User’s guide

Introduction

The goal of this role is the customization of FreeBSD installation images. FreeBSD provides the users with the option of Release Building. The usage of this powerful tool to make small changes, for example the configuration of the wireless network (see Quick start guide), would be an overkill. Instead, this role provides the users with the options to mount released images and development snapshots, and customize them. The role can be easily configured and extended. The users are expected to write playbooks and additional customization tasks when needed. When you decide to customize the functionality consider the Ansible role vbotka.config_light instead of creating additional custom tasks. The advantage would be unified configuration data in vbotka.config_light. Create custom tasks if the role vbotka.config_light is not able to do what you want. Contributions are welcome. See the examples in the directory contrib.

Many tasks are disabled by default. They can be enabled and run one by one to accomplish standalone tasks (see tasks/main.yml and defaults/main/main.yml). By default, download, unpack, mount, and umount are enabled. All included customization tasks are disabled by default (see tasks/customize.yml and default/main/customize.yml). See Tags Examples and Best practice on how to enable and run tasks one by one.

By default, the role is not idempotent. In the standard workflow, an image is always mounted when the role starts and unmounted when the customization completes. To speedup the repeating execution of a playbook, disable the unmounting of the image by setting the variable cimage_umount=false. This would make the role idempotent. Unmount the image before dumping it to a disk.

Installation

The most convenient way how to install an Ansible role is to use Ansible Galaxy CLI ansible-galaxy. The utility comes with the standard Ansible package and provides the user with a simple interface to the Ansible Galaxy’s services. For example, look at the current status of the role

shell> ansible-galaxy role info vbotka.freebsd_custom_image

and install it

shell> ansible-galaxy role install vbotka.freebsd_custom_image

Install the collections community.general, ansible.posix, and vbotka.freebsd

shell> ansible-galaxy collection install ansible.posix
shell> ansible-galaxy collection install community.general
shell> ansible-galaxy collection install vbotka.freebsd

See also

  • To install specific versions from various sources see Installing content.

  • Look at other roles shell> ansible-galaxy search --author=vbotka

Playbook

Below is a simple playbook playbook.yml that calls this role (9) for a single managed node images.example.com (1)

1- hosts: images.example.com
2  gather_facts: true
3  connection: ssh
4  remote_user: admin
5  become: true
6  become_user: root
7  become_method: sudo
8  roles:
9    - vbotka.freebsd_custom_image

Note

To test sanity ansible_os_family, gather_facts: true (2) must be enabled.

See also

Debug

Some tasks will display additional information when the variable cimage_debug is enabled. Enable debug output either in the configuration

cimage_debug: true

, or set the extra variable in the command

shell> ansible-playbook playbook.yml -e cimage_debug=true

Note

The debug output of this role is optimized for the YAML format. Set it either in the environment

shell> export ANSIBLE_CALLBACK_RESULT_FORMAT=yaml

, or in the configuration

[defaults]
callback_result_format = yaml

See also

Tags

The tags provide the user with a very useful tool to run selected tasks of the role. List the role’s tags to see what tags are available

shell> ansible-playbook playbook.yml --list-tags

playbook: playbook.yml

play #1 (images.example.com): images.example.com TAGS: []
   TASK TAGS: [cimage_customize, cimage_debug, cimage_download,
   cimage_loaderconf, cimage_mdconfig, cimage_mount, cimage_mount_points,
   cimage_packages, cimage_rcconf, cimage_sanity, cimage_umount,
   cimage_unpack, cimage_wpasupconf]

Basics

  • Display the variables. Use the tag cimage_debug and set cimage_debug: true

    shell> ansible-playbook playbook.yml -t cimage_debug -e cimage_debug=true

  • Download images

    shell> ansible-playbook playbook.yml -t cimage_download

  • Unpack images

    shell> ansible-playbook playbook.yml -t cimage_unpack

  • Create memory disk and mount the image

    shell> ansible-playbook playbook.yml -t cimage_mount

  • Run sanity tests. Enable sanity cimage_sanity: true

    shell> ansible-playbook playbook.yml -t cimage_sanity -e cimage_sanity=true

  • Customize the image

    shell> ansible-playbook playbook.yml -t cimage_customize

  • Umount the image

    shell> ansible-playbook playbook.yml -t cimage_umount

Customization tasks

The description of the customization’s tasks is not complete. The role and the documentation is work in progress. Feel free to share your feedback and report issues.

Contributions are welcome.

See also

All customization tasks are disabled by default. The default variables of these tasks are stored under the same filenames in the directory defaults/main. Enable, configure, and run these tasks as needed. Keep this arrangement when you add custom tasks. Add custom tasks to the dictionary cimage_customize

defaults/main/customize.yml
---
cimage_customize:
  loaderconf: "{{ cimage_loaderconf }}"
  wpasupconf: "{{ cimage_wpasupconf }}"
  rcconf: "{{ cimage_rcconf }}"
  postinstall: "{{ cimage_postinstall }}"

cimage_postinstall: []

# EOF

Included customization tasks

Hint

Instead of creating more custom tasks, consider Ansible role vbotka.config_light. See the example Configure wifi by config_light

Variables

There are two categories of variables. The variables that control the workflow of the role (see defaults/main/main.yml) and customization tasks variables (see other files in defaults/main).

See also

Ansible variable precedence. Where should I put a variable?

Default variables

Review the default variables in the directory defaults/main. For example,

defaults/main/main.yml
 1---
 2# default vars for freebsd_custom_image
 3cimage_role_version: 2.8.1
 4
 5# Display debug output.
 6cimage_debug: false
 7# Display classified debug output.
 8cimage_debug_classified: false
 9
10# Test sanity.
11cimage_sanity: false
12cimage_sanity_quiet: true
13
14# Download images.
15cimage_download: true
16
17# Unpack images.
18cimage_unpack: true
19
20# Create memory disks and mount partitions. Module mount creates mountpoints.
21cimage_mount: true
22
23# Install packages or ports.
24cimage_install: false
25
26# Umount and delete mountpoints. Detach memory disk.
27cimage_umount: true
28
29# Use vbotka.freebsd.lib in collection vbotka.freebsd
30cimage_ansible_lib:
31  vbotka.freebsd_custom_image: vbotka.ansible_lib
32  vbotka.freebsd.custom_image: vbotka.freebsd.lib
33
34# EOF
defaults/main/images.yml
 1---
 2cimage_get_images: true
 3cimage_get_checksums: true
 4cimage_download_images: []
 5# cimage_download_images:
 6#   - site: https://download.freebsd.org/ftp/snapshots/ISO-IMAGES/13.0
 7#     image: FreeBSD-13.0-CURRENT-arm-armv6-RPI-B-20210107-f2b794e1e90-255641.img.xz
 8#     checksum: CHECKSUM.SHA512-FreeBSD-13.0-CURRENT-arm-armv6-RPI-B-20210107-f2b794e1e90-255641
 9#   - site: https://download.freebsd.org/ftp/releases/ISO-IMAGES/12.2
10#     image: FreeBSD-12.2-STABLE-arm-armv6-RPI-B-20210107-r368787.img.xz
11#     checksum: CHECKSUM.SHA512-FreeBSD-12.2-STABLE-arm-armv6-RPI-B-20210107-r368787
12
13cimage_dir: /export/images/FreeBSD/unsorted
14# cimage_owner:
15# cimage_group:
16# cimage_mode:
17# cimage_mode_dir:
18
19# EOF
defaults/main/customize.yml
 1---
 2cimage_customize:
 3  loaderconf: "{{ cimage_loaderconf }}"
 4  wpasupconf: "{{ cimage_wpasupconf }}"
 5  rcconf: "{{ cimage_rcconf }}"
 6  postinstall: "{{ cimage_postinstall }}"
 7
 8cimage_postinstall: []
 9
10# EOF

Hint

  • Create custom tasks in the directory tasks/fn.

  • Fit the dictionary cimage_customize to your needs. See customize.yml

See also

  • Other files in defaults/main

  • The examples of the customization vars/main.yml.sample

Warning

  • Don’t make any changes in the files in the directory defaults/main. The role update will overwrite the changes.

  • The default value of cimage_debug_classified is false. Passwords will be displayed if this variable is enabled.

Best practice

  • Create a playbook and test the syntax

    shell> ansible-playbook playbook.yml --syntax-check

  • See what variables will be included

    shell> ansible-playbook playbook.yml -t cimage_debug -e cimage_debug=true

  • Download images. To make the task idempotent use the attribute checksum in the items of the list cimage_download_images. See Default variables

    shell> ansible-playbook playbook.yml -t cimage_download

  • Unpack the images

    shell> ansible-playbook playbook.yml -t cimage_unpack

  • Create memory disk and mount image

    shell> ansible-playbook playbook.yml -t cimage_mount

  • Dry-run the customization of the image and see what will be changed

    shell> ansible-playbook  playbook.yml -t cimage_customize --check --diff

  • Customize the image. Run the playbook and keep the image mounted. Review the changes. Repeated execution of the customization should be idempotent

    shell> ansible-playbook playbook.yml -t cimage_customize

  • Umount the image and detach the memory disk

    shell> ansible-playbook playbook.yml -t cimage_umount

  • Dump the customized image to a disk and boot it

    shell> dd if=image.img of=/dev/mmcsd0 bs=1m conv=sync status=progress

Hint

In Linux, use bs=1M

  • Keep the image mounted if you want to run the playbook periodically. In this case, repeated execution of the playbook should be idempotent

    shell> ansible-playbook playbook.yml -e cimage_umount=false

    However, the mountpoint is not configured in /etc/fstab and won’t survive a reboot. If this is a problem, put the configuration of the memory disk into /etc/rc.conf and configure the mountpoint in /etc/fstab.

Examples