Fix #13 As an operator openzfs root filesystem + zpool may be bootstrapped with fedora after ipxe without any manual intervention

build-alpine-netboot-zfs.sh

@@ -52,7 +52,7 @@ EOFINNER
 cat ./scripts/mkimg.zfsnetboot.sh
 echo Running mkimage.sh
 mkdir -p ~/iso
-./scripts/mkimage.sh --outdir ~/iso --arch x86_64 --repository http://dl-cdn.alpinelinux.org/alpine/edge/main --profile zfsnetboot
+./scripts/mkimage.sh --outdir ~/iso --arch x86_64 --repository https://dl-cdn.alpinelinux.org/alpine/v3.20/main --profile zfsnetboot
 EOF
 
 

src/playbooks/group_vars/all.yml

@@ -0,0 +1,63 @@
+---
+alpine_version: v3.20
+ipxe_become_user: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          36633863656665663236643161393765316436363034393433353435346564373232396633353834
+          6538356530336435393431373830366136323930323234350a373335383436313264346166333266
+          35313433393062303663396662656534656135366337326166636161613436366265363461343435
+          3638366166646439350a326230333731643365333863613132343235636338313632363662643536
+          3933
+
+# e.g. /var/www/boot.example.co.uk/boot.txt
+ipxe_bootstrap_servers_boot_txt_full_path: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          33623532656535383966653632633336636261636638333738373631663330386361613135356239
+          3865386563343265363130373664383630613132383033380a343030616538653661363734376130
+          33656233666462666134643036653531386163666466613561663432653862373636323936393533
+          6262303530366231640a323936346131666537346536666339373532373039376635333731666132
+          39313833663361353039353265336137656633353061633432326337613232313936346163663034
+          63306131386266323630353137666637613665386237336636393937383962373061623135316162
+          623466346566323230663562653030656563
+
+ipxe_public_net_interface_ipv4_address: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          33316331313532646333383739323763646562653466336431343764363330636639613365373437
+          6538323061343132343830383066643439646431316163640a633462353437666433313833343134
+          37326266393036343731636130646466623661626561306331396635396534666464666136646163
+          6563636361343834340a643739346161663165356239623332643136333133323635306332326365
+          3564
+
+# e.g. 255.255.255.240
+ipxe_public_net_interface_ipv4_netmask: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          37653532633061316237663064643766626138333638623763396232643133646232333862333835
+          3437393932663834646133663430653365393864326237350a663862363862616437326661396538
+          38303132313165323731393830386230376636646663336566323163386136303561353966333461
+          3237346637633936320a393732656661306433346263643362316237313765353431303364326262
+          3564
+
+ipxe_public_net_interface_ipv4_gateway: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          31623738636662376333383362303864363831363931303033326637356231316232386263303639
+          6634623230353766316238663638376131313738303430610a353336346665343161353661393034
+          63613132626662326535663462336131636262613562336233646362346263363135663835663336
+          3230663631653438390a333431383463653930633461346361363132323735343637366332646462
+          3032
+
+ipxe_public_net_interface_ipv4_dns_address: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          64343133396265396666323633636539356634613032336137356232656637613131313638643733
+          3831323431666533393065326336353463366462626462660a643363663439623134323535363933
+          39376665323962323633366362613335613135353535646635363565653636623766323836343365
+          3963316265313566390a656533363363396630653164386531616236623337633139656132643733
+          6334
+
+# e.g. https://boot.karmacomputing.co.uk/key.pub
+ipxe_ssh_public_key_hosted_web_address_full_path_to_key_dot_pub: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          38383033363839623435346534386265643534313264636334386339663532396263396530643234
+          6231616664376366376465346537306235346136303536310a386530326333353664373165666166
+          62353964313436626638393639393032343639616564663963303261363934663433643839616437
+          3031383439353134310a366362353630393534313932346236643632663962343732313536343762
+          30643130343735393637333266313935623363396339346233616336383135353038313131373835
+          6336613639366538623835386636356661383938373533353664

src/playbooks/ipxe_bootstrap_servers.yaml

@@ -0,0 +1,24 @@
+---
+#
+# Bootstrap physical server from factory reset to booted
+#
+# - Install OpenZFS boot & root across first two disks
+#
+- hosts: ipxe_bootstrap_servers
+  become: true
+  become_user: "{{ ipxe_become_user }}"
+  gather_facts: false
+  tasks:
+  - name: Debug
+    ansible.builtin.debug:
+      msg: "Running servers playbook"
+
+  - name: "Template {{ ipxe_bootstrap_servers_boot_txt_full_path }}"
+    ansible.builtin.template:
+      src: ipxe/boot.txt.j2
+      dest: "{{ ipxe_bootstrap_servers_boot_txt_full_path }}"
+      owner: "{{ ipxe_become_user }}"
+      group: "{{ ipxe_become_user }}"
+      mode: '0644'
+    tags:
+    - boot_txt

src/playbooks/servers.yaml

@@ -41,8 +41,15 @@
     tags:
     - network
 
-  - name: Set up apk-repo
-    command: setup-apkrepos -f
+  - name: Template /etc/apk/repositories
+    ansible.builtin.template:
+      src: etc/apk/repositories
+      dest: /etc/apk/repositories
+      owner: root
+      group: root
+      mode: '0644'
+    tags:
+    - repositories
 
   # - name: Template ~/.vimrc
   #   ansible.builtin.template:
@@ -73,7 +80,7 @@
     - network
 
   - apk:
-      name: eudev,lsblk,sgdisk,jq,wipefs
+      name: zfs,eudev,lsblk,sgdisk,jq,wipefs
       update_cache: yes
     tags:
     - packages
@@ -105,4 +112,6 @@
     - scripts
 
   - name: Disable swap during play
-    command: swapoff --all
+    command: swapoff -a
+    tags:
+    - swapoff