Use var for LXD password

2025-01-03 13:30:57 +07:00 · 2021-03-03 02:11:50 +07:00 · 2021-03-03 02:11:50 +07:00 · 3d6c0f44d0
commit 3d6c0f44d0
parent b68d65f2ed
6 changed files with 31 additions and 25 deletions
--- a/metal/Makefile
+++ b/metal/Makefile
@ -1,6 +1,6 @@
 .POSIX:

-default: init run
+default: init provision

 init:
 	python3 -m venv .venv \
@ -8,6 +8,10 @@ init:
 		&& pip3 install --upgrade pip \
 		&& pip3 install -r requirements.txt

-run:
+reset:
 	. .venv/bin/activate \
 		&& ansible-playbook --ask-become-pass --inventory hosts.ini playbook.yml
+
+provision:
+	. .venv/bin/activate \
+		&& ansible-playbook --inventory hosts.ini playbook.yml --tags provision
--- a/metal/playbook.yml
+++ b/metal/playbook.yml
@ -2,10 +2,10 @@
  hosts: all
  gather_facts: no
  vars_prompt:
-    - name: username
+    - name: os_username
      prompt: Enter username for metal nodes
      private: no
-    - name: password
+    - name: os_password
      prompt: Enter password for metal nodes
  roles:
    - pxe-boot
@ -18,3 +18,5 @@
  roles:
    - snap
    - lxd
+  tags:
+    - provision
--- a/metal/roles/lxd/tasks/main.yml
+++ b/metal/roles/lxd/tasks/main.yml
@ -27,22 +27,22 @@
    creates: /var/snap/lxd/common/lxd/server.crt
  when: inventory_hostname != groups['metal'][0]

- name: Add remote
-  command:
-    argv:
-      - lxc
-      - remote
-      - add
-      - vagrant
-      - "{{ hostvars[groups['metal'][0]]['ansible_host'] }}"
-      - --accept-certificate
-      - --password
-      - 1
+# - name: Add remote
+#   command:
+#     argv:
+#       - lxc
+#       - remote
+#       - add
+#       - vagrant
+#       - "{{ hostvars[groups['metal'][0]]['ansible_host'] }}"
+#       - --accept-certificate
+#       - --password
+#       - 1

- name: Change default remote
-  command:
-    argv:
-      - lxc
-      - remote
-      - switch
-      - vagrant
+# - name: Change default remote
+#   command:
+#     argv:
+#       - lxc
+#       - remote
+#       - switch
+#       - vagrant
--- a/metal/roles/lxd/templates/leader.yaml.j2
+++ b/metal/roles/lxd/templates/leader.yaml.j2
@ -1,6 +1,6 @@
 config:
  core.https_address: {{ hostvars[inventory_hostname]['ansible_host'] }}:8443
-  core.trust_password: "1"
+  core.trust_password: {{ lxd_password }}
 networks:
 - config:
    bridge.mode: fan
--- a/metal/roles/lxd/templates/member.yaml.j2
+++ b/metal/roles/lxd/templates/member.yaml.j2
@ -5,4 +5,4 @@ cluster:
  cluster_certificate: |
    {{ hostvars[groups['metal'][0]]['server_cert']['content'] | b64decode | indent(width=4) }}
  server_address: {{ hostvars[inventory_hostname]['ansible_host'] }}:8443
-  cluster_password: "1"
+  cluster_password: {{ lxd_password }}
--- a/metal/roles/pxe-boot/templates/http/kickstart/centos8.ks.j2
+++ b/metal/roles/pxe-boot/templates/http/kickstart/centos8.ks.j2
@ -30,7 +30,7 @@ services --enabled="chronyd"
 timezone Asia/Ho_Chi_Minh --isUtc

 # Create user
-user --groups=wheel --name={{ username }} --password={{ password }}
+user --groups=wheel --name={{ os_username }} --password={{ os_password }}
 # Add SSH key
 sshkey --username=root "{{ ssh_public_key }}"