init

ansible/roles/proxmox/enable_snippets/tasks/main.yml

@@ -0,0 +1,4 @@
+---
+- name: enable snippets on storage "local"
+  ansible.builtin.command: >
+    pvesm set local --content backup,iso,vztmpl,snippets

ansible/roles/proxmox/install_nvidia_driver/readme.md

@@ -0,0 +1,41 @@
+## 1.0 Быстрая проверка, что GPU видна хосту
+lspci -nn | grep -i nvidia
+
+## 1.1 GRUB
+nano /etc/default/grub
+GRUB_CMDLINE_LINUX_DEFAULT="quiet iommu=pt"
+update-grub
+reboot
+
+## 1.2 VFIO модули
+nano /etc/modules-load.d/vfio.conf
+vfio
+vfio_iommu_type1
+vfio_pci
+vfio_virqfd
+
+## 1.3 Привязать GPU к vfio-pci по ID
+nano /etc/modprobe.d/vfio.conf
+options vfio-pci ids=10de:2d58,10de:22eb disable_vga=1
+
+## 1.4 Заблэклистить nouveau (и не ставить nvidia на хост, если passthrough нужен “чисто”)
+nano /etc/modprobe.d/blacklist-nouveau.conf
+blacklist nouveau
+options nouveau modeset=0
+
+## 1.5 Пересобрать initramfs и перезагрузиться
+update-initramfs -u -k all
+reboot
+
+## 1.6 Проверка: GPU реально ушла в VFIO
+dmesg | grep -E "AMD-Vi|IOMMU" | tail -n 50
+lspci -nnk -s 01:00.0
+lspci -nnk -s 01:00.1
+
+## В Proxmox создай PCI mapping для RTX 5070
+Datacenter → Resource Mapping → PCI Devices → Add
+Сделай маппинг:
+rtx5070_gpu → 0000:01:00
+
+dmesg | grep -E "IOMMU|AMD-Vi"
+

ansible/roles/proxmox/lxc/download_template/tasks/main.yml

@@ -0,0 +1,10 @@
+---
+- name: update LXC template index
+  ansible.builtin.command: pveam update
+  register: pveam_update
+  changed_when: false
+
+- name: download LXC template
+  ansible.builtin.command: "pveam download local {{ lxc_template_name }}"
+  args:
+    creates: "/var/lib/vz/template/cache/{{ lxc_template_name }}"

ansible/roles/proxmox/lxc/shutdown/tasks/main.yml

@@ -0,0 +1,5 @@
+---
+- name: shutdown LXC container
+  ansible.builtin.command: pct shutdown {{ lxc_id }}
+  become: true
+  changed_when: true

ansible/roles/proxmox/setup_no_subscription_repository/tasks/main.yml

@@ -0,0 +1,30 @@
+---
+- name: remove proxmox enterprise repo
+  ansible.builtin.file:
+    path: /etc/apt/sources.list.d/pve-enterprise.sources
+    state: absent
+
+- name: remove ceph enterprise repo
+  ansible.builtin.file:
+    path: /etc/apt/sources.list.d/ceph.sources
+    state: absent
+
+- name: remove duplicate no-subscription entries from /etc/apt/sources.list
+  ansible.builtin.replace:
+    path: /etc/apt/sources.list
+    regexp: "^deb .*pve-no-subscription.*$"
+    replace: ""
+  ignore_errors: true
+
+- name: ensure proxmox no-subscription repo file exists
+  ansible.builtin.copy:
+    dest: /etc/apt/sources.list.d/pve-no-subscription.list
+    content: |
+      deb http://download.proxmox.com/debian/pve trixie pve-no-subscription
+    owner: root
+    group: root
+    mode: "0644"
+
+- name: update apt cache
+  ansible.builtin.apt:
+    update_cache: yes

ansible/roles/proxmox/vm/download_iso/tasks/main.yml

@@ -0,0 +1,18 @@
+---
+- name: Ensure ISO directory exists
+  ansible.builtin.file:
+    path: /var/lib/vz/template/iso
+    state: directory
+    owner: root
+    group: root
+    mode: "0755"
+
+- name: Download Debian netinst ISO
+  ansible.builtin.get_url:
+    url: "{{ vm_iso_url }}"
+    dest: "/var/lib/vz/template/iso/{{ vm_iso_name }}"
+    mode: "0644"
+    owner: root
+    group: root
+    force: false # не перекачивать, если файл уже есть
+    timeout: 60