packweb-apache: copy resolv.conf to containers

CHANGELOG.md

@@ -11,6 +11,7 @@ The **patch** part changes incrementally at each release.
 ## [Unreleased]
 
 ### Added
+* packweb-apache: add preliminary support for containers with multiple PHP versions
 
 ### Changed
 

packweb-apache/defaults/main.yml

@@ -6,6 +6,11 @@ packweb_enable_evoadmin_vhost: True
 packweb_fhs_retrictions: True
 packweb_apache_modphp: True
 packweb_apache_fpm: False
+packweb_apache_lxc_release:
+  php54: 'wheezy'
+  php56: 'jessie'
+  php70: 'stretch'
+packweb_apache_containers: []
 
 packweb_phpmyadmin_suffix: ""
 

packweb-apache/files/lxc.conf

@@ -0,0 +1,23 @@
+# Ansible managed
+#  Run containers in unprivilegied mode.
+# Map  both  user and group ids in the range 0-9999 in the container to the ids
+# 100000-109999 on the host.
+# Require lxc >= 1.1 to run jessie or later containers
+#lxc.id_map = u 0 100000 10000
+#lxc.id_map = g 0 100000 10000
+
+# Set the default network virtualization method: share the host network stack.
+lxc.network.type = none
+
+# Mount /home into containers.
+lxc.mount.entry = /home home none bind 0 0
+
+# Only one tty is enough.
+# This require that you disabled others tty ([2-6]) in systemd.
+lxc.tty = 1
+
+# Run 64bits containers
+lxc.arch = x86_64
+
+# Start containers on boot
+lxc.group = onboot

packweb-apache/tasks/containers.yml

@@ -0,0 +1,79 @@
+---
+- name: Install lxc
+  apt:
+    name: "{{ item }}"
+  with_items:
+  - lxc
+  - python-lxc
+  - xz-utils
+
+- name: Copy default configuration for containers
+  copy:
+    src: lxc.conf
+    dest: /etc/lxc/default.conf
+
+- name: Check php version
+  fail:
+    msg: "PHP version '{{ item }}' is not supported"
+  when: packweb_apache_lxc_release[item] is undefined
+  with_items: "{{ packweb_apache_containers }}"
+
+- name: Create containers
+  command: "lxc-create -n {{ item }} -t download -- --dist debian --release {{ packweb_apache_lxc_release[item] }} --arch amd64"
+  args:
+    creates: "/var/lib/lxc/{{ item }}"
+  with_items: "{{ packweb_apache_containers }}"
+
+- name: Copy resolv.conf in containers
+  copy:
+    src: /etc/resolv.conf
+    dest: "/var/lib/lxc/{{ item }}/rootfs/etc/resolv.conf"
+    remote_src: True
+    mode: "0644"
+  with_items: "{{ packweb_apache_containers }}"
+
+- name: Disable network configuration inside container
+  replace:
+    name: "/var/lib/lxc/{{ item }}/rootfs/etc/default/networking"
+    regexp: "^#CONFIGURE_INTERFACES=yes"
+    replace: CONFIGURE_INTERFACES=no
+  with_items: "{{ packweb_apache_containers }}"
+
+- name: Disable interface shut down on halt inside container
+  lineinfile:
+    name: "/var/lib/lxc/{{ item }}/rootfs/etc/default/halt"
+    line: "NETDOWN=no"
+    create: True
+  with_items: "{{ packweb_apache_containers }}"
+
+- name: Make the container poweroff on SIGPWR (sent by lxc-stop) on jessie
+  file:
+    src: /lib/systemd/system/poweroff.target
+    dest: "/var/lib/lxc/{{ item }}/rootfs/etc/systemd/system/sigpwr.target"
+    state: link
+  when: packweb_apache_lxc_release[item] == 'jessie'
+  with_items: "{{ packweb_apache_containers }}"
+
+- name: Add hostname in /etc/hosts
+  lineinfile:
+    name: "/var/lib/lxc/{{ item }}/rootfs/etc/hosts"
+    line: "127.0.0.1 {{ item }}"
+  with_items: "{{ packweb_apache_containers }}"
+
+- name: Fix permission on /dev
+  lineinfile:
+    name: "/var/lib/lxc/{{ item }}/rootfs/etc/rc.local"
+    line: "chmod 755 /dev"
+    insertbefore: "^exit 0$"
+    mode: "0755"
+    create: True
+  with_items: "{{ packweb_apache_containers }}"
+
+- name: Start containers
+  lxc_container:
+    name: "{{ item }}"
+    state: started
+  with_items: "{{ packweb_apache_containers }}"
+
+# TODO : PHP configuration in containers
+

packweb-apache/tasks/main.yml

@@ -71,3 +71,7 @@
 
 - include: fhs_retrictions.yml
   when: packweb_fhs_retrictions
+
+- include: containers.yml
+  when: packweb_apache_containers.0 is defined
+  tags: lxc