221 lines
5.4 KiB
YAML
221 lines
5.4 KiB
YAML
---
|
|
# The home-server project produces a multi-purpose setup using Ansible.
|
|
# Copyright © 2018 Y. Gablin, under the GPL-3.0-or-later license.
|
|
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
|
|
|
|
# WARNING: This file may be used inside a mounted chroot.
|
|
# The running system should not be assumed to be the target system.
|
|
|
|
### INIT ⇒ ###
|
|
- name: init EtcKeeper
|
|
include_role: name=etckeeper.inc allow_duplicates=true tasks_from=init.yml
|
|
vars:
|
|
msg: init
|
|
### ⇐ INIT ###
|
|
|
|
### UPSTREAM BEGIN ⇒ ###
|
|
- name: settings necessary for pulling from upstream
|
|
include_role: name=etckeeper.inc allow_duplicates=true tasks_from=upstream.yml
|
|
vars:
|
|
msg: local settings
|
|
### ⇐ UPSTREAM BEGIN ###
|
|
|
|
#
|
|
# https://wiki.archlinux.org/index.php/Installation_guide
|
|
#
|
|
|
|
# Time zone
|
|
- name: set the time zone
|
|
file:
|
|
src: "/usr/share/zoneinfo/{{timezone}}"
|
|
dest: "{{chroot}}/etc/localtime"
|
|
state: link
|
|
register: tz
|
|
|
|
- name: set hardware clock
|
|
command: hwclock --systohc
|
|
when:
|
|
- (chroot == "")
|
|
- (tz.changed)
|
|
- (inventory_hostname in groups['back'])
|
|
|
|
# Locale
|
|
- name: enable the wanted locales
|
|
replace:
|
|
path: "{{chroot}}/etc/locale.gen"
|
|
regexp: "^#\\s*({{locales_enabled | regex_escape() | replace('\\ ', '|')}})(\\s.*)?$"
|
|
replace: '\1\2'
|
|
register: locales
|
|
|
|
- name: set default locale
|
|
copy:
|
|
content: |
|
|
LANG={{locales_default}}
|
|
dest: "{{chroot}}/etc/locale.conf"
|
|
mode: 0644
|
|
|
|
- name: generate locales (main)
|
|
command: locale-gen
|
|
when:
|
|
- (locales.changed)
|
|
- (chroot == "")
|
|
|
|
- name: generate locales (chroot)
|
|
command: arch-chroot {{chroot}} locale-gen
|
|
when:
|
|
- (locales.changed)
|
|
- (chroot != "")
|
|
|
|
- name: set keymap
|
|
copy:
|
|
content: |
|
|
KEYMAP={{default_keymap}}
|
|
dest: "{{chroot}}/etc/vconsole.conf"
|
|
mode: 0644
|
|
|
|
# Host names
|
|
- name: set hostname
|
|
copy:
|
|
content: |
|
|
{{hostname}}
|
|
dest: "{{chroot}}/etc/hostname"
|
|
mode: 0644
|
|
|
|
- name: set the hosts file
|
|
copy:
|
|
src: files/hosts
|
|
dest: "{{chroot}}/etc/hosts"
|
|
mode: 0644
|
|
|
|
# Networking
|
|
- name: set systemd network settings
|
|
copy:
|
|
src: "files/network_{{hostname}}/"
|
|
dest: "{{chroot}}/etc/systemd/network/"
|
|
mode: 0644
|
|
register: network
|
|
|
|
- name: ensure overriding directories of network settings exist
|
|
file:
|
|
path: "{{chroot}}/etc/systemd/system/{{item}}"
|
|
state: directory
|
|
mode: 0755
|
|
with_items:
|
|
- multi-user.target.wants
|
|
- sockets.target.wants
|
|
- systemd-networkd-wait-online.service.d
|
|
|
|
- name: enable networking service
|
|
file:
|
|
src: /usr/lib/systemd/system/systemd-networkd.service
|
|
dest: "{{chroot}}/etc/systemd/system/multi-user.target.wants/systemd-networkd.service"
|
|
state: link
|
|
|
|
- name: enable networking socket
|
|
file:
|
|
src: /usr/lib/systemd/system/systemd-networkd.socket
|
|
dest: "{{chroot}}/etc/systemd/system/sockets.target.wants/systemd-networkd.socket"
|
|
state: link
|
|
|
|
- name: ensure proper working of “wait-online” on host
|
|
copy:
|
|
content: |
|
|
[Service]
|
|
ExecStart=
|
|
ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --interface=wire
|
|
dest: /etc/systemd/system/systemd-networkd-wait-online.service.d/wait.conf
|
|
mode: 0644
|
|
when:
|
|
- (chroot == '')
|
|
- (inventory_hostname in groups['back'])
|
|
|
|
- name: start networking
|
|
systemd:
|
|
daemon_reload: true
|
|
name: systemd-networkd.service
|
|
state: restarted
|
|
when:
|
|
- (chroot == "")
|
|
- (network.changed)
|
|
|
|
# DNS
|
|
- name: ensure resolved.conf.d exists
|
|
file:
|
|
path: "{{chroot}}/etc/systemd/resolved.conf.d"
|
|
state: directory
|
|
mode: 0755
|
|
|
|
- name: set DNS settings using http://wiki.ipfire.org/en/dns/public-servers
|
|
copy:
|
|
content: |
|
|
[Resolve]
|
|
DNS={{dns_hosts}}
|
|
DNSSEC={{dns_sec}}
|
|
dest: "{{chroot}}/etc/systemd/resolved.conf.d/{{nickname}}.conf"
|
|
mode: 0644
|
|
register: DNS
|
|
|
|
- name: set resolv.conf to systemd-resolvd
|
|
file:
|
|
src: /usr/lib/systemd/resolv.conf
|
|
dest: "{{chroot}}/etc/resolv.conf"
|
|
state: link
|
|
force: true
|
|
when:
|
|
- (chroot == "")
|
|
|
|
- name: enable DNS service
|
|
file:
|
|
src: /usr/lib/systemd/system/systemd-resolved.service
|
|
dest: "{{chroot}}/etc/systemd/system/multi-user.target.wants/systemd-resolved.service"
|
|
state: link
|
|
|
|
- name: start DNS
|
|
systemd:
|
|
daemon_reload: true
|
|
name: systemd-resolved.service
|
|
state: restarted
|
|
when:
|
|
- (chroot == "")
|
|
- DNS.changed
|
|
|
|
#
|
|
# https://wiki.archlinux.org/index.php/General_recommendations
|
|
#
|
|
|
|
# Printing
|
|
|
|
- name: set default paper size
|
|
copy:
|
|
content: |
|
|
{{default_papersize}}
|
|
dest: /etc/papersize
|
|
mode: 0644
|
|
|
|
### UPSTREAM END ⇒ ###
|
|
- name: merge local settings
|
|
include_role: name=etckeeper.inc allow_duplicates=true tasks_from=merge.yml
|
|
vars:
|
|
msg: local settings
|
|
### ⇐ UPSTREAM END ###
|
|
|
|
# Pacman mirrors (after init)
|
|
- name: enable the chosen Pacman mirrors
|
|
replace:
|
|
path: "{{chroot}}/etc/pacman.d/mirrorlist"
|
|
regexp: "^#(.*//(?:{{software_mirrors | regex_escape() | replace('\\ ', '|')}})/.*)$"
|
|
replace: '\1'
|
|
|
|
- name: disable other Pacman mirrors
|
|
replace:
|
|
path: "{{chroot}}/etc/pacman.d/mirrorlist"
|
|
regexp: "^([^#](?:(?!//(?:{{software_mirrors | regex_escape() | replace('\\ ', '|')}})/).)*)$"
|
|
replace: '#\1'
|
|
|
|
### LOCAL COMMIT ⇒ ###
|
|
- name: commit local changes
|
|
include_role: name=etckeeper.inc allow_duplicates=true tasks_from=local.yml
|
|
vars:
|
|
msg: pacman mirrors (after init)
|
|
### ⇐ LOCAL COMMIT ###
|