add

roles/toxcore/tasks/main.yml

@@ -87,7 +87,8 @@
 - name: modprobe VM modules toxcore_kmods_in_host
   modprobe:
     name: "{{ item }}"
-    state: "{{ 'absent' if ansible_virtualization_role|replace('NA', 'host') != 'host' else 'present'}}"
+    # "{{ 'absent' if ansible_virtualization_role|replace('NA', 'host') != 'host' else 'present'}}"
+    state: present
   when:
     - item != ''
   with_items: "{{ toxcore_kmods_in_host }}"
@@ -129,7 +130,8 @@
   ignore_errors: true
   with_nested:
     - "{{ base_system_users }}"
-    - "{{ toxcore_standard_users_groups }}"
+    - "{{ toxcore_standard_users_groups_host if ansible_virtualization_role|replace('NA', 'host') == 'host' else [] }}"
+    - "{{ toxcore_standard_users_groups_guest if ansible_virtualization_role|replace('NA', 'host') != 'host' else [] }}"
 
 - name: "make a directory for /data/Vms"
   file:
@@ -162,6 +164,18 @@
     [ -f /usr/share/openpgp-keys/gentoo-release.asc ] && exit 0
     gpg --import /usr/local/share/openpgp-keys/gentoo-release.asc
 
+# FixMe: does this do SSH?
+- name: /usr/local/bin/gitproxy.sh
+  blockinfile:
+    dest: "/usr/local/bin/gitproxy.bash"
+    create: yes
+    mode: 0775
+    marker: "# {mark} ANSIBLE MANAGED BLOCK proxy"
+    block: |
+      exec corkscrew {{HTTP_PROXYHOST}} {{HTTP_PROXYPORT}} $1 $2
+      # $1 %h $2 %p
+      #? exec connect -4 -S {{HTTP_PROXYHOST}}:{{HTTP_PROXYPORT}} $(tor-resolve $1 {{HTTP_PROXYHOST}}:{{HTTP_PROXYPORT}}) $2
+
 # this should not run as root
 # delegate_to: localhost? - no - per test
 - name: "usr_local_toxcore.bash"
@@ -309,6 +323,8 @@
              -b {{BOX_NBD_OVERLAY_BR}}  \
              -p {{BOX_NBD_OVERLAY_PASS}} \
              -o gentoo
+  args:
+    creates: "{{BOX_NBD_OVERLAY_DIR}}/{{BOX_NBD_OVERLAY_NAME}}.qcow2"
   ignore_errors: true
   when:
     - "ansible_virtualization_role|replace('NA', 'host') == 'host'"
@@ -353,3 +369,28 @@
 
 # replace this ^A with a control-A to provoke an error in the error handler of yamlint
 # yaml.reader.ReaderError: unacceptable character #x0001: special characters are not allowed
+
+- block:
+      
+    - name: ansible-keepassxc
+      ansible-keepassxc:
+        database: "{{ base_passwords_database }}"
+        entry: "HOSTVMS_LXD_TRUST_PASSWORD"
+        group: "/Ansible/hostvms"
+        password: "{{ base_passwords_password }}"
+      no_log: False
+      register:  hostvms_lxd_trust_password
+
+    - debug:
+        verbosity: 1
+        var: hostvms_lxd_trust_password
+
+  check_mode: false
+  rescue:
+    - debug:
+        verbosity: 1
+        msg: "hostvms vms.yml WARN undefined or missing base_passwords_database "
+          
+    - set_fact:
+        base_passwords_password: "{{HOSTVMS_LXD_TRUST_PASSWORD}}"
+  when: false