Initial setup of a gitlab-runner playbook

18 files changed, 508 insertions, 0 deletions

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..072476e
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,10 @@
+stages:
+  - test
+
+test:
+  stage: test
+  image: python:latest
+  before_script:
+    - pip install ansible==2.6.2
+  script:
+    - ansible-playbook --syntax-check -v local.yml
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..e3fc0ea
--- /dev/null
+++ b/README.md
@@ -0,0 +1,3 @@
+# Ansible Gitlab Runner
+
+An `ansible-pull` repo to configure a Gitlab Runner using a custom KVM executor
diff --git a/local.yml b/local.yml
new file mode 100644
index 0000000..5dd4a53
--- /dev/null
+++ b/local.yml
@@ -0,0 +1,7 @@
+---
+- hosts: localhost
+  
+  roles:
+  - kvm
+  - role: gitlab-runner
+    when: ansible_local is defined and ansible_local.gitlab_runner is defined and ansible_local.gitlab_runner.registration_token is defined
diff --git a/roles/gitlab-runner/handlers/main.yml b/roles/gitlab-runner/handlers/main.yml
new file mode 100644
index 0000000..3f26db6
--- /dev/null
+++ b/roles/gitlab-runner/handlers/main.yml
@@ -0,0 +1,7 @@
+- name: reload systemd
+  command: systemctl daemon-reload
+
+- name: restart gitlab-runner
+  service:
+    name: gitlab-runner
+    state: restarted
diff --git a/roles/gitlab-runner/tasks/main.yml b/roles/gitlab-runner/tasks/main.yml
new file mode 100644
index 0000000..0465b3d
--- /dev/null
+++ b/roles/gitlab-runner/tasks/main.yml
@@ -0,0 +1,56 @@
+- name: Install depends
+  apt:
+    name: [apt-transport-https]
+    state: present
+
+- name: Add GitLab apt signing key
+  apt_key:
+    id: F6403F6544A38863DAA0B6E03F01618A51312F3F
+    url: https://packages.gitlab.com/gpg.key
+
+- name: Add GitLab apt repo to souces.list
+  apt_repository:
+    codename: "{{ ansible_distribution_release }}"
+    repo: "deb https://packages.gitlab.com/runner/gitlab-runner/debian/ {{ ansible_distribution_release }} main"
+    update_cache: yes
+
+- name: Install GitLab Runner
+  apt:
+    name: gitlab-runner
+
+- name: Get a token for the runner
+  uri:
+    url: "https://{{ ansible_local.gitlab_runner.gitlab_domain }}/api/v4/runners"
+    method: POST
+    body_format: form-urlencoded
+    body:
+      name: "{{ ansible_fqdn }}"
+      description: "virtual machine on {{ ansible_fqdn }}"
+      token: "{{ ansible_local.gitlab_runner.registration_token }}"
+      tag_list: "kvm"
+    status_code: 201
+    return_content: yes
+  register: runner_token
+  when: ansible_local.gitlab_runner.runner_token is not defined
+
+- name: Store the token
+  template:
+    src: gitlab_runner.fact
+    dest: /etc/ansible/facts.d/gitlab_runner.fact
+  when: ansible_local.gitlab_runner.runner_token is not defined
+
+- name: Reread facts
+  setup: {}
+  when: ansible_local.gitlab_runner.runner_token is not defined
+
+- name: Install gitlab custom executor scripts
+  template:
+    src: "{{ item }}.sh"
+    dest: "/etc/gitlab-runner/{{ item }}.sh"
+    mode: "0755"
+  with_items: [config, prepare, run, cleanup]
+
+- name: Configure the gitlab runner
+  template:
+    src: gitlab-runner.toml
+    dest: /etc/gitlab-runner/config.toml
diff --git a/roles/gitlab-runner/templates/base.sh b/roles/gitlab-runner/templates/base.sh
new file mode 100644
index 0000000..9a40bf2
--- /dev/null
+++ b/roles/gitlab-runner/templates/base.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+set -euo pipefail
+VM_IMAGES_PATH="/var/lib/libvirt/images"
+BASE_VM_IMAGE="$VM_IMAGES_PATH/gitlab-job.qcow2"
+VM_ID="runner-$CUSTOM_ENV_CI_RUNNER_ID-project-$CUSTOM_ENV_CI_PROJECT_ID-concurrent-$CUSTOM_ENV_CI_CONCURRENT_PROJECT_ID-job-$CUSTOM_ENV_CI_JOB_ID"
+VM_IMAGE="$VM_IMAGES_PATH/$VM_ID.qcow2"
+VM_HOSTNAME="runner-${CUSTOM_ENV_CI_JOB_ID}"
+IMAGE_HOST="127.0.0.1"
+export LIBVIRT_DEFAULT_URI="qemu:///system"
+
+_get_vm_ip() {
+    virsh -q domifaddr --source agent "$VM_ID" 2> /dev/null | awk '{print $4}' | sed -E 's|/([0-9]+)?$||' | grep '172.18' || true
+}
diff --git a/roles/gitlab-runner/templates/cleanup.sh b/roles/gitlab-runner/templates/cleanup.sh
new file mode 100644
index 0000000..42071b2
--- /dev/null
+++ b/roles/gitlab-runner/templates/cleanup.sh
@@ -0,0 +1,9 @@
+{% include "base.sh" %}
+
+# Destroy VM.
+virsh shutdown "$VM_ID" || true
+
+# Undefine VM.
+virsh undefine "$VM_ID" || true
+
+rm -fv /tmp/${VM_ID}_ed25519 /tmp/${VM_ID}_ed25519.pub ${VM_IMAGES_PATH}/${VM_ID}*
diff --git a/roles/gitlab-runner/templates/config.sh b/roles/gitlab-runner/templates/config.sh
new file mode 100644
index 0000000..3c0fe60
--- /dev/null
+++ b/roles/gitlab-runner/templates/config.sh
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+cat << EOS
+{
+  "driver": {
+    "name": "entanglement.garden driver",
+    "version": "v0.0.1"
+  }
+}
+EOS
diff --git a/roles/gitlab-runner/templates/gitlab-runner.toml b/roles/gitlab-runner/templates/gitlab-runner.toml
new file mode 100644
index 0000000..3edcfcb
--- /dev/null
+++ b/roles/gitlab-runner/templates/gitlab-runner.toml
@@ -0,0 +1,23 @@
+concurrent = 5
+check_interval = 0
+
+[session_server]
+  session_timeout = 1800
+
+[[runners]]
+  name = "{{ ansible_fqdn }}"
+  url = "https://{{ ansible_local.gitlab_runner.gitlab_domain }}"
+  token = "{{ ansible_local.gitlab_runner.runner_token }}"
+  executor = "custom"
+  builds_dir = "/home/debian/builds"
+  cache_dir = "/home/debian/.cache"
+
+  [runners.custom]
+    config_exec = "/etc/gitlab-runner/config.sh"
+    prepare_exec = "/etc/gitlab-runner/prepare.sh"
+    run_exec = "/etc/gitlab-runner/run.sh"
+    cleanup_exec = "/etc/gitlab-runner/cleanup.sh"
+
+  [runners.cache]
+    [runners.cache.s3]
+    [runners.cache.gcs]
diff --git a/roles/gitlab-runner/templates/gitlab-runners-network.xml b/roles/gitlab-runner/templates/gitlab-runners-network.xml
new file mode 100644
index 0000000..15183af
--- /dev/null
+++ b/roles/gitlab-runner/templates/gitlab-runners-network.xml
@@ -0,0 +1,12 @@
+<network>
+  <name>gitlab-runners</name>
+  <forward mode='nat' />
+  <bridge stp='on' delay='0'/>
+  <mac address='52:54:00:01:61:fd'/>
+  <ip address='192.168.42.1' netmask='255.255.255.0'>
+    <dhcp>
+      <range start='192.168.42.2' end='192.168.42.254'/>
+    </dhcp>
+  </ip>
+</network>
+
diff --git a/roles/gitlab-runner/templates/gitlab_runner.fact b/roles/gitlab-runner/templates/gitlab_runner.fact
new file mode 100644
index 0000000..319e7c7
--- /dev/null
+++ b/roles/gitlab-runner/templates/gitlab_runner.fact
@@ -0,0 +1,5 @@
+{
+  "registration_token": "{{ ansible_local.gitlab_runner.registration_token }}",
+  "runner_token": "{{ runner_token.content | from_json | json_query('token') }}",
+  "gitlab_domain": "{{ ansible_local.gitlab_runner.gitlab_domain }}"
+}
diff --git a/roles/gitlab-runner/templates/prepare.sh b/roles/gitlab-runner/templates/prepare.sh
new file mode 100644
index 0000000..8b01997
--- /dev/null
+++ b/roles/gitlab-runner/templates/prepare.sh
@@ -0,0 +1,85 @@
+{% include 'base.sh' %}
+
+# trap any error, and mark it as a system failure.
+trap "exit $SYSTEM_FAILURE_EXIT_CODE" ERR
+
+#pushd /var/lib/libvirt/images
+#if ! curl -s http://${IMAGE_HOST}/gitlab-job/SHA256SUMS | grep -E "gitlab-job.qcow2$" | sha256sum -c ; then
+#    wget -qO gitlab-job.qcow2.xz http://${IMAGE_HOST}/gitlab-job/gitlab-job.qcow2.xz
+#    curl -s http://${IMAGE_HOST}/gitlab-job/SHA256SUMS | grep -E "gitlab-job.qcow2.xz$" | sha256sum -c
+#    rm gitlab-job.qcow2 || true
+#    unxz -v gitlab-job.qcow2.xz
+#fi
+#popd
+
+# Copy base disk to use for Job.
+cp "$BASE_VM_IMAGE" "$VM_IMAGE"
+
+tempconfig=$(mktemp -td cloudinit.XXXXX)
+echo "instance-id: ${VM_HOSTNAME}" >> $tempconfig/meta-data
+echo "local-hostname: ${VM_HOSTNAME}" >> $tempconfig/meta-data
+
+ssh-keygen -t ed25519 -f /tmp/${VM_ID}_ed25519 -qN ""
+
+cat > $tempconfig/user-data <<EOF
+#cloud-config
+ssh_authorized_keys:
+  - $(cat /tmp/${VM_ID}_ed25519.pub)
+EOF
+
+genisoimage -output "${VM_IMAGES_PATH}/${VM_ID}-cloudinit.iso" -volid cidata -joliet -r "${tempconfig}"
+
+
+# Install the VM
+virt-install \
+    --name "$VM_ID" \
+    --os-variant debian10 \
+    --disk "$VM_IMAGE" \
+    --disk "${VM_IMAGES_PATH}/${VM_ID}-cloudinit.iso,device=cdrom" \
+    --import \
+    --vcpus=2 \
+    --ram=2048 \
+    --network bridge=brlan,model=virtio \
+    --graphics none \
+    --noautoconsole
+
+# Wait for VM to get IP
+echo 'Waiting for VM to get IP'
+for i in $(seq 1 300); do
+    VM_IP=$(_get_vm_ip)
+
+    if [ -n "$VM_IP" ]; then
+        echo "VM got IP: $VM_IP"
+        break
+    fi
+
+    if [ "$i" == "300" ]; then
+        echo 'Waited 5 minutes for VM to start, exiting...'
+        # Inform GitLab Runner that this is a system failure, so it
+        # should be retried.
+        exit "$SYSTEM_FAILURE_EXIT_CODE"
+    fi
+
+    sleep 1
+done
+
+ssh-keygen -R "$VM_IP" || true
+
+# Wait for ssh to become available
+echo "Waiting for sshd to be available"
+for i in $(seq 1 300); do
+    if ssh -i /tmp/${VM_ID}_ed25519 -o StrictHostKeyChecking=no debian@"$VM_IP" >/dev/null 2>/dev/null; then
+        break
+    fi
+
+    if [ "$i" == "300" ]; then
+        echo 'Waited 5 minutes for sshd to start, exiting...'
+        # Inform GitLab Runner that this is a system failure, so it
+        # should be retried.
+        exit "$SYSTEM_FAILURE_EXIT_CODE"
+    fi
+
+    sleep 1
+done
+
+rm -rf "$tempconfig"
diff --git a/roles/gitlab-runner/templates/run.sh b/roles/gitlab-runner/templates/run.sh
new file mode 100644
index 0000000..b4a79cf
--- /dev/null
+++ b/roles/gitlab-runner/templates/run.sh
@@ -0,0 +1,10 @@
+{% include "base.sh" %}
+
+VM_IP=$(_get_vm_ip)
+
+ssh -i /tmp/${VM_ID}_ed25519 -o StrictHostKeyChecking=no debian@"$VM_IP" /bin/bash < "${1}"
+if [ $? -ne 0 ]; then
+    # Exit using the variable, to make the build as failure in GitLab
+    # CI.
+    exit "$BUILD_FAILURE_EXIT_CODE"
+fi
diff --git a/roles/kvm/files/create-debian-vm.sh b/roles/kvm/files/create-debian-vm.sh
new file mode 100755
index 0000000..4f59dd5
--- /dev/null
+++ b/roles/kvm/files/create-debian-vm.sh
@@ -0,0 +1,46 @@
+#!/bin/bash
+set -euo pipefail
+hostname=${1:-}
+if [[ -z ${hostname} ]]; then
+  echo -n "Enter hostname: "
+  read hostname
+fi
+
+disk_prefix="/var/lib/libvirt/images/${hostname}"
+
+tempconfig=$(mktemp -td cloudinit.XXXXX)
+
+echo "instance-id: $hostname" >> $tempconfig/meta-data
+echo "local-hostname: $hostname" >> $tempconfig/meta-data
+
+cat > $tempconfig/user-data <<EOF
+#cloud-config
+users:
+  - default
+  - name: dvn
+    groups: systemd-journal
+    shell: /bin/bash
+    sudo: ALL=(ALL) NOPASSWD:ALL
+    ssh_authorized_keys:  # These SSH keys will be overwritten by ansible-pull when the VM first boots
+      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILL6PhAcMxsc4GhRuQYRMwchcig5qTDQQFZBQzxFTmxI
+package_update: true
+packages:
+  - ansible
+  - git
+runcmd:
+  - ansible-pull -U "https://git.gnunet.org/ansible-basic.git"
+  - run-ansible-pull nodisown
+power_state:
+  mode: reboot
+EOF
+
+pushd ${tempconfig}
+genisoimage -output "${disk_prefix}-cloudinit.iso" -volid cidata -joliet -r user-data meta-data
+popd
+rm -rf ${tempconfig}
+
+cp /var/installmedia/debian-10-openstack-amd64.qcow2 "${disk_prefix}.qcow2"
+
+qemu-img resize "${disk_prefix}.qcow2" 20G
+
+virt-install --rng /dev/random --connect qemu:///system --virt-type=kvm --import --name "${hostname}" --ram 1024 --vcpus 1 --disk "${disk_prefix}.qcow2,format=qcow2,bus=virtio" --disk "${disk_prefix}-cloudinit.iso,device=cdrom" --network bridge=brlan,model=virtio --console pty,target_type=serial --os-type=linux --os-variant=debian9 --noautoconsole
diff --git a/roles/kvm/handlers/main.yml b/roles/kvm/handlers/main.yml
new file mode 100644
index 0000000..09dc6ad
--- /dev/null
+++ b/roles/kvm/handlers/main.yml
@@ -0,0 +1,2 @@
+- name: reboot
+  command: reboot
diff --git a/roles/kvm/tasks/main.yml b/roles/kvm/tasks/main.yml
new file mode 100644
index 0000000..681cc58
--- /dev/null
+++ b/roles/kvm/tasks/main.yml
@@ -0,0 +1,46 @@
+- name: Install kvm
+  apt:
+    name:
+      - qemu-kvm
+      - libvirt-clients
+      - qemu-utils
+      - libvirt-daemon-system
+      - genisoimage
+      - virtinst
+      - qemu-utils
+
+- name: Put us in the kvm groups
+  user:
+    append: yes ## Don't set these as our *only* groups!
+    groups: libvirt,libvirt-qemu,kvm
+    name: "{{ item }}"
+  with_items:
+    - dvn
+
+- name: Create /var/installmedia
+  file:
+    path: /var/installmedia
+    state: directory
+
+- name: Download the latest debian cloud image
+  get_url:
+    url: https://cdimage.debian.org/cdimage/openstack/current/debian-10.1.0-openstack-amd64.qcow2
+    dest: /var/installmedia/debian-10-openstack-amd64.qcow2
+    checksum: sha256:b97489ea8f64bba8609042d6387053056b67518b2c7c9a7c67602a94e5ee1642
+
+- name: Install create-debian-vm.sh
+  copy:
+    src: create-debian-vm.sh
+    dest: /usr/local/bin/create-debian-vm
+    mode: 0755
+
+- name: Set permissions and ownership on /var/lib/libvirt/images
+  file:
+    path: /var/lib/libvirt/images
+    group: libvirt
+    mode: "0775"
+
+- name: Configure virsh for local administration
+  template:
+    src: libvirt-default-uri.sh
+    dest: /etc/profile.d/libvirt-default-uri.sh
diff --git a/roles/kvm/templates/gateway.xml b/roles/kvm/templates/gateway.xml
new file mode 100644
index 0000000..30919db
--- /dev/null
+++ b/roles/kvm/templates/gateway.xml
@@ -0,0 +1,162 @@
+<domain type='qemu' id='4'>
+  <name>gateway</name>
+  <memory unit='KiB'>1048576</memory>
+  <currentMemory unit='KiB'>1048576</currentMemory>
+  <vcpu placement='static'>2</vcpu>
+  <resource>
+    <partition>/machine</partition>
+  </resource>
+  <os>
+    <type arch='x86_64' machine='pc-i440fx-2.8'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <features>
+    <acpi/>
+    <apic/>
+    <vmport state='off'/>
+  </features>
+  <clock offset='utc'>
+    <timer name='rtc' tickpolicy='catchup'/>
+    <timer name='pit' tickpolicy='delay'/>
+    <timer name='hpet' present='no'/>
+  </clock>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>restart</on_crash>
+  <pm>
+    <suspend-to-mem enabled='no'/>
+    <suspend-to-disk enabled='no'/>
+  </pm>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='qcow2'/>
+      <source file='/var/lib/libvirt/images/gateway.qcow2'/>
+      <backingStore/>
+      <target dev='vda' bus='virtio'/>
+      <alias name='virtio-disk0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
+    </disk>
+    <disk type='file' device='cdrom'>
+      <driver name='qemu' type='raw'/>
+      <source file='/var/lib/libvirt/images/gateway-cloudinit.iso'/>
+      <backingStore/>
+      <target dev='hda' bus='ide'/>
+      <readonly/>
+      <alias name='ide0-0-0'/>
+      <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+    </disk>
+    <controller type='usb' index='0' model='ich9-ehci1'>
+      <alias name='usb'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x7'/>
+    </controller>
+    <controller type='usb' index='0' model='ich9-uhci1'>
+      <alias name='usb'/>
+      <master startport='0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0' multifunction='on'/>
+    </controller>
+    <controller type='usb' index='0' model='ich9-uhci2'>
+      <alias name='usb'/>
+      <master startport='2'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x1'/>
+    </controller>
+    <controller type='usb' index='0' model='ich9-uhci3'>
+      <alias name='usb'/>
+      <master startport='4'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x2'/>
+    </controller>
+    <controller type='pci' index='0' model='pci-root'>
+      <alias name='pci.0'/>
+    </controller>
+    <controller type='ide' index='0'>
+      <alias name='ide'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
+    </controller>
+    <controller type='virtio-serial' index='0'>
+      <alias name='virtio-serial0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x07' function='0x0'/>
+    </controller>
+    <interface type='bridge'>
+      <mac address='52:54:00:0e:ea:c1'/>
+      <source bridge='brlan'/>
+      <target dev='vnet0'/>
+      <model type='virtio'/>
+      <alias name='net0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
+    </interface>
+    <interface type='bridge'>
+      <mac address='52:54:00:29:0c:ad'/>
+      <source bridge='brwan'/>
+      <target dev='vnet1'/>
+      <model type='virtio'/>
+      <alias name='net1'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
+    </interface>
+    <serial type='pty'>
+      <source path='/dev/pts/1'/>
+      <target port='0'/>
+      <alias name='serial0'/>
+    </serial>
+    <console type='pty' tty='/dev/pts/1'>
+      <source path='/dev/pts/1'/>
+      <target type='serial' port='0'/>
+      <alias name='serial0'/>
+    </console>
+    <channel type='unix'>
+      <source mode='bind' path='/var/lib/libvirt/qemu/channel/target/domain-4-gateway/org.qemu.guest_agent.0'/>
+      <target type='virtio' name='org.qemu.guest_agent.0' state='disconnected'/>
+      <alias name='channel0'/>
+      <address type='virtio-serial' controller='0' bus='0' port='1'/>
+    </channel>
+    <channel type='spicevmc'>
+      <target type='virtio' name='com.redhat.spice.0' state='disconnected'/>
+      <alias name='channel1'/>
+      <address type='virtio-serial' controller='0' bus='0' port='2'/>
+    </channel>
+    <input type='tablet' bus='usb'>
+      <alias name='input0'/>
+      <address type='usb' bus='0' port='1'/>
+    </input>
+    <input type='mouse' bus='ps2'>
+      <alias name='input1'/>
+    </input>
+    <input type='keyboard' bus='ps2'>
+      <alias name='input2'/>
+    </input>
+    <graphics type='spice' port='5900' autoport='yes' listen='127.0.0.1'>
+      <listen type='address' address='127.0.0.1'/>
+      <image compression='off'/>
+    </graphics>
+    <sound model='ich6'>
+      <alias name='sound0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
+    </sound>
+    <video>
+      <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
+      <alias name='video0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
+    </video>
+    <redirdev bus='usb' type='spicevmc'>
+      <alias name='redir0'/>
+      <address type='usb' bus='0' port='2'/>
+    </redirdev>
+    <redirdev bus='usb' type='spicevmc'>
+      <alias name='redir1'/>
+      <address type='usb' bus='0' port='3'/>
+    </redirdev>
+    <memballoon model='virtio'>
+      <alias name='balloon0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x09' function='0x0'/>
+    </memballoon>
+    <rng model='virtio'>
+      <backend model='random'>/dev/random</backend>
+      <alias name='rng0'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x0a' function='0x0'/>
+    </rng>
+  </devices>
+  <seclabel type='none' model='none'/>
+  <seclabel type='dynamic' model='dac' relabel='yes'>
+    <label>+64055:+64055</label>
+    <imagelabel>+64055:+64055</imagelabel>
+  </seclabel>
+</domain>
diff --git a/roles/kvm/templates/libvirt-default-uri.sh b/roles/kvm/templates/libvirt-default-uri.sh
new file mode 100644
index 0000000..2b293da
--- /dev/null
+++ b/roles/kvm/templates/libvirt-default-uri.sh
@@ -0,0 +1,2 @@
+#!/bin/sh
+export LIBVIRT_DEFAULT_URI=qemu:///system