create network role and include it into base (only openbsd does something)

2019-05-28 00:25:06 +03:00 · 2019-05-28 00:25:06 +03:00 · dd19c94511
commit dd19c94511
parent ba0c70532f
9 changed files with 101 additions and 0 deletions
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@ -61,6 +61,7 @@
  include_role:
    name: "{{ role }}"
  with_items:
+    - network
    - opensmtpd
    - pki
    - psacct
--- a/roles/network/defaults/main.yml
+++ b/roles/network/defaults/main.yml
@ -0,0 +1,3 @@
+---
+network_ether_interfaces: []
+network_carp_interfaces: []
--- a/roles/network/handlers/main.yml
+++ b/roles/network/handlers/main.yml
@ -0,0 +1,4 @@
+- block:
+  - name: restart network
+    command: /bin/sh /etc/netstart
+  when: ansible_os_family == "OpenBSD"
--- a/roles/network/tasks/OpenBSD.yml
+++ b/roles/network/tasks/OpenBSD.yml
@ -0,0 +1,37 @@
+---
+
+- name: create ethernet interface configurations
+  template:
+    src: hostname.if.j2
+    dest: "/etc/hostname.{{ item.device }}"
+    mode: 0600
+    owner: root
+    group: "{{ ansible_wheel }}"
+  with_items: "{{ network_ether_interfaces }}"
+  notify: restart network
+
+- block:
+    - name: create carp interface configurations
+      template:
+        src: hostname.carp.j2
+        dest: "/etc/hostname.carp{{ item.vhid }}"
+        mode: 0600
+        owner: root
+        group: "{{ ansible_wheel }}"
+      with_items: "{{ network_carp_interfaces }}"
+      notify: restart network
+    - name: enable carp preempt
+      sysctl:
+        name: net.inet.carp.preempt
+        value: 1
+  when: network_carp_interfaces != []
+
+- name: set default gateway
+  copy:
+    content: "{{ network_default_gateway }}\n"
+    dest: /etc/mygate
+    mode: 0600
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: restart network
+  when: network_default_gateway is defined
--- a/roles/network/tasks/RedHat.yml
+++ b/roles/network/tasks/RedHat.yml
@ -0,0 +1 @@
+---
--- a/roles/network/tasks/main.yml
+++ b/roles/network/tasks/main.yml
@ -0,0 +1,12 @@
+---
+- name: include os spcific tasks
+  include_tasks: "{{ ansible_os_family }}.yml"
+
+- name: create resolv.conf
+  template:
+    src: resolv.conf.j2
+    dest: /etc/resolv.conf
+    mode: 0644
+    owner: root
+    group: "{{ ansible_wheel }}"
+  when: network_dns_servers is defined
--- a/roles/network/templates/hostname.carp.j2
+++ b/roles/network/templates/hostname.carp.j2
@ -0,0 +1,20 @@
+vhid {{ item.vhid }}
+pass {{ item.pass }}
+carpdev {{ item.device }}
+{% if item.proto is not defined or item.proto == 'static' %}
+inet {{ item.ipaddr }} {{ item.netmask }}
+{% elif item.proto == 'dhcp' %}
+dhcp
+{% elif item.proto == 'none' %}
+up
+{% endif %}
+{% if item.ip6addr is defined %}
+{%   if item.ip6addr == 'auto' %}
+rtsol
+{%   elif item.ip6addr != 'none' %}
+inet6 alias {{ item.ip6addr }} {{ item.ip6netmask }}
+{%   endif %}
+{% endif %}
+{% if item.advskew is defined %}
+advskew {{ item.advskew }}
+{% endif %}
--- a/roles/network/templates/hostname.if.j2
+++ b/roles/network/templates/hostname.if.j2
@ -0,0 +1,17 @@
+{% if item.proto is not defined or item.proto == 'static' %}
+inet {{ item.ipaddr }} {{ item.netmask }}
+{% elif item.proto == 'dhcp' %}
+dhcp
+{% elif item.proto == 'none' %}
+up
+{% endif %}
+{% if item.ip6addr is defined %}
+{%   if item.ip6addr == 'auto' %}
+inet6 autoconfig
+{%   elif ip6addr != 'none' %}
+inet6 alias {{ item.ip6addr }} {{ item.ip6netmask }}
+{%   endif %}
+{% endif %}
+{% if item.postcmd is defined %}
+{{ postcmd }}
+{% endif %}
--- a/roles/network/templates/resolv.conf.j2
+++ b/roles/network/templates/resolv.conf.j2
@ -0,0 +1,6 @@
+{% if network_dns_search is defined %}
+search {{ network_dns_search|join(' ') }}
+{% endif %}
+{% for addr in network_dns_servers %}
+nameserver {{ addr }}
+{% endfor %}