Add services:base:system

This commit is contained in:
Wojciech Kozlowski 2022-12-10 21:39:04 +01:00
parent 9d6cc674fc
commit 0b3542c414
29 changed files with 174 additions and 125 deletions

View File

@ -3,10 +3,5 @@
hosts: asgard hosts: asgard
tasks: tasks:
- import_tasks: tasks/services/a-common/00-podman.yml
- import_tasks: tasks/services/a-common/01-zfs-datasets.yml - import_tasks: tasks/services/a-common/01-zfs-datasets.yml
when: is_zfs when: is_zfs
- import_tasks: tasks/services/a-common/01-directories.yml
- import_tasks: tasks/services/a-common/02-nameserver.yml
- import_tasks: tasks/services/a-common/03-systemd-veth.yml
- import_tasks: tasks/services/a-common/04-systemd-user.yml

View File

@ -1,10 +0,0 @@
- name: Install podman
apt:
name: podman
register: podman_install
# Required for podman.
- name: Reboot machine
reboot:
when:
podman_install is changed

View File

@ -1,23 +0,0 @@
- name: Create service directory
file:
path: /var/lib/{{ ansible_hostname }}
state: directory
mode: 0755
- name: Create service container directory
file:
path: /var/lib/{{ ansible_hostname }}/containers
state: directory
mode: 0755
- name: Create service data directory
file:
path: /var/lib/{{ ansible_hostname }}/data
state: directory
mode: 0755
- name: Create service home directory
file:
path: /var/lib/{{ ansible_hostname }}/home
state: directory
mode: 0755

View File

@ -1,13 +0,0 @@
- name: Fetch valkyrie's resolv.conf
fetch:
src: "/etc/resolv.conf"
dest: "./filesystem/tmp/"
when:
ansible_hostname == 'valkyrie'
- name: Copy valkyrie's resolv.conf to yggdrasil
copy:
src: "./filesystem/tmp/valkyrie/etc/resolv.conf"
dest: "/var/lib/{{ ansible_hostname }}/valkyrie-resolv.conf"
when:
ansible_hostname == 'yggdrasil'

View File

@ -1,20 +0,0 @@
- name: Configure connect-pod-service
copy:
src: "./filesystem/common/etc/systemd/system/connect-pod-service@.service"
dest: "/etc/systemd/system/connect-pod-service@.service"
mode: 0644
register: systemd_connect_pod_service_service
- name: Configure connect-pod-service path trigger
template:
src: "./filesystem/common/etc/systemd/system/connect-pod-service@.path.j2"
dest: "/etc/systemd/system/connect-pod-service@.path"
mode: 0644
register: systemd_connect_pod_service_path
- name: SystemD daemon reload
systemd:
daemon_reload: true
when:
systemd_connect_pod_service_service is changed or
systemd_connect_pod_service_path is changed

View File

@ -1,23 +0,0 @@
- name: Copy the pod-service update script
copy:
src: "./filesystem/common/usr/local/sbin/pod-service-auto-update"
dest: "/usr/local/sbin/pod-service-auto-update"
mode: 0755
- name: Copy the pod-service update service
copy:
src: "./filesystem/common/etc/systemd/user/pod-service-auto-update.service"
dest: "/etc/systemd/user/pod-service-auto-update.service"
mode: 0644
- name: Copy the pod-service update timer
copy:
src: "./filesystem/common/etc/systemd/user/pod-service-auto-update.timer"
dest: "/etc/systemd/user/pod-service-auto-update.timer"
mode: 0644
- name: Copy systemd image prune service for user
copy:
src: "./filesystem/common/etc/systemd/user/podman-image-prune.service"
dest: "/etc/systemd/user/podman-image-prune.service"
mode: 0644

View File

@ -0,0 +1 @@
resolv.conf

View File

@ -4,8 +4,8 @@
- role: "datasets" - role: "datasets"
tags: "services:datasets" tags: "services:datasets"
# - name: "services : asgard" - name: "services : asgard"
# hosts: "asgard" hosts: "asgard"
# roles: roles:
# - role: "base" - role: "base"
# tags: "services:base" tags: "services:base"

View File

@ -0,0 +1,23 @@
- name: "system : directories : create services directory"
ansible.builtin.file:
path: "/var/lib/{{ ansible_hostname }}"
state: "directory"
mode: 0755
- name: "system : directories : create containers root directory"
ansible.builtin.file:
path: "/var/lib/{{ ansible_hostname }}/containers"
state: "directory"
mode: 0755
- name: "system : directories : create data root directory"
ansible.builtin.file:
path: "/var/lib/{{ ansible_hostname }}/data"
state: "directory"
mode: 0755
- name: "system : directories : create home root directory"
ansible.builtin.file:
path: "/var/lib/{{ ansible_hostname }}/home"
state: "directory"
mode: 0755

View File

@ -0,0 +1,14 @@
- name: "system : nameserver : fetch valkyrie's resolv.conf"
ansible.builtin.fetch:
src: "/etc/resolv.conf"
dest: "./files/base/system/nameserver/"
flat: true
when:
ansible_hostname == "valkyrie"
- name: "system : nameserver : copy valkyrie's resolv.conf to other hosts"
ansible.builtin.copy:
src: "../../../files/base/system/nameserver/resolv.conf"
dest: "/var/lib/{{ ansible_hostname }}/valkyrie-resolv.conf"
when:
ansible_hostname != "valkyrie"

View File

@ -0,0 +1,9 @@
- name: "system : podman : install podman"
ansible.builtin.apt:
name: "podman"
register: services_base_system_podman_install
- name: "system : podman : reboot host"
ansible.builtin.reboot:
when:
services_base_system_podman_install.changed

View File

@ -0,0 +1,37 @@
- name: "system : systemd : pod-service update script"
ansible.builtin.copy:
src: "./system/systemd/pod-service-auto-update"
dest: "/usr/local/sbin/pod-service-auto-update"
mode: 0755
- name: "system : systemd : pod-service update service"
ansible.builtin.copy:
src: "./system/systemd/pod-service-auto-update.service"
dest: "/etc/systemd/user/pod-service-auto-update.service"
mode: 0644
register: services_base_system_pod_service_auto_update_service_file
- name: "system : systemd : pod-service update timer"
ansible.builtin.copy:
src: "./system/systemd/pod-service-auto-update.timer"
dest: "/etc/systemd/user/pod-service-auto-update.timer"
mode: 0644
register: services_base_system_pod_service_auto_update_timer_file
- name: "system : systemd : image prune service"
ansible.builtin.copy:
src: "./system/systemd/podman-image-prune.service"
dest: "/etc/systemd/user/podman-image-prune.service"
mode: 0644
register: services_base_system_podman_image_prune_service_file
# Include instead of import as otherwise the when clause is always applied which triggers errors if
# the above tasks haven't executed.
- name: "system : systemd : systemd daemon reload for each service"
ansible.builtin.include_role:
name: "include"
tasks_from: "daemon_reload"
when:
services_base_system_pod_service_auto_update_service_file.changed or
services_base_system_pod_service_auto_update_timer_file.changed or
services_base_system_podman_image_prune_service_file.changed

View File

@ -0,0 +1,20 @@
- name: "system : veth : configure connect-pod-service"
ansible.builtin.copy:
src: "./system/veth/connect-pod-service@.service"
dest: "/etc/systemd/system/connect-pod-service@.service"
mode: 0644
register: services_base_system_connect_pod_service_service_file
- name: "system : veth : configure connect-pod-service path trigger"
ansible.builtin.template:
src: "./system/veth/connect-pod-service@.path.j2"
dest: "/etc/systemd/system/connect-pod-service@.path"
mode: 0644
register: services_base_system_connect_pod_service_path_file
- name: "system : veth : systemd daemon reload"
ansible.builtin.systemd:
daemon_reload: true
when:
services_base_system_connect_pod_service_service_file.changed or
services_base_system_connect_pod_service_path_file.changed

View File

@ -0,0 +1,19 @@
- name: "play:services : role:base : tasks:system:podman"
ansible.builtin.import_tasks: "include/system/podman.yml"
tags: "services:base:system:podman"
- name: "play:services : role:base : tasks:system:directories"
ansible.builtin.import_tasks: "include/system/directories.yml"
tags: "services:base:system:directories"
- name: "play:services : role:base : tasks:system:nameserver"
ansible.builtin.import_tasks: "include/system/nameserver.yml"
tags: "services:base:system:nameserver"
- name: "play:services : role:base : tasks:system:veth"
ansible.builtin.import_tasks: "include/system/veth.yml"
tags: "services:base:system:veth"
- name: "play:services : role:base : tasks:system:systemd"
ansible.builtin.import_tasks: "include/system/systemd.yml"
tags: "services:base:system:systemd"

View File

@ -10,7 +10,7 @@
name: "rpool/var/lib/{{ ansible_hostname }}" name: "rpool/var/lib/{{ ansible_hostname }}"
state: "present" state: "present"
- name: "system : create a containers zvol" - name: "system : create containers zvol"
community.general.zfs: community.general.zfs:
name: "rpool/var/lib/{{ ansible_hostname }}/containers" name: "rpool/var/lib/{{ ansible_hostname }}/containers"
state: "present" state: "present"
@ -19,7 +19,7 @@
refreservation: "none" refreservation: "none"
"com.sun:auto-snapshot": "false" "com.sun:auto-snapshot": "false"
- name: "system : format zvol with ext4" - name: "system : format containers zvol"
community.general.filesystem: community.general.filesystem:
dev: "/dev/rpool/var/lib/{{ ansible_hostname }}/containers" dev: "/dev/rpool/var/lib/{{ ansible_hostname }}/containers"
fstype: "ext4" fstype: "ext4"
@ -27,12 +27,12 @@
- block: - block:
- name: "system : get zvol uuid" - name: "system : get containers zvol uuid"
ansible.builtin.command: >- ansible.builtin.command: >-
blkid -s UUID -o value /dev/rpool/var/lib/{{ ansible_hostname }}/containers blkid -s UUID -o value /dev/rpool/var/lib/{{ ansible_hostname }}/containers
register: services_datasets_system_zvol_uuid register: services_datasets_system_zvol_uuid
- name: "system : add fstab entry and mount zvol" - name: "system : add fstab entry and mount containers zvol"
ansible.posix.mount: ansible.posix.mount:
path: "/var/lib/{{ ansible_hostname }}/containers" path: "/var/lib/{{ ansible_hostname }}/containers"
src: "UUID={{ services_datasets_system_zvol_uuid.stdout }}" src: "UUID={{ services_datasets_system_zvol_uuid.stdout }}"

View File

@ -1,6 +1,7 @@
- name: "user : {{ services_service_name }} : set variables" - name: "user : {{ services_service_name }} : set variables"
ansible.builtin.import_role: ansible.builtin.import_role:
name: "vars" name: "include"
tasks_from: "vars"
- name: "user : {{ services_service_name }} : create home dataset" - name: "user : {{ services_service_name }} : create home dataset"
community.general.zfs: community.general.zfs:

View File

@ -0,0 +1,12 @@
argument_specs:
vars:
options:
services_service_name:
type: "str"
required: true
daemon_reload:
options:
services_host_services:
type: "list"
elem: "str"
required: true

View File

@ -0,0 +1,5 @@
- name: "daemon_reload : loop over services"
ansible.builtin.include_tasks: "daemon_reload/main.yml"
loop: "{{ services_host_services }}"
loop_control:
loop_var: "services_service_name"

View File

@ -0,0 +1,15 @@
- name: "daemon_reload : {{ services_service_name }} : set variables"
ansible.builtin.import_tasks: "../vars.yml"
- name: "daemon_reload : {{ services_service_name }} : check if home exists"
ansible.builtin.stat:
path: "{{ services_service_user_home }}"
register: services_include_daemon_reload_user_home
- name: "daemon_reload : {{ services_service_name }} : systemd daemon reload"
become_user: "{{ services_service_user_name }}"
ansible.builtin.systemd:
daemon_reload: true
scope: "user"
when:
services_include_daemon_reload_user_home.stat.exists

View File

@ -0,0 +1,8 @@
- name: "vars : {{ services_service_name }} : set user name variable"
set_fact:
services_service_user_name: "pod-{{ services_service_name }}"
- name: "vars : {{ services_service_name }} : set user home variable"
set_fact:
services_service_user_home: >-
/var/lib/{{ ansible_hostname }}/home/{{ services_service_user_name }}

View File

@ -1,6 +0,0 @@
argument_specs:
main:
options:
services_service_name:
type: "str"
required: true

View File

@ -1,15 +0,0 @@
- name: "{{ services_service_name }} : set user name variable"
set_fact:
services_service_user_name: "pod-{{ services_service_name }}"
- name: "{{ services_service_name }} : set user home variable"
set_fact:
services_service_user_home: "/var/lib/{{ ansible_hostname }}/home/{{ services_service_user_name }}"
- name: "{{ services_service_name }} : print variables"
debug:
msg:
- "services_service_user_name: {{ services_service_user_name }}"
- "services_service_user_home: {{ services_service_user_home }}"
when:
ansible_check_mode