_OVERLAY_NAME.img virsh define $BOX_NBD_OVERLAY_DIR/xml/$BOX_NBD_OVERLAY_NAME.xml
sleep 5 sleep 5
INFO virsh net-dhcp-leases default INFO virsh net-dhcp-leases default
sudo virsh net-dhcp-leases default sudo virsh net-dhcp-leases default

66
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_create-vm.bash
View File

@ -13,6 +13,11 @@
prog=`basename $0 .bash` prog=`basename $0 .bash`
PREFIX=/usr/local PREFIX=/usr/local
ROLE=toxcore ROLE=toxcore
if which genisoimage >/dev/null 2>/dev/null ; then
have_genisoimage=true
else
have_genisoimage=false
fi
# create-vm - Quickly create guest VMs using cloud image files and cloud-init. # create-vm - Quickly create guest VMs using cloud image files and cloud-init.
@ -136,8 +141,11 @@ mkdir -p "$BOX_NBD_OVERLAY_DIR"/{images,xml,init,base} || exit 2
echo "Creating a qcow2 image file ${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img that uses the cloud image file ${IMG_FQN} as its base" echo "Creating a qcow2 image file ${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img that uses the cloud image file ${IMG_FQN} as its base"
INFO qemu-img create -b "${IMG_FQN}" -f qcow2 -F qcow2 "${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img" "${STORAGE}G" INFO qemu-img create -b "${IMG_FQN}" -f qcow2 -F qcow2 \
qemu-img create -b "${IMG_FQN}" -f qcow2 -F qcow2 "${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img" "${STORAGE}G" || exit 3 "${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img" "${STORAGE}G"
qemu-img create -b "${IMG_FQN}" -f qcow2 -F qcow2 \
"${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img" "${STORAGE}G" || \
exit 3
echo "Creating meta-data file $BOX_NBD_OVERLAY_DIR/init/meta-data" echo "Creating meta-data file $BOX_NBD_OVERLAY_DIR/init/meta-data"
cat > "$BOX_NBD_OVERLAY_DIR/init/meta-data" << EOF cat > "$BOX_NBD_OVERLAY_DIR/init/meta-data" << EOF
@ -246,6 +254,7 @@ done
#grep gentoo /etc/shadow #grep gentoo /etc/shadow
EOF EOF
if $have_genisoimage ; then
echo "Generating the cidata ISO file $BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.iso" echo "Generating the cidata ISO file $BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.iso"
( (
cd "$BOX_NBD_OVERLAY_DIR/init/" cd "$BOX_NBD_OVERLAY_DIR/init/"
@ -257,6 +266,7 @@ echo "Generating the cidata ISO file $BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cid
-input-charset utf-8 \ -input-charset utf-8 \
user-data meta-data user-data meta-data
) || exit 5 ) || exit 5
fi
MACCMD= MACCMD=
if [[ -n $MAC ]]; then if [[ -n $MAC ]]; then
@ -264,7 +274,9 @@ if [[ -n $MAC ]]; then
fi fi
[ -f ${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img ] || exit 5 [ -f ${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img ] || exit 5
[ -f $BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img ] || exit 6 if $have_genisoimage ; then
[ -f $BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img ] || exit 6
fi
# libvirt.libvirtError: /usr/lib/qemu/qemu-bridge-helper --use-vnet --br=-c --fd=31: failed to communicate with bridge helper: stderr=failed to parse default acl file `/etc/qemu/bridge.conf' # libvirt.libvirtError: /usr/lib/qemu/qemu-bridge-helper --use-vnet --br=-c --fd=31: failed to communicate with bridge helper: stderr=failed to parse default acl file `/etc/qemu/bridge.conf'
if [ ! -f "/etc/qemu/bridge.conf" ] ; then if [ ! -f "/etc/qemu/bridge.conf" ] ; then
@ -288,38 +300,14 @@ sudo ifconfig -a | grep $BRIDGE && \
NETWORK="--network bridge=${BRIDGE},model=virtio" || \ NETWORK="--network bridge=${BRIDGE},model=virtio" || \
WARN bridge $BRIDGE not running. not adding a network WARN bridge $BRIDGE not running. not adding a network
NETWORK="--network network=default,model=virtio" NETWORK="--network network=default,model=virtio"
NETWORK="--interface type=network,source.network=default,model.type=virtio"
INFO virt-install \ declare -a LARGS
--name="${HOSTNAME}" \ LARGS=(
--osinfo "$OSINFO" \
--import \
--name="${HOSTNAME}" \
--disk "path=${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img,format=qcow2" \
--disk "path=$BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img,device=cdrom" \
--ram="${RAM}" \
--vcpus="${VCPUS}" \
--autostart \
--hvm \
--arch x86_64 \
--accelerate \
--check-cpu \
--force \
--watchdog=default \
--graphics spice,listen=socket \
--channel spicevmc,target.type=virtio,target.name=com.redhat.spice.0 \
--channel type=unix,target.type=virtio,target.name=org.qemu.guest_agent.0 \
--network "bridge=${BRIDGE},model=virtio" \
--rng /dev/urandom \
--os-variant detect=on,name=$OSINFO \
--noautoconsole
# squelch warnings
python3.sh `which virt-install` \
--name="${HOSTNAME}" \ --name="${HOSTNAME}" \
--osinfo "$OSINFO" \ --osinfo "$OSINFO" \
--import \ --import \
--disk "path=${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img,format=qcow2" \ --disk "path=${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img,format=qcow2" \
--disk "path=$BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img,device=cdrom" \
--ram="${RAM}" \ --ram="${RAM}" \
--vcpus="${VCPUS}" \ --vcpus="${VCPUS}" \
--autostart \ --autostart \
@ -332,12 +320,24 @@ python3.sh `which virt-install` \
--graphics spice,listen=socket \ --graphics spice,listen=socket \
--filesystem /,/mnt/linuxPen19 \ --filesystem /,/mnt/linuxPen19 \
--channel spicevmc,target.type=virtio,target.name=com.redhat.spice.0 \ --channel spicevmc,target.type=virtio,target.name=com.redhat.spice.0 \
--channel unix,target.type=virtio,target.name=org.qemu.guest_agent.0 \ --channel type=unix,target.type=virtio,target.name=org.qemu.guest_agent.0 \
$NETWORK \
--rng /dev/urandom \ --rng /dev/urandom \
--os-variant detect=on,name=$OSINFO \ --os-variant detect=on,name=$OSINFO \
--noautoconsole \ --noautoconsole \
|| exit 7 )
if [ -n "$NETWORK" ] ; then
LARGS+=(
$NETWORK \
)
if $have_genisoimage ; then
LARGS+=(
--disk "path=$BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img,device=cdrom" \
)
fi
INFO virt-install "${LARGS[@]}"
# squelch warnings
python3.sh `which virt-install` "${LARGS[@]}" || exit 7
# --debug # --debug
#? --shmem name=shmem_server,type="memfd",mode="shared" #? --shmem name=shmem_server,type="memfd",mode="shared"
# --shmem name=shmem0 ivshmem device is not supported with this QEMU binary # --shmem name=shmem0 ivshmem device is not supported with this QEMU binary

11
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_libvirt_test_ga.bash Executable file
View File

@ -0,0 +1,11 @@
#!/bin/sh
ROLE=toxcore
MODE=host
TOX_PLAY=/o/var/local/src/play_tox
sudo virsh list | grep running | while read a elt b ; do
echo INFO testing $elt
ansible -i $TOX_PLAY/hosts.yml -c libvirt_qemu -m setup $elt
done