emdee/libvirt_cloud
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

added roles/ansible-gentoo_install/

Browse source
This commit is contained in:
emdee 2023-12-29 19:40:31 +00:00
parent 994e13dae3
commit 762e81cea7
29 changed files with 1838 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

108
roles/ansible-gentoo_install/tasks/bootloader.yml Normal file
View file

@ -0,0 +1,108 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install bootloader"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install bootloader"
- name: test we are in the chroot
shell: |
df | grep {{AGI_NBD_MP}} && exit 1
check_mode: false
- name: install grub
portage:
package: sys-boot/grub:2
state: installed
- name: install grub to MBR
command: grub-install {{ AGI_install_disk }}
args:
creates: /boot/grub
- name: generate grub config
shell: grub-mkconfig -o /boot/grub/grub.cfg
args:
creates: /boot/grub/grub.cfg
- name: edit grub config
shell: |
[ -f /etc/default/grub.dst ] || cp -p /etc/default/grub /etc/default/grub.dst
a=$(cat /proc/cmdline | sed -e 's/ BOOT_IMAGE=[^ ]*/ /' \
-e 's/ initrd=[^ ]*/ /'
-e 's/ resume=[^ ]*/ /'
-e 's/ root=[^ ]*/ /')
sed -e "s/^#*GRUB_CMDLINE_LINUX=\"\"/GRUB_CMDLINE_LINUX=\"$a\"/" \
-i /etc/default/grub
grub-script-check /etc/default/grub
- name: fstab root
lineinfile:
dest: /etc/fstab
line: '{{AGI_container_disk}}3 / ext4 defaults,noatime 0 1'
regexp: '^{{AGI_container_disk}}3'
- name: fstab boot
lineinfile:
dest: /etc/fstab
line: '{{AGI_container_disk}}1 /boot ext3 defaults,noatime 0 1'
regexp: '^{{AGI_container_disk}}3'
- name: fstab swap
lineinfile:
dest: /etc/fstab
line: '{{AGI_container_disk}}2 none swap nofail,sw 0 0'
regexp: '^{{AGI_container_disk}}2'
- name: fstab shm
lineinfile:
dest: /etc/fstab
line: 'tmpfs /run/shm tmpfs defaults,noexec,size=5% 0 0'
regexp: '^tmpfs */run/shm'
# linuxPen19 /mnt/linuxPen19 virtiofs defaults,dirsync 0 0
- name: /etc/security/passwdqc.conf
lineinfile:
dest: /etc/security/passwdqc.conf
line: 'enforce=none'
regexp: '^enforce=.*'
- name: /etc/security/passwdqc.conf
lineinfile:
dest: /etc/security/passwdqc.conf
line: 'enforce=none'
regexp: '^enforce=.*'
- name: /etc/conf.d/consolefont
lineinfile:
dest: /etc/conf.d/consolefont
line: 'consolefont="ter-v{{AGI_consolefont_font_size}}b"'
regexp: '^consolefont=.*'
- name: roles/ansible-gentoo_install/tasks/
shell: |
LINE="rd.skipfsck=1 ipv6.disable=1 console=tty1 lang=en keymap=us "
# LINE="$LINE pti=on doscsi iommu=pt amd_iommu=on debugfs=off efi=disable_early_pci_dma extra_latent_entropy init_on_free=1 kvm.nx_huge_pages=force l1tf=full,force mce=0 mds=full,nosmt nosmt=force page_alloc.shuffle=1 pti=on random.trust_cpu=off slab_nomerge slub_debug=FZ spec_store_bypass_disable=on spectre_v2=on tsx_async_abort=full,nosmt vsyscall=none "
LINE="$LINE intel_iommu=on vga=0x315 text
df | grep /boot || mount /dev/vda1 /boot
[ -d /boot/grub ] || exit 2
[ -f /boot/grub/grub.cfg ] || exit 3
sed -e "s@ ro *$@ $LINE ro@" -i /boot/grub/grub.cfg
- name: consolefont
shell: |
rc-update add consolefont
cat >> /etc/rc.local << EOF
/etc/init.d consolefont stop
/etc/init.d consolefont start
stty -F /dev/tty1 cols 80 rows 24
EOF
bash /etc/rc.local
ignore_errors: true
- name: rc-update add bootlogd boot
shell: |
rc-update | grep -q 'bootlogd .* boot' || \
rc-update add bootlogd boot
exit 0

55
roles/ansible-gentoo_install/tasks/chroot.yml Normal file
View file

@ -0,0 +1,55 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install chroot.yml"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install chroot.yml"
- name: test we are NOT in the chroot
shell: |
df | grep "{{AGI_NBD_MP}}" || exit 1
[ -n "{{AGI_NBD_MP}}" ] || exit 2
[ -d "{{AGI_NBD_MP}}" ] || exit 3
[ "{{ansible_distribution}}" == 'Gentoo' ] || \
( {{AGI_GENTOO_FROM_MP}} != '' && "{{AGI_GENTOO_FROM_MP}}" != '/' ) || \
exit 4
[ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5
check_mode: false
- name: copy resolv.conf into chroot
copy:
src: /etc/resolv.conf
dest: "{{AGI_NBD_MP}}/etc/resolv.conf"
remote_src: yes
when: not ansible_check_mode
- name: mount /proc in chroot
mount:
name: "{{AGI_NBD_MP}}/proc"
src: proc
fstype: proc
state: mounted
check_mode: false
- name: bind-mount dirs in chroot
mount:
name: "{{AGI_NBD_MP}}/{{ item }}"
src: /{{ item }}
fstype: auto
opts: bind
state: mounted
with_items:
- sys
- dev
- dev/pts
- dev/shm
check_mode: false
- name: chroot wrapper script
template:
src: chroot_wrapper.sh
dest: "/var/tmp/chroot_wrapper.sh"
owner: 'root'
mode: '0755'
check_mode: false

114
roles/ansible-gentoo_install/tasks/copy.yml Normal file
View file

@ -0,0 +1,114 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install copy.yml"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install copy.yml"
- name: test we are NOT in the chroot
shell: |
df | grep "{{AGI_NBD_MP}}" || exit 1
[ -n "{{AGI_NBD_MP}}" ] || exit 2
[ -d "{{AGI_NBD_MP}}" ] || exit 3
[ "{{ansible_distribution}}" == 'Gentoo' ] || \
( {{AGI_GENTOO_FROM_MP}} != '' && "{{AGI_GENTOO_FROM_MP}}" != '/' ) || \
exit 4
[ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5
check_mode: false
- name: install to mp from source
delegate_to: localhost
shell: |
cd {{AGI_GENTOO_FROM_MP}}/usr/src/linux || exit 1
[ -d "{{AGI_NBD_MP}}/lib/modules" ] || mkdir "{{AGI_NBD_MP}}/lib/modules"
make INSTALL_PATH={{AGI_NBD_MP}}/boot install || exit 4
make INSTALL_MOD_PATH={{AGI_NBD_MP}} modules_install || exit 5
when: AGI_use_local_kernel
- name: resolve kernel symlink
shell: |
[ -h {{AGI_GENTOO_FROM_MP}}/usr/src/linux ] && \
echo $(readlink /usr/src/linux | sed -e 's@/$@@' ) && \
exit 0
echo linux
register: kernel_out
check_mode: false
- name: copy kernel sources
copy:
src: "{{AGI_GENTOO_FROM_MP}}/usr/src/{{kernel_out.stdout}}"
dest: "{{AGI_NBD_MP}}/usr/src"
remote_src: no
creates: "{{AGI_NBD_MP}}/usr/src/"
when:
- kernel_out.rc|default(1) == 0
- AGI_use_local_kernel
- false # dunno where it went to
- name: resolve kver
shell: |
kernel="{{kernel_out.stdout}}"
kver=$( echo $kernel | sed -e 's/.*-6\.\([0-9]\)/6.\1/' -e 's/-.*//' )
echo $kver
register: kver_out
check_mode: false
when:
- kernel_out.rc|default(1) == 0
- name: resolve kmods
shell: |
ls -d {{AGI_GENTOO_FROM_MP}}/lib/modules/{{kver_out.stdout}}* | head -1
register: mods_out
check_mode: false
when:
- kver_out.rc|default(1) == 0
- name: resolve vmlinux
shell: |
kver="{{kver_out.stdout}}"
ls {{AGI_GENTOO_FROM_MP}}/boot/vmlinuz-${kver}* | head -1
register: vmlinux_out
check_mode: false
when:
- kver_out.rc|default(1) == 0
- name: copy kernel vmlinux
copy:
src: "{{AGI_GENTOO_FROM_MP}}{{vmlinux_out.stdout}}"
dest: "{{AGI_NBD_MP}}/boot"
remote_src: no
when:
- AGI_use_local_kernel
check_mode: false
- name: resolve ramfs
shell: |
kver="{{kver_out.stdout}}"
ls {{AGI_GENTOO_FROM_MP}}/boot/initramfs-pentoo-x86_64-${kver}* | head -1
register: ramfs_out
check_mode: false
when:
- kver_out.rc|default(1) == 0
- name: copy kernel vmlinux
copy:
src: "{{AGI_GENTOO_FROM_MP}}{{ramfs_out.stdout}}"
dest: "{{AGI_NBD_MP}}/boot"
remote_src: no
when:
- AGI_use_local_kernel
- ramfs_out.rc|default(1) == 0
- name: make directories
shell: |
cd {{AGI_GENTOO_FROM_MP}} || exit 1
for dir in {{AGI_bootstrap_dirs}}; do
[ -d "{{AGI_NBD_MP}}/{{dir}}" ] && continue
mkdir -p "{{AGI_NBD_MP}}/{{dir}}"
done
for file in {{AGI_bootstrap_files}}; do
[ -f "{{AGI_NBD_MP}}/{{file}}" ] && continue
cp -np "$file" "{{AGI_NBD_MP}}/{{file}}"
done
# dracut

44
roles/ansible-gentoo_install/tasks/daemons.yml Normal file
View file

@ -0,0 +1,44 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install daemons"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install daemons"
- name: test we are in the chroot
shell: |
df | grep {{AGI_NBD_MP}} && exit 1
- name: merge packages
shell: |
MODE={{AGI_PROXY_MODE|default('')}}
. /usr/local/bin/proxy_export.bash
emerge -v {{AGI_bootstrap_pkgs}}
when: "'AGI_bootstrap_pkgs' != []"
- name: start syslog daemon at boot
service:
name: "{{ AGI_install_syslog_daemon.split('/')[1] }}"
enabled: true
- name: start cron daemon at boot
service:
name: "{{ AGI_install_cron_daemon.split('/')[1] }}"
enabled: true
- name: configure sshd
lineinfile:
dest: /etc/ssh/sshd_config
line: 'PermitRootLogin yes'
regexp: '^PermitRootLogin'
- name: start sshd at boot
service:
name: sshd
enabled: true
- name: start qemu-guest-agent daemon at boot
service:
name: qemu-guest-agent
enabled: true

63
roles/ansible-gentoo_install/tasks/disk.yml Normal file
View file

@ -0,0 +1,63 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install disk.yml"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install disk.yml"
- name: test we are NOT in the chroot
shell: |
grep '/dev/{{AGI_NBD_DEV}}' /proc/mounts && exit 1
[ -n "{{AGI_NBD_MP}}" ] || exit 2
[ -d "{{AGI_NBD_MP}}" ] || exit 3
[ "{{ansible_distribution}}" == 'Gentoo' ] || \
( {{AGI_GENTOO_FROM_MP}} != '' && "{{AGI_GENTOO_FROM_MP}}" != '/' ) || \
exit 4
[ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5
check_mode: false
- name: create disklabel
command: parted -s {{ AGI_install_disk }} mklabel {{ AGI_install_disklabel }}
# We need to leave a small gap at the beginning of the disk, or grub won't be
# able to install to the MBR
- name: create boot partition
shell: |
parted -s {{ AGI_install_disk }} mkpart primary ext2 1M 200M
e2label {{ AGI_install_disk }}p1 boot
args:
creates: "{{ AGI_install_disk }}p2"
- name: mark boot partition as active
shell: |
parted -s {{ AGI_install_disk }} set 1 boot on
- name: create swap partition
shell: |
parted -s {{ AGI_install_disk }} -- mkpart primary linux-swap 201M 2200M
mkswap -L swap "{{ AGI_install_disk }}p2"
args:
creates: "{{ AGI_install_disk }}p2"
- name: create root partition
shell: |
parted -s {{ AGI_install_disk }} -- mkpart primary ext4 2201M 20070M
e2label {{ AGI_install_disk }}p3 root
args:
creates: "{{ AGI_install_disk }}p3"
- name: format boot partition
filesystem: dev={{ AGI_install_disk }}p1 fstype=ext2 force=yes
check_mode: false
when: not ansible_check_mode
- name: format swap partition
filesystem: dev={{ AGI_install_disk }}p2 fstype=swap force=yes
check_mode: false
when: false
- name: format root partition
filesystem: dev={{ AGI_install_disk }}p3 fstype=ext4 force=yes
check_mode: false
when: not ansible_check_mode

35
roles/ansible-gentoo_install/tasks/finish.yml Normal file
View file

@ -0,0 +1,35 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install finish.yml"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install finish.yml"
- name: unmount filesystems
mount:
name: "{{AGI_NBD_MP}}/{{ item }}"
state: unmounted
with_items:
- proc
- sys
- dev/pts
- dev/shm
- dev
- boot
- ''
loop_control:
label: "{{AGI_NBD_MP}}/{{ item }}"
- name: df umount failsafe
shell: |
grep /mnt/gentoo /proc/mounts|tac|while read a b c ;do sudo umount $b;done
grep /mnt/gentoo/ /proc/mounts|tac|while read a b c ;do sudo umount $b;done
# leave this to be done
grep nbd /proc/mounts || true
- name: reboot
command: reboot
async: 0
poll: 0
ignore_errors: true
when: false

31
roles/ansible-gentoo_install/tasks/kernel.yml Normal file
View file

@ -0,0 +1,31 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install portage"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install kernel"
- name: test we are in the chroot
shell: |
df | grep /mnt/gentoo && exit 1
- name: install kernel sources
portage:
package: gentoo-sources
state: installed
- name: install genkernel
portage:
package: sys-kernel/genkernel
state: installed
- name: build kernel
environment:
# The install guide implies that the kernel build will get angry without
# the locale set
LOCALE: "{{ AGI_install_locale_default }}"
command: genkernel --virtio all
args:
creates: /boot/kernel-genkernel-*

170
roles/ansible-gentoo_install/tasks/local.yml Normal file
View file

@ -0,0 +1,170 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install local"
debug:
verbosity: 0
msg: "DEBUG: ansible-gentoo_install local BOX_NBD_DEV={{BOX_NBD_DEV}}"
check_mode: no
- assert:
that:
- "'{{BOX_NBD_DEV}}' != ''"
when: ansible_connection in ['local', 'chroot']
- set_fact:
AGI_use_local_kernel: true
when:
- ansible_distribution == 'Gentoo' or BOX_GENTOO_FROM_MP != ''
- set_fact:
AGI_PROXY_MODE: "{{PROXY_MODE|default('')}}"
when:
- PROXY_MODE|default('') != ''
check_mode: no
- set_fact:
AGI_PROXY_MODE: "{{BOX_PROXY_MODE|default('')}}"
when:
- AGI_PROXY_MODE == ''
check_mode: no
- block:
- name: check for mounted disk
shell: |
grep '/dev/{{AGI_NBD_DEV}}' /proc/mounts
failed_when: false
changed_when: false
register: check_mounted_disk
check_mode: no
- name: partition if disk not mounted
include: disk.yml
when:
- check_mounted_disk.rc != 0
check_mode: no
- name: mount root partition
mount:
name: "{{AGI_NBD_MP}}"
src: "{{ AGI_install_disk }}p3"
fstype: ext4
state: mounted
check_mode: false
- name: create /boot mountpoint
file:
path: "{{AGI_NBD_MP}}/boot"
state: directory
check_mode: false
- name: mount boot partition
mount:
name: "{{AGI_NBD_MP}}/boot"
src: "{{ AGI_install_disk }}p1"
fstype: ext2
state: mounted
check_mode: false
- name: mount distfiles
delegate_to: localhost
shell: |
[ -d "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] || exit 1
grep {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} /proc/mounts && exit 0
[ -d {{AGI_NBD_MP}}/usr/portage/ ] || exit 0
[ -d {{AGI_NBD_MP}}/usr/portage/distfiles ] || mkdir {{AGI_NBD_MP}}/usr/portage/distfiles
mount --bind {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} {{AGI_NBD_MP}}/usr/portage/distfiles
when:
- "MOUNT_GENTOO_DISTFILES_ARCHIVES != ''"
- "AGI_NBD_MP != ''"
- false # let the tester take care of this
- include: tarball.yml
- include: copy.yml
when: AGI_use_local_kernel
- include: chroot.yml
delegate_to: localhost
when: ansible_connection in ['chroot', 'local'] # libvirt?
- block:
- name: check chroot wrapper installed
shell: |
[ -x /var/tmp/chroot_wrapper.sh ] || exit 1
df /mnt/gentoo || exit 2
/var/tmp/chroot_wrapper.sh df | grep /mnt/gentoo && exit 4
exit 0
register: chroot_out
check_mode: false
- name: enable chroot wrapper
set_fact:
ansible_shell_executable: /var/tmp/chroot_wrapper.sh
old_ansible_python_interpreter: "{{ansible_python_interpreter}}"
ansible_python_interpreter: "/usr/bin/python3"
check_mode: false
when: ansible_connection in ['local']
- block:
- include: portage.yml
- include: misc.yml
- include: network.yml
- include: kernel.yml
when: not AGI_use_local_kernel
- include: bootloader.yml
- include: daemons.yml
# - include: finish.yml
check_mode: false
when:
- "ansible_connection in ['chroot'] or chroot_out.rc|default(1) == 0"
rescue:
- debug:
msg: "ERROR: "
- name: disable chroot wrapper
set_fact:
ansible_shell_executable: /bin/sh
ansible_python_interpreter: "{{old_ansible_python_interpreter}}"
when:
- "ansible_connection in ['local'] and chroot_out.rc|default(1) == 0"
check_mode: false
- name: unmount filesystems
mount:
name: "{{AGI_NBD_MP}}/{{ item }}"
state: unmounted
with_items:
- proc
- sys
- dev/pts
- dev/shm
- dev
- boot
- ''
loop_control:
label: "{{AGI_NBD_MP}}/{{ item }}"
when:
- "ansible_connection in ['local'] and chroot_out.rc|default(1) == 0"
- false # leave it mounted for testing
- name: dismount any other mounts
shell: |
if [ -z "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] && \
[ -d "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] && \
grep {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} /proc/mounts ; then
umount {{MOUNT_GENTOO_DISTFILES_ARCHIVES}}
fi
df -a | grep "{{AGI_NBD_MP}}" | sed -e 's/.* //' | tac | while read elt;do
umount $elt
done
when:
- "ansible_connection in ['chroot'] or chroot_out.rc|default(1) == 0"
- false # leave it mounted for testing

72
roles/ansible-gentoo_install/tasks/main.yml Normal file
View file

@ -0,0 +1,72 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install nbd_disk ansible_connection"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install nbd_disk={{ nbd_disk }} ansible_connection={{ ansible_connection }}"
check_mode: false
- set_fact:
AGI_target: Gentoo2
- name: look for nbd partitions
shell: |
grep nbd /proc/partitions | head -1
register: nbd_out
failed_when: false
check_mode: false
- name: "include base by-platform vars"
include_vars: "{{item}}.yml"
with_items:
- "Linux"
- "{{ ansible_distribution }}{{ ansible_distribution_major_version }}"
- "target_{{AGI_target}}"
tags: always
- name: find module gentooimgr
shell: |
echo nbd_disk={{ nbd_disk }} ansible_connection={{ ansible_connection }}
echo ansible_distribution={{ansible_distribution}} BOX_GENTOO_FROM_MP={{BOX_GENTOO_FROM_MP}}
[ -d '/mnt/o/var/local/src/play_tox/src/ansible_gentooimgr' ] || exit 1
[ -f '/mnt/o/var/local/src/play_tox/src/ansible_gentooimgr/__init__.py' ] || exit 2
[ -d '/mnt/o/var/local/src/play_tox/src/ansible_gentooimgr/gentooimgr' ] || exit 3
[ -f '/mnt/o/var/local/src/play_tox/src/ansible_gentooimgr/gentooimgr/__init__.py' ] || exit 4
{{ansible_python_interpreter}} \
-c "import sys; sys.path.append('/mnt/o/var/local/src/play_tox/src/ansible_gentooimgr'); import gentooimgr; print(gentooimgr.__file__)"
register: gentooimgr_out
check_mode: false
ignore_errors: true
- block:
- set_fact:
AGI_gentooimgr_configs: "{{gentooimgr_out.stdout}}/configs"
- name: ansible_gentooimgr nbd status
ansible_gentooimgr:
action: status
loglevel: 10
threads: 1
config: cloud.config
profile: openrc
kernel_dir: /usr/src/linux
portage: '{{AGI_NBD_FILES}}/portage-20231223.tar.xz'
stage3: '{{AGI_NBD_FILES}}/stage3-amd64-openrc-20231217T170203Z.tar.xz'
temporary_dir: "{{AGI_NBD_FILES}}"
download_dir: "{{AGI_NBD_FILES}}"
ignore_errors: true
check_mode: false
check_mode: false
when:
- ansible_connection in ['chroot', 'local', 'libvirt_qemu']
- ansible_distribution == 'Gentoo' or BOX_GENTOO_FROM_MP != ''
# - nbd_disk|default('') == AGI_NBD_DISK
- include_tasks: local.yml
when:
- ansible_connection in ['chroot', 'local']
- ansible_distribution == 'Gentoo' or BOX_GENTOO_FROM_MP != ''
- nbd_disk|default('') == AGI_NBD_DISK

112
roles/ansible-gentoo_install/tasks/misc.yml Normal file
View file

@ -0,0 +1,112 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install/tasks/ misc.yml"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install/tasks/ misc.yml"
- name: test we are in the chroot
shell: |
df | grep /mnt/gentoo && exit 1
- name: "make /mnt mountpoints"
shell: |
[ -d /mnt ] || mkdir /mnt || exit 1
for elt in {{ AGI_bootstrap_mountpoints|join(' ') }} ; do
[ -d $elt ] || mkdir $elt
done
exit 0
when: AGI_bootstrap_mountpoints|default([])|length > 0
- name: configure timezone
lineinfile:
dest: /etc/timezone
line: "{{ AGI_install_timezone }}"
regexp: '^'
create: yes
owner: root
mode: '0644'
- name: timezone symlink
file:
dest: /etc/localtime
src: /usr/share/zoneinfo/{{ AGI_install_timezone }}
state: link
force: yes
- name: configure locales
lineinfile:
dest: /etc/locale.gen
line: "{{ item }}"
with_items: "{{ AGI_install_locales }}"
- name: generate locales
command: locale-gen
- name: set default locale
command: eselect locale set {{ AGI_install_locale_default }}
- name: configure root mount
mount:
name: /
src: "{{ AGI_install_disk }}p3"
fstype: ext4
state: present
opts: noatime
passno: 1
- name: configure boot mountpoint
mount:
name: /boot
src: "{{ AGI_install_disk }}p1"
fstype: ext2
state: present
opts: noatime,ro
dump: 1
passno: 2
- name: scramble root password
shell: |
echo "{{ AGI_install_root_password|default('root') }}" | \
openssl password -1 -stdin
register: root_password_out
- name: set root password
user:
name: root
password: "{{ root_password_out.stdout }}"
- name: scramble gentoo password
shell: |
echo "{{ AGI_install_gentoo_password|default('gentoo') }}" | \
openssl password -1 -stdin
register: gentoo_password_out
- name: set gentoo password
user:
name: gentoo
password: "{{ gentoo_password_out.stdout }}"
- name: configure sudoers
lineinfile:
dest: /etc/sudoers
line: "%wheel ALL=(ALL:ALL) ALL"
regexp: '^# %wheel ALL=(ALL:ALL) ALL'
create: yes
owner: root
mode: '0640'
- block:
- name: make symlinks
shell: |
{% for elt in AGI_bootstrap_pkgs %}
[ -h {{ elt.to }} ] && continue
[ -d {{ elt.to }} ] && echo "WARN: {{ elt.to }} exists as a directory" && continue
parent=`dirname {{ elt.to }}`
[ -d $parent ] || mkdir -p $parent
#? -h-e
[ -h {{ elt.to }} ] || \
ln -s {{ elt.from }} {{ elt.to }}
{% endfor %}
when: AGI_bootstrap_pkgs|default([])|length > 0

56
roles/ansible-gentoo_install/tasks/network.yml Normal file
View file

@ -0,0 +1,56 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install network"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install network"
- name: test we are in the chroot
shell: |
df | grep /mnt/gentoo && exit 1
- name: configure hostname
lineinfile:
dest: /etc/conf.d/hostname
line: 'hostname="{{ AGI_install_hostname }}"'
regexp: '^hostname='
- name: install netifrc
portage:
package: net-misc/netifrc
state: installed
- name: install DHCP client
portage:
package: net-misc/dhcpcd
state: installed
- name: configure network interfaces
lineinfile:
dest: /etc/conf.d/net
create: yes
owner: root
mode: '0644'
line: 'config_{{ item.key }}="{{ item.value.config }}"'
regexp: '^config_{{ item.key }}='
with_dict: "{{ AGI_install_network_interfaces }}"
loop_control:
label: "{{ item.key }}"
- name: create network interface init symlink
file:
path: /etc/init.d/net.{{ item.key }}
src: net.lo
force: yes
state: link
with_dict: "{{ AGI_install_network_interfaces }}"
loop_control:
label: "{{ item.key }}"
- name: start network interface at boot
service:
name: net.{{ item.key }}
enabled: true
with_dict: "{{ AGI_install_network_interfaces }}"
loop_control:
label: "{{ item.key }}"

52
roles/ansible-gentoo_install/tasks/portage.yml Normal file
View file

@ -0,0 +1,52 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install portage ansible_shell_executable={{ansible_shell_executable}}"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install portage ansible_shell_executable={{ansible_shell_executable}}"
- name: reenable chroot wrapper
set_fact:
ansible_shell_executable: /var/tmp/chroot_wrapper.sh
ansible_python_interpreter: "/usr/bin/python3"
- name: test we are in the chroot
shell: |
df | grep /mnt/gentoo && exit 1
- name: portage make.conf settings
lineinfile:
dest: /etc/portage/make.conf
line: '{{ item.key }}="{{ item.value }}"'
regexp: '^{{ item.key }}='
with_dict: "{{ AGI_install_portage_makeconf_default | combine( AGI_install_portage_makeconf | default({}) ) }}"
loop_control:
label: "{{ item.key }}"
# Using blockinfile as a workaround to 'copy' not working with the chroot hack
- name: other portage config files
blockinfile:
dest: /etc/portage/{{ item.key }}
content: "{{ item.value }}"
owner: root
mode: '0644'
create: yes
with_dict: "{{ AGI_install_portage_conf_files | default({}) }}"
loop_control:
label: "{{ item.key }}"
when: false
- name: install portage tree snapshot
command: emerge-webrsync
when: false
#- name: update portage tree
# command: emerge --sync
# The 'portage' module doesn't work without the 'equery' command available,
# which is provided by the gentoolkit package
- name: install gentoolkit package
command: emerge app-portage/gentoolkit
args:
creates: /var/db/pkg/app-portage/gentoolkit-*
when: false # old bug in portage?

156
roles/ansible-gentoo_install/tasks/tarball.yml Normal file
View file

@ -0,0 +1,156 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
# localhost
---
- name: "DEBUG: ansible-gentoo_install tarball"
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install tarball"
- name: test we are NOT in the chroot
shell: |
[ -n "{{AGI_NBD_MP}}" ] || exit 2
[ -d "{{AGI_NBD_MP}}" ] || exit 3
check_mode: false
- name: gpg keys system
# Option --keyserver must be used to
environment: "{{proxy_env}}"
shell: |
/usr/bin/gpg --list-keys | grep "{{ item.uid }}" || \
/usr/bin/gpg --recv-keys \
--keyserver "{{ AGI_GPG_SERVER }}" "{{ item.uid }}"
with_items: "{{ agi_gpg_keys_system }}"
when:
- agi_gpg_keys_system|length > 0
- BASE_ARE_CONNECTED|default('') != ''
# FixMe:
ignore_errors: true
- name: check files dir
environment: "{{shell_env}}"
shell: |
AGI_NBD_FILES="{{AGI_NBD_FILES}}"
[ -n "$AGI_NBD_FILES" ] || exit 1
[ -d "$AGI_NBD_FILES" ] || exit 2
- name: determine latest stage tarball
environment: "{{proxy_env}}"
uri:
url: "{{ AGI_install_baseurl }}{{ AGI_install_latest_stage_pointer }}"
return_content: yes
dest: "{{AGI_NBD_FILES}}/latest-stage3-amd64-openrc.txt"
creates: "{{AGI_NBD_FILES}}/latest-stage3-amd64-openrc.txt"
register: latest_stage
- name: read tarball
environment: "{{shell_env}}"
shell: |
AGI_NBD_FILES="{{AGI_NBD_FILES}}"
filename=$(grep ^stage "$AGI_NBD_FILES/latest-stage3-amd64-openrc.txt" | \
sed -e 's/ .*//' ) ;
suffix=$(echo $filename | sed -e 's/.*\././' );
prefix=$(echo $filename | sed -e "s/$suffix//" );
echo $filename
register: tarball_out
- set_fact:
latest_stage_tarball_url_suffix: "{{ ( latest_stage.content.splitlines() | reject('match', '#') | first ).split(' ')[0] }}"
latest_stage_tarball: "{{ ( latest_stage.content.splitlines() | reject('match', '#') | first ).split(' ')[0].split('/')[1] }}"
when:
- not ansible_check_mode
- false
- set_fact:
latest_stage_tarball_url_suffix: "{{tarball_out.stdout}}"
# there's not directory now
latest_stage_tarball: "{{tarball_out.stdout}}"
latest_portage_tarball: portage-20231223.tar.xz
when:
- not ansible_check_mode
- tarball_out.rc|default(1) == 0
- name: fetch latest stage tarball
environment: "{{proxy_env}}"
delegate_to: localhost
uri:
url: "{{ item.url }}"
dest: "{{ item.dest }}"
creates: "{{ item.creates }}"
with_items:
-
url: "{{ AGI_install_baseurl }}{{ latest_stage_tarball_url_suffix }}"
dest: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}"
creates: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}"
-
url: "{{ AGI_install_baseurl }}{{ latest_stage_tarball_url_suffix }}.sha256"
dest: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}.sha256"
creates: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}.sha256"
when:
- not ansible_check_mode
- name: check stage tarball
environment: "{{shell_env}}"
shell: |
cd "{{AGI_NBD_FILES}}" || exit 1
sha256sum "{{ latest_stage_tarball }}.sha256"
when:
- not ansible_check_mode
- name: extract stage tarball
unarchive:
src: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}"
dest: "{{AGI_NBD_MP}}"
remote_src: no
creates: "{{AGI_NBD_MP}}/var"
- name: fetch latest portage tarball
environment: "{{proxy_env}}"
delegate_to: localhost
uri:
url: "{{ AGI_install_baseurl }}{{ latest_portage_tarball }}"
dest: "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}"
creates: "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}"
- name: test portage tarball
environment: "{{shell_env}}"
shell: |
cd "{{AGI_NBD_FILES}}"
md5sum -c "{{ latest_portage_tarball }}.md5sum"
- name: test gpg not GENTOO
environment: "{{shell_env}}"
shell: |
# E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
[ -f /usr/local/share/openpgp-keys/gentoo-release.asc ] || exit 1
gpg --list-keys | grep E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 || \
gpg --import /usr/local/share/openpgp-keys/gentoo-release.asc || exit 2
when:
- "ansible_distribution != 'Gentoo'"
- name: test gpg GENTOO
shell: |
# E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
[ -f /usr/share/openpgp-keys/gentoo-release.asc ] || \
emerge -v sec-keys/openpgp-keys-gentoo-release || exit 1
gpg --list-keys | grep E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 || \
gpg --import /usr/share/openpgp-keys/gentoo-release.asc || exit 2
when:
- "ansible_distribution == 'Gentoo'"
- name: test portage tarball gpg our copy
environment: "{{shell_env}}"
shell: |
# E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
gpg --list-keys | grep E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 || exit 2
gpg --verify "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}.gpgsig" \
"{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}" || exit 3$?
- name: extract portage tarball
unarchive:
src: "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}"
dest: "{{AGI_NBD_MP}}/usr"
remote_src: no
creates: "{{AGI_NBD_MP}}/usr/portage"