From 4d6e60281eff922d423ffb7a0f669423cd2e1e91 Mon Sep 17 00:00:00 2001 From: "Jon S. Stumpf" Date: Mon, 4 Dec 2023 12:46:45 -0500 Subject: [PATCH] Role tweaks (#268) * Limited boolean values to true/false; Signed-off-by: Jon S. Stumpf * Moved ArchLinux prereq task to be a handler; Signed-off-by: Jon S. Stumpf * Standardized task name for adding cgroup support; Signed-off-by: Jon S. Stumpf * Have backrefs: follow path:; Signed-off-by: Jon S. Stumpf * Addressed ansible-lint errors; Signed-off-by: Jon S. Stumpf * Fixed #264, task 7: Copy K3s service file; Signed-off-by: Jon S. Stumpf --------- Signed-off-by: Jon S. Stumpf --- .yamllint | 2 +- roles/k3s_agent/tasks/main.yml | 7 ++++--- roles/prereq/tasks/main.yml | 2 +- roles/raspberrypi/handlers/main.yml | 9 +++++++++ roles/raspberrypi/tasks/prereq/Archlinux.yml | 14 ++++---------- roles/raspberrypi/tasks/prereq/CentOS.yml | 4 ++-- roles/raspberrypi/tasks/prereq/Debian.yml | 4 ++-- roles/raspberrypi/tasks/prereq/Raspbian.yml | 4 ++-- roles/raspberrypi/tasks/prereq/Ubuntu.yml | 7 ++++--- 9 files changed, 29 insertions(+), 24 deletions(-) diff --git a/.yamllint b/.yamllint index 8f19687..c572b3f 100644 --- a/.yamllint +++ b/.yamllint @@ -6,4 +6,4 @@ rules: max: 120 level: warning truthy: - allowed-values: ['true', 'false', 'yes', 'no'] + allowed-values: ['true', 'false'] diff --git a/roles/k3s_agent/tasks/main.yml b/roles/k3s_agent/tasks/main.yml index 5d16780..75a0cf1 100644 --- a/roles/k3s_agent/tasks/main.yml +++ b/roles/k3s_agent/tasks/main.yml @@ -21,16 +21,17 @@ changed_when: true - name: Copy K3s service file + register: k3s_agent_service ansible.builtin.template: src: "k3s-agent.service.j2" dest: "{{ systemd_dir }}/k3s-agent.service" owner: root group: root - mode: 0755 + mode: "u=rw,g=r,o=r" - name: Enable and check K3s service ansible.builtin.systemd: name: k3s-agent - daemon_reload: true - state: started + daemon_reload: "{{ true if k3s_agent_service.changed else false }}" + state: "{{ 'restarted' if k3s_agent_service.changed else 'started' }}" enabled: true diff --git a/roles/prereq/tasks/main.yml b/roles/prereq/tasks/main.yml index 9b208e7..e76312a 100644 --- a/roles/prereq/tasks/main.yml +++ b/roles/prereq/tasks/main.yml @@ -3,7 +3,7 @@ when: ansible_distribution in ['Ubuntu'] ansible.builtin.apt: name: policycoreutils # Used by install script to restore SELinux context - update_cache: yes + update_cache: true - name: Enable IPv4 forwarding ansible.posix.sysctl: diff --git a/roles/raspberrypi/handlers/main.yml b/roles/raspberrypi/handlers/main.yml index 8c6ecb3..1a712bf 100644 --- a/roles/raspberrypi/handlers/main.yml +++ b/roles/raspberrypi/handlers/main.yml @@ -1,3 +1,12 @@ --- - name: Reboot Pi ansible.builtin.reboot: + post_reboot_delay: 10 + reboot_timeout: 60 + +- name: Regenerate bootloader image + ansible.builtin.command: ./mkscr + args: + chdir: /boot + notify: Reboot Pi + changed_when: true diff --git a/roles/raspberrypi/tasks/prereq/Archlinux.yml b/roles/raspberrypi/tasks/prereq/Archlinux.yml index bc497f0..24e189a 100644 --- a/roles/raspberrypi/tasks/prereq/Archlinux.yml +++ b/roles/raspberrypi/tasks/prereq/Archlinux.yml @@ -1,15 +1,9 @@ --- -- name: Enable cgroup via boot commandline if not already enabled for Archlinux +- name: Enable cgroup via boot commandline if not already enabled ansible.builtin.lineinfile: path: /boot/boot.txt + # yamllint disable-line rule:line-length search_string: setenv bootargs console=ttyS1,115200 console=tty0 root=PARTUUID=${uuid} rw rootwait smsc95xx.macaddr="${usbethaddr}" + # yamllint disable-line rule:line-length line: setenv bootargs console=ttyS1,115200 console=tty0 root=PARTUUID=${uuid} rw rootwait smsc95xx.macaddr="${usbethaddr}" cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory - register: kernel_cmdline_cgroup - -- name: Create - ansible.builtin.command: ./mkscr - args: - chdir: /boot - notify: Reboot Pi - changed_when: false - when: kernel_cmdline_cgroup.changed # noqa: no-handler + notify: Regenerate bootloader image diff --git a/roles/raspberrypi/tasks/prereq/CentOS.yml b/roles/raspberrypi/tasks/prereq/CentOS.yml index 8399737..30043d2 100644 --- a/roles/raspberrypi/tasks/prereq/CentOS.yml +++ b/roles/raspberrypi/tasks/prereq/CentOS.yml @@ -1,8 +1,8 @@ --- -- name: Enable cgroup via boot commandline if not already enabled for Centos +- name: Enable cgroup via boot commandline if not already enabled ansible.builtin.lineinfile: path: /boot/cmdline.txt - backrefs: yes + backrefs: true regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$' line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory' notify: Reboot Pi diff --git a/roles/raspberrypi/tasks/prereq/Debian.yml b/roles/raspberrypi/tasks/prereq/Debian.yml index 981b3f7..aa003e3 100644 --- a/roles/raspberrypi/tasks/prereq/Debian.yml +++ b/roles/raspberrypi/tasks/prereq/Debian.yml @@ -4,12 +4,12 @@ path: /boot/firmware/cmdline.txt register: boot_firmware_cmdline_txt -- name: Activating cgroup support +- name: Enable cgroup via boot commandline if not already enabled ansible.builtin.lineinfile: path: "{{ (boot_firmware_cmdline_txt.stat.exists) | ternary('/boot/firmware/cmdline.txt', '/boot/cmdline.txt') }}" + backrefs: true regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$' line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory' - backrefs: true notify: Reboot Pi - name: Gather the package facts diff --git a/roles/raspberrypi/tasks/prereq/Raspbian.yml b/roles/raspberrypi/tasks/prereq/Raspbian.yml index 1530093..1ce8d5b 100644 --- a/roles/raspberrypi/tasks/prereq/Raspbian.yml +++ b/roles/raspberrypi/tasks/prereq/Raspbian.yml @@ -1,10 +1,10 @@ --- -- name: Activating cgroup support +- name: Enable cgroup via boot commandline if not already enabled ansible.builtin.lineinfile: path: /boot/cmdline.txt + backrefs: true regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$' line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory' - backrefs: true notify: Reboot Pi - name: Gather the package facts diff --git a/roles/raspberrypi/tasks/prereq/Ubuntu.yml b/roles/raspberrypi/tasks/prereq/Ubuntu.yml index c1754f7..b40786d 100644 --- a/roles/raspberrypi/tasks/prereq/Ubuntu.yml +++ b/roles/raspberrypi/tasks/prereq/Ubuntu.yml @@ -1,16 +1,17 @@ --- -- name: Enable cgroup via boot commandline if not already enabled for Ubuntu on a Raspberry Pi +- name: Enable cgroup via boot commandline if not already enabled ansible.builtin.lineinfile: path: /boot/firmware/cmdline.txt - backrefs: yes + backrefs: true regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$' line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory' notify: Reboot Pi + - name: Install Ubuntu Raspi Extra Packages ansible.builtin.apt: # Fixes issues in newer Ubuntu where VXLan isn't setup right. # See: https://github.com/k3s-io/k3s/issues/4234 name: linux-modules-extra-raspi - update_cache: yes + update_cache: true state: present when: "ansible_distribution_version is version('20.10', '>=')"