Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- tachtler:archlinux_-_minimal_server_installation_-_mit_ansible [2020/02/02 07:27] – [/home/ansible/ansible/archlinux-install.yml] klaus
+++ tachtler:archlinux_-_minimal_server_installation_-_mit_ansible [2020/07/07 10:15] (aktuell) – [Installieren] klaus
@@ Zeile 232: / Zeile 232: @@
 ===== Ansible =====
-Die Nutzung von [[https://www.ansible.com/|Ansible]] basiert auf der nachfolgenden Installation, welche unter dem folgenden internen Link nachvollzogen werden kann:
+==== Installieren ====
-  * **[[tachtler:ansible_mit_ansible_einrichten|Ansible mit Ansible einrichten]]**
+[[tachtler:ansible|{{:tachtler:index:ansible-48x48.png }}]] ist eine Open-Source-Software zur Automatisierung, Orchestrierung und Konfiguration von Serversystemen. Mit [[https://www.ansible.com/|Ansible]] erfolgt die Verwaltung von Servern unter anderem über SSH und erfordert keinerlei zusätzliche Software auf dem zu verwaltenden System. Die Ausgabe erfolgt im JSON-Format und Module können in jeder beliebigen Programmiersprache geschrieben sein. Das System nutzt überwiegend [[https://yaml.org/|YAML]] zur Konfiguration von wiederverwendbarer Beschreibungen der Systeme.
+^ Beschreibung      ^ Externer Link                                                                          ^
+| Homepage          | [[https://www.ansible.com/]]                                                           |
+| Dokumentation     | [[https://docs.ansible.com/]]                                                          |
+| Installation      | [[https://releases.ansible.com/ansible/rpm/]]                                          |
 Ab hier werden ''root''-Rechte zur Ausführung der nachfolgenden Befehle benötigt. Um der Benutzer ''root'' zu werden, geben Sie bitte nachfolgenden Befehl ein:
 <code>
 $ su -
-Password:
+Password
 </code>
+Mit nachfolgendem Befehl, wird das Pakete **''ansible''** installiert:
+<code>
+# pacman --noconfirm -Sy ansible
+resolving dependencies...
+looking for conflicting packages...
+Packages (24) libnsl-1.2.0-2  libsodium-1.0.18-1  libyaml-0.2.2-1
+              python-3.8.1-1  python-appdirs-1.4.3-5  python-asn1crypto-1.2.0-3
+              python-bcrypt-3.1.7-3  python-cffi-1.13.2-2
+              python-cryptography-2.8-1  python-idna-2.8-3
+              python-jinja-2.10.3-3  python-markupsafe-1.1.1-3
+              python-ordered-set-3.1.1-1  python-packaging-19.2-5
+              python-paramiko-2.6.0-3  python-ply-3.11-4  python-pyasn1-0.4.8-1
+              python-pycparser-2.19-3  python-pynacl-1.3.0-3
+              python-pyparsing-2.4.6-1  python-setuptools-1:43.0.0-1
+              python-six-1.13.0-2  python-yaml-5.1.2-3  ansible-2.9.2-1
+Total Download Size:    52.42 MiB
+Total Installed Size:  307.49 MiB
+:: Proceed with installation? [Y/n]
+:: Retrieving packages...
+ libnsl-1.2.0-2-x...    57.4 KiB   660 KiB/s 00:00 [######################] 100%
+ python-3.8.1-1-x...    37.2 MiB  1294 KiB/s 00:29 [######################] 100%
+ libyaml-0.2.2-1-...    54.7 KiB  1656 KiB/s 00:00 [######################] 100%
+ python-ply-3.11-...    73.3 KiB  1559 KiB/s 00:00 [######################] 100%
+ python-pycparser...   164.2 KiB  1493 KiB/s 00:00 [######################] 100%
+ python-cffi-1.13...   210.1 KiB  1501 KiB/s 00:00 [######################] 100%
+ python-six-1.13....    20.9 KiB  1496 KiB/s 00:00 [######################] 100%
+ python-idna-2.8-...    66.4 KiB  1443 KiB/s 00:00 [######################] 100%
+ python-appdirs-1...    14.2 KiB  2033 KiB/s 00:00 [######################] 100%
+ python-pyparsing...   110.4 KiB  1512 KiB/s 00:00 [######################] 100%
+ python-packaging...    38.9 KiB  1692 KiB/s 00:00 [######################] 100%
+ python-ordered-s...    12.5 KiB   959 KiB/s 00:00 [######################] 100%
+ python-setuptool...   296.1 KiB  1410 KiB/s 00:00 [######################] 100%
+ python-asn1crypt...   163.9 KiB  1490 KiB/s 00:00 [######################] 100%
+ python-cryptogra...   340.7 KiB  1420 KiB/s 00:00 [######################] 100%
+ python-pyasn1-0....   108.2 KiB  1546 KiB/s 00:00 [######################] 100%
+ python-markupsaf...    22.4 KiB  1320 KiB/s 00:00 [######################] 100%
+ python-yaml-5.1....   177.2 KiB  1441 KiB/s 00:00 [######################] 100%
+ python-bcrypt-3....    30.1 KiB  1309 KiB/s 00:00 [######################] 100%
+ libsodium-1.0.18...   158.6 KiB  1482 KiB/s 00:00 [######################] 100%
+ python-pynacl-1....    76.1 KiB  1522 KiB/s 00:00 [######################] 100%
+ python-paramiko-...   247.7 KiB  1424 KiB/s 00:00 [######################] 100%
+ python-jinja-2.1...   199.2 KiB  1364 KiB/s 00:00 [######################] 100%
+ ansible-2.9.2-1-any    12.7 MiB  1342 KiB/s 00:10 [######################] 100%
+(24/24) checking keys in keyring                   [######################] 100%
+(24/24) checking package integrity                 [######################] 100%
+(24/24) loading package files                      [######################] 100%
+(24/24) checking for file conflicts                [######################] 100%
+(24/24) checking available disk space              [######################] 100%
+:: Processing package changes...
+( 1/24) installing libnsl                          [######################] 100%
+( 2/24) installing python                          [######################] 100%
+Optional dependencies for python
+    python-setuptools [pending]
+    python-pip
+    sqlite [installed]
+    mpdecimal: for decimal
+    xz: for lzma [installed]
+    tk: for tkinter
+( 3/24) installing libyaml                         [######################] 100%
+( 4/24) installing python-yaml                     [######################] 100%
+( 5/24) installing python-ply                      [######################] 100%
+( 6/24) installing python-pycparser                [######################] 100%
+( 7/24) installing python-cffi                     [######################] 100%
+( 8/24) installing python-six                      [######################] 100%
+( 9/24) installing python-bcrypt                   [######################] 100%
+(10/24) installing python-idna                     [######################] 100%
+(11/24) installing python-appdirs                  [######################] 100%
+(12/24) installing python-pyparsing                [######################] 100%
+(13/24) installing python-packaging                [######################] 100%
+(14/24) installing python-ordered-set              [######################] 100%
+(15/24) installing python-setuptools               [######################] 100%
+(16/24) installing python-asn1crypto               [######################] 100%
+(17/24) installing python-cryptography             [######################] 100%
+(18/24) installing python-pyasn1                   [######################] 100%
+(19/24) installing libsodium                       [######################] 100%
+(20/24) installing python-pynacl                   [######################] 100%
+(21/24) installing python-paramiko                 [######################] 100%
+(22/24) installing python-markupsafe               [######################] 100%
+(23/24) installing python-jinja                    [######################] 100%
+Optional dependencies for python-jinja
+    python-babel: for i18n support
+(24/24) installing ansible                         [######################] 100%
+Optional dependencies for ansible
+    sshpass: for ssh connections with password
+    python-passlib: crypt values for vars_prompt
+    python-pyopenssl: openssl modules
+    python-netaddr: for the ipaddr filter
+    python-systemd: log to journal
+    python-pywinrm: connect to Windows machines
+    python-dnspython: for dig lookup
+    python-ovirt-engine-sdk: ovirt support
+    python-boto3: aws_s3 module
+    python-jmespath: json_query support
+    acme-tiny: openssl_certificate module
+:: Running post-transaction hooks...
+(1/1) Arming ConditionNeedsUpdate...
+</code>
+Mit nachfolgendem Befehl kann überprüft werden, welche Inhalte mit dem Paket **''ansible''** installiert wurden.
+<code>
+# pacman -Ql ansible
+ansible /etc/
+ansible /etc/ansible/
+ansible /etc/ansible/ansible.cfg
+ansible /usr/
+ansible /usr/bin/
+ansible /usr/bin/ansible
+ansible /usr/bin/ansible-config
+ansible /usr/bin/ansible-connection
+ansible /usr/bin/ansible-console
+ansible /usr/bin/ansible-doc
+ansible /usr/bin/ansible-galaxy
+ansible /usr/bin/ansible-inventory
+ansible /usr/bin/ansible-playbook
+ansible /usr/bin/ansible-pull
+ansible /usr/bin/ansible-test
+ansible /usr/bin/ansible-vault
+ansible /usr/lib/
+ansible /usr/lib/python3.8/
+...
+[Kürzung der Ausgabe]
+...
+ansible /usr/share/
+ansible /usr/share/ansible/
+ansible /usr/share/ansible/doc/
+ansible /usr/share/ansible/doc/examples/
+ansible /usr/share/ansible/doc/examples/ansible.cfg
+ansible /usr/share/ansible/doc/examples/hosts
+ansible /usr/share/ansible/doc/examples/scripts/
+ansible /usr/share/ansible/doc/examples/scripts/ConfigureRemotingForAnsible.ps1
+ansible /usr/share/ansible/doc/examples/scripts/upgrade_to_ps3.ps1
+ansible /usr/share/doc/
+ansible /usr/share/doc/ansible/
+ansible /usr/share/doc/ansible/COPYING
+ansible /usr/share/man/
+ansible /usr/share/man/man1/
+ansible /usr/share/man/man1/ansible-config.1.gz
+ansible /usr/share/man/man1/ansible-console.1.gz
+ansible /usr/share/man/man1/ansible-doc.1.gz
+ansible /usr/share/man/man1/ansible-galaxy.1.gz
+ansible /usr/share/man/man1/ansible-inventory.1.gz
+ansible /usr/share/man/man1/ansible-playbook.1.gz
+ansible /usr/share/man/man1/ansible-pull.1.gz
+ansible /usr/share/man/man1/ansible-vault.1.gz
+ansible /usr/share/man/man1/ansible.1.gz
+</code>
+Zum Abschluss kann mit nachfolgendem Befehl überprüft werden, ob ein Aufruf möglich ist und [[https://www.ansible.com/|Ansible]] nutzbar ist:
+<code>
+# ansible --version
+ansible 2.9.2
+  config file = /etc/ansible/ansible.cfg
+  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
+  ansible python module location = /usr/lib/python3.8/site-packages/ansible
+  executable location = /usr/bin/ansible
+  python version = 3.8.1 (default, Dec 21 2019, 20:57:38) [GCC 9.2.0]
+</code>
+==== Konfigurieren ====
+Die Nutzung von [[https://www.ansible.com/|Ansible]] basiert auf der nachfolgenden Installation, welche unter dem folgenden internen Link nachvollzogen werden kann:
+  * **[[tachtler:ansible_mit_ansible_einrichten|Ansible mit Ansible einrichten]]**
 ==== /home/ansible/ansible/inventories/production/hosts ====
@@ Zeile 280: / Zeile 452: @@
 Nachfolgend das **Playbook**.
 <code yaml>
+--- ### ArchLinux installation
+  # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation
+- hosts: install
+  #
+  ##############################################################################
+  # >>> Please edit following lines for personal settings and custom usages. ! #
+  ##############################################################################
+  #
+  vars:
+    parted_device: vda
+    parted_device_partition:
+      - name: "partition1"
+        number: 1
+        flags: []
+        start: 0%
+        end: 1025MiB
+      - name: "partition2"
+        number: 2
+        flags: [ lvm ]
+        start: 1025MiB
+        end: 100%
+    parted_device_pv: 2
+    parted_device_vg: archlinux
+    parted_device_swap:
+      - name: "swap"
+        size: 2048
+        type: "swap"
+    parted_device_boot:
+      - name: "boot"
+        size: 1024
+        type: "ext4"
+        path: "/mnt/boot"
+    # First "logical volume" MUST be root!
+    parted_device_lv:
+      - name: "root"
+        size: 10240
+        type: "ext4"
+        path: "/mnt"
+      - name: "home"
+        size: 1024
+        type: "ext4"
+        path: "/mnt/home"
+      - name: "var"
+        size: 3072
+        type: "ext4"
+        path: "/mnt/var"
+      - name: "var_log"
+        size: 2048
+        type: "ext4"
+        path: "/mnt/var/log"
+    # System environment setup
+    mnt_hostname: archlinux
+    mnt_lang: en_US.UTF-8
+    # systemd-networkd.service configuration first interface
+    mnt_ip: 192.168.1.11/24
+    mnt_gateway: 192.168.1.1
+    mnt_dns: 192.168.1.1
+    #
+    ##############################################################################
+    # >>> Normaly there is no need to change anything below this comment line. ! #
+    ##############################################################################
+    #
+  tasks:
+    - name: Read device information from disk
+      parted:
+        device: "/dev/{{ parted_device }}"
+        unit: MiB
+      register: device_parted
+      #
+      # Partitionierung fdisk
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#partitionierungfdisk
+      #
+    - name: Create partitions
+      parted:
+        device: "/dev/{{ parted_device }}"
+        number: "{{ item.number }}"
+        flags: "{{ item.flags }}"
+        state: present
+        part_start: "{{ item.start }}"
+        part_end: "{{ item.end }}"
+      with_items: "{{ parted_device_partition }}"
+      #
+      # LVM, Dateisysteme formatieren, Partitonen einhaengen
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#lvm
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#dateisysteme_formatieren
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#partitonen_einhaengen
+      #
+    - name: Create a volume group on partition LVM
+      lvg:
+        vg: "{{ parted_device_vg }}"
+        pvs: "/dev/{{ parted_device }}{{ parted_device_pv }}"
+    - name: Create swap volume
+      lvol:
+        vg: "{{ parted_device_vg }}"
+        lv: "{{ item.name }}"
+        size: "{{ item.size }}"
+      with_items: "{{ parted_device_swap }}"
+    - name: Create logical volumes
+      lvol:
+        vg: "{{ parted_device_vg }}"
+        lv: "{{ item.name }}"
+        size: "{{ item.size }}"
+      with_items: "{{ parted_device_lv }}"
+    - name: Make directory for mount point boot
+      file:
+        path: "{{ item.path }}"
+        state: directory
+      with_items: "{{ parted_device_boot }}"
+    - name: Create a filesystem on each logical volume
+      filesystem:
+        fstype: "{{ item.type }}"
+        dev: "/dev/mapper/{{ parted_device_vg }}-{{ item.name }}"
+      with_items: "{{ parted_device_lv }}"
+    - name: Make directorys for mount points
+      file:
+        path: "{{ item.path }}"
+        state: directory
+      with_items: "{{ parted_device_lv }}"
+    - name: Mount each logical volume
+      mount:
+        src: "/dev/mapper/{{ parted_device_vg }}-{{ item.name }}"
+        path: "{{ item.path }}"
+        fstype: "{{ item.type }}"
+        state: mounted
+      with_items: "{{ parted_device_lv }}"
+    - name: Make directorys for nested mount points
+      file:
+        path: "{{ item.path }}"
+        state: directory
+      with_items: "{{ parted_device_lv }}"
+    - name: Mount each nested logical volume
+      mount:
+        src: "/dev/mapper/{{ parted_device_vg }}-{{ item.name }}"
+        path: "{{ item.path }}"
+        fstype: "{{ item.type }}"
+        state: mounted
+      with_items: "{{ parted_device_lv }}"
+    - name: Create a filesystem on boot volume
+      filesystem:
+        fstype: "{{ item.type }}"
+        dev: "/dev/{{ parted_device }}1"
+      with_items: "{{ parted_device_boot }}"
+    - name: Mount boot logical volume
+      mount:
+        src: "/dev/{{ parted_device }}1"
+        path: "{{ item.path }}"
+        fstype: "{{ item.type }}"
+        state: mounted
+      with_items: "{{ parted_device_boot }}"
+    - name: Create a filesystem on swap volume
+      filesystem:
+        fstype: "{{ item.type }}"
+        dev: "/dev/mapper/{{ parted_device_vg }}-{{ item.name }}"
+      with_items: "{{ parted_device_swap }}"
+    - name: Swapon swap device
+      command: "swapon /dev/mapper/{{ parted_device_vg }}-{{ item.name }}"
+      with_items: "{{ parted_device_swap }}"
+      #
+      # Installation Basissystem
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#installationbasissystem
+      #
+      #
+      # /etc/pacman.d/mirrorlist
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#etc_pacmand_mirrorlist
+      #
+    - name: Check if file NOT exists - /etc/pacman.d/mirrorlist.orig
+      stat:
+        path: /etc/pacman.d/mirrorlist.orig
+      register: mirrorlist_orig
+    - name: Copy /etc/pacman.d/mirrorlist to /etc/pacman.d/mirrorlist.orig
+      copy:
+        src: /etc/pacman.d/mirrorlist
+        dest: /etc/pacman.d/mirrorlist.orig
+        remote_src: yes
+      when: mirrorlist_orig.stat.exists == false
+    - name: Generate German Mirrorlist for pacman
+      shell: grep -E -A 1 ".*Germany.*$" /etc/pacman.d/mirrorlist.orig | sed "/--/d" > /etc/pacman.d/mirrorlist
+      #
+      # Basissystem /mnt
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#basissystemmnt
+      #
+    - name: Generate Basissystem with pacstrap (This may take some time!)
+      command: pacstrap /mnt base base-devel linux-lts linux-firmware lvm2 openssh sshpass vi vim python
+      register: pacstrap
+    - debug:
+        msg: >-
+          { "stdout": {{ pacstrap.stdout_lines }},
+            "stderr": {{ pacstrap.stderr.splitlines() }} }
+      #
+      # Systemkonfiguration /mnt
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#systemkonfigurationmnt
+      #
+      #
+      # /etc/fstab erstellen
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#etc_fstab_erstellen
+      #
+    - name: Generate /etc/fstab
+      shell: genfstab -Up /mnt > /mnt/etc/fstab
+      #
+      # /etc/hostname
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#etc_hostname
+      #
+    - name: chroot - Set /etc/hostname
+      shell:
+        cmd: |
+          arch-chroot /mnt <<EOF
+          echo {{ mnt_hostname }} > /etc/hostname
+          EOF
+      args:
+        executable: /bin/bash
+      #
+      # /etc/locale.conf
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#etc_localeconf
+      #
+    - name: chroot - Set /etc/locale.conf
+      shell:
+        cmd: |
+          arch-chroot /mnt <<EOF
+          echo LANG={{ mnt_lang }} > /etc/locale.conf
+          EOF
+      args:
+        executable: /bin/bash
+      #
+      # /etc/locale.gen
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#etc_localegen
+      #
+    - name: chroot - Changes to /etc/locale.gen
+      shell:
+        cmd: |
+          arch-chroot /mnt <<EOF
+          cp -a /etc/locale.gen /etc/locale.gen.orig
+          sed -i '/#en_US*/s/^#//g' /etc/locale.gen
+          locale-gen
+          EOF
+      args:
+        executable: /bin/bash
+      register: localegen
+    - debug:
+        msg: >-
+          { "stdout": {{ localegen.stdout_lines }},
+            "stderr": {{ localegen.stderr.splitlines() }} }
+      #
+      # /etc/vconsole.conf
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#etc_vconsoleconf
+      #
+    - name: chroot - Set /etc/vconsole.conf
+      shell:
+        cmd: |
+          arch-chroot /mnt <<EOF
+          echo KEYMAP=de-latin1-nodeadkeys > /etc/vconsole.conf
+          echo FONT=lat9w-16 >> /etc/vconsole.conf
+          EOF
+      args:
+        executable: /bin/bash
+      #
+      # /etc/localtime
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#etc_localtime
+      #
+    - name: chroot - Set /etc/localtime
+      shell:
+        cmd: |
+          arch-chroot /mnt <<EOF
+          ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
+          EOF
+      args:
+        executable: /bin/bash
+      #
+      # /etc/hosts
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#etc_hosts
+      #
+    - name: chroot - Set /etc/hosts
+      shell:
+        cmd: |
+          arch-chroot /mnt <<EOF
+          cat > /etc/hosts <<INEOF
+          #<ip-address> <hostname.domain.tld>   <hostname>
+.0.0.1     localhost.localdomain   localhost
+          ::1           localhost.localdomain   localhost
+          INEOF
+          EOF
+      args:
+        executable: /bin/bash
+      #
+      # /etc/mkinitcpio.conf
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#etc_mkinitcpioconf
+      #
+    - name: chroot - Set /etc/mkinitcpio.conf
+      shell:
+        cmd: |
+          arch-chroot /mnt <<EOF
+          cp -a /etc/mkinitcpio.conf /etc/mkinitcpio.conf.orig
+          sed -i 's/block\ filesystem/block\ lvm2\ filesystem/g' /etc/mkinitcpio.conf
+          mkinitcpio -p linux-lts
+          EOF
+      args:
+        executable: /bin/bash
+      register: mkinitcpio
+    - debug:
+        msg: >-
+          { "stdout": {{ mkinitcpio.stdout_lines }},
+            "stderr": {{ mkinitcpio.stderr.splitlines() }} }
+      #
+      # Bootloader GRUB
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#bootloadergrub
+      #
+    - name: chroot - Install and configure Bootloader - GRUB
+      shell:
+        cmd: |
+          arch-chroot /mnt <<EOF
+          pacman -S grub --noconfirm
+          grub-install "/dev/{{ parted_device }}"
+          sed -i 's/quiet/net\.ifnames=0/g' /etc/default/grub
+          grub-mkconfig -o /boot/grub/grub.cfg
+          EOF
+      args:
+        executable: /bin/bash
+      register: grub
+    - debug:
+        msg: >-
+          { "stdout": {{ grub.stdout_lines }},
+            "stderr": {{ grub.stderr.splitlines() }} }
+      #
+      # passwd root
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#passwortroot1
+      #
+    - name: chroot - Set a default passwd for the root user (toor)
+      shell:
+        cmd: |
+          arch-chroot /mnt <<EOF
+          echo "root:toor" | chpasswd
+          EOF
+      args:
+        executable: /bin/bash
+      #
+      # Netzwerk systemd
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#netzwerksystemd
+      #
+    - name: Create /mnt/etc/systemd/networkd/eth0.network
+      shell:
+        cmd: |
+          cat > /mnt/etc/systemd/network/eth0.network <<EOF
+          [Match]
+          Name=eth0
+          [Network]
+          Address={{ mnt_ip }}
+          Gateway={{ mnt_gateway }}
+          DNS={{ mnt_dns }}
+          EOF
+      args:
+        executable: /bin/bash
+    - name: chroot - Enable systemd-networkd.service
+      shell:
+        cmd: |
+          arch-chroot /mnt <<EOF
+          systemctl enable systemd-networkd.service
+          EOF
+      args:
+        executable: /bin/bash
+    - name: Update /mnt/etc/resolv.conf
+      shell:
+        cmd: |
+          cat >> /mnt/etc/resolv.conf <<EOF
+          nameserver {{ mnt_dns }}
+          EOF
+      args:
+        executable: /bin/bash
+      #
+      # SSH-Dienst/Deamon einrichten
+      # https://dokuwiki.tachtler.net/doku.php?id=tachtler:archlinux_-_minimal_server_installation#ssh-dienst_deamon_einrichten
+      #
+    - name: Check if file NOT exists - /mnt/etc/sshd/sshd.config.orig
+      stat:
+        path: /mnt//etc/ssh/sshd_config.orig
+      register: sshd_config_orig
+    - name: Copy /mnt/etc/sshd/sshd_config to /etc/ssh/sshd_config.orig
+      copy:
+        src: /mnt/etc/ssh/sshd_config
+        dest: /mnt/etc/ssh/sshd_config.orig
+        remote_src: yes
+      when: sshd_config_orig.stat.exists == false
+    - name: Change configuration of /mnt/etc/ssh/sshd_config
+      lineinfile:
+        line: "{{ item.line }}"
+        path: "/mnt/etc/ssh/sshd_config"
+        regexp: "{{ item.regexp }}"
+        state: present
+      with_items:
+        - { regexp: "^#PermitRootLogin\ prohibit-password", line: "# Tachtler\n# default: #PermitRootLogin prohibit-password\nPermitRootLogin yes" }
+        - { regexp: "^#PasswordAuthentication yes", line: "# Tachtler\n# default: #PasswordAuthentication yes\nPasswordAuthentication yes" }
+    - name: chroot - Enable sshd.service
+      shell:
+        cmd: |
+          arch-chroot /mnt <<EOF
+          systemctl enable sshd.service
+          EOF
+      args:
+        executable: /bin/bash
 </code>
@@ Zeile 987: / Zeile 1602: @@
         "stderr": [
             "[root@archiso /]# pacman -S grub --noconfirm",
-            "[root@archiso /]# grub-install '/dev/vda'",
+            "[root@archiso /]# grub-install \"/dev/vda\"",
             "Installing for i386-pc platform.",
             "Installation finished. No error reported.",
@@ Zeile 1054: / Zeile 1669: @@
 changed: [192.168.1.10]
-TASK [Change configuration of "/mnt/etc/ssh/sshd_config".] *********************
+TASK [Change configuration of /mnt/etc/ssh/sshd_config] ************************
 changed: [192.168.1.10] => (item={'regexp': '^#PermitRootLogin prohibit-password', 'line': '# Tachtler\n# default: #PermitRootLogin prohibit-password\nPermitRootLogin yes'})
 changed: [192.168.1.10] => (item={'regexp': '^#PasswordAuthentication yes', 'line': '# Tachtler\n# default: #PasswordAuthentication yes\nPasswordAuthentication yes'})
@@ Zeile 1095: / Zeile 1710: @@
 Jetzt kann eine erste Verbindung als Benutzer **''root''** via **SSH**-Login auf den Server hergestellt werden. Nachfolgender Befehl soll dazu **auf einer __lokalen Workstation__, __nicht__ auf dem Server** verwendet werden:
-:!: **WICHTIG** - Um Probleme mit **Sonderzeichen** zu vermeiden, lautet das **Standard-Passwort** für den Benuzter **''root''** - **''toor''**!
+Benuzter: **''root''**\\
+Passwort: **''toor''**
 <code>
@@ Zeile 1108: / Zeile 1724: @@
 * //Wobei die IP-Adresse: **192.168.1.11** im **Playbook** unter der Variable **''mnt_ip''** festgelegt wurde!//
+:!: **WICHTIG** - **Bitte das __Passwort__ für den Benutzer ''root'' noch __ändern__ !!!**