102 lines
3.5 KiB
YAML
102 lines
3.5 KiB
YAML
---
|
|
# Copyright 2016, Rackspace US, Inc.
|
|
# Copyright 2017, SUSE LINUX GmbH.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
lxc_hosts_external_repo:
|
|
- name: "OBS:Virtualization:containers"
|
|
uri: "{{ lxc_hosts_opensuse_mirror_obs_url }}/repositories/Virtualization:/containers/openSUSE_Leap_{{ ansible_distribution_version }}/"
|
|
|
|
system_config_dir: "/etc/sysconfig"
|
|
systemd_utils_prefix: "/usr/lib/systemd"
|
|
|
|
# Required rpm packages.
|
|
lxc_hosts_distro_packages:
|
|
- apparmor-parser
|
|
- apparmor-profiles
|
|
- apparmor-utils
|
|
- aria2
|
|
- bridge-utils
|
|
- btrfsprogs
|
|
- dnsmasq
|
|
- git-core
|
|
- libseccomp2
|
|
- lxc
|
|
- liblxc-devel
|
|
- xz
|
|
|
|
lxc_xz_bin: xz
|
|
|
|
lxc_cache_map:
|
|
distro: opensuse
|
|
arch: amd64
|
|
release: "{{ ansible_distribution_version }}"
|
|
copy_from_host:
|
|
- /etc/environment
|
|
- /etc/localtime
|
|
- /etc/zypp/repos.d/repo-oss.repo
|
|
- /etc/zypp/repos.d/repo-update.repo
|
|
cache_prep_commands: |
|
|
{{ lxc_cache_prep_pre_commands }}
|
|
mkdir -p /etc/ansible/facts.d/
|
|
rm /etc/resolv.conf || true
|
|
{% for resolver in lxc_cache_prep_dns %}
|
|
echo "nameserver {{ resolver }}" >> /etc/resolv.conf
|
|
{% endfor %}
|
|
# We have (tried to!) copied repo-oss and repo-update from the host so wipe everything else.
|
|
find /etc/zypp/repos.d/ -type f ! -name "repo-oss.repo" -a ! -name "repo-update.repo" -delete
|
|
zypper lr | grep -q 'repo-oss' || zypper --quiet ar {{ lxc_hosts_opensuse_mirror_url }}/distribution/leap/{{ ansible_distribution_version }}/repo/oss repo-oss
|
|
zypper lr | grep -q 'repo-update' || zypper --quiet ar {{ lxc_hosts_opensuse_mirror_url }}/update/leap/{{ ansible_distribution_version }}/oss repo-update
|
|
# Disable recommended packages. Only update what's really needed
|
|
if ! fgrep -qx "solver.onlyRequires = true" /etc/zypp/zypp.conf; then
|
|
echo -e "\n\n## Disable recommended packages\nsolver.onlyRequires = true" >> /etc/zypp/zypp.conf
|
|
fi
|
|
# Update base distribution
|
|
zypper --gpg-auto-import-keys -n dup --force-resolution -l
|
|
zypper --gpg-auto-import-keys -n in --force-resolution -l {{ lxc_cache_distro_packages | join(' ') }}
|
|
mkdir -p /var/backup
|
|
echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/sysconfig/network/ifcfg-eth0
|
|
chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
|
|
echo "nameserver {{ lxc_net_address }}" > /etc/resolv.conf
|
|
# NOTE(hwoarang): Enable sshd which has been explicitely disabled in
|
|
# https://github.com/lxc/lxc-ci/commit/8dc7105399350a59698538a12b6d5a1a880ef2ba
|
|
systemctl -q unmask sshd
|
|
systemctl -q enable sshd
|
|
{{ lxc_cache_prep_post_commands }}
|
|
|
|
_lxc_cache_distro_packages:
|
|
- ca-certificates-mozilla
|
|
- cronie
|
|
- dbus-1
|
|
- openssh
|
|
- python
|
|
- python-xml
|
|
- rsync
|
|
- sudo
|
|
- tar
|
|
- wget
|
|
- which
|
|
|
|
lxc_cached_network_interfaces:
|
|
- src: "lxc-net-suse-bridge.cfg.j2"
|
|
dest: "/etc/sysconfig/network/ifcfg-{{ lxc_net_bridge }}"
|
|
- src: "lxc-net-suseredhat-postdown.cfg.j2"
|
|
dest: "/etc/sysconfig/network/scripts/ifdown-post-{{ lxc_net_bridge }}"
|
|
mode: "0755"
|
|
interface: "${1}"
|
|
|
|
lxc_container_default_interfaces: |
|
|
STARTMODE=auto
|
|
BOOTPROTO=dhcp
|