209 Create iocage pkglist file
Use case
Use the role vbotka.freebsd.iocage to create iocage list of packages for Automatic Package Installation. Create Ansible template for Apache HTTP server.
Tree
shell> tree .
.
├── ansible.cfg
├── files
│ ├── pk_admins.txt
│ └── pkgs.json
├── group_vars
│ └── all
│ ├── pkgdict.yml
│ ├── pkgdict_versions.yml
│ └── pkglist.yml
├── host_vars
│ └── iocage_04
│ └── iocage.yml
├── iocage.ini
└── pb-pkglist.yml
Synopsis
At the control node use:
-
to create iocage list of packages
files/pkgs.jsonfor Automatic Package Installation of the Apache HTTP Server.
playbook vbotka.freebsd.pb_iocage_template.yml:
to create Ansible template
ansible_client_apache.
Requirements
Notes
Use the same
pkgdict_*.ymlvariables in:role vbotka.freebsd.poudriere to build packages
role vbotka.freebsd.packages to install packages
role vbotka.freebsd.iocage to install packages in jails.
The inventory
iocage.iniis not needed to create the filepkgs.json. It would be sufficient to run the play at thelocalhost. It is used here because normally the filespkgs.json, after being created, are used in theiocagemanaged nodes.This example covers the simplest case of creating the common file
pkgs.jsonfor all managed nodes in the groupiocage.See the tasks
playbooks/pb_iocage_template/pkglist.ymlhow thetemplateattributepkglistis used.
See also
pkgdict_*.yamlvariables in the role vbotka.freebsd.postinstall defaults
ansible.cfg
[defaults]
gathering = explicit
callback_result_format = yaml
display_skipped_hosts = false
[connection]
pipelining = true
Inventory iocage.ini
iocage_04 ansible_host=10.1.0.29
[iocage]
iocage_04
[iocage:vars]
ansible_user=admin
ansible_become=true
ansible_python_interpreter=auto_silent
group_vars
group_vars/all/pkglist.yml
freebsd_iocage_pkglist_dict: "{{ pkg_dict }}"
freebsd_iocage_pkglist_pkgs: [apache, minimal]
group_vars/all/pkgdict.yml
pkg_dict:
ansible:
- sysutils/ansible
- sysutils/py-ansible-lint
- sysutils/py-ansible-runner
apache:
- www/apache{{ apache_version }}
- www/mod_php{{ apache_php_version }}
apcups:
- sysutils/apcupsd
minimal:
- archivers/gtar
- devel/git@default
- ftp/wget
- net/rsync
- ports-mgmt/pkg
- ports-mgmt/portmaster
- ports-mgmt/portupgrade
- security/sudo
- shells/bash
mysql:
- databases/mysql{{ bsd_mysql_version }}-client
- databases/mysql{{ bsd_mysql_version }}-server
mysql_extra:
- databases/py-pymysql
- databases/py-mysql-connector-python
- databases/py-mysqlclient
poudriere:
- ports-mgmt/poudriere
- ports-mgmt/portmaster
- devel/ccache
procmail:
- mail/procmail
python:
- lang/python{{ bsd_python_version }}
- lang/python
- lang/python3
qemu:
- emulators/qemu
qemu_user_static:
- emulators/qemu-user-static
security:
- security/ca_root_nss
- security/openssl
- security/py-acme
- security/py-acme-tiny
- security/py-certbot
- security/py-cryptography
- security/py-pyopenssl
smart:
- sysutils/smartmontools
- sysutils/smart
snmpd:
- net-mgmt/net-snmp
- net-mgmt/py-pysnmp
ssmtp:
- mail/ssmtp
syslog-ng:
- sysutils/syslog-ng
wpa_supplicant:
- security/wpa_supplicant
group_vars/all/pkgdict_versions.yml
# Default versions
apache_version_default: "2.4"
apache_php_version_default: "8.4"
bsd_gcc_version_default: "14"
bsd_linux_version_default: c7
bsd_mysql_version_default: "8.0"
bsd_perl_version_default: "5.42"
bsd_php_version_default: "8.4"
bsd_python_version_default: "3.11"
bsd_ssl_version_default: openssl
# Default versions from /usr/ports/Mk/bsd.default-versions.mk if
# enabled (fp_vars_default_versions=true). See tasks/vars.yml
apache_version: "{{ pf_default_versions.APACHE_DEFAULT | d(apache_version_default) | string | split('.') | join }}"
apache_php_version: "{{ pf_default_versions.PHP_DEFAULT | d(apache_php_version_default) | string | split('.') | join }}"
bsd_bind_version: "918"
bsd_dhcp_version: "44"
bsd_gcc_version: "{{ pf_default_versions.GCC_DEFAULT | d(bsd_gcc_version_default) | string }}"
bsd_linux_version: "{{ pf_default_versions.LINUX_DEFAULT | d(bsd_linux_version_default) | string }}"
bsd_mysql_version: "{{ pf_default_versions.MYSQL_DEFAULT | d(bsd_mysql_version_default) | string | split('.') | join }}"
bsd_perl_version: "{{ pf_default_versions.PERL5_DEFAULT | d(bsd_perl_version_default) | string }}"
bsd_php_version: "{{ pf_default_versions.PHP_DEFAULT | d(bsd_php_version_default) | string | split('.') | join }}"
bsd_python_version: "{{ pf_default_versions.PYTHON_DEFAULT | d(bsd_python_version_default) | string | split('.') | join }}"
bsd_ssl_version: "{{ pf_default_versions.SSL_DEFAULT | d(bsd_ssl_version_default) | string }}"
# Make default versions
bsd_make_gcc_version: "{{ bsd_gcc_version }}"
bsd_make_mysql_version: "{{ bsd_mysql_version[0] }}.{{ bsd_mysql_version[1:] }}"
bsd_make_perl_version: "{{ bsd_perl_version }}"
bsd_make_php_version: "{{ bsd_php_version[0] }}.{{ bsd_php_version[1:] }}"
bsd_make_python_version: "{{ bsd_python_version[0] }}.{{ bsd_python_version[1:] }}"
bsd_make_ssl_version: "{{ bsd_ssl_version }}"
host_vars
host_vars/iocage_04/iocage.yml
freebsd_iocage_pool: iocage
freebsd_iocage_pool_mount: /iocage
freebsd_iocage_mount: /iocage/iocage
templates:
ansible_client_apache:
release: 15.0-RELEASE
properties:
bpf: 1
dhcp: 1
vnet: 1
dhclient: "{{ act_dhclient | dict2items }}"
rcconf: "{{ act_rcconf | dict2items }}"
pkglist: /tmp/ansible/ansible_client_apache/pkgs.json
# ansible client template defaults
act_user: admin
act_pk: pk_admins.txt
act_sudo: true
act_rcconf:
iocage_enable: "YES"
sshd_enable: "YES"
act_dhclient:
dhclient-exit-hooks: |
case "$reason" in
"BOUND"|"REBIND"|"REBOOT"|"RENEW")
echo $new_ip_address > /var/db/dhclient-hook.address.$interface
;;
esac
Playbook pb-pkglist.yml
- name: Create pkglist file.
hosts: iocage
remote_user: admin
tasks:
- ansible.builtin.import_role:
name: vbotka.freebsd.iocage
tasks_from: pkglist
Playbook output - Create pkgs.json
(env) > ansible-playbook pb.yml -i iocage.ini
PLAY [Create pkglist file.] ****************************************************
TASK [vbotka.freebsd.iocage : Pkglist: Sanity. All package lists are in dictionary.] ***
ok: [iocage_04 -> localhost]
TASK [vbotka.freebsd.iocage : Pkglist: Create dictionary for pkglist files.] ***
ok: [iocage_04 -> localhost]
TASK [vbotka.freebsd.iocage : Pkglist: Create pkglist file.] *******************
ok: [iocage_04 -> localhost]
PLAY RECAP *********************************************************************
iocage_04 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Result
files/pkgs.json
{
"pkgs": [
"archivers/gtar",
"devel/git@default",
"ftp/wget",
"net/rsync",
"ports-mgmt/pkg",
"ports-mgmt/portmaster",
"ports-mgmt/portupgrade",
"security/sudo",
"shells/bash",
"www/apache24",
"www/mod_php84"
]
}
Playbook output - Create template
(env) > ansible-playbook vbotka.freebsd.pb_iocage_template.yml -i iocage.ini
PLAY [Create Ansible client templates.] ****************************************
TASK [Setup: Get iocage list of templates.] ************************************
ok: [iocage_04]
TASK [Setup: Set dictionary iocage_templates] **********************************
ok: [iocage_04]
TASK [Pkglist: Create directories for pkglist files.] **************************
ok: [iocage_04] => (item=ansible_client_apache /tmp/ansible/ansible_client_apache/pkgs.json)
TASK [Pkglist: Copy pkglist files.] ********************************************
ok: [iocage_04] => (item=ansible_client_apache /tmp/ansible/ansible_client_apache/pkgs.json)
TASK [Create: Create templates.] ***********************************************
changed: [iocage_04] => (item=ansible_client_apache 15.0-RELEASE)
TASK [Start: Start jails.] *****************************************************
ok: [iocage_04]
TASK [User: Create user.] ******************************************************
changed: [iocage_04] => (item=ansible_client_apache admin)
TASK [Pk: The keys are valid.] *************************************************
ok: [iocage_04] =>
changed: false
msg: All assertions passed
TASK [Pk: Configure public keys.] **********************************************
changed: [iocage_04] => (item=ansible_client_apache admin)
TASK [Pk: Chown .ssh] **********************************************************
ok: [iocage_04] => (item=ansible_client_apache admin)
TASK [Sudo: Configure sudo.] ***************************************************
changed: [iocage_04] => (item=ansible_client_apache admin)
TASK [Dhclient: Configure hooks.] **********************************************
changed: [iocage_04] => (item=ansible_client_apache dhclient-exit-hooks)
TASK [Rcconf: Configure /etc/rc.conf] ******************************************
changed: [iocage_04] => (item=ansible_client_apache iocage_enable YES)
changed: [iocage_04] => (item=ansible_client_apache sshd_enable YES)
TASK [Stop: Stop jails.] *******************************************************
ok: [iocage_04]
TASK [Template: Set template.] *************************************************
ok: [iocage_04] => (item=ansible_client_apache)
PLAY RECAP *********************************************************************
iocage_04 : ok=15 changed=6 unreachable=0 failed=0 skipped=27 rescued=0 ignored=0