commit c620206691aec0c9b66625f04e08b1b5ca267876 Author: felix.niederwanger@suse.com Date: Thu Mar 25 10:38:03 2021 +0100 first commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..00c0673 --- /dev/null +++ b/.gitignore @@ -0,0 +1,7 @@ +# Python cache +__pycache__ + +# File for creating NEXT template +files/next +files/next/* +files/syslinux-* diff --git a/README.md b/README.md new file mode 100644 index 0000000..ebe25e9 --- /dev/null +++ b/README.md @@ -0,0 +1,28 @@ +# geekoops-next + +Install and configure a NEXT (Network Boot) server using `dnsmasq`. + +## Role Variables + + +## Example Playbook + + - hosts: jellyfish + roles: + - { role: geekoops-next } + +## License + +MIT + +## Author Information + +phoenix + +Have a lot of fun! + +# Development + +## syslinux + +Get the latest `syslinux` from [kernel.org/ ... /syslinux](https://kernel.org/pub/linux/utils/boot/syslinux/) \ No newline at end of file diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..11ed1e9 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,14 @@ +--- +# defaults file for geekoops-next + +dns_port: "0" +dhcp_no_override: true +dhcp_boot: "pxelinux.0" +prompt: "geekoops-next Network boot" +prompt_timeout: 2 +legacy: true +efi: true +dhcp_range: "" + +config_firewall: false +firewall_zone: "public" diff --git a/files/next.tar.bz2 b/files/next.tar.bz2 new file mode 100644 index 0000000..5388177 Binary files /dev/null and b/files/next.tar.bz2 differ diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..5b64e4c --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,5 @@ +--- +# handlers file for geekoops-next + +- name: reload firewalld + shell: firewall-cmd --reload diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..227ad9c --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,53 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.9 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. + \ No newline at end of file diff --git a/tasks/firewall.yml b/tasks/firewall.yml new file mode 100644 index 0000000..17f386f --- /dev/null +++ b/tasks/firewall.yml @@ -0,0 +1,29 @@ +--- +# Configure firewall + +- name: Ensure tftp is open in firewall + firewalld: + zone: "{{firewall_zone}}" + service: tftp + permanent: true + state: enabled + notify: reload firewalld + tags: ['firewall', 'tftp', 'dnsmasq'] +- name: Ensure dns is open in firewall + firewalld: + zone: "{{firewall_zone}}" + service: dns + permanent: true + state: enabled + notify: reload firewalld + when: dns_port != 0 + tags: ['firewall', 'tftp', 'dnsmasq'] +- name: Ensure dhcp is open in firewall + firewalld: + zone: "{{firewall_zone}}" + service: dhcp + permanent: true + state: enabled + notify: reload firewalld + when: dhcp_range != "" + tags: ['firewall', 'tftp', 'dnsmasq'] diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..ac385e4 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,49 @@ +--- +# tasks file for geekoops-next + +# Distribution specific vars are ALWAYS needed, so don't forget the tags here +- name: include distribution specific vars + include_vars: "{{ansible_distribution}}_{{ansible_distribution_version}}.yml" + tags: ['dnsmasq'] + +- name: Ensure dnsmasq is installed + package: + name: "{{ packages }}" + state: present + tags: ['dnsmasq','tftp'] +- name: Configure dnsmasq + template: + src: dnsmasq.j2 + dest: /etc/dnsmasq.conf + owner: root + group: root + mode: 0755 +- name: Ensure pxelinux.cfg is present + file: + path: "{{tftp_root}}/pxelinux.cfg" + state: directory + owner: root + group: root + mode: 0755 + tags: ['dnsmasq','tftp'] +- name: Extract NEXT template + unarchive: + src: next.tar.bz2 + dest: "{{tftp_root}}/" + owner: root + group: root + mode: 0755 + keep_newer: yes + tags: ['dnsmasq','tftp'] +- name: Configure pxelinux.cfg default + template: + src: pxelinux_default.j2 + dest: "{{tftp_root}}/pxelinux.cfg/default" + owner: root + group: root + mode: 0755 + tags: ['dnsmasq','tftp'] + + +- include: firewall.yml + when: config_firewall == true diff --git a/templates/dnsmasq.j2 b/templates/dnsmasq.j2 new file mode 100644 index 0000000..4cf02cd --- /dev/null +++ b/templates/dnsmasq.j2 @@ -0,0 +1,31 @@ +################################################################################ +## Minimalistic dnsmasq setup for a NEXT server ## +## This file is maintained by the geekoops-next ansible role. ## +## Don't manually edit it, as your changes will be overwritten! ## +################################################################################ + +PORT={{dns_port}} +{% if dhcp_no_override == true %} +# Disable reuse of the DHCP servername to avoid confusion of old (and broken) clients +dhcp-no-override +{% endif %} + +# PXE boot menu +dhcp-boot={{dhcp_boot}} +pxe-prompt="{{prompt}}",{{prompt_timeout}} + + +{% if legacy %} +pxe-service=x86PC, "Legacy Network Boot", pxelinux +{% endif %} +{% if efi %} +pxe-service=x86-64_EFI,"EFI Network Boot", pxelinux +{% endif %} + +{% if dhcp_range != "" %} +dhcp-range={{dhcp_range}} +{% endif %} + +# tftp server +enable-tftp +tftp-root={{tftp_root}} diff --git a/templates/pxelinux_default.j2 b/templates/pxelinux_default.j2 new file mode 100644 index 0000000..dbb1145 --- /dev/null +++ b/templates/pxelinux_default.j2 @@ -0,0 +1,16 @@ +#DEFAULT vesamenu.c32 +PROMPT 0 +TIMEOUT 100 +ONTIMEOUT local + +MENU TITLE {{prompt}} + +# Boot from local hard drive - This is the default +LABEL local + MENU DEFAULT + MENU LABEL Boot local hard drive + LOCALBOOT 0 + +MENU SEPARATOR + +## TODO: Add your own stuff here. diff --git a/tests/inventory b/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 0000000..fd78c3b --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - geekoops-next \ No newline at end of file diff --git a/vars/main.yml b/vars/main.yml new file mode 100644 index 0000000..b501bcb --- /dev/null +++ b/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for geekoops-next \ No newline at end of file diff --git a/vars/openSUSE Leap_15.2.yml b/vars/openSUSE Leap_15.2.yml new file mode 100644 index 0000000..36f6673 --- /dev/null +++ b/vars/openSUSE Leap_15.2.yml @@ -0,0 +1,8 @@ +--- +# openSUSE Leap 15.2 specific variables + +## Software packages + +packages: ['dnsmasq'] + +tftp_root: "/srv/tftpboot"