Update/fix 'installbox' configuration.

installbox.yml

@@ -2,18 +2,24 @@
 # This playbook deploys the installbox on a minimal installation.
 
 - name: apply configuration to the installbox
-  hosts: installboxes
+  hosts: all
   remote_user: ansible
   become: yes
   vars:
-    hostname: installbox
+    if_lan: ""           #  ← interface name here, like:  ens3 or enp2s0"
-    di_dist: "stretch"
-    if_lan: "ens8"
     if_wan: "{{ ansible_default_ipv4.interface }}"
+    hostname: "{{ ansible_hostname }}"
     ipaddr_lan: 192.168.0.10
     dhcp_range: 192.168.0.50,192.168.0.150,2h
     tftp_root: "/var/lib/tftpboot"
-    deb_mirror: "ftp-stud.hs-esslingen.de"
+    deb_mirror: "ftp.debian.org"
+    di_dist: "stretch"
+
+  pre_tasks:
+    - name: validate if interface is available
+      fail:
+        msg: "Interface {{ if_lan }} does not exist or is already used."
+      when: if_lan not in ansible_interfaces or if_lan == if_wan
 
   roles:
     - up2date-debian

roles/dhcp-dns-dnsmasq/tasks/main.yml

@@ -1,4 +1,4 @@
-- name: install dns-firewall packages
+- name: install dnsmasq package
   apt:
     name: dnsmasq
     state: latest

roles/preseed-installer/tasks/main.yml

@@ -4,24 +4,36 @@
     state: directory
 
 - name: provide preseed file
-  template:
+  copy:
-    src: preseed.cfg
+    src: /usr/share/doc/di-netboot-assistant/examples/preseed.cfg
     dest: "{{ tftp_root }}/d-i/{{ di_dist }}"
+    force: no
 
-- name: make installbox resolvable in /etc/hosts from LAN
+- name: make the hostname resolvable from the LAN
   replace:
     dest: /etc/hosts
-    regexp: '(127.0.1.1\s+)installbox'
+    regexp: '(127.0.1.1\s+){{ hostname }}'
-    replace: '\1localhost\n{{ ipaddr_lan }}	installbox'
+    replace: '\1localhost\n{{ ipaddr_lan }}	{{ hostname }}'
 
-- name: add auto boot entry to di-netboot-assistant
+- name: add auto pxe boot entry to di-netboot-assistant
   blockinfile:
     dest: /etc/di-netboot-assistant/pxelinux.HEAD
     insertbefore: EOF
     block: |
-      LABEL quick
-      MENU LABEL Debian Installer ({{ di_dist }} ; amd64 + Preseed)
-      kernel ::/di-netboot-pkg/images/9/amd64/text/debian-installer/amd64/linux
-      append initrd=::/di-netboot-pkg/images/9/amd64/text/debian-installer/amd64/initrd.gz auto=true priority=critical url=tftp://installbox
       TIMEOUT 100
+      LABEL autoinstall
+         MENU LABEL Debian {{ di_dist }} (amd64) + preseed
+         kernel ::/d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/linux
+         append initrd=::/d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/initrd.gz --- auto=true priority=critical url=tftp://{{ hostname }}
+  notify: "rebuild di-netboot-assistant menu"
+
+- name: add auto efi boot entry to di-netboot-assistant
+  blockinfile:
+    dest: /etc/di-netboot-assistant/grub.cfg.HEAD
+    insertbefore: EOF
+    block: |
+      menuentry 'Debian stable (amd64) + preseed' {
+         linux   /d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/linux --- auto=true priority=critical url=tftp://{{ hostname }}
+         initrd  /d-i/n-pkg/images/9/amd64/text/debian-installer/amd64/initrd.gz
+      }
   notify: "rebuild di-netboot-assistant menu"

roles/tftp-netboot-installer/handlers/main.yml

@@ -1,3 +1,6 @@
 - name: rebuild di-netboot-assistant menu
-  command: di-netboot-assistant rebuild-menu
+  command: "{{ item }}"
+  with_items:
+    - di-netboot-assistant rebuild-menu
+    - di-netboot-assistant rebuild-grub
   listen: rebuild di-netboot-assistant menu

roles/tftp-netboot-installer/tasks/main.yml

@@ -1,12 +1,23 @@
-- name: install tftp-netboot-installer packages
+- name: add stretch-backports
+  apt_repository:
+    repo: deb http://deb.debian.org/debian/ stretch-backports main
+    state: present
+
+- name: install di-netboot-assistant from backports
   apt:
     name:
       - di-netboot-assistant
+    default_release: stretch-backports
+    update_cache: yes
+
+- name: add installer package
+  apt:
+    name:
       - debian-installer-9-netboot-amd64
 
 - name: bind mount images
   mount:
-    name: "{{ tftp_root }}/di-netboot-pkg/"
+    path: "{{ tftp_root }}/d-i/n-pkg/"
     src: /usr/lib/debian-installer/
     fstype: none
     opts: bind
@@ -14,6 +25,8 @@
     state: present
   register: fstab
 
+- file: path="{{ tftp_root }}/d-i/n-pkg/" state=directory recurse=yes
+
 - name: Reload fstab
   command: mount -a
   when: fstab.changed

roles/tftp-netboot-installer/templates/dnsmasq-tftp-netboot-installer.j2

@@ -1,5 +1,5 @@
 enable-tftp
 tftp-root={{ tftp_root }}
-dhcp-boot=debian-installer/pxelinux.0
+dhcp-boot=d-i/n-a/pxelinux.0
 dhcp-match=set:efi-x86_64,option:client-arch,7
-dhcp-boot=tag:efi-x86_64,debian-installer/bootnetx64.efi
+dhcp-boot=tag:efi-x86_64,d-i/n-a/bootnetx64.efi

roles/two-interface-shorewall/tasks/main.yml

@@ -2,12 +2,6 @@
   template:
     src: interfaces-static.j2
     dest: /etc/network/interfaces.d/static
-
-- name: make if_wan auto start
-  lineinfile:
-    dest: /etc/network/interfaces
-    line: "auto {{ if_wan }}"
-    insertbefore: "iface\\s+{{ if_wan }}\\s+inet\\s+dhcp"
   notify: restart networking
 
 - name: install shorewall packages