From 79d662045cba5c0c424f884e6de2ba11d90c530d Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Fri, 5 Jul 2019 19:50:27 +0200
Subject: bugfixes and cleanup of vm/install

---
 common/vm-install.yml                                    | 16 +++++++++++++++-
 inventory/group_vars/kvmguests/main.yml                  |  3 +++
 inventory/host_vars/ch-atlas.yml                         |  4 +---
 inventory/host_vars/ch-keyserver.yml                     | 15 +++++++--------
 inventory/host_vars/emc-master.yml                       |  2 +-
 inventory/host_vars/emc-stats.yml                        |  2 +-
 inventory/host_vars/sk2013.yml                           |  4 +---
 inventory/host_vars/sk2016.yml                           |  4 +---
 inventory/hosts.ini                                      |  9 +++++++++
 roles/base/tasks/main.yml                                |  2 +-
 roles/preseed/templates/preseed_debian-buster.cfg.j2     |  2 +-
 roles/preseed/templates/preseed_debian-stretch.cfg.j2    |  2 +-
 roles/preseed/templates/preseed_ubuntu-bionic.cfg.j2     |  2 +-
 roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2     |  2 +-
 .../preseed_xubuntu-cosmic-desktop-with-raid.cfg.j2      |  2 +-
 roles/vm/guest/tasks/main.yml                            |  1 +
 roles/vm/install/tasks/main.yml                          |  4 ++--
 roles/vm/network/tasks/main.yml                          |  2 ++
 18 files changed, 50 insertions(+), 28 deletions(-)
 create mode 100644 inventory/group_vars/kvmguests/main.yml

diff --git a/common/vm-install.yml b/common/vm-install.yml
index fd1dbb20..5d29871b 100644
--- a/common/vm-install.yml
+++ b/common/vm-install.yml
@@ -8,7 +8,21 @@
       name: "{{ vm_host }}"
       inventory_dir: "{{ inventory_dir }}"
       group: _vmhost_
-  # TODO: add some sanity checks
+
+  - name: check if the installee belongs to the kvmguests group
+    fail:
+      msg: "the host '{{ hostname }}' does not belong to the group 'kvmguests'"
+    when:
+      - "'kvmguests' not in group_names"
+
+  - name: check if the vm_host belongs to the kvmhosts group
+    fail:
+      msg: "the host '{{ vm_host }}' does not belong to the group 'kvmhosts'"
+    when:
+      - "'kvmhosts' not in hostvars[vm_host].group_names"
+
+  # TODO: add some more sanity checks
+
 
 - name: basic installation
   hosts: _vmhost_
diff --git a/inventory/group_vars/kvmguests/main.yml b/inventory/group_vars/kvmguests/main.yml
new file mode 100644
index 00000000..9b7b95cb
--- /dev/null
+++ b/inventory/group_vars/kvmguests/main.yml
@@ -0,0 +1,3 @@
+---
+# will be installed by vm/guest
+base_entropy_generator: "none"
diff --git a/inventory/host_vars/ch-atlas.yml b/inventory/host_vars/ch-atlas.yml
index 7c1c26a1..d59ed529 100644
--- a/inventory/host_vars/ch-atlas.yml
+++ b/inventory/host_vars/ch-atlas.yml
@@ -1,7 +1,5 @@
 ---
 vm_host:
-  installer:
-    net_if: extbr
   network:
     prefix: 89.106.215.29/28
     gw: 89.106.215.30
@@ -10,6 +8,6 @@ vm_host:
     dns:
       - 89.106.208.7
       - 89.106.208.12
-    indices:
+    offsets:
       ch-keyserver: 3
       r3-vex2: 11
diff --git a/inventory/host_vars/ch-keyserver.yml b/inventory/host_vars/ch-keyserver.yml
index d20cbbe6..b81455eb 100644
--- a/inventory/host_vars/ch-keyserver.yml
+++ b/inventory/host_vars/ch-keyserver.yml
@@ -6,25 +6,24 @@ install:
   mem: 2048
   numcpu: 2
   disks:
-    primary: sda
+    primary: /dev/sda
     scsi:
       sda:
-        vg: "{{ vm_host }}"
+        vg: "{{ hostvars[vm_host].host_name }}"
         lv: "{{ inventory_hostname }}"
         size: 10g
   interfaces:
-  - bridge: "{{ hostvars[vm_host].vm_host.network.interface }}"
+  - bridge: extbr
     name: primary0
   autostart: True
 
 network:
-  nameservers: "{{ hostvars[vm_host].vm_host.network.nameservers }}"
+  nameservers: "{{ hostvars[vm_host].vm_host.network.dns }}"
   domain: "{{ host_domain }}"
   systemd_link:
     interfaces: "{{ install.interfaces }}"
   primary:
     interface: primary0
-    ipv4:
-      addr: "{{ hostvars[vm_host].vm_host.network.ipv4.addr | ipsubnet(hostvars[vm_host].vm_host.network.ipv4.prefix) | ipaddr(hostvars[vm_host].vm_host.network.indices[inventory_hostname]) | ipaddr('address') }}"
-      prefix: "{{ hostvars[vm_host].vm_host.network.ipv4.prefix }}"
-      gateway: "{{ hostvars[vm_host].vm_host.network.ipv4.gateway | default(hostvars[vm_host].vm_host.network.ipv4.addr) }}"
+    ip: "{{ hostvars[vm_host].vm_host.network.prefix | ipaddr(hostvars[vm_host].vm_host.network.offsets[inventory_hostname]) | ipaddr('address') }}"
+    mask: "{{ hostvars[vm_host].vm_host.network.prefix | ipaddr('netmask') }}"
+    gateway: "{{ hostvars[vm_host].vm_host.network.gw }}"
diff --git a/inventory/host_vars/emc-master.yml b/inventory/host_vars/emc-master.yml
index d590908e..04ba1d84 100644
--- a/inventory/host_vars/emc-master.yml
+++ b/inventory/host_vars/emc-master.yml
@@ -24,7 +24,7 @@ network:
     interfaces: "{{ install.interfaces }}"
   primary:
     interface: primary0
-    ip: "{{ (hostvars[vm_host].vm_host.network.ip+'/'+hostvars[vm_host].vm_host.network.mask) | ipaddr(hostvars[vm_host].vm_host.network.indices[inventory_hostname]) | ipaddr('address') }}"
+    ip: "{{ (hostvars[vm_host].vm_host.network.ip+'/'+hostvars[vm_host].vm_host.network.mask) | ipaddr(hostvars[vm_host].vm_host.network.offsets[inventory_hostname]) | ipaddr('address') }}"
     mask: "{{ hostvars[vm_host].vm_host.network.mask }}"
     gateway: "{{ hostvars[vm_host].vm_host.network.gateway | default(hostvars[vm_host].vm_host.network.ip) }}"
 
diff --git a/inventory/host_vars/emc-stats.yml b/inventory/host_vars/emc-stats.yml
index e6de5859..59351996 100644
--- a/inventory/host_vars/emc-stats.yml
+++ b/inventory/host_vars/emc-stats.yml
@@ -28,7 +28,7 @@ network:
     interfaces: "{{ install.interfaces }}"
   primary:
     interface: primary0
-    ip: "{{ (hostvars[vm_host].vm_host.network.ip+'/'+hostvars[vm_host].vm_host.network.mask) | ipaddr(hostvars[vm_host].vm_host.network.indices[inventory_hostname]) | ipaddr('address') }}"
+    ip: "{{ (hostvars[vm_host].vm_host.network.ip+'/'+hostvars[vm_host].vm_host.network.mask) | ipaddr(hostvars[vm_host].vm_host.network.offsets[inventory_hostname]) | ipaddr('address') }}"
     mask: "{{ hostvars[vm_host].vm_host.network.mask }}"
     gateway: "{{ hostvars[vm_host].vm_host.network.gateway | default(hostvars[vm_host].vm_host.network.ip) }}"
 
diff --git a/inventory/host_vars/sk2013.yml b/inventory/host_vars/sk2013.yml
index 21e2b29a..028d7de0 100644
--- a/inventory/host_vars/sk2013.yml
+++ b/inventory/host_vars/sk2013.yml
@@ -5,8 +5,6 @@ ssh_allowusers_host:
 - dan
 
 vm_host:
-  installer:
-    net_if: virbr
   network:
     interface: virbr
     ip: 192.168.160.254
@@ -15,5 +13,5 @@ vm_host:
     - 213.133.100.100
     - 213.133.98.98
     - 213.133.99.99
-    indices:
+    offsets:
       emc-master: 141
diff --git a/inventory/host_vars/sk2016.yml b/inventory/host_vars/sk2016.yml
index 9e4827f0..5f77ede0 100644
--- a/inventory/host_vars/sk2016.yml
+++ b/inventory/host_vars/sk2016.yml
@@ -5,8 +5,6 @@ ssh_allowusers_host:
 - dan
 
 vm_host:
-  installer:
-    net_if: virbr
   network:
     interface: virbr
     ip: 192.168.216.254
@@ -15,5 +13,5 @@ vm_host:
     - 213.133.100.100
     - 213.133.98.98
     - 213.133.99.99
-    indices:
+    offsets:
       emc-stats: 200
diff --git a/inventory/hosts.ini b/inventory/hosts.ini
index d6aa31b0..9c06a9c4 100644
--- a/inventory/hosts.ini
+++ b/inventory/hosts.ini
@@ -138,12 +138,19 @@ ele_infobeamer
 [dellos6:children]
 chaos_at_home_switches
 
+
 [kvmhosts]
 sk2013
 sk2016
 ch-atlas
 ch-gnocchi
 
+[kvmguests]
+emc-stats
+emc-master
+ch-keyserver
+
+
 [hroot]
 sk2013
 sk2016
@@ -162,6 +169,7 @@ emc_xx
 hroot
 hcloud
 
+
 [scaleway_kernel]
 
 [scaleway]
@@ -170,6 +178,7 @@ hcloud
 scaleway_kernel
 
 
+
 [accesspoints:children]
 ele_ap
 chaos_at_home_ap
diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index e82ccfad..5cba5bd7 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -54,7 +54,7 @@
 
 
 - name: install haveged
-  when: base_entropy_generator != 'rngd'
+  when: base_entropy_generator == 'haveged'
   block:
   - name: install haveged
     apt:
diff --git a/roles/preseed/templates/preseed_debian-buster.cfg.j2 b/roles/preseed/templates/preseed_debian-buster.cfg.j2
index 9d5ccf7e..91cd687a 100644
--- a/roles/preseed/templates/preseed_debian-buster.cfg.j2
+++ b/roles/preseed/templates/preseed_debian-buster.cfg.j2
@@ -119,7 +119,7 @@ d-i base-installer/install-recommends boolean false
 d-i apt-setup/security_host string deb.debian.org
 
 tasksel tasksel/first multiselect
-d-i pkgsel/include string openssh-server python3
+d-i pkgsel/include string openssh-server python3 python3-apt
 d-i pkgsel/upgrade select safe-upgrade
 popularity-contest popularity-contest/participate boolean false
 
diff --git a/roles/preseed/templates/preseed_debian-stretch.cfg.j2 b/roles/preseed/templates/preseed_debian-stretch.cfg.j2
index 69b8ff33..a5bef09e 100644
--- a/roles/preseed/templates/preseed_debian-stretch.cfg.j2
+++ b/roles/preseed/templates/preseed_debian-stretch.cfg.j2
@@ -119,7 +119,7 @@ d-i base-installer/install-recommends boolean false
 d-i apt-setup/security_host string deb.debian.org
 
 tasksel tasksel/first multiselect
-d-i pkgsel/include string openssh-server python
+d-i pkgsel/include string openssh-server python python-apt
 d-i pkgsel/upgrade select safe-upgrade
 popularity-contest popularity-contest/participate boolean false
 
diff --git a/roles/preseed/templates/preseed_ubuntu-bionic.cfg.j2 b/roles/preseed/templates/preseed_ubuntu-bionic.cfg.j2
index fc8cc530..d2188392 100644
--- a/roles/preseed/templates/preseed_ubuntu-bionic.cfg.j2
+++ b/roles/preseed/templates/preseed_ubuntu-bionic.cfg.j2
@@ -124,7 +124,7 @@ d-i base-installer/install-recommends boolean false
 d-i apt-setup/security_host string archive.ubuntu.com
 
 tasksel tasksel/first multiselect
-d-i pkgsel/include string openssh-server python
+d-i pkgsel/include string openssh-server python python-apt
 d-i pkgsel/upgrade select safe-upgrade
 popularity-contest popularity-contest/participate boolean false
 d-i pkgsel/update-policy select none
diff --git a/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2 b/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2
index 0b732051..e49a3886 100644
--- a/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2
+++ b/roles/preseed/templates/preseed_ubuntu-xenial.cfg.j2
@@ -124,7 +124,7 @@ d-i base-installer/install-recommends boolean false
 d-i apt-setup/security_host string archive.ubuntu.com
 
 tasksel tasksel/first multiselect
-d-i pkgsel/include string openssh-server python
+d-i pkgsel/include string openssh-server python python-apt
 d-i pkgsel/upgrade select safe-upgrade
 popularity-contest popularity-contest/participate boolean false
 d-i pkgsel/update-policy select none
diff --git a/roles/preseed/templates/preseed_xubuntu-cosmic-desktop-with-raid.cfg.j2 b/roles/preseed/templates/preseed_xubuntu-cosmic-desktop-with-raid.cfg.j2
index e1cc2731..cc4c4714 100644
--- a/roles/preseed/templates/preseed_xubuntu-cosmic-desktop-with-raid.cfg.j2
+++ b/roles/preseed/templates/preseed_xubuntu-cosmic-desktop-with-raid.cfg.j2
@@ -121,7 +121,7 @@ d-i base-installer/install-recommends boolean false
 d-i apt-setup/security_host string debian.ffgraz.net
 
 tasksel tasksel/first multiselect xubuntu-desktop
-d-i pkgsel/include string openssh-server python
+d-i pkgsel/include string openssh-server python python-apt
 d-i pkgsel/upgrade select safe-upgrade
 popularity-contest popularity-contest/participate boolean false
 d-i pkgsel/update-policy select none
diff --git a/roles/vm/guest/tasks/main.yml b/roles/vm/guest/tasks/main.yml
index 68c36be3..c3a346d7 100644
--- a/roles/vm/guest/tasks/main.yml
+++ b/roles/vm/guest/tasks/main.yml
@@ -2,6 +2,7 @@
   apt:
     name: rng-tools
     state: present
+    force_apt_get: yes
 
 - name: Configure rngd [1/2]
   loop: '{{ rngd_config | dict2items  }}'
diff --git a/roles/vm/install/tasks/main.yml b/roles/vm/install/tasks/main.yml
index dc272b67..9d603712 100644
--- a/roles/vm/install/tasks/main.yml
+++ b/roles/vm/install/tasks/main.yml
@@ -1,6 +1,8 @@
 ---
 - name: create disks for vm
   loop: "{{ hostvars[hostname].install_cooked.disks.virtio | default({}) | combine(hostvars[hostname].install_cooked.disks.scsi | default({})) | dict2items }}"
+  loop_control:
+    label: "{{ item.value.vg }} / {{ item.value.lv }}  ({{ item.value.size }})"
   lvol:
     vg: "{{ item.value.vg }}"
     lv: "{{ item.value.lv }}"
@@ -54,7 +56,6 @@
 
     - name: define new installer vm
       virt:
-        name: "{{ hostname }}"
         command: define
         xml: "{{ lookup('template', 'libvirt-domain.xml.j2') }}"
       vars:
@@ -96,7 +97,6 @@
 
 - name: define new production vm
   virt:
-    name: "{{ hostname }}"
     command: define
     xml: "{{ lookup('template', 'libvirt-domain.xml.j2') }}"
   vars:
diff --git a/roles/vm/network/tasks/main.yml b/roles/vm/network/tasks/main.yml
index cb73ef6e..527ccdfa 100644
--- a/roles/vm/network/tasks/main.yml
+++ b/roles/vm/network/tasks/main.yml
@@ -11,6 +11,7 @@
     - name: install systemd network link units
       loop: "{{ network.systemd_link.interfaces }}"
       loop_control:
+        label: "{{ item.name }}"
         index_var: interface_index
       template:
         src: systemd.link.j2
@@ -44,6 +45,7 @@
   apt:
     name: resolvconf
     state: absent
+    force_apt_get: yes
     purge: yes
 
 - name: generate resolv.conf
-- 
cgit v1.2.3