diff options
| author | spmfox <spmfox@foxwd.com> | 2025-08-20 10:25:43 -0400 |
|---|---|---|
| committer | spmfox <spmfox@foxwd.com> | 2025-08-20 10:25:43 -0400 |
| commit | b678d617fcef2e9b7dd59ae1a569b234da4551f7 (patch) | |
| tree | c0011a5de696bf6c9e258540c5bf837e755a750a | |
| parent | 073042cae96e01a5e5ecbe434f00ef3ebf86e9b8 (diff) | |
adding fips to libvirt
| -rw-r--r-- | docs/README.md | 1 | ||||
| -rw-r--r-- | roles/libvirt/tasks/vm-install.yml | 2 | ||||
| -rw-r--r-- | roles/libvirt/vars/main.yml | 1 |
3 files changed, 3 insertions, 1 deletions
diff --git a/docs/README.md b/docs/README.md index 05c3569..c3929cd 100644 --- a/docs/README.md +++ b/docs/README.md @@ -31,6 +31,7 @@ Below is a table describing each variable, and which Ansible role the variable i | `redhat_activation_key` | | | X | | | Activation key for RHSM | | `redhat_org_id` | | | X | | | Org ID for RHSM | | ```libvirt_vm_location_arguments``` | | X | | | | This is a temporary workaround for Fedora ISOs, the path to the Kernel is missing from the ISO and can be defined here if necessary | +| `fips` | | X | | `false` | | This passes fips=1 to `libvirt` while creating the VM, only works with kickstart | ## Inventory Ansible provides a flexible way to define your environment: [How to build your inventory](https://docs.ansible.com/ansible/latest/inventory_guide/intro_inventory.html). diff --git a/roles/libvirt/tasks/vm-install.yml b/roles/libvirt/tasks/vm-install.yml index d33ebcc..1b94e8b 100644 --- a/roles/libvirt/tasks/vm-install.yml +++ b/roles/libvirt/tasks/vm-install.yml @@ -6,7 +6,7 @@ when: libvirt_vm_kickstart_file | length > 0 - name: Create VM from kickstart in destination filesystem - ansible.builtin.command: 'virt-install --name {{ libvirt_vm_name }} --graphics vnc --memory {{ libvirt_vm_memory }} --vcpus {{ libvirt_vm_vcpus }} --network {{ libvirt_vm_network }} --disk size={{ libvirt_vm_disk_size }},path=/{{ libvirt_vm_destination }}/{{ libvirt_vm_name }}.img,format={{ libvirt_vm_disk_format }} --location {{ libvirt_vm_location_path }}{{ libvirt_vm_location_arguments }} --os-variant {{ libvirt_vm_os }} --cpu {{ libvirt_vm_cpu }} --initrd-inject=/{{ libvirt_vm_destination }}/{{ libvirt_vm_kickstart_file }} --extra-args="inst.ks=file:/{{ libvirt_vm_kickstart_file }}"' + ansible.builtin.command: 'virt-install --name {{ libvirt_vm_name }} --graphics vnc --memory {{ libvirt_vm_memory }} --vcpus {{ libvirt_vm_vcpus }} --network {{ libvirt_vm_network }} --disk size={{ libvirt_vm_disk_size }},path=/{{ libvirt_vm_destination }}/{{ libvirt_vm_name }}.img,format={{ libvirt_vm_disk_format }} --location {{ libvirt_vm_location_path }}{{ libvirt_vm_location_arguments }} --os-variant {{ libvirt_vm_os }} --cpu {{ libvirt_vm_cpu }} --initrd-inject=/{{ libvirt_vm_destination }}/{{ libvirt_vm_kickstart_file }} --extra-args="inst.ks=file:/{{ libvirt_vm_kickstart_file }} {{ "fips=1" if libvirt_fips else "" }}"' when: libvirt_vm_kickstart_file | length > 0 - name: Create VM without kickstart in destination filesystem diff --git a/roles/libvirt/vars/main.yml b/roles/libvirt/vars/main.yml index 0cbc96f..e968c00 100644 --- a/roles/libvirt/vars/main.yml +++ b/roles/libvirt/vars/main.yml @@ -14,3 +14,4 @@ libvirt_kickstart_timezone: "{{ timezone if timezone is defined else 'Etc/GMT' } libvirt_kickstart_root_ssh_keys: "{{ ssh_keys if ssh_keys is defined }}" libvirt_kickstart_root_password: "{{ root_password if root_password is defined else lookup('password', '/dev/null length=32 chars=ascii_letters,digits') }}" libvirt_kickstart_allow_root_ssh: "{{ '' if ssh_keys is defined else 'echo PermitRootLogin yes > /etc/ssh/sshd_config.d/01-permitrootlogin.conf' }}" +libvirt_fips: "{{ fips if fips is defined else false }}" |