--- /dev/null
+---
+# Restart networking
+- name: restart networking
+ service:
+ name: network
+ state: restarted
tags:
- packages
+# Configure networking
+- include: network.yml
+ tags:
+ - networking
+
- name: Ensure data directory exists
file:
path: "{{ openvpn_data_dir }}"
--- /dev/null
+---
+- name: Write ifcfg scripts
+ template:
+ src: ifcfg.j2
+ dest: "/etc/sysconfig/network-scripts/ifcfg-{{ item.value.ifname }}"
+ with_dict: "{{ gw_networks }}"
+ register: interfaces
+
+# Restart networking right away if changes made. This makes sure
+# the public interface is up and ready for OpenVPN to bind to.
+- name: Restart networking
+ service:
+ name: network
+ state: restarted
+ when: interfaces.changed
+
+- name: Write resolv.conf
+ template:
+ src: resolvconf.j2
+ dest: "/etc/resolv.conf"
+
+- name: Disable IPv6
+ sysctl:
+ name: net.ipv6.conf.all.disable_ipv6
+ value: 1
+ sysctl_set: yes
+ state: present
+ reload: yes
+
+- name: Enable IPv4 forwarding
+ sysctl:
+ name: net.ipv4.ip_forward
+ value: 1
+ sysctl_set: yes
+ state: present
+ reload: yes
--- /dev/null
+#
+# {{ ansible_managed }}
+#
+NAME="{{ item.key }}"
+DEVICE="{{ item.value.ifname }}"
+HWADDR="{{ item.value.mac }}"
+NM_CONTROLLED="no"
+ONBOOT="yes"
+BOOTPROTO="static"
+IPADDR="{{ item.value.ip4 }}"
+NETMASK="{{ item.value.netmask }}"
+GATEWAY="{{ item.value.gw4 }}"
+DEFROUTE="{{ item.value.defroute }}"
+
+# Optional values
+{% if item.value.search is defined %}
+SEARCH="{{ item.value.search }}"
+{% endif %}
+{% if item.value.peerdns is defined %}
+PEERDNS="{{ item.value.peerdns }}"
+{% endif %}
+{% if item.value.dns1 is defined %}
+DNS1="{{ item.value.dns1 }}"
+{% endif %}
+{% if item.value.dns2 is defined %}
+DNS2="{{ item.value.dns2 }}"
+{% endif %}
--- /dev/null
+#
+# {{ ansible_managed }}
+#
+search {{ gw_resolv_search }}
+{% for nameserver in gw_resolv_ns %}
+nameserver {{ nameserver }}
+{% endfor %}
projects / ceph-cm-ansible.git / commitdiff