Clean Code

01-old/ansible/roles/security-settings/tasks/crictl.yml

@@ -0,0 +1,47 @@
+---
+
+#- name: Downloading and extracting {{ crictl_app }} {{ crictl_version }}
+#  unarchive:
+#    src: "{{ crictl_dl_url }}"
+#    dest: "{{ crictl_bin_path }}"
+#    owner: "{{ crictl_file_owner }}"
+#    group: "{{ crictl_file_group }}"
+#    extra_opts:
+#      - crictl
+#    remote_src: yes
+
+- name: Change containerd config
+  copy:
+    src: containerd_dsk_config.toml
+    dest: /etc/containerd/config.toml
+    owner: root
+    group: root
+    mode: 0640
+
+- name: Restart service containerd
+  ansible.builtin.systemd:
+    state: restarted
+    daemon_reload: yes
+    name: containerd
+
+- name: remove all cronjobs for user root
+  command: crontab -r -u root
+  ignore_errors: true
+
+- name: Crictl command crontab setting
+  ansible.builtin.cron:
+    name: "container container prune"
+    minute: "0"
+    hour: "3"
+    user: root
+    job: "for id in `crictl ps -a | grep -i exited | awk '{print $1}'`; do crictl rm $id ; done"
+
+- name: Crictl command crontab setting
+  ansible.builtin.cron:
+    name: "container image prune"
+    minute: "10"
+    hour: "3"
+    user: root
+    job: "/usr/local/bin/crictl rmi --prune"
+
+