Merge pull request 'Configure /etc/network/interfaces and /etc/resolv.conf using Ansible' (#98) from ifupdown2 into master

Reviewed-on: #98
This commit is contained in:
jeltz 2022-08-27 04:55:26 +02:00
commit 8bcc0af539
9 changed files with 133 additions and 0 deletions

View file

@ -3,6 +3,7 @@ ask_vault_pass = True
roles_path = ./roles
retry_files_enabled = False
inventory = ./hosts
filter_plugins = ./filter_plugins
ansible_managed = Ansible managed, modified on %Y-%m-%d %H:%M:%S
nocows = 1
forks = 15

View file

@ -0,0 +1,13 @@
import dns.name
class FilterModule:
def filters(self):
return {
"remove_domain_suffix": remove_domain_suffix,
}
def remove_domain_suffix(name):
parent = dns.name.from_text(name).parent()
return parent.to_text()

32
playbooks/ifupdown2.yml Executable file
View file

@ -0,0 +1,32 @@
#!/usr/bin/env ansible-playbook
---
- hosts:
- ntp-1.int.infra.auro.re
vars:
# TODO: netbox
ifupdown2__hosts:
ntp-1.int.infra.auro.re:
ens18:
gateways:
- 2a09:6840:128::254
- 10.128.0.254
addresses:
- 2a09:6840:128::203/56
- 10.128.0.203/16
ifupdown2__interfaces: "{{ ifupdown2__hosts[inventory_hostname] }}"
roles:
- ifupdown2
- hosts:
- ntp-1.int.infra.auro.re
vars:
resolvconf__nameservers:
- 2a09:6840:128::127
- 10.128.0.127
resolvconf__domain: auro.re
resolvconf__search:
- "{{ inventory_hostname | remove_domain_suffix }}"
- auro.re
roles:
- resolvconf
...

View file

@ -0,0 +1,3 @@
---
ifupdown2__interfaces: {}
...

View file

@ -0,0 +1,9 @@
---
- name: Restart networking
systemd:
name: networking.service
state: restarted
- name: Bring all interfaces up
shell: /usr/sbin/ifup -a
...

View file

@ -0,0 +1,42 @@
---
- name: Gather package facts
package_facts:
manager: apt
- name: Check if ifupdown2 is installed
set_fact:
must_mask: "{{ 'ifupdown2' not in ansible_facts.packages }}"
- name: Mask networking before installing ifupdown2
systemd:
name: networking.service
masked: true
when: must_mask
- name: Install ifupdown2
apt:
name: ifupdown2
- name: Unmask networking now that ifupdown2 is installed
systemd:
name: networking.service
masked: false
when: must_mask
- name: Configure ifupdown2
template:
src: interfaces.j2
dest: /etc/network/interfaces
owner: root
group: root
mode: u=rw,g=r,o=
notify:
- Restart networking
- Bring all interfaces up
- name: Enable and start networking
systemd:
name: networking.service
state: started
enabled: true
...

View file

@ -0,0 +1,13 @@
{{ ansible_managed | comment }}
{% for name, iface in ifupdown2__interfaces.items() %}
auto {{ name }}
iface {{ name }}
{% for address in iface.addresses %}
address {{ address | ipaddr }}
{% endfor %}
{% for gateway in iface.gateways | default([]) %}
gateway {{ gateway | ipaddr }}
{% endfor %}
{% endfor %}

View file

@ -0,0 +1,9 @@
---
- name: Install resolv.conf
template:
src: resolv.conf.j2
dest: /etc/resolv.conf
owner: root
group: root
mode: u=rw,g=r,o=r
...

View file

@ -0,0 +1,11 @@
{{ ansible_managed | comment }}
{% for nameserver in resolvconf__nameservers %}
nameserver {{ nameserver | ipaddr }}
{% endfor %}
{% if resolvconf__domain is defined %}
domain {{ resolvconf__domain }}
{% endif %}
{% if resolvconf__search is defined %}
search {{ resolvconf__search | join(" ") }}
{% endif %}