Compare commits

..

5 Commits

24 changed files with 71 additions and 49 deletions

View File

@ -8,16 +8,33 @@ end
case run_command('grep VERSION_ID /etc/os-release | awk -F\" \'{print $2}\'').stdout.chomp case run_command('grep VERSION_ID /etc/os-release | awk -F\" \'{print $2}\'').stdout.chomp
when "24.04" when "24.04"
remote_file '/etc/systemd/resolved.conf' do execute "change link to /etc/resolv.conf" do
command "ln -fs /run/systemd/resolve/resolv.conf /etc/resolv.conf"
end
directory "/etc/systemd/resolved.conf.d/" do
mode "0755"
owner "root"
group "root"
end
template '/etc/systemd/resolved.conf.d/partial.conf' do
owner 'root' owner 'root'
group 'root' group 'root'
mode '644' mode '644'
source 'files/etc/systemd/resolved.conf.2404' source 'templates/etc/systemd/resolved.conf.d/partial.conf.erb'
variables(dns: node['consul']['dns'])
notifies :restart, 'service[systemd-resolved]', :immediately notifies :restart, 'service[systemd-resolved]', :immediately
end end
remote_file "/etc/default/dnsmasq" do
mode "0644"
owner "root"
group "root"
end
remote_file '/etc/dnsmasq.conf' do remote_file '/etc/dnsmasq.conf' do
owner 'root' owner 'root'
group 'root' group 'root'

View File

@ -0,0 +1,42 @@
# This file has six functions:
# 1) to completely disable starting this dnsmasq instance
# 2) to set DOMAIN_SUFFIX by running `dnsdomainname`
# 3) to select an alternative config file
# by setting DNSMASQ_OPTS to --conf-file=<file>
# 4) to tell dnsmasq to read the files in /etc/dnsmasq.d for
# more configuration variables.
# 5) to stop the resolvconf package from controlling dnsmasq's
# idea of which upstream nameservers to use.
# 6) to avoid using this dnsmasq instance as the system's default resolver
# by setting DNSMASQ_EXCEPT="lo"
# For upgraders from very old versions, all the shell variables set
# here in previous versions are still honored by the init script
# so if you just keep your old version of this file nothing will break.
#DOMAIN_SUFFIX=`dnsdomainname`
#DNSMASQ_OPTS="--conf-file=/etc/dnsmasq.alt"
# The dnsmasq daemon is run by default conforming to the Debian Policy.
# To disable the service,
# for SYSV init, use "update-rc.d dnsmasq disable",
# for systemd, use "systemctl disable dnsmasq".
# By default search this drop directory for configuration options.
# Libvirt leaves a file here to make the system dnsmasq play nice.
# Comment out this line if you don't want this. The dpkg-* are file
# endings which cause dnsmasq to skip that file. This avoids pulling
# in backups made by dpkg.
CONFIG_DIR=/etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new
# If the resolvconf package is installed, dnsmasq will use its output
# rather than the contents of /etc/resolv.conf to find upstream
# nameservers. Uncommenting this line inhibits this behaviour.
# Note that including a "resolv-file=<filename>" line in
# /etc/dnsmasq.conf is not enough to override resolvconf if it is
# installed: the line below must be uncommented.
IGNORE_RESOLVCONF=yes
# If the resolvconf package is installed, dnsmasq will tell resolvconf
# to use dnsmasq under 127.0.0.1 as the system's default resolver.
# Uncommenting this line inhibits this behaviour.
#DNSMASQ_EXCEPT="lo"

View File

@ -1,37 +0,0 @@
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file (or a copy of it placed in
# /etc/ if the original file is shipped in /usr/), or by creating "drop-ins" in
# the /etc/systemd/resolved.conf.d/ directory. The latter is generally
# recommended. Defaults can be restored by simply deleting the main
# configuration file and all drop-ins located in /etc/.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.
[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
DNS=127.0.0.1
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
DNSStubListener=no
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0

View File

@ -0,0 +1,3 @@
[Resolve]
DNS=127.0.0.1
DNSStubListener=no

View File

@ -3,7 +3,7 @@
# ------------------------------------------- # -------------------------------------------
node.reverse_merge!({ node.reverse_merge!({
'nginx' => { 'nginx' => {
'version' => '1.26.0', 'version' => '1.26.1',
'skip_lego' => true, 'skip_lego' => true,
'skip_webadm' => false, 'skip_webadm' => false,
'skip_deploy_conf' => true 'skip_deploy_conf' => true

View File

@ -31,14 +31,7 @@ directory '/opt/cni/bin' do
mode '0755' mode '0755'
end end
%w( bandwidth bridge dhcp firewall host-device host-local ipvlan loopback macvlan portmap ptp sbr static tuning vlan vrf ).each do |f| execute "eget containernetworking/plugins --to /opt/cni/bin --upgrade-only -a ^sha --all"
remote_file "/opt/cni/bin/#{f}" do
owner 'root'
group 'root'
mode '0775'
end
end
directory '/etc/cni' do directory '/etc/cni' do
owner 'root' owner 'root'

View File

@ -4,9 +4,12 @@ include_recipe './install.rb'
if node['nomad']['client'] if node['nomad']['client']
include_recipe '../docker/default.rb' include_recipe '../docker/default.rb'
include_recipe './csi.rb'
package "consul-cni"
package "dmidecode"
end end
if node['nomad']['manager'] || node['nomad']['client'] if node['nomad']['manager'] || node['nomad']['client']
include_recipe './setup.rb' include_recipe './setup.rb'
include_recipe './csi.rb'
end end

View File

@ -1,5 +1,6 @@
# Kernel parameters: # Kernel parameters:
execute 'modprobe br_netfilter' execute 'modprobe br_netfilter'
execute 'modprobe bridge'
remote_file '/etc/sysctl.d/90-nomad.conf' do remote_file '/etc/sysctl.d/90-nomad.conf' do
owner 'root' owner 'root'