diff --git a/README.md b/README.md index d08db01..0c3e481 100644 --- a/README.md +++ b/README.md @@ -83,6 +83,28 @@ There are 3 ansible roles: 3. toxcore : +In addition, toxcore calls an included role ansible-gentoo_install. +This is an updated version of the abandonned +https://github.com/agaffney/ansible-gentoo_install/ This role, +when run on the host, builds the Gentoo base qcow image. As a safety +feature, you must create the qcow2 image and activate it with: + +modprobe nbd +qemu-img $BOX_NBD_BASE_QCOW 20G +qemu-nbd -c $BOX_NBD_DEV $BOX_NBD_BASE_QCOW + +and put these values into the hosts.yml file in the pentoo or devuan +target, depending on your host operating system. The filesytem that +holds base qcow2 $BOX_NBD_BASE_QCOW must have at least 12G available, +and may grow to almost 20G. + +After you have finished building the base qcow2 image, you will want +to dismount it with qemu-nbd -d $BOX_NBD_DEV. Be careful and look +in /proc/partitions to see if it is still there after you dismount it: +it the partition is busy the dismount will fail silently, and you can +get into trouble if partprobe complains. You may have to reboot, +or it may resolve itself. Wierd. + Each role has been conditionalized to run with different connections. ## Connection Types diff --git a/ansible_local.yml b/ansible_local.yml index 1b87fac..0a4836a 100644 --- a/ansible_local.yml +++ b/ansible_local.yml @@ -11,7 +11,7 @@ PLAY_NOSERVICE_CONNECTIONS: ['chroot', 'lxc', 'lxd', 'local'] #? PLAY_NORSYNC_CONNECTIONS: ['chroot', 'lxc', 'lxd', 'local', 'libvirt_qemu'] PLAY_CA_CERT: "/usr/local/etc/ssl/cacert-curl.haxx.se.pem" # proxy? - + # These now come from the inventory except for connection = local,chroot in base_proxy.yml proxy_env: # hostvars[inventory_hostname]['http_proxy'] @@ -52,7 +52,7 @@ # for localhost host operations with hostvms - eg hosts.yml PLAY_ANSIBLE_SRC: "{{ lookup('env', 'PWD')|default('') }}" PLAY_GI_DATA : /a/tmp/GentooImgr - + # lynis objects to . on the PATH and I cant find whos adding it # FixMe: does this change the PATH? environment: @@ -62,7 +62,7 @@ pre_tasks: - block: - + - name: "Suspicious location (.) in PATH discovered" shell: | echo $PATH | grep '\.:' && echo "WARN: dot is on the PATH" && exit 1 @@ -70,13 +70,13 @@ register: dot_on_path_fact # warning not an error - I cant see who is putting it on the PATH - a tailing : ignore_errors: true - + - name: lookup env PATH debug: msg="{{ ansible_env.PATH }}" when: - dot_on_path_fact is defined - dot_on_path_fact is failed - + - name: "set dates" set_fact: DOW: 0 # Day of week - unused @@ -86,16 +86,16 @@ date_dash: "{{ ansible_date_time.date }}" # +%Y-%m-%d date_week_slash: "{{ ansible_date_time.year }}/{{ ansible_date_time.weeknumber }}" date_week_dash: "{{ ansible_date_time.year }}-{{ ansible_date_time.weeknumber }}" - + - debug: msg: "{{date_slash}} ansible_connection={{ansible_connection|default('') }} ROLES={{ROLES}}" - + - name: "hostvars[inventory_hostname]" debug: # |to_yaml msg: "hostvars[inventory_hostname] {{hostvars[inventory_hostname]}}" when: false - + - name: "ansible_lsb.id BOX_OS_FAMILY" assert: that: @@ -106,41 +106,41 @@ - ansible_connection != 'local' - ansible_lsb.id|default('')" != '' ignore_errors: true - + - name: "check BOX_ANSIBLE_CONNECTIONS" assert: that: - "{{ansible_connection in BOX_ANSIBLE_CONNECTIONS}}" - + - name: "we will use sudo and make it a prerequisite" shell: | which sudo || exit 1 # "check ansible_python_interpreter" "{{ansible_python_interpreter|default('python3')}}" --version - + # required tags: always check_mode: false - block: - + - name: check nbd mounts shell: | cat /proc/partitions | grep nbd | head -1 | sed -e 's/.* //' changed_when: false register: nbd_out ignore_errors: true - + - name: nbd state debug: verbosity: 1 msg: 'var={{nbd_out}} BOX_NBD_DEV={{BOX_NBD_DEV}}' ignore_errors: true - + - name: nbd fact no set_fact: nbd_disk: "" - + - name: nbd fact yes set_fact: nbd_dev: "{{nbd_out.stdout}}" @@ -148,7 +148,7 @@ when: - nbd_out.rc|default(1) == 0 - nbd_out.stdout|default('') != '' - + # required tags: always check_mode: false @@ -164,7 +164,7 @@ sudo virsh start "{{ inventory_hostname }}" delegate_to: localhost become: yes - + - name: "spinup libvirt hosts" # pip3.sh install ovirt-engine-sdk-python --break-system-packages ovirt: @@ -178,12 +178,12 @@ become: yes # msg: ovirtsdk required for this module ignore_errors: true - + # required tags: always check_mode: false when: ansible_connection == 'libvirt_qemu' - + # # required? # tags: always # check_mode: false @@ -195,7 +195,7 @@ - role: base # When you use always: it breaks using daily/monthly/weekly tags - OK as base doesnt use them tags: always - + - role: proxy # You should run the proxy role even if you are not behind a proxy. tags: always diff --git a/hosts.yml b/hosts.yml index 3ab3a92..701bfab 100644 --- a/hosts.yml +++ b/hosts.yml @@ -13,7 +13,7 @@ all: y_UEFI_MediCat_VHD_DW: # /var/lib/libvirt/qemu/channel/target/domain-37-y_UEFI_MediCat_VHD_D/org.qemu.guest_agent.0 # doesnt work: ansible_connection: "libvirt_qemu" - + BOX_SERVICE_MGR: "win11" BOX_HOST_NAME: "y_UEFI_MediCat_VHD_DW" @@ -78,7 +78,7 @@ all: BOX_OS_FLAVOR: "Pentoo" BOX_USR_LIB: lib BOX_DEFAULT_OUTPUT_IF: wlan4 - BOX_PROXY_MODE: selektor + BOX_PROXY_MODE: selektor BOX_WHONIX_PROXY_HOST: "" BOX_GENTOO_DISTFILES_ARCHIVES: "/i/net/Http/distfiles.gentoo.org/distfiles" BOX_PROXY_JAVA_NET_PROPERTIES: /etc/java-config-2/current-system-vm/jre/lib/net.properties @@ -113,21 +113,21 @@ all: BOX_WHONIX_PROXY_HOST: "" BOX_PROXY_MODE: tor BOX_GENTOO_FROM_MP: "/mnt/linuxPen19" - + vars: BOX_ANSIBLE_CONNECTIONS: ["local"] BOX_REMOTE_MOUNTS: ['/mnt/h', '/mnt/j','/mnt/i', '/mnt/o', '/mnt/mnt/linuxPen19'] BOX_BASE_FEATURES: ['insecure_sudo'] BOX_PROXY_FEATURES: ['run_dnsmasq', 'run_privoxy'] - BOX_TOXCORE_FEATURES: [] + BOX_TOXCORE_FEATURES: [] # libvirt_group could also be ssh_group linux_libvirt_group: - + hosts: - + gentoo1: - + ansible_remote_addr: "gentoo1" ansible_host: "gentoo1" ansible_ssh_user: "gentoo" @@ -153,7 +153,7 @@ all: BOX_BASE_FEATURES: [] BOX_TOXCORE_FEATURES: ['libvirt', 'docker'] BOX_GENTOO_FROM_MP: "/mnt/linuxPen19" - + ubuntu18.04: # /mnt ansible_remote_addr: "ubuntu18.04" @@ -180,7 +180,7 @@ all: # FixMe base_system_users: ['vagrant'] BOX_TOXCORE_FEATURES: ['libvirt', 'docker'] - + vars: BOX_ANSIBLE_CONNECTIONS: ["ssh", "libvirt_qemu"] # proxy from environment @@ -192,13 +192,13 @@ all: https_proxy: "http://127.0.0.1:9128" socks_proxy: "socks5://127.0.0.1:9050" no_proxy: "localhost,127.0.0.1,127.0.0.1" - + linux_chroot_group : - + hosts: - + linuxGentoo: - + ansible_remote_addr: "/mnt/gentoo" # required ansible_host: "/mnt/gentoo" @@ -226,9 +226,9 @@ all: BOX_NBD_OVERLAY_NAME: "gentoo1" BOX_NBD_OVERLAY_QCOW: "/o/var/lib/libvirt/images/gentoo1.qcow2" BOX_GENTOO_FROM_MP: "/mnt/linuxPen19" - + linuxPen19: - + ansible_remote_addr: "/mnt/linuxPen19" # required ansible_host: "/mnt/linuxPen19" @@ -257,13 +257,13 @@ all: BOX_NBD_BASE_QCOW: "/g/Agile/tmp/Topics/GentooImgr/gentoo.qcow2" BOX_NBD_OVERLAY_QCOW: "/o/var/lib/libvirt/images/gentoo1.qcow2" BOX_NBD_FILES: "/i/data/Agile/tmp/Topics/GentooImgr" - + # linux_chroot_group vars vars: BOX_ANSIBLE_CONNECTIONS: ["local", "chroot"] # ignored? chroot_connection/exe in ansible.cfg? ansible_chroot_exe: "/usr/local/sbin/base_chroot.bash" - + #? ansible_ssh_common_args: "/usr/bin/env -i CHROOT=1" # -i "PATH" # -i "http_proxy https_proxy socks_proxy no_proxy" @@ -283,7 +283,7 @@ all: BOX_NBD_BASE_QCOW: "{{BOX_NBD_BASE_DIR}}/gentoo.qcow2" # BOX_NBD_OVERLAY_QCOW: "/o/var/lib/libvirt/images/gentoo1.qcow2" BOX_NBD_BASE_PUBKEY: "/root/.ssh/id_rsa-ansible.pub" - + # libvirt overlay BOX_NBD_OVERLAY_DIR: "/a/tmp/GentooImgr/create-vm" BOX_NBD_OVERLAY_GB: "20" @@ -293,7 +293,7 @@ all: BOX_NBD_OVERLAY_NETWORK: default # plaintext BOX_NBD_OVERLAY_PASS: "gentoo" - + vars: # These come from the inventory overridden for connection = local,chroot in base_proxy.yml @@ -388,7 +388,7 @@ all: BOX_NBD_LOGLEVEL: 20 BOX_NBD_BASE_QCOW: "" BOX_NBD_BASE_PUBKEY: "/root/.ssh/id_rsa-ansible.pub" - + # libvirt overlay BOX_NBD_OVERLAY_DIR: "" BOX_NBD_OVERLAY_BR: "" @@ -398,7 +398,7 @@ all: BOX_NBD_OVERLAY_RAM: 2048 # plaintext BOX_NBD_OVERLAY_PASS: "" - + # Controls what compression method is used for new-style ansible modules when # they are sent to the remote system. The compression types depend on having # support compiled into both the controller's python and the client's python. @@ -422,7 +422,7 @@ all: # https://distfiles.gentoo.org/releases/amd64/autobuilds/latest-stage3-amd64-hardened-openrc.txt GENTOO_BASE_STAGE_OPENRC_TXT_URL: "https://distfiles.gentoo.org/releases/{{BOX_ARCHITECTURE}}/autobuilds/latest-stage3-{{BOX_ARCHITECTURE}}{{BOX_SUBTYPE}}-openrc.txt" # plus .gpgsig and .md5sum - GENTOO_BASE_PORTAGE_URL: "https://distfiles.gentoo.org/snapshots/portage-latest.tar.xz" + GENTOO_BASE_PORTAGE_URL: "https://distfiles.gentoo.org/snapshots/portage-latest.tar.xz" BOX_GENTOO_DISTFILES_ARCHIVES: "/i/net/Http/distfiles.gentoo.org/distfiles" #? Gentoo specific? @@ -433,7 +433,7 @@ all: BOX_WHONIX_PROXY_HOST: "" BOX_PROXY_FEATURES: [] - BOX_GPG_SERVER: "keys.gnupg.net" + BOX_GPG_SERVER: "keys.gnupg.net" BOX_USR_LIB: lib # if you are on a Gentoo, then / else the mp of a Gentoo if you have one, else '' BOX_GENTOO_FROM_MP: '' diff --git a/roles/ansible-gentoo_install/README.md b/roles/ansible-gentoo_install/README.md index 652f906..a8e5c62 100644 --- a/roles/ansible-gentoo_install/README.md +++ b/roles/ansible-gentoo_install/README.md @@ -1,4 +1,5 @@ # Ansible role: Gentoo_install +https://github.com/agaffney/ansible-gentoo_install/ Performs an installation of Gentoo Linux against an InstallCD environment. diff --git a/roles/ansible-gentoo_install/defaults/main.yml b/roles/ansible-gentoo_install/defaults/main.yml index e2a6495..9447860 100644 --- a/roles/ansible-gentoo_install/defaults/main.yml +++ b/roles/ansible-gentoo_install/defaults/main.yml @@ -24,7 +24,7 @@ AGI_install_network_interfaces: ens3: config: dhcp AGI_container_disk: /dev/vda - + AGI_install_root_password: root AGI_install_syslog_daemon: syslog-ng # app-admin/sysklogd AGI_install_cron_daemon: sys-process/cronie diff --git a/roles/ansible-gentoo_install/tasks/#local.yml# b/roles/ansible-gentoo_install/tasks/#local.yml# deleted file mode 100644 index 1b774c0..0000000 --- a/roles/ansible-gentoo_install/tasks/#local.yml# +++ /dev/null @@ -1,182 +0,0 @@ -# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*- ---- -- name: "DEBUG: ansible-gentoo_install local" - debug: - verbosity: 0 - msg: "DEBUG: ansible-gentoo_install local BOX_NBD_DEV={{BOX_NBD_DEV}}" - check_mode: no - -- assert: - that: - - "'{{BOX_NBD_DEV}}' != ''" - when: ansible_connection in ['local', 'chroot'] - -- set_fact: - AGI_use_local_kernel: true - when: - - ansible_distribution == 'Gentoo' or BOX_GENTOO_FROM_MP not in ['/', ''] - -- set_fact: - AGI_PROXY_MODE: "{{PROXY_MODE|default('')}}" - when: - - PROXY_MODE|default('') != '' - check_mode: no - -- set_fact: - AGI_PROXY_MODE: "{{BOX_PROXY_MODE|default('')}}" - when: - - AGI_PROXY_MODE == '' - check_mode: no - -- block: - - - name: check for mounted disk - shell: | - grep '/dev/{{AGI_NBD_DEV}}' /proc/mounts && exit 0 - ps ax | grep -v grep | \ - grep "qemu-nbd.*/dev/nbd.*{{BOX_NBD_BASE_QCOW}}" && \ - echo WARN looks like theres an active nbd mount of \ - "${BOX_NBD_BASE_QCOW}" && exit 1 - exit 2 - failed_when: false - changed_when: false - register: check_mounted_disk - check_mode: no - - - name: partition if disk not mounted - fail: - msg: "looks like theres an active nbd mount of {{BOX_NBD_BASE_QCOW}}" - when: - - check_mounted_disk.rc == 1 - check_mode: no - - - name: partition if disk not mounted or active - include: disk.yml - when: - - check_mounted_disk.rc > 1 - check_mode: no - - - name: mount root partition - mount: - name: "{{AGI_NBD_MP}}" - src: "{{ AGI_install_disk }}p3" - fstype: ext4 - state: mounted - check_mode: false - - - name: create /boot mountpoint - file: - path: "{{AGI_NBD_MP}}/boot" - state: directory - check_mode: false - - - name: mount boot partition - mount: - name: "{{AGI_NBD_MP}}/boot" - src: "{{ AGI_install_disk }}p1" - fstype: ext2 - state: mounted - check_mode: false - - - name: mount distfiles - delegate_to: localhost - shell: | - [ -d "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] || exit 1 - grep {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} /proc/mounts && exit 0 - [ -d {{AGI_NBD_MP}}/usr/portage/ ] || exit 0 - [ -d {{AGI_NBD_MP}}/usr/portage/distfiles ] || mkdir {{AGI_NBD_MP}}/usr/portage/distfiles - mount --bind {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} {{AGI_NBD_MP}}/usr/portage/distfiles - when: - - "MOUNT_GENTOO_DISTFILES_ARCHIVES != ''" - - "AGI_NBD_MP != ''" - - false # let the tester take care of this - - - include: tarball.yml - - include: copy.yml - when: AGI_use_local_kernel - - include: chroot.yml - - delegate_to: localhost - when: ansible_connection in ['chroot', 'local'] # libvirt? - -- block: - - - name: check chroot wrapper installed - shell: | - [ -x /var/tmp/chroot_wrapper.sh ] || exit 1 - df /mnt/gentoo || exit 2 - /var/tmp/chroot_wrapper.sh df | grep /mnt/gentoo && exit 4 - exit 0 - register: chroot_out - check_mode: false - - - name: enable chroot wrapper - set_fact: - ansible_shell_executable: /var/tmp/chroot_wrapper.sh - old_ansible_python_interpreter: "{{ansible_python_interpreter}}" - ansible_python_interpreter: "/usr/bin/python3" - check_mode: false - - when: ansible_connection in ['local'] - -- block: - - - include: portage.yml - - include: misc.yml - - - include: network.yml - - - include: kernel.yml - when: not AGI_use_local_kernel - - - include: bootloader.yml - - include: daemons.yml - - # - include: finish.yml - - check_mode: false - when: - - "ansible_connection in ['chroot'] or chroot_out.rc|default(1) == 0" - rescue: - - debug: - msg: "ERROR: " - -- name: disable chroot wrapper - set_fact: - ansible_shell_executable: /bin/sh - ansible_python_interpreter: "{{old_ansible_python_interpreter}}" - when: - - "ansible_connection in ['local'] and chroot_out.rc|default(1) == 0" - check_mode: false - -- name: unmount filesystems - mount: - name: "{{AGI_NBD_MP}}/{{ item }}" - state: unmounted - with_items: - - proc - - sys - - dev/pts - - dev/shm - - dev - - boot - - '' - loop_control: - label: "{{AGI_NBD_MP}}/{{ item }}" - when: - - "ansible_connection in ['local'] and chroot_out.rc|default(1) == 0" - - false # leave it mounted for testing - -- name: dismount any other mounts - shell: | - if [ -z "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] && \ - [ -d "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] && \ - grep {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} /proc/mounts ; then - umount {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} - fi - df -a | grep "{{AGI_NBD_MP}}" | sed -e 's/.* //' | tac | while read elt;do - umount $elt - done - when: - - "ansible_connection in ['chroot'] or chroot_out.rc|default(1) == 0" - - false # leave it mounted for testing diff --git a/roles/ansible-gentoo_install/tasks/.#local.yml b/roles/ansible-gentoo_install/tasks/.#local.yml deleted file mode 120000 index 7523540..0000000 --- a/roles/ansible-gentoo_install/tasks/.#local.yml +++ /dev/null @@ -1 +0,0 @@ -root@pentoo.152064:1703733868 \ No newline at end of file diff --git a/roles/ansible-gentoo_install/tasks/bootloader.yml b/roles/ansible-gentoo_install/tasks/bootloader.yml index 714f016..57f3d64 100644 --- a/roles/ansible-gentoo_install/tasks/bootloader.yml +++ b/roles/ansible-gentoo_install/tasks/bootloader.yml @@ -100,7 +100,7 @@ EOF bash /etc/rc.local ignore_errors: true - + - name: rc-update add bootlogd boot shell: | rc-update | grep -q 'bootlogd .* boot' || \ diff --git a/roles/ansible-gentoo_install/tasks/chroot.yml b/roles/ansible-gentoo_install/tasks/chroot.yml index ea769a0..8e20109 100644 --- a/roles/ansible-gentoo_install/tasks/chroot.yml +++ b/roles/ansible-gentoo_install/tasks/chroot.yml @@ -4,7 +4,7 @@ debug: verbosity: 1 msg: "DEBUG: ansible-gentoo_install chroot.yml" - + - name: test we are NOT in the chroot shell: | df | grep "{{AGI_NBD_MP}}" || exit 1 @@ -15,7 +15,7 @@ exit 4 [ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5 check_mode: false - + - name: copy resolv.conf into chroot copy: src: /etc/resolv.conf diff --git a/roles/ansible-gentoo_install/tasks/copy.yml b/roles/ansible-gentoo_install/tasks/copy.yml index d9b84ad..c3b8de1 100644 --- a/roles/ansible-gentoo_install/tasks/copy.yml +++ b/roles/ansible-gentoo_install/tasks/copy.yml @@ -4,7 +4,7 @@ debug: verbosity: 1 msg: "DEBUG: ansible-gentoo_install copy.yml" - + - name: test we are NOT in the chroot shell: | df | grep "{{AGI_NBD_MP}}" || exit 1 @@ -15,7 +15,7 @@ exit 4 [ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5 check_mode: false - + - name: install to mp from source delegate_to: localhost shell: | @@ -33,7 +33,7 @@ echo linux register: kernel_out check_mode: false - + - name: copy kernel sources copy: src: "{{AGI_GENTOO_FROM_MP}}/usr/src/{{kernel_out.stdout}}" @@ -44,7 +44,7 @@ - kernel_out.rc|default(1) == 0 - AGI_use_local_kernel - false # dunno where it went to - + - name: resolve kver shell: | kernel="{{kernel_out.stdout}}" @@ -62,7 +62,7 @@ check_mode: false when: - kver_out.rc|default(1) == 0 - + - name: resolve vmlinux shell: | kver="{{kver_out.stdout}}" @@ -71,7 +71,7 @@ check_mode: false when: - kver_out.rc|default(1) == 0 - + - name: copy kernel vmlinux copy: src: "{{AGI_GENTOO_FROM_MP}}{{vmlinux_out.stdout}}" @@ -89,7 +89,7 @@ check_mode: false when: - kver_out.rc|default(1) == 0 - + - name: copy kernel vmlinux copy: src: "{{AGI_GENTOO_FROM_MP}}{{ramfs_out.stdout}}" @@ -110,5 +110,5 @@ [ -f "{{AGI_NBD_MP}}/{{file}}" ] && continue cp -np "$file" "{{AGI_NBD_MP}}/{{file}}" done - + # dracut diff --git a/roles/ansible-gentoo_install/tasks/daemons.yml b/roles/ansible-gentoo_install/tasks/daemons.yml index 5233ed5..c0db4f2 100644 --- a/roles/ansible-gentoo_install/tasks/daemons.yml +++ b/roles/ansible-gentoo_install/tasks/daemons.yml @@ -4,7 +4,7 @@ debug: verbosity: 1 msg: "DEBUG: ansible-gentoo_install daemons" - + - name: test we are in the chroot shell: | df | grep {{AGI_NBD_MP}} && exit 1 diff --git a/roles/ansible-gentoo_install/tasks/disk.yml b/roles/ansible-gentoo_install/tasks/disk.yml index 5ded907..06c404b 100644 --- a/roles/ansible-gentoo_install/tasks/disk.yml +++ b/roles/ansible-gentoo_install/tasks/disk.yml @@ -4,7 +4,7 @@ debug: verbosity: 1 msg: "DEBUG: ansible-gentoo_install disk.yml" - + - name: test we are NOT in the chroot shell: | grep '/dev/{{AGI_NBD_DEV}}' /proc/mounts && exit 1 @@ -13,29 +13,33 @@ [ "{{ansible_distribution}}" == 'Gentoo' ] || \ ( {{AGI_GENTOO_FROM_MP}} != '' && '{{AGI_GENTOO_FROM_MP}}' != '/' ) || \ exit 4 -l [ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5 + [ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5 check_mode: false - block: - + - name: create disklabel command: parted -s {{ AGI_install_disk }} mklabel {{ AGI_install_disklabel }} register: disklabel_out # stderr: 'Warning: Error fsyncing/closing /dev/nbd1: Input/output error' failed_when: false - + - name: disklabel_out debug: var: disklabel_out # you can get into a wierd state with /dev/nbd - partprobe reports # Error: Partition(s) 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64 on /dev/nbd3 have been written, but we have been unable to inform the kernel of the change, probably because it/they are in use. As a result, the old partition(s) will remain in use. You should reboot now before making further changes. + # and the same thing on all of the rest of your disks! All untrue + # but the qemu -d /dev/nbd1 command will fail silently if busy + when: disklabel_out.rc != 0 + - name: This is fatal - you must reboot fail: msg: "This is fatal - you must reboot. {{disklabel_out.stderr}}" when: - disklabel_out.rc == 1 check_mode: no - + # We need to leave a small gap at the beginning of the disk, or grub won't be # able to install to the MBR - name: create boot partition @@ -43,56 +47,60 @@ l [ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5 parted -s {{ AGI_install_disk }} mkpart primary ext2 1M 200M args: creates: "{{ AGI_install_disk }}p1" - + - name: mark boot partition as active shell: | parted -s {{ AGI_install_disk }} set 1 boot on - + - name: create swap partition shell: | parted -s {{ AGI_install_disk }} -- mkpart primary linux-swap 201M 2200M args: creates: "{{ AGI_install_disk }}p2" - + - name: create root partition shell: | parted -s {{ AGI_install_disk }} -- mkpart primary ext4 2201M 20070M args: creates: "{{ AGI_install_disk }}p3" - + - name: format boot partition filesystem: dev={{ AGI_install_disk }}p1 fstype=ext2 force=yes check_mode: false when: not ansible_check_mode - + - name: format swap partition filesystem: dev={{ AGI_install_disk }}p2 fstype=swap force=yes check_mode: false when: false - + - name: format root partition filesystem: dev={{ AGI_install_disk }}p3 fstype=ext4 force=yes check_mode: false when: not ansible_check_mode + when: false - block: - shell: | - sfdisk {{ AGI_install_disk }} << EOF - label: dos - label-id: 0x14a8b958 - device: {{ AGI_install_disk }} - unit: sectors - sector-size: 512 - {{ AGI_install_disk }}p1 : start= 2048, size= 819200, type=83, bootable - {{ AGI_install_disk }}p2 : start= 821248, size= 4096000, type=82 - {{ AGI_install_disk }}p3 : start= 4917248, size= 37025792, type=83 - EOF - mke2fs {{ AGI_install_disk }}p1 - mke2fs {{ AGI_install_disk }}p3 + - name: create disk partitions + shell: | + sfdisk {{ AGI_install_disk }} << EOF + label: dos + label-id: 0x14a8b958 + device: {{ AGI_install_disk }} + unit: sectors + sector-size: 512 + + {{ AGI_install_disk }}p1 : start= 2048, size= 819200, type=83, bootable + {{ AGI_install_disk }}p2 : start= 821248, size= 4096000, type=82 + {{ AGI_install_disk }}p3 : start= 4917248, size= 37025792, type=83 + EOF + mke2fs {{ AGI_install_disk }}p1 + mke2fs {{ AGI_install_disk }}p3 + when: true - + - name: label partitions shell: | e2label {{ AGI_install_disk }}p3 root diff --git a/roles/ansible-gentoo_install/tasks/finish.yml b/roles/ansible-gentoo_install/tasks/finish.yml index df80bf0..a780c3a 100644 --- a/roles/ansible-gentoo_install/tasks/finish.yml +++ b/roles/ansible-gentoo_install/tasks/finish.yml @@ -26,7 +26,7 @@ grep /mnt/gentoo/ /proc/mounts|tac|while read a b c ;do sudo umount $b;done # leave this to be done grep nbd /proc/mounts || true - + - name: reboot command: reboot async: 0 diff --git a/roles/ansible-gentoo_install/tasks/kernel.yml b/roles/ansible-gentoo_install/tasks/kernel.yml index 7a18af4..ba8ea9c 100644 --- a/roles/ansible-gentoo_install/tasks/kernel.yml +++ b/roles/ansible-gentoo_install/tasks/kernel.yml @@ -4,7 +4,7 @@ debug: verbosity: 1 msg: "DEBUG: ansible-gentoo_install kernel" - + - name: test we are in the chroot shell: | df | grep /mnt/gentoo && exit 1 @@ -28,4 +28,4 @@ args: creates: /boot/kernel-genkernel-* - + diff --git a/roles/ansible-gentoo_install/tasks/local.yml b/roles/ansible-gentoo_install/tasks/local.yml index 1b774c0..98d56b2 100644 --- a/roles/ansible-gentoo_install/tasks/local.yml +++ b/roles/ansible-gentoo_install/tasks/local.yml @@ -19,7 +19,7 @@ - set_fact: AGI_PROXY_MODE: "{{PROXY_MODE|default('')}}" when: - - PROXY_MODE|default('') != '' + - PROXY_MODE|default('') != '' check_mode: no - set_fact: @@ -29,7 +29,7 @@ check_mode: no - block: - + - name: check for mounted disk shell: | grep '/dev/{{AGI_NBD_DEV}}' /proc/mounts && exit 0 @@ -42,20 +42,20 @@ changed_when: false register: check_mounted_disk check_mode: no - + - name: partition if disk not mounted fail: msg: "looks like theres an active nbd mount of {{BOX_NBD_BASE_QCOW}}" when: - check_mounted_disk.rc == 1 check_mode: no - + - name: partition if disk not mounted or active include: disk.yml when: - check_mounted_disk.rc > 1 check_mode: no - + - name: mount root partition mount: name: "{{AGI_NBD_MP}}" @@ -63,13 +63,13 @@ fstype: ext4 state: mounted check_mode: false - + - name: create /boot mountpoint file: path: "{{AGI_NBD_MP}}/boot" state: directory check_mode: false - + - name: mount boot partition mount: name: "{{AGI_NBD_MP}}/boot" @@ -90,7 +90,7 @@ - "MOUNT_GENTOO_DISTFILES_ARCHIVES != ''" - "AGI_NBD_MP != ''" - false # let the tester take care of this - + - include: tarball.yml - include: copy.yml when: AGI_use_local_kernel @@ -100,7 +100,7 @@ when: ansible_connection in ['chroot', 'local'] # libvirt? - block: - + - name: check chroot wrapper installed shell: | [ -x /var/tmp/chroot_wrapper.sh ] || exit 1 @@ -109,7 +109,7 @@ exit 0 register: chroot_out check_mode: false - + - name: enable chroot wrapper set_fact: ansible_shell_executable: /var/tmp/chroot_wrapper.sh @@ -118,14 +118,14 @@ check_mode: false when: ansible_connection in ['local'] - + - block: - include: portage.yml - include: misc.yml - include: network.yml - + - include: kernel.yml when: not AGI_use_local_kernel @@ -140,7 +140,7 @@ rescue: - debug: msg: "ERROR: " - + - name: disable chroot wrapper set_fact: ansible_shell_executable: /bin/sh diff --git a/roles/ansible-gentoo_install/tasks/main.yml b/roles/ansible-gentoo_install/tasks/main.yml index 8be474d..7b70b4b 100644 --- a/roles/ansible-gentoo_install/tasks/main.yml +++ b/roles/ansible-gentoo_install/tasks/main.yml @@ -15,7 +15,7 @@ when: - "'ansible-gentoo_install' in ROLES" - ansible_check_mode is true - + - name: look for nbd partitions shell: | grep nbd /proc/partitions | head -1|sed -e 's/.* //' @@ -46,7 +46,7 @@ ignore_errors: true - block: - + - name: set AGI_gentooimgr_configs set_fact: AGI_gentooimgr_configs: "{{gentooimgr_out.stdout}}/configs" diff --git a/roles/ansible-gentoo_install/tasks/misc.yml b/roles/ansible-gentoo_install/tasks/misc.yml index 1307537..c6b46af 100644 --- a/roles/ansible-gentoo_install/tasks/misc.yml +++ b/roles/ansible-gentoo_install/tasks/misc.yml @@ -97,7 +97,7 @@ mode: '0640' - block: - + - name: make symlinks shell: | {% for elt in AGI_bootstrap_pkgs %} diff --git a/roles/ansible-gentoo_install/tasks/portage.yml b/roles/ansible-gentoo_install/tasks/portage.yml index 00f4298..82d8ad8 100644 --- a/roles/ansible-gentoo_install/tasks/portage.yml +++ b/roles/ansible-gentoo_install/tasks/portage.yml @@ -39,7 +39,7 @@ - name: install portage tree snapshot command: emerge-webrsync when: false - + #- name: update portage tree # command: emerge --sync diff --git a/roles/ansible-gentoo_install/tasks/tarball.yml b/roles/ansible-gentoo_install/tasks/tarball.yml index dfc1956..cb300ac 100644 --- a/roles/ansible-gentoo_install/tasks/tarball.yml +++ b/roles/ansible-gentoo_install/tasks/tarball.yml @@ -5,7 +5,7 @@ debug: verbosity: 1 msg: "DEBUG: ansible-gentoo_install tarball" - + - name: test we are NOT in the chroot shell: | [ -n "{{AGI_NBD_MP}}" ] || exit 2 @@ -52,7 +52,7 @@ prefix=$(echo $filename | sed -e "s/$suffix//" ); echo $filename register: tarball_out - + - set_fact: latest_stage_tarball_url_suffix: "{{ ( latest_stage.content.splitlines() | reject('match', '#') | first ).split(' ')[0] }}" latest_stage_tarball: "{{ ( latest_stage.content.splitlines() | reject('match', '#') | first ).split(' ')[0].split('/')[1] }}" @@ -68,7 +68,7 @@ when: - not ansible_check_mode - tarball_out.rc|default(1) == 0 - + - name: fetch latest stage tarball environment: "{{proxy_env}}" delegate_to: localhost @@ -95,7 +95,7 @@ sha256sum "{{ latest_stage_tarball }}.sha256" when: - not ansible_check_mode - + - name: extract stage tarball unarchive: src: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}" diff --git a/roles/ansible-gentoo_install/vars/target_Gentoo2.yml b/roles/ansible-gentoo_install/vars/target_Gentoo2.yml index b0f13e4..56c1b1b 100644 --- a/roles/ansible-gentoo_install/vars/target_Gentoo2.yml +++ b/roles/ansible-gentoo_install/vars/target_Gentoo2.yml @@ -41,7 +41,7 @@ AGI_bootstrap_dirs: - etc/portage/repos.conf - etc/portage/savedconfig - etc/portage/sets - + AGI_bootstrap_files: - usr/local/etc/local.d/local.bash - usr/local/bin/usr_local_tput.bash @@ -69,7 +69,7 @@ AGI_bootstrap_pkgs: - sys-libs/gpm - app-portage/eix - www-client/lynx - + AGI_cloud_pkgs: # get these from base.json - acpid diff --git a/roles/toxcore/defaults/main.yml b/roles/toxcore/defaults/main.yml index 71bed36..04c414f 100644 --- a/roles/toxcore/defaults/main.yml +++ b/roles/toxcore/defaults/main.yml @@ -27,4 +27,4 @@ TOXCORE_GENTOO_FROM_MP: "{{BOX_GENTOO_FROM_MP}}" TOXCORE_FEATURES: - libvirt - docker - + diff --git a/roles/toxcore/tasks/Gentoo.yml b/roles/toxcore/tasks/Gentoo.yml index 1ab48ce..91860ab 100644 --- a/roles/toxcore/tasks/Gentoo.yml +++ b/roles/toxcore/tasks/Gentoo.yml @@ -84,7 +84,7 @@ PORTAGE_ELOG_CLASSES="warn error" # NOT syslog PORTAGE_ELOG_SYSTEM="save" - + - name: "/etc/portage/make.conf base Gentoo2.yml CFLAGS" blockinfile: dest: /etc/portage/make.conf @@ -94,7 +94,7 @@ # -pipe CFLAGS="-mtune=generic -O2" CXXFLAGS="-mtune=generic -O2" - + - name: "/etc/portage/make.conf base Gentoo.yml PORT_LOGDIR" blockinfile: dest: /etc/portage/make.conf @@ -104,7 +104,7 @@ PORT_LOGDIR="/var/log/portage" PORTAGE_ELOG_CLASSES="log warn error info" PORTAGE_ELOG_SYSTEM="echo:log,warn save:log,warn,error,info syslog:error" - + - name: "/etc/portage/make.conf base Gentoo.yml ACCEPT_KEYWORDS" blockinfile: dest: /etc/portage/make.conf @@ -114,7 +114,7 @@ # In ACCEPT_KEYWORDS, ~amd64 is used for current 64-bit builds; # There is no tilde for the stable build. ACCEPT_KEYWORDS="~amd64" - + - name: "/etc/portage/make.conf base Gentoo.yml GENTOO_MIRRORS" blockinfile: dest: /etc/portage/make.conf @@ -122,7 +122,7 @@ marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml [GENTOO_MIRRORS]" block: | GENTOO_MIRRORS="http://distfiles.gentoo.org" - + - name: "/etc/portage/make.conf Gentoo2 base" blockinfile: dest: /etc/portage/make.conf @@ -131,7 +131,7 @@ block: | # 2016-01 added for some py packages COLLISION_IGNORE="/lib/modules/* *.py[co] __init__.py" - + - name: "/etc/portage/make.conf Gentoo2 UNINSTALL_IGNORE" blockinfile: dest: /etc/portage/make.conf @@ -140,7 +140,7 @@ block: | # 2017-01 added for kernel compiling UNINSTALL_IGNORE="/usr/src /opt /usr/lib32 /usr/lib64/python2.7" - + - name: "/etc/portage/make.conf Gentoo2 FEATURES-preserve-libs" blockinfile: dest: /etc/portage/make.conf @@ -149,7 +149,7 @@ block: | # https://wiki.gentoo.org/wiki/Project:Toolchain/libcrypt_implementation FEATURES="${FEATURES} preserve-libs" - + - name: "/etc/portage/make.conf Gentoo2 FEATURES" blockinfile: dest: /etc/portage/make.conf @@ -166,6 +166,6 @@ CXXFLAGS="-mtune=generic -O2 -pipe" FCFLAGS="${CFLAGS}" FFLAGS="${CFLAGS}" - + when: true diff --git a/roles/toxcore/tasks/bootstrap_nbd.yml b/roles/toxcore/tasks/bootstrap_nbd.yml index 9ed9ce8..f94c24d 100644 --- a/roles/toxcore/tasks/bootstrap_nbd.yml +++ b/roles/toxcore/tasks/bootstrap_nbd.yml @@ -18,27 +18,27 @@ parted -s {{nbd_disk}} mkpart primary 2048s 100% partprobe mkfs.ext4 -FF {{nbd_disk}}p1 - + - name: "mount the disk" shell: | df | grep {{nbd_disk}}p1 && exit 0 [ -d {{BASE_NBD_MP}} ] || mkdir {{BASE_NBD_MP}} mount {{nbd_disk}}p1 {{BASE_NBD_MP}} [ -d {{BASE_NBD_MP}}/lost+found ] - + - name: "check the disk" shell: | df | grep {{nbd_disk}}p1 || exit 1 [ -d {{BASE_NBD_MP}}/lost+found ] || exit 2 - - + + - name: check the downloads step5 shell: | stage3_asc=stage3-amd64-openrc-20231217T170203Z.tar.xz.sha256 stage3_xz=stage3-amd64-openrc-20231217T170203Z.tar.xz sha256sum -c $stage3_asc tar xJpf $stage3 --xattrs-include='*.*' --numeric-owner -C {{BASE_NBD_MP} - + portage_xz=portage-20231221.tar.xz tar xpJf $portage -C {{BASE_NBD_MP}}/usr @@ -50,10 +50,10 @@ [ -d etc/portage/package.license ] || mkdir -p etc/portage/package.license EOF - + chdir: "{{BASE_NBD_MP}}" creates: "{{BASE_NBD_MP}}/etc" - + - name: chroot into the partition - step4 shell: | df | grep {{nbd_disk}}p1 || exit 1 @@ -74,7 +74,7 @@ - name: stop here shell: | exit 1 - + delegate_to: localhost when: - nbd_disk != '' diff --git a/roles/toxcore/tasks/daily.yml b/roles/toxcore/tasks/daily.yml index 266028f..c05e691 100644 --- a/roles/toxcore/tasks/daily.yml +++ b/roles/toxcore/tasks/daily.yml @@ -21,7 +21,7 @@ become_user: "{{ BOX_USER_NAME }}" ignore_errors: true check_mode: false - + - name: "run toxcore_daily.bash" environment: "{{ shell_proxy_env }}" shell: | diff --git a/roles/toxcore/tasks/hourly.yml b/roles/toxcore/tasks/hourly.yml index bdca1d7..7e015dd 100644 --- a/roles/toxcore/tasks/hourly.yml +++ b/roles/toxcore/tasks/hourly.yml @@ -16,7 +16,7 @@ when: - false # this is vagrant only - "ansible_virtualization_role|replace('NA', 'host') != 'host'" - + - name: check guest-agent # was toxcore_bin.bash shell: | @@ -28,7 +28,7 @@ exit 0 # $retval } exit 0 - + when: "ansible_virtualization_role|replace('NA', 'host') != 'host'" - name: run toxcore_check_modules.bash diff --git a/roles/toxcore/tasks/main.yml b/roles/toxcore/tasks/main.yml index 1e18700..e456e11 100644 --- a/roles/toxcore/tasks/main.yml +++ b/roles/toxcore/tasks/main.yml @@ -5,8 +5,8 @@ - name: "toxcore main.yml" debug: verbosity: 1 - msg: "toxcore main.yml BOX_OS_FAMILY={{BOX_OS_FAMILY}} {{BOX_GENTOO_FROM_MP}} {{ansible_virtualization_role|replace('NA', 'host')}}" - + msg: "toxcore main.yml BOX_OS_FAMILY={{BOX_OS_FAMILY}} {{BOX_GENTOO_FROM_MP}} {{ansible_virtualization_role|replace('NA', 'host')}}" + - name: toxcore include_vars include_vars: "{{item}}.yml" with_items: @@ -80,7 +80,7 @@ DIR=$KDIR/misc [ -d $DIR ] || { echo WARN: no directory $DIR ; exit 0 ; } /var/local/bin/toxcore_sign_modules.bash {{ toxcore_kmods_in_host|flatten|join(' ') }} - + when: false # this changes with kernel 4 -> 5 @@ -160,8 +160,8 @@ environment: "{{ shell_proxy_env }}" shell: | [ -f /usr/share/openpgp-keys/gentoo-release.asc ] && exit 0 - gpg --import /usr/local/share/openpgp-keys/gentoo-release.asc - + gpg --import /usr/local/share/openpgp-keys/gentoo-release.asc + # this should not run as root # delegate_to: localhost? - no - per test - name: "usr_local_toxcore.bash" @@ -177,7 +177,7 @@ become_user: "{{ BOX_USER_NAME }}" ignore_errors: true check_mode: false - + - name: "include_tasks toxcore vms as root" include_tasks: file: "{{LOOP_ITEM}}.yml" @@ -226,7 +226,7 @@ # - "{{ 'docker_users' if 'docker' in TOXCORE_FEATURES else '' }}" loop_control: loop_var: LOOP_USER_F - + - name: enable and start toxcore services service: name: "{{ item }}" @@ -275,7 +275,7 @@ # -m MAC address to use (default is to use a randomly-generated MAC) # -p ansible users plaintext password # -k Full path and name of the ansible user's public key file (required) - + - name: run toxcore_create-vm.bash delegate_to: localhost shell: | @@ -295,7 +295,7 @@ -d {{BOX_NBD_OVERLAY_DIR}} \ -b virbr0 \ -p gentoo \ - -o gentoo + -o gentoo ignore_errors: true when: - "ansible_virtualization_role|replace('NA', 'host') == 'host'" diff --git a/roles/toxcore/tasks/users.yml b/roles/toxcore/tasks/users.yml index 5b7848d..ff2a079 100644 --- a/roles/toxcore/tasks/users.yml +++ b/roles/toxcore/tasks/users.yml @@ -8,7 +8,7 @@ msg: "toxcore users.yml LOOP_USER_F={{LOOP_USER_F[0]}}" - block: - + - name: /etc/sysconfig/docker blockinfile: dest: /etc/sysconfig/docker @@ -108,7 +108,7 @@ # - windows-qt5 # - windows - + - name: Run toxygen_wrapper on the tester delegate_to: localhost shell: | diff --git a/roles/toxcore/tasks/vms.yml b/roles/toxcore/tasks/vms.yml index a09b6c6..1aa3308 100644 --- a/roles/toxcore/tasks/vms.yml +++ b/roles/toxcore/tasks/vms.yml @@ -11,7 +11,7 @@ shell: | [ -e /dev/kvm ] delegate_to: localhost - + - name: "make a directory for /etc/pki/qemu" file: path: "{{item }}" @@ -120,7 +120,7 @@ - debug: verbosity: 1 msg: "Ignoring error" - + #libvirt - block: diff --git a/roles/toxcore/vars/Devuan5.yml b/roles/toxcore/vars/Devuan5.yml index 872ba68..4c27207 100644 --- a/roles/toxcore/vars/Devuan5.yml +++ b/roles/toxcore/vars/Devuan5.yml @@ -201,7 +201,7 @@ toxcore_aws_debs_inst: - awscli toxcore_pips2_inst: [] - + toxcore_pips3_inst: - pycrypto - pywinrm @@ -210,4 +210,4 @@ toxcore_pips3_inst: - msgpack_python - pysha3 - pycryptodomex - + diff --git a/src/ansible_gentooimgr.bash b/src/ansible_gentooimgr.bash new file mode 100644 index 0000000..13f4793 --- /dev/null +++ b/src/ansible_gentooimgr.bash @@ -0,0 +1,2 @@ +#!/bin/sh +