238 lines
6 KiB
YAML
238 lines
6 KiB
YAML
- name: Install void base system
|
|
hosts: target_system
|
|
become: true
|
|
tasks:
|
|
# Prefer booster to dracut so make sure to never install it
|
|
- name: Ignore dracut
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/xbps.d/ignore-dracut.conf
|
|
line: ignorepkg=dracut
|
|
state: present
|
|
create: true # create file if absent
|
|
|
|
- name: Update xbps and system
|
|
community.general.xbps:
|
|
name:
|
|
- xbps
|
|
state: latest
|
|
update_cache: true
|
|
upgrade: true
|
|
|
|
- name: Install Base system
|
|
community.general.xbps:
|
|
name:
|
|
- base-system
|
|
state: present
|
|
|
|
- name: Get rid of temporary container metapackage
|
|
community.general.xbps:
|
|
name:
|
|
- base-container-full
|
|
state: absent
|
|
|
|
- name: Install booster
|
|
community.general.xbps:
|
|
name: booster
|
|
state: present
|
|
notify: installed-booster
|
|
|
|
handlers:
|
|
- name: List kernel module dirs
|
|
ansible.builtin.find:
|
|
paths: "/usr/lib/modules"
|
|
file_type: directory
|
|
register: found_kernels
|
|
listen: installed-booster
|
|
|
|
- name: Find kernels
|
|
ansible.builtin.set_fact:
|
|
kernel_list: "{{ found_kernels['files'] | map(attribute='path') | map('regex_replace', '^.*/(.*)$', '\\1') | list }}"
|
|
listen: installed-booster
|
|
|
|
- name: Create booster initramfs
|
|
vars:
|
|
fname: /boot/booster-void
|
|
ansible.builtin.command:
|
|
argv:
|
|
- booster
|
|
- --verbose
|
|
- build
|
|
- --kernel-version={{ item }}
|
|
- "{{ fname }}-{{ item }}.img"
|
|
creates: "{{ fname }}-{{ item }}.img"
|
|
loop: "{{ kernel_list }}"
|
|
listen: installed-booster
|
|
|
|
- name: Configure void base system
|
|
hosts: target_system
|
|
become: true
|
|
vars:
|
|
host_name: voider
|
|
timezone: Europe/Berlin
|
|
locales_enabled:
|
|
- en_US.UTF-8 UTF-8
|
|
|
|
tasks:
|
|
- name: Set hostname
|
|
ansible.builtin.template:
|
|
src: hostname.j2
|
|
dest: /etc/hostname
|
|
|
|
- name: Set timezone
|
|
ansible.builtin.file:
|
|
path: /etc/localtime
|
|
src: /usr/share/zoneinfo/{{ timezone }}
|
|
state: link
|
|
|
|
- name: Check if glibc locales exist
|
|
ansible.builtin.stat:
|
|
path: /etc/default/libc-locales
|
|
register: libc_locales_file
|
|
|
|
- name: Set correct glibc locales
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/default/libc-locales
|
|
regexp: "^{{ item }}"
|
|
line: "{{ item }}"
|
|
state: present
|
|
create: true
|
|
loop: "{{ locales_enabled }}"
|
|
when: libc_locales_file.stat.exists
|
|
notify: glibc-locales-changed
|
|
|
|
- name: Set up chrony for NTP management
|
|
community.general.xbps:
|
|
name:
|
|
- chrony
|
|
state: present
|
|
notify: installed-chrony
|
|
|
|
- name: Activate acpid service
|
|
ansible.builtin.file:
|
|
force: "yes"
|
|
src: "/etc/sv/acpid"
|
|
dest: "/etc/runit/runsvdir/default/acpid"
|
|
state: link
|
|
|
|
handlers:
|
|
- name: Regenerate locales
|
|
ansible.builtin.command:
|
|
argv:
|
|
- xbps-reconfigure
|
|
- --force
|
|
- libc-locales
|
|
listen: glibc-locales-changed
|
|
|
|
- name: Activate chronyd service
|
|
ansible.builtin.file:
|
|
force: "yes"
|
|
src: "/etc/sv/{{ item }}"
|
|
dest: "/etc/runit/runsvdir/default/{{ item }}"
|
|
state: link
|
|
with_items: [chronyd]
|
|
listen: installed-chrony
|
|
|
|
- name: Set up snapper backups
|
|
hosts: target_system
|
|
become: true
|
|
tags:
|
|
- btrfs
|
|
- snapshots
|
|
tasks:
|
|
- name: Install snapper
|
|
community.general.xbps:
|
|
name:
|
|
- snapper
|
|
state: present
|
|
notify: installed-snapper
|
|
|
|
# https://wiki.archlinux.org/title/Snapper#updatedb
|
|
- name: Disable updatedb indexing for snapshot directories
|
|
ansible.builtin.copy:
|
|
content: 'PRUNENAMES = ".snapshots"'
|
|
dest: "/etc/updatedb.conf"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
force: true
|
|
|
|
- name: Ensure snapper configs directory exists
|
|
ansible.builtin.file:
|
|
dest: "/etc/snapper/configs"
|
|
state: directory
|
|
recurse: true
|
|
|
|
- name: Ensure root /.snapshots directory exists
|
|
ansible.builtin.file:
|
|
dest: "/.snapshots"
|
|
state: directory
|
|
mode: 0755
|
|
|
|
- name: Create root backup configuration
|
|
ansible.builtin.template:
|
|
src: snapper-configurations/root.j2
|
|
dest: "/etc/snapper/configs/root"
|
|
mode: 0640
|
|
force: true # ensure contents are always exact
|
|
|
|
- name: Ensure home /.snapshots directory exists
|
|
ansible.builtin.file:
|
|
dest: "/home/.snapshots"
|
|
state: directory
|
|
mode: 0755
|
|
|
|
- name: Create homedir backup configuration
|
|
ansible.builtin.template:
|
|
src: snapper-configurations/home.j2
|
|
dest: "/etc/snapper/configs/home"
|
|
mode: 0640
|
|
force: true
|
|
|
|
- name: Add snap manual safety command
|
|
ansible.builtin.copy:
|
|
src: snapper-snap-script
|
|
dest: "/usr/bin/snap"
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
|
|
handlers:
|
|
# # Do NOT activate the snapperd service -
|
|
# # on systems without elogind I guess? Unsure
|
|
# - name: Activate snapper service
|
|
# ansible.builtin.file:
|
|
# force: "yes"
|
|
# src: "/etc/sv/snapperd"
|
|
# dest: "/etc/runit/runsvdir/default/snapperd"
|
|
# state: link
|
|
# listen: installed-snapper
|
|
- name: Snapper handler stub
|
|
ansible.builtin.debug:
|
|
msg: ""
|
|
listen: installed-snapper
|
|
|
|
- name: Set up snooze as cron daemon
|
|
hosts: target_system
|
|
become: true
|
|
tags:
|
|
- cron
|
|
- snooze
|
|
tasks:
|
|
- name: Install snooze
|
|
community.general.xbps:
|
|
name:
|
|
- snooze
|
|
state: present
|
|
|
|
- name: Activate snooze cron services
|
|
ansible.builtin.file:
|
|
force: "yes"
|
|
src: "/etc/sv/{{ item }}"
|
|
dest: "/etc/runit/runsvdir/default/{{ item }}"
|
|
state: link
|
|
loop:
|
|
- snooze-hourly
|
|
- snooze-daily
|
|
- snooze-weekly
|
|
- snooze-monthly
|
|
|