242b3c3fb4
Add ipforward bool optional setting to systemd_networks to enable or disable forwarding for a given interface. IPForward is disabled by default. Change-Id: Iaea33b1bdde1964f38612ab8c278fed4985d390b
155 lines
4.4 KiB
YAML
155 lines
4.4 KiB
YAML
---
|
|
# Copyright 2017, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Gather variables for each operating system
|
|
include_vars: "{{ item }}"
|
|
with_first_found:
|
|
- files:
|
|
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
|
|
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
|
|
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
|
|
- "{{ ansible_distribution | lower }}.yml"
|
|
- "{{ ansible_os_family | lower }}.yml"
|
|
skip: true
|
|
tags:
|
|
- always
|
|
|
|
- name: Install networkd distro packages
|
|
package:
|
|
name: "{{ systemd_networkd_distro_packages }}"
|
|
state: "present"
|
|
update_cache: "{{ (ansible_pkg_mgr == 'apt') | ternary('yes', omit) }}"
|
|
cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(600, omit) }}"
|
|
when:
|
|
- systemd_networkd_distro_packages | length > 0
|
|
register: install_packages
|
|
until: install_packages is success
|
|
retries: 3
|
|
delay: 2
|
|
|
|
- name: Create systemd-networkd directory
|
|
file:
|
|
path: "/etc/systemd/network"
|
|
state: directory
|
|
tags:
|
|
- systemd-networkd
|
|
|
|
- name: Create systemd-resolved config
|
|
template:
|
|
src: "systemd-resolved.conf.j2"
|
|
dest: "/etc/systemd/resolved.conf"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0644"
|
|
when:
|
|
- systemd_resolved
|
|
notify:
|
|
- Restart systemd-resolved
|
|
tags:
|
|
- systemd-resolved
|
|
|
|
- name: Find prefixed netdev and network files
|
|
find:
|
|
paths: "/etc/systemd/network"
|
|
patterns: "*{{ systemd_networkd_prefix }}*.netdev,*{{ systemd_networkd_prefix }}*.network"
|
|
register: networkd_files
|
|
when:
|
|
- systemd_interface_cleanup | bool
|
|
tags:
|
|
- systemd-networkd
|
|
|
|
- name: Remove prefixed network files
|
|
file:
|
|
path: "{{ item.path }}"
|
|
state: absent
|
|
with_items: "{{ networkd_files.files }}"
|
|
when:
|
|
- systemd_interface_cleanup | bool
|
|
notify:
|
|
- Restart systemd-networkd
|
|
tags:
|
|
- systemd-networkd
|
|
|
|
- name: Create systemd-networkd network device(s)
|
|
template:
|
|
src: "systemd-netdev.j2"
|
|
dest: "/etc/systemd/network/{{ (item.1.filename | default(systemd_networkd_filename)) ~ '.netdev' }}"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0644"
|
|
with_indexed_items: "{{ systemd_netdevs }}"
|
|
notify:
|
|
- Restart systemd-networkd
|
|
tags:
|
|
- systemd-networkd
|
|
|
|
- name: Create systemd-networkd network link(s)
|
|
config_template:
|
|
src: "systemd-link.j2"
|
|
dest: "/etc/systemd/network/{{ (item.1.filename | default(systemd_networkd_filename_alt)) ~ '.link' }}"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0644"
|
|
config_overrides: "{{ item.1.link_config_overrides | default(systemd_link_config_overrides) }}"
|
|
config_type: "ini"
|
|
with_indexed_items: "{{ systemd_networks }}"
|
|
notify:
|
|
- Update initramfs
|
|
- Restart systemd-networkd
|
|
tags:
|
|
- systemd-networkd
|
|
|
|
- name: Create systemd-networkd network network(s)
|
|
config_template:
|
|
src: "systemd-network.j2"
|
|
dest: "/etc/systemd/network/{{ (item.1.filename | default(systemd_networkd_filename_alt)) ~ '.network' }}"
|
|
owner: "root"
|
|
group: "root"
|
|
mode: "0644"
|
|
config_overrides: "{{ item.1.config_overrides | default({}) }}"
|
|
config_type: "ini"
|
|
with_indexed_items: "{{ systemd_networks }}"
|
|
notify:
|
|
- Restart systemd-networkd
|
|
tags:
|
|
- systemd-networkd
|
|
|
|
- name: Enable and start systemd-networkd
|
|
systemd:
|
|
name: "systemd-networkd"
|
|
enabled: "yes"
|
|
state: started
|
|
async: 45
|
|
poll: 0
|
|
when:
|
|
- systemd_run_networkd | bool
|
|
tags:
|
|
- systemd-networkd
|
|
|
|
- name: restart systemd_networkd prior to applying sysctl changes
|
|
meta: flush_handlers
|
|
|
|
- name: Add IP Forward for interface
|
|
sysctl:
|
|
name: "net.ipv4.conf.{{ item.1.interface }}.forwarding"
|
|
value: 1
|
|
sysctl_set: yes
|
|
state: present
|
|
reload: yes
|
|
with_indexed_items: "{{ systemd_networks }}"
|
|
when:
|
|
- (ansible_os_family | lower) == 'redhat'
|
|
- item.1.ipforward | default(false) | bool
|