diff options
-rw-r--r-- | dan/sk-2019vm.yml | 18 | ||||
-rw-r--r-- | roles/vm/host/tasks/network.yml | 2 |
2 files changed, 20 insertions, 0 deletions
diff --git a/dan/sk-2019vm.yml b/dan/sk-2019vm.yml index 00c6a067..42354bc6 100644 --- a/dan/sk-2019vm.yml +++ b/dan/sk-2019vm.yml @@ -9,3 +9,21 @@ - role: cryptdisk - role: zfs/base - role: vm/host + tasks: + - name: install post-boot script + copy: + dest: /usr/local/bin/post-boot + mode: 0755 + content: | + #!/bin/bash + set -e + + {% for name, volume in cryptdisk_volumes.items() %} + cryptsetup luksOpen '{{ volume.device }}' '{{ name }}' + {% endfor %} + systemctl restart zfs-import-cache.service + systemctl restart zfs-mount.service + mount -a + + sleep 2 + systemctl restart libvirtd.service diff --git a/roles/vm/host/tasks/network.yml b/roles/vm/host/tasks/network.yml index 7ce3de45..16fe9314 100644 --- a/roles/vm/host/tasks/network.yml +++ b/roles/vm/host/tasks/network.yml @@ -19,6 +19,8 @@ up /sbin/sysctl net.bridge.bridge-nf-call-ip6tables=0 up /sbin/sysctl net.bridge.bridge-nf-call-arptables=0 {% if 'nat' in vm_host.network and vm_host.network.nat %} + up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding + up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding up /usr/sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} down /usr/sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }} {% endif %} |