lxc guest playbooks - common task files

commont task to create lxc vm in separete file `prepare_lxc_host`,
avoid redundancy of statements in each vm-specific playbook file.

Playbooks updated to import `prepare_lxc_host`:
- ldap
- matrix
- nextcloud
- projects
- status

ldap.yaml

@@ -1,26 +1,9 @@
 ---
-# 1) Deploy the lxc container(s)
-- hosts: 'ldap'
-  # The host may not exist yet: do not gather facts
-  gather_facts: false
-  tags:
-    - 'lxc'
-  tasks:
-    # Delegate lxc container deployment to `ansible_lxc_host`
-    - import_role: name='lxc_guest'
-      vars:
-        vm_name: '{{ inventory_hostname }}'
-        vm_size: '1G'
-      delegate_to: '{{ ansible_lxc_host }}'
-    # The host may not be directly reachable: use `ssh_lxc` proxy to
-    # gather facts (setup) and configure SSH.
-    - set_fact: ansible_connection='ssh_lxc'
-    - setup:
-    - import_role: name='ssh_server'
-    # Now the host should be ssh-reachable
-    - set_fact: ansible_connection='ssh'
+- import_playbook: 'prepare_lxc_guest.yaml'
+  vars:
+    host: 'ldap'
+    vm_size: '1G'
 
-# 2) Deploy LDAP server(s)
 - hosts: 'ldap'
   roles:
       - role: 'dns_record'
@@ -30,8 +13,9 @@
         # Default values:
         #ldap_tls_enabled: true
         #ldap_check_tree: true
+      - role: 'monitoring-agent'
 
-# 3) Enable monitoring
-- hosts: 'status'
+- hosts: 'monitoring_hosts'
   roles:
     - role: 'icinga2-monitoring'
+...

matrix.yaml

@@ -1,19 +1,8 @@
 ---
-- hosts: 'matrix'
-  gather_facts: false
-  tags:
-    - 'lxc'
-  tasks:
-    - import_role: name='lxc_guest'
-      vars:
-        vm_name: '{{ inventory_hostname }}'
-        vm_size: '2G'
-        vg_name: '{{ hostvars[ansible_lxc_host]["vg_name"] }}'
-      delegate_to: '{{ ansible_lxc_host }}'
-    - set_fact: ansible_connection='ssh_lxc'
-    - setup:
-    - import_role: name='ssh_server'
-    - set_fact: ansible_connection='ssh'
+- import_playbook: 'prepare_lxc_guest.yaml'
+  vars:
+    host: 'matrix'
+    vm_size: '2G'
 
 - hosts: 'matrix'
   roles:
@@ -25,7 +14,9 @@
     - role: 'coturn'
     - role: 'matrix-synapse'
     - role: 'riot-web'
+    - role: 'monitoring-agent'
 
-- hosts: 'status'
+- hosts: 'monitoring_hosts'
   roles:
     - role: 'icinga2-monitoring'
+...

nextcloud.yaml

@@ -1,24 +1,17 @@
 ---
-- hosts: 'cloud'
-  gather_facts: false
-  tasks:
-    - import_role: name='lxc_guest'
-      vars:
-        vm_name: '{{ inventory_hostname }}'
-        vm_size: '4G'
-        vg_name: '{{ hostvars[ansible_lxc_host]["vg_name"] }}'
-      delegate_to: '{{ ansible_lxc_host }}'
-    - set_fact: ansible_connection='ssh_lxc'
-    - setup:
-    - import_role: name='ssh_server'
-    - set_fact: ansible_connection='ssh'
+- import_playbook: 'prepare_lxc_guest.yaml'
+  vars:
+    host: 'cloud'
+    vm_size: '4G'
 
 - hosts: 'cloud'
   roles:
     - role: 'dns_record'
     - role: 'reverse_proxy'
     - role: 'nextcloud'
+    - role: 'monitoring-agent'
 
-- hosts: 'status'
+- hosts: 'monitoring_hosts'
   roles:
     - role: 'icinga2-monitoring'
+...

prepare_lxc_guest.yaml

@@ -0,0 +1,26 @@
+---
+- hosts: '{{ host }}'
+  # Skip gather facts - host may not exist yet
+  gather_facts: false
+  tasks:
+    - name: 'import lxc_guest role on lxc_host'
+      import_role: name='lxc_guest'
+      vars:
+        vm_name: '{{ inventory_hostname }}'
+        vm_size: '{{ vm_size }}'
+      delegate_to: '{{ ansible_lxc_host }}'
+
+    - name: 'enable ssh->lxc_attach connection'
+      set_fact: ansible_connection='ssh_lxc'
+
+    - name: 'gather facts - now the host must exist'
+      setup:
+      tags:
+        - 'always'
+
+    - name: 'configure ssh server'
+      import_role: name='ssh_server'
+
+    - name: 'enable ssh direct connection - ssh is configured on host'
+      set_fact: ansible_connection='ssh'
+...

projects.yaml

@@ -1,19 +1,8 @@
 ---
-- hosts: 'projects'
-  gather_facts: false
-  tags:
-    - 'lxc'
-  tasks:
-    - import_role: name='lxc_guest'
-      vars:
-        vm_name: '{{ inventory_hostname }}'
-        vm_size: '4G'
-        vg_name: '{{ hostvars[ansible_lxc_host]["vg_name"] }}'
-      delegate_to: '{{ ansible_lxc_host }}'
-    - set_fact: ansible_connection='ssh_lxc'
-    - setup:
-    - import_role: name='ssh_server'
-    - set_fact: ansible_connection='ssh'
+- import_playbook: 'prepare_lxc_guest.yaml'
+  vars:
+    host: 'projects'
+    vm_size: '4G'
 
 - hosts: 'projects'
   roles:
@@ -23,7 +12,9 @@
         - 'projects.{{ domain }}'
         - 'mattermost.{{ domain }}'
     - role: 'gitlab'
+    - role: 'monitoring-agent'
 
-- hosts: 'status'
+- hosts: 'monitoring_hosts'
   roles:
     - role: 'icinga2-monitoring'
+...

status.yaml

@@ -1,16 +1,17 @@
-- hosts: biff
+---
+- import_playbook: 'prepare_lxc_guest.yaml'
+  vars:
+    host: 'status'
+    vm_size: '2G'
+
+- hosts: 'status'
   roles:
-    - role: lxc_guest
-      vm_name: status
-      distro: stretch
-    - role: ssh_server
-      ansible_connection: ssh_lxc
-      ansible_ssh_lxc_name: status
-- hosts: status
+      - role: 'dns_record'
+      - role: 'reverse_proxy'
+      - role: 'icinga2'
+
+
+- hosts: 'status'
   roles:
-      - role: dns_record
-      - role: icinga2
-      - role: reverse_proxy
-- hosts: status
-  roles:
-    - role: icinga2-monitoring
+    - role: 'icinga2-monitoring'
+...