Merge pull request 'Fix Setup for MicroOS' (#4) from setup-fixes-0003 into master

Reviewed-on: #4
This commit was merged in pull request #4.
This commit is contained in:
2026-06-21 12:08:00 +00:00
7 changed files with 144 additions and 32 deletions
+19 -9
View File
@@ -1,18 +1,28 @@
---
- name: Generate Ignition configuration for CoreOS/Flatcar
- name: Generate Butane config for CoreOS
template:
src: ignition.json.j2
dest: "{{ vm_images_dir }}/{{ vm_name }}.ign"
when: os_type == 'coreos' or os_type == 'flatcar'
src: coreos_ignition.bu.j2
dest: "/tmp/{{ vm_name }}.bu"
when: os_type == 'coreos'
- name: Generate Cloud-init configuration for MicroOS
- name: Generate Butane config for Flatcar
template:
src: user-data.yaml.j2
dest: "{{ vm_images_dir }}/{{ vm_name }}_user-data"
src: flatcar_ignition.bu.j2
dest: "/tmp/{{ vm_name }}.bu"
when: os_type == 'flatcar'
- name: Generate Butane config for microos
template:
src: microos_ignition.bu.j2
dest: "/tmp/{{ vm_name }}.bu"
when: os_type == 'microos'
- name: Compile Butane to Ignition JSON
shell: |
docker run --rm -i quay.io/coreos/butane --pretty --strict < /tmp/{{ vm_name }}.bu > {{ vm_images_dir }}/{{ vm_name }}.ign
become: yes
- name: Generate dummy meta-data file
copy:
content: "instance-id: {{ vm_name }}\nlocal-hostname: {{ vm_name }}\n"
dest: "{{ vm_images_dir }}/{{ vm_name }}_meta-data"
dest: "{{ vm_images_dir }}/{{ vm_name }}_meta-data"
@@ -0,0 +1,14 @@
variant: fcos
version: 1.5.0
passwd:
users:
- name: {{ vm_user }}
password_hash: "{{ vm_password | password_hash('sha512') }}"
ssh_authorized_keys:
- "{{ lookup('file', vm_ssh_public_key) | trim }}"
storage:
files:
- path: /etc/ssh/sshd_config.d/permit_root_login.conf
mode: 0644
contents:
inline: PermitRootLogin yes
@@ -0,0 +1,14 @@
variant: fcos
version: 1.4.0
passwd:
users:
- name: {{ vm_user }}
password_hash: "{{ vm_password | password_hash('sha512') }}"
ssh_authorized_keys:
- "{{ lookup('file', vm_ssh_public_key) | trim }}"
storage:
files:
- path: /etc/ssh/sshd_config.d/permit_root_login.conf
mode: 0644
contents:
inline: PermitRootLogin yes
@@ -1,16 +0,0 @@
{
"ignition": {
"version": "3.4.0"
},
"passwd": {
"users": [
{
"name": "{{ vm_user }}",
"passwordHash": "{{ vm_password | password_hash('sha512') }}",
"sshAuthorizedKeys": [
"{{ lookup('file', vm_ssh_public_key) | trim }}"
]
}
]
}
}
@@ -0,0 +1,89 @@
variant: fcos
version: 1.5.0
passwd:
users:
- name: root
password_hash: "{{ vm_password | password_hash('sha512') }}"
ssh_authorized_keys:
- "{{ lookup('file', vm_ssh_public_key) | trim }}"
storage:
disks:
- device: /dev/vdb
wipe_table: true
partitions:
- label: ext-data
number: 1
filesystems:
- device: /dev/vdb1
format: btrfs
label: ext-pool
wipe_filesystem: true
files:
- path: /etc/ssh/sshd_config.d/permit_root_login.conf
mode: 0644
contents:
inline: PermitRootLogin yes
systemd:
units:
# 1. Einmaliger Dienst, der das Subvolume "@home" physisch auf der Platte anlegt
- name: create-home-subvolume.service
enabled: true
contents: |
[Unit]
Description=Create Btrfs Subvolume for Home (Once)
After=local-fs-pre.target
Before=home.mount
[Service]
Type=oneshot
ExecStartPre=/usr/bin/mkdir -p /run/mnt-ext-init
ExecStartPre=/usr/bin/mount LABEL=ext-pool /run/mnt-ext-init
# Hier werden die Subvolumes @home angelegt, falls sie nicht existieren
ExecStart=/usr/bin/bash -c "for sub in @home; do [ -d /run/mnt-ext-init/\$$sub ] || /usr/sbin/btrfs subvolume create /run/mnt-ext-init/$$sub; done"
ExecStartPost=/usr/bin/umount /run/mnt-ext-init
ExecStartPost=/usr/bin/rmdir /run/mnt-ext-init
RemainAfterExit=true
[Install]
RequiredBy=home.mount
# Der Name der Unit MUSS exakt dem Pfad entsprechen (aus /home wird home.mount)
- name: home.mount
enabled: true
contents: |
[Unit]
Description=Mount Separates Home Laufwerk
Before=local-fs.target
[Mount]
What=LABEL=ext-pool
Where=/home
Type=btrfs
Options=defaults,subvol=@home
[Install]
WantedBy=local-fs.target
# HIER wird der zusätzliche User sicher angelegt, NACHDEM /home gemountet ist
- name: create-custom-users.service
enabled: true
contents: |
[Unit]
Description=Create Additional System Users safely after Mounts
After=home.mount
Requires=home.mount
Before=multi-user.target
[Service]
Type=oneshot
# Legt den User an, setzt das Home-Verzeichnis, fügt ihn zu wheel (sudo) hinzu und setzt den SSH Key
ExecStart=/usr/bin/bash -c "\
/usr/sbin/useradd -m -s /bin/bash {{ vm_user }} && \
/usr/sbin/usermod -p '{{ vm_password | password_hash('sha512') }}' {{ vm_user }} && \
/usr/bin/mkdir -p /home/{{ vm_user }}/.ssh && \
/usr/bin/echo '{{ lookup('file', vm_ssh_public_key) | trim }}' > /home/{{ vm_user }}/.ssh/authorized_keys && \
/usr/bin/chown -R {{ vm_user }}:{{ vm_user }} /home/{{ vm_user }}/.ssh && \
/usr/bin/chmod 700 /home/{{ vm_user }}/.ssh && \
/usr/bin/chmod 600 /home/{{ vm_user }}/.ssh/authorized_keys"
RemainAfterExit=true
[Install]
WantedBy=multi-user.target
@@ -4,7 +4,7 @@
os_images:
coreos: "https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/44.20260510.3.1/x86_64/fedora-coreos-44.20260510.3.1-qemu.x86_64.qcow2.xz"
flatcar: "https://stable.release.flatcar-linux.net/amd64-usr/current/flatcar_production_qemu_image.img"
microos: "https://ftp.halifax.rwth-aachen.de/opensuse/tumbleweed/appliances/openSUSE-MicroOS.x86_64-kvm-and-xen.qcow2"
microos: "https://download.opensuse.org/tumbleweed/appliances/openSUSE-MicroOS.x86_64-ContainerHost-kvm-and-xen.qcow2"
- name: Verify internet connectivity
uri:
@@ -48,7 +48,7 @@
--name {{ vm_name }} \
--vcpus {{ cpu | default(default_cpu) }} \
--memory {{ ram | default(default_ram) }} \
--disk size={{ disk | default('10G') }},backing_store={{ vm_images_dir }}/{{ vm_name }}.qcow2,backing_format=qcow2 \
--disk size={{ disk | default('10') }},backing_store={{ vm_images_dir }}/{{ vm_name }}.qcow2,backing_format=qcow2,bus=virtio \
--os-variant {{ os_variant }} \
--network network=default \
--graphics none \
@@ -71,17 +71,18 @@
--qemu-commandline="-fw_cfg name=opt/org.flatcar-linux/config,file=/{{ vm_images_dir }}/{{ vm_name }}.ign"
{% elif os_type == 'microos' %}
virt-install \
--connect qemu:///system \
--name {{ vm_name }} \
--vcpus {{ cpu | default(default_cpu) }} \
--memory {{ ram | default(default_ram) }} \
--disk path={{ vm_images_dir }}/{{ vm_name }}.qcow2,bus=virtio \
--import \
--disk size={{ disk | default('10') }},backing_store={{ vm_images_dir }}/{{ vm_name }}.qcow2,backing_format=qcow2,bus=virtio \
--disk size={{ disk | default('10') }},path={{ vm_images_dir }}/{{ vm_name }}-home.qcow2,bus=virtio \
--os-variant {{ os_variant }} \
--network network=default \
--graphics none \
--noautoconsole \
--boot uefi \
--cloud-init user-data={{ vm_images_dir }}/{{ vm_name }}_user-data,meta-data={{ vm_images_dir }}/{{ vm_name }}_meta-data
--sysinfo type=fwcfg,entry0.name=opt/com.coreos/config,entry0.file={{ vm_images_dir }}/{{ vm_name }}.ign
{% endif %}
args:
creates: "/etc/libvirt/qemu/{{ vm_name }}.xml"
+2 -2
View File
@@ -16,7 +16,7 @@ vms:
- name: microos-vm
os_type: microos
os_variant: "opensusemicroos"
os_variant: "opensusetumbleweed"
cpu: 2
ram: 2048
disk: "20G"
disk: 20 #GB