marito/LXC-Incus-stable-setup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
LXC-Incus-stable-setup/README.md
marito 0df0403863 readme
2025-06-24 07:06:01 +00:00

3.1 KiB
Raw Permalink Blame History

Ansible Playbook for LXC/Incus Installation (Debian/Ubuntu)

This playbook automates the installation and setup of the stable version of Incus on the local machine (Debian/Ubuntu). It is designed to be run directly on the server you wish to configure.

Prerequisites

  1. Ansible & Git: Must be installed on the machine where you are running the playbook. 
    sudo apt update
sudo apt install ansible git -y
  2. Sudo Access: Your user must have sudo privileges to run the playbook.

How to Run

  1. Setup: Clone the repository and go to the project directory

    git clone https://git.marmattheo.com/marmattheo/LXC-Incus-stable-setup.git ~/incus-stable && cd ~/incus-stable

  2. Execute the Playbook: Run the following command from the same directory as the playbook file. It will prompt you for your sudo password to perform the administrative tasks.

    ansible-playbook playbook.yml -i inventory.ini --ask-become-pass
    • --ask-become-pass: This flag tells Ansible to prompt for the password needed for privilege escalation (sudo).

Post-Installation Steps

After the playbook completes successfully:

  1. Configure User Access:

    Add your user to incus-admin group

    sudo usermod -aG incus-admin $USER

    To refresh group membership.

    newgrp incus-admin

  2. Initialize Incus:

    Run the interactive initialization and follow the prompts to configure storage pools, networks, and other settings.

    incus admin init

    Press 'Enter' all throughout the interactive initialization for defaults

  3. Verify Setup:

    You can test the installation by running.

    incus --version

    This should return incus current version i.e., '6.13'

  4. Access the Incus Web UI:

    Ensure Incus is listening on the network:

    incus config set core.https_address [::]:8443

    Then, access the Web UI at:

    https://localhost:8443

    If you're using a remote server use ipv4/ipv6 instead: https://vps-ip:8443

    Follow the self-signed certificate instructions when prompted to start using Incus.

  5. Configure Firewall using ufw (Optional):

    Install and enable ufw:

    sudo apt install ufw -y && sudo ufw enable -y

    Ensure Incus is listening on the network:

    sudo ufw allow in on incusbr0
sudo ufw route allow in on incusbr0
sudo ufw route allow out on incusbr0

  6. Incus Network - Access Containers by Name (Optional):

    Configuring name-to-IP resolution so the host OS can reach Incus containers using their names.

    ansible-playbook incus-network.yml -i inventory.ini --ask-become-pass

    After this you should be able to reach your containers via their names or with the domain .incus

    i.e., sudo ping container_name, sudo ping container_name.incus on terminal or http://container_name.incus inside an nginx config