168 lines
5.0 KiB
YAML
168 lines
5.0 KiB
YAML
---
|
|
- name: Configure Network and DNS settings on Proxmox Host
|
|
hosts:
|
|
- "host2*"
|
|
become: true
|
|
|
|
tasks:
|
|
- name: Set system hostname to inventory hostname
|
|
hostname:
|
|
name: "{{ inventory_hostname }}.{{ domain_name }}"
|
|
|
|
- name: Configure base bond network interfaces for Dell PowerEdge R640
|
|
template:
|
|
src: interface-base-dell.j2
|
|
dest: /etc/network/interfaces.d/base
|
|
notify: restart networking
|
|
when: inventory_hostname.startswith('host0')
|
|
|
|
- name: Configure network interfaces for Dell PowerEdge R640
|
|
template:
|
|
src: interface-main-dell.j2
|
|
dest: /etc/network/interfaces
|
|
notify: restart networking
|
|
when: inventory_hostname.startswith('host0')
|
|
|
|
- name: Configure base vlan network interfaces for Intel NUCs
|
|
template:
|
|
src: interface-base-intel.j2
|
|
dest: /etc/network/interfaces.d/base
|
|
notify: restart networking
|
|
when: inventory_hostname.startswith('host2')
|
|
|
|
- name: Configure network interfaces for Intel NUCs
|
|
template:
|
|
src: interface-main-intel.j2
|
|
dest: /etc/network/interfaces
|
|
notify: restart networking
|
|
when: inventory_hostname.startswith('host2')
|
|
|
|
- name: Configure sysctl settings
|
|
template:
|
|
src: sysctl.conf.j2
|
|
dest: /etc/sysctl.d/fritzlab.conf
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
notify: reload sysctl
|
|
|
|
- name: Configure resolv.conf for DNS settings
|
|
template:
|
|
src: resolv.conf.j2
|
|
dest: /etc/resolv.conf
|
|
|
|
- name: Configure /ets/hosts
|
|
template:
|
|
src: hosts.j2
|
|
dest: /etc/hosts
|
|
|
|
- name: Set timezone to UTC
|
|
ansible.builtin.timezone:
|
|
name: UTC
|
|
|
|
- name: Configure NTP (Chrony)
|
|
template:
|
|
src: chrony.conf.j2
|
|
dest: /etc/chrony/chrony.conf
|
|
notify: restart chrony
|
|
|
|
- name: Create managed .bashrc file
|
|
template:
|
|
src: bashrc_managed.j2
|
|
dest: "/root/.bashrc_managed"
|
|
|
|
- name: Ensure .bashrc includes the managed file
|
|
lineinfile:
|
|
path: "/root/.bashrc"
|
|
line: 'if [ -f ~/.bashrc_managed ]; then . ~/.bashrc_managed; fi'
|
|
insertbefore: EOF
|
|
|
|
- name: Copy SSH public key to remote host
|
|
authorized_key:
|
|
user: root
|
|
state: present
|
|
key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKfPOnXImpSaSDzHLtlv6tenIdWhZEA15WWbkNCkM0u8q8eefJYMEkdT0F+46rilxjVnB0wmWcVUFmU8uT2YqfUczYb185LDKeSC5qQI/J+XibxeZNkE7swcTy9nj/dRqO2OpKPJnWUTQAUrgY7hmZYtOx8cjuQUvuRA1yBi5AuGFrHG0NKLr1h7AriLhkTv1xYAQ0W9wrG3hw882oLf1cLSAKWWhJX0XrlqKJQ5bqmt8yW3JO+Twdm2KDbxkR3IiHgpyfe9/zf5STMBejP2gXG0vpbRoVM9X10BtWDo22JudPEt2Wdy7qe7UqZLlNjHaYkUVTtN+JEf4ZoaBUf98t dfritz@desktops-mbp.corp.netflix.com"
|
|
|
|
- name: Check if PVE enterprise apt sources file exists
|
|
stat:
|
|
path: /etc/apt/sources.list.d/pve-enterprise.list
|
|
register: pve_apt_source_enterprise
|
|
|
|
- name: Move PVE enterprise apt sources, if file exists
|
|
command: mv /etc/apt/sources.list.d/pve-enterprise.list /etc/apt/sources.list.d/pve-enterprise.list.old
|
|
when: pve_apt_source_enterprise.stat.exists
|
|
|
|
- name: Check if PVE ceph apt sources file exists
|
|
stat:
|
|
path: /etc/apt/sources.list.d/ceph.list
|
|
register: pve_apt_source_ceph
|
|
|
|
- name: Move PVE ceph apt sources, if file exists
|
|
command: mv /etc/apt/sources.list.d/ceph.list /etc/apt/sources.list.d/ceph.list.old
|
|
when: pve_apt_source_ceph.stat.exists
|
|
|
|
- name: Manage apt sources
|
|
template:
|
|
src: sources.j2
|
|
dest: "/etc/apt/sources.list"
|
|
|
|
- name: Manage .digrc
|
|
template:
|
|
src: digrc.j2
|
|
dest: "/root/.digrc"
|
|
|
|
- name: Update apt repos
|
|
apt:
|
|
update_cache: yes
|
|
|
|
- name: Install packages
|
|
apt:
|
|
state: present
|
|
name:
|
|
- htop
|
|
- nano
|
|
- wget
|
|
- curl
|
|
- iperf3
|
|
- tree
|
|
- iftop
|
|
|
|
- name: Ensure ISO mount point directory exists in sjc001
|
|
when: "'sjc001' in inventory_hostname"
|
|
ansible.builtin.file:
|
|
path: /mnt/iso-images/template/iso
|
|
state: directory
|
|
|
|
- name: Insert/update NFS mount block in /etc/fstab in sjc001
|
|
when: "'sjc001' in ansible_host"
|
|
notify: reload fstab
|
|
ansible.builtin.blockinfile:
|
|
path: /etc/fstab
|
|
block: |
|
|
# nas001.sjc001.fritzlab.net:/mnt/main/iso /mnt/iso-images/template/iso nfs4 rw 0 0
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK for NFS mounts"
|
|
backup: yes
|
|
|
|
- name: Update all host/vm packages
|
|
ansible.builtin.apt:
|
|
update_cache: true
|
|
cache_valid_time: 3600
|
|
name: "*"
|
|
state: latest
|
|
|
|
handlers:
|
|
- name: restart networking
|
|
command: ifreload -a
|
|
- name: restart chrony
|
|
systemd:
|
|
name: chrony
|
|
state: restarted
|
|
- name: restart pveproxy
|
|
systemd:
|
|
name: pveproxy
|
|
state: restarted
|
|
- name: reload fstab
|
|
command: mount -a
|
|
- name: reload sysctl
|
|
command: sysctl --system
|