sshd setup
This commit is contained in:
@ -1,15 +1,16 @@
|
||||
libvirt_packages:
|
||||
arch:
|
||||
qemu-base
|
||||
openbsd-netcat
|
||||
swtpm
|
||||
gettext
|
||||
libvirt
|
||||
libvirt-python
|
||||
Archlinux:
|
||||
- qemu-base
|
||||
- openbsd-netcat
|
||||
- swtpm
|
||||
- gettext
|
||||
- libvirt
|
||||
- libvirt-python
|
||||
- python-lxml
|
||||
|
||||
hypervisor:
|
||||
storage: dir
|
||||
device: /dev/sda
|
||||
device: /dev/sdb
|
||||
|
||||
# hypervisor:
|
||||
# storage: zfs
|
||||
|
||||
@ -1,12 +1,5 @@
|
||||
---
|
||||
|
||||
- name: Format and mount the libvirt disk if it is not root
|
||||
when:
|
||||
- hypervisor.device not in (ansible_mounts | json_query('[?mount == `/`].device'))
|
||||
- hypervisor.device not in (ansible_mounts | json_query('[?mount == `/var/lib/libvirt`].device'))
|
||||
ansible.builtin.include_tasks:
|
||||
file: libvirt_dir_mount.yaml
|
||||
|
||||
- name: Create the libvirt storage directories
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
|
||||
@ -12,6 +12,8 @@
|
||||
part_start: 0%
|
||||
state: present
|
||||
|
||||
# TODO disk encryption
|
||||
|
||||
- name: Format filesystem
|
||||
community.general.filesystem:
|
||||
device: "{{ hypervisor.device }}1"
|
||||
@ -19,12 +21,24 @@
|
||||
resizefs: true
|
||||
state: present
|
||||
|
||||
- name: Stop the libvirt service
|
||||
- name: Get list of services
|
||||
ansible.builtin.service_facts:
|
||||
|
||||
- name: Stop the libvirt services
|
||||
when: item in ansible_facts.services
|
||||
ansible.builtin.service:
|
||||
name: libvirtd
|
||||
name: "{{ item }}"
|
||||
state: stopped
|
||||
loop:
|
||||
- libvirtd.service
|
||||
|
||||
- name: Check if libvirt storage directory exists
|
||||
ansible.builtin.stat:
|
||||
path: /var/lib/libvirt/
|
||||
register: libvirt_storage
|
||||
|
||||
- name: Temp mount and copy block
|
||||
when: libvirt_storage.stat.exists
|
||||
block:
|
||||
|
||||
- name: Temporarily mount hypervisor storage
|
||||
@ -42,6 +56,17 @@
|
||||
remote_src: true
|
||||
mode: preserve
|
||||
|
||||
- name: Remove existing libvirt storage
|
||||
ansible.builtin.file:
|
||||
path: /var/lib/libvirt/
|
||||
state: "{{ item }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0775'
|
||||
loop:
|
||||
- absent
|
||||
- directory
|
||||
|
||||
always:
|
||||
|
||||
- name: Unmount from temporary mount point
|
||||
@ -49,17 +74,6 @@
|
||||
path: /mnt/libvirt_temp/
|
||||
state: absent
|
||||
|
||||
- name: Remove existing libvirt storage
|
||||
ansible.builtin.file:
|
||||
path: /var/lib/libvirt/
|
||||
state: "{{ item }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0775'
|
||||
loop:
|
||||
- absent
|
||||
- directory
|
||||
|
||||
- name: Mount hypervisor storage
|
||||
ansible.posix.mount:
|
||||
path: /var/lib/libvirt/
|
||||
@ -69,6 +83,9 @@
|
||||
boot: true
|
||||
|
||||
- name: Start the libvirt service
|
||||
when: item in ansible_facts.services
|
||||
ansible.builtin.service:
|
||||
name: libvirtd
|
||||
name: "{{ item }}"
|
||||
state: started
|
||||
loop:
|
||||
- libvirtd.service
|
||||
@ -1,18 +1,32 @@
|
||||
---
|
||||
|
||||
- name: Install libvirt packages (Arch)
|
||||
when: ansible_os_distribution == 'Archlinux'
|
||||
- name: Format and mount the libvirt disk if it is not root
|
||||
when:
|
||||
- hypervisor.device is defined
|
||||
- hypervisor.device not in (ansible_mounts | json_query('[?mount == `/var/lib/libvirt`].device'))
|
||||
ansible.builtin.include_tasks:
|
||||
file: libvirt_drive_mount.yaml
|
||||
|
||||
- name: Install libvirt packages (Archlinux)
|
||||
when: ansible_distribution == 'Archlinux'
|
||||
community.general.pacman:
|
||||
name: "{{ libvirt_packages['Arch'] }}"
|
||||
name: "{{ libvirt_packages['Archlinux'] }}"
|
||||
state: present
|
||||
update_cache: true
|
||||
|
||||
- name: Add user to libvirt group
|
||||
ansible.builtin.user:
|
||||
name: "{{ ansible_user }}"
|
||||
groups: libvirt
|
||||
groups:
|
||||
- libvirt
|
||||
- libvirt-qemu
|
||||
append: true
|
||||
|
||||
- name: Load br_netfilter kernel module so sysctl flags can be set
|
||||
community.general.modprobe:
|
||||
name: br_netfilter
|
||||
state: present
|
||||
|
||||
- name: Set required sysctl flags for bridging
|
||||
ansible.posix.sysctl:
|
||||
name: "{{ item.name }}"
|
||||
@ -20,7 +34,7 @@
|
||||
state: present
|
||||
sysctl_file: /etc/sysctl.d/bridge.conf
|
||||
sysctl_set: true
|
||||
value: "{{ item.value }}}}"
|
||||
value: "{{ item.value }}"
|
||||
loop:
|
||||
- name: net.ipv4.ip_forward
|
||||
value: 1
|
||||
@ -77,11 +91,11 @@
|
||||
community.libvirt.virt_pool:
|
||||
command: facts
|
||||
|
||||
- name: Define the standard libvirt storage pools
|
||||
- name: Define the standard libvirt storage pools # TODO add when condition against existing pools
|
||||
community.libvirt.virt_pool:
|
||||
name: "{{ item.name }}"
|
||||
command: define
|
||||
xml: "{{ lookup('template', 'dir_pool.xml.j2') }}"
|
||||
xml: "{{ lookup('template', 'dir_libvirt_pool.xml.j2') }}"
|
||||
loop:
|
||||
- name: isos
|
||||
path: /var/lib/libvirt/isos/
|
||||
|
||||
Reference in New Issue
Block a user