Jose/ansible_role_proxmox_provision
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'refactor ♻️: Refactor Proxmox repository management' (#5) from dev into main
Some checks failed
ansible-lint / Ansible Lint (push) Failing after 6s
Details
Gitleaks Scan / gitleaks (push) Successful in 4s
Details
Markdown Lint / markdown-lint (push) Successful in 5s
Details

Browse Source 
Reviewed-on: #5
This commit was merged in pull request #5.
This commit is contained in:
Jose
2026-02-08 20:09:56 +01:00
parent ba322dd97b 85e021c864
commit ceeca6e7e0
4 changed files with 124 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
handlers/main.yml
View File

@@ -17,4 +17,4 @@
- name: logrotate reload
ansible.builtin.command: logrotate /etc/logrotate.conf
changed_when: false
changed_when: false

2
tasks/logrotate.yml
View File

@@ -1,7 +1,7 @@
---
- name: logrotate | Configure all main Proxmox logs
vars:
proxmox_logrotate_files:
- /etc/logrotate.conf

67
tasks/repos.yml
View File

@@ -1,18 +1,53 @@
---
- name: repos | Comment out Proxmox enterprise repo lines
ansible.builtin.replace:
path: /etc/apt/sources.list.d/pve-enterprise.list
regexp: '^(deb\s+)'
replace: '# \1'
when: ansible.builtin.stat(path='/etc/apt/sources.list.d/pve-enterprise.list').stat.exists
notify: apt update
- name: repos | Enable Proxmox no-subscription repo
ansible.builtin.copy:
dest: /etc/apt/sources.list.d/pve-no-subscription.list
owner: root
group: root
mode: "0644"
content: |
deb http://download.proxmox.com/debian/pve {{ ansible_distribution_release }} pve-no-subscription
notify: apt update
- name: repos | Manage Proxmox repositories
vars:
repo_path:
- http://download\.proxmox\.com/debian/pve\
block:
# Proxmox enterprise repo
- name: repos | Check for Proxmox enterprise repo file
ansible.builtin.stat:
path: /etc/apt/sources.list.d/pve-enterprise.list
register: pve_enterprise_repo
- name: repos | Comment out Proxmox enterprise repo lines
ansible.builtin.replace:
path: /etc/apt/sources.list.d/pve-enterprise.list
regexp: '^(deb\s+)'
replace: '# \1'
when: pve_enterprise_repo.stat.exists
register: enterprise_changed
# Proxmox no-subscription repo
- name: repos | Check for pve-install-repo.list
ansible.builtin.stat:
path: /etc/apt/sources.list.d/pve-install-repo.list
register: pve_install_repo
- name: repos | Uncomment Proxmox no-subscription repo if present
ansible.builtin.replace:
path: /etc/apt/sources.list.d/pve-install-repo.list
regexp: '^#\s*(deb\s+{{ repo_path }}s+{{ ansible_distribution_release }}\s+pve-no-subscription)'
replace: '\1'
when: pve_install_repo.stat.exists
register: no_sub_uncommented
- name: repos | Add Proxmox no-subscription repo if missing
ansible.builtin.lineinfile:
path: /etc/apt/sources.list.d/pve-install-repo.list
regexp: '^deb\s+{{ repo_path }}s+{{ ansible_distribution_release }}\s+pve-no-subscription$'
line: "deb http://download.proxmox.com/debian/pve {{ ansible_distribution_release }} pve-no-subscription"
state: present
insertafter: EOF
when: pve_install_repo.stat.exists
register: no_sub_added
# Notify Run apt update only once if any of the above tasks changed something
notify:
- Run apt update
# Trigger only if any changes occurred
when: enterprise_changed.changed or no_sub_uncommented.changed or no_sub_added.changed

106
tasks/subscription.yml
View File

@@ -1,12 +1,81 @@
---
- name: subscription | Ensure nag patch state directory exists
- name: Ensure /usr/local/bin exists
ansible.builtin.file:
path: /var/lib/proxmox-nag-patch
path: /usr/local/bin
state: directory
owner: root
group: root
mode: "0755"
- name: subscription | Check for legacy proxmoxlib.js
ansible.builtin.stat:
path: /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js
register: proxmoxlib_js
- name: Install pve-remove-nag script
ansible.builtin.copy:
dest: /usr/local/bin/pve-remove-nag.sh
owner: root
group: root
mode: "0755"
content: |
#!/bin/sh
# source: https://github.com/community-scripts/ProxmoxVE/blob/main/tools/pve/post-pve-install.sh Commit c464b95
WEB_JS=/usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js
if [ -s "$WEB_JS" ] && ! grep -q NoMoreNagging "$WEB_JS"; then
echo "Patching Web UI nag..."
sed -i -e "/data\.status/ s/!//" -e "/data\.status/ s/active/NoMoreNagging/" "$WEB_JS"
fi
MOBILE_TPL=/usr/share/pve-yew-mobile-gui/index.html.tpl
MARKER="<!-- MANAGED BLOCK FOR MOBILE NAG -->"
if [ -f "$MOBILE_TPL" ] && ! grep -q "$MARKER" "$MOBILE_TPL"; then
echo "Patching Mobile UI nag..."
printf "%s\n" \
"$MARKER" \
"<script>" \
" function removeSubscriptionElements() {" \
" // --- Remove subscription dialogs ---" \
" const dialogs = document.querySelectorAll('dialog.pwt-outer-dialog');" \
" dialogs.forEach(dialog => {" \
" const text = (dialog.textContent || '').toLowerCase();" \
" if (text.includes('subscription')) {" \
" dialog.remove();" \
" console.log('Removed subscription dialog');" \
" }" \
" });" \
"" \
" // --- Remove subscription cards, but keep Reboot/Shutdown/Console ---" \
" const cards = document.querySelectorAll('.pwt-card.pwt-p-2.pwt-d-flex.pwt-interactive.pwt-justify-content-center');" \
" cards.forEach(card => {" \
" const text = (card.textContent || '').toLowerCase();" \
" const hasButton = card.querySelector('button');" \
" if (!hasButton && text.includes('subscription')) {" \
" card.remove();" \
" console.log('Removed subscription card');" \
" }" \
" });" \
" }" \
"" \
" const observer = new MutationObserver(removeSubscriptionElements);" \
" observer.observe(document.body, { childList: true, subtree: true });" \
" removeSubscriptionElements();" \
" setInterval(removeSubscriptionElements, 300);" \
" setTimeout(() => {observer.disconnect();}, 10000);" \
"</script>" \
"" >> "$MOBILE_TPL"
fi
when: proxmoxlib_js.stat.exists
- name: Install APT post-invoke hook for nag removal
ansible.builtin.copy:
dest: /etc/apt/apt.conf.d/no-nag-script
owner: root
group: root
mode: "0644"
content: |
DPkg::Post-Invoke { "/usr/local/bin/pve-remove-nag.sh"; };
############################
# Legacy proxmoxlib.js
############################
@@ -14,16 +83,8 @@
- name: subscription | Check for legacy proxmoxlib.js
ansible.builtin.stat:
path: /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js
checksum_algorithm: sha256
register: proxmoxlib_js
- name: subscription | Read stored checksum (legacy)
ansible.builtin.slurp:
src: /var/lib/proxmox-nag-patch/proxmoxlib.js.sha256
register: proxmoxlib_js_checksum_stored
when: proxmoxlib_js.stat.exists
failed_when: false
- name: subscription | Trigger legacy nag patch if needed
ansible.builtin.meta: flush_handlers
when:
@@ -33,28 +94,3 @@
!= (proxmoxlib_js_checksum_stored.content | b64decode | trim)
notify: Ppatch legacy proxmoxlib.js
############################
# Minified proxmoxlib.min.js (VE 8/9)
############################
- name: subscription | Check for minified proxmoxlib.min.js (VE 8/9)
ansible.builtin.stat:
path: /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.min.js
checksum_algorithm: sha256
register: proxmoxlib_min_js
- name: subscription | Read stored checksum (minified)
ansible.builtin.slurp:
src: /var/lib/proxmox-nag-patch/proxmoxlib.min.js.sha256
register: proxmoxlib_min_checksum_stored
when: proxmoxlib_min_js.stat.exists
failed_when: false
- name: subscription | Trigger minified nag patch if needed
ansible.builtin.meta: flush_handlers
when:
- proxmoxlib_min_js.stat.exists
- proxmoxlib_min_checksum_stored.content is not defined
or proxmoxlib_min_js.stat.checksum
!= (proxmoxlib_min_checksum_stored.content | b64decode | trim)
notify: Patch minified proxmoxlib.js