diff options
| author | alex <alex@pdp7.net> | 2023-04-01 15:57:47 +0200 |
|---|---|---|
| committer | alex <alex@pdp7.net> | 2023-04-01 15:57:47 +0200 |
| commit | caa593ee7526d74bea1d2a96dbc15bb661feed44 (patch) | |
| tree | 7468e29afd6390c751dd05d677c5a5ba02634d94 /personal_infra/playbooks | |
| parent | 52350de176a17deae7ac4f6c0c0ca71364a09acb (diff) | |
Add support for privileged containers and extra LXC conf
Diffstat (limited to 'personal_infra/playbooks')
| -rw-r--r-- | personal_infra/playbooks/roles/join_ipa/tasks/main.yml | 2 | ||||
| -rw-r--r-- | personal_infra/playbooks/roles/proxmox_create_lxc/tasks/main.yml | 26 |
2 files changed, 26 insertions, 2 deletions
diff --git a/personal_infra/playbooks/roles/join_ipa/tasks/main.yml b/personal_infra/playbooks/roles/join_ipa/tasks/main.yml index b057d7cb..0fd8f5d0 100644 --- a/personal_infra/playbooks/roles/join_ipa/tasks/main.yml +++ b/personal_infra/playbooks/roles/join_ipa/tasks/main.yml @@ -24,7 +24,7 @@ lxc.idmap = g 0 100000 65536 lxc.idmap = u {{ freeipa.idrange_start }} {{ freeipa.idrange_start }} {{ freeipa.idrange_size }} lxc.idmap = g {{ freeipa.idrange_start }} {{ freeipa.idrange_start }} {{ freeipa.idrange_size }} - when: not proxmox_conf['content']|b64decode is search('lxc.idmap') + when: not proxmox_conf['content']|b64decode is search('lxc.idmap') and not proxmox.privileged|default(False) notify: restart_container delegate_to: "{{ proxmox.host }}" - name: set id mappings copy in diff --git a/personal_infra/playbooks/roles/proxmox_create_lxc/tasks/main.yml b/personal_infra/playbooks/roles/proxmox_create_lxc/tasks/main.yml index 014fa28c..ecb600aa 100644 --- a/personal_infra/playbooks/roles/proxmox_create_lxc/tasks/main.yml +++ b/personal_infra/playbooks/roles/proxmox_create_lxc/tasks/main.yml @@ -11,13 +11,37 @@ --storage local-zfs -net0 name=eth0,bridge=vmbr0,ip=dhcp -onboot 1 - --unprivileged + {% if not proxmox.privileged|default(false) %} -unprivileged {% endif %} + {% if proxmox.features|default(None) %} -features {{ proxmox.features }} {% endif %} --password {{ ansible_password|trim }} --nameserver {{ hostvars[proxmox.host].network.self_internal_ip }} --ostype {{ flavors[proxmox.flavor].pct_ostype }} args: creates: "/etc/pve/lxc/{{ proxmox.id }}.conf" delegate_to: "{{ proxmox.host }}" +- name: proxmox extra + when: proxmox.extra|default(None) + block: + - name: set proxmox extra copy out + copy: + remote_src: yes + src: /etc/pve/lxc/{{ proxmox.id }}.conf + dest: /tmp/{{ proxmox.id }}.conf + delegate_to: "{{ proxmox.host }}" + - name: read conf + slurp: + src: /tmp/{{ proxmox.id }}.conf + register: proxmox_conf + delegate_to: "{{ proxmox.host }}" + - name: set proxmox extra + lineinfile: + path: /tmp/{{ proxmox.id }}.conf + line: "{{ item }}" + loop: "{{ proxmox.extra }}" + delegate_to: "{{ proxmox.host }}" + - name: set proxmox extra copy in + command: cp /tmp/{{ proxmox.id }}.conf /etc/pve/lxc/{{ proxmox.id }}.conf + delegate_to: "{{ proxmox.host }}" # https://bugzilla.proxmox.com/show_bug.cgi?id=4515 - name: set hosts copy: |