ansible-edda/plays/vpn/roles/bridge/tasks/include/br0.yml

- name: "br0 : post-up nftables inet script"
  ansible.builtin.template:
    src: "./br0/post-up-br0-inet.nft.j2"
    dest: "/usr/local/sbin/post-up-br0-inet.nft"
    mode: 0755
  register: vpn_bridge_post_up_br0_inet_nft

- name: "br0 : post-up nftables ipv4 script"
  ansible.builtin.template:
    src: "./br0/post-up-br0-ipv4.nft.j2"
    dest: "/usr/local/sbin/post-up-br0-ipv4.nft"
    mode: 0755
  register: vpn_bridge_post_up_br0_ipv4_nft

- name: "br0 : configure interface"
  ansible.builtin.template:
    src: "./br0/br0.j2"
    dest: "/etc/network/interfaces.d/br0"
    mode: 0644
    validate: >
      bash -c
      'if ! diff %s /etc/network/interfaces.d/br0 && ip link show dev br0 ;
       then
           ifdown br0 ;
       fi'
  register: vpn_bridge_br0_conf

- name: "br0 : restart interface"
  ansible.builtin.shell: |
    if ip link show dev br0
    then
        ifdown br0 && ifup br0
    else
        ifup br0
    fi
  when:
    vpn_bridge_post_up_br0_inet_nft.changed or
    vpn_bridge_post_up_br0_ipv4_nft.changed or
    vpn_bridge_br0_conf.changed

- name: "br0 : pre-down nftables inet script"
  ansible.builtin.copy:
    src: "./br0/pre-down-br0-inet.nft"
    dest: "/usr/local/sbin/pre-down-br0-inet.nft"
    mode: 0755

- name: "br0 : pre-down nftables ipv4 script"
  ansible.builtin.copy:
    src: "./br0/pre-down-br0-ipv4.nft"
    dest: "/usr/local/sbin/pre-down-br0-ipv4.nft"
    mode: 0755
Add vpn:bridge:br0 2022-12-08 23:27:25 +01:00			`- name: "br0 : post-up nftables inet script"`
			`ansible.builtin.template:`
			`src: "./br0/post-up-br0-inet.nft.j2"`
			`dest: "/usr/local/sbin/post-up-br0-inet.nft"`
Set up VPN network 2022-09-24 00:15:46 +02:00			`mode: 0755`
Add vpn:bridge:br0 2022-12-08 23:27:25 +01:00			`register: vpn_bridge_post_up_br0_inet_nft`
Make VPN configuration more robust 2022-09-25 16:00:40 +02:00
Add vpn:bridge:br0 2022-12-08 23:27:25 +01:00			`- name: "br0 : post-up nftables ipv4 script"`
			`ansible.builtin.template:`
			`src: "./br0/post-up-br0-ipv4.nft.j2"`
			`dest: "/usr/local/sbin/post-up-br0-ipv4.nft"`
Make VPN configuration more robust 2022-09-25 16:00:40 +02:00			`mode: 0755`
Add vpn:bridge:br0 2022-12-08 23:27:25 +01:00			`register: vpn_bridge_post_up_br0_ipv4_nft`
Set up VPN network 2022-09-24 00:15:46 +02:00
Add vpn:bridge:br0 2022-12-08 23:27:25 +01:00			`- name: "br0 : configure interface"`
			`ansible.builtin.template:`
			`src: "./br0/br0.j2"`
			`dest: "/etc/network/interfaces.d/br0"`
Set up VPN network 2022-09-24 00:15:46 +02:00			`mode: 0644`
Playbooks to deploy pod-rproxy and pod-www 2022-09-26 23:10:48 +02:00			`validate: >`
			`bash -c`
			`'if ! diff %s /etc/network/interfaces.d/br0 && ip link show dev br0 ;`
			`then`
			`ifdown br0 ;`
			`fi'`
Add vpn:bridge:br0 2022-12-08 23:27:25 +01:00			`register: vpn_bridge_br0_conf`
Set up gitea port forwarding 2022-11-15 23:01:51 +01:00
Add vpn:bridge:br0 2022-12-08 23:27:25 +01:00			`- name: "br0 : restart interface"`
			`ansible.builtin.shell: \|`
			`if ip link show dev br0`
			`then`
			`ifdown br0 && ifup br0`
			`else`
			`ifup br0`
			`fi`
Set up VPN network 2022-09-24 00:15:46 +02:00			`when:`
Add vpn:bridge:br0 2022-12-08 23:27:25 +01:00			`vpn_bridge_post_up_br0_inet_nft.changed or`
			`vpn_bridge_post_up_br0_ipv4_nft.changed or`
			`vpn_bridge_br0_conf.changed`
Set up VPN network 2022-09-24 00:15:46 +02:00
Add vpn:bridge:br0 2022-12-08 23:27:25 +01:00			`- name: "br0 : pre-down nftables inet script"`
			`ansible.builtin.copy:`
			`src: "./br0/pre-down-br0-inet.nft"`
			`dest: "/usr/local/sbin/pre-down-br0-inet.nft"`
Make VPN configuration more robust 2022-09-25 16:00:40 +02:00			`mode: 0755`

Add vpn:bridge:br0 2022-12-08 23:27:25 +01:00			`- name: "br0 : pre-down nftables ipv4 script"`
			`ansible.builtin.copy:`
			`src: "./br0/pre-down-br0-ipv4.nft"`
			`dest: "/usr/local/sbin/pre-down-br0-ipv4.nft"`
Set up VPN network 2022-09-24 00:15:46 +02:00			`mode: 0755`