---
- name: Install packages
  package:
    name:
      - dnsmasq
      - iptables
    state: latest


- name: Template dnsmasq.d config file
  template:
    src: "etc/dnsmasq.d/bridge.j2"
    dest: "/etc/dnsmasq.d/{{ lxc_host_bridge }}"
    owner: root
    group: root
    mode: 0644
  notify:
    - Restart dnsmasq


- name: Template network interface config file
  template:
    src: "etc/network/interfaces.d/bridge.j2"
    dest: "/etc/network/interfaces.d/{{ lxc_host_bridge }}"
    owner: root
    group: root
    mode: 0644


- name: dnsmasq should use /etc/resolv.conf
  lineinfile:
    path: /etc/default/dnsmasq
    line: 'IGNORE_RESOLVCONF=yes'
    regexp: '^\s*#*\s*IGNORE_RESOLVCONF=yes'
    backup: yes
  notify:
    - Restart dnsmasq


- name: IPv4-Forwarding
  sysctl:
    name: net.ipv4.ip_forward
    value: '1'
    sysctl_file: /etc/sysctl.d/lxc.conf
    sysctl_set: yes
    state: present
    reload: yes


- name: Disable lxc-net with systemd
  when: ansible_service_mgr == "systemd"
  block:
    - name: Stop lxc-net service
      systemd:
        name: lxc-net
        state: stopped

    - name: Disable lxc-net service
      systemd:
        name: lxc-net
        enabled: no

    - name: Mask lxc-net service
      systemd:
        name: lxc-net
        masked: yes


- name: Disable lxc-net without systemd
  when: ansible_service_mgr != "systemd"
  block:
    - name: Disable lxc-net
      service:
        name: lxc-net
        enabled: no
        state: stopped
      ignore_errors: yes


- name: "Bring up {{ lxc_host_bridge }}"
  command: "ifup {{ lxc_host_bridge }}"
  args:
    creates: "/sys/devices/virtual/net/{{ lxc_host_bridge }}"