From aee69b212bc1969aef51d78dc04d7c6f36ae915a Mon Sep 17 00:00:00 2001 From: Ricard Illa Date: Wed, 2 Nov 2022 13:29:32 +0100 Subject: [PATCH] k3s with secrets encryption --- hosts.yml | 3 +++ roles/k3s/defaults/main.yml | 1 + roles/k3s/tasks/main.yml | 6 +++--- roles/k3s/{files/init.d/k3s => templates/init.d/k3s.j2} | 3 +++ 4 files changed, 10 insertions(+), 3 deletions(-) create mode 100644 roles/k3s/defaults/main.yml rename roles/k3s/{files/init.d/k3s => templates/init.d/k3s.j2} (88%) diff --git a/hosts.yml b/hosts.yml index 5d17a0b..1b13ee6 100644 --- a/hosts.yml +++ b/hosts.yml @@ -38,6 +38,9 @@ all: lbu_media: mmcblk0p2 lbu_backupdir: /media/mmcblk0p2 + k3s_args: + - --secrets-encryption + dmcrypt_targets: - name: "WDC WDS400T1R0A" target: "disk0" diff --git a/roles/k3s/defaults/main.yml b/roles/k3s/defaults/main.yml new file mode 100644 index 0000000..782fddf --- /dev/null +++ b/roles/k3s/defaults/main.yml @@ -0,0 +1 @@ +k3s_args: [] diff --git a/roles/k3s/tasks/main.yml b/roles/k3s/tasks/main.yml index d585af6..f55934a 100644 --- a/roles/k3s/tasks/main.yml +++ b/roles/k3s/tasks/main.yml @@ -41,9 +41,9 @@ access_time: preserve - name: copy service file - copy: - src: init.d/k3s - dest: /etc/init.d + template: + src: init.d/k3s.j2 + dest: /etc/init.d/k3s mode: '0755' when: ansible_distribution == "Alpine" diff --git a/roles/k3s/files/init.d/k3s b/roles/k3s/templates/init.d/k3s.j2 similarity index 88% rename from roles/k3s/files/init.d/k3s rename to roles/k3s/templates/init.d/k3s.j2 index fc7f120..38d3288 100755 --- a/roles/k3s/files/init.d/k3s +++ b/roles/k3s/templates/init.d/k3s.j2 @@ -13,6 +13,9 @@ supervisor=supervise-daemon name=k3s command="/usr/local/bin/k3s" command_args="server \ + {% for arg in k3s_args %} + {{ arg }} \ + {% endfor %} >>/var/log/k3s.log 2>&1" output_log=/var/log/k3s.log