blob: 0fd8f5d0a3e7f0cb3a5ae1b3dd65712e193564e9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
---
- name: join
shell: getent passwd admin || ipa-client-install -U {% if 'lxc' in group_names %} -N {% endif %} --domain={{ freeipa.domain }} -w {{ freeipa.join_password|trim }} --mkhomedir -p {{ freeipa.join_user }}
# proxmox reorders the configuration file and misbehaves quite a bit :(
- name: proxmox idmaps
when: "'lxc' in group_names"
block:
- name: set id mappings copy out
copy:
remote_src: yes
src: /etc/pve/lxc/{{ proxmox.id }}.conf
dest: /tmp/{{ proxmox.id }}.conf
delegate_to: "{{ proxmox.host }}"
- name: read conf
slurp:
src: /tmp/{{ proxmox.id }}.conf
register: proxmox_conf
delegate_to: "{{ proxmox.host }}"
- name: set id mappings
blockinfile:
path: /tmp/{{ proxmox.id }}.conf
block: |
lxc.idmap = u 0 100000 65536
lxc.idmap = g 0 100000 65536
lxc.idmap = u {{ freeipa.idrange_start }} {{ freeipa.idrange_start }} {{ freeipa.idrange_size }}
lxc.idmap = g {{ freeipa.idrange_start }} {{ freeipa.idrange_start }} {{ freeipa.idrange_size }}
when: not proxmox_conf['content']|b64decode is search('lxc.idmap') and not proxmox.privileged|default(False)
notify: restart_container
delegate_to: "{{ proxmox.host }}"
- name: set id mappings copy in
command: cp /tmp/{{ proxmox.id }}.conf /etc/pve/lxc/{{ proxmox.id }}.conf
delegate_to: "{{ proxmox.host }}"
|
