63 lines
1.1 KiB
YAML
63 lines
1.1 KiB
YAML
---
|
|
# tasks file for svelt.prepare_lxc_host
|
|
- name: Sanity check
|
|
assert:
|
|
that:
|
|
- ansible_pkg_mgr == "apt"
|
|
fail_msg: "Sorry, Debian-like hosts only!"
|
|
|
|
|
|
- name: Install packages
|
|
package:
|
|
name:
|
|
- bridge-utils
|
|
- lxc
|
|
- python3-lxc
|
|
# OLD: - dnsmasq
|
|
# OLD: - iptables
|
|
state: latest
|
|
|
|
|
|
- name: Raise inotify limit
|
|
sysctl:
|
|
name: fs.inotify.max_user_instances
|
|
value: '{{ lxc_host_inotify_instances|default("2048") }}'
|
|
sysctl_file: /etc/sysctl.d/30-lxc-inotify.conf
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
|
|
|
|
- name: Enable CAP_SYS_TIME in Container
|
|
lineinfile:
|
|
dest: /usr/share/lxc/config/common.conf
|
|
backrefs: yes
|
|
regexp: '(^\s*[^#].*)sys_time ?(.*)$'
|
|
line: '\1\2'
|
|
backup: yes
|
|
|
|
|
|
- name: Template config files
|
|
template:
|
|
src: "{{ item }}.j2"
|
|
dest: "/{{ item }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
loop:
|
|
- etc/lxc/ansible.conf
|
|
|
|
|
|
- name: "Include network via lxc-net"
|
|
include_tasks: net_lxc-net.yml
|
|
# FIXME:
|
|
when: True
|
|
|
|
|
|
- name: "Include network manual"
|
|
include_tasks: net_manual.yml
|
|
# FIXME:
|
|
when: False
|
|
|
|
|