add grub ansible role

2021-08-24 13:22:50 +02:00
parent 2189406cc1
commit c0b2487c51
12 changed files with 327 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -0,0 +1,79 @@
+ansible-role-grub
+=================
+
+Manages grub config on RHEL/Centos.
+
+Requirements
+------------
+
+This is a standalone role.
+
+Role Variables
+--------------
+
+Additional kernel parameters can be passed using the following two lists.
+```yaml
+# additional cmdline arguments
+grub_cmdline_linux_list: []
+
+# additional cmdline default arguments
+grub_cmdline_linux_default_list: []
+```
+
+Additional tty instances can be added to the follwing list. 
+For example a serial connection which has its own set of variables.
+```yaml
+# start grub and linux on these consoles
+grub_consoles:
+  - tty0
+  - 'ttyS0,{{ grub_serial.speed }}'
+
+# grub serial command settings
+grub_serial:
+  speed: 115200
+  unit: 0
+  word: 8
+  parity: 0
+  stop: 1
+```
+
+Dependencies
+------------
+
+No hard dependencies.
+
+Example Playbook
+----------------
+
+An example playbook which installs and configures grub with kernel parameters.
+```yaml
+---
+
+- name: grub test play
+  hosts: all
+  become: true
+  vars:
+    grub_cmdline_linux_list:
+      - crashkernel=auto
+      - rd.lvm.lv=vg01/root
+      - rhgb
+      - quiet
+      - boot=a27cca18-a888-4b0e-9066-986d22036054
+      - vsyscall=none
+      - slub_debug=P
+      - page_poison=1
+      - audit_backlog_limit=8192
+      - audit=1
+  roles:
+    - grub
+```
+
+License
+-------
+
+GPLv3
+
+Author Information
+------------------
+
+Aaron (aaron@0x29a.ch)
--- a/defaults/main.yaml
+++ b/defaults/main.yaml
@@ -0,0 +1,40 @@
+---
+# defaults file for ansible-role-grub
+
+# grub related packages
+grub_packages:
+  - grub2
+
+# grub-mkconfig binary
+grub_mkconfig_bin: /usr/sbin/grub2-mkconfig
+
+# grub configuration file
+grub_cfg: /etc/default/grub
+
+# grub main running configuration
+grub_boot_cfg: /boot/grub2/grub.cfg
+
+# start grub and linux on these consoles
+grub_consoles:
+  - tty0
+#  - 'ttyS0,{{ grub_serial.speed }}'
+
+# grub serial command settings
+#grub_serial:
+#  speed: 115200
+#  unit: 0
+#  word: 8
+#  parity: 0
+#  stop: 1
+
+# grub timeout (in seconds)
+grub_timeout: 5
+
+# disable predictable network interface names
+grub_disable_network_predictable_interface_names: false
+
+# additional cmdline arguments
+grub_cmdline_linux_list: []
+
+# additional cmdline default arguments
+grub_cmdline_linux_default_list: []
--- a/handlers/main.yaml
+++ b/handlers/main.yaml
@@ -0,0 +1,5 @@
+---
+# handlers file for ansible-role-grub
+
+- name: grub update config
+  command: '{{ grub_mkconfig_bin }} -o {{ grub_boot_cfg }}'
--- a/meta/main.yaml
+++ b/meta/main.yaml
@@ -0,0 +1,52 @@
+galaxy_info:
+  author: your name
+  description: your role description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.9
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -0,0 +1,53 @@
+galaxy_info:
+  author: your name
+  description: your role description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.9
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.
+  
--- a/tasks/configuration.yaml
+++ b/tasks/configuration.yaml
@@ -0,0 +1,15 @@
+---
+
+- name: create the grub configuration
+  template:
+    src: etc/default/grub.j2
+    dest: '{{ grub_cfg }}'
+    owner: root
+    group: root
+    mode: 0644
+    seuser: system_u
+    serole: object_r
+    setype: bootloader_etc_t
+    selevel: s0
+  notify:
+    - 'grub update config'
--- a/tasks/installation.yaml
+++ b/tasks/installation.yaml
@@ -0,0 +1,6 @@
+---
+
+- name: install grub related packages
+  package:
+    name: '{{ grub_packages }}'
+    state: present
--- a/tasks/main.yaml
+++ b/tasks/main.yaml
@@ -0,0 +1,20 @@
+---
+# tasks file for ansible-role-grub
+
+- name: load variables based on distribution type
+  include_vars: '{{ item }}'
+  with_first_found:
+    - '{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yaml'
+    - '{{ ansible_os_family }}.yaml'
+  tags:
+    - 'grub_vars'
+
+- name: import installation tasks
+  import_tasks: installation.yaml
+  tags:
+    - 'grub_install'
+
+- name: import configuration tasks
+  import_tasks: configuration.yaml
+  tags:
+    - 'grub_configuration'
--- a/templates/etc/default/grub.j2
+++ b/templates/etc/default/grub.j2
@@ -0,0 +1,35 @@
+{% if grub_consoles | d(False) %}
+{%   set grub_console = "console=" + grub_consoles | join(' console=') %}
+{% endif %}
+{% if grub_cmdline_linux_default_list | d(False) %}
+{%   set grub_cmdline_linux_default = grub_cmdline_linux_default_list | join(' ') %}
+{% endif %}
+{% set grub_cmdline_linux = [] + grub_cmdline_linux_list %}
+{% if ansible_cmdline['rd.auto'] | d(False) %}
+{%   set grub_cmdline_linux = grub_cmdline_linux + ['rd.auto'] %}
+{% endif %}
+{% if grub_disable_network_predictable_interface_names %}
+{%   set grub_cmdline_linux = grub_cmdline_linux + ['net.ifnames=0'] %}
+{% endif %}
+
+# default entry
+GRUB_DEFAULT=saved
+# grub timeout
+GRUB_TIMEOUT={{ grub_timeout }}
+# distribition information
+GRUB_DISTRIBUTOR=$(sed 's, release .*$,,g' /etc/system-release)
+
+{% if grub_console and grub_cmdline_linux_default | d(False) %}
+GRUB_CMDLINE_LINUX_DEFAULT="{{ grub_console }} {{ grub_cmdline_linux_default }}"
+{% elif grub_cmdline_linux_default | d(False) %}
+GRUB_CMDLINE_LINUX_DEFAULT="{{ grub_cmdline_linux_default }}"
+{% else %}
+GRUB_CMDLINE_LINUX_DEFAULT="{{ grub_console }}"
+{% endif %}
+GRUB_CMDLINE_LINUX="{{ grub_cmdline_linux | join(' ') }}"
+{% if grub_serial | d(False) %}
+GRUB_SERIAL_COMMAND="serial --speed={{ grub_serial.speed }} --unit={{ grub_serial.unit }} --word={{ grub_serial.word }} --parity={{ grub_serial.parity }} --stop={{ grub_serial.stop }}"
+{% endif %}
+
+# disable graphical terminal
+GRUB_TERMINAL=console
--- a/tests/inventory
+++ b/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
--- a/tests/test.yml
+++ b/tests/test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - ansible-role-grub
--- a/vars/RedHat.yaml
+++ b/vars/RedHat.yaml
@@ -0,0 +1,15 @@
+---
+# vars file for ansible-role-grub
+
+# grub related packages
+grub_packages:
+  - grub2
+
+# grub-mkconfig binary
+grub_mkconfig_bin: /usr/sbin/grub2-mkconfig
+
+# grub configuration file
+grub_cfg: /etc/default/grub
+
+# grub main running configuration
+grub_boot_cfg: /boot/grub2/grub.cfg