feat: reworked most of the ansible playbooks and roles

2024-06-29 10:26:52 -05:00
parent 0eadf8fba9
commit b885f907db
22 changed files with 524 additions and 365 deletions
--- a/ansible/roles/configure/tasks/ubuntu.yml
+++ b/ansible/roles/configure/tasks/ubuntu.yml
@@ -1,88 +1,62 @@
 ---
- name: "Configure SSH for Public Key Authentication"
-  shell: |
-    sudo sed -i 's/.*PubkeyAuthentication.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config
+# Tasks for setting custom facts.
+- name: "Setting custom facts."
+  ansible.builtin.set_fact:
+    enable_cloudinit: "{{ enable_cloudinit | default('false') }}"

- name: Restarting the SSH daemon
-  ansible.builtin.service:
+# Tasks for configuring SSH for public key authentication.
+- name: "Configuring SSH for Public Key Authentication."
+  ansible.builtin.lineinfile:
+    path: /etc/ssh/sshd_config
+    regexp: '^PubkeyAuthentication'
+    line: 'PubkeyAuthentication yes'
+
+# Tasks for setting the hostname.
+- name: "Setting the hostname."
+  ansible.builtin.hostname:
+    name: "localhost"
+
+# Tasks for restarting the SSH daemon.
+- name: "Restarting the SSH daemon."
+  ansible.builtin.systemd:
    name: ssh
    state: restarted
+    daemon_reload: true

- name: Remove cloud-init files
-  ansible.builtin.file:
-    path: "{{ item }}"
-    state: absent
-  loop:
-    - /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg
-    - /etc/cloud/cloud.cfg.d/50-curtin-networking.cfg
-    - /etc/cloud/cloud.cfg.d/curtin-preserve-sources.cfg
-    - /etc/cloud/cloud.cfg.d/99-installer.cfg
-    - /etc/netplan/00-installer-config.yaml
-  when:
-    - cloud_init | bool
-    - ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" or ansible_distribution_version == "24.04"
+# Tasks for disabling systemd-tmpfiles.
+- name: "Disabling systemd-tmpfiles."
+  ansible.builtin.replace:
+    path: /usr/lib/tmpfiles.d/tmp.conf
+    regexp: '^D'
+    replace: '#D'

- name: Disable cloud-init if configured to 
+# Tasks for configuring cloud-init.
+- name: "Configuring cloud-init."
  block:
-    - name: Check if /etc/cloud/ exists
-      ansible.builtin.stat:
-        path: '/etc/cloud/'
-      register: etc_cloud_folder
+    - name: "Message: Configuring cloud-init"
+      ansible.builtin.debug:
+        msg: "Configuring cloud-init"
+    - ansible.builtin.file:
+        path: "{{ item }}"
+        state: absent
+      loop:
+        - /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg
+        - /etc/cloud/cloud.cfg.d/99-installer.cfg
+        - /etc/netplan/00-installer-config.yaml
+    - ansible.builtin.copy:
+        content: 'datasource_list: [ VMware, OVF, None ]'
+        dest: /etc/cloud/cloud.cfg.d/90_dpkg.cfg
+  when: enable_cloudinit == 'true'

-    - name: 'Generate /etc/cloud/cloud-init.disabled'
-      ansible.builtin.copy:
-        dest: '/etc/cloud/cloud-init.disabled'
-        content: 'disabled by ansible\n'
-        owner: 'root'
-        group: 'root'
-        mode: '0644'
-      when:
-        - 'etc_cloud_folder.stat.exists'
-  when: 
-    - not cloud_init | bool
-    - ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" or ansible_distribution_version == "24.04"
-
- name: Copy cloud-init PVE default file
+# Tasks for setting SSH keys to regenerate.
+- name: "Setting SSH keys to regenerate."
  ansible.builtin.copy:
-    dest: /etc/cloud/cloud.cfg.d/90_dpkg.cfg
+    dest: /etc/rc.local
    content: |
-      datasource_list: [ ConfigDrive, NoCloud ]
-  when: cloud_init | bool
-
- name: "Modifying GRUB."
-  shell: |
-    sed -i -e "s/GRUB_CMDLINE_LINUX_DEFAULT=\"\(.*\)\"/GRUB_CMDLINE_LINUX_DEFAULT=\"\"/" /etc/default/grub
-    update-grub
-  when: ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04" or ansible_distribution_version == "24.04"
-
- name: Creating SSH key regeneration service file
-  ansible.builtin.copy:
-    dest: /etc/systemd/system/regenerate_ssh_host_keys.service
-    content: |
-      [Unit]
-      Description=Regenerate SSH host keys
-      Before=ssh.service
-      ConditionFileIsExecutable=/usr/bin/ssh-keygen
-
-      [Service]
-      Type=oneshot
-      ExecStartPre=-/bin/dd if=/dev/hwrng of=/dev/urandom count=1 bs=4096
-      ExecStartPre=-/bin/sh -c "/bin/rm -f -v /etc/ssh/ssh_host_*_key*"
-      ExecStart=/usr/bin/ssh-keygen -A -v
-      ExecStartPost=/bin/systemctl disable regenerate_ssh_host_keys
-
-      [Install]
-      WantedBy=multi-user.target
-  when: not cloud_init | bool
-
- name: Reload systemd to re-read configurations
-  ansible.builtin.systemd:
-    daemon-reload: true
-  when: not cloud_init | bool
-
- name: Enable regenerate_ssh_host_keys service
-  ansible.builtin.systemd:
-    name: regenerate_ssh_host_keys
-    enabled: true
-  when: not cloud_init | bool
+      #!/bin/bash
+      if test -z "$(find /etc/ssh/ -iname 'ssh_host_*_key*')"; then
+          dpkg-reconfigure openssh-server
+      fi
+      exit 0
+    mode: 0755