From 87f5b80930b6868794360365b3e69757b7fdf07b Mon Sep 17 00:00:00 2001 From: Murat Aybars <39916128+aybarsm@users.noreply.github.com> Date: Tue, 2 Jul 2024 13:14:59 +0100 Subject: [PATCH] Prep role proxmox --- roles/package_manager/defaults/main.yml | 4 +- roles/package_manager/tasks/deb.yml | 34 +++++++++ .../tasks/{apt.yml => deb_packages.yml} | 38 +--------- roles/package_manager/tasks/main.yml | 23 +++--- roles/package_manager/tasks/rpm_packages.yml | 43 +++++++++++ roles/package_manager/vars/common.yml | 23 +++--- roles/package_manager/vars/debian.yml | 72 ++++++++++++++++++- roles/package_manager/vars/redhat.yml | 8 +++ roles/proxmox/defaults/main.yml | 7 ++ roles/proxmox/vars/main.yml | 55 ++++++++++++++ 10 files changed, 250 insertions(+), 57 deletions(-) create mode 100644 roles/package_manager/tasks/deb.yml rename roles/package_manager/tasks/{apt.yml => deb_packages.yml} (54%) create mode 100644 roles/package_manager/tasks/rpm_packages.yml create mode 100644 roles/proxmox/defaults/main.yml create mode 100644 roles/proxmox/vars/main.yml diff --git a/roles/package_manager/defaults/main.yml b/roles/package_manager/defaults/main.yml index 3927fd2..8fde4c2 100644 --- a/roles/package_manager/defaults/main.yml +++ b/roles/package_manager/defaults/main.yml @@ -3,9 +3,9 @@ linux_role_package_manager_enabled: false # Change the package manager strategy to use for the system i.e. ansible.builtin.apt vs ansible.builtin.package # Available options: specific, common -linux_package_manager_strategy: specific +linux_package_manager_package_strategy: specific linux_package_manager_default: [] linux_package_manager_group: [] linux_package_manager_host: [] -linux_package_manager_all: "{{ (linux_package_manager_default + linux_package_manager_group + linux_package_manager_host) | selectattr('type', 'defined') }}" +linux_package_manager_all: "{{ linux_package_manager_default + linux_package_manager_group + linux_package_manager_host }}" diff --git a/roles/package_manager/tasks/deb.yml b/roles/package_manager/tasks/deb.yml new file mode 100644 index 0000000..5005d1c --- /dev/null +++ b/roles/package_manager/tasks/deb.yml @@ -0,0 +1,34 @@ +--- +- name: Manage DEB repositories via APT + become: true + ansible.builtin.apt_repository: + repo: "{{ item.repo }}" + state: "{{ item.state | default(omit) }}" + codename: "{{ item.codename | default(omit) }}" + filename: "{{ item.filename | default(omit) }}" + install_python_apt: "{{ item.install_python_apt | default(omit) | bool }}" + mode: "{{ item.mode | default(omit) }}" + update_cache: "{{ item.update_cache | default(omit) | bool }}" + update_cache_retries: "{{ item.update_cache_retries | default(omit) }}" + update_cache_retry_max_delay: "{{ item.update_cache_retry_max_delay | default(omit) }}" + validate_certs: "{{ item.validate_certs | default(omit) | bool }}" + loop: "{{ linux_package_manager_repos_all }}" + register: linux_package_manager_deb_repos_apply + when: + - linux_package_manager_repos_all | type_debug == 'list' + - linux_package_manager_repos_all | length > 0 + +- name: Manage DEB repository keys via APT + become: true + ansible.builtin.apt_key: + state: "{{ item.state | default(omit) }}" + data: "{{ item.data | default(omit) }}" + file: "{{ item.file | default(omit) }}" + keyring: "{{ item.keyring | default(omit) }}" + url: "{{ item.url | default(omit) }}" + validate_certs: "{{ item.validate_certs | default(omit) | bool }}" + loop: "{{ linux_package_manager_repo_keys_all }}" + register: linux_package_manager_deb_repo_keys_apply + when: + - linux_package_manager_repo_keys_all | type_debug == 'list' + - linux_package_manager_repo_keys_all | length > 0 diff --git a/roles/package_manager/tasks/apt.yml b/roles/package_manager/tasks/deb_packages.yml similarity index 54% rename from roles/package_manager/tasks/apt.yml rename to roles/package_manager/tasks/deb_packages.yml index d4cc32a..08bf927 100644 --- a/roles/package_manager/tasks/apt.yml +++ b/roles/package_manager/tasks/deb_packages.yml @@ -1,5 +1,5 @@ --- -- name: Manage APT packages +- name: Manage DEB packages via APT become: true ansible.builtin.apt: name: "{{ package_name }}" @@ -29,41 +29,7 @@ vars: package_name: "{{ item.name + '=' + item.version if 'version' in item else item.name }}" loop: "{{ linux_package_manager_packages_all }}" - register: linux_package_manager_apt_packages_apply + register: linux_package_manager_deb_packages_apply when: - linux_package_manager_packages_all | type_debug == 'list' - linux_package_manager_packages_all | length > 0 - -- name: Manage APT repositories - become: true - ansible.builtin.apt_repository: - repo: "{{ item.repo }}" - state: "{{ item.state | default(omit) }}" - codename: "{{ item.codename | default(omit) }}" - filename: "{{ item.filename | default(omit) }}" - install_python_apt: "{{ item.install_python_apt | default(omit) | bool }}" - mode: "{{ item.mode | default(omit) }}" - update_cache: "{{ item.update_cache | default(omit) | bool }}" - update_cache_retries: "{{ item.update_cache_retries | default(omit) }}" - update_cache_retry_max_delay: "{{ item.update_cache_retry_max_delay | default(omit) }}" - validate_certs: "{{ item.validate_certs | default(omit) | bool }}" - loop: "{{ linux_package_manager_repos_all }}" - register: linux_package_manager_apt_repos_apply - when: - - linux_package_manager_repos_all | type_debug == 'list' - - linux_package_manager_repos_all | length > 0 - -- name: Manage APT keys - become: true - ansible.builtin.apt_key: - state: "{{ item.state | default(omit) }}" - data: "{{ item.data | default(omit) }}" - file: "{{ item.file | default(omit) }}" - keyring: "{{ item.keyring | default(omit) }}" - url: "{{ item.url | default(omit) }}" - validate_certs: "{{ item.validate_certs | default(omit) | bool }}" - loop: "{{ linux_package_manager_repo_keys_all }}" - register: linux_package_manager_apt_repo_keys_apply - when: - - linux_package_manager_repo_keys_all | type_debug == 'list' - - linux_package_manager_repo_keys_all | length > 0 diff --git a/roles/package_manager/tasks/main.yml b/roles/package_manager/tasks/main.yml index 0c19047..f8e7c0d 100644 --- a/roles/package_manager/tasks/main.yml +++ b/roles/package_manager/tasks/main.yml @@ -1,21 +1,28 @@ --- - name: Load OS related variables - ansible.builtin.include_vars: "{{ ansible_facts['os_family'] | lower }}.yml" + ansible.builtin.include_vars: "{{ ansible_os_family | lower }}.yml" - name: Load common variables structured on OS related variables ansible.builtin.include_vars: common.yml -- name: Import APT package manager tasks +- name: Import DEB repository and repository key tasks (APT) ansible.builtin.import_tasks: - file: apt.yml + file: deb.yml when: - - linux_role_repos_enabled | default(false) | bool - - linux_package_manager_strategy | default('specific') == 'specific' - - ansible_pkg_mgr | lower == 'apt' + - linux_role_package_manager_enabled | default(false) | bool + - ansible_os_family | lower == 'debian' + +- name: Import DEB package tasks (APT) + ansible.builtin.import_tasks: + file: deb_packages.yml + when: + - linux_role_package_manager_enabled | default(false) | bool + - linux_package_manager_package_strategy | lower == 'specific' + - ansible_os_family | lower == 'debian' - name: Import common package manager tasks ansible.builtin.import_tasks: file: common.yml when: - - linux_role_repos_enabled | default(false) | bool - - linux_package_manager_strategy | default('specific') == 'common' + - linux_role_package_manager_enabled | default(false) | bool + - linux_package_manager_package_strategy | lower == 'common' diff --git a/roles/package_manager/tasks/rpm_packages.yml b/roles/package_manager/tasks/rpm_packages.yml new file mode 100644 index 0000000..515dcfe --- /dev/null +++ b/roles/package_manager/tasks/rpm_packages.yml @@ -0,0 +1,43 @@ +--- +- name: Manage RPM packages via DNF + become: true + ansible.builtin.dnf: + name: "{{ package_name }}" + allow_downgrade: "{{ item.allow_downgrade | default(omit) | bool }}" + allowerasing: "{{ item.allowerasing | default(omit) | bool }}" + autoremove: "{{ item.autoremove | default(omit) | bool }}" + best: "{{ item.best | default(omit) | bool }}" + bugfix: "{{ item.bugfix | default(omit) | bool }}" + cacheonly: "{{ item.cacheonly | default(omit) | bool }}" + conf_file: "{{ item.conf_file | default(omit) }}" + disable_excludes: "{{ item.disable_excludes | default(omit) }}" + disable_gpg_check: "{{ item.disable_gpg_check | default(omit) | bool }}" + disable_plugin: "{{ item.disable_plugin | default(omit) }}" + disablerepo: "{{ item.disablerepo | default(omit) }}" + download_dir: "{{ item.download_dir | default(omit) }}" + download_only: "{{ item.download_only | default(omit) | bool }}" + enable_plugin: "{{ item.enable_plugin | default(omit) }}" + enablerepo: "{{ item.enablerepo | default(omit) }}" + exclude: "{{ item.exclude | default(omit) }}" + install_repoquery: "{{ item.install_repoquery | default(omit) | bool }}" + install_weak_deps: "{{ item.install_weak_deps | default(omit) | bool }}" + installroot: "{{ item.installroot | default(omit) }}" + list: "{{ item.list | default(omit) }}" + lock_timeout: "{{ item.lock_timeout | default(omit) }}" + nobest: "{{ item.nobest | default(omit) | bool }}" + releasever: "{{ item.releasever | default(omit) }}" + security: "{{ item.security | default(omit) | bool }}" + skip_broken: "{{ item.skip_broken | default(omit) | bool }}" + sslverify: "{{ item.sslverify | default(omit) | bool }}" + state: "{{ item.state | default(omit) }}" + update_cache: "{{ item.update_cache | default(omit) | bool }}" + update_only: "{{ item.update_only | default(omit) | bool }}" + use_backend: "{{ item.use_backend | default(omit) }}" + validate_certs: "{{ item.validate_certs | default(omit) | bool }}" + vars: + package_name: "{{ item.name + '=' + item.version if 'version' in item else item.name }}" + loop: "{{ linux_package_manager_packages_all }}" + register: linux_package_manager_rpm_packages_apply + when: + - linux_package_manager_packages_all | type_debug == 'list' + - linux_package_manager_packages_all | length > 0 diff --git a/roles/package_manager/vars/common.yml b/roles/package_manager/vars/common.yml index 03d2339..c71658c 100644 --- a/roles/package_manager/vars/common.yml +++ b/roles/package_manager/vars/common.yml @@ -1,11 +1,16 @@ -linux_package_manager_packages_all: "{{ linux_package_manager_all | selectattr('type', 'equalto', 'package') | - aybarsm.helper.selectattr_defined(attributes=__linux_package_manager_uniques_package, logic='or') | - aybarsm.helper.unique_recursive(attributes=__linux_package_manager_uniques_package) | default([]) }}" +linux_package_manager_packages_all: "{{ linux_package_manager_all | + aybarsm.helper.selectattr(__linux_package_manager_package_config.selectattr) | + aybarsm.helper.setattr(__linux_package_manager_package_config.setattr) | + aybarsm.helper.splitattr(__linux_package_manager_package_config.splitattr) | + aybarsm.helper.unique_recursive(__linux_package_manager_package_config.uniques) | + aybarsm.helper.joinattr(__linux_package_manager_package_config.joinattr) | default([]) }}" -linux_package_manager_repos_all: "{{ linux_package_manager_all | selectattr('type', 'equalto', 'repo') | - aybarsm.helper.selectattr_defined(attributes=__linux_package_manager_uniques_repo, logic='or') | - aybarsm.helper.unique_recursive(attributes=__linux_package_manager_uniques_repo) | default([]) }}" +linux_package_manager_repos_all: "{{ linux_package_manager_all | + aybarsm.helper.selectattr(__linux_package_manager_repo_config.selectattr) | + aybarsm.helper.unique_recursive(__linux_package_manager_repo_config.uniques) | + aybarsm.helper.setattr(__linux_package_manager_repo_config.setattr) | default([]) }}" -linux_package_manager_repo_keys_all: "{{ linux_package_manager_all | selectattr('type', 'equalto', 'repo_key') | - aybarsm.helper.selectattr_defined(attributes=__linux_package_manager_uniques_repo_key, logic='or') | - aybarsm.helper.unique_recursive(attributes=__linux_package_manager_uniques_repo_key) | default([]) }}" +linux_package_manager_repo_keys_all: "{{ linux_package_manager_all | + aybarsm.helper.selectattr(__linux_package_manager_repo_key_config.selectattr) | + aybarsm.helper.unique_recursive(__linux_package_manager_repo_key_config.uniques) | + aybarsm.helper.setattr(__linux_package_manager_repo_key_config.setattr) | default([]) }}" diff --git a/roles/package_manager/vars/debian.yml b/roles/package_manager/vars/debian.yml index 958979e..07a78f4 100644 --- a/roles/package_manager/vars/debian.yml +++ b/roles/package_manager/vars/debian.yml @@ -1,3 +1,71 @@ -__linux_package_manager_uniques_package: ['name'] +__linux_package_manager_uniques_package: ['name', 'package', 'pkg'] __linux_package_manager_uniques_repo: ['repo'] -__linux_package_manager_uniques_repo_key: ['keyserver', 'url', 'id', 'data', 'file'] \ No newline at end of file +__linux_package_manager_uniques_repo_key: ['keyserver', 'url', 'id', 'data', 'file'] + +__linux_package_manager_package_config: + uniques: "{{ __linux_package_manager_uniques_package }}" + selectattr: + - when: + - ['type', 'defined'] + - ['type', 'equalto', 'package'] + - when: "{{ __linux_package_manager_uniques_package | product(['defined']) | list }}" + logic: or + setattr: + - attribute: name + value: package + mode: copy_delete + when: + - ['name', 'undefined'] + - ['package', 'defined'] + logic: and + - attribute: name + value: pkg + mode: copy_delete + when: + - ['name', 'undefined'] + - ['pkg', 'defined'] + - attribute: state + value: absent + else: present + overwrite: true + when: + - ['autoremove', 'defined'] + - ['autoremove', 'true'] + logic: and + splitattr: + - srcAttr: name + dstAttr: version + search: '=' + overwrite: true + joinattr: + - leftAttr: name + rightAttr: version + join: '=' + overwrite: true + deleteSrcAttrs: true + +__linux_package_manager_repo_config: + uniques: "{{ __linux_package_manager_uniques_repo }}" + selectattr: + - when: + - ['type', 'defined'] + - ['type', 'equalto', 'repo'] + - when: "{{ __linux_package_manager_uniques_repo | product(['defined']) }}" + logic: or + setattr: + - attribute: state + value: present + overwrite: false + +__linux_package_manager_repo_key_config: + uniques: "{{ __linux_package_manager_uniques_repo_key }}" + selectattr: + - when: + - ['type', 'defined'] + - ['type', 'equalto', 'repo_key'] + - when: "{{ __linux_package_manager_uniques_repo_key | product(['defined']) }}" + logic: or + setattr: + - attribute: state + value: present + overwrite: false diff --git a/roles/package_manager/vars/redhat.yml b/roles/package_manager/vars/redhat.yml index e69de29..31861b4 100644 --- a/roles/package_manager/vars/redhat.yml +++ b/roles/package_manager/vars/redhat.yml @@ -0,0 +1,8 @@ +__linux_package_manager_package_state_config: + - attribute: state + value: absent + else: present + when: + - ['autoremove', 'defined'] + - ['autoremove', 'true'] + logic: and \ No newline at end of file diff --git a/roles/proxmox/defaults/main.yml b/roles/proxmox/defaults/main.yml new file mode 100644 index 0000000..6c00d83 --- /dev/null +++ b/roles/proxmox/defaults/main.yml @@ -0,0 +1,7 @@ +linux_role_proxmox_enabled: false + +linux_proxmox_default: [] +linux_proxmox_group: [] +linux_proxmox_host: [] + +linux_proxmox_all: "{{ linux_proxmox_default + linux_proxmox_group + linux_proxmox_host }}" \ No newline at end of file diff --git a/roles/proxmox/vars/main.yml b/roles/proxmox/vars/main.yml new file mode 100644 index 0000000..315d146 --- /dev/null +++ b/roles/proxmox/vars/main.yml @@ -0,0 +1,55 @@ +linux_proxmox_repo_url_enterprise: https://enterprise.proxmox.com/debian +linux_proxmox_repo_url_no_subscription: http://download.proxmox.com/debian + +linux_proxmox_role_repos: + pve_enterprise: + repo: "deb {{ linux_proxmox_repo_url_enterprise }}/pve {{ ansible_distribution_release }} pve-enterprise" + filename: pve-enterprise + pve_no_subscription: + repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/pve {{ ansible_distribution_release }} pve-no-subscription" + filename: pve-no-subscription + pbs_enterprise: + repo: "deb {{ linux_proxmox_repo_url_enterprise }}/pbs {{ ansible_distribution_release }} pbs-enterprise" + filename: pbs-enterprise + pbs_no_subscription: + repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/pbs {{ ansible_distribution_release }} pbs-no-subscription" + filename: pbs-no-subscription + pmg_enterprise: + repo: "deb {{ linux_proxmox_repo_url_enterprise }}/pmg {{ ansible_distribution_release }} pmg-enterprise" + filename: pmg-enterprise + pmg_no_subscription: + repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/pmg {{ ansible_distribution_release }} pmg-no-subscription" + filename: pmg-no-subscription + ceph_quincy_enterprise: + repo: "deb {{ linux_proxmox_repo_url_enterprise }}/ceph-quincy {{ ansible_distribution_release }} enterprise" + filename: ceph + ceph_quincy_no_subscription: + repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/ceph-quincy {{ ansible_distribution_release }} no-subscription" + filename: ceph + ceph_reef_enterprise: + repo: "deb {{ linux_proxmox_repo_url_enterprise }}/ceph-reef {{ ansible_distribution_release }} enterprise" + filename: ceph + ceph_reef_no_subscription: + repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/ceph-reef {{ ansible_distribution_release }} no-subscription" + filename: ceph + +# ' ' +# if is empty, there won't be any prefix at the end of the repo line +# (i.e. /pve bookworm pve-enterprise vs /ceph-pacific bookworm enterprise) +# if is empty, it will be the same as - +# (i.e. pve-no-subscription vs ceph) +# linux_proxmox_role_repos: +# - ['pve', 'pve-'] +# - ['pbs', 'pbs-'] +# - ['pmg', 'pmg-'] +# - ['ceph-reef', '', 'ceph'] +# - ['ceph-quincy', '', 'ceph'] +# - ['ceph-pacific', '', 'ceph'] + +# linux_proxmox_role_repos: +# pve: ['pve-'] +# pbs: ['pbs-'] +# pmg: ['pmg-'] +# ceph_reef: ['ceph-reef', '', 'ceph'] +# ceph_quincy: ['ceph-quincy', '', 'ceph'] +# ceph_pacific: ['ceph-pacific', '', 'ceph'] \ No newline at end of file