fix

2024-05-18 13:19:56 +02:00 · 2024-05-18 13:19:56 +02:00 · dbf28f2651
commit dbf28f2651
parent b510009b92
7 changed files with 87 additions and 62 deletions
--- a/files/alpine/syslog.conf
+++ b/files/alpine/syslog.conf
@ -1 +1 @@
-SYSLOGD_OPTS="-R 10.3.0.1"
+SYSLOGD_OPTS="-R 10.5.0.1"
--- a/files/authorized_keys
+++ b/files/authorized_keys
@ -1,3 +0,0 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEJFz0EBsDgO37Z4PmQEs+X90bjfZdMohzCYmHxSq+zz root@br0tkasten
-ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBN6WpzsXF4yereWeARNGv5ykrVtDncFohWSY4zKT0jtVnCoV+IoTKu54zMD63dFpc2oD4GggKXYHjuDZBBxjbL8= root@br0tkasten.de
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC44S8IhA1bMu+EawK0kzXsYJUhy1Hl+QLBwVzTUg6EMyWMX0Wd8IAJXUoP+WPEjExAMiokhsqP02XZsJcNsSmbdq1H0mddrAe/m/JOz/Hru9njWHaAuEYYC+aAQ533opIsmhum2ecuLuYKOVl8DJDM3qSsSa6TGqXeCsKeNLUVqm5vbEgn5FJXkG+O4crfmMxjQXiaXC/STadeb9SKYkQwrroqW63+V7yrsh4GwW2QN7QmKxGrqmymlm/UN9LxIde1/OzcSkXP+Y1mNQKrRKDrwOVr+qK9mY736eW3gDg9ywPRPrY9ZJkepPo2azWKN2aaqR/cHhi77arVxxtjsmzMKXqBoMh57YygJ45tTvGC3jBzcP+ISueqFQasXQUZ+U+Kjp9IFxjgLD5zAzPEdSM9XYHRCV2953HuabIX8iyy1FdpsTDPH9WTtZFdAn+RSIwDEG50UL/1Q0ERV7nu6xsWi5YuNYs1/R5WBqox0DIYEWoM6bVjFZoaa4QD8ArVugfNeUo3/sD0LpMsq2NEEar2hWVAYxx1NzT4MhV3EXmFQjtx3SnlNDwJYHMG1pivNgK+KHVz0zuK+GZ/F+fz32D4dMDYB+BQ/UQZ0rUkLS+lqHvrZZIkbZuM8MpD/fxayRMUn8AiiKQpRKZkusWzXbGSjQFWo4j/kUDDjqFQqBXgHQ== root@br0tkasten.de
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -4,10 +4,9 @@
  delegate_to: localhost
  connection: local

- name: restart container 
-  lxd_container:
-    name: "{{ inventory_hostname }}"
-    state: restarted
+- name: restart container
+  command:
+    cmd: "/usr/bin/incus restart {{ inventory_hostname }}"
  delegate_to: localhost
  connection: local

--- a/tasks/alpine.yml
+++ b/tasks/alpine.yml
@ -1,21 +1,29 @@
 ---
- name: install basics
-  connection: local
-  delegate_to: localhost 
-  raw: "lxc exec {{ inventory_hostname }} -- /sbin/apk add -U python3 dropbear openssh-client-default openssh-sftp-server wget"
-
 - name: setup ssh
  include: ssh.yml

- name: enable dropbear
+- name: install basics
  connection: local
  delegate_to: localhost 
-  raw: "lxc exec {{ inventory_hostname }} -- rc-update add dropbear" 
+  command:
+    cmd: "/usr/bin/incus exec {{ inventory_hostname }} -- {{ item }}"
+  with_items:
+    - "/sbin/apk update"
+    - "/sbin/apk add -U python3 dropbear openssh-client-default openssh-sftp-server wget"
+    - "rc-update add dropbear"
+    - "rc-service dropbear restart"

- name: start dropbear
-  connection: local
-  delegate_to: localhost 
-  raw: "lxc exec {{ inventory_hostname }} -- rc-service dropbear restart"
+      #- name: enable dropbear
+      #  connection: local
+      #  delegate_to: localhost 
+      #  command: 
+      #    cmd: "/usr/bin/incus exec {{ inventory_hostname }} -- rc-update add dropbear" 
+      #
+      #- name: start dropbear
+      #  connection: local
+      #  delegate_to: localhost 
+      #  command: 
+      #    cmd: "/usr/bin/incus exec {{ inventory_hostname }} -- rc-service dropbear restart"

 - name: install software
  apk: name={{ alpine_software }} state=present update_cache=yes
--- a/tasks/incus.yml
+++ b/tasks/incus.yml
@ -0,0 +1,39 @@
+---
+- name: get container info
+  command:
+    cmd: "/usr/bin/incus config show {{ inventory_hostname }}"
+  register: container_info
+  ignore_errors: true
+  connection: local
+  delegate_to: localhost
+
+- name: create container
+  command:
+    cmd: "/usr/bin/incus create images:{{ container_image }} {{ inventory_hostname }}"
+  when: '"Instance not found" in container_info.stderr'
+  connection: local
+  delegate_to: localhost
+
+- name: configure ip
+  command:
+    cmd: "/usr/bin/incus config device add {{ inventory_hostname }} eth0 nic nictype=bridged parent=lxd ipv4.address={{ ansible_host }}"
+  when: '"Instance not found" in container_info.stderr'
+  connection: local
+  delegate_to: localhost
+
+- name: start container
+  command:
+    cmd: "/usr/bin/incus start {{ inventory_hostname }}"
+  when: '"Instance not found" in container_info.stderr'
+  connection: local
+  delegate_to: localhost
+
+- name: deploy motd
+  copy:
+    src: motd
+    dest: "/var/lib/incus/storage-pools/default/containers/{{ inventory_hostname }}/rootfs/etc/motd"
+    mode: 0644
+    owner: root
+    group: root
+  connection: local
+  delegate_to: localhost
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,45 +1,15 @@
 ---
- name: configure dnsmasq hosts
-  lineinfile:
-    dest: /etc/dnsmasq.d/hosts.conf
-    regexp: "^{{ ansible_host }}"
-    line: "{{ ansible_host }}\t{{ inventory_hostname }}.lxc.br0tkasten.de"
-  notify:
-    - reload dnsmasq
-  delegate_to: localhost
-  connection: local
-
- name: create container
-  lxd_container:
-    name: "{{ inventory_hostname }}"
-    state: started
-    source:
-      type: image
-      mode: pull
-      server: https://images.linuxcontainers.org
-      protocol: simplestreams #lxd # if you get a 404, try setting protocol: simplestreams
-      alias: "{{ container_image }}"
-    devices: '{ "eth0": {"nictype":"bridged", "parent":"lxd","type":"nic","ipv4.address":"{{ ansible_host }}"} }'                                   # default to {}
-    profiles: ["lxd"]
-    wait_for_ipv4_addresses: true
-    timeout: 120
-  delegate_to: localhost
-  connection: local
+- name: setup container
+  include_tasks: incus.yml

 - name: setup alpine 
-  include: alpine.yml
+  include_tasks: alpine.yml
  when: '"alpine" in container_image'

 - name: setup archlinux
-  include: archlinux.yml
+  include_tasks: archlinux.yml
  when: '"archlinux" in container_image'

 - name: setup rockylinux
-  include: rockylinux.yml
+  include_tasks: rockylinux.yml
  when: '"rockylinux" in container_image'
-
- name: deploy motd
-  copy:
-    src: motd
-    dest: /etc/motd
-    mode: 0644
--- a/tasks/ssh.yml
+++ b/tasks/ssh.yml
@ -2,19 +2,31 @@
 - name: mkdir ~/.ssh
  connection: local
  delegate_to: localhost 
-  raw: "lxc exec {{ inventory_hostname }} -- mkdir -p /root/.ssh" 
+  command: 
+    cmd: "/usr/bin/incus exec {{ inventory_hostname }} -- mkdir -p /root/.ssh" 
+
+#- name: get authorized_keys
+#  connection: local
+#  delegate_to: localhost
+#  copy:
+#    src: authorized_keys
+#    dest: "/var/lib/incus/storage-pools/default/containers/{{ inventory_hostname }}/rootfs/root/.ssh/authorized_keys"
+#    owner: root
+#    group: root
+#    mode: 0600

 - name: get authorized_keys
  connection: local
  delegate_to: localhost
-  copy:
-    src: authorized_keys
-    dest: "/var/lib/lxd/storage-pools/default/containers/{{ inventory_hostname }}/rootfs/root/.ssh/authorized_keys"
+  get_url:
+    url: https://git.br0tkasten.de/br0tkasten.keys
+    dest: "/var/lib/incus/storage-pools/default/containers/{{ inventory_hostname }}/rootfs/root/.ssh/authorized_keys"
    owner: root
    group: root
    mode: 0600

- name: fix file permissions
-  connection: local
-  delegate_to: localhost 
-  raw: "lxc exec {{ inventory_hostname }} -- chmod 0600 /root/.ssh/authorized_keys"
+#- name: fix file permissions
+#  connection: local
+#  delegate_to: localhost 
+#  command: 
+#    cmd: "/usr/bin/incus exec {{ inventory_hostname }} -- chmod 0600 /root/.ssh/authorized_keys"