commit bb49a010d0fd6063535f0d65facd1b6e1443e51d Author: guppy Date: Wed Apr 19 17:44:52 2023 +0200 Ajout create-vm-template diff --git a/ansible/create-vm-template.yaml b/ansible/create-vm-template.yaml new file mode 100644 index 0000000..7f09f59 --- /dev/null +++ b/ansible/create-vm-template.yaml @@ -0,0 +1,47 @@ +--- +- name: "create VM template" + hosts: pve + remote_user: metal + gather_facts: no + vars: + vm: + cloud_image_url: https://cloud.debian.org/images/cloud/bullseye/latest/debian-11-genericcloud-amd64.qcow2 + cloud_image_path: /tmp/debian-11-cloudinit-amd64.qcow2 + template_id: 1001 + template_name: debian-11-cloudinit-template + template_memory: 4096 + template_bridge: vmbr0 + tasks: + - name : download cloud image + get_url: + url: "{{ vm.cloud_image_url }}" + dest: "{{ vm.cloud_image_path }}" + mode: 0700 + + - name: create a VM to use as a template + command: "qm create {{ vm.template_id }} --name {{ vm.template_name }} --memory {{ vm.template_memory }} --net0 virtio,bridge={{ vm.template_bridge }}" + become: yes + + - name: import disk image + command: "qm importdisk {{ vm.template_id }} {{ vm.cloud_image_path }} local-lvm" + become: yes + + - name: configure VM to use imported image + command: "qm set {{ vm.template_id }} --scsihw virtio-scsi-pci --scsi0 local-lvm:vm-{{ vm.template_id }}-disk-0" + become: yes + + - name: add cloud-init image as CDROM + command: "qm set {{ vm.template_id }} --ide2 local-lvm:cloudinit" + become: yes + + - name: configure boot from the image + command: "qm set {{ vm.template_id }} --boot c --bootdisk scsi0" + become: yes + + - name: attach serial console + command: "qm set {{ vm.template_id }} --serial0 socket --vga serial0" + become: yes + + - name: create template + command: "qm template {{ vm.template_id }}" + become: yes diff --git a/ansible/group_vars/pve/vars.yml b/ansible/group_vars/pve/vars.yml new file mode 100644 index 0000000..cd048de --- /dev/null +++ b/ansible/group_vars/pve/vars.yml @@ -0,0 +1,7 @@ +--- +#Informations non sensible +role: TerraformProv +account: terraform-prov@pve + +#Information sensibles +passwd: "{{ vault_passwd }}" diff --git a/ansible/group_vars/pve/vault.yml b/ansible/group_vars/pve/vault.yml new file mode 100644 index 0000000..c1504a4 --- /dev/null +++ b/ansible/group_vars/pve/vault.yml @@ -0,0 +1,9 @@ +$ANSIBLE_VAULT;1.1;AES256 +37353062626136633932333231313436353531633263633638383037626231666339316565613861 +3964666562613834633161656333323731633436653063320a396464646163643764373861353534 +30343161363132326437326364636365613564376466666339633935623636633664316364336537 +3838643439336165370a343338336364326538316532373161356433333933323437616639343032 +66306162316261613965343830343638613235353133613130393238316336333437663838613535 +62373531363961666433336537333637376263353238666662626633313264373365633831363237 +66373461356637613837336230623431303138353166656335343864656535633961623239643436 +61393761323032643237 diff --git a/ansible/inventory.ini b/ansible/inventory.ini new file mode 100644 index 0000000..c1da941 --- /dev/null +++ b/ansible/inventory.ini @@ -0,0 +1,2 @@ +[pve] +proxmox.local diff --git a/ansible/terraform-providers-account.yaml b/ansible/terraform-providers-account.yaml new file mode 100644 index 0000000..686fddd --- /dev/null +++ b/ansible/terraform-providers-account.yaml @@ -0,0 +1,19 @@ +--- +- name: "Configure pve for Terraform Provider" + hosts: pve + gather_facts: no + remote_user: ansuser + + tasks: + + - name: create role pve for terraform + command: "pveum role add {{ role }} -privs \"Datastore.AllocateSpace Datastore.Audit Pool.Allocate Sys.Audit Sys.Console Sys.Modify VM.Allocate VM.Audit VM.Clone VM.Config.CDROM VM.Config.Cloudinit VM.Config.CPU VM.Config.Disk VM.Config.HWType VM.Config.Memory VM.Config.Network VM.Config.Options VM.Monitor VM.PowerMgmt\"" + become: yes + + - name: create account pve for terraform + command: "pveum user add {{ account }} --password {{ passwd }}" + become: yes + + - name: apply role to account + command: "pveum aclmod / -user {{ account }} -role {{ role }}" + become: yes