matt/pxe_server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init commit

Browse Source
This commit is contained in:
phermeys
2025-09-14 14:22:00 -07:00
commit 0fcf53e525
14 changed files with 1065 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

206
tasks/build_iso.yaml Normal file
View File

@ -0,0 +1,206 @@
---
# https://gist.github.com/zuzzas/a1695344162ac7fa124e15855ce0768f
# http://askubuntu.com/questions/6684/preseeding-ubuntu-server
###############################################
# Install packages needed for ISO Building
###############################################
- name: Build ISO - APT - Install Packages
apt:
name:
- "{{ item }}"
state: present
loop: "{{ iso_packages }}"
when: not refresh_only or iso_only | bool
###############################################
# DEB13 Source ISO Extract
# Download the most recent ISO from debian
# Extract contents to local folder
###############################################
- name: Build ISO - Extract Source - Check ISO Directory
file:
path: "{{ iso_share }}"
state: directory
mode: '0755'
- name: Build ISO - Extract Source - Check Temp Directory
file:
path: "{{ deb13_pxe }}"
state: directory
mode: '0644'
- name: Build ISO - Extract Source - Check Extraction Directory
file:
path: "{{ deb13_iso }}"
state: directory
mode: '0644'
- name: Build ISO - Extract Source - Check Source Directory
file:
path: "{{ deb13_src }}"
state: directory
mode: '0644'
- name: Build ISO - Get Recent Debian Version
shell: |
curl -s https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/ | \
grep netinst | grep iso | grep -v -e edu -e mac | cut -d '"' -f 6
register: recent_version
- name: Build ISO - Display Recent Version
debug:
msg: "Current Debian ISO name: {{ recent_version.stdout_lines[0] }}"
- name: Build ISO - Extract Source - Download ISO
get_url:
url: "https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/{{ recent_version.stdout_lines[0] }}"
dest: "{{ iso_share }}/deb13-master.iso"
mode: '0644'
register: deb13_iso_download
- name: show iso size
debug:
msg: "Debian Net ISO Size is {{ (deb13_iso_download.size | float ) / 1048576 }}MB"
- name: Build ISO - Extract Source - Mount ISO
shell: "mount -o loop {{ iso_share }}/deb13-master.iso {{ deb13_iso }}"
- name: Build ISO - Extract Source - Copy ISO data
shell: "rsync -a -H --exclude=TRANS.TBL {{ deb13_iso }}/ {{ deb13_src }}"
- name: Build ISO - Extract Source - Unmount ISO
shell: "umount {{ deb13_iso }}"
###############################################
# Copy Matt-Cloud Init Script et. al.
###############################################
###############################################
# DEB13 Source modify
# Copy preseed file to source
# copy cosmos-init data to source
# Add preseed to initrd
# Recompute checksums
###############################################
- name: Build ISO - Modify Source - Correct Permissions
shell: "chmod -R 755 {{ deb13_src }}"
- name: Build ISO - Modify Source - Copy Preseed
template:
src: preseed-usb.cfg.j2
dest: "{{ deb13_src }}/preseed.cfg"
mode: 0644
# Create cosmos folder
#
# copy files for preseed
# jenkins_key
# update_issue.sh
# permitrootlogin
# .bashrc
# stat.sh
# cosmos-client.conf
- name: Build ISO - Modify Source - Create Cosmos Folder
file:
path: "{{ deb13_src }}/cosmos"
state: directory
mode: '0755'
- name: build archive if needed
when: not archive_fresh | bool
ansible.builtin.archive:
path: "/var/jenkins_home/ansible/roles/pxe_server/files/init"
dest: "/var/jenkins_home/ansible/roles/pxe_server/files/cosmos-init.tar"
format: "tar"
delegate_to: localhost
# Copy Archive to Target
- name: Files - Copy cosmos-init.tar to target
copy:
src: /var/jenkins_home/ansible/roles/pxe_server/files/cosmos-init.tar
dest: "{{ deb13_src }}/cosmos/cosmos-init.tar"
mode: 0644
- name: Check archive size
shell: "ls -lah {{ deb13_src }}/cosmos/cosmos-init.tar | cut -d ' ' -f 5 "
register: archive_size_output
- name: Show archive size
debug:
msg: "cosmos-init.tar archive is {{ archive_size_output.stdout_lines[0] }}"
- name: Build ISO - Modify Source - remove GUI install option
shell: |
sed -i '/menuentry --hotkey=g '\''Graphical install'\'' {/,/^}/d' {{ deb13_src }}/boot/grub/grub.cfg
- name: Build ISO - Modify Source - edit isolinux/txt.cfg
shell: >
sed 's/initrd.gz/initrd.gz file=\/cdrom\/preseed.cfg/' -i /opt/cosmos/deb13-source/isolinux/txt.cfg
- name: Build ISO - Modify Source - add preseed to initrd
shell: |
ISODIR_WRITE={{ deb13_src }}/
mkdir $ISODIR_WRITE/irmod
cd $ISODIR_WRITE/irmod
gzip -d < $ISODIR_WRITE/install.amd/initrd.gz | \
cpio --extract --make-directories --no-absolute-filenames
cp $ISODIR_WRITE/preseed.cfg preseed.cfg
chown root:root preseed.cfg
chmod o+w $ISODIR_WRITE/install.amd/initrd.gz
find . | cpio -H newc --create | \
gzip -9 > $ISODIR_WRITE/install.amd/initrd.gz
chmod o-w $ISODIR_WRITE/install.amd/initrd.gz
cd $ISODIR_WRITE/
rm -fr $ISODIR_WRITE/irmod/
- name: Build ISO - Modify Source - fixing MD5 checksums
shell: |
cd {{ deb13_src }}/
md5sum $(find -type f) > {{ deb13_src }}/md5sum.txt
###############################################
# DEB12 Build ISO * 'burn' script
###############################################
- name: Build ISO - Build Deb13-MC.iso
shell: |
xorriso -as mkisofs \
-r \
-V "Deb13_MC" \
-o "{{ iso_share }}/Deb13-MC.iso" \
-J \
-isohybrid-mbr /usr/lib/ISOLINUX/isohdpfx.bin \
-partition_offset 16 \
-A "Debian 13 Matt-Cloud ISO" \
-b isolinux/isolinux.bin \
-c isolinux/boot.cat \
-no-emul-boot \
-boot-load-size 4 \
-boot-info-table \
-eltorito-alt-boot \
-e boot/grub/efi.img \
-no-emul-boot \
-isohybrid-gpt-basdat \
-append_partition 2 0xef {{ deb13_src }}/boot/grub/efi.img \
{{ deb13_src }}
- name: get iso size
shell: "ls -lah {{ iso_share }}/Deb13-MC.iso | cut -d ' ' -f 5"
register: iso_size_output
- name: show iso size
debug:
msg: "Deb13-MC.iso is {{ iso_size_output.stdout_lines[0] }}."
- name: Build ISO - Build 'burn' script
shell: "echo dd if={{ iso_share }}/Deb13-MC.iso of=CHANGE_TO_USB bs=16M status=progress oflag=sync > {{ iso_share }}/burn_deb.sh"
- name: Build ISO - Make 'burn' script executable
shell: "chmod +x {{ iso_share }}/burn_deb.sh"
...

164
tasks/config_pxe.yaml Normal file
View File

@ -0,0 +1,164 @@
---
###############################################
# Install packages needed for PXE
###############################################
- name: APT - Install Packages
apt:
name:
- "{{ item }}"
state: present
loop: "{{ pxe_packages }}"
when: not refresh_only | bool
###############################################
# DHCP Server
###############################################
# Stop DHCP server
- name: DHCP - Stop DHCP
service:
name: isc-dhcp-server
state: stopped
enabled: yes
# Copy DHCP config file 1
- name: DHCP - Copy dhcpd.conf
template:
src: dhcpd.conf.j2
dest: /etc/dhcp/dhcpd.conf
mode: 0644
# Copy DHCP config file 2
- name: DHCP - Copy isc-dhcp-server
template:
src: isc-dhcp-server.j2
dest: /etc/default/isc-dhcp-server
mode: 0644
# Start DHCP server
- name: DHCP - Start DHCP
service:
name: isc-dhcp-server
state: started
enabled: yes
# Download vendor list for dhcp-lease-list
- name: DHCP - Download vendor list for dhcp-lease-list
get_url:
url: "http://standards-oui.ieee.org/oui.txt"
dest: /usr/local/etc/oui.txt
mode: '0644'
###############################################
# TFTP Server
###############################################
# Stop TFTP Server
- name: TFTP - Stop TFTP
service:
name: tftpd-hpa
state: stopped
enabled: yes
# Create TFTP server folder structure
- name: TFTP - Create tftp directory
file:
path: /srv/tftp
state: directory
mode: '0755'
owner: tftp
group: tftp
# Copy TFTP Config File
- name: TFTP - Copy tftpd-hpa
template:
src: tftpd-hpa.j2
dest: /etc/default/tftpd-hpa
mode: 0644
# Start TFTP Server
- name: TFTP - Start TFTP
service:
name: tftpd-hpa
state: started
enabled: yes
###############################################
# Copy necessary files
###############################################
# Create destination folder for all the next stuff
- name: Files - Create debian-installer directory
file:
path: /var/www/html/debian-installer/amd64
state: directory
mode: '0755'
owner: www-data
group: www-data
## Old comments:
## Extract trixie debian netboot files
## These are from the syslinux-common package
## Some of the files from the trixie netboot archive
## are needed for this voodoo to all work
## This is one of the two files called in the grub bootloader
## This is the other file called in the grub bootloader
## Changing from bookworm to trixie, bookworm curl command:
## curl -L https://deb.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/netboot/netboot.tar.gz | \
- name: Files - copy static files
shell: |
curl -L https://deb.debian.org/debian/dists/trixie/main/installer-amd64/current/images/netboot/netboot.tar.gz | \
tar xz -C /var/www/html/debian-installer/amd64
cp /usr/lib/syslinux/modules/bios/* /srv/tftp/
cp -R /var/www/html/debian-installer/amd64/debian-installer /srv/tftp/
cp /var/www/html/debian-installer/amd64/debian-installer/amd64/linux /srv/tftp/debian-installer/amd64/linux
cp /var/www/html/debian-installer/amd64/debian-installer/amd64/initrd.gz /srv/tftp/debian-installer/amd64/initrd.gz
register: static_files_output
# Oh Hai grub bootloader, I was just talking about you
- name: Files - copy the grub
block:
- name: Files - Copy grub.cfg to tftp
when: not deploy_iso | bool
template:
src: grub.cfg.j2
dest: /srv/tftp/debian-installer/amd64/grub/grub.cfg
mode: 0644
- name: Files - Copy grub-iso.cfg to tftp
when: deploy_iso | bool
template:
src: grub-iso.cfg.j2
dest: /srv/tftp/debian-installer/amd64/grub/grub.cfg
mode: 0644
# This is the preseed file for unattended server installation
# It's served from HTTP now because bollocks to weird TFTP foolishness
- name: Files - Copy server preseed to http
template:
src: preseed-server-v2.cfg.j2
dest: /var/www/html/preseed-server.cfg
mode: 0644
# Build Fresh Init Archive
- name: Files - Cosmos Init
ansible.builtin.archive:
path: "/var/jenkins_home/ansible/roles/pxe_server/files/init"
dest: "/var/jenkins_home/ansible/roles/pxe_server/files/cosmos-init.tar"
format: "tar"
delegate_to: localhost
# update archive_fresh
- name: update archive_fresh
set_fact:
archive_fresh: true
# Copy Archive to Target
- name: Files - Copy cosmos-init.tar to target
copy:
src: /var/jenkins_home/ansible/roles/pxe_server/files/cosmos-init.tar
dest: /var/www/html/cosmos-init.tar
mode: 0644
...

37
tasks/config_routing.yaml Normal file
View File

@ -0,0 +1,37 @@
---
###############################################
# Configure internet_interface to be gateway
###############################################
# Update sysctl.conf file to enable IP forwarding
- name: sysctl - enable IP forwarding
lineinfile:
path: /etc/sysctl.conf
regexp: '^net.ipv4.ip_forward='
line: 'net.ipv4.ip_forward=1'
# Apply sysctl changes
- name: sysctl - apply changes
shell: sysctl -p
# Set up NAT with iptables
- name: NAT - iptables
shell: iptables -t nat -A POSTROUTING -o {{ internet_interface }} -j MASQUERADE
# Set up Routing with IP Tables
- name: Routing - iptables
shell: |
iptables -A FORWARD -i {{ listen_interface }} -o {{ internet_interface }} -j ACCEPT
iptables -A FORWARD -i {{ internet_interface }} -o {{ listen_interface }} -m state --state RELATED,ESTABLISHED -j ACCEPT
# Make iptables rules persistent
- name: Persistence - iptables
shell: |
netfilter-persistent save
netfilter-persistent reload
...

22
tasks/main.yaml Normal file
View File

@ -0,0 +1,22 @@
---
# This role builds a pxe server and / or an ISO for the amd64 matt-cloud base image
- name: PXE Server - Architecture Warning
when: '"arm" in cpu_architecture'
debug:
msg: "Warning - ARM CPU Detected, will not proceed"
- name: PXE Server - Build PXE Functions
include_tasks: config_pxe.yaml
when: not iso_only | bool
- name: PXE Server - Set up routing
include_tasks: config_routing.yaml
when: configure_routing | bool and not iso_only | bool
- name: PXE Server - Build Deb12-MC.iso
include_tasks: build_iso.yaml
when: '"amd" in cpu_architecture'
...