ansible-on-prem/roles/pve/cluster_prep/tasks/main.yml

---
# - name: Set hostname
#   hostname:
#     name: "{{ inventory_hostname }}"
# - name: Disable Proxmox Enterprise repo
#   lineinfile:
#     path: /etc/apt/sources.list.d/pve-enterprise.list
#     regexp: '^deb'
#     line: '# deb ...'
#     state: present
#   ignore_errors: yes  # In case the file doesn't exist

- name: Find all sources.list.d files
  find:
    paths: /etc/apt/sources.list.d
    patterns: "*.list"
    file_type: file
  register: list_files

- name: Comment out any line with 'enterprise' in each file
  lineinfile:
    path: "{{ item.path }}"
    regexp: '^(?!#).*enterprise'
    line: '# \g<0>'
    backrefs: yes
    state: present
  loop: "{{ list_files.files }}"

- name: Overwrite sources.list with Proxmox-recommended repos
  copy:
    dest: /etc/apt/sources.list
    content: |
      deb http://ftp.debian.org/debian bookworm main contrib
      deb http://ftp.debian.org/debian bookworm-updates main contrib

      # Proxmox VE pve-no-subscription repository provided by proxmox.com,
      # NOT recommended for production use
      deb http://download.proxmox.com/debian/pve bookworm pve-no-subscription

      # security updates
      deb http://security.debian.org/debian-security bookworm-security main contrib
    mode: '0644'

- name: Add Proxmox no-subscription repo to sources.list.d
  copy:
    dest: /etc/apt/sources.list.d/pve-no-subscription.list
    content: |
      deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription
    owner: root
    group: root
    mode: '0644'


- name: Update apt cache
  apt:
    update_cache: yes

- name: Update /etc/hosts with all PVE nodes
  template:
    src: hosts.j2
    dest: /etc/hosts
    mode: "0644"

- name: Ensure search domain and nameserver set properly
  template:
    src: resolv.j2
    dest: /etc/resolv.conf
    mode: "0644"

- name: Ensure chrony is installed
  apt:
    name: chrony
    state: present
    update_cache: yes

- name: Enable and start chronyd
  service:
    name: chrony
    state: started
    enabled: yes

- name: Discover iSCSI targets from TrueNAS
  shell: |
    iscsiadm -m discovery -t st -p {{ iscsi_target_ip }}
  register: iscsi_discovery
  changed_when: false

- name: Login to discovered iSCSI target (unauthenticated)
  shell: |
    iscsiadm -m node -T {{ iscsi_target_iqn }} -p {{ iscsi_target_ip }} --login
  register: iscsi_login
  changed_when: "'Login to' in iscsi_login.stdout or 'already present' in iscsi_login.stdout"

- name: Make iSCSI login persistent across reboots
  shell: |
    iscsiadm -m node -T {{ iscsi_target_iqn }} -p {{ iscsi_target_ip }} --op update -n node.startup -v automatic
  changed_when: false

# - name: Ensure vg_ha exists
#   command: vgs vg_ha
#   register: vg_result
#   failed_when: vg_result.rc != 0
#   changed_when: false

# - name: Debug VG presence
#   debug:
#     msg: "VG 'vg_ha' found on {{ inventory_hostname }}"