- hosts: manager remote_user: debian become: true tasks: - name: "configure modprobe to enable nested VMs" copy: content: | options kvm-intel nested=1 options kvm-intel enable_shadow_vmcs=1 options kvm-intel enable_apicv=1 options kvm-intel ept=1 dest: /etc/modprobe.d/kvm-nested.conf - name: "install needed packages" apt: name: - ssh - sudo - qemu-system-x86 - virtinst - libvirt-daemon-system - libvirt-clients - locales-all - jq - rsync - kpartx - python3-lxml - ansible - name: change IP block in default virtual network replace: path: /etc/libvirt/qemu/networks/default.xml regexp: '192\.168\.122\.' replace: '192.168.88.' - name: configure default virtual network command: /usr/bin/virsh net-define /etc/libvirt/qemu/networks/default.xml - name: start default network now virt_net: state: active name: default - name: start default network at boot virt_net: autostart: yes name: default - name: "create manager user" user: comment: "Manager" name: manager shell: /bin/bash groups: - libvirt - name: "create ~manager/.ssh" file: state: directory path: /home/manager/.ssh owner: manager group: manager mode: 0700 - name: "copy root authorized_keys to manager user" shell: | install -o manager -g manager /root/.ssh/authorized_keys /home/manager/.ssh/authorized_keys sed -i 's/^.* ssh-rsa /ssh-rsa /' /home/manager/.ssh/authorized_keys - name: "give manager sudo" copy: content: | manager ALL=(ALL:ALL) NOPASSWD: ALL dest: /etc/sudoers.d/manager owner: root group: root mode: 0600 - name: "create ~manager/.ssh" file: state: directory path: /home/manager/.ssh owner: manager group: manager mode: 0700 - name: "add SSH keys to manager" copy: src: "{{ item }}" dest: "/home/manager/.ssh/{{ item }}" owner: manager group: manager mode: 0600 with_items: - manager.key - manager.key.pub - name: "configure manager's ssh" copy: src: manager-ssh-config dest: /home/manager/.ssh/config owner: manager group: manager mode: 0600 vars: ansible_python_interpreter: /usr/bin/python3