--- # Copyright 2015, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: Pull SystemD Version command: "systemctl --version" changed_when: false register: systemd_version - name: Retrieve Image Index uri: url: "{{ lxc_image_cache_server }}/meta/1.0/index-system" return_content: yes register: image_index - name: Set image index fact set_fact: lxc_images: > {%- set images = [] %} {%- for image in image_index.content.splitlines() %} {%- if image | match("^" + cache_index_item) %} {%- set _ = images.append(image) %} {%- endif %} {%- endfor %} {{- images -}} - block: - name: Create machined proxy override unit directories file: path: "/etc/systemd/system/{{ item }}" owner: root group: root mode: '0755' state: directory with_items: - systemd-machined.service.d - systemd-importd.service.d - name: Drop the machined proxy override units template: src: systemd-proxy-unit.conf.j2 dest: /etc/systemd/system/{{ item }}/proxy.conf owner: root group: root mode: '0644' with_items: - systemd-machined.service.d - systemd-importd.service.d when: lxc_cache_environment.keys() | length > 0 - include: "lxc_cache_preparation_systemd_{{ (systemd_version.stdout_lines[0].split()[-1] | int > 219) | ternary('new', 'old') }}.yml" - name: Generate apt keys from LXC host for the container cache shell: apt-key exportall > /root/repo.keys changed_when: False when: - ansible_pkg_mgr == 'apt' # TODO(evrardjp): replace this with a copy with remote_src: True # when ansible2.0 will be supported - name: Rsyncing files from the LXC host to the container cache shell: | if [[ -e "{{ item }}" ]]; then rsync -av "{{ item }}" "{{ lxc_image_cache_path }}{{ item }}" fi args: executable: "/bin/bash" with_items: "{{ lxc_cache_map.copy_from_host }}" tags: - skip_ansible_lint - name: Copy files from deployment host to the container cache copy: src: "{{ item.src }}" dest: "{{ lxc_image_cache_path }}{{ item.dest | default(item.src) }}" owner: "{{ item.owner | default('root') }}" group: "{{ item.group | default('root') }}" mode: "{{ item.mode | default('0644') }}" with_items: "{{ lxc_container_cache_files }}" - name: Cached image preparation script copy: content: | #!/usr/bin/env bash set -e -x {{ lxc_cache_map.cache_prep_commands }} dest: "{{ lxc_image_cache_path }}/usr/local/bin/cache-prep-commands.sh" mode: "0755" # This task runs several commands against the cached image to speed up the # lxc_container_create playbook. - name: Prepare cached image setup commands command: "chroot {{ lxc_image_cache_path }} /usr/local/bin/cache-prep-commands.sh" changed_when: false - name: Adjust sshd configuration in container lineinfile: dest: "{{ lxc_image_cache_path }}/etc/ssh/sshd_config" regexp: "{{ item.regexp }}" line: "{{ item.line }}" state: present with_items: "{{ lxc_cache_sshd_configuration }}" - name: Obtain the deploy system's ssh public key set_fact: lxc_container_ssh_key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}" when: lxc_container_ssh_key is not defined - name: Deploy ssh public key into the cached image lineinfile: dest: "{{ lxc_image_cache_path }}/root/.ssh/authorized_keys" line: "{{ lxc_container_ssh_key }}" create: true - name: Remove generated apt keys from LXC host file: path: /root/repo.keys state: absent when: - ansible_pkg_mgr == 'apt' changed_when: False - name: Remove requiretty for sudo on centos template: dest: "{{ lxc_image_cache_path }}/etc/sudoers.d/openstack-ansible" owner: root group: root mode: "0440" src: sudoers.j2 when: - ansible_pkg_mgr == 'yum'