From 98b208923dbb9615f6bf99e7d16546514080d07e Mon Sep 17 00:00:00 2001 From: admin Date: Sun, 26 Jan 2025 03:08:52 +0000 Subject: [PATCH] add networking --- .gitignore | 1 + README.md | 2 ++ files/powertop.service | 0 main.yml | 5 +++-- tasks/setup.yml | 47 +++++++++++++++++++++++++++++++++++++++++- tasks/vms.yml | 23 ++++++++++++--------- vars | 10 +++++++-- 7 files changed, 73 insertions(+), 15 deletions(-) create mode 100755 .gitignore create mode 100755 README.md mode change 100644 => 100755 files/powertop.service mode change 100644 => 100755 tasks/setup.yml mode change 100644 => 100755 tasks/vms.yml diff --git a/.gitignore b/.gitignore new file mode 100755 index 0000000..c2f9abe --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +vault.yml diff --git a/README.md b/README.md new file mode 100755 index 0000000..481196f --- /dev/null +++ b/README.md @@ -0,0 +1,2 @@ +- Create API token "ansible" +- Make sure privilege seperation is unchecked diff --git a/files/powertop.service b/files/powertop.service old mode 100644 new mode 100755 diff --git a/main.yml b/main.yml index f30d950..bd4222c 100755 --- a/main.yml +++ b/main.yml @@ -5,11 +5,12 @@ vars_files: - vault.yml + - vars tasks: - import_tasks: tasks/setup.yml tags: ['setup'] - # - import_tasks: tasks/vms.yml - # tags: ['vms'] + - import_tasks: tasks/vms.yml + tags: ['vms'] diff --git a/tasks/setup.yml b/tasks/setup.yml old mode 100644 new mode 100755 index bcacda1..4d9a7eb --- a/tasks/setup.yml +++ b/tasks/setup.yml @@ -1,3 +1,39 @@ +# DOES NOT WORK RN +- name: Configure network interfaces + community.general.interfaces_file: + dest: /etc/network/interfaces + state: present + iface: + - name: lo + inet: loopback + auto: true + - name: eno1 + inet: manual + - name: eno2 + inet: manual + - name: vmbr0 + inet: static + auto: true + options: + - address 192.168.0.11/24 + - gateway 192.168.0.1 + - bridge-ports eno1 + - bridge-stp off + - bridge-fd 0 + - name: vmbr1 + inet: manual + auto: true + options: + - bridge-ports eno2 + - bridge-stp off + - bridge-fd 0 + register: interfaces + +- name: reload networking if interfaces changed + ansible.builtin.systemd_service: + state: started + name: networking + when: interfaces.changed - name: install programs ansible.builtin.apt: @@ -6,9 +42,18 @@ - libguestfs-tools # for virt-customize - neovim - powertop + - python3-pip - tmux update_cache: true - upgrade: true + +- name: Ignore PEP 668 because it's silly. + ansible.builtin.file: + path: /usr/lib/python3.11/EXTERNALLY-MANAGED + state: absent + +- name: Install proxmoxer python package (required for ansible) + ansible.builtin.pip: + name: proxmoxer - name: create powertop service ansible.builtin.copy: diff --git a/tasks/vms.yml b/tasks/vms.yml old mode 100644 new mode 100755 index d35fceb..5b8ea5c --- a/tasks/vms.yml +++ b/tasks/vms.yml @@ -2,15 +2,18 @@ - name: get latest cloud-init image ansible.builtin.get_url: url: https://cdimage.debian.org/images/cloud/trixie/daily/latest/debian-13-generic-amd64-daily.qcow2 - dest: /var/lib/vz/template/iso/ + dest: /var/lib/vz/template/iso/debian-13-generic-amd64-daily.qcow2 -#- name: opnsense -# community.general.proxmox_kvm: -# node: "{{ proxmox_node }}" -# vmid: "{{ opnsense_id }}" -# api_user: "{{ proxmox_api_user }}" -# api_token_id: "{{ proxmox_token_id }}" -# api_token_secret: "{{ proxmox_secret }}" -# api_host: "{{ proxmox_host }}" -# state: started +- name: opnsense + community.general.proxmox_kvm: + name: opnsense + node: "{{ proxmox_node }}" + vmid: "{{ opnsense_id }}" + api_user: "{{ proxmox_api_user }}" + api_token_id: "{{ proxmox_token_id }}" + api_token_secret: "{{ proxmox_secret }}" + api_host: "{{ ansible_ssh_host }}" + state: started + net0: bridge=vmbr0 + net1: bridge=vmbr1 diff --git a/vars b/vars index 1ee3939..d517b5f 100755 --- a/vars +++ b/vars @@ -1,2 +1,8 @@ -immich_version: v1.124.2 -frigate_version: 0.14.1 +proxmox_node: "pve" +proxmox_api_user: "root@pam" +proxmox_token_id: "ansible" + + +opnsense_id: "100" +truenas_id: "101" +debian-pods_id: "102"