preseed: debian buster names interfaces differently than stretch and in a way that...

diff --git a/ansible/roles/preseed/defaults/main.yml b/ansible/roles/preseed/defaults/main.yml
new file mode 100644 (file)
index 0000000..b120f13
--- /dev/null
+++ b/ansible/roles/preseed/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+#preseed_force_net_ifnames_policy: path

diff --git a/ansible/roles/preseed/tasks/main.yml b/ansible/roles/preseed/tasks/main.yml
index 3575d29..fbe25a8 100644 (file)
--- a/ansible/roles/preseed/tasks/main.yml
+++ b/ansible/roles/preseed/tasks/main.yml
@@ -1,3 +1,4 @@
+---
 - name: Copy initramfs into position
   copy:
     remote_src: yes
@@ -16,6 +17,21 @@
     path: "{{ preseed_tmpdir }}/authorized_keys"
     key: "{{ ssh_users_root | user_ssh_keys(users) | join('\n') }}"
 
+- name: force net interface name policy
+  when: preseed_force_net_ifnames_policy is defined
+  block:
+  - name: prepare directories to force network interface name policy
+    file:
+      path: "{{ preseed_tmpdir }}/etc/systemd/network"
+      state: directory
+
+  - name: install link unit to force network interface name policy
+    copy:
+      dest: "{{ preseed_tmpdir }}/etc/systemd/network/90-namepolicy.link"
+      content: |
+        [Link]
+        NamePolicy={{ preseed_force_net_ifnames_policy }}
+
 - name: Inject files into initramfs
   shell: cpio -H newc -o | gzip -9 >> 'initrd.preseed.gz'
   args:
@@ -23,5 +39,9 @@
     stdin: |
       preseed.cfg
       authorized_keys
+      etc/
+      etc/systemd/
+      etc/systemd/network/
+      etc/systemd/network/90-namepolicy.link
   tags:
   - skip_ansible_lint

diff --git a/ansible/roles/preseed/templates/preseed_debian-buster.cfg.j2 b/ansible/roles/preseed/templates/preseed_debian-buster.cfg.j2
index 3e44ec9..d5984f2 100644 (file)
--- a/ansible/roles/preseed/templates/preseed_debian-buster.cfg.j2
+++ b/ansible/roles/preseed/templates/preseed_debian-buster.cfg.j2
@@ -117,8 +117,14 @@ d-i preseed/late_command string \
     in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \
     in-target bash -c "passwd -d root && passwd -l root"; \
     in-target bash -c "sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces"; \
-    mkdir -p -m 0700 /target/root/.ssh; \
-    cp /authorized_keys /target/root/.ssh/; \
+{% if preseed_force_net_ifnames_policy is defined %}
+    mkdir -p /target/etc/systemd/network; \
+    in-target bash -c "echo '[Link]' > /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo 'NamePolicy={{ preseed_force_net_ifnames_policy }}' >> /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "update-initramfs -u"; \
+{% endif %}
 {% if hostvars[hostname].ansible_port is defined %}
-    in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config"
+    in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config"; \
 {% endif %}
+    mkdir -p -m 0700 /target/root/.ssh; \
+    cp /authorized_keys /target/root/.ssh/

diff --git a/ansible/roles/preseed/templates/preseed_debian-stretch.cfg.j2 b/ansible/roles/preseed/templates/preseed_debian-stretch.cfg.j2
index daaa37a..14d371f 100644 (file)
--- a/ansible/roles/preseed/templates/preseed_debian-stretch.cfg.j2
+++ b/ansible/roles/preseed/templates/preseed_debian-stretch.cfg.j2
@@ -117,8 +117,14 @@ d-i preseed/late_command string \
     in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \
     in-target bash -c "passwd -d root && passwd -l root"; \
     in-target bash -c "sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces"; \
-    mkdir -p -m 0700 /target/root/.ssh; \
-    cp /authorized_keys /target/root/.ssh/; \
+{% if preseed_force_net_ifnames_policy is defined %}
+    mkdir -p /target/etc/systemd/network; \
+    in-target bash -c "echo '[Link]' > /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo 'NamePolicy={{ preseed_force_net_ifnames_policy }}' >> /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "update-initramfs -u"; \
+{% endif %}
 {% if hostvars[hostname].ansible_port is defined %}
-    in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config"
+    in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config"; \
 {% endif %}
+    mkdir -p -m 0700 /target/root/.ssh; \
+    cp /authorized_keys /target/root/.ssh/

diff --git a/ansible/roles/preseed/templates/preseed_ubuntu-bionic.cfg.j2 b/ansible/roles/preseed/templates/preseed_ubuntu-bionic.cfg.j2
index f37fa58..9054dab 100644 (file)
--- a/ansible/roles/preseed/templates/preseed_ubuntu-bionic.cfg.j2
+++ b/ansible/roles/preseed/templates/preseed_ubuntu-bionic.cfg.j2
@@ -124,8 +124,14 @@ d-i preseed/late_command string \
     in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \
     in-target bash -c "passwd -d root && passwd -l root"; \
     in-target bash -c "sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces"; \
-    mkdir -p -m 0700 /target/root/.ssh; \
-    cp /authorized_keys /target/root/.ssh/; \
+{% if preseed_force_net_ifnames_policy is defined %}
+    mkdir -p /target/etc/systemd/network; \
+    in-target bash -c "echo '[Link]' > /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo 'NamePolicy={{ preseed_force_net_ifnames_policy }}' >> /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "update-initramfs -u"; \
+{% endif %}
 {% if hostvars[hostname].ansible_port is defined %}
-    in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config"
+    in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config"; \
 {% endif %}
+    mkdir -p -m 0700 /target/root/.ssh; \
+    cp /authorized_keys /target/root/.ssh/

diff --git a/ansible/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2 b/ansible/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2
index e70dfb4..0252853 100644 (file)
--- a/ansible/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2
+++ b/ansible/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2
@@ -124,8 +124,14 @@ d-i preseed/late_command string \
     in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \
     in-target bash -c "passwd -d root && passwd -l root"; \
     in-target bash -c "sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces"; \
-    mkdir -p -m 0700 /target/root/.ssh; \
-    cp /authorized_keys /target/root/.ssh/; \
+{% if preseed_force_net_ifnames_policy is defined %}
+    mkdir -p /target/etc/systemd/network; \
+    in-target bash -c "echo '[Link]' > /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo 'NamePolicy={{ preseed_force_net_ifnames_policy }}' >> /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "update-initramfs -u"; \
+{% endif %}
 {% if hostvars[hostname].ansible_port is defined %}
-    in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config"
+    in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config"; \
 {% endif %}
+    mkdir -p -m 0700 /target/root/.ssh; \
+    cp /authorized_keys /target/root/.ssh/

diff --git a/ansible/roles/vm/install/tasks/main.yml b/ansible/roles/vm/install/tasks/main.yml
index e669fa3..a883758 100644 (file)
--- a/ansible/roles/vm/install/tasks/main.yml
+++ b/ansible/roles/vm/install/tasks/main.yml
@@ -17,8 +17,9 @@
         name: preseed
       vars:
         ssh_users_root: "{{ hostvars[hostname].ssh_users_root }}"
-        install_interface: enp1s1
         preseed_tmpdir: "{{ tmpdir.path }}"
+        preseed_force_net_ifnames_policy: path
+        install_interface: enp1s1
 
     - name: Make preseed workdir readable by qemu
       acl: