added support for public address mappings in vm host network

1 files changed, 11 insertions, 0 deletions

diff --git a/roles/vm/host/tasks/network.yml b/roles/vm/host/tasks/network.yml
index 343a1b00..a6eb7333 100644
--- a/roles/vm/host/tasks/network.yml
+++ b/roles/vm/host/tasks/network.yml
@@ -21,6 +21,17 @@
         up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding
         up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding
         up /usr/sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
+      {% endif %}
+      {% if 'public' in vm_host.network %}
+      {%   for dest in vm_host.network.public.mappings %}
+      {%     for idx in vm_host.network.public.mappings[dest] %}
+        up /usr/sbin/ip route add {{ (vm_host.network.public.prefix | ipaddr(idx)).split('/')[0] }}/32 via {{ (vm_host.network.prefix | ipaddr(vm_host.network.offsets[dest])).split('/')[0] }}  # {{ dest }}
+      {%     endfor %}
+      {%   endfor %}
+        up /usr/sbin/ip route add unreachable {{ vm_host.network.public.prefix }}
+        down /usr/sbin/ip route del {{ vm_host.network.public.prefix }}
+      {% endif %}
+      {% if 'nat' in vm_host.network and vm_host.network.nat %}
         down /usr/sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
       {% endif %}
   register: vmhost_interface_config