add bridge support for debian

2021-07-11 02:55:12 +02:00 · 2021-07-11 02:55:12 +02:00 · 3e08fde515
commit 3e08fde515
parent b9240ef965
3 changed files with 37 additions and 4 deletions
--- a/host_vars/vm1/networking.yml
+++ b/host_vars/vm1/networking.yml
@ -1,11 +1,20 @@
 ---
 interfaces:
  enp0s3:
+    type: void
+  br0:
    ipv4: 10.0.2.5
    netmaskv4: 24
    type: static
-    routes:
-      - {subnet: 0.0.0.0, netmask: 0, gateway: 10.0.2.1}
+    bridge: true
+    gateway: 10.0.2.1
+    interfaces:
+      - enp0s3
+  br1:
+    type: manual
+    bridge: true
+    interfaces:
+      - enp0s3.42
  wg0:
    ipv4: "{{ intranet.subnets.test.subnets.vm1.ipv4 }}"
    netmaskv4: "{{ intranet.netmaskv4 }}"
--- a/roles/networking/tasks/main.yml
+++ b/roles/networking/tasks/main.yml
@ -11,6 +11,18 @@
  until: apt_result is succeeded
  when: ansible_facts["lsb"]["id"] == "Debian"

+- name: Install bridge-utils
+  apt:
+    name:
+      - bridge-utils
+    state: latest
+    update_cache: true
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+  when: (ansible_facts["lsb"]["id"] == "Debian") and 
+        (lookup('dict', interfaces, wantlist=True) | selectattr('value.bridge', 'defined') | selectattr('value.bridge') | list)
+
 - name: Enable ipv4 forwarding
  ansible.posix.sysctl:
    name: net.ipv4.ip_forward
--- a/roles/networking/templates/debian_interfaces.j2
+++ b/roles/networking/templates/debian_interfaces.j2
@ -5,12 +5,14 @@ auto lo
 iface lo inet loopback

 {% for item in lookup('dict', interfaces, wantlist=True) %}
-{% if item.value.type not in ['wireguard', ] %}
+{% if item.value.type not in ['wireguard', 'void', ] %}
 auto {{ item.key }}
 {% if item.value.type == 'dhcp' %}
 iface {{ item.key }} inet dhcp
 {% elif item.value.type == 'static' %}
 iface {{ item.key }} inet static
+{% elif item.value.type == 'manual' %}
+iface {{ item.key }} inet manual
 {% endif %}
 {% if 'routes' in item.value %}{# route up #}
 {% for route in item.value.routes %}
@ -23,11 +25,21 @@ iface {{ item.key }} inet static
 {% if 'gateway' in item.value %}
    gateway {{ item.value.gateway }}
 {% endif %}
+{% if 'bridge' in item.value and item.value.bridge %}
+{% if 'interfaces' in item.value and item.value.interfaces %}
+    bridge-ports {{ item.value.interfaces | join(' ') }}
+{% endif %}
+    bridge-stp off
+    bridge-fd 0
+{% endif %}
 {% if 'routes' in item.value %}{# route dw #}
 {% for route in item.value.routes %}
    post-down ip route del {{ route.subnet }}/{{ route.netmask }} via {{ route.gateway }}
 {% endfor %}
 {% endif %}{# end route dw #}

-{% endif %}{# end (not in [wireguard, ]) #}
+{% elif item.value.type == 'void' %}{# end (not in [wireguard, void, ]) #}
+iface {{ item.key }} inet manual
+
+{% endif %}
 {% endfor %}