diff --git a/Playbooks/01-A-OPENLDAP.yml b/Playbooks/01-A-OPENLDAP.yml index f39a4d2..2d377ff 100644 --- a/Playbooks/01-A-OPENLDAP.yml +++ b/Playbooks/01-A-OPENLDAP.yml @@ -1,34 +1,33 @@ # ansible-playbook Playbooks/01-A-OPENLDAP.yml -i Inventories/QA -v -t 'deploy' --ask-become-pass # ansible-playbook Playbooks/01-A-OPENLDAP.yml -i Inventories/QA -v -t 'deploy' --become-password-file +############# TO DO + # usar el socket sin sudo + # storage pool zfs +############# + - hosts: ubuntu_lxd gather_facts: false tags: deploy vars: - DIR: "~/OpenLDAP/" + service_name: OpenLDAP-01 + DIR: "/home/{{ansible_user}}/OpenLDAP" + ssh_key_passphrase: open + ssh_key_name: OpenLDAP + roles: + - lxc_configure_ssh tasks: - - name: Create a directory if it does not exist - ansible.builtin.file: - path: "{{DIR}}" - state: directory - mode: '0755' - - - ansible.builtin.copy: - src: files/OpenLDAP.tf - dest: "{{DIR}}" - # Instalar terraform desde ansible con apt - # usar el socket sin sudo - # storage pool zfs + # Copio el manifest. + - file: path="{{DIR}}" state=directory mode='0755' + - copy: src=Manifests/OpenLDAP/main.tf dest="{{DIR}}/OpenLDAP-01.tf" - #- become: true - # ansible.builtin.shell: | - # apt-add-repository "deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main" - # apt install terraform - - - become: true - community.general.terraform: - project_path: '/home/renzo/OpenLDAP' + # Ejecuto el manifest, creo la instancia. + # Se necesita sudo para conectarse con el socket de LXD + - community.general.terraform: + project_path: "{{DIR}}" force_init: true state: present - \ No newline at end of file + binary_path: "/home/renzo/.local/bin/terraform" + become: true + register: terraform \ No newline at end of file diff --git a/Playbooks/01-B-LDAP-WEB-UI.yml b/Playbooks/01-B-LDAP-WEB-UI.yml index e69de29..c772270 100644 --- a/Playbooks/01-B-LDAP-WEB-UI.yml +++ b/Playbooks/01-B-LDAP-WEB-UI.yml @@ -0,0 +1,28 @@ +# ansible-playbook Playbooks/01-A-OPENLDAP.yml -i Inventories/QA -vv -t 'deploy' --become-password-file .sudo_pass + +- hosts: ubuntu_lxd + gather_facts: false + tags: deploy + vars: + DIR: "/home/renzo/PHPLDAPAdmin/" + tasks: + - ansible.builtin.file: + path: "{{DIR}}" + state: directory + mode: '0755' + + - ansible.builtin.copy: + src: files/PHPLDAPAdmin.tf + dest: "{{DIR}}" + + #- become: true + # ansible.builtin.shell: | + # apt-add-repository "deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main" + # apt install terraform + + - become: true + community.general.terraform: + project_path: "{{DIR}}" + force_init: true + state: present + \ No newline at end of file diff --git a/Playbooks/01-UBUNTU-LXD.yml b/Playbooks/01-UBUNTU-LXD.yml index 52781a2..b22a06a 100644 --- a/Playbooks/01-UBUNTU-LXD.yml +++ b/Playbooks/01-UBUNTU-LXD.yml @@ -1,47 +1,25 @@ # ansible-playbook Playbooks/01-UBUNTU-LXD.yml -i Inventories/QA -v -t 'deploy' --become-password-file .sudo_pass - hosts: ubuntu_lxd - gather_facts: false + gather_facts: true tags: - deploy - become: true + become: false tasks: - name: Update, Upgrade & Install dependencies become: true block: - apt: update_cache=yes upgrade=full - - ansible.builtin.package: name="{{item}}" state=present + - package: name="{{item}}" state=present with_items: - - ansible - - zfsutils-linux - - python3-pip + #- ansible - lxc - - build-essential - - autoconf - - libtool - - pkg-config - - idle-python2.7 - - libgle3 - - terraform - - ansible.builtin.include_role: name=init_lxd + - zfsutils-linux + - unzip + - shell: python3 -m pip install --upgrade pip - - pip: name=pylxd - - script: Playbooks/files/OpenLDAP.py - - #vars: - # - lxd_init_template_config_path="/path/to/my/custom/template" - -## Rollback -- hosts: ubuntu_lxd - tags: - - rollback - become: true - tasks: - - shell: "snap remove --purge lxd" - - pip: name=lxc-python2 state=absent - - ansible.builtin.package: name="{{item}}" state=absent - with_items: - - "ansible" - - "zfsutils-linux" - - "python3-pip" - - "lxc" \ No newline at end of file + #- include_role: name=init_lxd + - include_role: name=install_terraform + vars: + terraform_version: latest + terraform_default_path: "~/.local/bin" \ No newline at end of file diff --git a/Playbooks/Manifests/OpenLDAP/main.tf b/Playbooks/Manifests/OpenLDAP/main.tf new file mode 100644 index 0000000..b3b075c --- /dev/null +++ b/Playbooks/Manifests/OpenLDAP/main.tf @@ -0,0 +1,31 @@ +terraform { + required_providers { + lxd = { + source = "terraform-lxd/lxd" + } + } +} +provider "lxd" { + generate_client_certificates = true + accept_remote_certificate = true +} + +resource "lxd_cached_image" "image" { + source_remote = "ubuntu" + source_image = "focal/amd64" +} +resource "lxd_container" "container1" { + name = "OpenLDAP" + image = lxd_cached_image.image.fingerprint + ephemeral = false + config = { + "boot.autostart" = true + } + limits = { + cpu = 2 + } +} + +output "container_info" { + value = lxd_container.container1 +} \ No newline at end of file diff --git a/Playbooks/Manifests/OpenLDAP/profile.yml.j2 b/Playbooks/Manifests/OpenLDAP/profile.yml.j2 new file mode 100644 index 0000000..8b23c94 --- /dev/null +++ b/Playbooks/Manifests/OpenLDAP/profile.yml.j2 @@ -0,0 +1,5 @@ +config: + user.user-data: | + #cloud-config + ssh_authorized_keys: + - {{ lookup('file', SSH_KEY_PATH) }} diff --git a/Playbooks/files/OpenLDAP.tf b/Playbooks/Manifests/PHPLDAPAdmin/main.tf similarity index 66% rename from Playbooks/files/OpenLDAP.tf rename to Playbooks/Manifests/PHPLDAPAdmin/main.tf index 95b0b06..af2660c 100644 --- a/Playbooks/files/OpenLDAP.tf +++ b/Playbooks/Manifests/PHPLDAPAdmin/main.tf @@ -5,22 +5,20 @@ terraform { } } } - provider "lxd" { generate_client_certificates = true accept_remote_certificate = true } -resource "lxd_cached_image" "focal" { +resource "lxd_cached_image" "image" { source_remote = "ubuntu" source_image = "focal/amd64" } - -resource "lxd_container" "test1" { - name = "test1" - image = lxd_cached_image.focal.fingerprint +resource "lxd_container" "container1" { + name = "PHPLDAPAdmin" + image = lxd_cached_image.image.fingerprint ephemeral = false - config = { + config = { "boot.autostart" = true } limits = { diff --git a/Playbooks/files/OpenLDAP.py b/Playbooks/files/OpenLDAP.py deleted file mode 100644 index 4d238ed..0000000 --- a/Playbooks/files/OpenLDAP.py +++ /dev/null @@ -1,25 +0,0 @@ -from pylxd import Client - -# Project -lxd_proj = "MPS-LDAP" -lxd_proj_desc = "Proyecto para OpenLDAP & su cliente PHP LDAP Admin" -lxd_proj_config = {'limits.instances': '2'} - -f = False -for project in Client().projects.all(): - if project.name == lxd_proj: - f = True - break -if not f: - project = Client().projects.create( - lxd_proj, description=lxd_proj_desc, config=lxd_proj_config) - -LXD = Client(project=lxd_client) - - -# Create Network if not exists - -# Create Storage Pool if not exists - -# Create instance if not exists -ldap_instance = "OpenLDAP" \ No newline at end of file diff --git a/Playbooks/roles/init_lxd/tasks/main.yml b/Playbooks/roles/init_lxd/tasks/main.yml index cbe2ccd..e5aef93 100644 --- a/Playbooks/roles/init_lxd/tasks/main.yml +++ b/Playbooks/roles/init_lxd/tasks/main.yml @@ -6,6 +6,11 @@ name: lxd classic: yes +- register: tmp_file_stat + stat: path="{{lxd_init_template_processed_path}}" +- ansible.builtin.meta: end_batch + when: tmp_file_stat.stat.exists + - ansible.builtin.debug: var: hostvars[inventory_hostname]['ansible_default_ipv4']['address'] verbosity: 1 diff --git a/Playbooks/roles/install_terraform/README.md b/Playbooks/roles/install_terraform/README.md new file mode 100644 index 0000000..39fd00d --- /dev/null +++ b/Playbooks/roles/install_terraform/README.md @@ -0,0 +1,135 @@ +# ansible-role-terraform + +[![molecule](https://github.com/diodonfrost/ansible-role-terraform/workflows/molecule/badge.svg)](https://github.com/diodonfrost/ansible-role-terraform/actions) +[![Ansible Galaxy](https://img.shields.io/badge/galaxy-diodonfrost.terraform-660198.svg)](https://galaxy.ansible.com/diodonfrost/terraform) + +This role provide a compliance for install terraform on your target host. + +## Requirements + +This role was developed using Ansible 2.5 Backwards compatibility is not guaranteed. +Use `ansible-galaxy install diodonfrost.terraform` to install the role on your system. +* Ansible >= 2.8 +* Python >= 2.7 + +## Role Variables + +This role has multiple variables. The defaults for all these variables are the following: + +```yaml +--- +# defaults file for ansible-role-terraform + +# Define terraform version to install +# Possible values: https://releases.hashicorp.com/terraform/index.json +# Default: latest +terraform_version: latest + +# Define where to install terraform binary +# Default: use local system path defined in Ansible vars/*.yml +terraform_path: "{{ terraform_default_path }}" +``` + +## Dependencies + +None + +## Example Playbook + +This is a sample playbook file for deploying the Ansible Galaxy terraform role in a localhost and installing the latest version of Terraform. + +```yaml +--- +- hosts: localhost + become: true + roles: + - role: diodonfrost.terraform +``` + +This role can also install a specific version of terraform. + +```yaml +--- +- hosts: localhost + become: true + roles: + - role: ansible-role-terraform + vars: + terraform_version: 0.12.0-rc1 +``` + +Install Terraform 0.11.14 + +```yaml +--- +- hosts: localhost + become: true + roles: + - role: ansible-role-terraform + vars: + terraform_version: 0.11.14 +``` + +## Local Testing + +This project uses [Molecule](http://molecule.readthedocs.io/) to aid in the +development and testing. + +To develop or test you'll need to have installed the following: + +* Linux (e.g. [Ubuntu](http://www.ubuntu.com/)) +* [Docker](https://www.docker.com/) +* [Python](https://www.python.org/) (including python-pip) +* [Ansible](https://www.ansible.com/) +* [Molecule](http://molecule.readthedocs.io/) +* [Virtualbox](https://www.virtualbox.org/) (if you test windows system) +* [Vagrant](https://www.vagrantup.com/downloads.html) (if you test windows system) + +### Testing with Docker + +```shell +# Install requirements +pip install -r requirements-dev.txt + +# Test ansible role with centos 8 +molecule test + +# Test ansible role with ubuntu 20.04 +image=ansible-ubuntu:20.04 molecule test + +# Test ansible role with alpine latest +image=ansible-alpine:latest molecule test + +# Create centos 7 instance +image=ansible-centos:7 molecule create + +# Apply role on centos 7 instance +image=ansible-centos:7 molecule converge + +# Launch tests on centos 7 instance +image=ansible-centos:7 molecule verify +``` + +### Testing with Vagrant and Virtualbox + +```shell +# Test ansible role with FreeBSD +molecule test -s freebsd + +# Test ansible role with OpenBSD +molecule test -s openbsd + +# Test ansible role with Solaris +molecule test -s solaris + +# Test ansible role with Windows +molecule test -s windows +``` + +## License + +Apache 2 + +## Author Information + +This role was created in 2019 by diodonfrost. diff --git a/Playbooks/roles/install_terraform/defaults/main.yml b/Playbooks/roles/install_terraform/defaults/main.yml new file mode 100644 index 0000000..08dac1d --- /dev/null +++ b/Playbooks/roles/install_terraform/defaults/main.yml @@ -0,0 +1,11 @@ +--- +# defaults file for ansible-role-terraform + +# Define terraform version to install +# Possible values: https://releases.hashicorp.com/terraform/index.json +# Default: latest +terraform_version: latest + +# Define where to install terraform binary +# Default: use local system path defined in Ansible vars/*.yml +terraform_path: "{{ terraform_default_path }}" diff --git a/Playbooks/roles/install_terraform/filter_plugins/__pycache__/sort_versions.cpython-310.pyc b/Playbooks/roles/install_terraform/filter_plugins/__pycache__/sort_versions.cpython-310.pyc new file mode 100644 index 0000000..c0d07b4 Binary files /dev/null and b/Playbooks/roles/install_terraform/filter_plugins/__pycache__/sort_versions.cpython-310.pyc differ diff --git a/Playbooks/roles/install_terraform/filter_plugins/sort_versions.py b/Playbooks/roles/install_terraform/filter_plugins/sort_versions.py new file mode 100644 index 0000000..d94ba05 --- /dev/null +++ b/Playbooks/roles/install_terraform/filter_plugins/sort_versions.py @@ -0,0 +1,25 @@ +"""Sort complex versions""" + +from distutils.version import LooseVersion + + +def filter_sort_versions(value): + """ + Ansible entrypoint function + """ + return sorted(value, key=LooseVersion) + + +class FilterModule(object): + """ + Sort complex versions like 0.10.2, 0.1.1, 0.10.12 + """ + filter_sort = { + 'sort_versions': filter_sort_versions, + } + + def filters(self): + """ + Return the sorted values + """ + return self.filter_sort diff --git a/Playbooks/roles/install_terraform/tasks/main.yml b/Playbooks/roles/install_terraform/tasks/main.yml new file mode 100644 index 0000000..88ad195 --- /dev/null +++ b/Playbooks/roles/install_terraform/tasks/main.yml @@ -0,0 +1,8 @@ +--- +# tasks file for ansible-role-terraform + +- name: Include OS specific variables. + include_vars: "{{ ansible_system }}.yml" + +- name: Install Terraform + include_tasks: "setup-{{ base_os[ansible_system] | default('Linux-Unix') }}.yml" diff --git a/Playbooks/roles/install_terraform/tasks/setup-Linux-Unix.yml b/Playbooks/roles/install_terraform/tasks/setup-Linux-Unix.yml new file mode 100644 index 0000000..cecce14 --- /dev/null +++ b/Playbooks/roles/install_terraform/tasks/setup-Linux-Unix.yml @@ -0,0 +1,44 @@ +--- +# tasks file for install terraform on Linux and Unix system + +- name: Linux/Unix | Find all versions of Terraform + uri: + url: https://releases.hashicorp.com/terraform/index.json + return_content: yes + register: terraform_index + when: terraform_version == "latest" + check_mode: no + +- name: Linux/Unix | Finds the latest Terraform version when latest var is define + set_fact: + terraform_version_to_install: "{{ (terraform_index.content | from_json).versions | reject('search','-') | list | sort_versions | last }}" + when: terraform_version == 'latest' + +- name: Linux/Unix | Use the specified Terraform version when latest var is not define + set_fact: + terraform_version_to_install: "{{ terraform_version }}" + when: terraform_version != 'latest' + +# This task avoids downloading Terraform every time +- name: Linux/Unix | Check if Terraform is present with the right version + command: "{{ terraform_path }}/terraform -version" + register: terraform_installed_version + ignore_errors: yes + changed_when: false + failed_when: false + +- name: Linux/Unix | Install Terraform + unarchive: + src: "{{ terraform_pkg_url }}" + dest: "{{ terraform_path }}" + remote_src: yes + when: terraform_version_to_install not in ( terraform_installed_version.stdout_lines | default(['empty'], true) | first ) + +- name: Link terraform to /usr/local/bin + become: true + file: + src: "{{ terraform_path }}/terraform" + dest: "/usr/local/bin/terraform" + state: link + force: yes + mode: 744 \ No newline at end of file diff --git a/Playbooks/roles/install_terraform/tasks/setup-Windows.yml b/Playbooks/roles/install_terraform/tasks/setup-Windows.yml new file mode 100644 index 0000000..5c9f1da --- /dev/null +++ b/Playbooks/roles/install_terraform/tasks/setup-Windows.yml @@ -0,0 +1,49 @@ +--- +# tasks file for install terraform on Windows system + +- name: Windows | Find all versions of Terraform + win_uri: + url: https://releases.hashicorp.com/terraform/index.json + return_content: yes + register: terraform_index + when: terraform_version == 'latest' + check_mode: no + +- name: Windows | Finds the latest Terraform version when latest var is define + set_fact: + terraform_version_to_install: "{{ (terraform_index.content | from_json).versions | reject('search','-') | list | sort_versions | last }}" + when: terraform_version == 'latest' + +- name: Windows | Use the specified Terraform version when latest var is not define + set_fact: + terraform_version_to_install: "{{ terraform_version }}" + when: terraform_version != 'latest' + +# This task avoids downloading Terraform every time +- name: Windows | Check if terraform is present on Windows with the right version + win_command: terraform -version + register: terraform_installed_version + ignore_errors: yes + changed_when: false + failed_when: false + +- name: Windows | Download Terraform + win_get_url: + url: "{{ terraform_pkg_url }}" + dest: '%TEMP%\terraform_{{ terraform_version_to_install }}_windows_amd64.zip' + when: terraform_version_to_install not in ( terraform_installed_version.stdout_lines | default(['empty']) | first ) + +- name: Windows | Create Terraform folder + win_file: + path: "{{ terraform_path }}" + state: directory + +- name: Windows | Install Terraform + win_unzip: + src: '%TEMP%\terraform_{{ terraform_version_to_install }}_windows_amd64.zip' + dest: "{{ terraform_path }}" + when: terraform_version_to_install not in ( terraform_installed_version.stdout_lines | default(['empty']) | first ) + +- name: Windows | Add Terraform to PATH + win_path: + elements: "{{ terraform_path }}" diff --git a/Playbooks/roles/install_terraform/vars/Darwin.yml b/Playbooks/roles/install_terraform/vars/Darwin.yml new file mode 100644 index 0000000..898b699 --- /dev/null +++ b/Playbooks/roles/install_terraform/vars/Darwin.yml @@ -0,0 +1,5 @@ +--- +# vars file for terraform in Mac osx system +terraform_pkg_url: "https://releases.hashicorp.com/terraform/{{ terraform_version_to_install }}/terraform_{{ terraform_version_to_install }}_{{ os_type }}_amd64.zip" +terraform_default_path: /usr/local/bin/ +os_type: darwin diff --git a/Playbooks/roles/install_terraform/vars/FreeBSD.yml b/Playbooks/roles/install_terraform/vars/FreeBSD.yml new file mode 100644 index 0000000..421c1b7 --- /dev/null +++ b/Playbooks/roles/install_terraform/vars/FreeBSD.yml @@ -0,0 +1,5 @@ +--- +# vars file for terraform in FreeBSD system +terraform_pkg_url: "https://releases.hashicorp.com/terraform/{{ terraform_version_to_install }}/terraform_{{ terraform_version_to_install }}_{{ os_type }}_{{ base_arch[ansible_architecture] | default('amd64') }}.zip" +terraform_default_path: /usr/local/bin/ +os_type: freebsd diff --git a/Playbooks/roles/install_terraform/vars/Linux.yml b/Playbooks/roles/install_terraform/vars/Linux.yml new file mode 100644 index 0000000..cc53259 --- /dev/null +++ b/Playbooks/roles/install_terraform/vars/Linux.yml @@ -0,0 +1,5 @@ +--- +# vars file for terraform in Linux system +terraform_pkg_url: "https://releases.hashicorp.com/terraform/{{ terraform_version_to_install }}/terraform_{{ terraform_version_to_install }}_{{ os_type }}_{{ base_arch[ansible_architecture] | default('amd64') }}.zip" +terraform_default_path: /usr/local/bin/ +os_type: linux diff --git a/Playbooks/roles/install_terraform/vars/OpenBSD.yml b/Playbooks/roles/install_terraform/vars/OpenBSD.yml new file mode 100644 index 0000000..00c8233 --- /dev/null +++ b/Playbooks/roles/install_terraform/vars/OpenBSD.yml @@ -0,0 +1,5 @@ +--- +# vars file for terraform in OpenBSD system +terraform_pkg_url: "https://releases.hashicorp.com/terraform/{{ terraform_version_to_install }}/terraform_{{ terraform_version_to_install }}_{{ os_type }}_{{ base_arch[ansible_architecture] | default('amd64') }}.zip" +terraform_default_path: /usr/local/bin/ +os_type: openbsd diff --git a/Playbooks/roles/install_terraform/vars/SunOS.yml b/Playbooks/roles/install_terraform/vars/SunOS.yml new file mode 100644 index 0000000..481447f --- /dev/null +++ b/Playbooks/roles/install_terraform/vars/SunOS.yml @@ -0,0 +1,5 @@ +--- +# vars file for terraform in SunOS system +terraform_pkg_url: "https://releases.hashicorp.com/terraform/{{ terraform_version_to_install }}/terraform_{{ terraform_version_to_install }}_{{ os_type }}_amd64.zip" +terraform_default_path: /usr/sbin +os_type: solaris diff --git a/Playbooks/roles/install_terraform/vars/Win32NT.yml b/Playbooks/roles/install_terraform/vars/Win32NT.yml new file mode 100644 index 0000000..2c0c7fd --- /dev/null +++ b/Playbooks/roles/install_terraform/vars/Win32NT.yml @@ -0,0 +1,5 @@ +--- +# vars file for terraform in Windows system +terraform_pkg_url: "https://releases.hashicorp.com/terraform/{{ terraform_version_to_install }}/terraform_{{ terraform_version_to_install }}_windows_{{ base_arch[ansible_architecture] | default('amd64') }}.zip" +terraform_default_path: C:\HashiCorp\terraform\bin\ +os_type: windows diff --git a/Playbooks/roles/install_terraform/vars/main.yml b/Playbooks/roles/install_terraform/vars/main.yml new file mode 100644 index 0000000..9184843 --- /dev/null +++ b/Playbooks/roles/install_terraform/vars/main.yml @@ -0,0 +1,17 @@ +--- +# vars file for ansible-role-terraform +base_arch: + i386: '386' + x86_64: 'amd64' + amd64: 'amd64' + aarch64: 'arm64' + armv7l: 'arm' + armv6l: 'arm' + +base_os: + Linux: 'Linux-Unix' + FreeBSD: 'Linux-Unix' + OpenBSD: 'Linux-Unix' + Solaris: 'Linux-Unix' + Darwin: 'Linux-Unix' + Win32NT: 'Windows' diff --git a/Playbooks/roles/lxc_configue_ssh/defaults/main.yml b/Playbooks/roles/lxc_configue_ssh/defaults/main.yml new file mode 100644 index 0000000..5829e99 --- /dev/null +++ b/Playbooks/roles/lxc_configue_ssh/defaults/main.yml @@ -0,0 +1,8 @@ +--- +# defaults file for roles/init_lxd + +profile: default +ssh_user: renzo +ssh_key_path: ~/.ssh/lxd_ssh +ssh_key_name: lxd_ssh +ssh_key_passphrase: set_a_password! \ No newline at end of file diff --git a/Playbooks/roles/lxc_configue_ssh/tasks/main.yml b/Playbooks/roles/lxc_configue_ssh/tasks/main.yml new file mode 100644 index 0000000..83422d3 --- /dev/null +++ b/Playbooks/roles/lxc_configue_ssh/tasks/main.yml @@ -0,0 +1,48 @@ +--- + +# profile: default +# lxc +# ssh_user: renzo +# ssh_key_path: ~/.ssh/lxd_ssh +# ssh_key_name: lxd_ssh +# ssh_key_passphrase: set_a_password! + +# tasks file for roles/init_lxd +- name: generate SSH key "{{ssh_key_name}}" + register: SSH_KEY + user: + name: "{{ssh_user}}" + generate_ssh_key: yes + ssh_key_type: rsa + ssh_key_bits: 4096 + ssh_key_file: "{{ssh_key_path}}" + ssh_key_passphrase: "{{ssh_passphrase}}" + force: no + +# Default profile +- shell: "lxc profile show {{profile}}" + become: true + register: profile + +# Process of custom profile with my new SSH Key +- set_fact: + lookup_custom_conf: | + config: + user.user-data: | + ssh_authorized_keys: + - {{SSH_KEY.ssh_public_key}} + +# Apply merge in LXD +- ansible.builtin.tempfile: {} + register: temp_lxd_config + +- set_fact: custom_config="{{ lookup_custom_conf | from_yaml }}" +- set_fact: profile_yaml_path="{{temp_lxd_config.path}}" +- copy: + dest: "{{profile_yaml_path}}" + content: | + {{ profile.stdout | from_yaml | combine(custom_config) | to_yaml }} + +- shell: "lxc profile edit {{profile}} < {{profile_yaml_path}}" + become: true +- file: path="{{profile_yaml_path}}" state=absent \ No newline at end of file