pve node config test1

roles/ind/grail/grail-install.yml

@@ -7,6 +7,10 @@
   vars:
 
   tasks:
+    - name: Setup PVE node for transcoding and vpn
+      ansible.builtin.command: /usr/bin/ansible-playbook ./roles/ind/grail/set-pvenode.yml -k 
+      delegate_to: 127.0.0.1
+
     - name: Upgrade-packages.yml - update packages
       include: ../../lib/upgrade-packages.yml
     

roles/ind/grail/setup-pvenode.yml

@@ -0,0 +1,62 @@
+---
+- name: Add tun device bind to container 218 on node1
+  hosts: 192.168.0.40
+  become: yes
+  vars:
+  config_file: "/etc/pve/lxc/218"
+
+  tasks:   
+    - name: Ensure file exists
+      file:
+        path: "{{ config_file }}"
+        state: present
+  
+    - name: Stop LXC container 218
+      shell: "pct stop 218"
+      register: stop_result
+
+    - name: Display stop result
+      debug:
+        var: stop_result
+    
+    - name: Add idmap configurations
+      blockinfile:
+        path: "{{ config_file }}"
+        block: |
+          lxc.idmap: u 0 100000 1000
+          lxc.idmap: g 0 100000 1000
+        marker: "#{' ' * line_length}# ANSIBLE MANAGED BLOCK"
+
+    - name: Add mount entry for /dev/net
+      lineinfile:
+        path: "{{ config_file }}"
+        regexp: '^lxc\.mount\.entry:'
+        line: "lxc.mount.entry: /dev/net dev/net none bind,create=dir"
+
+    - name: Add cgroup2 devices allow
+      lineinfile:
+        path: "{{ config_file }}"
+        regexp: '^lxc\.cgroup2\.devices\.allow:'
+        line: "lxc.cgroup2.devices.allow: c 10:00 rwm"
+
+    - name: Add mount devices to allow gpu transcoding
+      lineinfile:
+        path: "{{ config_file }}"
+        regexp: '^lxc\.cgroup2\.devices\.allow:'
+        line: "lxc.mount.entry: /dev/dri dev/dri none bind,optional,create=dir"
+
+    - name: Add remaining idmap configurations
+      blockinfile:
+        path: "{{ config_file }}"
+        block: |
+          lxc.idmap: u 1000 1000 64536
+          lxc.idmap: g 1000 1000 64536
+        marker: "#{' ' * line_length}# ANSIBLE MANAGED BLOCK"
+
+    - name: Start LXC container 218
+      shell: "pct start 218"
+      register: start_result
+
+    - name: Display start result
+      debug:
+        var: start_result