Keep track of IPs for PVE hosts

Yea they're all random, I'll deal with that later
2021-01-31 12:46:43 +00:00
parent 9023b269eb
commit 058290b321
11 changed files with 33 additions and 19 deletions
--- a/ansible/roles/nebula/files/nebula.yml
+++ b/ansible/roles/nebula/files/nebula.yml
@ -32,7 +32,7 @@ tun:
  routes:
  unsafe_routes:
 {% if ansible_fqdn != "ingress" %}
-    - route: 10.23.1.0/24
+    - route: "{{ pve_hosts.internal_cidr }}"
      via: "{{ nebula.clients.ingress.ip }}"
 {% endif %}

--- a/ansible/roles/nebula/tasks/main.yml
+++ b/ansible/roles/nebula/tasks/main.yml
@ -59,7 +59,7 @@
    table: nat
    chain: POSTROUTING
    out_interface: ens18
-    source: "{{ nebula.subnet }}"
+    source: "{{ nebula.cidr }}"
    jump: MASQUERADE
  notify: persist iptables
  become: true