62 lines
2.3 KiB
YAML
62 lines
2.3 KiB
YAML
---
|
|
- name: "Download and install APK static into the host system."
|
|
shell: "cd / && curl http://dl-cdn.alpinelinux.org/alpine/v{{ alpine_version }}/main/x86_64/apk-tools-static-{{ apk_version }}.apk | tar -xvzf - sbin/apk.static"
|
|
args:
|
|
creates: "/sbin/apk.static"
|
|
- name: "Perform installation in a mostly secure way. First install keys insecurely."
|
|
shell: "apk.static -X http://dl-cdn.alpinelinux.org/alpine/v{{ alpine_version }}/main --root /mnt --arch x86_64 --initdb --allow-untrusted add alpine-keys"
|
|
args:
|
|
creates: "/mnt/etc/apk/keys"
|
|
- name: "Enable repositories."
|
|
template:
|
|
src: "templates/etc/apk/repositories.j2"
|
|
dest: "/mnt/etc/apk/repositories"
|
|
mode: "0600"
|
|
- name: "Install packages with signature verification. Update if already present."
|
|
shell: "apk.static --root /mnt --arch x86_64 add {{ item }}"
|
|
loop: "{{ packages }}"
|
|
- name: "Tell Alpine how to mount partitions after boot."
|
|
template:
|
|
src: "templates/etc/fstab.j2"
|
|
dest: "/mnt/etc/fstab"
|
|
mode: "0755"
|
|
- name: "Load modules on boot"
|
|
template:
|
|
src: "templates/etc/modules.j2"
|
|
dest: "/mnt/etc/modules"
|
|
mode: "0640"
|
|
- name: "And which features to include into initramfs."
|
|
template:
|
|
src: "templates/etc/mkinitfs/mkinitfs.conf.j2"
|
|
dest: "/mnt/etc/mkinitfs/mkinitfs.conf"
|
|
mode: "0750"
|
|
- name: "Copy SSH host keys from the live system."
|
|
shell: "rm /mnt/etc/ssh/*_key* -f && cp -a /etc/ssh/*_key* /mnt/etc/ssh/"
|
|
args:
|
|
creates: "/mnt/etc/ssh/ssh_host_ed25519_key"
|
|
- name: "Copy SSH authorized keys from the live system. First create the /root/.ssh directory."
|
|
file:
|
|
state: "directory"
|
|
path: "/mnt/root/.ssh"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0700"
|
|
- name: "And then the authorized_keys file."
|
|
shell: "install -m 600 -o root -g root /root/.ssh/authorized_keys /mnt/root/.ssh/authorized_keys"
|
|
args:
|
|
creates: "/mnt/root/.ssh/authorized_keys"
|
|
- name: "Install network configuration."
|
|
template:
|
|
src: "templates/etc/network/interfaces.j2"
|
|
dest: "/mnt/etc/network/interfaces"
|
|
- name: "And DNS resolvers."
|
|
template:
|
|
src: "templates/etc/resolv.conf.j2"
|
|
dest: "/mnt/etc/resolv.conf"
|
|
mode: "644"
|
|
- name: "Set hostname."
|
|
template:
|
|
src: "templates/etc/hostname.j2"
|
|
dest: "/mnt/etc/hostname"
|
|
mode: "644"
|