jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-07-27 00:05:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update to 2022-09-20 13:00

Browse Source
This commit is contained in:
Daniel Berteaud
2022-09-20 13:00:08 +02:00
parent 66df749295
commit e6019f8e32
12 changed files with 50 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
roles/nomad/tasks/conf.yml
View File

@@ -133,7 +133,7 @@
- name: Set ACL on the TLS dir
shell: |
setfacl -R -b -k {{ nomad_root_dir }}/tls
setfacl -R -k -b {{ nomad_root_dir }}/tls
{% if nomad_admin_groups | length > 0 %}
setfacl -m {% for group in nomad_admin_groups %}g:{{ group }}:rx{{ ',' if not loop.last }}{% endfor %} {{ nomad_root_dir }}/tls
setfacl -m {% for group in nomad_admin_groups %}d:g:{{ group }}:r{{ ',' if not loop.last }}{% endfor %} {{ nomad_root_dir }}/tls
@@ -153,3 +153,22 @@
when: nomad_vault_secrets.consul_pki.enabled and nomad_conf.consul.ssl
tags: nomad
- name: Ensure the bridge module is loaded
modprobe: name=bridge state=present
when: nomad_conf.client.enabled and 'docker' in nomad_enabled_task_drivers
tags: nomad
- name: Set sysctl
sysctl:
name: "{{ item.key }}"
value: "{{ item.val }}"
sysctl_file: /etc/sysctl.d/nomad.conf
state: "{{ (nomad_conf.client.enabled and 'docker' in nomad_enabled_task_drivers) | ternary('present', 'absent') }}"
loop:
- key: net.bridge.bridge-nf-call-arptables
val: 1
- key: net.bridge.bridge-nf-call-ip6tables
val: 1
- key: net.bridge.bridge-nf-call-iptables
val: 1
tags: nomad