- debug: msg: "LXC HOST: {{ name }}" tags: lxc-host - when: new tags: lxc-host become: yes block: - name: Create container lxc_container: name: "{{ name }}" state: "{{ container.state }}" template: debian template_options: -r stretch --packages git,etckeeper,python,sudo backing_store: "{{ lxc_host__backing_store }}" zfs_root: "{{ lxc_host__zfs_root|default('') }}" - name: Important message! debug: msg: "Container created! All keys for superusers are installed for root user, so remember to add 'ansible_user=root' when running the play for the host the first time." - name: Create /root/.ssh file: path: "/var/lib/lxc/{{ name }}/rootfs/root/.ssh" state: directory mode: 0600 owner: root group: root - name: Fill authorized_keys copy: dest: "/var/lib/lxc/{{ name }}/rootfs/root/.ssh/authorized_keys" content: | {% for user in superusers %} {% if users[user].authorized_keys is not none %} {{ users[user].authorized_keys }} {% endif %} {% endfor %} - tags: lxc-host become: yes block: - name: config-lxc-host copy: dest: "/var/lib/lxc/{{ name }}/config-lxc-host" content: | lxc.net.0.type = veth lxc.net.0.link = {{ lxc_host__br_if }} lxc.net.0.flags = up lxc.net.0.name = {{ lan_if }} lxc.net.0.hwaddr = {{ lan.hwaddr }} {% if lan.ipv4 is defined %} lxc.net.0.ipv4.address = {{ lan.ipv4.address }}/{{ lan.ipv4.netmask }} {% if lan.ipv4.gateway is defined %} lxc.net.0.ipv4.gateway = {{ lan.ipv4.gateway }} {% endif %} {% endif %} {% if lan.ipv6 is defined %} lxc.net.0.ipv6.address = {{ lan.ipv6.address }}/{{ lan.ipv6.netmask }} {% endif %} # 0 = trace, 1 = debug, 2 = info, 3 = notice, 4 = warn, 5 = error, 6 = critical, 7 = alert, and 8 = fatal. lxc.log.level = 1 lxc.log.file = /var/lib/lxc/{{ name }}/{{ name }}.log register: restart_1 - name: "include file: config-lxc-host" lineinfile: path: "/var/lib/lxc/{{ name }}/config" regexp: "^lxc.include *=.*/config-lxc-host$" line: "lxc.include = /var/lib/lxc/{{ name }}/config-lxc-host" register: restart_2 - name: "include file: config.d" lineinfile: path: "/var/lib/lxc/{{ name }}/config" regexp: "^lxc.include *=.*/conf.d/$" line: "lxc.include = /var/lib/lxc/{{ name }}/conf.d/" register: restart_3 - name: "mkdir conf.d" file: path: "/var/lib/lxc/{{ name }}/conf.d" state: "directory" - name: Find files to copy local_action: module: find paths: "files/lxc-host/{{ name }}" patterns: "*" register: find - name: "fill conf.d" with_items: "{{ find.files | map(attribute='path') | list }}" loop_control: loop_var: path copy: dest: "/var/lib/lxc/{{ name }}/conf.d" src: "{{ path }}" register: restart_4 - set_fact: restart: "{{ restart_1.changed or restart_2.changed or restart_3.changed or restart_4.changed }}" - name: Restart LXC container lxc_container: name: "{{ name }}" state: restarted when: restart and container.state == "started" - name: Stop LXC container lxc_container: name: "{{ name }}" state: stopped when: container.state == "stopped"