--- - name: Configure Deployment Server block: - name: Set DP host OS set_fact: dp_os: "{{ hostvars[deployment_host]['platforms'][0] }}" - name: Prepare Grub host file ansible.builtin.template: src: ../templates/grub.j2 dest: "/srv/www/boot/hosts/{{ ip_address }}.cfg" group: wheel mode: '0444' #consider 0440 if group is changed to one shared by admins and webserver service user when: dp_os == 'fedora-x86_64' or dp_os == 'openSUSE-Leap-x86_64' - name: Prepare unattended installation ansible.builtin.template: src: "../templates/autoinst_{{ namespace }}.xml.j2" dest: "/srv/www/autoinst_{{ vm_name }}.xml" group: wheel mode: '0444' #consider 0440 if group is changed to one shared by admins and webserver service user when: dp_os == 'fedora-x86_64' or dp_os == 'openSUSE-Leap-x86_64' - name: Prepare Grub host file for http ansible.builtin.template: src: ../templates/grub.j2 dest: "/var/www/htdocs/www/boot/hosts/{{ ip_address }}.cfg" group: wheel mode: '0444' #consider 0440 if group is changed to one shared by admins and webserver service user when: dp_os == 'openbsd-x86_64' - name: Prepare Grub host file for tftp ansible.builtin.template: src: ../templates/grub.j2 dest: "/tftpboot/boot/hosts/{{ ip_address }}.cfg" group: wheel mode: '0444' when: dp_os == 'openbsd-x86_64' - name: Generate LUKS passphrase #does not quite belong here set_fact: luks_passphrase: "{{ lookup('password', '/dev/null', length=15, chars=hexdigits, seed=inventory_hostname) }}" no_log: true - name: Prepare unattended installation ansible.builtin.template: src: "../templates/autoinst_{{ namespace }}.xml.j2" dest: "/var/www/htdocs/www/autoinst_{{ vm_name }}.xml" group: wheel mode: '0444' #consider 0440 if group is changed to one shared by admins and webserver service user when: dp_os == 'openbsd-x86_64' delegate_to: "{{ deployment_host }}" tags: - init_dp