diff --git a/create_container_z10a_gastnet.yml b/create_container_z10a_gastnet.yml
new file mode 100644
index 0000000000000000000000000000000000000000..7744a08e6ad2e76f2ae91659facf02e01475753d
--- /dev/null
+++ b/create_container_z10a_gastnet.yml
@@ -0,0 +1,105 @@
+---
+- name: Create a container on the ffsz10a cluster with Gast NAT (no public v4)
+ hosts: localhost
+ vars_prompt:
+ - name: hostname
+ prompt: "Hostname (no FQDN!)"
+ private: false
+ - name: id
+ prompt: "ID of the container (pct id = 8000 + id)"
+ private: false
+ - name: node
+ prompt: "Node to create container on"
+ private: false
+ default: ffs13.freifunk-stuttgart.de
+ tasks:
+ - ansible.builtin.set_fact:
+ fqdn: "{{ hostname }}.vm.freifunk-stuttgart.de"
+ ipv6: "2a0f:d607:e:2::{{ id }}"
+ ipv4: "10.0.3.{{ id }}"
+ pveid: "{{ 8000 + id|int }}"
+ - ansible.builtin.set_fact:
+ mypubkey: "{{ lookup('ansible.builtin.pipe', 'ssh-add -L') }}"
+ - name: "Create virtual machine {{ hostname }} in netbox"
+ register: netbox_vm
+ netbox.netbox.netbox_virtual_machine:
+ netbox_url: "{{ netbox_api_url }}"
+ netbox_token: "{{ netbox_api_token }}"
+ data:
+ name: "{{ hostname }}"
+ cluster: "pvez10a"
+ state: present
+ - ansible.builtin.debug:
+ msg: "Created virtual machine ID {{ netbox_vm['virtual_machine']['id'] }}"
+ - name: "Create backbone IPv4 address for {{ hostname }}"
+ netbox.netbox.netbox_ip_address:
+ netbox_url: "{{ netbox_api_url }}"
+ netbox_token: "{{ netbox_api_token }}"
+ data:
+ address: "10.191.255.{{ id }}"
+ description: "{{ hostname }}"
+ state: present
+ - name: "Create gastnet IPv4 address for {{ hostname }}"
+ netbox.netbox.netbox_ip_address:
+ netbox_url: "{{ netbox_api_url }}"
+ netbox_token: "{{ netbox_api_token }}"
+ data:
+ address: "{{ ipv4 }}"
+ description: "{{ hostname }}"
+ state: present
+ - name: "Create public IPv6 address for {{ hostname }}"
+ netbox.netbox.netbox_ip_address:
+ netbox_url: "{{ netbox_api_url }}"
+ netbox_token: "{{ netbox_api_token }}"
+ data:
+ address: "{{ ipv6 }}"
+ description: "{{ hostname }}"
+ dns_name: "{{ fqdn }}"
+ state: present
+ - name: "Create DNS forward AAAA record for {{ hostname }}"
+ community.general.nsupdate:
+ key_name: "{{ dns_records_nsupdate_key_name }}"
+ key_secret: "{{ dns_records_nsupdate_key_secret }}"
+ key_algorithm: "{{ dns_records_nsupdate_key_algorithm }}"
+ server: "{{ dns_records_nsupdate_server }}"
+ # The dot at the end of the record is important
+ record: "{{ fqdn }}."
+ type: "AAAA"
+ value: "{{ ipv6 }}"
+ delegate_to: localhost
+ - name: "Create DNS reverse AAAA record for {{ hostname }}"
+ community.general.nsupdate:
+ key_name: "{{ dns_records_nsupdate_key_name }}"
+ key_secret: "{{ dns_records_nsupdate_key_secret }}"
+ key_algorithm: "{{ dns_records_nsupdate_key_algorithm }}"
+ server: "{{ dns_records_nsupdate_server }}"
+ record: "{{ ipv6|community.dns.reverse_pointer }}"
+ type: "PTR"
+ value: "{{ fqdn }}."
+ delegate_to: localhost
+ - name: "Create container"
+ delegate_to: "{{ node }}"
+ ansible.builtin.command:
+ argv:
+ - pct
+ - create
+ - "{{ pveid }}"
+ - 'local:vztmpl/debian-12-standard_12.2-1_amd64.tar.zst'
+ - '--cmode'
+ - shell
+ - '--hostname'
+ - "{{ hostname }}"
+ - '--memory'
+ - 2048
+ - '--nameserver'
+ - "10.0.3.1 2a0f:d607:e:2::1"
+ - '--net0'
+ - "name=gastnet,ip={{ ipv4 }}/24,ip6={{ ipv6 }}/64,gw=10.0.3.1,gw6=fe80::1,bridge=gastnet,type=veth"
+ - '--onboot'
+ - '1'
+ - '--ssh-public-keys'
+ - '/root/.ssh/authorized_keys'
+ - '--storage'
+ - 'local-zfs'
+ - '--features'
+ - 'nesting=1'
diff --git a/create_container_z10a_services.yml b/create_container_z10a_services.yml
index a3dc6927a7d62b17db13b8b6f2c77c79bc80e276..9405e0db7e8c17c5b840b7d02fb3fbb792fb60a6 100644
--- a/create_container_z10a_services.yml
+++ b/create_container_z10a_services.yml
@@ -63,6 +63,7 @@
data:
address: "{{ ipv6 }}"
description: "{{ hostname }}"
+ dns_name: "{{ fqdn }}"
state: present
- name: "Create DNS forward AAAA record for {{ hostname }}"
community.general.nsupdate: