diff options
Diffstat (limited to 'tasks')
| -rw-r--r-- | tasks/pve_configure.yaml | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/tasks/pve_configure.yaml b/tasks/pve_configure.yaml index c67be1a..514faa4 100644 --- a/tasks/pve_configure.yaml +++ b/tasks/pve_configure.yaml @@ -25,20 +25,23 @@ dest: /etc/default/pveproxy mode: '0644' -- name: deploy /etc/iptables/rules.v4 - template: - src: rules.v4.j2 - dest: /etc/iptables/rules.v4 - owner: root - group: root - mode: '0644' +- name: add nat masquerade rules to ufw before.rules + blockinfile: + path: /etc/ufw/before.rules + insertbefore: BOF + block: | + :POSTROUTING ACCEPT [0:0] + -A POSTROUTING -s {{ nat_subnet }} -o {{ public_interface }} -j MASQUERADE + COMMIT + marker: "# {mark} ANSIBLE MANAGED NAT MASQUERADE RULE" -- name: enable ipv4 forwarding +- name: enable ipv4 forwarding persistently sysctl: name: net.ipv4.ip_forward value: '1' state: present reload: yes + sysctl_file: /etc/sysctl.conf - name: restart pveproxy systemd: |