feat: initialise barebones server (#248)

- manage incus servers init Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/248
2025-04-06 23:56:50 +10:00 · 2025-04-06 23:56:50 +10:00 · 0e3dd4d7d0
commit 0e3dd4d7d0
parent 83d0b31753
4 changed files with 43 additions and 22 deletions
--- a/hieradata/roles/infra/incus/node.yaml
+++ b/hieradata/roles/infra/incus/node.yaml
@ -135,9 +135,10 @@ zfs::datasets:
    mountpoint: '/data/incus'

 # manage incus
-incus::cluster::members_lookup: true
-incus::cluster::members_role: roles::infra::incus::node
-incus::cluster::master: prodnxsr0009
+incus::init: true
+incus::bridge: br10
+incus::server_port: 8443
+incus::server_addr: "%{hiera('networking_loopback0_ip')}"

 # add sysadmin to incus-admin group
 profiles::accounts::sysadmin::extra_groups:
--- a/modules/incus/lib/facter/incus.rb
+++ b/modules/incus/lib/facter/incus.rb
@ -13,6 +13,6 @@ Facter.add(:incus) do
    next {} if incus_output.empty? # Return an empty fact if there's no output

    # Parse the output as YAML and return it
-    YAML.safe_load(incus_output)
+    YAML.safe_load(incus_output, permitted_classes: [Symbol, Time, Date])
  end
 end
--- a/modules/incus/manifests/init.pp
+++ b/modules/incus/manifests/init.pp
@ -1,9 +1,14 @@
 class incus (
-  Array[String] $packages   = [
+  Array[String] $packages     = [
    'incus',
    'incus-tools',
    'incus-client'
  ],
+  Boolean       $cluster      = false,
+  Boolean       $init         = true,
+  String        $bridge       = 'incusbr0',
+  Stdlib::Port        $server_port = 8443,
+  Stdlib::IP::Address $server_addr = $facts['networking']['ip'],
 ) {

  package { $packages:
@ -32,4 +37,21 @@ class incus (
    match  => '^root:',
    notify => Service['incus'],
  }
+
+  if $init {
+    file {'/root/incus.preseed.yaml':
+      ensure  => file,
+      owner   => root,
+      group   => root,
+      content => template('incus/join_preseed.yaml.erb')
+    }
+
+    exec { 'initiate_incus':
+      path        => ['/bin', '/usr/bin', '/sbin', '/usr/sbin'],
+      command     => 'cat /root/incus.preseed.yaml | incus admin init --preseed && touch /root/.incus_initialized',
+      refreshonly => true,
+      creates     => '/root/.incus_initialized',
+      subscribe   => File['/root/incus.preseed.yaml'],
+    }
+  }
 }
--- a/modules/incus/templates/join_preseed.yaml.erb
+++ b/modules/incus/templates/join_preseed.yaml.erb
@ -1,20 +1,18 @@
-config: {}
+config:
+  core.https_address: <%= @server_fqdn %>:<%= @server_port %>
 networks: []
 storage_pools: []
-profiles: []
+storage_volumes: []
+profiles:
+- config: {}
+  description: ""
+  devices:
+    eth0:
+      name: eth0
+      nictype: bridged
+      parent: <%= @bridge %>
+      type: nic
+  name: default
+  project: default
 projects: []
-cluster:
-  server_name: <%= @server_fqdn %>
-  enabled: true
-  member_config:
-  - entity: storage-pool
-    name: local
-    key: source
-    value: ""
-    description: '"source" property for storage pool "local"'
-  cluster_address: <%= @cluster_address %>:<%= @server_port %>
-  cluster_certificate: |
-    <%= @certificate %>
-  server_address: <%= @server_fqdn %>:<%= @server_port %>
-  cluster_token: <%= @cluster_token %>
-  cluster_certificate_path: ""
+cluster: null