further improved network config

author: Christian Pointner <equinox@spreadspace.org> 2020-06-21 04:11:47 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2020-06-21 04:11:47 +0200
commit: 742ab1e5e72c4f7b6678cf586309d6d98d96272d (patch)
tree: 2e3b0e54ee28c0b5a8c7849be61ca511d28d4e97 /roles
parent: initial tests with new network config (diff)
17 files changed, 40 insertions, 31 deletions
diff --git a/roles/elevate/media/templates/firewall/elevate-festival.sh.j2 b/roles/elevate/media/templates/firewall/elevate-festival.sh.j2
index 29873aaa..8cb56cd6 100644
--- a/roles/elevate/media/templates/firewall/elevate-festival.sh.j2
+++ b/roles/elevate/media/templates/firewall/elevate-festival.sh.j2
@@ -16,8 +16,8 @@ FILTER6="$IP6TABLES -t filter"
 MANGLE6="$IP6TABLES -t mangle"
 
 LAN_IF="{{ network.primary.name }}"
-LAN_IPADDR="{{ network.primary.ip }}"
-LAN_NETMASK="{{ network.primary.mask }}"
+LAN_IPADDR="{{ network.primary.prefix | ipaddr('address') }}"
+LAN_NETMASK="{{ network.primary.prefix | ipaddr('netmask') }}"
 
 EXT_IF="wg-gwhetzner"
 EXT_IPADDR="192.168.254.2"
diff --git a/roles/elevate/media/templates/firewall/lan-only.sh.j2 b/roles/elevate/media/templates/firewall/lan-only.sh.j2
index 07665d62..0ec06ba2 100644
--- a/roles/elevate/media/templates/firewall/lan-only.sh.j2
+++ b/roles/elevate/media/templates/firewall/lan-only.sh.j2
@@ -16,8 +16,8 @@ FILTER6="$IP6TABLES -t filter"
 MANGLE6="$IP6TABLES -t mangle"
 
 LAN_IF="{{ network.primary.name }}"
-LAN_IPADDR="{{ network.primary.ip }}"
-LAN_NETMASK="{{ network.primary.mask }}"
+LAN_IPADDR="{{ network.primary.prefix | ipaddr('address') }}"
+LAN_NETMASK="{{ network.primary.prefix | ipaddr('netmask') }}"
 
 
 #########################
diff --git a/roles/elevate/media/templates/firewall/r3-with-lan.sh.j2 b/roles/elevate/media/templates/firewall/r3-with-lan.sh.j2
index 22d91301..c7fe5f6b 100644
--- a/roles/elevate/media/templates/firewall/r3-with-lan.sh.j2
+++ b/roles/elevate/media/templates/firewall/r3-with-lan.sh.j2
@@ -16,8 +16,8 @@ FILTER6="$IP6TABLES -t filter"
 MANGLE6="$IP6TABLES -t mangle"
 
 LAN_IF="{{ network.primary.name }}"
-LAN_IPADDR="{{ network.primary.ip }}"
-LAN_NETMASK="{{ network.primary.mask }}"
+LAN_IPADDR="{{ network.primary.prefix | ipaddr('address') }}"
+LAN_NETMASK="{{ network.primary.prefix | ipaddr('netmask') }}"
 
 EXT_IF="{{ network.primary.name }}.{{ network_zones.ccinet.vlan }}"
 EXT_IPADDR="89.106.211.61"
diff --git a/roles/elevate/media/templates/netplan/elevate-festival.yaml.j2 b/roles/elevate/media/templates/netplan/elevate-festival.yaml.j2
index db924c20..ef227fed 100644
--- a/roles/elevate/media/templates/netplan/elevate-festival.yaml.j2
+++ b/roles/elevate/media/templates/netplan/elevate-festival.yaml.j2
@@ -3,7 +3,7 @@ network:
   renderer: networkd
   ethernets:
     {{ network.primary.name }}:
-      addresses: [ {{ (network.primary.ip + '/' + network.primary.mask) | ipaddr('address/prefix') }} ]
+      addresses: [ {{ network.primary.prefix }} ]
       gateway4: {{ network.primary.gateway }}
       accept-ra: false
       nameservers:
diff --git a/roles/elevate/media/templates/netplan/lan-only.yaml.j2 b/roles/elevate/media/templates/netplan/lan-only.yaml.j2
index db924c20..ef227fed 100644
--- a/roles/elevate/media/templates/netplan/lan-only.yaml.j2
+++ b/roles/elevate/media/templates/netplan/lan-only.yaml.j2
@@ -3,7 +3,7 @@ network:
   renderer: networkd
   ethernets:
     {{ network.primary.name }}:
-      addresses: [ {{ (network.primary.ip + '/' + network.primary.mask) | ipaddr('address/prefix') }} ]
+      addresses: [ {{ network.primary.prefix }} ]
       gateway4: {{ network.primary.gateway }}
       accept-ra: false
       nameservers:
diff --git a/roles/elevate/media/templates/netplan/r3-with-lan.yaml.j2 b/roles/elevate/media/templates/netplan/r3-with-lan.yaml.j2
index 3812e27f..296233f4 100644
--- a/roles/elevate/media/templates/netplan/r3-with-lan.yaml.j2
+++ b/roles/elevate/media/templates/netplan/r3-with-lan.yaml.j2
@@ -3,7 +3,7 @@ network:
   renderer: networkd
   ethernets:
     {{ network.primary.name }}:
-      addresses: [ {{ (network.primary.ip + '/' + network.primary.mask) | ipaddr('address/prefix') }} ]
+      addresses: [ {{ network.primary.prefix }} ]
       accept-ra: false
   vlans:
     {{ network.primary.name }}.{{ network_zones.ccinet.vlan }}:
diff --git a/roles/installer/debian/preseed/tasks/main.yml b/roles/installer/debian/preseed/tasks/main.yml
index aa71335e..46d6a1d9 100644
--- a/roles/installer/debian/preseed/tasks/main.yml
+++ b/roles/installer/debian/preseed/tasks/main.yml
@@ -29,6 +29,9 @@
     copy:
       dest: "{{ preseed_tmpdir }}/etc/systemd/network/90-namepolicy.link"
       content: |
+        [Match]
+        OriginalName=*
+
         [Link]
         NamePolicy={{ preseed_force_net_ifnames_policy }}
 
diff --git a/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2
index b92aa1eb..ca4cc37e 100644
--- a/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2
@@ -16,8 +16,8 @@ d-i netcfg/disable_autoconfig boolean false
 {% else %}
 d-i netcfg/disable_dhcp boolean true
 d-i netcfg/disable_autoconfig boolean true
-d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }}
-d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }}
+d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }}
+d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }}
 d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }}
 d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }}
 d-i netcfg/confirm_static boolean true
diff --git a/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2
index dd0aa0ab..5b7e12e9 100644
--- a/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2
@@ -16,8 +16,8 @@ d-i netcfg/disable_autoconfig boolean false
 {% else %}
 d-i netcfg/disable_dhcp boolean true
 d-i netcfg/disable_autoconfig boolean true
-d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }}
-d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }}
+d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }}
+d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }}
 d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }}
 d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }}
 d-i netcfg/confirm_static boolean true
@@ -135,7 +135,10 @@ d-i preseed/late_command string \
     in-target bash -c "sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces"; \
 {% if preseed_force_net_ifnames_policy is defined %}
     mkdir -p /target/etc/systemd/network; \
-    in-target bash -c "echo '[Link]' > /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo '[Match]' > /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo 'OriginalName=*' >> /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo '' >> /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo '[Link]' >> /etc/systemd/network/90-namepolicy.link"; \
     in-target bash -c "echo 'NamePolicy={{ preseed_force_net_ifnames_policy }}' >> /etc/systemd/network/90-namepolicy.link"; \
     in-target bash -c "update-initramfs -u"; \
 {% endif %}
diff --git a/roles/installer/debian/preseed/templates/preseed_debian-jessie.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_debian-jessie.cfg.j2
index 453349db..f4448dbd 100644
--- a/roles/installer/debian/preseed/templates/preseed_debian-jessie.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_debian-jessie.cfg.j2
@@ -16,8 +16,8 @@ d-i netcfg/disable_autoconfig boolean false
 {% else %}
 d-i netcfg/disable_dhcp boolean true
 d-i netcfg/disable_autoconfig boolean true
-d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }}
-d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }}
+d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }}
+d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }}
 d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }}
 d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }}
 d-i netcfg/confirm_static boolean true
diff --git a/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2
index da33c0f5..0896c569 100644
--- a/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2
@@ -16,8 +16,8 @@ d-i netcfg/disable_autoconfig boolean false
 {% else %}
 d-i netcfg/disable_dhcp boolean true
 d-i netcfg/disable_autoconfig boolean true
-d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }}
-d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }}
+d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }}
+d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }}
 d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }}
 d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }}
 d-i netcfg/confirm_static boolean true
diff --git a/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2
index ab18b8a2..df3b6e90 100644
--- a/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2
@@ -23,8 +23,8 @@ d-i netcfg/disable_autoconfig boolean false
 {% else %}
 d-i netcfg/disable_dhcp boolean true
 d-i netcfg/disable_autoconfig boolean true
-d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }}
-d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }}
+d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }}
+d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }}
 d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }}
 d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }}
 d-i netcfg/confirm_static boolean true
diff --git a/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2
index 33cf0738..4b13133c 100644
--- a/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2
@@ -23,8 +23,8 @@ d-i netcfg/disable_autoconfig boolean false
 {% else %}
 d-i netcfg/disable_dhcp boolean true
 d-i netcfg/disable_autoconfig boolean true
-d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }}
-d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }}
+d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }}
+d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }}
 d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }}
 d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }}
 d-i netcfg/confirm_static boolean true
@@ -152,7 +152,10 @@ d-i preseed/late_command string \
     in-target bash -c "sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces"; \
 {% if preseed_force_net_ifnames_policy is defined %}
     mkdir -p /target/etc/systemd/network; \
-    in-target bash -c "echo '[Link]' > /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo '[Match]' > /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo 'OriginalName=*' >> /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo '' >> /etc/systemd/network/90-namepolicy.link"; \
+    in-target bash -c "echo '[Link]' >> /etc/systemd/network/90-namepolicy.link"; \
     in-target bash -c "echo 'NamePolicy={{ preseed_force_net_ifnames_policy }}' >> /etc/systemd/network/90-namepolicy.link"; \
     in-target bash -c "update-initramfs -u"; \
 {% endif %}
diff --git a/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2
index b86d7523..d84ab9a6 100644
--- a/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2
@@ -20,8 +20,8 @@ d-i netcfg/disable_autoconfig boolean false
 {% else %}
 d-i netcfg/disable_dhcp boolean true
 d-i netcfg/disable_autoconfig boolean true
-d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }}
-d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }}
+d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }}
+d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }}
 d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }}
 d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }}
 d-i netcfg/confirm_static boolean true
diff --git a/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2
index e20825bf..02efc018 100644
--- a/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2
+++ b/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2
@@ -26,8 +26,8 @@ d-i netcfg/disable_autoconfig boolean false
 {% else %}
 d-i netcfg/disable_dhcp boolean true
 d-i netcfg/disable_autoconfig boolean true
-d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }}
-d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }}
+d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }}
+d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }}
 d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }}
 d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }}
 d-i netcfg/confirm_static boolean true
diff --git a/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2 b/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2
index 6989d7e0..cf15baff 100644
--- a/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2
+++ b/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2
@@ -4,8 +4,8 @@ Which network interface do you wish to configure = {{ install_interface | defaul
 {% if 'install_dhcp' in hostvars[install_hostname] and hostvars[install_hostname].install_dhcp %}
 IPv4 address = dhcp
 {% else %}
-IPv4 address = {{ hostvars[install_hostname].network_cooked.primary.ip }}
-Netmask = {{ hostvars[install_hostname].network_cooked.primary.mask }}
+IPv4 address = {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }}
+Netmask = {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }}
 Default IPv4 route = {{ hostvars[install_hostname].network_cooked.primary.gateway }}
 {% endif %}
 DNS domain name = {{ hostvars[install_hostname].network_cooked.domain }}
diff --git a/roles/vm/network/templates/interfaces.j2 b/roles/vm/network/templates/interfaces.j2
index 3c151144..70edb1dd 100644
--- a/roles/vm/network/templates/interfaces.j2
+++ b/roles/vm/network/templates/interfaces.j2
@@ -13,8 +13,8 @@ auto {{ interface.name }}
 iface {{ interface.name }} inet static
   pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra
   pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf
-  address {{ interface.ip }}
-  netmask {{ interface.mask }}
+  address {{ interface.prefix | ipaddr('address') }}
+  netmask {{ interface.prefix | ipaddr('netmask') }}
 {%   if 'overlay' in interface %}
   up /bin/ip addr add dev $IFACE {{ interface.overlay }}/32
 {%     if 'gateway' in interface %}
author	Christian Pointner <equinox@spreadspace.org>	2020-06-21 04:11:47 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2020-06-21 04:11:47 +0200
commit	742ab1e5e72c4f7b6678cf586309d6d98d96272d (patch)
tree	2e3b0e54ee28c0b5a8c7849be61ca511d28d4e97 /roles
parent	initial tests with new network config (diff)