Fix OpenBSD installs

2022-07-13 12:01:37 +00:00 · 2022-07-13 12:01:37 +00:00 · f371c3436f
commit f371c3436f
parent 0aad691b2e
3 changed files with 41 additions and 9 deletions
--- a/playbooks/dna-gw.yml
+++ b/playbooks/dna-gw.yml
@ -23,10 +23,15 @@
    - name: use configured dns servers and domain name
      copy:
        dest: /etc/dhclient.conf
-        content: "ignore domain-name-servers, domain-name;"
+        content: "ignore domain-name-servers, domain-name;\n"
        mode: 0644
        owner: root
        group: "{{ ansible_wheel }}"
+    - name: disable resolvd
+      ansible.builtin.service:
+        name: resolvd
+        state: stopped
+        enabled: false

    - name: enable ip forwarding
      sysctl:
@ -59,20 +64,49 @@
        group: "{{ ansible_wheel }}"
    - name: create tftp pxeboot loader for openbssd
      get_url:
-        url: "https://mirrors.foo.sh/openbsd/6.9/amd64/pxeboot"
-        checksum: sha1:e04ff88afbd41fbd33fc68bdb027c0f5bf8d29af
+        url: "https://mirrors.foo.sh/openbsd/7.1/amd64/pxeboot"
+        checksum: sha1:2acf476afc545f099840945bc03c23de321f421f
        dest: /srv/tftpboot/pxeboot
        mode: 0644
        owner: root
        group: "{{ ansible_wheel }}"
    - name: create tftp ramdisk for openbsd
      get_url:
-        url: "https://mirrors.foo.sh/openbsd/6.9/amd64/bsd.rd"
-        checksum: sha1:4d9df57080b89e954cef28366db52f2d66e66426
+        url: "https://mirrors.foo.sh/openbsd/7.1/amd64/bsd.rd"
+        checksum: sha1:3ed026859ab7fb54b4e279b65f3d3e58a56dda5d
        dest: /srv/tftpboot/bsd.rd
        mode: 0644
        owner: root
        group: "{{ ansible_wheel }}"
+    - name: create install.conf for openbsd
+      get_url:
+        url: "https://boot.foo.sh/openbsd/install.conf"
+        checksum: sha1:f6270708dad3f759df02eefeab300d9b8670f3d4
+        dest: /srv/tftpboot/install.conf
+        mode: 0644
+        owner: root
+        group: "{{ ansible_wheel }}"
+
+    - name: copy custom nginx config
+      copy:
+        dest: /etc/nginx/conf.d/172.20.20.1.conf
+        content: |
+          server {
+            listen 172.20.20.1:80;
+            server_name 172.20.20.1;
+            location / {
+              location /install.conf {
+                alias /srv/tftpboot/install.conf;
+              }
+              location / {
+                deny all;
+              }
+            }
+          }
+        mode: 0644
+        owner: root
+        group: "{{ ansible_wheel }}"
+      notify: restart nginx

    - name: copy dns private key
      copy: