diff --git a/build-alpine-netboot-zfs.sh b/build-alpine-netboot-zfs.sh index ce6cbd5..cd6801e 100644 --- a/build-alpine-netboot-zfs.sh +++ b/build-alpine-netboot-zfs.sh @@ -52,7 +52,7 @@ EOFINNER cat ./scripts/mkimg.zfsnetboot.sh echo Running mkimage.sh mkdir -p ~/iso -./scripts/mkimage.sh --outdir ~/iso --arch x86_64 --repository http://dl-cdn.alpinelinux.org/alpine/edge/main --profile zfsnetboot +./scripts/mkimage.sh --outdir ~/iso --arch x86_64 --repository https://dl-cdn.alpinelinux.org/alpine/v3.20/main --profile zfsnetboot EOF diff --git a/src/playbooks/group_vars/all.yml b/src/playbooks/group_vars/all.yml new file mode 100644 index 0000000..cd68a4d --- /dev/null +++ b/src/playbooks/group_vars/all.yml @@ -0,0 +1,63 @@ +--- +alpine_version: v3.20 +ipxe_become_user: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 36633863656665663236643161393765316436363034393433353435346564373232396633353834 + 6538356530336435393431373830366136323930323234350a373335383436313264346166333266 + 35313433393062303663396662656534656135366337326166636161613436366265363461343435 + 3638366166646439350a326230333731643365333863613132343235636338313632363662643536 + 3933 + +# e.g. /var/www/boot.example.co.uk/boot.txt +ipxe_bootstrap_servers_boot_txt_full_path: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 33623532656535383966653632633336636261636638333738373631663330386361613135356239 + 3865386563343265363130373664383630613132383033380a343030616538653661363734376130 + 33656233666462666134643036653531386163666466613561663432653862373636323936393533 + 6262303530366231640a323936346131666537346536666339373532373039376635333731666132 + 39313833663361353039353265336137656633353061633432326337613232313936346163663034 + 63306131386266323630353137666637613665386237336636393937383962373061623135316162 + 623466346566323230663562653030656563 + +ipxe_public_net_interface_ipv4_address: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 33316331313532646333383739323763646562653466336431343764363330636639613365373437 + 6538323061343132343830383066643439646431316163640a633462353437666433313833343134 + 37326266393036343731636130646466623661626561306331396635396534666464666136646163 + 6563636361343834340a643739346161663165356239623332643136333133323635306332326365 + 3564 + +# e.g. 255.255.255.240 +ipxe_public_net_interface_ipv4_netmask: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 37653532633061316237663064643766626138333638623763396232643133646232333862333835 + 3437393932663834646133663430653365393864326237350a663862363862616437326661396538 + 38303132313165323731393830386230376636646663336566323163386136303561353966333461 + 3237346637633936320a393732656661306433346263643362316237313765353431303364326262 + 3564 + +ipxe_public_net_interface_ipv4_gateway: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 31623738636662376333383362303864363831363931303033326637356231316232386263303639 + 6634623230353766316238663638376131313738303430610a353336346665343161353661393034 + 63613132626662326535663462336131636262613562336233646362346263363135663835663336 + 3230663631653438390a333431383463653930633461346361363132323735343637366332646462 + 3032 + +ipxe_public_net_interface_ipv4_dns_address: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 64343133396265396666323633636539356634613032336137356232656637613131313638643733 + 3831323431666533393065326336353463366462626462660a643363663439623134323535363933 + 39376665323962323633366362613335613135353535646635363565653636623766323836343365 + 3963316265313566390a656533363363396630653164386531616236623337633139656132643733 + 6334 + +# e.g. https://boot.karmacomputing.co.uk/key.pub +ipxe_ssh_public_key_hosted_web_address_full_path_to_key_dot_pub: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 38383033363839623435346534386265643534313264636334386339663532396263396530643234 + 6231616664376366376465346537306235346136303536310a386530326333353664373165666166 + 62353964313436626638393639393032343639616564663963303261363934663433643839616437 + 3031383439353134310a366362353630393534313932346236643632663962343732313536343762 + 30643130343735393637333266313935623363396339346233616336383135353038313131373835 + 6336613639366538623835386636356661383938373533353664 \ No newline at end of file diff --git a/src/playbooks/ipxe_bootstrap_servers.yaml b/src/playbooks/ipxe_bootstrap_servers.yaml new file mode 100644 index 0000000..ab7b9ab --- /dev/null +++ b/src/playbooks/ipxe_bootstrap_servers.yaml @@ -0,0 +1,24 @@ +--- +# +# Bootstrap physical server from factory reset to booted +# +# - Install OpenZFS boot & root across first two disks +# +- hosts: ipxe_bootstrap_servers + become: true + become_user: "{{ ipxe_become_user }}" + gather_facts: false + tasks: + - name: Debug + ansible.builtin.debug: + msg: "Running servers playbook" + + - name: "Template {{ ipxe_bootstrap_servers_boot_txt_full_path }}" + ansible.builtin.template: + src: ipxe/boot.txt.j2 + dest: "{{ ipxe_bootstrap_servers_boot_txt_full_path }}" + owner: "{{ ipxe_become_user }}" + group: "{{ ipxe_become_user }}" + mode: '0644' + tags: + - boot_txt \ No newline at end of file diff --git a/src/playbooks/servers.yaml b/src/playbooks/servers.yaml index c0ce492..c9afa28 100644 --- a/src/playbooks/servers.yaml +++ b/src/playbooks/servers.yaml @@ -41,8 +41,15 @@ tags: - network - - name: Set up apk-repo - command: setup-apkrepos -f + - name: Template /etc/apk/repositories + ansible.builtin.template: + src: etc/apk/repositories + dest: /etc/apk/repositories + owner: root + group: root + mode: '0644' + tags: + - repositories # - name: Template ~/.vimrc # ansible.builtin.template: @@ -73,7 +80,7 @@ - network - apk: - name: eudev,lsblk,sgdisk,jq,wipefs + name: zfs,eudev,lsblk,sgdisk,jq,wipefs update_cache: yes tags: - packages @@ -105,4 +112,6 @@ - scripts - name: Disable swap during play - command: swapoff --all + command: swapoff -a + tags: + - swapoff