added install_arch role

bootstrap_arch.yml

@@ -7,3 +7,9 @@
       ansible_python_interpreter: /usr/bin/python
   roles:
       - role: boot-rescue
+
+- name: install archlinux
+  hosts: new_fastds
+  user: root
+  roles:
+      - role: install_arch

new_inventory.ini.sample

@@ -5,3 +5,4 @@
 hetzner_webservice_username=<hetzner_webservice_username>
 hetzner_webservice_password=<hetzner_webservice_password>
 rescue_authorized_key=<fingerprint of ssh key to use in rescue mode>
+authorized_keys='["<key1>", "<key2>"]'

roles/install_arch/files/locale.conf

@@ -0,0 +1,3 @@
+LANG=de_DE.UTF-8
+LC_COLLATE=C
+LANGUAGE=de_DE

roles/install_arch/files/mirrorlist

@@ -0,0 +1 @@
+Server = http://mirrors.niyawe.de/archlinux/$repo/os/$arch

roles/install_arch/files/resolv.conf

@@ -0,0 +1,6 @@
+nameserver 213.133.98.98
+nameserver 213.133.100.100
+nameserver 213.133.99.99
+nameserver 2a01:4f8:0:a0a1::add:1010
+nameserver 2a01:4f8:0:a102::add:9999
+nameserver 2a01:4f8:0:a111::add:9898

roles/install_arch/files/sshd_config

@@ -0,0 +1,11 @@
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_ed25519_key
+AuthorizedKeysFile      .ssh/authorized_keys
+PasswordAuthentication no
+ChallengeResponseAuthentication no
+UsePAM no
+PrintMotd no
+Subsystem       sftp    /usr/lib/ssh/sftp-server
+KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
+Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
+MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com

roles/install_arch/files/vconsole.conf

@@ -0,0 +1 @@
+KEYMAP=de-latin1

roles/install_arch/tasks/main.yml

@@ -0,0 +1,140 @@
+---
+- name: format disk
+  filesystem:
+      fstype: btrfs
+      dev: /dev/sda
+      force: yes
+
+- name: mount disk
+  mount:
+      path: /mnt
+      src: /dev/sda
+      state: mounted
+      fstype: btrfs
+
+- name: modify pacman mirrorlist
+  copy:
+      src: mirrorlist
+      dest: /etc/pacman.d/mirrorlist
+
+- name: remove archlinux-keyring conflicting files (1/3)
+  file:
+      dest: /usr/share/pacman/keyrings/archlinux-revoked
+      state: absent
+- name: remove archlinux-keyring conflicting files (2/3)
+  file:
+      dest: /usr/share/pacman/keyrings/archlinux-trusted
+      state: absent
+- name: remove archlinux-keyring conflicting files (3/3)
+  file:
+      dest: /usr/share/pacman/keyrings/archlinux.gpg
+      state: absent
+
+- name: update archlinux-keyring
+  pacman:
+      name: archlinux-keyring
+      force: yes
+      state: present
+      update_cache: yes
+
+- name: pacstrap
+  command: /usr/bin/pacstrap /mnt base base-devel openssh python grub
+
+- name: genfstab
+  shell: /usr/bin/genfstab -U -p /mnt > /mnt/etc/fstab
+
+- name: set hostname
+  shell: /bin/echo {{ arch_hostname }} > /mnt/etc/hostname
+
+- name: Locale conf
+  copy:
+      src: locale.conf
+      dest: /mnt/etc/locale.conf
+
+- name: vconsole
+  copy:
+      src: vconsole.conf
+      dest: /mnt/etc/vconsole.conf
+
+- name: localtime
+  file:
+      src: /usr/share/zoneinfo/Europe/Berlin
+      dest: /mnt/etc/localtime
+      state: link
+
+- name: resolv.conf
+  copy:
+      src: resolv.conf
+      dest: /mnt/etc/resolv.conf
+
+- name: locale.gen
+  replace:
+      dest: /mnt/etc/locale.gen
+      regexp: "^#de_DE.UTF-8.*$"
+      replace: "de_DE.UTF-8 UTF-8"
+ 
+- name: locale-gen
+  command: /usr/bin/arch-chroot /mnt locale-gen
+
+- name: "grub: generate config"
+  command: /usr/bin/arch-chroot /mnt /usr/bin/grub-mkconfig -o /boot/grub/grub.cfg
+
+- name: "grub: install grub"
+  command: /usr/bin/arch-chroot /mnt /usr/bin/grub-install /dev/sda
+
+- name: sshd config
+  copy:
+      src: sshd_config
+      dest: /mnt/etc/ssh/sshd_config
+
+- name: add authorized_keys
+  authorized_key:
+      key: '{{ item }}'
+      path: /mnt/root/.ssh/authorized_keys
+      user: root
+  with_items: authorized_keys
+
+- name: enable sshd
+  command: /usr/bin/arch-chroot /mnt /usr/bin/systemctl enable sshd.service
+
+- name: create network config
+  template:
+      dest: /mnt/etc/netctl/ens3
+      src: ens3.j2
+
+- name: enable network config
+  command: /usr/bin/arch-chroot /mnt /usr/bin/netctl enable ens3
+
+- name: unmount
+  mount:
+      path: /mnt
+      state: unmounted
+
+- name: reboot
+  shell: sleep 5 && reboot &
+  args:
+      executable: /bin/bash
+  async: 10
+  poll: 0
+  
+- name: waiting for server to go down
+  local_action: 
+      module: wait_for
+      host: "{{ inventory_hostname }}"
+      port: 22
+      delay: 1
+      timeout: 60
+      state: stopped
+
+- name: waiting for server to come back
+  local_action: 
+    module: wait_for 
+      host={{ inventory_hostname }} 
+      port=22 
+      delay=1 
+      timeout=60
+
+- name: remove server from local known_hosts file
+  local_action: shell ssh-keygen -R {{ inventory_hostname }}
+  ignore_errors: true
+

roles/install_arch/templates/ens3.j2

@@ -0,0 +1,10 @@
+Connection=ethernet
+Interface=ens3
+IP=static
+Address=({{ ansible_default_ipv4['address'] }}/24)
+{# TODO: fix /24 #}
+Gateway={{ ansible_default_ipv4['gateway'] }}
+IP6=static
+Address6=({{ ansible_default_ipv6['address'] }}/{{ ansible_default_ipv6['prefix'] }})
+Gateway6={{ ansible_default_ipv6['gateway'] }}
+