100 lines
2.8 KiB
Markdown
100 lines
2.8 KiB
Markdown
# Ansible Playbook for Local Incus Installation
|
|
|
|
This playbook automates the installation and setup of the **stable** version of Incus on the **local machine** (Debian/Ubuntu). It is designed to be run directly on the server you wish to configure.
|
|
|
|
## Prerequisites
|
|
|
|
1. **Ansible and git:** must be installed on the machine where you are running the playbook.
|
|
```bash
|
|
sudo apt update
|
|
sudo apt install ansible git -y
|
|
```
|
|
2. **Sudo Access:** Your user must have `sudo` privileges to run the playbook.
|
|
|
|
## How to Run
|
|
1. **Clone the repository:** Clone the repository and go to the project directory
|
|
```bash
|
|
git clone https://git.marmattheo.com/marmattheo/incus-stable-playbook.git && cd incus-stable-playbook
|
|
```
|
|
|
|
1. **Customize Variables (Optional):** Open `playbook.yml` and review the `vars` section.
|
|
|
|
2. **Execute the Playbook:**
|
|
Run the following command from the same directory as the playbook file. It will prompt you for your `sudo` password to perform the administrative tasks.
|
|
|
|
```bash
|
|
ansible-playbook playbook.yml --ask-become-pass
|
|
```
|
|
* `--ask-become-pass`: This flag tells Ansible to prompt for the password needed for privilege escalation (`sudo`).
|
|
|
|
## Post-Installation Steps
|
|
|
|
After the playbook completes successfully:
|
|
|
|
1. **Configure User Access:**
|
|
|
|
Add your user to incus-admin group
|
|
|
|
```bash
|
|
sudo usermod -aG incus-admin $USER
|
|
```
|
|
To refresh group membership.
|
|
|
|
```bash
|
|
newgrp incus-admin
|
|
```
|
|
|
|
2. **Initialize Incus:**
|
|
|
|
Run the interactive initialization and follow the prompts to configure storage pools, networks, and other settings.
|
|
|
|
```bash
|
|
incus admin init
|
|
```
|
|
|
|
3. **Verify Setup:**
|
|
|
|
You can test the installation by running.
|
|
|
|
```bash
|
|
incus list
|
|
```
|
|
|
|
4. **Access the Incus Web UI:**
|
|
|
|
Ensure Incus is listening on the network:
|
|
|
|
```bash
|
|
incus config set core.https_address :8443
|
|
```
|
|
|
|
Then, access the Web UI at:
|
|
|
|
```bash
|
|
https://localhost:8443 or https://vps-ip:8443
|
|
```
|
|
> Follow the self-signed certificate instructions when prompted.
|
|
|
|
5. **Setup Firewall for ufw (Optional: only if you are using ufw):**
|
|
|
|
Ensure Incus is listening on the network:
|
|
|
|
```bash
|
|
sudo ufw allow in on incusbr0
|
|
sudo ufw route allow in on incusbr0
|
|
sudo ufw route allow out on incusbr0
|
|
```
|
|
|
|
5. **Incus Network - Access Containers by Name (Optional):**
|
|
|
|
Configuring name-to-IP resolution so the host OS can reach Incus containers using their names.
|
|
|
|
```bash
|
|
ansible-playbook incus-network.yml --ask-become-pass
|
|
```
|
|
> After this you should be able to reach your containers via their names or with the domain .incus
|
|
> i.e., `sudo ping container_name`, `sudo ping container_name.incus` on terminal or `http://container_name.incus` inside an nginx config
|
|
|
|
|
|
|