ip_forward: create role + playbook

2023-03-27 11:56:17 +02:00 · 2023-03-27 11:56:17 +02:00 · 9c41558d62
commit 9c41558d62
parent 66a015c135
4 changed files with 31 additions and 0 deletions
--- a/playbooks/ip_forward.yml
+++ b/playbooks/ip_forward.yml
@ -0,0 +1,8 @@
+#!/usr/bin/env ansible-playbook
+---
+- hosts:
+    - edge-1.rtr.infra.auro.re
+    - edge-2.rtr.infra.auro.re
+  roles:
+    - ip_forward
+...
--- a/roles/ip_forward/handlers/main.yml
+++ b/roles/ip_forward/handlers/main.yml
@ -0,0 +1,4 @@
+---
+- name: Reload sysctl
+  command: sysctl --system
+...
--- a/roles/ip_forward/tasks/main.yml
+++ b/roles/ip_forward/tasks/main.yml
@ -0,0 +1,11 @@
+---
+- name: Enable forwarding
+  template:
+    src: 10-forward.conf.j2
+    dest: /etc/sysctl.d/10-forward.conf
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
+  notify:
+    - Reload sysctl
+...
--- a/roles/ip_forward/templates/10-forward.conf.j2
+++ b/roles/ip_forward/templates/10-forward.conf.j2
@ -0,0 +1,8 @@
+{{ ansible_managed | comment }}
+
+# Enable IPv4 forwarding
+net.ipv4.ip_forward=1
+net.ipv4.conf.all.forwarding=1
+
+# Enable IPv6 forwarding
+net.ipv6.conf.all.forwarding=1