From 742ab1e5e72c4f7b6678cf586309d6d98d96272d Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 21 Jun 2020 04:11:47 +0200 Subject: further improved network config --- roles/elevate/media/templates/firewall/elevate-festival.sh.j2 | 4 ++-- roles/elevate/media/templates/firewall/lan-only.sh.j2 | 4 ++-- roles/elevate/media/templates/firewall/r3-with-lan.sh.j2 | 4 ++-- roles/elevate/media/templates/netplan/elevate-festival.yaml.j2 | 2 +- roles/elevate/media/templates/netplan/lan-only.yaml.j2 | 2 +- roles/elevate/media/templates/netplan/r3-with-lan.yaml.j2 | 2 +- roles/installer/debian/preseed/tasks/main.yml | 3 +++ .../preseed/templates/preseed_debian-buster-with-raid.cfg.j2 | 4 ++-- .../debian/preseed/templates/preseed_debian-buster.cfg.j2 | 9 ++++++--- .../debian/preseed/templates/preseed_debian-jessie.cfg.j2 | 4 ++-- .../debian/preseed/templates/preseed_debian-stretch.cfg.j2 | 4 ++-- .../debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2 | 4 ++-- .../debian/preseed/templates/preseed_ubuntu-focal.cfg.j2 | 9 ++++++--- .../debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2 | 4 ++-- .../preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 | 4 ++-- .../installer/openbsd/autoinstall/templates/auto_install.conf.j2 | 4 ++-- roles/vm/network/templates/interfaces.j2 | 4 ++-- 17 files changed, 40 insertions(+), 31 deletions(-) (limited to 'roles') diff --git a/roles/elevate/media/templates/firewall/elevate-festival.sh.j2 b/roles/elevate/media/templates/firewall/elevate-festival.sh.j2 index 29873aaa..8cb56cd6 100644 --- a/roles/elevate/media/templates/firewall/elevate-festival.sh.j2 +++ b/roles/elevate/media/templates/firewall/elevate-festival.sh.j2 @@ -16,8 +16,8 @@ FILTER6="$IP6TABLES -t filter" MANGLE6="$IP6TABLES -t mangle" LAN_IF="{{ network.primary.name }}" -LAN_IPADDR="{{ network.primary.ip }}" -LAN_NETMASK="{{ network.primary.mask }}" +LAN_IPADDR="{{ network.primary.prefix | ipaddr('address') }}" +LAN_NETMASK="{{ network.primary.prefix | ipaddr('netmask') }}" EXT_IF="wg-gwhetzner" EXT_IPADDR="192.168.254.2" diff --git a/roles/elevate/media/templates/firewall/lan-only.sh.j2 b/roles/elevate/media/templates/firewall/lan-only.sh.j2 index 07665d62..0ec06ba2 100644 --- a/roles/elevate/media/templates/firewall/lan-only.sh.j2 +++ b/roles/elevate/media/templates/firewall/lan-only.sh.j2 @@ -16,8 +16,8 @@ FILTER6="$IP6TABLES -t filter" MANGLE6="$IP6TABLES -t mangle" LAN_IF="{{ network.primary.name }}" -LAN_IPADDR="{{ network.primary.ip }}" -LAN_NETMASK="{{ network.primary.mask }}" +LAN_IPADDR="{{ network.primary.prefix | ipaddr('address') }}" +LAN_NETMASK="{{ network.primary.prefix | ipaddr('netmask') }}" ######################### diff --git a/roles/elevate/media/templates/firewall/r3-with-lan.sh.j2 b/roles/elevate/media/templates/firewall/r3-with-lan.sh.j2 index 22d91301..c7fe5f6b 100644 --- a/roles/elevate/media/templates/firewall/r3-with-lan.sh.j2 +++ b/roles/elevate/media/templates/firewall/r3-with-lan.sh.j2 @@ -16,8 +16,8 @@ FILTER6="$IP6TABLES -t filter" MANGLE6="$IP6TABLES -t mangle" LAN_IF="{{ network.primary.name }}" -LAN_IPADDR="{{ network.primary.ip }}" -LAN_NETMASK="{{ network.primary.mask }}" +LAN_IPADDR="{{ network.primary.prefix | ipaddr('address') }}" +LAN_NETMASK="{{ network.primary.prefix | ipaddr('netmask') }}" EXT_IF="{{ network.primary.name }}.{{ network_zones.ccinet.vlan }}" EXT_IPADDR="89.106.211.61" diff --git a/roles/elevate/media/templates/netplan/elevate-festival.yaml.j2 b/roles/elevate/media/templates/netplan/elevate-festival.yaml.j2 index db924c20..ef227fed 100644 --- a/roles/elevate/media/templates/netplan/elevate-festival.yaml.j2 +++ b/roles/elevate/media/templates/netplan/elevate-festival.yaml.j2 @@ -3,7 +3,7 @@ network: renderer: networkd ethernets: {{ network.primary.name }}: - addresses: [ {{ (network.primary.ip + '/' + network.primary.mask) | ipaddr('address/prefix') }} ] + addresses: [ {{ network.primary.prefix }} ] gateway4: {{ network.primary.gateway }} accept-ra: false nameservers: diff --git a/roles/elevate/media/templates/netplan/lan-only.yaml.j2 b/roles/elevate/media/templates/netplan/lan-only.yaml.j2 index db924c20..ef227fed 100644 --- a/roles/elevate/media/templates/netplan/lan-only.yaml.j2 +++ b/roles/elevate/media/templates/netplan/lan-only.yaml.j2 @@ -3,7 +3,7 @@ network: renderer: networkd ethernets: {{ network.primary.name }}: - addresses: [ {{ (network.primary.ip + '/' + network.primary.mask) | ipaddr('address/prefix') }} ] + addresses: [ {{ network.primary.prefix }} ] gateway4: {{ network.primary.gateway }} accept-ra: false nameservers: diff --git a/roles/elevate/media/templates/netplan/r3-with-lan.yaml.j2 b/roles/elevate/media/templates/netplan/r3-with-lan.yaml.j2 index 3812e27f..296233f4 100644 --- a/roles/elevate/media/templates/netplan/r3-with-lan.yaml.j2 +++ b/roles/elevate/media/templates/netplan/r3-with-lan.yaml.j2 @@ -3,7 +3,7 @@ network: renderer: networkd ethernets: {{ network.primary.name }}: - addresses: [ {{ (network.primary.ip + '/' + network.primary.mask) | ipaddr('address/prefix') }} ] + addresses: [ {{ network.primary.prefix }} ] accept-ra: false vlans: {{ network.primary.name }}.{{ network_zones.ccinet.vlan }}: diff --git a/roles/installer/debian/preseed/tasks/main.yml b/roles/installer/debian/preseed/tasks/main.yml index aa71335e..46d6a1d9 100644 --- a/roles/installer/debian/preseed/tasks/main.yml +++ b/roles/installer/debian/preseed/tasks/main.yml @@ -29,6 +29,9 @@ copy: dest: "{{ preseed_tmpdir }}/etc/systemd/network/90-namepolicy.link" content: | + [Match] + OriginalName=* + [Link] NamePolicy={{ preseed_force_net_ifnames_policy }} diff --git a/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2 index b92aa1eb..ca4cc37e 100644 --- a/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2 +++ b/roles/installer/debian/preseed/templates/preseed_debian-buster-with-raid.cfg.j2 @@ -16,8 +16,8 @@ d-i netcfg/disable_autoconfig boolean false {% else %} d-i netcfg/disable_dhcp boolean true d-i netcfg/disable_autoconfig boolean true -d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }} -d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }} +d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }} +d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }} d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }} d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }} d-i netcfg/confirm_static boolean true diff --git a/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2 index dd0aa0ab..5b7e12e9 100644 --- a/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2 +++ b/roles/installer/debian/preseed/templates/preseed_debian-buster.cfg.j2 @@ -16,8 +16,8 @@ d-i netcfg/disable_autoconfig boolean false {% else %} d-i netcfg/disable_dhcp boolean true d-i netcfg/disable_autoconfig boolean true -d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }} -d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }} +d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }} +d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }} d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }} d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }} d-i netcfg/confirm_static boolean true @@ -135,7 +135,10 @@ d-i preseed/late_command string \ in-target bash -c "sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces"; \ {% if preseed_force_net_ifnames_policy is defined %} mkdir -p /target/etc/systemd/network; \ - in-target bash -c "echo '[Link]' > /etc/systemd/network/90-namepolicy.link"; \ + in-target bash -c "echo '[Match]' > /etc/systemd/network/90-namepolicy.link"; \ + in-target bash -c "echo 'OriginalName=*' >> /etc/systemd/network/90-namepolicy.link"; \ + in-target bash -c "echo '' >> /etc/systemd/network/90-namepolicy.link"; \ + in-target bash -c "echo '[Link]' >> /etc/systemd/network/90-namepolicy.link"; \ in-target bash -c "echo 'NamePolicy={{ preseed_force_net_ifnames_policy }}' >> /etc/systemd/network/90-namepolicy.link"; \ in-target bash -c "update-initramfs -u"; \ {% endif %} diff --git a/roles/installer/debian/preseed/templates/preseed_debian-jessie.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_debian-jessie.cfg.j2 index 453349db..f4448dbd 100644 --- a/roles/installer/debian/preseed/templates/preseed_debian-jessie.cfg.j2 +++ b/roles/installer/debian/preseed/templates/preseed_debian-jessie.cfg.j2 @@ -16,8 +16,8 @@ d-i netcfg/disable_autoconfig boolean false {% else %} d-i netcfg/disable_dhcp boolean true d-i netcfg/disable_autoconfig boolean true -d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }} -d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }} +d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }} +d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }} d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }} d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }} d-i netcfg/confirm_static boolean true diff --git a/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2 index da33c0f5..0896c569 100644 --- a/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2 +++ b/roles/installer/debian/preseed/templates/preseed_debian-stretch.cfg.j2 @@ -16,8 +16,8 @@ d-i netcfg/disable_autoconfig boolean false {% else %} d-i netcfg/disable_dhcp boolean true d-i netcfg/disable_autoconfig boolean true -d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }} -d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }} +d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }} +d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }} d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }} d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }} d-i netcfg/confirm_static boolean true diff --git a/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2 index ab18b8a2..df3b6e90 100644 --- a/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2 +++ b/roles/installer/debian/preseed/templates/preseed_ubuntu-bionic.cfg.j2 @@ -23,8 +23,8 @@ d-i netcfg/disable_autoconfig boolean false {% else %} d-i netcfg/disable_dhcp boolean true d-i netcfg/disable_autoconfig boolean true -d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }} -d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }} +d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }} +d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }} d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }} d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }} d-i netcfg/confirm_static boolean true diff --git a/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2 index 33cf0738..4b13133c 100644 --- a/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2 +++ b/roles/installer/debian/preseed/templates/preseed_ubuntu-focal.cfg.j2 @@ -23,8 +23,8 @@ d-i netcfg/disable_autoconfig boolean false {% else %} d-i netcfg/disable_dhcp boolean true d-i netcfg/disable_autoconfig boolean true -d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }} -d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }} +d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }} +d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }} d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }} d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }} d-i netcfg/confirm_static boolean true @@ -152,7 +152,10 @@ d-i preseed/late_command string \ in-target bash -c "sed -e 's/^allow-hotplug/auto/' -i /etc/network/interfaces"; \ {% if preseed_force_net_ifnames_policy is defined %} mkdir -p /target/etc/systemd/network; \ - in-target bash -c "echo '[Link]' > /etc/systemd/network/90-namepolicy.link"; \ + in-target bash -c "echo '[Match]' > /etc/systemd/network/90-namepolicy.link"; \ + in-target bash -c "echo 'OriginalName=*' >> /etc/systemd/network/90-namepolicy.link"; \ + in-target bash -c "echo '' >> /etc/systemd/network/90-namepolicy.link"; \ + in-target bash -c "echo '[Link]' >> /etc/systemd/network/90-namepolicy.link"; \ in-target bash -c "echo 'NamePolicy={{ preseed_force_net_ifnames_policy }}' >> /etc/systemd/network/90-namepolicy.link"; \ in-target bash -c "update-initramfs -u"; \ {% endif %} diff --git a/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2 index b86d7523..d84ab9a6 100644 --- a/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2 +++ b/roles/installer/debian/preseed/templates/preseed_ubuntu-xenial.cfg.j2 @@ -20,8 +20,8 @@ d-i netcfg/disable_autoconfig boolean false {% else %} d-i netcfg/disable_dhcp boolean true d-i netcfg/disable_autoconfig boolean true -d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }} -d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }} +d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }} +d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }} d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }} d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }} d-i netcfg/confirm_static boolean true diff --git a/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 b/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 index e20825bf..02efc018 100644 --- a/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 +++ b/roles/installer/debian/preseed/templates/preseed_xubuntu-focal-desktop.cfg.j2 @@ -26,8 +26,8 @@ d-i netcfg/disable_autoconfig boolean false {% else %} d-i netcfg/disable_dhcp boolean true d-i netcfg/disable_autoconfig boolean true -d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.ip }} -d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.mask }} +d-i netcfg/get_ipaddress string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }} +d-i netcfg/get_netmask string {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }} d-i netcfg/get_gateway string {{ hostvars[install_hostname].network_cooked.primary.gateway }} d-i netcfg/get_nameservers string {{ hostvars[install_hostname].network_cooked.nameservers | join(' ') }} d-i netcfg/confirm_static boolean true diff --git a/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2 b/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2 index 6989d7e0..cf15baff 100644 --- a/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2 +++ b/roles/installer/openbsd/autoinstall/templates/auto_install.conf.j2 @@ -4,8 +4,8 @@ Which network interface do you wish to configure = {{ install_interface | defaul {% if 'install_dhcp' in hostvars[install_hostname] and hostvars[install_hostname].install_dhcp %} IPv4 address = dhcp {% else %} -IPv4 address = {{ hostvars[install_hostname].network_cooked.primary.ip }} -Netmask = {{ hostvars[install_hostname].network_cooked.primary.mask }} +IPv4 address = {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('address') }} +Netmask = {{ hostvars[install_hostname].network_cooked.primary.prefix | ipaddr('netmask') }} Default IPv4 route = {{ hostvars[install_hostname].network_cooked.primary.gateway }} {% endif %} DNS domain name = {{ hostvars[install_hostname].network_cooked.domain }} diff --git a/roles/vm/network/templates/interfaces.j2 b/roles/vm/network/templates/interfaces.j2 index 3c151144..70edb1dd 100644 --- a/roles/vm/network/templates/interfaces.j2 +++ b/roles/vm/network/templates/interfaces.j2 @@ -13,8 +13,8 @@ auto {{ interface.name }} iface {{ interface.name }} inet static pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf - address {{ interface.ip }} - netmask {{ interface.mask }} + address {{ interface.prefix | ipaddr('address') }} + netmask {{ interface.prefix | ipaddr('netmask') }} {% if 'overlay' in interface %} up /bin/ip addr add dev $IFACE {{ interface.overlay }}/32 {% if 'gateway' in interface %} -- cgit v1.2.3