Skip to content
Snippets Groups Projects
Select Git revision
  • nvchecker-poc-vm
  • misc-cleanups
  • misaka-geomirrors
  • remove-obsolete-keycloak-importer
  • split-repo-and-archive
  • test
  • postfix-cleanup
  • chrony
  • loki-recording-rules
  • heftig-matrix
  • fastly
  • wireguard-vault-removal
  • libvirt-executor-improvements
  • test-ci
  • ease-github-mirroring
  • gitlab-bot-token-extender
  • mirrors-http3
  • https-dns-record
  • postfix-cleanup-rebase
  • nginx-http3
20 results
Blame Permalink
Forked from Arch Linux / infrastructure
1100 commits behind the upstream repository.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
main.yml 7.87 KiB 
- name: Read /etc/motd
  command: cat /etc/motd
  register: motd_contents
  changed_when: motd_contents.stdout | length > 0

- name: Check whether we're running in Hetzner or Equinix Metal rescue environment
  fail: msg="Not running in rescue system!"
  when: "'Hetzner Rescue' not in motd_contents.stdout and 'Rescue environment based on Alpine Linux' not in motd_contents.stdout"

- name: Prepare Equinix Metal rescue system
  when: ansible_facts['os_family'] == "Alpine"
  block:
    - name: Make sure all required packages are installed in the rescue system
      apk: name=sgdisk,btrfs-progs,tar,gnupg update_cache=yes

    - name: Create the GnuPG home directory for the root user
      file: path=/root/.gnupg state=directory owner=root group=root mode=0700

    # Need to set no-use-tor otherwise dirmngr hangs at startup checking if
    # 127.0.0.1:9050 works and remains in SYN-SENT state for about a minute
    - name: Set the no-use-tor option in dirmngr.conf
      lineinfile: name=/root/.gnupg/dirmngr.conf create=yes line=no-use-tor owner=root group=root mode=0644

- name: Create GRUB embed partitions
  command: sgdisk -g --clear -n 1:0:+1M {{ item }} -c 1:boot -t 1:ef02
  with_items:
    - "{{ system_disks }}"
  register: sgdisk
  changed_when: "sgdisk.rc == 0"

- name: Create root partitions
  command: sgdisk -n 2:0:0 {{ item }} -c 2:root
  with_items:
    - "{{ system_disks }}"
  register: sgdisk
  changed_when: "sgdisk.rc == 0"

- name: Partition and format the disks (btrfs RAID)
  command: mkfs.btrfs -f -L root -d {{ raid_level | default('raid1') }} -m {{ raid_level | default('raid1') }} -O no-holes {{ system_disks | map('regex_replace', '^(.*)$', '\g<1>p2' if 'nvme' in system_disks[0] else '\g<1>2') | join(' ') }}
  when: filesystem == "btrfs" and system_disks | length >= 2

- name: Partition and format the disks (btrfs single)
  command: mkfs.btrfs -f -L root -d single -m single -O no-holes {{ system_disks[0] }}{{ 'p2' if 'nvme' in system_disks[0] else '2' }}
  when: filesystem == "btrfs" and system_disks | length == 1

- name: Mount the filesystem (btrfs)
  mount: src="{{ system_disks[0] }}{{ 'p2' if 'nvme' in system_disks[0] else '2' }}" path=/mnt state=mounted fstype=btrfs opts="compress-force=zstd,space_cache=v2"
  when: filesystem == "btrfs"

- name: Touch LOCK file on mountpoint
  file: path=/mnt/LOCK state=touch owner=root group=root mode=0644

- name: Download bootstrap image
  get_url:
    url: "{{ item }}"
    dest: /tmp/
    mode: 0644
  loop:
    - https://geo.mirror.pkgbuild.com/iso/{{ bootstrap_version }}/archlinux-bootstrap-x86_64.tar.gz
    - https://geo.mirror.pkgbuild.com/iso/{{ bootstrap_version }}/archlinux-bootstrap-x86_64.tar.gz.sig

- name: Get pierre's key
  command: gpg --locate-keys pierre@archlinux.de
  changed_when: false

- name: Verify bootstrap image signature
  command: gpg --verify /tmp/archlinux-bootstrap-x86_64.tar.gz.sig
  changed_when: false

- name: Extract boostrap image  # noqa risky-file-permissions