pve_activate: add role

playbooks/pve.yml

@@ -0,0 +1,7 @@
+#!/usr/bin/env ansible-playbook
+---
+- hosts:
+    - pve_network
+  roles:
+    - pve_activate
+...

roles/pve_activate/files/pve-activate

@@ -0,0 +1,53 @@
+#!/usr/bin/env python3
+import argparse
+import base64
+import hashlib
+import json
+import time
+
+SHARED_KEY_DATA = b"kjfdlskfhiuewhfk947368"
+SSH_RSA_KEY = "/etc/ssh/ssh_host_rsa_key.pub"
+
+
+def read_server_id():
+    with open(SSH_RSA_KEY, "rb") as f:
+        return hashlib.md5(f.read()).hexdigest().upper()
+
+
+def read_time():
+    return time.time_ns() // (1000 ** 3)
+
+
+def main():
+
+    parser = argparse.ArgumentParser()
+    parser.add_argument("--key", default="pve8c-0000000000")
+    parser.add_argument("--subscription", default="/etc/subscription")
+
+    args = parser.parse_args()
+
+    check_time = read_time()
+    encoded_check_time = str(check_time).encode("utf-8")
+
+    data = {
+        "status": "active",
+        "checktime": check_time,
+        "serverid": read_server_id(),
+        "key": args.key,
+    }
+
+    encoded_data = base64.b64encode(json.dumps(data).encode("utf-8"))
+
+    checksum = hashlib.md5(encoded_check_time + encoded_data + SHARED_KEY_DATA)
+    encoded_checksum = base64.b64encode(checksum.digest())
+
+    subscription = b"\n".join(
+        [args.key.encode("utf-8"), encoded_checksum, encoded_data]
+    )
+
+    with open(args.subscription, "wb") as f:
+        f.write(subscription)
+
+
+if __name__ == "__main__":
+    main()

roles/pve_activate/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: Run daemon-reload
+  systemd:
+    daemon_reload: true
+...

roles/pve_activate/tasks/main.yml

@@ -0,0 +1,28 @@
+---
+- name: Install pve-activate
+  copy:
+    src: pve-activate
+    dest: /usr/local/sbin/pve-activate
+    owner: root
+    group: root
+    mode: u=rwx,g=rx,o=rx
+
+- name: Configure pve-activate timer
+  template:
+    src: "{{ item }}.j2"
+    dest: "/etc/systemd/system/{{ item }}"
+    mode: u=rw,g=r,o=r
+    owner: root
+    group: root
+  loop:
+    - pve-activate.service
+    - pve-activate.timer
+  notify:
+    - Run daemon-reload
+
+- name: Enable pve-activate timer
+  systemd:
+    name: pve-activate.timer
+    enabled: true
+    state: started
+...

roles/pve_activate/templates/pve-activate.service.j2

@@ -0,0 +1,10 @@
+{{ ansible_managed | comment }}
+
+[Unit]
+Description=Activate Proxmox VE
+
+[Service]
+Type=oneshot
+User=root
+Group=root
+ExecStart=/usr/local/sbin/pve-activate

roles/pve_activate/templates/pve-activate.timer.j2

@@ -0,0 +1,10 @@
+{{ ansible_managed | comment }}
+
+[Unit]
+Description=Timer for Activate Proxmox VE
+
+[Timer]
+OnUnitActiveSec=1d
+
+[Install]
+WantedBy=timers.target