diff --git a/installbox6.yml b/installbox6.yml new file mode 100644 index 0000000..dc66943 --- /dev/null +++ b/installbox6.yml @@ -0,0 +1,36 @@ +--- +## This playbook deploys the installbox6. Add 'hostname=XXX' and +## 'domain=YYY' to the installer boot parameters to set hostname and +## domain. + +## FIXME: works only on bookworm (kea-dhcp6, atftpd) + +- name: apply configuration to the installbox6 + hosts: all + remote_user: ansible + become: true + + vars: + ## This interface provides the default route: + if_lan: "{{ ansible_default_ipv4.interface }}" + prefix: '2001:db8:b001::/64' + + ## Find the IPv6 address: FIXME: not needed anymore? + ipv6_lan: "{{ prefix | ipaddr('address') | slaac(ansible_default_ipv4.macaddress) }}" + + di_dist: "{{ ansible_distribution_release }}" + di_version: 11 # "{{ ansible_distribution_major_version }}" + di_pkg: "debian-installer-{{ di_version }}-netboot-amd64" + + extra_pkgs: [binutils] # FIXME: missing dependency in di-netboot-assistant + + ansible_user: ansible + repo_dir: "/home/{{ ansible_user }}/debian-lan" + ansible_python_interpreter: "/usr/bin/python3" ## needed for firewalld module + + roles: + - up2date_debian + - dhcp6radvdatftpd + - netbootinstaller + - aptcacher + - prepare4clients diff --git a/roles/dhcp6radvdatftp/handlers/main.yml b/roles/dhcp6radvdatftp/handlers/main.yml new file mode 100644 index 0000000..897fb0d --- /dev/null +++ b/roles/dhcp6radvdatftp/handlers/main.yml @@ -0,0 +1,20 @@ +--- +- name: restart radvd + systemd: + name: radvd.service + state: restarted + enabled: true + listen: restart radvd + +- name: restart kea-dhcp6-server + systemd: + name: kea-dhcp6-server.service + state: restarted + enabled: true + listen: restart kea-dhcp6-server + +- name: restart network interfaces + systemd: + name: networking + state: restarted + listen: reconfigure network diff --git a/roles/dhcp6radvdatftp/tasks/main.yml b/roles/dhcp6radvdatftp/tasks/main.yml new file mode 100644 index 0000000..17ecd17 --- /dev/null +++ b/roles/dhcp6radvdatftp/tasks/main.yml @@ -0,0 +1,39 @@ +## DHCPv6, RAs and TFTP +--- +- name: preseed aftpd + debconf: + name: atftpd + question: atftpd/basedir + value: /var/lib/tftpboot + vtype: string + +- name: install di-netboot-assistant and installer package + apt: + name: + - kea-dhcp6-server + - radvd + - atftpd + state: latest # noqa package-latest + +- name: configure radvd + template: + src: radvd.conf.j2 + dest: /etc/radvd.conf + mode: 0644 + notify: restart radvd + +- name: configure kea-dhcp-server + template: + src: kea-dhcp6.conf.j2 + dest: /etc/kea/kea-dhcp6.conf + mode: 0644 + notify: restart kea-dhcp6-server + +- name: set IPv6 address on interface + blockinfile: + path: /etc/network/interfaces + block: | + allow-hotplug {{ if_lan }} + iface {{ if_lan }} inet6 static + address 2001:db8:b001::1/64 + notify: reconfigure network diff --git a/roles/dhcp6radvdatftp/templates/kea-dhcp6.conf.j2 b/roles/dhcp6radvdatftp/templates/kea-dhcp6.conf.j2 new file mode 100644 index 0000000..305bde1 --- /dev/null +++ b/roles/dhcp6radvdatftp/templates/kea-dhcp6.conf.j2 @@ -0,0 +1,20 @@ +{ + "Dhcp6": { + "interfaces-config": { + "interfaces": [ "{{ if_lan }}" ] + }, + "option-data": [ + { + "name": "bootfile-url", + "data": "tftp://[2001:db8:b001::1]/d-i/n-a/grubx64.efi" + } + ], + "subnet6": [ + { + "subnet": "2001:db8:b001::/64", + "pools": [ { "pool": "2001:db8:b001::2 - 2001:db8:b001::ffff" } ], + "interface": "enp1s0" + } + ] + } +} diff --git a/roles/dhcp6radvdatftp/templates/radvd.conf.j2 b/roles/dhcp6radvdatftp/templates/radvd.conf.j2 new file mode 100644 index 0000000..2d52dc2 --- /dev/null +++ b/roles/dhcp6radvdatftp/templates/radvd.conf.j2 @@ -0,0 +1,10 @@ +interface {{ if_lan }} +{ + AdvSendAdvert on; + AdvManagedFlag on; + AdvOtherConfigFlag on; + + prefix {{ prefix }} + { + }; +};