diff --git a/roles/auth/vars/main.yml b/roles/auth/vars/main.yml index a08f8d9..8905bf3 100644 --- a/roles/auth/vars/main.yml +++ b/roles/auth/vars/main.yml @@ -1,5 +1,5 @@ --- -auth__all: "{{ {'host': auth__host, 'group': auth__group, 'default': auth__default} | aybarsm.helper.role_vars(only=auth__use_only) }}" +auth__all: "{{ {'host': auth__host, 'group': auth__group, 'default': auth__default} | aybarsm.helper.role_items(only=auth__use_only) }}" auth__users_all: "{{ auth__all | selectattr('entry__type', 'eq', 'user') }}" diff --git a/roles/network/vars/main.yml b/roles/network/vars/main.yml index f63d58f..f81033c 100644 --- a/roles/network/vars/main.yml +++ b/roles/network/vars/main.yml @@ -1,4 +1,4 @@ -network__all: "{{ {'host': network__host, 'group': network__group, 'default': network__default} | aybarsm.helper.role_vars(only=network__use_only) }}" +network__all: "{{ {'host': network__host, 'group': network__group, 'default': network__default} | aybarsm.helper.role_items(only=network__use_only) }}" ##### BEGIN: network sysctl vars network__sysctl_all: "{{ network__all | selectattr('entry__type', 'eq', 'sysctl') | diff --git a/roles/package_manager/tasks/main.yml b/roles/package_manager/tasks/main.yml deleted file mode 100644 index 95fc517..0000000 --- a/roles/package_manager/tasks/main.yml +++ /dev/null @@ -1,71 +0,0 @@ ---- -- name: Load OS family related variables - ansible.builtin.include_vars: "{{ ansible_os_family | lower }}.yml" - -- name: Load common variables structured on OS related variables - ansible.builtin.include_vars: common.yml - -- name: Include DEB repository key tasks (APT) - ansible.builtin.include_tasks: - file: deb_repo_keys.yml - when: - - package_manager__role_enabled | default(false) | bool - - package_manager__manage_repo_keys | default(false) | bool - - ansible_os_family | default('') | lower == 'debian' - -- name: Include DEB repository tasks (APT) - ansible.builtin.include_tasks: - file: deb_repos.yml - when: - - package_manager__role_enabled | default(false) | bool - - package_manager__manage_repos | default(false) | bool - - ansible_os_family | default('') | lower == 'debian' - -# TODO: Implement RPM repository tasks -# - name: Include RPM repository repository tasks (YUM) -# ansible.builtin.include_tasks: -# file: rpm_repo.yml -# when: -# - package_manager__role_enabled | default(false) | bool -# - ansible_os_family | default('') | lower == 'redhat' - -- name: Include DEB package tasks (APT) - ansible.builtin.include_tasks: - file: deb_packages.yml - when: - - package_manager__role_enabled | default(false) | bool - - package_manager__manage_packages | default(false) | bool - - package_manager__package_strategy | lower == 'specific' - - ansible_os_family | default('') | lower == 'debian' - -- name: Include RPM package tasks (DNF) - ansible.builtin.include_tasks: - file: rpm_packages.yml - when: - - package_manager__role_enabled | default(false) | bool - - package_manager__manage_packages | default(false) | bool - - package_manager__package_strategy | lower == 'specific' - - ansible_os_family | default('') | lower == 'redhat' - -- name: Include upgrade tasks - ansible.builtin.include_tasks: - file: upgrade.yml - when: - - package_manager__role_enabled | default(false) | bool - - __package_manager__upgrade_execute.decision - -- name: Inform when upgrade skipped - ansible.builtin.debug: - msg: "{{ __package_manager__upgrade_execute.reason }}" - when: - - package_manager__role_enabled | default(false) | bool - - not __package_manager__upgrade_execute.decision - delegate_to: localhost - -- name: Include common package manager tasks - ansible.builtin.include_tasks: - file: common_packages.yml - when: - - package_manager__role_enabled | default(false) | bool - - package_manager__manage_packages | default(false) | bool - - package_manager__package_strategy | lower == 'common' diff --git a/roles/package_manager/templates/common/repo_list_disabled.j2 b/roles/package_manager/templates/common/repo_list_disabled.j2 deleted file mode 100644 index ead9183..0000000 --- a/roles/package_manager/templates/common/repo_list_disabled.j2 +++ /dev/null @@ -1,4 +0,0 @@ -# {{ ansible_managed }} -{% if package_manager__repo_list_disabled_comment is defined %} -{{ package_manager__repo_list_disabled_comment | comment }} -{% endif %} \ No newline at end of file diff --git a/roles/package_manager/vars/common-pre.yml b/roles/package_manager/vars/common-pre.yml deleted file mode 100644 index 62d6005..0000000 --- a/roles/package_manager/vars/common-pre.yml +++ /dev/null @@ -1,51 +0,0 @@ -package_manager__repo_keys_all: "{{ package_manager__all | - selectattr('type', 'defined') | selectattr('type', 'equalto', 'repo_key') | - default([]) }}" - -package_manager__repos_all: "{{ package_manager__all | - selectattr('type', 'defined') | selectattr('type', 'equalto', 'repo') | - default([]) }}" - -package_manager__repo_lists_all: "{{ package_manager__all | - selectattr('type', 'defined') | selectattr('type', 'equalto', 'repo_list') | - selectattr('dest', 'defined') | selectattr('src', 'defined') | - selectattr('source_module', 'defined') | selectattr('source_module', 'in', ['copy', 'template']) | - unique(attribute='dest') | default([]) }}" - -package_manager__packages_all: "{{ package_manager__all | - selectattr('type', 'defined') | selectattr('type', 'equalto', 'package') | - default([]) }}" - -__package_manager__clean_upgrade_modes: "{{ ['clean_'] | product(__package_manager__upgrade_modes) | map('join') }}" - -__package_manager__repo_list_defaults: "{{ package_manager__repo_lists_all | selectattr('category', 'defined') | selectattr('category', 'equalto', 'default') | default([]) }}" -__package_manager__repo_list_defaults_copy: "{{ __package_manager__repo_list_defaults | selectattr('source_module', 'equalto', 'copy') | default([]) }}" -__package_manager__repo_list_defaults_template: "{{ __package_manager__repo_list_defaults | selectattr('source_module', 'equalto', 'template') | default([]) }}" - -__package_manager__upgrade_clean: "{{ package_manager__upgrade_mode in __package_manager__clean_upgrade_modes }}" -__package_manager__upgrade_mode: "{{ package_manager__upgrade_mode | regex_replace('clean_', '') }}" -__package_manager__upgrade_clean_eligible: "{{ __package_manager__upgrade_clean and __package_manager__repo_list_defaults | length > 0 }}" - -__package_manager__upgrade_once: "{{ package_manager__upgrade_strategy == 'once' }}" -__package_manager__upgrade_always: "{{ package_manager__upgrade_strategy == 'always' }}" -__package_manager__upgrade_never: "{{ package_manager__upgrade_strategy == 'never' }}" -__package_manager__upgrade_execute: >- - {%- set exec_upgrade = {'decision': true, 'reason': ''} -%} - {%- if not package_manager__role_enabled -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade requires aybarsm.linux.package_manager role enabled. (package_manager__role_enabled: true)'} -%} - {%- elif __package_manager__upgrade_never -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade strategy is set to never.'} -%} - {%- elif __package_manager__upgrade_clean and not __package_manager__upgrade_clean_eligible -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade strategy is set to clean, but no default repo list configuration found.'} -%} - {%- elif __package_manager__upgrade_once -%} - {%- if ansible__local_fact_name is undefined -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade strategy once requires aybarsm.helper.ansible role imported.'} -%} - {%- elif ansible__role_enabled is undefined or not ansible__role_enabled -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade strategy once requires aybarsm.helper.ansible role enabled. (ansible__role_enabled: true)'} -%} - {%- elif not ansible__manage_local_facts -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade strategy once requires aybarsm.helper.ansible role local fact management enabled. (ansible__manage_local_facts: true)'} -%} - {%- elif ansible_local[ansible__local_fact_name].package_manager.upgrade is defined -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Host already upgraded.'} -%} - {%- endif -%} - {%- endif -%} - {{ exec_upgrade }} diff --git a/roles/package_manager/vars/common.yml b/roles/package_manager/vars/common.yml deleted file mode 100644 index efaf461..0000000 --- a/roles/package_manager/vars/common.yml +++ /dev/null @@ -1,61 +0,0 @@ -package_manager__all: "{{ (package_manager__host + package_manager__group + package_manager__default) | - map('aybarsm.helper.combine_reverse', {'keep__entry': true, 'skip__entry': false}) | - rejectattr('keep__entry', 'eq', false) | rejectattr('skip__entry', 'eq', true) | rejectattr('type', 'undefined') | - aybarsm.helper.all_except(['keep__entry', 'skip__entry']) }}" - -package_manager__packages_all: "{{ package_manager__all | - aybarsm.helper.selectattr(__package_manager__config.packages.selectattr) | - aybarsm.helper.replace_aliases(__package_manager__config.packages.replace_aliases) | - aybarsm.helper.splitattr(__package_manager__config.packages.splitattr) | - aybarsm.helper.unique_recursive(__package_manager__config.packages.uniques) | - aybarsm.helper.joinattr(__package_manager__config.packages.joinattr) | - default([]) }}" - -package_manager__repo_keys_all: "{{ package_manager__all | - aybarsm.helper.selectattr(__package_manager__config.repo_keys.selectattr) | - aybarsm.helper.unique_recursive(__package_manager__config.repo_keys.uniques) | - default([]) }}" - -package_manager__repos_all: "{{ package_manager__all | - aybarsm.helper.selectattr(__package_manager__config.repos.selectattr) | - aybarsm.helper.unique_recursive(__package_manager__config.repos.uniques) | - default([]) }}" - -package_manager__repo_lists_all: "{{ package_manager__all | - aybarsm.helper.selectattr(__package_manager__config.repo_lists.selectattr) | - aybarsm.helper.unique_recursive(__package_manager__config.repo_lists.uniques) | - default([]) }}" - -__package_manager__clean_upgrade_modes: "{{ ['clean_'] | product(__package_manager__upgrade_modes) | map('join') }}" - -__package_manager__repo_list_defaults: "{{ package_manager__repo_lists_all | selectattr('category', 'defined') | selectattr('category', 'equalto', 'default') | default([]) }}" -__package_manager__repo_list_defaults_copy: "{{ __package_manager__repo_list_defaults | selectattr('source_module', 'equalto', 'copy') | default([]) }}" -__package_manager__repo_list_defaults_template: "{{ __package_manager__repo_list_defaults | selectattr('source_module', 'equalto', 'template') | default([]) }}" - -__package_manager__upgrade_clean: "{{ package_manager__upgrade_mode in __package_manager__clean_upgrade_modes }}" -__package_manager__upgrade_mode: "{{ package_manager__upgrade_mode | regex_replace('clean_', '') }}" -__package_manager__upgrade_clean_eligible: "{{ __package_manager__upgrade_clean and __package_manager__repo_list_defaults | length > 0 }}" - -__package_manager__upgrade_once: "{{ package_manager__upgrade_strategy == 'once' }}" -__package_manager__upgrade_always: "{{ package_manager__upgrade_strategy == 'always' }}" -__package_manager__upgrade_never: "{{ package_manager__upgrade_strategy == 'never' }}" -__package_manager__upgrade_execute: >- - {%- set exec_upgrade = {'decision': true, 'reason': ''} -%} - {%- if not package_manager__role_enabled -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade requires aybarsm.linux.package_manager role enabled. (package_manager__role_enabled: true)'} -%} - {%- elif __package_manager__upgrade_never -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade strategy is set to never.'} -%} - {%- elif __package_manager__upgrade_clean and not __package_manager__upgrade_clean_eligible -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade strategy is set to clean, but no default repo list configuration found.'} -%} - {%- elif __package_manager__upgrade_once -%} - {%- if ansible__local_fact_name is undefined -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade strategy once requires aybarsm.helper.ansible role imported.'} -%} - {%- elif ansible__role_enabled is undefined or not ansible__role_enabled -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade strategy once requires aybarsm.helper.ansible role enabled. (ansible__role_enabled: true)'} -%} - {%- elif not ansible__manage_local_facts -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Upgrade strategy once requires aybarsm.helper.ansible role local fact management enabled. (ansible__manage_local_facts: true)'} -%} - {%- elif ansible_local[ansible__local_fact_name].package_manager.upgrade is defined -%} - {%- set exec_upgrade = {'decision': false, 'reason': 'Host already upgraded.'} -%} - {%- endif -%} - {%- endif -%} - {{ exec_upgrade }} diff --git a/roles/package_manager/vars/debian.yml b/roles/package_manager/vars/debian.yml deleted file mode 100644 index 9963b7e..0000000 --- a/roles/package_manager/vars/debian.yml +++ /dev/null @@ -1,52 +0,0 @@ -__package_manager__upgrade_modes: ['full', 'safe', 'yes', 'dist'] - -package_manager__repo_list_dir: /etc/apt/sources.list.d -package_manager__repo_list_patterns: [".*\\.list$"] - -__package_manager__config: - packages: - selectattr: - - when: - - ['type', 'defined'] - - ['type', 'equalto', 'package'] - - when: "{{ ['name', 'package', 'pkg'] | product(['defined']) | list }}" - logic: or - replace_aliases: - name: ['package', 'pkg'] - splitattr: - - srcAttr: name - dstAttr: version - search: '=' - overwrite: true - uniques: ['name'] - joinattr: - - leftAttr: name - rightAttr: version - join: '=' - overwrite: true - deleteSrcAttrs: true - repo_keys: - selectattr: - - when: - - ['type', 'defined'] - - ['type', 'equalto', 'repo_key'] - - when: "{{ ['keyserver', 'url', 'id', 'file', 'data'] | product(['defined']) | list }}" - logic: or - uniques: ['keyserver', 'url', 'id', 'file', 'data'] - repos: - selectattr: - - when: - - ['type', 'defined'] - - ['type', 'equalto', 'repo'] - - ['repo', 'defined'] - uniques: ['repo'] - repo_lists: - selectattr: - - when: - - ['type', 'defined'] - - ['type', 'equalto', 'repo_list'] - - ['dest', 'defined'] - - ['src', 'defined'] - - ['source_module', 'defined'] - - ['source_module', 'in', ['copy', 'template']] - uniques: ['dest'] diff --git a/roles/package_manager/vars/redhat.yml b/roles/package_manager/vars/redhat.yml deleted file mode 100644 index fe9fd7d..0000000 --- a/roles/package_manager/vars/redhat.yml +++ /dev/null @@ -1,18 +0,0 @@ -# TODO: Implement all redhat family variables -__package_manager__upgrade_modes: ['full'] - -__package_manager__has_main_repo_list: false -package_manager__repo_list_dir: /etc/yum.repos.d -package_manager__repo_list_use_regex: true -package_manager__repo_list_patterns: [".*\\.repo$"] - -__package_manager__clean_upgrade_modes: "{{ ['clean_'] | product(__package_manager__upgrade_modes) | map('join') }}" - -__package_manager__package_state_config: - - attribute: state - value: absent - else: present - when: - - ['autoremove', 'defined'] - - ['autoremove', 'true'] - logic: and \ No newline at end of file diff --git a/roles/package_manager/defaults/main.yml b/roles/pkg_mgr/defaults/main.yml similarity index 51% rename from roles/package_manager/defaults/main.yml rename to roles/pkg_mgr/defaults/main.yml index 35775ee..747cc9b 100644 --- a/roles/package_manager/defaults/main.yml +++ b/roles/pkg_mgr/defaults/main.yml @@ -1,39 +1,41 @@ --- -package_manager__role_enabled: false +pkg_mgr__role_enabled: false -package_manager__manage_repo_keys: false -package_manager__manage_repos: false -package_manager__manage_packages: false +pkg_mgr__manage_repo_keys: false +pkg_mgr__manage_repos: false +pkg_mgr__manage_packages: false # Package Manager Strategy: # Change the package manager strategy to use for the system i.e. ansible.builtin.apt vs ansible.builtin.package # Available options: specific, common -package_manager__package_strategy: specific +pkg_mgr__package_module: specific # Upgrade Strategy: # Upgrade the packages on the system either always, never or once # Once option stores the state of the upgrade in host with ansible facts # Once option requires ansible__role_enabled and ansible__manage_local_facts to be enabled -# package_manager__upgrade_strategy: once -package_manager__upgrade_strategy: never +# pkg_mgr__upgrade_strategy: once +pkg_mgr__upgrade_strategy: never # Upgrade Mode: # Available options for APT: full, clean_full, safe, clean_safe, yes, clean_yes, dist, clean_dist # Available options for DNF: full, clean_full # Clean options temproarily removes all repos other than OS default repos before upgrade -package_manager__upgrade_mode: clean_full +pkg_mgr__upgrade_mode: clean_full # This option removes the backup repo list files in clean upgrade mode after upgrade -package_manager__clean_upgrade_post_remove_backups: true +pkg_mgr__clean_upgrade_post_remove_backups: true # Shared Options: -package_manager__repo_list_disabled_template: common/repo_list_disabled.j2 -package_manager__repo_list_disabled_comment: "This repository list temporarily disabled by ansible." -package_manager__upgrade_update_repo_cache: true -package_manager__repo_list_use_regex: true +pkg_mgr__repo_list_disabled_template: common/repo_list_disabled.j2 +pkg_mgr__repo_list_disabled_comment: "This repository list temporarily disabled by ansible." +pkg_mgr__upgrade_update_repo_cache: true +pkg_mgr__repo_list_use_regex: true # TODO: Implement this feature -# package_manager__package_simulation: true +# pkg_mgr__package_simulation: true -package_manager__default: [] -package_manager__group: [] -package_manager__host: [] \ No newline at end of file +pkg_mgr__use_only: ['host', 'group', 'default'] + +pkg_mgr__default: [] +pkg_mgr__group: [] +pkg_mgr__host: [] \ No newline at end of file diff --git a/roles/package_manager/handlers/main.yml b/roles/pkg_mgr/handlers/main.yml similarity index 65% rename from roles/package_manager/handlers/main.yml rename to roles/pkg_mgr/handlers/main.yml index eae46d5..c4441ec 100644 --- a/roles/package_manager/handlers/main.yml +++ b/roles/pkg_mgr/handlers/main.yml @@ -7,18 +7,18 @@ # ansible__local_fact_updates: # - path: package_manager.upgrade # value: "{{ (__ansible__local_facts.package_manager.upgrade | default([])) + [{'timestamp': now().utcnow().strftime('%Y-%m-%dT%H:%M:%S.%fZ')}] }}" -# register: package_manager__upgrade_update_local_facts -# listen: "package_manager__upgrade_update_local_facts" +# register: pkg_mgr__upgrade_update_local_facts +# listen: "pkg_mgr__upgrade_update_local_facts" # when: -# - package_manager__upgrade_strategy is defined -# - package_manager__upgrade_strategy == 'once' +# - pkg_mgr__upgrade_strategy is defined +# - pkg_mgr__upgrade_strategy == 'once' - name: Update DEB repo cache become: true ansible.builtin.apt: update_cache: true - register: package_manager__deb_update_repo_cache - listen: "package_manager__update_repo_cache" + register: pkg_mgr__deb_update_repo_cache + listen: "pkg_mgr__update_repo_cache" when: - ansible_os_family | lower == 'debian' @@ -26,8 +26,8 @@ become: true ansible.builtin.command: cmd: yum clean metadata - register: package_manager__rpm_clean_metadata_cache - listen: "package_manager__update_repo_cache" + register: pkg_mgr__rpm_clean_metadata_cache + listen: "pkg_mgr__update_repo_cache" when: - ansible_os_family | lower == 'redhat' @@ -38,7 +38,7 @@ autoclean: true autoremove: true purge: true - register: package_manager__deb_full_clean - listen: "package_manager__manager_full_clean" + register: pkg_mgr__deb_full_clean + listen: "pkg_mgr__manager_full_clean" when: - ansible_os_family | lower == 'debian' diff --git a/roles/package_manager/meta/main.yml b/roles/pkg_mgr/meta/main.yml similarity index 100% rename from roles/package_manager/meta/main.yml rename to roles/pkg_mgr/meta/main.yml diff --git a/roles/pkg_mgr/tasks/apt.yml b/roles/pkg_mgr/tasks/apt.yml new file mode 100644 index 0000000..9871cef --- /dev/null +++ b/roles/pkg_mgr/tasks/apt.yml @@ -0,0 +1,29 @@ +--- +- name: Include APT Repository Key Task + ansible.builtin.include_tasks: + file: apt/repo_keys.yml + vars: + repo_keys: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'repo_key') | aybarsm.helper.all_except(['entry__type']) }}" + when: + - pkg_mgr__manage_repo_keys | bool + - repo_keys | length > 0 + +- name: Include APT Repository Task + ansible.builtin.include_tasks: + file: apt/repos.yml + vars: + repos: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'repo') | aybarsm.helper.all_except(['entry__type']) }}" + when: + - pkg_mgr__manage_repos | bool + - repos | length > 0 + register: pkg_mgr__apply_apt_repos + +- name: Include APT Package Task + ansible.builtin.include_tasks: + file: apt/packages.yml + vars: + packages: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'package') | aybarsm.helper.all_except(['entry__type']) }}" + when: + - pkg_mgr__manage_packages | bool + - packages | length > 0 + register: pkg_mgr__apply_apt_packages \ No newline at end of file diff --git a/roles/package_manager/tasks/deb_packages.yml b/roles/pkg_mgr/tasks/apt/packages.yml similarity index 88% rename from roles/package_manager/tasks/deb_packages.yml rename to roles/pkg_mgr/tasks/apt/packages.yml index 285dce9..4edf308 100644 --- a/roles/package_manager/tasks/deb_packages.yml +++ b/roles/pkg_mgr/tasks/apt/packages.yml @@ -1,5 +1,5 @@ --- -- name: Manage DEB packages via APT +- name: Manage APT Packages become: true ansible.builtin.apt: name: "{{ item.name }}" @@ -26,6 +26,5 @@ update_cache_retries: "{{ item.update_cache_retries | default(omit) }}" update_cache_retry_max_delay: "{{ item.update_cache_retry_max_delay | default(omit) }}" upgrade: "{{ item.upgrade | default(omit) }}" - loop: "{{ package_manager__packages_all }}" - register: package_manager__packages_deb_deploy - when: package_manager__packages_all | default([]) | length > 0 + loop: "{{ packages }}" + register: pkg_mgr__apply_apt_packages diff --git a/roles/package_manager/tasks/deb_repo_keys.yml b/roles/pkg_mgr/tasks/apt/repo_keys.yml similarity index 56% rename from roles/package_manager/tasks/deb_repo_keys.yml rename to roles/pkg_mgr/tasks/apt/repo_keys.yml index c0bba25..67fb26c 100644 --- a/roles/package_manager/tasks/deb_repo_keys.yml +++ b/roles/pkg_mgr/tasks/apt/repo_keys.yml @@ -1,5 +1,5 @@ --- -- name: Manage DEB repository keys via APT +- name: Manage APT Repository Keys become: true ansible.builtin.apt_key: state: "{{ item.state | default(omit) }}" @@ -8,8 +8,5 @@ keyring: "{{ item.keyring | default(omit) }}" url: "{{ item.url | default(omit) }}" validate_certs: "{{ item.validate_certs | default(omit) }}" - loop: "{{ package_manager__repo_keys_all }}" - register: package_manager__repo_keys_deb_apply - when: - - package_manager__repo_keys_all | type_debug == 'list' - - package_manager__repo_keys_all | length > 0 + loop: "{{ repo_keys }}" + register: pkg_mgr__apply_apt_repo_keys diff --git a/roles/package_manager/tasks/deb_repos.yml b/roles/pkg_mgr/tasks/apt/repos.yml similarity index 72% rename from roles/package_manager/tasks/deb_repos.yml rename to roles/pkg_mgr/tasks/apt/repos.yml index 5fc6405..b26b54a 100644 --- a/roles/package_manager/tasks/deb_repos.yml +++ b/roles/pkg_mgr/tasks/apt/repos.yml @@ -1,5 +1,5 @@ --- -- name: Manage DEB repositories via APT +- name: Manage APT Repositories become: true ansible.builtin.apt_repository: repo: "{{ item.repo }}" @@ -12,8 +12,5 @@ update_cache_retries: "{{ item.update_cache_retries | default(omit) }}" update_cache_retry_max_delay: "{{ item.update_cache_retry_max_delay | default(omit) }}" validate_certs: "{{ item.validate_certs | default(omit) }}" - loop: "{{ package_manager__repos_all }}" - register: package_manager__repos_deb_apply - when: - - package_manager__repos_all | type_debug == 'list' - - package_manager__repos_all | length > 0 + loop: "{{ repos }}" + register: pkg_mgr__apply_apt_repos diff --git a/roles/package_manager/tasks/common_packages.yml b/roles/pkg_mgr/tasks/common_packages.yml similarity index 51% rename from roles/package_manager/tasks/common_packages.yml rename to roles/pkg_mgr/tasks/common_packages.yml index c17188f..545274d 100644 --- a/roles/package_manager/tasks/common_packages.yml +++ b/roles/pkg_mgr/tasks/common_packages.yml @@ -4,8 +4,8 @@ name: "{{ item.name }}" state: "{{ item.state | default(omit) }}" use: "{{ item.use | default(omit) }}" - register: package_manager__packages_common_apply + register: pkg_mgr__packages_common_apply when: - - package_manager__packages_all | type_debug == 'list' - - package_manager__packages_all | length > 0 - loop: "{{ package_manager__packages_all }}" + - pkg_mgr__packages_all | type_debug == 'list' + - pkg_mgr__packages_all | length > 0 + loop: "{{ pkg_mgr__packages_all }}" diff --git a/roles/pkg_mgr/tasks/main.yml b/roles/pkg_mgr/tasks/main.yml new file mode 100644 index 0000000..53d03f5 --- /dev/null +++ b/roles/pkg_mgr/tasks/main.yml @@ -0,0 +1,64 @@ +--- +- name: Include APT Tasks + ansible.builtin.include_tasks: + file: apt.yml + when: + - pkg_mgr__role_enabled | bool + - __pkg_mgr__use_apt | bool + +# - name: Include DEB repository tasks (APT) +# ansible.builtin.include_tasks: +# file: deb_repos.yml +# when: +# - pkg_mgr__role_enabled | default(false) | bool +# - pkg_mgr__manage_repos | default(false) | bool +# - ansible_os_family | default('') | lower == 'debian' + +# # TODO: Implement RPM repository tasks +# # - name: Include RPM repository repository tasks (YUM) +# # ansible.builtin.include_tasks: +# # file: rpm_repo.yml +# # when: +# # - pkg_mgr__role_enabled | default(false) | bool +# # - ansible_os_family | default('') | lower == 'redhat' + +# - name: Include DEB package tasks (APT) +# ansible.builtin.include_tasks: +# file: deb_packages.yml +# when: +# - pkg_mgr__role_enabled | default(false) | bool +# - pkg_mgr__manage_packages | default(false) | bool +# - pkg_mgr__package_strategy | lower == 'specific' +# - ansible_os_family | default('') | lower == 'debian' + +# - name: Include RPM package tasks (DNF) +# ansible.builtin.include_tasks: +# file: rpm_packages.yml +# when: +# - pkg_mgr__role_enabled | default(false) | bool +# - pkg_mgr__manage_packages | default(false) | bool +# - pkg_mgr__package_strategy | lower == 'specific' +# - ansible_os_family | default('') | lower == 'redhat' + +# - name: Include upgrade tasks +# ansible.builtin.include_tasks: +# file: upgrade.yml +# when: +# - pkg_mgr__role_enabled | default(false) | bool +# - __pkg_mgr__upgrade_execute.decision + +# - name: Inform when upgrade skipped +# ansible.builtin.debug: +# msg: "{{ __pkg_mgr__upgrade_execute.reason }}" +# when: +# - pkg_mgr__role_enabled | default(false) | bool +# - not __pkg_mgr__upgrade_execute.decision +# delegate_to: localhost + +# - name: Include common package manager tasks +# ansible.builtin.include_tasks: +# file: common_packages.yml +# when: +# - pkg_mgr__role_enabled | default(false) | bool +# - pkg_mgr__manage_packages | default(false) | bool +# - pkg_mgr__package_strategy | lower == 'common' diff --git a/roles/package_manager/tasks/rpm_packages.yml b/roles/pkg_mgr/tasks/rpm_packages.yml similarity index 90% rename from roles/package_manager/tasks/rpm_packages.yml rename to roles/pkg_mgr/tasks/rpm_packages.yml index 2e4792e..ea164af 100644 --- a/roles/package_manager/tasks/rpm_packages.yml +++ b/roles/pkg_mgr/tasks/rpm_packages.yml @@ -34,8 +34,8 @@ update_only: "{{ item.update_only | default(omit) }}" use_backend: "{{ item.use_backend | default(omit) }}" validate_certs: "{{ item.validate_certs | default(omit) }}" - loop: "{{ package_manager__packages_all }}" - register: package_manager__packages_rpm_apply + loop: "{{ pkg_mgr__packages_all }}" + register: pkg_mgr__packages_rpm_apply when: - - package_manager__packages_all | type_debug == 'list' - - package_manager__packages_all | length > 0 + - pkg_mgr__packages_all | type_debug == 'list' + - pkg_mgr__packages_all | length > 0 diff --git a/roles/package_manager/tasks/upgrade.yml b/roles/pkg_mgr/tasks/upgrade.yml similarity index 54% rename from roles/package_manager/tasks/upgrade.yml rename to roles/pkg_mgr/tasks/upgrade.yml index 8a2fd5e..b6c4ef8 100644 --- a/roles/package_manager/tasks/upgrade.yml +++ b/roles/pkg_mgr/tasks/upgrade.yml @@ -4,12 +4,12 @@ - name: Find repo list files (Clean Upgrade) become: true ansible.builtin.find: - paths: "{{ package_manager__repo_list_dir }}" - patterns: "{{ package_manager__repo_list_patterns }}" - use_regex: "{{ package_manager__repo_list_use_regex | bool }}" - register: package_manager__upgrade_clean_find_repo_list_files + paths: "{{ pkg_mgr__repo_list_dir }}" + patterns: "{{ pkg_mgr__repo_list_patterns }}" + use_regex: "{{ pkg_mgr__repo_list_use_regex | bool }}" + register: pkg_mgr__upgrade_clean_find_repo_list_files when: - - __package_manager__upgrade_clean | default(false) | bool + - __pkg_mgr__upgrade_clean | default(false) | bool - name: Deploy default repo lists by copy with backups (Clean Upgrade) become: true @@ -17,12 +17,12 @@ src: "{{ item.src }}" dest: "{{ item.dest }}" backup: true - loop: "{{ __package_manager__repo_list_defaults_copy }}" - register: package_manager__upgrade_clean_default_repo_list_copies - notify: "package_manager__update_repo_cache" + loop: "{{ __pkg_mgr__repo_list_defaults_copy }}" + register: pkg_mgr__upgrade_clean_default_repo_list_copies + notify: "pkg_mgr__update_repo_cache" when: - - __package_manager__upgrade_clean | default(false) | bool - - __package_manager__repo_list_defaults_copy | length > 0 + - __pkg_mgr__upgrade_clean | default(false) | bool + - __pkg_mgr__repo_list_defaults_copy | length > 0 - name: Deploy default repo lists by template with backups (Clean Upgrade) become: true @@ -32,34 +32,34 @@ backup: true loop: "{{ repo_list_templates }}" vars: - repo_lists_default: "{{ __package_manager__repo_list_defaults_template | default([]) }}" - repo_list_additonals_src: "{{ package_manager__upgrade_clean_find_repo_list_files.files | map(attribute='path') | default([]) }}" + repo_lists_default: "{{ __pkg_mgr__repo_list_defaults_template | default([]) }}" + repo_list_additonals_src: "{{ pkg_mgr__upgrade_clean_find_repo_list_files.files | map(attribute='path') | default([]) }}" repo_lists_additional: "{{ (repo_list_additonals_src | length > 0) | ternary( - {'dest': repo_list_additonals_src} | aybarsm.helper.to_list_of_dicts(defaults={'src': package_manager__repo_list_disabled_template}), + {'dest': repo_list_additonals_src} | aybarsm.helper.to_list_of_dicts(defaults={'src': pkg_mgr__repo_list_disabled_template}), []) | - rejectattr('dest', 'in', (__package_manager__repo_list_defaults | map(attribute='dest'))) }}" + rejectattr('dest', 'in', (__pkg_mgr__repo_list_defaults | map(attribute='dest'))) }}" repo_list_templates: "{{ repo_lists_default + repo_lists_additional }}" - register: package_manager__upgrade_clean_default_repo_list_templates - notify: "package_manager__update_repo_cache" + register: pkg_mgr__upgrade_clean_default_repo_list_templates + notify: "pkg_mgr__update_repo_cache" when: - - __package_manager__upgrade_clean | default(false) | bool + - __pkg_mgr__upgrade_clean | default(false) | bool - repo_list_templates | length > 0 - name: Update package manager cache after repo list changes (Clean Upgrade) ansible.builtin.meta: 'flush_handlers' - when: package_manager__upgrade_clean_default_repo_list_copies.changed or package_manager__upgrade_clean_default_repo_list_templates.changed + when: pkg_mgr__upgrade_clean_default_repo_list_copies.changed or pkg_mgr__upgrade_clean_default_repo_list_templates.changed - name: Perform DEB package upgrade via APT become: true ansible.builtin.apt: update_cache: "{{ update_repo_cache }}" - upgrade: "{{ __package_manager__upgrade_mode }}" - dpkg_options: "{{ package_manager__upgrade_dpkg_options | default(omit) }}" - register: package_manager__upgrade_deb + upgrade: "{{ __pkg_mgr__upgrade_mode }}" + dpkg_options: "{{ pkg_mgr__upgrade_dpkg_options | default(omit) }}" + register: pkg_mgr__upgrade_deb vars: - handler_triggered: "{{ package_manager__upgrade_clean_default_repo_list_copies.changed or package_manager__upgrade_clean_default_repo_list_templates.changed }}" - update_repo_cache: "{{ false if handler_triggered else package_manager__upgrade_update_repo_cache }}" + handler_triggered: "{{ pkg_mgr__upgrade_clean_default_repo_list_copies.changed or pkg_mgr__upgrade_clean_default_repo_list_templates.changed }}" + update_repo_cache: "{{ false if handler_triggered else pkg_mgr__upgrade_update_repo_cache }}" when: - ansible_os_family | lower == 'debian' @@ -68,9 +68,9 @@ ansible.builtin.command: cmd: yum clean metadata vars: - handler_triggered: "{{ package_manager__upgrade_clean_default_repo_list_copies.changed or package_manager__upgrade_clean_default_repo_list_templates.changed }}" - update_repo_cache: "{{ false if handler_triggered else package_manager__upgrade_update_repo_cache }}" - register: package_manager__rpm_upgrade_clean_cache_pre + handler_triggered: "{{ pkg_mgr__upgrade_clean_default_repo_list_copies.changed or pkg_mgr__upgrade_clean_default_repo_list_templates.changed }}" + update_repo_cache: "{{ false if handler_triggered else pkg_mgr__upgrade_update_repo_cache }}" + register: pkg_mgr__rpm_upgrade_clean_cache_pre when: - ansible_os_family | lower == 'redhat' - update_repo_cache @@ -80,7 +80,7 @@ ansible.builtin.dnf: name: "*" state: latest - register: package_manager__rpm_upgrade + register: pkg_mgr__rpm_upgrade when: ansible_os_family | lower == 'redhat' - name: Include update local facts tasks when upgrade is successful @@ -91,10 +91,10 @@ ansible__local_fact_updates: package_manager: upgrade: ["{{ now().utcnow().strftime('%Y-%m-%dT%H:%M:%S.%fZ') }}"] - is_deb_upgrade_success: "{{ ansible_os_family | lower == 'debian' and not package_manager__upgrade_deb.failed }}" - is_rpm_upgrade_success: "{{ ansible_os_family | lower == 'redhat' and not package_manager__rpm_upgrade.failed }}" + is_deb_upgrade_success: "{{ ansible_os_family | lower == 'debian' and not pkg_mgr__upgrade_deb.failed }}" + is_rpm_upgrade_success: "{{ ansible_os_family | lower == 'redhat' and not pkg_mgr__rpm_upgrade.failed }}" when: - - __package_manager__upgrade_once + - __pkg_mgr__upgrade_once - is_deb_upgrade_success or is_rpm_upgrade_success rescue: - name: Inform when errors @@ -110,9 +110,9 @@ backup: false loop: "{{ restore_files }}" vars: - repo_list_copies: "{{ package_manager__upgrade_clean_default_repo_list_copies.results | default([]) | + repo_list_copies: "{{ pkg_mgr__upgrade_clean_default_repo_list_copies.results | default([]) | selectattr('backup_file', 'defined') | selectattr('dest', 'defined') }}" - repo_list_templates: "{{ package_manager__upgrade_clean_default_repo_list_templates.results | default([]) | + repo_list_templates: "{{ pkg_mgr__upgrade_clean_default_repo_list_templates.results | default([]) | selectattr('backup_file', 'defined') | selectattr('dest', 'defined') }}" restore_src: "{{ (repo_list_copies | map(attribute='backup_file') | default([])) + (repo_list_templates | map(attribute='backup_file') | default([])) }}" restore_dest: "{{ (repo_list_copies | map(attribute='dest') | default([])) + (repo_list_templates | map(attribute='dest') | default([])) }}" @@ -121,10 +121,10 @@ {'src': restore_src, 'dest': restore_dest} | aybarsm.helper.to_list_of_dicts, [] ) }}" - register: package_manager__upgrade_clean_restore_repo_lists - notify: "package_manager__update_repo_cache" + register: pkg_mgr__upgrade_clean_restore_repo_lists + notify: "pkg_mgr__update_repo_cache" when: - - __package_manager__upgrade_clean | default(false) | bool + - __pkg_mgr__upgrade_clean | default(false) | bool - restore_files | length > 0 - name: Remove backup repo list files (Clean Upgrade) @@ -132,13 +132,13 @@ ansible.builtin.file: path: "{{ item }}" state: absent - loop: "{{ package_manager__upgrade_clean_restore_repo_lists.results | map(attribute='src') }}" - register: package_manager__upgrade_clean_remove_backup_repo_lists + loop: "{{ pkg_mgr__upgrade_clean_restore_repo_lists.results | map(attribute='src') }}" + register: pkg_mgr__upgrade_clean_remove_backup_repo_lists when: - - __package_manager__upgrade_clean | default(false) | bool - - package_manager__clean_upgrade_post_remove_backups | default(false) | bool - - package_manager__upgrade_clean_restore_repo_lists.results | default([]) | length > 0 + - __pkg_mgr__upgrade_clean | default(false) | bool + - pkg_mgr__clean_upgrade_post_remove_backups | default(false) | bool + - pkg_mgr__upgrade_clean_restore_repo_lists.results | default([]) | length > 0 - name: Update package manager cache after repo list changes (Clean Upgrade) ansible.builtin.meta: 'flush_handlers' - when: package_manager__upgrade_clean_restore_repo_lists.changed + when: pkg_mgr__upgrade_clean_restore_repo_lists.changed diff --git a/roles/pkg_mgr/templates/common/repo_list_disabled.j2 b/roles/pkg_mgr/templates/common/repo_list_disabled.j2 new file mode 100644 index 0000000..20ed6fe --- /dev/null +++ b/roles/pkg_mgr/templates/common/repo_list_disabled.j2 @@ -0,0 +1,4 @@ +# {{ ansible_managed }} +{% if pkg_mgr__repo_list_disabled_comment is defined %} +{{ pkg_mgr__repo_list_disabled_comment | comment }} +{% endif %} \ No newline at end of file diff --git a/roles/package_manager/templates/etc/apk/alpine.repositories.j2 b/roles/pkg_mgr/templates/etc/apk/alpine.repositories.j2 similarity index 100% rename from roles/package_manager/templates/etc/apk/alpine.repositories.j2 rename to roles/pkg_mgr/templates/etc/apk/alpine.repositories.j2 diff --git a/roles/package_manager/templates/etc/apt/debian.sources.list.j2 b/roles/pkg_mgr/templates/etc/apt/debian.sources.list.j2 similarity index 100% rename from roles/package_manager/templates/etc/apt/debian.sources.list.j2 rename to roles/pkg_mgr/templates/etc/apt/debian.sources.list.j2 diff --git a/roles/package_manager/templates/etc/apt/ubuntu.sources.list.j2 b/roles/pkg_mgr/templates/etc/apt/ubuntu.sources.list.j2 similarity index 100% rename from roles/package_manager/templates/etc/apt/ubuntu.sources.list.j2 rename to roles/pkg_mgr/templates/etc/apt/ubuntu.sources.list.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-appstream.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-appstream.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-appstream.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-appstream.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-baseos.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-baseos.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-baseos.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-baseos.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-crb.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-crb.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-crb.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-crb.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-extras.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-extras.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-extras.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-extras.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-highavailability.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-highavailability.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-highavailability.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-highavailability.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-nfv.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-nfv.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-nfv.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-nfv.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-plus.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-plus.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-plus.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-plus.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-resilientstorage.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-resilientstorage.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-resilientstorage.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-resilientstorage.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-rt.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-rt.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-rt.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-rt.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-sap.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-sap.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-sap.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-sap.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-saphana.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-saphana.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/almalinux.almalinux-saphana.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/almalinux.almalinux-saphana.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/centos.centos-addons.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/centos.centos-addons.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/centos.centos-addons.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/centos.centos-addons.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/centos.centos.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/centos.centos.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/centos.centos.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/centos.centos.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/oraclelinux.base.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/oraclelinux.base.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/oraclelinux.base.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/oraclelinux.base.repo.j2 diff --git a/roles/package_manager/templates/etc/yum.repos.d/oraclelinux.base_latest.repo.j2 b/roles/pkg_mgr/templates/etc/yum.repos.d/oraclelinux.base_latest.repo.j2 similarity index 100% rename from roles/package_manager/templates/etc/yum.repos.d/oraclelinux.base_latest.repo.j2 rename to roles/pkg_mgr/templates/etc/yum.repos.d/oraclelinux.base_latest.repo.j2 diff --git a/roles/pkg_mgr/vars/main.yml b/roles/pkg_mgr/vars/main.yml new file mode 100644 index 0000000..b1b92e4 --- /dev/null +++ b/roles/pkg_mgr/vars/main.yml @@ -0,0 +1,8 @@ +pkg_mgr__all: "{{ {'host': pkg_mgr__host, 'group': pkg_mgr__group, 'default': pkg_mgr__default} | aybarsm.helper.role_items(only=pkg_mgr__use_only) }}" + +__pkg_mgr__use_apt: "{{ ansible_os_family | default('') | lower == 'debian' and pkg_mgr__package_module == 'specific' }}" + +# pkg_mgr__packages: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'package') }}" +# pkg_mgr__repo_keys: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'repo_key') }}" +# pkg_mgr__repos: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'repo') }}" +# pkg_mgr__repo_lists: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'repo_list') }}" \ No newline at end of file diff --git a/roles/proxmox/defaults/main.yml b/roles/proxmox/defaults/main.yml index 039fedc..3e1b57e 100644 --- a/roles/proxmox/defaults/main.yml +++ b/roles/proxmox/defaults/main.yml @@ -1,25 +1,47 @@ proxmox__role_enabled: false -proxmox__repo_url_enterprise: https://enterprise.proxmox.com/debian -proxmox__repo_url_no_subscription: http://download.proxmox.com/debian -proxmox__repo_keys: - bookworm: - url: https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg - keyring: /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg - bullseye: - url: https://enterprise.proxmox.com/debian/proxmox-release-bullseye.gpg - keyring: /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg - -proxmox__purpose_names: ['pve', 'pbs', 'pmg', 'ceph_pacific', 'ceph_quincy', 'ceph_reef', 'zfs'] -proxmox__purpose_types: ['enterprise', 'no-subscription'] -proxmox__purpose_packages: - pve: ['pve-manager'] - pbs: ['proxmox-backup-server'] - pmg: ['proxmox-mailgateway'] - ceph_pacific: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] - ceph_quincy: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] - ceph_reef: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] - zfs: ['zfsutils-linux', 'zfs-initramfs', 'zfs-zed'] +proxmox__manage_repo_keys: false +proxmox__manage_repos: false +proxmox__manage_packages: false +proxmox__manage_pools: false +proxmox__manage_roles: false +proxmox__manage_user_groups: false +proxmox__manage_users: false +proxmox__manage_acls: false + +proxmox__remove_subscription_warning: false +proxmox__use_freenas: false + +proxmox__freenas: + remote_src: true + git: + repo: https://github.com/TheGrandWazoo/freenas-proxmox + clone: true + file_mgr: + - entry__type: patch + src: pve-manager/js/pvemanagerlib.js.patch + dest: /usr/share/pve-manager/js/pvemanagerlib.js + entry__handlers: restart_pve_services + - entry__type: patch + src: pve-manager/js/pvemanagerlib.js.patch + dest: /usr/share/pve-manager/js/pvemanagerlib.js + entry__handlers: restart_pve_services + - entry__type: patch + src: pve-manager/js/pvemanagerlib.js.patch + dest: /usr/share/pve-manager/js/pvemanagerlib.js + entry__handlers: restart_pve_services + - entry__type: patch + src: pve-manager/js/pvemanagerlib.js.patch + dest: /usr/share/pve-manager/js/pvemanagerlib.js + entry__handlers: restart_pve_services + - entry__type: copy + src: perl5/PVE/Storage/LunCmd/FreeNAS.pm + dest: /usr/share/perl5/PVE/Storage/LunCmd/FreeNAS.pm + entry__handlers: restart_pve_services + - entry__type: handlers + name: restart_pve_services + condition: any + handlers: "{{ {'name': ['pvedaemon', 'pveproxy', 'pvestatd', 'pve-ha-lrm', 'pve-ha-crm']} | aybarsm.helper.to_list_of_dicts({'entry__type': 'service', 'state': 'restarted'}) }}" proxmox__clusters: {} @@ -27,4 +49,57 @@ proxmox__use_only: ['host', 'group', 'default'] proxmox__default: [] proxmox__group: [] -proxmox__host: [] \ No newline at end of file +proxmox__host: [] + +proxmox__repos: + types: + enterprise: + url: https://enterprise.proxmox.com/debian + no_subscription: + url: http://download.proxmox.com/debian + keys: + bookworm: + url: https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg + keyring: /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg + bullseye: + url: https://enterprise.proxmox.com/debian/proxmox-release-bullseye.gpg + keyring: /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg + +proxmox__purposes: + pve: + packages: ['pve-manager'] + repo: + file: 'pve-<>' + suffix: 'pve-<>' + pbs: + packages: ['proxmox-backup-server'] + repo: + file: 'pbs-<>' + suffix: 'pbs-<>' + pmg: + packages: ['proxmox-mailgateway'] + repo: + file: 'pmg-<>' + suffix: 'pbs-<>' + ceph_pacific: + packages: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] + repo: + file: 'ceph' + suffix: '<>' + ceph_quincy: + packages: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] + repo: + file: 'ceph' + suffix: '<>' + ceph_reef: + packages: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] + repo: + file: 'ceph' + suffix: '<>' + zfs: + packages: ['zfsutils-linux', 'zfs-initramfs', 'zfs-zed'] + freenas: + packages: ['librest-client-perl', 'git', 'patch'] + params: + task_file: freenas.yml + remote_src: true \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter.yml b/roles/proxmox/tasks/datacenter.yml index fad9708..8515a83 100644 --- a/roles/proxmox/tasks/datacenter.yml +++ b/roles/proxmox/tasks/datacenter.yml @@ -1,58 +1,45 @@ --- -- name: Include Proxmox datacenter pool tasks +- name: Include Proxmox Datacenter Pools Task ansible.builtin.include_tasks: - file: datacenter/pool.yml - loop: "{{ __proxmox__cluster.pools }}" - loop_control: - loop_var: proxmox__dc_pool - index_var: proxmox__dc_pool_index + file: datacenter/pools.yml + vars: + proxmox_datacenter_pools: "{{ proxmox__all | selectattr('entry__type', 'eq', 'pool') }}" when: - - __proxmox__cluster.manage_pools | default(false) | bool - - __proxmox__cluster.pools | default([]) | length > 0 + - proxmox__manage_pools + - proxmox_datacenter_pools | length > 0 -- name: Include Proxmox datacenter role tasks +- name: Include Proxmox Datacenter Roles Task ansible.builtin.include_tasks: - file: datacenter/role.yml - loop: "{{ __proxmox__cluster.roles }}" - loop_control: - loop_var: proxmox__dc_role - index_var: proxmox__dc_role_index + file: datacenter/roles.yml + vars: + proxmox_datacenter_roles: "{{ proxmox__all | selectattr('entry__type', 'eq', 'role') }}" when: - - __proxmox__cluster.manage_roles | default(false) | bool - - __proxmox__cluster.roles | default([]) | length > 0 + - proxmox__manage_roles + - proxmox_datacenter_roles | length > 0 -- name: Include Proxmox datacenter user group tasks +- name: Include Proxmox Datacenter User Groups Task ansible.builtin.include_tasks: - file: datacenter/group.yml - loop: "{{ __proxmox__cluster.groups }}" - loop_control: - loop_var: proxmox__dc_group - index_var: proxmox__dc_group_index + file: datacenter/user_groups.yml + vars: + proxmox_datacenter_user_groups: "{{ proxmox__all | selectattr('entry__type', 'eq', 'user_group') }}" when: - - proxmox__role_enabled - - __proxmox__cluster.manage_groups | default(false) | bool - - __proxmox__cluster.groups | default([]) | length > 0 + - proxmox__manage_user_groups + - proxmox_datacenter_user_groups | length > 0 -- name: Include Proxmox datacenter user tasks +- name: Include Proxmox Datacenter Users Task ansible.builtin.include_tasks: - file: datacenter/user.yml - loop: "{{ __proxmox__cluster.users }}" - loop_control: - loop_var: proxmox__dc_user - index_var: proxmox__dc_user_index + file: datacenter/users.yml + vars: + proxmox_datacenter_users: "{{ proxmox__all | selectattr('entry__type', 'eq', 'user') }}" when: - - proxmox__role_enabled - - __proxmox__cluster.manage_users | default(false) | bool - - __proxmox__cluster.users | default([]) | length > 0 + - proxmox__manage_users + - proxmox_datacenter_users | length > 0 -- name: Include Proxmox datacenter ACL tasks +- name: Include Proxmox Datacenter ACLs Task ansible.builtin.include_tasks: - file: datacenter/acl.yml - loop: "{{ __proxmox__cluster.acls }}" - loop_control: - loop_var: proxmox__dc_acl - index_var: proxmox__dc_acl_index + file: datacenter/acls.yml + vars: + proxmox_datacenter_acls: "{{ proxmox__all | selectattr('entry__type', 'eq', 'acl') }}" when: - - proxmox__role_enabled - - __proxmox__cluster.manage_acls | default(false) | bool - - __proxmox__cluster.acls | default([]) | length > 0 \ No newline at end of file + - proxmox__manage_acls + - proxmox_datacenter_acls | length > 0 \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter/acl.yml b/roles/proxmox/tasks/datacenter/acl.yml deleted file mode 100644 index b790832..0000000 --- a/roles/proxmox/tasks/datacenter/acl.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: Deploy Proxmox datacenter ACL - aybarsm.linux.proxmox_acl: - path: "{{ proxmox__dc_acl.path }}" - roles: "{{ proxmox__dc_acl.roles }}" - state: "{{ proxmox__dc_acl.state | default('present') }}" - groups: "{{ proxmox__dc_acl.groups | default([]) }}" - users: "{{ proxmox__dc_acl.users | default([]) }}" - register: proxmox__deploy_dc_acl \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter/acls.yml b/roles/proxmox/tasks/datacenter/acls.yml new file mode 100644 index 0000000..5215794 --- /dev/null +++ b/roles/proxmox/tasks/datacenter/acls.yml @@ -0,0 +1,10 @@ +--- +- name: Manage Proxmox Datacenter ACLs + aybarsm.linux.proxmox_acl: + path: "{{ item.path }}" + roles: "{{ item.roles }}" + state: "{{ item.state | default('present') }}" + groups: "{{ item.groups | default([]) }}" + users: "{{ item.users | default([]) }}" + loop: "{{ proxmox_datacenter_acls }}" + register: proxmox__apply_datacenter_acls \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter/group.yml b/roles/proxmox/tasks/datacenter/group.yml deleted file mode 100644 index 01ab454..0000000 --- a/roles/proxmox/tasks/datacenter/group.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Deploy Proxmox datacenter user group - aybarsm.linux.proxmox_group: - name: "{{ proxmox__dc_group.name }}" - state: "{{ proxmox__dc_group.state | default('present') }}" - comment: "{{ proxmox__dc_group.comment | default(omit) }}" - register: proxmox__deploy_dc_group \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter/pool.yml b/roles/proxmox/tasks/datacenter/pool.yml deleted file mode 100644 index 67880ae..0000000 --- a/roles/proxmox/tasks/datacenter/pool.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Deploy Proxmox datacenter pool - aybarsm.linux.proxmox_pool: - name: "{{ proxmox__dc_pool.name }}" - state: "{{ proxmox__dc_pool.state | default('present') }}" - comment: "{{ proxmox__dc_pool.comment | default(omit) }}" - register: proxmox__deploy_dc_pool \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter/pools.yml b/roles/proxmox/tasks/datacenter/pools.yml new file mode 100644 index 0000000..e60e31b --- /dev/null +++ b/roles/proxmox/tasks/datacenter/pools.yml @@ -0,0 +1,8 @@ +--- +- name: Manage Proxmox Datacenter Pools + aybarsm.linux.proxmox_pool: + name: "{{ item.name }}" + state: "{{ item.state | default('present') }}" + comment: "{{ item.comment | default(omit) }}" + loop: "{{ proxmox_datacenter_pools }}" + register: proxmox__apply_datacenter_pools \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter/role.yml b/roles/proxmox/tasks/datacenter/role.yml deleted file mode 100644 index 7c064fd..0000000 --- a/roles/proxmox/tasks/datacenter/role.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Deploy Proxmox datacenter role - aybarsm.linux.proxmox_role: - name: "{{ proxmox__dc_role.name }}" - privileges: "{{ proxmox__dc_role.privileges }}" - state: "{{ proxmox__dc_role.state | default('present') }}" - register: proxmox__deploy_dc_role \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter/roles.yml b/roles/proxmox/tasks/datacenter/roles.yml new file mode 100644 index 0000000..99256d3 --- /dev/null +++ b/roles/proxmox/tasks/datacenter/roles.yml @@ -0,0 +1,8 @@ +--- +- name: Manage Proxmox Datacenter Roles + aybarsm.linux.proxmox_role: + name: "{{ item.name }}" + privileges: "{{ item.privileges }}" + state: "{{ item.state | default('present') }}" + loop: "{{ proxmox_datacenter_roles }}" + register: proxmox__apply_datacenter_roles \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter/user.yml b/roles/proxmox/tasks/datacenter/user.yml deleted file mode 100644 index 2c235c0..0000000 --- a/roles/proxmox/tasks/datacenter/user.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- name: Deploy Proxmox datacenter user - aybarsm.linux.proxmox_user: - name: "{{ proxmox__dc_user.name }}" - state: "{{ proxmox__dc_user.state | default('present') }}" - enable: "{{ proxmox__dc_user.enable | default(omit) }}" - groups: "{{ proxmox__dc_user.groups | default([]) }}" - comment: "{{ proxmox__dc_user.comment | default(omit) }}" - email: "{{ proxmox__dc_user.email | default(omit) }}" - firstname: "{{ proxmox__dc_user.firstname | default(omit) }}" - lastname: "{{ proxmox__dc_user.lastname | default(omit) }}" - password: "{{ proxmox__dc_user.password | default(omit) }}" - expire: "{{ proxmox__dc_user.expire | default(omit) }}" - register: proxmox__deploy_dc_user \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter/user_groups.yml b/roles/proxmox/tasks/datacenter/user_groups.yml new file mode 100644 index 0000000..49976a1 --- /dev/null +++ b/roles/proxmox/tasks/datacenter/user_groups.yml @@ -0,0 +1,8 @@ +--- +- name: Manage Proxmox Datacenter User Groups + aybarsm.linux.proxmox_group: + name: "{{ item.name }}" + state: "{{ item.state | default('present') }}" + comment: "{{ item.comment | default(omit) }}" + loop: "{{ proxmox_datacenter_user_groups }}" + register: proxmox__apply_datacenter_user_groups \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter/users.yml b/roles/proxmox/tasks/datacenter/users.yml new file mode 100644 index 0000000..a462a43 --- /dev/null +++ b/roles/proxmox/tasks/datacenter/users.yml @@ -0,0 +1,15 @@ +--- +- name: Manage Proxmox Datacenter Users + aybarsm.linux.proxmox_user: + name: "{{ item.name }}" + state: "{{ item.state | default('present') }}" + enable: "{{ item.enable | default(omit) }}" + groups: "{{ item.groups | default([]) }}" + comment: "{{ item.comment | default(omit) }}" + email: "{{ item.email | default(omit) }}" + firstname: "{{ item.firstname | default(omit) }}" + lastname: "{{ item.lastname | default(omit) }}" + password: "{{ item.password | default(omit) }}" + expire: "{{ item.expire | default(omit) }}" + loop: "{{ proxmox_datacenter_users }}" + register: proxmox__apply_datacenter_users \ No newline at end of file diff --git a/roles/proxmox/tasks/freenas.yml b/roles/proxmox/tasks/freenas.yml new file mode 100644 index 0000000..5c9e285 --- /dev/null +++ b/roles/proxmox/tasks/freenas.yml @@ -0,0 +1,80 @@ +--- +- name: Apply Proxmox Freenas Changes + block: + - name: Set Facts for Proxmox Freenas + ansible.builtin.set_fact: + freenas_remote_src: "{{ proxmox__purposes.freenas.params.remote_src | default(true) }}" + freenas_delegate: "{{ inventory_hostname if freenas_remote_src else 'localhost' }}" + register: proxmox__freenas__set_fact + + - name: Create Temp Directory for Git Repo + ansible.builtin.tempfile: + state: directory + register: proxmox__freenas__temp_dir + delegate_to: "{{ freenas_delegate }}" + + - name: Debug + ansible.builtin.debug: + msg: + proxmox__freenas__temp_dir: "{{ proxmox__freenas__temp_dir }}" + delegate_to: localhost + + - name: Include Git Task to Clone Freenas Repo + ansible.builtin.import_role: + name: aybarsm.helper.misc + tasks_from: git.yml + vars: + misc__git: + repo: https://github.com/TheGrandWazoo/freenas-proxmox + clone: true + dest: proxmox__freenas__temp_dir.path + register: proxmox__freenas__git + delegate_to: "{{ freenas_delegate }}" + when: proxmox__freenas__temp_dir.path is defined + + - name: Include File Mgr Role to Apply Changes + ansible.builtin.import_role: + name: aybarsm.helper.misc + tasks_from: git.yml + vars: + file_mgr__role_enabled: true + file_mgr__use_only: ['host'] + file_mgr__host: + - entry__type: patch + src: "{{ proxmox__freenas__temp_dir.path }}/pve-manager/js/pvemanagerlib.js.patch" + dest: /usr/share/pve-manager/js/pvemanagerlib.js + remote_src: "{{ freenas_remote_src }}" + entry__handlers: restart_pve_services + - entry__type: patch + src: "{{ proxmox__freenas__temp_dir.path }}/pve-manager/js/pvemanagerlib.js.patch" + dest: /usr/share/pve-manager/js/pvemanagerlib.js + remote_src: "{{ freenas_remote_src }}" + entry__handlers: restart_pve_services + - entry__type: patch + src: "{{ proxmox__freenas__temp_dir.path }}/pve-manager/js/pvemanagerlib.js.patch" + dest: /usr/share/pve-manager/js/pvemanagerlib.js + remote_src: "{{ freenas_remote_src }}" + entry__handlers: restart_pve_services + - entry__type: patch + src: "{{ proxmox__freenas__temp_dir.path }}/pve-manager/js/pvemanagerlib.js.patch" + dest: /usr/share/pve-manager/js/pvemanagerlib.js + remote_src: "{{ freenas_remote_src }}" + entry__handlers: restart_pve_services + - entry__type: copy + src: "{{ proxmox__freenas__temp_dir.path }}/perl5/PVE/Storage/LunCmd/FreeNAS.pm" + dest: /usr/share/perl5/PVE/Storage/LunCmd/FreeNAS.pm + entry__handlers: restart_pve_services + - entry__type: handlers + name: restart_pve_services + condition: any + handlers: "{{ {'name': ['pvedaemon', 'pveproxy', 'pvestatd', 'pve-ha-lrm', 'pve-ha-crm']} | + aybarsm.helper.to_list_of_dicts({'entry__type': 'service', 'state': 'restarted'}) }}" + register: proxmox__freenas__patch + delegate_to: "{{ inventory_hostname if proxmox__purposes.freenas.params.remote_src | default(true) else 'localhost' }}" + when: proxmox__freenas__temp_dir.path is defined + + always: + - name: Remove Temp Directory + ansible.builtin.file: + + diff --git a/roles/proxmox/tasks/main.yml b/roles/proxmox/tasks/main.yml index f664c59..fedf0e1 100644 --- a/roles/proxmox/tasks/main.yml +++ b/roles/proxmox/tasks/main.yml @@ -1,122 +1,32 @@ --- -# - name: Import aybarsm.linux.network role for Hosts -# ansible.builtin.import_role: -# name: aybarsm.linux.network -# tasks_from: hosts.yml -# vars: -# network__use_only: ['host'] -# network__host: "{{ { -# 'ip': (__proxmox__cluster.members | map(attribute='links') | map('first')), -# 'hostname': (__proxmox__cluster.members | map(attribute='hostname')), -# 'fqdn': (__proxmox__cluster.members | map(attribute='fqdn'))} | -# aybarsm.helper.to_list_of_dicts({'entry__type': 'host'}) }}" -# when: -# - proxmox__role_enabled | default(false) | bool -# - __proxmox__cluster.members is defined +- name: Include Package Manager Tasks + ansible.builtin.include_tasks: + name: package_manager.yml + when: + - proxmox__role_enabled + - __proxmox__pkg_mgr | length > 0 -# - name: Debug -# ansible.builtin.debug: -# msg: -# auth__host: "{{ auth__host }}" -# vars: -# auth__host: -# - entry__type: user -# name: root -# generate_ssh_key: true -# ssh_key_comment: "root@{{ proxmox__hostname }}" -# distribute_ssh_key: "{{ __proxmox__cluster.members | map(attribute='host') }}" -# delegate_to: localhost - -# - name: Include Proxmox authorized keys config tasks -# ansible.builtin.include_tasks: -# file: auth_key_config.yml -# when: -# - proxmox__role_enabled | default(false) | bool - -# - name: Import aybarsm.linux.auth role -# ansible.builtin.import_role: -# name: aybarsm.linux.auth -# vars: -# cluster_nodes: "{{ __proxmox__cluster.members | rejectattr('host', 'eq', inventory_hostname) }}" -# auth__role_enabled: true -# auth__manage_users: true -# auth__manage_authorized_keys: true -# auth__manage_sshd_config: true -# auth__manage_ssh_config: true -# auth__use_only: ['host'] -# auth__ssh_config_file: /root/.ssh/config -# auth__ssh_config_file_module: -# mode: '0600' -# owner: root -# group: root -# auth__ssh_changes_strategy: -# module: systemd_service -# immediate: false -# smart: true -# name: ssh.service -# enabled: true -# state: restarted -# auth__host: -# - entry__type: user -# entry__distribute_ssh_key: "{{ __proxmox__cluster.members | map(attribute='host') }}" -# name: root -# generate_ssh_key: true -# ssh_key_comment: "root@{{ proxmox__hostname }}" -# password: '$6$baqOo8I.hGLL0CIu$QlzIE8GhBpKBSY6sUUV9MROJyxtbwg2CPN86VZPv6jx23.vqwiL4/pAYQWaoeUia5NSTDVojtzlqsNTZBibGy/' -# shell: /bin/bash -# password_lock: false -# - entry__type: sshd_config -# name: PasswordAuthentication -# value: 'no' -# - entry__type: sshd_config -# name: PermitRootLogin -# value: 'no' -# - entry__type: sshd_config -# name: UseDNS -# value: 'no' -# - entry__type: sshd_config -# name: 'Match Address' -# value: "{{ cluster_nodes | map(attribute='links') | map('join', ',') | join(',') }}" -# children: -# - name: PermitRootLogin -# value: prohibit-password -# - entry__type: ssh_config -# name: Ciphers -# value: 'aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com' -# - entry__type: ssh_config -# name: Host -# value: "{{ cluster_nodes | aybarsm.helper.only_with(['hostname', 'fqdn', 'links']) | map('dict2items') | flatten | map(attribute='value') | flatten | join(' ') }}" -# children: -# - name: IdentityFile -# value: /root/.ssh/id_rsa -# - name: Port -# value: "{{ proxmox__ssh_port | default(22) }}" -# when: -# - proxmox__role_enabled | default(false) | bool -# - __proxmox__cluster.members is defined - -#FIXME: ONE TIME ONLY BEFORE CLUSTER!!! -# - name: Include Proxmox SSL Config tasks -# ansible.builtin.include_tasks: -# file: ssl_config.yml -# when: -# - proxmox__role_enabled | default(false) | bool -# - (proxmox__ssl_certificate | default(undef(), true)) is defined or (proxmox__ssl_key | default(undef(), true)) is defined - -# - name: Include Proxmox datacenter tasks +# - name: Include Datacenter Tasks # ansible.builtin.include_tasks: # file: datacenter.yml # when: # - proxmox__role_enabled -# - __proxmox__cluster.init | default('', true) == inventory_hostname -# - name: Include Proxmox QEMU tasks -# ansible.builtin.include_tasks: -# file: qemu.yml -# loop: "{{ proxmox__all | selectattr('entry__type', 'match', '^qemu_(vm|disk|nic)$') }}" -# loop_control: -# loop_var: proxmox__qemu_item -# index_var: proxmox__qemu_item_index +# - name: Remove subscription check wrapper function in web UI +# become: true +# ansible.builtin.lineinfile: +# path: /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js +# line: ' orig_cmd(); return;' +# insertafter: '^\s+checked_command: function\(orig_cmd\) {$' +# firstmatch: true +# backup: true # when: -# - proxmox__role_enabled | default(false) | bool -# - proxmox__all | selectattr('entry__type', 'match', '^qemu_(vm|disk|nic)$') | default([]) | length > 0 \ No newline at end of file +# - proxmox__role_enabled +# - proxmox__remove_subscription_warning | bool + +- name: Include Truenas Tasks + ansible.builtin.include_tasks: + file: "{{ proxmox__purposes.truenas.params.task_file }}" + when: + - proxmox__role_enabled + - proxmox__use_truenas \ No newline at end of file diff --git a/roles/proxmox/tasks/package_manager.yml b/roles/proxmox/tasks/package_manager.yml new file mode 100644 index 0000000..180cc95 --- /dev/null +++ b/roles/proxmox/tasks/package_manager.yml @@ -0,0 +1,15 @@ +- name: Include Package Manager + ansible.builtin.include_role: + name: aybarsm.linux.pkg_mgr + vars: + pkg_mgr__role_enabled: true + pkg_mgr__manage_repo_keys: true + pkg_mgr__manage_repos: true + pkg_mgr__manage_packages: true + pkg_mgr__package_module: specific + pkg_mgr__upgrade_strategy: never + pkg_mgr__use_only: ['host'] + pkg_mgr__default: [] + pkg_mgr__group: [] + pkg_mgr__host: "{{ __proxmox__pkg_mgr }}" + register: proxmox__pkg_mgr \ No newline at end of file diff --git a/roles/proxmox/vars/main.yml b/roles/proxmox/vars/main.yml index a56ffd3..fce21ce 100644 --- a/roles/proxmox/vars/main.yml +++ b/roles/proxmox/vars/main.yml @@ -1,4 +1,4 @@ -proxmox__all: "{{ {'host': proxmox__host, 'group': proxmox__group, 'default': proxmox__default} | aybarsm.helper.role_vars(only=proxmox__use_only) }}" +proxmox__all: "{{ {'host': proxmox__host, 'group': proxmox__group, 'default': proxmox__default} | aybarsm.helper.role_items(only=proxmox__use_only) }}" __proxmox__cluster_members_query: '*.{ host: inventory_hostname, @@ -20,4 +20,45 @@ __proxmox__module_vars: api_port: "{{ __proxmox__cluster.api.port | default(omit, true) }}" api_token_id: "{{ __proxmox__cluster.api.token.id | default(omit, true) }}" api_token_secret: "{{ __proxmox__cluster.api.token.secret | default(omit, true) }}" - validate_certs: "{{ __proxmox__cluster.validate_certs | default(omit, true) }}" \ No newline at end of file + validate_certs: "{{ __proxmox__cluster.validate_certs | default(omit, true) }}" + +__proxmox__pkg_mgr: >- + {%- set repo_keys = [proxmox__repos['keys'][ansible_distribution_release] | combine({'entry__type': 'repo_key', 'state': 'present'})] if proxmox__manage_repo_keys else [] -%} + {%- set repos = [] -%} + {%- set packages = [] -%} + {%- set purposes = proxmox__all | selectattr('entry__type', 'eq', 'purpose') -%} + {%- if (proxmox__manage_repos or proxmox__manage_packages) and purposes | length > 0 -%} + {%- for pName, purpose in proxmox__purposes.items() -%} + {%- set node = purposes | selectattr('name', 'in', [pName, pName | replace('_', '-')]) | default([{}]) | first -%} + {%- if proxmox__manage_repos -%} + {%- for tName, type in proxmox__repos.types.items() -%} + {%- if purpose.repo is defined -%} + {%- set replacements = { + 'PURPOSE_NAME': (pName | replace('_', '-')), + 'REPO_URL' : type.url, + 'REPO_TYPE': (tName | replace('_', '-')), + 'RELEASE': ansible_distribution_release + } -%} + {%- set repos = repos.append({ + 'entry__type': 'repo', + 'repo': ('deb <>/<> <> ' + purpose.repo.suffix) | aybarsm.helper.replacer(replacements), + 'filename': purpose.repo.file | aybarsm.helper.replacer(replacements), + 'state': 'present' if node.repo is defined and node.repo in [tName, tName | replace('_', '-')] else 'absent', + 'update_cache': false + }) -%} + {%- endif -%} + {%- endfor -%} + {%- endif -%} + {%- if proxmox__manage_packages and purpose.packages | default([]) | length > 0 and node.name is defined and node.name in [pName, pName | replace('_', '-')] -%} + {%- for pkg in purpose.packages -%} + {%- set packages = packages.append({ + 'entry__type': 'package', + 'name': pkg, + 'state': 'present', + 'update_cache': true + }) -%} + {%- endfor -%} + {%- endif -%} + {%- endfor -%} + {%- endif -%} + {{ repo_keys + (repos | aybarsm.helper.combine_last({'update_cache': true})) + packages }} \ No newline at end of file