added roles/ansible-gentoo_install/

roles/ansible-gentoo_install/tasks/tarball.yml

@@ -0,0 +1,156 @@
+# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
+# localhost
+---
+- name: "DEBUG: ansible-gentoo_install tarball"
+  debug:
+    verbosity: 1
+    msg: "DEBUG: ansible-gentoo_install tarball"
+   
+- name: test we are NOT in the chroot
+  shell: |
+    [ -n "{{AGI_NBD_MP}}" ] || exit 2
+    [ -d "{{AGI_NBD_MP}}" ] || exit 3
+  check_mode: false
+
+- name: gpg keys system
+  # Option --keyserver must be used to
+  environment: "{{proxy_env}}"
+  shell: |
+    /usr/bin/gpg --list-keys | grep "{{ item.uid }}" || \
+      /usr/bin/gpg --recv-keys \
+          --keyserver "{{ AGI_GPG_SERVER }}" "{{ item.uid }}"
+  with_items: "{{ agi_gpg_keys_system }}"
+  when:
+    - agi_gpg_keys_system|length > 0
+    - BASE_ARE_CONNECTED|default('') != ''
+  # FixMe:
+  ignore_errors: true
+
+- name: check files dir
+  environment: "{{shell_env}}"
+  shell: |
+    AGI_NBD_FILES="{{AGI_NBD_FILES}}"
+    [ -n "$AGI_NBD_FILES" ] || exit 1
+    [ -d "$AGI_NBD_FILES" ] || exit 2
+
+- name: determine latest stage tarball
+  environment: "{{proxy_env}}"
+  uri:
+    url: "{{ AGI_install_baseurl }}{{ AGI_install_latest_stage_pointer }}"
+    return_content: yes
+    dest: "{{AGI_NBD_FILES}}/latest-stage3-amd64-openrc.txt"
+    creates: "{{AGI_NBD_FILES}}/latest-stage3-amd64-openrc.txt"
+  register: latest_stage
+
+- name: read tarball
+  environment: "{{shell_env}}"
+  shell: |
+    AGI_NBD_FILES="{{AGI_NBD_FILES}}"
+    filename=$(grep ^stage "$AGI_NBD_FILES/latest-stage3-amd64-openrc.txt" | \
+      sed -e 's/ .*//' ) ;
+    suffix=$(echo $filename | sed -e 's/.*\././' );
+    prefix=$(echo $filename | sed -e "s/$suffix//" );
+    echo $filename
+  register: tarball_out
+ 
+- set_fact:
+    latest_stage_tarball_url_suffix: "{{ ( latest_stage.content.splitlines() | reject('match', '#') | first ).split(' ')[0] }}"
+    latest_stage_tarball: "{{ ( latest_stage.content.splitlines() | reject('match', '#') | first ).split(' ')[0].split('/')[1] }}"
+  when:
+    - not ansible_check_mode
+    - false
+
+- set_fact:
+    latest_stage_tarball_url_suffix: "{{tarball_out.stdout}}"
+    # there's not directory now
+    latest_stage_tarball: "{{tarball_out.stdout}}"
+    latest_portage_tarball: portage-20231223.tar.xz
+  when:
+    - not ansible_check_mode
+    - tarball_out.rc|default(1) == 0
+   
+- name: fetch latest stage tarball
+  environment: "{{proxy_env}}"
+  delegate_to: localhost
+  uri:
+    url: "{{ item.url }}"
+    dest: "{{ item.dest }}"
+    creates: "{{ item.creates }}"
+  with_items:
+    -
+      url: "{{ AGI_install_baseurl }}{{ latest_stage_tarball_url_suffix }}"
+      dest: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}"
+      creates: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}"
+    -
+      url: "{{ AGI_install_baseurl }}{{ latest_stage_tarball_url_suffix }}.sha256"
+      dest: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}.sha256"
+      creates: "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}.sha256"
+  when:
+    - not ansible_check_mode
+
+- name: check stage tarball
+  environment: "{{shell_env}}"
+  shell: |
+    cd "{{AGI_NBD_FILES}}" || exit 1
+    sha256sum "{{ latest_stage_tarball }}.sha256"
+  when:
+    - not ansible_check_mode
+  
+- name: extract stage tarball
+  unarchive:
+    src:  "{{AGI_NBD_FILES}}/{{ latest_stage_tarball }}"
+    dest: "{{AGI_NBD_MP}}"
+    remote_src: no
+    creates: "{{AGI_NBD_MP}}/var"
+
+- name: fetch latest portage tarball
+  environment: "{{proxy_env}}"
+  delegate_to: localhost
+  uri:
+    url: "{{ AGI_install_baseurl }}{{ latest_portage_tarball }}"
+    dest: "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}"
+    creates: "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}"
+
+
+- name: test portage tarball
+  environment: "{{shell_env}}"
+  shell: |
+    cd "{{AGI_NBD_FILES}}"
+    md5sum -c "{{ latest_portage_tarball }}.md5sum"
+
+- name: test gpg not GENTOO
+  environment: "{{shell_env}}"
+  shell: |
+    # E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
+    [ -f /usr/local/share/openpgp-keys/gentoo-release.asc ] || exit 1
+    gpg --list-keys | grep E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 || \
+      gpg --import /usr/local/share/openpgp-keys/gentoo-release.asc || exit 2
+  when:
+    - "ansible_distribution != 'Gentoo'"
+
+- name: test gpg GENTOO
+  shell: |
+    # E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
+    [ -f  /usr/share/openpgp-keys/gentoo-release.asc ] || \
+      emerge -v sec-keys/openpgp-keys-gentoo-release || exit 1
+    gpg --list-keys | grep E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 || \
+      gpg --import /usr/share/openpgp-keys/gentoo-release.asc || exit 2
+  when:
+    - "ansible_distribution == 'Gentoo'"
+
+- name: test portage tarball gpg our copy
+  environment: "{{shell_env}}"
+  shell: |
+    # E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250
+    gpg --list-keys | grep E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 || exit 2
+    gpg --verify "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}.gpgsig" \
+        "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}"  || exit 3$?
+
+- name: extract portage tarball
+  unarchive:
+    src:  "{{AGI_NBD_FILES}}/{{ latest_portage_tarball }}"
+    dest: "{{AGI_NBD_MP}}/usr"
+    remote_src: no
+    creates: "{{AGI_NBD_MP}}/usr/portage"
+
+