Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- foreman:
- auth:
- url: {{ foreman_yml_api_url }}
- user: {{ foreman_yml_api_username }}
- pass: {{ foreman_yml_api_password }}
- auth-source-ldap:
- - name: default
- host: {{ openldap_server_domain_name }}
- port: 389
- account: cn=Manager,{{ openldap_server_dc }}
- account-password: {{ vault_openldap_server_rootpw }}
- base-dn: {{ openldap_server_dc }}
- attr-login: uid
- attr-firstname: givenName
- attr-lastname: sn
- attr-mail: mail
- attr-photo:
- onthefly-register: true
- usergroup-sync: true
- tls: false
- groups-base: ou=groups,{{ openldap_server_dc }}
- ldap-filter:
- server-type: posix
- usergroups:
- - name: ldap-admin
- admin: true
- users:
- groups:
- - name: ldap-admin
- ext-usergroups:
- - name: admin
- auth-source-ldap: default
- roles:
- - name: admin
- setting:
- - name: safemode_render
- value: false
- - name: token_duration
- value: 1800
- - name: access_unattended_without_build
- value: true
- - name: update_ip_from_built_request
- value: true
- - name: use_shortname_for_vms
- value: true
- - name: trusted_puppetmaster_hosts
- value: "[{{ ansible_default_ipv4.address }}, 127.0.0.1]"
- #- name: remote_execution_ssh_user
- # value: root
- #- name: remote_execution_ssh_key
- # value: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDN318oRd1xXDF5N+1wJNlN9Z7ncTck6qTiG5W0VLmZqLpQP/EHXbWEz4YWbyQrUv4yZegVTTbfKGYhj2aqsDQVov0E/vfASriI/pT3Mu20Z2yG17FOH39zWre16jmPMQkTNaUMGXIFsQW58Sn6Pyo9j81VBjgzNdaw1fvx1sSIBM6SIqXlEm185L3vf0e0miKpK1abNQhqorSV5rfIHS6hqKQIH5Uq6wa/fhMpQ+DtoE7xJj0m2A65SC51yTaDrbqHDhAK+1q87nU7JYhUcVC+CxJ25hmVBo1H6RVhHohZG/+9YNWgNT8sHJbNsS9jL+OME184/tfBMtm0XjlbzU1v root@astrotrain
- smart-proxy:
- - name: Smart Proxy
- url: "http://{{ ansible_default_ipv4.address }}:8000"
- domain:
- - name: {{ ansible_domain }}
- fullname:
- dns-proxy:
- parameters:
- subnet:
- - name: default
- network: {{ ansible_default_ipv4.network }}
- mask: {{ ansible_default_ipv4.netmask }}
- gateway: {{ ansible_default_ipv4.gateway }}
- dns-primary: {{ ansible_dns.nameservers[0] | to_json }}
- dns-secondary:
- from:
- to:
- ipam: None
- vlanid: 10
- domain:
- - name: {{ ansible_domain }}
- dhcp-proxy:
- tftp-proxy: Smart Proxy
- dns-proxy:
- boot-mode: DHCP
- cleanup-architecture:
- - name: i386
- cleanup-medium:
- - name: CentOS mirror
- - name: CoreOS mirror
- - name: Debian mirror
- - name: Fedora mirror
- - name: FreeBSD mirror
- - name: OpenSUSE mirror
- - name: Ubuntu mirror
- cleanup-partition-table:
- - name: AutoYaST entire SCSI disk
- - name: AutoYaST entire virtual disk
- - name: AutoYaST LVM
- - name: CoreOS default fake
- - name: FreeBSD
- - name: Jumpstart default
- - name: Jumpstart mirrored
- - name: Junos default fake
- - name: Kickstart default
- - name: Preseed default
- - name: Preseed custom LVM
- architecture:
- - name: x86_64
- medium:
- - name: Ubuntu Mirror
- path: "http://archive.ubuntu.com/ubuntu"
- os-family: Debian
- partition-table:
- - name: Ubuntu Default
- layout: |
- <%#
- kind: ptable
- name: Preseed default LVM
- oses:
- - Debian
- - Ubuntu
- %>
- <%
- partitioning_method = @host.params['partitioning-method'] ? @host.params['partitioning-method'] : 'lvm'
- partitioning_recipe = @host.params['partitioning-recipe'] ? @host.params['partitioning-recipe'] : 'multi'
- partitioning_expert_recipe = @host.params['partitioning-expert-recipe'] ? @host.params['partitioning-expert-recipe'] : ''
- vg_name = @host.params['partitioning-vg-name'] ? @host.params['partitioning-vg-name'] : 'vg00'
- partitioning_filesystem = @host.params['partitioning-filesystem'] ? @host.params['partitioning-filesystem'] : ''
- -%>
- <% if @host.params['install-disk'] -%>
- d-i partman-auto/disk string <%= @host.params['install-disk'] %>
- <% else -%>
- # Use the first detected hard disk as default installation disk
- d-i partman/early_command string debconf-set partman-auto/disk "$(list-devices disk | head -n1)"
- <% end -%>
- ### Partitioning
- # The presently available methods are: "regular", "lvm" and "crypto"
- d-i partman-auto/method string <%= partitioning_method %>
- # If one of the disks that are going to be automatically partitioned
- # contains an old LVM configuration, the user will normally receive a
- # warning. This can be preseeded away...
- d-i partman-lvm/device_remove_lvm boolean true
- # The same applies to pre-existing software RAID array:
- d-i partman-md/device_remove_md boolean true
- # And the same goes for the confirmation to write the lvm partitions.
- d-i partman-lvm/confirm boolean true
- d-i partman-lvm/confirm_nooverwrite boolean true
- <% if partitioning_method == 'lvm' -%>
- # For LVM partitioning, you can select how much of the volume group to use
- # for logical volumes.
- d-i partman-auto-lvm/guided_size string max
- <% if vg_name != '' -%>
- d-i partman-auto-lvm/new_vg_name string <%= vg_name %>
- <% end -%>
- <% end -%>
- # You can choose one of the three predefined partitioning recipes:
- # - atomic: all files in one partition
- # - home: separate /home partition
- # - multi: separate /home, /var, and /tmp partitions (/usr was removed in jessie)
- d-i partman-auto/choose_recipe select <%= partitioning_recipe %>
- <% if partitioning_expert_recipe != '' -%>
- # Or provide a recipe of your own...
- # If you have a way to get a recipe file into the d-i environment, you can
- # just point at it.
- d-i partman-auto/expert_recipe string \
- <%= partitioning_expert_recipe.gsub(/$/, " \\") %>
- <% end -%>
- # If you just want to change the default filesystem to something
- # else, you can do that without providing a full recipe.
- <% if partitioning_filesystem != '' -%>
- d-i partman/default_filesystem string <%= partitioning_filesystem %>
- <% end -%>
- # This makes partman automatically partition without confirmation, provided
- # that you told it what to do using one of the methods above.
- d-i partman/confirm_write_new_label boolean true
- d-i partman/choose_partition select finish
- d-i partman/confirm boolean true
- d-i partman/confirm_nooverwrite boolean true
- snippet: false
- audit-comment: initial import
- locked: false
- os-family: Debian
- provisioning-template:
- - name: Ubuntu PXE
- template: |
- <%#
- kind: PXELinux
- name: Preseed default PXELinux
- oses:
- - Debian
- - Ubuntu
- %>
- #
- # This file was deployed via '<%= template_name %>' template
- #
- # Supported host/hostgroup parameters:
- #
- # blacklist = module1, module2
- # Blacklisted kernel modules
- #
- # lang = en_US
- # System locale
- #
- <%
- options = []
- if @host.params['blacklist']
- options << @host.params['blacklist'].split(',').collect{|x| "#{x.strip}.blacklist=yes"}.join(' ')
- end
- if @host.operatingsystem.name == 'Debian'
- options << "auto=true"
- options << "domain=#{@host.domain}"
- else
- options << 'console-setup/ask_detect=false console-setup/layout=USA console-setup/variant=USA keyboard-configuration/layoutcode=us localechooser/translation/warn-light=true localechooser/translation/warn-severe=true'
- end
- options << "locale=#{@host.params['lang'] || 'en_US'}"
- options = options.join(' ')
- -%>
- DEFAULT linux
- LABEL linux
- KERNEL <%= @kernel %>
- APPEND initrd=<%= @initrd %> interface=auto url=<%= foreman_url('provision')%> ramdisk_size=10800 root=/dev/rd/0 rw auto hostname=<%= @host.name %> <%= options %>
- IPAPPEND 2
- snippet: false
- audit-comment: initial import
- template-kind-id: 1
- template-combination-attribute:
- - hostgroup:
- environment:
- os:
- - name: Ubuntu 16.04 LTS
- locked: false
- - name: Ubuntu Preseed
- template: |
- <%#
- kind: provision
- name: Ubuntu Preseed
- oses:
- - Debian
- - Ubuntu
- %>
- <%
- proxy_string = @host.params['http-proxy'] ? " http://#{@host.params['http-proxy']}:#{@host.params['http-proxy-port']}" : ''
- salt_enabled = @host.params['salt_master'] ? true : false
- os_major = @host.operatingsystem.major.to_i
- squeeze_or_older = (@host.operatingsystem.name == 'Debian' && os_major <= 6)
- %>
- # Locale
- d-i debian-installer/locale string <%= @host.params['lang'] || 'en_US' %>
- # country and keyboard settings are automatic. Keep them ...
- # ... for wheezy and newer:
- d-i keyboard-configuration/xkb-keymap seen true
- <% if squeeze_or_older -%>
- # ... for squeeze and older:
- d-i console-keymaps-at/keymap seen true
- <% end -%>
- <% subnet = @host.subnet -%>
- <% if subnet.respond_to?(:dhcp_boot_mode?) -%>
- <% dhcp = subnet.dhcp_boot_mode? && !@static -%>
- <% else -%>
- <% dhcp = !@static -%>
- <% end -%>
- <% unless dhcp -%>
- # Static network configuration.
- d-i preseed/early_command string /bin/killall.sh; /bin/netcfg
- d-i netcfg/disable_autoconfig boolean true
- d-i netcfg/dhcp_failed note
- d-i netcfg/dhcp_options select Configure network manually
- d-i netcfg/disable_dhcp boolean true
- d-i netcfg/get_ipaddress string <%= @host.ip %>
- d-i netcfg/get_netmask string <%= subnet.mask %>
- d-i netcfg/get_nameservers string <%= [subnet.dns_primary,subnet.dns_secondary].reject{|n| n.blank?}.join(' ') %>
- d-i netcfg/get_gateway string <%= subnet.gateway %>
- d-i netcfg/confirm_static boolean true
- <% end -%>
- # Network configuration
- d-i netcfg/choose_interface select auto
- d-i netcfg/get_hostname string <%= @host %>
- d-i netcfg/get_domain string <%= @host.domain %>
- d-i netcfg/wireless_wep string
- d-i hw-detect/load_firmware boolean true
- <% if @host.param_true?('preseed-live-installer') -%>
- # Offline live-installer location
- d-i live-installer/net-image string http://<%= @preseed_server %><%= @preseed_path %>/install/filesystem.squashfs
- <% end -%>
- # Mirror settings
- d-i mirror/country string manual
- d-i mirror/http/hostname string <%= @preseed_server %>
- d-i mirror/http/directory string <%= @preseed_path %>
- d-i mirror/http/proxy string<%= proxy_string %>
- d-i mirror/codename string <%= @host.operatingsystem.release_name %>
- d-i mirror/suite string <%= @host.operatingsystem.release_name %>
- d-i mirror/udeb/suite string <%= @host.operatingsystem.release_name %>
- # Time settings
- d-i clock-setup/utc boolean true
- d-i time/zone string <%= @host.params['time-zone'] || 'UTC' %>
- # NTP
- d-i clock-setup/ntp boolean true
- d-i clock-setup/ntp-server string <%= @host.params['ntp-server'] || '0.debian.pool.ntp.org' %>
- # Set alignment for automatic partitioning
- # Choices: cylinder, minimal, optimal
- #d-i partman/alignment select cylinder
- <%= @host.diskLayout %>
- <% if @host.params['preseed-kernel-image'] -%>
- # Install different kernel
- d-i base-installer/kernel/image string <%= @host.params['preseed-kernel-image'] %>
- <% end %>
- # User settings
- d-i passwd/root-password-crypted password <%= root_pass %>
- user-setup-udeb passwd/root-login boolean true
- d-i passwd/make-user boolean false
- user-setup-udeb passwd/make-user boolean false
- <% repos = 0 %>
- <% if salt_enabled -%>
- <% salt_package = 'salt-minion' -%>
- <% if @host.param_true?('enable-saltstack-repo') -%>
- <% if @host.operatingsystem.name == 'Debian' -%>
- d-i apt-setup/local<%= repos %>/repository string http://debian.saltstack.com/debian <%= @host.operatingsystem.release_name %>-saltstack main
- d-i apt-setup/local<%= repos %>/comment string SaltStack Repository
- d-i apt-setup/local<%= repos %>/key string http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key
- <% repos += 1 -%>
- <% end -%>
- <% if @host.operatingsystem.name == 'Ubuntu' -%>
- d-i apt-setup/local<%= repos %>/repository string http://ppa.launchpad.net/saltstack/salt/ubuntu <%= @host.operatingsystem.release_name %> main
- d-i apt-setup/local<%= repos %>/comment string SaltStack Repository
- d-i apt-setup/local<%= repos %>/key string http://keyserver.ubuntu.com/pks/lookup?op=get&search=0x4759FA960E27C0A6
- <% repos += 1 -%>
- <% end -%>
- <% end -%>
- <% else -%>
- <% salt_package = '' -%>
- <% end -%>
- # Install minimal task set (see tasksel --task-packages minimal)
- tasksel tasksel/first multiselect minimal, ssh-server, openssh-server
- # Install some base packages
- d-i pkgsel/include string <%= salt_package %> lsb-release python
- d-i pkgsel/update-policy select <%= @host.params['preseed-update-policy'] || 'unattended-upgrades' %>
- d-i pkgsel/upgrade select <%= @host.params['preseed-post-install-upgrade'] || 'none' %>
- popularity-contest popularity-contest/participate boolean false
- # Boot loader settings
- #grub-pc grub-pc/hidden_timeout boolean false
- #grub-pc grub-pc/timeout string 10
- d-i grub-installer/only_debian boolean true
- d-i grub-installer/with_other_os boolean true
- <% if @host.params['install-disk'] -%>
- d-i grub-installer/bootdev string <%= @host.params['install-disk'] %>
- <% elsif (@host.operatingsystem.name == 'Debian' and @host.operatingsystem.major.to_i >= 8) or (@host.operatingsystem.name == 'Ubuntu' and @host.operatingsystem.major.to_i >= 16) -%>
- d-i grub-installer/bootdev string default
- <% end -%>
- d-i finish-install/reboot_in_progress note
- d-i preseed/late_command string wget -Y off <%= @static ? "'#{foreman_url('finish')}&static=true'" : foreman_url('finish') %> -O /target/tmp/finish.sh && in-target chmod +x /tmp/finish.sh && in-target /tmp/finish.sh
- snippet: false
- audit-comment: initial import
- template-kind-id: 5
- template-combination-attribute:
- - hostgroup:
- environment:
- os:
- - name: Ubuntu 16.04 LTS
- locked: false
- - name: Ubuntu Finish
- template: |
- <%#
- kind: finish
- name: Ubuntu Finish
- oses:
- - Debian
- - Ubuntu
- %>
- <%
- # safemode renderer does not support unary negation
- pm_set = @host.puppetmaster.empty? ? false : true
- puppet_enabled = pm_set || @host.param_true?('force-puppet')
- salt_enabled = @host.params['salt_master'] ? true : false
- chef_enabled = @host.respond_to?(:chef_proxy) && @host.chef_proxy
- %>
- <% subnet = @host.subnet -%>
- <% if subnet.respond_to?(:dhcp_boot_mode?) -%>
- <% dhcp = subnet.dhcp_boot_mode? && !@static -%>
- <% else -%>
- <% dhcp = !@static -%>
- <% end -%>
- <% unless dhcp -%>
- # host and domain name need setting as these values may have come from dhcp if pxe booting
- /bin/sed -i "s/^search.*$/search <%= @host.domain %>/g" /etc/resolv.conf
- /bin/sed -i "s/.*dns-search.*/\tdns-search <%= @host.domain %>/g" /etc/network/interfaces
- /bin/sed -i "s/^<%= @host.ip %>.*/<%= @host.ip %>\t<%= @host.shortname %>.<%= @host.domain %>\t<%= @host.shortname %>/g" /etc/hosts
- /bin/echo <%= @host.shortname %> > /etc/hostname
- <% end -%>
- <% if @host.info['parameters']['realm'] && @host.realm && @host.realm.realm_type == 'FreeIPA' -%>
- <%= snippet 'freeipa_register' %>
- <% end -%>
- <%= snippet('remote_execution_ssh_keys') %>
- <% if chef_enabled %>
- <%= snippet 'chef_client' %>
- <% end -%>
- <% if puppet_enabled %>
- <% if @host.param_true?('enable-puppetlabs-pc1-repo') || @host.param_true?('enable-puppetlabs-repo') -%>
- <%= snippet 'puppetlabs_repo' %>
- <% end -%>
- <%= snippet 'puppet_setup' %>
- <% end -%>
- <% if salt_enabled %>
- <%= snippet 'saltstack_setup' %>
- <% end -%>
- <%= snippet 'preseed_networking_setup' %>
- /usr/bin/wget --no-proxy --quiet --output-document=/dev/null --no-check-certificate <%= foreman_url('built') %>
- snippet: false
- audit-comment: initial import
- template-kind-id: 6
- template-combination-attribute:
- - hostgroup:
- environment:
- os:
- - name: Ubuntu 16.04 LTS
- locked: false
- os:
- - name: Ubuntu
- major: 16
- minor: 4
- description: Ubuntu 16.04 LTS
- family: Debian
- release-name: xenial
- password-hash: SHA512
- architecture:
- - name: x86_64
- provisioning-template:
- - name: Ubuntu PXE
- - name: Ubuntu Preseed
- - name: Ubuntu Finish
- medium:
- - name: Ubuntu Mirror
- partition-table:
- - name: Ubuntu Default
- parameters:
- version: "16.04"
- codename: "xenial"
- hostgroup:
- - name: default
- parent:
- environment:
- os: Ubuntu 16.04 LTS
- architecture: x86_64
- medium: Ubuntu Mirror
- partition-table: Ubuntu Default
- subnet: default
- domain: {{ ansible_domain }}
- parameters:
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement