feat: Integrate Authentik OIDC into Semaphore and enhance Proxmox VM template creation with image list selection and SSH key management.

ansible/roles/proxmox_vm/defaults/main.yml

@@ -5,22 +5,54 @@
 proxmox_action: create_vm
 
 # Common settings
-storage_pool: local-lvm
+storage_pool: Lithium
 vmid: 9000
+target_node: "{{ inventory_hostname }}"
 
-# Template Creation settings
+# --- Template Creation Settings ---
+
+# Image Source Selection
+# Options: 'list' (use image_alias) or 'url' (use custom_image_url)
+image_source_type: list 
+
+# Predefined Image List
+# You can select these by setting image_alias
+image_list:
+  ubuntu-22.04:
+    url: "https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img"
+    filename: "ubuntu-22.04-server-cloudimg-amd64.img"
+  ubuntu-24.04:
+    url: "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img"
+    filename: "ubuntu-24.04-server-cloudimg-amd64.img"
+  debian-12:
+    url: "https://cloud.debian.org/images/cloud/bookworm/latest/debian-12-generic-amd64.qcow2"
+    filename: "debian-12-generic-amd64.qcow2"
+  
+# Selection (Default)
+image_alias: ubuntu-22.04
+
+# Custom URL (Used if image_source_type is 'url')
+custom_image_url: ""
+custom_image_name: "custom-image.img"
+
+# Template Config
 template_name: ubuntu-cloud-template
-image_url: "https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img"
-image_name: "ubuntu-22.04-server-cloudimg-amd64.img"
 memory: 2048
 cores: 2
 
-# Create VM settings (cloning)
-new_vm_name: new-vm
-target_node: "{{ inventory_hostname }}" # For cloning, usually same node
-clone_full: true # Full clone (independent) vs Linked clone
+# --- SSH Key Configuration ---
+# The Admin Key is always added
+admin_ssh_key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI..." # REPLACE THIS with your actual public key
 
-# Backup settings
+# Additional keys (list of strings)
+additional_ssh_keys: []
+
+# --- Create VM Settings (Cloning) ---
+new_vm_name: new-vm
+clone_full: true # Full clone (independent) vs Linked clone
+start_after_create: true
+
+# --- Backup Settings ---
 backup_mode: snapshot # snapshot, suspend, stop
 backup_compress: zstd
-backup_storage: local
+backup_storage: Lithium

ansible/roles/proxmox_vm/tasks/create_template.yml

@@ -1,4 +1,16 @@
 ---
+- name: Resolve Image Variables (List)
+  set_fact:
+    _image_url: "{{ image_list[image_alias].url }}"
+    _image_name: "{{ image_list[image_alias].filename }}"
+  when: image_source_type == 'list'
+
+- name: Resolve Image Variables (URL)
+  set_fact:
+    _image_url: "{{ custom_image_url }}"
+    _image_name: "{{ custom_image_name }}"
+  when: image_source_type == 'url'
+
 - name: Check if template already exists
   command: "qm status {{ vmid }}"
   register: vm_status
@@ -12,8 +24,8 @@
 
 - name: Download Cloud Image
   get_url:
-    url: "{{ image_url }}"
-    dest: "/tmp/{{ image_name }}"
+    url: "{{ _image_url }}"
+    dest: "/tmp/{{ _image_name }}"
     mode: '0644'
 
 - name: Install libguestfs-tools
@@ -34,7 +46,7 @@
     --serial0 socket --vga serial0
 
 - name: Import Disk
-  command: "qm importdisk {{ vmid }} /tmp/{{ image_name }} {{ storage_pool }}"
+  command: "qm importdisk {{ vmid }} /tmp/{{ _image_name }} {{ storage_pool }}"
 
 - name: Attach Disk to SCSI
   command: "qm set {{ vmid }} --scsi0 {{ storage_pool }}:vm-{{ vmid }}-disk-0"
@@ -45,6 +57,22 @@
 - name: Set Boot Order
   command: "qm set {{ vmid }} --boot c --bootdisk scsi0"
 
+- name: Prepare SSH Keys File
+  copy:
+    content: |
+      {{ admin_ssh_key }}
+      {% for key in additional_ssh_keys %}
+      {{ key }}
+      {% endfor %}
+    dest: "/tmp/ssh_keys_{{ vmid }}.pub"
+    mode: '0600'
+
+- name: Configure Cloud-Init (SSH Keys, User, IP)
+  command: >
+    qm set {{ vmid }}
+    --sshkeys /tmp/ssh_keys_{{ vmid }}.pub
+    --ipconfig0 ip=dhcp
+
 - name: Resize Disk (Default 10G)
   command: "qm resize {{ vmid }} scsi0 10G"
   ignore_errors: yes
@@ -54,5 +82,10 @@
 
 - name: Remove Downloaded Image
   file:
-    path: "/tmp/{{ image_name }}"
+    path: "/tmp/{{ _image_name }}"
+    state: absent
+
+- name: Remove Temporary SSH Keys File
+  file:
+    path: "/tmp/ssh_keys_{{ vmid }}.pub"
     state: absent