diff --git a/nova/core/roles/machine_operations/tasks/vsphere/create.yml b/nova/core/roles/machine_operations/tasks/vsphere/create.yml index dabf4873..66aebf43 100644 --- a/nova/core/roles/machine_operations/tasks/vsphere/create.yml +++ b/nova/core/roles/machine_operations/tasks/vsphere/create.yml @@ -207,6 +207,7 @@ - name: Getting {{ custom_vm_name | default(vm_name) }} interfaces... community.vmware.vmware_guest_info: datacenter: "{{ datacenter }}" + folder: "{{ folder }}" name: "{{ custom_vm_name | default(vm_name) }}" register: existing_vm_info @@ -218,6 +219,7 @@ - name: Removing existing network interfaces from {{ custom_vm_name | default(vm_name) }}... community.vmware.vmware_guest_network: datacenter: "{{ datacenter }}" + folder: "{{ folder }}" name: "{{ custom_vm_name | default(vm_name) }}" state: absent mac_address: "{{ item.value.macaddress }}" @@ -231,6 +233,7 @@ - name: Attaching following network interfaces to {{ custom_vm_name | default(vm_name) }}... community.vmware.vmware_guest_network: datacenter: "{{ datacenter }}" + folder: "{{ folder }}" name: "{{ custom_vm_name | default(vm_name) }}" state: present force: true @@ -245,6 +248,8 @@ - name: Adding attributes to {{ custom_vm_name | default(vm_name) }}... community.vmware.vmware_guest_custom_attributes: name: "{{ custom_vm_name | default(vm_name) }}" + datacenter: "{{ datacenter }}" + folder: "{{ folder }}" state: present attributes: "{{ machine_operations_vsphere_custom_attributes }}" when: machine_operations_vsphere_custom_attributes != [] diff --git a/nova/core/roles/monolith/tasks/dc.yml b/nova/core/roles/monolith/tasks/dc.yml index e30bc510..f296d500 100644 --- a/nova/core/roles/monolith/tasks/dc.yml +++ b/nova/core/roles/monolith/tasks/dc.yml @@ -39,7 +39,7 @@ - vault_seal_status.json.sealed is defined - not vault_seal_status.json.sealed retries: 12 - delay: 5 + delay: 10 # Including to create domain accounts since Monolith is now a Domain Controller - name: Including nova.core.accounts role... diff --git a/nova/core/roles/monolith/templates/create_samba_dns_records.sh b/nova/core/roles/monolith/templates/create_samba_dns_records.sh index 6ffc95ae..b1ce0353 100644 --- a/nova/core/roles/monolith/templates/create_samba_dns_records.sh +++ b/nova/core/roles/monolith/templates/create_samba_dns_records.sh @@ -19,7 +19,7 @@ do echo "DNS record for $fqdn already exists." else echo "Creating DNS record for $fqdn..." - if [ "$CONNECTION_IPV4_FAMILY" == "true" ]; then + if [ "$CONNECTION_IPV4_FAMILY" == "True" ]; then RECORD_TYPE="A" else RECORD_TYPE="AAAA" diff --git a/nova/core/roles/outline/defaults/main.yml b/nova/core/roles/outline/defaults/main.yml index 748091e0..1fa2dd15 100644 --- a/nova/core/roles/outline/defaults/main.yml +++ b/nova/core/roles/outline/defaults/main.yml @@ -1,5 +1,5 @@ --- -outline_version: 1.4.0 +outline_version: 1.5.0 outline_postgres_version: 17 # POSTGRES_VERSION_TAG # Pre-generated secret key for Outline diff --git a/nova/core/roles/template_os_configuration/tasks/vsphere.yml b/nova/core/roles/template_os_configuration/tasks/vsphere.yml index 4ec9e15f..967d5a36 100644 --- a/nova/core/roles/template_os_configuration/tasks/vsphere.yml +++ b/nova/core/roles/template_os_configuration/tasks/vsphere.yml @@ -8,27 +8,43 @@ delegate_to: localhost become: false block: - - name: Keeping only one cdrom for {{ custom_vm_name | default(vm_name) }}... - vmware.vmware.vm: - name: "{{ custom_vm_name | default(vm_name) }}" - cdroms: - - device_node: IDE(0:0) + - name: Looking up the {{ custom_vm_name | default(vm_name) }} VM... + vmware.vmware.guest_info: + guest_name: "{{ custom_vm_name | default(vm_name) }}" + register: vcenter_vm_info + delegate_to: localhost + become: false - rescue: - - name: Shutting down {{ custom_vm_name | default(vm_name) }} VM... - ansible.builtin.include_role: - name: nova.core.powerstate - vars: - shutdown: true + - name: Listing all {{ custom_vm_name | default(vm_name) }} cdroms... + vmware.vmware_rest.vcenter_vm_hardware_cdrom_info: + vm: "{{ vcenter_vm_info.guests[0].moid }}" + register: existing_cdroms + until: not existing_cdroms.failed + retries: 5 + delay: 2 - - name: Keeping only one cdrom for {{ custom_vm_name | default(vm_name) }}... - vmware.vmware.vm: - name: "{{ custom_vm_name | default(vm_name) }}" - cdroms: - - device_node: IDE(0:0) + - name: Removing extra cdroms if they exist... + when: existing_cdroms.value | length > 1 + block: + - name: Shutting down {{ custom_vm_name | default(vm_name) }} VM... + ansible.builtin.include_role: + name: nova.core.powerstate + vars: + shutdown: true - - name: Starting {{ custom_vm_name | default(vm_name) }} VM... - ansible.builtin.include_role: - name: nova.core.powerstate - vars: - poweron: true + - name: Removing following cdroms... + vmware.vmware_rest.vcenter_vm_hardware_cdrom: + vm: "{{ vcenter_vm_info.guests[0].moid }}" + cdrom: "{{ item.cdrom }}" + state: absent + loop: "{{ existing_cdroms.value[1:] }}" + register: removed_cdroms + until: not removed_cdroms.failed + retries: 5 + delay: 2 + + - name: Starting {{ custom_vm_name | default(vm_name) }} VM... + ansible.builtin.include_role: + name: nova.core.powerstate + vars: + poweron: true diff --git a/nova/core/roles/vault/defaults/main.yml b/nova/core/roles/vault/defaults/main.yml index 8c15242e..d2fe15f1 100644 --- a/nova/core/roles/vault/defaults/main.yml +++ b/nova/core/roles/vault/defaults/main.yml @@ -35,7 +35,7 @@ vault_root_cas: vault_root_ca_name: "{{ environment_name }} {{ project_fullname }} RootCA" vault_root_ca_ou: "{{ project_fullname }}" vault_root_ca_org: "{{ environment_name }}" - vault_root_ca_country: US + vault_root_ca_country: "{{ vault_ca_country | default('US') }}" vault_root_ca_key_type: ECC # https://docs.ansible.com/ansible/latest/collections/community/crypto/openssl_privatekey_pipe_module.html#parameter-type vault_root_ca_key_curve: secp384r1 # https://docs.ansible.com/ansible/latest/collections/community/crypto/openssl_privatekey_module.html#parameter-curve vault_root_ca_key_bits: 384 @@ -82,7 +82,7 @@ vault_intermediate_cas: vault_intermediate_ca_name: "{{ environment_name }} {{ project_fullname }} IntermediateCA" vault_intermediate_ca_ou: "{{ project_fullname }}" vault_intermediate_ca_org: "{{ environment_name }}" - vault_intermediate_ca_country: US + vault_intermediate_ca_country: "{{ vault_ca_country | default('US') }}" vault_intermediate_ca_key_type: ec vault_intermediate_ca_key_bits: 384 vault_intermediate_ca_crl_distribution_points: http://{{ vault_crl_fqdn }}/v1/IntermediateCA/crl/pem @@ -99,7 +99,7 @@ vault_intermediate_ca_roles_defaults: vault_cert_key_type: rsa vault_cert_ou: "{{ project_fullname }}" vault_cert_organization: "{{ environment_name }}" - vault_cert_country: US + vault_cert_country: "{{ vault_ca_country | default('US') }}" vault_cert_code_signing: false # EC Client/Server certificate @@ -108,7 +108,7 @@ vault_intermediate_ca_roles_defaults: vault_cert_key_type: ec vault_cert_ou: "{{ project_fullname }}" vault_cert_organization: "{{ environment_name }}" - vault_cert_country: US + vault_cert_country: "{{ vault_ca_country | default('US') }}" vault_cert_code_signing: false - vault_cert_path: code_signing @@ -116,7 +116,7 @@ vault_intermediate_ca_roles_defaults: vault_cert_key_type: ec vault_cert_ou: "{{ project_fullname }}" vault_cert_organization: "{{ environment_name }}" - vault_cert_country: US + vault_cert_country: "{{ vault_ca_country | default('US') }}" vault_cert_code_signing: true vault_create_mitm_ca: false # Create a Man-in-the-Middle (TLS termination) CA(s) @@ -126,7 +126,7 @@ vault_mitm_cas: vault_mitm_ca_name: "{{ environment_name }} {{ project_fullname }} MiTMCA" vault_mitm_ca_ou: "{{ project_fullname }}" vault_mitm_ca_org: "{{ environment_name }}" - vault_mitm_ca_country: US + vault_mitm_ca_country: "{{ vault_ca_country | default('US') }}" vault_mitm_ca_key_type: ec vault_mitm_ca_key_bits: 384 vault_mitm_ca_crl_distribution_points: http://{{ vault_crl_fqdn }}/v1/MiTMCA/crl/pem