diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2019-07-12 12:52:41 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2019-07-12 12:52:41 +0200 |
| commit | dffca6f2ced2bfda0c2321d2a5d16fa2212cea31 (patch) | |
| tree | 38cdc9fbe3874fee44b5f3b1eb58badbfbb6ee20 /roles | |
| parent | try workaround to fix change network interface name-policy (diff) | |
make forced net interface policy a little bit nicer (WIP)
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/preseed/defaults/main.yml | 2 | ||||
| -rw-r--r-- | roles/preseed/tasks/main.yml | 23 | ||||
| -rw-r--r-- | roles/preseed/templates/preseed_debian-buster.cfg.j2 | 12 | ||||
| -rw-r--r-- | roles/vm/install/tasks/main.yml | 3 |
4 files changed, 25 insertions, 15 deletions
diff --git a/roles/preseed/defaults/main.yml b/roles/preseed/defaults/main.yml new file mode 100644 index 00000000..b120f133 --- /dev/null +++ b/roles/preseed/defaults/main.yml @@ -0,0 +1,2 @@ +--- +#preseed_force_net_ifnames_policy: path diff --git a/roles/preseed/tasks/main.yml b/roles/preseed/tasks/main.yml index c32a032e..02da8804 100644 --- a/roles/preseed/tasks/main.yml +++ b/roles/preseed/tasks/main.yml @@ -17,15 +17,20 @@ path: "{{ preseed_tmpdir }}/authorized_keys" key: "{{ ssh_keys_root | join('\n') }}" -## TODO: make this nicer (only needed für debian buster? does it work with others too?) -- file: - path: "{{ preseed_tmpdir }}/etc/systemd/network" - state: directory -- copy: - dest: "{{ preseed_tmpdir }}/etc/systemd/network/90-namepolicy-path.link" - content: | - [Link] - NamePolicy=path +- name: force net interface name policy + when: preseed_force_net_ifnames_policy is defined + block: + - name: prepare directories to force network interface name policy + file: + path: "{{ preseed_tmpdir }}/etc/systemd/network" + state: directory + + - name: install link unit to force network interface name policy + copy: + dest: "{{ preseed_tmpdir }}/etc/systemd/network/90-namepolicy.link" + content: | + [Link] + NamePolicy={{ preseed_force_net_ifnames_policy }} - name: Inject files into initramfs shell: cpio -H newc -o | gzip -9 >> 'initrd.preseed.gz' diff --git a/roles/preseed/templates/preseed_debian-buster.cfg.j2 b/roles/preseed/templates/preseed_debian-buster.cfg.j2 index 44d8a814..390cdbcb 100644 --- a/roles/preseed/templates/preseed_debian-buster.cfg.j2 +++ b/roles/preseed/templates/preseed_debian-buster.cfg.j2 @@ -134,12 +134,14 @@ d-i preseed/late_command string \ in-target bash -c "apt-get update -q && apt-get full-upgrade -y -q"; \ in-target bash -c "passwd -d root && passwd -l root"; \ in-target bash -c "sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces"; \ +{% if preseed_force_net_ifnames_policy is defined %} mkdir -p /target/etc/systemd/network; \ - bash -c "echo '[Link]' > /target/etc/systemd/network/90-namepolicy-path.link"; \ - bash -c "echo 'NamePolicy=path' >> /target/etc/systemd/network/90-namepolicy-path.link"; \ + bash -c "echo '[Link]' > /target/etc/systemd/network/90-namepolicy.link"; \ + bash -c "echo 'NamePolicy={{ preseed_force_net_ifnames_policy }}' >> /target/etc/systemd/network/90-namepolicy.link"; \ in-target bash -c "update-initramfs -u"; \ - mkdir -p -m 0700 /target/root/.ssh; \ - cp /authorized_keys /target/root/.ssh/; \ +{% endif %} {% if hostvars[hostname].ansible_port is defined %} - in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config" + in-target bash -c "sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config"; \ {% endif %} + mkdir -p -m 0700 /target/root/.ssh; \ + cp /authorized_keys /target/root/.ssh/ diff --git a/roles/vm/install/tasks/main.yml b/roles/vm/install/tasks/main.yml index e7e5cf1a..9caa88c8 100644 --- a/roles/vm/install/tasks/main.yml +++ b/roles/vm/install/tasks/main.yml @@ -19,8 +19,9 @@ name: preseed vars: ssh_keys_root: "{{ hostvars[hostname].ssh_keys_root }}" - install_interface: enp1s1 preseed_tmpdir: "{{ tmpdir.path }}" + preseed_force_net_ifnames_policy: path + install_interface: enp1s1 - name: Make preseed workdir readable by qemu acl: |