added init-pressed on admin init; imported incus network playbook

README.md

@@ -14,11 +14,9 @@ This playbook automates the installation and setup of the **stable** version of
 ## How to Run
 1. **Setup:** Clone the repository and go to the project directory
     ```bash
-    git clone https://git.marmattheo.com/marmattheo/incus-stable-playbook.git && cd incus-stable-playbook
+    git clone https://git.marmattheo.com/marmattheo/LXC-Incus-stable-playbook.git && cd incus-stable-playbook
     ```
 
-1.  **Customize Variables (Optional):** Open `playbook.yml` and review the `vars` section. 
-
 2.  **Execute the Playbook:**
     Run the following command from the same directory as the playbook file. It will prompt you for your `sudo` password to perform the administrative tasks.
 
@@ -33,73 +31,27 @@ After the playbook completes successfully:
 
 1.  **Configure User Access:**
 
-    Add your user to incus-admin group
-
-     ```bash
-    sudo usermod -aG incus-admin $USER
-    ```
-    To refresh group membership.
+    Refresh group membership.
 
      ```bash
     newgrp incus-admin
     ```
 
-2.  **Initialize Incus:** 
-
-    Run the interactive initialization and follow the prompts to configure storage pools, networks, and other settings.
-
-     ```bash
-    incus admin init
-    ```
-    > Press 'Enter' all throughout the interactive initialization for defaults
-
-3.  **Verify Setup:** 
+2.  **Verify Setup:** 
 
     You can test the installation by running.
     
     ```bash
-    incus list
+    incus --version
     ```
 
-4.  **Access the Incus Web UI:** 
+3.  **Access the Incus Web UI:** 
 
-    Ensure Incus is listening on the network:
-    
-    ```bash
-    incus config set core.https_address :8443
-    ```
-
-    Then, access the Web UI at:
+    Access the Web UI at:
 
     ```bash
     https://localhost:8443 or https://vps-ip:8443
     ```
-    > Follow the self-signed certificate instructions when prompted.
-
-5.  **Configure Firewall using ufw (Optional):** 
-
-    Install and enable ufw:
-    ```bash
-    sudo apt install ufw -y && sudo ufw enable -y
-    ```
-
-    Ensure Incus is listening on the network:
-    
-    ```bash
-    sudo ufw allow in on incusbr0
-    sudo ufw route allow in on incusbr0
-    sudo ufw route allow out on incusbr0
-    ```
-
-5.  **Incus Network - Access Containers by Name (Optional):** 
-
-    Configuring name-to-IP resolution so the host OS can reach Incus containers using their names.
-    
-    ```bash
-    ansible-playbook incus-network.yml --ask-become-pass
-    ```
-    > After this you should be able to reach your containers via their names or with the domain .incus
-    > i.e., `sudo ping container_name`, `sudo ping container_name.incus` on terminal or `http://container_name.incus` inside an nginx config
-
+    > Follow the self-signed certificate instructions when prompted for mLTS
 
 

init-preseed.yml

@@ -0,0 +1,45 @@
+config:
+  core.https_address: :8443
+networks:
+- config:
+    ipv4.address: 10.69.69.1/24
+    ipv4.nat: "true"
+    ipv6.address: fd42:4e03:3ced:c255::1/64
+    ipv6.nat: "true"
+  description: ""
+  name: incusbr0
+  type: bridge
+  project: default
+storage_pools:
+- config:
+    source: /var/lib/incus/storage-pools/default
+  description: ""
+  name: default
+  driver: dir
+storage_volumes: []
+profiles:
+- config: {}
+  description: Default Incus profile
+  devices:
+    eth0:
+      name: eth0
+      network: incusbr0
+      type: nic
+    root:
+      path: /
+      pool: default
+      type: disk
+  name: default
+  project: ""
+projects:
+- config:
+    features.images: "true"
+    features.networks: "true"
+    features.networks.zones: "true"
+    features.profiles: "true"
+    features.storage.buckets: "true"
+    features.storage.volumes: "true"
+  description: Default Incus project
+  name: default
+certificates: []
+

playbook.yml

@@ -1,5 +1,5 @@
 ---
-- name: Install Incus from Zabbly Stable Repository
+- name: Install and Initialize Incus from Zabbly Stable Repository
   hosts: localhost
   become: yes
 
@@ -63,6 +63,50 @@
           - incus-ui-canonical
         state: present
 
+    - name: Wait for incus daemon to be ready
+      shell: |
+        until incus list &>/dev/null; do
+          sleep 1
+        done
+      retries: 10
+      delay: 2
+      register: incus_ready
+      until: incus_ready.rc == 0
+
+    - name: Run incus admin init with preseed
+      command: incus admin init --preseed < init-preseed.yml
+      args:
+        chdir: "{{ playbook_dir }}"
+
+    - name: Add current user to incus-admin group
+      user:
+        name: "{{ lookup('env', 'SUDO_USER') | default(lookup('env', 'USER'), true) }}"
+        groups: incus-admin
+        append: yes
+
+    - name: Ensure Incus listens on HTTPS port 8443
+      command: incus config set core.https_address :8443
+
+    - name: Install UFW
+      apt:
+        name: ufw
+        state: present
+
+    - name: Enable UFW
+      command: ufw --force enable
+
+    - name: Allow inbound traffic on incusbr0
+      command: ufw allow in on incusbr0
+
+    - name: Allow routed inbound traffic on incusbr0
+      command: ufw route allow in on incusbr0
+
+    - name: Allow routed outbound traffic on incusbr0
+      command: ufw route allow out on incusbr0
+
+    - name: Run incus network DNS setup
+      import_playbook: incus-network.yml
+
     - name: "Post Installation Instructions"
       debug:
-        msg: "Post Installation Instructions: https://git.marmattheo.com/marmattheo/incus-stable-playbook/src/branch/master/README.md"
+        msg: "Post Installation Instructions: https://git.marmattheo.com/marmattheo/LXC-Incus-stable-playbook/src/branch/master/README.md"