PBS configuration via ansible

[arukashi]

Hello
I'm trying to do basic configuration via Ansible: users, acl, passwords, etc. And i'm kinda stuck with populating users

Looks like user.cfg does not accept comments and it is mandatory to have blank line between each definition of user. Otherwise login is breaking.
So manipulating user.cfg with lineinfile/blockinfile modules is impossible.
I can use shell module to call

proxmox-backup-manager user create

but when user exists it always shows an error. More to that, with proxmox-backup-manager i can't populate token with defined value
Is there any convenient way to configure PBS via Ansible?
Any help appreciated. Thanks

 

[PublicSectorTech]

I'm just learning Proxmox backup server myself, but it looks like there is an Ansible role which does user management with lineinfile. It also looks like there is a new PBS terraform provider that has plans to add user management .

Hope that helps.

 

[Deerom]

Hello
I'm trying to do basic configuration via Ansible: users, acl, passwords, etc. And i'm kinda stuck with populating users

Looks like user.cfg does not accept comments and it is mandatory to have blank line between each definition of user. Otherwise login is breaking.
So manipulating user.cfg with lineinfile/blockinfile modules is impossible.
I can use shell module to call

proxmox-backup-manager user create

but when user exists it always shows an error. More to that, with proxmox-backup-manager i can't populate token with defined value
Is there any convenient way to configure PBS via Ansible?
Any help appreciated. Thanks

Hi,

I would suggest changing this logic to the following within your Ansible playbook:
1. gather a list of current users, register those as a variable.
2. Set a static list in your host/group_vars with the user that you'd like to add, then lookup the users through the previous 'register' variable. If user X does not exist, run task 'create user'.

Code snippet would look like something along the lines of:

- name: Check account of {{ item.userid }}
  ansible.builtin.command: pvesh get /access/users/{{ item.userid }} --output-format=json
  register: user
  check_mode: no
  changed_when: false
  ignore_errors: true

- name: Create user {{ item.userid }}
  ansible.builtin.command: pvesh create /access/users --userid "{{ item.userid }}"
  when: user.rc != 0

Although this is for PVE, I'm sure this logic can be adapted to use the proxmox-backup-manager instead.

Good luck!