From 91cd5480b5a1ca1103d5e239af3d331477c41c2c Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Tue, 21 Nov 2017 22:28:39 +0100
Subject: initial commit as copy from helsinki ansible repo

---
 roles/vm-network/tasks/lan.yaml          |  6 ++++++
 roles/vm-network/tasks/main.yaml         |  9 +++++++++
 roles/vm-network/tasks/public.yaml       | 33 ++++++++++++++++++++++++++++++++
 roles/vm-network/tasks/systemd-link.yaml | 15 +++++++++++++++
 4 files changed, 63 insertions(+)
 create mode 100644 roles/vm-network/tasks/lan.yaml
 create mode 100644 roles/vm-network/tasks/main.yaml
 create mode 100644 roles/vm-network/tasks/public.yaml
 create mode 100644 roles/vm-network/tasks/systemd-link.yaml

(limited to 'roles/vm-network/tasks')

diff --git a/roles/vm-network/tasks/lan.yaml b/roles/vm-network/tasks/lan.yaml
new file mode 100644
index 00000000..ec436e9b
--- /dev/null
+++ b/roles/vm-network/tasks/lan.yaml
@@ -0,0 +1,6 @@
+---
+- name: install interface config (LAN only)
+  template:
+    src: interfaces_lan.j2
+    dest: /etc/network/interfaces
+    mode: 0644
diff --git a/roles/vm-network/tasks/main.yaml b/roles/vm-network/tasks/main.yaml
new file mode 100644
index 00000000..d41f6eb2
--- /dev/null
+++ b/roles/vm-network/tasks/main.yaml
@@ -0,0 +1,9 @@
+---
+- include: systemd-link.yaml
+  when: srv_network.systemd_link is defined
+
+- include: public.yaml
+  when: srv_network.public is defined
+
+- include: lan.yaml
+  when: srv_network.public is not defined
diff --git a/roles/vm-network/tasks/public.yaml b/roles/vm-network/tasks/public.yaml
new file mode 100644
index 00000000..85a057d8
--- /dev/null
+++ b/roles/vm-network/tasks/public.yaml
@@ -0,0 +1,33 @@
+---
+- name: set routing table names
+  with_items:
+    - { 'regexp': '^89\s',  'line': '89      mur-default' }
+    - { 'regexp': '^212\s', 'line': '212     upc-default' }
+  lineinfile:
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+    dest: /etc/iproute2/rt_tables
+
+- name: calculate address lists
+  set_fact:
+    srv_network_public_firewall_ipv4:
+      - "{{ srv_network.public.ip_mur }}"
+      - "{{ srv_network.public.ip_upc }}"
+    srv_network_public_firewall_ipv6:
+      - "{{ srv_network.public.ip_mur6 }}"
+
+- name: install firewall scripts
+  with_items:
+    - 4
+    - 6
+  template:
+    src: firewall.sh_public.j2
+    dest: "/etc/network/firewall{{ item }}.sh"
+    mode: 0755
+  when: srv_network.public.firewall is defined
+
+- name: install interface config (Public)
+  template:
+    src: interfaces_public.j2
+    dest: /etc/network/interfaces
+    mode: 0644
diff --git a/roles/vm-network/tasks/systemd-link.yaml b/roles/vm-network/tasks/systemd-link.yaml
new file mode 100644
index 00000000..eb52474a
--- /dev/null
+++ b/roles/vm-network/tasks/systemd-link.yaml
@@ -0,0 +1,15 @@
+---
+- name: remove legacy systemd.link units
+  file:
+    name: "/etc/systemd/network/{{ item }}"
+    state: absent
+  with_items:
+    - 50-virtio-kernel-names.link
+    - 99-default.link
+
+- name: install systemd network link units
+  template:
+    src: systemd.link.j2
+    dest: "/etc/systemd/network/{{ '%02d' | format(item.idx + 10) }}-{{ item.name }}.link"
+  with_items: "{{ srv_network.systemd_link.interfaces }}"
+  notify: rebuild initramfs
-- 
cgit v1.2.3