server bootstrap fixes
theYinYeti@yalis.fr
Y
Ursprung
d31350f130
Commit
817bbe9f81
|
|
@ -231,7 +231,7 @@ root@archiso ~ # mkdir -p $DMZ/var
|
|||
root@archiso ~ # mount $LVM/{data-vg}-ContVar $DMZ/var
|
||||
root@archiso ~ # mkdir -p $DMZ/srv/{acme,webapps}
|
||||
root@archiso ~ # mkdir -p $DMZ/var/cache/{ddclient,movim}
|
||||
root@archiso ~ # mkdir -p $DMZ/var/lib/{prosody,transmission}
|
||||
root@archiso ~ # mkdir -p $DMZ/var/lib/{movim,prosody,transmission}
|
||||
root@archiso ~ # mkdir -p $DMZ/var/log/nginx
|
||||
|
||||
root@archiso ~ # mount \
|
||||
|
|
@ -282,7 +282,7 @@ Archlinux installation::
|
|||
* When this is done, be sure to check that `/mnt/etc/fstab` perfectly matches the wanted result (the above mount points).
|
||||
+
|
||||
```bash
|
||||
root@archiso ~ # pacstrap /mnt base arch-install-scripts intel-ucode \
|
||||
root@archiso ~ # pacstrap /mnt base arch-install-scripts intel-ucode linux \
|
||||
> openssh python2 etckeeper git lvm2 btrfs-progs rsync
|
||||
…
|
||||
root@archiso ~ # genfstab -L /mnt >>/mnt/etc/fstab
|
||||
|
|
@ -365,7 +365,7 @@ This line is only interesting if the main data drive is connected with USB.
|
|||
In theory, at this stage, the machine is ready to be controlled by Ansible.
|
||||
However, Ansible fails at first, because for some reason, `pacstrap` in the “front” Ansible role fails to initialize the DMZ if the location already contains mount points, so:
|
||||
|
||||
. I had to temporarily unmount everything under `/var/lib/machines/{front-name}`, and delete the `/var/lib/machines/{front-name}/usr` sub-diretory.
|
||||
. I had to temporarily unmount everything under `/var/lib/machines/{front-name}`, and delete `/var/lib/machines/{front-name}/*`.
|
||||
. I also temporarily commented out the whole front-half of `site.xml`, as well as the “front-run” role of the back part.
|
||||
. Then I ran Ansible again.
|
||||
. When the DMZ was correctly initialized, I renamed `/var/lib/machines/{front-name}/var` to `/var/lib/machines/{front-name}/var.new`.
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@
|
|||
minidlna.service \
|
||||
nfs-server.service
|
||||
do
|
||||
systemctl stop $u
|
||||
systemctl stop $u || true
|
||||
done
|
||||
when:
|
||||
- (inventory_hostname in groups['back'])
|
||||
|
|
@ -19,7 +19,7 @@
|
|||
- name: stop some services
|
||||
shell: |
|
||||
for u in spamassassin.service spamassassin-update.{timer,service}; do
|
||||
systemctl stop $u
|
||||
systemctl stop $u || true
|
||||
done
|
||||
when:
|
||||
- (inventory_hostname in groups['front'])
|
||||
|
|
|
|||
|
|
@ -14,14 +14,14 @@
|
|||
minidlna.service \
|
||||
nfs-server.service
|
||||
do
|
||||
systemctl start $u
|
||||
systemctl start $u || true
|
||||
done
|
||||
when:
|
||||
- (inventory_hostname in groups['back'])
|
||||
|
||||
- name: restart some services
|
||||
shell: |
|
||||
systemctl start spamassassin.service
|
||||
systemctl start spamassassin-update.timer
|
||||
systemctl start spamassassin.service || true
|
||||
systemctl start spamassassin-update.timer || true
|
||||
when:
|
||||
- (inventory_hostname in groups['front'])
|
||||
|
|
|
|||
|
|
@ -6,3 +6,4 @@
|
|||
dependencies:
|
||||
- role: init
|
||||
- role: cleanupdate
|
||||
- role: sockets
|
||||
|
|
|
|||
|
|
@ -49,8 +49,6 @@
|
|||
args:
|
||||
creates: "{{front_dir}}/usr"
|
||||
register: arch
|
||||
notify:
|
||||
- restart DMZ
|
||||
|
||||
- name: enable BusyBox…
|
||||
command: |
|
||||
|
|
@ -64,13 +62,22 @@
|
|||
state: absent
|
||||
when: (arch.changed)
|
||||
with_items:
|
||||
# base-devel needs patch
|
||||
# base-devel needs patch, gawk (owns awk), which
|
||||
- patch
|
||||
- gawk
|
||||
- awk
|
||||
- which
|
||||
# exim owns sendmail
|
||||
- sendmail
|
||||
# spamassassin needs gcc needs binutils owns ar + strings
|
||||
- ar
|
||||
- strings
|
||||
# make needs guile needs texinfo needs gzip + less, own: less, gunzip, gzip, uncompress, zcat
|
||||
- less
|
||||
- gunzip
|
||||
- gzip
|
||||
- uncompress
|
||||
- zcat
|
||||
# util-linux owns setpriv, rfkill
|
||||
- setpriv
|
||||
- rfkill
|
||||
|
|
@ -84,6 +91,8 @@
|
|||
- slattach
|
||||
# vim owns xxd
|
||||
- xxd
|
||||
# php-imagick needs imagemagick needs libtool needs tar
|
||||
- tar
|
||||
|
||||
- name: copy some files from host to container
|
||||
copy:
|
||||
|
|
@ -124,8 +133,6 @@
|
|||
src: files/nspawn_override.conf
|
||||
dest: /etc/systemd/system/systemd-nspawn@.service.d/override.conf
|
||||
mode: 0644
|
||||
notify:
|
||||
- restart DMZ
|
||||
|
||||
- name: enable machines.target
|
||||
systemd:
|
||||
|
|
@ -145,8 +152,6 @@
|
|||
src: files/DMZ.nspawn
|
||||
dest: "/etc/systemd/nspawn/{{DMZ}}.nspawn"
|
||||
mode: 0644
|
||||
notify:
|
||||
- restart DMZ
|
||||
|
||||
- name: enable systemd-nspawn@{{DMZ}}.service
|
||||
systemd:
|
||||
|
|
@ -160,4 +165,3 @@
|
|||
vars:
|
||||
msg: 'DMZ init+SSH'
|
||||
### ⇐ LOCAL COMMIT ###
|
||||
- meta: flush_handlers
|
||||
|
|
|
|||
|
|
@ -43,8 +43,8 @@
|
|||
- name: enable the wanted locales
|
||||
replace:
|
||||
path: "{{chroot}}/etc/locale.gen"
|
||||
regexp: "^#\\s*({{locales_enabled | regex_escape() | replace('\\ ', '|')}})\\s*$"
|
||||
replace: '\1'
|
||||
regexp: "^#\\s*({{locales_enabled | regex_escape() | replace('\\ ', '|')}})(\\s.*)?$"
|
||||
replace: '\1\2'
|
||||
register: locales
|
||||
|
||||
- name: set default locale
|
||||
|
|
|
|||
2
site.yml
2
site.yml
|
|
@ -12,8 +12,8 @@
|
|||
- ntp
|
||||
- cleanupdate
|
||||
- printscan
|
||||
- front
|
||||
- sockets
|
||||
- front
|
||||
- postinstall
|
||||
- msmtp
|
||||
- nfs
|
||||
|
|
|
|||
Laden…
In neuem Issue referenzieren