Skip to content
Snippets Groups Projects
Commit 90798236 authored by nimrod's avatar nimrod
Browse files

Added a service to enable IP masquerading (NAT) because nspawn on Debian isn't 

compiled with support for that.
parent c392e997
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
files/nspawn-nat.service 0 → 100644
+ 15
0
View file @ 90798236
[Unit]
Description="Enable NAT on nspawn bridge due to Debian bug #787480."
Requires=systemd-networkd
After=systemd-networkd
After=ufw
[Service]
Type=oneshot
RemainAfterExit=yes
Environment=network="192.168.123.0/24"
ExecStart=/sbin/iptables -w -t nat -A POSTROUTING -s "$network" ! -d "$network" -j MASQUERADE
ExecStop=/sbin/iptables -w -t nat -D POSTROUTING -s 192.168.123.0/24 ! -d 192.168.123.0/24 -j MASQUERADE
[Install]
WantedBy=network.target
tasks/main.yml
+ 8
0
View file @ 90798236
...@@ -44,6 +44,14 @@ ...@@ -44,6 +44,14 @@
group: root group: root
mode: '0644' mode: '0644'
- name: Add NAT workaround for Debian bug #787480
copy:
src: nspawn-nat.service
dest: /etc/systemd/system/nspawn-nat.service
owner: root
group: root
mode: '0644'
- name: Disable networking service, enable systemd-networkd - name: Disable networking service, enable systemd-networkd
with_items: with_items:
- name: systemd-resolved - name: systemd-resolved
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment