84 lines
1.9 KiB
YAML
84 lines
1.9 KiB
YAML
- name: Install linux-tools
|
|
apt:
|
|
update_cache: true
|
|
name:
|
|
- linux-tools-generic
|
|
|
|
- name: Enable IOMMU
|
|
lineinfile:
|
|
path: /etc/default/grub
|
|
regexp: '^GRUB_CMDLINE_LINUX_DEFAULT='
|
|
line: GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on"
|
|
notify: update grub
|
|
|
|
- name: Enable vfio kernel modules
|
|
blockinfile:
|
|
path: /etc/modules
|
|
block: |
|
|
vfio
|
|
vfio_iommu_type1
|
|
vfio_pci
|
|
vfio_virqfd
|
|
notify: update initramfs
|
|
|
|
- name: Configure vfio-pci
|
|
template:
|
|
src: vfio.conf
|
|
dest: /etc/modprobe.d/vfio.conf
|
|
when: vfio_pci_ids is defined
|
|
notify: update initramfs
|
|
|
|
- name: Enable PAM users
|
|
lineinfile:
|
|
path: /etc/pve/user.cfg
|
|
line: 'user:{{ item.key }}@pam:1:0::::::'
|
|
with_dict: '{{ users }}'
|
|
|
|
- name: Enable PAM users admin access
|
|
lineinfile:
|
|
path: /etc/pve/user.cfg
|
|
line: 'acl:1:/:{{ item.key }}@pam:Administrator:'
|
|
with_dict: '{{ users }}'
|
|
|
|
- name: Enable ipv4 packet forwarding
|
|
lineinfile:
|
|
path: /etc/sysctl.conf
|
|
regexp: '^#?net.ipv4.ip_forward='
|
|
line: net.ipv4.ip_forward=1
|
|
notify: update grub
|
|
|
|
# - name: Force quorum to always be reached
|
|
# lineinfile:
|
|
# path: /etc/pve/corosync.conf
|
|
# regexp: 'quorum_votes'
|
|
# line: ' quorum_votes: 2'
|
|
# with_dict: '{{ users }}'
|
|
|
|
- name: Copy pve-no-subscription.list
|
|
copy:
|
|
src: pve-no-subscription.list
|
|
dest: /etc/apt/sources.list.d/pve-no-subscription.list
|
|
|
|
- name: Stat pve-enterprise.list
|
|
stat:
|
|
path: /etc/apt/sources.list.d/pve-enterprise.list
|
|
register: pve_enterprise_stat
|
|
|
|
- name: Backup pve-enterprise.list
|
|
copy:
|
|
remote_src: True
|
|
src: /etc/apt/sources.list.d/pve-enterprise.list
|
|
dest: /etc/apt/sources.list.d/pve-enterprise.list.bak
|
|
when: pve_enterprise_stat.stat.exists
|
|
|
|
- name: Disable pve-enterprise.list
|
|
file:
|
|
path: /etc/apt/sources.list.d/pve-enterprise.list
|
|
state: absent
|
|
|
|
- name: Perform dist-upgrade
|
|
apt:
|
|
update_cache: yes
|
|
upgrade: dist
|
|
|