ansible-collection-infrastructure

ansible/ansible-collection-infrastructure

Fork 0

Commit Graph

Author	SHA1	Message	Date
patrick	3b6f59a029	fix(proxmox_lxc_provision): post-clone privilege escalation and SSH key regen var name The user-module tasks in post-clone.yml were running without become, so modifying /etc/passwd failed with 'usermod: Permission denied' when the connection user (e.g. admin) was non-root. Add become: true to both password tasks. Block-level become is avoided because the known_hosts task in the same file is delegate_to: localhost and should not sudo on the controller. Also fix the variable name passed to the system_setup ssh tasks_from: post-clone.yml was setting 'regenerate_ssh_keys', but ssh.yml gates on 'regenerate_ssh_host_keys'. The mismatch caused cloned containers to silently keep the source template's SSH host keys.	2026-06-27 23:19:26 -04:00
patrick	51c1c5b611	refactor(proxmox_lxc_provision): rename password vars and parameterize user name Rename lxc_password to lxc_root_password for consistency with the new lxc_user_password (replaces the previously bare 'password' variable in post-clone.yml, which silently collided with any same-named caller var). Add lxc_user_name (default: admin) so the non-root account managed in post-clone.yml is no longer hardcoded. Apply default(omit) to the root password in create.yml so it is genuinely optional as documented. BREAKING CHANGE: callers passing lxc_password or a bare 'password' var must rename to lxc_root_password and lxc_user_password respectively.	2026-06-27 21:11:13 -04:00
patrick	62f4a3ea73	fix: rename roles to use underscores instead of hyphens which was causing the roles not to be found	2026-04-14 15:19:21 -04:00

Author

SHA1

Message

Date

patrick

3b6f59a029

fix(proxmox_lxc_provision): post-clone privilege escalation and SSH key regen var name

The user-module tasks in post-clone.yml were running without become, so
modifying /etc/passwd failed with 'usermod: Permission denied' when the
connection user (e.g. admin) was non-root. Add become: true to both
password tasks. Block-level become is avoided because the known_hosts
task in the same file is delegate_to: localhost and should not sudo on
the controller.

Also fix the variable name passed to the system_setup ssh tasks_from:
post-clone.yml was setting 'regenerate_ssh_keys', but ssh.yml gates on
'regenerate_ssh_host_keys'. The mismatch caused cloned containers to
silently keep the source template's SSH host keys.

2026-06-27 23:19:26 -04:00

patrick

51c1c5b611

refactor(proxmox_lxc_provision): rename password vars and parameterize user name

Rename lxc_password to lxc_root_password for consistency with the new
lxc_user_password (replaces the previously bare 'password' variable in
post-clone.yml, which silently collided with any same-named caller var).
Add lxc_user_name (default: admin) so the non-root account managed in
post-clone.yml is no longer hardcoded. Apply default(omit) to the root
password in create.yml so it is genuinely optional as documented.

BREAKING CHANGE: callers passing lxc_password or a bare 'password' var
must rename to lxc_root_password and lxc_user_password respectively.

2026-06-27 21:11:13 -04:00

patrick

62f4a3ea73

fix: rename roles to use underscores instead of hyphens which was causing the roles not to be found

2026-04-14 15:19:21 -04:00

3 Commits