-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbootstrap.sh
126 lines (103 loc) · 3.55 KB
/
bootstrap.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/bin/sh
# As an initial step, install git, ansible and friends. Sometimes ansible from
# the main archive is too old. A bootstrap playbook makes the system's
# conservative ansible upgrade itself to the latest version. Subsequently
# proceed to the main playbook with ansible-pull. This script must be run with
# an administrator privilege and its usage is simply "$ sudo sh
# /path/to/bootstrap.sh".
# For development, specify a branch to checkout by setting ANSIBLE_BRANCH. By
# default it checks out main branch.
set -e
# Check if the host is running the systemd init system.
if [ -d "/run/systemd/system" ]
then
alias log='logger -s -t bootstrap.sh'
else
alias log='echo'
fi
export DEBIAN_FRONTEND=noninteractive
LATEST_ANSIBLE_VERSION="5.9" # Latest version shown in the Ansible documentation.
BOOT_PLAYBOOK="$(mktemp -t bootstrap_XXXXXXXXXX.yml)"
MAIN_PLAYBOOK=${ANSIBLE_MAIN:-main.yml}
MAIN_PLAYBOOK_REPO="https://github.com/keisrk/morning_routine"
MAIN_PLAYBOOK_BRANCH=${ANSIBLE_BRANCH:-main}
# Fix the ansible working directory
ANSIBLE_LOCAL_TEMP=/tmp/.ansible/tmp
ANSIBLE_REMOTE_TEMP=/tmp/.ansible/tmp
log "Started bootstrap script."
# Perform system update
apt-get update -y
apt-get upgrade -y
log "Made system up-to-date."
# Install bootstrap packages.
apt-get install -y sudo git dirmngr ansible python3-pip
log "Installed bootstrap packages."
cat <<EOF > ${BOOT_PLAYBOOK}
---
- hosts: localhost
tasks:
- name: Add upstream repository of the latest ansible to Ubuntu
apt_repository:
filename: ansible
repo: ppa:ansible/ansible
when: ansible_distribution == 'Ubuntu'
- name: Add upstream repository of the latest ansible to Debian
block:
- name: Add an apt key by id from a keyserver
apt_key:
keyserver: keyserver.ubuntu.com
id: 93C4A3FD7BB9C367
- name: Use matching ubuntu release
apt_repository:
filename: ansible
repo: "deb http://ppa.launchpad.net/ansible/ansible/ubuntu\
{{ releases[ansible_distribution_release] }} main"
vars:
releases:
bullseye: focal
buster: bionic
stretch: xenial
jessie: trusty
when: ansible_distribution == 'Debian'
- name: Ensure ansible is up to date
apt:
name: ansible
update_cache: yes
state: latest
dpkg_options: 'force-confold,force-confdef,force-overwrite'
autoremove: yes
EOF
log "Created ${BOOT_PLAYBOOK}."
# Obtain system's ansible version.
SYSTEM_ANSIBLE_VERSION="$(dpkg-query --show --showformat '${Version}' ansible)"
# Check if the version is the latest one.
if dpkg --compare-versions ${SYSTEM_ANSIBLE_VERSION} lt ${LATEST_ANSIBLE_VERSION}
then
log "System's ansible is obsolete. Installing from upstream..."
ansible-playbook ${BOOT_PLAYBOOK}
log "Installed $(ansible --version | head -n 1)"
else
log "Matched to the right version of ansible. Proceeding..."
fi
# Ansible Pull only handles a single playbook at a time. This is fixed in the
# version 2.11 or later. See also PR #73172.
for playbook in install_requirements.yml ${MAIN_PLAYBOOK}
do
ansible-pull -v \
--url ${MAIN_PLAYBOOK_REPO} \
--checkout ${MAIN_PLAYBOOK_BRANCH} \
--inventory hosts \
--limit system \
${playbook}
done
for playbook in install_requirements.yml ${MAIN_PLAYBOOK}
do
sudo -E -H -u ${USER_NAME:-guest} \
ansible-pull -v \
--url ${MAIN_PLAYBOOK_REPO} \
--checkout ${MAIN_PLAYBOOK_BRANCH} \
--inventory hosts \
--limit user \
${playbook}
done
log "Ansible completed the main playbook."