39 lines
1.1 KiB
YAML
39 lines
1.1 KiB
YAML
---
|
|
- name: Verify base image exists
|
|
stat:
|
|
path: "{{ base_image_path }}"
|
|
register: base_image_stat
|
|
failed_when: not base_image_stat.stat.exists
|
|
|
|
- name: Ensure golden image directory exists
|
|
file:
|
|
path: "{{ golden_image_path | dirname }}"
|
|
state: directory
|
|
mode: '0755'
|
|
become: true
|
|
|
|
- name: Copy base image to golden image
|
|
copy:
|
|
src: "{{ base_image_path }}"
|
|
dest: "{{ golden_image_path }}"
|
|
remote_src: true
|
|
mode: '0644'
|
|
become: true
|
|
|
|
- name: Customize golden image
|
|
command: >
|
|
virt-customize -a {{ golden_image_path }}
|
|
--install perl,git,wget,tar,openssh-server,vim
|
|
--run-command 'useradd -m rocky 2>/dev/null || true'
|
|
--run-command 'echo "rocky:rockypass" | chpasswd'
|
|
--run-command 'echo "rocky ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/rocky'
|
|
--run-command 'chmod 0440 /etc/sudoers.d/rocky'
|
|
--run-command 'systemctl enable sshd'
|
|
--ssh-inject root:file:{{ ssh_public_key_path }}
|
|
--ssh-inject rocky:file:{{ ssh_public_key_path }}
|
|
--root-password password:{{ root_password }}
|
|
--selinux-relabel
|
|
environment:
|
|
LIBGUESTFS_BACKEND: direct
|
|
become: true
|