Ansible for rke2 install on Alpine contiainers

roles/proxmox/handlers/main.yml

@@ -0,0 +1,6 @@
+---
+- name: Reboot LXC containers
+  ansible.builtin.command: pct reboot {{ item }}
+  loop: "{{ kube_ids }}"
+  changed_when: true
+  listen: reboot containers

roles/proxmox/tasks/main.yml

@@ -0,0 +1,32 @@
+---
+- name: Set apparmor profile unconfined
+  ansible.builtin.lineinfile:
+    dest: "/etc/pve/lxc/{{ item }}.conf"
+    regexp: ^lxc.apparmor.profile
+    line: "lxc.apparmor.profile: unconfined"
+  loop: "{{ kube_ids }}"
+  notify: reboot containers
+
+- name: Allow cgroup devices
+  ansible.builtin.lineinfile:
+    dest: "/etc/pve/lxc/{{ item }}.conf"
+    regexp: ^lxc.cgroup.devices.allow
+    line: "lxc.cgroup.devices.allow: a"
+  loop: "{{ kube_ids }}"
+  notify: reboot containers
+
+- name: Blank out lxc.cap.drop
+  ansible.builtin.lineinfile:
+    dest: "/etc/pve/lxc/{{ item }}.conf"
+    regexp: ^lxc.cap.drop
+    line: "lxc.cap.drop: "
+  loop: "{{ kube_ids }}"
+  notify: reboot containers
+
+- name: LXC auto mount proc and sys
+  ansible.builtin.lineinfile:
+    dest: "/etc/pve/lxc/{{ item }}.conf"
+    regexp: ^lxc.mount.auto
+    line: 'lxc.mount.auto: "proc:rw sys:rw"'
+  loop: "{{ kube_ids }}"
+  notify: reboot containers