diff options
author | Christian Pointner <equinox@spreadspace.org> | 2020-07-21 00:20:24 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2020-07-21 00:20:24 +0200 |
commit | 0ab459a63c0a083a45dc21c781729d7ff770d6b4 (patch) | |
tree | 06dd8a71421ebd17ceb544702c3f37e67a23d5c3 /roles/vm/host/network/templates/bridge-interfaces.j2 | |
parent | Merge branch 'topic/installer-again' (diff) | |
parent | vm/host network using ifconfig includes (diff) |
Merge branch 'topic/network-overlays-exteneded'
Diffstat (limited to 'roles/vm/host/network/templates/bridge-interfaces.j2')
-rw-r--r-- | roles/vm/host/network/templates/bridge-interfaces.j2 | 49 |
1 files changed, 22 insertions, 27 deletions
diff --git a/roles/vm/host/network/templates/bridge-interfaces.j2 b/roles/vm/host/network/templates/bridge-interfaces.j2 index 05144430..4d80db4c 100644 --- a/roles/vm/host/network/templates/bridge-interfaces.j2 +++ b/roles/vm/host/network/templates/bridge-interfaces.j2 @@ -2,45 +2,40 @@ {% set bridge = item.value %} {% set interface = (network.interfaces | selectattr('name', 'eq', bridge_name) | first | default({})) %} auto {{ bridge_name }} -{% if 'address' in interface %} -iface {{ bridge_name }} inet static - address {{ interface.address | ipaddr('address') }} - netmask {{ interface.address | ipaddr('netmask') }} -{% if 'gateway' in interface %} - gateway {{ interface.gateway }} -{% endif %} -{% else %} -iface {{ bridge_name }} inet manual -{% endif %} -{% if 'interfaces' in bridge and (bridge.interfaces | length) > 0 %} - bridge_ports {{ bridge.interfaces | join(' ') }} -{% else %} - bridge_ports none -{% endif %} +iface {{ bridge_name }} inet {{ ('address' in interface) | ternary('static', 'manual') }} + up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra + up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf + bridge_ports {{ bridge.interfaces | default(['none']) | join(' ') }} bridge_stp off bridge_waitport 0 bridge_fd 0 - up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra - up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf up modprobe br_netfilter up /sbin/sysctl net.bridge.bridge-nf-call-iptables=0 up /sbin/sysctl net.bridge.bridge-nf-call-ip6tables=0 up /sbin/sysctl net.bridge.bridge-nf-call-arptables=0 -{% if 'address' in interface and 'prefix' in bridge %} -{% if 'nat' in bridge and bridge.nat %} +{% if 'address' in interface %} + address {{ interface.address | ipaddr('address') }} + netmask {{ interface.address | ipaddr('netmask') }} +{% if 'gateway' in interface %} + gateway {{ interface.gateway }} +{% endif %} +{% if 'prefix' in bridge %} +{% if 'nat' in bridge and bridge.nat %} up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }} -{% endif %} -{% if 'overlay' in bridge %} -{% for dest, offset in (bridge.overlay.offsets | dictsort(by='value')) %} - up /bin/ip route add {{ (bridge.overlay.prefix | ipaddr(offset)).split('/')[0] }}/32 via {{ (bridge.prefix | ipaddr(bridge.offsets[dest])).split('/')[0] }} # {{ dest }} +{% endif %} +{% for overlay_name in (bridge.overlays | default({}) | list | sort) %} +{% set overlay = bridge.overlays[overlay_name] %} +{% for dest, offset in (overlay.offsets | dictsort(by='value')) %} + up /bin/ip route add {{ (overlay.prefix | ipaddr(offset)).split('/')[0] }}/32 via {{ (bridge.prefix | ipaddr(bridge.offsets[dest])).split('/')[0] }} # {{ dest }} +{% endfor %} + up /bin/ip route add unreachable {{ overlay.prefix }} + down /sbin/ip route del {{ overlay.prefix }} {% endfor %} - up /bin/ip route add unreachable {{ bridge.overlay.prefix }} - down /sbin/ip route del {{ bridge.overlay.prefix }} -{% endif %} -{% if 'nat' in bridge and bridge.nat %} +{% if 'nat' in bridge and bridge.nat %} down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }} +{% endif %} {% endif %} {% endif %} {% if 'address6' in interface %} |