Prep role proxmox

roles/package_manager/defaults/main.yml

@@ -3,9 +3,9 @@ linux_role_package_manager_enabled: false
 
 # Change the package manager strategy to use for the system i.e. ansible.builtin.apt vs ansible.builtin.package
 # Available options: specific, common
-linux_package_manager_strategy: specific
+linux_package_manager_package_strategy: specific
 
 linux_package_manager_default: []
 linux_package_manager_group: []
 linux_package_manager_host: []
-linux_package_manager_all: "{{ (linux_package_manager_default + linux_package_manager_group + linux_package_manager_host) | selectattr('type', 'defined') }}"
+linux_package_manager_all: "{{ linux_package_manager_default + linux_package_manager_group + linux_package_manager_host }}"

roles/package_manager/tasks/deb.yml

@@ -0,0 +1,34 @@
+---
+- name: Manage DEB repositories via APT
+  become: true
+  ansible.builtin.apt_repository:
+    repo: "{{ item.repo }}"
+    state: "{{ item.state | default(omit) }}"
+    codename: "{{ item.codename | default(omit) }}"
+    filename: "{{ item.filename | default(omit) }}"
+    install_python_apt: "{{ item.install_python_apt | default(omit) | bool }}"
+    mode: "{{ item.mode | default(omit) }}"
+    update_cache: "{{ item.update_cache | default(omit) | bool }}"
+    update_cache_retries: "{{ item.update_cache_retries | default(omit) }}"
+    update_cache_retry_max_delay: "{{ item.update_cache_retry_max_delay | default(omit) }}"
+    validate_certs: "{{ item.validate_certs | default(omit) | bool }}"
+  loop: "{{ linux_package_manager_repos_all }}"
+  register: linux_package_manager_deb_repos_apply
+  when:
+    - linux_package_manager_repos_all | type_debug == 'list'
+    - linux_package_manager_repos_all | length > 0
+
+- name: Manage DEB repository keys via APT
+  become: true
+  ansible.builtin.apt_key:
+    state: "{{ item.state | default(omit) }}"
+    data: "{{ item.data | default(omit) }}"
+    file: "{{ item.file | default(omit) }}"
+    keyring: "{{ item.keyring | default(omit) }}"
+    url: "{{ item.url | default(omit) }}"
+    validate_certs: "{{ item.validate_certs | default(omit) | bool }}"
+  loop: "{{ linux_package_manager_repo_keys_all }}"
+  register: linux_package_manager_deb_repo_keys_apply
+  when:
+    - linux_package_manager_repo_keys_all | type_debug == 'list'
+    - linux_package_manager_repo_keys_all | length > 0

roles/package_manager/tasks/apt.yml → roles/package_manager/tasks/deb_packages.yml

@@ -1,5 +1,5 @@
 ---
-- name: Manage APT packages
+- name: Manage DEB packages via APT
   become: true
   ansible.builtin.apt:
     name: "{{ package_name }}"
@@ -29,41 +29,7 @@
   vars:
     package_name: "{{ item.name + '=' + item.version if 'version' in item else item.name }}"
   loop: "{{ linux_package_manager_packages_all }}"
-  register: linux_package_manager_apt_packages_apply
+  register: linux_package_manager_deb_packages_apply
   when:
     - linux_package_manager_packages_all | type_debug == 'list'
     - linux_package_manager_packages_all | length > 0
-
-- name: Manage APT repositories
-  become: true
-  ansible.builtin.apt_repository:
-    repo: "{{ item.repo }}"
-    state: "{{ item.state | default(omit) }}"
-    codename: "{{ item.codename | default(omit) }}"
-    filename: "{{ item.filename | default(omit) }}"
-    install_python_apt: "{{ item.install_python_apt | default(omit) | bool }}"
-    mode: "{{ item.mode | default(omit) }}"
-    update_cache: "{{ item.update_cache | default(omit) | bool }}"
-    update_cache_retries: "{{ item.update_cache_retries | default(omit) }}"
-    update_cache_retry_max_delay: "{{ item.update_cache_retry_max_delay | default(omit) }}"
-    validate_certs: "{{ item.validate_certs | default(omit) | bool }}"
-  loop: "{{ linux_package_manager_repos_all }}"
-  register: linux_package_manager_apt_repos_apply
-  when:
-    - linux_package_manager_repos_all | type_debug == 'list'
-    - linux_package_manager_repos_all | length > 0
-
-- name: Manage APT keys
-  become: true
-  ansible.builtin.apt_key:
-    state: "{{ item.state | default(omit) }}"
-    data: "{{ item.data | default(omit) }}"
-    file: "{{ item.file | default(omit) }}"
-    keyring: "{{ item.keyring | default(omit) }}"
-    url: "{{ item.url | default(omit) }}"
-    validate_certs: "{{ item.validate_certs | default(omit) | bool }}"
-  loop: "{{ linux_package_manager_repo_keys_all }}"
-  register: linux_package_manager_apt_repo_keys_apply
-  when:
-    - linux_package_manager_repo_keys_all | type_debug == 'list'
-    - linux_package_manager_repo_keys_all | length > 0

roles/package_manager/tasks/main.yml

@@ -1,21 +1,28 @@
 ---
 - name: Load OS related variables
-  ansible.builtin.include_vars: "{{ ansible_facts['os_family'] | lower }}.yml"
+  ansible.builtin.include_vars: "{{ ansible_os_family | lower }}.yml"
 
 - name: Load common variables structured on OS related variables
   ansible.builtin.include_vars: common.yml
 
-- name: Import APT package manager tasks
+- name: Import DEB repository and repository key tasks (APT)
   ansible.builtin.import_tasks:
-    file: apt.yml
+    file: deb.yml
   when:
-    - linux_role_repos_enabled | default(false) | bool
-    - linux_package_manager_strategy | default('specific') == 'specific'
-    - ansible_pkg_mgr | lower == 'apt'
+    - linux_role_package_manager_enabled | default(false) | bool
+    - ansible_os_family | lower == 'debian'
+
+- name: Import DEB package tasks (APT)
+  ansible.builtin.import_tasks:
+    file: deb_packages.yml
+  when:
+    - linux_role_package_manager_enabled | default(false) | bool
+    - linux_package_manager_package_strategy | lower == 'specific'
+    - ansible_os_family | lower == 'debian'
 
 - name: Import common package manager tasks
   ansible.builtin.import_tasks:
     file: common.yml
   when:
-    - linux_role_repos_enabled | default(false) | bool
-    - linux_package_manager_strategy | default('specific') == 'common'
+    - linux_role_package_manager_enabled | default(false) | bool
+    - linux_package_manager_package_strategy | lower == 'common'

roles/package_manager/tasks/rpm_packages.yml

@@ -0,0 +1,43 @@
+---
+- name: Manage RPM packages via DNF
+  become: true
+  ansible.builtin.dnf:
+    name: "{{ package_name }}"
+    allow_downgrade: "{{ item.allow_downgrade | default(omit) | bool }}"
+    allowerasing: "{{ item.allowerasing | default(omit) | bool }}"
+    autoremove: "{{ item.autoremove | default(omit) | bool }}"
+    best: "{{ item.best | default(omit) | bool }}"
+    bugfix: "{{ item.bugfix | default(omit) | bool }}"
+    cacheonly: "{{ item.cacheonly | default(omit) | bool }}"
+    conf_file: "{{ item.conf_file | default(omit) }}"
+    disable_excludes: "{{ item.disable_excludes | default(omit) }}"
+    disable_gpg_check: "{{ item.disable_gpg_check | default(omit) | bool }}"
+    disable_plugin: "{{ item.disable_plugin | default(omit) }}"
+    disablerepo: "{{ item.disablerepo | default(omit) }}"
+    download_dir: "{{ item.download_dir | default(omit) }}"
+    download_only: "{{ item.download_only | default(omit) | bool }}"
+    enable_plugin: "{{ item.enable_plugin | default(omit) }}"
+    enablerepo: "{{ item.enablerepo | default(omit) }}"
+    exclude: "{{ item.exclude | default(omit) }}"
+    install_repoquery: "{{ item.install_repoquery | default(omit) | bool }}"
+    install_weak_deps: "{{ item.install_weak_deps | default(omit) | bool }}"
+    installroot: "{{ item.installroot | default(omit) }}"
+    list: "{{ item.list | default(omit) }}"
+    lock_timeout: "{{ item.lock_timeout | default(omit) }}"
+    nobest: "{{ item.nobest | default(omit) | bool }}"
+    releasever: "{{ item.releasever | default(omit) }}"
+    security: "{{ item.security | default(omit) | bool }}"
+    skip_broken: "{{ item.skip_broken | default(omit) | bool }}"
+    sslverify: "{{ item.sslverify | default(omit) | bool }}"
+    state: "{{ item.state | default(omit) }}"
+    update_cache: "{{ item.update_cache | default(omit) | bool }}"
+    update_only: "{{ item.update_only | default(omit) | bool }}"
+    use_backend: "{{ item.use_backend | default(omit) }}"
+    validate_certs: "{{ item.validate_certs | default(omit) | bool }}"
+  vars:
+    package_name: "{{ item.name + '=' + item.version if 'version' in item else item.name }}"
+  loop: "{{ linux_package_manager_packages_all }}"
+  register: linux_package_manager_rpm_packages_apply
+  when:
+    - linux_package_manager_packages_all | type_debug == 'list'
+    - linux_package_manager_packages_all | length > 0

roles/package_manager/vars/common.yml

@@ -1,11 +1,16 @@
-linux_package_manager_packages_all: "{{ linux_package_manager_all | selectattr('type', 'equalto', 'package') |
-  aybarsm.helper.selectattr_defined(attributes=__linux_package_manager_uniques_package, logic='or') |
-  aybarsm.helper.unique_recursive(attributes=__linux_package_manager_uniques_package) | default([]) }}"
+linux_package_manager_packages_all: "{{ linux_package_manager_all |
+  aybarsm.helper.selectattr(__linux_package_manager_package_config.selectattr) |
+  aybarsm.helper.setattr(__linux_package_manager_package_config.setattr) |
+  aybarsm.helper.splitattr(__linux_package_manager_package_config.splitattr) |
+  aybarsm.helper.unique_recursive(__linux_package_manager_package_config.uniques) |
+  aybarsm.helper.joinattr(__linux_package_manager_package_config.joinattr) | default([]) }}"
 
-linux_package_manager_repos_all: "{{ linux_package_manager_all | selectattr('type', 'equalto', 'repo') |
-  aybarsm.helper.selectattr_defined(attributes=__linux_package_manager_uniques_repo, logic='or') |
-  aybarsm.helper.unique_recursive(attributes=__linux_package_manager_uniques_repo) | default([]) }}"
+linux_package_manager_repos_all: "{{ linux_package_manager_all |
+  aybarsm.helper.selectattr(__linux_package_manager_repo_config.selectattr) |
+  aybarsm.helper.unique_recursive(__linux_package_manager_repo_config.uniques) |
+  aybarsm.helper.setattr(__linux_package_manager_repo_config.setattr) | default([]) }}"
 
-linux_package_manager_repo_keys_all: "{{ linux_package_manager_all | selectattr('type', 'equalto', 'repo_key') |
-  aybarsm.helper.selectattr_defined(attributes=__linux_package_manager_uniques_repo_key, logic='or') |
-  aybarsm.helper.unique_recursive(attributes=__linux_package_manager_uniques_repo_key) | default([]) }}"
+linux_package_manager_repo_keys_all: "{{ linux_package_manager_all |
+  aybarsm.helper.selectattr(__linux_package_manager_repo_key_config.selectattr) |
+  aybarsm.helper.unique_recursive(__linux_package_manager_repo_key_config.uniques) |
+  aybarsm.helper.setattr(__linux_package_manager_repo_key_config.setattr) | default([]) }}"

roles/package_manager/vars/debian.yml

@@ -1,3 +1,71 @@
-__linux_package_manager_uniques_package: ['name']
+__linux_package_manager_uniques_package: ['name', 'package', 'pkg']
 __linux_package_manager_uniques_repo: ['repo']
-__linux_package_manager_uniques_repo_key: ['keyserver', 'url', 'id', 'data', 'file']
+__linux_package_manager_uniques_repo_key: ['keyserver', 'url', 'id', 'data', 'file']
+
+__linux_package_manager_package_config:
+  uniques: "{{ __linux_package_manager_uniques_package }}"
+  selectattr:
+    - when:
+        - ['type', 'defined']
+        - ['type', 'equalto', 'package']
+    - when: "{{ __linux_package_manager_uniques_package | product(['defined']) | list }}"
+      logic: or
+  setattr:
+    - attribute: name
+      value: package
+      mode: copy_delete
+      when:
+        - ['name', 'undefined']
+        - ['package', 'defined']
+      logic: and
+    - attribute: name
+      value: pkg
+      mode: copy_delete
+      when:
+        - ['name', 'undefined']
+        - ['pkg', 'defined']
+    - attribute: state
+      value: absent
+      else: present
+      overwrite: true
+      when:
+        - ['autoremove', 'defined']
+        - ['autoremove', 'true']
+      logic: and
+  splitattr:
+    - srcAttr: name
+      dstAttr: version
+      search: '='
+      overwrite: true
+  joinattr:
+    - leftAttr: name
+      rightAttr: version
+      join: '='
+      overwrite: true
+      deleteSrcAttrs: true
+
+__linux_package_manager_repo_config:
+  uniques: "{{ __linux_package_manager_uniques_repo }}"
+  selectattr:
+    - when:
+      - ['type', 'defined']
+      - ['type', 'equalto', 'repo']
+    - when: "{{ __linux_package_manager_uniques_repo | product(['defined']) }}"
+      logic: or
+  setattr:
+    - attribute: state
+      value: present
+      overwrite: false
+
+__linux_package_manager_repo_key_config:
+  uniques: "{{ __linux_package_manager_uniques_repo_key }}"
+  selectattr:
+    - when:
+      - ['type', 'defined']
+      - ['type', 'equalto', 'repo_key']
+    - when: "{{ __linux_package_manager_uniques_repo_key | product(['defined']) }}"
+      logic: or
+  setattr:
+    - attribute: state
+      value: present
+      overwrite: false

roles/package_manager/vars/redhat.yml

@@ -0,0 +1,8 @@
+__linux_package_manager_package_state_config:
+  - attribute: state
+    value: absent
+    else: present
+    when:
+      - ['autoremove', 'defined']
+      - ['autoremove', 'true']
+    logic: and

roles/proxmox/defaults/main.yml

@@ -0,0 +1,7 @@
+linux_role_proxmox_enabled: false
+
+linux_proxmox_default: []
+linux_proxmox_group: []
+linux_proxmox_host: []
+
+linux_proxmox_all: "{{ linux_proxmox_default + linux_proxmox_group + linux_proxmox_host }}"

roles/proxmox/vars/main.yml

@@ -0,0 +1,55 @@
+linux_proxmox_repo_url_enterprise: https://enterprise.proxmox.com/debian
+linux_proxmox_repo_url_no_subscription: http://download.proxmox.com/debian
+
+linux_proxmox_role_repos:
+  pve_enterprise:
+    repo: "deb {{ linux_proxmox_repo_url_enterprise }}/pve {{ ansible_distribution_release }} pve-enterprise"
+    filename: pve-enterprise
+  pve_no_subscription:
+    repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/pve {{ ansible_distribution_release }} pve-no-subscription"
+    filename: pve-no-subscription
+  pbs_enterprise:
+    repo: "deb {{ linux_proxmox_repo_url_enterprise }}/pbs {{ ansible_distribution_release }} pbs-enterprise"
+    filename: pbs-enterprise
+  pbs_no_subscription:
+    repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/pbs {{ ansible_distribution_release }} pbs-no-subscription"
+    filename: pbs-no-subscription
+  pmg_enterprise:
+    repo: "deb {{ linux_proxmox_repo_url_enterprise }}/pmg {{ ansible_distribution_release }} pmg-enterprise"
+    filename: pmg-enterprise
+  pmg_no_subscription:
+    repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/pmg {{ ansible_distribution_release }} pmg-no-subscription"
+    filename: pmg-no-subscription
+  ceph_quincy_enterprise:
+    repo: "deb {{ linux_proxmox_repo_url_enterprise }}/ceph-quincy {{ ansible_distribution_release }} enterprise"
+    filename: ceph
+  ceph_quincy_no_subscription:
+    repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/ceph-quincy {{ ansible_distribution_release }} no-subscription"
+    filename: ceph
+  ceph_reef_enterprise:
+    repo: "deb {{ linux_proxmox_repo_url_enterprise }}/ceph-reef {{ ansible_distribution_release }} enterprise"
+    filename: ceph
+  ceph_reef_no_subscription:
+    repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/ceph-reef {{ ansible_distribution_release }} no-subscription"
+    filename: ceph
+
+# '<role_name> <repo_prefix> <filename>'
+# if <repo_prefix> is empty, there won't be any prefix at the end of the repo line
+# (i.e. /pve bookworm pve-enterprise vs /ceph-pacific bookworm enterprise)
+# if <filename> is empty, it will be the same as <repo_prefix>-<subscription_type>
+# (i.e. pve-no-subscription vs ceph)
+# linux_proxmox_role_repos:
+#   - ['pve', 'pve-']
+#   - ['pbs', 'pbs-']
+#   - ['pmg', 'pmg-']
+#   - ['ceph-reef', '', 'ceph']
+#   - ['ceph-quincy', '', 'ceph']
+#   - ['ceph-pacific', '', 'ceph']
+
+# linux_proxmox_role_repos:
+#   pve: ['pve-']
+#   pbs: ['pbs-']
+#   pmg: ['pmg-']
+#   ceph_reef: ['ceph-reef', '', 'ceph']
+#   ceph_quincy: ['ceph-quincy', '', 'ceph']
+#   ceph_pacific: ['ceph-pacific', '', 'ceph']