playbooks/compute/playbook-host-proxmox.yaml

---
- name: Configure Network and DNS settings on Proxmox Host
  hosts:
    - host20*
  become: true

  tasks:
    - name: Set system hostname to inventory hostname
      hostname:
        name: "{{ inventory_hostname }}.{{ domain_name }}"

    - name: Configure base bond network interfaces for Dell PowerEdge R640
      template:
        src: interface-base-dell.j2
        dest: /etc/network/interfaces.d/base
      notify: restart networking
      when: inventory_hostname.startswith('host0')

    - name: Configure network interfaces for Dell PowerEdge R640
      template:
        src: interface-main-dell.j2
        dest: /etc/network/interfaces
      notify: restart networking
      when: inventory_hostname.startswith('host0')

    - name: Configure base vlan network interfaces for Intel NUCs
      template:
        src: interface-base-intel.j2
        dest: /etc/network/interfaces.d/base
      notify: restart networking
      when: inventory_hostname.startswith('host2')

    - name: Configure network interfaces for Intel NUCs
      template:
        src: interface-main-intel.j2
        dest: /etc/network/interfaces
      notify: restart networking
      when: inventory_hostname.startswith('host2')

    - name: Configure resolv.conf for DNS settings
      template:
        src: resolv.conf.j2
        dest: /etc/resolv.conf

    - name: Configure /ets/hosts
      template:
        src: hosts.j2
        dest: /etc/hosts

    - name: Set timezone to UTC
      ansible.builtin.timezone:
        name: UTC

    - name: Configure NTP (Chrony)
      template:
        src: chrony.conf.j2
        dest: /etc/chrony/chrony.conf
      notify: restart chrony

    - name: Create managed .bashrc file
      template:
        src: bashrc_managed.j2
        dest: "/root/.bashrc_managed"

    - name: Ensure .bashrc includes the managed file
      lineinfile:
        path: "/root/.bashrc"
        line: 'if [ -f ~/.bashrc_managed ]; then . ~/.bashrc_managed; fi'
        insertbefore: EOF

    - name: Copy SSH public key to remote host
      authorized_key:
        user: root
        state: present
        key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKfPOnXImpSaSDzHLtlv6tenIdWhZEA15WWbkNCkM0u8q8eefJYMEkdT0F+46rilxjVnB0wmWcVUFmU8uT2YqfUczYb185LDKeSC5qQI/J+XibxeZNkE7swcTy9nj/dRqO2OpKPJnWUTQAUrgY7hmZYtOx8cjuQUvuRA1yBi5AuGFrHG0NKLr1h7AriLhkTv1xYAQ0W9wrG3hw882oLf1cLSAKWWhJX0XrlqKJQ5bqmt8yW3JO+Twdm2KDbxkR3IiHgpyfe9/zf5STMBejP2gXG0vpbRoVM9X10BtWDo22JudPEt2Wdy7qe7UqZLlNjHaYkUVTtN+JEf4ZoaBUf98t dfritz@desktops-mbp.corp.netflix.com"

    - name: Check if PVE enterprise apt sources file exists
      stat:
        path: /etc/apt/sources.list.d/pve-enterprise.list
      register: pve_apt_source_enterprise

    - name: Move PVE enterprise apt sources, if file exists
      command: mv /etc/apt/sources.list.d/pve-enterprise.list /etc/apt/sources.list.d/pve-enterprise.list.old
      when: pve_apt_source_enterprise.stat.exists

    - name: Check if PVE ceph apt sources file exists
      stat:
        path: /etc/apt/sources.list.d/ceph.list
      register: pve_apt_source_ceph

    - name: Move PVE ceph apt sources, if file exists
      command: mv /etc/apt/sources.list.d/ceph.list /etc/apt/sources.list.d/ceph.list.old
      when: pve_apt_source_ceph.stat.exists

    - name: Manage apt sources
      template:
        src: sources.j2
        dest: "/etc/apt/sources.list"

    - name: Manage .digrc
      template:
        src: digrc.j2
        dest: "/root/.digrc"

    - name: Update apt repos
      apt:
        update_cache: yes

    - name: Install packages
      apt:
        state: present
        name:
          - htop
          - nano
          - wget
          - curl
          - iperf3

    - name: Update all host/vm packages
      ansible.builtin.apt:
        update_cache: true
        cache_valid_time: 3600
        name: "*"
        state: latest

    - name: Ensure ISO mount point directory exists
      ansible.builtin.file:
        path: /mnt/iso-images/template/iso
        state: directory

    - name: Insert/update NFS mount block in /etc/fstab
      notify: reload fstab
      ansible.builtin.blockinfile:
        path: /etc/fstab
        block: |
          nas001.sjc001.fritzlab.net:/mnt/main/iso /mnt/iso-images/template/iso nfs4 rw 0 0
        marker: "# {mark} ANSIBLE MANAGED BLOCK for NFS mounts"
        backup: yes


  handlers:
    - name: restart networking
      command: ifreload -a
    - name: restart chrony
      systemd:
        name: chrony
        state: restarted
    - name: restart pveproxy
      systemd:
        name: pveproxy
        state: restarted
    - name: reload fstab
      command: mount -a
initial migration and clean-up from previous repo 2024-06-07 20:43:00 +00:00			`---`
			`- name: Configure Network and DNS settings on Proxmox Host`
			`hosts:`
			`- host20*`
			`become: true`

			`tasks:`
			`- name: Set system hostname to inventory hostname`
			`hostname:`
			`name: "{{ inventory_hostname }}.{{ domain_name }}"`

			`- name: Configure base bond network interfaces for Dell PowerEdge R640`
			`template:`
			`src: interface-base-dell.j2`
			`dest: /etc/network/interfaces.d/base`
			`notify: restart networking`
			`when: inventory_hostname.startswith('host0')`

			`- name: Configure network interfaces for Dell PowerEdge R640`
			`template:`
			`src: interface-main-dell.j2`
			`dest: /etc/network/interfaces`
			`notify: restart networking`
			`when: inventory_hostname.startswith('host0')`

			`- name: Configure base vlan network interfaces for Intel NUCs`
			`template:`
			`src: interface-base-intel.j2`
			`dest: /etc/network/interfaces.d/base`
			`notify: restart networking`
			`when: inventory_hostname.startswith('host2')`

			`- name: Configure network interfaces for Intel NUCs`
			`template:`
			`src: interface-main-intel.j2`
			`dest: /etc/network/interfaces`
			`notify: restart networking`
			`when: inventory_hostname.startswith('host2')`

			`- name: Configure resolv.conf for DNS settings`
			`template:`
			`src: resolv.conf.j2`
			`dest: /etc/resolv.conf`

			`- name: Configure /ets/hosts`
			`template:`
			`src: hosts.j2`
			`dest: /etc/hosts`

			`- name: Set timezone to UTC`
			`ansible.builtin.timezone:`
			`name: UTC`

			`- name: Configure NTP (Chrony)`
			`template:`
			`src: chrony.conf.j2`
			`dest: /etc/chrony/chrony.conf`
			`notify: restart chrony`

			`- name: Create managed .bashrc file`
			`template:`
			`src: bashrc_managed.j2`
			`dest: "/root/.bashrc_managed"`

			`- name: Ensure .bashrc includes the managed file`
			`lineinfile:`
			`path: "/root/.bashrc"`
			`line: 'if [ -f ~/.bashrc_managed ]; then . ~/.bashrc_managed; fi'`
			`insertbefore: EOF`

			`- name: Copy SSH public key to remote host`
			`authorized_key:`
			`user: root`
			`state: present`
			`key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKfPOnXImpSaSDzHLtlv6tenIdWhZEA15WWbkNCkM0u8q8eefJYMEkdT0F+46rilxjVnB0wmWcVUFmU8uT2YqfUczYb185LDKeSC5qQI/J+XibxeZNkE7swcTy9nj/dRqO2OpKPJnWUTQAUrgY7hmZYtOx8cjuQUvuRA1yBi5AuGFrHG0NKLr1h7AriLhkTv1xYAQ0W9wrG3hw882oLf1cLSAKWWhJX0XrlqKJQ5bqmt8yW3JO+Twdm2KDbxkR3IiHgpyfe9/zf5STMBejP2gXG0vpbRoVM9X10BtWDo22JudPEt2Wdy7qe7UqZLlNjHaYkUVTtN+JEf4ZoaBUf98t dfritz@desktops-mbp.corp.netflix.com"`

			`- name: Check if PVE enterprise apt sources file exists`
			`stat:`
			`path: /etc/apt/sources.list.d/pve-enterprise.list`
			`register: pve_apt_source_enterprise`

			`- name: Move PVE enterprise apt sources, if file exists`
			`command: mv /etc/apt/sources.list.d/pve-enterprise.list /etc/apt/sources.list.d/pve-enterprise.list.old`
			`when: pve_apt_source_enterprise.stat.exists`

			`- name: Check if PVE ceph apt sources file exists`
			`stat:`
			`path: /etc/apt/sources.list.d/ceph.list`
			`register: pve_apt_source_ceph`

			`- name: Move PVE ceph apt sources, if file exists`
			`command: mv /etc/apt/sources.list.d/ceph.list /etc/apt/sources.list.d/ceph.list.old`
			`when: pve_apt_source_ceph.stat.exists`

			`- name: Manage apt sources`
			`template:`
			`src: sources.j2`
			`dest: "/etc/apt/sources.list"`

			`- name: Manage .digrc`
			`template:`
			`src: digrc.j2`
			`dest: "/root/.digrc"`

			`- name: Update apt repos`
			`apt:`
			`update_cache: yes`

			`- name: Install packages`
			`apt:`
			`state: present`
			`name:`
			`- htop`
			`- nano`
			`- wget`
			`- curl`
			`- iperf3`

			`- name: Update all host/vm packages`
			`ansible.builtin.apt:`
			`update_cache: true`
			`cache_valid_time: 3600`
			`name: "*"`
			`state: latest`

			`- name: Ensure ISO mount point directory exists`
			`ansible.builtin.file:`
			`path: /mnt/iso-images/template/iso`
			`state: directory`

			`- name: Insert/update NFS mount block in /etc/fstab`
			`notify: reload fstab`
			`ansible.builtin.blockinfile:`
			`path: /etc/fstab`
			`block: \|`
			`nas001.sjc001.fritzlab.net:/mnt/main/iso /mnt/iso-images/template/iso nfs4 rw 0 0`
			`marker: "# {mark} ANSIBLE MANAGED BLOCK for NFS mounts"`
			`backup: yes`


			`handlers:`
			`- name: restart networking`
			`command: ifreload -a`
			`- name: restart chrony`
			`systemd:`
			`name: chrony`
			`state: restarted`
			`- name: restart pveproxy`
			`systemd:`
			`name: pveproxy`
			`state: restarted`
			`- name: reload fstab`
			`command: mount -a`