From b33e78dd17fb4f64eddc2593684b8c5b61a827f2 Mon Sep 17 00:00:00 2001
From: Nico Boehr <nico@nicoboehr.de>
Date: Wed, 26 Feb 2025 19:58:15 +0100
Subject: [PATCH] common: disable useless some services in containers

---
 all.yml                     |  1 +
 roles/common/tasks/main.yml | 13 +++++++++++++
 2 files changed, 14 insertions(+)
 create mode 100644 roles/common/tasks/main.yml

diff --git a/all.yml b/all.yml
index ad24a60..4325651 100644
--- a/all.yml
+++ b/all.yml
@@ -1,6 +1,7 @@
 ---
 - hosts: all
   roles:
+    - common
     - users
     - autoupdate
     - ssh
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
new file mode 100644
index 0000000..72c09cf
--- /dev/null
+++ b/roles/common/tasks/main.yml
@@ -0,0 +1,13 @@
+---
+- name: Mask unneeded systemd services in containers
+  systemd_service:
+    name: '{{ item }}'
+    masked: true
+  when: "ansible_virtualization_type == 'lxc' and ansible_virtualization_role == 'guest'"
+  with_items:
+    - nvmf-autoconnect
+    - systemd-journald-audit.socket
+    - systemd-modules-load.service
+    - zfs-mount.service
+    - zfs-share.service
+    - openipmi.service
-- 
GitLab