initial commit

ansible/inventory/hosts.ini

@@ -0,0 +1,2 @@
+[hypervisors]
+node1 ansible_host=192.0.2.10

ansible/playbooks/site.yml

@@ -0,0 +1,9 @@
+- hosts: hypervisors
+  become: yes
+  roles:
+    - common
+    - kvm-libvirt
+    - lxc
+    - podman
+    - network-bridge
+    - node-agent

ansible/roles/common/tasks/main.yml

@@ -0,0 +1,8 @@
+- name: Install base packages
+  ansible.builtin.apt:
+    name:
+      - ca-certificates
+      - curl
+      - gnupg
+    state: present
+    update_cache: yes

ansible/roles/kvm-libvirt/tasks/main.yml

@@ -0,0 +1,15 @@
+- name: Install KVM and libvirt
+  ansible.builtin.apt:
+    name:
+      - qemu-kvm
+      - libvirt-daemon-system
+      - libvirt-clients
+      - virtinst
+    state: present
+    update_cache: yes
+
+- name: Enable and start libvirtd
+  ansible.builtin.systemd:
+    name: libvirtd
+    state: started
+    enabled: yes

ansible/roles/lxc/tasks/main.yml

@@ -0,0 +1,14 @@
+- name: Install LXC
+  ansible.builtin.apt:
+    name:
+      - lxc
+      - lxc-templates
+    state: present
+    update_cache: yes
+
+- name: Ensure unprivileged defaults
+  ansible.builtin.copy:
+    dest: /etc/lxc/default.conf
+    content: |
+      lxc.net.0.type = empty
+      # Jagacloud will render per-CT configs under /etc/jagacloud/lxc

ansible/roles/network-bridge/tasks/main.yml

@@ -0,0 +1,25 @@
+- name: Install bridge utilities
+  ansible.builtin.apt:
+    name:
+      - bridge-utils
+      - ifupdown2
+    state: present
+    update_cache: yes
+
+- name: Configure vmbr0 bridge (ifupdown2)
+  ansible.builtin.copy:
+    dest: /etc/network/interfaces.d/vmbr0
+    content: |
+      auto vmbr0
+      iface vmbr0 inet manual
+          bridge_ports none
+          bridge_stp off
+          bridge_fd 0
+          bridge_vlan_aware yes
+  notify: restart networking
+
+handlers:
+  - name: restart networking
+    ansible.builtin.service:
+      name: networking
+      state: restarted

ansible/roles/node-agent/tasks/main.yml

@@ -0,0 +1,48 @@
+- name: Create config directory
+  ansible.builtin.file:
+    path: /etc/jagacloud
+    state: directory
+    mode: '0755'
+
+- name: Place sample agent config
+  ansible.builtin.copy:
+    dest: /etc/jagacloud/agent.yaml
+    content: |
+      listen_addr: ":8000"
+      libvirt_uri: "qemu:///system"
+      lxc_path: "/etc/jagacloud/lxc"
+      podman_socket: "/run/podman/podman.sock"
+      auth_token: "changeme"
+
+- name: Install node-agent binary (placeholder)
+  ansible.builtin.copy:
+    src: files/node-agent
+    dest: /usr/local/bin/node-agent
+    mode: '0755'
+  ignore_errors: true
+
+- name: Install systemd unit
+  ansible.builtin.copy:
+    dest: /etc/systemd/system/node-agent.service
+    content: |
+      [Unit]
+      Description=Jagacloud Node Agent
+      After=network-online.target
+
+      [Service]
+      ExecStart=/usr/local/bin/node-agent
+      Restart=on-failure
+
+      [Install]
+      WantedBy=multi-user.target
+
+- name: Reload systemd
+  ansible.builtin.systemd:
+    daemon_reload: yes
+
+- name: Enable and start node-agent
+  ansible.builtin.systemd:
+    name: node-agent
+    state: started
+    enabled: yes
+  ignore_errors: true

ansible/roles/podman/tasks/main.yml

@@ -0,0 +1,12 @@
+- name: Install Podman
+  ansible.builtin.apt:
+    name:
+      - podman
+    state: present
+    update_cache: yes
+
+- name: Enable podman socket
+  ansible.builtin.systemd:
+    name: podman.socket
+    state: started
+    enabled: yes