From 6b3a9335bde11948e7538930d57fd2c2853f6583 Mon Sep 17 00:00:00 2001 From: nicoo Date: Sun, 17 Jun 2018 17:56:26 +0200 Subject: [PATCH] Move preseed generation to a separate role --- ansible/group_vars/kvmhosts/main.yml | 2 + ansible/host_vars/alfred/main.yml | 2 - ansible/roles/preseed/defaults/main.yml | 1 + ansible/roles/preseed/tasks/main.yml | 39 +++++++ .../templates/preseed_debian-stretch.cfg.j2 | 110 +++++++++++++++++++ .../preseed/templates/preseed_ubuntu-xenial.cfg.j2 | 114 ++++++++++++++++++++ ansible/roles/vm/host/tasks/main.yml | 10 +- ansible/roles/vm/install/meta/main.yml | 6 ++ ansible/roles/vm/install/tasks/main.yml | 40 ------- .../vm/install/templates/libvirt-domain.xml.j2 | 4 +- .../templates/preseed_debian-stretch.cfg.j2 | 110 ------------------- .../install/templates/preseed_ubuntu-xenial.cfg.j2 | 114 -------------------- ansible/vm-install.sh | 2 +- 13 files changed, 280 insertions(+), 274 deletions(-) create mode 100644 ansible/group_vars/kvmhosts/main.yml create mode 100644 ansible/roles/preseed/defaults/main.yml create mode 100644 ansible/roles/preseed/tasks/main.yml create mode 100644 ansible/roles/preseed/templates/preseed_debian-stretch.cfg.j2 create mode 100644 ansible/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2 create mode 100644 ansible/roles/vm/install/meta/main.yml delete mode 100644 ansible/roles/vm/install/templates/preseed_debian-stretch.cfg.j2 delete mode 100644 ansible/roles/vm/install/templates/preseed_ubuntu-xenial.cfg.j2 diff --git a/ansible/group_vars/kvmhosts/main.yml b/ansible/group_vars/kvmhosts/main.yml new file mode 100644 index 0000000..79c3bd7 --- /dev/null +++ b/ansible/group_vars/kvmhosts/main.yml @@ -0,0 +1,2 @@ +preseed_path: /srv/preseed +debian_installer_path: /srv/installer diff --git a/ansible/host_vars/alfred/main.yml b/ansible/host_vars/alfred/main.yml index 5c0682a..48f4ee5 100644 --- a/ansible/host_vars/alfred/main.yml +++ b/ansible/host_vars/alfred/main.yml @@ -2,8 +2,6 @@ vm_host: installer: net_if: br-mgmt - preseed_path: /srv/preseed - path: /srv/installer distros: - distro: debian codename: stretch diff --git a/ansible/roles/preseed/defaults/main.yml b/ansible/roles/preseed/defaults/main.yml new file mode 100644 index 0000000..9b25865 --- /dev/null +++ b/ansible/roles/preseed/defaults/main.yml @@ -0,0 +1 @@ +ssh_keys: "{{ noc_ssh_keys }}" diff --git a/ansible/roles/preseed/tasks/main.yml b/ansible/roles/preseed/tasks/main.yml new file mode 100644 index 0000000..f77540a --- /dev/null +++ b/ansible/roles/preseed/tasks/main.yml @@ -0,0 +1,39 @@ +- block: + - name: Make a temporary directory + command: mktemp -d + register: tmpdir + + - set_fact: + tmpdir: "{{ tmpdir.stdout }}" + initramfs: "{{ preseed_path | mandatory }}/{{ hostname }}-{{ distro }}-{{ distcodename }}.initrd.gz" + + - name: Copy initramfs into position + copy: + remote_src: yes + src: "{{ debian_installer_path | mandatory }}/{{ distro }}-{{ distcodename }}/{{ install.arch | default('amd64') }}/initrd.gz" + dest: "{{ initramfs }}" + + - name: Generate preseed file + template: + src: "preseed_{{ distro }}-{{ distcodename }}.cfg.j2" + dest: "{{ tmpdir }}/preseed.cfg" + + - name: Generate authorized_keys file + authorized_key: + user: root + path: "{{ tmpdir }}/authorized_keys" + key: "{{ ssh_keys | join('\n') }}" + + - name: Inject files into initramfs + shell: cpio -H newc -o | gzip -9 >> '{{ initramfs }}' + args: + chdir: "{{ tmpdir }}" + stdin: | + preseed.cfg + authorized_keys + + always: + - name: Delete temporary directory + file: + path: "{{ tmpdir }}" + state: absent diff --git a/ansible/roles/preseed/templates/preseed_debian-stretch.cfg.j2 b/ansible/roles/preseed/templates/preseed_debian-stretch.cfg.j2 new file mode 100644 index 0000000..d802418 --- /dev/null +++ b/ansible/roles/preseed/templates/preseed_debian-stretch.cfg.j2 @@ -0,0 +1,110 @@ +######################################################################### +# realraum preseed file for Debian stretch based VMs +######################################################################### + +d-i debian-installer/language string en +d-i debian-installer/country string AT +d-i debian-installer/locale string en_US.UTF-8 +d-i keyboard-configuration/xkb-keymap select us + +d-i netcfg/disable_dhcp boolean true +d-i netcfg/choose_interface select enp1s1 +d-i netcfg/disable_autoconfig boolean false +d-i netcfg/get_ipaddress string {{ hostvars[vmname].vm_network_cooked.primary.ip }} +d-i netcfg/get_netmask string {{ hostvars[vmname].vm_network_cooked.primary.mask }} +d-i netcfg/get_gateway string {{ hostvars[vmname].vm_network_cooked.primary.gateway }} +d-i netcfg/get_nameservers string {{ hostvars[vmname].vm_network_cooked.nameservers | join(' ') }} +d-i netcfg/confirm_static boolean true + +d-i netcfg/get_hostname string {{ vmname }} +d-i netcfg/get_domain string {{ hostvars[vmname].vm_network_cooked.domain }} +d-i netcfg/wireless_wep string + + +d-i mirror/country string manual +d-i mirror/http/hostname string debian.ffgraz.net +d-i mirror/http/directory string /debian +d-i mirror/http/proxy string + + +d-i passwd/make-user boolean false +d-i passwd/root-password password this-very-very-secure-password-will-be-removed-by-latecommand +d-i passwd/root-password-again password this-very-very-secure-password-will-be-removed-by-latecommand + + +d-i clock-setup/utc boolean true +d-i time/zone string Europe/Vienna +d-i clock-setup/ntp boolean false + + +d-i partman-auto/disk string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} +d-i partman-auto/method string lvm +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-md/device_remove_md boolean true + +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true + +d-i partman-auto/expert_recipe string \ + boot-root :: \ + 1000 10000 -1 ext4 \ + $defaultignore{ } $primary{ } $bootable{ } \ + method{ lvm } vg_name{ {{ vmname }} } \ + . \ + 2048 10000 2560 ext4 \ + $lvmok{ } in_vg{ {{ vmname }} } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ / } \ + . \ + 1024 11000 1280 ext4 \ + $lvmok{ } in_vg{ {{ vmname }} } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ /var } \ + . \ + 768 10000 768 ext4 \ + $lvmok{ } in_vg{ {{ vmname }} } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ /var/log } \ + options/nodev{ nodev } options/noatime{ noatime } \ + options/noexec{ noexec } \ + . \ + 16 20000 -1 ext4 \ + $lvmok{ } in_vg{ {{ vmname }} } \ + method( keep } lv_name{ dummy } \ + . + +d-i partman-auto-lvm/no_boot boolean true +d-i partman-basicfilesystems/no_swap true +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true + + +d-i base-installer/install-recommends boolean false +d-i apt-setup/security_host string debian.ffgraz.net + +tasksel tasksel/first multiselect +d-i pkgsel/include string openssh-server python +d-i pkgsel/upgrade select safe-upgrade +popularity-contest popularity-contest/participate boolean false + +d-i grub-installer/choose_bootdev string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} +d-i grub-installer/only_debian boolean true +d-i grub-installer/with_other_os boolean false + +d-i finish-install/reboot_in_progress note + + +d-i preseed/late_command string \ + lvremove -f {{ vmname }}/dummy; \ + in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \ + in-target bash -c "passwd -d root && passwd -l root"; \ + mkdir -p -m 0700 /target/root/.ssh; \ + cp /authorized_keys /target/root/.ssh/; \ +{% if hostvars[vmname].ansible_port is defined %} + in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[vmname].ansible_port }}/' -i /etc/ssh/sshd_config" +{% endif %} diff --git a/ansible/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2 b/ansible/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2 new file mode 100644 index 0000000..aaae381 --- /dev/null +++ b/ansible/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2 @@ -0,0 +1,114 @@ +######################################################################### +# realraum preseed file for Ubuntu xenial based VMs +######################################################################### + +d-i debian-installer/language string en +d-i debian-installer/country string AT +d-i debian-installer/locale string en_US.UTF-8 +d-i localechooser/preferred-locale string en_US.UTF-8 +d-i localechooser/supported-locales multiselect de_DE.UTF-8, de_AT.UTF-8 +d-i console-setup/ask_detect boolean false +d-i keyboard-configuration/xkb-keymap select us +d-i keyboard-configuration/layoutcode string us + + +#d-i netcfg/choose_interface select enp1s1 +#d-i netcfg/disable_autoconfig boolean false +#d-i netcfg/get_ipaddress string {{ hostvars[vmname].vm_network_cooked.primary.ip }} +#d-i netcfg/get_netmask string {{ hostvars[vmname].vm_network_cooked.primary.mask }} +#d-i netcfg/get_gateway string {{ hostvars[vmname].vm_network_cooked.primary.gateway }} +#d-i netcfg/get_nameservers string {{ hostvars[vmname].vm_network_cooked.nameservers | join(' ') }} +#d-i netcfg/confirm_static boolean true + +d-i netcfg/get_hostname string {{ vmname }} +d-i netcfg/get_domain string {{ hostvars[vmname].vm_network_cooked.domain }} +d-i netcfg/wireless_wep string + + +d-i mirror/country string manual +d-i mirror/http/hostname string debian.ffgraz.net +d-i mirror/http/directory string /ubuntu +d-i mirror/http/proxy string + + +d-i passwd/make-user boolean false +d-i passwd/root-login boolean true +d-i passwd/root-password password this-very-very-secure-password-will-be-removed-by-latecommand +d-i passwd/root-password-again password this-very-very-secure-password-will-be-removed-by-latecommand + + +d-i clock-setup/utc boolean true +d-i time/zone string Europe/Vienna +d-i clock-setup/ntp boolean false + + +d-i partman-auto/disk string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} +d-i partman-auto/method string lvm +d-i partman-auto/purge_lvm_from_device boolean true +d-i partman-auto-lvm/new_vg_name string {{ vmname }} +d-i partman-auto-lvm/guided_size string max + +d-i partman-lvm/device_remove_lvm boolean true +d-i partman-lvm/confirm boolean true +d-i partman-lvm/confirm_nooverwrite boolean true + +d-i partman-auto/expert_recipe string \ + boot-root :: \ + 1000 10000 -1 ext4 \ + $defaultignore{ } $primary{ } $bootable{ } \ + method{ lvm } vg_name{ {{ vmname }} } \ + . \ + 2048 10000 2560 ext4 \ + $lvmok{ } in_vg{ {{ vmname }} } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ / } \ + . \ + 1024 11000 1280 ext4 \ + $lvmok{ } in_vg{ {{ vmname }} } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ /var } \ + . \ + 768 10000 768 ext4 \ + $lvmok{ } in_vg{ {{ vmname }} } \ + method{ format } format{ } \ + use_filesystem{ } filesystem{ ext4 } \ + mountpoint{ /var/log } \ + options/nodev{ nodev } options/noatime{ noatime } \ + options/noexec{ noexec } \ + . \ + 16 20000 -1 ext4 \ + $lvmok{ } in_vg{ {{ vmname }} } \ + method( keep } lv_name{ dummy } \ + . + +d-i partman-auto-lvm/no_boot boolean true +d-i partman-basicfilesystems/no_swap true +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true + + +d-i base-installer/install-recommends boolean false +d-i apt-setup/security_host string debian.ffgraz.net + +tasksel tasksel/first multiselect +d-i pkgsel/include string openssh-server python +d-i pkgsel/upgrade select safe-upgrade +popularity-contest popularity-contest/participate boolean false +d-i pkgsel/update-policy select none + +d-i grub-installer/choose_bootdev string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} +d-i grub-installer/only_debian boolean true +d-i grub-installer/with_other_os boolean false + +d-i finish-install/reboot_in_progress note + + +d-i preseed/late_command string \ + lvremove -f {{ vmname }}/dummy; \ + in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \ + in-target bash -c "passwd -d root; passwd -l root; umask 077; mkdir -p /root/.ssh/; echo -e '{{ noc_ssh_keys | join('\\n') }}' > /root/.ssh/authorized_keys"; \ + in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port 22000/' -i /etc/ssh/sshd_config" diff --git a/ansible/roles/vm/host/tasks/main.yml b/ansible/roles/vm/host/tasks/main.yml index dc9a0a3..2c75bbb 100644 --- a/ansible/roles/vm/host/tasks/main.yml +++ b/ansible/roles/vm/host/tasks/main.yml @@ -17,8 +17,8 @@ - name: make sure installer directories exists with_items: - - "{{ vm_host.installer.path }}" - - "{{ vm_host.installer.preseed_path }}" + - "{{ debian_installer_path }}" + - "{{ preseed_path }}" file: name: "{{ item }}" state: directory @@ -28,7 +28,7 @@ - "{{ vm_host.installer.distros }}" - arch file: - name: "{{ vm_host.installer.path }}/{{ item.0.distro }}-{{ item.0.codename }}/{{ item.1 }}" + name: "{{ debian_installer_path }}/{{ item.0.distro }}-{{ item.0.codename }}/{{ item.1 }}" state: directory - name: download installer kernel images @@ -37,7 +37,7 @@ - arch get_url: url: "{{ vm_host_installer_url[item.0.distro] }}/dists/{{ item.0.codename }}/main/installer-{{ item.1 }}/current/images/netboot/{{ item.0.distro }}-installer/{{ item.1 }}/linux" - dest: "{{ vm_host.installer.path }}/{{ item.0.distro }}-{{ item.0.codename }}/{{ item.1 }}/linux" + dest: "{{ debian_installer_path }}/{{ item.0.distro }}-{{ item.0.codename }}/{{ item.1 }}/linux" mode: 0644 force: "{{ vm_host_force_download_installer }}" @@ -47,6 +47,6 @@ - arch get_url: url: "{{ vm_host_installer_url[item.0.distro] }}/dists/{{ item.0.codename }}/main/installer-{{ item.1 }}/current/images/netboot/{{ item.0.distro }}-installer/{{ item.1 }}/initrd.gz" - dest: "{{ vm_host.installer.path }}/{{ item.0.distro }}-{{ item.0.codename }}/{{ item.1 }}/initrd.gz" + dest: "{{ debian_installer_path }}/{{ item.0.distro }}-{{ item.0.codename }}/{{ item.1 }}/initrd.gz" mode: 0644 force: "{{ vm_host_force_download_installer }}" diff --git a/ansible/roles/vm/install/meta/main.yml b/ansible/roles/vm/install/meta/main.yml new file mode 100644 index 0000000..6f6bcf8 --- /dev/null +++ b/ansible/roles/vm/install/meta/main.yml @@ -0,0 +1,6 @@ +--- +dependencies: + - role: preseed + hostname: "{{ vmname }}" + # TODO: Find a way to eliminate the duplicate defaults. + ssh_keys: "{{ hostvars[vmname].ssh_keys | default(noc_ssh_keys) }}" diff --git a/ansible/roles/vm/install/tasks/main.yml b/ansible/roles/vm/install/tasks/main.yml index 034cf1d..a97230f 100644 --- a/ansible/roles/vm/install/tasks/main.yml +++ b/ansible/roles/vm/install/tasks/main.yml @@ -1,44 +1,4 @@ --- -- block: - - name: Make a temporary directory - command: mktemp -d - register: tmpdir - - - set_fact: - tmpdir: "{{ tmpdir.stdout }}" - initramfs: "{{ vm_host.installer.preseed_path }}/vm-{{ vmname }}-{{ vmdistro }}-{{ vmdistcodename }}.initrd.gz" - - - name: Copy initramfs into position - copy: - remote_src: yes - src: "{{ vm_host.installer.path }}/{{ vmdistro }}-{{ vmdistcodename }}/{{ hostvars[vmname].vm_install_cooked.arch | default('amd64') }}/initrd.gz" - dest: "{{ initramfs }}" - - - name: generate preseed file - template: - src: "preseed_{{ vmdistro }}-{{ vmdistcodename }}.cfg.j2" - dest: "{{ tmpdir }}/preseed.cfg" - - - name: generate authorized_keys file - authorized_key: - user: root - path: "{{ tmpdir }}/authorized_keys" - key: "{{ hostvars[vmname].ssh_keys | default(noc_ssh_keys) | join('\n') }}" - - - name: Inject files into initramfs - shell: cpio -H newc -o | gzip -9 >> {{ initramfs }} - args: - chdir: "{{ tmpdir }}" - stdin: | - preseed.cfg - authorized_keys - - always: - - name: Delete temporary directory - file: - path: "{{ tmpdir }}" - state: absent - - name: create disks for vm with_dict: "{{ hostvars[vmname].vm_install_cooked.disks.virtio | default({}) | combine(hostvars[vmname].vm_install_cooked.disks.scsi | default({})) }}" lvol: diff --git a/ansible/roles/vm/install/templates/libvirt-domain.xml.j2 b/ansible/roles/vm/install/templates/libvirt-domain.xml.j2 index c39b904..f660336 100644 --- a/ansible/roles/vm/install/templates/libvirt-domain.xml.j2 +++ b/ansible/roles/vm/install/templates/libvirt-domain.xml.j2 @@ -6,8 +6,8 @@ hvm {% if run_installer %} - {{ vm_host.installer.path }}/{{ vmdistro }}-{{ vmdistcodename }}/{{ hostvars[vmname].vm_install_cooked.arch | default('amd64') }}/linux - {{ vm_host.installer.preseed_path }}/vm-{{ vmname }}-{{ vmdistro }}-{{ vmdistcodename }}.initrd.gz + {{ debian_installer_path }}/{{ distro }}-{{ distcodename }}/{{ hostvars[vmname].vm_install_cooked.arch | default('amd64') }}/linux + {{ preseed_path }}/{{ vmname }}-{{ distro }}-{{ distcodename }}.initrd.gz console=ttyS0,115200n8 {% endif %} diff --git a/ansible/roles/vm/install/templates/preseed_debian-stretch.cfg.j2 b/ansible/roles/vm/install/templates/preseed_debian-stretch.cfg.j2 deleted file mode 100644 index d802418..0000000 --- a/ansible/roles/vm/install/templates/preseed_debian-stretch.cfg.j2 +++ /dev/null @@ -1,110 +0,0 @@ -######################################################################### -# realraum preseed file for Debian stretch based VMs -######################################################################### - -d-i debian-installer/language string en -d-i debian-installer/country string AT -d-i debian-installer/locale string en_US.UTF-8 -d-i keyboard-configuration/xkb-keymap select us - -d-i netcfg/disable_dhcp boolean true -d-i netcfg/choose_interface select enp1s1 -d-i netcfg/disable_autoconfig boolean false -d-i netcfg/get_ipaddress string {{ hostvars[vmname].vm_network_cooked.primary.ip }} -d-i netcfg/get_netmask string {{ hostvars[vmname].vm_network_cooked.primary.mask }} -d-i netcfg/get_gateway string {{ hostvars[vmname].vm_network_cooked.primary.gateway }} -d-i netcfg/get_nameservers string {{ hostvars[vmname].vm_network_cooked.nameservers | join(' ') }} -d-i netcfg/confirm_static boolean true - -d-i netcfg/get_hostname string {{ vmname }} -d-i netcfg/get_domain string {{ hostvars[vmname].vm_network_cooked.domain }} -d-i netcfg/wireless_wep string - - -d-i mirror/country string manual -d-i mirror/http/hostname string debian.ffgraz.net -d-i mirror/http/directory string /debian -d-i mirror/http/proxy string - - -d-i passwd/make-user boolean false -d-i passwd/root-password password this-very-very-secure-password-will-be-removed-by-latecommand -d-i passwd/root-password-again password this-very-very-secure-password-will-be-removed-by-latecommand - - -d-i clock-setup/utc boolean true -d-i time/zone string Europe/Vienna -d-i clock-setup/ntp boolean false - - -d-i partman-auto/disk string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} -d-i partman-auto/method string lvm -d-i partman-lvm/device_remove_lvm boolean true -d-i partman-md/device_remove_md boolean true - -d-i partman-lvm/confirm boolean true -d-i partman-lvm/confirm_nooverwrite boolean true - -d-i partman-auto/expert_recipe string \ - boot-root :: \ - 1000 10000 -1 ext4 \ - $defaultignore{ } $primary{ } $bootable{ } \ - method{ lvm } vg_name{ {{ vmname }} } \ - . \ - 2048 10000 2560 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ / } \ - . \ - 1024 11000 1280 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /var } \ - . \ - 768 10000 768 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /var/log } \ - options/nodev{ nodev } options/noatime{ noatime } \ - options/noexec{ noexec } \ - . \ - 16 20000 -1 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method( keep } lv_name{ dummy } \ - . - -d-i partman-auto-lvm/no_boot boolean true -d-i partman-basicfilesystems/no_swap true -d-i partman-partitioning/confirm_write_new_label boolean true -d-i partman/choose_partition select finish -d-i partman/confirm boolean true -d-i partman/confirm_nooverwrite boolean true - - -d-i base-installer/install-recommends boolean false -d-i apt-setup/security_host string debian.ffgraz.net - -tasksel tasksel/first multiselect -d-i pkgsel/include string openssh-server python -d-i pkgsel/upgrade select safe-upgrade -popularity-contest popularity-contest/participate boolean false - -d-i grub-installer/choose_bootdev string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} -d-i grub-installer/only_debian boolean true -d-i grub-installer/with_other_os boolean false - -d-i finish-install/reboot_in_progress note - - -d-i preseed/late_command string \ - lvremove -f {{ vmname }}/dummy; \ - in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \ - in-target bash -c "passwd -d root && passwd -l root"; \ - mkdir -p -m 0700 /target/root/.ssh; \ - cp /authorized_keys /target/root/.ssh/; \ -{% if hostvars[vmname].ansible_port is defined %} - in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[vmname].ansible_port }}/' -i /etc/ssh/sshd_config" -{% endif %} diff --git a/ansible/roles/vm/install/templates/preseed_ubuntu-xenial.cfg.j2 b/ansible/roles/vm/install/templates/preseed_ubuntu-xenial.cfg.j2 deleted file mode 100644 index aaae381..0000000 --- a/ansible/roles/vm/install/templates/preseed_ubuntu-xenial.cfg.j2 +++ /dev/null @@ -1,114 +0,0 @@ -######################################################################### -# realraum preseed file for Ubuntu xenial based VMs -######################################################################### - -d-i debian-installer/language string en -d-i debian-installer/country string AT -d-i debian-installer/locale string en_US.UTF-8 -d-i localechooser/preferred-locale string en_US.UTF-8 -d-i localechooser/supported-locales multiselect de_DE.UTF-8, de_AT.UTF-8 -d-i console-setup/ask_detect boolean false -d-i keyboard-configuration/xkb-keymap select us -d-i keyboard-configuration/layoutcode string us - - -#d-i netcfg/choose_interface select enp1s1 -#d-i netcfg/disable_autoconfig boolean false -#d-i netcfg/get_ipaddress string {{ hostvars[vmname].vm_network_cooked.primary.ip }} -#d-i netcfg/get_netmask string {{ hostvars[vmname].vm_network_cooked.primary.mask }} -#d-i netcfg/get_gateway string {{ hostvars[vmname].vm_network_cooked.primary.gateway }} -#d-i netcfg/get_nameservers string {{ hostvars[vmname].vm_network_cooked.nameservers | join(' ') }} -#d-i netcfg/confirm_static boolean true - -d-i netcfg/get_hostname string {{ vmname }} -d-i netcfg/get_domain string {{ hostvars[vmname].vm_network_cooked.domain }} -d-i netcfg/wireless_wep string - - -d-i mirror/country string manual -d-i mirror/http/hostname string debian.ffgraz.net -d-i mirror/http/directory string /ubuntu -d-i mirror/http/proxy string - - -d-i passwd/make-user boolean false -d-i passwd/root-login boolean true -d-i passwd/root-password password this-very-very-secure-password-will-be-removed-by-latecommand -d-i passwd/root-password-again password this-very-very-secure-password-will-be-removed-by-latecommand - - -d-i clock-setup/utc boolean true -d-i time/zone string Europe/Vienna -d-i clock-setup/ntp boolean false - - -d-i partman-auto/disk string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} -d-i partman-auto/method string lvm -d-i partman-auto/purge_lvm_from_device boolean true -d-i partman-auto-lvm/new_vg_name string {{ vmname }} -d-i partman-auto-lvm/guided_size string max - -d-i partman-lvm/device_remove_lvm boolean true -d-i partman-lvm/confirm boolean true -d-i partman-lvm/confirm_nooverwrite boolean true - -d-i partman-auto/expert_recipe string \ - boot-root :: \ - 1000 10000 -1 ext4 \ - $defaultignore{ } $primary{ } $bootable{ } \ - method{ lvm } vg_name{ {{ vmname }} } \ - . \ - 2048 10000 2560 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ / } \ - . \ - 1024 11000 1280 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /var } \ - . \ - 768 10000 768 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method{ format } format{ } \ - use_filesystem{ } filesystem{ ext4 } \ - mountpoint{ /var/log } \ - options/nodev{ nodev } options/noatime{ noatime } \ - options/noexec{ noexec } \ - . \ - 16 20000 -1 ext4 \ - $lvmok{ } in_vg{ {{ vmname }} } \ - method( keep } lv_name{ dummy } \ - . - -d-i partman-auto-lvm/no_boot boolean true -d-i partman-basicfilesystems/no_swap true -d-i partman-partitioning/confirm_write_new_label boolean true -d-i partman/choose_partition select finish -d-i partman/confirm boolean true -d-i partman/confirm_nooverwrite boolean true - - -d-i base-installer/install-recommends boolean false -d-i apt-setup/security_host string debian.ffgraz.net - -tasksel tasksel/first multiselect -d-i pkgsel/include string openssh-server python -d-i pkgsel/upgrade select safe-upgrade -popularity-contest popularity-contest/participate boolean false -d-i pkgsel/update-policy select none - -d-i grub-installer/choose_bootdev string /dev/{{ hostvars[vmname].vm_install_cooked.disks.primary }} -d-i grub-installer/only_debian boolean true -d-i grub-installer/with_other_os boolean false - -d-i finish-install/reboot_in_progress note - - -d-i preseed/late_command string \ - lvremove -f {{ vmname }}/dummy; \ - in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \ - in-target bash -c "passwd -d root; passwd -l root; umask 077; mkdir -p /root/.ssh/; echo -e '{{ noc_ssh_keys | join('\\n') }}' > /root/.ssh/authorized_keys"; \ - in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port 22000/' -i /etc/ssh/sshd_config" diff --git a/ansible/vm-install.sh b/ansible/vm-install.sh index 49d3e16..2fc101d 100755 --- a/ansible/vm-install.sh +++ b/ansible/vm-install.sh @@ -16,4 +16,4 @@ echo "installing vm: $name with $distro/$codename" echo "" echo "######## running the install playbook ########" -exec ansible-playbook -e "vmname=$name" -e "vmdistro=$distro" -e "vmdistcodename=$codename" $@ vm-install.yml +exec ansible-playbook -e "vmname=$name" -e "distro=$distro" -e "distcodename=$codename" $@ vm-install.yml -- 1.7.10.4