From 66a0a9774fe37555dc6f53f95fe1e1b8fea103ea Mon Sep 17 00:00:00 2001 From: transcaffeine Date: Mon, 9 Nov 2020 17:06:28 +0100 Subject: [PATCH] arch: begin bootstrapping role --- roles/arch/README.md | 12 +++++++++ roles/arch/defaults/main.yml | 13 +++++++++ roles/arch/tasks/filesystems.yml | 46 ++++++++++++++++++++++++++++++++ roles/arch/tasks/main.yml | 8 ++++++ 4 files changed, 79 insertions(+) create mode 100644 roles/arch/README.md create mode 100644 roles/arch/defaults/main.yml create mode 100644 roles/arch/tasks/filesystems.yml create mode 100644 roles/arch/tasks/main.yml diff --git a/roles/arch/README.md b/roles/arch/README.md new file mode 100644 index 0000000..ea5e019 --- /dev/null +++ b/roles/arch/README.md @@ -0,0 +1,12 @@ +# ArchLinux role + +Bootstraps an arch linux install to a given device. The whole block device is wiped in the process! + +## Requirements: + +`pacman -Syu parted cryptsetup wipefs lsblk blkid` + +Collections: + +- `community.general` +- `community.crypto` diff --git a/roles/arch/defaults/main.yml b/roles/arch/defaults/main.yml new file mode 100644 index 0000000..f03b129 --- /dev/null +++ b/roles/arch/defaults/main.yml @@ -0,0 +1,13 @@ +--- + +arch_device: ~ +arch_hostname: cookie + +arch_part_label_base: "{{ arch_hostname }}" +arch_part_efi_size: "512MiB" +arch_part_root_size: "95%" +arch_lvm_name: "{{ arch_part_label_base }}" + +arch_luks_device: "{{ arch_device }}2" +arch_luks_passphrase: "super_secure!" +arch_luks_container_name: "{{ arch_hostname }}" diff --git a/roles/arch/tasks/filesystems.yml b/roles/arch/tasks/filesystems.yml new file mode 100644 index 0000000..40cd161 --- /dev/null +++ b/roles/arch/tasks/filesystems.yml @@ -0,0 +1,46 @@ +--- + +- name: Warn user that the blockdevice will be wiped + debug: + msg: "Warning! Continueing will wipe {{ arch_device }}!" + +- name: Give user the ability to abort + pause: + prompt: "You can safely abort now if you want, or continue and wipe {{ arch_device }}" + +- name: Create empty GPT + community.general.parted: + device: "{{ arch_device }}" + label: gpt + name: "{{ arch_part_label_base }}" + +- name: Create EFI system partition + community.general.parted: + device: "{{ arch_device }}" + state: present + part_end: "{{ arch_part_efi_size }}" + number: 1 + name: "{{ arch_part_label_base }}-efi" + +- name: Create partition for luks + community.general.parted: + device: "{{ arch_device }}" + state: present + part_end: "{{ arch_part_root_size }}" + number: 2 + name: "{{ arch_part_label_base }}-main" + +- name: Create luks device on main partition + community.crypto.luks_device: + device: "{{ arch_luks_device }}" + passphrase: "{{ arch_luks_passphrase }}" + state: present + +- name: Open luks device + community.crypto.luks_device: + device: "{{ arch_luks_device }}" + passphrase: "{{ arch_luks_passphrase ]]" + state: "opened" + name: "{{ arch_luks_container_name }}" + + diff --git a/roles/arch/tasks/main.yml b/roles/arch/tasks/main.yml new file mode 100644 index 0000000..478b70c --- /dev/null +++ b/roles/arch/tasks/main.yml @@ -0,0 +1,8 @@ +--- + +- name: Format disks + import_tasks: filesystems.yml + +- name: pacstrap + +- name: Bootloader