Make corrections to LXC bridge template file

This change adjusts a few of the modifications made to the
lxc-net-bridge.cfg.j2 template file in change
I3c8225124a5f18db81259e1d52d0168ef52c3c17.

The minus signs have been removed from if and endif blocks so that
whitespace is kept intact between sections. The ordering of post-up and
post-down commands has also been changed so that iptables rules are
created before the dnsmasq service is started, as they were previously.

The default value of lxc_net_gateway has also been changed to null so
that it's evaluated as expected. Its current value, none, is evaluated
as a string.

A test has been added to compare the contents of the deployed lxc bridge
interface file with its expected contents.

Change-Id: I39d7b3f40de6ac691550c11d71bb6a182b3452f4

defaults/main.yml

@@ -25,11 +25,11 @@ lxc_net_bridge: lxcbr0
 lxc_net_bridge_port: none
 lxc_net_address: 10.0.3.1
 lxc_net_netmask: 255.255.255.0
-lxc_net_gateway: none  ## if "none" no gateway will on the LXC bridge, nat must be "false" to use a gateway.
+lxc_net_gateway: null  ## if null, no gateway will be on the LXC bridge. lxc_net_nat must be "false" to use a gateway.
 #lxc_net_mtu: 1500 ##setting this variable will add mtu configuration for the lxc config and network bridge
 
 # lxc container nat enabled
-lxc_net_nat: true  ## If "true" nat rules will be created with the lxc network.
+lxc_net_nat: true  ## If "true", nat rules will be created with the lxc network.
 
 # lxc container dhcp settings
 lxc_net_dhcp_range: 10.0.3.2,10.0.3.253

templates/lxc-net-bridge.cfg.j2

@@ -4,19 +4,19 @@ auto {{ lxc_net_bridge }}
 iface {{ lxc_net_bridge }} inet static
     address {{ lxc_net_address }}
     netmask {{ lxc_net_netmask }}
-{%- if lxc_net_gateway is not none %}
+{% if lxc_net_gateway is not none %}
     gateway {{ lxc_net_gateway }}
-{% endif -%}
-{%- if lxc_net_mtu is defined %}
+{% endif %}
+{% if lxc_net_mtu is defined %}
     mtu {{ lxc_net_mtu }}
-{% endif -%}
-{%- if lxc_net_nat | bool %}
+{% endif %}
+{% if lxc_net_nat | bool %}
     # dnsmasq start and stop
-    post-up /usr/local/bin/lxc-system-manage dnsmasq-start || true
     post-up /usr/local/bin/lxc-system-manage iptables-create
-    post-down /usr/local/bin/lxc-system-manage dnsmasq-stop
+    post-up /usr/local/bin/lxc-system-manage dnsmasq-start || true
     post-down /usr/local/bin/lxc-system-manage iptables-remove
-{% endif -%}
+    post-down /usr/local/bin/lxc-system-manage dnsmasq-stop
+{% endif %}
     bridge_fd 0
     bridge_maxwait 0
     bridge_ports {{ lxc_net_bridge_port }}

tests/files/expected-lxc-net-bridge.cfg

@@ -0,0 +1,15 @@
+auto lxcbr0
+iface lxcbr0 inet static
+    address 10.0.3.1
+    netmask 255.255.255.0
+    # dnsmasq start and stop
+    post-up /usr/local/bin/lxc-system-manage iptables-create
+    post-up /usr/local/bin/lxc-system-manage dnsmasq-start || true
+    post-down /usr/local/bin/lxc-system-manage iptables-remove
+    post-down /usr/local/bin/lxc-system-manage dnsmasq-stop
+    bridge_fd 0
+    bridge_maxwait 0
+    bridge_ports none
+    bridge_hello 2
+    bridge_maxage 12
+    bridge_stp off

tests/test.yml

@@ -63,6 +63,14 @@
       register: lxc_bridge_file
     - name: Check dnsmasq is running
       shell: ps auxfww | grep -w 'dnsmasq -u lxc-dnsmasq'
+    - name: Get deployed interface file contents, without Ansible managed line
+      shell: |
+        cat /etc/network/interfaces.d/lxc-net-bridge.cfg | tail -n +3
+      register: interface_file
+    - name: Get expected interface file contents
+      shell: |
+        cat files/expected-lxc-net-bridge.cfg
+      register: expected_interface_file
     - name: Check role functions
       assert:
         that:
@@ -70,3 +78,4 @@
           - "lxc_bridge_file.stat.exists"
           - "container_cache_dir.stat.isdir"
           - "container_tar_file.stat.exists"
+          - "interface_file.stdout | match(expected_interface_file.stdout)"