aurutils install working
This commit is contained in:
parent
c05f3a845b
commit
85330c8645
@ -4,6 +4,6 @@ ansible_fqdn: hv00.balsillie.house
|
||||
ansible_remote_addr: 10.192.110.100
|
||||
ansible_port: 22
|
||||
ansible_user: ladmin
|
||||
ansible_become_user: root
|
||||
ansible_become_method: sudo
|
||||
# ansible_become_user: root
|
||||
ansible_become_method: ansible.builtin.sudo
|
||||
static_fqdn: hv00.balsillie.house
|
@ -0,0 +1,5 @@
|
||||
aur_repo_packager_name: "Balsillie Family"
|
||||
aur_repo_packager_email: "admin@balsillie.net"
|
||||
aur_repo_dir: "/aur"
|
||||
|
||||
aur_repo_build_account: "aur-builder"
|
@ -1,2 +0,0 @@
|
||||
---
|
||||
ansible_host: hv00.balsillie.net
|
@ -2,7 +2,7 @@ nginx_sites:
|
||||
- name: tv.balsillie.house
|
||||
upstream:
|
||||
host: 127.0.0.1
|
||||
port: 8080
|
||||
port: 8989
|
||||
- name: movies.balsillie.house
|
||||
upstream:
|
||||
host: 127.0.0.1
|
||||
|
9
ansible/playbooks/infra/hv00.yaml
Normal file
9
ansible/playbooks/infra/hv00.yaml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
|
||||
- name: Setup core home router
|
||||
hosts:
|
||||
- hv00.balsillie.house
|
||||
gather_facts: true
|
||||
become: true
|
||||
roles:
|
||||
- role: aur_repo
|
@ -1,4 +1,6 @@
|
||||
- name: Install media services
|
||||
---
|
||||
|
||||
- name: Setup Kodi boxes
|
||||
hosts:
|
||||
- kodi00.balsillie.house
|
||||
gather_facts: true
|
||||
@ -7,3 +9,4 @@
|
||||
# - role: sshd
|
||||
# - role: ufw
|
||||
- role: nginx
|
||||
- role: arr
|
||||
|
@ -1,41 +0,0 @@
|
||||
---
|
||||
|
||||
# Arch install bare metal
|
||||
|
||||
# Systemd networking
|
||||
|
||||
# - name: Setup systemd-networkd
|
||||
# hosts: hv00.balsillie.house
|
||||
# become: true
|
||||
# roles:
|
||||
# - name: systemd_networkd
|
||||
# vars:
|
||||
# ansible_host: 192.168.1.106
|
||||
|
||||
# Serial console
|
||||
|
||||
# - name: Setup serial console
|
||||
# hosts: hv00.balsillie.house
|
||||
# become: true
|
||||
# roles:
|
||||
# - name: serial_console
|
||||
|
||||
# Hypervisor setup
|
||||
|
||||
# - name: Configure hypervisor
|
||||
# hosts: hv00.balsillie.house
|
||||
# gather_facts: true
|
||||
# become: true
|
||||
# roles:
|
||||
# - name: hypervisor
|
||||
|
||||
# SSHd setup
|
||||
|
||||
- name: Configure sshd
|
||||
hosts: hv00.balsillie.house
|
||||
gather_facts: true
|
||||
become: true
|
||||
roles:
|
||||
- name: sshd_setup
|
||||
|
||||
# VM setup
|
24
ansible/roles/arr/tasks/main.yaml
Normal file
24
ansible/roles/arr/tasks/main.yaml
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
|
||||
- name: Check if Pikaur is installed
|
||||
when: ansible_facts['os_family'] == "Archlinux"
|
||||
ansible.builtin.stat:
|
||||
follow: true
|
||||
path: /usr/bin/pikaur
|
||||
register: pikaur_stat
|
||||
|
||||
- name: Branch to Pikaur setup role if Pikaur is not installed
|
||||
when:
|
||||
- ansible_facts['os_family'] == "Archlinux"
|
||||
- not pikaur_stat.stat.exists
|
||||
ansible.builtin.include_role:
|
||||
name: pikaur
|
||||
|
||||
- name: Install arr packages from AUR
|
||||
when: ansible_facts['os_family'] == "Archlinux"
|
||||
community.general.pacman:
|
||||
executable: pikaur
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
update_cache: "{{ item == arr_packages.0 }}"
|
||||
loop: "{{ arr_packages }}"
|
6
ansible/roles/arr/vars/main.yaml
Normal file
6
ansible/roles/arr/vars/main.yaml
Normal file
@ -0,0 +1,6 @@
|
||||
arr_packages:
|
||||
- sonarr
|
||||
- radarr
|
||||
- lidarr
|
||||
- bazarr
|
||||
- prowlarr
|
170
ansible/roles/aur_repo/tasks/main.yaml
Normal file
170
ansible/roles/aur_repo/tasks/main.yaml
Normal file
@ -0,0 +1,170 @@
|
||||
---
|
||||
|
||||
- name: Create the makepkg drop-in config file
|
||||
ansible.builtin.template:
|
||||
dest: /etc/makepkg.conf.d/makepkg.conf
|
||||
src: makepkg.conf.j2
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
|
||||
- name: Create the build user group
|
||||
ansible.builtin.group:
|
||||
name: "{{ aur_repo_build_account }}"
|
||||
system: true
|
||||
state: present
|
||||
|
||||
- name: Create the build user
|
||||
ansible.builtin.user:
|
||||
name: "{{ aur_repo_build_account }}"
|
||||
password: '!'
|
||||
group: "{{ aur_repo_build_account }}"
|
||||
comment: "AUR Package Builder"
|
||||
shell: /sbin/nologin
|
||||
home: "{{ aur_repo_dir }}"
|
||||
createhome: true
|
||||
system: true
|
||||
state: present
|
||||
|
||||
- name: Create the parent build dir
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
owner: "{{ aur_repo_build_account }}"
|
||||
group: "{{ aur_repo_build_account }}"
|
||||
mode: "0755"
|
||||
loop:
|
||||
- "{{ aur_repo_dir }}"
|
||||
- "{{ aur_repo_dir }}/packages"
|
||||
- "{{ aur_repo_dir }}/sources"
|
||||
- "{{ aur_repo_dir }}/srcpackages"
|
||||
- /var/log/makepkg
|
||||
- /tmp/build
|
||||
|
||||
- name: Check if the singing key is in build user's keyring
|
||||
become: true
|
||||
become_user: "{{ aur_repo_build_account }}"
|
||||
ansible.builtin.command:
|
||||
cmd: gpg2 --list-secret-key --with-colons {{ aur_repo_key_thumbprint }}
|
||||
failed_when: key_result.rc not in [0, 2]
|
||||
changed_when: false
|
||||
register: key_result
|
||||
|
||||
- name: GPG key import block
|
||||
when: key_result.rc == 2
|
||||
block:
|
||||
|
||||
- name: Template out the signing private key
|
||||
ansible.builtin.template:
|
||||
dest: "/tmp/build/signing_key.asc"
|
||||
src: signing_key.asc.j2
|
||||
owner: "{{ aur_repo_build_account }}"
|
||||
group: "{{ aur_repo_build_account }}"
|
||||
mode: "0600"
|
||||
|
||||
- name: Import the signing key
|
||||
become: true
|
||||
become_user: "{{ aur_repo_build_account }}"
|
||||
ansible.builtin.command:
|
||||
cmd: gpg2 --import /tmp/build/signing_key.asc
|
||||
changed_when: true
|
||||
|
||||
- name: Delete the signing key
|
||||
ansible.builtin.file:
|
||||
path: "/tmp/build/signing_key.asc"
|
||||
state: absent
|
||||
|
||||
- name: Check if aurutils is already installed
|
||||
ansible.builtin.stat:
|
||||
follow: true
|
||||
path: /usr/bin/aur
|
||||
register: aurutils_stat
|
||||
|
||||
- name: Aurutils install block
|
||||
when: not aurutils_stat.stat.exists
|
||||
block:
|
||||
|
||||
- name: Install makepkg dependencies
|
||||
community.general.pacman:
|
||||
name:
|
||||
- git
|
||||
- base-devel
|
||||
state: present
|
||||
update_cache: true
|
||||
|
||||
- name: Clone aurutils
|
||||
ansible.builtin.git:
|
||||
depth: 1
|
||||
dest: /tmp/aurutils
|
||||
repo: https://aur.archlinux.org/aurutils.git
|
||||
single_branch: true
|
||||
version: master
|
||||
|
||||
- name: Slurp PKGBUILD contents
|
||||
ansible.builtin.slurp:
|
||||
path: /tmp/aurutils/PKGBUILD
|
||||
register: aurutils_pkgbuild
|
||||
|
||||
- name: Parse PKGBUILD into facts
|
||||
ansible.builtin.set_fact:
|
||||
aurutils_dependencies: "{{ aurutils_pkgbuild['content'] | b64decode | regex_search('(?<=^depends=\\().*(?=\\)$)', multiline=True) | replace(\"'\", '') | split(' ') }}" # noqa: yaml[line-length]
|
||||
aurutils_pkgver: "{{ aurutils_pkgbuild['content'] | b64decode | regex_search('(?<=^pkgver=).*(?=$)', multiline=True) }}"
|
||||
aurutils_pkgrel: "{{ aurutils_pkgbuild['content'] | b64decode | regex_search('(?<=^pkgrel=).*(?=$)', multiline=True) }}"
|
||||
aurutils_arch: "{{ aurutils_pkgbuild['content'] | b64decode | regex_search('(?<=^arch=\\().*(?=\\)$)', multiline=True) | replace(\"'\", '') }}"
|
||||
|
||||
- name: Debug aurutils dependencies
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ aur_repo_dir }}/packages/aurutils-{{ aurutils_pkgver }}-{{ aurutils_pkgrel }}-{{ aurutils_arch }}.pkg.tar.lz4"
|
||||
|
||||
- name: Install aurutils dependencies
|
||||
community.general.pacman:
|
||||
name: "{{ aurutils_dependencies }}"
|
||||
state: present
|
||||
reason: dependency
|
||||
update_cache: false
|
||||
|
||||
- name: Build aurutils
|
||||
become: true
|
||||
become_user: "{{ aur_repo_build_account }}"
|
||||
ansible.builtin.command:
|
||||
cmd: makepkg
|
||||
chdir: /tmp/aurutils
|
||||
creates: "{{ aur_repo_dir }}/packages/aurutils-{{ aurutils_pkgver }}-{{ aurutils_pkgrel }}-{{ aurutils_arch }}.pkg.tar.lz4"
|
||||
|
||||
- name: Check if the signing key is in pacman keyring
|
||||
ansible.builtin.command:
|
||||
argv:
|
||||
- pacman-key
|
||||
- -l
|
||||
- "{{ aur_repo_key_thumbprint }}"
|
||||
failed_when: pacman_key_result.rc not in [0, 2]
|
||||
changed_when: false
|
||||
register: pacman_key_result
|
||||
|
||||
- name: Pacman key import block
|
||||
when: pacman_key_result.rc == 2
|
||||
block:
|
||||
|
||||
- name: Import the signing public key to arch keyring
|
||||
ansible.builtin.command:
|
||||
argv:
|
||||
- pacman-key
|
||||
- -r
|
||||
- "{{ aur_repo_key_thumbprint }}"
|
||||
- --keyserver
|
||||
- hkps://keyserver.ubuntu.com
|
||||
changed_when: true
|
||||
|
||||
- name: Locally sign the imported pacman key
|
||||
ansible.builtin.command:
|
||||
argv:
|
||||
- pacman-key
|
||||
- --lsign-key
|
||||
- "{{ aur_repo_key_thumbprint }}"
|
||||
changed_when: true
|
||||
|
||||
- name: Install aurutils
|
||||
community.general.pacman:
|
||||
name: "{{ aur_repo_dir }}/packages/aurutils-{{ aurutils_pkgver }}-{{ aurutils_pkgrel }}-{{ aurutils_arch }}.pkg.tar.lz4"
|
||||
state: present
|
||||
update_cache: false
|
21
ansible/roles/aur_repo/templates/makepkg.conf.j2
Normal file
21
ansible/roles/aur_repo/templates/makepkg.conf.j2
Normal file
@ -0,0 +1,21 @@
|
||||
|
||||
# Global Options
|
||||
|
||||
OPTIONS=(strip docs !libtool !staticlibs emptydirs zipman purge debug lto autodeps)
|
||||
MAKEFLAGS="-j{{ (ansible_processor_nproc - 1) }}"
|
||||
PACKAGER="{{ aur_repo_packager_name }} <{{ aur_repo_packager_email }}>"
|
||||
|
||||
# Build Environment
|
||||
|
||||
BUILDDIR=/tmp/build
|
||||
BUILDENV=(!distcc color !ccache check sign)
|
||||
GPGKEY={{ aur_repo_key_thumbprint }}
|
||||
|
||||
# Outputs
|
||||
|
||||
PKGDEST={{ aur_repo_dir }}/packages
|
||||
SRCDEST={{ aur_repo_dir }}/sources
|
||||
SRCPKGDEST={{ aur_repo_dir }}/srcpackages
|
||||
LOGDEST=/var/log/makepkg
|
||||
PKGEXT=".pkg.tar.lz4"
|
||||
SRCEXT=".src.tar.lz4"
|
1
ansible/roles/aur_repo/templates/signing_key.asc.j2
Normal file
1
ansible/roles/aur_repo/templates/signing_key.asc.j2
Normal file
@ -0,0 +1 @@
|
||||
{{ aur_repo_private_key }}
|
Loading…
Reference in New Issue
Block a user