I needed a quick way to upgrade my OpenBSD 5.8 servers with the recent release of OpenBSD 5.9 and because
I like ansible, i’ve written an incomplete and dangerous playbook to do it.
This playbook is incomplete because it’s ONLY for server using comp.tgz and man.tgz. Add your sets as required. Don’t mess up the order of the sets.
Please don’t use it, understand the manual in place upgrade procedure before even thinking of using this playbook.
Take note this playbook requires ansible 2.0+
https://gist.github.com/zehome/060be435cbc4d19e72f0e28fb050691a
---
- hosts: all
gather_facts: yes
vars:
mirror: http://ftp.eu.openbsd.org/pub/OpenBSD
release: 5.9
arch: amd64
tasks:
- name: installboot on sd0
command: installboot -v sd0
- name: Ensure /usr/rel exists
file: dest=/usr/rel state=directory
- name: Clean /usr/rel
shell: rm /usr/rel/*
ignore_errors: true
- name: Download packages
command: ftp -o /usr/rel/{{item}} {{mirror}}/{{release}}/{{arch}}/{{item}}
with_items:
- SHA256
- SHA256.sig
- bsd.rd
- bsd.mp
- bsd
- man59.tgz
- base59.tgz
- comp59.tgz
- game59.tgz
- xbase59.tgz
- xshare59.tgz
- name: Check SHA256
command: chdir=/usr/rel sha256 -C SHA256 bsd.rd bsd.mp bsd man59.tgz comp59.tgz base59.tgz game59.tgz xbase59.tgz xshare59.tgz
- name: Check with signify
command: chdir=/usr/rel signify -C -p /etc/signify/openbsd-59-base.pub -x SHA256.sig bsd.rd bsd.mp bsd man59.tgz comp59.tgz base59.tgz game59.tgz xbase59.tgz xshare59.tgz
- shell: cp /sbin/reboot /sbin/oreboot && cp /usr/rel/bsd /bsd.sp && cp /usr/rel/bsd.mp /bsd && cp /usr/rel/bsd.rd /bsd.rd
- name: Extract packages
command: tar -C / -xzphf {{item}}
chdir=/usr/rel
with_items:
- comp59.tgz
- man59.tgz
- game59.tgz
- xbase59.tgz
- xshare59.tgz
- name: Extract base and reboot
shell: tar -C / -xzphf /usr/rel/base59.tgz && /sbin/oreboot
async: 1
poll: 0
ignore_errors: true
- name: waiting for server to come back
local_action: wait_for host={{ inventory_hostname }} state=started delay=30 timeout=300
- name: MAKEDEV
command: chdir=/dev ./MAKEDEV all
- name: upgrade bootloader
command: installboot -v sd0
- name: sysmerge non interractive
command: sysmerge -b
ignore_errors: true
- name: firmware update
command: fw_update -v
- name: update pkg.conf
lineinfile:
regexp="^installpath ="
line="installpath = {{mirror}}/{{release}}/packages/{{arch}}"
dest=/etc/pkg.conf
- name: upgrade packages
command: pkg_add -u
- name: reboot again
command: /sbin/reboot
async: 1
poll: 0
ignore_errors: true
- name: waiting for server to come back
local_action: wait_for host={{ inventory_hostname }} state=started delay=30 timeout=300
- name: check uname
command: uname -a
Update 08/04/2016
The new playbook now checks base tarballs with signify(1)
Now fixes automatically the pkg.conf(5).