diff --git a/files/known_hosts b/files/known_hosts new file mode 100644 index 0000000..6ea905e --- /dev/null +++ b/files/known_hosts @@ -0,0 +1,4 @@ +sputnik,sputnik.htu.tuwien.ac.at,128.131.95.206 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA4Nj/FF5NOYdoYbIGo0vqNuyFw6bvNE70lPQWoQiRyj9Gp8Imovw87cN1CtP1OOaESW+6bLi0TXZnCxaVn5zOYLBap7m/iLUDjzuOM0suogr8sGPvc4JUGNg4ofLvGTUkJELwxYtg38aG2fG8Gklh96txoR70RjncWPtQR/yXkZs= +atlas ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsY/JwHRX6YH0WSbp6+xpoZmuQOGDaEsQX7gmad0y4Qv2Sk4MXvvD9vqWGz7qX7YDAskbrCgptX/tRTXoiaVlH635bpkWaevfVcY+DF7JgsrVzayfit5sxG6c8N1qCgXX6GlOQnwRgkHUgBCmkEOtJXvgv5AwUL3B+8fhtqbgMB1aHXbZ0Wbo8AnUgwt9Jti/Nlegd03uY6NT8fk9JaD6MF1eg45ggdvyin621xoWu1wmJu9+wZJFJ7lxKYH49d+6rQlbVwTNLFWxMaIM18OIK5ON/py//Zxa2smyvntZf584nRCvqhU3FYMfY9BZJRVb+3slS+W08Rb9c6OZgiAnh +ariane ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICLKqNwsw3yBDVJFIvssJWqhD0E03z9FnrNhcBLIdklJ +lxc-pet-01 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILtD59+Py1juHugC0aImmgD66FWEYoSOrKyXzC/mfLsP diff --git a/group_vars/all b/group_vars/all index 35df58e..57793b6 100644 --- a/group_vars/all +++ b/group_vars/all @@ -45,4 +45,5 @@ common_openssh_keys_root: - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEer+2Q3/bSJv2SpaGo8tjkQdSw/Kqoyy3XZ2RrtEqwzGozfvjyrZ0jd2Vy6LJ37o3n34brfVOvzeBaiSzc+5ciNgRVohaMydM6ADSGvZ9S2BGod1KonKfTbultWA1+BzJAjn7ZTjLlPJmceITYlh5uAnHrWQgZNPipMHLbKnSMUUd7AbkBy/nhg/ad5dO6e9TOXmEY+cNMCcA20R1i/O9nA1LIgXfnx1WKtW40gOf5YioHnhOMo8rNP5WlzZ1Lf5SiMJgxeT0covc3pq+hAHa+Y6KKdeO5oQ36RMi5FJUk2txQHGQtAjLMg0dv+bJgepIakM5wxekk9oY0J8inZOMh0mRH86KMH3SDwXt2xPomXfkGKeHVkM5VO6qfv8CzX/FjMoTTFGVaKDEPngbA8BIrPD7++gicdcnkmYOJLXgBDuJhhpis/Yp8F+F1tMBDT9LRLNvM18BXpekoFJNwTWJOAR8gktsiYP3VMt6oN1Y5lStvzv6MkhaEa0WGqjQoOJsQuI1roVHwlQhyWM/igCeO0Egb7qz/qPJHRRCgNfVjDO/rtFK09EjmG1bQrgOP7dJv0E+3scxilnoIED6ocCpKNVpc/okehgHwC+QdIpWrn5fPrXJt/hifguCn7KziWfQne8eIxaQOWBaZLdcY7HmgtQmOi3KRlKy+ORXtj/+MQ== hans@fet.at" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDZAVxkHZYqjgCBcfHy0yggdVALZKoQbJP1TJAEYgLIAWFQ0ZPMGDaidOQiTzFTE0i35MUlQB6Rc+pTYnW/+h9rzktWbU/8RNirQve2XR5TWiRIUa13p31Xgjyw05O0uF3LEL/SmZruMHy25ncDXGF+xC2VllIttC+fLHJWLXIbWVujHdOA69fBqOonQrcPTsg1l4QQv6ZAxwVgCsbeOccZkdpoT0BJk03nflW+SGsKthTYX2VMGJlc/4QjArfZ2hTykr0I/lSA6E9FkFSLl65ejovGxCp1oXn484DlyajoXqJY7IOD86izXqkQSq4w4bLKEdrfQOnfGKe1XmxzFdk92SNEW41RXokNQ16xOBZzO1ZHkXd6hx0Pj6aBvUbs3PlCn4q764LKIcjSk7ADgeC5OBA4xgRxyZt9vuP93o7jl3vvqLWevsFa0j8orxC0D3cO5SMPbowW9LqrtqHynC0WltrtLT5+Q2tBSavP615NOu+bfcakgiWN8otv41ST+2hWka8qNptOxTRj/h7+MMOyi9bh1vjgB1KkOZYotJtFdXKFiYz+buIKwguWZWEni9uTRMiEsu84x8aJwdptPO0UIgZGroyUZJcWlUkwrkdE5T4cg9zP14M6zmogAYEI7oRX56FyspRVlA7J6VF/mcZ1z6ufH+97cle613gPKUVkpw== andis@fet.at" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKrEdkD1Oecw++r77MVrga1e20FA+e/O37rhMc0etS5MvlbsAHd6Ftx2SIXVtwDnHDzyUAOJb8WlYPdG5r/QJYtXgVMGZrZ31UFdlAZq3K8ytczKkcMgnEEOWYSSyQRJlEW5LkZ9tD0hv1myIg5iw6Vpuqe6YFSkdDHtGxf0lnLAfi1XKwu7b7tARJz7teOAjaFzXumvsZlFx9BdufMW32uu7BSYWjSGcrEzMyyB/5C3kU/d5Q1ZTNK6tceopFr/K1lKBzvj85safD5BH8NpjvLe1QkzHu+C0AVxYNtqGHI5oWJbcR+UOwelBeEM/On+/Xq0ZIVmiLmFx03Qun8t1n berni@fet.at" + - 'no-pty,no-agent-forwarding,no-X11-forwarding,command="shutdown -h +1" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCiI41+XkobMT0K8ZrHdCeomdGAIRMZbdX1VjGe5OWa72rcaDFmBtK7MxD5xPZEdSaDkn+Nrpwv5/j10MccvkAOI/tx6PIxcgDF52FnHLMMVrXRM3cnkm9CrBi4kCN0D2fpbDLhknJhiqftIcPdct/a9foZQwkWOzGUN2Rk0mCw2QzkGyWHNxOMzMjV0gpfAWPv6Jg+JKDl5EHf2xJTeJ/l0TG6O0lsc5YY/7cqjRJJzTVFDo1Gy+qNgff0mbPrhcbWepG5R1tjkdT++f8uuoVkBUamwkjwDpH2y57sdESEPB0C5ES2cglOp2X3MMN7EnUBHYU3mMiYU0wV+b7Q3oKmQuG86a2D+yEp+0+WFaUY/TMCNpslGOtTBrNLshMIX/bnrx/aF9DApl9L/kUIlSxwwBNiPIl4VVU1p5Zzj/YAPvRl0kAKjosOZgl108JeRUbhQSGVrcODyhaIMQv4BAzHnV0kii7jNACHhqBR36eo3N6HX7GkbnU1YadZRcrxrpE9z9mrXuqWxzl4Cmz1yHb1JTwsnQQ2Dy0trIklQjEmLxvG8zpxHLV3EQmtIMK/g2Mk6VTdz9HZnwYLU7Mj/uZk0DWhTZ5Eyj6QAbcw2gLPLEUmdQhkHSoQKxHY0at3OjGFGydyc/3n7B7d578uxVBrp04uhTbW7SDi6mYGCkvCRQ== nut ups shutdown' diff --git a/host_vars/lxc-betam-01 b/host_vars/lxc-betam-01 new file mode 100644 index 0000000..fecccb0 --- /dev/null +++ b/host_vars/lxc-betam-01 @@ -0,0 +1,7 @@ +inventory_hostname: betam.fet.htu.tuwien.ac.at +inventory_hostname_short: betam + +lxc_host: betam +lxc_rev: 01 +lxc_hwaddr: 2e:6d:b6:07:14:01 +lxc_extra: lxc.cgroup.devices.allow = c 188:0 rwm diff --git a/hosts/production b/hosts/production index 7099e87..7c2a76d 100644 --- a/hosts/production +++ b/hosts/production @@ -4,8 +4,10 @@ all: hosts: ariane: lxc-pet-01: + betam: fet_container: hosts: - lxc-pet-01 + lxc-pet-01: + betam: vars: ansible_python_interpreter=/usr/bin/python3 diff --git a/roles/ariane/files/lxc-betam.conf b/roles/ariane/files/lxc-betam.conf new file mode 100644 index 0000000..a18cdaf --- /dev/null +++ b/roles/ariane/files/lxc-betam.conf @@ -0,0 +1,17 @@ +# {{ ansible_managed }} + +lxc.network.type = veth +lxc.network.link = br0 +lxc.network.flags = up +lxc.network.hwaddr = 2e:6d:b6:07:14:01 + +lxc.aa_profile = unconfined +lxc.rootfs = /var/lib/lxc/lxc-betam-01/rootfs +lxc.rootfs.backend = dir + +lxc.include = /usr/share/lxc/config/debian.common.conf + +lxc.utsname = lxc-betam-01 +lxc.arch = amd64 + +lxc.cgroup.devices.allow = c 188:0 rwm diff --git a/roles/ariane/tasks/lxc-betam.yml b/roles/ariane/tasks/lxc-betam.yml new file mode 100644 index 0000000..9820740 --- /dev/null +++ b/roles/ariane/tasks/lxc-betam.yml @@ -0,0 +1,13 @@ +#- name: lxc - betam container +# lxc_container: +# name: betam +# template: debian + +- name: lxc - betam config + copy: + dest: /var/lib/lxc/lxc-betam-01/config + src: lxc-betam.conf + owner: root + group: root + mode: 0644 + backup: yes diff --git a/roles/ariane/tasks/main.yml b/roles/ariane/tasks/main.yml index d8bd242..5d17539 100644 --- a/roles/ariane/tasks/main.yml +++ b/roles/ariane/tasks/main.yml @@ -22,3 +22,7 @@ - include_tasks: lxc.yml when: ariane_lxc tags: ['ariane_lxc', 'lxc'] + +- include_tasks: lxc-betam.yml + when: ariane_lxc + tags: ['ariane_lxc', 'lxc'] diff --git a/roles/ariane/templates/lxc.j2 b/roles/ariane/templates/lxc.j2 new file mode 100644 index 0000000..9185b1f --- /dev/null +++ b/roles/ariane/templates/lxc.j2 @@ -0,0 +1,17 @@ +# {{ ansible_managed }} + +lxc.network.type = veth +lxc.network.link = br0 +lxc.network.flags = up +lxc.network.hwaddr = {{ lxc_hwaddr }} + +lxc.aa_profile = unconfined +lxc.rootfs = /var/lib/lxc/lxc-{{ lxc_host }}-{{ lxc_rev }}/rootfs +lxc.rootfs.backend = dir + +lxc.include = /usr/share/lxc/config/debian.common.conf + +lxc.utsname = lxc-{{ lxc_host }}-{{ lxc-rev }} +lxc.arch = amd64 + +{{ lxc_extra }} diff --git a/roles/common b/roles/common index 5d81b09..c991c2a 160000 --- a/roles/common +++ b/roles/common @@ -1 +1 @@ -Subproject commit 5d81b0917248a51a11b8ed36b1fbf7e156f72c94 +Subproject commit c991c2adefc655e81e9be37878f547a84669219b diff --git a/roles/ups/defaults/main.yml b/roles/ups/defaults/main.yml index 818f7ba..80175ad 100644 --- a/roles/ups/defaults/main.yml +++ b/roles/ups/defaults/main.yml @@ -6,3 +6,6 @@ ups_port_dev: 188 0 ups_master_pw: Noongaig1quor9Waepe9 ups_slave_pw: + +ups_hosts: + - ariane diff --git a/roles/ups/tasks/main.yml b/roles/ups/tasks/main.yml index 23868df..e6240eb 100644 --- a/roles/ups/tasks/main.yml +++ b/roles/ups/tasks/main.yml @@ -53,3 +53,6 @@ template: dest=/etc/nut/upssched.conf src=upssched.conf.j2 owner=root group=nut mode=0640 notify: restart nut + +- name: nut - generate SSH-key + user: name=nut createhome=yes generate_ssh_key=yes ssh_key_bits=4096 ssh_key_comment="nut ups shutdown" diff --git a/roles/ups/templates/upsscript.j2 b/roles/ups/templates/upsscript.j2 index 94030df..e8070f0 100644 --- a/roles/ups/templates/upsscript.j2 +++ b/roles/ups/templates/upsscript.j2 @@ -5,7 +5,9 @@ #! /bin/sh case $1 in onbatt) - ssh +{% for host in ups_hosts %} + ssh root@{{ host }} +{% endfor %} ;; lowbatt) /sbin/upssched fsd;; diff --git a/site.yml b/site.yml index 970ceeb..b40239c 100644 --- a/site.yml +++ b/site.yml @@ -39,6 +39,6 @@ roles: - common -- hosts: lxc-pet-01 +- hosts: betam roles: - ups