summaryrefslogtreecommitdiff
path: root/roles/cloud/install/templates
diff options
context:
space:
mode:
Diffstat (limited to 'roles/cloud/install/templates')
-rw-r--r--roles/cloud/install/templates/hetzner_installimage.conf.j226
-rw-r--r--roles/cloud/install/templates/hetzner_postinst.sh.j246
2 files changed, 72 insertions, 0 deletions
diff --git a/roles/cloud/install/templates/hetzner_installimage.conf.j2 b/roles/cloud/install/templates/hetzner_installimage.conf.j2
new file mode 100644
index 00000000..a30fb94a
--- /dev/null
+++ b/roles/cloud/install/templates/hetzner_installimage.conf.j2
@@ -0,0 +1,26 @@
+HOSTNAME {{ host_name }}
+{% if cloud_provider == "hroot" %}
+{% if install_cooked.disks.layout == "nvme_raid" %}
+DRIVE1 /dev/nvme0n1
+DRIVE2 /dev/nvme1n1
+SWRAID 1
+SWRAIDLEVEL 1
+{% elif install_cooked.disks.layout == "sata_raid" %}
+DRIVE1 /dev/sda
+DRIVE2 /dev/sdb
+SWRAID 1
+SWRAIDLEVEL 1
+{% endif %}
+{% elif cloud_provider == "hcloud" %}
+DRIVE1 /dev/sda
+{% endif %}
+BOOTLOADER grub
+PART /boot ext4 512M
+PART lvm {{ host_name }} {{ install_cooked.disks.root_lvm_size }}
+{% if install_cooked.disks.root_lvm_size != "all" %}
+PART /dummy ext4 all
+{% endif %}
+LV {{ host_name }} root / ext4 2560M
+LV {{ host_name }} var /var ext4 1280M
+LV {{ host_name }} var+log /var/log ext4 768M
+IMAGE {{ latest_image.stdout }}
diff --git a/roles/cloud/install/templates/hetzner_postinst.sh.j2 b/roles/cloud/install/templates/hetzner_postinst.sh.j2
new file mode 100644
index 00000000..271e51b7
--- /dev/null
+++ b/roles/cloud/install/templates/hetzner_postinst.sh.j2
@@ -0,0 +1,46 @@
+#!/bin/bash
+set -euf -o pipefail
+
+export DEBIAN_FRONTEND=noninteractive
+apt-get update -q
+apt-get full-upgrade -y -q
+apt-get install -y -q --no-install-recommends openssh-server python python-apt
+
+passwd -d root && passwd -l root
+{% if install_distro == "debian" %}
+sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces
+{% endif %}
+sed -r 's#(\s+/var/log\s+ext4\s+)defaults#\1noatime,nodev,noexec#g' -i /etc/fstab
+
+mkdir -p -m 0700 /target/root/.ssh
+cat <<EOK > /root/.ssh/authorized_keys
+{{ ssh_keys_root | join('\n') }}
+EOK
+{% if hostvars[hostname].ansible_port is defined %}
+sed -e 's/^\(\s*#*\s*Port.*\)/Port {{ hostvars[hostname].ansible_port }}/' -i /etc/ssh/sshd_config
+{% endif %}
+
+{# this is actually only needed on ubuntu bionic and beyond but should not hurt on other installations either #}
+swapoff -a
+sed -e '/^\/swapfile/d' -i /etc/fstab
+rm -f /swapfile
+
+{% if install_cooked.disks.root_lvm_size != "all" %}
+umount /dummy
+sed -e '/\/dummy/d' -i /etc/fstab
+rm -rf /dummy
+
+raid_devices=$(mdadm -Q -Y --detail /dev/md2 2> /dev/null | awk -F = '/MD_DEVICE_.*_DEV=/ { print($2) }')
+if [ -n "$raid_devices" ]; then
+ mdadm --stop /dev/md2 2> /dev/null
+ for dev in $raid_devices; do
+ wipefs -a "$dev"
+ done
+ sed -e '/^ARRAY \/dev\/md\/2 /d' -i /etc/mdadm/mdadm.conf
+ update-initramfs -u
+fi
+{% endif %}
+
+update-grub
+
+echo "postinst.sh finished successfully"