2022-08-26 20:52:23 +02:00
|
|
|
{{ ansible_managed | comment }}
|
|
|
|
|
2023-07-05 01:18:52 +02:00
|
|
|
auto lo
|
|
|
|
iface lo
|
|
|
|
|
|
|
|
{% macro iface_common(iface, index=None) %}
|
2022-08-27 08:31:42 +02:00
|
|
|
{% for address in iface.addresses | default([]) %}
|
2023-09-17 20:32:05 +02:00
|
|
|
address {{ address | ansible.utils.ipaddr }}
|
2022-08-26 20:52:23 +02:00
|
|
|
{% endfor %}
|
2022-08-27 04:10:11 +02:00
|
|
|
{% for gateway in iface.gateways | default([]) %}
|
2023-09-17 20:32:05 +02:00
|
|
|
gateway {{ gateway | ansible.utils.ipaddr }}
|
2022-08-26 20:52:23 +02:00
|
|
|
{% endfor %}
|
2023-07-04 04:05:31 +02:00
|
|
|
{% if iface.forward | default(false) %}
|
|
|
|
ip-forward yes
|
|
|
|
ip6-forward yes
|
|
|
|
{% endif %}
|
|
|
|
{% if iface.goto_table is defined %}
|
2023-11-07 06:07:48 +01:00
|
|
|
{% set prio = ifupdown2__prio_base + 3 * index %}
|
|
|
|
pre-up ip rule add prio {{ prio }} iif $IFACE table local
|
|
|
|
pre-up ip rule add prio {{ prio + 1 }} iif $IFACE table {{ iface.goto_table }}
|
|
|
|
pre-up ip rule add prio {{ prio + 2 }} iif $IFACE blackhole
|
|
|
|
post-down ip rule del prio {{ prio }} iif $IFACE table local
|
|
|
|
post-down ip rule del prio {{ prio + 1 }} iif $IFACE table {{ iface.goto_table }}
|
|
|
|
post-down ip rule del prio {{ prio + 2 }} iif $IFACE blackhole
|
2023-07-04 04:05:31 +02:00
|
|
|
{% endif %}
|
2023-11-07 04:11:28 +01:00
|
|
|
{% if iface.vrf is defined %}
|
|
|
|
vrf {{ iface.vrf }}
|
|
|
|
{% endif %}
|
2023-07-04 04:05:31 +02:00
|
|
|
{% if iface.ipv6_addrgen is defined %}
|
|
|
|
ipv6-addrgen {{ iface.ipv6_addrgen
|
2023-09-17 20:32:05 +02:00
|
|
|
| ternary("yes", "no") }}
|
2023-07-04 04:05:31 +02:00
|
|
|
{% endif %}
|
|
|
|
{% endmacro %}
|
|
|
|
|
2023-11-07 06:07:48 +01:00
|
|
|
{% set index = 1 %}
|
|
|
|
|
2023-07-04 04:05:31 +02:00
|
|
|
{% for name, iface in ifupdown2__interfaces.items() %}
|
2023-11-07 06:07:48 +01:00
|
|
|
{% set index = index + 4 %}
|
2023-07-04 04:05:31 +02:00
|
|
|
auto {{ name }}
|
|
|
|
iface {{ name }}
|
2023-11-07 06:07:48 +01:00
|
|
|
{{ iface_common(iface, index) | indent(4) }}
|
2022-08-27 08:31:42 +02:00
|
|
|
{% if iface.bridge_ports is defined %}
|
|
|
|
bridge-ports {{ iface.bridge_ports | join(" ") }}
|
|
|
|
{% endif %}
|
|
|
|
{% if iface.bridge_vlan_aware is defined %}
|
|
|
|
bridge-vlan-aware {{ iface.bridge_vlan_aware
|
|
|
|
| ternary("yes", "no") }}
|
|
|
|
{% endif %}
|
|
|
|
{% if iface.bridge_vids is defined %}
|
|
|
|
bridge-vids {{ iface.bridge_vids | join(",") }}
|
|
|
|
{% endif %}
|
|
|
|
{% if iface.vlan_id is defined %}
|
|
|
|
vlan-id {{ iface.vlan_id | int }}
|
|
|
|
{% endif %}
|
|
|
|
{% if iface.vlan_raw_device is defined %}
|
|
|
|
vlan-raw-device {{ iface.vlan_raw_device }}
|
|
|
|
{% endif %}
|
2022-08-27 09:18:16 +02:00
|
|
|
{% if iface.bridge_disable_pvid | default(false) %}
|
|
|
|
bridge-pvid 0
|
|
|
|
post-up bridge vlan del dev {{ name }} vid 1 self
|
|
|
|
{% endif %}
|
2023-07-04 04:05:31 +02:00
|
|
|
|
|
|
|
{% endfor %}
|
|
|
|
|
2023-07-05 01:18:52 +02:00
|
|
|
{% for name, iface in ifupdown2__wireguard.items() | sort(attribute="0") %}
|
2023-11-07 06:07:48 +01:00
|
|
|
{% set index = index + 4 %}
|
2023-07-04 04:05:31 +02:00
|
|
|
auto {{ name }}
|
|
|
|
iface {{ name }}
|
|
|
|
link-type wireguard
|
2023-11-07 06:07:48 +01:00
|
|
|
{{ iface_common(iface, index) | indent(4) }}
|
2023-07-04 04:05:31 +02:00
|
|
|
pre-up wg setconf $IFACE /etc/wireguard/$IFACE.conf
|
|
|
|
{% for address in iface.peer_allowed_addresses | default([]) %}
|
2023-11-07 06:07:48 +01:00
|
|
|
post-up ip route add {{ address }} proto {{ ifupdown2__wireguard_proto }} \
|
|
|
|
table {{ iface.table | default("main") }} dev $IFACE
|
2023-07-04 04:05:31 +02:00
|
|
|
{% endfor %}
|
2023-11-07 04:11:28 +01:00
|
|
|
{% endfor %}
|
2022-08-27 04:10:11 +02:00
|
|
|
|
2023-11-07 04:11:28 +01:00
|
|
|
{% for name, iface in ifupdown2__vrf.items() | sort(attribute="0") %}
|
2023-11-07 06:07:48 +01:00
|
|
|
{% set index = index + 4 %}
|
2023-11-07 04:11:28 +01:00
|
|
|
auto {{ name }}
|
|
|
|
iface {{ name }}
|
2023-11-07 06:07:48 +01:00
|
|
|
{{ iface_common(iface, index) | indent(4) }}
|
2023-11-07 04:11:28 +01:00
|
|
|
vrf-table {{ iface.table }}
|
2022-08-26 20:52:23 +02:00
|
|
|
{% endfor %}
|