add chloe-jump playbook

plays/nodes/chloe-jump.yml

@@ -0,0 +1,38 @@
+---
+- hosts: chloe-jump
+  gather_facts: true
+  become: true
+
+  roles:
+    - dnf-automatic
+    - statusservices
+
+  vars_files:
+    - "{{ inventory_dir }}/vars/vault.yaml"
+
+  vars:
+    dnf_update_time: 'mon 03:30'
+
+    status_services_extra:
+      - tailscaled
+
+
+  post_tasks:
+    - name: Enable IPv4 Forwarding in kernel
+      ansible.posix.sysctl:
+        name: net.ipv4.ip_forward
+        value: "1"
+
+
+    - name: Enable IPv6 Forwarding in kernel
+      ansible.posix.sysctl:
+        name: net.ipv6.conf.all.forwarding
+        value: "1"
+
+
+    # https://github.com/tailscale/tailscale/issues/3416
+    - name: Enable IP Masquerading in firewalld
+      ansible.posix.firewalld:
+        masquerade: true
+        permanent: true
+        state: enabled