ansible-edda/plays/vpn/roles/bridge/tasks/include/br0.yml
2022-12-08 20:29:04 +01:00

55 lines
1.7 KiB
YAML

- name: Bridge interface post-up nftables inet script
template:
src: ./filesystem/{{ ansible_hostname }}/usr/local/sbin/post-up-br0-inet.nft.j2
dest: /usr/local/sbin/post-up-br0-inet.nft
mode: 0755
register: br_intf_post_up_inet
- name: Bridge interface post-up nftables ipv4 script
template:
src: ./filesystem/{{ ansible_hostname }}/usr/local/sbin/post-up-br0-ipv4.nft.j2
dest: /usr/local/sbin/post-up-br0-ipv4.nft
mode: 0755
register: br_intf_post_up_ipv4
- name: Create bridge interface
template:
src: ./filesystem/{{ ansible_hostname }}/etc/network/interfaces.d/br0.j2
dest: /etc/network/interfaces.d/br0
mode: 0644
validate: >
bash -c
'if ! diff %s /etc/network/interfaces.d/br0 && ip link show dev br0 ;
then
ifdown br0 ;
fi'
register: br_intf
- block:
- name: Restart bridge interface
shell: if ip link show dev br0 ; then ifdown br0 && ifup br0 ; else ifup br0 ; fi
- name: Reconnect all services
systemd:
name: connect-pod-service@{{ item }}.service
state: started
with_items:
- "{{ host_services }}"
when:
br_intf_post_up_inet is changed or
br_intf_post_up_ipv4 is changed or
br_intf is changed
- name: Bridge interface pre-down nftables inet script
template:
src: ./filesystem/{{ ansible_hostname }}/usr/local/sbin/pre-down-br0-inet.nft.j2
dest: /usr/local/sbin/pre-down-br0-inet.nft
mode: 0755
- name: Bridge interface pre-down nftables ipv4 script
template:
src: ./filesystem/{{ ansible_hostname }}/usr/local/sbin/pre-down-br0-ipv4.nft.j2
dest: /usr/local/sbin/pre-down-br0-ipv4.nft
mode: 0755