1 files changed, 102 insertions, 100 deletions

diff --git a/ansible/roles/lxc-host/tasks/per-host.yml b/ansible/roles/lxc-host/tasks/per-host.yml
index 817497b..3bc9d24 100644
--- a/ansible/roles/lxc-host/tasks/per-host.yml
+++ b/ansible/roles/lxc-host/tasks/per-host.yml
@@ -1,115 +1,117 @@
 - debug:
-    msg: "LXC HOST: {{ i.key }}"
+    msg: "LXC HOST: {{ name }}"
   tags: lxc-host
 
-- name: Create container
+- when: new
   tags: lxc-host
   become: yes
-  lxc_container:
-    name: "{{ i.key }}"
-    state: "{{ i.value.state }}"
-    template: debian
-    template_options: -r stretch --packages git,etckeeper,python,sudo
-    backing_store: "{{ lxc_host__backing_store }}"
-    zfs_root: "{{ lxc_host__zfs_root|default('') }}"
-  register: lxc
+  block:
+    - name: Create container
+      lxc_container:
+        name: "{{ name }}"
+        state: "{{ container.state }}"
+        template: debian
+        template_options: -r stretch --packages git,etckeeper,python,sudo
+        backing_store: "{{ lxc_host__backing_store }}"
+        zfs_root: "{{ lxc_host__zfs_root|default('') }}"
 
-- name: Connection info
-  tags: lxc-host
-  become: yes
-  when: lxc.changed
-  debug:
-    msg: "Container created! All keys for superusers are installed for
-      root user, so remember to add 'ansible_user=root' when running the
-      play for the host the first time."
+    - name: Important message!
+      debug:
+        msg: "Container created! All keys for superusers are installed for
+          root user, so remember to add 'ansible_user=root' when running the
+          play for the host the first time."
 
-- name: Create /root/.ssh
-  tags: lxc-host
-  become: yes
-  when: lxc.changed
-  file:
-    path: "/var/lib/lxc/{{ i.key }}/rootfs/root/.ssh"
-    state: directory
-    mode: 0600
-    owner: root
-    group: root
+    - name: Create /root/.ssh
+      file:
+        path: "/var/lib/lxc/{{ name }}/rootfs/root/.ssh"
+        state: directory
+        mode: 0600
+        owner: root
+        group: root
 
-- name: Fill authorized_keys
-  tags: lxc-host
-  become: yes
-  when: lxc.changed
-  copy:
-    dest: "/var/lib/lxc/{{ i.key }}/rootfs/root/.ssh/authorized_keys"
-    content: |
-      {% for user in superusers %}
-      {% if users[user].authorized_keys is not none %}
-      {{ users[user].authorized_keys }}
-      {% endif %}
-      {% endfor %}
+    - name: Fill authorized_keys
+      copy:
+        dest: "/var/lib/lxc/{{ name }}/rootfs/root/.ssh/authorized_keys"
+        content: |
+          {% for user in superusers %}
+          {% if users[user].authorized_keys is not none %}
+          {{ users[user].authorized_keys }}
+          {% endif %}
+          {% endfor %}
 
-- name: config-lxc-host
-  tags: lxc-host
+- tags: lxc-host
   become: yes
-  register: config_lxc_host
-  copy:
-    dest: "/var/lib/lxc/{{ i.key }}/config-lxc-host"
-    content: |
-      lxc.network.type = veth
-      lxc.network.link = br0
-      lxc.network.flags = up
-      lxc.network.hwaddr = {{ lan.hwaddr }}
-      {% if lan.ipv4 is defined %}
-      lxc.network.ipv4 = {{ lan.ipv4.address }}/{{ lan.ipv4.netmask }}
-      lxc.network.ipv4.gateway = {{ lan.ipv4.gateway }}
-      {% endif %}
-      # 0 = trace, 1 = debug, 2 = info, 3 = notice, 4 = warn, 5 = error, 6 = critical, 7 = alert, and 8 = fatal.
-      lxc.loglevel = 1
-      lxc.logfile = /var/lib/lxc/{{ i.key }}/{{ i.key }}.log
+  block:
+    - name: config-lxc-host
+      copy:
+        dest: "/var/lib/lxc/{{ name }}/config-lxc-host"
+        content: |
+          lxc.net.0.type = veth
+          lxc.net.0.link = {{ lxc_host__br_if }}
+          lxc.net.0.flags = up
+          lxc.net.0.name = {{ lan_if }}
+          lxc.net.0.hwaddr = {{ lan.hwaddr }}
+          {% if lan.ipv4 is defined %}
+          lxc.net.0.ipv4.address = {{ lan.ipv4.address }}/{{ lan.ipv4.netmask }}
+          {% if lan.ipv4.gateway is defined %}
+          lxc.net.0.ipv4.gateway = {{ lan.ipv4.gateway }}
+          {% endif %}
+          {% endif %}
+          {% if lan.ipv6 is defined %}
+          lxc.net.0.ipv6.address = {{ lan.ipv6.address }}/{{ lan.ipv6.netmask }}
+          {% endif %}
 
-- name: "include file: config-lxc-host"
-  tags: lxc-host
-  become: yes
-  register: include_lxc_host
-  lineinfile:
-    path: "/var/lib/lxc/{{ i.key }}/config"
-    regexp: "^lxc.include *=.*/config-lxc-host$"
-    line: "lxc.include = /var/lib/lxc/{{ i.key }}/config-lxc-host"
+          # 0 = trace, 1 = debug, 2 = info, 3 = notice, 4 = warn, 5 = error, 6 = critical, 7 = alert, and 8 = fatal.
+          lxc.log.level = 1
+          lxc.log.file = /var/lib/lxc/{{ name }}/{{ name }}.log
+      register: restart_1
 
-- name: "include file: config.d"
-  tags: lxc-host
-  become: yes
-  register: include_config_d
-  lineinfile:
-    path: "/var/lib/lxc/{{ i.key }}/config"
-    regexp: "^lxc.include *=.*/conf.d/$"
-    line: "lxc.include = /var/lib/lxc/{{ i.key }}/conf.d/"
+    - name: "include file: config-lxc-host"
+      lineinfile:
+        path: "/var/lib/lxc/{{ name }}/config"
+        regexp: "^lxc.include *=.*/config-lxc-host$"
+        line: "lxc.include = /var/lib/lxc/{{ name }}/config-lxc-host"
+      register: restart_2
 
-- name: "mkdir conf.d"
-  tags: lxc-host
-  become: yes
-  file:
-    path: "/var/lib/lxc/{{ i.key }}/conf.d"
-    state: "directory"
+    - name: "include file: config.d"
+      lineinfile:
+        path: "/var/lib/lxc/{{ name }}/config"
+        regexp: "^lxc.include *=.*/conf.d/$"
+        line: "lxc.include = /var/lib/lxc/{{ name }}/conf.d/"
+      register: restart_3
 
-- name: "fill conf.d"
-  tags: lxc-host
-  become: yes
-  register: fill_config_d
-  with_fileglob: "lxc-host/{{ i.key }}/*"
-  loop_control:
-    loop_var: file
-  copy:
-    dest: "/var/lib/lxc/{{ i.key }}/conf.d"
-    src: "{{ file }}"
+    - name: "mkdir conf.d"
+      file:
+        path: "/var/lib/lxc/{{ name }}/conf.d"
+        state: "directory"
 
-- name: "restart lxc container {{ i.key }}"
-  tags: lxc-host
-  become: yes
-  when: i.value.state == 'started' and (
-            lxc.changed or
-            config_lxc_host.changed or
-            include_config_d.changed or
-            fill_config_d.changed)
-  lxc_container:
-    name: "{{ i.key }}"
-    state: restarted
+    - name: Find files to copy
+      local_action:
+        module: find
+        paths: "files/lxc-host/{{ name }}"
+        patterns: "*"
+      register: find
+
+    - name: "fill conf.d"
+      with_items: "{{ find.files | map(attribute='path') | list }}"
+      loop_control:
+        loop_var: path
+      copy:
+        dest: "/var/lib/lxc/{{ name }}/conf.d"
+        src: "{{ path }}"
+      register: restart_4
+
+    - set_fact:
+        restart: "{{ restart_1.changed or restart_2.changed or restart_3.changed or restart_4.changed }}"
+
+    - name: Restart LXC container
+      lxc_container:
+        name: "{{ name }}"
+        state: restarted
+      when: restart and container.state == "started"
+
+    - name: Stop LXC container
+      lxc_container:
+        name: "{{ name }}"
+        state: stopped
+      when: container.state == "stopped"