moved k3s binary to /opt

pikvm gopass gpg key
podman
2022-10-30 16:46:05 +01:00 · 2022-10-30 16:32:52 +01:00 · 2022-10-30 16:32:32 +01:00 · 2022-10-30 15:54:15 +01:00 · 2022-10-30 15:53:51 +01:00 · 2022-10-30 15:53:17 +01:00
13 changed files with 330 additions and 186 deletions
--- a/deploy.yml
+++ b/deploy.yml
@ -8,28 +8,6 @@
    - name: mount rw
      command: /usr/local/bin/rw

- name: common roles
-  hosts:
-    - caladan
-    - fugu
-    - narwhal
-    - snitch
-    - suricata
-    # - pikvm
-  become: true
-  roles:
-    - basic
-    - users
-    - repos
-    - sshd
-  vars:
-    users:
-      - rilla
-      - ansible
-      - builder
-      - gopass
-      - woodpecker
-
 - name: cryptoraid
  hosts:
    - suricata
@ -59,6 +37,45 @@
  roles:
    - pi_fan_hwpwm

+- name: docker
+  hosts:
+    - caladan
+    - narwhal
+  become: true
+  roles:
+    - docker
+
+- name: podman
+  hosts:
+    - suricata
+  become: true
+  roles:
+    - podman
+  tags: podman
+
+- name: common roles
+  hosts:
+    - caladan
+    - fugu
+    - narwhal
+    - snitch
+    - suricata
+    # - pikvm
+  become: true
+  roles:
+    - basic
+    - users
+    - repos
+    - sshd
+  vars:
+    users:
+      - rilla
+      - ansible
+      - builder
+      - gopass
+      - woodpecker
+
+
 - name: quality of life tools
  hosts:
    - caladan
@ -81,6 +98,14 @@
  roles:
    - tinyproxy

+- name: k3s
+  hosts:
+    - suricata
+  become: true
+  roles:
+    - k3s
+  tags: k3s
+
 - name: wireguard
  hosts:
    - caladan
@ -132,3 +157,6 @@
  post_tasks:
    - name: mount ro
      command: /usr/local/bin/ro
+
+# todo:
+# setup-apkcache and setup-lbu to use /media/mmcblk0p2
--- a/group_vars/all/main.yml
+++ b/group_vars/all/main.yml
@ -7,3 +7,5 @@ deb_arch_mapping: {
  "x86_64": "amd64",
  "i386": "i386"
 }
+
+main_user: rilla
--- a/hosts.yml
+++ b/hosts.yml
@ -86,12 +86,36 @@ all:
          opts: "subvol=home,noatime"
          passno: "0"

+        - src: "/dev/mapper/disk0"
+          path: "/opt"
+          fstype: "btrfs"
+          opts: "subvol=opt,noatime"
+          passno: "0"
+
        - src: "/dev/mapper/disk0"
          path: "/var/lib/builder/src"
          fstype: "btrfs"
          opts: "subvol=src,noatime"
          passno: "0"

+        - src: "/dev/mapper/disk0"
+          path: "/etc/rancher"
+          fstype: "btrfs"
+          opts: "subvol=rancher_config,noatime"
+          passno: "0"
+
+        - src: "/dev/mapper/disk0"
+          path: "/var/lib/rancher"
+          fstype: "btrfs"
+          opts: "subvol=rancher_data,noatime"
+          passno: "0"
+
+        - src: "/dev/mapper/disk0"
+          path: "/var/lib/containers"
+          fstype: "btrfs"
+          opts: "subvol=containers,noatime"
+          passno: "0"
+
      rpi_cfg:
        - "enable_uart=1"
        - "otg_mode=1"
--- a/get_distribution.yml
+++ b/get_distribution.yml
@ -1,6 +1,5 @@
 ---
- hosts:
-    - pikvm
+- hosts: all
  gather_facts: true
  become: false
  tasks:
@ -8,5 +7,6 @@
    debug: "msg={{ item }}"
    with_items:
      - "{{ ansible_distribution }}"
+      - "{{ ansible_architecture }}"
      - "{{ ansible_distribution_version }}"
      - "{{ ansible_distribution_major_version }}"
--- a/roles/docker/tasks/alpine.yml
+++ b/roles/docker/tasks/alpine.yml
@ -0,0 +1,14 @@
+---
+
+- name: install docker with apk
+  apk:
+    name:
+      - docker
+      - docker-compose
+
+- name: start and enable docker
+  service:
+    name: docker
+    state: started
+    enabled: true
+    runlevel: boot
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@ -0,0 +1,5 @@
+---
+
+- name: 'alpine-specific docker things'
+  include_tasks: alpine.yml
+  when: ansible_distribution == "Alpine"
--- a/roles/gopass/files/gpg/pikvm.asc
+++ b/roles/gopass/files/gpg/pikvm.asc
@ -1,162 +1,51 @@
-$ANSIBLE_VAULT;1.1;AES256
-38643439666239363736623632303934373735323661396532343564643536356662653537613638
-3833616331653662666362366439666332656437313738360a326439313737663932353532653262
-66643736336435623137306133663536316336663934353630353735666432343361386263666361
-3164373131336430610a303231356131656632343239326435646631643433363134623833663037
-38376562333438653935343834383864316161313565626237393362616134376230386162633066
-31333763343732613566633933643464376439316534373131316637663263653362306536356338
-65336631613266653563363161316631636132623636656362616237386131396631343565323936
-62383532626436653332666161303439346335396437316464626434633362343032326265316164
-34326466633037326666346633396164656134383963303539616638336133653238626563393536
-39393933313966336333353066393263623238616666313764383863616234343463313132653866
-64333031663039636132636165343536613736643864323435393161653266346465343938313238
-37336366313339613264383039613237623266346132313164613838376132343162636663303133
-63316431616630343333313135633534376263306661326339323036353230336135323937343936
-65316131366439366334666332633761323433393830356263386530336135303732373263633331
-34383432326563313464633236323531383664393138373537666162626666366138383139636365
-33356436363863623935333466396366383031383736663437306464346465643635363332376331
-62623662656433306463643165643339316631613930346632373439613264306261666339353065
-65366436303561616262633437343535326530363261303832303562343162643362356237343735
-32366262343037393664346161376161306133303332383566356233633533636663313539643139
-30393032323430336532336235373733333438386666323663626532633365646338346166363062
-31363665613830343834316262613464366565633236663764633134393732346538633339616538
-39643739363537313631336362613739653361376233326137336633636436363736663265616562
-64613036613263303138626332373364636662363936323837383732323138656265393731323439
-34643036313331393665626563373730616336323337326565626533303232623031353963306237
-37373830633937626330616639353436613331323735313035626131303538336466323934336165
-30636333633330663862326664356463303664656662616537356564386435323835353334613166
-64363662373963376235356362363065323832323137633164636436623363383461316539373335
-65336335653139663830323430633866353164333730373138633666306465653438393535343863
-61373761653365366635323835343335313265626261336632373166316535316464623761643434
-34333566323861666530666238333538383039613332353262306438376438326438383732306439
-31653635343862383835363633373039613437393661353337336230363735626533346438663965
-35363338656130353361383034373666363064326630656434613030646135646433386461333139
-36313864306333663631626265643235386330343339653136663537393937646236356365323265
-32333764316632353437633730323634616233316266613039663138303638373332353632636532
-35323439646563383066313736356566303831323162633535633335373666386435303236656438
-64343765386634646563333230376438353861613235343633626365663762653261353033386336
-63393438383763636237353831343461393332363436623165626433626631666664306164653231
-64346532313364616630373331316431386233333935393031343935623661383563356636373361
-36313334393237326465316234333661373965623832316331333062343934663533353833336338
-38343938366230343430653730363630666230653263313466396134633863343331666364633236
-38616332366462613039343731363665343931623836383962343432366234613432356236626138
-33346439653436643934316461393134616563353833666133333432373132623662653138653232
-39353564383762613935396162656334393138626566376364316163356234313832353238383439
-61656361396530333661623564343662376138356535386234336334326463646338336263383731
-64373466643866663636616336313538346562613733303232313938633435396137316266306332
-61663561653066633433663937373331623238366233623731653938623964303061336430323166
-37313261666366346532316531356335633634666162623932303563343733633736353237613639
-37623361373766393765626333363966663266666666383830353438643661643130303832653137
-31316465383137363533396330303462663830633237313730333435333736633332623532366430
-62386238383665623463343266613536356162613066333862353730326638653831636137393931
-39636232343934353734326232333439326265663366383735313962313033396466663935343833
-32343631623065363963646135353133383134353966343730306237383731363931316565313963
-63636661383137363066303538303661303237653931396166323038353561646662356134653136
-63633662363531316534663738643564613136616539393438333963316330616630383936646230
-61616234373363393963363131383466316332336138326330643038356331373334356637653163
-64366239303462623736626365306264333033373130346238633034643239383565333134613939
-35356537316337613036333566353832333165333461626565666161323332303265323561356264
-34356337383462373937343634643138326332643866623437613534333861343566373666653834
-38306637333732346337376632393433656337633165393336623035323631393732383134336234
-35626366343864326165663436633833336665346530326363646339333332333937666166356532
-31646539323033666463653263363261326337316434636433633465653336663966336336373732
-35373965313666313864366336623338366436633231316334653936303431373732313131666662
-32373065363832653337623761663162643233613361646231626566623162636638666336346531
-33396431393538303237383662306535353136643433346334613964633230396535346236363937
-33633765373237343264633032323666643836333631343330306533666566623466633562653662
-34373033653636386135396239313732633930646135336133336266646438356230666131393739
-38666236646164346430306434333363616262653133316230303539363264383234633135366263
-31376437313966306463386539376466613736616535643934363865623064653235646434656362
-37663939646534376661343730333237616662626636623763303763363034353833633438666636
-33653932396134356432333733363264386164333062643834383538636230633038313334313363
-61396463326164626136376230323766356236646564616437663964633666303537396236626236
-34383763343562343036653263626531646366343262373166343664333836346230663433366134
-33346464306438393466363335393630663533633438363766306665386332363933383366353131
-38616435623665663362663237613563653938656639373035383037333732383836326334313961
-39633731373134323833613536383133346333373266656563376261643734343333303839333266
-38383962663734333762393132636237336165356234313264336165643931656531376361356239
-37303338346239316466663237346439346333313936353839333631343565366461313765643963
-34393664366530393838383134666432303230633333663035343233346365373663356130353263
-64646139353361626133333030313537636630313830366632633463653331323232646137316435
-39386239323063386431666632346661343330346137353963366633333230366435613461343033
-37353338653631343035346336323963646533656362313761313965646266613934333638356536
-37316530643362316330336535396431363732373136393230343065333261336564653530343433
-61313638396566393732333038633633356364366165313261383033363533646264343638633935
-38613864313437343932613765666435366434383334666165376362363838323330393366343832
-65616239356437353066396337316531633130623733653831346235633464613930383862366335
-31373133373064313133303836373132373034353631393139616565646639626634666531633132
-62366139306365633662623366353335666163613530653166643832396232643432356239363564
-30663638666262323437386535343132306133663262363662303762393463363136616235656463
-38373232396137353933653733663631383865383937353265313365666539613861623366346432
-63653435633538656133343437313738333133363332386466616335343061376434356530646564
-36323332316264656465313430613464653466396639613430363531373634623036393566356335
-34333739313737656263653236386339616362313664373563356363303463656337363966383433
-37343531616563646332633362366430386637383933613235353364656330613163313033616337
-30303038376538316236363266623536613936306635366633646465353261633338336237633238
-36396662333634393531353334373830643939316464333738396661343664653663353265383837
-37613135653135373932343932373932323231643636383338623030343438303335336137353866
-63396130373166353437666164333737313166653537646235393666336561643963316136616162
-61626237626464376364303133373462663530346537653464343038666665373364303037383230
-35653066663866343034306137393537386534303463306132643630623330613461383864303239
-30303362613634303061333263313830613765616638653862623535646433363135363461356639
-34663463313362376433336366336263386139323137323736373861393131376464303435653133
-37633339303664353466383263356634313133386266346435353633653437366265386164373864
-39303230653139343665633034323765396233653031663732623263373964326533656238353232
-65616433326665616639643231356461616363386435303635363163343532383065333435383864
-66323138386431336538396638613634633237326464383965363064663933353837313236313839
-32333130636130393036383936626336356436323764666230346362346634336661656366613738
-31306238663439313862386564316664346163316265303834663534306333636434383762616366
-37626539346138653438623736363730663261363332656639373234636138343832633039333838
-63323064343764366462333631613731656437396239333737373432656132623935376134366262
-64356331333734643862623239373236633564626235373339636534613236646637373434353230
-38313831346263346636373962633731376430646639353761613433383335373864356237356164
-35623762646438343634396363356234326562636531613837653866336638313831666462623733
-33396533616566663066643938396463653461373437333735303932333733383735636238633639
-30646536386437633532363434363562383639383533613635346136663031393763303161396161
-61663861663961366566623364376530363133643839613836393035373939306665646466613134
-39363636336536373338643636313938323965326433623634613430343436633936653632623961
-34323339306633343136343566356266363964663138613763306532336333373333306138316637
-65366265306136353839616361666637326266316632343337336364333238336165653766656466
-33393930343761353665313235383365356331363061323534346136353438326239353265346165
-39323634383865613537303061376438613434626239333061396666373832653663326438356463
-63353635626335636332333438313734653533373366643266636263616539376566326132656562
-66303439353537336636376162393637316464386532316530303362326433306361313635363131
-34653939646533623730373234353236616139636430353466386635346464646166613761636661
-61626235656231396232323531343339373464383033663062616333353539623439366433323532
-30326662633861343365306166323966333437636532343439353834656433393737316565626436
-39313165386634623334363035386438313337633863313163316230383138363632316131666330
-39326262376431636331313439613436346463313231616432656432353531346439313431363034
-30343435363862623332663963656333386261313134653562323830333164303837646135316463
-61323564303866306233383364383961393135386330343762303661333766363164363664346336
-32396635333763306130616439636131633564373337396364376366646262326431663437663035
-35633832646131636261613637313562326261343132306530633538393539666265643134333135
-38336665323339363133366634346566343361323765663132636166383830393366366232626437
-35343038393230616434303538376166366535383334666463393631666165663036346338333630
-63623637336239366233333566366366616666663866383362366238623330623462646437346339
-33313934623333393736363639626230326462326331303033336336393664333562643637313033
-38393633396564336565316361316331333765343136643834326466616635646662613866386238
-39353231653830393634623438653830313531616631626533303038353334616566373664323932
-32623262633537363633346633623638343635303337363031666161313638396336653161366135
-33336439656630346431383939653862663236636266336664666133626234633062326663356431
-34313530633335313636626662653436393166323066303565643166373862643632373862666233
-31393338336334303363663764626532653535633063663265613536393437376665393231663231
-34373964346238326531633961393935636562653236333437303962633466636638343639666465
-65633465346263633765666535356231346530393261323863393665666361353037316661346332
-37386139383239373636633833643064326632336332666336323638636161306436343339643462
-39656264623239386530306362386136396666386166333065396233396436353666363863333331
-65353765363165303134326561373235383334626466323034336334626233353235373139303861
-37333639643434376235303535373939613261323639376133326266623761363839363363303739
-61303834343233663739643165346465636465663636643866623435356463386563666366636432
-64316637343761353433613031373634393234613939366332643939363835656339656335663666
-33313436376530303539373465333737333936653530346135643034613166373333313432373962
-30643833346161313036306163356333373432323961656662653030343330636630616438316162
-35326561396662383332303831303533376166616435353365623831363361353935323630373766
-30353537366436396436353335663563323033333037633461663364373632626534396162623630
-64393430656334643138313532616535373137646635333562663861306632396434663736666239
-63366437653062636135353434316331313238333036343562363534366433653537356137326565
-31303165316233393037316534343831323333373031623330643033613662623465336562336632
-62306634366135316633653132306265373963343766303932386639643330346638396631653064
-63393135323565376461306666353363636165373038356437333730326139303236323362376463
-65346461323862343463323965663862626233646164613233393864623630646138366337383066
-37326435653736333264346562393237356536646434393963663862313361643466666438373432
-3834
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBGNOj/wBEADUtbNL/w9VzMpzkYbuiHoRqmBispDeBASV8ov1DIFilmqHQtny
+t4CJyh0RNA1Qjz0PWjcLnm8Pr/pfKbmVCVGrhIj95n69C5vRjzuxi4rArQStBAXL
+6yNSqly9vg3pIVEDVQr/HZqhND0isxXBvivQMWs5Gw3ixR4UAEk72Zxi+wFAXnf3
+sBoSmk+A2WwdX7sL8H/ZcIc52GLwbyu5+NJZpnEHLYJgHcRPi2jvnUsKfHdoRk7h
+2B4/wovRAPcgiVbklh7SlqqeuXCuMC3RdF1W9pWhNcxykc2hUxILqkyGw/rImMEH
+IBati75MST3VgU8VU1vyPoHliluW3CKvG2cidl40JapLKnDzWZfC4e1hLOlpQi7m
+7qDxscM3fuPn2KbA0pB1FjMmEgvIawvs4tfu9YE65P9BstZKkKrCryJCUmtVD9RI
+PRWKm78Ww1yNdc5G9Ez+q45qU/lRL+lyuuS/vV2F8hnDjcmYXMIfnxXpiwKWsrBh
+cEkJxtV5i6g5ar3IgOJDJtvkhATieKjF7mASMpSC9fjrU58/IaoR3/obfLYRkf0p
+IqaqxS4dHuotn9xxalQEGbyuccUQnM3auOE5whhpgqN+gBh8pAbaP6o59jeiO1Cw
+zx8iJHFl7njU0X8UToTwudmqBOvQr3A6Ydm9dE3AiiWOToTWjRyoNgWCKwARAQAB
+tB1waWt2bSA8cGlrdm1AbW9ub3RyZW1hdGEueHl6PokCTgQTAQoAOBYhBFEYaksJ
+41oALpvpj9PF+s9qIACNBQJjTo/8AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA
+AAoJENPF+s9qIACNKLIQAKk6lTAWhK+MFgMtr3wCLTrOpBB5z7HYyqzoRPyoFtCs
+VRAuOe2sjEHzu6eQ0hACDTQqeCxX+0o3AZAUAwSqG7NJApxKo8AIwW9Fqjwkz3TZ
+5UPz3OZvwOD7aLHSCUMXakGmW5LNINGcKqgIGeZgqPh80GY4bzGrVnb8aopmMPq0
+pDoIRqYh0o9MntBiXXDtssZnQ2ZTfjdvqBBP+kzxO0GdVUqcQDdYKeaHOqJzDuhW
+2D3hPfgyMiX6IoC47HeCFMTXzVYOqyPCwUzGlx3cHBmmUGnalFsbx1g8PgcREIqU
+GEzQn0Y6Tbyaqf53bCRm39Zwk955+p5GrjLo4nOqwTalJEp0UZxQO5u45g9NF/Vs
+ILQ7nEthKTSv+8Gp9mlQsIXs02/g4c0XbgwP1kh+5gGSmd14rv8U3peR8GXnyT8a
+6iUUklZW1q+g4F06ql/dlIvpBxDWlQZlHcMp5RzQlm9yCNOBEYMsCrJ0Fe6n+Xyu
+AeWSjDH4dEksqRdXiruQO790PKKFzaRUQs8Eqdzyj8IV+Md3EBL+TuJKL0vUzjZr
+NVsLGOYwwKXBNu7Q8dn+VjoJnyyVnwdlZMyQmNk3kBIkNSbt7cyMWa2yCG5SpId1
+gA7ai8kDv38gLBFuPzOWPJYecyHhJr37uDkFvtwi62i+CunDC27ZPPN70JbpJk3p
+uQINBGNOj/wBEADB4ViiqRkIZeqES5n2QsG7xc3WmCyN+DfZJgJnxcB37KiVnBO1
+DE32qoTfBUTIlS7hIpsNeKSdfNlv6JfrlN9RNaGRyAjmMvsaqgdvQ6BRTTmrC7+n
+UdjOnGQLHYpnHWvW6EYSJfEW5w2WVmyyGroEJkLPbbVc1FYj48RZf/uZY0J2EsyL
+FRw1SA7aKaXfvwf0xOzxpT6m3YmKBCy4A5Vnof5EXa/dmXB9C+npZzQaqhHmX195
+e+5QpasAdVJtAkbBAhpdaUCZARAPoQISekGmDD7cfrEDa11C2GH1LLjKZAoJVRTc
+P/mtXBZNIGOUGN6JHB64vis3W73oAc9M56qS5s02NVigmzL4gRe8g5vq+eTO+nv/
+ewOmjzQO+j/4rmVYaM/ALFdw4/H7NtNXmHF6Cp6z5WKlq1jrIbkzSfnjx3HTd20Q
+hFo9rNfc+CKxySg23aXZsnpT9ArXgfKjevmdNVdGFNdv9CsRQvJdsgzBNxh08ra0
+TPh4aSZiSq3heACS2uauUrFQQfyrBqTLAsaJsFnFyVnrUaoElodSiANtffgZ0Ern
+m8Bxhc/k8v8lR5Oj33oRg5e8ZbOdreWeEMJuDgVlUGF8w+KrWYT+rnvKz0xcZ135
+SFtSmAfuF+owiH86dDRSLajf24oAgDufA7FfWx7D8aMVn0Nn9Iu5A2bouwARAQAB
+iQI2BBgBCgAgFiEEURhqSwnjWgAum+mP08X6z2ogAI0FAmNOj/wCGwwACgkQ08X6
+z2ogAI2+tRAAtD4ShzBEmrTIL0YoDDMJU8h7cOFkvgQSOMkUShoi36+YBPc8VM/W
+J12zk8VIdpXkAEAaHxspDHo0NyXO4ho7xSDVPWWhkPtuZmLiJClrlgiUnm4DVK/I
+lyCbh27rBfPUnUrtKQjVs2Gt2LW+EemM00OncXIx/Uq8eCgaL+HGwY9YJ9aK9QS8
+HvDWho7e/34Exi5Kbrn721QqKhhIHBHuM3oK/I5342fNgSiP9VulK3z5hRgyrIsF
+BM4qf2KXbHOsTagFzcZPws59bVnP03cuP9InyXy7qQ0BeQYpQNRb6DoQ5HrbIKzG
+PqCNzfu8Yb9x+50SpisAM8P4mHirshQeMcfHNwluKe4vE65TpRxtguV/Tz35vcsG
+ja5WfBjioq56J/MMamHJ4sgH8mWYdy0LAssDYq4LceSA6ovZq30ma4TKq2ceWRnz
+IFmV8Ozkw8KROLJR5RjjtHn7o736S2QYKZNszSMAkKftlhTypebiUnF0YV2bAmoW
+M/9SZDZjo/x/9G84D9M5O0ALja/8fSeJGKFA443MV6le83/REnfBQKInB32dW0Q+
+8P1UuBqNdLyCU8hjg+zHX4dM+aNmQoegH3tWTLAG+hmz7KiEHz8HHaASvqScRdv
+RxFVgfQS3hmopj9vcPzRbnCg4s+ocfKs3/C4nRqokQLXJ2iQ3B0jY0U=
+=EqVn
+-----END PGP PUBLIC KEY BLOCK-----
--- a/roles/k3s/files/init.d/k3s
+++ b/roles/k3s/files/init.d/k3s
@ -0,0 +1,28 @@
+#!/sbin/openrc-run
+
+depend() {
+    after network-online
+    want cgroups
+}
+
+start_pre() {
+    rm -f /tmp/k3s.*
+}
+
+supervisor=supervise-daemon
+name=k3s
+command="/usr/local/bin/k3s"
+command_args="server \
+    >>/var/log/k3s.log 2>&1"
+
+output_log=/var/log/k3s.log
+error_log=/var/log/k3s.log
+
+pidfile="/var/run/k3s.pid"
+respawn_delay=5
+respawn_max=0
+
+set -o allexport
+if [ -f /etc/environment ]; then source /etc/environment; fi
+if [ -f /etc/rancher/k3s/k3s.env ]; then source /etc/rancher/k3s/k3s.env; fi
+set +o allexport
--- a/roles/k3s/tasks/main.yml
+++ b/roles/k3s/tasks/main.yml
@ -0,0 +1,75 @@
+---
+
+- name: set k3s download suffix
+  set_fact:
+    k3s_suffix: "{{ k3s_suffix_lookup[ansible_architecture] }}"
+
+- name: create k3s opt directory
+  file:
+    path: /opt/k3s
+    state: directory
+
+- name: download k3s binary
+  get_url:
+    url: "{{ k3s_download_base_url }}/k3s{{ k3s_suffix }}"
+    dest: /opt/k3s/k3s
+    checksum: "sha256:{{ k3s_download_base_url }}/sha256sum{{ k3s_suffix }}.txt"
+    mode: '0755'
+
+- name: create k3s symlinks
+  file:
+    state: link
+    src: /opt/k3s/k3s
+    dest: "/usr/local/bin/{{ item }}"
+  loop:
+    - k3s
+    - kubectl
+    - crictl
+    - ctr
+
+- name: create /etc/rancher/k3s directory
+  file:
+    path: /etc/rancher/k3s
+    state: directory
+
+- name: create k3s.env
+  file:
+    state: touch
+    path: /etc/rancher/k3s/k3s.env
+    mode: '0600'
+    modification_time: preserve
+    access_time: preserve
+
+- name: copy service file
+  copy:
+    src: init.d/k3s
+    dest: /etc/init.d
+    mode: '0755'
+  when: ansible_distribution == "Alpine"
+
+- name: enable and start k3s
+  service:
+    name: k3s
+    state: started
+    enabled: true
+  when: ansible_distribution == "Alpine"
+
+- name: add cgroup options cmdline.txt
+  replace:
+    path: /media/mmcblk0p1/cmdline.txt
+    regexp: '^([\w](?!.*\b{{ item }}\b).*)$'
+    replace: '\1 {{ item }}'
+  loop:
+    - "cgroup_memory=1"
+    - "cgroup_enable=memory"
+    - "cgroup_enable=cpuset"
+
+- name: add k3s files to lbu
+  lbu:
+    include:
+      - /usr/local/bin/k3s
+      - /usr/local/bin/kubectl
+      - /usr/local/bin/crictl
+      - /usr/local/bin/ctr
+      - /etc/init.d/k3s
+  when: ansible_distribution == "Alpine" and alpine_mode in ["diskless", "data"]
--- a/roles/k3s/vars/main.yml
+++ b/roles/k3s/vars/main.yml
@ -0,0 +1,29 @@
+---
+
+# The version for a given channel can be found with
+#
+# ```sh
+# CHANNEL_URL=${CHANNEL_URL:-'https://update.k3s.io/v1-release/channels'}
+# CHANNEL=${CHANNEL:-'stable'}
+# curl \
+#     --write-out '%{url_effective}' \
+#     --location \
+#     --silent \
+#     --show-error \
+#     "${CHANNEL_URL}/${CHANNEL}" \
+#     -o /dev/null |
+#     sed -e 's|.*/||'
+# ```
+k3s_version: v1.24.6+k3s1
+
+k3s_suffix_lookup:
+  amd64: ""
+  x86_64: ""
+  arm64: "-arm64"
+  aarch64: "-arm64"
+  armv7l: "-armhf"  # any other arm* should be `-armhf` too
+  s390x: "-s390x"
+
+k3s_releases_url: "https://github.com/k3s-io/k3s/releases/download"
+
+k3s_download_base_url: "{{ k3s_releases_url }}/{{ k3s_version }}"
--- a/roles/podman/tasks/alpine.yml
+++ b/roles/podman/tasks/alpine.yml
@ -0,0 +1,44 @@
+---
+
+- name: install podman with apk
+  apk:
+    name:
+      - podman
+
+- name: enable cgroups v2
+  lineinfile:
+    path: /etc/rc.conf
+    line: 'rc_cgroup_mode="unified"'
+    regexp: '#?rc_cgroup_mode=".+"'
+
+- name: start and enable cgroups
+  service:
+    name: cgroups
+    state: started
+    enabled: true
+
+- name: set podman storage driver
+  lineinfile:
+    path: /etc/containers/storage.conf
+    line: 'driver = "{{ podman_storage_driver }}"'
+    regexp: '"driver = ".+"'
+
+- name: load tun module for rootless podman support
+  modprobe:
+    name: tun
+    state: present
+
+- name: tun module on startup
+  lineinfile:
+    path: /etc/modules
+    line: tun
+    insertafter: EOF
+
+- name: lines for podman rootless support on /etc/subuid and /etc/subgid
+  lineinfile:
+    path: "{{ item }}"
+    line: "{{ main_user }}:100000:65536"
+    insertafter: EOF
+  loop:
+    - /etc/subuid
+    - /etc/subgid
--- a/roles/podman/tasks/main.yml
+++ b/roles/podman/tasks/main.yml
@ -0,0 +1,5 @@
+---
+
+- name: 'alpine-specific podman things'
+  include_tasks: alpine.yml
+  when: ansible_distribution == "Alpine"
--- a/roles/podman/vars/main.yml
+++ b/roles/podman/vars/main.yml
@ -0,0 +1 @@
+podman_storage_driver: btrfs
Author	SHA1	Message	Date
Ricard Illa	071a5c6382	moved k3s binary to /opt	2022-10-30 16:46:05 +01:00
Ricard Illa	8634cb8d54	pikvm gopass gpg key	2022-10-30 16:32:52 +01:00
Ricard Illa	1ccda61a88	podman	2022-10-30 16:32:32 +01:00
Ricard Illa	56c87e9735	host inventory updates	2022-10-30 15:54:15 +01:00
Ricard Illa	2cd64c159f	deploy updates	2022-10-30 15:53:51 +01:00
Ricard Illa	254247032d	docker role	2022-10-30 15:53:17 +01:00
Ricard Illa	8fe7c11617	k3s role	2022-10-30 15:53:04 +01:00
Ricard Illa	63abc810ce	print facts playbook	2022-10-21 12:38:35 +02:00
Ricard Illa	af0977c9fc	print facts playbook	2022-10-21 12:37:09 +02:00