On Fri, Jun 21, 2019 at 11:50 PM Frank Beuth <secli...@boxdan.com> wrote: > > On Fri, Jun 21, 2019 at 12:36:22PM -0700, Misc User wrote: > >I use PXE + install.conf + siteXX.tgz + siteXX-%hostname%.tgz for my > >installs. I also have an rc.firsttime to download and install the > >required packages. > > Thanks, but neither this nor the autoinstall suggestion seem applicable for my > use case. > > I am dealing with virtualized servers which usually start out as > Ubuntu/Debian/Fedora images, then the hosting provider supplies the IP address > and root password for a first-time SSH login. > > In many cases it is not possible to upload an ISO to be used as server > installation media, and VNC consoles (if available) are often not even > encrypted. (How would you feel about installing OpenBSD and then having your > root password sent in plaintext at the very beginning?) > > I realize installing OpenBSD under these constraints is rather like installing > a ship in a bottle, but it seemed worth it to ask...
Apologies for a late reply to this thread. I would not consider ansible as the right tool to provision a system from scratch (as in PXE booting, etc...). Ansible is better used on a system you can connect to using SSH and perform actions as required, with or without doas, as you surely know. You don't mention cloud providers/VPS you are trying to bootstrap OpenBSD to, but the way I'd tackle this situation, if I have understood your use case correctly, is as follows: - Find out if the specific cloud provider is supported by packer [1] (packer itself can be run in OpenBSD[2]). Custom builders can be written, but might be overkill for the task at hand. - If the answer is yes, create a template to bootstrap an OpenBSD image. You can find many examples online[3]. The specifics of the packer template vary depending on the cloud provider, but usually you can bootstrap the system from an ISO (or an existing AMI, if in AWS), and finish provisioning the configuration using ansible. - From that point onwards, use ansible to further modify the settings in the managed system, prevent configuration drift, if your use case includes the eventual manual actions and/or reflect in ansible tasks/playbooks any modifications applied to the system, so as to be able to reproduce them again if required. - One further option if the OS provided by the hosting service has to be a Linux system would be to consider using it as an hypervisor for OpenBSD VMs. Do let me know if this is the type of provisioning you are looking into. Regards. [1] https://packer.io/docs/builders/index.html [2] https://packer.io/downloads.html [3] https://github.com/kaorimatz/packer-templates/blob/master/openbsd-6.3-amd64.json # there are many other examples online, this is just one of them, I haven't tested it
