better fedora setup

plays/fedora-k3s-setup.yml

@@ -1,19 +0,0 @@
-- name: Customization and hardening of fresh fedora install running on a VM
-  hosts: fedora_server
-  become: yes
-  # reuse password for sudo
-  become_method: sudo
-
-  user: ansible
-  
-  vars_prompt:
-    - name: k3s_token
-      prompt: "Enter a (single use) k3s token"
-      private: yes
-  
-  vars:
-    - master_ip: "{{ hostvars['fedora-node-1']['ansible_default_ipv4']['address'] }}"
-  roles:
-    - role: ssh-key-copy
-    - role: fail2ban
-    - role: k3s-ha

plays/k3s-fedora-lxc.yml

@@ -0,0 +1,58 @@
+- name: Setup of fedora LXC containers
+  hosts: proxmox
+  become: yes
+  user: root
+  
+  vars:
+    - proxmox_user: root@pam
+      proxmox_token: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          31376165343635623536393936353032333638636564646665646464386635383761623632373036
+          3433306233633465313737303039346635353363326562320a336532666632613663303730643136
+          36353430353638616239313766666233396339643431636161373965383664663230616664336162
+          3730353264643434390a386132383238613165653037623466383732323835356365326439656565
+          38666466343932356137393333623964333463303564623666656533626331646535306531343836
+          3136313232333265303336613235336334323963316439383230
+      proxmox_node: proxmox
+      proxmox_token_id: ansible
+
+
+
+  tasks:
+    - name: Create 3 fedora LXC containers
+      include_role:
+        name: proxmox-lxc-fedora
+      vars:
+        lxc_id: "{{ 150 + item.index }}"
+        lxc_ip: "192.168.1.{{ 200 + item.index }}"
+        lxc_gateway: "192.168.1.1"
+        name: "{{ item.name }}"
+
+      loop:
+        - name: k3s-1
+          index: 1
+        - name: k3s-2
+          index: 2
+        - name: k3s-3
+          index: 3
+      loop_control:
+        index_var: loop_index
+
+
+- name: Setup of k3s cluster
+  hosts: lxc_fedora
+  become: yes
+  user: root
+
+
+  vars_prompt:
+    - name: k3s_token
+      prompt: "Enter a (single use) k3s token"
+      private: yes
+
+
+  roles:
+    - role: k3s-ha
+
+
+# CAUTION - THIS IS BROKEN

plays/k3s-fedora-vm.yml

@@ -16,8 +16,34 @@
       proxmox_node: proxmox
       proxmox_token_id: ansible
 
+  tasks:
+    - name: Create 2 fedora vms
+      include_role:
+        name: proxmox-fedora-vm
+      vars:
+        name: "{{ item.name }}"
+        vm_id: "{{ 200 + item.index }}"
+        vm_ip: "192.168.1.{{ 200 + item.index }}"
+      loop:
+        - name: k3s-1
+          index: 1
+        - name: k3s-2
+          index: 2
+      loop_control:
+        index_var: loop_index
+
+
+- name: Setup of k3s cluster
+  hosts: kvm_fedora # this group is created by the previous task
+  become: yes
+  user: root
+
+
+  vars_prompt:
+    - name: k3s_token
+      prompt: "Enter a (single use) k3s token"
+      private: yes
+
+
   roles:
-    - role: proxmox-fedora-vm
-      vms:
-        - name: fedora-node-1
-        - name: fedora-node-2
+    - role: k3s-ha

plays/k3s-full-deployment.yaml

@@ -1,5 +0,0 @@
-- name: Full k3s deployment
-  hosts: localhost
-
-  roles: 
-    - role: role-k3s-deployments

plays/proxmox-lxc-wireguard.yaml

@@ -0,0 +1,16 @@
+- name: WG-easy setup on a fresh Proxmox lxc container
+  hosts: ubuntu-wireguard
+  user: ubuntu
+
+  vars_prompt:
+    - name: vpn_admin_password
+      prompt: "Enter the http password for the vpn admin interface"
+      private: yes
+
+  roles:
+    - role: ssh-key-copy
+    - role: docker-install
+    - role: wireguard-easy-docker
+      vars:
+        - vpn_hostname: vpn.kluster.moll.re
+        # - vpn_admin_password

plays/proxmox-setup.yml

@@ -1,7 +1,6 @@
 - name: Proxmox configuration
   hosts: proxmox
   user: root
-  
 
   roles:
     - role: proxmox-basic-setup

plays/raspberry-setup.yml

@@ -4,4 +4,4 @@
   user: pi
   roles:
     - role: ssh-key-copy
-    - role: raspberry
+    - role: raspberry