---
- block:
    - name: "{{ services_service_name }} : veth : create interface directory hierarchy"
      ansible.builtin.file:
        path: "{{ system_etc_root_directory }}/network/interfaces/{{ item }}"
        state: "directory"
        mode: 0755
      loop:
        - "{{ services_service_iface_name }}"
        - "{{ services_service_iface_name }}/ifup.d"
        - "{{ services_service_iface_name }}/ifdown.d"

    - name: "{{ services_service_name }} : veth : interface up scripts"
      ansible.builtin.template:
        src: "./veth/ifupdown.d/{{ item }}"
        dest: "\
          {{ system_etc_root_directory }}/network/interfaces/\
          {{ services_service_iface_name }}/ifup.d/{{ item }}"
        mode: 0755
      loop:
        - "00-interface"
        - "01-veth0"
      register: services_setup_user_veth_interface_up

    - name: "{{ services_service_name }} : veth : configure interface"
      ansible.builtin.template:
        src: "./veth/interface"
        dest: "/etc/network/interfaces.d/{{ services_service_iface_name }}"
        mode: 0644
      register: services_setup_user_veth_interface_file

    - name: "{{ services_service_name }} : veth : restart interface"
      ansible.builtin.shell: |
        if ip link show dev {{ services_service_iface_name }}
        then
            ifdown {{ services_service_iface_name }} && ifup {{ services_service_iface_name }}
        fi
      when:
        services_setup_user_veth_interface_up.changed or
        services_setup_user_veth_interface_file.changed

    - name: "{{ services_service_name }} : veth : interface down scripts"
      ansible.builtin.template:
        src: "./veth/ifupdown.d/{{ item }}"
        dest: "\
          {{ system_etc_root_directory }}/network/interfaces/\
          {{ services_service_iface_name }}/ifdown.d/{{ item }}"
        mode: 0755
      loop:
        - "00-interface"
        - "01-veth0"
      register: services_setup_user_veth_interface_up

    - name: "{{ services_service_name }} : veth : interface bridge up scripts"
      ansible.builtin.template:
        src: "./veth/bridge-ifupdown.d/90-veth"
        dest: "\
          {{ system_etc_root_directory }}/network/interfaces/\
          {{ services_service_bridge_name }}/{{ item }}/90-{{ services_service_iface_name }}"
        mode: 0755
      loop:
        - "ifup.d"
        - "ifdown.d"

    - name: "{{ services_service_name }} : veth : add ifupdown commands to sudoers"
      community.general.sudoers:
        name: "{{ services_service_iface_name }}"
        state: "present"
        user: "{{ services_service_user_name }}"
        commands:
          - "/usr/sbin/ifup {{ services_service_iface_name }}"
          - "/usr/sbin/ifdown --ignore-errors {{ services_service_iface_name }}"
        nopassword: true

  vars:
    services_service_iface_name: "veth-{{ services_service_name }}"
    services_service_bridge_name: "br0"
    services_service_iface_inet_address: "\
      {{ services_host_services[services_service_name].inet_address }}"
    services_service_iface_inet_prefixlen: 24
    services_service_iface_inet6_address: "\
      {{ services_host_services[services_service_name].inet6_address }}"
    services_service_iface_inet6_prefixlen: 64