diff options
| -rw-r--r-- | docs/README.md | 6 | ||||
| -rw-r--r-- | roles/guest-configure/tasks/main.yml | 3 | ||||
| -rw-r--r-- | roles/guest-configure/tasks/rhsm-register.yml | 15 | ||||
| -rw-r--r-- | roles/guest-configure/tasks/undo.yml | 2 | ||||
| -rw-r--r-- | roles/guest-configure/vars/main.yml | 1 | ||||
| -rw-r--r-- | roles/libvirt/templates/kickstart/el10.ks | 51 |
6 files changed, 68 insertions, 10 deletions
diff --git a/docs/README.md b/docs/README.md index cc9a28a..de60ff9 100644 --- a/docs/README.md +++ b/docs/README.md @@ -26,8 +26,10 @@ Below is a table describing each variable, and which Ansible role the variable i | ```ssh_key``` | | X | | | | This key is put into the Kickstart template for the root user and the regular user (if defined) - if not defined, PermitRootLogin is used in Kickstart | | ```shell``` | | | X | | | Set new user's shell to this shell, does not change the root user shell - does nothing if no regular user defined | | ```services``` | | | X | | | Services to enable on the new VM -| ```redhat_user``` | | | X | | | Username to register new VM with Red Hat Subscription Manager, will also be used to un-register on VM deletion | -| ```redhat_password``` | | | X | | | Password to register new VM with Red Hat Subscription Manager, will also be used to un-register on VM deletion | +| ```redhat_user``` | | | X | | | Username to register/unregister new VM with Red Hat Subscription Manager | +| ```redhat_password``` | | | X | | | Password to register/unregister new VM with Red Hat Subscription Manager | +| `redhat_activation_key` | | | X | | | Activation key for RHSM | +| `redhat_org_id` | | | X | | | Org ID for RHSM | | ```libvirt_vm_location_arguments``` | | X | | | | This is a temporary workaround for Fedora ISOs, the path to the Kernel is missing from the ISO and can be defined here if necessary | ## Inventory diff --git a/roles/guest-configure/tasks/main.yml b/roles/guest-configure/tasks/main.yml index 0874b4b..76bf2b1 100644 --- a/roles/guest-configure/tasks/main.yml +++ b/roles/guest-configure/tasks/main.yml @@ -13,7 +13,8 @@ - name: Import Red Hat Subscription Manager task ansible.builtin.import_tasks: rhsm-register.yml - when: (guest_configure_rhsm_username | length > 0) and (guest_configure_rhsm_password | length > 0) + when: ((guest_configure_rhsm_username | length > 0) and (guest_configure_rhsm_password | length > 0)) or + ((guest_configure_rhsm_org_id | length > 0) and (guest_configure_rhsm_activation_key | length > 0)) - name: Import update task ansible.builtin.import_tasks: update.yml diff --git a/roles/guest-configure/tasks/rhsm-register.yml b/roles/guest-configure/tasks/rhsm-register.yml index ad09b17..50af690 100644 --- a/roles/guest-configure/tasks/rhsm-register.yml +++ b/roles/guest-configure/tasks/rhsm-register.yml @@ -1,14 +1,17 @@ -- name: Register guest with Red Hat Subscription Manager (without Activation Key) +- name: Register guest with Red Hat Subscription Manager (username/password) community.general.redhat_subscription: username: "{{ guest_configure_rhsm_username }}" password: "{{ guest_configure_rhsm_password }}" state: present - when: guest_configure_rhsm_activation_key | length == 0 + when: + - (guest_configure_rhsm_username | length > 0) and (guest_configure_rhsm_password | length > 0) + - (guest_configure_rhsm_activation_key | length == 0) and (guest_configure_rhsm_org_id | length == 0) -- name: Register guest with Red Hat Subscription Manager (with Activation Key) +- name: Register guest with Red Hat Subscription Manager (org_id/activation_key) community.general.redhat_subscription: - username: "{{ guest_configure_rhsm_username }}" - password: "{{ guest_configure_rhsm_password }}" + org_id: "{{ guest_configure_rhsm_org_id }}" activationkey: "{{ guest_configure_rhsm_activation_key }}" state: present - when: guest_configure_rhsm_activation_key | length > 0 + when: + - (guest_configure_rhsm_username | length == 0) and (guest_configure_rhsm_password | length == 0) + - (guest_configure_rhsm_activation_key | length > 0) and (guest_configure_rhsm_org_id | length > 0) diff --git a/roles/guest-configure/tasks/undo.yml b/roles/guest-configure/tasks/undo.yml index 22889f1..e01c95e 100644 --- a/roles/guest-configure/tasks/undo.yml +++ b/roles/guest-configure/tasks/undo.yml @@ -1,3 +1,3 @@ - name: Import Red Hat Subscription Manager unregister task ansible.builtin.import_tasks: rhsm-unregister.yml - when: (guest_configure_rhsm_username | length > 0) and (guest_configure_rhsm_password | length > 0) + when: (guest_configure_rhsm_username | length > 0) or (guest_configure_rhsm_org_id | length > 0) diff --git a/roles/guest-configure/vars/main.yml b/roles/guest-configure/vars/main.yml index 41a4bcf..77c2cac 100644 --- a/roles/guest-configure/vars/main.yml +++ b/roles/guest-configure/vars/main.yml @@ -11,3 +11,4 @@ guest_configure_services: "{{ services if services is defined }}" guest_configure_rhsm_username: "{{ redhat_user if redhat_user is defined }}" guest_configure_rhsm_password: "{{ redhat_password if redhat_password is defined }}" guest_configure_rhsm_activation_key: "{{ redhat_activation_key if redhat_activation_key is defined }}" +guest_configure_rhsm_org_id: "{{ redhat_org_id if redhat_org_id is defined }}" diff --git a/roles/libvirt/templates/kickstart/el10.ks b/roles/libvirt/templates/kickstart/el10.ks new file mode 100644 index 0000000..5a95014 --- /dev/null +++ b/roles/libvirt/templates/kickstart/el10.ks @@ -0,0 +1,51 @@ +#version=RHEL10 +text +reboot + +repo --name="AppStream" --baseurl=file:///run/install/sources/mount-0000-cdrom/AppStream + +%packages +@^server-product-environment +kexec-tools + +%end + +# Keyboard layouts +keyboard --xlayouts='us' +# System language +lang en_US.UTF-8 + +# Network information +network --bootproto=dhcp --device=enp1s0 --noipv6 --activate +network --hostname={{ libvirt_kickstart_hostname }} + +# Use CDROM installation media +cdrom + +# Run the Setup Agent on first boot +firstboot --enable + +ignoredisk --only-use=vda +autopart +# Partition clearing information +clearpart --none --initlabel + +# System timezone +timezone {{ libvirt_kickstart_timezone }} --utc + +rootpw --iscrypted {{ libvirt_kickstart_root_password | password_hash("sha512") }} + +%post +mkdir -m0700 /root/.ssh/ + +cat <<EOF >/root/.ssh/authorized_keys +{{ libvirt_kickstart_root_ssh_key }} +EOF + +chmod 0600 /root/.ssh/authorized_keys + +restorecon -R /root/.ssh/ + +{{ libvirt_kickstart_allow_root_ssh }} + +%end |