From 6c674ff530ee1711456343aa7458d1af24f0a1bd Mon Sep 17 00:00:00 2001
From: BluemediaGER <oliver@traber-info.de>
Date: Wed, 15 Mar 2023 22:55:38 +0100
Subject: [PATCH 1/2] Use command instead of docker_compose plugin

---
 metal/roles/pxe-cleanup/tasks/main.yml   | 5 +----
 metal/roles/pxe-server/defaults/main.yml | 2 +-
 metal/roles/pxe-server/tasks/main.yml    | 7 +------
 metal/roles/wol-wake/tasks/main.yml      | 2 +-
 4 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/metal/roles/pxe-cleanup/tasks/main.yml b/metal/roles/pxe-cleanup/tasks/main.yml
index 8ad9db7..4e5ce79 100644
--- a/metal/roles/pxe-cleanup/tasks/main.yml
+++ b/metal/roles/pxe-cleanup/tasks/main.yml
@@ -1,8 +1,5 @@
 - name: Tear down PXE stack
-  docker_compose:
-    project_name: "pxe"
-    project_src: "{{ playbook_dir }}/roles/pxe-server/files/"
-    state: absent
+  ansible.builtin.command: "docker compose --project-name pxe down"
 
 - name: Remove preseed files
   file:
diff --git a/metal/roles/pxe-server/defaults/main.yml b/metal/roles/pxe-server/defaults/main.yml
index b152d8d..74f9940 100644
--- a/metal/roles/pxe-server/defaults/main.yml
+++ b/metal/roles/pxe-server/defaults/main.yml
@@ -1,2 +1,2 @@
 os_download_url: "https://deb.debian.org/debian/dists/bullseye/main/installer-amd64/current/images/netboot/netboot.tar.gz"
-os_download_checksum: "sha256:ec3b71964457f30a57061ea758c12394bf2b792b461c697e61cc2d47053c5878"
\ No newline at end of file
+os_download_checksum: "sha256:e8edf26ac9837d7dbbcfd96f47f51530260a6c68568938978e1b63ea698d5663"
diff --git a/metal/roles/pxe-server/tasks/main.yml b/metal/roles/pxe-server/tasks/main.yml
index 8881633..b77e4e2 100644
--- a/metal/roles/pxe-server/tasks/main.yml
+++ b/metal/roles/pxe-server/tasks/main.yml
@@ -30,9 +30,4 @@
   loop: "{{ groups['metal'] }}"
 
 - name: Start PXE stack
-  docker_compose:
-    project_src: "{{ role_path }}/files"
-    project_name: "pxe"
-    state: present
-    restarted: true
-    build: true
\ No newline at end of file
+  ansible.builtin.command: "docker compose --project-name pxe -f {{ role_path }}/files/docker-compose.yml up -d --build"
\ No newline at end of file
diff --git a/metal/roles/wol-wake/tasks/main.yml b/metal/roles/wol-wake/tasks/main.yml
index 935f3f2..275e525 100644
--- a/metal/roles/wol-wake/tasks/main.yml
+++ b/metal/roles/wol-wake/tasks/main.yml
@@ -5,4 +5,4 @@
 
 - name: Wait for machines to come online with installed OS
   wait_for_connection:
-    timeout: 600
\ No newline at end of file
+    timeout: 900
\ No newline at end of file

From f226b09f0a499f1c5e6d2d8bbe13c1d542eb8aee Mon Sep 17 00:00:00 2001
From: BluemediaGER <oliver@traber-info.de>
Date: Wed, 15 Mar 2023 23:26:25 +0100
Subject: [PATCH 2/2] Add role to configure systemd-networkd

---
 metal/group_vars/all/all.yml                  |  2 +-
 metal/install-os.yml                          |  9 ++++--
 metal/inventories/lab.yml                     | 24 +++++++++++++---
 metal/roles/systemd-networkd/tasks/main.yaml  | 28 +++++++++++++++++++
 .../templates/default.network.j2              |  7 +++++
 5 files changed, 63 insertions(+), 7 deletions(-)
 create mode 100644 metal/roles/systemd-networkd/tasks/main.yaml
 create mode 100644 metal/roles/systemd-networkd/templates/default.network.j2

diff --git a/metal/group_vars/all/all.yml b/metal/group_vars/all/all.yml
index 1c9fb20..852a1ab 100644
--- a/metal/group_vars/all/all.yml
+++ b/metal/group_vars/all/all.yml
@@ -1,5 +1,5 @@
 ansible_ssh_private_key_file: ~/.ssh/id_rsa
-ssh_public_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
+ssh_public_key: "{{ lookup('file', '~/.ssh/id_ed25519.pub') }}"
 
 # Network config
 subnet: "192.168.6.0"
diff --git a/metal/install-os.yml b/metal/install-os.yml
index ccaf2ac..5c858d1 100644
--- a/metal/install-os.yml
+++ b/metal/install-os.yml
@@ -9,8 +9,13 @@
   roles:
     - wol-wake
 
-- name: Clean up playbook execution
+- name: Clean up PXE environment
   hosts: localhost
   gather_facts: false
   roles:
-    - pxe-cleanup
\ No newline at end of file
+    - pxe-cleanup
+
+- name: Configure networking
+  hosts: metal
+  roles:
+    - systemd-networkd
\ No newline at end of file
diff --git a/metal/inventories/lab.yml b/metal/inventories/lab.yml
index e17d518..059098f 100644
--- a/metal/inventories/lab.yml
+++ b/metal/inventories/lab.yml
@@ -2,9 +2,25 @@ metal:
   children:
     masters:
       hosts:
-        lab-mini-1: {ansible_host: 192.168.6.21, mac: '4c:52:62:1c:bf:6c', disk: '/dev/sda'}
-        lab-mini-2: {ansible_host: 192.168.6.22, mac: '4c:52:62:0f:09:6d', disk: '/dev/sda'}
-        lab-mini-3: {ansible_host: 192.168.6.23, mac: '4c:52:62:0f:0a:23', disk: '/dev/sda'}
+        lab-mini-1:
+          ansible_host: 192.168.6.21
+          mac: '4c:52:62:1c:bf:6c'
+          disk: '/dev/nvme0n1'
+          ansible_become_pass: '{{ vault_ansible_become_password }}'
+        lab-mini-2:
+          ansible_host: 192.168.6.22
+          mac: '4c:52:62:0f:09:6d'
+          disk: '/dev/nvme0n1'
+          ansible_become_pass: '{{ vault_ansible_become_password }}'
+        lab-mini-3:
+          ansible_host: 192.168.6.23
+          mac: '4c:52:62:0f:0a:23'
+          disk: '/dev/nvme0n1'
+          ansible_become_pass: '{{ vault_ansible_become_password }}'
     workers:
       hosts:
-        lab-mini-4: {ansible_host: 192.168.6.24, mac: '90:1b:0e:f8:e8:af', disk: '/dev/sda'}
\ No newline at end of file
+        lab-mini-4:
+          ansible_host: 192.168.6.24
+          mac: '90:1b:0e:f8:e8:af'
+          disk: '/dev/nvme0n1'
+          ansible_become_pass: '{{ vault_ansible_become_password }}'
diff --git a/metal/roles/systemd-networkd/tasks/main.yaml b/metal/roles/systemd-networkd/tasks/main.yaml
new file mode 100644
index 0000000..11aed8e
--- /dev/null
+++ b/metal/roles/systemd-networkd/tasks/main.yaml
@@ -0,0 +1,28 @@
+- name: "Configure systemd-networkd"
+  become: true
+  block:
+  - name: "Render network config"
+    template:
+      src: default.network.j2
+      dest: "/etc/systemd/network/default.network"
+      mode: 0644
+
+  - name: "Enable systemd-networkd"
+    ansible.builtin.systemd:
+      name: systemd-networkd
+      enabled: true
+
+  - name: "Remove /etc/network"
+    ansible.builtin.file:
+      path: /etc/network
+      state: absent
+
+  - name: "Reboot with systemd-networkd configured"
+    ansible.builtin.reboot:
+      reboot_timeout: 180
+
+  - name: "Remove ifupdown"
+    ansible.builtin.apt:
+      name: ifupdown
+      state: absent
+      purge: true
\ No newline at end of file
diff --git a/metal/roles/systemd-networkd/templates/default.network.j2 b/metal/roles/systemd-networkd/templates/default.network.j2
new file mode 100644
index 0000000..13187cd
--- /dev/null
+++ b/metal/roles/systemd-networkd/templates/default.network.j2
@@ -0,0 +1,7 @@
+[Match]
+MACAddress={{ hostvars[inventory_hostname]['mac'] }}
+
+[Network]
+Address={{ hostvars[inventory_hostname]['ansible_host'] }}/{{ (hostvars[inventory_hostname]['ansible_host'] + '/' + netmask) | ansible.utils.ipaddr('prefix') }}
+Gateway={{ gateway }}
+DNS={{ nameserver }}
\ No newline at end of file