---# This role will provision an Arch system by logging into the running Arch

1. ---
2.  
3. # This role will provision an Arch system by logging into the running Arch install media
4. # and running raw commands through ssh. The Arch install media will not support running Ansible commands for some reason I dont quite grasp yet :p.
5.  
6. # After booting the Arch install media, set a root password via 'passwd', run 'dhcpcd' to get
7. #connected to the network, and run 'systemctl start sshd' to start the sshd server.
8.  
9. #Alternatively I would imagine you can add these things to your own custom Arch install ISO so it is already there.
10.  
11. #Also note that for the two scp commands to work, you have to have an ssh key in your ~/.ssh/ dir ,
12. # and you need to put your sshd_config file in the /files directory inside your role.
13.  
14. #variables are set in the playbook
15. #Im sure there is a lot I did wrong or could do better, Im new to Ansible
16.  
17. # Setting the password on the target system works with a hard coded password, but I cant get it to work as a variable
18. # the way Im doing it. I just commented it out since you can set the password after reboot anyways.
19.  
20. # I didnt add variables for the partition sizes and file system types yet, But I may eventually.
21.  
22.  
23.  
24. - name: Update the System Clock
25. raw: (timedatectl set-ntp true)
26.  
27. - name: Create partitions on /dev/sda
28. vars:
29. bash_cmd: |
30. sfdisk /dev/sda <<EOF
31. ,1G,L,*
32. ,2G,S
33. , ,L
34. EOF
35. raw: "{{bash_cmd}}"
36.  
37. - name: Format partition /dev/sda1
38. raw: (mkfs.ext4 -F /dev/sda1)
39.  
40. - name: Format partition /dev/sda3
41. raw: (mkfs.ext4 -F /dev/sda3)
42.  
43. - name: Create Swap space
44. raw: (mkswap -f /dev/sda2)
45.  
46. - name: Mount swap partition
47. raw: (swapon /dev/sda2)
48.  
49. - name: Mount the Root Filesystem on /mnt
50. raw: (mount /dev/sda3 /mnt)
51.  
52. - name: Create the /boot directory to mount the boot partition to
53. raw: (mkdir /mnt/boot)
54.  
55. - name: Mount /dev/sda1 (our boot partition) on the newly created /mnt/boot
56. raw: (mount /dev/sda1 /mnt/boot)
57.  
58. - name: Install base packages, and some python with pacstrap
59. raw: (pacstrap /mnt base python python2 grub openssh)
60.  
61. - name: Generate an fstab file (use -U or -L to define by UUID or labels, respectively)
62. raw: (genfstab -U /mnt >> /mnt/etc/fstab)
63.  
64. - name: Create the /root/.ssh directory
65. raw: (mkdir /mnt/root/.ssh)
66.  
67. # Local commands to copy files over since copy: or template: will not work
68. - name: scp the public key over from local host to remote
69. local_action: shell sshpass -p "{{temp_pass}}" scp {{pubkeys_path}}/{{ssh_key}} root@{{inventory_hostname}}:/mnt/root/.ssh/{{ssh_key}}
70. # with_items:
71. # - "{{ groups['arch_servers'] }}"
72.  
73. - name: scp the sshd_config file with settings for key auth
74. local_action: shell sshpass -p "{{temp_pass}}" scp "{{role_path}}/files/sshd_config" root@{{inventory_hostname}}:/mnt/etc/ssh/sshd_config
75. # with_items:
76. # - "{{ groups['arch_servers'] }}"
77.  
78. - name: cat the public key into the authorized_keys file
79. raw: (cat /mnt/root/.ssh/{{ssh_key}} >> /mnt/root/.ssh/authorized_keys)
80.  
81. # Beginning of chroot commands.
82. - name: Set time zone to New_York inside Chroot
83. raw: (arch-chroot /mnt ln -sf /usr/share/zoneinfo/{{timezone}} /etc/localtime)
84.  
85. - name: Run hwclock(8) to generate /etc/adjtime inside Chroot
86. raw: (arch-chroot /mnt hwclock --systohc)
87.  
88. - name: Add en_US.UTF-8 UTF-8 to the end of /etc/locale.gen inside Chroot
89. raw: (arch-chroot /mnt sh -c "echo {{locale_gen}} >> /etc/locale.gen")
90.  
91. - name: Generate them with locale-gen inside Chroot
92. raw: (arch-chroot /mnt locale-gen)
93.  
94. - name: Set the LANG variable in locale.conf(5) like LANG=en_US.UTF-8 inside Chroot
95. raw: (arch-chroot /mnt sh -c "echo {{locale_conf}} >> /etc/locale.conf")
96.  
97. - name: Create a unique suffix for each host in the inventory file
98. set_fact: hostname_suffix={{item.0 + 1}}
99. with_indexed_items: "{{ groups['arch_servers'] }}"
100. when: item.1 == "{{inventory_hostname}}"
101.  
102. - name: Create the hostname file inside Chroot
103. raw: (arch-chroot /mnt sh -c "echo {{base_hostname}}{{hostname_suffix}} > /etc/hostname")
104.  
105. - name: Add hostname and domain name in /etc/hosts inside Chroot
106. raw: (arch-chroot /mnt sh -c "echo 127.0.0.1 {{base_hostname}}{{hostname_suffix}}.{{domain_name}} {{base_hostname}}{{hostname_suffix}} >> /etc/hosts")
107.  
108. - name: Create a new hosts file with unique hostnames for each host
109. local_action: shell echo {{base_hostname}}{{hostname_suffix}}.{{domain_name}} >> ../hosts_with_names
110.  
111. - name: Enable the services inside Chroot
112. raw: (arch-chroot /mnt systemctl enable dhcpcd sshd systemd-networkd systemd-resolved)
113.  
114. #- name: Copy shadow file to /mnt/etc/shadow to retain root password
115. # raw: (cp -a /etc/shadow /mnt/etc/shadow)
116.  
117. #- name: Change the root pass on the Chroot
118. # vars:
119. # passwd_cmd: |
120. # arch-chroot /mnt passwd root <<EOF
121. # '{{temp_pass}}'
122. # '{{temp_pass}}'
123. # EOF
124. # raw: '{{passwd_cmd}}'
125.  
126. #- name: Fancy way of doing authorized_keys
127. # authorized_key: user=root
128. # exclusive=no
129. # key="{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
130.  
131. - name: Install GRUB bootloader on the /dev/sda MBR inside Chroot
132. raw: (arch-chroot /mnt grub-install --target=i386-pc /dev/sda)
133.  
134. - name: Generate the grub.cfg file in /boot/grb/grub.cfg inside Chroot
135. raw: (arch-chroot /mnt grub-mkconfig -o /boot/grub/grub.cfg)
136.  
137. - name: umount the /mnt directory and prepare for a reboot
138. raw: (umount -R /mnt)
139.  
140. - name: REBOOT!
141. raw: (reboot)