kvm_host: Add script for checking orphaned vm data

roles/kvm_host/files/check-orphaned-vm.sh

@@ -0,0 +1,24 @@
+#!/bin/sh
+
+set -eu
+
+# check that all vm's are in ldap
+virsh list --all --name | while read -r vm ; do
+    [ "$vm" = "" ] && continue
+    if ! ldapsearch -LLL "(&(cn=${vm})(objectClass=device))" dn 2> /dev/null | \
+        grep -qE "^dn: cn=${vm},ou=Hosts,"
+    then
+        echo "WARNING: Host \"${vm}\" registered in KVM but not in LDAP" 1>62
+    fi
+done
+
+# check that all disks have owner
+for dir in /srv/libvirt/{hdd,nvme,os,ssd} ; do
+    [ -d "$dir" ] || continue
+    find "$dir" -name \*.img | while read -r image ; do
+        vm="$(basename "$image" ".img" | sed -e 's/\.[a-z]$//')"
+        if ! virsh dominfo "$vm" > /dev/null 2>&1 ; then
+            echo "WARNING: Orphaned disk image \"${image}\" found" 1>&2
+        fi
+    done
+done

roles/kvm_host/tasks/main.yml

@@ -53,3 +53,18 @@
     name: libvirtd
     state: started
     enabled: true
+
+- name: Install script for checking orphaned vm's
+  ansible.builtin.copy:
+    dest: /usr/local/bin/check-orphaned-vm
+    src: check-orphaned-vm.sh
+    mode: "0755"
+    owner: root
+    group: "{{ ansible_wheel }}"
+
+- name: Add cronjob to check orphaned vm's
+  ansible.builtin.cron:
+    name: check-orphaned-vm
+    hour: "5"
+    minute: "5"
+    job: /usr/local/bin/check-orphaned-vm