From 67d5f5c27727e04d8f8a5ed20e79d5706cbbf1cb Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sun, 7 Jan 2024 00:08:17 +0100
Subject: refactor: storage roles

---
 roles/storage/luks/base/defaults/main.yml          |  8 +++
 roles/storage/luks/base/tasks/main.yml             | 43 +++++++++++++++
 roles/storage/luks/volumes/defaults/main.yml       |  8 ---
 roles/storage/luks/volumes/tasks/main.yml          | 43 ---------------
 roles/storage/lvm/base/defaults/main.yml           |  6 +++
 roles/storage/lvm/base/tasks/main.yml              | 12 +++++
 roles/storage/lvm/groups/defaults/main.yml         |  6 ---
 roles/storage/lvm/groups/tasks/main.yml            | 12 -----
 roles/storage/zfs/base/defaults/main.yml           | 19 +++++++
 roles/storage/zfs/base/tasks/Debian.yml            | 42 +++++++++++++++
 roles/storage/zfs/base/tasks/Ubuntu.yml            |  2 +
 .../base/tasks/enable-systemd-mount-generator.yml  | 23 ++++++++
 roles/storage/zfs/base/tasks/main.yml              | 61 ++++++++++++++++++++++
 roles/storage/zfs/pools/defaults/main.yml          | 19 -------
 roles/storage/zfs/pools/tasks/Debian.yml           | 42 ---------------
 roles/storage/zfs/pools/tasks/Ubuntu.yml           |  2 -
 .../pools/tasks/enable-systemd-mount-generator.yml | 23 --------
 roles/storage/zfs/pools/tasks/main.yml             | 61 ----------------------
 roles/storage/zfs/volume/tasks/main.yml            |  1 -
 19 files changed, 216 insertions(+), 217 deletions(-)
 create mode 100644 roles/storage/luks/base/defaults/main.yml
 create mode 100644 roles/storage/luks/base/tasks/main.yml
 delete mode 100644 roles/storage/luks/volumes/defaults/main.yml
 delete mode 100644 roles/storage/luks/volumes/tasks/main.yml
 create mode 100644 roles/storage/lvm/base/defaults/main.yml
 create mode 100644 roles/storage/lvm/base/tasks/main.yml
 delete mode 100644 roles/storage/lvm/groups/defaults/main.yml
 delete mode 100644 roles/storage/lvm/groups/tasks/main.yml
 create mode 100644 roles/storage/zfs/base/defaults/main.yml
 create mode 100644 roles/storage/zfs/base/tasks/Debian.yml
 create mode 100644 roles/storage/zfs/base/tasks/Ubuntu.yml
 create mode 100644 roles/storage/zfs/base/tasks/enable-systemd-mount-generator.yml
 create mode 100644 roles/storage/zfs/base/tasks/main.yml
 delete mode 100644 roles/storage/zfs/pools/defaults/main.yml
 delete mode 100644 roles/storage/zfs/pools/tasks/Debian.yml
 delete mode 100644 roles/storage/zfs/pools/tasks/Ubuntu.yml
 delete mode 100644 roles/storage/zfs/pools/tasks/enable-systemd-mount-generator.yml
 delete mode 100644 roles/storage/zfs/pools/tasks/main.yml

(limited to 'roles/storage')

diff --git a/roles/storage/luks/base/defaults/main.yml b/roles/storage/luks/base/defaults/main.yml
new file mode 100644
index 00000000..c2aa39c6
--- /dev/null
+++ b/roles/storage/luks/base/defaults/main.yml
@@ -0,0 +1,8 @@
+---
+# luks_devices:
+#   crypto-nvme0:
+#     passphrase: "keep-this-very-very-secret"
+#     device: /dev/nvme0n1p3
+#   crypto-nvme1:
+#     passphrase: "use-differnt-passphrase-and-keep-this-secret-as-well"
+#     device: /dev/nvme1n1p3
diff --git a/roles/storage/luks/base/tasks/main.yml b/roles/storage/luks/base/tasks/main.yml
new file mode 100644
index 00000000..7fe556a1
--- /dev/null
+++ b/roles/storage/luks/base/tasks/main.yml
@@ -0,0 +1,43 @@
+---
+- name: install cryptsetup packages
+  apt:
+    name: cryptsetup-bin
+    state: present
+
+- name: Create temporary build directory
+  tempfile:
+    state: directory
+  register: keyfile_dir
+  changed_when: False
+  check_mode: False
+
+- name: create luks volumes
+  block:
+  - name: write passphrases into temporary keyfiles
+    loop: "{{ luks_devices | dict2items }}"
+    loop_control:
+      label: "{{ item.key }}"
+    copy:
+      dest: "{{ keyfile_dir.path }}/{{ item.key }}"
+      content: "{{ item.value.passphrase }}"
+      mode: 0600
+    changed_when: False
+    check_mode: False
+
+  - name: create/open luks volumes
+    loop: "{{ luks_devices | dict2items }}"
+    loop_control:
+      label: "{{ item.key }} ({{ item.value.device }})"
+    luks_device:
+      name: "{{ item.key }}"
+      device: "{{ item.value.device }}"
+      keyfile: "{{ keyfile_dir.path }}/{{ item.key }}"
+      state: opened
+
+  always:
+  - name: remove base-directory for keyfiles
+    file:
+      path: "{{ keyfile_dir.path }}"
+      state: absent
+    changed_when: False
+    check_mode: False
diff --git a/roles/storage/luks/volumes/defaults/main.yml b/roles/storage/luks/volumes/defaults/main.yml
deleted file mode 100644
index 2347231c..00000000
--- a/roles/storage/luks/volumes/defaults/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-# luks_volumes:
-#   crypto-nvme0:
-#     passphrase: "keep-this-very-very-secret"
-#     device: /dev/nvme0n1p3
-#   crypto-nvme1:
-#     passphrase: "use-differnt-passphrase-and-keep-this-secret-as-well"
-#     device: /dev/nvme1n1p3
diff --git a/roles/storage/luks/volumes/tasks/main.yml b/roles/storage/luks/volumes/tasks/main.yml
deleted file mode 100644
index 8fdb3019..00000000
--- a/roles/storage/luks/volumes/tasks/main.yml
+++ /dev/null
@@ -1,43 +0,0 @@
----
-- name: install cryptsetup packages
-  apt:
-    name: cryptsetup-bin
-    state: present
-
-- name: Create temporary build directory
-  tempfile:
-    state: directory
-  register: keyfile_dir
-  changed_when: False
-  check_mode: False
-
-- name: create luks volumes
-  block:
-  - name: write passphrases into temporary keyfiles
-    loop: "{{ luks_volumes | dict2items }}"
-    loop_control:
-      label: "{{ item.key }}"
-    copy:
-      dest: "{{ keyfile_dir.path }}/{{ item.key }}"
-      content: "{{ item.value.passphrase }}"
-      mode: 0600
-    changed_when: False
-    check_mode: False
-
-  - name: create/open luks volumes
-    loop: "{{ luks_volumes | dict2items }}"
-    loop_control:
-      label: "{{ item.key }} ({{ item.value.device }})"
-    luks_device:
-      name: "{{ item.key }}"
-      device: "{{ item.value.device }}"
-      keyfile: "{{ keyfile_dir.path }}/{{ item.key }}"
-      state: opened
-
-  always:
-  - name: remove base-directory for keyfiles
-    file:
-      path: "{{ keyfile_dir.path }}"
-      state: absent
-    changed_when: False
-    check_mode: False
diff --git a/roles/storage/lvm/base/defaults/main.yml b/roles/storage/lvm/base/defaults/main.yml
new file mode 100644
index 00000000..224d35b5
--- /dev/null
+++ b/roles/storage/lvm/base/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+# lvm_groups:
+#   foo:
+#     pvs:
+#     - /dev/sdb
+#     - /dev/sdc1
diff --git a/roles/storage/lvm/base/tasks/main.yml b/roles/storage/lvm/base/tasks/main.yml
new file mode 100644
index 00000000..ddcd49c7
--- /dev/null
+++ b/roles/storage/lvm/base/tasks/main.yml
@@ -0,0 +1,12 @@
+---
+- name: create volume groups
+  loop: "{{ lvm_groups | dict2items }}"
+  loop_control:
+    label: "{{ item.key }}"
+  lvg:
+    vg: "{{ item.key }}"
+    vg_options: "{{ item.value.options | default(omit) }}"
+    pvs: "{{ item.value.pvs }}"
+    pesize: "{{ item.value.pesize | default(omit) }}"
+    pv_options: "{{ item.value.pv_options | default(omit) }}"
+    state: present
diff --git a/roles/storage/lvm/groups/defaults/main.yml b/roles/storage/lvm/groups/defaults/main.yml
deleted file mode 100644
index 224d35b5..00000000
--- a/roles/storage/lvm/groups/defaults/main.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-# lvm_groups:
-#   foo:
-#     pvs:
-#     - /dev/sdb
-#     - /dev/sdc1
diff --git a/roles/storage/lvm/groups/tasks/main.yml b/roles/storage/lvm/groups/tasks/main.yml
deleted file mode 100644
index ddcd49c7..00000000
--- a/roles/storage/lvm/groups/tasks/main.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-- name: create volume groups
-  loop: "{{ lvm_groups | dict2items }}"
-  loop_control:
-    label: "{{ item.key }}"
-  lvg:
-    vg: "{{ item.key }}"
-    vg_options: "{{ item.value.options | default(omit) }}"
-    pvs: "{{ item.value.pvs }}"
-    pesize: "{{ item.value.pesize | default(omit) }}"
-    pv_options: "{{ item.value.pv_options | default(omit) }}"
-    state: present
diff --git a/roles/storage/zfs/base/defaults/main.yml b/roles/storage/zfs/base/defaults/main.yml
new file mode 100644
index 00000000..1566890d
--- /dev/null
+++ b/roles/storage/zfs/base/defaults/main.yml
@@ -0,0 +1,19 @@
+---
+zfs_use_systemd_mount_generator: yes
+#zfs_arc_size:
+#  min: 512MB
+#  max: 8GB
+
+zfs_pool_default_properties:
+  ashift: 12
+
+# zfs_pools:
+#   storage:
+#     mountpoint: /srv/storage
+#     create_vdevs: mirror /dev/sda /dev/sdb  mirror /dev/sdc /dev/sdd  log mirror /dev/nvme0n1p3 /dev/nvme1n1p3  cache /dev/nvme0n1p4 /dev/nvme1n1p4
+#   test:
+#     mountpoint: /srv/storage
+#     create_vdevs: raidz /dev/sda /dev/sdb /dev/sdc /dev/sdd
+#     properties:
+#       ashift: 12
+#       prop: value
diff --git a/roles/storage/zfs/base/tasks/Debian.yml b/roles/storage/zfs/base/tasks/Debian.yml
new file mode 100644
index 00000000..a1ed0387
--- /dev/null
+++ b/roles/storage/zfs/base/tasks/Debian.yml
@@ -0,0 +1,42 @@
+---
+- name: install dkms
+  import_role:
+    name: prepare-dkms
+
+- name: check if contrib apt component is enabled
+  assert:
+    msg: "Debian zfs packages are in contrib - please enable it using 'apt_repo_components'"
+    that:
+      - apt_repo_components is defined
+      - "'contrib' in apt_repo_components"
+
+- name: enable backports and force ZFS packages from backports for buster
+  when: (ansible_distribution_major_version | int) == 10
+  block:
+  - name: add backports repo
+    include_role:
+      name: apt-repo/backports
+
+  - name: pin zfs packages to buster-backports
+    copy:
+      content: |
+        Package: libnvpair1linux libuutil1linux libzfs2linux libzpool2linux spl-dkms zfs-dkms zfs-test zfsutils-linux zfsutils-linux-dev zfs-zed
+        Pin: release n=buster-backports
+        Pin-Priority: 990
+      dest: /etc/apt/preferences.d/zfs-from-buster-backports
+
+- name: install zfs modules via dkms
+  apt:
+    name: zfs-dkms
+    state: present
+
+- name: check if module is available for the currently running kernel
+  command: modprobe --dry-run zfs
+  check_mode: no
+  register: zfs_module_available
+  failed_when: false
+  changed_when: false
+
+- name: rebuild zfs module
+  when: zfs_module_available.rc != 0
+  command: dpkg-reconfigure zfs-dkms
diff --git a/roles/storage/zfs/base/tasks/Ubuntu.yml b/roles/storage/zfs/base/tasks/Ubuntu.yml
new file mode 100644
index 00000000..9745d716
--- /dev/null
+++ b/roles/storage/zfs/base/tasks/Ubuntu.yml
@@ -0,0 +1,2 @@
+---
+## nothing to do here - zfs modules are part of ubuntu core already
diff --git a/roles/storage/zfs/base/tasks/enable-systemd-mount-generator.yml b/roles/storage/zfs/base/tasks/enable-systemd-mount-generator.yml
new file mode 100644
index 00000000..1d50c873
--- /dev/null
+++ b/roles/storage/zfs/base/tasks/enable-systemd-mount-generator.yml
@@ -0,0 +1,23 @@
+---
+- name: enable zfs-list-cacher zlet
+  file:
+    src: /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh
+    dest: /etc/zfs/zed.d/history_event-zfs-list-cacher.sh
+    state: link
+
+- name: create base-directory for zfs-list.cache
+  file:
+    path: /etc/zfs/zfs-list.cache/
+    state: directory
+
+- name: create zfs-list.cache file for all pools
+  loop: "{{ zfs_pools | dict2items }}"
+  loop_control:
+    label: "{{ item.key }}"
+  copy:
+    content: ""
+    dest: "/etc/zfs/zfs-list.cache/{{ item.key }}"
+    force: no
+
+## TODO: if this is installed after the zpool has already been created zed needs to be triggered
+##       using something like:   zfs set canmount=on DATASET
diff --git a/roles/storage/zfs/base/tasks/main.yml b/roles/storage/zfs/base/tasks/main.yml
new file mode 100644
index 00000000..99b8e228
--- /dev/null
+++ b/roles/storage/zfs/base/tasks/main.yml
@@ -0,0 +1,61 @@
+---
+- name: configure arc size
+  when: zfs_arc_size is defined
+  copy:
+    content: |
+      options zfs zfs_arc_min={{ zfs_arc_size.min | human_to_bytes }}
+      options zfs zfs_arc_max={{ zfs_arc_size.max | human_to_bytes }}
+    dest: /etc/modprobe.d/zfs.conf
+
+- name: install zfs modules
+  include_tasks: "{{ ansible_distribution }}.yml"
+
+- name: load zfs kernel module
+  modprobe:
+    name: zfs
+    state: present
+
+- name: install zed and zfs file system utilities
+  apt:
+    name:
+    - zfsutils-linux
+    - zfs-zed
+    state: present
+
+- name: enable systemd mount-generator
+  when: zfs_use_systemd_mount_generator
+  import_tasks: enable-systemd-mount-generator.yml
+
+- name: gather zpool facts
+  zpool_facts:
+
+- name: generate list of existing pools
+  set_fact:
+    zfs_existing_pools: "{{ ansible_zfs_pools | map(attribute='name') | list }}"
+
+- name: try to import existing pools
+  loop: "{{ zfs_pools | dict2items }}"
+  loop_control:
+    label: "{{ item.key }}"
+  when: item.key not in zfs_existing_pools
+  command: "zpool import{% for dev in (item.value.create_vdevs.split(' ') | select('match', '^/dev/') ) %} -d {{ dev }}{% endfor %} -f {{ item.key }}"
+  register: zfs_import_result
+  failed_when:
+  - zfs_import_result.rc == 0
+  - (zfs_import_result.stderr_lines | reject("regex", " no such pool available$") | list | length) > 0
+  changed_when:
+  - (zfs_import_result.stderr_lines | length) == 0
+
+- name: gather zpool facts (again)
+  zpool_facts:
+
+- name: generate list of existing pools (again)
+  set_fact:
+    zfs_existing_pools: "{{ ansible_zfs_pools | map(attribute='name') | list }}"
+
+- name: create pools
+  loop: "{{ zfs_pools | dict2items }}"
+  loop_control:
+    label: "{{ item.key }}"
+  when: item.key not in zfs_existing_pools
+  command: "zpool create -m {{ item.value.mountpoint }} {% for prop, value in (item.value.properties | default(zfs_pool_default_properties)).items() %}-o {{ prop }}={{ value }} {% endfor %}{{ item.key }} {{ item.value.create_vdevs }}"
diff --git a/roles/storage/zfs/pools/defaults/main.yml b/roles/storage/zfs/pools/defaults/main.yml
deleted file mode 100644
index 1566890d..00000000
--- a/roles/storage/zfs/pools/defaults/main.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-zfs_use_systemd_mount_generator: yes
-#zfs_arc_size:
-#  min: 512MB
-#  max: 8GB
-
-zfs_pool_default_properties:
-  ashift: 12
-
-# zfs_pools:
-#   storage:
-#     mountpoint: /srv/storage
-#     create_vdevs: mirror /dev/sda /dev/sdb  mirror /dev/sdc /dev/sdd  log mirror /dev/nvme0n1p3 /dev/nvme1n1p3  cache /dev/nvme0n1p4 /dev/nvme1n1p4
-#   test:
-#     mountpoint: /srv/storage
-#     create_vdevs: raidz /dev/sda /dev/sdb /dev/sdc /dev/sdd
-#     properties:
-#       ashift: 12
-#       prop: value
diff --git a/roles/storage/zfs/pools/tasks/Debian.yml b/roles/storage/zfs/pools/tasks/Debian.yml
deleted file mode 100644
index a1ed0387..00000000
--- a/roles/storage/zfs/pools/tasks/Debian.yml
+++ /dev/null
@@ -1,42 +0,0 @@
----
-- name: install dkms
-  import_role:
-    name: prepare-dkms
-
-- name: check if contrib apt component is enabled
-  assert:
-    msg: "Debian zfs packages are in contrib - please enable it using 'apt_repo_components'"
-    that:
-      - apt_repo_components is defined
-      - "'contrib' in apt_repo_components"
-
-- name: enable backports and force ZFS packages from backports for buster
-  when: (ansible_distribution_major_version | int) == 10
-  block:
-  - name: add backports repo
-    include_role:
-      name: apt-repo/backports
-
-  - name: pin zfs packages to buster-backports
-    copy:
-      content: |
-        Package: libnvpair1linux libuutil1linux libzfs2linux libzpool2linux spl-dkms zfs-dkms zfs-test zfsutils-linux zfsutils-linux-dev zfs-zed
-        Pin: release n=buster-backports
-        Pin-Priority: 990
-      dest: /etc/apt/preferences.d/zfs-from-buster-backports
-
-- name: install zfs modules via dkms
-  apt:
-    name: zfs-dkms
-    state: present
-
-- name: check if module is available for the currently running kernel
-  command: modprobe --dry-run zfs
-  check_mode: no
-  register: zfs_module_available
-  failed_when: false
-  changed_when: false
-
-- name: rebuild zfs module
-  when: zfs_module_available.rc != 0
-  command: dpkg-reconfigure zfs-dkms
diff --git a/roles/storage/zfs/pools/tasks/Ubuntu.yml b/roles/storage/zfs/pools/tasks/Ubuntu.yml
deleted file mode 100644
index 9745d716..00000000
--- a/roles/storage/zfs/pools/tasks/Ubuntu.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-## nothing to do here - zfs modules are part of ubuntu core already
diff --git a/roles/storage/zfs/pools/tasks/enable-systemd-mount-generator.yml b/roles/storage/zfs/pools/tasks/enable-systemd-mount-generator.yml
deleted file mode 100644
index 1d50c873..00000000
--- a/roles/storage/zfs/pools/tasks/enable-systemd-mount-generator.yml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-- name: enable zfs-list-cacher zlet
-  file:
-    src: /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh
-    dest: /etc/zfs/zed.d/history_event-zfs-list-cacher.sh
-    state: link
-
-- name: create base-directory for zfs-list.cache
-  file:
-    path: /etc/zfs/zfs-list.cache/
-    state: directory
-
-- name: create zfs-list.cache file for all pools
-  loop: "{{ zfs_pools | dict2items }}"
-  loop_control:
-    label: "{{ item.key }}"
-  copy:
-    content: ""
-    dest: "/etc/zfs/zfs-list.cache/{{ item.key }}"
-    force: no
-
-## TODO: if this is installed after the zpool has already been created zed needs to be triggered
-##       using something like:   zfs set canmount=on DATASET
diff --git a/roles/storage/zfs/pools/tasks/main.yml b/roles/storage/zfs/pools/tasks/main.yml
deleted file mode 100644
index 99b8e228..00000000
--- a/roles/storage/zfs/pools/tasks/main.yml
+++ /dev/null
@@ -1,61 +0,0 @@
----
-- name: configure arc size
-  when: zfs_arc_size is defined
-  copy:
-    content: |
-      options zfs zfs_arc_min={{ zfs_arc_size.min | human_to_bytes }}
-      options zfs zfs_arc_max={{ zfs_arc_size.max | human_to_bytes }}
-    dest: /etc/modprobe.d/zfs.conf
-
-- name: install zfs modules
-  include_tasks: "{{ ansible_distribution }}.yml"
-
-- name: load zfs kernel module
-  modprobe:
-    name: zfs
-    state: present
-
-- name: install zed and zfs file system utilities
-  apt:
-    name:
-    - zfsutils-linux
-    - zfs-zed
-    state: present
-
-- name: enable systemd mount-generator
-  when: zfs_use_systemd_mount_generator
-  import_tasks: enable-systemd-mount-generator.yml
-
-- name: gather zpool facts
-  zpool_facts:
-
-- name: generate list of existing pools
-  set_fact:
-    zfs_existing_pools: "{{ ansible_zfs_pools | map(attribute='name') | list }}"
-
-- name: try to import existing pools
-  loop: "{{ zfs_pools | dict2items }}"
-  loop_control:
-    label: "{{ item.key }}"
-  when: item.key not in zfs_existing_pools
-  command: "zpool import{% for dev in (item.value.create_vdevs.split(' ') | select('match', '^/dev/') ) %} -d {{ dev }}{% endfor %} -f {{ item.key }}"
-  register: zfs_import_result
-  failed_when:
-  - zfs_import_result.rc == 0
-  - (zfs_import_result.stderr_lines | reject("regex", " no such pool available$") | list | length) > 0
-  changed_when:
-  - (zfs_import_result.stderr_lines | length) == 0
-
-- name: gather zpool facts (again)
-  zpool_facts:
-
-- name: generate list of existing pools (again)
-  set_fact:
-    zfs_existing_pools: "{{ ansible_zfs_pools | map(attribute='name') | list }}"
-
-- name: create pools
-  loop: "{{ zfs_pools | dict2items }}"
-  loop_control:
-    label: "{{ item.key }}"
-  when: item.key not in zfs_existing_pools
-  command: "zpool create -m {{ item.value.mountpoint }} {% for prop, value in (item.value.properties | default(zfs_pool_default_properties)).items() %}-o {{ prop }}={{ value }} {% endfor %}{{ item.key }} {{ item.value.create_vdevs }}"
diff --git a/roles/storage/zfs/volume/tasks/main.yml b/roles/storage/zfs/volume/tasks/main.yml
index 0dc0e82d..260d706d 100644
--- a/roles/storage/zfs/volume/tasks/main.yml
+++ b/roles/storage/zfs/volume/tasks/main.yml
@@ -1,5 +1,4 @@
 ---
-  ## TODO: implement recursive nesting
 - name: check volume parent
   when: "'parent' in zfs_volume"
   assert:
-- 
cgit v1.2.3