damex.incus.incus_network_forwards role – Ensure Incus network forwards.

Note

This role is part of the damex.incus collection (version 1.9.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it use: ansible-galaxy collection install damex.incus.

To use it in a playbook, specify: damex.incus.incus_network_forwards.

Entry point main – Ensure Incus network forwards.

Synopsis

  • Ensure Incus network forwards.

Parameters

Parameter

Comments

incus_network_forwards

list / elements=dictionary

List of Incus network forwards to ensure.

config

dictionary

Network forward configuration key-value pairs.

target_address

string

Default target address for traffic not matching any port rule.

description

string

Description of the network forward.

name

string / required

Listen address of the network forward.

network

string

Name of the network containing the forward.

ports

list / elements=dictionary

List of port forwarding rules.

description

string

Description of the port rule.

listen_port

string / required

Port or port range to listen on.

protocol

string / required

Network protocol to forward.

Choices:

  • "tcp"

  • "udp"

snat

boolean

Whether to rewrite traffic source address.

Choices:

  • false

  • true

target_address

string / required

Target address to forward traffic to.

target_port

string

Target port or port range.

project

string

Incus project for the network forward.

state

string

Desired state of the network forward.

Choices:

  • "present"

  • "absent"

incus_network_forwards_client_cert

string

Client certificate content for API authentication.

incus_network_forwards_client_cert_path

path

Path to the TLS client certificate for API authentication.

incus_network_forwards_client_key

string

Client key content for API authentication.

incus_network_forwards_client_key_path

path

Path to the TLS client key for API authentication.

incus_network_forwards_network

string

Default network for network forwards.

incus_network_forwards_project

string

Default Incus project for network forwards.

incus_network_forwards_server_cert

string

Server certificate content for API verification.

incus_network_forwards_server_cert_path

path

Path to the TLS server certificate for API verification.

incus_network_forwards_socket_path

path

Path to the Incus Unix socket.

incus_network_forwards_state

string

Default desired state of the network forwards.

Choices:

  • "present"

  • "absent"

incus_network_forwards_token

string

Authentication token for the Incus API.

incus_network_forwards_url

string

URL of the Incus server API.

incus_network_forwards_validate_certs

boolean

Whether to validate TLS certificates.

Choices:

  • false

  • true

Examples

- name: Ensure incus network forwards
  hosts: incus
  tasks:
    - name: Ensure incus network forwards
      ansible.builtin.import_role:
        name: damex.incus.incus_network_forwards
      vars:
        incus_network_forwards_network: incusbr0
        incus_network_forwards:
          - name: 192.168.1.100
            description: Web server forward
            config:
              target_address: 10.0.0.5
            ports:
              - protocol: tcp
                listen_port: 80,443
                target_address: 10.0.0.5
          - name: 192.168.1.101
            config:
              target_address: 10.0.0.10