From f783d3551357cdd3013468f3a6c32c2477d68f97 Mon Sep 17 00:00:00 2001
From: Lino Silva <gitea@lino.cooking>
Date: Thu, 10 Nov 2022 21:01:15 +0000
Subject: [PATCH] Added pre-role for k3s and frigate

---
 ansible.cfg                                   |  4 +-
 inventory/my-cluster/group_vars/all.yml       | 16 +++++
 inventory/my-cluster/host_vars/epona          | 11 ++++
 .../host_vars/{k3s-agent-urbosa => frigate}   |  4 +-
 .../my-cluster/host_vars/k3s-agent-revali     |  9 ---
 .../my-cluster/host_vars/k3s-server-epona     |  9 ---
 .../my-cluster/host_vars/k3s-server-mipha     |  9 ---
 inventory/my-cluster/host_vars/mipha          | 11 ++++
 inventory/my-cluster/host_vars/revali         | 11 ++++
 inventory/my-cluster/host_vars/urbosa         | 11 ++++
 inventory/my-cluster/hosts.ini                | 15 +++--
 inventory/sample/group_vars/all.yml           | 51 ----------------
 inventory/sample/hosts.ini                    | 12 ----
 roles/frigate/main.yml                        | 56 ++++++++++++++++++
 roles/k3s/pre/tasks/main.yml                  | 57 ++++++++++++++++++
 roles/lxc-create/main.yml                     | 58 -------------------
 site.yml                                      | 22 +------
 17 files changed, 191 insertions(+), 175 deletions(-)
 create mode 100644 inventory/my-cluster/host_vars/epona
 rename inventory/my-cluster/host_vars/{k3s-agent-urbosa => frigate} (70%)
 delete mode 100644 inventory/my-cluster/host_vars/k3s-agent-revali
 delete mode 100644 inventory/my-cluster/host_vars/k3s-server-epona
 delete mode 100644 inventory/my-cluster/host_vars/k3s-server-mipha
 create mode 100644 inventory/my-cluster/host_vars/mipha
 create mode 100644 inventory/my-cluster/host_vars/revali
 create mode 100644 inventory/my-cluster/host_vars/urbosa
 delete mode 100644 inventory/sample/group_vars/all.yml
 delete mode 100644 inventory/sample/hosts.ini
 create mode 100644 roles/frigate/main.yml
 create mode 100644 roles/k3s/pre/tasks/main.yml
 delete mode 100644 roles/lxc-create/main.yml

diff --git a/ansible.cfg b/ansible.cfg
index 12821fe..9a77c7a 100644
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,7 +1,7 @@
 [defaults]
 nocows                  = True
 roles_path              = ./roles
-inventory               = ./hosts.ini
+inventory               = ./inventory/my-cluster/hosts.ini
 stdout_callback         = yaml
 
 remote_tmp              = $HOME/.ansible/tmp
@@ -20,4 +20,4 @@ scp_if_ssh              = smart
 retries                 = 3
 ssh_args                = -o ControlMaster=auto -o ControlPersist=30m -o Compression=yes -o ServerAliveInterval=15s
 pipelining              = True
-control_path            = %(directory)s/%%h-%%r
\ No newline at end of file
+control_path            = %(directory)s/%%h-%%r
diff --git a/inventory/my-cluster/group_vars/all.yml b/inventory/my-cluster/group_vars/all.yml
index a51c36d..dc5cfcf 100644
--- a/inventory/my-cluster/group_vars/all.yml
+++ b/inventory/my-cluster/group_vars/all.yml
@@ -49,3 +49,19 @@ metal_lb_controller_tag_version: "v0.13.6"
 
 # metallb ip range for load balancer
 metal_lb_ip_range: "10.1.1.2-10.1.1.254"
+
+lxc_password: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          38303735306236303463613632623161643633663631303931396564346565666236643562316264
+          6533643331306364653564653763356537303932313531350a393261643137636232616335376461
+          66383966333765626539363561613361393665616333303964373761356166623766663232303063
+          3138353333373935660a383230393330646538303933336366383736643333623663333934663131
+          3064
+
+proxmox_api_password: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          35376334616332386130656335663736343337396532663266383934643632363664646631653935
+          6533343936353734343761343465646365616130643130360a316234333036303738663566666364
+          61653638373830383733323563373862346662363339656632643661336533363162616435616531
+          6331326462356366320a303331616366356333306638386130666538633833623162653934616338
+          3566
\ No newline at end of file
diff --git a/inventory/my-cluster/host_vars/epona b/inventory/my-cluster/host_vars/epona
new file mode 100644
index 0000000..29d6012
--- /dev/null
+++ b/inventory/my-cluster/host_vars/epona
@@ -0,0 +1,11 @@
+---
+
+mac_addr: de:05:ff:02:47:d7
+hostname: k3s-master-epona
+ip_addr: 10.0.2.2
+lxc_host: 10.0.3.2
+cores: 4
+memory: 8192
+disk: 75
+vmid: 601
+ansible_user: root
diff --git a/inventory/my-cluster/host_vars/k3s-agent-urbosa b/inventory/my-cluster/host_vars/frigate
similarity index 70%
rename from inventory/my-cluster/host_vars/k3s-agent-urbosa
rename to inventory/my-cluster/host_vars/frigate
index d59100b..5cedc42 100644
--- a/inventory/my-cluster/host_vars/k3s-agent-urbosa
+++ b/inventory/my-cluster/host_vars/frigate
@@ -2,8 +2,8 @@
 
 mac_addr: ee:36:d5:79:f8:ff
 node: urbosa
-ansible_host: 10.0.3.3
+lxc_host: 10.0.3.3
 cores: 3
 memory: 2048
-disk: 80G
+disk: 8
 vmid: 604
diff --git a/inventory/my-cluster/host_vars/k3s-agent-revali b/inventory/my-cluster/host_vars/k3s-agent-revali
deleted file mode 100644
index 3d4bebb..0000000
--- a/inventory/my-cluster/host_vars/k3s-agent-revali
+++ /dev/null
@@ -1,9 +0,0 @@
----
-
-mac_addr: 32:47:89:3f:1a:e2
-node: revali
-ansible_host: 10.0.3.4
-cores: 2
-memory: 4096
-disk: 200G
-vmid: 603
diff --git a/inventory/my-cluster/host_vars/k3s-server-epona b/inventory/my-cluster/host_vars/k3s-server-epona
deleted file mode 100644
index 4493328..0000000
--- a/inventory/my-cluster/host_vars/k3s-server-epona
+++ /dev/null
@@ -1,9 +0,0 @@
----
-
-mac_addr: de:05:ff:02:47:d7
-node: epona
-ansible_host: 10.0.3.2
-cores: 4
-memory: 8192
-disk: 75G
-vmid: 601
diff --git a/inventory/my-cluster/host_vars/k3s-server-mipha b/inventory/my-cluster/host_vars/k3s-server-mipha
deleted file mode 100644
index e22d79c..0000000
--- a/inventory/my-cluster/host_vars/k3s-server-mipha
+++ /dev/null
@@ -1,9 +0,0 @@
----
-
-mac_addr: 0e:a0:ff:8c:70:df
-node: mipha
-ansible_host: 10.0.3.1
-cores: 4
-memory: 6144
-disk: 75G
-vmid: 602
diff --git a/inventory/my-cluster/host_vars/mipha b/inventory/my-cluster/host_vars/mipha
new file mode 100644
index 0000000..be9525a
--- /dev/null
+++ b/inventory/my-cluster/host_vars/mipha
@@ -0,0 +1,11 @@
+---
+
+mac_addr: 0e:a0:ff:8c:70:df
+hostname: k3s-master-mipha
+ip_addr: 10.0.2.3
+lxc_host: 10.0.3.1
+cores: 4
+memory: 6144
+disk: 75
+vmid: 602
+ansible_user: root
diff --git a/inventory/my-cluster/host_vars/revali b/inventory/my-cluster/host_vars/revali
new file mode 100644
index 0000000..93ac217
--- /dev/null
+++ b/inventory/my-cluster/host_vars/revali
@@ -0,0 +1,11 @@
+---
+
+mac_addr: 32:47:89:3f:1a:e2
+hostname: k3s-agent-revali
+ip_addr: 10.0.2.4
+lxc_host: 10.0.3.4
+cores: 2
+memory: 4096
+disk: 200
+vmid: 603
+ansible_user: root
\ No newline at end of file
diff --git a/inventory/my-cluster/host_vars/urbosa b/inventory/my-cluster/host_vars/urbosa
new file mode 100644
index 0000000..474ab25
--- /dev/null
+++ b/inventory/my-cluster/host_vars/urbosa
@@ -0,0 +1,11 @@
+---
+
+mac_addr: ee:36:d5:79:f8:ff
+hostname: k3s-agent-urbosa
+ip_addr: 10.0.2.5
+lxc_host: 10.0.3.3
+cores: 3
+memory: 2048
+disk: 80
+vmid: 604
+ansible_user: root
diff --git a/inventory/my-cluster/hosts.ini b/inventory/my-cluster/hosts.ini
index 8bf7859..35d6704 100644
--- a/inventory/my-cluster/hosts.ini
+++ b/inventory/my-cluster/hosts.ini
@@ -1,7 +1,14 @@
+[frigate]
+frigate
+
 [master]
-k3s-server-mipha
-k3s-server-epona
+mipha
+epona
 
 [node]
-k3s-agent-urbosa
-k3s-agent-revali
+urbosa
+revali
+
+[k3s_cluster:children]
+master
+node
diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml
deleted file mode 100644
index d4b4cc9..0000000
--- a/inventory/sample/group_vars/all.yml
+++ /dev/null
@@ -1,51 +0,0 @@
----
-k3s_version: v1.24.6+k3s1
-# this is the user that has ssh access to these machines
-ansible_user: ansibleuser
-systemd_dir: /etc/systemd/system
-
-# Set your timezone
-system_timezone: "Your/Timezone"
-
-# interface which will be used for flannel
-flannel_iface: "eth0"
-
-# apiserver_endpoint is virtual ip-address which will be configured on each master
-apiserver_endpoint: "192.168.30.222"
-
-# k3s_token is required  masters can talk together securely
-# this token should be alpha numeric only
-k3s_token: "some-SUPER-DEDEUPER-secret-password"
-
-# The IP on which the node is reachable in the cluster.
-# Here, a sensible default is provided, you can still override
-# it for each of your hosts, though.
-k3s_node_ip: '{{ ansible_facts[flannel_iface]["ipv4"]["address"] }}'
-
-# Disable the taint manually by setting: k3s_master_taint = false
-k3s_master_taint: "{{ true if groups['node'] | default([]) | length >= 1 else false }}"
-
-# these arguments are recommended for servers as well as agents:
-extra_args: >-
-  --flannel-iface={{ flannel_iface }}
-  --node-ip={{ k3s_node_ip }}
-
-# change these to your liking, the only required are: --disable servicelb, --tls-san {{ apiserver_endpoint }}
-extra_server_args: >-
-  {{ extra_args }}
-  {{ '--node-taint node-role.kubernetes.io/master=true:NoSchedule' if k3s_master_taint else '' }}
-  --tls-san {{ apiserver_endpoint }}
-  --disable servicelb
-  --disable traefik
-extra_agent_args: >-
-  {{ extra_args }}
-
-# image tag for kube-vip
-kube_vip_tag_version: "v0.5.5"
-
-# image tag for metal lb
-metal_lb_speaker_tag_version: "v0.13.6"
-metal_lb_controller_tag_version: "v0.13.6"
-
-# metallb ip range for load balancer
-metal_lb_ip_range: "192.168.30.80-192.168.30.90"
diff --git a/inventory/sample/hosts.ini b/inventory/sample/hosts.ini
deleted file mode 100644
index b656847..0000000
--- a/inventory/sample/hosts.ini
+++ /dev/null
@@ -1,12 +0,0 @@
-[master]
-192.168.30.38
-192.168.30.39
-192.168.30.40
-
-[node]
-192.168.30.41
-192.168.30.42
-
-[k3s_cluster:children]
-master
-node
diff --git a/roles/frigate/main.yml b/roles/frigate/main.yml
new file mode 100644
index 0000000..d8a3433
--- /dev/null
+++ b/roles/frigate/main.yml
@@ -0,0 +1,56 @@
+---
+- name: Create LXC for frigate
+  hosts: localhost
+  gather_facts: yes
+  tasks:
+    - name: Stop container
+      community.general.proxmox:
+        vmid: 200
+        api_user: root@pam
+        api_password: {{ proxmox_api_password }}
+        api_host: 10.0.2.2
+        state: stopped
+      ignore_errors: yes
+
+    - name: Remove container
+      community.general.proxmox:
+        vmid: 200
+        api_user: root@pam
+        api_password: {{ proxmox_api_password }}
+        api_host: 10.0.2.2
+        state: absent
+      ignore_errors: yes
+
+    - name: Create container
+      community.general.proxmox:
+        vmid: 200
+        node: epona
+        api_user: root@pam
+        api_password: {{ proxmox_api_password }}
+        api_host: 10.0.2.2
+        password: {{ lxc_password }}
+        hostname: frigate
+        ostemplate: "hyrule-8tb-nfs:vztmpl/debian-11-standard_11.3-1_amd64.tar.zst"
+        netif: "{'net0':'name=eth0,\
+          gw=10.0.0.1,\
+          ip=10.0.2.14/21,\
+          hwaddr=62:67:fc:7a:58:01,\
+          bridge=vmbr0'}"
+        cores: "2"
+        memory: "2048"
+        unprivileged: no
+        swap: 0
+        searchdomain: "home"
+        onboot: 1
+        disk: local-lvm:8
+        mounts: '{"mp0":"hyrule-8tb-nfs:500,mp=/media/frigate"}'
+        mounts: '{"mp1":"/dev/bus/usb,mp=/dev/bus/usb"}'
+        force: yes
+
+    - name: Start deployment
+      community.general.proxmox:
+        vmid: 200
+        api_user: root@pam
+        api_password: {{ proxmox_api_password }}
+        api_host: 10.0.2.2
+        state: started
diff --git a/roles/k3s/pre/tasks/main.yml b/roles/k3s/pre/tasks/main.yml
new file mode 100644
index 0000000..087eca9
--- /dev/null
+++ b/roles/k3s/pre/tasks/main.yml
@@ -0,0 +1,57 @@
+---
+- name: Get uptime information
+  ansible.builtin.shell: /usr/bin/uptime
+
+- name: Stop containers
+  community.general.proxmox:
+    vmid: "{{ hostvars[item]['vmid'] }}"
+    api_user: root@pam
+    api_password: "{{ proxmox_api_password }}"
+    api_host: 10.0.2.2
+    state: stopped
+  loop: "{{ groups['k3s_cluster'] }}"
+  ignore_errors: true
+
+- name: Remove containers
+  community.general.proxmox:
+    vmid: "{{ hostvars[item]['vmid'] }}"
+    api_user: root@pam
+    api_password: "{{ proxmox_api_password }}"
+    api_host: "{{ hostvars[item]['ip_addr'] }}"
+    state: absent
+  loop: "{{ groups['k3s_cluster'] }}"
+  ignore_errors: true
+
+- name: Create containers
+  community.general.proxmox:
+    vmid: "{{ hostvars[item]['vmid'] }}"
+    node: "{{ item }}"
+    api_user: root@pam
+    api_password: "{{ proxmox_api_password }}"
+    api_host: 10.0.2.2
+    password: "{{ lxc_password }}"
+    hostname: "{{ hostvars[item]['hostname'] }}"
+    ostemplate: "hyrule-8tb-nfs:vztmpl/debian-11-standard_11.3-1_amd64.tar.zst"
+    netif: "{'net0':'name=eth0,\
+      gw=10.0.0.1,\
+      ip={{ hostvars[item]['lxc_host'] }}/21,\
+      hwaddr={{ hostvars[item]['mac_addr'] }},\
+      bridge=vmbr0'}"
+    cores: "{{ hostvars[item]['cores'] }}"
+    memory: "{{ hostvars[item]['memory'] }}"
+    unprivileged: no
+    swap: 0
+    searchdomain: "home"
+    onboot: 1
+    disk: local-lvm:{{ hostvars[item]['disk'] }}
+    force: yes
+  loop: "{{ groups['k3s_cluster'] }}"
+
+- name: Start deployments
+  community.general.proxmox:
+    vmid: "{{ hostvars[item]['vmid'] }}"
+    api_user: root@pam
+    api_password: "{{ proxmox_api_password }}"
+    api_host: 10.0.2.2
+    state: started
+  loop: "{{ groups['k3s_cluster'] }}"
diff --git a/roles/lxc-create/main.yml b/roles/lxc-create/main.yml
deleted file mode 100644
index 80e5df8..0000000
--- a/roles/lxc-create/main.yml
+++ /dev/null
@@ -1,58 +0,0 @@
----
-- name: Create LXC for k3s
-  hosts: localhost
-  gather_facts: no
-  tasks:
-    - name: Stop containers
-      community.general.proxmox:
-        vmid: "{{ hostvars[item]['vmid'] }}"
-        api_user: root@pam
-        api_password: bemjogado
-        api_host: 10.0.2.2
-        state: stopped
-      loop: "{{ groups['all'] }}"
-      ignore_errors: yes
-
-    - name: Remove containers
-      community.general.proxmox:
-        vmid: "{{ hostvars[item]['vmid'] }}"
-        api_user: root@pam
-        api_password: bemjogado
-        api_host: 10.0.2.2
-        state: absent
-      loop: "{{ groups['all'] }}"
-      ignore_errors: yes
-
-    - name: Create containers
-      community.general.proxmox:
-        vmid: "{{ hostvars[item]['vmid'] }}"
-        node: "{{ hostvars[item]['node'] }}"
-        api_user: root@pam
-        api_password: bemjogado
-        api_host: 10.0.2.2
-        password: bemjogado
-        hostname: "{{ item }}"
-        ostemplate: "hyrule-8tb-nfs:vztmpl/debian-11-standard_11.3-1_amd64.tar.zst"
-        netif: "{'net0':'name=eth0,\
-          gw=10.0.0.1,\
-          ip={{ hostvars[item]['ansible_host'] }}/21,\
-          hwaddr={{ hostvars[item]['mac_addr'] }},\
-          bridge=vmbr0'}"
-        cores: "{{ hostvars[item]['cores'] }}"
-        memory: "{{ hostvars[item]['memory'] }}"
-        unprivileged: no
-        swap: 0
-        searchdomain: "home"
-        onboot: 1
-        disk: local-lvm:8
-        force: yes
-      loop: "{{ groups['all'] }}"
-
-    - name: Start deployments
-      community.general.proxmox:
-        vmid: "{{ hostvars[item]['vmid'] }}"
-        api_user: root@pam
-        api_password: bemjogado
-        api_host: 10.0.2.2
-        state: started
-      loop: "{{ groups['all'] }}"
diff --git a/site.yml b/site.yml
index 3941306..f8ce818 100644
--- a/site.yml
+++ b/site.yml
@@ -1,22 +1,6 @@
 ---
-- hosts: k3s_cluster
-  gather_facts: yes
+- hosts: localhost
+  gather_facts: no
   become: yes
   roles:
-    - role: prereq
-    - role: download
-
-- hosts: master
-  become: yes
-  roles:
-    - role: k3s/master
-
-- hosts: node
-  become: yes
-  roles:
-    - role: k3s/node
-
-- hosts: master
-  become: yes
-  roles:
-    - role: k3s/post
+    - role: k3s/pre