Implement livebox.
This commit is contained in:
Andreas B. Mundt
Andreas B. Mundt
parent
d7d767fea9
commit
de2a473cde
5 changed files with 190 additions and 3 deletions
67
livebox.yml
Normal file
67
livebox.yml
Normal file
|
|
@ -0,0 +1,67 @@
|
|||
## This playbook deploys the LiveBox.
|
||||
##
|
||||
## The LiveBox provides Debian Live and Installer images on top
|
||||
## of an already existing network with minimal modifications to
|
||||
## existing infrastructure. It does not provide DHCP; the idea
|
||||
## is to chainload the LiveBox' menu (iPXE or Grub) from PXE
|
||||
## infrastructure already in place.
|
||||
##
|
||||
## To chainload the LiveBox in iPXE use:
|
||||
## > item livebox Chainload Menu from LiveBox
|
||||
## > …
|
||||
## > :livebox chain tftp://livebox.lan/d-i/n-a/menu.ipxe
|
||||
##
|
||||
## To chainload the LiveBox in Grub use:
|
||||
## > menuentry 'Chainload Menu from LiveBox' {
|
||||
## > configfile (tftp,livebox.lan)/d-i/n-a/grub/grub.cfg
|
||||
## > }
|
||||
---
|
||||
- name: apply configuration to the livebox
|
||||
hosts: all
|
||||
remote_user: ansible
|
||||
become: true
|
||||
|
||||
vars:
|
||||
extra_pkgs:
|
||||
- lighttpd
|
||||
- nfs-kernel-server
|
||||
extra_pkgs_bpo:
|
||||
- atftpd
|
||||
- di-netboot-assistant
|
||||
|
||||
live_images:
|
||||
- iso: 'debian-live-11.3.0-amd64-gnome+nonfree.iso'
|
||||
name: 'gnome'
|
||||
- iso: 'debian-live-11.3.0-amd64-kde+nonfree.iso'
|
||||
name: 'kde'
|
||||
- iso: 'debian-live-11.3.0-amd64-standard+nonfree.iso'
|
||||
name: 'standard-cli'
|
||||
live_url: 'https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/11.3.0-live+nonfree/amd64/iso-hybrid/'
|
||||
di_dist: "{{ ansible_distribution_release }}"
|
||||
di_version: "{{ ansible_distribution_major_version }}"
|
||||
di_pkg: "debian-installer-{{ di_version }}-netboot-amd64"
|
||||
boot_params:
|
||||
- boot=live
|
||||
- netboot=nfs
|
||||
- components
|
||||
- locales=de_DE.UTF-8
|
||||
- keyboard-layouts=de
|
||||
- quiet
|
||||
- splash
|
||||
# - noroot
|
||||
|
||||
ansible_python_interpreter: "/usr/bin/python3"
|
||||
|
||||
pre_tasks:
|
||||
- name: preseed atftpd
|
||||
debconf:
|
||||
name: atftpd
|
||||
question: atftpd/basedir
|
||||
value: /var/lib/tftpboot
|
||||
vtype: string
|
||||
|
||||
roles:
|
||||
- up2date_debian
|
||||
- netbootinstaller
|
||||
- aptcacher
|
||||
- debianlive
|
||||
|
|
@ -23,6 +23,10 @@
|
|||
replace: 'd-i mirror/http/proxy string http://{{ ansible_hostname }}:3142/'
|
||||
when: preseedcfg.stat.exists
|
||||
|
||||
- name: test if firewalld is available
|
||||
stat: path=/usr/sbin/firewalld
|
||||
register: firewalld
|
||||
|
||||
- name: allow apt-cacher-ng service in firewalld
|
||||
firewalld:
|
||||
zone: internal
|
||||
|
|
@ -30,11 +34,11 @@
|
|||
permanent: true
|
||||
immediate: true
|
||||
state: enabled
|
||||
when: not run_in_installer|default(false)|bool
|
||||
when: not run_in_installer|default(false)|bool and firewalld.stat.exists
|
||||
|
||||
- name: allow apt-cacher-ng service in firewalld, offline
|
||||
command: "firewall-offline-cmd --zone=internal --add-port=3142/tcp"
|
||||
when: run_in_installer|default(false)|bool
|
||||
when: run_in_installer|default(false)|bool and firewalld.stat.exists
|
||||
|
||||
- name: flush handler to make apt-cacher available
|
||||
meta: flush_handlers
|
||||
|
|
|
|||
10
roles/debianlive/handlers/main.yml
Normal file
10
roles/debianlive/handlers/main.yml
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
- name: rebuild di-netboot assistant menu
|
||||
command:
|
||||
cmd: di-netboot-assistant rebuild-menu
|
||||
listen: rebuild di-netboot menu
|
||||
|
||||
- name: export nfs
|
||||
command:
|
||||
cmd: exportfs -ra
|
||||
listen: export nfs
|
||||
106
roles/debianlive/tasks/main.yml
Normal file
106
roles/debianlive/tasks/main.yml
Normal file
|
|
@ -0,0 +1,106 @@
|
|||
---
|
||||
- name: download debian-live images
|
||||
get_url:
|
||||
url: "{{ live_url }}{{ item.iso }}"
|
||||
dest: "/var/cache/di-netboot-assistant/{{ item.iso }}"
|
||||
checksum: "sha256:{{ live_url }}/SHA256SUMS"
|
||||
loop:
|
||||
"{{ live_images }}"
|
||||
|
||||
- name: prepare live image directory
|
||||
file:
|
||||
path: "/var/lib/tftpboot/d-i/n-live/{{ item.name }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
loop:
|
||||
"{{ live_images }}"
|
||||
|
||||
- name: loop mount iso images
|
||||
mount:
|
||||
path: "/var/lib/tftpboot/d-i/n-live/{{ item.name }}"
|
||||
src: "/var/cache/di-netboot-assistant/{{ item.iso }}"
|
||||
fstype: iso9660
|
||||
opts: loop,ro,nofail
|
||||
state: mounted
|
||||
loop:
|
||||
"{{ live_images }}"
|
||||
notify: rebuild di-netboot menu
|
||||
|
||||
- name: prepare http downloads
|
||||
file:
|
||||
src: "/var/lib/tftpboot/d-i/"
|
||||
dest: "/var/www/html/d-i"
|
||||
state: link
|
||||
|
||||
- name: export live image squashfs
|
||||
lineinfile:
|
||||
path: /etc/exports
|
||||
line: "/var/lib/tftpboot/d-i/n-live/ *(ro,crossmnt,no_subtree_check)"
|
||||
notify: export nfs
|
||||
|
||||
- name: configure ipxe boot menu address
|
||||
replace:
|
||||
path: /etc/di-netboot-assistant/ipxemenu.HEAD
|
||||
regexp: '^(set 210:string tftp://\${next-server}/)$'
|
||||
replace: '#\1\nset 210:string http://{{ ansible_default_ipv4.address }}/'
|
||||
notify: rebuild di-netboot menu
|
||||
|
||||
- name: configure grub boot menu addresses
|
||||
lineinfile:
|
||||
path: /etc/di-netboot-assistant/grub.cfg.HEAD
|
||||
line: "{{ item }}"
|
||||
loop:
|
||||
- "set root=(http,{{ ansible_default_ipv4.address }})"
|
||||
- "set pxe_default_server={{ ansible_default_ipv4.address }}"
|
||||
notify: rebuild di-netboot menu
|
||||
|
||||
- name: prepare debian live nfs boot entry title
|
||||
lineinfile:
|
||||
path: /etc/di-netboot-assistant/ipxemenu.HEAD
|
||||
insertafter: '^menu iPXE Boot Menu'
|
||||
line: "item {{ item.name }} Debian GNU/Linux {{ item.name }} NFS"
|
||||
loop:
|
||||
"{{ live_images }}"
|
||||
notify: rebuild di-netboot menu
|
||||
|
||||
- name: find kernel version
|
||||
shell:
|
||||
cmd: >-
|
||||
basename /var/lib/tftpboot/d-i/n-live/{{ item.name }}/live/vmlinuz*
|
||||
| sed "s/vmlinuz-//"
|
||||
register: images
|
||||
changed_when: false
|
||||
loop:
|
||||
"{{ live_images }}"
|
||||
|
||||
- name: prepare debian live boot loader ipxe
|
||||
blockinfile:
|
||||
path: /etc/di-netboot-assistant/ipxemenu.HEAD
|
||||
marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.name }}"
|
||||
block: |
|
||||
:{{ item.item.name }}
|
||||
echo Booting Debian GNU/Linux {{ item.item.name }}
|
||||
kernel ${210:string}d-i/n-live/{{ item.item.name }}/live/vmlinuz-{{ item.stdout }} \
|
||||
initrd=initrd.img-5.10.0-13-amd64 {{ boot_params|join(' ') }} \
|
||||
nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.name }}/
|
||||
initrd ${210:string}d-i/n-live/{{ item.item.name }}/live/initrd.img-{{ item.stdout }}
|
||||
boot
|
||||
loop:
|
||||
"{{ images.results }}"
|
||||
notify: rebuild di-netboot menu
|
||||
|
||||
- name: prepare debian live boot loader grub
|
||||
blockinfile:
|
||||
path: /etc/di-netboot-assistant/grub.cfg.HEAD
|
||||
insertbefore: "^menuentry 'Boot from local disk..'"
|
||||
marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.item.name }}"
|
||||
block: |
|
||||
menuentry 'Debian GNU/Linux Live {{ item.item.name }}' {
|
||||
linux (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item.item.name }}/live/vmlinuz-{{ item.stdout }} \
|
||||
{{ boot_params|join(' ') }} \
|
||||
nfsroot={{ ansible_default_ipv4.address }}:/var/lib/tftpboot/d-i/n-live/{{ item.item.name }}/
|
||||
initrd (http,{{ ansible_default_ipv4.address }})/d-i/n-live/{{ item.item.name }}/live/initrd.img-{{ item.stdout }}
|
||||
}
|
||||
loop:
|
||||
"{{ images.results }}"
|
||||
notify: rebuild di-netboot menu
|
||||
|
|
@ -89,7 +89,7 @@
|
|||
before: '\[.+\]'
|
||||
notify: restart smbd
|
||||
|
||||
- name: make smb homes writable
|
||||
- name: modify samba default create mask
|
||||
replace:
|
||||
path: /etc/samba/smb.conf
|
||||
regexp: '^(\s*create mask =) 0700'
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue