fix cached resolv.conf, check ca and network also if container alredy exists

roles/lxc_guest/tasks/main.yaml

@@ -4,6 +4,14 @@
   ignore_errors: true
   changed_when: false
 - block:
+    - name: check if lxc cache exists
+      stat: path=/var/cache/lxc/debian/rootfs-{{ distro }}-amd64/
+      register: lxc_cache_dir
+    - name: fix cached resolv.conf
+      template:
+          src: resolv.conf.j2
+          dest: /var/cache/lxc/debian/rootfs-{{ distro }}-amd64/etc/resolv.conf
+      when: lxc_cache_dir.stat.exists
     - name: create the lxc container
       lxc_container:
           name: "{{ vm_name }}"
@@ -17,7 +25,7 @@
           container_command: |
               echo "ssh-rsa {{ user_ca_key }}" > /etc/ssh/user_ca.pub
               echo "TrustedUserCAKeys /etc/ssh/user_ca.pub" >> /etc/ssh/sshd_config
-              sed -i 's/eth0 inet dhcp/eth0 inet manual/' /etc/network/interfaces
+              sed -i 's/iface eth0 inet dhcp/iface eth0 inet manual/' /etc/network/interfaces
           state: stopped
     - name: deploy container config
       template: src=config.j2 dest="/var/lib/lxc/{{ vm_name }}/config"
@@ -31,6 +39,18 @@
       when: auto_start|bool
   when: "lxc_existance.stdout == 'false'"
 - block:
+    - name: update container user ca key
+      shell: lxc-attach -n {{ vm_name }} --clear-env -e -- bash -c "grep -F 'ssh-rsa {{ user_ca_key }}' /etc/ssh/user_ca.pub || echo 'ssh-rsa {{ user_ca_key }}' > /etc/ssh/user_ca.pub"
+      register: shell_result
+      changed_when: "shell_result.stdout != 'ssh-rsa {{ user_ca_key }}'"
+    - name: trust user ca key
+      shell: lxc-attach -n {{ vm_name }} --clear-env -e -- bash -c "grep -F 'TrustedUserCAKeys /etc/ssh/user_ca.pub' /etc/ssh/sshd_config || echo 'TrustedUserCAKeys /etc/ssh/user_ca.pub' >> /etc/ssh/sshd_config"
+      register: shell_result
+      changed_when: "shell_result.stdout != 'TrustedUserCAKeys /etc/ssh/user_ca.pub'"
+    - name: update container network configuration
+      shell: lxc-attach -n {{ vm_name }} --clear-env -e -- bash -c "grep -F 'iface eth0 inet manual' /etc/network/interfaces || sed -i 's/iface eth0 inet dhcp/iface eth0 inet manual/' /etc/network/interfaces"
+      register: shell_result
+      changed_when: "shell_result.stdout != 'iface eth0 inet manual'"
     - name: update container config
       template: src=config.j2 dest="/var/lib/lxc/{{ vm_name }}/config"
       register: container_config_update

templates/interfaces.j2

@@ -11,7 +11,7 @@ iface lo inet loopback
 auto br0
 iface br0 inet static
         address {{ ansible_default_ipv4.address }}
-        netmask 255.255.255.0
+        netmask 255.255.0.0
         gateway {{ hostvars[ext_gateway]['ansible_host'] }}
         bridge_ports eth0
         bridge_fd 1