# incus role
* [incus role](#incus-role)
* [Variable reference](#variable-reference)
* [Mandatory variables](#mandatory-variables)
* [Optional variables](#optional-variables)
* [incus_cluster tips](#incus_cluster-tips)
* [incus_subuid_list and incus_subgid_list: mount directory from host to container with the host uid/gid](#incus_subuid_list-and-incus_subgid_list-mount-directory-from-host-to-container-with-the-host-uidgid)
* [Misc](#misc)
* [Incus logs](#incus-logs)
* [Detection of unconfigured incus](#detection-of-unconfigured-incus)
## Variable reference
### Mandatory variables
| Variable | Description | Example value |
| -------- | ----------- | ------------- | ------ |
| incus_repository | name of the zabbly incus repo to use | lts-6.0 |
### Optional variables
| Variable | Description | Default value | Example value |
|----------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|
| incus_version | inucs specific version to pin, only useful in a cluster configuration ; [a minor upgrade can block the cluster](https://linuxcontainers.org/incus/docs/main/howto/cluster_manage/#upgrade-cluster-members). Use `--extra-vars "incus_update_now=true"` to upgrade cluster members. | | |
| incus_trust_list | list of servers name authrorized to have their certificate added in incus trust config | None | {{ backup_server_list + [ 'srv-379' ] }} |
| incus_zfs_backend | create a zfs dataset for incus | true | false |
| incus_zfs_root_dataset | the zfs dataset to create for incus | nvme/incus | tank/incus |
| incus_standard_profiles | list of all default profiles | Look in the `defaults/main.yml` file for the standard configuration | see `defaults/main.yml` |
| incus_subuid_list | grand access to specific uid for incus | None | ['5001'] |
| incus_subgid_list | grand access to specific gid for incus | None | ['5000'] |
| incus_cluster_name | Set this variable if you want the host to be part of an incus cluster. Must be defined in a group_vars and have the same name that this group_vars | None | th3_core |
| incus_cluster_main_name | ansible_hostname of the incus cluster main server | None | srv-203 |
| incus_cluster_init_member_config | member_config list of the admin init preseed file. The list of the keys needed is cluster specific but the value is not necessarily the same on each member.
It can be obtained with the command `incus query /1.0/cluster` | None | incus_cluster_init_member_config: \|
entity: storage-pool
name: default
key: driver
value: zfs |
| incus_cluster_scheduler | Per member optional cluster configuration to restrict automatic placement of instances https://linuxcontainers.org/incus/docs/main/explanation/clustering/#clustering-instance-placement | None | group |
| incus_ip | the ip on which incus listen, without CIDR | None | 10.24.10.10 |
| incus_bgp_asn | Private AS number used by the incus bgp daemon. If not set incus bgp daemon will not be activated | None | `65024` |
#### incus_cluster tips
The easiest way to set `incus_cluster_name` `incus_cluster_main_name` and `incus_ip` if you are willing to use OVN on this cluster is by respectivly them to the corresponding vars in ovn:
incus_cluster_name: {{ ovn_cluster_name }}
incus_cluster_main_name: {{ ovn_cluster_main_name }}
incus_ip: {{ ovn_ip }}
#### incus_subuid_list and incus_subgid_list: mount directory from host to container with the host uid/gid
Sometime, you need to give access to a directory to a container without remapping its uid/gid.
To do that, you must modify the system to grand access to specific uid/gid for incus and then modify the container to handle this specific case.
To grand access to specific uid/gid for incus set incus_subuid_list and incus_subgid_list on the host.
Then for the incus container, you must add the following setting:
```
echo -en "uid 5001 5001\ngid 5000 5000" | incus config set container_name raw.idmap -
```
A container restart is necessary to apply the change, it cannot be done live.
Then add the directory to the container storage, for instance:
```
devices:
01OPTI01370:
path: /srv/vaults/01OPTI01370
source: /srv/vaults/01OPTI01370
type: disk
```
You will then be able to access the directory inside the container with the same uid/gid as the host.
# Misc
## Incus logs
Log incus daemon:
```
/var/log/incus/incusd.log
```
Log container incus:
```
/var/log/incus/CONTAINER_NAME
```
## Detection of unconfigured incus
The `incus_yaml_unconfigured` variable is defined in `defaults/main.yml`, it contains the unconfigured state of a incus daemon just after installation, you should not have to change this, the variable exists to handle future incus version that may have a different default configuration.
The `incus_standalone_init_yaml ` variable is also defined in `defaults/main.yml`, it contains the initial configuration that must override the default above, you only need to change this if your default storage pool doesn't use zfs.