Update README, change needed vars files, edit .gitignore and remove unneeded environment variable
This commit is contained in:
parent
8a6d16e2dc
commit
7b337c2db1
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -1 +1,2 @@
|
||||||
/vars/
|
/vars/evolinux-secrets.yml
|
||||||
|
/vars/evolix-main.yml
|
||||||
|
|
53
README.md
53
README.md
|
@ -1,13 +1,10 @@
|
||||||
# EvoBSD
|
# EvoBSD
|
||||||
|
|
||||||
EvoBSD is an ansible project used for customising OpenBSD hosts
|
EvoBSD is an ansible project used for customising OpenBSD hosts used by Evolix.
|
||||||
used by Evolix.
|
|
||||||
|
|
||||||
## How to install an OpenBSD machine
|
## How to install an OpenBSD machine
|
||||||
|
|
||||||
**Note :** The system must be installed with a root account only.
|
**Note :** The system must be installed with a root account only.
|
||||||
Put your public key in the remote root's autorized_keys
|
|
||||||
(/root/.ssh/authorized_keys)
|
|
||||||
|
|
||||||
1. Install ansible's prerequisites
|
1. Install ansible's prerequisites
|
||||||
|
|
||||||
|
@ -17,6 +14,8 @@ ansible-playbook prerequisite.yml -CDi hosts -l HOSTNAME
|
||||||
|
|
||||||
2. Run it
|
2. Run it
|
||||||
|
|
||||||
|
The variables files evolix-main.yml and evolinux-secrets.yml are customized variables for Evolix that overwrite main.yml variables. They are not needed if you are not from Evolix.
|
||||||
|
|
||||||
First use (become_method: su) :
|
First use (become_method: su) :
|
||||||
|
|
||||||
```
|
```
|
||||||
|
@ -29,52 +28,8 @@ Subsequent use (become_method: sudo) :
|
||||||
ansible-playbook evolixisation.yml --ask-vault-pass -CDKi hosts --skip-tags pf -l HOSTNAME
|
ansible-playbook evolixisation.yml --ask-vault-pass -CDKi hosts --skip-tags pf -l HOSTNAME
|
||||||
```
|
```
|
||||||
|
|
||||||
### Testing
|
|
||||||
|
|
||||||
Changes can be tested by using [Packer](https://www.packer.io/) and
|
|
||||||
[vmm(4)](https://man.openbsd.org/vmm.4) :
|
|
||||||
|
|
||||||
* This process depends on the [Go](https://golang.org/) programming language.
|
|
||||||
|
|
||||||
**Packages**
|
|
||||||
|
|
||||||
Needing a Golang eco system and some basics
|
|
||||||
|
|
||||||
````
|
|
||||||
pkg_add go-- packer-- git--
|
|
||||||
````
|
|
||||||
|
|
||||||
* We use the [packer-builder-openbsd-vmm](https://github.com/double-p/packer-builder-openbsd-vmm) project to bridge Packer and vmm(4)
|
|
||||||
|
|
||||||
````
|
|
||||||
git clone https://github.com/double-p/packer-builder-openbsd-vmm.git
|
|
||||||
````
|
|
||||||
|
|
||||||
**builds**
|
|
||||||
|
|
||||||
Set ````GOPATH```` (default: ~/go), if the 1.4GB dependencies wont fit.
|
|
||||||
|
|
||||||
````
|
|
||||||
make
|
|
||||||
make install
|
|
||||||
````
|
|
||||||
|
|
||||||
* You need your unprivileged user to be able to run vmctl(8) through doas(1)
|
|
||||||
|
|
||||||
```
|
|
||||||
echo "permit nopass myunprivilegeduser as root cmd /usr/sbin/vmctl" >> /etc/doas.conf
|
|
||||||
```
|
|
||||||
|
|
||||||
See packer-builder-openbsd-vmm/examples/README.examples for further instructions
|
|
||||||
|
|
||||||
* Enable NAT on your host machine
|
|
||||||
|
|
||||||
```
|
|
||||||
pass out on em0 inet from tap0:network to any nat-to (em0)
|
|
||||||
```
|
|
||||||
*assuming em0 is your egress interface*
|
|
||||||
|
|
||||||
## Contributions
|
## Contributions
|
||||||
|
|
||||||
See the [contribution guidelines](CONTRIBUTING.md)
|
See the [contribution guidelines](CONTRIBUTING.md)
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
|
@ -16,8 +16,8 @@
|
||||||
|
|
||||||
vars_files:
|
vars_files:
|
||||||
- vars/main.yml
|
- vars/main.yml
|
||||||
- vars/secrets.yml
|
- vars/evolix-main.yml
|
||||||
- vars/openbsd-secret.yml
|
- vars/evolinux-secrets.yml
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- etc-git
|
- etc-git
|
||||||
|
@ -40,6 +40,3 @@
|
||||||
- include_role:
|
- include_role:
|
||||||
name: evocheck
|
name: evocheck
|
||||||
tasks_from: exec.yml
|
tasks_from: exec.yml
|
||||||
|
|
||||||
# environment:
|
|
||||||
# PKG_PATH: "http://ftp.openbsd.org/pub/OpenBSD/{{ ansible_distribution_version }}/packages/{{ ansible_architecture }}/"
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
- name: Retrieve ntpd.conf content
|
- name: Retrieve ntpd.conf content
|
||||||
command: cat ntpd.conf
|
command: cat ntpd.conf
|
||||||
args:
|
args:
|
||||||
chdir: /etc/
|
chdir: /etc/
|
||||||
check_mode: no
|
check_mode: no
|
||||||
register: ntpd_conf
|
register: ntpd_conf
|
||||||
|
|
Loading…
Reference in a new issue