Implement 'setup'-tag to re-setup the containers.

2021-11-20 17:00:19 +01:00 · 2021-11-20 17:00:19 +01:00 · 2c0a1c5392
commit 2c0a1c5392
parent 0ed4230794
3 changed files with 152 additions and 137 deletions
--- a/edubox.yml
+++ b/edubox.yml
@ -16,6 +16,7 @@
 ##    --tags=stop     stop all containers
 ##    --tags=reset    reset all containers to the initial image
 ##    --tags=purge    purge all containers
+##    --tags=setup    purge all containers and setup again
 ##

 - name: apply configuration to the edubox
--- a/roles/educontainer/tasks/main.yml
+++ b/roles/educontainer/tasks/main.yml
@ -19,6 +19,7 @@
    - stop
    - reset
    - purge
+    - setup

 - name: purge all containers
  command:
@ -28,6 +29,7 @@
  tags:
    - never
    - purge
+    - setup

 - name: remove container overlay
  file:
@ -38,6 +40,7 @@
    - never
    - reset
    - purge
+    - setup

 - name: start all containers
  systemd:
@ -51,142 +54,12 @@

 ###########

- name: install packages
-  apt:
-    name:
-      - systemd-container
-      - debootstrap
-    state: latest
+- name: import setup.yml tasks
+  import_tasks: setup.yml
+  tags: 
+    - never
+    - setup

- name: debootstrap base system
-  command:
-    cmd: >
-      debootstrap 
-      --include={{ cont_packages | union(cont_packages_extra) | join(',') }}
-      --components=main,contrib,non-free stable
-      {{ contname }}00 http://deb.debian.org/debian
-  args:
-    chdir: /var/lib/machines/
-    creates: /var/lib/machines/{{ contname }}00
-  environment: 
-    http_proxy: http://localhost:3142
-  notify: enable and restart containers
+- name: import setup.yml tasks
+  import_tasks: setup.yml

- name: provide complete apt sources
-  copy:
-    src: /etc/apt/sources.list
-    dest: /var/lib/machines/{{ contname }}00/etc/apt/sources.list
-    remote_src: yes
-
- name: configure locale
-  lineinfile:
-    path: /var/lib/machines/{{ contname }}00/etc/profile
-    line: 'export LANG=C'
-
- name: upgrade container
-  command:
-    cmd: >
-      chroot . sh -c '/usr/bin/apt-get update &&
-      /usr/bin/apt-get full-upgrade --yes'
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-
- name: provide {{ contuser }} user account
-  command:
-    cmd: >
-      chroot . sh -c '/usr/sbin/useradd -m -s /bin/bash 
-      -c "User {{ contuser }},,," -G sudo {{ contuser }}'
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-    creates: /var/lib/machines/{{ contname }}00/home/{{ contuser }}
-  register: user_account
-
- name: provide empty password for {{ contuser }} user
-  command:
-    cmd: chroot . sh -c "passwd -d {{ contuser }}"
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-  when: user_account.changed | default(false) and contpwd | length == 0
-
- name: provide password for container {{ contuser }} user
-  command:
-    cmd: chroot . sh -c "echo {{ contuser }}:{{ contpwd }} | chpasswd"
-  args:
-    chdir: /var/lib/machines/{{ contname }}00
-  when: user_account.changed | default(true) and contpwd | length > 0
-
- name: allow empty passwords in ssh
-  lineinfile:
-    path: /var/lib/machines/{{ contname }}00/etc/ssh/sshd_config
-    insertafter: '#PermitEmptyPasswords no'
-    line: 'PermitEmptyPasswords yes'
-  when: user_account.changed | default(false) and contpwd | length == 0
-
- name: prepare directories
-  file:
-    path: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item }}
-    state: directory
-  loop:
-    - multi-user.target.wants
-    - sockets.target.wants
-    - network-online.target.wants
-  notify: enable and restart containers
-
- name: enable systemd-networkd service
-  file:
-    src: /lib/systemd/system/{{ item.src }}
-    dest: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item.dest }}
-    state: link
-    force: yes
-  loop:
-    - { src: systemd-networkd.service, dest: dbus-org.freedesktop.network1.service }
-    - { src: systemd-networkd.service, dest: multi-user.target.wants/systemd-networkd.service }
-    - { src: systemd-networkd.socket, dest: sockets.target.wants/systemd-networkd.socket }
-    - { src: systemd-networkd-wait-online.service, dest: network-online.target.wants/systemd-networkd-wait-online.service }
-  notify: enable and restart containers
-
-########
- name: prepare sysctl configuration
-  file:
-    path: /etc/sysctl.d/inotify.conf
-    state: touch
-
- name: fix too many open files error
-  sysctl:
-    name: fs.inotify.max_user_instances
-    value: '1024'
-    sysctl_file: /etc/sysctl.d/inotify.conf
-
- name: generate links to the initial container
-  file:
-    src: "{{ contname }}00"
-    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}
-    state: link
-  loop: "{{ containers[1:] }}"
-  notify: enable and restart containers
-
- name: prepare nspawn config directory
-  file:
-    path: /etc/systemd/nspawn
-    state: directory
-
- name: provide container configuration
-  template:
-    src: contcfg.nspawn.j2
-    dest: /etc/systemd/nspawn/{{ contname}}{{ "%02d" | format(item|int) }}.nspawn
-  loop: "{{ containers }}"
-  notify: enable and restart containers
-
- name: provide container hostname file
-  template:
-    src: hostname.j2
-    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hostname
-  loop: "{{ containers }}"
-  notify: enable and restart containers
-
- name: provide container hosts file
-  template:
-    src: hosts.j2
-    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts
-  loop: "{{ containers }}"
-  notify: enable and restart containers
--- a/roles/educontainer/tasks/setup.yml
+++ b/roles/educontainer/tasks/setup.yml
@ -0,0 +1,141 @@
+---
+
+- name: install packages
+  apt:
+    name:
+      - systemd-container
+      - debootstrap
+    state: latest
+
+- name: debootstrap base system
+  command:
+    cmd: >
+      debootstrap 
+      --include={{ cont_packages | union(cont_packages_extra) | join(',') }}
+      --components=main,contrib,non-free stable
+      {{ contname }}00 http://deb.debian.org/debian
+  args:
+    chdir: /var/lib/machines/
+    creates: /var/lib/machines/{{ contname }}00
+  environment: 
+    http_proxy: http://localhost:3142
+  notify: enable and restart containers
+
+- name: provide complete apt sources
+  copy:
+    src: /etc/apt/sources.list
+    dest: /var/lib/machines/{{ contname }}00/etc/apt/sources.list
+    remote_src: yes
+
+- name: configure locale
+  lineinfile:
+    path: /var/lib/machines/{{ contname }}00/etc/profile
+    line: 'export LANG=C'
+
+- name: upgrade container
+  command:
+    cmd: >
+      chroot . sh -c '/usr/bin/apt-get update &&
+      /usr/bin/apt-get full-upgrade --yes'
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+
+- name: provide {{ contuser }} user account
+  command:
+    cmd: >
+      chroot . sh -c '/usr/sbin/useradd -m -s /bin/bash 
+      -c "User {{ contuser }},,," -G sudo {{ contuser }}'
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+    creates: /var/lib/machines/{{ contname }}00/home/{{ contuser }}
+  register: user_account
+
+- name: provide empty password for {{ contuser }} user
+  command:
+    cmd: chroot . sh -c "passwd -d {{ contuser }}"
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+  when: user_account.changed | default(false) and contpwd | length == 0
+
+- name: provide password for container {{ contuser }} user
+  command:
+    cmd: chroot . sh -c "echo {{ contuser }}:{{ contpwd }} | chpasswd"
+  args:
+    chdir: /var/lib/machines/{{ contname }}00
+  when: user_account.changed | default(true) and contpwd | length > 0
+
+- name: allow empty passwords in ssh
+  lineinfile:
+    path: /var/lib/machines/{{ contname }}00/etc/ssh/sshd_config
+    insertafter: '#PermitEmptyPasswords no'
+    line: 'PermitEmptyPasswords yes'
+  when: user_account.changed | default(false) and contpwd | length == 0
+
+- name: prepare directories
+  file:
+    path: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item }}
+    state: directory
+  loop:
+    - multi-user.target.wants
+    - sockets.target.wants
+    - network-online.target.wants
+  notify: enable and restart containers
+
+- name: enable systemd-networkd service
+  file:
+    src: /lib/systemd/system/{{ item.src }}
+    dest: /var/lib/machines/{{ contname }}00/etc/systemd/system/{{ item.dest }}
+    state: link
+    force: yes
+  loop:
+    - { src: systemd-networkd.service, dest: dbus-org.freedesktop.network1.service }
+    - { src: systemd-networkd.service, dest: multi-user.target.wants/systemd-networkd.service }
+    - { src: systemd-networkd.socket, dest: sockets.target.wants/systemd-networkd.socket }
+    - { src: systemd-networkd-wait-online.service, dest: network-online.target.wants/systemd-networkd-wait-online.service }
+  notify: enable and restart containers
+
+########
+- name: prepare sysctl configuration
+  file:
+    path: /etc/sysctl.d/inotify.conf
+    state: touch
+
+- name: fix too many open files error
+  sysctl:
+    name: fs.inotify.max_user_instances
+    value: '1024'
+    sysctl_file: /etc/sysctl.d/inotify.conf
+
+- name: generate links to the initial container
+  file:
+    src: "{{ contname }}00"
+    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}
+    state: link
+  loop: "{{ containers[1:] }}"
+  notify: enable and restart containers
+
+- name: prepare nspawn config directory
+  file:
+    path: /etc/systemd/nspawn
+    state: directory
+
+- name: provide container configuration
+  template:
+    src: contcfg.nspawn.j2
+    dest: /etc/systemd/nspawn/{{ contname}}{{ "%02d" | format(item|int) }}.nspawn
+  loop: "{{ containers }}"
+  notify: enable and restart containers
+
+- name: provide container hostname file
+  template:
+    src: hostname.j2
+    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hostname
+  loop: "{{ containers }}"
+  notify: enable and restart containers
+
+- name: provide container hosts file
+  template:
+    src: hosts.j2
+    dest: /var/lib/machines/{{ contname }}{{ "%02d" | format(item|int) }}.hosts
+  loop: "{{ containers }}"
+  notify: enable and restart containers