diff --git a/playbooks/configure_lxc.yml b/playbooks/configure_lxc.yml index 7ce51d9..91eb865 100644 --- a/playbooks/configure_lxc.yml +++ b/playbooks/configure_lxc.yml @@ -6,6 +6,19 @@ become: yes tasks: + - name: Wait until SSH is fully ready (Ansible login confirms availability) + ansible.builtin.wait_for_connection: + timeout: 300 # fino a 5 minuti (essere generosi per bootstrap lento) + delay: 5 # aspetta 5s prima di cominciare i tentativi + + + - name: Ensure apt cache is updated (idempotent) + ansible.builtin.apt: + update_cache: yes + # non vogliamo che il primo apt rallenti la connessione dopo wait_for_connection, + # ma questo garantisce che i task successivi usino pacchetti aggiornati. + + - name: Ensure SSH is installed ansible.builtin.apt: name: openssh-server @@ -27,14 +40,6 @@ line: 'PermitRootLogin yes' notify: Restart SSH - - - name: Disable DNS lookup to speed up SSH login - ansible.builtin.lineinfile: - path: /etc/ssh/sshd_config - regexp: '^#?UseDNS' - line: 'UseDNS no' - notify: Restart SSH - - name: Ensure .ssh directory exists ansible.builtin.file: @@ -53,21 +58,3 @@ owner: root group: root - - - name: Configure SSH for key-only root login - ansible.builtin.blockinfile: - path: /etc/ssh/sshd_config - block: | - PermitRootLogin prohibit-password - PasswrodAuthentication no - UseDNS no - notify: Restart SSH - - - - - handlers: - - name: Restart SSH - ansible.builtin.service: - name: ssh - state: restarted diff --git a/playbooks/create_lxc.yml b/playbooks/create_lxc.yml index 7398b41..3afdaf4 100644 --- a/playbooks/create_lxc.yml +++ b/playbooks/create_lxc.yml @@ -4,6 +4,7 @@ vars: root_password: "{{ lookup('env', 'XMPP_PASSWORD') }}" ssh_public_key: "{{ lookup('file', '~/.ssh/ansible.pub') }}" + vmid: 121 tasks: @@ -14,7 +15,7 @@ api_host: "{{ proxmox_url }}" api_user: "{{ proxmox_user }}" api_password: "{{ proxmox_password }}" - vmid: 121 + vmid: "{{ vmid }}" node: milan hostname: xmpp ostemplate: "local:vztmpl/debian-12-standard_12.7-1_amd64.tar.zst" @@ -25,6 +26,7 @@ net0: "name=eth0,bridge=vmbr1,ip=10.10.0.21/16,gw=10.10.0.1" pubkey: "{{ ssh_public_key }}" password: "{{ root_password }}" + features: "nesting=1" state: present delegate_to: localhost register: lxc_creation_result #booooh, capiremo questo che vuol dire. Intanto registriamolo... immagino... @@ -35,30 +37,13 @@ api_host: "{{ proxmox_url }}" api_user: "{{ proxmox_user }}" api_password: "{{ proxmox_password }}" - vmid: 121 + vmid: "{{ vmid }}" node: milan state: started # Tutto questo blocco รจ riassumibile in questa riga delegate_to: localhost when: lxc_creation_result.changed -# - name: Wait for container SSH to be available -# wait_for: -# host: 10.10.0.21 -# port: 22 -# timeout: 90 -# delay: 10 -# delegate_to: localhost -# when: lxc_creation_result.changed - - - - name: Wait until SSH is fully ready - ansible.builtin.wait_for_connection: - timeout: 180 - delegate_to: xmpp01 - - - - name: Aggiungi container all'inventory dinamico add_host: name: xmpp01 diff --git a/playbooks/test_nginx.yml b/playbooks/test_nginx.yml new file mode 100644 index 0000000..8f9d79e --- /dev/null +++ b/playbooks/test_nginx.yml @@ -0,0 +1,7 @@ +- name: Test provisioning nginx + hosts: xmpp01 + gather_facts: false + become: yes + + roles: + - nginx