ansible/roles/ifupdown2/tasks/main.yml

71 lines
1.7 KiB
YAML

---
- name: Ensure that interfaces names don't overlap
assert:
that: "not (ifupdown2__interfaces.keys()
| intersect(ifupdown2__wireguard.keys()))"
msg: "Static and wireguard interfaces names must not overlap"
- name: Install wireguard
apt:
name: wireguard
when: ifupdown2__wireguard
- name: Configure wireguard
template:
src: wireguard.conf.j2
dest: "/etc/wireguard/{{ item.key }}.conf"
owner: root
group: root
mode: u=rw,g=r,o=
#no_log: true
loop: "{{ ifupdown2__wireguard | dict2items }}"
register: results_wireguard
- name: Synchronise wireguard config if necessary
command: "wg syncconf {{ item.0.key }} /etc/wireguard/{{ item.0.key }}.conf"
when: "item.0.key in ansible_interfaces and item.1.changed"
loop: "{{ ifupdown2__wireguard
| dict2items
| zip(results_wireguard.results) }}"
- name: Gather package facts
package_facts:
manager: apt
- name: Check if ifupdown2 is installed
set_fact:
must_mask: "{{ 'ifupdown2' not in ansible_facts.packages }}"
- name: Mask networking before installing ifupdown2
systemd:
name: networking.service
masked: true
when: must_mask
- name: Install ifupdown2
apt:
name: ifupdown2
- name: Unmask networking now that ifupdown2 is installed
systemd:
name: networking.service
masked: false
when: must_mask
- name: Configure ifupdown2
template:
src: interfaces.j2
dest: /etc/network/interfaces
owner: root
group: root
mode: u=rw,g=r,o=
notify:
- Restart networking
- Bring all interfaces up
- name: Enable and start networking
systemd:
name: networking.service
state: started
enabled: true
...