diff options
Diffstat (limited to 'manifests/machine.pp')
| -rw-r--r-- | manifests/machine.pp | 89 |
1 files changed, 89 insertions, 0 deletions
diff --git a/manifests/machine.pp b/manifests/machine.pp new file mode 100644 index 0000000..8b09715 --- /dev/null +++ b/manifests/machine.pp @@ -0,0 +1,89 @@ +# @summary Configuration and provisioning for a single container. +# @param name +# Will be used for both the directory name, and the hostname in the container. +# @param template +# Which template this machine should be configured from. +# +# Templates needs to be manually configured behorehand. +# +# The value 'none' is special, since it allows the machine to be +# managed without a template. The template parameter is however +# required, since a machine without a template needs to be manually +# configured through some other mean. +# +# @param domain +# Domain part of FQDN of container. +# +# @param config +# Configuration for the machine, as per systemd.nspawn(5). +# Will be merged with `nspawn::config` per the `$merge` variable. +# +# @param merge +# How this nodes configuration should be merged with the defalut hash. +# +# - deep +# Stdlib's `deep_merge` will be used, with us on the right. +# - shallow +# `$nspawn::config + $config` +# - replace +# The upstream will be ignored. +# +# @param ensure +define nspawn::machine ( + Variant[String, Enum['none']] $template, + String $domain = $trusted['domain'], + Nspawn::Systemdconfig $config, + Enum['deep', 'shallow', 'override'] $merge = 'deep', + Enum['present', 'absent'] $ensure = 'present', +) { + $root = "${nspawn::machine_dir}/${name}" + + $final_config = $merge ? { + 'deep' => deep_merge($nspawn::config, $config), + 'shallow' => $nspawn::config + $config, + 'override' => $config, + } + + file { "${nspawn::nspawn_dir}/${name}.nspawn": + ensure => $ensure, + content => epp("${module_name}/systemd/nspawn.epp", { + 'data' => $final_config + }), + } + + if $ensure == 'present' { + # if $machine_dir has a quota set, then this inherits it + unless $template == 'none' { + exec { "Initialize ${name} from template": + cmd => [ + 'btrfs', 'snapshot', + "${nspawn::template_dir}/${template}", + $root, + ], + creates => $root, + path => ['/bin', '/usr/bin', '/sbin', '/usr/sbin'], + } + } + + file { "${root}/etc/passwd": + content => "${name}\n", + } + + file_line { "${root}/etc/hosts ::1": + line => "::1\t${name}.${domain}\t${name}", + match => "${name}.${domain}", + path => "${root}/etc/hosts", + } + } else { + service { "systemd-nspawn@${name}": + ensure => stopped, + enable => false, + } + + exec { "Remove btrfs subvolume ${root}": + cmd => ['btrfs', 'subvolume', 'delete', $root], + onlyif => [['test', '-d', $root]], + path => ['/bin', '/usr/bin', '/sbin', '/usr/sbin'], + } + } +} |