mirror of
https://github.com/rocky-linux/infrastructure
synced 2024-05-28 17:40:16 +00:00
Merge ecbb36d2ba
into b5dc541514
This commit is contained in:
commit
f401a4a0be
12
ansible/inventory/pxeinventory
Normal file
12
ansible/inventory/pxeinventory
Normal file
|
@ -0,0 +1,12 @@
|
|||
[pxeserver]
|
||||
vmtest1.i.gensoukyou.net ansible_host=10.21.3.31
|
||||
|
||||
[pxeserver:vars]
|
||||
pxeboot_nameservers=10.21.254.1
|
||||
pxeboot_server_address=10.21.3.31
|
||||
pxeboot_netmask=255.255.255.0
|
||||
pxeboot_gateway=10.21.3.1
|
||||
pxeboot_subnet=10.21.3.0
|
||||
pxeboot_next_server=127.0.0.1
|
||||
pxeboot_range_low=10.21.3.10
|
||||
pxeboot_range_high=10.21.3.20
|
45
ansible/playbooks/role-pxeserver.yml
Normal file
45
ansible/playbooks/role-pxeserver.yml
Normal file
|
@ -0,0 +1,45 @@
|
|||
---
|
||||
# Variables for the infrastructure are in inventory/pxeinventory
|
||||
- name: Configure PXE Server
|
||||
hosts: pxeserver
|
||||
become: true
|
||||
|
||||
# This is to try to avoid the handler issue in pre/post tasks
|
||||
handlers:
|
||||
- include: handlers/main.yml
|
||||
|
||||
pre_tasks:
|
||||
- name: Check if ansible cannot be run here
|
||||
stat:
|
||||
path: /etc/no-ansible
|
||||
register: no_ansible
|
||||
|
||||
- name: Verify if we can run ansible
|
||||
assert:
|
||||
that:
|
||||
- "not no_ansible.stat.exists"
|
||||
msg: "/etc/no-ansible exists - skipping run on this node"
|
||||
#- name: Verify parameters
|
||||
# assert:
|
||||
# that:
|
||||
# - '{{ pxeboot_nameservers }}'
|
||||
# - '{{ pxeboot_server_address }}'
|
||||
# - '{{ pxeboot_netmask }}'
|
||||
# - '{{ pxeboot_gateway }}'
|
||||
# - '{{ pxeboot_subnet }}'
|
||||
# - '{{ pxeboot_next_server }}'
|
||||
# - '{{ pxeboot_range_low }}'
|
||||
# - '{{ pxeboot_range_high }}'
|
||||
|
||||
roles:
|
||||
- role: pxeserver
|
||||
state: present
|
||||
|
||||
post_tasks:
|
||||
- name: Touching run file that ansible has ran here
|
||||
file:
|
||||
path: /var/log/ansible.run
|
||||
state: touch
|
||||
mode: '0644'
|
||||
owner: root
|
||||
group: root
|
2
ansible/playbooks/roles/pxeserver/defaults/main.yml
Normal file
2
ansible/playbooks/roles/pxeserver/defaults/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
|||
---
|
||||
centos_8_kickstart_mirror: 'https://mirror.phx1.us.spryservers.net/centos/8.3.2011/BaseOS/x86_64/kickstart'
|
30
ansible/playbooks/roles/pxeserver/example-grub.cfg
Normal file
30
ansible/playbooks/roles/pxeserver/example-grub.cfg
Normal file
|
@ -0,0 +1,30 @@
|
|||
# This kind of file should live in /var/lib/tftpboot/uefi/grub.cfg.01-host-mac-here
|
||||
# $ cat grub.cfg-01-00-50-56-ba-2b-e6
|
||||
set default="Reboot"
|
||||
|
||||
function load_video {
|
||||
insmod efi_gop
|
||||
insmod efi_uga
|
||||
insmod video_bochs
|
||||
insmod video_cirrus
|
||||
insmod all_video
|
||||
}
|
||||
|
||||
load_video
|
||||
set gfxpayload=keep
|
||||
insmod gzio
|
||||
insmod part_gpt
|
||||
insmod ext2
|
||||
|
||||
# Infinite
|
||||
set timeout=-1
|
||||
|
||||
menuentry 'Reboot' {
|
||||
reboot
|
||||
}
|
||||
|
||||
### BEGIN /etc/grub.d/10_linux ###
|
||||
menuentry 'Install centos-8-x86_64 for host (DESTROYS DATA!)' --class fedora --class gnu-linux --class gnu --class os {
|
||||
linuxefi centos-8-x86_64-vmlinuz nofb ks=http://10.21.3.31/testkickstart.cfg mpath console=tty0
|
||||
initrdefi centos-8-x86_64-initrd.img
|
||||
}
|
6
ansible/playbooks/roles/pxeserver/handlers/main.yml
Normal file
6
ansible/playbooks/roles/pxeserver/handlers/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
- name: 'reload nginx'
|
||||
service:
|
||||
name: nginx
|
||||
state: restarted
|
||||
|
63
ansible/playbooks/roles/pxeserver/tasks/main.yml
Normal file
63
ansible/playbooks/roles/pxeserver/tasks/main.yml
Normal file
|
@ -0,0 +1,63 @@
|
|||
---
|
||||
- name: 'install tftp, nginx for serving kickstart configuration'
|
||||
package:
|
||||
name:
|
||||
- tftp-server
|
||||
- nginx
|
||||
|
||||
- name: 'ensure /var/www'
|
||||
file:
|
||||
path: '/var/www'
|
||||
state: directory
|
||||
mode: '0755'
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: 'ensure /var/www/html'
|
||||
file:
|
||||
path: '/var/www/html'
|
||||
state: directory
|
||||
mode: '0755'
|
||||
owner: root
|
||||
group: nginx
|
||||
|
||||
- name: 'nginx configuration'
|
||||
template:
|
||||
src: nginx.conf.j2
|
||||
dest: /etc/nginx/nginx.conf
|
||||
notify: 'reload nginx'
|
||||
|
||||
- name: 'Ensure nginx is running'
|
||||
service:
|
||||
name: nginx
|
||||
state: started
|
||||
enabled: true
|
||||
|
||||
- name: Enable tftp server socket
|
||||
systemd:
|
||||
name: tftp.socket
|
||||
state: started
|
||||
enabled: true
|
||||
|
||||
- name: 'Create UEFI PXE-boot configuration directory'
|
||||
file:
|
||||
mode: '0755'
|
||||
path: '/var/lib/tftpboot/uefi'
|
||||
state: directory
|
||||
|
||||
# Are there better ways to get these same files into the tftpboot directory?
|
||||
# Downloading things from the internet feels wrong...
|
||||
- name: 'Download CentOS 8 UEFI boot files into the tftpboot directory'
|
||||
get_url:
|
||||
mode: '0644'
|
||||
url: '{{ centos_8_kickstart_mirror | mandatory }}/{{ item.value }}'
|
||||
dest: '/var/lib/tftpboot/{{ item.key }}'
|
||||
loop: "{{ bootfiles | dict2items }}"
|
||||
vars:
|
||||
bootfiles:
|
||||
# values are relative to the value of the mirror
|
||||
'uefi/BOOTX64.EFI': 'EFI/BOOT/BOOTX64.EFI'
|
||||
'uefi/grubx64.efi': 'EFI/BOOT/grubx64.efi'
|
||||
'centos-8-x86_64-vmlinuz': 'images/pxeboot/vmlinuz'
|
||||
'centos-8-x86_64-initrd.img': 'images/pxeboot/initrd.img'
|
||||
|
42
ansible/playbooks/roles/pxeserver/templates/nginx.conf.j2
Normal file
42
ansible/playbooks/roles/pxeserver/templates/nginx.conf.j2
Normal file
|
@ -0,0 +1,42 @@
|
|||
# Simple HTTP-only server for serving kickstart files from under /var/www/html
|
||||
user nginx;
|
||||
worker_processes auto;
|
||||
error_log /var/log/nginx/error.log;
|
||||
pid /run/nginx.pid;
|
||||
|
||||
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
|
||||
include /usr/share/nginx/modules/*.conf;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
keepalive_timeout 65;
|
||||
types_hash_max_size 2048;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
server_name _;
|
||||
root /var/www/html;
|
||||
|
||||
location / {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user