---
- import_playbook: "include/deploy-kvm-guest.yml myhosts=fsolgw"

- name: configure instance
  hosts: fsolgw
  user: root
  gather_facts: true

  vars_files:
    - "{{ ansible_private }}/vars.yml"

  pre_tasks:
    - name: disable resolvd service
      ansible.builtin.service:
        name: resolvd
        state: stopped
        enabled: false

  tasks:
    - name: enable ip forwarding
      ansible.posix.sysctl:
        name: "{{ item }}"
        sysctl_set: true
        value: "1"
      with_items:
        - net.inet.ip.forwarding
        - net.inet6.ip6.forwarding
    - name: use manual dns servers
      ansible.builtin.copy:
        dest: /etc/dhclient.conf
        content: "ignore domain-name-servers, domain-name;\n"
        mode: 0644
        owner: root
        group: "{{ ansible_wheel }}"
    - name: create pfsync interface
      ansible.builtin.copy:
        dest: /etc/hostname.pfsync0
        content: "up syncdev vio1\n"
        mode: 0600
        owner: root
        group: "{{ ansible_wheel }}"

  roles:
    - base
    - bird
    - openvpn
    - ifstated