feat(role): Initial commit

2025-04-03 00:12:58 +02:00
parent 3e9b2ba91a
commit cf55d8b20e
11 changed files with 299 additions and 2 deletions
--- a/tasks/archlinux-auto-updates.yml
+++ b/tasks/archlinux-auto-updates.yml
@@ -0,0 +1,72 @@
+# SPDX-License-Identifier: MIT
+- name: 'If Arch Linux create dir to Git clone repo for restart detection'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  ansible.builtin.file:
+    path: '{{ genvm_os_needs_restart_git_clone_dir }}'
+    state: 'directory'
+
+- name: 'If Arch Linux Git clone repo for restart detection'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  ansible.builtin.git:
+    repo: '{{ genvm_os_needs_restart_git_repo }}'
+    dest: '{{ genvm_os_needs_restart_git_clone_dir }}'
+    version: '{{ genvm_os_needs_restart_git_branch }}'
+
+- name: 'If Arch Linux create symlinks to repo for restart detection'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  loop_control:
+    loop_var: 'genvm_os_needs_restart_symlink'
+    label: 'Create symlink to ''{{ genvm_os_needs_restart_symlink.target | basename }}'''
+  loop:
+    - { target: '{{ genvm_os_needs_restart_git_clone_dir }}/arch-needs-restart.sh', symlink: '/usr/local/bin/arch-needs-restart' }
+    - { target: '{{ genvm_os_needs_restart_git_clone_dir }}/arch-needs-restart.hook', symlink: '/usr/share/libalpm/hooks/arch-needs-restart.hook' }
+  ansible.builtin.file:
+    src: '{{ genvm_os_needs_restart_symlink.target }}'
+    dest: '{{ genvm_os_needs_restart_symlink.symlink }}'
+    state: 'link'
+    force: true
+
+- name: 'If Arch Linux create dir to Git clone repo for OS auto-upgrades'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  ansible.builtin.file:
+    path: '{{ genvm_os_auto_upgrades_git_clone_dir }}'
+    state: 'directory'
+
+- name: 'If Arch Linux Git clone repo for OS auto-upgrades'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  ansible.builtin.git:
+    repo: '{{ genvm_os_auto_upgrades_git_repo }}'
+    dest: '{{ genvm_os_auto_upgrades_git_clone_dir }}'
+    version: '{{ genvm_os_auto_upgrades_git_branch }}'
+  notify:
+    - 'Reload systemd unit configs'
+
+- name: 'If Arch Linux create symlinks to repo for OS auto-upgrades'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  loop_control:
+    loop_var: 'genvm_os_auto_upgrades_symlink'
+    label: 'Create symlink to ''{{ genvm_os_auto_upgrades_symlink.target | basename }}'''
+  loop:
+    - { target: '{{ genvm_os_auto_upgrades_git_clone_dir }}/arch-linux-update-and-restart.service', symlink: '/etc/systemd/system/arch-linux-update-and-restart.service' }
+    - { target: '{{ genvm_os_auto_upgrades_git_clone_dir }}/arch-linux-update-and-restart.timer', symlink: '/etc/systemd/system/arch-linux-update-and-restart.timer' }
+  ansible.builtin.file:
+    src: '{{ genvm_os_auto_upgrades_symlink.target }}'
+    dest: '{{ genvm_os_auto_upgrades_symlink.symlink }}'
+    state: 'link'
+    force: true
+  notify:
+    - 'Reload systemd unit configs'
+
+- name: 'If Arch Linux enable systemd timer for OS auto-upgrades'
+  ansible.builtin.systemd_service:
+    name: 'arch-linux-update-and-restart.timer'
+    state: 'started'
+    enabled: true
+
+- name: 'If Arch Linux make sure pacman ignores kernel updates (our zfs-dkms may not always be compatible)'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  community.general.ini_file:
+    path: '/etc/pacman.conf'
+    section: 'options'
+    option: 'IgnorePkg'
+    value: 'linux linux-headers'
--- a/tasks/archlinux-package-management.yml
+++ b/tasks/archlinux-package-management.yml
@@ -0,0 +1,22 @@
+# SPDX-License-Identifier: MIT
+- name: 'If Arch Linux set paru package manager to list search results bottom-up'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  community.general.ini_file:
+    path: '/etc/paru.conf'
+    section: 'options'
+    option: 'BottomUp'
+    allow_no_value: true
+
+- name: 'If Arch Linux copy pacman config file with custom options'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  ansible.builtin.copy:
+    src: 'etc/pacman.d/pacman.conf'
+    dest: '/etc/pacman.d/pacman.conf'
+
+- name: 'If Arch Linux include our custom pacman config in main pacman config'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  community.general.ini_file:
+    path: '/etc/pacman.conf'
+    section: 'options'
+    option: 'Include'
+    value: '/etc/pacman.d/pacman.conf'
--- a/tasks/archlinux-pacman-hook.yml
+++ b/tasks/archlinux-pacman-hook.yml
@@ -0,0 +1,84 @@
+# SPDX-License-Identifier: MIT
+- name: 'If Arch Linux create dir to Git clone repo for pacman hook for ZFS dataset snapshots'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  ansible.builtin.file:
+    path: '{{ genvm_pacman_hook_git_base_dir }}/{{ genvm_pacman_hook_git_branch }}'
+    state: 'directory'
+
+- name: 'If Arch Linux Git clone repo for pacman hook for ZFS dataset snapshots'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  ansible.builtin.git:
+    repo: 'https://quico.space/quico-os-setup/zfs-pacman-hook'
+    dest: '{{ genvm_pacman_hook_git_base_dir }}/{{ genvm_pacman_hook_git_branch }}'
+    version: '{{ genvm_pacman_hook_git_branch }}'
+
+- name: 'If Arch Linux get list of checked out branches of repo for pacman hook for ZFS dataset snapshots'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  register: 'genvm_pacman_hook_branches_actual'
+  changed_when: false
+  ansible.builtin.shell: |
+    ls -1 '{{ genvm_pacman_hook_git_base_dir }}'
+
+- name: 'If Arch Linux remove unneeded branches of repo for pacman hook for ZFS dataset snapshots'
+  when: 'item != genvm_pacman_hook_git_branch and ansible_facts[''os_family''] | lower == ''archlinux'''
+  loop_control:
+    label: 'If unneeded delete branch ''{{ item }}'''
+  loop: '{{ genvm_pacman_hook_branches_actual.stdout_lines }}'
+  ansible.builtin.file:
+    path: '{{ genvm_pacman_hook_git_base_dir }}/{{ item }}'
+    state: 'absent'
+
+- name: 'If Arch Linux create symlinks to repo for pacman hook for ZFS dataset snapshots'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  loop_control:
+    loop_var: 'genvm_pacman_hook_symlink'
+    label: 'Create symlink to ''{{ genvm_pacman_hook_symlink.target | basename }}'''
+  loop:
+    - { target: '{{ genvm_pacman_hook_git_base_dir }}/{{ genvm_pacman_hook_git_branch }}/pacman-zfs-snapshot.sh', symlink: '/usr/local/bin/pacman-zfs-snapshot' }
+    - { target: '{{ genvm_pacman_hook_git_base_dir }}/{{ genvm_pacman_hook_git_branch }}/pacman-zfs-snapshot-install.hook', symlink: '/usr/share/libalpm/hooks/00-pacman-zfs-snapshot-install.hook' }
+    - { target: '{{ genvm_pacman_hook_git_base_dir }}/{{ genvm_pacman_hook_git_branch }}/pacman-zfs-snapshot-remove.hook', symlink: '/usr/share/libalpm/hooks/00-pacman-zfs-snapshot-remove.hook' }
+    - { target: '{{ genvm_pacman_hook_git_base_dir }}/{{ genvm_pacman_hook_git_branch }}/pacman-zfs-snapshot-upgrade.hook', symlink: '/usr/share/libalpm/hooks/00-pacman-zfs-snapshot-upgrade.hook' }
+    - { target: '{{ genvm_pacman_hook_git_base_dir }}/{{ genvm_pacman_hook_git_branch }}/pacman-zfs-snapshot.conf', symlink: '/etc/pacman-zfs-snapshot.conf' }
+  ansible.builtin.file:
+    src: '{{ genvm_pacman_hook_symlink.target }}'
+    dest: '{{ genvm_pacman_hook_symlink.symlink }}'
+    state: 'link'
+    force: true
+
+- name: 'If Arch Linux get list of datasets'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  register: 'genvm_pacman_hook_auto_snapshot_datasets_list'
+  changed_when: false
+  ansible.builtin.shell: |
+    zfs list -H -o name
+
+- name: 'If Arch Linux check current state of auto-snapshot marker on datasets'
+  when: 'ansible_facts[''os_family''] | lower == ''archlinux'''
+  register: 'genvm_pacman_hook_auto_snapshot_datasets_actual'
+  changed_when: false
+  loop_control:
+    loop_var: 'dataset'
+    label: 'Check if dataset ''{{ dataset }}'' is marked for auto-snapshotting'
+  loop: '{{ genvm_pacman_hook_auto_snapshot_datasets_list.stdout_lines }}'
+  ansible.builtin.shell: |
+    zfs get -H -o value space.quico:auto-snapshot '{{ dataset }}'
+
+- name: 'If Arch Linux mark ZFS datasets for auto-snapshotting'
+  when: 'genvm_pacman_hook_auto_snapshot_datasets_actual[''results''][i][''stdout_lines''] | first != ''true'' and dataset in genvm_pacman_hook_auto_snapshot_datasets and ansible_facts[''os_family''] | lower == ''archlinux'''
+  loop_control:
+    loop_var: 'dataset'
+    index_var: 'i'
+    label: 'If not marked for auto-snapshotting - {% if genvm_pacman_hook_auto_snapshot_datasets_actual[''results''][i][''stdout_lines''] | first != ''true'' and dataset in genvm_pacman_hook_auto_snapshot_datasets %}⚠️{% else %}✅{% endif %} expected {% if dataset in genvm_pacman_hook_auto_snapshot_datasets %}yes{% else %} no{% endif %}/was actually {% if genvm_pacman_hook_auto_snapshot_datasets_actual[''results''][i][''stdout_lines''] | first != ''true'' %} no{% else %}yes{% endif %} - mark ZFS dataset ''{{ dataset }}'''
+  loop: '{{ genvm_pacman_hook_auto_snapshot_datasets_list.stdout_lines }}'
+  ansible.builtin.shell: |
+    zfs set space.quico:auto-snapshot=true '{{ dataset }}'
+
+- name: 'If Arch Linux unmark ZFS datasets for auto-snapshotting'
+  when: 'genvm_pacman_hook_auto_snapshot_datasets_actual[''results''][i][''stdout_lines''] | first == ''true'' and dataset not in genvm_pacman_hook_auto_snapshot_datasets and ansible_facts[''os_family''] | lower == ''archlinux'''
+  loop_control:
+    loop_var: 'dataset'
+    index_var: 'i'
+    label: 'If incorrectly marked for auto-snapshotting - {% if genvm_pacman_hook_auto_snapshot_datasets_actual[''results''][i][''stdout_lines''] | first == ''true'' and dataset not in genvm_pacman_hook_auto_snapshot_datasets %}⚠️{% else %}✅{% endif %} expected {% if dataset not in genvm_pacman_hook_auto_snapshot_datasets %} no{% else %}yes{% endif %}/was actually {% if genvm_pacman_hook_auto_snapshot_datasets_actual[''results''][i][''stdout_lines''] | first == ''true'' %}yes{% else %} no{% endif %} - unmark ZFS dataset ''{{ dataset }}'''
+  loop: '{{ genvm_pacman_hook_auto_snapshot_datasets_list.stdout_lines }}'
+  ansible.builtin.shell: |
+    zfs inherit space.quico:auto-snapshot '{{ dataset }}'
--- a/tasks/archlinux-zfs-pacman-cache.yml
+++ b/tasks/archlinux-zfs-pacman-cache.yml
@@ -0,0 +1,28 @@
+# SPDX-License-Identifier: MIT
+- name: 'Check if ZFS functional'
+  register: 'genvm_archlinux_zfs_pacman_cache_os_has_functional_zfs'
+  changed_when: false
+  failed_when: false
+  ansible.builtin.shell: |
+    zpool list
+
+- name: 'If ZFS functional check if pacman cache dataset exists'
+  when: 'genvm_archlinux_zfs_pacman_cache_os_has_functional_zfs.rc == 0'
+  register: 'genvm_archlinux_zfs_pacman_cache_zfs_has_pacman_cache_dataset'
+  changed_when: false
+  failed_when: false
+  ansible.builtin.shell: |
+    zfs list zpool/data/var/cache/pacman/pkg
+    
+- name: 'If no pacman cache dataset exists create dataset'
+  when: 'genvm_archlinux_zfs_pacman_cache_zfs_has_pacman_cache_dataset.rc > 0'
+  register: 'genvm_archlinux_zfs_pacman_cache_pacman_cache_dir_was_temp_moved'
+  changed_when: 'genvm_archlinux_zfs_pacman_cache_pacman_cache_dir_was_temp_moved.rc == 0'
+  ansible.builtin.shell: |
+    mv '/var/cache/pacman/pkg'{,'.bak'} && \
+    if ! zfs list zpool/data/var &>/dev/null; then zfs create -o canmount=off zpool/data/var; fi && \
+    if ! zfs list zpool/data/var/cache &>/dev/null; then zfs create -o canmount=off zpool/data/var/cache; fi && \
+    if ! zfs list zpool/data/var/cache/pacman &>/dev/null; then zfs create -o canmount=off zpool/data/var/cache/pacman; fi && \
+    zfs create zpool/data/var/cache/pacman/pkg && \
+    rsync -a --remove-source-files '/var/cache/pacman/pkg'{'.bak',}'/' && \
+    find '/var/cache/pacman/pkg.bak' -type d -empty -delete
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -0,0 +1,5 @@
+# SPDX-License-Identifier: MIT
+- import_tasks: archlinux-pacman-hook.yml
+- import_tasks: archlinux-package-management.yml
+- import_tasks: archlinux-auto-updates.yml
+- import_tasks: archlinux-zfs-pacman-cache.yml