Merge pull request #301 from lae/develop

lae · web-flow · commit 73955ef3a0fd · 2025-06-05T01:14:21.000+09:00
Release 1.9.3
diff --git a/README.md b/README.md
@@ -683,6 +683,11 @@ pve_storages:
     username: user
     password: supersecurepass
     domain: addomain.tld
+  - name: empty-dir
+    type: dir
+    path: /mnt/empty-dir
+    content: [ "images", "rootdir" ]
+    create_subdirs: false
 ```
 
 Refer to https://pve.proxmox.com/pve-docs/api-viewer/index.html for more information.
@@ -738,6 +743,9 @@ pve_ceph_osds:
   - device: /dev/sdd
     block.db: /dev/sdb1
     encrypted: true
+  # NVME OSD
+  - device: /dev/nvme0n1
+    crush.device.class: NVMe
 # Crush rules for different storage classes
 # By default 'type' is set to host, you can find valid types at
 # (https://docs.ceph.com/en/latest/rados/operations/crush-map/)
diff --git a/library/proxmox_storage.py b/library/proxmox_storage.py
@@ -161,6 +161,11 @@
         description:
             - Specifies whether or not the given path is an externally managed
             mountpoint.
+    create_subdirs:
+        required: false
+        type: bool
+        description:
+            - Specifies whether or not to populate the directory with the default structure.
     namespace:
         required: false
         type: str
@@ -314,6 +319,7 @@ def __init__(self, module):
         self.thinpool = module.params['thinpool']
         self.sparse = module.params['sparse']
         self.is_mountpoint = module.params['is_mountpoint']
+        self.create_subdirs = module.params['create_subdirs']
 
         # namespace for pbs
         self.namespace = module.params['namespace']
@@ -414,6 +420,8 @@ def prepare_storage_args(self):
             args['sparse'] = 1 if self.sparse else 0
         if self.is_mountpoint is not None:
             args['is_mountpoint'] = 1 if self.is_mountpoint else 0
+        if self.create_subdirs is not None:
+            args['create-subdirs'] = 1 if self.create_subdirs else 0
 
         # CIFS
         if self.subdir is not None:
@@ -587,6 +595,7 @@ def main():
         thinpool=dict(default=None, type='str', required=False),
         sparse=dict(default=None, type='bool', required=False),
         is_mountpoint=dict(default=None, type='bool', required=False),
+        create_subdirs=dict(default=None, type='bool', required=False),
         namespace=dict(default=None, type='str', required=False),
         subdir=dict(default=None, type='str', required=False),
         domain=dict(default=None, type='str', required=False),
diff --git a/tasks/ceph.yml b/tasks/ceph.yml
@@ -55,6 +55,7 @@
     - name: Create Ceph OSDs
       ansible.builtin.command: >-
         pveceph osd create {{ item.device }}
+        {% if "crush.device.class" in item %}--crush-device-class {{ item["crush.device.class"] }}{% endif %}
         {% if "encrypted" in item and item["encrypted"] | bool %}--encrypted 1{% endif %}
         {% if "block.db" in item %}--db_dev {{ item["block.db"] }}{% endif %}
         {% if "block.wal" in item %}--wal_dev {{ item["block.wal"] }}{% endif %}
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -349,6 +349,9 @@
     domain: "{{ item.domain | default(omit) }}"
     subdir: "{{ item.subdir | default(omit) }}"
     share: "{{ item.share | default(omit) }}"
+    shared: "{{ item.shared | default(omit) }}"
+    create_subdirs: "{{ item.create_subdirs | default(omit) }}"
+    is_mountpoint: "{{ item.is_mountpoint | default(omit) }}"
   no_log: "{{ pve_no_log }}"
   with_items: "{{ pve_storages }}"
   when: "not pve_cluster_enabled | bool or (pve_cluster_enabled | bool and inventory_hostname == _init_node)"
diff --git a/tasks/ssh_cluster_config.yml b/tasks/ssh_cluster_config.yml
@@ -38,19 +38,35 @@
           Port {{ pve_ssh_port }}
       {% endfor %}
 
+- name: Ensure SSH config directory exists
+  ansible.builtin.file:
+    path: /etc/ssh/sshd_config.d
+    state: directory
+    mode: "0755"
+
 - name: Allow root logins from PVE cluster hosts
   ansible.builtin.blockinfile:
-    dest: /etc/ssh/sshd_config
+    dest: /etc/ssh/sshd_config.d/00-pve.conf
+    create: yes
+    mode: "0640"
     marker: "# {mark}: Allow root logins from PVE hosts (managed by ansible)."
     content: |
       {% for host in groups[pve_group] %}
       Match Address {{ hostvars[host].pve_cluster_ssh_addrs | join(",") }}
-      PermitRootLogin prohibit-password
+        PermitRootLogin prohibit-password
       {% endfor %}
     validate: "/usr/sbin/sshd -t -f %s"
   notify:
     - reload ssh server configuration
 
+- name: Remove SSH configuration from main sshd_config if present in favor of config in sshd_config.d
+  ansible.builtin.blockinfile:
+    path: /etc/ssh/sshd_config
+    marker: "# {mark}: Allow root logins from PVE hosts (managed by ansible)."
+    state: absent
+  notify:
+    - reload ssh server configuration
+    
 - name: Enable and start SSH server
   ansible.builtin.systemd:
     name: ssh.service
