Add option for controller & managed, disable running ansible-playbooks on installation

2025-05-28 18:52:19 +02:00 · 2025-05-28 18:52:19 +02:00 · e098a452cf
commit e098a452cf
parent 8db14b64ae
1 changed files with 50 additions and 30 deletions
--- a/template/root/install.sh
+++ b/template/root/install.sh
@ -230,7 +230,10 @@ function prepareInstallation() {
  [[ -z "$INSTALLATION_DOMAIN" ]] && INSTALLATION_DOMAIN="localhost"

  # installation type
-  INSTALLATION_TYPE=$(dialog --clear --title "Choose the main installation type of this host" --radiolist "Select one" 10 70 3 gaming Game-Server false proxy Proxy-Server false build Build-Server false 3>&1 1>&2 2>&3 3>&-)
+  # INSTALLATION_TYPE=$(dialog --clear --title "Choose the main installation type of this host" --radiolist "Select one" 10 70 3 gaming Game-Server false proxy Proxy-Server false build Build-Server false 3>&1 1>&2 2>&3 3>&-)
+
+  # standalone or managed
+  INSTALLATION_MODE=$(dialog --clear --title "Choose the main installation mode of this host" --radiolist "Select one" 10 70 3 controller Controller false managed Managed false 3>&1 1>&2 2>&3 3>&-)

  # show summary
  summary
@ -242,7 +245,7 @@ function prepareInstallation() {
 function summary() {
  dialog --stdout --clear --title "Summary" --yes-label "Confirm" --no-label "Abort" --yesno "\n
 Hostname:       ${INSTALLATION_HOSTNAME}.${INSTALLATION_DOMAIN}\n
-Type:           ${INSTALLATION_TYPE}\n
+Mode:           ${INSTALLATION_MODE}\n
 Disk:           ${INSTALLATION_DISK}
  " 9 60

@ -338,7 +341,7 @@ function installation() {
  installationSubtaskTitle "Install base packages"
  wget https://raw.githubusercontent.com/alpinelinux/alpine-make-rootfs/v0.7.0/alpine-make-rootfs
  chmod u+x alpine-make-rootfs
-  ./alpine-make-rootfs --no-cleanup --branch 'v'$(echo ${INSTALLATION_ALPINE_VERSION} | rev | cut -d. -f2- | rev) --packages "apk-tools alpine-base linux-lts linux-firmware-none zsh vim btrfs-progs dialog wget git mkinitfs lsblk parted lshw shadow" ${INSTALLATION_MOUNTPOINT}
+  ./alpine-make-rootfs --no-cleanup --branch 'v'$(echo ${INSTALLATION_ALPINE_VERSION} | rev | cut -d. -f2- | rev) --packages "apk-tools alpine-base linux-lts linux-firmware-none curl sudo fish fish-doc mandoc man-pages vim btrfs-progs dialog wget git mkinitfs lsblk parted lshw shadow openssh" ${INSTALLATION_MOUNTPOINT}

  installationSubtaskTitle "Setup resolv.conf"
  if [[ -f "${INSTALLATION_MOUNTPOINT}/etc/resolv.conf" ]]; then
@ -386,6 +389,24 @@ function installation() {
  installationSubtaskTitle "Set root password"
  runInChroot "echo -e \"${INSTALLATION_ROOT_PW}\n${INSTALLATION_ROOT_PW}\" | passwd" || installationFailed

+  installationSubtaskTitle "Set root shell"
+  runInChroot "chsh -s /usr/bin/fish root" || installationFailed
+
+  installationSubtaskTitle "Create ansible user"
+  runInChroot "adduser -s /usr/bin/fish -u 1337 -S -D ansible"
+
+  installationSubtaskTitle "Enable ansible passwordless sudo"
+  runInChroot "echo 'ansible ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers.d/ansible"
+
+  if [[ "$INSTALLATION_MODE" == "controller" ]]; then
+    installationSubtaskTitle "Generate ansible ssh-keypair"
+    runInChroot "sudo -u ansible 'ssh-keygen -t ed25519 -P ""'" || installationFailed
+
+    installationSubtaskTitle "Clone Playbook-repo"
+    mkdir -p ${INSTALLATION_MOUNTPOINT}/${INSTALLATION_ANSIBLE_ROOT}/playbooks
+    git clone ${INSTALLATION_ANSIBLE_GIT} ${INSTALLATION_MOUNTPOINT}/${INSTALLATION_ANSIBLE_ROOT}/playbooks
+  fi
+
  installationSubtaskTitle "Enable btrfs module"
  runInChroot "echo 'btrfs' >> /etc/modules"
  runInChroot "echo 'efivarfs' >> /etc/modules"
@ -396,37 +417,36 @@ function installation() {
  runInChroot "rc-update add udev-settle sysinit"
  runInChroot "rc-update add udev-postmount default"

-  echo ""
-  echo "┌──────────────────────────────────────────┐"
-  echo "│    Configure Ansible and playbook-run    │"
-  echo "└──────────────────────────────────────────┘"
+#  echo ""
+#  echo "┌──────────────────────────────────────────┐"
+#  echo "│    Configure Ansible and playbook-run    │"
+#  echo "└──────────────────────────────────────────┘"

-  installationSubtaskTitle "Clone Playbook-repo"
-  mkdir -p ${INSTALLATION_MOUNTPOINT}/${INSTALLATION_ANSIBLE_ROOT}/playbooks
-  git clone ${INSTALLATION_ANSIBLE_GIT} ${INSTALLATION_MOUNTPOINT}/${INSTALLATION_ANSIBLE_ROOT}/playbooks
+#  installationSubtaskTitle "Clone Playbook-repo"
+#  mkdir -p ${INSTALLATION_MOUNTPOINT}/${INSTALLATION_ANSIBLE_ROOT}/playbooks
+#  git clone ${INSTALLATION_ANSIBLE_GIT} ${INSTALLATION_MOUNTPOINT}/${INSTALLATION_ANSIBLE_ROOT}/playbooks

-  mkdir -p ${INSTALLATION_MOUNTPOINT}/etc/ansible
-  cat >"${INSTALLATION_MOUNTPOINT}/etc/ansible/ansible.cfg" <<EOT || installationFailed
-[defaults]
-inventory=/${INSTALLATION_ANSIBLE_ROOT}/inventory.yml
-EOT
+#  mkdir -p ${INSTALLATION_MOUNTPOINT}/etc/ansible
+#  cat >"${INSTALLATION_MOUNTPOINT}/etc/ansible/ansible.cfg" <<EOT || installationFailed
+#[defaults]
+#inventory=/${INSTALLATION_ANSIBLE_ROOT}/inventory.yml
+#EOT

-  cat >"${INSTALLATION_MOUNTPOINT}/${INSTALLATION_ANSIBLE_ROOT}/inventory.yml" <<EOT
-ungrouped:
-  hosts:
-    localhost
-  vars:
-    ansible_connection: local
-    start_timestamp: ${START_TIMESTAMP}
-    tmpfs_size: 4G
-    installation_type: ${INSTALLATION_TYPE}
-    mysql_root_password: $(randomPasswordGen 32)
-    release_version: %REL_VER%
-    alpine_version: %ALP_VER%
-EOT
+#  cat >"${INSTALLATION_MOUNTPOINT}/${INSTALLATION_ANSIBLE_ROOT}/inventory.yml" <<EOT
+#ungrouped:
+#  hosts:
+#    localhost
+#  vars:
+#    ansible_connection: local
+#    start_timestamp: ${START_TIMESTAMP}
+#    tmpfs_size: 4G
+#    mysql_root_password: $(randomPasswordGen 32)
+#    release_version: %REL_VER%
+#    alpine_version: %ALP_VER%
+#EOT

-  installationSubtaskTitle "Execute Ansible playbooks"
-  runInChroot "ansible-playbook /${INSTALLATION_ANSIBLE_ROOT}/playbooks/top.ansible.yml" || installationFailed
+#  installationSubtaskTitle "Execute Ansible playbooks"
+#  runInChroot "ansible-playbook /${INSTALLATION_ANSIBLE_ROOT}/playbooks/top.ansible.yml" || installationFailed

  echo ""
  echo "┌──────────────────────────────────────────┐"