ansible-roles/vpn/bridge/tasks/main.yml

---
- name: "post-up nftables scripts"
  ansible.builtin.template:
    src: "./{{ item }}"
    dest: "/usr/local/sbin/{{ item }}"
    mode: 0755
  loop:
    - "post-up-br0-inet.nft"
    - "post-up-br0-ipv4.nft"
    - "post-up-br0-ipv6.nft"
  register: vpn_bridge_post_up_nft

- name: "configure interface"
  ansible.builtin.template:
    src: "./br0"
    dest: "/etc/network/interfaces.d/br0"
    mode: 0644
    validate: >
      bash -c
      'if ! diff %s /etc/network/interfaces.d/br0 && ip link show dev br0 ;
       then
           ifdown br0 ;
       fi'
  register: vpn_bridge_intf

- name: "restart interface"
  ansible.builtin.shell: |
    if ip link show dev br0
    then
        ifdown br0 && ifup br0
    else
        ifup br0
    fi
  when:
    vpn_bridge_post_up_nft.changed or
    vpn_bridge_intf.changed

- name: "pre-down nftables scripts"
  ansible.builtin.copy:
    src: "./{{ item }}"
    dest: "/usr/local/sbin/{{ item }}"
    mode: 0755
  loop:
    - "pre-down-br0-inet.nft"
    - "pre-down-br0-ipv4.nft"
    - "pre-down-br0-ipv6.nft"
Initial commit 2022-12-20 19:47:11 +01:00			`---`
Add IPv6 support to bridges 2023-07-27 23:07:45 +02:00			`- name: "post-up nftables scripts"`
Initial commit 2022-12-20 19:47:11 +01:00			`ansible.builtin.template:`
Add IPv6 support to bridges 2023-07-27 23:07:45 +02:00			`src: "./{{ item }}"`
			`dest: "/usr/local/sbin/{{ item }}"`
Initial commit 2022-12-20 19:47:11 +01:00			`mode: 0755`
Add IPv6 support to bridges 2023-07-27 23:07:45 +02:00			`loop:`
			`- "post-up-br0-inet.nft"`
			`- "post-up-br0-ipv4.nft"`
			`- "post-up-br0-ipv6.nft"`
			`register: vpn_bridge_post_up_nft`
Initial commit 2022-12-20 19:47:11 +01:00
			`- name: "configure interface"`
			`ansible.builtin.template:`
Remove jinja file endings 2023-07-08 09:45:59 +02:00			`src: "./br0"`
Initial commit 2022-12-20 19:47:11 +01:00			`dest: "/etc/network/interfaces.d/br0"`
			`mode: 0644`
			`validate: >`
			`bash -c`
			`'if ! diff %s /etc/network/interfaces.d/br0 && ip link show dev br0 ;`
			`then`
			`ifdown br0 ;`
			`fi'`
			`register: vpn_bridge_intf`

			`- name: "restart interface"`
			`ansible.builtin.shell: \|`
			`if ip link show dev br0`
			`then`
			`ifdown br0 && ifup br0`
			`else`
			`ifup br0`
			`fi`
			`when:`
Add IPv6 support to bridges 2023-07-27 23:07:45 +02:00			`vpn_bridge_post_up_nft.changed or`
Initial commit 2022-12-20 19:47:11 +01:00			`vpn_bridge_intf.changed`

Add IPv6 support to bridges 2023-07-27 23:07:45 +02:00			`- name: "pre-down nftables scripts"`
Initial commit 2022-12-20 19:47:11 +01:00			`ansible.builtin.copy:`
Add IPv6 support to bridges 2023-07-27 23:07:45 +02:00			`src: "./{{ item }}"`
			`dest: "/usr/local/sbin/{{ item }}"`
Initial commit 2022-12-20 19:47:11 +01:00			`mode: 0755`
Add IPv6 support to bridges 2023-07-27 23:07:45 +02:00			`loop:`
			`- "pre-down-br0-inet.nft"`
			`- "pre-down-br0-ipv4.nft"`
			`- "pre-down-br0-ipv6.nft"`