tasks/pve_setup.yaml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100

- name: generate /etc/hosts from template
  template:
    src: templates/hosts.j2
    dest: /etc/hosts
    owner: root
    group: root
    mode: '0644'

- name: create /etc/apt/sources.list.d directory
  file:
    path: /etc/apt/sources.list.d
    state: directory
    mode: '0755'

- name: deploy proxmox apt sources list
  copy:
    src: files/pve-no-subscription.list
    dest: /etc/apt/sources.list.d/pve-no-subscription.list
    mode: '0644'

- name: create /etc/apt/trusted.gpg.d directory
  file:
    path: /etc/apt/trusted.gpg.d
    state: directory
    mode: '0755'

- name: download proxmox gpg key
  get_url:
    url: https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg
    dest: /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
    mode: '0644'

- name: verify proxmox gpg key hash
  shell: echo "{{ gpg_key_hash }} /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg" | sha512sum -c
  vars:
    gpg_key_hash: "7da6fe34168adc6e479327ba517796d4702fa2f8b4f0a9833f5ea6e6b48f6507a6da403a274fe201595edc86a84463d50383d07f64bdde2e3658108db7d6dc87"
  register: gpg_hash_check
  failed_when: gpg_hash_check.rc != 0
  changed_when: false

- name: update apt packages
  apt:
    update_cache: true

- name: upgrade apt packages
  apt:
    upgrade: dist

- name: install apt packages
  apt:
    name: "{{ apt_packages }}"
    state: present
    update_cache: true
  environment:
    DEBIAN_FRONTEND: noninteractive

- name: reboot to activate proxmox ve kernel
  reboot:
    msg: "rebooting to activate proxmox ve kernel"
    connect_timeout: 10
    reboot_timeout: 600
    pre_reboot_delay: 5
    post_reboot_delay: 10

- name: install pve packages
  apt:
    name: "{{ pve_packages }}"
    state: present
    update_cache: true

- name: get current running kernel version
  command: uname -r
  register: current_kernel
  changed_when: false

- name: list installed debian kernel images
  shell: dpkg -l | awk '/linux-image-[0-9]/{ print $2 }' | grep -v "{{ current_kernel.stdout }}"
  register: kernels_to_remove
  changed_when: false

- name: remove debian default kernels (excluding current)
  apt:
    name: "{{ kernels_to_remove.stdout_lines }}"
    state: absent
  when: kernels_to_remove.stdout_lines | length > 0

- name: update grub bootloader
  command: update-grub
  register: grub_update
  changed_when: "'Generating grub configuration file' in grub_update.stdout"

- name: remove problematic apt packages for pve
  apt:
    name: "{{ apt_packages_to_remove }}"
    state: absent

- name: remove pve-enterprise apt source
  file:
    path: /etc/apt/sources.list.d/pve-enterprise.list
    state: absent