feat: reverse proxy and certs working

2022-11-19 23:42:06 +00:00
parent 645dacdca4
commit b27354241d
16 changed files with 1496 additions and 46397 deletions
@@ -1,28 +1,24 @@
 ---
 - name: Add cgroup rule
  ansible.builtin.lineinfile:
-    path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/"{{ hostvars[ansible_hostname]['k3s_vmid'] }}".conf
+    path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/{{ hostvars[ansible_hostname]['k3s_vmid'] }}.conf
    state: present
    line: lxc.apparmor.profile{{":"}} unconfined
-    validate: /usr/sbin/visudo -cf %s

 - name: Add cgroup rule
  ansible.builtin.lineinfile:
-    path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/"{{ hostvars[ansible_hostname]['k3s_vmid'] }}".conf
+    path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/{{ hostvars[ansible_hostname]['k3s_vmid'] }}.conf
    state: present
    line: lxc.cap.drop{{":"}}
-    validate: /usr/sbin/visudo -cf %s

 - name: Add cgroup rule
  ansible.builtin.lineinfile:
-    path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/"{{ hostvars[ansible_hostname]['k3s_vmid'] }}".conf
+    path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/{{ hostvars[ansible_hostname]['k3s_vmid'] }}.conf
    state: present
    line: lxc.mount.auto"{{":"}}" "proc{{":"}}rw sys{{":"}}rw"
-    validate: /usr/sbin/visudo -cf %s

 - name: Add cgroup rule
  ansible.builtin.lineinfile:
-    path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/"{{ hostvars[ansible_hostname]['k3s_vmid'] }}".conf
+    path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/{{ hostvars[ansible_hostname]['k3s_vmid'] }}.conf
    state: present
    line: lxc.cgroup2.devices.allow{{":"}} c 10{{":"}}200 rwm
-    validate: /usr/sbin/visudo -cf %s
@@ -8,6 +8,7 @@
    state: stopped
  loop: "{{ groups['baremetal'] }}"
  ignore_errors: true
+  timeout: 90

 - name: Remove containers
  community.general.proxmox:
@@ -18,6 +19,7 @@
    state: absent
  loop: "{{ groups['baremetal'] }}"
  ignore_errors: true
+  timeout: 90

 - name: Remove .ssh/known_hosts lines
  ansible.builtin.lineinfile: