5 files changed, 132 insertions, 2 deletions

diff --git a/inventory/group_vars/chaos-at-home/network.yml b/inventory/group_vars/chaos-at-home/network.yml
index 36509588..7b4f220d 100644
--- a/inventory/group_vars/chaos-at-home/network.yml
+++ b/inventory/group_vars/chaos-at-home/network.yml
@@ -99,6 +99,7 @@ network_zones:
       ch-ap0: 220
       ch-ap1: 221
       ch-mon: 230
+      ch-installsmb: 240
       ch-router: 241
 
   magenta:
diff --git a/inventory/host_vars/ch-installsmb.yml b/inventory/host_vars/ch-installsmb.yml
new file mode 100644
index 00000000..4f98467d
--- /dev/null
+++ b/inventory/host_vars/ch-installsmb.yml
@@ -0,0 +1,126 @@
+---
+install:
+  vm:
+    memory: 1536M
+    numcpus: 2
+    autostart: false
+  disks:
+    primary: /dev/sda
+    scsi:
+      sda:
+        type: image
+        path: "/srv/nvme/{{ inventory_hostname }}/root.img"
+  interfaces:
+  - bridge: br-mgmt
+
+
+openwrt_arch: x86
+openwrt_target: 64
+openwrt_profile: generic
+openwrt_output_image_suffixes:
+  - "{{ openwrt_profile }}-ext4-combined.img.gz"
+
+openwrt_packages_remove:
+  - ppp
+  - ppp-mod-pppoe
+  - dnsmasq
+  - firewall
+  - odhcpd
+  - odhcpd-ipv6only
+openwrt_packages_add:
+  - rng-tools
+  - htop
+  - ip
+  - less
+  - nano
+  - tcpdump-mini
+  - iperf
+  - iperf3
+  - mtr
+  - samba4-server
+
+openwrt_mixin:
+  /etc/dropbear/authorized_keys:
+    content: "{{ ssh_keys_root | join('\n') }}\n"
+
+  /etc/htoprc:
+    file: "{{ global_files_dir }}/common/htoprc"
+
+  /etc/rc.d/S90smb-tmpfs:
+    link: "../init.d/network-fw"
+
+  /etc/rc.d/K10smb-tmpfs:
+    link: "../init.d/network-fw"
+
+  /etc/init.d/smb-tmpfs:
+    mode: "0755"
+    content: |
+      #!/bin/sh /etc/rc.common
+      START=90
+      STOP=10
+
+      boot() {
+        mkdir -p /srv/install-media
+        mount -t tmpfs -o size=1400M install-media /srv/install-media
+      }
+
+openwrt_uci:
+  system:
+    - name: system
+      options:
+        hostname: '{{ host_name }}'
+        timezone: 'CET-1CEST,M3.5.0,M10.5.0/3'
+        ttylogin: '0'
+        log_size: '64'
+        urandom_seed: '0'
+
+    - name: timeserver 'ntp'
+      options:
+        enabled: '0'
+        enable_server: '0'
+
+    - name: rngd
+      options:
+        enabled: '1'
+        device: '/dev/hwrng'
+
+  dropbear:
+    - name: dropbear
+      options:
+        PasswordAuth: 'off'
+        RootPasswordAuth: 'off'
+        Port: '{{ ansible_port | default(22) }}'
+
+  network:
+    - name: globals 'globals'
+      options:
+        ula_prefix: "fc{{ '%02x:%04x:%04x' | format((255 | random(seed=inventory_hostname + '0')), (65535 | random(seed=inventory_hostname + '1')), (65535 | random(seed=inventory_hostname + '2'))) }}::/48"
+
+    - name: interface 'loopback'
+      options:
+        device: lo
+        proto: static
+        ipaddr: 127.0.0.1
+        netmask: 255.0.0.0
+
+    - name: interface 'mgmt'
+      options:
+        device: eth0
+        proto: static
+        ipaddr: "{{ network_zones.mgmt.prefix | ipaddr(network_zones.mgmt.offsets[inventory_hostname]) | ipaddr('address') }}"
+        netmask: "{{ network_zones.mgmt.prefix | ipaddr('netmask') }}"
+
+  samba4:
+    - name: samba
+      options:
+        workgroup: 'INSTALL'
+        description: 'OS installation media'
+        interface: 'mgmt'
+        allow_legacy_protocols: 'yes'
+
+    - name: sambashare
+      options:
+        name: 'media'
+        path: '/srv/install-media'
+        guest_ok: 'yes'
+        read_only: 'yes'
diff --git a/inventory/host_vars/ch-router.yml b/inventory/host_vars/ch-router.yml
index b98253c7..640fadf1 100644
--- a/inventory/host_vars/ch-router.yml
+++ b/inventory/host_vars/ch-router.yml
@@ -9,7 +9,7 @@ install:
     scsi:
       sda:
         type: image
-        path: /srv/nvme/ch-router/root.img
+        path: "/srv/nvme/{{ inventory_hostname }}/root.img"
   interfaces:
   - bridge: br-svc
   - bridge: br-magenta
diff --git a/inventory/host_vars/ch-testvm-openwrt.yml b/inventory/host_vars/ch-testvm-openwrt.yml
index 5e5ebb4c..a28c4ade 100644
--- a/inventory/host_vars/ch-testvm-openwrt.yml
+++ b/inventory/host_vars/ch-testvm-openwrt.yml
@@ -9,7 +9,7 @@ install:
     scsi:
       sda:
         type: image
-        path: /srv/nvme/ch-testvm-openwrt/root.img
+        path: "/srv/nvme/{{ inventory_hostname }}/root.img"
   interfaces:
   - bridge: br-svc
 
diff --git a/inventory/hosts.ini b/inventory/hosts.ini
index c1947b08..0cf1dd8e 100644
--- a/inventory/hosts.ini
+++ b/inventory/hosts.ini
@@ -30,6 +30,7 @@ ch-imap-proxy host_name=imap-proxy
 ch-auth-legacy host_name=auth
 ch-prometheus-legacy host_name=prometheus
 ch-testvm-prometheus host_name=testvm-prometheus
+ch-installsmb host_name=installsmb
 ch-iot host_name=iot
 ch-vpn host_name=vpn
 ch-mon host_name=mon
@@ -269,6 +270,7 @@ ansible_ssh_transfer_method=scp
 ch-router
 ch-alix1d
 ch-testvm-openwrt
+ch-installsmb
 mz-ap
 mz-router
 glt-gw-r3
@@ -341,6 +343,7 @@ ch-vpn
 ch-mon
 ch-omd
 ch-k8s-master
+ch-installsmb
 [vmhost-ch-prometheus]
 ch-prometheus
 [vmhost-ch-prometheus:children]