ansible-freebsd-jailhost-tools/tasks/jail/main.yml

108 lines
3.9 KiB
YAML

---
- name: Gathering existing jail directories
find:
file_type: directory
paths: '{{ dynamic_jails_path }}'
patterns: '{{ jail_prefix }}*'
register: dirs_found
- name: Set default facts for the task
set_fact:
jail_THIS_is_new_created: false
jail_{{ jail_name }}_existing_dirs: '{{ dirs_found.files | map(attribute="path") | map("basename") | sort(reverse=True) }}'
- name: Setting other defaults for this task depending on formerly set variables
set_fact:
jail_THIS_run_create: >-
{{
vars["jail_" + jail_name + "_existing_dirs"] | count == 0 or
vars["jail_" + jail_name + "_force_recreate"]
}}
- name: Checking if an IPv6 address is assigned
set_fact:
jail_THIS_with_ip6: "{{ vars['jail_' + jail_name + '_ip6'] | default(False) }}"
- name: Ensure config directory exists for the generated jails
ansible.builtin.file:
path: '{{ dynamic_jails_path }}/configs'
state: directory
# ---
# Run CREATE when forced or no existing dir
# ---
- block:
- include_tasks: '{{ vars["jail_" + jail_name + "_include_createnew_precreate"] | default(jail_include_noop) }}'
vars:
include_type: '{{ "jail_" + jail_name + "_include_createnew_precreate" }}'
- name: Creating a {{ jail_name }} jail when there's none yet
include_tasks: '{{ ansible_roles_path }}/karolyi.ansible-freebsd-jailhost-tools/tasks/jail/create.yml'
- include_tasks: '{{ vars["jail_" + jail_name + "_include_createnew_prestart"] | default(jail_include_noop) }}'
vars:
include_type: '{{ "jail_" + jail_name + "_include_createnew_prestart" }}'
- name: Starting the {{ jail_name }} jail
include_tasks: '{{ ansible_roles_path }}/karolyi.ansible-freebsd-jailhost-tools/tasks/jail/start.yml'
- include_tasks: '{{ vars["jail_" + jail_name + "_include_createnew_poststart"] | default(jail_include_noop) }}'
vars:
include_type: '{{ "jail_" + jail_name + "_include_createnew_poststart" }}'
when: not jail_THIS_with_ip6
when: jail_THIS_run_create
# This task here is to set a boolean to this 'level', since the jail_THIS_is_new_created is used elsewhere too.
# When we change that variable elsewhere downwards, the tasks could get skipped because the 'when' statements
# are dynamically evaluated.
- name: Set if the {{ jail_name }} jail has to be updated or a new has been created.
set_fact:
jail_THIS_run_update: '{{ not jail_THIS_is_new_created }}'
# ---
# Run UPDATE when not created
# ---
- name: Checking the latest {{ jail_name }} jail, updating/replacing when necessary
include_tasks: '{{ ansible_roles_path }}/karolyi.ansible-freebsd-jailhost-tools/tasks/jail/update.yml'
when: jail_THIS_run_update
# Remove the latest directory for tidyup when in update mode
- name: Updating jail_{{ jail_name }}_existing_dirs when necessary
set_fact:
jail_{{ jail_name }}_existing_dirs: '{{ vars["jail_" + jail_name + "_existing_dirs"][1:] }}'
when: not jail_THIS_is_new_created
- block:
- name: Stopping every running jail with this prefix
include_tasks: '{{ ansible_roles_path }}/karolyi.ansible-freebsd-jailhost-tools/tasks/jail/stop_if_runs.yml'
with_items: '{{ vars["jail_" + jail_name + "_existing_dirs"] }}'
loop_control:
loop_var: jail_id
- name: Reload PF
ansible.builtin.command: /sbin/pfctl -f /etc/pf.conf
- name: Starting jail when IPv6 present
ansible.builtin.command:
jail -c
{{
vars['jail_' + jail_name + '_newest_id']
}}
- include_tasks: '{{ vars["jail_" + jail_name + "_include_createnew_poststart"] | default(jail_include_noop) }}'
vars:
include_type: '{{ "jail_" + jail_name + "_include_createnew_poststart" }}'
when: 'jail_THIS_with_ip6 != False and jail_THIS_run_create == True'
- name: Tidying up remaining unused jails
include_tasks: '{{ ansible_roles_path }}/karolyi.ansible-freebsd-jailhost-tools/tasks/jail/teardown.yml'
with_items: '{{ vars["jail_" + jail_name + "_existing_dirs"] }}'
loop_control:
loop_var: jail_id
# vim: sw=2