ansible-roles/lxc/tasks/create-container.yml

---
- name: "Check if container {{ name }} exists"
  command: "lxc-ls {{ name }}"
  changed_when: false
  check_mode: no
  register: container_exists

- name: "Create container {{ name }}"
  lxc_container:
    name: "{{ name }}"
    container_log: true
    template: debian
    state: stopped
    template_options: "--arch amd64 --release {{ release }}"
  when: container_exists.stdout_lines | length == 0

- name: "Disable network configuration inside container {{ name }}"
  replace:
    name: "/var/lib/lxc/{{ name }}/rootfs/etc/default/networking"
    regexp: "^#CONFIGURE_INTERFACES=yes"
    replace: CONFIGURE_INTERFACES=no
  when: lxc_network_type == "none"

- name: "Disable interface shut down on halt inside container {{ name }} (Jessie container)"
  lineinfile:
    name: "/var/lib/lxc/{{ name }}/rootfs/etc/default/halt"
    line: "NETDOWN=no"
  when: lxc_network_type == "none" and release == "jessie"

- name: "Make the container {{ name }} poweroff on SIGPWR sent by lxc-stop (Jessie container)"
  file:
    src: /lib/systemd/system/poweroff.target
    dest: "/var/lib/lxc/{{ name }}/rootfs/etc/systemd/system/sigpwr.target"
    state: link
  when: release == 'jessie'

- name: "Configure the DNS resolvers in the container {{ name }}"
  copy:
    remote_src: yes
    src: /etc/resolv.conf
    dest: "/var/lib/lxc/{{ name }}/rootfs/etc/"

- name: "Add hostname in /etc/hosts for container {{ name }}"
  lineinfile:
    name: "/var/lib/lxc/{{ name }}/rootfs/etc/hosts"
    line: "127.0.0.1 {{ name }}"

- name: "Fix permission on /dev for container {{ name }}"
  lineinfile:
    name: "/var/lib/lxc/{{ name }}/rootfs/etc/rc.local"
    line: "chmod 755 /dev"
    insertbefore: "^exit 0$"
  when: release == 'jessie'

# For some reason import_role/include_role doesn't work here.
# Apparently ansible see some condition that end up being false.
# So we use import_tasks and a symlink.
- name: "Put /etc of container {{ name }} into git"
  import_tasks: repository.yml
  vars:
    repository_path: "/var/lib/lxc/{{ name }}/rootfs/etc"
    gitignore_items:
      - "aliases.db"
      - "*.swp"
      - "postfix/sa-blacklist.access"
      - "postfix/*.db"
      - "postfix/spamd.cidr"
      - "evobackup/.keep-*"
      - "letsencrypt/.certbot.lock"

- name: "Ensure that {{ name }} container is running"
  lxc_container:
    name: "{{ name }}"
    state: started
Add role for LXC 2017-08-22 17:32:32 +02:00			`---`
lxc : add name of container in task names 2019-10-21 15:23:37 +02:00			`- name: "Check if container {{ name }} exists"`
whitespaces and syntax 2020-04-17 15:56:54 +02:00			`command: "lxc-ls {{ name }}"`
Fix multiple bugs in lxc role after testing 2017-08-24 18:07:16 +02:00			`changed_when: false`
(fix) lxc: Fix container existance check to be able to run in check_mode 2020-04-08 17:57:46 +02:00			`check_mode: no`
Add role for LXC 2017-08-22 17:32:32 +02:00			`register: container_exists`

lxc : add name of container in task names 2019-10-21 15:23:37 +02:00			`- name: "Create container {{ name }}"`
lxc: rely on lxc_container module instead of command module 2019-10-02 16:32:20 +02:00			`lxc_container:`
whitespaces and syntax 2020-04-17 15:56:54 +02:00			`name: "{{ name }}"`
lxc: rely on lxc_container module instead of command module 2019-10-02 16:32:20 +02:00			`container_log: true`
			`template: debian`
			`state: stopped`
whitespaces and syntax 2020-04-17 15:56:54 +02:00			`template_options: "--arch amd64 --release {{ release }}"`
Improve Ansible syntax replace « x \| changed » by « x is changed » add explicit « bool » filter use « length » filter instead of string comparison 2021-05-09 23:06:42 +02:00			`when: container_exists.stdout_lines \| length == 0`
Update lxc-create command in create-container.yml 2019-06-17 10:52:20 +02:00
lxc : add name of container in task names 2019-10-21 15:23:37 +02:00			`- name: "Disable network configuration inside container {{ name }}"`
Add role for LXC 2017-08-22 17:32:32 +02:00			`replace:`
whitespaces and syntax 2020-04-17 15:56:54 +02:00			`name: "/var/lib/lxc/{{ name }}/rootfs/etc/default/networking"`
Add role for LXC 2017-08-22 17:32:32 +02:00			`regexp: "^#CONFIGURE_INTERFACES=yes"`
			`replace: CONFIGURE_INTERFACES=no`
			`when: lxc_network_type == "none"`

lxc : add name of container in task names 2019-10-21 15:23:37 +02:00			`- name: "Disable interface shut down on halt inside container {{ name }} (Jessie container)"`
Add role for LXC 2017-08-22 17:32:32 +02:00			`lineinfile:`
whitespaces and syntax 2020-04-17 15:56:54 +02:00			`name: "/var/lib/lxc/{{ name }}/rootfs/etc/default/halt"`
Add role for LXC 2017-08-22 17:32:32 +02:00			`line: "NETDOWN=no"`
lxc: rely on lxc_container module instead of command module 2019-10-02 16:32:20 +02:00			`when: lxc_network_type == "none" and release == "jessie"`
Add role for LXC 2017-08-22 17:32:32 +02:00
lxc : add name of container in task names 2019-10-21 15:23:37 +02:00			`- name: "Make the container {{ name }} poweroff on SIGPWR sent by lxc-stop (Jessie container)"`
Add role for LXC 2017-08-22 17:32:32 +02:00			`file:`
			`src: /lib/systemd/system/poweroff.target`
whitespaces and syntax 2020-04-17 15:56:54 +02:00			`dest: "/var/lib/lxc/{{ name }}/rootfs/etc/systemd/system/sigpwr.target"`
Add role for LXC 2017-08-22 17:32:32 +02:00			`state: link`
			`when: release == 'jessie'`

lxc : add name of container in task names 2019-10-21 15:23:37 +02:00			`- name: "Configure the DNS resolvers in the container {{ name }}"`
lxc: rely on lxc_container module instead of command module 2019-10-02 16:32:20 +02:00			`copy:`
			`remote_src: yes`
			`src: /etc/resolv.conf`
whitespaces and syntax 2020-04-17 15:56:54 +02:00			`dest: "/var/lib/lxc/{{ name }}/rootfs/etc/"`
Add role for LXC 2017-08-22 17:32:32 +02:00
lxc : add name of container in task names 2019-10-21 15:23:37 +02:00			`- name: "Add hostname in /etc/hosts for container {{ name }}"`
Add role for LXC 2017-08-22 17:32:32 +02:00			`lineinfile:`
whitespaces and syntax 2020-04-17 15:56:54 +02:00			`name: "/var/lib/lxc/{{ name }}/rootfs/etc/hosts"`
			`line: "127.0.0.1 {{ name }}"`
Add role for LXC 2017-08-22 17:32:32 +02:00
lxc : add name of container in task names 2019-10-21 15:23:37 +02:00			`- name: "Fix permission on /dev for container {{ name }}"`
Add role for LXC 2017-08-22 17:32:32 +02:00			`lineinfile:`
whitespaces and syntax 2020-04-17 15:56:54 +02:00			`name: "/var/lib/lxc/{{ name }}/rootfs/etc/rc.local"`
Add role for LXC 2017-08-22 17:32:32 +02:00			`line: "chmod 755 /dev"`
			`insertbefore: "^exit 0$"`
lxc: rely on lxc_container module instead of command module 2019-10-02 16:32:20 +02:00			`when: release == 'jessie'`
Add role for LXC 2017-08-22 17:32:32 +02:00
lxc: Add /etc of lxc containers to git 2021-08-05 10:55:41 +02:00			`# For some reason import_role/include_role doesn't work here.`
			`# Apparently ansible see some condition that end up being false.`
			`# So we use import_tasks and a symlink.`
			`- name: "Put /etc of container {{ name }} into git"`
			`import_tasks: repository.yml`
			`vars:`
			`repository_path: "/var/lib/lxc/{{ name }}/rootfs/etc"`
			`gitignore_items:`
			`- "aliases.db"`
			`- "*.swp"`
			`- "postfix/sa-blacklist.access"`
			`- "postfix/*.db"`
			`- "postfix/spamd.cidr"`
			`- "evobackup/.keep-*"`
			`- "letsencrypt/.certbot.lock"`

whitespaces and syntax 2020-04-17 15:56:54 +02:00			`- name: "Ensure that {{ name }} container is running"`
lxc: rely on lxc_container module instead of command module 2019-10-02 16:32:20 +02:00			`lxc_container:`
whitespaces and syntax 2020-04-17 15:56:54 +02:00			`name: "{{ name }}"`
lxc: rely on lxc_container module instead of command module 2019-10-02 16:32:20 +02:00			`state: started`