emdee/libvirt_cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
emdee 2023-12-30 22:09:49 +00:00
parent f11ab239af
commit 94c76b2e4b
30 changed files with 176 additions and 326 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
README.md
View File

@ -83,6 +83,28 @@ There are 3 ansible roles:
3. toxcore :
In addition, toxcore calls an included role ansible-gentoo_install.
This is an updated version of the abandonned
https://github.com/agaffney/ansible-gentoo_install/ This role,
when run on the host, builds the Gentoo base qcow image. As a safety
feature, you must create the qcow2 image and activate it with:
modprobe nbd
qemu-img $BOX_NBD_BASE_QCOW 20G
qemu-nbd -c $BOX_NBD_DEV $BOX_NBD_BASE_QCOW
and put these values into the hosts.yml file in the pentoo or devuan
target, depending on your host operating system. The filesytem that
holds base qcow2 $BOX_NBD_BASE_QCOW must have at least 12G available,
and may grow to almost 20G.
After you have finished building the base qcow2 image, you will want
to dismount it with qemu-nbd -d $BOX_NBD_DEV. Be careful and look
in /proc/partitions to see if it is still there after you dismount it:
it the partition is busy the dismount will fail silently, and you can
get into trouble if partprobe complains. You may have to reboot,
or it may resolve itself. Wierd.
Each role has been conditionalized to run with different connections.
## Connection Types

40
ansible_local.yml
View File

@ -11,7 +11,7 @@
PLAY_NOSERVICE_CONNECTIONS: ['chroot', 'lxc', 'lxd', 'local'] #?
PLAY_NORSYNC_CONNECTIONS: ['chroot', 'lxc', 'lxd', 'local', 'libvirt_qemu']
PLAY_CA_CERT: "/usr/local/etc/ssl/cacert-curl.haxx.se.pem" # proxy?
# These now come from the inventory except for connection = local,chroot in base_proxy.yml
proxy_env:
# hostvars[inventory_hostname]['http_proxy']
@ -52,7 +52,7 @@
# for localhost host operations with hostvms - eg hosts.yml
PLAY_ANSIBLE_SRC: "{{ lookup('env', 'PWD')|default('') }}"
PLAY_GI_DATA : /a/tmp/GentooImgr
# lynis objects to . on the PATH and I cant find whos adding it
# FixMe: does this change the PATH?
environment:
@ -62,7 +62,7 @@
pre_tasks:
- block:
- name: "Suspicious location (.) in PATH discovered"
shell: |
echo $PATH | grep '\.:' && echo "WARN: dot is on the PATH" && exit 1
@ -70,13 +70,13 @@
register: dot_on_path_fact
# warning not an error - I cant see who is putting it on the PATH - a tailing :
ignore_errors: true
- name: lookup env PATH
debug: msg="{{ ansible_env.PATH }}"
when:
- dot_on_path_fact is defined
- dot_on_path_fact is failed
- name: "set dates"
set_fact:
DOW: 0 # Day of week - unused
@ -86,16 +86,16 @@
date_dash: "{{ ansible_date_time.date }}" # +%Y-%m-%d
date_week_slash: "{{ ansible_date_time.year }}/{{ ansible_date_time.weeknumber }}"
date_week_dash: "{{ ansible_date_time.year }}-{{ ansible_date_time.weeknumber }}"
- debug:
msg: "{{date_slash}} ansible_connection={{ansible_connection|default('') }} ROLES={{ROLES}}"
- name: "hostvars[inventory_hostname]"
debug:
# |to_yaml
msg: "hostvars[inventory_hostname] {{hostvars[inventory_hostname]}}"
when: false
- name: "ansible_lsb.id BOX_OS_FAMILY"
assert:
that:
@ -106,41 +106,41 @@
- ansible_connection != 'local'
- ansible_lsb.id|default('')" != ''
ignore_errors: true
- name: "check BOX_ANSIBLE_CONNECTIONS"
assert:
that:
- "{{ansible_connection in BOX_ANSIBLE_CONNECTIONS}}"
- name: "we will use sudo and make it a prerequisite"
shell: |
which sudo || exit 1
# "check ansible_python_interpreter"
"{{ansible_python_interpreter|default('python3')}}" --version
# required
tags: always
check_mode: false
- block:
- name: check nbd mounts
shell: |
cat /proc/partitions | grep nbd | head -1 | sed -e 's/.* //'
changed_when: false
register: nbd_out
ignore_errors: true
- name: nbd state
debug:
verbosity: 1
msg: 'var={{nbd_out}} BOX_NBD_DEV={{BOX_NBD_DEV}}'
ignore_errors: true
- name: nbd fact no
set_fact:
nbd_disk: ""
- name: nbd fact yes
set_fact:
nbd_dev: "{{nbd_out.stdout}}"
@ -148,7 +148,7 @@
when:
- nbd_out.rc|default(1) == 0
- nbd_out.stdout|default('') != ''
# required
tags: always
check_mode: false
@ -164,7 +164,7 @@
sudo virsh start "{{ inventory_hostname }}"
delegate_to: localhost
become: yes
- name: "spinup libvirt hosts"
# pip3.sh install ovirt-engine-sdk-python --break-system-packages
ovirt:
@ -178,12 +178,12 @@
become: yes
# msg: ovirtsdk required for this module
ignore_errors: true
# required
tags: always
check_mode: false
when: ansible_connection == 'libvirt_qemu'
# # required?
# tags: always
# check_mode: false
@ -195,7 +195,7 @@
- role: base
# When you use always: it breaks using daily/monthly/weekly tags - OK as base doesnt use them
tags: always
- role: proxy
# You should run the proxy role even if you are not behind a proxy.
tags: always

46
hosts.yml
View File

@ -13,7 +13,7 @@ all:
y_UEFI_MediCat_VHD_DW:
# /var/lib/libvirt/qemu/channel/target/domain-37-y_UEFI_MediCat_VHD_D/org.qemu.guest_agent.0
# doesnt work: ansible_connection: "libvirt_qemu"
BOX_SERVICE_MGR: "win11"
BOX_HOST_NAME: "y_UEFI_MediCat_VHD_DW"
@ -78,7 +78,7 @@ all:
BOX_OS_FLAVOR: "Pentoo"
BOX_USR_LIB: lib
BOX_DEFAULT_OUTPUT_IF: wlan4
BOX_PROXY_MODE: selektor
BOX_PROXY_MODE: selektor
BOX_WHONIX_PROXY_HOST: ""
BOX_GENTOO_DISTFILES_ARCHIVES: "/i/net/Http/distfiles.gentoo.org/distfiles"
BOX_PROXY_JAVA_NET_PROPERTIES: /etc/java-config-2/current-system-vm/jre/lib/net.properties
@ -113,21 +113,21 @@ all:
BOX_WHONIX_PROXY_HOST: ""
BOX_PROXY_MODE: tor
BOX_GENTOO_FROM_MP: "/mnt/linuxPen19"
vars:
BOX_ANSIBLE_CONNECTIONS: ["local"]
BOX_REMOTE_MOUNTS: ['/mnt/h', '/mnt/j','/mnt/i', '/mnt/o', '/mnt/mnt/linuxPen19']
BOX_BASE_FEATURES: ['insecure_sudo']
BOX_PROXY_FEATURES: ['run_dnsmasq', 'run_privoxy']
BOX_TOXCORE_FEATURES: []
BOX_TOXCORE_FEATURES: []
# libvirt_group could also be ssh_group
linux_libvirt_group:
hosts:
gentoo1:
ansible_remote_addr: "gentoo1"
ansible_host: "gentoo1"
ansible_ssh_user: "gentoo"
@ -153,7 +153,7 @@ all:
BOX_BASE_FEATURES: []
BOX_TOXCORE_FEATURES: ['libvirt', 'docker']
BOX_GENTOO_FROM_MP: "/mnt/linuxPen19"
ubuntu18.04:
# /mnt
ansible_remote_addr: "ubuntu18.04"
@ -180,7 +180,7 @@ all:
# FixMe
base_system_users: ['vagrant']
BOX_TOXCORE_FEATURES: ['libvirt', 'docker']
vars:
BOX_ANSIBLE_CONNECTIONS: ["ssh", "libvirt_qemu"]
# proxy from environment
@ -192,13 +192,13 @@ all:
https_proxy: "http://127.0.0.1:9128"
socks_proxy: "socks5://127.0.0.1:9050"
no_proxy: "localhost,127.0.0.1,127.0.0.1"
linux_chroot_group :
hosts:
linuxGentoo:
ansible_remote_addr: "/mnt/gentoo"
# required
ansible_host: "/mnt/gentoo"
@ -226,9 +226,9 @@ all:
BOX_NBD_OVERLAY_NAME: "gentoo1"
BOX_NBD_OVERLAY_QCOW: "/o/var/lib/libvirt/images/gentoo1.qcow2"
BOX_GENTOO_FROM_MP: "/mnt/linuxPen19"
linuxPen19:
ansible_remote_addr: "/mnt/linuxPen19"
# required
ansible_host: "/mnt/linuxPen19"
@ -257,13 +257,13 @@ all:
BOX_NBD_BASE_QCOW: "/g/Agile/tmp/Topics/GentooImgr/gentoo.qcow2"
BOX_NBD_OVERLAY_QCOW: "/o/var/lib/libvirt/images/gentoo1.qcow2"
BOX_NBD_FILES: "/i/data/Agile/tmp/Topics/GentooImgr"
# linux_chroot_group vars
vars:
BOX_ANSIBLE_CONNECTIONS: ["local", "chroot"]
# ignored? chroot_connection/exe in ansible.cfg?
ansible_chroot_exe: "/usr/local/sbin/base_chroot.bash"
#? ansible_ssh_common_args: "/usr/bin/env -i CHROOT=1"
# -i "PATH"
# -i "http_proxy https_proxy socks_proxy no_proxy"
@ -283,7 +283,7 @@ all:
BOX_NBD_BASE_QCOW: "{{BOX_NBD_BASE_DIR}}/gentoo.qcow2"
# BOX_NBD_OVERLAY_QCOW: "/o/var/lib/libvirt/images/gentoo1.qcow2"
BOX_NBD_BASE_PUBKEY: "/root/.ssh/id_rsa-ansible.pub"
# libvirt overlay
BOX_NBD_OVERLAY_DIR: "/a/tmp/GentooImgr/create-vm"
BOX_NBD_OVERLAY_GB: "20"
@ -293,7 +293,7 @@ all:
BOX_NBD_OVERLAY_NETWORK: default
# plaintext
BOX_NBD_OVERLAY_PASS: "gentoo"
vars:
# These come from the inventory overridden for connection = local,chroot in base_proxy.yml
@ -388,7 +388,7 @@ all:
BOX_NBD_LOGLEVEL: 20
BOX_NBD_BASE_QCOW: ""
BOX_NBD_BASE_PUBKEY: "/root/.ssh/id_rsa-ansible.pub"
# libvirt overlay
BOX_NBD_OVERLAY_DIR: ""
BOX_NBD_OVERLAY_BR: ""
@ -398,7 +398,7 @@ all:
BOX_NBD_OVERLAY_RAM: 2048
# plaintext
BOX_NBD_OVERLAY_PASS: ""
# Controls what compression method is used for new-style ansible modules when
# they are sent to the remote system. The compression types depend on having
# support compiled into both the controller's python and the client's python.
@ -422,7 +422,7 @@ all:
# https://distfiles.gentoo.org/releases/amd64/autobuilds/latest-stage3-amd64-hardened-openrc.txt
GENTOO_BASE_STAGE_OPENRC_TXT_URL: "https://distfiles.gentoo.org/releases/{{BOX_ARCHITECTURE}}/autobuilds/latest-stage3-{{BOX_ARCHITECTURE}}{{BOX_SUBTYPE}}-openrc.txt"
# plus .gpgsig and .md5sum
GENTOO_BASE_PORTAGE_URL: "https://distfiles.gentoo.org/snapshots/portage-latest.tar.xz"
GENTOO_BASE_PORTAGE_URL: "https://distfiles.gentoo.org/snapshots/portage-latest.tar.xz"
BOX_GENTOO_DISTFILES_ARCHIVES: "/i/net/Http/distfiles.gentoo.org/distfiles"
#? Gentoo specific?
@ -433,7 +433,7 @@ all:
BOX_WHONIX_PROXY_HOST: ""
BOX_PROXY_FEATURES: []
BOX_GPG_SERVER: "keys.gnupg.net"
BOX_GPG_SERVER: "keys.gnupg.net"
BOX_USR_LIB: lib
# if you are on a Gentoo, then / else the mp of a Gentoo if you have one, else ''
BOX_GENTOO_FROM_MP: ''

1
roles/ansible-gentoo_install/README.md
View File

@ -1,4 +1,5 @@
# Ansible role: Gentoo_install
https://github.com/agaffney/ansible-gentoo_install/
Performs an installation of Gentoo Linux against an InstallCD environment.

2
roles/ansible-gentoo_install/defaults/main.yml
View File

@ -24,7 +24,7 @@ AGI_install_network_interfaces:
ens3:
config: dhcp
AGI_container_disk: /dev/vda
AGI_install_root_password: root
AGI_install_syslog_daemon: syslog-ng # app-admin/sysklogd
AGI_install_cron_daemon: sys-process/cronie

182
roles/ansible-gentoo_install/tasks/#local.yml#
View File

@ -1,182 +0,0 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install local"
debug:
verbosity: 0
msg: "DEBUG: ansible-gentoo_install local BOX_NBD_DEV={{BOX_NBD_DEV}}"
check_mode: no
- assert:
that:
- "'{{BOX_NBD_DEV}}' != ''"
when: ansible_connection in ['local', 'chroot']
- set_fact:
AGI_use_local_kernel: true
when:
- ansible_distribution == 'Gentoo' or BOX_GENTOO_FROM_MP not in ['/', '']
- set_fact:
AGI_PROXY_MODE: "{{PROXY_MODE|default('')}}"
when:
- PROXY_MODE|default('') != ''
check_mode: no
- set_fact:
AGI_PROXY_MODE: "{{BOX_PROXY_MODE|default('')}}"
when:
- AGI_PROXY_MODE == ''
check_mode: no
- block:
- name: check for mounted disk
shell: |
grep '/dev/{{AGI_NBD_DEV}}' /proc/mounts && exit 0
ps ax | grep -v grep | \
grep "qemu-nbd.*/dev/nbd.*{{BOX_NBD_BASE_QCOW}}" && \
echo WARN looks like theres an active nbd mount of \
"${BOX_NBD_BASE_QCOW}" && exit 1
exit 2
failed_when: false
changed_when: false
register: check_mounted_disk
check_mode: no
- name: partition if disk not mounted
fail:
msg: "looks like theres an active nbd mount of {{BOX_NBD_BASE_QCOW}}"
when:
- check_mounted_disk.rc == 1
check_mode: no
- name: partition if disk not mounted or active
include: disk.yml
when:
- check_mounted_disk.rc > 1
check_mode: no
- name: mount root partition
mount:
name: "{{AGI_NBD_MP}}"
src: "{{ AGI_install_disk }}p3"
fstype: ext4
state: mounted
check_mode: false
- name: create /boot mountpoint
file:
path: "{{AGI_NBD_MP}}/boot"
state: directory
check_mode: false
- name: mount boot partition
mount:
name: "{{AGI_NBD_MP}}/boot"
src: "{{ AGI_install_disk }}p1"
fstype: ext2
state: mounted
check_mode: false
- name: mount distfiles
delegate_to: localhost
shell: |
[ -d "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] || exit 1
grep {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} /proc/mounts && exit 0
[ -d {{AGI_NBD_MP}}/usr/portage/ ] || exit 0
[ -d {{AGI_NBD_MP}}/usr/portage/distfiles ] || mkdir {{AGI_NBD_MP}}/usr/portage/distfiles
mount --bind {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} {{AGI_NBD_MP}}/usr/portage/distfiles
when:
- "MOUNT_GENTOO_DISTFILES_ARCHIVES != ''"
- "AGI_NBD_MP != ''"
- false # let the tester take care of this
- include: tarball.yml
- include: copy.yml
when: AGI_use_local_kernel
- include: chroot.yml
delegate_to: localhost
when: ansible_connection in ['chroot', 'local'] # libvirt?
- block:
- name: check chroot wrapper installed
shell: |
[ -x /var/tmp/chroot_wrapper.sh ] || exit 1
df /mnt/gentoo || exit 2
/var/tmp/chroot_wrapper.sh df | grep /mnt/gentoo && exit 4
exit 0
register: chroot_out
check_mode: false
- name: enable chroot wrapper
set_fact:
ansible_shell_executable: /var/tmp/chroot_wrapper.sh
old_ansible_python_interpreter: "{{ansible_python_interpreter}}"
ansible_python_interpreter: "/usr/bin/python3"
check_mode: false
when: ansible_connection in ['local']
- block:
- include: portage.yml
- include: misc.yml
- include: network.yml
- include: kernel.yml
when: not AGI_use_local_kernel
- include: bootloader.yml
- include: daemons.yml
# - include: finish.yml
check_mode: false
when:
- "ansible_connection in ['chroot'] or chroot_out.rc|default(1) == 0"
rescue:
- debug:
msg: "ERROR: "
- name: disable chroot wrapper
set_fact:
ansible_shell_executable: /bin/sh
ansible_python_interpreter: "{{old_ansible_python_interpreter}}"
when:
- "ansible_connection in ['local'] and chroot_out.rc|default(1) == 0"
check_mode: false
- name: unmount filesystems
mount:
name: "{{AGI_NBD_MP}}/{{ item }}"
state: unmounted
with_items:
- proc
- sys
- dev/pts
- dev/shm
- dev
- boot
- ''
loop_control:
label: "{{AGI_NBD_MP}}/{{ item }}"
when:
- "ansible_connection in ['local'] and chroot_out.rc|default(1) == 0"
- false # leave it mounted for testing
- name: dismount any other mounts
shell: |
if [ -z "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] && \
[ -d "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] && \
grep {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} /proc/mounts ; then
umount {{MOUNT_GENTOO_DISTFILES_ARCHIVES}}
fi
df -a | grep "{{AGI_NBD_MP}}" | sed -e 's/.* //' | tac | while read elt;do
umount $elt
done
when:
- "ansible_connection in ['chroot'] or chroot_out.rc|default(1) == 0"
- false # leave it mounted for testing

1
roles/ansible-gentoo_install/tasks/.#local.yml
View File

@ -1 +0,0 @@
root@pentoo.152064:1703733868

2
roles/ansible-gentoo_install/tasks/bootloader.yml
View File

@ -100,7 +100,7 @@
EOF
bash /etc/rc.local
ignore_errors: true
- name: rc-update add bootlogd boot
shell: |
rc-update | grep -q 'bootlogd .* boot' || \

4
roles/ansible-gentoo_install/tasks/chroot.yml
View File

@ -4,7 +4,7 @@
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install chroot.yml"
- name: test we are NOT in the chroot
shell: |
df | grep "{{AGI_NBD_MP}}" || exit 1
@ -15,7 +15,7 @@
exit 4
[ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5
check_mode: false
- name: copy resolv.conf into chroot
copy:
src: /etc/resolv.conf

16
roles/ansible-gentoo_install/tasks/copy.yml
View File

@ -4,7 +4,7 @@
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install copy.yml"
- name: test we are NOT in the chroot
shell: |
df | grep "{{AGI_NBD_MP}}" || exit 1
@ -15,7 +15,7 @@
exit 4
[ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5
check_mode: false
- name: install to mp from source
delegate_to: localhost
shell: |
@ -33,7 +33,7 @@
echo linux
register: kernel_out
check_mode: false
- name: copy kernel sources
copy:
src: "{{AGI_GENTOO_FROM_MP}}/usr/src/{{kernel_out.stdout}}"
@ -44,7 +44,7 @@
- kernel_out.rc|default(1) == 0
- AGI_use_local_kernel
- false # dunno where it went to
- name: resolve kver
shell: |
kernel="{{kernel_out.stdout}}"
@ -62,7 +62,7 @@
check_mode: false
when:
- kver_out.rc|default(1) == 0
- name: resolve vmlinux
shell: |
kver="{{kver_out.stdout}}"
@ -71,7 +71,7 @@
check_mode: false
when:
- kver_out.rc|default(1) == 0
- name: copy kernel vmlinux
copy:
src: "{{AGI_GENTOO_FROM_MP}}{{vmlinux_out.stdout}}"
@ -89,7 +89,7 @@
check_mode: false
when:
- kver_out.rc|default(1) == 0
- name: copy kernel vmlinux
copy:
src: "{{AGI_GENTOO_FROM_MP}}{{ramfs_out.stdout}}"
@ -110,5 +110,5 @@
[ -f "{{AGI_NBD_MP}}/{{file}}" ] && continue
cp -np "$file" "{{AGI_NBD_MP}}/{{file}}"
done
# dracut

2
roles/ansible-gentoo_install/tasks/daemons.yml
View File

@ -4,7 +4,7 @@
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install daemons"
- name: test we are in the chroot
shell: |
df | grep {{AGI_NBD_MP}} && exit 1

58
roles/ansible-gentoo_install/tasks/disk.yml
View File

@ -4,7 +4,7 @@
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install disk.yml"
- name: test we are NOT in the chroot
shell: |
grep '/dev/{{AGI_NBD_DEV}}' /proc/mounts && exit 1
@ -13,29 +13,33 @@
[ "{{ansible_distribution}}" == 'Gentoo' ] || \
( {{AGI_GENTOO_FROM_MP}} != '' && '{{AGI_GENTOO_FROM_MP}}' != '/' ) || \
exit 4
l [ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5
[ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5
check_mode: false
- block:
- name: create disklabel
command: parted -s {{ AGI_install_disk }} mklabel {{ AGI_install_disklabel }}
register: disklabel_out
# stderr: 'Warning: Error fsyncing/closing /dev/nbd1: Input/output error'
failed_when: false
- name: disklabel_out
debug:
var: disklabel_out
# you can get into a wierd state with /dev/nbd - partprobe reports
# Error: Partition(s) 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64 on /dev/nbd3 have been written, but we have been unable to inform the kernel of the change, probably because it/they are in use. As a result, the old partition(s) will remain in use. You should reboot now before making further changes.
# and the same thing on all of the rest of your disks! All untrue
# but the qemu -d /dev/nbd1 command will fail silently if busy
when: disklabel_out.rc != 0
- name: This is fatal - you must reboot
fail:
msg: "This is fatal - you must reboot. {{disklabel_out.stderr}}"
when:
- disklabel_out.rc == 1
check_mode: no
# We need to leave a small gap at the beginning of the disk, or grub won't be
# able to install to the MBR
- name: create boot partition
@ -43,56 +47,60 @@ l [ -d "{{AGI_GENTOO_FROM_MP}}" ] || exit 5
parted -s {{ AGI_install_disk }} mkpart primary ext2 1M 200M
args:
creates: "{{ AGI_install_disk }}p1"
- name: mark boot partition as active
shell: |
parted -s {{ AGI_install_disk }} set 1 boot on
- name: create swap partition
shell: |
parted -s {{ AGI_install_disk }} -- mkpart primary linux-swap 201M 2200M
args:
creates: "{{ AGI_install_disk }}p2"
- name: create root partition
shell: |
parted -s {{ AGI_install_disk }} -- mkpart primary ext4 2201M 20070M
args:
creates: "{{ AGI_install_disk }}p3"
- name: format boot partition
filesystem: dev={{ AGI_install_disk }}p1 fstype=ext2 force=yes
check_mode: false
when: not ansible_check_mode
- name: format swap partition
filesystem: dev={{ AGI_install_disk }}p2 fstype=swap force=yes
check_mode: false
when: false
- name: format root partition
filesystem: dev={{ AGI_install_disk }}p3 fstype=ext4 force=yes
check_mode: false
when: not ansible_check_mode
when: false
- block:
shell: |
sfdisk {{ AGI_install_disk }} << EOF
label: dos
label-id: 0x14a8b958
device: {{ AGI_install_disk }}
unit: sectors
sector-size: 512
{{ AGI_install_disk }}p1 : start= 2048, size= 819200, type=83, bootable
{{ AGI_install_disk }}p2 : start= 821248, size= 4096000, type=82
{{ AGI_install_disk }}p3 : start= 4917248, size= 37025792, type=83
EOF
mke2fs {{ AGI_install_disk }}p1
mke2fs {{ AGI_install_disk }}p3
- name: create disk partitions
shell: |
sfdisk {{ AGI_install_disk }} << EOF
label: dos
label-id: 0x14a8b958
device: {{ AGI_install_disk }}
unit: sectors
sector-size: 512
{{ AGI_install_disk }}p1 : start= 2048, size= 819200, type=83, bootable
{{ AGI_install_disk }}p2 : start= 821248, size= 4096000, type=82
{{ AGI_install_disk }}p3 : start= 4917248, size= 37025792, type=83
EOF
mke2fs {{ AGI_install_disk }}p1
mke2fs {{ AGI_install_disk }}p3
when: true
- name: label partitions
shell: |
e2label {{ AGI_install_disk }}p3 root

2
roles/ansible-gentoo_install/tasks/finish.yml
View File

@ -26,7 +26,7 @@
grep /mnt/gentoo/ /proc/mounts|tac|while read a b c ;do sudo umount $b;done
# leave this to be done
grep nbd /proc/mounts || true
- name: reboot
command: reboot
async: 0

4
roles/ansible-gentoo_install/tasks/kernel.yml
View File

@ -4,7 +4,7 @@
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install kernel"
- name: test we are in the chroot
shell: |
df | grep /mnt/gentoo && exit 1
@ -28,4 +28,4 @@
args:
creates: /boot/kernel-genkernel-*

26
roles/ansible-gentoo_install/tasks/local.yml
View File

@ -19,7 +19,7 @@
- set_fact:
AGI_PROXY_MODE: "{{PROXY_MODE|default('')}}"
when:
- PROXY_MODE|default('') != ''
- PROXY_MODE|default('') != ''
check_mode: no
- set_fact:
@ -29,7 +29,7 @@
check_mode: no
- block:
- name: check for mounted disk
shell: |
grep '/dev/{{AGI_NBD_DEV}}' /proc/mounts && exit 0
@ -42,20 +42,20 @@
changed_when: false
register: check_mounted_disk
check_mode: no
- name: partition if disk not mounted
fail:
msg: "looks like theres an active nbd mount of {{BOX_NBD_BASE_QCOW}}"
when:
- check_mounted_disk.rc == 1
check_mode: no
- name: partition if disk not mounted or active
include: disk.yml
when:
- check_mounted_disk.rc > 1
check_mode: no
- name: mount root partition
mount:
name: "{{AGI_NBD_MP}}"
@ -63,13 +63,13 @@
fstype: ext4
state: mounted
check_mode: false
- name: create /boot mountpoint
file:
path: "{{AGI_NBD_MP}}/boot"
state: directory
check_mode: false
- name: mount boot partition
mount:
name: "{{AGI_NBD_MP}}/boot"
@ -90,7 +90,7 @@
- "MOUNT_GENTOO_DISTFILES_ARCHIVES != ''"
- "AGI_NBD_MP != ''"
- false # let the tester take care of this
- include: tarball.yml
- include: copy.yml
when: AGI_use_local_kernel
@ -100,7 +100,7 @@
when: ansible_connection in ['chroot', 'local'] # libvirt?
- block:
- name: check chroot wrapper installed
shell: |
[ -x /var/tmp/chroot_wrapper.sh ] || exit 1
@ -109,7 +109,7 @@
exit 0
register: chroot_out
check_mode: false
- name: enable chroot wrapper
set_fact:
ansible_shell_executable: /var/tmp/chroot_wrapper.sh
@ -118,14 +118,14 @@
check_mode: false
when: ansible_connection in ['local']
- block:
- include: portage.yml
- include: misc.yml
- include: network.yml
- include: kernel.yml
when: not AGI_use_local_kernel
@ -140,7 +140,7 @@
rescue:
- debug:
msg: "ERROR: "
- name: disable chroot wrapper
set_fact:
ansible_shell_executable: /bin/sh

4
roles/ansible-gentoo_install/tasks/main.yml
View File

@ -15,7 +15,7 @@
when:
- "'ansible-gentoo_install' in ROLES"
- ansible_check_mode is true
- name: look for nbd partitions
shell: |
grep nbd /proc/partitions | head -1|sed -e 's/.* //'
@ -46,7 +46,7 @@
ignore_errors: true
- block:
- name: set AGI_gentooimgr_configs
set_fact:
AGI_gentooimgr_configs: "{{gentooimgr_out.stdout}}/configs"

2
roles/ansible-gentoo_install/tasks/misc.yml
View File

@ -97,7 +97,7 @@
mode: '0640'
- block:
- name: make symlinks
shell: |
{% for elt in AGI_bootstrap_pkgs %}

2
roles/ansible-gentoo_install/tasks/portage.yml
View File

@ -39,7 +39,7 @@
- name: install portage tree snapshot
command: emerge-webrsync
when: false
#- name: update portage tree
# command: emerge --sync

8
roles/ansible-gentoo_install/tasks/tarball.yml
View File

@ -5,7 +5,7 @@
debug:
verbosity: 1
msg: "DEBUG: ansible-gentoo_install tarball"
- name: test we are NOT in the chroot
shell: |
[ -n "{{AGI_NBD_MP}}" ] || exit 2
@ -52,7 +52,7 @@
prefix=$(echo $filename | sed -e "s/$suffix//" );
echo $filename
register: tarball_out
- set_fact:
latest_stage_tarball_url_suffix: "{{ ( latest_stage.content.splitlines() | reject('match', '#') | first ).split(' ')[0] }}"
latest_stage_tarball: "{{ ( latest_stage.content.splitlines() | reject('match', '#') | first ).split(' ')[0].split('/')[1] }}"
@ -68,7 +68,7 @@
when:
- not ansible_check_mode
- tarball_out.rc|default(1) == 0
- name: fetch latest stage tarball
environment: "{{proxy_env}}"
delegate_to: localhost
@ -95,7 +95,7 @@
sha256sum "{{ latest_stage_tarball }}.sha256"
when:
- not ansible_check_mode
- name: extract stage tarball
unarchive:
src: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}"

4
roles/ansible-gentoo_install/vars/target_Gentoo2.yml
View File

@ -41,7 +41,7 @@ AGI_bootstrap_dirs:
- etc/portage/repos.conf
- etc/portage/savedconfig
- etc/portage/sets
AGI_bootstrap_files:
- usr/local/etc/local.d/local.bash
- usr/local/bin/usr_local_tput.bash
@ -69,7 +69,7 @@ AGI_bootstrap_pkgs:
- sys-libs/gpm
- app-portage/eix
- www-client/lynx
AGI_cloud_pkgs:
# get these from base.json
- acpid

2
roles/toxcore/defaults/main.yml
View File

@ -27,4 +27,4 @@ TOXCORE_GENTOO_FROM_MP: "{{BOX_GENTOO_FROM_MP}}"
TOXCORE_FEATURES:
- libvirt
- docker

18
roles/toxcore/tasks/Gentoo.yml
View File

@ -84,7 +84,7 @@
PORTAGE_ELOG_CLASSES="warn error"
# NOT syslog
PORTAGE_ELOG_SYSTEM="save"
- name: "/etc/portage/make.conf base Gentoo2.yml CFLAGS"
blockinfile:
dest: /etc/portage/make.conf
@ -94,7 +94,7 @@
# -pipe
CFLAGS="-mtune=generic -O2"
CXXFLAGS="-mtune=generic -O2"
- name: "/etc/portage/make.conf base Gentoo.yml PORT_LOGDIR"
blockinfile:
dest: /etc/portage/make.conf
@ -104,7 +104,7 @@
PORT_LOGDIR="/var/log/portage"
PORTAGE_ELOG_CLASSES="log warn error info"
PORTAGE_ELOG_SYSTEM="echo:log,warn save:log,warn,error,info syslog:error"
- name: "/etc/portage/make.conf base Gentoo.yml ACCEPT_KEYWORDS"
blockinfile:
dest: /etc/portage/make.conf
@ -114,7 +114,7 @@
# In ACCEPT_KEYWORDS, ~amd64 is used for current 64-bit builds;
# There is no tilde for the stable build.
ACCEPT_KEYWORDS="~amd64"
- name: "/etc/portage/make.conf base Gentoo.yml GENTOO_MIRRORS"
blockinfile:
dest: /etc/portage/make.conf
@ -122,7 +122,7 @@
marker: "# {mark} ANSIBLE MANAGED BLOCK base Gentoo.yml [GENTOO_MIRRORS]"
block: |
GENTOO_MIRRORS="http://distfiles.gentoo.org"
- name: "/etc/portage/make.conf Gentoo2 base"
blockinfile:
dest: /etc/portage/make.conf
@ -131,7 +131,7 @@
block: |
# 2016-01 added for some py packages
COLLISION_IGNORE="/lib/modules/* *.py[co] __init__.py"
- name: "/etc/portage/make.conf Gentoo2 UNINSTALL_IGNORE"
blockinfile:
dest: /etc/portage/make.conf
@ -140,7 +140,7 @@
block: |
# 2017-01 added for kernel compiling
UNINSTALL_IGNORE="/usr/src /opt /usr/lib32 /usr/lib64/python2.7"
- name: "/etc/portage/make.conf Gentoo2 FEATURES-preserve-libs"
blockinfile:
dest: /etc/portage/make.conf
@ -149,7 +149,7 @@
block: |
# https://wiki.gentoo.org/wiki/Project:Toolchain/libcrypt_implementation
FEATURES="${FEATURES} preserve-libs"
- name: "/etc/portage/make.conf Gentoo2 FEATURES"
blockinfile:
dest: /etc/portage/make.conf
@ -166,6 +166,6 @@
CXXFLAGS="-mtune=generic -O2 -pipe"
FCFLAGS="${CFLAGS}"
FFLAGS="${CFLAGS}"
when: true

16
roles/toxcore/tasks/bootstrap_nbd.yml
View File

@ -18,27 +18,27 @@
parted -s {{nbd_disk}} mkpart primary 2048s 100%
partprobe
mkfs.ext4 -FF {{nbd_disk}}p1
- name: "mount the disk"
shell: |
df | grep {{nbd_disk}}p1 && exit 0
[ -d {{BASE_NBD_MP}} ] || mkdir {{BASE_NBD_MP}}
mount {{nbd_disk}}p1 {{BASE_NBD_MP}}
[ -d {{BASE_NBD_MP}}/lost+found ]
- name: "check the disk"
shell: |
df | grep {{nbd_disk}}p1 || exit 1
[ -d {{BASE_NBD_MP}}/lost+found ] || exit 2
- name: check the downloads step5
shell: |
stage3_asc=stage3-amd64-openrc-20231217T170203Z.tar.xz.sha256
stage3_xz=stage3-amd64-openrc-20231217T170203Z.tar.xz
sha256sum -c $stage3_asc
tar xJpf $stage3 --xattrs-include='*.*' --numeric-owner -C {{BASE_NBD_MP}
portage_xz=portage-20231221.tar.xz
tar xpJf $portage -C {{BASE_NBD_MP}}/usr
@ -50,10 +50,10 @@
[ -d etc/portage/package.license ] || mkdir -p etc/portage/package.license
EOF
chdir: "{{BASE_NBD_MP}}"
creates: "{{BASE_NBD_MP}}/etc"
- name: chroot into the partition - step4
shell: |
df | grep {{nbd_disk}}p1 || exit 1
@ -74,7 +74,7 @@
- name: stop here
shell: |
exit 1
delegate_to: localhost
when:
- nbd_disk != ''

2
roles/toxcore/tasks/daily.yml
View File

@ -21,7 +21,7 @@
become_user: "{{ BOX_USER_NAME }}"
ignore_errors: true
check_mode: false
- name: "run toxcore_daily.bash"
environment: "{{ shell_proxy_env }}"
shell: |

4
roles/toxcore/tasks/hourly.yml
View File

@ -16,7 +16,7 @@
when:
- false # this is vagrant only
- "ansible_virtualization_role|replace('NA', 'host') != 'host'"
- name: check guest-agent
# was toxcore_bin.bash
shell: |
@ -28,7 +28,7 @@
exit 0 # $retval
}
exit 0
when: "ansible_virtualization_role|replace('NA', 'host') != 'host'"
- name: run toxcore_check_modules.bash

18
roles/toxcore/tasks/main.yml
View File

@ -5,8 +5,8 @@
- name: "toxcore main.yml"
debug:
verbosity: 1
msg: "toxcore main.yml BOX_OS_FAMILY={{BOX_OS_FAMILY}} {{BOX_GENTOO_FROM_MP}} {{ansible_virtualization_role|replace('NA', 'host')}}"
msg: "toxcore main.yml BOX_OS_FAMILY={{BOX_OS_FAMILY}} {{BOX_GENTOO_FROM_MP}} {{ansible_virtualization_role|replace('NA', 'host')}}"
- name: toxcore include_vars
include_vars: "{{item}}.yml"
with_items:
@ -80,7 +80,7 @@
DIR=$KDIR/misc
[ -d $DIR ] || { echo WARN: no directory $DIR ; exit 0 ; }
/var/local/bin/toxcore_sign_modules.bash {{ toxcore_kmods_in_host|flatten|join(' ') }}
when: false
# this changes with kernel 4 -> 5
@ -160,8 +160,8 @@
environment: "{{ shell_proxy_env }}"
shell: |
[ -f /usr/share/openpgp-keys/gentoo-release.asc ] && exit 0
gpg --import /usr/local/share/openpgp-keys/gentoo-release.asc
gpg --import /usr/local/share/openpgp-keys/gentoo-release.asc
# this should not run as root
# delegate_to: localhost? - no - per test
- name: "usr_local_toxcore.bash"
@ -177,7 +177,7 @@
become_user: "{{ BOX_USER_NAME }}"
ignore_errors: true
check_mode: false
- name: "include_tasks toxcore vms as root"
include_tasks:
file: "{{LOOP_ITEM}}.yml"
@ -226,7 +226,7 @@
# - "{{ 'docker_users' if 'docker' in TOXCORE_FEATURES else '' }}"
loop_control:
loop_var: LOOP_USER_F
- name: enable and start toxcore services
service:
name: "{{ item }}"
@ -275,7 +275,7 @@
# -m MAC address to use (default is to use a randomly-generated MAC)
# -p ansible users plaintext password
# -k Full path and name of the ansible user's public key file (required)
- name: run toxcore_create-vm.bash
delegate_to: localhost
shell: |
@ -295,7 +295,7 @@
-d {{BOX_NBD_OVERLAY_DIR}} \
-b virbr0 \
-p gentoo \
-o gentoo
-o gentoo
ignore_errors: true
when:
- "ansible_virtualization_role|replace('NA', 'host') == 'host'"

4
roles/toxcore/tasks/users.yml
View File

@ -8,7 +8,7 @@
msg: "toxcore users.yml LOOP_USER_F={{LOOP_USER_F[0]}}"
- block:
- name: /etc/sysconfig/docker
blockinfile:
dest: /etc/sysconfig/docker
@ -108,7 +108,7 @@
# - windows-qt5
# - windows
- name: Run toxygen_wrapper on the tester
delegate_to: localhost
shell: |

4
roles/toxcore/tasks/vms.yml
View File

@ -11,7 +11,7 @@
shell: |
[ -e /dev/kvm ]
delegate_to: localhost
- name: "make a directory for /etc/pki/qemu"
file:
path: "{{item }}"
@ -120,7 +120,7 @@
- debug:
verbosity: 1
msg: "Ignoring error"
#libvirt
- block:

4
roles/toxcore/vars/Devuan5.yml
View File

@ -201,7 +201,7 @@ toxcore_aws_debs_inst:
- awscli
toxcore_pips2_inst: []
toxcore_pips3_inst:
- pycrypto
- pywinrm
@ -210,4 +210,4 @@ toxcore_pips3_inst:
- msgpack_python
- pysha3
- pycryptodomex

2
src/ansible_gentooimgr.bash Normal file
View File

@ -0,0 +1,2 @@
#!/bin/sh