From 8da6e5f337965380caa62f03eac88a826338b8ef Mon Sep 17 00:00:00 2001 From: "Daniel A. Maierhofer" Date: Mon, 12 Feb 2018 23:53:55 +0100 Subject: [PATCH] Fix LXC config --- roles/ariane/defaults/main.yml | 1 + roles/ariane/files/lxc_default.conf | 5 +++-- roles/ariane/tasks/iptables.yml | 2 +- roles/ariane/tasks/lxc.yml | 9 ++++++--- roles/ariane/tasks/main.yml | 6 +++++- 5 files changed, 16 insertions(+), 7 deletions(-) diff --git a/roles/ariane/defaults/main.yml b/roles/ariane/defaults/main.yml index 324ed0d..40e6e7f 100644 --- a/roles/ariane/defaults/main.yml +++ b/roles/ariane/defaults/main.yml @@ -28,3 +28,4 @@ ariane_sysctls: ariane_logrotate: True ariane_iptables: True ariane_zfs: True +ariane_lxc: True diff --git a/roles/ariane/files/lxc_default.conf b/roles/ariane/files/lxc_default.conf index a88eb7e..404f85f 100644 --- a/roles/ariane/files/lxc_default.conf +++ b/roles/ariane/files/lxc_default.conf @@ -1,4 +1,5 @@ lxc.network.type = veth -lxc.network.link = lxcbr0 +lxc.network.link = br0 lxc.network.flags = up -#lxc.network.hwaddr = 00:16:3e:33:33:33 + +lxc.aa_profile = unconfined diff --git a/roles/ariane/tasks/iptables.yml b/roles/ariane/tasks/iptables.yml index 9206921..7210b8c 100644 --- a/roles/ariane/tasks/iptables.yml +++ b/roles/ariane/tasks/iptables.yml @@ -1,5 +1,5 @@ --- -- name: iptables - install iptables-persistent +- name: iptables - install iptables-persistent apt: name=iptables-persistent - name: /etc/iptables/rules.v4 diff --git a/roles/ariane/tasks/lxc.yml b/roles/ariane/tasks/lxc.yml index f995ce8..71104c0 100644 --- a/roles/ariane/tasks/lxc.yml +++ b/roles/ariane/tasks/lxc.yml @@ -2,21 +2,24 @@ - name: lxc - install lxc apt: name=lxc +- name: lxc - install libpam-cgfs + apt: name=libpam-cgfs + - name: lxc - install bridge-utils apt: name=bridge-utils - name: lxc - /etc/default/lxc-net copy: dest: /etc/default/lxc-net - content: 'USE_LXC_BRIDGE="true"\n' + content: 'USE_LXC_BRIDGE="true"' owner: root group: root mode: 0644 backup: yes -- name: lxc - /etc/lxc/default +- name: lxc - /etc/lxc/default.conf copy: - dest: /etc/lxc/default + dest: /etc/lxc/default.conf src: lxc_default.conf owner: root group: root diff --git a/roles/ariane/tasks/main.yml b/roles/ariane/tasks/main.yml index 30c949a..1472e1a 100644 --- a/roles/ariane/tasks/main.yml +++ b/roles/ariane/tasks/main.yml @@ -16,5 +16,9 @@ tags: ['ariane_iptables', 'iptables'] - include: zfs.yml - whan: ariane_zfs + when: ariane_zfs tags: ['ariane_zfs', 'zfs'] + +- include: lxc.yml + when: ariane_lxc + tags: ['ariane_lxc', 'lxc']