Local fact management added in ansible role

roles/ansible/defaults/main.yml

@@ -0,0 +1,7 @@
+linux_role_ansible_enabled: true
+linux_role_ansible_manage_local_facts: true
+
+linux_ansible_local_fact_template: aybarsm_linux.json.fact.j2
+linux_ansible_local_fact_backup: true
+linux_ansible_local_facts_dir: "{{ (not lookup('config', 'DEFAULT_FACT_PATH')) | ternary('/etc/ansible/facts.d', lookup('config', 'DEFAULT_FACT_PATH')) }}"
+linux_ansible_local_fact_file: "{{ linux_ansible_local_facts_dir }}/aybarsm_linux.fact"

roles/ansible/handlers/main.yml

@@ -0,0 +1,26 @@
+---
+- name: Re-assign host local facts to ansible facts
+  become: true
+  ansible.builtin.set_fact:
+    __linux_ansible_local_facts: "{{ linux_ansible_update_local_facts.__linux_ansible_local_facts }}"
+  register: linux_ansible_local_facts_reassign
+  listen: "linux_ansible_local_facts_reassign"
+  notify: linux_ansible_local_facts_settle
+
+- name: Settle local facts on host if changed
+  become: true
+  ansible.builtin.template:
+    src: "{{ linux_ansible_local_fact_template }}"
+    dest: "{{ linux_ansible_local_fact_file }}"
+    backup: "{{ linux_ansible_local_fact_backup | default(omit) | bool }}"
+  register: linux_ansible_local_facts_settle
+  listen: "linux_ansible_local_facts_settle"
+  notify: linux_ansible_local_facts_reread
+  when: (ansible_local.aybarsm_linux | b64encode) != (__linux_ansible_local_facts | b64encode)
+
+- name: Re-read local facts
+  become: true
+  ansible.builtin.setup:
+    filter: ansible_local
+  register: linux_ansible_local_facts_reread
+  listen: "linux_ansible_local_facts_reread"

roles/ansible/meta/main.yml

@@ -0,0 +1 @@
+allow_duplicates: true

roles/ansible/tasks/local_facts.yml

@@ -0,0 +1,11 @@
+---
+- name: Create directory on host for ansible local facts
+  become: true
+  ansible.builtin.file:
+    state: directory
+    recurse: true
+    path: "{{ linux_ansible_local_facts_dir }}"
+
+- name: Assign local facts as ansible facts
+  ansible.builtin.set_fact:
+    __linux_ansible_local_facts: "{{ ansible_local.aybarsm_linux | default({}) }}"

roles/ansible/tasks/main.yml

@@ -0,0 +1,7 @@
+---
+- name: Import linux ansible local facts tasks
+  ansible.builtin.import_tasks:
+    file: local_facts.yml
+  when:
+    - linux_role_ansible_enabled | bool
+    - linux_role_ansible_manage_local_facts | bool

roles/ansible/tasks/update_local_facts.yml

@@ -0,0 +1,41 @@
+---
+- name: Update host local facts
+  ansible.utils.update_fact:
+    updates: "{{ host_fact_updates }}"
+  vars:
+    fact_basename: "{{ linux_ansible_local_fact_file | basename | regex_replace('\\.fact$', '') }}"
+    host_fact_updates: "{{ dict((
+      ansible_host_fact_updates | map(attribute='path') |
+      map('regex_replace', '^ansible_local\\.' + fact_basename + '\\.|^ansible_local\\.', '') |
+      map('regex_replace', '^(?!__linux_ansible_local_facts\\.)(.*)$', '__linux_ansible_local_facts.\\1')) |
+      zip(ansible_host_fact_updates | map(attribute='value'))) |
+      dict2items(key_name='path', value_name='value') }}"
+  register: linux_ansible_update_local_facts
+
+- name: Re-assign host local facts to ansible facts
+  ansible.builtin.set_fact:
+    __linux_ansible_local_facts: "{{ linux_ansible_update_local_facts.__linux_ansible_local_facts }}"
+  register: linux_ansible_local_facts_reassign
+
+- name: Settle local facts on host if changed
+  become: true
+  ansible.builtin.template:
+    src: "{{ linux_ansible_local_fact_template }}"
+    dest: "{{ linux_ansible_local_fact_file }}"
+    backup: "{{ linux_ansible_local_fact_backup | default(omit) | bool }}"
+  register: linux_ansible_local_facts_settle
+  vars:
+    fact_basename: "{{ linux_ansible_local_fact_file | basename | regex_replace('\\.fact$', '') }}"
+    on_host: "{{ ansible_local[fact_basename] | default({}) | b64encode }}"
+    on_runtime: "{{ __linux_ansible_local_facts | default({}) | b64encode }}"
+  when: on_host != on_runtime
+
+- name: Re-read local facts
+  become: true
+  ansible.builtin.setup:
+    filter: ansible_local
+  register: linux_ansible_local_facts_reread
+  when: linux_ansible_local_facts_settle.changed
+
+# - name: Settle local facts if they have been modified
+#   ansible.builtin.meta: 'flush_handlers'

roles/ansible/templates/aybarsm_linux.json.fact.j2

@@ -0,0 +1,6 @@
+{% if __linux_ansible_local_facts is defined %}
+{{ __linux_ansible_local_facts | to_nice_json }}
+{% else %}
+{
+}
+{% endif %}

roles/package_manager/defaults/main.yml

@@ -5,7 +5,14 @@ linux_role_package_manager_enabled: false
 # Available options: specific, common
 linux_package_manager_package_strategy: specific
 
-linux_package_manager_package_simulation: true
+linux_package_manager_initial_upgrade: false
+# Available options: full, dist, clean_full, clean_dist
+# Clean options temproarily removes all repos other than OS default repos before upgrade
+linux_package_manager_initial_upgrade_strategy: clean_full
+linux_package_manager_deb_default_repos_template: etc/apt/default.sources.list.j2
+
+# TODO: Implement this feature
+# linux_package_manager_package_simulation: true
 
 linux_package_manager_default: []
 linux_package_manager_group: []

roles/package_manager/tasks/deb.yml

@@ -1,4 +1,19 @@
 ---
+- name: Manage DEB repository keys via APT
+  become: true
+  ansible.builtin.apt_key:
+    state: "{{ item.state | default(omit) }}"
+    data: "{{ item.data | default(omit) }}"
+    file: "{{ item.file | default(omit) }}"
+    keyring: "{{ item.keyring | default(omit) }}"
+    url: "{{ item.url | default(omit) }}"
+    validate_certs: "{{ item.validate_certs | default(omit) | bool }}"
+  loop: "{{ linux_package_manager_repo_keys_all }}"
+  register: linux_package_manager_deb_repo_keys_apply
+  when:
+    - linux_package_manager_repo_keys_all | type_debug == 'list'
+    - linux_package_manager_repo_keys_all | length > 0
+
 - name: Manage DEB repositories via APT
   become: true
   ansible.builtin.apt_repository:
@@ -16,19 +31,4 @@
   register: linux_package_manager_deb_repos_apply
   when:
     - linux_package_manager_repos_all | type_debug == 'list'
-    - linux_package_manager_repos_all | length > 0
-
-- name: Manage DEB repository keys via APT
-  become: true
-  ansible.builtin.apt_key:
-    state: "{{ item.state | default(omit) }}"
-    data: "{{ item.data | default(omit) }}"
-    file: "{{ item.file | default(omit) }}"
-    keyring: "{{ item.keyring | default(omit) }}"
-    url: "{{ item.url | default(omit) }}"
-    validate_certs: "{{ item.validate_certs | default(omit) | bool }}"
-  loop: "{{ linux_package_manager_repo_keys_all }}"
-  register: linux_package_manager_deb_repo_keys_apply
-  when:
-    - linux_package_manager_repo_keys_all | type_debug == 'list'
-    - linux_package_manager_repo_keys_all | length > 0
+    - linux_package_manager_repos_all | length > 0

roles/package_manager/tasks/deb_initial_upgrade.yml

@@ -0,0 +1,39 @@
+---
+- name: Create temporary etc_apt directory
+  become: true
+  ansible.builtin.tempfile:
+    state: directory
+    suffix: etc_apt
+  register: linux_package_manager_temp_etc_apt_dir
+
+- name: Create sources.list.d directory in temporary etc_apt directory
+  become: true
+  ansible.builtin.file:
+    state: directory
+    recurse: true
+    path: "{{ linux_package_manager_temp_etc_apt_dir.path }}/sources.list.d"
+  register: linux_package_manager_temp_etc_apt_sources_dir
+
+- name: Check main sources.list file status
+  become: true
+  ansible.builtin.stat:
+    path: "{{ linux_package_manager_repo_list_file }}"
+  register: linux_package_manager_repo_list_file_stat
+
+# - name: Find apt source files
+#   become: true
+#   ansible.builtin.find:
+#     paths: "{{ linux_systemd_network_dir }}"
+#     patterns: "{{ linux_systemd_network_cleanup_patterns }}"
+#     use_regex: "{{ linux_systemd_network_cleanup_patterns_use_regex | bool }}"
+#   when: linux_systemd_network_cleanup | bool
+#   register: linux_systemd_network_find_cleanup_files
+
+# - name: Find apt source files
+#   become: true
+#   ansible.builtin.find:
+#     paths: "{{ linux_systemd_network_dir }}"
+#     patterns: "{{ linux_systemd_network_cleanup_patterns }}"
+#     use_regex: "{{ linux_systemd_network_cleanup_patterns_use_regex | bool }}"
+#   when: linux_systemd_network_cleanup | bool
+#   register: linux_systemd_network_find_cleanup_files

roles/package_manager/tasks/deb_packages.yml

@@ -27,10 +27,7 @@
     update_cache_retry_max_delay: "{{ item.update_cache_retry_max_delay | default(omit) }}"
     upgrade: "{{ item.upgrade | default(omit) }}"
   loop: "{{ linux_package_manager_packages_all }}"
-  vars:
-    __is_simulation: "{{ __linux_package_manager_simulate_packages | default(false) | bool }}"
-  register: "{{ 'linux_package_manager_deb_packages_' + ('simulate' if __is_simulation else 'simulate') }}"
-  check_mode: "{{ __is_simulation }}"
+  register: linux_package_manager_deb_packages_apply  
   when:
     - linux_package_manager_packages_all | type_debug == 'list'
     - linux_package_manager_packages_all | length > 0

roles/package_manager/tasks/main.yml

@@ -5,24 +5,22 @@
 - name: Load common variables structured on OS related variables
   ansible.builtin.include_vars: common.yml
 
-- name: Import DEB repository and repository key tasks (APT)
+- name: Import DEB initial upgrade (APT)
   ansible.builtin.import_tasks:
-    file: deb.yml
+    file: deb_initial_upgrade.yml
   when:
     - linux_role_package_manager_enabled | default(false) | bool
+    - linux_package_manager_initial_upgrade | default(false) | bool
+    - linux_role_ansible_manage_local_facts | default(false) | bool
+    - __linux_ansible_local_facts is defined
     - ansible_os_family | lower == 'debian'
 
-- name: Simulate DEB package tasks (APT)
+- name: Import DEB repository and repository key tasks (APT)
   ansible.builtin.import_tasks:
-    file: deb_packages.yml
-  vars:
-    __linux_package_manager_simulate_packages: true
+    file: deb.yml
   when:
     - linux_role_package_manager_enabled | default(false) | bool
-    - linux_package_manager_package_strategy | lower == 'specific'
     - ansible_os_family | lower == 'debian'
-    - linux_package_manager_package_simulation | default(true) | bool
-    - not ansible_check_mode
 
 - name: Import DEB package tasks (APT)
   ansible.builtin.import_tasks:

roles/package_manager/tasks/rpm_packages.yml

@@ -2,7 +2,7 @@
 - name: Manage RPM packages via DNF
   become: true
   ansible.builtin.dnf:
-    name: "{{ package_name }}"
+    name: "{{ item.name }}"
     allow_downgrade: "{{ item.allow_downgrade | default(omit) | bool }}"
     allowerasing: "{{ item.allowerasing | default(omit) | bool }}"
     autoremove: "{{ item.autoremove | default(omit) | bool }}"
@@ -34,8 +34,6 @@
     update_only: "{{ item.update_only | default(omit) | bool }}"
     use_backend: "{{ item.use_backend | default(omit) }}"
     validate_certs: "{{ item.validate_certs | default(omit) | bool }}"
-  vars:
-    package_name: "{{ item.name + '=' + item.version if 'version' in item else item.name }}"
   loop: "{{ linux_package_manager_packages_all }}"
   register: linux_package_manager_rpm_packages_apply
   when:

roles/package_manager/templates/etc/apt/default.sources.list.j2

@@ -0,0 +1,27 @@
+{% set os_distrib = ansible_distribution | lower %}
+{% set os_release = ansible_distribution_release | lower %}
+{% if os_distrib == "debian" %}
+deb http://deb.debian.org/debian/ {{ os_release }} main
+deb-src http://deb.debian.org/debian/ {{ os_release }} main
+
+deb http://security.debian.org/debian-security {{ os_release }}-security main
+deb-src http://security.debian.org/debian-security {{ os_release }}-security main
+
+deb http://deb.debian.org/debian/ {{ os_release }}-updates main
+deb-src http://deb.debian.org/debian/ {{ os_release }}-updates main
+{% elif os_distrib == "ubuntu" %}
+deb http://archive.ubuntu.com/ubuntu/ {{ os_release }} main restricted universe multiverse
+deb-src http://archive.ubuntu.com/ubuntu/ {{ os_release }} main restricted universe multiverse
+
+deb http://archive.ubuntu.com/ubuntu/ {{ os_release }}-updates main restricted universe multiverse
+deb-src http://archive.ubuntu.com/ubuntu/ {{ os_release }}-updates main restricted universe multiverse
+
+deb http://archive.ubuntu.com/ubuntu/ {{ os_release }}-security main restricted universe multiverse
+deb-src http://archive.ubuntu.com/ubuntu/ {{ os_release }}-security main restricted universe multiverse
+
+deb http://archive.ubuntu.com/ubuntu/ {{ os_release }}-backports main restricted universe multiverse
+deb-src http://archive.ubuntu.com/ubuntu/ {{ os_release }}-backports main restricted universe multiverse
+
+deb http://archive.canonical.com/ubuntu {{ os_release }} partner
+deb-src http://archive.canonical.com/ubuntu {{ os_release }} partner
+{% endif %}

roles/package_manager/vars/common.yml

@@ -1,5 +1,6 @@
 linux_package_manager_packages_all: "{{ linux_package_manager_all |
   aybarsm.helper.selectattr(__linux_package_manager_package_config.selectattr) |
+  ansible.utils.replace_keys(target=__linux_package_manager_package_config.replace_keys) |
   aybarsm.helper.setattr(__linux_package_manager_package_config.setattr) |
   aybarsm.helper.splitattr(__linux_package_manager_package_config.splitattr) |
   aybarsm.helper.unique_recursive(__linux_package_manager_package_config.uniques) |

roles/package_manager/vars/debian.yml

@@ -1,3 +1,7 @@
+linux_package_manager_repo_dir: /etc/apt
+linux_package_manager_repo_list_file: "{{ linux_package_manager_repo_dir}}/sources.list"
+linux_package_manager_repo_list_dir: "{{ linux_package_manager_repo_dir}}/sources.list.d"
+
 __linux_package_manager_uniques_package: ['name', 'package', 'pkg']
 __linux_package_manager_uniques_repo: ['repo']
 __linux_package_manager_uniques_repo_key: ['keyserver', 'url', 'id', 'data', 'file']
@@ -16,19 +20,6 @@ __linux_package_manager_package_config:
     - before: pkg
       after: name
   setattr:
-    - attribute: name
-      value: package
-      mode: copy_delete
-      when:
-        - ['name', 'undefined']
-        - ['package', 'defined']
-      logic: and
-    - attribute: name
-      value: pkg
-      mode: copy_delete
-      when:
-        - ['name', 'undefined']
-        - ['pkg', 'defined']
     - attribute: state
       value: present
       when:

roles/proxmox/defaults/main.yml

@@ -1,5 +1,7 @@
 linux_role_proxmox_enabled: false
 
+linux_proxmox_clean_os_upgrade: ''
+
 linux_proxmox_default: {}
 linux_proxmox_group: {}
 linux_proxmox_host: {}

roles/proxmox/tasks/main.yml

@@ -1,4 +1,13 @@
 ---
+- name: Import aybarsm linux ansible role
+  ansible.builtin.import_role:
+    name: aybarsm.linux.ansible
+
 - name: Include Debug Tasks
   ansible.builtin.import_tasks:
     file: debug.yml
+
+- name: Import aybarsm linux ansible role - settle local fact tasks
+  ansible.builtin.import_role:
+    name: aybarsm.linux.ansible
+    tasks_from: settle_local_facts.yml

roles/proxmox/vars/main.yml

@@ -20,6 +20,12 @@ linux_proxmox_role_repos:
   pmg_no_subscription:
     repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/pmg {{ ansible_distribution_release }} pmg-no-subscription"
     filename: pmg-no-subscription
+  ceph_pacific_enterprise:
+    repo: "deb {{ linux_proxmox_repo_url_enterprise }}/ceph-pacific {{ ansible_distribution_release }} enterprise"
+    filename: ceph
+  ceph_pacific_no_subscription:
+    repo: "deb {{ linux_proxmox_repo_url_no_subscription }}/ceph-pacific {{ ansible_distribution_release }} no-subscription"
+    filename: ceph
   ceph_quincy_enterprise:
     repo: "deb {{ linux_proxmox_repo_url_enterprise }}/ceph-quincy {{ ansible_distribution_release }} enterprise"
     filename: ceph