Commit bf434f10 authored by Sven-Hendrik Haase's avatar Sven-Hendrik Haase
Browse files

Modernize install_arch role

- Allow for single and multi disk installs
- Use modern parted module to cut down on manual code
- Allow for specifying concrete drives to use for the system
- Change use from unarchive module which is deprecated to get_url + manual tar
- Allow for DHCP when setting up networking
- When using btrfs, automatically compress with lzo (I'd use zstd but grub can't boot off of zstd yet)
- Use playbook_dir as a relativ search path start to find the pubkeys which is more reliable than just relative path
- Clean pacman cache after base system installation
parent ed51f84f
---
hostname: "apollo"
ipv4_address: "138.201.81.199"
......@@ -9,6 +8,9 @@ ipv6_netmask: "/128"
ipv4_gateway: "138.201.81.193"
ipv6_gateway: "fe80::1"
filesystem: btrfs
system_disks:
- /dev/sda
- /dev/sdb
# FIXME: this should probably be configured another way. maybe the
# mysql/postgres roles should deploy the credentials themselves
......
---
configure_network: false
filesystem: "ext4"
system_disks:
- /dev/sda
- /dev/sdb
# FIXME: this should probably be configured another way. maybe the
# mysql/postgres roles should deploy the credentials themselves
......
......@@ -9,6 +9,9 @@ ipv6_netmask: "/64"
ipv4_gateway: "89.238.67.1"
ipv6_gateway: "2a00:1828:2000:547::1"
filesystem: ext4
system_disks:
- /dev/sda
- /dev/sdb
archweb_rsync_iso_origin: 'repos.archlinux.org::kitchensink_tier1/iso/'
archweb_server_email: 'archweb-dev@archlinux.org'
......
......@@ -7,6 +7,9 @@ ipv6_netmask: "/128"
ipv4_gateway: "88.198.91.65"
ipv6_gateway: "fe80::1"
filesystem: btrfs
system_disks:
- /dev/sda
- /dev/sdb
# raise tcp window limits to 32MiB
tcp_rmem: "10240 87380 33554432"
......
---
hostname: "soyuz"
ipv4_address: "138.201.206.85"
ipv4_netmask: "/32"
ipv6_address: "2a01:4f8:173:1654::1"
......@@ -7,8 +8,11 @@ ipv6_netmask: "/128"
ipv4_gateway: "138.201.206.65"
ipv6_gateway: "fe80::1"
filesystem: btrfs
postgres_backup_dir: "/var/lib/postgres/backup"
system_disks:
- /dev/sda
- /dev/sdb
postgres_backup_dir: "/var/lib/postgres/backup"
archbuild_fs: 'btrfs'
zabbix_agent_templates:
......
......@@ -8,6 +8,9 @@ ipv6_netmask: "/128"
ipv4_gateway: "5.9.158.161"
ipv6_gateway: "fe80::1"
filesystem: ext4
system_disks:
- /dev/sda
- /dev/sdb
zabbix_agent_templates:
- Template OS Linux
......
[Match]
Name={{ network_interface }}
[Network]
DHCP=yes
[Match]
Name={{network_interface}}
Name={{ network_interface }}
[Network]
{% for server in dns_servers %}
......
......@@ -8,62 +8,54 @@
fail: msg="Not running in Hetzner rescue system!"
when: "'Hetzner Rescue' not in motd_contents.stdout"
- name: partition and format the disks
- name: partition and format the disks (btrfs)
command: mkfs.btrfs -f -L rootfs -d raid1 /dev/sda /dev/sdb
when: filesystem == "btrfs"
when: filesystem == "btrfs" and system_disks|length == 2
- name: partition and format the disks (btrfs)
filesystem: dev="{{ system_disks[0] }}" fstype=btrfs force=yes opts="-L rootfs"
when: filesystem == "btrfs" and system_disks|length == 1
- name: create BIOS boot partitions
command: sgdisk -n 1:0:10M /dev/{{ item }}
parted: device={{ item }} number=1 state=present part_end=10MiB flags=[boot]
when: filesystem == "ext4"
with_items:
- sda
- sdb
- "{{ system_disks }}"
- name: create RAID partitions
command: sgdisk -n 2:0:0 /dev/{{ item }}
when: filesystem == "ext4"
with_items:
- sda
- sdb
- name: set BIOS boot partition types
command: sgdisk -t 1:ef02 /dev/{{ item }}
parted: device={{ item }} number=2 state=present flags=[raid]
when: filesystem == "ext4"
with_items:
- sda
- sdb
- name: set RAID partition types
command: sgdisk -t 2:fd00
when: filesystem == "ext4"
with_items:
- sda
- sdb
- "{{ system_disks }}"
- name: create MDADM array
command: mdadm --create --level=1 --raid-devices=2 --run /dev/md0 /dev/sda2 /dev/sdb2
when: filesystem == "ext4"
when: filesystem == "ext4" and system_disks|length == 2
- name: format the MDADM array
filesystem: dev=/dev/md0 fstype=ext4
when: filesystem == "ext4"
when: filesystem == "ext4" and system_disks|length == 2
- name: mount the filesystem (btrfs)
mount: name=/mnt src='LABEL=rootfs' fstype=btrfs state=mounted
mount: src="LABEL=rootfs" path=/mnt fstype=btrfs state=mounted opts="compress=lzo"
when: filesystem == "btrfs"
- name: mount the filesystem (ext4)
mount: name=/mnt src=/dev/md0 fstype=ext4 state=mounted
when: filesystem == "ext4"
when: filesystem == "ext4" and system_disks|length == 2
- name: touch LOCK file on mountpoint
file: path=/mnt/LOCK state=touch
- name: download bootstrap image
unarchive:
src: https://mirrors.kernel.org/archlinux/iso/latest/archlinux-bootstrap-2016.09.03-x86_64.tar.gz
get_url:
url: https://mirrors.kernel.org/archlinux/iso/latest/archlinux-bootstrap-2019.02.01-x86_64.tar.gz
dest: /tmp/
copy: no
- name: extract boostrap image
command: tar xf archlinux-bootstrap-2019.02.01-x86_64.tar.gz
args:
chdir: /tmp
creates: /tmp/root.x86_64
- name: copy resolv.conf to bootstrap chroot
......@@ -126,14 +118,25 @@
- name: run mkinitcpio
command: chroot /mnt mkinitcpio -p linux
- name: configure network
- name: configure network (static)
template: src=10-static-ethernet.network.j2 dest=/mnt/etc/systemd/network/10-static-ethernet.network owner=root group=root mode=0644
when: dhcp|default(False) == False
- name: configure network (dhcp)
template: src=10-dhcp-ethernet.network.j2 dest=/mnt/etc/systemd/network/10-dhcp-ethernet.network owner=root group=root mode=0644
when: dhcp|default(False) == True
- name: provide default mount options (btrfs)
lineinfile:
path: /mnt/etc/default/grub
regexp: "^GRUB_CMDLINE_LINUX_DEFAULT="
line: "GRUB_CMDLINE_LINUX_DEFAULT=\"rootflags=compress=lzo\""
when: filesystem == "btrfs"
- name: install grub
command: chroot /mnt grub-install --recheck {{ item }}
with_items:
- /dev/sda
- /dev/sdb
- "{{ system_disks }}"
- name: configure grub
command: chroot /mnt grub-mkconfig -o /boot/grub/grub.cfg
......@@ -147,7 +150,7 @@
- name: enable services inside chroot
command: chroot /mnt systemctl enable sshd systemd-networkd systemd-resolved
- set_fact: pubkey_list="{{ lookup('file', '../pubkeys/' + item) }}"
- set_fact: pubkey_list="{{ lookup('file', "{{ playbook_dir }}/../../pubkeys/" + item) }}"
register: pubkeys
with_items: "{{ root_ssh_keys }}"
......@@ -162,5 +165,8 @@
- name: create symlink to resolv.conf
file: src=/run/systemd/resolve/resolv.conf dest=/mnt/etc/resolv.conf state=link force=yes
- name: clean pacman cache
shell: yes | chroot /mnt pacman -Scc
- name: remove LOCK file on mountpoint
file: path=/mnt/LOCK state=absent
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment