From e69ab92fadc28fd0b92a3e8eb2887071eea53d61 Mon Sep 17 00:00:00 2001
From: Elias Wimmer <elias.wimmer@tuwien.ac.at>
Date: Sat, 21 Aug 2021 10:05:56 +0200
Subject: [PATCH] cis_profile; cephfs

---
 roles/rke2/defaults/main.yml               |  4 ----
 roles/rke2/handlers/main.yml               |  1 -
 roles/rke2/templates/config.yaml.j2        |  4 +++-
 roles/rke2/templates/helm/deploy-cephfs.j2 | 10 +++++++++-
 4 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/roles/rke2/defaults/main.yml b/roles/rke2/defaults/main.yml
index 9d19900..80a359e 100644
--- a/roles/rke2/defaults/main.yml
+++ b/roles/rke2/defaults/main.yml
@@ -7,10 +7,6 @@ tls_san:
 node_taints: []
 node_labels: []
 
-grafana_password:
-rancher_ui_dns:
-letsEncrypt_admin_mail:
-
 rke2_channel: stable
 
 state: present
\ No newline at end of file
diff --git a/roles/rke2/handlers/main.yml b/roles/rke2/handlers/main.yml
index b5a2ba6..0ab4ca9 100644
--- a/roles/rke2/handlers/main.yml
+++ b/roles/rke2/handlers/main.yml
@@ -1,7 +1,6 @@
 - name: restart rke2
   service:
     name: "rke2-{{ node_type }}"
-    enabled: yes
     masked: no
     state: restarted
     daemon_reload: yes
\ No newline at end of file
diff --git a/roles/rke2/templates/config.yaml.j2 b/roles/rke2/templates/config.yaml.j2
index 2ab6910..415ebf0 100644
--- a/roles/rke2/templates/config.yaml.j2
+++ b/roles/rke2/templates/config.yaml.j2
@@ -6,7 +6,9 @@ token: "{{ token }}"
 server: "{{ server }}"
 {% endif %}
 
-profile: "cis-1.5"
+{% if cis_profile is defined %}
+profile: "{{ cis_profile }}"
+{% endif %}
 resolv-conf: "/run/systemd/resolve/resolv.conf" # systemd-resolved
 debug: true
 cloud-provider-name: "external"
diff --git a/roles/rke2/templates/helm/deploy-cephfs.j2 b/roles/rke2/templates/helm/deploy-cephfs.j2
index fe7d1a8..e60eaa7 100644
--- a/roles/rke2/templates/helm/deploy-cephfs.j2
+++ b/roles/rke2/templates/helm/deploy-cephfs.j2
@@ -7,4 +7,12 @@ spec:
   repo: https://ceph.github.io/csi-charts
   chart: ceph-csi-cephfs
   version: 3.3.1
-#  valuesContent: |-
+  valuesContent: |-
+    csiConfig:
+     - clusterID: "356ebb9a-acc2-11ea-a9d6-b8599fef7b50"
+       monitors:
+         - "10.0.2.1:6789"
+         - "10.0.2.2:6789"
+         - "10.0.2.3:6789"
+         - "10.0.2.4:6789"
+         - "10.0.2.5:6789"
\ No newline at end of file
-- 
GitLab