diff options
-rw-r--r-- | dan/sk-tomnext.yml | 19 | ||||
-rw-r--r-- | inventory/host_vars/sk-2019vm.yml | 10 | ||||
-rw-r--r-- | inventory/host_vars/sk-tomnext.yml | 5 | ||||
-rw-r--r-- | roles/base/tasks/Debian.yml | 4 |
4 files changed, 31 insertions, 7 deletions
diff --git a/dan/sk-tomnext.yml b/dan/sk-tomnext.yml index 54c31bfd..2fd81699 100644 --- a/dan/sk-tomnext.yml +++ b/dan/sk-tomnext.yml @@ -11,3 +11,22 @@ - role: zfs/base - role: vm/host - role: installer/debian/base + tasks: + - name: install post-boot script + copy: + dest: /usr/local/bin/post-boot + mode: 0755 + content: | + #!/bin/bash + set -e + + {% for name, volume in cryptdisk_volumes.items() %} + cryptsetup luksOpen '{{ volume.device }}' '{{ name }}' + {% endfor %} + systemctl restart zfs-import-cache.service + systemctl restart zfs-mount.service + systemctl restart zfs-share.service + mount -a + + sleep 2 + systemctl restart libvirtd.service diff --git a/inventory/host_vars/sk-2019vm.yml b/inventory/host_vars/sk-2019vm.yml index 4584813e..723d0b5c 100644 --- a/inventory/host_vars/sk-2019vm.yml +++ b/inventory/host_vars/sk-2019vm.yml @@ -11,11 +11,6 @@ network: {} base_intel_nic_stability_fix: true -apt_repo_components: -- main -- contrib ## for zfs -- non-free ## for microcode updates - vm_host: network: dns: @@ -45,6 +40,11 @@ vm_host: ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" +apt_repo_components: +- main +- contrib ## for zfs +- non-free ## for microcode updates + cryptdisk_volumes: crypto-nvme0: passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme0'].passphrase }}" diff --git a/inventory/host_vars/sk-tomnext.yml b/inventory/host_vars/sk-tomnext.yml index 725fbbb6..840de6f6 100644 --- a/inventory/host_vars/sk-tomnext.yml +++ b/inventory/host_vars/sk-tomnext.yml @@ -33,8 +33,9 @@ vm_host: ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" apt_repo_components: - - main - - contrib +- main +- contrib ## for zfs +- non-free ## for microcode updates cryptdisk_volumes: crypto-nvme0: diff --git a/roles/base/tasks/Debian.yml b/roles/base/tasks/Debian.yml index 185c3616..7551670f 100644 --- a/roles/base/tasks/Debian.yml +++ b/roles/base/tasks/Debian.yml @@ -114,11 +114,15 @@ - name: disable TSO (intel nic stability fix) when: base_intel_nic_stability_fix copy: + # TODO: copy settings from /usr/lib/systemd/network/99-default.link content: | [Match] MACAddress={{ ansible_default_ipv4.macaddress }} [Link] + NamePolicy=keep kernel database onboard slot path + MACAddressPolicy=persistent + TCPSegmentationOffload=false GenericSegmentationOffload=false GenericReceiveOffload=false |