incus network

2025-06-10 16:15:36 +08:00 · 2025-06-10 16:15:36 +08:00 · eec0a8a387
commit eec0a8a387
parent 7ae7acd40b
3 changed files with 64 additions and 12 deletions
--- a/README.md
+++ b/README.md
@ -68,5 +68,12 @@ After the playbook completes successfully:
    sudo ufw route allow out on incusbr0
    ```

+5.  **Incus Network - Access Containers by Name (Optional):** 
+    Configuring name-to-IP resolution so the host OS can reach Incus containers using their names.
+    
+    ```bash
+    ansible-playbook incus-network.yml --ask-become-pass
+    ```
+


--- a/incus-network.yml
+++ b/incus-network.yml
@ -0,0 +1,55 @@
+---
+- name: Configure DNS for Incus Network
+  hosts: localhost
+  become: yes
+
+  vars:
+    incus_dns_ip: "{{ lookup('pipe', \"ip -4 -o addr show incusbr0 | awk '{print $4}' | cut -d/ -f1\") }}"
+    resolved_conf_path: "/etc/systemd/resolved.conf.d/incus.conf"
+
+  tasks:
+    - name: Ensure systemd-resolved package is installed
+      apt:
+        name: systemd-resolved
+        state: present
+        update_cache: yes
+
+    - name: Ensure systemd-resolved override directory exists
+      file:
+        path: "/etc/systemd/resolved.conf.d"
+        state: directory
+        owner: root
+        group: root
+        mode: '0755'
+
+    - name: Write systemd-resolved DNS override for Incus
+      copy:
+        dest: "{{ resolved_conf_path }}"
+        owner: root
+        group: root
+        mode: '0644'
+        content: |
+          [Resolve]
+          DNS={{ incus_dns_ip }}
+          Domains=~incus
+
+    - name: Enable systemd-resolved service
+      systemd:
+        name: systemd-resolved
+        enabled: yes
+
+    - name: Start systemd-resolved service
+      systemd:
+        name: systemd-resolved
+        state: started
+
+    - name: Ensure /etc/resolv.conf points to systemd-resolved
+      file:
+        src: /run/systemd/resolve/resolv.conf
+        dest: /etc/resolv.conf
+        state: link
+        force: yes
+
+    - name: Inform user
+      debug:
+        msg: "DNS now points to {{ incus_dns_ip }}. systemd-resolved is active with ~incus search domain."
--- a/playbook.yml
+++ b/playbook.yml
@ -63,16 +63,6 @@
          - incus-ui-canonical
        state: present

-    - name: Add current user to incus-admin group
-      user:
-        name: "{{ ansible_user_id }}"
-        groups: incus-admin
-        append: yes
-
-    - name: "Notify to run 'newgrp incus-admin' manually"
+    - name: "Post Installation Instructions"
      debug:
-        msg: "Run 'newgrp incus-admin' in your terminal to refresh group membership."
-
-    - name: "Reminder to run 'incus admin init'"
-      debug:
-        msg: "After installation, run 'incus admin init' to configure Incus."
+        msg: "Post Installation Instructions: https://git.marmattheo.com/marmattheo/incus-stable-playbook/src/branch/master/README.md"