From bc85d9f73291cb25b33a7a35ce05934a787370d1 Mon Sep 17 00:00:00 2001 From: Jakub Filo Date: Sat, 2 Nov 2019 19:21:52 +0000 Subject: [PATCH] Adding Ansible installation of FAI into Git repo --- .gitignore | 3 + faiserver.yml | 5 ++ production | 3 + roles/common/tasks/main.yml | 31 ++++++++ .../faiserver/files/etc/fai/apt/sources.list | 5 ++ roles/faiserver/tasks/main.yml | 72 +++++++++++++++++++ site.yml | 5 ++ 7 files changed, 124 insertions(+) create mode 100644 .gitignore create mode 100644 faiserver.yml create mode 100644 production create mode 100644 roles/common/tasks/main.yml create mode 100644 roles/faiserver/files/etc/fai/apt/sources.list create mode 100644 roles/faiserver/tasks/main.yml create mode 100644 site.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5c199eb --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +# ---> Ansible +*.retry + diff --git a/faiserver.yml b/faiserver.yml new file mode 100644 index 0000000..f6efde5 --- /dev/null +++ b/faiserver.yml @@ -0,0 +1,5 @@ +--- +- hosts: faiserver + roles: + - common + - faiserver diff --git a/production b/production new file mode 100644 index 0000000..55a14b5 --- /dev/null +++ b/production @@ -0,0 +1,3 @@ +[faiserver] +10.91.1.2 + diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml new file mode 100644 index 0000000..f17a5d1 --- /dev/null +++ b/roles/common/tasks/main.yml @@ -0,0 +1,31 @@ +--- +- name: Install common packages + apt: + state: latest + pkg: + - vim + - htop + - bash-completion + - pciutils + - usbutils + - postfix + - wget + - curl + - unbound + - ca-certificates + install_recommends: no + force_apt_get: yes + become: yes + +- name: Purge unwanted packages + apt: + state: absent + purge: yes + autoremove: yes + pkg: + - nano + - exim4-base + install_recommends: no + force_apt_get: yes + become: yes + diff --git a/roles/faiserver/files/etc/fai/apt/sources.list b/roles/faiserver/files/etc/fai/apt/sources.list new file mode 100644 index 0000000..236098a --- /dev/null +++ b/roles/faiserver/files/etc/fai/apt/sources.list @@ -0,0 +1,5 @@ +# These lines should work for many sites + +deb http://deb.debian.org/debian buster main +deb http://deb.debian.org/debian-security buster/updates main + diff --git a/roles/faiserver/tasks/main.yml b/roles/faiserver/tasks/main.yml new file mode 100644 index 0000000..2226550 --- /dev/null +++ b/roles/faiserver/tasks/main.yml @@ -0,0 +1,72 @@ +--- +- name: Add FAI apt key + apt_key: + id: B11EE3273F6B2DEB528C93DA2BF8D9FE074BCDE4 + state: present + url: https://fai-project.org/download/2BF8D9FE074BCDE4.asc + become: yes + +- name: Add FAI apt repository + apt_repository: + state: present + repo: deb http://fai-project.org/download buster koeln + filename: fai + update_cache: yes + become: yes + +- name: Install FAI via apt + apt: + state: latest + name: fai-server + install_recommends: yes + force_apt_get: yes + become: yes + +- name: Define packages installed in NFSROOT + blockinfile: + state: present + path: /etc/fai/NFSROOT + backup: yes + marker: "# {mark}" + marker_begin: "BEGIN MANAGED BY PLANTROON" + marker_end: "END MANAGED BY PLANTROON" + insertafter: '^PACKAGES install-norec FULL' + block: | + cryptsetup + become: yes + +# THIS DOES NOT WORK DUE TO BUGS IN FAI/DRACUT +# NFS SERVER MUST BE THE SAME AS DHCP SERVER +# IF SPECIFIED HERE, FAI BUGS OUt +# HOLY FUCK +# FAI SUCKS +# I LOST IT +#- name: Use nfsroot= with IP +# blockinfile: +# state: present +# path: /etc/fai/nfsroot.conf + +- name: Some FAI configuration + copy: + src: etc/fai/apt/sources.list + dest: /etc/fai/apt/sources.list + force: yes + mode: preserve + become: yes + + #- name: Setup/rebuild FAI NFSROOT + # shell: fai-setup -v -f + # become: yes + + #- name: Setup/rebuild FAI debmirror + # shell: fai-mirror -v /srv/debmirror + # become: yes + +- name: Copy FAI config space + copy: + src: config/ + dest: /srv/fai/config/ + force: yes + mode: preserve + become: yes + diff --git a/site.yml b/site.yml new file mode 100644 index 0000000..d27423e --- /dev/null +++ b/site.yml @@ -0,0 +1,5 @@ +--- +# file: site.yml + +- import_playbook: faiserver.yml +