added install_arch role

netsplit
Niklas Yann Wettengel 8 years ago
parent 840b169cd5
commit a917b1e113

@ -7,3 +7,9 @@
ansible_python_interpreter: /usr/bin/python ansible_python_interpreter: /usr/bin/python
roles: roles:
- role: boot-rescue - role: boot-rescue
- name: install archlinux
hosts: new_fastds
user: root
roles:
- role: install_arch

@ -5,3 +5,4 @@
hetzner_webservice_username=<hetzner_webservice_username> hetzner_webservice_username=<hetzner_webservice_username>
hetzner_webservice_password=<hetzner_webservice_password> hetzner_webservice_password=<hetzner_webservice_password>
rescue_authorized_key=<fingerprint of ssh key to use in rescue mode> rescue_authorized_key=<fingerprint of ssh key to use in rescue mode>
authorized_keys='["<key1>", "<key2>"]'

@ -0,0 +1,3 @@
LANG=de_DE.UTF-8
LC_COLLATE=C
LANGUAGE=de_DE

@ -0,0 +1 @@
Server = http://mirrors.niyawe.de/archlinux/$repo/os/$arch

@ -0,0 +1,6 @@
nameserver 213.133.98.98
nameserver 213.133.100.100
nameserver 213.133.99.99
nameserver 2a01:4f8:0:a0a1::add:1010
nameserver 2a01:4f8:0:a102::add:9999
nameserver 2a01:4f8:0:a111::add:9898

@ -0,0 +1,11 @@
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no
PrintMotd no
Subsystem sftp /usr/lib/ssh/sftp-server
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com

@ -0,0 +1,140 @@
---
- name: format disk
filesystem:
fstype: btrfs
dev: /dev/sda
force: yes
- name: mount disk
mount:
path: /mnt
src: /dev/sda
state: mounted
fstype: btrfs
- name: modify pacman mirrorlist
copy:
src: mirrorlist
dest: /etc/pacman.d/mirrorlist
- name: remove archlinux-keyring conflicting files (1/3)
file:
dest: /usr/share/pacman/keyrings/archlinux-revoked
state: absent
- name: remove archlinux-keyring conflicting files (2/3)
file:
dest: /usr/share/pacman/keyrings/archlinux-trusted
state: absent
- name: remove archlinux-keyring conflicting files (3/3)
file:
dest: /usr/share/pacman/keyrings/archlinux.gpg
state: absent
- name: update archlinux-keyring
pacman:
name: archlinux-keyring
force: yes
state: present
update_cache: yes
- name: pacstrap
command: /usr/bin/pacstrap /mnt base base-devel openssh python grub
- name: genfstab
shell: /usr/bin/genfstab -U -p /mnt > /mnt/etc/fstab
- name: set hostname
shell: /bin/echo {{ arch_hostname }} > /mnt/etc/hostname
- name: Locale conf
copy:
src: locale.conf
dest: /mnt/etc/locale.conf
- name: vconsole
copy:
src: vconsole.conf
dest: /mnt/etc/vconsole.conf
- name: localtime
file:
src: /usr/share/zoneinfo/Europe/Berlin
dest: /mnt/etc/localtime
state: link
- name: resolv.conf
copy:
src: resolv.conf
dest: /mnt/etc/resolv.conf
- name: locale.gen
replace:
dest: /mnt/etc/locale.gen
regexp: "^#de_DE.UTF-8.*$"
replace: "de_DE.UTF-8 UTF-8"
- name: locale-gen
command: /usr/bin/arch-chroot /mnt locale-gen
- name: "grub: generate config"
command: /usr/bin/arch-chroot /mnt /usr/bin/grub-mkconfig -o /boot/grub/grub.cfg
- name: "grub: install grub"
command: /usr/bin/arch-chroot /mnt /usr/bin/grub-install /dev/sda
- name: sshd config
copy:
src: sshd_config
dest: /mnt/etc/ssh/sshd_config
- name: add authorized_keys
authorized_key:
key: '{{ item }}'
path: /mnt/root/.ssh/authorized_keys
user: root
with_items: authorized_keys
- name: enable sshd
command: /usr/bin/arch-chroot /mnt /usr/bin/systemctl enable sshd.service
- name: create network config
template:
dest: /mnt/etc/netctl/ens3
src: ens3.j2
- name: enable network config
command: /usr/bin/arch-chroot /mnt /usr/bin/netctl enable ens3
- name: unmount
mount:
path: /mnt
state: unmounted
- name: reboot
shell: sleep 5 && reboot &
args:
executable: /bin/bash
async: 10
poll: 0
- name: waiting for server to go down
local_action:
module: wait_for
host: "{{ inventory_hostname }}"
port: 22
delay: 1
timeout: 60
state: stopped
- name: waiting for server to come back
local_action:
module: wait_for
host={{ inventory_hostname }}
port=22
delay=1
timeout=60
- name: remove server from local known_hosts file
local_action: shell ssh-keygen -R {{ inventory_hostname }}
ignore_errors: true

@ -0,0 +1,10 @@
Connection=ethernet
Interface=ens3
IP=static
Address=({{ ansible_default_ipv4['address'] }}/24)
{# TODO: fix /24 #}
Gateway={{ ansible_default_ipv4['gateway'] }}
IP6=static
Address6=({{ ansible_default_ipv6['address'] }}/{{ ansible_default_ipv6['prefix'] }})
Gateway6={{ ansible_default_ipv6['gateway'] }}
Loading…
Cancel
Save