--- - name: Install and Initialize Incus from Zabbly Stable Repository hosts: localhost become: yes vars: zabbly_key_url: "https://pkgs.zabbly.com/key.asc" keyring_dir: "/etc/apt/keyrings" keyring_asc: "/etc/apt/keyrings/zabbly.asc" keyring_gpg: "/etc/apt/keyrings/zabbly.gpg" repo_file: "/etc/apt/sources.list.d/zabbly-incus-stable.sources" os_codename: "{{ ansible_lsb.codename }}" arch: "{{ 'amd64' if ansible_architecture == 'x86_64' else ansible_architecture }}" tasks: - name: Ensure required tools are installed apt: name: - curl - gnupg - lsb-release state: present update_cache: yes - name: Create APT keyring directory file: path: "{{ keyring_dir }}" state: directory mode: '0755' - name: Download Zabbly GPG key (ASCII) get_url: url: "{{ zabbly_key_url }}" dest: "{{ keyring_asc }}" mode: '0644' - name: Convert ASCII key to GPG format command: gpg --dearmor -o "{{ keyring_gpg }}" "{{ keyring_asc }}" args: creates: "{{ keyring_gpg }}" - name: Add Zabbly Incus Stable APT repository copy: dest: "{{ repo_file }}" content: | Enabled: yes Types: deb URIs: https://pkgs.zabbly.com/incus/stable Suites: {{ os_codename }} Components: main Architectures: {{ arch }} Signed-By: {{ keyring_gpg }} - name: Update APT cache apt: update_cache: yes - name: Install Incus packages apt: name: - incus - incus-client - incus-ui-canonical state: present - name: Wait for incus daemon to be ready shell: | until incus list &>/dev/null; do sleep 1 done retries: 10 delay: 2 register: incus_ready until: incus_ready.rc == 0 - name: Preseed network and storage command: incus admin init --preseed args: chdir: "{{ playbook_dir }}" stdin: "{{ lookup('file', 'preseed-network-storage.yml') }}" - name: Preseed profile and global config command: incus admin init --preseed args: chdir: "{{ playbook_dir }}" stdin: "{{ lookup('file', 'preseed-profile.yml') }}" - name: Add current user to incus-admin group user: name: "{{ lookup('env', 'SUDO_USER') | default(lookup('env', 'USER'), true) }}" groups: incus-admin append: yes - name: Ensure Incus listens on HTTPS port 8443 command: incus config set core.https_address :8443 - name: Install UFW apt: name: ufw state: present - name: Enable UFW command: ufw --force enable - name: Allow inbound traffic on incusbr0 command: ufw allow in on incusbr0 - name: Allow routed inbound traffic on incusbr0 command: ufw route allow in on incusbr0 - name: Allow routed outbound traffic on incusbr0 command: ufw route allow out on incusbr0 - name: "Post Installation Instructions" debug: msg: "Post Installation Instructions: https://git.marmattheo.com/marmattheo/LXC-Incus-stable-playbook/src/branch/master/README.md"