vmware builds

roles/oatakan.rhel_template_build/tasks/cloud-init.yml

@@ -0,0 +1,31 @@
+---
+
+- name: ensure cloud-init packages are installed
+  package:
+    name:
+      - cloud-init
+      - cloud-utils-growpart
+      - gdisk
+
+- block:
+    - name: ensure cloud-init scripts directory exists
+      file:
+        path: /var/lib/cloud/scripts/per-instance
+        state: directory
+        mode: '0755'
+
+    - name: create growpart cloud-init script to grow partition on boot
+      template:
+        src: grow_part.sh.j2
+        dest: /var/lib/cloud/scripts/per-instance/grow_part.sh
+        mode: u=rwx,g=rx,o=rx
+#  when:
+#    - ansible_lvm is defined
+#    - ansible_lvm.lvs is defined
+#    - ansible_lvm.lvs[the_root_lvname] is defined
+#    - ansible_lvm.lvs[the_root_lvname].vg is defined
+#    - ansible_lvm.vgs is defined
+#    - ansible_lvm.pvs is defined
+#    - ansible_cmdline is defined
+#    - ansible_cmdline.root is defined
+#    - ansible_lvm.lvs[the_root_lvname].vg in ansible_cmdline.root

roles/oatakan.rhel_template_build/tasks/main.yml

@@ -0,0 +1,216 @@
+---
+
+- name: Get the current kernel release.
+  command: uname -r
+  changed_when: false
+  register: kernel_release
+
+- name: Ensure necessary packages are installed.
+  yum:
+    name:
+      - wget
+      - perl
+      - cpp
+      - gcc
+      - make
+      - bzip2
+      - kernel-headers
+      - kernel-devel
+      - "kernel-devel-{{ kernel_release.stdout }}"
+      - cifs-utils
+    state: present
+
+- name: Ensure libselinux-python package is installed.
+  yum:
+    name:
+      - libselinux-python
+    state: present
+  when: ansible_distribution_major_version|int < 8
+
+- name: Ensure python3-libselinux package is installed.
+  yum:
+    name:
+      - python3-libselinux
+    state: present
+  when: ansible_distribution_major_version|int == 8
+
+# Fix slow DNS.
+- name: Fix slow DNS (adapted from Bento).
+  lineinfile:
+    dest: /etc/sysconfig/network
+    regexp: '^RES_OPTIONS'
+    line: 'RES_OPTIONS="single-request-reopen"'
+    state: present
+
+# see https://fedoraproject.org/wiki/Changes/NetworkManager_keyfile_instead_of_ifcfg_rh
+- name: ensure older style network config files for greater compatibility
+  copy:
+    dest: /etc/NetworkManager/conf.d/99-main-plugins.conf
+    content: |
+      [main]
+      plugins=ifcfg-rh
+  when: ansible_distribution_major_version|int == 8
+
+- name: Restart network service (explicitly).
+  service:
+    name: network
+    state: restarted
+  when: ansible_distribution_major_version|int < 8
+
+- name: Restart NetworkManager service (explicitly).
+  service:
+    name: NetworkManager
+    state: restarted
+  when: ansible_distribution_major_version|int == 8
+
+- name: Ensure we can still connect
+  wait_for_connection:
+
+# SSH daemon configuration.
+- name: Configure SSH daemon.
+  lineinfile:
+    dest: /etc/ssh/sshd_config
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+    state: present
+  loop:
+    - { regexp: '^UseDNS', line: 'UseDNS no' }
+    - { regexp: '^GSSAPIAuthentication', line: 'GSSAPIAuthentication no' }
+
+# Local user SSH configuration.
+- name: Configure local user .ssh directory.
+  file:
+    path: /home/{{ local_account_username }}/.ssh
+    state: directory
+    owner: "{{ local_account_username }}"
+    group: "{{ local_account_username }}"
+    mode: 0700
+
+- name: Get Vagrant's public key.
+  get_url:
+    url: https://github.com/mitchellh/vagrant/raw/master/keys/vagrant.pub
+    dest: /home/{{ local_account_username }}/.ssh/authorized_keys
+    owner: "{{ local_account_username }}"
+    group: "{{ local_account_username }}"
+    mode: 0600
+  ignore_errors: yes
+  when: target_vagrant | bool
+
+- name: autolabel on boot
+  command: fixfiles onboot
+  changed_when: False
+
+- include_tasks: cloud-init.yml
+  when: target_ovirt | bool
+
+- include_tasks: ovirt.yml
+  when: target_ovirt | bool
+
+# VirtualBox tools installation.
+- name: Check if VirtualBox is running the guest VM.
+  stat:
+    path: /home/{{ local_account_username }}/.vbox_version
+  register: virtualbox_check
+
+- include_tasks: virtualbox.yml
+  when: virtualbox_check.stat.exists
+
+# VMware tools installation.
+- name: Check if VMWare is running the guest VM.
+  shell: |
+    set -o pipefail
+    cat /proc/scsi/scsi | grep VMware
+  changed_when: false
+  failed_when: false
+  register: vmware_check
+
+- include_tasks: vmware.yml
+  when: vmware_check.rc == 0
+
+# Cleanup tasks.
+- name: Remove unneeded packages.
+  yum:
+    name:
+      - cpp
+      - kernel-devel
+      - kernel-headers
+    disablerepo: '*'
+    state: absent
+
+- name: Clean up yum.
+  command: yum clean all
+  args:
+    warn: no
+  changed_when: false
+
+- name: Flag the system for re-configuration
+  file:
+    path: /.unconfigured
+    state: touch
+
+- name: Reset hostname to localhost.localadmin
+  copy:
+    content: 'localhost.localdomain'
+    dest: /etc/hostname
+
+- name: Remove RedHat interface persistence (step 1).
+  file:
+    path: /etc/udev/rules.d/70-persistent-net.rules
+    state: absent
+
+- name: Check for network config file
+  stat:
+    path: /etc/sysconfig/network-scripts/ifcfg-{{ ansible_default_ipv4.interface | default('eth0') }}
+  register: network_config_file
+
+- name: Remove RedHat interface persistence (step 2).
+  lineinfile:
+    dest: "{{ network_config_file.stat.path }}"
+    regexp: "{{ item }}"
+    state: absent
+  loop:
+    - '^HWADDR'
+    - '^UUID'
+    - '^IPADDR'
+    - '^NETMASK'
+    - '^GATEWAY'
+  when: network_config_file.stat.exists
+
+- name: Set interface to DHCP
+  lineinfile:
+    dest: "{{ network_config_file.stat.path }}"
+    regexp: '^BOOTPROTO='
+    line: BOOTPROTO=dhcp
+  when: network_config_file.stat.exists
+
+- name: Force logs to rotate (step 1)
+  shell: /usr/sbin/logrotate -f /etc/logrotate.conf
+  changed_when: false
+
+- name: Find any log files to delete
+  find:
+    paths: /var/log
+    patterns:
+      - "*-????????"
+      - "*.gz"
+  register: find_log_files
+
+- name: Force logs to rotate (step 2)
+  file:
+    path: "{{ item.path }}"
+    state: absent
+  loop: "{{ find_log_files.files }}"
+
+- name: Clear audit log and wtmp (step 1)
+  shell: cat /dev/null > /var/log/audit/audit.log
+  changed_when: false
+
+- name: Clear audit log and wtmp (step 2)
+  shell: cat /dev/null > /var/log/wtmp
+  changed_when: false
+
+- name: Remove ssh-host files
+  command: rm -fr /etc/ssh/ssh_host_*
+  changed_when: false
+  args:
+    warn: false

roles/oatakan.rhel_template_build/tasks/ovirt.yml

@@ -0,0 +1,48 @@
+---
+
+- name: import epel gpg key
+  rpm_key:
+    state: present
+    key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}
+  when: ansible_distribution == 'CentOS'
+
+- name: ensure epel is installed
+  yum:
+    name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm
+    state: present
+  register: install_epel
+  until: '"error" not in install_epel'
+  retries: 5
+  delay: 10
+  when: ansible_distribution == 'CentOS'
+
+# rhevm-guest-agent-common package is not yet available for RHEL 8
+- name: ensure ovirt guest agent package is installed
+  package:
+    name: "{{ ovirt_guest_agent_package_name[ansible_distribution] }}"
+  register: ovirt_package_installation
+  when: ansible_distribution_major_version|int < 8
+
+# try installing qemu package on RHEL/CentOS 8 for now
+- name: ensure qemu guest agent package is installed
+  package:
+    name: "{{ qemu_guest_agent_package_name }}"
+  when: ansible_distribution_major_version|int == 8
+  register: qemu_package_installation
+  ignore_errors: yes
+
+- name: ensure ovirt guest agent is enabled
+  service:
+    name: "{{ ovirt_guest_agent_service_name }}"
+    enabled: yes
+  when:
+    - ansible_distribution_major_version|int < 8
+    - ovirt_package_installation is succeeded
+
+- name: ensure qemu guest agent is enabled
+  service:
+    name: "{{ qemu_guest_agent_service_name }}"
+    enabled: yes
+  when:
+    - ansible_distribution_major_version|int == 8
+    - qemu_package_installation is succeeded

roles/oatakan.rhel_template_build/tasks/virtualbox.yml

@@ -0,0 +1,34 @@
+---
+- name: Get VirtualBox version.
+  slurp:
+    src: /home/{{ local_account_username }}/.vbox_version
+  register: get_virtualbox_version
+
+- name: Set VirtualBox version.
+  set_fact:
+    virtualbox_version: "{{ get_virtualbox_version['content'] | b64decode }}"
+
+- name: Mount VirtualBox guest additions ISO.
+  mount:
+    name: /tmp/vbox
+    src: "/home/{{ local_account_username }}/VBoxGuestAdditions_{{ virtualbox_version }}.iso"
+    opts: loop
+    state: mounted
+    fstype: iso9660
+
+- name: Run VirtualBox guest additions installation.
+  shell: sh /tmp/vbox/VBoxLinuxAdditions.run
+  changed_when: false
+  failed_when: false
+
+- name: Unmount VirtualBox guest additions ISO.
+  mount:
+    name: /tmp/vbox
+    src: "/home/{{ local_account_username }}/VBoxGuestAdditions_{{ virtualbox_version }}.iso"
+    state: absent
+    fstype: iso9660
+
+- name: Delete VirtualBox guest additions ISO.
+  file:
+    path: "/home/{{ local_account_username }}/VBoxGuestAdditions_{{ virtualbox_version }}.iso"
+    state: absent

roles/oatakan.rhel_template_build/tasks/vmware-tools.yml

@@ -0,0 +1,65 @@
+---
+- name: Add VMWare tools repository.
+  template:
+    src: vmware-tools.repo.j2
+    dest: /etc/yum.repos.d/vmware-tools.repo
+
+- name: Import VMWare tools GPG keys.
+  rpm_key:
+    key: "https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub"
+    state: present
+
+- name: Create temporary directories for VMware tools.
+  file:
+    path: "/tmp/{{ item }}"
+    state: directory
+  loop:
+    - vmfusion
+    - vmfusion-archive
+
+- name: Mount VMware tools.
+  mount:
+    name: /tmp/vmfusion
+    src: /home/{{ local_account_username }}/linux.iso
+    fstype: iso9660
+    opts: loop
+    state: mounted
+
+- name: Find any VMwareTools file.
+  find:
+    paths: /tmp/vmfusion
+    patterns: "^VMwareTools-*.tar.gz"
+    use_regex: yes
+  register: vmware_tools_files
+
+- block:
+    - name: Decompress VMware Tools installer into archive folder.
+      unarchive:
+        src: "{{ vmware_tools_files.files[0] }}"
+        dest: /tmp/vmfusion-archive
+        remote_src: yes
+
+    - name: Run the VMware tools installer.
+      shell: /tmp/vmfusion-archive/vmware-tools-distrib/vmware-install.pl --default
+      changed_when: false
+  when: vmware_tools_files.matched > 0
+
+- name: Unmount VMware tools.
+  mount:
+    name: /tmp/vmfusion
+    src: /home/{{ local_account_username }}/linux.iso
+    fstype: iso9660
+    state: absent
+
+- name: Remove temporary directories for VMware tools.
+  file:
+    path: "/tmp/{{ item }}"
+    state: absent
+  loop:
+    - vmfusion
+    - vmfusion-archive
+
+- name: Delete VMware Tools.
+  file:
+    path: /home/{{ local_account_username }}/linux.iso
+    state: absent

roles/oatakan.rhel_template_build/tasks/vmware.yml

@@ -0,0 +1,16 @@
+---
+- name: Add vmhgfs module (RHEL 6).
+  template:
+    src: vmhgfs.modules.j2
+    dest: /etc/sysconfig/modules/vmhgfs.modules
+    mode: 0755
+  when: ansible_distribution_major_version|int <= 6
+
+- name: Install open-vm-tools.
+  yum:
+    name: open-vm-tools
+    state: present
+  when: ansible_distribution_major_version|int >= 7
+
+- include_tasks: vmware-tools.yml
+  when: ansible_distribution_major_version|int <= 6