Lino Silva
29 lines
1.0 KiB
YAML
29 lines
1.0 KiB
YAML
---
|
|
- name: Add cgroup rule
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/"{{ hostvars[ansible_hostname]['k3s_vmid'] }}".conf
|
|
state: present
|
|
line: lxc.apparmor.profile{{":"}} unconfined
|
|
validate: /usr/sbin/visudo -cf %s
|
|
|
|
- name: Add cgroup rule
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/"{{ hostvars[ansible_hostname]['k3s_vmid'] }}".conf
|
|
state: present
|
|
line: lxc.cap.drop{{":"}}
|
|
validate: /usr/sbin/visudo -cf %s
|
|
|
|
- name: Add cgroup rule
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/"{{ hostvars[ansible_hostname]['k3s_vmid'] }}".conf
|
|
state: present
|
|
line: lxc.mount.auto"{{":"}}" "proc{{":"}}rw sys{{":"}}rw"
|
|
validate: /usr/sbin/visudo -cf %s
|
|
|
|
- name: Add cgroup rule
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/pve/nodes/{{ ansible_hostname }}/lxc/"{{ hostvars[ansible_hostname]['k3s_vmid'] }}".conf
|
|
state: present
|
|
line: lxc.cgroup2.devices.allow{{":"}} c 10{{":"}}200 rwm
|
|
validate: /usr/sbin/visudo -cf %s
|