Add services:datasets
This commit is contained in:
parent
642f2d0103
commit
9d6cc674fc
1
main.yml
1
main.yml
@ -1,3 +1,4 @@
|
|||||||
---
|
---
|
||||||
- ansible.builtin.import_playbook: "plays/system/main.yml"
|
- ansible.builtin.import_playbook: "plays/system/main.yml"
|
||||||
- ansible.builtin.import_playbook: "plays/vpn/main.yml"
|
- ansible.builtin.import_playbook: "plays/vpn/main.yml"
|
||||||
|
- ansible.builtin.import_playbook: "plays/services/main.yml"
|
||||||
|
@ -1,12 +1,3 @@
|
|||||||
- name: Create a dataset for root containers
|
|
||||||
zfs:
|
|
||||||
name: rpool/var/lib/containers
|
|
||||||
state: present
|
|
||||||
extra_zfs_properties:
|
|
||||||
"com.sun:auto-snapshot": "false"
|
|
||||||
when:
|
|
||||||
is_zfs
|
|
||||||
|
|
||||||
- name: Install podman
|
- name: Install podman
|
||||||
apt:
|
apt:
|
||||||
name: podman
|
name: podman
|
||||||
|
@ -1,53 +1,3 @@
|
|||||||
- name: Create service dataset
|
|
||||||
zfs:
|
|
||||||
name: rpool/var/lib/{{ ansible_hostname }}
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Create a zvol for containers
|
|
||||||
zfs:
|
|
||||||
name: rpool/var/lib/{{ ansible_hostname }}/containers
|
|
||||||
state: present
|
|
||||||
extra_zfs_properties:
|
|
||||||
volsize: "100G"
|
|
||||||
refreservation: "none"
|
|
||||||
"com.sun:auto-snapshot": "false"
|
|
||||||
|
|
||||||
- name: Format zvol with ext4
|
|
||||||
filesystem:
|
|
||||||
dev: /dev/rpool/var/lib/{{ ansible_hostname }}/containers
|
|
||||||
fstype: ext4
|
|
||||||
register: zvol_format
|
|
||||||
|
|
||||||
- block:
|
|
||||||
|
|
||||||
- name: Get UUID of zvol
|
|
||||||
command: blkid -s UUID -o value /dev/rpool/var/lib/{{ ansible_hostname }}/containers
|
|
||||||
register: zvol_uuid
|
|
||||||
|
|
||||||
- name: Add fstab entry and mount zvol
|
|
||||||
mount:
|
|
||||||
path: /var/lib/{{ ansible_hostname }}/containers
|
|
||||||
src: UUID={{ zvol_uuid.stdout }}
|
|
||||||
fstype: ext4
|
|
||||||
state: mounted
|
|
||||||
|
|
||||||
when:
|
|
||||||
zvol_format is changed
|
|
||||||
|
|
||||||
- name: Create service data dataset
|
|
||||||
zfs:
|
|
||||||
name: rpool/var/lib/{{ ansible_hostname }}/data
|
|
||||||
state: present
|
|
||||||
extra_zfs_properties:
|
|
||||||
canmount: "off"
|
|
||||||
|
|
||||||
- name: Create service home dataset
|
|
||||||
zfs:
|
|
||||||
name: rpool/var/lib/{{ ansible_hostname }}/home
|
|
||||||
state: present
|
|
||||||
extra_zfs_properties:
|
|
||||||
canmount: "off"
|
|
||||||
|
|
||||||
- name: Create backup dataset
|
- name: Create backup dataset
|
||||||
zfs:
|
zfs:
|
||||||
name: hpool/backup
|
name: hpool/backup
|
||||||
|
@ -1,4 +0,0 @@
|
|||||||
- include_tasks: _volumes.yml
|
|
||||||
with_items: "{{ volumes[service_name] }}"
|
|
||||||
loop_control:
|
|
||||||
loop_var: volume
|
|
@ -1,4 +0,0 @@
|
|||||||
- name: Create {{ volume }} dataset for user {{ service_user_name }}
|
|
||||||
zfs:
|
|
||||||
name: rpool/var/lib/{{ ansible_hostname }}/data/{{ service_user_name }}/{{ volume }}
|
|
||||||
state: present
|
|
@ -1,14 +0,0 @@
|
|||||||
- name: Create wal dataset for user {{ service_user_name }}
|
|
||||||
zfs:
|
|
||||||
name: rpool/var/lib/{{ ansible_hostname }}/data/{{ service_user_name }}/wal
|
|
||||||
state: present
|
|
||||||
extra_zfs_properties:
|
|
||||||
recordsize: "8K"
|
|
||||||
|
|
||||||
- name: Create data dataset for user {{ service_user_name }}
|
|
||||||
zfs:
|
|
||||||
name: rpool/var/lib/{{ ansible_hostname }}/data/{{ service_user_name }}/data
|
|
||||||
state: present
|
|
||||||
extra_zfs_properties:
|
|
||||||
recordsize: "8K"
|
|
||||||
logbias: "throughput"
|
|
@ -1,33 +1,6 @@
|
|||||||
- name: Create home dataset for user {{ service_user_name }}
|
|
||||||
zfs:
|
|
||||||
name: rpool/var/lib/{{ ansible_hostname }}/home/{{ service_user_name }}
|
|
||||||
state: present
|
|
||||||
register: user_zfs_home
|
|
||||||
|
|
||||||
- name: Populate home directory from skeleton directory
|
|
||||||
copy:
|
|
||||||
src: "/etc/skel/"
|
|
||||||
dest: "/var/lib/{{ ansible_hostname }}/home/{{ service_user_name }}"
|
|
||||||
remote_src: yes
|
|
||||||
when:
|
|
||||||
user_zfs_home is changed
|
|
||||||
|
|
||||||
- name: Create data dataset for user {{ service_user_name }}
|
|
||||||
zfs:
|
|
||||||
name: rpool/var/lib/{{ ansible_hostname }}/data/{{ service_user_name }}
|
|
||||||
state: present
|
|
||||||
extra_zfs_properties:
|
|
||||||
canmount: "off"
|
|
||||||
|
|
||||||
- name: Create service data backup dataset for user {{ service_user_name }}
|
- name: Create service data backup dataset for user {{ service_user_name }}
|
||||||
zfs:
|
zfs:
|
||||||
name: hpool/backup/{{ ansible_hostname }}/data/{{ service_user_name }}
|
name: hpool/backup/{{ ansible_hostname }}/data/{{ service_user_name }}
|
||||||
state: present
|
state: present
|
||||||
extra_zfs_properties:
|
extra_zfs_properties:
|
||||||
canmount: "off"
|
canmount: "off"
|
||||||
|
|
||||||
- include_tasks: "{{ item }}"
|
|
||||||
with_first_found:
|
|
||||||
- files:
|
|
||||||
- "01-zfs-datasets.d/{{ service_name }}.yml"
|
|
||||||
- "01-zfs-datasets.d/_default.yml"
|
|
||||||
|
11
plays/services/main.yml
Normal file
11
plays/services/main.yml
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
- name: "services : zfs"
|
||||||
|
hosts: "zfs"
|
||||||
|
roles:
|
||||||
|
- role: "datasets"
|
||||||
|
tags: "services:datasets"
|
||||||
|
|
||||||
|
# - name: "services : asgard"
|
||||||
|
# hosts: "asgard"
|
||||||
|
# roles:
|
||||||
|
# - role: "base"
|
||||||
|
# tags: "services:base"
|
14
plays/services/roles/datasets/meta/argument_specs.yml
Normal file
14
plays/services/roles/datasets/meta/argument_specs.yml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
argument_specs:
|
||||||
|
main:
|
||||||
|
options:
|
||||||
|
ansible_hostname:
|
||||||
|
type: "str"
|
||||||
|
required: true
|
||||||
|
services:
|
||||||
|
type: "dict"
|
||||||
|
elem: "dict"
|
||||||
|
required: true
|
||||||
|
services_host_services:
|
||||||
|
type: "list"
|
||||||
|
elem: "str"
|
||||||
|
required: true
|
57
plays/services/roles/datasets/tasks/include/system.yml
Normal file
57
plays/services/roles/datasets/tasks/include/system.yml
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
- name: "system : create containers dataset"
|
||||||
|
community.general.zfs:
|
||||||
|
name: "rpool/var/lib/containers"
|
||||||
|
state: "present"
|
||||||
|
extra_zfs_properties:
|
||||||
|
"com.sun:auto-snapshot": "false"
|
||||||
|
|
||||||
|
- name: "system : create services root dataset"
|
||||||
|
community.general.zfs:
|
||||||
|
name: "rpool/var/lib/{{ ansible_hostname }}"
|
||||||
|
state: "present"
|
||||||
|
|
||||||
|
- name: "system : create a containers zvol"
|
||||||
|
community.general.zfs:
|
||||||
|
name: "rpool/var/lib/{{ ansible_hostname }}/containers"
|
||||||
|
state: "present"
|
||||||
|
extra_zfs_properties:
|
||||||
|
volsize: "100G"
|
||||||
|
refreservation: "none"
|
||||||
|
"com.sun:auto-snapshot": "false"
|
||||||
|
|
||||||
|
- name: "system : format zvol with ext4"
|
||||||
|
community.general.filesystem:
|
||||||
|
dev: "/dev/rpool/var/lib/{{ ansible_hostname }}/containers"
|
||||||
|
fstype: "ext4"
|
||||||
|
register: services_datasets_system_zvol_format
|
||||||
|
|
||||||
|
- block:
|
||||||
|
|
||||||
|
- name: "system : get zvol uuid"
|
||||||
|
ansible.builtin.command: >-
|
||||||
|
blkid -s UUID -o value /dev/rpool/var/lib/{{ ansible_hostname }}/containers
|
||||||
|
register: services_datasets_system_zvol_uuid
|
||||||
|
|
||||||
|
- name: "system : add fstab entry and mount zvol"
|
||||||
|
ansible.posix.mount:
|
||||||
|
path: "/var/lib/{{ ansible_hostname }}/containers"
|
||||||
|
src: "UUID={{ services_datasets_system_zvol_uuid.stdout }}"
|
||||||
|
fstype: "ext4"
|
||||||
|
state: "mounted"
|
||||||
|
|
||||||
|
when:
|
||||||
|
services_datasets_system_zvol_format.changed
|
||||||
|
|
||||||
|
- name: "system : create data root dataset"
|
||||||
|
community.general.zfs:
|
||||||
|
name: "rpool/var/lib/{{ ansible_hostname }}/data"
|
||||||
|
state: "present"
|
||||||
|
extra_zfs_properties:
|
||||||
|
canmount: "off"
|
||||||
|
|
||||||
|
- name: "system : create home root dataset"
|
||||||
|
community.general.zfs:
|
||||||
|
name: "rpool/var/lib/{{ ansible_hostname }}/home"
|
||||||
|
state: "present"
|
||||||
|
extra_zfs_properties:
|
||||||
|
canmount: "off"
|
32
plays/services/roles/datasets/tasks/include/user.yml
Normal file
32
plays/services/roles/datasets/tasks/include/user.yml
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
- name: "user : {{ services_service_name }} : set variables"
|
||||||
|
ansible.builtin.import_role:
|
||||||
|
name: "vars"
|
||||||
|
|
||||||
|
- name: "user : {{ services_service_name }} : create home dataset"
|
||||||
|
community.general.zfs:
|
||||||
|
name: "rpool/var/lib/{{ ansible_hostname }}/home/{{ services_service_user_name }}"
|
||||||
|
state: "present"
|
||||||
|
register: services_datasets_user_zfs_home
|
||||||
|
|
||||||
|
- name: "user : {{ services_service_name }} : populate home dataset with skeleton"
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: "/etc/skel/"
|
||||||
|
dest: "{{ services_service_user_home }}"
|
||||||
|
remote_src: true
|
||||||
|
when:
|
||||||
|
services_datasets_user_zfs_home.changed
|
||||||
|
|
||||||
|
- name: "user : {{ services_service_name }} : create data dataset"
|
||||||
|
community.general.zfs:
|
||||||
|
name: "rpool/var/lib/{{ ansible_hostname }}/data/{{ services_service_user_name }}"
|
||||||
|
state: "present"
|
||||||
|
extra_zfs_properties:
|
||||||
|
canmount: "off"
|
||||||
|
|
||||||
|
- name: "user : {{ services_service_name }} : create volume datasets"
|
||||||
|
community.general.zfs:
|
||||||
|
name: >-
|
||||||
|
rpool/var/lib/{{ ansible_hostname }}/data/{{ services_service_user_name }}/{{ item.name }}
|
||||||
|
state: "present"
|
||||||
|
extra_zfs_properties: "{{ item.properties | default({}) }}"
|
||||||
|
loop: "{{ services[services_service_name].volumes }}"
|
15
plays/services/roles/datasets/tasks/main.yml
Normal file
15
plays/services/roles/datasets/tasks/main.yml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
- name: "play:services : role:datasets : tasks:system"
|
||||||
|
ansible.builtin.import_tasks: "include/system.yml"
|
||||||
|
tags: "services:datasets:system"
|
||||||
|
|
||||||
|
- name: "play:services : role:datasets : tasks:user"
|
||||||
|
ansible.builtin.include_tasks: "include/user.yml"
|
||||||
|
tags: "always"
|
||||||
|
args:
|
||||||
|
apply:
|
||||||
|
tags:
|
||||||
|
- "services:datasets:user"
|
||||||
|
- "services:datasets:user:{{ services_service_name }}"
|
||||||
|
loop: "{{ services_host_services }}"
|
||||||
|
loop_control:
|
||||||
|
loop_var: "services_service_name"
|
6
plays/services/roles/vars/meta/argument_specs.yml
Normal file
6
plays/services/roles/vars/meta/argument_specs.yml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
argument_specs:
|
||||||
|
main:
|
||||||
|
options:
|
||||||
|
services_service_name:
|
||||||
|
type: "str"
|
||||||
|
required: true
|
15
plays/services/roles/vars/tasks/main.yml
Normal file
15
plays/services/roles/vars/tasks/main.yml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
- name: "{{ services_service_name }} : set user name variable"
|
||||||
|
set_fact:
|
||||||
|
services_service_user_name: "pod-{{ services_service_name }}"
|
||||||
|
|
||||||
|
- name: "{{ services_service_name }} : set user home variable"
|
||||||
|
set_fact:
|
||||||
|
services_service_user_home: "/var/lib/{{ ansible_hostname }}/home/{{ services_service_user_name }}"
|
||||||
|
|
||||||
|
- name: "{{ services_service_name }} : print variables"
|
||||||
|
debug:
|
||||||
|
msg:
|
||||||
|
- "services_service_user_name: {{ services_service_user_name }}"
|
||||||
|
- "services_service_user_home: {{ services_service_user_home }}"
|
||||||
|
when:
|
||||||
|
ansible_check_mode
|
Loading…
Reference in New Issue
Block a user