tachtler:archlinux_-_minimal_server_installation_-_mit_ansible
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung | ||
tachtler:archlinux_-_minimal_server_installation_-_mit_ansible [2020/02/02 06:17] – klaus | tachtler:archlinux_-_minimal_server_installation_-_mit_ansible [2020/07/07 10:15] (aktuell) – [Installieren] klaus | ||
---|---|---|---|
Zeile 232: | Zeile 232: | ||
===== Ansible ===== | ===== Ansible ===== | ||
- | Die Nutzung | + | ==== Installieren ==== |
- | * **[[tachtler:ansible_mit_ansible_einrichten|Ansible mit Ansible einrichten]]** | + | |
+ | [[tachtler: | ||
+ | |||
+ | ^ Beschreibung | ||
+ | | Homepage | ||
+ | | Dokumentation | ||
+ | | Installation | ||
Ab hier werden '' | Ab hier werden '' | ||
< | < | ||
$ su - | $ su - | ||
- | Password: | + | Password |
</ | </ | ||
+ | |||
+ | Mit nachfolgendem Befehl, wird das Pakete **'' | ||
+ | < | ||
+ | # pacman --noconfirm -Sy ansible | ||
+ | resolving dependencies... | ||
+ | looking for conflicting packages... | ||
+ | |||
+ | Packages (24) libnsl-1.2.0-2 | ||
+ | python-3.8.1-1 | ||
+ | python-bcrypt-3.1.7-3 | ||
+ | python-cryptography-2.8-1 | ||
+ | python-jinja-2.10.3-3 | ||
+ | python-ordered-set-3.1.1-1 | ||
+ | python-paramiko-2.6.0-3 | ||
+ | python-pycparser-2.19-3 | ||
+ | python-pyparsing-2.4.6-1 | ||
+ | python-six-1.13.0-2 | ||
+ | |||
+ | Total Download Size: 52.42 MiB | ||
+ | Total Installed Size: 307.49 MiB | ||
+ | |||
+ | :: Proceed with installation? | ||
+ | :: Retrieving packages... | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | (24/24) checking keys in keyring | ||
+ | (24/24) checking package integrity | ||
+ | (24/24) loading package files [###################### | ||
+ | (24/24) checking for file conflicts | ||
+ | (24/24) checking available disk space [###################### | ||
+ | :: Processing package changes... | ||
+ | ( 1/24) installing libnsl | ||
+ | ( 2/24) installing python | ||
+ | Optional dependencies for python | ||
+ | python-setuptools [pending] | ||
+ | python-pip | ||
+ | sqlite [installed] | ||
+ | mpdecimal: for decimal | ||
+ | xz: for lzma [installed] | ||
+ | tk: for tkinter | ||
+ | ( 3/24) installing libyaml | ||
+ | ( 4/24) installing python-yaml | ||
+ | ( 5/24) installing python-ply | ||
+ | ( 6/24) installing python-pycparser | ||
+ | ( 7/24) installing python-cffi | ||
+ | ( 8/24) installing python-six | ||
+ | ( 9/24) installing python-bcrypt | ||
+ | (10/24) installing python-idna | ||
+ | (11/24) installing python-appdirs | ||
+ | (12/24) installing python-pyparsing | ||
+ | (13/24) installing python-packaging | ||
+ | (14/24) installing python-ordered-set | ||
+ | (15/24) installing python-setuptools | ||
+ | (16/24) installing python-asn1crypto | ||
+ | (17/24) installing python-cryptography | ||
+ | (18/24) installing python-pyasn1 | ||
+ | (19/24) installing libsodium | ||
+ | (20/24) installing python-pynacl | ||
+ | (21/24) installing python-paramiko | ||
+ | (22/24) installing python-markupsafe | ||
+ | (23/24) installing python-jinja | ||
+ | Optional dependencies for python-jinja | ||
+ | python-babel: | ||
+ | (24/24) installing ansible | ||
+ | Optional dependencies for ansible | ||
+ | sshpass: for ssh connections with password | ||
+ | python-passlib: | ||
+ | python-pyopenssl: | ||
+ | python-netaddr: | ||
+ | python-systemd: | ||
+ | python-pywinrm: | ||
+ | python-dnspython: | ||
+ | python-ovirt-engine-sdk: | ||
+ | python-boto3: | ||
+ | python-jmespath: | ||
+ | acme-tiny: openssl_certificate module | ||
+ | :: Running post-transaction hooks... | ||
+ | (1/1) Arming ConditionNeedsUpdate... | ||
+ | </ | ||
+ | |||
+ | Mit nachfolgendem Befehl kann überprüft werden, welche Inhalte mit dem Paket **'' | ||
+ | < | ||
+ | # pacman -Ql ansible | ||
+ | ansible /etc/ | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible /usr/ | ||
+ | ansible /usr/bin/ | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible /usr/lib/ | ||
+ | ansible / | ||
+ | ... | ||
+ | [Kürzung der Ausgabe] | ||
+ | ... | ||
+ | ansible /usr/share/ | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | ansible / | ||
+ | </ | ||
+ | |||
+ | Zum Abschluss kann mit nachfolgendem Befehl überprüft werden, ob ein Aufruf möglich ist und [[https:// | ||
+ | < | ||
+ | # ansible --version | ||
+ | ansible 2.9.2 | ||
+ | config file = / | ||
+ | configured module search path = ['/ | ||
+ | ansible python module location = / | ||
+ | executable location = / | ||
+ | python version = 3.8.1 (default, Dec 21 2019, 20:57:38) [GCC 9.2.0] | ||
+ | </ | ||
+ | |||
+ | ==== Konfigurieren ==== | ||
+ | |||
+ | Die Nutzung von [[https:// | ||
+ | * **[[tachtler: | ||
+ | |||
+ | ==== / | ||
+ | |||
+ | Damit die Installation auf **jeweils __nur einem__ zu installierendem Host bzw. Server** statt finden kann, ist nachfolgende **Anpassung** der **'' | ||
+ | * ''/ | ||
+ | von [[https:// | ||
+ | |||
+ | **__VORHER__**: | ||
+ | <code ini> | ||
+ | # BEGIN ANSIBLE MANAGED BLOCK | ||
+ | [ansible] | ||
+ | 192.168.1.250 | ||
+ | # END ANSIBLE MANAGED BLOCK | ||
+ | </ | ||
+ | |||
+ | **__NACHHER__**: | ||
+ | <code ini> | ||
+ | [ansible] | ||
+ | 192.168.1.250 | ||
+ | |||
+ | [install] | ||
+ | 192.168.1.10 | ||
+ | </ | ||
+ | |||
+ | * //Wobei hier die IP-Adresse: **192.168.1.10** für den **__neu__** zu installierenden Server steht!// | ||
==== / | ==== / | ||
Zeile 268: | Zeile 465: | ||
parted_device: | parted_device: | ||
parted_device_partition: | parted_device_partition: | ||
- | - name: 'partition1' | + | - name: "partition1" |
number: 1 | number: 1 | ||
flags: [] | flags: [] | ||
start: 0% | start: 0% | ||
end: 1025MiB | end: 1025MiB | ||
- | - name: 'partition2' | + | - name: "partition2" |
number: 2 | number: 2 | ||
flags: [ lvm ] | flags: [ lvm ] | ||
Zeile 281: | Zeile 478: | ||
parted_device_vg: | parted_device_vg: | ||
parted_device_swap: | parted_device_swap: | ||
- | - name: 'swap' | + | - name: "swap" |
size: 2048 | size: 2048 | ||
- | type: 'swap' | + | type: "swap" |
parted_device_boot: | parted_device_boot: | ||
- | - name: 'boot' | + | - name: "boot" |
size: 1024 | size: 1024 | ||
- | type: 'ext4' | + | type: "ext4" |
- | path: '/mnt/boot' | + | path: "/mnt/boot" |
# First " | # First " | ||
parted_device_lv: | parted_device_lv: | ||
- | - name: 'root' | + | - name: "root" |
size: 10240 | size: 10240 | ||
- | type: 'ext4' | + | type: "ext4" |
- | path: '/mnt' | + | path: "/mnt" |
- | - name: 'home' | + | - name: "home" |
size: 1024 | size: 1024 | ||
- | type: 'ext4' | + | type: "ext4" |
- | path: '/mnt/home' | + | path: "/mnt/home" |
- | - name: 'var' | + | - name: "var" |
size: 3072 | size: 3072 | ||
- | type: 'ext4' | + | type: "ext4" |
- | path: '/mnt/var' | + | path: "/mnt/var" |
- | - name: 'var_log' | + | - name: "var_log" |
size: 2048 | size: 2048 | ||
- | type: 'ext4' | + | type: "ext4" |
- | path: '/ | + | path: "/ |
# System environment setup | # System environment setup | ||
mnt_hostname: | mnt_hostname: | ||
Zeile 324: | Zeile 521: | ||
- name: Read device information from disk | - name: Read device information from disk | ||
parted: | parted: | ||
- | device: | + | device: |
unit: MiB | unit: MiB | ||
register: device_parted | register: device_parted | ||
Zeile 334: | Zeile 531: | ||
- name: Create partitions | - name: Create partitions | ||
parted: | parted: | ||
- | device: | + | device: |
- | number: | + | number: |
- | flags: | + | flags: |
state: present | state: present | ||
- | part_start: | + | part_start: |
- | part_end: | + | part_end: |
- | with_items: | + | with_items: |
# | # | ||
Zeile 350: | Zeile 547: | ||
- name: Create a volume group on partition LVM | - name: Create a volume group on partition LVM | ||
lvg: | lvg: | ||
- | vg: '{{ parted_device_vg }}' | + | vg: "{{ parted_device_vg }}" |
- | pvs: '/dev/{{ parted_device }}{{parted_device_pv}}' | + | pvs: "/dev/{{ parted_device }}{{ parted_device_pv }}" |
- name: Create swap volume | - name: Create swap volume | ||
lvol: | lvol: | ||
- | vg: '{{ parted_device_vg }}' | + | vg: "{{ parted_device_vg }}" |
- | lv: '{{ item.name }}' | + | lv: "{{ item.name }}" |
- | size: '{{ item.size }}' | + | size: "{{ item.size }}" |
- | with_items: | + | with_items: |
- name: Create logical volumes | - name: Create logical volumes | ||
lvol: | lvol: | ||
- | vg: '{{ parted_device_vg }}' | + | vg: "{{ parted_device_vg }}" |
- | lv: '{{ item.name }}' | + | lv: "{{ item.name }}" |
- | size: '{{ item.size }}' | + | size: "{{ item.size }}" |
- | with_items: | + | with_items: |
- name: Make directory for mount point boot | - name: Make directory for mount point boot | ||
file: | file: | ||
- | path: '{{ item.path }}' | + | path: "{{ item.path }}" |
state: directory | state: directory | ||
- | with_items: | + | with_items: |
- name: Create a filesystem on each logical volume | - name: Create a filesystem on each logical volume | ||
filesystem: | filesystem: | ||
- | fstype: | + | fstype: |
- | dev: '/ | + | dev: "/ |
- | with_items: | + | with_items: |
- name: Make directorys for mount points | - name: Make directorys for mount points | ||
file: | file: | ||
- | path: '{{ item.path }}' | + | path: "{{ item.path }}" |
state: directory | state: directory | ||
- | with_items: | + | with_items: |
- name: Mount each logical volume | - name: Mount each logical volume | ||
mount: | mount: | ||
- | src: '/ | + | src: "/ |
- | path: '{{ item.path }}' | + | path: "{{ item.path }}" |
- | fstype: | + | fstype: |
state: mounted | state: mounted | ||
- | with_items: | + | with_items: |
- name: Make directorys for nested mount points | - name: Make directorys for nested mount points | ||
file: | file: | ||
- | path: '{{ item.path }}' | + | path: "{{ item.path }}" |
state: directory | state: directory | ||
- | with_items: | + | with_items: |
- name: Mount each nested logical volume | - name: Mount each nested logical volume | ||
mount: | mount: | ||
- | src: '/ | + | src: "/ |
- | path: '{{ item.path }}' | + | path: "{{ item.path }}" |
- | fstype: | + | fstype: |
state: mounted | state: mounted | ||
- | with_items: | + | with_items: |
- name: Create a filesystem on boot volume | - name: Create a filesystem on boot volume | ||
filesystem: | filesystem: | ||
- | fstype: | + | fstype: |
- | dev: '/dev/{{ parted_device }}1' | + | dev: "/dev/{{ parted_device }}1" |
- | with_items: | + | with_items: |
- name: Mount boot logical volume | - name: Mount boot logical volume | ||
mount: | mount: | ||
- | src: '/dev/{{ parted_device }}1' | + | src: "/dev/{{ parted_device }}1" |
- | path: '{{ item.path }}' | + | path: "{{ item.path }}" |
- | fstype: | + | fstype: |
state: mounted | state: mounted | ||
- | with_items: | + | with_items: |
- name: Create a filesystem on swap volume | - name: Create a filesystem on swap volume | ||
filesystem: | filesystem: | ||
- | fstype: | + | fstype: |
- | dev: '/ | + | dev: "/ |
- | with_items: | + | with_items: |
- name: Swapon swap device | - name: Swapon swap device | ||
- | command: | + | command: |
- | with_items: | + | with_items: |
# | # | ||
Zeile 453: | Zeile 650: | ||
- name: Generate German Mirrorlist for pacman | - name: Generate German Mirrorlist for pacman | ||
- | shell: grep -E -A 1 " | + | shell: grep -E -A 1 " |
# | # | ||
Zeile 460: | Zeile 657: | ||
# | # | ||
- name: Generate Basissystem with pacstrap (This may take some time!) | - name: Generate Basissystem with pacstrap (This may take some time!) | ||
- | command: pacstrap /mnt base base-devel linux-lts linux-firmware lvm2 openssh sshpass vi vim | + | command: pacstrap /mnt base base-devel linux-lts linux-firmware lvm2 openssh sshpass vi vim python |
register: pacstrap | register: pacstrap | ||
- debug: | - debug: | ||
msg: >- | msg: >- | ||
- | {'stdout': {{ pacstrap.stdout_lines }}, | + | { "stdout": {{ pacstrap.stdout_lines }}, |
- | 'stderr': {{ pacstrap.stderr.splitlines() }} } | + | " |
# | # | ||
Zeile 488: | Zeile 685: | ||
cmd: | | cmd: | | ||
arch-chroot /mnt <<EOF | arch-chroot /mnt <<EOF | ||
- | echo '{{ mnt_hostname }}' | + | echo {{ mnt_hostname }} > / |
EOF | EOF | ||
args: | args: | ||
Zeile 501: | Zeile 698: | ||
cmd: | | cmd: | | ||
arch-chroot /mnt <<EOF | arch-chroot /mnt <<EOF | ||
- | echo LANG='{{ mnt_lang }}' | + | echo LANG={{ mnt_lang }} > / |
EOF | EOF | ||
args: | args: | ||
Zeile 524: | Zeile 721: | ||
- debug: | - debug: | ||
msg: >- | msg: >- | ||
- | {'stdout': {{ localegen.stdout_lines }}, | + | { "stdout": {{ localegen.stdout_lines }}, |
- | 'stderr': {{ localegen.stderr.splitlines() }} } | + | " |
# | # | ||
Zeile 563: | Zeile 760: | ||
arch-chroot /mnt <<EOF | arch-chroot /mnt <<EOF | ||
cat > /etc/hosts << | cat > /etc/hosts << | ||
- | #< | + | #< |
127.0.0.1 | 127.0.0.1 | ||
::1 | ::1 | ||
Zeile 589: | Zeile 786: | ||
- debug: | - debug: | ||
msg: >- | msg: >- | ||
- | {'stdout': {{ mkinitcpio.stdout_lines }}, | + | { "stdout": {{ mkinitcpio.stdout_lines }}, |
- | 'stderr': {{ mkinitcpio.stderr.splitlines() }} } | + | " |
# | # | ||
Zeile 601: | Zeile 798: | ||
arch-chroot /mnt <<EOF | arch-chroot /mnt <<EOF | ||
pacman -S grub --noconfirm | pacman -S grub --noconfirm | ||
- | grub-install | + | grub-install |
sed -i ' | sed -i ' | ||
grub-mkconfig -o / | grub-mkconfig -o / | ||
Zeile 611: | Zeile 808: | ||
- debug: | - debug: | ||
msg: >- | msg: >- | ||
- | {'stdout': {{ grub.stdout_lines }}, | + | { "stdout": {{ grub.stdout_lines }}, |
- | 'stderr': {{ grub.stderr.splitlines() }} } | + | " |
# | # | ||
Zeile 680: | Zeile 877: | ||
when: sshd_config_orig.stat.exists == false | when: sshd_config_orig.stat.exists == false | ||
- | - name: Change configuration of "/ | + | - name: Change configuration of / |
lineinfile: | lineinfile: | ||
line: "{{ item.line }}" | line: "{{ item.line }}" | ||
Zeile 1405: | Zeile 1602: | ||
" | " | ||
" | " | ||
- | " | + | " |
" | " | ||
" | " | ||
Zeile 1472: | Zeile 1669: | ||
changed: [192.168.1.10] | changed: [192.168.1.10] | ||
- | TASK [Change configuration of "/ | + | TASK [Change configuration of / |
changed: [192.168.1.10] => (item={' | changed: [192.168.1.10] => (item={' | ||
changed: [192.168.1.10] => (item={' | changed: [192.168.1.10] => (item={' | ||
Zeile 1513: | Zeile 1710: | ||
Jetzt kann eine erste Verbindung als Benutzer **'' | Jetzt kann eine erste Verbindung als Benutzer **'' | ||
- | :!: **WICHTIG** - Um Probleme mit **Sonderzeichen** zu vermeiden, lautet das **Standard-Passwort** für den Benuzter | + | Benuzter: **'' |
+ | Passwort: | ||
< | < | ||
Zeile 1526: | Zeile 1724: | ||
* //Wobei die IP-Adresse: **192.168.1.11** im **Playbook** unter der Variable **'' | * //Wobei die IP-Adresse: **192.168.1.11** im **Playbook** unter der Variable **'' | ||
+ | |||
+ | :!: **WICHTIG** - **Bitte das __Passwort__ für den Benutzer '' | ||
tachtler/archlinux_-_minimal_server_installation_-_mit_ansible.1580620622.txt.gz · Zuletzt geändert: 2020/02/02 06:17 von klaus