aboutsummaryrefslogtreecommitdiff
path: root/ansible/roles
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles')
-rw-r--r--ansible/roles/lxc-host/tasks/main.yml23
-rw-r--r--ansible/roles/lxc-machine/handlers/main.yml6
-rw-r--r--ansible/roles/lxc-machine/tasks/main.yml11
3 files changed, 40 insertions, 0 deletions
diff --git a/ansible/roles/lxc-host/tasks/main.yml b/ansible/roles/lxc-host/tasks/main.yml
new file mode 100644
index 0000000..a043d4c
--- /dev/null
+++ b/ansible/roles/lxc-host/tasks/main.yml
@@ -0,0 +1,23 @@
+---
+#- debug:
+# msg: key="{{ item.key }}", ipv4="{{ item.value.ipv4 }}"
+# with_dict: "{{ lxc_containers }}"
+- name: Set IPv4 address
+ lineinfile:
+ path: "/var/lib/lxc/{{ item.key }}/config"
+ regexp: "lxc.network.ipv4 *="
+ line: "lxc.network.ipv4 = {{ item.value.ipv4.address }}"
+ with_dict: "{{ lxc_containers }}"
+- name: Set IPv4 gateway
+ lineinfile:
+ path: "/var/lib/lxc/{{ item.key }}/config"
+ regexp: "lxc.network.ipv4.gateway *="
+ line: "lxc.network.ipv4.gateway = {{ item.value.ipv4.gateway }}"
+ insertafter: "lxc.network.ipv4 *="
+ with_dict: "{{ lxc_containers }}"
+- name: Set logfile
+ lineinfile:
+ path: "/var/lib/lxc/{{ item.key }}/config"
+ regexp: "lxc.logfile *="
+ line: "lxc.logfile = /var/lib/lxc/{{ item.key }}/{{ item.key }}.log"
+ with_dict: "{{ lxc_containers }}"
diff --git a/ansible/roles/lxc-machine/handlers/main.yml b/ansible/roles/lxc-machine/handlers/main.yml
new file mode 100644
index 0000000..3f96231
--- /dev/null
+++ b/ansible/roles/lxc-machine/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: restart sysctl
+ service:
+ name: systemd-sysctl.service
+ state: restarted
+
diff --git a/ansible/roles/lxc-machine/tasks/main.yml b/ansible/roles/lxc-machine/tasks/main.yml
index 24d64c8..626428c 100644
--- a/ansible/roles/lxc-machine/tasks/main.yml
+++ b/ansible/roles/lxc-machine/tasks/main.yml
@@ -10,5 +10,16 @@
install_recommends: no
with_items:
- systemd-cron
+ - ca-certificates
+ - unzip
+ - sudo
+
+- name: disable ipv6
+ tags:
+ - disable-ipv6
+ copy:
+ dest: /etc/sysctl.d/99-disable-ipv6.conf
+ content: net.ipv6.conf.all.disable_ipv6=1
+ notify: restart sysctl
# TODO: unattended upgrades, postfix client