ansible/nis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

make sprachenatelier working..

Browse Source
This commit is contained in:
Christoph
2022-02-20 23:36:51 +01:00
parent 42c3774ca6
commit 1c57c66dca
87 changed files with 19196 additions and 1382 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
roles/network_interfaces/README.md Normal file
View File

@ -0,0 +1,94 @@
based on:
https://github.com/dresden-weekly/ansible-network-interfaces (https://galaxy.ansible.com/dresden-weekly/network-interfaces/)
Example Playbook
----------------
```yml
- hosts: all
become: true
become_user: root
roles:
- role: dresden-weekly.network-interfaces
network_interfaces:
- device: eth0
description: just a description for humans to understand
auto: true
family: inet
method: static
address: 192.168.1.11
network: 192.168.1.0
netmask: 193.168.1.255
gateway: 192.168.1.1
mtu: 9000
metric: 1
nameservers:
- 8.8.8.8
- 8.8.4.4
subnets:
- 192.168.1.12/32
- device: eth1
description: simple dhcp client interface
auto: true
family: inet
method: dhcp
- device: wlan0
description: sample wlan interface using wpa_supplicant (note: does not install wpasupplicant)
auto: true
family: inet
method: dhcp
additional_options:
wpa-driver: nl80211
wpa-ssid: my-wifi
wpa-psk: password123
- device: eth0.123
description: sample vlan interface using eth0 and tagged for VLAN 123.
method: static
address: 1.2.3.4
netmask: 24
broadcast: 1.2.3.255
vlan:
raw-device: eth0
up:
- route add default gw 1.2.3.254
- device: eth2
description: First bonding device
auto: true
family: inet
method: manual
bond:
master: bond0
- device: eth3
description: Second bonding device
auto: true
family: inet
method: manual
bond:
master: bond0
- device: bond0
description: This bonding device only has one interface
allow:
- hotplug
family: inet
method: static
bond:
mode: 802.3ad
xmit-hash-policy: layer3+4
miimon: 100
slaves: eth2 eth3
address: 192.160.50.1
netmask: 255.255.255.0
dns_search: "localdomain"
up:
- ip route add 172.16.0.0/24 via 192.168.50.254 dev bond0
```

13
roles/network_interfaces/defaults/main.yml Normal file
View File

@ -0,0 +1,13 @@
---
# If true, all additional files in /etc/network/interfaces/interfaces.d/ are deleted
network_manage_devices: False
# Should the interfaces be reloaded after config change?
network_interface_reload: True
network_interface_required_packages:
- vlan
- bridge-utils
- ifmetric
- ifupdown2

59
roles/network_interfaces/tasks/interfaces.yml Normal file
View File

@ -0,0 +1,59 @@
---
- name: (interfaces.yml) Check if file /etc/network/interfaces.ORIG exists
stat:
path: /etc/network/interfaces.ORIG
register: stat_result
tags:
- network-interfaces
- name: (interfaces.yml) Backup existing file '/etc/network/interfaces'
command: cp -a /etc/network/interfaces /etc/network/interfaces.ORIG
when: stat_result.stat.exists == False
tags:
- network-interfaces
- name: (interfaces.yml) Ensure interfaces file is latest
template:
src: "etc/network/interfaces.j2"
dest: /etc/network/interfaces
with_items: network_interfaces
tags:
- network-interfaces
- name: (interfaces.yml) Ensure imported device files at interfaces.d are latest
template:
src: "etc/network/interfaces.d/device.j2"
dest: "{{ network_interface_path }}/device-{{ item.0 }}"
with_items:
- "{{network_interfaces | default([]) | groupby('device') }}"
register: network_configuration_result
tags:
- network-interfaces
# ---
# Remove device files not configured here
# ---
- name: (interfaces.yml) list existing files
find:
path: "{{ network_interface_path }}"
file_type: file
register: files_matched
tags:
- network-interfaces
- name: (interfaces.yml) configured files
set_fact:
network_configured_files: >
[{% for item in network_configuration_result.results | default([]) -%}
u"{{ item.dest | default(item.path) }}"
{{ '' if loop.last else ',' }}
{%- endfor %}]
- name: (interfaces.yml) remove configurations
file:
dest: "{{ item.path }}"
state: absent
when: item.path not in network_configured_files
with_items: "{{ files_matched.files | default([]) }}"

14
roles/network_interfaces/tasks/main.yml Normal file
View File

@ -0,0 +1,14 @@
---
- import_tasks: packages.yml
when: network_interfaces is defined and network_manage_devices|bool
tags:
- networking
- network_interfaces
- import_tasks: interfaces.yml
when: network_interfaces is defined and network_manage_devices|bool
tags:
- networking
- network_interfaces

15
roles/network_interfaces/tasks/packages.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: (packages.yml) Ensure basic networking tools are installed
apt:
pkg: "{{ network_interface_required_packages }}"
state: present
update_cache: yes
cache_valid_time: 86400
- name: Enable service systemd-resolved
ansible.builtin.systemd:
name: systemd-resolved
enabled: yes
masked: no

143
roles/network_interfaces/templates/etc/network/interfaces.d/device.j2 Normal file
View File

@ -0,0 +1,143 @@
{{ ansible_managed | comment }}
{# {% for config in network_interfaces %} #}
{% for config in item.1 %}
{% if config.headline is defined and config.headline %}
#-----------------------------
# {{ config.headline }}
#-----------------------------
{% endif %}
{# {% if config.auto is defined and config.auto is sameas true %} #}
{% if config.auto | default(loop.first) %}
auto {{ config.device }}
{% endif %}
{% for stanza in config.allow | default([]) %}
allow-{{ stanza }}
{% endfor -%}
iface {{ config.device }} {{ config.family | default('inet', true) }} {{ config.method | default('static', true) }}
{% if config.method == "static" %}
{% if (config.description is defined and config.description) %}
description {{ config.description }}
{% endif %}
{% if config.hwaddress is defined and config.hwaddress %}
hwaddress {{ config.hwaddress }}
{% endif %}
{% if (config.address is defined) and (0 < config.address | length) %}
{% if config.netmask is defined %}
address {{ config.address }}/{{ config.netmask }}
{% else %}
address {{ config.address }}
{% endif -%}
{% endif -%}
{% set iface_keys = ['gateway', 'metric', 'pointopoint', 'media', 'mtu', 'scope'] %}
{% for key in iface_keys %}
{% if key in config and config[key] %}
{{ key }} {{ config[key] }}
{% endif %}
{% endfor -%}
{% elif config.method == "dhcp" %}
{% set iface_keys = ['hwaddress', 'hostname', 'metric', 'leasehours', 'vendor', 'client' ] %}
{% for key in iface_keys %}
{% if key in config and config[key] %}
{{ key }} {{ config[key] }}
{% endif %}
{% endfor -%}
{% elif config.method == "ppp" %}
{% if (config.provider is defined and config.provider) %}
provider {{ config.provider }}
{% endif %}
{% elif config.method == "wvdial" %}
{% if (config.provider is defined and config.provider) %}
provider {{ config.provider }}
{% endif %}
{% elif config.method == "bootp" %}
{% set iface_keys = ['hwaddr', 'bootfile', 'server'] %}
{% for key in iface_keys %}
{% if key in config and config[key] %}
{{ key }} {{ config[key] }}
{% endif %}
{% endfor -%}
{% endif %}
{# #}
{# subnets #}
{%- if (config.subnets is defined) and (0 < config.subnets | length) %}
# additional subnets
{% for subnet in config.subnets %}
up /sbin/ip addr add {{ subnet }} dev {{ config.device }}
down /sbin/ip addr del {{ subnet }} dev {{ config.device }}
{% endfor %}
{% endif -%}
{# #}
{# bridge settings #}
{%- if config['bridge'] is defined %}
# bridge settings
{% for key in config.bridge %}
bridge_{{ key }} {{ config.bridge[key] }}
{% endfor %}
{% endif -%}
{# #}
{# bond parameters #}
{% set bond_keys = ['master', 'primary', 'slaves', 'mode', 'miimon', 'lacp-rate', 'ad-select', 'downdelay', 'updelay'] %}
{%- if (config.bond is defined) and (bond_keys | intersect(config.bond.keys())) %}
# bond parameters
{% for key in bond_keys %}
{% if key in config.bond %}
bond-{{ key }} {{ config.bond[key] }}
{% endif %}
{% endfor %}
{% endif -%}
{# #}
{# nameservers #}
{%- if (config.nameservers is defined and config.nameservers) or (config.search is defined and config.search) %}
# dns-* options are implemented by the resolvconf package, if installed
# sets entries in /etc/resolv.conf
#
{% endif -%}
{% if config.search is defined and config.search %}
dns-search {{ config.search }}
{% endif -%}
{%- if (config.nameservers is defined) and config.nameservers %}
{% for _ip in config.nameservers %}
dns-nameservers {{ _ip }}
{% endfor %}
{% endif %}
{%- if (config.nameservers is defined and config.nameservers) or (config.search is defined and config.search) %}
{% endif -%}
{# #}
{# vlan #}
{% set vlan_keys = ['raw-device'] %}
{%- if (config.vlan is defined) and (vlan_keys | intersect(config.vlan.keys())) -%}
# vlan
{% for key in vlan_keys %}
{% if key in config.vlan %}
vlan-{{ key }} {{ config.vlan[key] }}
{% endif %}
{% endfor %}
{# #}
{% endif -%}
{# #}
{# hook scripts #}
{% set hook_keys = ['pre-up', 'up', 'post-up', 'pre-down', 'down', 'post-down'] %}
{%- if hook_keys | intersect(config.keys()) %}
# hook scripts
{% for key in hook_keys %}
{% if key in config %}
{% for value in config[key] %}
{{ key }} {{ value }}
{% endfor %}
{% endif %}
{% endfor %}
{% endif %}
{% endfor %}

24
roles/network_interfaces/templates/etc/network/interfaces.j2 Normal file
View File

@ -0,0 +1,24 @@
{{ ansible_managed | comment }}
source /etc/network/interfaces.d/*
#-----------------------------
# lo: loopback
#-----------------------------
auto lo
iface lo inet loopback
{% if network_interfaces_additional_loopback_ip_v4|d() %}
{% for ip in network_interfaces_additional_loopback_ip_v4 %}
up /sbin/ip addr add {{ ip }} dev lo
down /sbin/ip addr del {{ ip }} dev lo
{% endfor %}
{% endif -%}
iface lo inet6 loopback
{% if network_interfaces_additional_loopback_ip_v6|d() %}
{% for ip in network_interfaces_additional_loopback_ip_v6 %}
up /sbin/ip addr add {{ ip }} dev lo
down /sbin/ip addr del {{ ip }} dev lo
{% endfor %}
{% endif %}