From af45913cc25c0c2e18194220fd363148318fb242 Mon Sep 17 00:00:00 2001 From: Murat Aybars <39916128+aybarsm@users.noreply.github.com> Date: Sat, 30 Nov 2024 21:25:34 +0000 Subject: [PATCH] Pre Proxmox finalisation #1 --- roles/auth/vars/main.yml | 10 +- roles/network/vars/main.yml | 6 +- roles/pkg_mgr/tasks/apt.yml | 6 +- roles/pkg_mgr/vars/main.yml | 8 +- roles/proxmox/defaults/main.yml | 102 ++++++++-------- roles/proxmox/tasks/datacenter.yml | 10 +- roles/proxmox/tasks/freenas.yml | 133 ++++++++++----------- roles/proxmox/tasks/main.yml | 5 +- roles/proxmox/tasks/package_manager.yml | 6 +- roles/proxmox/tasks/qemu.yml | 6 +- roles/proxmox/tasks/qemu/disk.yml | 6 +- roles/proxmox/tasks/ssl_config.yml | 16 +-- roles/proxmox/tasks/update_role_config.yml | 6 + roles/proxmox/vars/main.yml | 39 +++--- 14 files changed, 183 insertions(+), 176 deletions(-) create mode 100644 roles/proxmox/tasks/update_role_config.yml diff --git a/roles/auth/vars/main.yml b/roles/auth/vars/main.yml index 8905bf3..98a6045 100644 --- a/roles/auth/vars/main.yml +++ b/roles/auth/vars/main.yml @@ -1,15 +1,15 @@ --- auth__all: "{{ {'host': auth__host, 'group': auth__group, 'default': auth__default} | aybarsm.helper.role_items(only=auth__use_only) }}" -auth__users_all: "{{ auth__all | selectattr('entry__type', 'eq', 'user') }}" +auth__users_all: "{{ auth__all | selectattr('_type', 'eq', 'user') }}" -auth__authorized_keys_all: "{{ auth__all | selectattr('entry__type', 'eq', 'authorized_key') }}" +auth__authorized_keys_all: "{{ auth__all | selectattr('_type', 'eq', 'authorized_key') }}" -auth__sshd_config_all: "{{ auth__all | selectattr('entry__type', 'eq', 'sshd_config') | +auth__sshd_config_all: "{{ auth__all | selectattr('_type', 'eq', 'sshd_config') | sort(attribute='value', reverse=true) | sort(attribute='name', reverse=false) }}" -auth__ssh_config_all: "{{ auth__all | selectattr('entry__type', 'eq', 'ssh_config') | +auth__ssh_config_all: "{{ auth__all | selectattr('_type', 'eq', 'ssh_config') | sort(attribute='value', reverse=true) | sort(attribute='name', reverse=false) }}" __auth__key_distribute_query: "*.auth__users_apply.results[*] | [] | - [?contains(not_null(item.entry__distribute_ssh_key,``),`{{ inventory_hostname }}`)].{user: name, key: ssh_public_key}" \ No newline at end of file + [?contains(not_null(item._distribute_ssh_key,``),`{{inventory_hostname }}`)].{user: name, key: ssh_public_key}" \ No newline at end of file diff --git a/roles/network/vars/main.yml b/roles/network/vars/main.yml index f81033c..1d1b42e 100644 --- a/roles/network/vars/main.yml +++ b/roles/network/vars/main.yml @@ -1,14 +1,14 @@ network__all: "{{ {'host': network__host, 'group': network__group, 'default': network__default} | aybarsm.helper.role_items(only=network__use_only) }}" ##### BEGIN: network sysctl vars -network__sysctl_all: "{{ network__all | selectattr('entry__type', 'eq', 'sysctl') | +network__sysctl_all: "{{ network__all | selectattr('_type', 'eq', 'sysctl') | aybarsm.helper.replace_aliases(__ansible.modules.ansible_posix_sysctl.aliases, removeAliases=true) | community.general.json_query('[?not_null(name) && not_null(value)]') | unique(attribute='name') }}" ##### END: network sysctl vars ##### BEGIN: network hosts vars -network__hosts_all: "{{ network__all | selectattr('entry__type', 'eq', 'host') | +network__hosts_all: "{{ network__all | selectattr('_type', 'eq', 'host') | aybarsm.helper.replace_aliases({'fqdn': ['hostname']}) | unique(attribute='ip') }}" # Sort hosts by hostname to avoid unneccessary changes @@ -17,5 +17,5 @@ network__hosts_all_ipv6: "{{ network__hosts_all | selectattr('ip', 'ansible.util ##### END: network hosts vars ##### BEGIN: network iptables vars -network__iptables_all: "{{ network__all | selectattr('entry__type', 'eq', 'iptables') }}" +network__iptables_all: "{{ network__all | selectattr('_type', 'eq', 'iptables') }}" ##### END: network iptables vars \ No newline at end of file diff --git a/roles/pkg_mgr/tasks/apt.yml b/roles/pkg_mgr/tasks/apt.yml index 9871cef..b2a69b5 100644 --- a/roles/pkg_mgr/tasks/apt.yml +++ b/roles/pkg_mgr/tasks/apt.yml @@ -3,7 +3,7 @@ ansible.builtin.include_tasks: file: apt/repo_keys.yml vars: - repo_keys: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'repo_key') | aybarsm.helper.all_except(['entry__type']) }}" + repo_keys: "{{ pkg_mgr__all | selectattr('_type', 'eq', 'repo_key') | aybarsm.helper.all_except(['_type']) }}" when: - pkg_mgr__manage_repo_keys | bool - repo_keys | length > 0 @@ -12,7 +12,7 @@ ansible.builtin.include_tasks: file: apt/repos.yml vars: - repos: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'repo') | aybarsm.helper.all_except(['entry__type']) }}" + repos: "{{ pkg_mgr__all | selectattr('_type', 'eq', 'repo') | aybarsm.helper.all_except(['_type']) }}" when: - pkg_mgr__manage_repos | bool - repos | length > 0 @@ -22,7 +22,7 @@ ansible.builtin.include_tasks: file: apt/packages.yml vars: - packages: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'package') | aybarsm.helper.all_except(['entry__type']) }}" + packages: "{{ pkg_mgr__all | selectattr('_type', 'eq', 'package') | aybarsm.helper.all_except(['_type']) }}" when: - pkg_mgr__manage_packages | bool - packages | length > 0 diff --git a/roles/pkg_mgr/vars/main.yml b/roles/pkg_mgr/vars/main.yml index b1b92e4..0a25716 100644 --- a/roles/pkg_mgr/vars/main.yml +++ b/roles/pkg_mgr/vars/main.yml @@ -2,7 +2,7 @@ pkg_mgr__all: "{{ {'host': pkg_mgr__host, 'group': pkg_mgr__group, 'default': pk __pkg_mgr__use_apt: "{{ ansible_os_family | default('') | lower == 'debian' and pkg_mgr__package_module == 'specific' }}" -# pkg_mgr__packages: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'package') }}" -# pkg_mgr__repo_keys: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'repo_key') }}" -# pkg_mgr__repos: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'repo') }}" -# pkg_mgr__repo_lists: "{{ pkg_mgr__all | selectattr('entry__type', 'eq', 'repo_list') }}" \ No newline at end of file +# pkg_mgr__packages: "{{ pkg_mgr__all | selectattr('_type', 'eq', 'package') }}" +# pkg_mgr__repo_keys: "{{ pkg_mgr__all | selectattr('_type', 'eq', 'repo_key') }}" +# pkg_mgr__repos: "{{ pkg_mgr__all | selectattr('_type', 'eq', 'repo') }}" +# pkg_mgr__repo_lists: "{{ pkg_mgr__all | selectattr('_type', 'eq', 'repo_list') }}" \ No newline at end of file diff --git a/roles/proxmox/defaults/main.yml b/roles/proxmox/defaults/main.yml index e5ffd5b..6c37c72 100644 --- a/roles/proxmox/defaults/main.yml +++ b/roles/proxmox/defaults/main.yml @@ -19,54 +19,54 @@ proxmox__default: [] proxmox__group: [] proxmox__host: [] -proxmox__repos: - types: - enterprise: - url: https://enterprise.proxmox.com/debian - no_subscription: - url: http://download.proxmox.com/debian - keys: - bookworm: - url: https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg - keyring: /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg - bullseye: - url: https://enterprise.proxmox.com/debian/proxmox-release-bullseye.gpg - keyring: /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg - -proxmox__purposes: - pve: - packages: ['pve-manager'] - repo: - file: 'pve-<>' - suffix: 'pve-<>' - pbs: - packages: ['proxmox-backup-server'] - repo: - file: 'pbs-<>' - suffix: 'pbs-<>' - pmg: - packages: ['proxmox-mailgateway'] - repo: - file: 'pmg-<>' - suffix: 'pbs-<>' - ceph_pacific: - packages: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] - repo: - file: 'ceph' - suffix: '<>' - ceph_quincy: - packages: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] - repo: - file: 'ceph' - suffix: '<>' - ceph_reef: - packages: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] - repo: - file: 'ceph' - suffix: '<>' - zfs: - packages: ['zfsutils-linux', 'zfs-initramfs', 'zfs-zed'] - freenas: - packages: ['librest-client-perl', 'git', 'patch'] - task_file: freenas.yml - remote_src: true \ No newline at end of file +proxmox__role_config: + repo: + type: + enterprise: + url: https://enterprise.proxmox.com/debian + no_subscription: + url: http://download.proxmox.com/debian + key: + bookworm: + url: https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg + keyring: /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg + bullseye: + url: https://enterprise.proxmox.com/debian/proxmox-release-bullseye.gpg + keyring: /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg + purpose: + pve: + packages: ['pve-manager'] + repo: + file: 'pve-<>' + suffix: 'pve-<>' + pbs: + packages: ['proxmox-backup-server'] + repo: + file: 'pbs-<>' + suffix: 'pbs-<>' + pmg: + packages: ['proxmox-mailgateway'] + repo: + file: 'pmg-<>' + suffix: 'pbs-<>' + ceph_pacific: + packages: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] + repo: + file: 'ceph' + suffix: '<>' + ceph_quincy: + packages: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] + repo: + file: 'ceph' + suffix: '<>' + ceph_reef: + packages: ['ceph', 'ceph-common', 'ceph-mds', 'ceph-fuse'] + repo: + file: 'ceph' + suffix: '<>' + zfs: + packages: ['zfsutils-linux', 'zfs-initramfs', 'zfs-zed'] + freenas: + packages: ['librest-client-perl', 'git', 'patch'] + task_file: freenas.yml + remote_src: true \ No newline at end of file diff --git a/roles/proxmox/tasks/datacenter.yml b/roles/proxmox/tasks/datacenter.yml index 8515a83..c860bed 100644 --- a/roles/proxmox/tasks/datacenter.yml +++ b/roles/proxmox/tasks/datacenter.yml @@ -3,7 +3,7 @@ ansible.builtin.include_tasks: file: datacenter/pools.yml vars: - proxmox_datacenter_pools: "{{ proxmox__all | selectattr('entry__type', 'eq', 'pool') }}" + proxmox_datacenter_pools: "{{ proxmox__all | selectattr('_type', 'eq', 'pool') }}" when: - proxmox__manage_pools - proxmox_datacenter_pools | length > 0 @@ -12,7 +12,7 @@ ansible.builtin.include_tasks: file: datacenter/roles.yml vars: - proxmox_datacenter_roles: "{{ proxmox__all | selectattr('entry__type', 'eq', 'role') }}" + proxmox_datacenter_roles: "{{ proxmox__all | selectattr('_type', 'eq', 'role') }}" when: - proxmox__manage_roles - proxmox_datacenter_roles | length > 0 @@ -21,7 +21,7 @@ ansible.builtin.include_tasks: file: datacenter/user_groups.yml vars: - proxmox_datacenter_user_groups: "{{ proxmox__all | selectattr('entry__type', 'eq', 'user_group') }}" + proxmox_datacenter_user_groups: "{{ proxmox__all | selectattr('_type', 'eq', 'user_group') }}" when: - proxmox__manage_user_groups - proxmox_datacenter_user_groups | length > 0 @@ -30,7 +30,7 @@ ansible.builtin.include_tasks: file: datacenter/users.yml vars: - proxmox_datacenter_users: "{{ proxmox__all | selectattr('entry__type', 'eq', 'user') }}" + proxmox_datacenter_users: "{{ proxmox__all | selectattr('_type', 'eq', 'user') }}" when: - proxmox__manage_users - proxmox_datacenter_users | length > 0 @@ -39,7 +39,7 @@ ansible.builtin.include_tasks: file: datacenter/acls.yml vars: - proxmox_datacenter_acls: "{{ proxmox__all | selectattr('entry__type', 'eq', 'acl') }}" + proxmox_datacenter_acls: "{{ proxmox__all | selectattr('_type', 'eq', 'acl') }}" when: - proxmox__manage_acls - proxmox_datacenter_acls | length > 0 \ No newline at end of file diff --git a/roles/proxmox/tasks/freenas.yml b/roles/proxmox/tasks/freenas.yml index 7fdce41..52ab678 100644 --- a/roles/proxmox/tasks/freenas.yml +++ b/roles/proxmox/tasks/freenas.yml @@ -1,72 +1,67 @@ --- -- name: Set Facts for Proxmox Freenas - ansible.builtin.set_fact: - freenas_remote_src: "{{ freenas_remote_src }}" - freenas_delegate: "{{ inventory_hostname if freenas_remote_src else 'localhost' }}" - vars: - freenas_remote_src: "{{ __proxmox__purposes.freenas.remote_src | default(proxmox__purposes.freenas.remote_src) }}" - register: proxmox__freenas__set_fact +- name: Apply Freenas + block: + - name: Create Temp Directory for Git Repo + ansible.builtin.tempfile: + state: directory + register: proxmox__freenas__temp_dir + delegate_to: "{{ inventory_hostname if __proxmox__purposes.freenas.remote_src else 'localhost' }}" -- name: Create Temp Directory for Git Repo - ansible.builtin.tempfile: - state: directory - register: proxmox__freenas__temp_dir - delegate_to: "{{ freenas_delegate }}" + - name: Include Git Task to Clone Freenas Repo + ansible.builtin.include_role: + name: aybarsm.helper.misc + tasks_from: ansible/builtin/git.yml + vars: + misc__item: + repo: https://github.com/TheGrandWazoo/freenas-proxmox + clone: true + dest: "{{ proxmox__freenas__temp_dir.path }}" + _module: + delegate_to: "{{ inventory_hostname if __proxmox__purposes.freenas.remote_src else 'localhost' }}" + register: proxmox__freenas__git + when: proxmox__freenas__temp_dir.path is defined -- name: Include Git Task to Clone Freenas Repo - ansible.builtin.include_role: - name: aybarsm.helper.misc - tasks_from: ansible/builtin/git.yml - vars: - misc__item: - repo: https://github.com/TheGrandWazoo/freenas-proxmox - clone: true - dest: "{{ proxmox__freenas__temp_dir.path }}" - __module: - delegate_to: "{{ freenas_delegate }}" - register: proxmox__freenas__git - when: proxmox__freenas__temp_dir.path is defined - -- name: Include File Manager Role to Apply Changes - ansible.builtin.include_role: - name: aybarsm.helper.file_mgr - vars: - file_mgr__role_enabled: true - file_mgr__strict_safe: true - file_mgr__no_log: false - file_mgr__use_only: ['host'] - file_mgr__host: - - entry__type: patch - src: "{{ proxmox__freenas__temp_dir.path }}/pve-manager/js/pvemanagerlib.js.patch" - dest: /usr/share/pve-manager/js/pvemanagerlib.js - remote_src: "{{ freenas_remote_src }}" - entry__handlers: restart_pve_services - - entry__type: patch - src: "{{ proxmox__freenas__temp_dir.path }}/perl5/PVE/Storage/ZFSPlugin.pm.patch" - dest: /usr/share/perl5/PVE/Storage/ZFSPlugin.pm - remote_src: "{{ freenas_remote_src }}" - entry__handlers: restart_pve_services - - entry__type: patch - src: "{{ proxmox__freenas__temp_dir.path }}/pve-docs/api-viewer/apidoc.js.patch" - dest: /usr/share/pve-docs/api-viewer/apidoc.js - remote_src: "{{ freenas_remote_src }}" - entry__handlers: restart_pve_services - - entry__type: copy - src: "{{ proxmox__freenas__temp_dir.path }}/perl5/PVE/Storage/LunCmd/FreeNAS.pm" - dest: /usr/share/perl5/PVE/Storage/LunCmd/FreeNAS.pm - remote_src: "{{ freenas_remote_src }}" - entry__handlers: restart_pve_services - - entry__type: handlers - name: restart_pve_services - condition: any - handlers: "{{ {'name': ['pvedaemon', 'pveproxy', 'pvestatd', 'pve-ha-lrm', 'pve-ha-crm']} | - aybarsm.helper.to_list_of_dicts({'entry__type': 'service', 'state': 'restarted'}) }}" - register: proxmox__freenas__patch - when: proxmox__freenas__temp_dir.path is defined - -- name: Remove Git Repo Temp Directory - ansible.builtin.file: - path: "{{ proxmox__freenas__temp_dir.path }}" - state: absent - delegate_to: "{{ freenas_delegate }}" - when: proxmox__freenas__temp_dir.path is defined \ No newline at end of file + - name: Include File Manager Role to Apply Changes + ansible.builtin.include_role: + name: aybarsm.helper.file_mgr + vars: + file_mgr__role_enabled: true + file_mgr__strict_safe: true + file_mgr__no_log: false + file_mgr__use_only: ['host'] + file_mgr__host: + - _type: patch + src: "{{ proxmox__freenas__temp_dir.path }}/pve-manager/js/pvemanagerlib.js.patch" + dest: /usr/share/pve-manager/js/pvemanagerlib.js + remote_src: "{{ __proxmox__purposes.freenas.remote_src }}" + _handler: restart_pve_services + - _type: patch + src: "{{ proxmox__freenas__temp_dir.path }}/perl5/PVE/Storage/ZFSPlugin.pm.patch" + dest: /usr/share/perl5/PVE/Storage/ZFSPlugin.pm + remote_src: "{{ __proxmox__purposes.freenas.remote_src }}" + _handler: restart_pve_services + - _type: patch + src: "{{ proxmox__freenas__temp_dir.path }}/pve-docs/api-viewer/apidoc.js.patch" + dest: /usr/share/pve-docs/api-viewer/apidoc.js + remote_src: "{{ __proxmox__purposes.freenas.remote_src }}" + _handler: restart_pve_services + - _type: copy + src: "{{ proxmox__freenas__temp_dir.path }}/perl5/PVE/Storage/LunCmd/FreeNAS.pm" + dest: /usr/share/perl5/PVE/Storage/LunCmd/FreeNAS.pm + remote_src: "{{ __proxmox__purposes.freenas.remote_src }}" + _handler: restart_pve_services + - _type: handler + _name: restart_pve_services + _when: any + _actions: "{{ {'name': ['pvedaemon', 'pveproxy', 'pvestatd', 'pve-ha-lrm', 'pve-ha-crm']} | + aybarsm.helper.to_list_of_dicts({'_type': 'service', 'state': 'restarted'}) }}" + register: proxmox__freenas__patch + when: proxmox__freenas__temp_dir.path is defined + + always: + - name: Remove Git Repo Temp Directory + ansible.builtin.file: + path: "{{ proxmox__freenas__temp_dir.path }}" + state: absent + delegate_to: "{{ inventory_hostname if __proxmox__purposes.freenas.remote_src else 'localhost' }}" + when: proxmox__freenas__temp_dir.path is defined \ No newline at end of file diff --git a/roles/proxmox/tasks/main.yml b/roles/proxmox/tasks/main.yml index be754bb..1f49cb7 100644 --- a/roles/proxmox/tasks/main.yml +++ b/roles/proxmox/tasks/main.yml @@ -4,7 +4,8 @@ # file: package_manager.yml # when: # - proxmox__role_enabled -# - __proxmox__pkg_mgr | length > 0 +# - proxmox__manage_repo_keys or proxmox__manage_repos or proxmox__manage_packages +# tags: '{{"always" if proxmox__role_enabled else "never"}}' # - name: Include Datacenter Tasks # ansible.builtin.include_tasks: @@ -26,7 +27,7 @@ - name: Include Freenas Tasks ansible.builtin.include_tasks: - file: "{{ __proxmox__purposes.freenas.task_file | default(proxmox__purposes.freenas.task_file) }}" + file: "{{ __proxmox__purposes.freenas.task_file }}" when: - proxmox__role_enabled - __proxmox__purposes.freenas is defined \ No newline at end of file diff --git a/roles/proxmox/tasks/package_manager.yml b/roles/proxmox/tasks/package_manager.yml index 02cfbf8..1a5dfbf 100644 --- a/roles/proxmox/tasks/package_manager.yml +++ b/roles/proxmox/tasks/package_manager.yml @@ -3,9 +3,9 @@ name: aybarsm.linux.pkg_mgr vars: pkg_mgr__role_enabled: true - pkg_mgr__manage_repo_keys: true - pkg_mgr__manage_repos: true - pkg_mgr__manage_packages: true + pkg_mgr__manage_repo_keys: "{{ proxmox__manage_repo_keys }}" + pkg_mgr__manage_repos: "{{ proxmox__manage_repos }}" + pkg_mgr__manage_packages: "{{ proxmox__manage_packages }}" pkg_mgr__package_module: specific pkg_mgr__upgrade_strategy: never pkg_mgr__use_only: ['host'] diff --git a/roles/proxmox/tasks/qemu.yml b/roles/proxmox/tasks/qemu.yml index 3ce873e..2389717 100644 --- a/roles/proxmox/tasks/qemu.yml +++ b/roles/proxmox/tasks/qemu.yml @@ -6,20 +6,20 @@ file: qemu/vm.yml vars: qemu_vm: "{{ __proxmox__module_vars | combine(proxmox__qemu_item) }}" - when: proxmox__qemu_item.entry__type == 'qemu_vm' + when: proxmox__qemu_item._type== 'qemu_vm' - name: "Include QEMU NIC Tasks - Index: {{ proxmox__qemu_item_index }}" ansible.builtin.include_tasks: file: qemu/nic.yml vars: qemu_nic: "{{ __proxmox__module_vars | combine(proxmox__qemu_item) }}" - when: proxmox__qemu_item.entry__type == 'qemu_nic' + when: proxmox__qemu_item._type== 'qemu_nic' - name: "Include QEMU DISK Tasks - Index: {{ proxmox__qemu_item_index }}" ansible.builtin.include_tasks: file: qemu/disk.yml vars: qemu_disk: "{{ __proxmox__module_vars | combine(proxmox__qemu_item) }}" - when: proxmox__qemu_item.entry__type == 'qemu_disk' + when: proxmox__qemu_item._type== 'qemu_disk' delegate_to: localhost diff --git a/roles/proxmox/tasks/qemu/disk.yml b/roles/proxmox/tasks/qemu/disk.yml index 388f1e0..c28fe3c 100644 --- a/roles/proxmox/tasks/qemu/disk.yml +++ b/roles/proxmox/tasks/qemu/disk.yml @@ -9,7 +9,7 @@ fail_msg: "Disk size calculation requested but state is not resized or size is not defined in correct format." success_msg: "Disk size calculation requested and state is resized and size is defined in correct format." register: proxmox__assert_qemu_disk_calc_size - when: qemu_disk.entry__calc_size | default(false, true) + when: qemu_disk._calc_size| default(false, true) - name: Include VM Info Task if calculation requested and conditions are met ansible.builtin.include_tasks: @@ -17,7 +17,7 @@ vars: vm_info: "{{ qemu_disk | combine({'config': 'current'}) }}" when: - - qemu_disk.entry__calc_size | default(false, true) + - qemu_disk._calc_size| default(false, true) - proxmox__assert_qemu_disk_calc_size is success - name: Proxmox QEMU DISK @@ -86,7 +86,7 @@ werror: "{{ qemu_disk.werror | default(omit, true) }}" wwn: "{{ qemu_disk.wwn | default(omit, true) }}" vars: - is_resolve_request: "{{ (qemu_disk.entry__calc_size | default(false, true)) and + is_resolve_request: "{{ (qemu_disk._calc_size| default(false, true)) and proxmox__assert_qemu_disk_calc_size is success and proxmox__info_vm.proxmox_vms[0][qemu_disk.disk] is defined }}" current_size: "{{ (proxmox__info_vm.proxmox_vms[0][qemu_disk.disk] | regex_search('size=(\\w+)(,|$)', '\\1') | first) if is_resolve_request else undef() }}" diff --git a/roles/proxmox/tasks/ssl_config.yml b/roles/proxmox/tasks/ssl_config.yml index 792f2b2..2cbd36f 100644 --- a/roles/proxmox/tasks/ssl_config.yml +++ b/roles/proxmox/tasks/ssl_config.yml @@ -6,25 +6,25 @@ file_mgr__role_enabled: true file_mgr__use_only: ['host'] file_mgr__host: - - entry__type: copy - entry__keep: "{{ (proxmox__ssl_certificate | default(undef(), true)) is defined }}" + - _type: copy + _keep: "{{ (proxmox__ssl_certificate | default(undef(), true)) is defined }}" content: "{{ lookup('file', proxmox__ssl_certificate) if (proxmox__ssl_certificate | default(undef(), true)) is defined else omit }}" dest: /etc/pve/local/pve-ssl.pem mode: '0640' owner: root group: 'www-data' - entry__handlers: - - entry__type: service + _handlers: + - _type: service name: pveproxy state: restarted - - entry__type: copy - entry__keep: "{{ (proxmox__ssl_key | default(undef(), true)) is defined }}" + - _type: copy + _keep: "{{ (proxmox__ssl_key | default(undef(), true)) is defined }}" content: "{{ lookup('file', proxmox__ssl_key) if (proxmox__ssl_key | default(undef(), true)) is defined else omit }}" dest: /etc/pve/local/pve-ssl.key mode: '0640' owner: root group: 'www-data' - entry__handlers: - - entry__type: service + _handlers: + - _type: service name: pveproxy state: restarted \ No newline at end of file diff --git a/roles/proxmox/tasks/update_role_config.yml b/roles/proxmox/tasks/update_role_config.yml new file mode 100644 index 0000000..12b7fdb --- /dev/null +++ b/roles/proxmox/tasks/update_role_config.yml @@ -0,0 +1,6 @@ +--- +- name: Set Fact to Update Proxmox Role Config + ansible.utils.set_fact: + proxmox__role_config: "{{ proxmox__role_config | default({}) | combine(proxmox__role_config_updates, recursive=true, list_merge='replace') }}" + register: proxmox__update_role_config + when: proxmox__role_config_updates | default({}) | keys | length > 0 \ No newline at end of file diff --git a/roles/proxmox/vars/main.yml b/roles/proxmox/vars/main.yml index a2ed589..3695f7c 100644 --- a/roles/proxmox/vars/main.yml +++ b/roles/proxmox/vars/main.yml @@ -1,8 +1,17 @@ proxmox__all: "{{ {'host': proxmox__host, 'group': proxmox__group, 'default': proxmox__default} | aybarsm.helper.role_items(only=proxmox__use_only) }}" + __proxmox__purposes: "{{ { - 'key': (proxmox__all | selectattr('entry__type', 'eq', 'purpose') | map(attribute='name')), - 'value': (proxmox__all | selectattr('entry__type', 'eq', 'purpose') | map('aybarsm.helper.all_except', ['entry__type', 'name'])) - } | aybarsm.helper.to_list_of_dicts() | items2dict }}" + 'key': (proxmox__all | selectattr('_type', 'eq', 'purpose') | map(attribute='name')), + 'value': (proxmox__all | selectattr('_type', 'eq', 'purpose') | map('aybarsm.helper.all_except', ['_type', 'name'])) + } | aybarsm.helper.to_list_of_dicts() | items2dict | + aybarsm.helper.combine_reverse(({'freenas': { + 'remote_src': proxmox__role_config.purpose.freenas.remote_src, + 'task_file': proxmox__role_config.purpose.freenas.task_file + }} if proxmox__all | selectattr('_type', 'eq', 'purpose') | selectattr('name', 'eq', 'freenas') | length > 0 else {}), recursive=true) }}" + +# __proxmox__freenas: +# remote_src: "{{ __proxmox__purposes.freenas.remote_src | default(proxmox__role_config.purpose.freenas.remote_src) }}" +# delegate: __proxmox__cluster_members_query: '*.{ host: inventory_hostname, @@ -27,16 +36,14 @@ __proxmox__module_vars: validate_certs: "{{ __proxmox__cluster.validate_certs | default(omit, true) }}" __proxmox__pkg_mgr: >- - {%- set repo_keys = [proxmox__repos['keys'][ansible_distribution_release] | combine({'entry__type': 'repo_key', 'state': 'present'})] if proxmox__manage_repo_keys else [] -%} + {%- set repo_keys = [proxmox__role_config.repo.key[ansible_distribution_release] | combine({'_type': 'repo_key', 'state': 'present'})] -%} {%- set repos = [] -%} {%- set packages = [] -%} - {%- set purposes = proxmox__all | selectattr('entry__type', 'eq', 'purpose') -%} - {%- if (proxmox__manage_repos or proxmox__manage_packages) and purposes | length > 0 -%} - {%- for pName, purpose in proxmox__purposes.items() -%} - {%- set node = purposes | selectattr('name', 'in', [pName, pName | replace('_', '-')]) | default([{}]) | first -%} - {%- if proxmox__manage_repos -%} - {%- for tName, type in proxmox__repos.types.items() -%} - {%- if purpose.repo is defined -%} + {%- set purposes = proxmox__all | selectattr('_type', 'eq', 'purpose') -%} + {%- for pName, purpose in proxmox__role_config.purpose.items() -%} + {%- set node = purposes | selectattr('name', 'in', [pName, pName | replace('_', '-')]) | default([{}]) | first -%} + {%- for tName, type in proxmox__role_config.repo.type.items() -%} + {%- if purpose.repo is defined -%} {%- set replacements = { 'PURPOSE_NAME': (pName | replace('_', '-')), 'REPO_URL' : type.url, @@ -44,19 +51,17 @@ __proxmox__pkg_mgr: >- 'RELEASE': ansible_distribution_release } -%} {%- set repos = repos.append({ - 'entry__type': 'repo', + '_type': 'repo', 'repo': ('deb <>/<> <> ' + purpose.repo.suffix) | aybarsm.helper.replacer(replacements), 'filename': purpose.repo.file | aybarsm.helper.replacer(replacements), 'state': 'present' if node.repo is defined and node.repo in [tName, tName | replace('_', '-')] else 'absent', 'update_cache': false }) -%} - {%- endif -%} - {%- endfor -%} {%- endif -%} - {%- if proxmox__manage_packages and purpose.packages | default([]) | length > 0 and node.name is defined and node.name in [pName, pName | replace('_', '-')] -%} + {%- if purpose.packages | default([]) | length > 0 and node.name is defined and node.name in [pName, pName | replace('_', '-')] -%} {%- for pkg in purpose.packages -%} {%- set packages = packages.append({ - 'entry__type': 'package', + '_type': 'package', 'name': pkg, 'state': 'present', 'update_cache': true @@ -64,5 +69,5 @@ __proxmox__pkg_mgr: >- {%- endfor -%} {%- endif -%} {%- endfor -%} - {%- endif -%} + {%- endfor -%} {{ repo_keys + (repos | aybarsm.helper.combine_last({'update_cache': true})) + packages }} \ No newline at end of file