Jose/ansible_samba_tasks
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
ff63991e01cc70f46e77d05efea1776fc3195b9d
ansible_samba_tasks/tasks/setupacdc.yml
Jose ff63991e01 chore 📦: Update setupacdc.yml with new variables for Samba domain info 
Added new variables to the setupacdc.yml file to store Samba domain admin password, allowing for easier configuration and management of the domain. This change enables more flexibility in the setup process.
2025-11-03 21:10:54 +01:00

155 lines
4.6 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
- name: Create and provision LXC container on Proxmox
hosts: node0
gather_facts: no
become: yes
become_user: root
vars:
node_ip: "{{ hostvars['node0']['ansible_host'] }}"
mac_address: "8E:90:31:DE:31:36"
container_id: 200
container_template: "/var/lib/vz/template/cache/debian-13-standard_13.1-1_amd64.tar.zst"
container_ostype: debian
container_hostname: "{{ addc_hostname }}"
container_password: "{{ addc_admin_password }}"
container_storage: local-lvm
container_rootfs_size: 8G
container_memory: 1024
container_swap: 256
container_cores: 2
container_net: name=eth0,bridge=vmbr0,ip={{ addc_ansible_host }}/24,gw={{ location_gateway }},hwaddr={{ mac_address }}
container_features: "keyctl=1,nesting=1,mount=cifs"
container_description: default lxc
container_onboot: 1
container_protection: 0
container_unprivileged: 1
container_pubkey: "{{ ssh_public_keys[0] }}"
container_tags:
- ansible_managed
- test
tasks:
- name: Combine SSH public keys into one file
ansible.builtin.copy:
dest: "{{ ssh_keys_file }}"
content: |
{% for key in ssh_public_keys %}
{{ key }}
{% endfor %}
mode: '0644'
- name: Create LXC container {{ container_hostname }} with id {{ container_id }} using pct command on shell
ansible.builtin.shell: |
pct create {{ container_id }} {{ container_template }} \
-ostype {{ container_ostype }} \
-hostname {{ container_hostname }} \
-password 123456 \
-ssh-public-keys {{ ssh_keys_file }} \
-cores {{ container_cores }} \
-memory {{ container_memory }} \
-swap {{ container_swap }} \
-net0 {{container_net}} \
-storage {{ container_storage }} \
-description "{{ container_description }}" \
-onboot {{ container_onboot }} \
-protection {{ container_protection }} \
-unprivileged {{ container_unprivileged }} \
-tags "{{ container_tags | join(',') }}" \
-features {{ container_features }}
args:
creates: "/etc/pve/lxc/{{ container_id }}.conf"
# no_log: true
# -password {{ container_password }} \
# -rootfs {{ container_storage }}:{{ container_id }}/vm-{{ container_id }}-disk-0.raw,size=7G \
# -timezone: {{ localization_timezone }} \
- name: Check if LXC container {{ container_hostname }} is running
ansible.builtin.command:
cmd: pct status {{ container_id }}
register: pct_status
changed_when: false
- name: Start the LXC container {{ container_hostname }} if stopped
ansible.builtin.command:
cmd: pct start {{ container_id }}
when: "'status: stopped' in pct_status.stdout"
register: start_result
changed_when: "'status: stopped' in pct_status.stdout"
- name: Wait until container has an IP address
ansible.builtin.shell: "pct exec {{ container_id }} -- hostname -I | awk '{print $1}'"
register: lxc_ip
until: lxc_ip.stdout != ""
retries: 10
delay: 5
changed_when: false
failed_when: lxc_ip.stdout == ""
- name: Wait for SSH to become available
ansible.builtin.wait_for:
host: "{{ lxc_ip.stdout }}"
port: 22
delay: 5
timeout: 60
retries: 10
delay: 5
changed_when: false
# --- DC1 Provisioning Play --------------------------------------------
- name: Provision dc1 LXC
hosts: dc1
gather_facts: false
become: true
vars:
samba_domain_info.adminpass: "{{ addc_admin_password }}"
tasks:
# - name: Ensure SSH authorized keys are present
# ansible.posix.authorized_key:
# user: root
# key: "{{ item }}"
# state: present
# loop: "{{ ssh_public_keys }}"
- name: Install useful packages
ansible.builtin.package:
name:
- nano
- tzdata
# - openssh-server
state: present
- name: Update all packages, autoclean, and autoremove
ansible.builtin.apt:
name: "*"
state: latest
autoclean: yes
autoremove: yes
purge: true
- name: Set timezone to {{ localization_timezone }}
community.general.timezone:
name: "{{ localization_timezone }}"
notify: Restart sshd
tags: [timezone]
- name: Deploy the Samba AD DC role
ansible.builtin.include_role:
name: ansible_samba_ad_dc
# --- Global Handlers ----------------------------------------------
handlers:
- name: Restart sshd
ansible.builtin.service:
name: ssh
state: restarted
when: localization_timezone | bool
Reference in New Issue View Git Blame Copy Permalink