il/ilnmors-homelab
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a7365da43101b7abd734499cbe16c5e0b7b31ecb
ilnmors-homelab/ansible/playbooks/vmm/site.yaml
il a7365da431 1.0.0 Release IaaS
2026-03-15 04:41:02 +09:00

166 lines
4.4 KiB
YAML
Raw Blame History

---
- name: Set host and load secret values
hosts: "console"
gather_facts: false
become: false
tasks:
- name: Set host as vmm
ansible.builtin.set_fact:
vmm_host: "vmm"
when: "'init' is not in ansible_run_tags"
tags: ["always"]
- name: Load secret from secrets.yaml
ansible.builtin.include_role:
name: "console"
tasks_from: "node/load_secret_vars"
apply:
tags: ["always"]
tags: ["always"]
- name: Site vmm
hosts: "{{ hostvars['console']['vmm_host'] | default('vmm_init') }}"
gather_facts: false
become: false
pre_tasks:
- name: Set become password
ansible.builtin.set_fact:
ansible_become_pass: "{{ hostvars['console']['sudo']['password']['vmm'] }}"
tags: ["always"]
tasks:
# init
- name: Set timezone to Asia/Seoul
community.general.timezone:
name: Asia/Seoul
become: true
tags: ["init", "timezone"]
- name: Deploy root_ca certificate
ansible.builtin.include_role:
name: "common"
tasks_from: "node/deploy_root_ca"
apply:
tags: ["init", "root_crt"]
tags: ["init", "root_crt"]
- name: Deploy hosts file
ansible.builtin.include_role:
name: "common"
tasks_from: "node/deploy_hosts"
apply:
tags: ["init", "hosts"]
tags: ["init", "hosts"]
- name: Create default directory
ansible.builtin.include_role:
name: "common"
tasks_from: "node/create_default_dir"
apply:
tags: ["init", "default_dir"]
tags: ["init", "default_dir"]
- name: Set ssh host
ansible.builtin.include_role:
name: "common"
tasks_from: "node/set_ssh_host"
apply:
tags: ["init", "ssh_host"]
tags: ["init", "ssh_host"]
- name: Set networkd
ansible.builtin.include_role:
name: "common"
tasks_from: "node/set_networkd"
apply:
tags: ["init", "networkd"]
tags: ["init", "networkd"]
- name: Set resolved
ansible.builtin.include_role:
name: "common"
tasks_from: "node/set_resolved"
apply:
tags: ["init", "resolved"]
tags: ["init", "resolved"]
- name: Set timesyncd
ansible.builtin.include_role:
name: "common"
tasks_from: "node/set_timesyncd"
apply:
tags: ["init", "timesyncd"]
tags: ["init", "timesyncd"]
- name: Set linger # vmm has dbus-user-session in it
ansible.builtin.include_role:
name: "common"
tasks_from: "node/set_linger"
apply:
tags: ["init", "linger"]
tags: ["init", "linger"]
- name: Set libvirt
ansible.builtin.include_role:
name: "vmm"
tasks_from: "node/set_libvirt"
apply:
tags: ["init", "libvirt"]
tags: ["init", "libvirt"]
- name: Set nftables
ansible.builtin.include_role:
name: "common"
tasks_from: "node/set_nftables"
apply:
tags: ["init", "site", "nftables"]
tags: ["init", "site", "nftables"]
- name: Update and upgrade apt # init roles has no internet (airgap statement)
ansible.builtin.apt:
update_cache: true
upgrade: "dist"
cache_valid_time: 3600
when: inventory_hostname != "vmm_init"
become: true
tags: ["site", "upgrade-packages"]
- name: Set crowdsec
ansible.builtin.include_role:
name: "common"
tasks_from: "services/set_crowdsec"
apply:
tags: ["site", "crowdsec"]
when: inventory_hostname != "vmm_init"
tags: ["site", "crowdsec"]
- name: Set alloy
ansible.builtin.include_role:
name: "common"
tasks_from: "services/set_alloy"
apply:
tags: ["site", "alloy"]
when: inventory_hostname != "vmm_init"
tags: ["site", "alloy"]
- name: Install packages # they are already installed in prerequisite step
ansible.builtin.apt:
name:
- acl
- curl
- jq
- crowdsec
- systemd-resolved
- qemu-system-x86
- ksmtuned
- libvirt-daemon-system
- virt-top
- python3
- python3-apt
- python3-libvirt
- python3-lxml
state: "present"
become: true
when: "'init' is not in ansible_run_tags"
tags: ["never", "install-packages"]
Reference in New Issue View Git Blame Copy Permalink