Skip to content

Commit

Permalink
Fix rancherfederal#169 -- add systemd env options
Browse files Browse the repository at this point in the history
  • Loading branch information
Ben Hosmer committed Nov 17, 2023
1 parent 7ae082d commit 37ebdaf
Show file tree
Hide file tree
Showing 5 changed files with 41 additions and 0 deletions.
7 changes: 7 additions & 0 deletions inventory/sample/group_vars/rke2_agents.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,10 @@ rke2_config: {}
# See https://docs.rke2.io/install/containerd_registry_configuration/
# Add a registry configuration file by specifying the file path on the control host
# registry_config_file_path: "{{ playbook_dir }}/sample_files/registries.yaml"

# See https://docs.rke2.io/advanced#configuring-an-http-proxy
# Add proxy information for the systemd environment
# systemd-extra-env:
# #- HTTP_PROXY=http://your-proxy.example.com:8888
# #- HTTPS_PROXY=http://your-proxy.example.com:8888
# #- NO_PROXY=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
7 changes: 7 additions & 0 deletions inventory/sample/group_vars/rke2_servers.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,3 +45,10 @@ rke2_config: {}
# See https://docs.rke2.io/helm/#automatically-deploying-manifests-and-helm-charts
# Add manifest files by specifying the directory path on the control host
# manifest_config_file_path: "{{ playbook_dir }}/sample_files/manifest/"

# See https://docs.rke2.io/advanced#configuring-an-http-proxy
# Add proxy information for the systemd environment
# systemd-extra-env:
# #- HTTP_PROXY=http://your-proxy.example.com:8888
# #- HTTPS_PROXY=http://your-proxy.example.com:8888
# #- NO_PROXY=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
2 changes: 2 additions & 0 deletions roles/rke2_common/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,3 +21,5 @@ rke2_versioned_yum_repo:
enabled: yes

rke2_config: {}

systemd_extra_env: {}
21 changes: 21 additions & 0 deletions roles/rke2_common/tasks/add-systemd-env.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
---
- name: Systemd env file
become: true
when: (systemd_extra_env is defined) and (systemd_extra_env|length > 0)
block:

- name: Add the systemd env file
ansible.builtin.blockinfile:
path: /etc/default/rke2-{{ caller_role_name }}
marker: "#{mark} ANSIBLE MANAGED FILE"
create: true
mode: '640'
owner: root
group: root
block: |
{% for item in systemd_extra_env %}
{{ item }}
{% endfor %}
- name: Reload the systemd daemon
ansible.builtin.systemd:
daemon_reload: true
4 changes: 4 additions & 0 deletions roles/rke2_common/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,10 @@
ansible.builtin.include_tasks: add-registry-config.yml
when: registry_config_file_path | length > 0

- name: Include task file add-systemd-env.yml
ansible.builtin.include_tasks: add-systemd-env.yml
when: systemd_extra_env | length > 0

- name: Run CIS-Hardening Tasks
ansible.builtin.include_role:
name: rke2_common
Expand Down

0 comments on commit 37ebdaf

Please sign in to comment.