Dmitry Tantsur 4cb0395d75 Make virtual environment owned by root
It's dangerous to allow a regular user to write into the source code of
the services. The repositories are still writable, so that the
development workflow can still use the ``--develop`` flag to make
modifications.

While here, remove the horribly outdated and broken ANSIBLE_INSTALL_ROOT.

Change-Id: Id2e25dd57668d24a11dc2cd16eea2b607b7a3f16
2022-01-25 15:59:42 +01:00

66 lines
2.5 KiB
Ruby

# -*- mode: ruby -*-
# vi: set ft=ruby :
VAGRANTFILE_API_VERSION = '2'
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.box = 'generic/ubuntu1804'
config.vm.provider "libvirt" do |lv|
lv.cpu_mode = 'host-passthrough'
end
config.vm.define 'bifrost' do |bifrost|
bifrost.vm.provider :virtualbox do |vb|
vb.customize ['modifyvm', :id, '--memory', '8196', '--cpus', '4']
# the setting below are to improve performance on mac's and should have little impact elsewhere.
vb.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
vb.customize ["modifyvm", :id, "--natdnsproxy1", "on"]
vb.customize ["modifyvm", :id, "--nictype1", "Am79C973"]
vb.customize ["modifyvm", :id, "--nictype2", "Am79C973"]
vb.customize ["modifyvm", :id, "--nictype3", "Am79C973"]
end
bifrost.vm.provider "libvirt" do |lv|
lv.memory = 8196
lv.cpus = 2
lv.nested = true
lv.volume_cache = 'none'
end
bifrost.vm.provision "shell", inline: <<-SHELL
echo "if [ \"$IFACE\" = \"eth0\" ]; then route del default dev eth0 ; fi" >> /etc/network/if-up.d
echo "[Match]\nName=eth0\n[Network]\nDHCP=yes\n[DHCP]\nUseRoutes=false" >>/etc/systemd/network/no-default-route.network
SHELL
# Set up private NAT'd network
bifrost.vm.network 'private_network', ip: '192.168.99.10', use_dhcp_assigned_default_route: false
# This assumes you have DHCP on your bridged network. if not you will need
# to statically configure to allow Bifrost to manage hardware attached to
# the bridged interface.
# NOTE(TheJulia): Is there a way to abstract the bridged networking...
# NOTE(NobodyCam): until the above is done this needs to be set to a valid interface
# NOTE(TheJulia): Virtualbox will ask you. libvirt won't and you need to use the dev
# field instead of bridge.
bifrost.vm.network "public_network", bridge: 'enp3s0', dev: 'enp3s0'
# besure we get the entire bifrost directory tree
bifrost.vm.synced_folder "../../.", "/home/vagrant/bifrost", type: "rsync"
bifrost.vm.provision 'ansible' do |ansible|
ansible.verbose = 'v'
ansible.playbook = 'vagrant.yml'
ansible.extra_vars = {
# set key file name here
public_key: 'id_rsa.pub',
# Edit the network_interface to match your needs:
# eth0 - connected to a Nat network
# eth1 - connected to Host-only network named: 'vboxnet1'
# eth2 - bridged - Interface must also be set above
network_interface: 'eth0'
}
end
end
end