update acl to target correctly

rotkonetworks · Feb 5, 2024 · 958213b · 958213b
1 parent 71fcc09
commit 958213b
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 6 deletions.
diff --git a/roles/proxmox_acl_access/tasks/main.yaml b/roles/proxmox_acl_access/tasks/main.yaml
@@ -6,7 +6,7 @@
 
 - name: Set primary node and is_cluster fact
   ansible.builtin.set_fact:
-    primary_node: "{{ cluster_config.stat.exists | ternary(groups['all'][0], inventory_hostname) }}"
+    primary_node: "{{ cluster_config.stat.exists | ternary(groups['proxmox_hosts'][0], inventory_hostname) }}"
     is_cluster: "{{ cluster_config.stat.exists }}"
 
 - name: Acquire acl lists

diff --git a/roles/proxmox_acl_users/tasks/main.yaml b/roles/proxmox_acl_users/tasks/main.yaml
@@ -6,7 +6,7 @@
 
 - name: Set primary node and is_cluster fact
   ansible.builtin.set_fact:
-    primary_node: "{{ cluster_config.stat.exists | ternary(groups['all'][0], inventory_hostname) }}"
+    primary_node: "{{ cluster_config.stat.exists | ternary(groups['proxmox_hosts'][0], inventory_hostname) }}"
     is_cluster: "{{ cluster_config.stat.exists }}"
 
 - name: Acquire current users on primary node

diff --git a/roles/proxmox_setup_nodes/tasks/main.yaml b/roles/proxmox_setup_nodes/tasks/main.yaml
@@ -2,16 +2,58 @@
 ---
 - name: Create predefined containers
   community.general.proxmox:
-    config: "{{ proxmox_defaults | combine(item.proxmox_config) }}"
+    api_host: "{{ proxmox_defaults.api_host }}"
+    api_user: "{{ proxmox_defaults.api_user }}"
+    api_password: "{{ proxmox_defaults.api_password | default(omit) }}"
+    api_token_id: "{{ proxmox_defaults.api_token_id | default(omit) }}"
+    api_token_secret: "{{ proxmox_defaults.api_token_secret | default(omit) }}"
+    node: "{{ item.proxmox_config.node }}"
+    password: "{{ item.proxmox_config.password }}"
+    hostname: "{{ item.proxmox_config.hostname }}"
+    ostemplate: "{{ item.proxmox_config.ostemplate }}"
+    disk: "{{ item.proxmox_config.disk | default(omit) }}"
+    cores: "{{ item.proxmox_config.cores | default(omit) }}"
+    memory: "{{ item.proxmox_config.memory | default(omit) }}"
+    swap: "{{ item.proxmox_config.swap | default(omit) }}"
+    netif: "{{ item.proxmox_config.netif | default(omit) }}"
+    features: "{{ item.proxmox_config.features | to_json | default(omit) }}"
+    onboot: "{{ item.proxmox_config.onboot | default(omit) }}"
+    unprivileged: "{{ item.proxmox_config.unprivileged | default(omit) }}"
+    vmid: "{{ item.proxmox_config.vmid }}"
+    state: "{{ item.proxmox_config.state | default('present') }}"
   loop: "{{ lxc_nodes }}"
   when: lxc_nodes is defined
   register: container_creation_result
+  no_log: True # Adjust based on your security policies
 
-- name: Start predefined nodes
+- name: Start predefined nodes if not already started
   community.general.proxmox:
-    config: "{{ proxmox_defaults | combine({'vmid': item.proxmox_config['vmid'], 'state': 'started'}) }}"
+    api_host: "{{ proxmox_defaults.api_host }}"
+    api_user: "{{ proxmox_defaults.api_user }}"
+    api_password: "{{ proxmox_defaults.api_password | default(omit) }}"
+    api_token_id: "{{ proxmox_defaults.api_token_id | default(omit) }}"
+    api_token_secret: "{{ proxmox_defaults.api_token_secret | default(omit) }}"
+    node: "{{ item.proxmox_config.node }}"
+    vmid: "{{ item.proxmox_config.vmid }}"
+    state: 'started'
   loop: "{{ lxc_nodes }}"
   when:
     - lxc_nodes is defined
-    - item.proxmox_config['state'] == 'present'
+    - item.proxmox_config.state == 'present'
   register: container_start_result
+  no_log: True # Adjust based on your security policies
+
+  # - name: Create predefined containers
+  #   community.general.proxmox: "{{ proxmox_defaults | combine(item.proxmox_config) }}"
+  #   loop: "{{ lxc_nodes }}"
+  #   when: lxc_nodes is defined
+  #   register: container_creation_result
+  #
+  # - name: Start predefined nodes
+  #   community.general.proxmox: "{{ proxmox_defaults | combine({'vmid': item.proxmox_config['vmid'], 'state': 'started'}) }}"
+  #   loop: "{{ lxc_nodes }}"
+  #   when:
+  #     - lxc_nodes is defined
+  #     - item.proxmox_config['state'] == 'present'
+  #   register: container_start_result
+