diff options
| author | Albert Cervin <albert@acervin.com> | 2023-03-19 17:18:01 +0100 |
|---|---|---|
| committer | Albert Cervin <albert@acervin.com> | 2023-03-19 17:18:01 +0100 |
| commit | c6f2fd36e0a8188e1f6b2a15b292e3d0a5610ac4 (patch) | |
| tree | d1c21cf0d9a2529154b33438bd91821268be5eb4 /roles/jailhost/tasks/main.yml | |
| download | datagubbe-setup-main.tar.gz datagubbe-setup-main.tar.xz datagubbe-setup-main.zip | |
Diffstat (limited to 'roles/jailhost/tasks/main.yml')
| -rw-r--r-- | roles/jailhost/tasks/main.yml | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/roles/jailhost/tasks/main.yml b/roles/jailhost/tasks/main.yml new file mode 100644 index 0000000..a26351b --- /dev/null +++ b/roles/jailhost/tasks/main.yml @@ -0,0 +1,64 @@ +- name: create jails dataset + community.general.zfs: + name: poolen/jails + state: present + extra_zfs_properties: + mountpoint: /usr/local/jails + +- name: create jails tank dataset + community.general.zfs: + name: poolen/jails/tank + state: present + +- name: create base jail dataset + community.general.zfs: + name: poolen/jails/base + state: present + +- name: install base jail + shell: | + set -e + bsdinstall checksum || echo 'checksums failed' + bsdinstall distextract || echo 'distextract failed' + bsdinstall config || error 'failed to save config' + + bsdinstall entropy + environment: + BSDINSTALL_CHROOT: "/usr/local/jails/base" + DISTRIBUTIONS: "base.txz" + nonInteractive: "YES" + args: + creates: "/usr/local/jails/base/bin" + +- name: configure base jail + shell: | + cp /etc/resolv.conf /usr/local/jails/base/etc/ + cp /etc/localtime /usr/local/jails/base/etc/ + cp /var/db/zoneinfo /usr/local/jails/base/var/db/ + args: + creates: "/usr/local/jails/base/etc/resolv.conf" + +- name: apply updates for base jail + ansible.builtin.shell: | + freebsd-update -b /usr/local/jails/base fetch + freebsd-update -b /usr/local/jails/base install + register: result_update + failed_when: result_update.rc != 0 and result_update.rc != 2 + changed_when: result_update.rc != 2 + +- name: determine patch level of base jail + shell: /usr/local/jails/base/bin/freebsd-version -u + register: patch_level + environment: + ROOT: /usr/local/jails/base + +- name: snapshot the base jail + community.general.zfs: + name: "poolen/jails/base@{{ patch_level.stdout }}" + state: present + +- name: set patch level as fact + ansible.builtin.set_fact: + base_jail_patch_level: "{{ patch_level.stdout }}" + cacheable: yes + |