From f2fbd0c8481a48ad894e3e99eec28b76e29d2b0c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ga=C5=A1per=20Fele-=C5=BDor=C5=BE?= <polz@fri.uni-lj.si>
Date: Tue, 10 Sep 2024 14:13:24 +0200
Subject: [PATCH] Add role proxmox-backup

---
 roles/proxmox-backup/handlers/main.yml | 12 ++++
 roles/proxmox-backup/tasks/main.yml    | 87 ++++++++++++++++++++++++++
 2 files changed, 99 insertions(+)
 create mode 100644 roles/proxmox-backup/handlers/main.yml
 create mode 100644 roles/proxmox-backup/tasks/main.yml

diff --git a/roles/proxmox-backup/handlers/main.yml b/roles/proxmox-backup/handlers/main.yml
new file mode 100644
index 0000000..330874b
--- /dev/null
+++ b/roles/proxmox-backup/handlers/main.yml
@@ -0,0 +1,12 @@
+- name: reboot
+  reboot:
+  when: "'handler' not in ansible_skip_tags"
+
+- name: reload interfaces
+  command: ifreload -a
+  when: "'handler' not in ansible_skip_tags"
+
+- name: update package cache
+  package:
+    update_cache: yes
+  when: "'handler' not in ansible_skip_tags"
diff --git a/roles/proxmox-backup/tasks/main.yml b/roles/proxmox-backup/tasks/main.yml
new file mode 100644
index 0000000..6fe2b63
--- /dev/null
+++ b/roles/proxmox-backup/tasks/main.yml
@@ -0,0 +1,87 @@
+- name: Set hostname
+  hostname:
+    name: '{{ inventory_hostname }}'
+
+- name: Set up resolv.conf
+  template:
+    dest: /etc/resolv.conf
+    src: resolv.conf.j2
+    mode: 0644
+
+- name: Set up debian repositories
+  template:
+    dest: /etc/apt/sources.list
+    src: sources.list.j2
+    mode: 0644
+  notify: update package cache
+  when: debian_release is defined
+
+- name: Disable enterprise repositories
+  apt_repository:
+    repo: 'deb https://enterprise.proxmox.com/debian/pbs {{ ansible_distribution_release }} pbs-enterprise'
+    state: absent
+
+- name: Enable no-subscription repository
+  apt_repository:
+    repo: 'deb http://download.proxmox.com/debian/pbs {{ ansible_distribution_release }} pbs-no-subscription'
+
+- name: Install essential packages
+  package:
+    name:
+      - git
+      - rsync
+      - vim
+      - tmux
+
+- name: Add rules to rename network interfaces
+  template:
+    dest: /etc/udev/rules.d/10-network.rules
+    src: 10-network.rules.j2
+    mode: 0644
+  notify: reboot
+
+- name: Include interfaces.d definitions
+  copy:
+    dest: /etc/network/interfaces
+    content: 'source /etc/network/interfaces.d/*'
+  notify: reload interfaces
+
+- name: Set up interfaces
+  template:
+    dest: /etc/network/interfaces.d/ansible.intf
+    src: ansible.intf.j2
+    mode: 0644
+  notify: reload interfaces
+
+- name: Run SSH instance in management VRF
+  when: interfaces | selectattr('vrf') | selectattr('vrf.name', '==', 'mgmt')
+  block:
+    - name: Configure SSH instance in management VRF
+      copy:
+        dest: /etc/ssh/
+        src: sshd_config.mgmt
+        mode: 0644
+      notify: reboot
+
+    - name: Set up a SSH instance in management VRF
+      copy:
+        dest: /etc/systemd/system/
+        src: sshd@mgmt.service
+        mode: 0644
+      notify: reboot
+
+    - name: Enable management SSH
+      service:
+        name: sshd@mgmt
+        enabled: yes
+      notify: reboot
+
+    - name: Disble SSH in default VRF
+      service:
+        name: ssh
+        enabled: no
+      notify: reboot
+
+
+
+- meta: flush_handlers