From 4b9cfd9fc8fc5de3fc477da7ff6a279ecd2c0fae Mon Sep 17 00:00:00 2001
From: tolerryan <105945216+tolerryan@users.noreply.github.com>
Date: Tue, 21 Jan 2025 00:30:00 -0600
Subject: [PATCH] pve node config test1

---
 roles/ind/grail/grail-install.yml |  4 ++
 roles/ind/grail/setup-pvenode.yml | 62 +++++++++++++++++++++++++++++++
 2 files changed, 66 insertions(+)
 create mode 100644 roles/ind/grail/setup-pvenode.yml

diff --git a/roles/ind/grail/grail-install.yml b/roles/ind/grail/grail-install.yml
index f617726..c68e24f 100644
--- a/roles/ind/grail/grail-install.yml
+++ b/roles/ind/grail/grail-install.yml
@@ -7,6 +7,10 @@
   vars:
 
   tasks:
+    - name: Setup PVE node for transcoding and vpn
+      ansible.builtin.command: /usr/bin/ansible-playbook ./roles/ind/grail/set-pvenode.yml -k 
+      delegate_to: 127.0.0.1
+
     - name: Upgrade-packages.yml - update packages
       include: ../../lib/upgrade-packages.yml
     
diff --git a/roles/ind/grail/setup-pvenode.yml b/roles/ind/grail/setup-pvenode.yml
new file mode 100644
index 0000000..36b681a
--- /dev/null
+++ b/roles/ind/grail/setup-pvenode.yml
@@ -0,0 +1,62 @@
+---
+- name: Add tun device bind to container 218 on node1
+  hosts: 192.168.0.40
+  become: yes
+  vars:
+  config_file: "/etc/pve/lxc/218"
+
+  tasks:   
+    - name: Ensure file exists
+      file:
+        path: "{{ config_file }}"
+        state: present
+  
+    - name: Stop LXC container 218
+      shell: "pct stop 218"
+      register: stop_result
+
+    - name: Display stop result
+      debug:
+        var: stop_result
+    
+    - name: Add idmap configurations
+      blockinfile:
+        path: "{{ config_file }}"
+        block: |
+          lxc.idmap: u 0 100000 1000
+          lxc.idmap: g 0 100000 1000
+        marker: "#{' ' * line_length}# ANSIBLE MANAGED BLOCK"
+
+    - name: Add mount entry for /dev/net
+      lineinfile:
+        path: "{{ config_file }}"
+        regexp: '^lxc\.mount\.entry:'
+        line: "lxc.mount.entry: /dev/net dev/net none bind,create=dir"
+
+    - name: Add cgroup2 devices allow
+      lineinfile:
+        path: "{{ config_file }}"
+        regexp: '^lxc\.cgroup2\.devices\.allow:'
+        line: "lxc.cgroup2.devices.allow: c 10:00 rwm"
+
+    - name: Add mount devices to allow gpu transcoding
+      lineinfile:
+        path: "{{ config_file }}"
+        regexp: '^lxc\.cgroup2\.devices\.allow:'
+        line: "lxc.mount.entry: /dev/dri dev/dri none bind,optional,create=dir"
+
+    - name: Add remaining idmap configurations
+      blockinfile:
+        path: "{{ config_file }}"
+        block: |
+          lxc.idmap: u 1000 1000 64536
+          lxc.idmap: g 1000 1000 64536
+        marker: "#{' ' * line_length}# ANSIBLE MANAGED BLOCK"
+
+    - name: Start LXC container 218
+      shell: "pct start 218"
+      register: start_result
+
+    - name: Display start result
+      debug:
+        var: start_result
\ No newline at end of file