k3s lxc playbook done

roles/lxc-create/main.yml

@@ -0,0 +1,58 @@
+---
+- name: Create LXC for k3s
+  hosts: localhost
+  gather_facts: no
+  tasks:
+    - name: Stop containers
+      community.general.proxmox:
+        vmid: "{{ hostvars[item]['vmid'] }}"
+        api_user: root@pam
+        api_password: bemjogado
+        api_host: 10.0.2.2
+        state: stopped
+      loop: "{{ groups['all'] }}"
+      ignore_errors: yes
+
+    - name: Remove containers
+      community.general.proxmox:
+        vmid: "{{ hostvars[item]['vmid'] }}"
+        api_user: root@pam
+        api_password: bemjogado
+        api_host: 10.0.2.2
+        state: absent
+      loop: "{{ groups['all'] }}"
+      ignore_errors: yes
+
+    - name: Create containers
+      community.general.proxmox:
+        vmid: "{{ hostvars[item]['vmid'] }}"
+        node: "{{ hostvars[item]['node'] }}"
+        api_user: root@pam
+        api_password: bemjogado
+        api_host: 10.0.2.2
+        password: bemjogado
+        hostname: "{{ item }}"
+        ostemplate: "hyrule-8tb-nfs:vztmpl/debian-11-standard_11.3-1_amd64.tar.zst"
+        netif: "{'net0':'name=eth0,\
+          gw=10.0.0.1,\
+          ip={{ hostvars[item]['ansible_host'] }}/21,\
+          hwaddr={{ hostvars[item]['mac_addr'] }},\
+          bridge=vmbr0'}"
+        cores: "{{ hostvars[item]['cores'] }}"
+        memory: "{{ hostvars[item]['memory'] }}"
+        unprivileged: no
+        swap: 0
+        searchdomain: "home"
+        onboot: 1
+        disk: local-lvm:8
+        force: yes
+      loop: "{{ groups['all'] }}"
+
+    - name: Start deployments
+      community.general.proxmox:
+        vmid: "{{ hostvars[item]['vmid'] }}"
+        api_user: root@pam
+        api_password: bemjogado
+        api_host: 10.0.2.2
+        state: started
+      loop: "{{ groups['all'] }}"

roles/prereq/tasks/main.yml

@@ -56,10 +56,10 @@
 
 - name: Add /usr/local/bin to sudo secure_path
   lineinfile:
-    line: 'Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin'
+    line: "Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin"
     regexp: "Defaults(\\s)*secure_path(\\s)*="
     state: present
     insertafter: EOF
     path: /etc/sudoers
-    validate: 'visudo -cf %s'
+    validate: "visudo -cf %s"
   when: ansible_os_family == "RedHat"

roles/raspberrypi/defaults/main.yml

@@ -1,6 +0,0 @@
----
-# Indicates whether the k3s prerequisites for Raspberry Pi should be set up
-# Possible values:
-#   - present
-#   - absent
-state: present

roles/raspberrypi/handlers/main.yml

@@ -1,3 +0,0 @@
----
-- name: Reboot
-  reboot:

roles/raspberrypi/tasks/main.yml

@@ -1,66 +0,0 @@
----
-- name: Test for raspberry pi /proc/cpuinfo
-  command: grep -E "Raspberry Pi|BCM2708|BCM2709|BCM2835|BCM2836" /proc/cpuinfo
-  register: grep_cpuinfo_raspberrypi
-  failed_when: false
-  changed_when: false
-
-- name: Test for raspberry pi /proc/device-tree/model
-  command: grep -E "Raspberry Pi" /proc/device-tree/model
-  register: grep_device_tree_model_raspberrypi
-  failed_when: false
-  changed_when: false
-
-- name: Set raspberry_pi fact to true
-  set_fact:
-    raspberry_pi: true
-  when:
-    grep_cpuinfo_raspberrypi.rc == 0 or grep_device_tree_model_raspberrypi.rc == 0
-
-- name: Set detected_distribution to Raspbian
-  set_fact:
-    detected_distribution: Raspbian
-  when: >
-    raspberry_pi|default(false) and
-    ( ansible_facts.lsb.id|default("") == "Raspbian" or
-      ansible_facts.lsb.description|default("") is match("[Rr]aspbian.*") )
-
-- name: Set detected_distribution to Raspbian (ARM64 on Debian Buster)
-  set_fact:
-    detected_distribution: Raspbian
-  when:
-    - ansible_facts.architecture is search("aarch64")
-    - raspberry_pi|default(false)
-    - ansible_facts.lsb.description|default("") is match("Debian.*buster")
-
-- name: Set detected_distribution_major_version
-  set_fact:
-    detected_distribution_major_version: "{{ ansible_facts.lsb.major_release }}"
-  when:
-    - detected_distribution | default("") == "Raspbian"
-
-- name: Set detected_distribution to Raspbian (ARM64 on Debian Bullseye)
-  set_fact:
-    detected_distribution: Raspbian
-  when:
-    - ansible_facts.architecture is search("aarch64")
-    - raspberry_pi|default(false)
-    - ansible_facts.lsb.description|default("") is match("Debian.*bullseye")
-
-- name: execute OS related tasks on the Raspberry Pi - {{ action }}
-  include_tasks: "{{ item }}"
-  with_first_found:
-    - "{{ action }}/{{ detected_distribution }}-{{ detected_distribution_major_version }}.yml"
-    - "{{ action }}/{{ detected_distribution }}.yml"
-    - "{{ action }}/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
-    - "{{ action }}/{{ ansible_distribution }}.yml"
-    - "{{ action }}/default.yml"
-  vars:
-    action: >-
-      {% if state == "present" -%}
-      setup
-      {%- else -%}
-      teardown
-      {%- endif %}
-  when:
-    - raspberry_pi|default(false)

roles/raspberrypi/tasks/setup/Raspbian.yml

@@ -1,27 +0,0 @@
----
-- name: Activating cgroup support
-  lineinfile:
-    path: /boot/cmdline.txt
-    regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$'
-    line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
-    backrefs: true
-  notify: reboot
-
-- name: Install iptables
-  apt: name=iptables state=present
-
-- name: Flush iptables before changing to iptables-legacy
-  iptables:
-    flush: true
-
-- name: Changing to iptables-legacy
-  alternatives:
-    path: /usr/sbin/iptables-legacy
-    name: iptables
-  register: ip4_legacy
-
-- name: Changing to ip6tables-legacy
-  alternatives:
-    path: /usr/sbin/ip6tables-legacy
-    name: ip6tables
-  register: ip6_legacy

roles/raspberrypi/tasks/setup/Rocky.yml

@@ -1,9 +0,0 @@
----
-- name: Enable cgroup via boot commandline if not already enabled for Rocky
-  lineinfile:
-    path: /boot/cmdline.txt
-    backrefs: yes
-    regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$'
-    line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
-  notify: reboot
-  when: not ansible_check_mode

roles/raspberrypi/tasks/setup/Ubuntu.yml

@@ -1,13 +0,0 @@
----
-- name: Enable cgroup via boot commandline if not already enabled for Ubuntu on a Raspberry Pi
-  lineinfile:
-    path: /boot/firmware/cmdline.txt
-    backrefs: yes
-    regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$'
-    line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
-  notify: reboot
-
-- name: Install linux-modules-extra-raspi
-  apt:
-    name: linux-modules-extra-raspi
-    state: present

roles/raspberrypi/tasks/setup/default.yml

@@ -1 +0,0 @@
----

roles/raspberrypi/tasks/teardown/Raspbian.yml

@@ -1 +0,0 @@
----

roles/raspberrypi/tasks/teardown/Rocky.yml

@@ -1 +0,0 @@
----

roles/raspberrypi/tasks/teardown/Ubuntu.yml

@@ -1,5 +0,0 @@
----
-- name: Remove linux-modules-extra-raspi
-  apt:
-    name: linux-modules-extra-raspi
-    state: absent

roles/raspberrypi/tasks/teardown/default.yml

@@ -1 +0,0 @@
----