Ansible configuration for ghost.shutthegoatup.com Proxmox server.
- Host: Proxmox VE on Hetzner dedicated server
- Network: IPv6-primary with IPv4 NAT/proxy for legacy services
- Bridge: Single vmbr0 for all VMs/containers
Public IPs:
IPv4: 176.9.39.138/27
IPv6: 2a01:4f8:161:36d4::/64
VM/Container Subnet:
IPv6: 2a01:4f8:161:36d4:100::/80
Gateway: 2a01:4f8:161:36d4:100::ffff
| Service | VMID | IPv6 Address | Ports |
|---|---|---|---|
| TeamSpeak | 102 | 2a01:4f8:161:36d4:100::2 | UDP 9987, TCP 10011, TCP 30033 |
| Talos K8s | 100 | 2a01:4f8:161:36d4:100::1 | TCP 50000, TCP 6443 |
# Run full playbook
ansible-playbook playbooks/site.yml
# Only configure network
ansible-playbook playbooks/site.yml --tags network
# Only configure TeamSpeak proxies
ansible-playbook playbooks/site.yml --tags teamspeak_proxyTeamSpeak uses socat to proxy IPv4 traffic to IPv6:
- ts3-voice-proxy: UDP 9987
- ts3-query-proxy: TCP 10011
- ts3-file-proxy: TCP 30033
The Talos control plane VM is configured for IPv6-only operation.
Config files are stored in /root/final-config/ on the host.
After VM boots to maintenance mode:
talosctl apply-config --insecure --nodes <link-local> --file /root/talos-controlplane.yaml
talosctl bootstrap --nodes <ipv6-address>