sjat/boma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix(base): confine /etc/hosts unsafe-write fallback to the Docker Molecule env

Browse source 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
sjat 2026-06-20 11:31:15 +02:00
parent f83d68d7a0
commit 74e54b359b
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
roles/base/tasks/mesh.yml
View file

@ -71,7 +71,9 @@
regexp: '\s{{ _coordinator_fqdn | regex_escape }}$' regexp: '\s{{ _coordinator_fqdn | regex_escape }}$'
line: "{{ base__mesh_coordinator_pin }} {{ _coordinator_fqdn }}" line: "{{ base__mesh_coordinator_pin }} {{ _coordinator_fqdn }}"
state: present state: present
unsafe_writes: true # /etc/hosts is a bind mount in Docker; atomic rename is impossible # /etc/hosts is bind-mounted in the Docker Molecule container (atomic rename → EBUSY);
# this is a fallback only — production VMs still write atomically.
unsafe_writes: true
vars: vars:
_coordinator_fqdn: "{{ base__mesh_management_url | regex_replace('^https?://', '') | regex_replace('[:/].*', '') }}" _coordinator_fqdn: "{{ base__mesh_management_url | regex_replace('^https?://', '') | regex_replace('[:/].*', '') }}"
when: when: