diff options
Diffstat (limited to 'ansible/roles')
-rw-r--r-- | ansible/roles/lxc-host/tasks/main.yml | 23 | ||||
-rw-r--r-- | ansible/roles/lxc-machine/handlers/main.yml | 6 | ||||
-rw-r--r-- | ansible/roles/lxc-machine/tasks/main.yml | 11 |
3 files changed, 40 insertions, 0 deletions
diff --git a/ansible/roles/lxc-host/tasks/main.yml b/ansible/roles/lxc-host/tasks/main.yml new file mode 100644 index 0000000..a043d4c --- /dev/null +++ b/ansible/roles/lxc-host/tasks/main.yml @@ -0,0 +1,23 @@ +--- +#- debug: +# msg: key="{{ item.key }}", ipv4="{{ item.value.ipv4 }}" +# with_dict: "{{ lxc_containers }}" +- name: Set IPv4 address + lineinfile: + path: "/var/lib/lxc/{{ item.key }}/config" + regexp: "lxc.network.ipv4 *=" + line: "lxc.network.ipv4 = {{ item.value.ipv4.address }}" + with_dict: "{{ lxc_containers }}" +- name: Set IPv4 gateway + lineinfile: + path: "/var/lib/lxc/{{ item.key }}/config" + regexp: "lxc.network.ipv4.gateway *=" + line: "lxc.network.ipv4.gateway = {{ item.value.ipv4.gateway }}" + insertafter: "lxc.network.ipv4 *=" + with_dict: "{{ lxc_containers }}" +- name: Set logfile + lineinfile: + path: "/var/lib/lxc/{{ item.key }}/config" + regexp: "lxc.logfile *=" + line: "lxc.logfile = /var/lib/lxc/{{ item.key }}/{{ item.key }}.log" + with_dict: "{{ lxc_containers }}" diff --git a/ansible/roles/lxc-machine/handlers/main.yml b/ansible/roles/lxc-machine/handlers/main.yml new file mode 100644 index 0000000..3f96231 --- /dev/null +++ b/ansible/roles/lxc-machine/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: restart sysctl + service: + name: systemd-sysctl.service + state: restarted + diff --git a/ansible/roles/lxc-machine/tasks/main.yml b/ansible/roles/lxc-machine/tasks/main.yml index 24d64c8..626428c 100644 --- a/ansible/roles/lxc-machine/tasks/main.yml +++ b/ansible/roles/lxc-machine/tasks/main.yml @@ -10,5 +10,16 @@ install_recommends: no with_items: - systemd-cron + - ca-certificates + - unzip + - sudo + +- name: disable ipv6 + tags: + - disable-ipv6 + copy: + dest: /etc/sysctl.d/99-disable-ipv6.conf + content: net.ipv6.conf.all.disable_ipv6=1 + notify: restart sysctl # TODO: unattended upgrades, postfix client |