talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity
46f182803e
machine_setup/ansible/roles/jail/tasks/freebsd.yaml
Tom Alexander 46f182803e
Add enabling startup jails.
2022-10-29 19:09:28 -04:00

63 lines
2.2 KiB
YAML
Raw Blame History

- name: Create common zfs datasets
zfs:
name: "{{ item }}"
state: present
extra_zfs_properties:
mountpoint: "none"
loop: "{{ ((jail_list | community.general.json_query('[*].dataset')) + [jail_zfs_dataset]) | product(['', '/persistent', '/jails']) | map('join', '') }}"
- name: Create jail zfs datasets
zfs:
name: "{{ item.dataset|default(jail_zfs_dataset) }}/jails/{{ item.name }}"
state: present
extra_zfs_properties: '{{ {''mountpoint'': item.dataset_mountpoint|default(jail_zfs_dataset_mountpoint) + "/jails/" + item.name}|combine(item.properties|default({})) }}'
loop: "{{ jail_list }}"
- name: Create persistent jail zfs datasets
zfs:
name: "{{ item.dataset|default(jail_zfs_dataset) }}/persistent/{{ item.name }}"
state: present
extra_zfs_properties:
mountpoint: "none"
when: item.persist|default([])|length > 0
loop: "{{ jail_list }}"
- name: Create jail specific zfs datasets
zfs:
name: "{{ item.0.dataset|default(jail_zfs_dataset) }}/persistent/{{ item.0.name }}/{{ item.1.name }}"
state: present
extra_zfs_properties: '{{ {''mountpoint'': item.0.dataset_mountpoint|default(jail_zfs_dataset_mountpoint) + "/jails/" + item.0.name + item.1.mount }|combine(item.1.properties|default({})) }}'
loop: "{{ jail_list|subelements('persist', skip_missing=True) }}"
- name: Install scripts
template:
src: "templates/{{ item.src }}.j2"
dest: "{{ item.dest }}"
mode: 0755
owner: root
group: wheel
loop:
- src: new_jail.bash
dest: /usr/local/bin/new_jail
- name: Enable Jails
community.general.sysrc:
name: jail_enable
value: "YES"
path: /etc/rc.conf.d/jail
when: jail_list|community.general.json_query('[?enabled==`true`]')|length > 0
- name: Set enabled jail list
community.general.sysrc:
name: jail_list
value: "{{ jail_list|community.general.json_query('[?enabled==`true`].name')|join(' ') }}"
path: /etc/rc.conf.d/jail
when: jail_list|community.general.json_query('[?enabled==`true`]')|length > 0
- name: Disable Jails
file:
path: /etc/rc.conf.d/jail
state: absent
when: jail_list|community.general.json_query('[?enabled==`true`]')|length == 0
Reference in New Issue View Git Blame Copy Permalink