mirrors/k3s-ansible
1
0
Fork 1
mirror of https://github.com/k3s-io/k3s-ansible.git synced 2026-03-09 12:02:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

archlinux: add support for rpi5 and arm (#486)

Browse Source 
Signed-off-by: Gilles Habran <gilleshabran@protonmail.com>
This commit is contained in:
Gilles H.
2026-01-12 19:10:08 +01:00
committed by GitHub
parent 826c53975d
commit 59a223adab
2 changed files with 61 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
roles/prereq/tasks/main.yml
View File

@@ -32,6 +32,37 @@
reload: true reload: true
when: ansible_facts['all_ipv6_addresses'] | length > 0 when: ansible_facts['all_ipv6_addresses'] | length > 0
- name: Handle modern nftables/iptables-nft stack (Arch Linux ARM 6.18+)
when:
- ansible_facts['distribution'] == 'Archlinux'
- ansible_facts['kernel'] is version('6.18', '>=')
block:
- name: Check if legacy iptables is installed
ansible.builtin.package_facts:
manager: auto
- name: Ensure legacy iptables is removed to avoid conflicts
community.general.pacman:
name: iptables
state: absent
force: true
when:
- "'iptables' in ansible_facts.packages"
- "'iptables-nft' not in ansible_facts.packages"
- name: Install iptables-nft and nftables
community.general.pacman:
name:
- iptables-nft
- nftables
state: present
- name: Ensure nftables is enabled and started
ansible.builtin.systemd:
name: nftables
state: started
enabled: true
- name: Populate service facts - name: Populate service facts
ansible.builtin.service_facts: ansible.builtin.service_facts:
@@ -222,7 +253,7 @@
- name: Add /usr/local/bin to sudo secure_path - name: Add /usr/local/bin to sudo secure_path
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
line: 'Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin' line: 'Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin'
regexp: "Defaults(\\s)*secure_path(\\s)*=" regexp: 'Defaults(\s)*secure_path(\s)*='
state: present state: present
insertafter: EOF insertafter: EOF
path: /etc/sudoers path: /etc/sudoers

31
roles/raspberrypi/tasks/prereq/Archlinux.yml
View File

@@ -1,13 +1,40 @@
--- ---
- name: Enable cgroup via boot commandline if not already enabled - name: Check for boot configuration files
ansible.builtin.stat:
path: "{{ item }}"
loop:
- /boot/boot.txt
- /boot/cmdline.txt
register: boot_files
- name: Set boot_file fact
ansible.builtin.set_fact:
rpi_boot_file: "{{ (boot_files.results | selectattr('stat.exists') | map(attribute='item') | list | first) | default('') }}"
- name: Enable cgroup via boot commandline (boot.txt)
ansible.builtin.replace: ansible.builtin.replace:
path: /boot/boot.txt path: /boot/boot.txt
regexp: '^(setenv bootargs console=ttyS1,115200 console=tty0 root=PARTUUID=\${uuid} rw rootwait smsc95xx.macaddr="\${usbethaddr}"(?!.*\b{{ cgroup_item }}\b).*)$' regexp: '^(setenv bootargs console=ttyS1,115200 console=tty0 root=PARTUUID=\${uuid} rw rootwait smsc95xx.macaddr="\${usbethaddr}"(?!.*\b{{ cgroup_item }}\b).*)$'
replace: '\1 {{ cgroup_item }}' replace: '\1 {{ cgroup_item }}'
loop: with_items:
- "cgroup_enable=cpuset" - "cgroup_enable=cpuset"
- "cgroup_memory=1" - "cgroup_memory=1"
- "cgroup_enable=memory" - "cgroup_enable=memory"
loop_control: loop_control:
loop_var: cgroup_item loop_var: cgroup_item
when: rpi_boot_file == '/boot/boot.txt'
notify: Regenerate bootloader image notify: Regenerate bootloader image
- name: Enable cgroup via boot commandline (cmdline.txt)
ansible.builtin.replace:
path: /boot/cmdline.txt
regexp: '^([\w](?!.*\b{{ cgroup_item }}\b).*)$'
replace: '\1 {{ cgroup_item }}'
with_items:
- "cgroup_enable=cpuset"
- "cgroup_memory=1"
- "cgroup_enable=memory"
loop_control:
loop_var: cgroup_item
when: rpi_boot_file == '/boot/cmdline.txt'
notify: Reboot Pi