2021-04-22 23:39:58 +02:00
|
|
|
---
|
2021-07-05 02:32:59 +02:00
|
|
|
|
|
|
|
- name: Install wireguard
|
|
|
|
apt:
|
|
|
|
name:
|
|
|
|
- ifupdown2
|
|
|
|
state: latest
|
|
|
|
update_cache: true
|
|
|
|
register: apt_result
|
|
|
|
retries: 3
|
|
|
|
until: apt_result is succeeded
|
|
|
|
|
2021-04-22 23:39:58 +02:00
|
|
|
- name: Enable ipv4 forwarding
|
|
|
|
ansible.posix.sysctl:
|
|
|
|
name: net.ipv4.ip_forward
|
|
|
|
value: '1'
|
|
|
|
sysctl_set: true
|
2021-04-23 00:44:49 +02:00
|
|
|
when: ipv4_forwarding
|
2021-04-22 23:39:58 +02:00
|
|
|
|
|
|
|
- name: Enable ipv6 forwarding
|
|
|
|
ansible.posix.sysctl:
|
|
|
|
name: net.ipv6.conf.all.forwarding
|
|
|
|
value: '1'
|
|
|
|
sysctl_set: true
|
2021-04-23 00:44:49 +02:00
|
|
|
when: ipv6_forwarding
|
|
|
|
|
|
|
|
- name: Disable ipv4 forwarding
|
|
|
|
ansible.posix.sysctl:
|
|
|
|
name: net.ipv4.ip_forward
|
|
|
|
value: '0'
|
|
|
|
sysctl_set: true
|
|
|
|
when: not ipv4_forwarding
|
|
|
|
|
|
|
|
- name: Disable ipv6 forwarding
|
|
|
|
ansible.posix.sysctl:
|
|
|
|
name: net.ipv6.conf.all.forwarding
|
|
|
|
value: '0'
|
|
|
|
sysctl_set: true
|
|
|
|
when: not ipv6_forwarding
|
2021-07-05 02:32:59 +02:00
|
|
|
|
|
|
|
- name: Create interface config files
|
|
|
|
ansible.builtin.template:
|
|
|
|
src: "interfaces.j2"
|
|
|
|
dest: "/etc/network/interfaces"
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: '644'
|
|
|
|
notify: Reload network interfaces
|
|
|
|
|
|
|
|
- name: Create interface config files
|
|
|
|
ansible.builtin.template:
|
|
|
|
src: "interface.conf.j2"
|
|
|
|
dest: "/etc/network/interfaces.d/{{ item.key }}.conf"
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: '640'
|
|
|
|
notify: Reload network interfaces
|
|
|
|
loop: "{{ lookup('dict', interfaces) }}"
|