From e7ad959c9dc1c4c684b9772df9e2f0e29cfed77e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Sachse?= <Joerg.Sachse@slub-dresden.de>
Date: Fri, 23 Oct 2020 13:53:39 +0200
Subject: [PATCH] feat: create Kickstart config files from template to
 facilitate RHEL install automation

---
 site.yml                   | 84 +++++++++++++++++++++++++-------------
 templates/kickstart.cfg.j2 | 54 ++++++++++++++++++++++++
 vars/network.yml.example   |  6 +++
 3 files changed, 116 insertions(+), 28 deletions(-)
 create mode 100644 templates/kickstart.cfg.j2
 create mode 100644 vars/network.yml.example

diff --git a/site.yml b/site.yml
index e38357e..bb7b5f0 100644
--- a/site.yml
+++ b/site.yml
@@ -1,30 +1,58 @@
 ---
-- hosts: "*"
-  pre_tasks:
-    - name: Verify that the installed version of Ansible meets this playbook's version requirements.
-      assert:
-        that: "ansible_version.full is version_compare('2.5', '>=')"
-        msg: >
-          "You must update Ansible to at least 2.5 to use this playbook."
-  # Collect facts from remote system? Possible values: true, false
-  gather_facts: true
-  # Gather only certain subsects of facts. Ansible supports network, hardware, virtual, facter, ohai as subset.
-  gather_subset:
-    - network
-    - virtual
-    - hardware
-  # any_error_fatal will mark all the hosts as failed if fails and immediately abort the playbook execution. Possible values: true, false
-  any_errors_fatal: false
-  # max_fail_percentage allows you to abort the play if certain threshold of failures have been reached.
-  max_fail_percentage: 30
-  serial: 30
-  # hide sensitive information in verbose/debugging output from others. Possible values: true, false
-  no_log: false
-  # execution strategy, possible values: debug, linear, serial, free (https://docs.ansible.com/ansible/latest/user_guide/playbooks_strategies.html)
-  strategy: linear
+- hosts: localhost
+  connection: local
+  tasks:
+    - name: check if listfile for networking exists
+      find:
+        paths: "{{ playbook_dir }}/vars/"
+        patterns: "network.yml"
+      register: result_network
+    - debug:
+        msg: "{{ item.path }}"
+      loop: "{{ result_network.files }}"
+    - name: bail out if config file doesn't exist
+      fail:
+        msg: "The required config file 'vars/network.yml' couldn't be found. Please refer to vars/network.yml.example for further documentation."
+      when: "result_network.matched < 1"
+    - name: include networking variables
+      include_vars: "{{ item.path }}"
+      loop: "{{ result_network.files }}"
+    - name: create build directory
+      file:
+        path: "{{ playbook_dir }}/build/"
+        state: directory
+    - name: write Kickstart files
+      template:
+        src: "kickstart.cfg.j2"
+        dest: "build/{{ item.hostname }}"
+      loop: "{{ hosts }}"
 
-  roles:
-    - { role: ansible_lza_bootstrap_rhel_server }
-    # - { role: ansible_lza_install_common, become: true }
-    # - { role: ansible_lza_server_hardening, become: true }
-    # - { role: ansible_lza_rosetta_app, become: true }
+#- hosts: "*"
+#  pre_tasks:
+#    - name: Verify that the installed version of Ansible meets this playbook's version requirements.
+#      assert:
+#        that: "ansible_version.full is version_compare('2.5', '>=')"
+#        msg: >
+#          "You must update Ansible to at least 2.5 to use this playbook."
+#  # Collect facts from remote system? Possible values: true, false
+#  gather_facts: true
+#  # Gather only certain subsects of facts. Ansible supports network, hardware, virtual, facter, ohai as subset.
+#  gather_subset:
+#    - network
+#    - virtual
+#    - hardware
+#  # any_error_fatal will mark all the hosts as failed if fails and immediately abort the playbook execution. Possible values: true, false
+#  any_errors_fatal: false
+#  # max_fail_percentage allows you to abort the play if certain threshold of failures have been reached.
+#  max_fail_percentage: 30
+#  serial: 30
+#  # hide sensitive information in verbose/debugging output from others. Possible values: true, false
+#  no_log: false
+#  # execution strategy, possible values: debug, linear, serial, free (https://docs.ansible.com/ansible/latest/user_guide/playbooks_strategies.html)
+#  strategy: linear
+#
+#  roles:
+#    - { role: ansible_lza_bootstrap_rhel_server }
+#    # - { role: ansible_lza_install_common, become: true }
+#    # - { role: ansible_lza_server_hardening, become: true }
+#    # - { role: ansible_lza_rosetta_app, become: true }
diff --git a/templates/kickstart.cfg.j2 b/templates/kickstart.cfg.j2
new file mode 100644
index 0000000..761d329
--- /dev/null
+++ b/templates/kickstart.cfg.j2
@@ -0,0 +1,54 @@
+#version=DEVEL
+# System authorization information
+auth --enableshadow --passalgo=sha512
+# Use CDROM installation media
+cdrom
+# Use graphical install
+graphical
+# Run the Setup Agent on first boot
+firstboot --enable
+ignoredisk --only-use=sda
+# Keyboard layouts
+keyboard --vckeymap=de-nodeadkeys --xlayouts='de (nodeadkeys)'
+# System language
+lang de_DE.UTF-8
+
+# Network information
+network  --bootproto=static --device=ens192 --ethtool="autoneg on" --gateway=212.201.61.1 --ip={{ item.ip_address }} --nameserver=194.95.142.157,194.95.142.203,194.95.142.200 --netmask=255.255.255.192 --ipv6=auto --activate
+network  --hostname={{ item.hostname }}.slub-dresden.de
+
+repo --name="Server-HighAvailability" --baseurl=file:///run/install/repo/addons/HighAvailability
+repo --name="Server-ResilientStorage" --baseurl=file:///run/install/repo/addons/ResilientStorage
+# Root password
+rootpw --iscrypted $6$67rCX4MFo0HPCG0T$7DsUx/fFJ067LS5QDtRMDTIcMrq1FejZOp/Ei4o.L08cbYC2FVsJ4Tp45iKrZDfL0df7qgeWpY7ylBfI3k/7b1
+# System services
+services --enabled="chronyd"
+# System timezone
+timezone Europe/Berlin --isUtc
+#user --groups=wheel --name=jsachse --password=$6$OVScoE8L9aqJgECe$N80BzeVCZV43CpUZtxL5KDI0VQzuy6P4FId3NLJE9gw0nOMf9Z2oxscwnjGg2LeG8DMhY0Z2c.mTtIWRcXsiK/ --iscrypted --gecos="Jörg Sachse"
+# System bootloader configuration
+bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
+# Partition clearing information
+clearpart --none --initlabel
+# Disk partitioning information
+part / --fstype="ext4" --ondisk=sda --size=143360
+part swap --fstype="swap" --ondisk=sda --size=5120
+part /boot --fstype="xfs" --ondisk=sda --size=1024
+
+%packages
+@^minimal
+@core
+chrony
+kexec-tools
+
+%end
+
+%addon com_redhat_kdump --enable --reserve-mb='auto'
+
+%end
+
+%anaconda
+pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
+pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
+pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
+%end
diff --git a/vars/network.yml.example b/vars/network.yml.example
new file mode 100644
index 0000000..c363aa5
--- /dev/null
+++ b/vars/network.yml.example
@@ -0,0 +1,6 @@
+---
+- hostname: localhost
+  ip_address: 127.0.0.1
+- hostname: example_host
+  ip_address: 123.234.213.132
+# add/edit more hosts as necessary
-- 
GitLab