88 lines
1.7 KiB
YAML
88 lines
1.7 KiB
YAML
---
|
|
- hosts:
|
|
- lxc_hosts
|
|
|
|
tasks:
|
|
- assert:
|
|
that:
|
|
- ansible_pkg_mgr == "apt"
|
|
fail_msg: "Sorry, Debian-like hosts only!"
|
|
|
|
|
|
- name: Just to be sure python3-apt is installed
|
|
command: apt install -y python3-apt
|
|
args:
|
|
creates: /usr/lib/python3/dist-packages/apt
|
|
|
|
|
|
- name: Install packages
|
|
package:
|
|
name: "{{ packages }}"
|
|
state: latest
|
|
vars:
|
|
packages:
|
|
- bridge-utils
|
|
- dnsmasq
|
|
- iptables
|
|
- lxc
|
|
- python3-lxc
|
|
|
|
|
|
- name: Copy config files
|
|
copy:
|
|
src: "{{ item }}"
|
|
dest: "/{{ item }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
loop:
|
|
- etc/dnsmasq.d/br-lxc
|
|
- etc/lxc/akademie.conf
|
|
- etc/network/interfaces.d/br-lxc
|
|
notify:
|
|
- Restart dnsmasq
|
|
|
|
|
|
- name: dnsmasq should use /etc/resolv.conf
|
|
lineinfile:
|
|
path: /etc/default/dnsmasq
|
|
line: 'IGNORE_RESOLVCONF=yes'
|
|
regexp: '^\s*#*\s*IGNORE_RESOLVCONF=yes'
|
|
backup: yes
|
|
notify:
|
|
- Restart dnsmasq
|
|
|
|
|
|
- name: IPv4-Forwarding
|
|
sysctl:
|
|
name: net.ipv4.ip_forward
|
|
value: 1
|
|
sysctl_file: /etc/sysctl.d/lxc.conf
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
|
|
|
|
- name: Disable lxc-net
|
|
service:
|
|
name: lxc-net
|
|
enabled: no
|
|
state: stopped
|
|
ignore_errors: yes
|
|
|
|
|
|
- name: Bring up br-lxc
|
|
command: ifup br-lxc
|
|
args:
|
|
creates: /sys/devices/virtual/net/br-lxc
|
|
|
|
|
|
|
|
handlers:
|
|
- name: Restart dnsmasq
|
|
service:
|
|
name: dnsmasq
|
|
state: restarted
|
|
ignore_errors: yes
|
|
|