Pains-Perdus/ansible
3
1
Fork 0
Code Issues Pull requests 1 Releases Wiki Activity

add bridge support for debian

Browse source
This commit is contained in:
histausse 2021-07-11 02:55:12 +02:00
parent b9240ef965
commit 3e08fde515
Signed by: histausse
GPG key ID: 67486F107F62E9E9
3 changed files with 37 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
host_vars/vm1/networking.yml
View file

@ -1,11 +1,20 @@
--- ---
interfaces: interfaces:
enp0s3: enp0s3:
type: void
br0:
ipv4: 10.0.2.5 ipv4: 10.0.2.5
netmaskv4: 24 netmaskv4: 24
type: static type: static
routes: bridge: true
- {subnet: 0.0.0.0, netmask: 0, gateway: 10.0.2.1} gateway: 10.0.2.1
interfaces:
- enp0s3
br1:
type: manual
bridge: true
interfaces:
- enp0s3.42
wg0: wg0:
ipv4: "{{ intranet.subnets.test.subnets.vm1.ipv4 }}" ipv4: "{{ intranet.subnets.test.subnets.vm1.ipv4 }}"
netmaskv4: "{{ intranet.netmaskv4 }}" netmaskv4: "{{ intranet.netmaskv4 }}"

12
roles/networking/tasks/main.yml
View file

@ -11,6 +11,18 @@
until: apt_result is succeeded until: apt_result is succeeded
when: ansible_facts["lsb"]["id"] == "Debian" when: ansible_facts["lsb"]["id"] == "Debian"
- name: Install bridge-utils
apt:
name:
- bridge-utils
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
when: (ansible_facts["lsb"]["id"] == "Debian") and
(lookup('dict', interfaces, wantlist=True) | selectattr('value.bridge', 'defined') | selectattr('value.bridge') | list)
- name: Enable ipv4 forwarding - name: Enable ipv4 forwarding
ansible.posix.sysctl: ansible.posix.sysctl:
name: net.ipv4.ip_forward name: net.ipv4.ip_forward

16
roles/networking/templates/debian_interfaces.j2
View file

@ -5,12 +5,14 @@ auto lo
iface lo inet loopback iface lo inet loopback
{% for item in lookup('dict', interfaces, wantlist=True) %} {% for item in lookup('dict', interfaces, wantlist=True) %}
{% if item.value.type not in ['wireguard', ] %} {% if item.value.type not in ['wireguard', 'void', ] %}
auto {{ item.key }} auto {{ item.key }}
{% if item.value.type == 'dhcp' %} {% if item.value.type == 'dhcp' %}
iface {{ item.key }} inet dhcp iface {{ item.key }} inet dhcp
{% elif item.value.type == 'static' %} {% elif item.value.type == 'static' %}
iface {{ item.key }} inet static iface {{ item.key }} inet static
{% elif item.value.type == 'manual' %}
iface {{ item.key }} inet manual
{% endif %} {% endif %}
{% if 'routes' in item.value %}{# route up #} {% if 'routes' in item.value %}{# route up #}
{% for route in item.value.routes %} {% for route in item.value.routes %}
@ -23,11 +25,21 @@ iface {{ item.key }} inet static
{% if 'gateway' in item.value %} {% if 'gateway' in item.value %}
gateway {{ item.value.gateway }} gateway {{ item.value.gateway }}
{% endif %} {% endif %}
{% if 'bridge' in item.value and item.value.bridge %}
{% if 'interfaces' in item.value and item.value.interfaces %}
bridge-ports {{ item.value.interfaces | join(' ') }}
{% endif %}
bridge-stp off
bridge-fd 0
{% endif %}
{% if 'routes' in item.value %}{# route dw #} {% if 'routes' in item.value %}{# route dw #}
{% for route in item.value.routes %} {% for route in item.value.routes %}
post-down ip route del {{ route.subnet }}/{{ route.netmask }} via {{ route.gateway }} post-down ip route del {{ route.subnet }}/{{ route.netmask }} via {{ route.gateway }}
{% endfor %} {% endfor %}
{% endif %}{# end route dw #} {% endif %}{# end route dw #}
{% endif %}{# end (not in [wireguard, ]) #} {% elif item.value.type == 'void' %}{# end (not in [wireguard, void, ]) #}
iface {{ item.key }} inet manual
{% endif %}
{% endfor %} {% endfor %}