From 5f83cd75d6091184b6671f1097de0c6ea249f1cd Mon Sep 17 00:00:00 2001
From: Matt <matt@theregion.beer>
Date: Fri, 28 Nov 2025 17:25:49 -0800
Subject: [PATCH] 11-25 update

---
 tasks/create_bridge.yaml | 24 ++++++++++++++++++++++++
 tasks/main.yaml          |  8 +++++++-
 templates/inventory.j2   |  8 ++++++--
 3 files changed, 37 insertions(+), 3 deletions(-)

diff --git a/tasks/create_bridge.yaml b/tasks/create_bridge.yaml
index 52c0c7b..a3f61f6 100644
--- a/tasks/create_bridge.yaml
+++ b/tasks/create_bridge.yaml
@@ -44,6 +44,20 @@
       regexp: '^#? *iface {{ current_iface }} inet dhcp'
       line: '# iface {{ current_iface }} inet dhcp'
       backrefs: yes
+  
+#  - name: Create auto iface line for main interface
+#    lineinfile:
+#      dest: /etc/network/interfaces
+#      regexp: '^#? *auto {{ current_iface }}'
+#      line: 'auto {{ current_iface }}'
+#      backrefs: yes
+#  
+#  - name: Create iface manual line for main interface
+#    lineinfile:
+#      dest: /etc/network/interfaces
+#      regexp: '^#? *iface {{ current_iface }} inet manual'
+#      line: 'iface {{ current_iface }} inet manual'
+#      backrefs: yes
 
 - name: Create new bridge interface file
   template:
@@ -61,6 +75,16 @@
     bridge link
   register: bridge_status
 
+# enable routing on bridge
+- name: "Enable routing on {{ bridge_name }}"
+  shell: "iptables -A FORWARD -i {{ bridge_name }} -o {{ bridge_name }} -j ACCEPT"
+  
+# Make iptables rules persistent
+- name: Persistence - iptables
+  shell: |
+    netfilter-persistent save
+    netfilter-persistent reload  
+
 - name: show bridge status
   debug:
     msg: 
diff --git a/tasks/main.yaml b/tasks/main.yaml
index 02dab8a..a5a5236 100644
--- a/tasks/main.yaml
+++ b/tasks/main.yaml
@@ -3,6 +3,12 @@
 # optionally it creates a new inventory file on the jenkins host
 # if the appropriate variable is declared
 
+- name: Install iptables-persistent
+  apt:
+    name:
+      - iptables-persistent
+    state: present
+
 # check interfaces
 - name: check interfaces for vmpbr0
   shell: ip -o -4 ad
@@ -37,7 +43,7 @@
 
 - name: Reboot
   when: '"vmpbr0" not in ip_ad_output.stdout'
-  command: "reboot now"
+  shell: "( sleep 5 ; reboot now ) & "
   ignore_errors: yes
 
 ...
\ No newline at end of file
diff --git a/templates/inventory.j2 b/templates/inventory.j2
index 1137695..bfb4f79 100644
--- a/templates/inventory.j2
+++ b/templates/inventory.j2
@@ -5,5 +5,9 @@ all:
   vars:
     ansible_connection: ssh
     ansible_ssh_private_key_file: /var/jenkins_home/jenkins_key    
-
-# host_ip;{{ bridge_address }}
+    ansible_python_interpreter: /usr/bin/python3
+    jenkins_user: '{{ jenkins_user}}'
+    jenkins_group: '{{ jenkins_group}}'
+    subnet_group_check: '{{ subnet_group_check }}'
+    SERVER_SUBNET_GROUP: '{{ SERVER_SUBNET_GROUP }}'
+    stage_two_ip: {{ bridge_address }}