diff options
author | Christian Pointner <equinox@spreadspace.org> | 2020-07-10 23:42:23 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2020-07-10 23:42:23 +0200 |
commit | c9df5dcce462af13685236bf7a1d4dd896b1406b (patch) | |
tree | 8b7ed8bd765bb1a3a338bb4f587665b439d6b24d /roles/installer/openbsd/fetch | |
parent | openbsd installer: move to single version per invocation (diff) |
major refactoring of installer roles
Diffstat (limited to 'roles/installer/openbsd/fetch')
-rw-r--r-- | roles/installer/openbsd/fetch/defaults/main.yml | 6 | ||||
-rw-r--r-- | roles/installer/openbsd/fetch/tasks/main.yml | 34 | ||||
-rw-r--r-- | roles/installer/openbsd/fetch/vars/main.yml | 7 |
3 files changed, 47 insertions, 0 deletions
diff --git a/roles/installer/openbsd/fetch/defaults/main.yml b/roles/installer/openbsd/fetch/defaults/main.yml new file mode 100644 index 00000000..eeeaf2d0 --- /dev/null +++ b/roles/installer/openbsd/fetch/defaults/main.yml @@ -0,0 +1,6 @@ +--- +# openbsd_installer_version: 6.7 +openbsd_installer_arch: amd64 + +openbsd_installer_force_download: no +openbsd_installer_url: "https://cdn.openbsd.org/pub/OpenBSD" diff --git a/roles/installer/openbsd/fetch/tasks/main.yml b/roles/installer/openbsd/fetch/tasks/main.yml new file mode 100644 index 00000000..0ab9070c --- /dev/null +++ b/roles/installer/openbsd/fetch/tasks/main.yml @@ -0,0 +1,34 @@ +--- +- name: prepare directories for installer iso files + file: + name: "{{ installer_base_path }}/openbsd-{{ openbsd_installer_version }}/{{ openbsd_installer_arch }}" + state: directory + +- name: download installer iso files + get_url: + url: "{{ openbsd_installer_url }}/{{ openbsd_installer_version }}/{{ openbsd_installer_arch }}/install{{ openbsd_installer_version_short }}.iso" + dest: "{{ installer_base_path }}/openbsd-{{ openbsd_installer_version }}/{{ openbsd_installer_arch }}/install{{ openbsd_installer_version_short }}.iso" + mode: 0644 + force: "{{ openbsd_installer_force_download }}" + +- name: download signed sha256 files + get_url: + url: "{{ openbsd_installer_url }}/{{ openbsd_installer_version }}/{{ openbsd_installer_arch }}/SHA256.sig" + dest: "{{ installer_base_path }}/openbsd-{{ openbsd_installer_version }}/{{ openbsd_installer_arch }}/SHA256.sig" + mode: 0644 + force: "{{ openbsd_installer_force_download }}" + +- name: create signing key files + copy: + content: "{{ openbsd_installer_signing_keys[openbsd_installer_version] }}" + dest: "{{ installer_base_path }}/openbsd-{{ openbsd_installer_version }}/openbsd-{{ openbsd_installer_version_short }}-base.pub" + +- name: verfiy downloaded iso files + command: "signify-openbsd -Cp ../openbsd-{{ openbsd_installer_version_short }}-base.pub -x SHA256.sig install{{ openbsd_installer_version_short }}.iso" + args: + chdir: "{{ installer_base_path }}/openbsd-{{ openbsd_installer_version }}/{{ openbsd_installer_arch }}" + changed_when: false + register: openbsd_installer_signify_result + +- debug: + var: openbsd_installer_signify_result.stdout_lines diff --git a/roles/installer/openbsd/fetch/vars/main.yml b/roles/installer/openbsd/fetch/vars/main.yml new file mode 100644 index 00000000..dad9f064 --- /dev/null +++ b/roles/installer/openbsd/fetch/vars/main.yml @@ -0,0 +1,7 @@ +--- +openbsd_installer_version_short: "{{ openbsd_installer_version | replace('.', '') }}" + +openbsd_installer_signing_keys: + "6.7": | + untrusted comment: openbsd 6.7 base public key + RWRmkIA877Io3oCILSZoJGhAswifJbFK4r18ICoia+3c0PfwANueolNj |