From a6ec8f8947e1d6e56d1c0af6b67af2e7468ef98f Mon Sep 17 00:00:00 2001
From: heqnx <root@heqnx.com>
Date: Sun, 22 Jun 2025 20:19:31 +0300
Subject: initial commit on working deployment

---
 tasks/configure_pve.yaml | 55 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 tasks/configure_pve.yaml

(limited to 'tasks/configure_pve.yaml')

diff --git a/tasks/configure_pve.yaml b/tasks/configure_pve.yaml
new file mode 100644
index 0000000..73ef36f
--- /dev/null
+++ b/tasks/configure_pve.yaml
@@ -0,0 +1,55 @@
+- name: detect default public interface
+  set_fact:
+    public_interface: "{{ ansible_default_ipv4.interface }}"
+
+- name: get gateway info from ip route
+  shell: ip route get 1.1.1.1 | grep -oP 'via \K[\d.]+' | head -n1
+  register: detected_gateway
+  changed_when: false
+
+- name: set public gateway fact
+  set_fact:
+    public_gateway: "{{ detected_gateway.stdout }}"
+
+- name: deploy /etc/network/interfaces
+  template:
+    src: interfaces.j2
+    dest: /etc/network/interfaces
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: set pveproxy config
+  copy:
+    src: files/pveproxy
+    dest: /etc/default/pveproxy
+    mode: '0644'
+
+- name: deploy /etc/iptables/rules.v4
+  template:
+    src: rules.v4.j2
+    dest: /etc/iptables/rules.v4
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: enable ipv4 forwarding
+  sysctl:
+    name: net.ipv4.ip_forward
+    value: '1'
+    state: present
+    reload: yes
+
+- name: restart pveproxy
+  systemd:
+    name: pveproxy
+    state: restarted
+    enabled: true
+  when: ansible_service_mgr == 'systemd'
+
+- name: restart networking
+  systemd:
+    name: networking
+    state: restarted
+    enabled: true
+  when: ansible_service_mgr == 'systemd'
-- 
cgit v1.2.3