Compare commits
No commits in common. "main" and "docs" have entirely different histories.
|
@ -1,11 +0,0 @@
|
|||
# ---> Ansible
|
||||
*.retry
|
||||
plugins
|
||||
library
|
||||
|
||||
# ---> Python
|
||||
# Byte-compiled / optimized / DLL files
|
||||
__pycache__/
|
||||
*.py[cod]
|
||||
*$py.class
|
||||
|
15
.later.yml
15
.later.yml
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
ansible:
|
||||
custom_modules:
|
||||
- iptables_raw
|
||||
- openssl_pkcs12
|
||||
- proxmox_kvm
|
||||
- ucr
|
||||
- corenetworks_dns
|
||||
- corenetworks_token
|
||||
|
||||
rules:
|
||||
exclude_files:
|
||||
- "LICENSE*"
|
||||
- "**/*.md"
|
||||
- "**/*.ini"
|
|
@ -1,7 +0,0 @@
|
|||
---
|
||||
default: True
|
||||
MD013: False
|
||||
MD041: False
|
||||
MD024: False
|
||||
MD004:
|
||||
style: dash
|
|
@ -1 +0,0 @@
|
|||
LICENSE
|
|
@ -1,47 +0,0 @@
|
|||
---
|
||||
when:
|
||||
- event: [pull_request]
|
||||
- event: [push, manual]
|
||||
branch:
|
||||
- ${CI_REPO_DEFAULT_BRANCH}
|
||||
|
||||
steps:
|
||||
- name: generate
|
||||
image: quay.io/thegeeklab/ansible-doctor
|
||||
environment:
|
||||
ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/
|
||||
ANSIBLE_DOCTOR_FORCE_OVERWRITE: "true"
|
||||
ANSIBLE_DOCTOR_LOG_LEVEL: INFO
|
||||
ANSIBLE_DOCTOR_ROLE_NAME: ${CI_REPO_NAME}
|
||||
ANSIBLE_DOCTOR_TEMPLATE: readme
|
||||
|
||||
- name: format
|
||||
image: quay.io/thegeeklab/alpine-tools
|
||||
commands:
|
||||
- prettier -w README.md
|
||||
|
||||
- name: diff
|
||||
image: quay.io/thegeeklab/alpine-tools
|
||||
commands:
|
||||
- git diff --color=always README.md
|
||||
|
||||
- name: publish
|
||||
image: quay.io/thegeeklab/wp-git-action
|
||||
settings:
|
||||
action:
|
||||
- commit
|
||||
- push
|
||||
author_email: ci-bot@rknet.org
|
||||
author_name: ci-bot
|
||||
branch: main
|
||||
message: "[skip ci] automated docs update"
|
||||
netrc_machine: gitea.rknet.org
|
||||
netrc_password:
|
||||
from_secret: gitea_token
|
||||
when:
|
||||
- event: [push, manual]
|
||||
branch:
|
||||
- ${CI_REPO_DEFAULT_BRANCH}
|
||||
|
||||
depends_on:
|
||||
- lint
|
|
@ -1,30 +0,0 @@
|
|||
---
|
||||
when:
|
||||
- event: [pull_request, tag]
|
||||
- event: [push, manual]
|
||||
branch:
|
||||
- ${CI_REPO_DEFAULT_BRANCH}
|
||||
|
||||
steps:
|
||||
- name: ansible-later
|
||||
image: quay.io/thegeeklab/ansible-later:4
|
||||
commands:
|
||||
- ansible-later
|
||||
environment:
|
||||
FORCE_COLOR: "1"
|
||||
|
||||
- name: python-format
|
||||
image: docker.io/python:3.12
|
||||
commands:
|
||||
- pip install -qq ruff
|
||||
- ruff format --check --diff .
|
||||
environment:
|
||||
PY_COLORS: "1"
|
||||
|
||||
- name: python-lint
|
||||
image: docker.io/python:3.12
|
||||
commands:
|
||||
- pip install -qq ruff
|
||||
- ruff .
|
||||
environment:
|
||||
PY_COLORS: "1"
|
|
@ -1,26 +0,0 @@
|
|||
---
|
||||
when:
|
||||
- event: [tag]
|
||||
- event: [push, manual]
|
||||
branch:
|
||||
- ${CI_REPO_DEFAULT_BRANCH}
|
||||
|
||||
runs_on: [success, failure]
|
||||
|
||||
steps:
|
||||
- name: matrix
|
||||
image: quay.io/thegeeklab/wp-matrix
|
||||
settings:
|
||||
homeserver:
|
||||
from_secret: matrix_homeserver
|
||||
password:
|
||||
from_secret: matrix_password
|
||||
roomid:
|
||||
from_secret: matrix_roomid
|
||||
username:
|
||||
from_secret: matrix_username
|
||||
when:
|
||||
- status: [success, failure]
|
||||
|
||||
depends_on:
|
||||
- docs
|
21
LICENSE
21
LICENSE
|
@ -1,21 +0,0 @@
|
|||
MIT License
|
||||
|
||||
Copyright (c) 2022 Robert Kaussow <mail@thegeeklab.de>
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is furnished
|
||||
to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice (including the next
|
||||
paragraph) shall be included in all copies or substantial portions of the
|
||||
Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
|
||||
OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
|
||||
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
|
||||
OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
@ -1,7 +1,11 @@
|
|||
# xoxys.pve
|
||||
---
|
||||
title: pve
|
||||
type: docs
|
||||
---
|
||||
|
||||
[![Build Status](https://ci.rknet.org/api/badges/ansible/xoxys.pve/status.svg)](https://ci.rknet.org/repos/ansible/xoxys.pve)
|
||||
[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.pve/src/branch/main/LICENSE)
|
||||
[![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.pve)
|
||||
[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.pve?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.pve)
|
||||
[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.pve/src/branch/main/LICENSE)
|
||||
|
||||
Basic role to configure a [Proxmox VE](https://www.proxmox.com/en/proxmox-ve) server.
|
||||
Proxmox VE is a complete open-source platform for all-inclusive enterprise virtualization
|
||||
|
@ -12,7 +16,7 @@ networking functionality on a single platform.
|
|||
This role covers only some really basic configurations and should be considered as not production ready.
|
||||
{{< /hint >}}
|
||||
|
||||
## Table of content
|
||||
<!--more-->
|
||||
|
||||
- [Requirements](#requirements)
|
||||
- [Default Variables](#default-variables)
|
||||
|
@ -24,15 +28,17 @@ This role covers only some really basic configurations and should be considered
|
|||
- [pve_disk_mount](#pve_disk_mount)
|
||||
- [pve_nodes](#pve_nodes)
|
||||
- [pve_pamd_motd_enabled](#pve_pamd_motd_enabled)
|
||||
- [pve_tls_cert_source](#pve_tls_cert_source)
|
||||
- [pve_tls_enabled](#pve_tls_enabled)
|
||||
- [pve_tls_key_source](#pve_tls_key_source)
|
||||
- [Discovered Tags](#discovered-tags)
|
||||
- [Dependencies](#dependencies)
|
||||
- [License](#license)
|
||||
- [Author](#author)
|
||||
|
||||
---
|
||||
|
||||
## Requirements
|
||||
|
||||
- Minimum Ansible version: `2.10`
|
||||
- Minimum Ansible version: `2.1`
|
||||
|
||||
## Default Variables
|
||||
|
||||
|
@ -101,14 +107,36 @@ pve_nodes:
|
|||
pve_pamd_motd_enabled: true
|
||||
```
|
||||
|
||||
### pve_tls_cert_source
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_tls_cert_source: mycert.pem
|
||||
```
|
||||
|
||||
### pve_tls_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_tls_enabled: false
|
||||
```
|
||||
|
||||
### pve_tls_key_source
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_tls_key_source: mykey.pem
|
||||
```
|
||||
|
||||
## Discovered Tags
|
||||
|
||||
tls_renewal
|
||||
:
|
||||
|
||||
|
||||
## Dependencies
|
||||
|
||||
None.
|
||||
|
||||
## License
|
||||
|
||||
MIT
|
||||
|
||||
## Author
|
||||
|
||||
[Robert Kaussow](https://gitea.rknet.org/xoxys)
|
|
@ -1,35 +0,0 @@
|
|||
---
|
||||
pve_nodes:
|
||||
- node1
|
||||
|
||||
pve_pamd_motd_enabled: True
|
||||
|
||||
pve_disk_mount: []
|
||||
## Example:
|
||||
# pve_disk_mount:
|
||||
# - path: /mnt/backup
|
||||
# src: /dev/sdX
|
||||
# fstype: ext4
|
||||
# opts:
|
||||
# state: present
|
||||
|
||||
# Configure pam auth
|
||||
pve_auth_pam_is_default: True
|
||||
pve_auth_pam_description: Linux PAM standard authentication
|
||||
|
||||
pve_auth_pve_is_default: False
|
||||
pve_auth_pve_description: Linux pve standard authentication
|
||||
|
||||
# Enable ldap auth against an external server
|
||||
pve_auth_ldap_enabled: False
|
||||
# pve_auth_ldap_is_default: False
|
||||
# pve_auth_ldap_realm: ldap
|
||||
# pve_auth_ldap_description: MyLDAP authentication server
|
||||
# pve_auth_ldap_base_dn: dc=example,dc=com
|
||||
# pve_auth_ldap_user_attr: uid
|
||||
# pve_auth_ldap_primary_server: server1.example.com
|
||||
# pve_auth_ldap_secondary_server: server2.example.com (defaults to not set)
|
||||
# pve_auth_ldap_bind_dn: uid=proxy-user,cn=users,dc=example,dc=com (defaults to not set)
|
||||
# pve_auth_ldap_bind_password: my_secret (defaults to not set)
|
||||
# pve_auth_ldap_port: 389
|
||||
# pve_auth_ldap_tls_enabled: False
|
|
@ -0,0 +1,202 @@
|
|||
---
|
||||
title: pve
|
||||
type: docs
|
||||
---
|
||||
|
||||
[![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.pve) [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.pve?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.pve) [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.pve/src/branch/main/LICENSE)
|
||||
|
||||
Basic role to configure a [Proxmox VE](https://www.proxmox.com/en/proxmox-ve) server. Proxmox VE is a complete open-source platform for all-inclusive enterprise virtualization that tightly integrates KVM hypervisor and LXC containers, software-defined storage and networking functionality on a single platform.
|
||||
|
||||
{{< hint type=important >}} This role covers only some really basic configurations and should be considered as not production ready. {{< /hint >}}
|
||||
|
||||
<!--more-->
|
||||
|
||||
- [Default Variables](#default-variables)
|
||||
- [pve_auth_ldap_enabled](#pve_auth_ldap_enabled)
|
||||
- [pve_auth_ldap_tfa_oath_enabled](#pve_auth_ldap_tfa_oath_enabled)
|
||||
- [pve_auth_ldap_tfa_oath_pwlength](#pve_auth_ldap_tfa_oath_pwlength)
|
||||
- [pve_auth_ldap_tfa_oath_timestep](#pve_auth_ldap_tfa_oath_timestep)
|
||||
- [pve_auth_ldap_tfa_yubico_enabled](#pve_auth_ldap_tfa_yubico_enabled)
|
||||
- [pve_auth_pam_description](#pve_auth_pam_description)
|
||||
- [pve_auth_pam_is_default](#pve_auth_pam_is_default)
|
||||
- [pve_auth_pam_tfa_oath_enabled](#pve_auth_pam_tfa_oath_enabled)
|
||||
- [pve_auth_pam_tfa_yubico_enabled](#pve_auth_pam_tfa_yubico_enabled)
|
||||
- [pve_auth_pve_description](#pve_auth_pve_description)
|
||||
- [pve_auth_pve_is_default](#pve_auth_pve_is_default)
|
||||
- [pve_auth_pve_tfa_oath_enabled](#pve_auth_pve_tfa_oath_enabled)
|
||||
- [pve_auth_pve_tfa_yubico_enabled](#pve_auth_pve_tfa_yubico_enabled)
|
||||
- [pve_disk_mount](#pve_disk_mount)
|
||||
- [pve_nodes](#pve_nodes)
|
||||
- [pve_pamd_motd_enabled](#pve_pamd_motd_enabled)
|
||||
- [pve_tls_cert_source](#pve_tls_cert_source)
|
||||
- [pve_tls_enabled](#pve_tls_enabled)
|
||||
- [pve_tls_key_source](#pve_tls_key_source)
|
||||
- [Discovered Tags](#discovered-tags)
|
||||
- [Dependencies](#dependencies)
|
||||
|
||||
---
|
||||
|
||||
## Default Variables
|
||||
|
||||
### pve_auth_ldap_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_ldap_enabled: false
|
||||
```
|
||||
|
||||
### pve_auth_ldap_tfa_oath_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_ldap_tfa_oath_enabled: false
|
||||
```
|
||||
|
||||
### pve_auth_ldap_tfa_oath_pwlength
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_ldap_tfa_oath_pwlength: 6
|
||||
```
|
||||
|
||||
### pve_auth_ldap_tfa_oath_timestep
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_ldap_tfa_oath_timestep: 30
|
||||
```
|
||||
|
||||
### pve_auth_ldap_tfa_yubico_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_ldap_tfa_yubico_enabled: false
|
||||
```
|
||||
|
||||
### pve_auth_pam_description
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_pam_description: Linux PAM standard authentication
|
||||
```
|
||||
|
||||
### pve_auth_pam_is_default
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_pam_is_default: true
|
||||
```
|
||||
|
||||
### pve_auth_pam_tfa_oath_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_pam_tfa_oath_enabled: false
|
||||
```
|
||||
|
||||
### pve_auth_pam_tfa_yubico_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_pam_tfa_yubico_enabled: false
|
||||
```
|
||||
|
||||
### pve_auth_pve_description
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_pve_description: Linux pve standard authentication
|
||||
```
|
||||
|
||||
### pve_auth_pve_is_default
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_pve_is_default: false
|
||||
```
|
||||
|
||||
### pve_auth_pve_tfa_oath_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_pve_tfa_oath_enabled: false
|
||||
```
|
||||
|
||||
### pve_auth_pve_tfa_yubico_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_auth_pve_tfa_yubico_enabled: false
|
||||
```
|
||||
|
||||
### pve_disk_mount
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_disk_mount: []
|
||||
```
|
||||
|
||||
### pve_nodes
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_nodes:
|
||||
- node1
|
||||
```
|
||||
|
||||
### pve_pamd_motd_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_pamd_motd_enabled: true
|
||||
```
|
||||
|
||||
### pve_tls_cert_source
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_tls_cert_source: mycert.pem
|
||||
```
|
||||
|
||||
### pve_tls_enabled
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_tls_enabled: false
|
||||
```
|
||||
|
||||
### pve_tls_key_source
|
||||
|
||||
#### Default value
|
||||
|
||||
```YAML
|
||||
pve_tls_key_source: mykey.pem
|
||||
```
|
||||
|
||||
## Discovered Tags
|
||||
|
||||
tls_renewal
|
||||
:
|
||||
|
||||
|
||||
## Dependencies
|
||||
|
||||
None.
|
|
@ -1,34 +0,0 @@
|
|||
---
|
||||
galaxy_info:
|
||||
# @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys)
|
||||
author: Robert Kaussow <mail@thegeeklab.de>
|
||||
namespace: xoxys
|
||||
role_name: pve
|
||||
# @meta description: >
|
||||
# [![Build Status](https://ci.rknet.org/api/badges/ansible/xoxys.pve/status.svg)](https://ci.rknet.org/repos/ansible/xoxys.pve)
|
||||
# [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.pve/src/branch/main/LICENSE)
|
||||
#
|
||||
# Basic role to configure a [Proxmox VE](https://www.proxmox.com/en/proxmox-ve) server.
|
||||
# Proxmox VE is a complete open-source platform for all-inclusive enterprise virtualization
|
||||
# that tightly integrates KVM hypervisor and LXC containers, software-defined storage and
|
||||
# networking functionality on a single platform.
|
||||
#
|
||||
# {{< hint type=important >}}
|
||||
# This role covers only some really basic configurations and should be considered as not production ready.
|
||||
# {{< /hint >}}
|
||||
# @end
|
||||
description: Basic role to configure a Proxmox VE server
|
||||
license: MIT
|
||||
min_ansible_version: "2.10"
|
||||
platforms:
|
||||
- name: Debian
|
||||
versions:
|
||||
- "bookworm"
|
||||
galaxy_tags:
|
||||
- pve
|
||||
- kvm
|
||||
- proxmox
|
||||
- virtual
|
||||
dependencies: []
|
||||
collections:
|
||||
- community.general
|
|
@ -1,17 +0,0 @@
|
|||
[tool.ruff]
|
||||
exclude = [".git", "__pycache__"]
|
||||
|
||||
line-length = 99
|
||||
indent-width = 4
|
||||
|
||||
[tool.ruff.lint]
|
||||
ignore = ["W191", "E111", "E114", "E117", "S101", "S105"]
|
||||
select = ["F", "E", "I", "W", "S"]
|
||||
|
||||
[tool.ruff.format]
|
||||
quote-style = "double"
|
||||
indent-style = "space"
|
||||
line-ending = "lf"
|
||||
|
||||
[tool.pytest.ini_options]
|
||||
filterwarnings = ["ignore::FutureWarning", "ignore::DeprecationWarning"]
|
|
@ -1,42 +0,0 @@
|
|||
---
|
||||
- name: Create tmp folder for pve
|
||||
ansible.builtin.file:
|
||||
path: "{{ __pve_tmp_dir }}"
|
||||
recurse: True
|
||||
state: directory
|
||||
|
||||
- name: Configure auth provider
|
||||
ansible.builtin.template:
|
||||
src: etc/pve/domains.cfg.j2
|
||||
dest: "{{ __pve_tmp_dir }}/domains.cfg"
|
||||
owner: root
|
||||
group: www-data
|
||||
mode: "0640"
|
||||
register: __pve_domains_copy
|
||||
|
||||
- name: Copy auth provider to pve filesystem
|
||||
ansible.builtin.command: "/bin/cp -rf {{ __pve_tmp_dir }}/domains.cfg {{ __pve_base_dir }}/domains.cfg"
|
||||
changed_when: __pve_domains_copy.changed
|
||||
|
||||
- when:
|
||||
- pve_auth_ldap_enabled | bool
|
||||
- pve_auth_ldap_bind_password is defined
|
||||
block:
|
||||
- name: Ensure path for auth file exists
|
||||
ansible.builtin.file:
|
||||
path: "{{ __pve_base_dir }}/priv/ldap"
|
||||
recurse: True
|
||||
state: directory
|
||||
|
||||
- name: Add passwd file for ldap bind
|
||||
ansible.builtin.template:
|
||||
src: etc/pve/priv/ldap.pw.j2
|
||||
dest: "{{ __pve_tmp_dir }}/{{ pve_auth_ldap_realm }}.pw"
|
||||
owner: root
|
||||
group: www-data
|
||||
mode: "0640"
|
||||
register: __pve_auth_copy
|
||||
|
||||
- name: Copy passwd file to pve filesystem
|
||||
ansible.builtin.command: "/bin/cp -rf {{ __pve_tmp_dir }}/{{ pve_auth_ldap_realm }}.pw {{ __pve_base_dir }}/priv/ldap/{{ pve_auth_ldap_realm }}.pw"
|
||||
changed_when: __pve_auth_copy.changed
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
- ansible.builtin.import_tasks: pve.yml
|
||||
- ansible.builtin.import_tasks: pam.yml
|
||||
- ansible.builtin.import_tasks: auth.yml
|
|
@ -1,18 +0,0 @@
|
|||
---
|
||||
- name: Remove motd from oam stack
|
||||
community.general.pamd:
|
||||
name: "{{ item.name }}"
|
||||
type: "{{ item.type }}"
|
||||
control: "{{ item.control }}"
|
||||
module_path: "{{ item.path }}"
|
||||
state: absent
|
||||
loop:
|
||||
- name: "login"
|
||||
type: "session"
|
||||
control: "optional"
|
||||
path: "pam_motd.so"
|
||||
- name: "sshd"
|
||||
type: "session"
|
||||
control: "optional"
|
||||
path: "pam_motd.so"
|
||||
when: not pve_pamd_motd_enabled | bool
|
|
@ -1,20 +0,0 @@
|
|||
---
|
||||
- name: Ensure mountpoints are present
|
||||
ansible.builtin.file:
|
||||
path: "{{ item.path }}"
|
||||
recurse: yes
|
||||
state: directory
|
||||
loop: "{{ pve_disk_mount }}"
|
||||
loop_control:
|
||||
label: "{{ item.path }}"
|
||||
|
||||
- name: Add diskmounts to fstab
|
||||
ansible.posix.mount:
|
||||
path: "{{ item.path }}"
|
||||
src: "{{ item.src }}"
|
||||
fstype: "{{ item.fstype }}"
|
||||
opts: "{{ item.opts | default(omit) }}"
|
||||
state: "{{ item.state | default('mounted') }}"
|
||||
loop: "{{ pve_disk_mount }}"
|
||||
loop_control:
|
||||
label: "{{ item.src }} {{ item.path }}"
|
|
@ -1,25 +0,0 @@
|
|||
#jinja2:lstrip_blocks: True
|
||||
pam: pam
|
||||
comment {{ pve_auth_pam_description }}
|
||||
default {{ 1 if pve_auth_pam_is_default else 0 }}
|
||||
|
||||
pve: pve
|
||||
comment {{ pve_auth_pve_description }}
|
||||
default {{ 1 if pve_auth_pve_is_default else 0 }}
|
||||
{% if pve_auth_ldap_enabled %}
|
||||
|
||||
ldap: {{ pve_auth_ldap_realm }}
|
||||
comment {{ pve_auth_ldap_description }}
|
||||
base_dn {{ pve_auth_ldap_base_dn }}
|
||||
server1 {{ pve_auth_ldap_primary_server }}
|
||||
{% if pve_auth_ldap_secondary_server is defined %}
|
||||
server2 {{ pve_auth_ldap_secondary_server }}
|
||||
{% endif %}
|
||||
user_attr {{ pve_auth_ldap_user_attr }}
|
||||
{% if pve_auth_ldap_bind_dn is defined %}
|
||||
bind_dn {{ pve_auth_ldap_bind_dn }}
|
||||
{% endif %}
|
||||
default {{ 1 if pve_auth_ldap_is_default else 0 }}
|
||||
port {{ pve_auth_ldap_port }}
|
||||
secure {{ 1 if pve_auth_ldap_tls_enabled else 0 }}
|
||||
{% endif %}
|
|
@ -1 +0,0 @@
|
|||
{{ pve_auth_ldap_bind_password }}
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
__pve_base_dir: /etc/pve
|
||||
__pve_tmp_dir: /var/tmp/pve
|
Loading…
Reference in New Issue