diff options
Diffstat (limited to 'manager.yml')
-rw-r--r-- | manager.yml | 107 |
1 files changed, 107 insertions, 0 deletions
diff --git a/manager.yml b/manager.yml new file mode 100644 index 0000000..c6241c6 --- /dev/null +++ b/manager.yml @@ -0,0 +1,107 @@ +- hosts: manager + remote_user: debian + become: true + tasks: + - name: "configure modprobe to enable nested VMs" + copy: + content: | + options kvm-intel nested=1 + options kvm-intel enable_shadow_vmcs=1 + options kvm-intel enable_apicv=1 + options kvm-intel ept=1 + dest: /etc/modprobe.d/kvm-nested.conf + + - name: "install needed packages" + apt: + name: + - ssh + - sudo + - qemu-system-x86 + - virtinst + - libvirt-daemon-system + - libvirt-clients + - locales-all + - jq + - rsync + - kpartx + - python3-lxml + - ansible + + - name: change IP block in default virtual network + replace: + path: /etc/libvirt/qemu/networks/default.xml + regexp: '192\.168\.122\.' + replace: '192.168.88.' + + - name: configure default virtual network + command: /usr/bin/virsh net-define /etc/libvirt/qemu/networks/default.xml + + - name: start default network now + virt_net: + state: active + name: default + + - name: start default network at boot + virt_net: + autostart: yes + name: default + + - name: "create manager user" + user: + comment: "Manager" + name: manager + shell: /bin/bash + groups: + - libvirt + + - name: "create ~manager/.ssh" + file: + state: directory + path: /home/manager/.ssh + owner: manager + group: manager + mode: 0700 + + - name: "copy root authorized_keys to manager user" + shell: | + install -o manager -g manager /root/.ssh/authorized_keys /home/manager/.ssh/authorized_keys + sed -i 's/^.* ssh-rsa /ssh-rsa /' /home/manager/.ssh/authorized_keys + + - name: "give manager sudo" + copy: + content: | + manager ALL=(ALL:ALL) NOPASSWD: ALL + dest: /etc/sudoers.d/manager + owner: root + group: root + mode: 0600 + + - name: "create ~manager/.ssh" + file: + state: directory + path: /home/manager/.ssh + owner: manager + group: manager + mode: 0700 + + - name: "add SSH keys to manager" + copy: + src: "{{ item }}" + dest: "/home/manager/.ssh/{{ item }}" + owner: manager + group: manager + mode: 0600 + with_items: + - manager.key + - manager.key.pub + + - name: "configure manager's ssh" + copy: + src: manager-ssh-config + dest: /home/manager/.ssh/config + owner: manager + group: manager + mode: 0600 + + vars: + ansible_python_interpreter: /usr/bin/python3 |