--- - name: Create boot partition ansible.builtin.command: "sgdisk -g --clear -n 1:0:+550M {{ item }} -c 1:boot -t 1:ef02" with_items: - /dev/nvme0n1 - /dev/nvme1n1 register: sgdisk changed_when: "sgdisk.rc == 0" - name: Create root partition ansible.builtin.command: "sgdisk -n 2:0:0 {{ item }} -c 2:root" with_items: - /dev/nvme0n1 - /dev/nvme1n1 register: sgdisk changed_when: "sgdisk.rc == 0" - name: Format disks # noqa no-changed-when ansible.builtin.command: "mkfs.btrfs -f -L root -d raid1 -m raid1 -O no-holes /dev/nvme0n1p2 /dev/nvme1n1p2" - name: Mount root ansible.posix.mount: src: /dev/nvme0n1p2 path: /mnt state: mounted fstype: btrfs opts: compress-force=zstd,space_cache=v2 - name: Create LOCK ansible.builtin.file: path: /mnt/LOCK state: touch owner: root group: root mode: 0644 - name: Download bootstrap image ansible.builtin.get_url: # TODO: Put version in variable url: https://ftp.gwdg.de/pub/linux/archlinux/iso/2021.06.01/archlinux-bootstrap-2021.06.01-x86_64.tar.gz dest: /tmp/ owner: root group: root mode: 0644 - name: Extract bootstap image ansible.builtin.unarchive: src: /tmp/archlinux-bootstrap-2021.06.01-x86_64.tar.gz dest: /tmp/ remote_src: true - name: Copy resolv.conf from rescue to bootstrap ansible.builtin.copy: src: /etc/resolv.conf dest: /tmp/root.x86_64/etc/resolv.conf owner: root group: root mode: 0644 remote_src: true - name: Mount /proc to bootstrap ansible.builtin.command: # noqa 303 cmd: mount --rbind /proc /tmp/root.x86_64/proc creates: /tmp/root.x86_64/proc/uptime - name: Mount /sys to bootstrap ansible.builtin.command: # noqa 303 cmd: mount --rbind /sys /tmp/root.x86_64/sys creates: /tmp/root.x86_64/sys/dev - name: Mount /dev to bootstrap ansible.builtin.command: # noqa 303 cmd: mount --rbind /dev /tmp/root.x86_64/dev creates: /tmp/root.x86_64/dev/zero - name: Mount /mnt to bootstrap ansible.builtin.command: # noqa 303 cmd: mount --rbind /mnt /tmp/root.x86_64/mnt creates: /tmp/root.x86_64/mnt/LOCK - name: Copy simple mirrorlist ansible.builtin.copy: src: mirrorlist dest: /tmp/root.x86_64/etc/pacman.d/mirrorlist owner: root group: root mode: 0644 - name: Initialize pacman keyring ansible.builtin.command: chroot /tmp/root.x86_64 pacman-key --init register: chroot_pacman_key_init changed_when: "chroot_pacman_key_init.rc == 0" - name: Populate pacman keyring ansible.builtin.command: chroot /tmp/root.x86_64 pacman-key --populate archlinux register: chroot_pacman_key_populate changed_when: "chroot_pacman_key_populate.rc == 0" - name: Set ucode to Intel ansible.builtin.set_fact: ucode="intel-ucode" when: "'GenuineIntel' in ansible_facts['processor']" - name: Set ucode to AMD ansible.builtin.set_fact: ucode="amd-ucode" when: "'AuthenticAMD' in ansible_facts['processor']" - name: Install Arch Linux base ansible.builtin.command: cmd: chroot /tmp/root.x86_64 pacstrap /mnt base linux btrfs-progs openssh {{ ucode }} grub python creates: /tmp/root.x86_64/mnt/bin - name: Mount /proc to new chroot ansible.builtin.command: # noqa 303 cmd: mount --rbind /proc /mnt/proc creates: /mnt/proc/uptime - name: Mount /sys to new chroot ansible.builtin.command: # noqa 303 cmd: mount --rbind /sys /mnt/sys creates: /mnt/sys/dev - name: Mount /dev to new chroot ansible.builtin.command: # noqa 303 cmd: mount --rbind /dev /mnt/dev creates: /mnt/dev/zero - name: Configure locale ansible.builtin.lineinfile: dest: /mnt/etc/locale.gen line: "en_US.UTF-8 UTF-8" owner: root group: root mode: 0644 - name: Generate locale ansible.builtin.command: chroot /mnt locale-gen register: chroot_locale_gen changed_when: "chroot_locale_gen.rc == 0" - name: Run systemd-firstboot ansible.builtin.command: chroot /mnt systemd-firstboot --locale=en_US.UTF-8 --timezone=UTC --hostname={{ inventory_hostname }} register: chroot_systemd_firstboot changed_when: "chroot_systemd_firstboot.rc == 0" - name: Run mkinitcpio ansible.builtin.command: chroot /mnt mkinitcpio -p linux register: chroot_mkinitcpio changed_when: "chroot_mkinitcpio.rc == 0" - name: Configure network ansible.builtin.template: src: 10-wired.network.j2 dest: /mnt/etc/systemd/network/10-wired.network owner: root group: root mode: 0644 - name: Set grub mount options ansible.builtin.lineinfile: path: /mnt/etc/default/grub owner: root group: root mode: 0644 regexp: "^GRUB_CMDLINE_LINUX_DEFAULT=" line: 'GRUB_CMDLINE_LINUX_DEFAULT="rootflags=compress-force=zstd"' - name: Install grub ansible.builtin.command: chroot /mnt grub-install --recheck {{ item }} with_items: - /dev/nvme0n1 - /dev/nvme1n1 register: chroot_grub_install changed_when: "chroot_grub_install.rc == 0" - name: Configure grub ansible.builtin.command: chroot /mnt grub-mkconfig -o /boot/grub/grub.cfg register: chroot_grub_mkconfig changed_when: "chroot_grub_mkconfig.rc == 0" - name: Enable services ansible.builtin.command: chroot /mnt systemctl enable sshd systemd-networkd systemd-resolved fstrim.timer register: chroot_systemd_services changed_when: "chroot_systemd_services.rc == 0" - name: Symlink resolv.conf ansible.builtin.file: src: /run/systemd/resolve/stub-resolv.conf dest: /mnt/etc/resolv.conf state: link force: true owner: root group: root mode: 0644 - name: Create root ssh folder ansible.builtin.file: path: /mnt/root/.ssh state: directory owner: root group: root mode: 0700 - name: Copy public key for root ansible.builtin.copy: src: /root/.ssh/authorized_keys dest: /mnt/root/.ssh/authorized_keys owner: root group: root mode: 0600 remote_src: true - name: Remove LOCK ansible.builtin.file: path: /mnt/LOCK state: absent