ansible_lxd_tests/local_lxd/roles/lxd/tasks/instance_config.yml

---
## ----------------------------- ##
## Assemble custom configuration ##
## ----------------------------- ##

# this should build `lxd_custom_config` for use externally

- name: process cpu + memory limit overrides
  when: lxd.instance.cpu_mem is defined
  block:
    - name: apply 'config.limits.cpu' override
      when: lxd.instance.cpu_mem.cpus is defined
      block:
        - name: get /proc/cpuinfo
          ansible.builtin.command: cat /proc/cpuinfo
          changed_when: false
          register: proc_cpuinfo

        - name: transform 'cpus' into 'config.limits.cpu'
          ansible.builtin.set_fact:
            lxd_custom_config:
              limits.cpu: "{{ lxd.instance.cpu_mem.cpus | asNative(proc_cpuinfo.stdout_lines) | sort | unique }}"

        - name: handle multiple cores
          when: lxd_custom_config['limits.cpu'] | length > 1
          ansible.builtin.set_fact:
            lxd_custom_config:
              limits.cpu: "{{ lxd_custom_config['limits.cpu'] | join(',') }}"

        - name: handle single core
          when: lxd_custom_config['limits.cpu'] | length == 1
          ansible.builtin.set_fact:
            lxd_custom_config:
              limits.cpu: "{{ lxd_custom_config['limits.cpu'][0] }}-{{ lxd_custom_config['limits.cpu'][0] }}"

    - name: apply 'config.limits.memory' override
      when: lxd.instance.cpu_mem.memory is defined
      vars:
        tmp_lxd_config:
          limits.memory: "{{ lxd.instance.cpu_mem.memory }}"
      ansible.builtin.set_fact:
        lxd_custom_config: "{{ ( lxd_custom_config | default({}) ) | combine(tmp_lxd_config, recursive=True) }}"

    - name: apply 'config.limits.memory.hugepages' override
      when: lxd.instance.cpu_mem.hugepages is defined
      vars:
        tmp_lxd_config:
          limits.memory.hugepages: "{{ lxd.instance.cpu_mem.hugepages | string }}"
      ansible.builtin.set_fact:
        lxd_custom_config: "{{ ( lxd_custom_config | default({}) ) | combine(tmp_lxd_config, recursive=True) }}"

    - name: apply 'config.limits.cpu.priority'
      when: lxd.instance.cpu_mem.cpu_priority is defined
      vars:
        tmp_lxd_config:
          limits.cpu.priority: "{{ lxd.instance.cpu_mem.cpu_priority }}"
      ansible.builtin.set_fact:
        lxd_custom_config: "{{ ( lxd_custom_config | default({}) ) | combine(tmp_lxd_config, recursive=True) }}"

- name: process user + group + both idmap
  when: lxd.instance.host_idmap is defined
  block:
    - name: load UID map
      ansible.builtin.getent:
        database: passwd

    - name: load GID map
      ansible.builtin.getent:
        database: group

    # the raw.idmap needs to have its ids appear in ascending order
    - name: handle combined idmaps
      when: lxd.instance.host_idmap.both is defined
      block:
        - name: get UID from username
          loop: "{{ lxd.instance.host_idmap.both }}"
          loop_control:
            loop_var: lxd_host_id
          ansible.builtin.set_fact:
            lxd_both_idmap: "{{ lxd_both_idmap | default([]) + [ ansible_facts.getent_passwd[lxd_host_id][1] | int ] }}"

        - name: build raw "both" mapping
          loop: "{{ lxd_both_idmap | sort }}"
          loop_control:
            loop_var: lxd_host_id
          ansible.builtin.set_fact:
            lxd_raw_idmap: "{{ lxd_raw_idmap | default([]) + [ 'both ' + lxd_host_id | string + ' ' + lxd_host_id | string ] }}"

    - name: handle user idmaps
      when: lxd.instance.host_idmap.users is defined
      block:
        - name: uid mapping
          loop: "{{ lxd.instance.host_idmap.users }}"
          loop_control:
            loop_var: lxd_host_id
          ansible.builtin.set_fact:
            lxd_user_idmap: "{{ lxd_user_idmap | default([]) + [ ansible_facts.getent_passwd[lxd_host_id][1] | int ] }}"

        - name: build raw "uid" mapping
          loop: "{{ lxd_user_idmap | sort }}"
          loop_control:
            loop_var: lxd_host_id
          ansible.builtin.set_fact:
            lxd_raw_idmap: "{{ lxd_raw_idmap | default([]) + [ 'uid ' + lxd_host_id | string + ' ' + lxd_host_id | string ] }}"

    - name: handle group idmaps
      when: lxd.instance.host_idmap.groups is defined
      block:
        - name: gid mapping
          loop: "{{ lxd.instance.host_idmap.groups }}"
          loop_control:
            loop_var: lxd_host_id
          ansible.builtin.set_fact:
            lxd_group_idmap: "{{ lxd_group_idmap | default([]) + [ ansible_facts.getent_group[lxd_host_id][1] | int ] }}"

        - name: build raw "gid" mapping
          loop: "{{ lxd_group_idmap | sort }}"
          loop_control:
            loop_var: lxd_host_id
          ansible.builtin.set_fact:
            lxd_raw_idmap: "{{ lxd_raw_idmap | default([]) + [ 'gid ' + lxd_host_id | string + ' ' + lxd_host_id | string ] }}"

    - name: transform 'host_idmap' into 'config.raw.idmap'
      vars:
        tmp_lxd_config:
          raw.idmap: "{{ lxd_raw_idmap | join('\n') }}"
      ansible.builtin.set_fact:
        lxd_custom_config: "{{ ( lxd_custom_config | default({}) ) | combine(tmp_lxd_config, recursive=True) }}"