1
0
Fork 0
home-stack-ansible/roles/proxmox/tasks/main.yml

78 lines
1.8 KiB
YAML

- name: Enable IOMMU
lineinfile:
path: /etc/default/grub
regexp: '^GRUB_CMDLINE_LINUX_DEFAULT='
line: GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on"
notify: update grub
- name: Enable vfio kernel modules
blockinfile:
path: /etc/modules
block: |
vfio
vfio_iommu_type1
vfio_pci
vfio_virqfd
notify: update initramfs
- name: Configure vfio-pci
template:
src: vfio.conf
dest: /etc/modprobe.d/vfio.conf
when: vfio_pci_ids is defined
notify: update initramfs
- name: Enable PAM users
lineinfile:
path: /etc/pve/user.cfg
line: 'user:{{ item.key }}@pam:1:0::::::'
with_dict: '{{ users }}'
- name: Enable PAM users admin access
lineinfile:
path: /etc/pve/user.cfg
line: 'acl:1:/:{{ item.key }}@pam:Administrator:'
with_dict: '{{ users }}'
- name: Enable ipv4 packet forwarding
lineinfile:
path: /etc/sysctl.conf
regexp: '^#?net.ipv4.ip_forward='
line: net.ipv4.ip_forward=1
notify: update grub
# - name: Force quorum to always be reached
# lineinfile:
# path: /etc/pve/corosync.conf
# regexp: 'quorum_votes'
# line: ' quorum_votes: 2'
# with_dict: '{{ users }}'
- name: Copy pve-no-subscription.list
copy:
src: pve-no-subscription.list
dest: /etc/apt/sources.list.d/pve-no-subscription.list
- name: Stat pve-enterprise.list
stat:
path: /etc/apt/sources.list.d/pve-enterprise.list
register: pve_enterprise_stat
- name: Backup pve-enterprise.list
copy:
remote_src: True
src: /etc/apt/sources.list.d/pve-enterprise.list
dest: /etc/apt/sources.list.d/pve-enterprise.list.bak
when: pve_enterprise_stat.stat.exists
- name: Disable pve-enterprise.list
file:
path: /etc/apt/sources.list.d/pve-enterprise.list
state: absent
- name: Perform dist-upgrade
apt:
update_cache: yes
upgrade: dist