Tasks
main.yml
Synopsis: Main task.
Import tasks if enabled.
1---
2# tasks freebsd_poudriere
3
4- name: debug.yml
5 ansible.builtin.import_tasks: debug.yml
6 when: poudriere_debug|bool
7 tags: poudriere_debug
8
9- name: packages.yml
10 ansible.builtin.import_tasks: packages.yml
11 when: poudriere_install|bool
12 tags: poudriere_packages
13
14- name: dirs.yml
15 ansible.builtin.import_tasks: dirs.yml
16 when: poudriere_dirs|bool
17 tags: poudriere_dirs
18
19- name: key.yml
20 ansible.builtin.import_tasks: key.yml
21 when: poudriere_key|bool
22 tags: poudriere_key
23
24- name: cert.yml
25 ansible.builtin.import_tasks: cert.yml
26 when: poudriere_cert|bool
27 tags: poudriere_cert
28
29- name: conf.yml
30 ansible.builtin.import_tasks: conf.yml
31 when: poudriere_conf|bool
32 tags: poudriere_conf
33
34- name: pkglists.yml
35 ansible.builtin.import_tasks: pkglists.yml
36 when: poudriere_pkglists|bool
37 tags: poudriere_pkglists
38
39- name: options.yml
40 ansible.builtin.import_tasks: options.yml
41 when: poudriere_options|bool
42 tags: poudriere_options
43
44- name: make.yml
45 ansible.builtin.import_tasks: make.yml
46 when: poudriere_make|bool
47 tags: poudriere_make
48
49# EOF
50...
debug.yml
Synopsis: Configure debug.
Description of the task.
1---
2
3- name: Poudriere Debug
4 vars:
5 msg: |-
6 ansible_architecture [{{ ansible_architecture }}]
7 ansible_os_family [{{ ansible_os_family }}]
8 ansible_distribution [{{ ansible_distribution }}]
9 ansible_distribution_major_version [{{ ansible_distribution_major_version }}]
10 ansible_distribution_version [{{ ansible_distribution_version }}]
11 ansible_distribution_release [{{ ansible_distribution_release }}]
12 ansible_python_version [{{ ansible_python_version }}]
13
14 freebsd_install_method [{{ freebsd_install_method }}]
15 freebsd_use_packages [{{ freebsd_use_packages }}]
16 freebsd_install_retries [{{ freebsd_install_retries }}]
17 freebsd_install_delay [{{ freebsd_install_delay }}]
18
19 poudriere_install [{{ poudriere_install }}]
20 poudriere_dirs [{{ poudriere_dirs }}]
21 poudriere_key [{{ poudriere_key }}]
22 poudriere_cert [{{ poudriere_cert }}]
23 poudriere_conf [{{ poudriere_conf }}]
24 poudriere_pkglists [{{ poudriere_pkglists }}]
25 poudriere_options [{{ poudriere_options }}]
26 poudriere_make [{{ poudriere_make }}]
27 poudriere_backup_conf [{{ poudriere_backup_conf|bool }}]
28
29 poudriere_packages
30 {{ poudriere_packages|to_nice_yaml }}
31 poudriere_packages_cert
32 {{ poudriere_packages_cert|to_nice_yaml }}
33 poudriere_owner [{{ poudriere_owner }}]
34 poudriere_group [{{ poudriere_group }}]
35 poudriere_mode [{{ poudriere_mode }}]
36 poudriere_mode_dir [{{ poudriere_mode_dir }}]
37 poudriere_dirs [{{ poudriere_dirs }}]
38 poudriere_ssl_dir [{{ poudriere_ssl_dir }}]
39 poudriere_ssl_dir_mode [{{ poudriere_ssl_dir_mode }}]
40 poudriere_ssl_private_dir [{{ poudriere_ssl_private_dir }}]
41 poudriere_ssl_private_dir_mode [{{ poudriere_ssl_private_dir_mode }}]
42 poudriere_ssl_private_key_mode [{{ poudriere_ssl_private_key_mode }}]
43 poudriere_ssl_dirs
44 {{ poudriere_ssl_dirs|to_nice_yaml }}
45
46 poudriere_key [{{ poudriere_key }}]
47 poudriere_key_size [{{ poudriere_key_size }}]
48 poudriere_key_type [{{ poudriere_key_type }}]
49 poudriere_key_cmd [{{ poudriere_key_cmd }}]
50 poudriere_key_crt [{{ poudriere_key_crt }}]
51 poudriere_conf_pkg_repo_signing_key [{{ poudriere_conf_pkg_repo_signing_key }}]
52
53 poudriere_cert [{{ poudriere_cert }}]
54 poudriere_cert_cn [{{ poudriere_cert_cn }}]
55 poudriere_cert_key [{{ poudriere_cert_key }}]
56 poudriere_cert_csr [{{ poudriere_cert_csr }}]
57 poudriere_cert_path [{{ poudriere_cert_path }}]
58
59 poudriere_conf [{{ poudriere_conf }}]
60 poudriere_conf_file [{{ poudriere_conf_file }}]
61 poudriere_conf_template [{{ poudriere_conf_template }}]
62 poudriere_conf_dir [{{ poudriere_conf_dir }}]
63 poudriere_conf_dirs
64 {{ poudriere_conf_dirs|to_nice_yaml }}
65 poudriere_conf_zpool [{{ poudriere_conf_zpool }}]
66 poudriere_conf_no_zfs [{{ poudriere_conf_no_zfs }}]
67 poudriere_conf_zrootfs [{{ poudriere_conf_zrootfs }}]
68 poudriere_conf_freebsd_host [{{ poudriere_conf_freebsd_host }}]
69 poudriere_conf_resolv_conf [{{ poudriere_conf_resolv_conf }}]
70 poudriere_conf_basefs [{{ poudriere_conf_basefs }}]
71 poudriere_conf_svn_host [{{ poudriere_conf_svn_host }}]
72 poudriere_conf_poudriere_data [{{ poudriere_conf_poudriere_data }}]
73 poudriere_conf_use_portlint [{{ poudriere_conf_use_portlint }}]
74 poudriere_conf_use_tmpfs [{{ poudriere_conf_use_tmpfs }}]
75 poudriere_conf_distfiles_cache [{{ poudriere_conf_distfiles_cache }}]
76 poudriere_conf_url_base [{{ poudriere_conf_url_base }}]
77 poudriere_conf_check_changed_options [{{ poudriere_conf_check_changed_options }}]
78 poudriere_conf_check_changed_deps [{{ poudriere_conf_check_changed_deps }}]
79 poudriere_conf_data
80 {{ poudriere_conf_data|to_nice_yaml }}
81 poudriere_pkglists [{{ poudriere_pkglists }}]
82 poudriere_pkglist_dir [{{ poudriere_pkglist_dir }}]
83 poudriere_pkg_arch {{ poudriere_pkg_arch|to_yaml }}
84 poudriere_options [{{ poudriere_options }}]
85 poudriere_make [{{ poudriere_make }}]
86 poudriere_make_file [{{ poudriere_make_file }}]
87 poudriere_make_conf
88 {{ poudriere_make_conf|to_nice_yaml }}
89
90 ansible.builtin.debug:
91 msg: "{{ '{}'.format(msg) }}"
92
93# EOF
94...
packages.yml
Synopsis: Configure packages.
Description of the task.
1---
2
3# Poudriere packages
4- name: "packages: Install poudriere packages"
5 community.general.pkgng:
6 name: "{{ poudriere_packages }}"
7 register: result
8 retries: "{{ freebsd_install_retries }}"
9 until: result is succeeded
10 delay: "{{ freebsd_install_delay }}"
11 when: freebsd_install_method|lower == "packages"
12
13- name: "packages: Install poudriere ports"
14 community.general.portinstall:
15 name: "{{ item }}"
16 use_packages: "{{ freebsd_use_packages }}"
17 loop: "{{ poudriere_packages }}"
18 register: result
19 retries: "{{ freebsd_install_retries }}"
20 until: result is succeeded
21 delay: "{{ freebsd_install_delay }}"
22 when: freebsd_install_method|lower == "ports"
23
24# Certificate packages
25- name: "packages: Install packages to create certificate"
26 community.general.pkgng:
27 name: "{{ poudriere_packages_cert }}"
28 register: result
29 retries: "{{ freebsd_install_retries }}"
30 until: result is succeeded
31 delay: "{{ freebsd_install_delay }}"
32 when: freebsd_install_method|lower == "packages"
33
34- name: "packages: Install ports to create certificate"
35 community.general.portinstall:
36 name: "{{ item }}"
37 use_packages: "{{ freebsd_use_packages }}"
38 loop: "{{ poudriere_packages_cert }}"
39 register: result
40 retries: "{{ freebsd_install_retries }}"
41 until: result is succeeded
42 delay: "{{ freebsd_install_delay }}"
43 when: freebsd_install_method|lower == "ports"
44
45# EOF
46...
dirs.yml
Synopsis: Configure dirs.
Description of the task.
1---
2
3- name: "dirs: Create SSL directories"
4 ansible.builtin.file:
5 state: directory
6 path: "{{ item }}"
7 owner: "{{ poudriere_owner }}"
8 group: "{{ poudriere_group }}"
9 mode: "{{ poudriere_mode_dir }}"
10 loop: "{{ poudriere_ssl_dirs }}"
11
12- name: "dirs: Create SSL directory {{ poudriere_ssl_private_dir }} mode {{ poudriere_ssl_private_dir_mode }}"
13 ansible.builtin.file:
14 state: directory
15 path: "{{ poudriere_ssl_private_dir }}"
16 owner: "{{ poudriere_owner }}"
17 group: "{{ poudriere_group }}"
18 mode: "{{ poudriere_ssl_private_dir_mode }}"
19
20# EOF
21...
key.yml
Synopsis: Configure key.
Description of the task.
1---
2
3- name: "key: Generate signing key {{ poudriere_conf_pkg_repo_signing_key }}"
4 community.crypto.openssl_privatekey:
5 attributes: "{{ poudriere_key_attributes|default(omit) }}"
6 backup: "{{ poudriere_key_backup|default(omit) }}"
7 cipher: "{{ poudriere_key_cipher|default(omit) }}"
8 curve: "{{ poudriere_key_curve|default(omit) }}"
9 force: "{{ poudriere_key_force|default(omit) }}"
10 group: "{{ poudriere_group }}"
11 mode: "{{ poudriere_ssl_private_key_mode }}"
12 owner: "{{ poudriere_owner }}"
13 passphrase: "{{ poudriere_key_passphrase|default(omit) }}"
14 path: "{{ poudriere_conf_pkg_repo_signing_key }}"
15 # regenerate: "{{ poudriere_key_regenerate|default(omit) }}"
16 # return_content: "{{ poudriere_key_return_content|default(omit) }}"
17 select_crypto_backend: "{{ poudriere_key_select_crypto_backend|default(omit) }}"
18 selevel: "{{ poudriere_key_selevel|default(omit) }}"
19 serole: "{{ poudriere_key_serole|default(omit) }}"
20 setype: "{{ poudriere_key_setype|default(omit) }}"
21 seuser: "{{ poudriere_key_seuser|default(omit) }}"
22 size: "{{ poudriere_key_size }}"
23 state: "{{ poudriere_key_state|default(omit) }}"
24 type: "{{ poudriere_key_type }}"
25 unsafe_writes: "{{ poudriere_key_unsafe_writes|default(omit) }}"
26- name: "key: Generate signing crt {{ poudriere_key_crt }}"
27 ansible.builtin.command:
28 cmd: "{{ poudriere_key_cmd }}"
29 creates: "{{ poudriere_key_crt }}"
30
31# EOF
32...
cert.yml
Synopsis: Configure cert.
Description of the task.
1---
2
3- name: "cert: Generate OpenSSL private key, request, and certificate"
4 block:
5
6 - name: "cert: Generate private key {{ poudriere_cert_key }}"
7 community.crypto.openssl_privatekey:
8 path: "{{ poudriere_cert_key }}"
9 owner: "{{ poudriere_owner }}"
10 group: "{{ poudriere_group }}"
11 mode: "{{ poudriere_ssl_private_key_mode }}"
12
13 - name: "cert: Generate csr {{ poudriere_cert_csr }}"
14 community.crypto.openssl_csr:
15 path: "{{ poudriere_cert_csr }}"
16 privatekey_path: "{{ poudriere_cert_key }}"
17 common_name: "{{ poudriere_cert_cn }}"
18 when: not ansible_check_mode|bool
19
20 - name: "cert: Generate crt {{ poudriere_cert_path }}"
21 community.crypto.x509_certificate:
22 path: "{{ poudriere_cert_path }}"
23 privatekey_path: "{{ poudriere_cert_key }}"
24 csr_path: "{{ poudriere_cert_csr }}"
25 provider: selfsigned
26 when: not ansible_check_mode|bool
27
28# <TBD>
29# It seems, it’s not possible to force pkg accept self-signed https certificate.
30# See https://www.digitalocean.com/community/tutorials/how-to-set-up-a-poudriere-build-system-to-create-packages-for-your-freebsd-servers?comment=97460
31
32# EOF
33...
conf.yml
Synopsis: Configure conf.
Description of the task.
1---
2
3- name: "conf: Create directories"
4 ansible.builtin.file:
5 state: directory
6 path: "{{ item.dir }}"
7 owner: "{{ item.owner }}"
8 group: "{{ item.group }}"
9 mode: "{{ item.mode }}"
10 loop: "{{ poudriere_conf_dirs }}"
11 loop_control:
12 label: "{{ item.dir }}"
13 tags: poudriere_conf_dirs
14
15- name: "conf: Configure {{ poudriere_conf_file }}"
16 ansible.builtin.template:
17 src: "{{ poudriere_conf_template }}"
18 dest: "{{ poudriere_conf_file }}"
19 owner: "{{ poudriere_owner }}"
20 group: "{{ poudriere_group }}"
21 mode: "{{ poudriere_mode }}"
22 backup: "{{ poudriere_backup_conf|bool }}"
23 tags: poudriere_conf_file
24
25# EOF
26...
pkglists.yml
Synopsis: Configure pkglists.
Description of the task.
1---
2
3- name: "pkglists: Create list of packages"
4 ansible.builtin.include_tasks: pkglist.yml
5 loop: "{{ poudriere_pkg_arch }}"
6 loop_control:
7 loop_var: pkg_arch
8
9# EOF
10...
pkglist.yml
Synopsis: Configure pkglist.
Description of the task.
1---
2
3# Enable or disable dictionaries in the list _pkg_dict
4- name: "conf: Create empty list _pkg_dict"
5 ansible.builtin.set_fact:
6 _pkg_dict: []
7 tags: poudriere_pkglist_create_var
8
9- name: "conf: Add items to the list _pkg_dict"
10 ansible.builtin.set_fact:
11 _pkg_dict: "{{ _pkg_dict + [item|combine({'enable': _combine_enable})] }}"
12 loop: "{{ lookup('vars', 'pkg_dict_' ~ pkg_arch) }}"
13 loop_control:
14 label: "{{ item.pkglist }}"
15 vars:
16 _pkglist_enable: "{{ lookup('vars', 'pkglist_enable_' ~ pkg_arch, default={}) }}"
17 _current_enable: "{{ item.enable|default(true) }}"
18 _combine_enable: "{{ _pkglist_enable[item.pkglist]|default(_current_enable) }}"
19 tags: poudriere_pkglist_create_var
20
21- name: "conf: Debug _pkg_dict"
22 ansible.builtin.debug:
23 var: _pkg_dict
24 when: poudriere_debug|bool
25 tags: poudriere_pkglist_create_var
26
27# Create directories
28- name: "conf: Create directories {{ poudriere_pkglist_dir }}_{{ pkg_arch }}"
29 ansible.builtin.file:
30 state: directory
31 path: "{{ item }}"
32 owner: "{{ poudriere_owner }}"
33 group: "{{ poudriere_group }}"
34 mode: "{{ poudriere_mode_dir }}"
35 loop:
36 - "{{ poudriere_pkglist_dir }}_{{ pkg_arch }}"
37 - "{{ poudriere_pkglist_dir }}_{{ pkg_arch }}.disabled"
38 tags: poudriere_pkglist_create_dirs
39
40# Disabled lists of packages
41- name: "conf: Remove lists of packages from {{ poudriere_pkglist_dir }}_{{ pkg_arch }}"
42 ansible.builtin.file:
43 state: absent
44 path: "{{ poudriere_pkglist_dir }}_{{ pkg_arch }}/{{ item.pkglist }}"
45 loop: "{{ _pkg_dict }}"
46 loop_control:
47 label: "{{ item.pkglist }}"
48 when: not item.enable
49 tags: poudriere_pkglist_disabled
50
51- name: "conf: Create lists of packages in {{ poudriere_pkglist_dir }}_{{ pkg_arch }}.disabled"
52 ansible.builtin.template:
53 src: poudriere.pkglist.j2
54 dest: "{{ poudriere_pkglist_dir }}_{{ pkg_arch }}.disabled/{{ item.pkglist }}"
55 owner: "{{ poudriere_owner }}"
56 group: "{{ poudriere_group }}"
57 mode: "{{ poudriere_mode }}"
58 backup: "{{ poudriere_backup_conf|bool }}"
59 loop: "{{ _pkg_dict }}"
60 loop_control:
61 label: "{{ item.pkglist }}"
62 when: not item.enable
63 tags: poudriere_pkglist_disabled
64
65# Enabled lists of packages
66- name: "conf: Remove lists of packages from {{ poudriere_pkglist_dir }}_{{ pkg_arch }}.disabled"
67 ansible.builtin.file:
68 state: absent
69 path: "{{ poudriere_pkglist_dir }}_{{ pkg_arch }}.disabled/{{ item.pkglist }}"
70 loop: "{{ _pkg_dict }}"
71 loop_control:
72 label: "{{ item.pkglist }}"
73 when: item.enable
74 tags: poudriere_pkglist_enabled
75
76- name: "conf: Create lists of packages in {{ poudriere_pkglist_dir }}_{{ pkg_arch }}"
77 ansible.builtin.template:
78 src: poudriere.pkglist.j2
79 dest: "{{ poudriere_pkglist_dir }}_{{ pkg_arch }}/{{ item.pkglist }}"
80 owner: "{{ poudriere_owner }}"
81 group: "{{ poudriere_group }}"
82 mode: "{{ poudriere_mode }}"
83 backup: "{{ poudriere_backup_conf|bool }}"
84 loop: "{{ _pkg_dict }}"
85 loop_control:
86 label: "{{ item.pkglist }}"
87 when: item.enable
88 tags: poudriere_pkglist_enabled
89
90# EOF
91...
options.yml
Synopsis: Configure options.
Description of the task.
1---
2
3- name: "options: Debug"
4 ansible.builtin.debug:
5 msg: Not implemented yet.
6
7# <TBD>
8# Optionally copy existing PORT_DBDIR to /usr/local/etc/poudriere.d/options
9# Create options file for each jail, e.g.
10# /usr/local/etc/poudriere.d/12amd64-options
11# /usr/local/etc/poudriere.d/12arm7-options
12
13# EOF
14...
make.yml
Synopsis: Configure make.
Description of the task.
1---
2
3- name: "make: Configure {{ poudriere_make_file }}"
4 ansible.builtin.template:
5 src: make.conf.j2
6 dest: "{{ poudriere_make_file }}"
7 owner: "{{ poudriere_owner }}"
8 group: "{{ poudriere_group }}"
9 mode: "{{ poudriere_mode }}"
10 backup: "{{ poudriere_backup_conf|bool }}"
11
12# See 10.5.10. Providing a Custom make.conf File
13# https://docs.freebsd.org/en/books/porters-handbook/testing-poudriere.html
14
15# <TBD> make.conf file for each jail, e.g.
16# /usr/local/etc/poudriere.d/12amd64-make.conf
17# /usr/local/etc/poudriere.d/12arm7-make.conf
18
19# EOF
20...