From 1ae3b1703d48ab32298df6ee73758a44ffd6ee0c Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sun, 6 Oct 2019 17:22:56 +0200
Subject: added support for public address mappings in vm host network

---
 roles/vm/host/tasks/network.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'roles/vm')

diff --git a/roles/vm/host/tasks/network.yml b/roles/vm/host/tasks/network.yml
index 343a1b00..a6eb7333 100644
--- a/roles/vm/host/tasks/network.yml
+++ b/roles/vm/host/tasks/network.yml
@@ -21,6 +21,17 @@
         up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding
         up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding
         up /usr/sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
+      {% endif %}
+      {% if 'public' in vm_host.network %}
+      {%   for dest in vm_host.network.public.mappings %}
+      {%     for idx in vm_host.network.public.mappings[dest] %}
+        up /usr/sbin/ip route add {{ (vm_host.network.public.prefix | ipaddr(idx)).split('/')[0] }}/32 via {{ (vm_host.network.prefix | ipaddr(vm_host.network.offsets[dest])).split('/')[0] }}  # {{ dest }}
+      {%     endfor %}
+      {%   endfor %}
+        up /usr/sbin/ip route add unreachable {{ vm_host.network.public.prefix }}
+        down /usr/sbin/ip route del {{ vm_host.network.public.prefix }}
+      {% endif %}
+      {% if 'nat' in vm_host.network and vm_host.network.nat %}
         down /usr/sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ vm_host.network.prefix | ipaddr('network/prefix') }} -j SNAT --to {{ ansible_default_ipv4.address }}
       {% endif %}
   register: vmhost_interface_config
-- 
cgit v1.2.3