171 lines
7.8 KiB
XML
171 lines
7.8 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<rougail version="0.10">
|
|
<services>
|
|
<service name="systemd-machined">
|
|
<file engine="none">/etc/systemd/network/80-container-vz.network</file>
|
|
<file file_type="variable" source="70-container.network" variable="zone_name" engine="ansible">systemd_zone_filename</file>
|
|
<file file_type="variable" source="70-container.netdev" variable="zone_name" engine="ansible">systemd_netzone_filename</file>
|
|
</service>
|
|
<service name="risotto-images" engine="ansible" manage="False"/>
|
|
<service name="systemd-sysctl"/>
|
|
<service name="systemd-networkd"/>
|
|
<service name="systemd-resolved"/>
|
|
<service name="risotto-images" type="timer" engine="none"/>
|
|
<service name="risottofirewall" engine="ansible"/>
|
|
<service name="systemd-nspawn@">
|
|
<file engine="none">/tmpfiles.d/0asystemd-nspawn.conf</file>
|
|
<file engine="none">/etc/systemd/system/systemd-nspawn@.service.d/systemd-nspawn@.conf</file>
|
|
<file engine="none">/etc/distro.repos.d/boot.repo</file>
|
|
<file engine="none">/etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-35-x86_64</file>
|
|
<file engine="none">/etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-36-x86_64</file>
|
|
<file engine="none">/etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-37-x86_64</file>
|
|
<file engine="none">/etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-38-x86_64</file>
|
|
<file engine="none">/etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora-36</file>
|
|
<file engine="none">/etc/pki/rpm-gpg/RPM-GPG-KEY-rpmfusion-free-fedora-38</file>
|
|
<file engine="ansible">/etc/sysctl.d/90-risotto.conf</file>
|
|
<file engine="ansible" file_type="variable" source="dhcp.network" variable="interface_names">host_network_filename</file>
|
|
</service>
|
|
<service name="modprobe@">
|
|
<override/>
|
|
</service>
|
|
<service name="vector" servicelist="vector">
|
|
<file engine="ansible">/etc/vector/vector.toml</file>
|
|
</service>
|
|
</services>
|
|
<variables>
|
|
<variable name="host_install_dir" type="filename" description="Nom du répertoire comprenant les descriptions d'installation" mandatory="True" provider="global:host_install_dir"/>
|
|
<variable name="host_name" type="domainname" hidden="True" provider="global:server_name" mandatory="True"/>
|
|
<variable name="module_name" type="string" hidden="True" provider="global:module_name" mandatory="True"/>
|
|
<variable name="tls_server" type="domainname" description="tls domaine name" mandatory="True" provider="global:tls_server"/>
|
|
<variable name="systemd_zone_filename" type="filename" hidden="True" multi="True"/>
|
|
<variable name="systemd_netzone_filename" type="filename" hidden="True" multi="True"/>
|
|
<variable name="vm_swappiness" type="number" description="Ajustement de la mémoire virtuelle" mandatory="True">
|
|
<value>60</value>
|
|
</variable>
|
|
<variable name="host_packages" multi="True" hidden="True">
|
|
<value>systemd-container</value>
|
|
<value>dnf</value>
|
|
<value>jq</value>
|
|
<value>debootstrap</value>
|
|
<value>htop</value>
|
|
<value>iotop</value>
|
|
<value>man</value>
|
|
<value>gettext</value>
|
|
<value>patch</value>
|
|
<value>unzip</value>
|
|
<value>mlocate</value>
|
|
<value>xz-utils</value>
|
|
<value>iptables</value>
|
|
<value>curl</value>
|
|
<value>tree</value>
|
|
<value>tshark</value>
|
|
<value>vim</value>
|
|
<value>python3-pytest</value>
|
|
<value>python3-yaml</value>
|
|
<value>python3-ldap</value>
|
|
<value>python3-dnspython</value>
|
|
<value>python3-dulwich</value>
|
|
<value>python3-psycopg2</value>
|
|
<value>python3-redis</value>
|
|
<value>python3-imaplib2</value>
|
|
<value>python3-pymysql</value>
|
|
</variable>
|
|
<variable name="host_removed_packages" multi="True" hidden="True">
|
|
<value>resolvconf</value>
|
|
</variable>
|
|
<family name="network">
|
|
<variable name="output_interface" description="Nom de l'interface de sortie" mandatory="True"/>
|
|
<family name="interfaces" leadership="True">
|
|
<variable name="interface_names" description="Nom de l'interface" multi="True" mandatory="True"/>
|
|
<variable name="interface_type" type="choice" description="Type de la carte" mandatory="True">
|
|
<choice>dhcp</choice>
|
|
<choice>ipv4</choice>
|
|
<value>dhcp</value>
|
|
</variable>
|
|
<variable name="interface_ip" type="cidr" description="IP au format CIDR de l'interface" mandatory="True"/>
|
|
<variable name="interface_gateway" type="ip" description="IP de la route par défaut" mandatory="True"/>
|
|
<variable name="interface_domain_name_servers" type="ip" description="IP des serveurs DNS" mandatory="True" multi="True"/>
|
|
<variable name="first_interface" type="boolean" hidden="True"/>
|
|
</family>
|
|
<variable name="host_network_filename" type="filename" multi="True" hidden="True"/>
|
|
</family>
|
|
<family name="zones" leadership="True">
|
|
<variable name="zone_name" type="string" hidden="True" multi="True"/>
|
|
<variable name="zone_cidr" type="cidr" hidden="True"/>
|
|
</family>
|
|
<family name="vector">
|
|
<variable name="server_address" type="domainname" hidden="True" supplier="Vector"/>
|
|
<variable name="ip_address" type="ip" hidden="True" supplier="Vector:address"/>
|
|
</family>
|
|
<family name="prometheus">
|
|
<variable name="prometheus_server_address" type="domainname" hidden="True" supplier="Prometheus"/>
|
|
<variable name="prometheus_ip_address" type="ip" hidden="True"/>
|
|
</family>
|
|
</variables>
|
|
<constraints>
|
|
<fill name="get_internal_zone_names">
|
|
<param type="information">zones</param>
|
|
<target>zone_name</target>
|
|
</fill>
|
|
<fill name="calc_value">
|
|
<param>/etc/systemd/network/70-container-</param>
|
|
<param type="variable">zone_name</param>
|
|
<param>.network</param>
|
|
<param name="join"></param>
|
|
<param name="multi" type="boolean">True</param>
|
|
<target>systemd_zone_filename</target>
|
|
</fill>
|
|
<fill name="calc_value">
|
|
<param>/etc/systemd/network/80-</param>
|
|
<param type="variable">interface_names</param>
|
|
<param>.network</param>
|
|
<param name="join"></param>
|
|
<param name="multi" type="boolean">True</param>
|
|
<target>host_network_filename</target>
|
|
</fill>
|
|
<fill name="calc_value">
|
|
<param>/etc/systemd/network/70-container-</param>
|
|
<param type="variable">zone_name</param>
|
|
<param>.netdev</param>
|
|
<param name="join"></param>
|
|
<param name="multi" type="boolean">True</param>
|
|
<target>systemd_netzone_filename</target>
|
|
</fill>
|
|
<fill name="get_zones_info">
|
|
<param type="information">zones</param>
|
|
<param>cidr</param>
|
|
<param type="variable" name="zone_name">zone_name</param>
|
|
<target>zone_cidr</target>
|
|
</fill>
|
|
<fill name="is_first_interface">
|
|
<param type="index"/>
|
|
<target>first_interface</target>
|
|
</fill>
|
|
<fill name="get_ip">
|
|
<param type="information">zones</param>
|
|
<param type="variable">server_address</param>
|
|
<target>ip_address</target>
|
|
</fill>
|
|
<fill name="get_ip">
|
|
<param type="information">zones</param>
|
|
<param type="variable">prometheus_server_address</param>
|
|
<target>prometheus_ip_address</target>
|
|
</fill>
|
|
<condition name="disabled_if_not_in" source="interface_type">
|
|
<param>ipv4</param>
|
|
<target>interface_ip</target>
|
|
<target>interface_gateway</target>
|
|
<target>interface_domain_name_servers</target>
|
|
</condition>
|
|
<condition name="disabled_if_not_in" source="first_interface">
|
|
<param>True</param>
|
|
<target>interface_gateway</target>
|
|
<target>interface_domain_name_servers</target>
|
|
</condition>
|
|
<condition name="disabled_if_in" source="server_address">
|
|
<param type="nil"/>
|
|
<target type="servicelist">vector</target>
|
|
<target type="variable">ip_address</target>
|
|
</condition>
|
|
</constraints>
|
|
</rougail>
|