bob/roles/incus-install/tasks/install.yaml

# required by gliech.incus role
- name: Ensure lxc conf directory exists
  ansible.builtin.file:
    state: directory
    path: /etc/lxc
  become: true

- name: Install incus
  ansible.builtin.import_role:
    name: gliech.incus
  vars:
    incus_config:
      config:
        core.https_address: "[::]:8443"
      networks:
        - config:
            ipv4.address: 10.172.89.1/24
            ipv4.firewall: "true"
            ipv4.nat: "true"
            ipv6.address: fd42:c9d2:6e9f:be57::1/64
            ipv6.nat: "true"
          description: ""
          name: incusbr0
          type: bridge
          project: default
      storage_pools:
        - config:
            source: /var/lib/incus/storage-pools/default
            volatile.initial_source: /var/lib/incus/storage-pools/default
          description: ""
          name: default
          driver: btrfs
        - config:
            size: 50GiB
            source: /var/lib/incus/disks/docker_store.img
          description: ""
          name: docker_store
          driver: btrfs
      storage_volumes: []
      profiles:
        - config: {}
          description: Default Incus profile
          devices:
            eth0:
              name: eth0
              network: incusbr0
              type: nic
            root:
              path: /
              pool: default
              type: disk
          name: default
          project: ""
      projects:
        - config:
            features.images: "true"
            features.networks: "true"
            features.networks.zones: "true"
            features.profiles: "true"
            features.storage.buckets: "true"
            features.storage.volumes: "true"
            restricted: "false"
          description: NAS
          name: default
      certificates: []
      cluster_groups: []
#   # TODO: Should presumably be split
# - name: "Install and bootstrap incus"
#   ansible.builtin.include_tasks: bootstrap.yaml
#   when: ansible_distribution == "Debian" and ansible_distribution_release == "bookworm"