libvirt config

2022-09-05 21:27:26 +12:00
parent 140749e34c
commit 1166e932c5
9 changed files with 166 additions and 43 deletions
--- a/ansible/roles/zfs-install/tasks/main.yml
+++ b/ansible/roles/zfs-install/tasks/main.yml
@ -1,15 +1,91 @@
 ---
- name: Install ZFS DKMS module
+- name: install zfs prerequisites
+  become: true
+  community.general.pacman:
+    name: "{{ zfs_prereq_packages }}"
+    state: latest
+    update_cache: true
+  when:
+    - ansible_os_family == 'Arch'
+
+- name: add gpg parameters file from template
+  become: true
+  ansible.builtin.template:
+    src: key-params.j2
+    dest: /root/key-params
+    owner: root
+    group: root
+    mode: 0660
+
+- name: generate gpg key for root
  become: true
  ansible.builtin.shell:
-    cmd: pikaur -S zfs-dkms --noconfirm
-    executable: /usr/bin/bash
+    cmd: gpg --batch --gen-key /root/key-params

-# install linux-lts-headers first
-# add a gpg signing key, import and lsign the AUR key below
-# https://gist.github.com/woods/8970150
-# zfs-dkms AUR key 6AD860EED4598027 / 4F3BA9AB6D1F8D683DC2DFB56AD860EED4598027
+- name: import zfs signing key
+  become: true
+  ansible.builtin.shell:
+    cmd: gpg --receive-keys {{ aur_zfs_key_fingerprint|quote }}

-set zfs params (ARC)
-modprobe zfs
-set module to start at boot
+- name: trust zfs signing key
+  become: true
+  ansible.builtin.shell:
+    cmd: gpg --quick-lsign-key {{ aur_zfs_key_fingerprint|quote }}
+
+- name: install zfs module
+  become: true
+  community.general.pacman:
+    executable: /usr/bin/pikaur
+    name: "{{ zfs_packages }}"
+    state: latest
+    update_cache: true
+  when:
+    - ansible_os_family == 'Arch'
+
+- name: set zfs module parameters
+  become: true
+  ansible.builtin.template:
+    src: zfs.conf.j2
+    dest: /etc/modprobe.d/zfs.conf
+    owner: root
+    group: root
+    mode: 0664
+
+- name: load zfs module
+  become: true
+  community.general.modprobe:
+    name: zfs
+    state: present
+
+- name: create zpool
+  become: true
+  ansible.builtin.shell:
+    cmd: zpool create -o ashift={{ zfs_zpool_ashift|quote }} -o autotrim=on -o cachefile=/etc/zfs/zpool.cache -O acltype=posixacl -O atime=off -O xattr=sa -O mountpoint=none -O canmount=off -O devices=off -O compression={{ zfs_zpool_compression|quote }} {{ zfs_zpool_name|quote }} {{ zfs_zpool_type|quote }} {{ zfs_zpool_disk_a|quote }} {{ zfs_zpool_disk_b|quote }} 
+
+- name: enable zfs services
+  become: true
+  ansible.builtin.service:
+    name: "{{ item }}"
+    state: started
+    enabled: yes
+  loop:
+    - zfs-import-cache.service
+    - zfs-mount.service
+    - zfs.target
+
+- name: create backup zfs dataset
+  community.general.zfs:
+    name: "{{ zfs_backup_dataset }}"
+    state: present
+    extra_zfs_properties:
+      canmount: off
+      mountpoint: none
+      primarycache: none
+      secondarycache: none
+      reservation: none
+      refreservation: none
+      dedup: off
+      encryption: off
+      volmode: dev
+      devices: off
+      atime: off