vm/network: add support for public

2 files changed, 15 insertions, 10 deletions

diff --git a/roles/vm/host/tasks/network.yml b/roles/vm/host/tasks/network.yml
index a6eb7333..0c7e36f9 100644
--- a/roles/vm/host/tasks/network.yml
+++ b/roles/vm/host/tasks/network.yml
@@ -20,19 +20,17 @@
       {% if 'nat' in vm_host.network and vm_host.network.nat %}
         up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding
         up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding
-        up /usr/sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
+        up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
       {% endif %}
       {% if 'public' in vm_host.network %}
       {%   for dest in vm_host.network.public.mappings %}
-      {%     for idx in vm_host.network.public.mappings[dest] %}
-        up /usr/sbin/ip route add {{ (vm_host.network.public.prefix | ipaddr(idx)).split('/')[0] }}/32 via {{ (vm_host.network.prefix | ipaddr(vm_host.network.offsets[dest])).split('/')[0] }}  # {{ dest }}
-      {%     endfor %}
+        up /bin/ip route add {{ (vm_host.network.public.prefix | ipaddr(vm_host.network.public.mappings[dest])).split('/')[0] }}/32 via {{ (vm_host.network.prefix | ipaddr(vm_host.network.offsets[dest])).split('/')[0] }}  # {{ dest }}
       {%   endfor %}
-        up /usr/sbin/ip route add unreachable {{ vm_host.network.public.prefix }}
-        down /usr/sbin/ip route del {{ vm_host.network.public.prefix }}
+        up /bin/ip route add unreachable {{ vm_host.network.public.prefix }}
+        down /sbin/ip route del {{ vm_host.network.public.prefix }}
       {% endif %}
       {% if 'nat' in vm_host.network and vm_host.network.nat %}
-        down /usr/sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
+        down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
       {% endif %}
   register: vmhost_interface_config
 
@@ -40,4 +38,4 @@
 ## if there are VMs running they would end up with a broken network
 - name: bring vm-host interface up
   when: vmhost_interface_config is changed
-  command: "/usr/sbin/ifup {{ vm_host.network.interface }}"
+  command: "/sbin/ifup {{ vm_host.network.interface }}"
diff --git a/roles/vm/network/templates/interfaces.j2 b/roles/vm/network/templates/interfaces.j2
index d59d53e1..aa94440e 100644
--- a/roles/vm/network/templates/interfaces.j2
+++ b/roles/vm/network/templates/interfaces.j2
@@ -10,11 +10,18 @@ iface lo inet loopback
 # The primary network interface
 auto {{ network.primary.interface }}
 iface {{ network.primary.interface }} inet static
+  pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra
+  pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf
   address {{ network.primary.ip }}
   netmask {{ network.primary.mask }}
+{% if 'public' in network.primary %}
+  up /bin/ip addr add dev $IFACE {{ network.primary.public }}/32
+  up /bin/ip route add default via {{ network.primary.gateway }} src {{ network.primary.public }}
+  down /bin/ip route del default via {{ network.primary.gateway }} src {{ network.primary.public }}
+  down /bin/ip addr del dev $IFACE {{ network.primary.public }}/32
+{% else %}
   gateway {{ network.primary.gateway }}
-  pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra
-  pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf
+{% endif %}
 {% if 'prefix6' in network.primary %}
 
 iface {{ network.primary.interface }} inet6 static