Refactor playbooks into roles

2 files changed, 19 insertions, 0 deletions

diff --git a/personal_infra/playbooks/roles/join_ipa/handlers/main.yml b/personal_infra/playbooks/roles/join_ipa/handlers/main.yml
new file mode 100644
index 00000000..da74d5ee
--- /dev/null
+++ b/personal_infra/playbooks/roles/join_ipa/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: restart_container
+  delegate_to: "{{ proxmox.host }}"
+  command: pct reboot {{ proxmox.id }}
+
diff --git a/personal_infra/playbooks/roles/join_ipa/tasks/main.yml b/personal_infra/playbooks/roles/join_ipa/tasks/main.yml
new file mode 100644
index 00000000..eea24430
--- /dev/null
+++ b/personal_infra/playbooks/roles/join_ipa/tasks/main.yml
@@ -0,0 +1,15 @@
+---
+- name: join
+  # TODO:
+  # -N: no NTP (LXC doesn't need NTP)
+  shell: getent passwd admin || ipa-client-install -U -N --domain={{ freeipa.domain }} -w {{ freeipa.join_password|trim }} --mkhomedir -p {{ freeipa.join_user }}
+- name: set idmappings
+  blockinfile:
+    path: /etc/pve/lxc/{{ proxmox.id }}.conf
+    block: |
+      lxc.idmap = u 0 100000 65536
+      lxc.idmap = g 0 100000 65536
+      lxc.idmap = u {{ freeipa.idrange_start }} {{ freeipa.idrange_start }} {{ freeipa.idrange_size }}
+      lxc.idmap = g {{ freeipa.idrange_start }} {{ freeipa.idrange_start }} {{ freeipa.idrange_size }}
+  delegate_to: "{{ proxmox.host }}"
+  notify: restart_container