ansible/roles/router/tasks/main.yml
Yohaï-Eliel BERREBY 56808e4e60 wip: begin updating 'router' role for IPv6
pending: update virtual routes
2020-08-01 15:46:41 +02:00

55 lines
1.2 KiB
YAML

---
- name: Enable IPv4 packet forwarding
ansible.posix.sysctl:
name: net.ipv4.ip_forward
value: '1'
sysctl_set: yes
- name: Enable IPv6 packet forwarding
ansible.posix.sysctl:
name: net.ipv6.ip_forward
value: '1'
sysctl_set: yes
- name: Install aurore-firewall (re2o-service)
import_role:
name: re2o-service
vars:
service_repo: https://gitlab.federez.net/aurore/aurore-firewall.git
service_name: aurore-firewall
service_version: aurore
service_config:
hostname: re2o.auro.re
username: service-user
password: "{{ vault_serviceuser_passwd }}"
notify: run aurore-firewall
- name: Configure aurore-firewall
template:
src: firewall_config.py
dest: /var/local/re2o-services/aurore-firewall/firewall_config.py
mode: 0644
notify: run aurore-firewall
- name: Install keepalived
apt:
name: keepalived
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Configure keepalived
template:
src: keepalived.conf
dest: /etc/keepalived/keepalived.conf
mode: 0644
notify: restart keepalived
- name: Configure cron
template:
src: cron.d/re2o-services
dest: /etc/cron.d/re2o-services
mode: 0644