damex.incus.incus_projects role – Ensure Incus projects.
Note
This role is part of the damex.incus collection (version 1.6.1).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it use: ansible-galaxy collection install damex.incus.
To use it in a playbook, specify: damex.incus.incus_projects.
Entry point main – Ensure Incus projects.
Synopsis
Ensure Incus projects.
Parameters
Parameter |
Comments |
|---|---|
List of Incus projects to ensure. |
|
Project configuration keys. |
|
Compression algorithm for backups. Choices:
|
|
Enable separate image store for the project. Choices:
|
|
Enable separate network management for the project. Choices:
|
|
Enable separate network zone management for the project. Choices:
|
|
Enable separate profile store for the project. Choices:
|
|
Enable separate storage bucket management for the project. Choices:
|
|
Enable separate storage volume management for the project. Choices:
|
|
Whether to auto-update cached images. Choices:
|
|
Interval in hours between image auto-updates. |
|
Compression algorithm for images. Choices:
|
|
Default architecture for images. |
|
Number of days before cached remote images expire. |
|
Maximum number of containers in the project. |
|
Maximum number of CPUs allocated to the project. |
|
Maximum disk space used by the project. |
|
Maximum number of instances in the project. |
|
Maximum memory used by the project. |
|
Maximum number of networks in the project. |
|
Maximum number of processes in the project. |
|
Maximum number of virtual machines in the project. |
|
Pattern for automatically generated MAC addresses. |
|
Whether to block access to security-sensitive features. Choices:
|
|
Prevent instance or volume backups. Choices:
|
|
Comma-separated list of allowed cluster groups. |
|
Whether to allow targeting cluster members. Choices:
|
|
Whether to allow system call interception in containers. Choices:
|
|
Whether to allow low-level container options. Choices:
|
|
Whether to allow nesting in containers. Choices:
|
|
Control privileged container settings. Choices:
|
|
Control which disk devices can be used. Choices:
|
|
Comma-separated list of allowed disk source paths. |
|
Whether to allow GPU devices in the project. Choices:
|
|
Whether to allow InfiniBand devices in the project. Choices:
|
|
Control which network devices can be used. Choices:
|
|
Whether to allow PCI devices in the project. Choices:
|
|
Whether to allow proxy devices in the project. Choices:
|
|
Whether to allow Unix block devices in the project. Choices:
|
|
Whether to allow Unix character devices in the project. Choices:
|
|
Whether to allow Unix hotplug devices in the project. Choices:
|
|
Whether to allow USB devices in the project. Choices:
|
|
Allowed host GID ranges for raw.idmap. |
|
Allowed host UID ranges for raw.idmap. |
|
Comma-separated list of allowed networks for access. |
|
Comma-separated list of allowed network integrations. |
|
Comma-separated list of allowed network subnets. |
|
Comma-separated list of allowed network uplinks. |
|
Comma-separated list of allowed network zones. |
|
Prevent instance or volume snapshots. Choices:
|
|
Whether to allow low-level virtual machine options. Choices:
|
|
Description of the project. |
|
Name of the project. |
|
Desired state of the project. Choices:
|
|
Path to the TLS client certificate. |
|
Path to the TLS client key. |
|
Path to the TLS server certificate. |
|
Path to the Incus Unix socket. |
|
Desired state of the projects. Choices:
|
|
Authentication token for the Incus API. |
|
URL of the Incus server API. |
|
Whether to validate TLS certificates. Choices:
|
Examples
- name: Ensure incus projects
hosts: incus
tasks:
- name: Ensure incus projects
ansible.builtin.import_role:
name: damex.incus.incus_projects
vars:
incus_projects:
- name: production
config:
features.images: "true"
features.profiles: "true"
features.networks: "true"
features.storage.volumes: "true"
- name: staging