r70797 nodhcp module in system role for hetzner cloud systems (#2036)

* r70797 nodhcp module in system role for hetzner cloud systems

* fix syntax

* r70797 set pipefail to resolve linting failure

Author: nfawbert

roles/aws/aws_backup_validation/tasks/testing_resources.yml

@@ -26,7 +26,7 @@
   amazon.aws.ec2_vpc_subnet_info:
     region: "{{ _aws_region }}"
     filters:
-      vpc-id: "{{ _main_vpc_info.vpcs[0].vpc_id}}"
+      vpc-id: "{{ _main_vpc_info.vpcs[0].vpc_id }}"
   register: _main_subnets_info
 
 - name: Create SG for restored instances.

roles/debian/system/README.md

@@ -1,5 +1,10 @@
 # System
 This role provides a means of applying system variables to servers.
+Currently, the following entities can be managed with the role:
+
+- Force IPv4 (noipv6)
+- Force Static IP configuration for Hetzner Cloud systems (nohetznerdhcp)
+
 <!--TOC-->
 <!--ENDTOC-->
 
@@ -9,8 +14,9 @@ This role provides a means of applying system variables to servers.
 ---
 system:
   noipv6: false
+  nohetznerchdp: false
 
 ```
 
 <!--ENDROLEVARS-->
-~~~
+

roles/debian/system/defaults/main.yml

@@ -1,3 +1,4 @@
 ---
 system:
   noipv6: false
+  nohetznerdhcp: false

roles/debian/system/tasks/main.yml

@@ -10,3 +10,124 @@
     name: net.ipv6.conf.all.disable_ipv6
     value: "1"
   when: system.noipv6
+
+- name: Install dmidecode.
+  ansible.builtin.apt:
+    pkg: dmidecode
+    state: present
+  when:
+    - system.nohetznerdhcp
+
+- name: Check if the system is a Hetzner Cloud server.
+  ansible.builtin.shell: |
+    set -o pipefail
+    dmidecode | awk '/System Information/{getline;print;getline;print}' | sed 's/[^,:]*://g' | sed 's/^ //g' | tr '\n' ' ' | grep -q "Hetzner vServer"
+  args:
+    executable: /bin/bash
+  register: hetznercloudcheck
+  failed_when: false
+  when:
+    - system.nohetznerdhcp
+
+- name: Print if Hetzner Cloud server is detected.
+  debug:
+    msg: "This is a Hetzner Cloud server"
+  when: hetznercloudcheck.rc == 0
+
+- name: Install dhcpcd.
+  ansible.builtin.apt:
+    pkg: dhcpcd5
+    state: present
+  when:
+    - system.nohetznerdhcp
+    - hetznercloudcheck.rc == 0
+
+- name: Get default NIC.
+  ansible.builtin.shell: |
+    set -o pipefail
+    ifacecol=$(route | awk -v b="Iface" '{for (i=1;i<=NF;i++) { if ($i == b) { print i } }}')
+    route | awk -v ifacecol="$ifacecol" '$1 == "default" {print $ifacecol}'
+  register: dhcpdefaultnic
+  when:
+    - system.nohetznerdhcp
+    - hetznercloudcheck.rc == 0
+
+- name: Get IP from DHCP server.
+  ansible.builtin.shell: |
+    set -o pipefail
+    dhcpcd -T {{ dhcpdefaultnic.stdout }} 2>&1 | grep -oP 'new_ip_address=\K\S+' | sed "s/'//g"
+  register: dhcpipaddressoffer
+  when:
+    - system.nohetznerdhcp
+    - hetznercloudcheck.rc == 0
+
+- name: Get Netmask from DHCP server.
+  ansible.builtin.shell: |
+    set -o pipefail
+    dhcpcd -T {{ dhcpdefaultnic.stdout }} 2>&1 | grep -oP 'new_subnet_mask=\K\S+' | sed "s/'//g"
+  register: dhcpnetmaskoffer
+  when:
+    - system.nohetznerdhcp
+    - hetznercloudcheck.rc == 0
+
+- name: Get GATEWAY from DHCP server.
+  ansible.builtin.shell: |
+    set -o pipefail
+    dhcpcd -T {{ dhcpdefaultnic.stdout }} 2>&1 | grep -oP 'new_routers=\K\S+' | sed "s/'//g"
+  register: dhcpgatewayoffer
+  when:
+    - system.nohetznerdhcp
+    - hetznercloudcheck.rc == 0
+
+- name: Get DNS servers from DHCP server.
+  ansible.builtin.shell: |
+    set -o pipefail
+    dhcpcd -T {{ dhcpdefaultnic.stdout }} 2>&1 | grep -P 'new_domain_name_servers=\K\S+' | sed "s/new_domain_name_servers=//g" | sed "s/'//g"
+  register: dhcpnameserversoffer
+  when:
+    - system.nohetznerdhcp
+    - hetznercloudcheck.rc == 0
+
+- name: Copy No-DHCP Network Interfaces config.
+  ansible.builtin.template:
+    src: "interfaces-nohetznerdhcp.j2"
+    dest: "/etc/network/interfaces"
+    owner: root
+    group: root
+    mode: 0644
+    force: true
+  when:
+    - system.nohetznerdhcp
+    - hetznercloudcheck.rc == 0
+
+- name: Delete Cloud Init script.
+  ansible.builtin.file:
+    path: /etc/network/interfaces.d/50-cloud-init
+    state: absent
+  when:
+    - system.nohetznerdhcp
+    - hetznercloudcheck.rc == 0
+
+- name: Copy No-DHCP Network Interfaces include config.
+  ansible.builtin.template:
+    src: "50-static-init.j2"
+    dest: "/etc/network/interfaces.d/50-static-init"
+    owner: root
+    group: root
+    mode: 0644
+    force: true
+  when:
+    - system.nohetznerdhcp
+    - hetznercloudcheck.rc == 0
+
+- name: Copy disable cloud init config.
+  ansible.builtin.template:
+    src: "99-disable-network-config.cfg.j2"
+    dest: "/etc/cloud/cloud.cfg.d/99-disable-network-config.cfg"
+    owner: root
+    group: root
+    mode: 0644
+    force: true
+  when:
+    - system.nohetznerdhcp
+    - hetznercloudcheck.rc == 0

roles/debian/system/templates/50-static-init.j2

@@ -0,0 +1,7 @@
+auto {{ system.dhcpdefaultnic.stdout }}
+iface {{ system.dhcpdefaultnic.stdout }} inet static
+        address {{ system.dhcpipaddressoffer.stdout }}
+        netmask {{ system.dhcpnetmaskoffer.stdout }}
+        gateway {{ system.dhcpgatewayoffer.stdout }}
+        pointopoint {{ system.dhcpgatewayoffer.stdout }}
+        dns-nameservers {{ system.dhcpnameserversoffer.stdout }}

roles/debian/system/templates/99-disable-network-config.cfg.j2

@@ -0,0 +1,2 @@
+network:
+  config: disabled

roles/debian/system/templates/interfaces-nohetznerdhcp.j2

@@ -0,0 +1,9 @@
+# This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5)
+
+# Include files from /etc/network/interfaces.d:
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback