This is to prevent the "The 'wheel' distribution was not found" error

Use the same value as for vifib servers.

This variabe was always True.

since we are running in multiple sites, we need tunnels between the
sites. Let re6st handle this as usual with tunnels.

The configuration of the data disk will be done manually (especially
since it may require GPT partition table now).

fixup for 203927d9

In the compilation, there were many errors regarding rpath in Fedora
with the explanation message below. So I put the minimum to change the
error into warning.

*******************************************************************************
*
* WARNING: 'check-rpaths' detected a broken RPATH OR RUNPATH and will cause
*          'rpmbuild' to fail. To ignore these errors, you can set the
*          '$QA_RPATHS' environment variable which is a bitmask allowing the
*          values below. The current value of QA_RPATHS is 0x0003.
*
*    0x0001 ... standard RPATHs (e.g. /usr/lib); such RPATHs are a minor
*               issue but are introducing redundant searchpaths without
*               providing a benefit. They can also cause errors in multilib
*               environments.
*    0x0002 ... invalid RPATHs; these are RPATHs which are neither absolute
*               nor relative filenames and can therefore be a SECURITY risk
*    0x0004 ... insecure RPATHs; these are relative RPATHs which are a
*               SECURITY risk
*    0x0008 ... the special '$ORIGIN' RPATHs are appearing after other
*               RPATHs; this is just a minor issue but usually unwanted
*    0x0010 ... the RPATH is empty; there is no reason for such RPATHs
*               and they cause unneeded work while loading libraries
*    0x0020 ... an RPATH references '..' of an absolute path; this will break
*               the functionality when the path before '..' is a symlink
*
*
* Examples:
* - to ignore standard and empty RPATHs, execute 'rpmbuild' like
*   $ QA_RPATHS=$(( 0x0001|0x0010 )) rpmbuild my-package.src.rpm
* - to check existing files, set $RPM_BUILD_ROOT and execute check-rpaths like
*   $ RPM_BUILD_ROOT=<top-dir> /usr/lib/rpm/check-rpaths
*
*******************************************************************************

ntp package has been removed in Fedora 34 (see https://fedoraproject.org/wiki/Changes/NtpReplacement)

vifib-startup playbook (which contains only vifib-server role) should
run without any dependency on Internet since it runs at boot time on all
vifib servers and must not fail.

See merge request nexedi/slapos.package!179

This command should not block the playbook when a repository
is broken

CentOS has exception, so we keep installing with tasks

If for example a repository key is expired, this should not
block the whole processing, except when the package state is
"latest".

To achieve this, before installing package, we always try to
update apt cache in a separate step for which we tolerate
errors and in a second step we only install the package without
updating cache - unless the package state is latest.

The idea is when we want to install the latest package, it's a
problem if we can't update cache before, but when we just want
the package to be present, errors during apt update should are
not a problem.

Only debian was adjusted with this logic.

fixup for 203927d9

the filename was not OK (only used for Arch)

no more special mount directory for slapos stuff

update the slapos configuration

It seems some machines don't have the default 666 permission on
/dev/net/tun so we force it in the playbook.

Also add names to the tasks.

Since re6st is giving a /25 subnetwork to the machine and address 1 is
assigned to the host by re6st, it means we have only 125 addresses left
for tap interfaces.

See merge request nexedi/slapos.package!176