diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2020-07-20 23:26:25 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2020-07-20 23:26:25 +0200 |
| commit | e60581e1c8adeb7363c0c00d272db898d64dad51 (patch) | |
| tree | 06dd8a71421ebd17ceb544702c3f37e67a23d5c3 /roles/vm/host/network/templates/bridge-interfaces.j2 | |
| parent | vm/guest/network: simplify template (diff) | |
vm/host network using ifconfig includes
Diffstat (limited to 'roles/vm/host/network/templates/bridge-interfaces.j2')
| -rw-r--r-- | roles/vm/host/network/templates/bridge-interfaces.j2 | 44 |
1 files changed, 19 insertions, 25 deletions
diff --git a/roles/vm/host/network/templates/bridge-interfaces.j2 b/roles/vm/host/network/templates/bridge-interfaces.j2 index c0519737..4d80db4c 100644 --- a/roles/vm/host/network/templates/bridge-interfaces.j2 +++ b/roles/vm/host/network/templates/bridge-interfaces.j2 @@ -2,46 +2,40 @@ {% set bridge = item.value %} {% set interface = (network.interfaces | selectattr('name', 'eq', bridge_name) | first | default({})) %} auto {{ bridge_name }} -{% if 'address' in interface %} -iface {{ bridge_name }} inet static - address {{ interface.address | ipaddr('address') }} - netmask {{ interface.address | ipaddr('netmask') }} -{% if 'gateway' in interface %} - gateway {{ interface.gateway }} -{% endif %} -{% else %} -iface {{ bridge_name }} inet manual -{% endif %} -{% if 'interfaces' in bridge and (bridge.interfaces | length) > 0 %} - bridge_ports {{ bridge.interfaces | join(' ') }} -{% else %} - bridge_ports none -{% endif %} +iface {{ bridge_name }} inet {{ ('address' in interface) | ternary('static', 'manual') }} + up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra + up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf + bridge_ports {{ bridge.interfaces | default(['none']) | join(' ') }} bridge_stp off bridge_waitport 0 bridge_fd 0 - up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra - up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf up modprobe br_netfilter up /sbin/sysctl net.bridge.bridge-nf-call-iptables=0 up /sbin/sysctl net.bridge.bridge-nf-call-ip6tables=0 up /sbin/sysctl net.bridge.bridge-nf-call-arptables=0 -{% if 'address' in interface and 'prefix' in bridge %} -{% if 'nat' in bridge and bridge.nat %} +{% if 'address' in interface %} + address {{ interface.address | ipaddr('address') }} + netmask {{ interface.address | ipaddr('netmask') }} +{% if 'gateway' in interface %} + gateway {{ interface.gateway }} +{% endif %} +{% if 'prefix' in bridge %} +{% if 'nat' in bridge and bridge.nat %} up echo 1 > /proc/sys/net/ipv4/conf/$IFACE/forwarding up echo 1 > /proc/sys/net/ipv4/conf/{{ ansible_default_ipv4.interface }}/forwarding up /sbin/iptables -t nat -A POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }} -{% endif %} -{% for overlay_name in (bridge.overlays | default({}) | list | sort) %} +{% endif %} +{% for overlay_name in (bridge.overlays | default({}) | list | sort) %} {% set overlay = bridge.overlays[overlay_name] %} -{% for dest, offset in (overlay.offsets | dictsort(by='value')) %} +{% for dest, offset in (overlay.offsets | dictsort(by='value')) %} up /bin/ip route add {{ (overlay.prefix | ipaddr(offset)).split('/')[0] }}/32 via {{ (bridge.prefix | ipaddr(bridge.offsets[dest])).split('/')[0] }} # {{ dest }} -{% endfor %} +{% endfor %} up /bin/ip route add unreachable {{ overlay.prefix }} down /sbin/ip route del {{ overlay.prefix }} -{% endfor %} -{% if 'nat' in bridge and bridge.nat %} +{% endfor %} +{% if 'nat' in bridge and bridge.nat %} down /sbin/iptables -t nat -D POSTROUTING -o {{ ansible_default_ipv4.interface }} -s {{ bridge.prefix }} -j SNAT --to {{ ansible_default_ipv4.address }} +{% endif %} {% endif %} {% endif %} {% if 'address6' in interface %} |