split tasks off into a role
This commit is contained in:
parent
dc41472692
commit
4161f1a4a7
183
pve-deploy.yml
183
pve-deploy.yml
|
@ -48,186 +48,7 @@
|
|||
vm_template_ip: "{{ hostvars[inventory_hostname].vm_template_ip }}"
|
||||
host_type: "{{ hostvars[inventory_hostname].host_type }}"
|
||||
|
||||
tasks:
|
||||
- name: Download OS Template
|
||||
get_url:
|
||||
url: "http://download.proxmox.com/images/system/{{ ct_template }}"
|
||||
dest: "/var/lib/vz/template/cache/{{ ct_template }}"
|
||||
when: host_type == "Container"
|
||||
delegate_to: reddwarf
|
||||
|
||||
#####################################################################################
|
||||
# Container creation
|
||||
|
||||
- debug: msg="Deploying new container..."
|
||||
|
||||
- name: Create Container
|
||||
community.general.proxmox:
|
||||
vmid: "{{ ctid }}"
|
||||
node: "{{ node }}"
|
||||
api_user: "{{ api_user }}"
|
||||
api_password: "{{ api_password }}"
|
||||
api_host: "{{ api_host }}"
|
||||
hostname: "{{ guest_name }}"
|
||||
password: "{{ ctpassword }}"
|
||||
# commented out to use host searchdomain and nameservers
|
||||
#searchdomain: "{{ searchdomain }}"
|
||||
#nameserver: "{{ ctnameserver }}"
|
||||
cores: "{{ cpu_num }}"
|
||||
swap: "{{ ctswap }}"
|
||||
memory: "{{ mem_size }}"
|
||||
disk: "{{ root_size }}"
|
||||
storage: "{{ ctstorage }}"
|
||||
netif: '{"net0":"name=eth0,ip={{ guest_ip_cidr }},gw={{ guest_gw }},bridge={{ ctbridge }},type=veth,firewall=1"}'
|
||||
ostemplate: 'local:vztmpl/{{ ct_template }}'
|
||||
features:
|
||||
- nesting=1
|
||||
unprivileged: true
|
||||
onboot: true
|
||||
state: present
|
||||
when: host_type == "Container"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: Start Container
|
||||
community.general.proxmox:
|
||||
vmid: "{{ ctid }}"
|
||||
node: "{{ node }}"
|
||||
api_user: "{{ api_user }}"
|
||||
api_password: "{{ api_password }}"
|
||||
api_host: "{{ api_host }}"
|
||||
state: started
|
||||
timeout: 90
|
||||
when: host_type == "Container"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- debug: msg="waiting 15 seconds for guest container to start"
|
||||
when: host_type == "Container"
|
||||
|
||||
- name: waited 15 seconds for guest container to start
|
||||
wait_for:
|
||||
timeout: 15
|
||||
when: host_type == "Container"
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Configure sshd to allow root ssh key access (Container)
|
||||
shell:
|
||||
cmd: pct exec {{ ctid }} -- bash -c "echo 'PermitRootLogin prohibit-password' >>/etc/ssh/sshd_config"
|
||||
when: host_type == "Container"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: Add ssh keys to root authorized_keys (Container)
|
||||
shell:
|
||||
cmd: pct exec {{ ctid }} -- bash -c "echo '{{ item }}' >>/root/.ssh/authorized_keys"
|
||||
with_items:
|
||||
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDMry9AQFLxX2QqqZLS/PDH/xRmK9CgGu3wDA/1+0lhLmqij/a125kHFwC16sdiwBfik1Tzj4yetZwzQ6xeNRZPevxhuB4FGVU/QHeDstCB9ASS0bM90DHEb205VrkVFz04VHN+7q9SvK23+xo5OvhOAwDuPJKNA62CJlgc46cvLaWup5an4xmir3lqUtI5N+oGwIBm36F/qZtvNwOhRkWbap50yrp60Ce3vdiugfQBliLzDMRKup4kjuCfYgwm0PHgRb796ttYmOXFKt+rnnD/MLaX5yRXAhbYZ/5jO+bAUu+kBWGt5hdeSk5m0Uu8mo9z4Xw5yNg6+DX9m+QL5HNwnz51PVMqCufGMz20430uL82fSjW1kGDe8I+5UyYjDfUUhwwAkxNdb8kGvU1OUYJxG7Kr/qN11W/kfsaJw/loK25Jwu5jg8ooJm6/9RiJEUmvP/0h4QDDWRZ9vORwIiRlLXZW8WAxP1KEuBxOuKp5Wt/fRTcdPU820Hp2v0IOX4E= rmorrow@delans
|
||||
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCgNeo2NotlS/WPoB/YTiSovxzR/puknjqsVBc16zS0xwBUD1fFQEVNypUtzSlWKy36wxX6YJsT7fBNkLq6QoY0FPbWa7l5KlUvHYASeMmZAH81pYPcMwhQverwmNjPoABYyzTe0658Qz6qbB8CTD+r4xKYCqELlk8VkLPSgA1jJsNaurHZS6iN0EgdqyZ57h1/sZi8laVBKcU9yH0UOro2o7Phxo3/vT7w7px2pyExXwYGwhKxuOaitdq9Gv8qDIwt46Gj5Wm5CqU2zzT1VBgTpnv5RcCKTA6HZgBLekFhZj42yMntDF+tTP6te85u1u6f6CbalyXBng+eUsN4qvM3fW1sIXiVLnOxSdQgTDPbTCh52QXuF36rEU1aSNd4DRtUmpwItBJpIwREJQ64gor88fpTiGpkQL0r15bdFlIjf2XjFexpj258eGUSKDluQq1cX/qi3Okvby32HW9L18HcC1FNee6V2+lyxt3DKg8Zbfk2TAaEtqJf3KpCsFMpGVE= rmorrow@kryten
|
||||
when: host_type == "Container"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: Fix perms on root authorized_keys (Container)
|
||||
shell:
|
||||
cmd: pct exec {{ ctid }} -- bash -c "chmod 600 /root/.ssh/authorized_keys"
|
||||
when: host_type == "Container"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: Restart sshd (Container)
|
||||
shell:
|
||||
cmd: pct exec {{ ctid }} -- bash -c "systemctl restart ssh"
|
||||
when: host_type == "Container"
|
||||
delegate_to: reddwarf
|
||||
|
||||
#####################################################################################
|
||||
# VM creation
|
||||
|
||||
- debug: msg="Deploying new VM..."
|
||||
- name: Clone template to new VM
|
||||
community.general.proxmox_kvm:
|
||||
newid: "{{ ctid }}"
|
||||
node: "{{ node }}"
|
||||
api_user: "{{ api_user }}"
|
||||
api_password: "{{ api_password }}"
|
||||
api_host: "{{ api_host }}"
|
||||
clone: "{{ vm_template }}"
|
||||
name: "{{ guest_name }}"
|
||||
storage: "{{ ctstorage }}"
|
||||
format: qcow2
|
||||
timeout: 500
|
||||
memory: "{{ mem_size }}"
|
||||
cores: "{{ cpu_num }}"
|
||||
state: present
|
||||
when: host_type == "VM"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: Start VM
|
||||
community.general.proxmox_kvm:
|
||||
vmid: "{{ ctid }}"
|
||||
node: "{{ node }}"
|
||||
api_user: "{{ api_user }}"
|
||||
api_password: "{{ api_password }}"
|
||||
api_host: "{{ api_host }}"
|
||||
state: started
|
||||
timeout: 90
|
||||
when: host_type == "VM"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- debug: msg="waiting 30 seconds for guest VM to start"
|
||||
when: host_type == "VM"
|
||||
|
||||
- name: waited 30 seconds for guest VM to start
|
||||
wait_for:
|
||||
timeout: 30
|
||||
when: host_type == "VM"
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Configure sshd to allow root ssh key access (VM)
|
||||
shell:
|
||||
cmd: qm guest exec {{ ctid }} -- bash -c "echo 'PermitRootLogin prohibit-password' >>/etc/ssh/sshd_config"
|
||||
when: host_type == "VM"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: Add ssh keys to root authorized_keys (VM)
|
||||
shell:
|
||||
cmd: qm guest exec {{ ctid }} -- bash -c "echo '{{ item }}' >>/root/.ssh/authorized_keys"
|
||||
with_items:
|
||||
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDMry9AQFLxX2QqqZLS/PDH/xRmK9CgGu3wDA/1+0lhLmqij/a125kHFwC16sdiwBfik1Tzj4yetZwzQ6xeNRZPevxhuB4FGVU/QHeDstCB9ASS0bM90DHEb205VrkVFz04VHN+7q9SvK23+xo5OvhOAwDuPJKNA62CJlgc46cvLaWup5an4xmir3lqUtI5N+oGwIBm36F/qZtvNwOhRkWbap50yrp60Ce3vdiugfQBliLzDMRKup4kjuCfYgwm0PHgRb796ttYmOXFKt+rnnD/MLaX5yRXAhbYZ/5jO+bAUu+kBWGt5hdeSk5m0Uu8mo9z4Xw5yNg6+DX9m+QL5HNwnz51PVMqCufGMz20430uL82fSjW1kGDe8I+5UyYjDfUUhwwAkxNdb8kGvU1OUYJxG7Kr/qN11W/kfsaJw/loK25Jwu5jg8ooJm6/9RiJEUmvP/0h4QDDWRZ9vORwIiRlLXZW8WAxP1KEuBxOuKp5Wt/fRTcdPU820Hp2v0IOX4E= rmorrow@delans
|
||||
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCgNeo2NotlS/WPoB/YTiSovxzR/puknjqsVBc16zS0xwBUD1fFQEVNypUtzSlWKy36wxX6YJsT7fBNkLq6QoY0FPbWa7l5KlUvHYASeMmZAH81pYPcMwhQverwmNjPoABYyzTe0658Qz6qbB8CTD+r4xKYCqELlk8VkLPSgA1jJsNaurHZS6iN0EgdqyZ57h1/sZi8laVBKcU9yH0UOro2o7Phxo3/vT7w7px2pyExXwYGwhKxuOaitdq9Gv8qDIwt46Gj5Wm5CqU2zzT1VBgTpnv5RcCKTA6HZgBLekFhZj42yMntDF+tTP6te85u1u6f6CbalyXBng+eUsN4qvM3fW1sIXiVLnOxSdQgTDPbTCh52QXuF36rEU1aSNd4DRtUmpwItBJpIwREJQ64gor88fpTiGpkQL0r15bdFlIjf2XjFexpj258eGUSKDluQq1cX/qi3Okvby32HW9L18HcC1FNee6V2+lyxt3DKg8Zbfk2TAaEtqJf3KpCsFMpGVE= rmorrow@kryten
|
||||
when: host_type == "VM"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: Fix perms on root authorized_keys (VM)
|
||||
shell:
|
||||
cmd: qm guest exec {{ ctid }} -- bash -c "chmod 600 /root/.ssh/authorized_keys"
|
||||
when: host_type == "VM"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: Restart sshd (VM)
|
||||
shell:
|
||||
cmd: qm guest exec {{ ctid }} -- bash -c "systemctl restart ssh"
|
||||
when: host_type == "VM"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: update /etc/hostname (VM)
|
||||
shell:
|
||||
cmd: qm guest exec {{ ctid }} -- bash -c "sed -i 's/{{ vm_template }}/{{ guest_name }}/g' /etc/hostname"
|
||||
when: host_type == "VM"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: update /etc/hosts (VM)
|
||||
shell:
|
||||
cmd: qm guest exec {{ ctid }} -- bash -c "sed -i 's/{{ vm_template }}/{{ guest_name }}/g' /etc/hosts"
|
||||
when: host_type == "VM"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: update IP in /etc/network/interfaces (VM)
|
||||
shell:
|
||||
cmd: qm guest exec {{ ctid }} -- bash -c "sed -i 's/address {{ vm_template_ip }}/address {{ guest_ip }}/g' /etc/network/interfaces"
|
||||
when: host_type == "VM"
|
||||
delegate_to: reddwarf
|
||||
|
||||
- name: reboot guest VM
|
||||
shell:
|
||||
cmd: qm reboot {{ ctid }}
|
||||
when: host_type == "VM"
|
||||
delegate_to: reddwarf
|
||||
roles:
|
||||
- pve-deploy
|
||||
|
||||
# EOF
|
||||
|
|
Loading…
Reference in New Issue