ansible-roles/vpn/bridge/tasks/main.yml

---
- name: "create interface directory hierarchy"
  ansible.builtin.file:
    path: "{{ system_etc_root_directory }}/network/interfaces/{{ item }}"
    state: "directory"
    mode: 0755
  loop:
    - "br0"
    - "br0/ifup.d"
    - "br0/ifdown.d"
    - "br0/nftables"

- name: "nftables up script"
  ansible.builtin.template:
    src: "./nftables/up.nft"
    dest: "{{ system_etc_root_directory }}/network/interfaces/br0/nftables/up.nft"
    mode: 0644
  register: vpn_bridge_nftables_up

- name: "interface up scripts"
  ansible.builtin.template:
    src: "./ifupdown.d/{{ item }}"
    dest: "{{ system_etc_root_directory }}/network/interfaces/br0/ifup.d/{{ item }}"
    mode: 0755
  loop:
    - "00-interface"
    - "10-nftables"
    - "20-routes"
  register: vpn_bridge_interface_up

- name: "configure interface"
  ansible.builtin.copy:
    src: "./br0"
    dest: "/etc/network/interfaces.d/br0"
    mode: 0644
  register: vpn_bridge_interface_file

- name: "restart interface"
  ansible.builtin.shell: |
    if ip link show dev br0
    then
        ifdown br0 && ifup br0
    else
        ifup br0
    fi
  when:
    vpn_bridge_nftables_up.changed or
    vpn_bridge_interface_up.changed or
    vpn_bridge_interface_file.changed

- name: "nftables down script"
  ansible.builtin.template:
    src: "./nftables/down.nft"
    dest: "{{ system_etc_root_directory }}/network/interfaces/br0/nftables/down.nft"
    mode: 0644

- name: "interface down scripts"
  ansible.builtin.template:
    src: "./ifupdown.d/{{ item }}"
    dest: "{{ system_etc_root_directory }}/network/interfaces/br0/ifdown.d/{{ item }}"
    mode: 0755
  loop:
    - "00-interface"
    - "10-nftables"
    - "20-routes"
Initial commit 2022-12-20 19:47:11 +01:00			`---`
Move bridge setup to iproute2 2023-08-10 16:34:04 +02:00			`- name: "create interface directory hierarchy"`
			`ansible.builtin.file:`
			`path: "{{ system_etc_root_directory }}/network/interfaces/{{ item }}"`
			`state: "directory"`
			`mode: 0755`
			`loop:`
			`- "br0"`
			`- "br0/ifup.d"`
			`- "br0/ifdown.d"`
			`- "br0/nftables"`

			`- name: "nftables up script"`
Initial commit 2022-12-20 19:47:11 +01:00			`ansible.builtin.template:`
Move bridge setup to iproute2 2023-08-10 16:34:04 +02:00			`src: "./nftables/up.nft"`
			`dest: "{{ system_etc_root_directory }}/network/interfaces/br0/nftables/up.nft"`
			`mode: 0644`
			`register: vpn_bridge_nftables_up`

			`- name: "interface up scripts"`
			`ansible.builtin.template:`
			`src: "./ifupdown.d/{{ item }}"`
			`dest: "{{ system_etc_root_directory }}/network/interfaces/br0/ifup.d/{{ item }}"`
Initial commit 2022-12-20 19:47:11 +01:00			`mode: 0755`
Add IPv6 support to bridges 2023-07-27 23:07:45 +02:00			`loop:`
Move bridge setup to iproute2 2023-08-10 16:34:04 +02:00			`- "00-interface"`
			`- "10-nftables"`
			`- "20-routes"`
			`register: vpn_bridge_interface_up`
Initial commit 2022-12-20 19:47:11 +01:00
			`- name: "configure interface"`
Move bridge setup to iproute2 2023-08-10 16:34:04 +02:00			`ansible.builtin.copy:`
Remove jinja file endings 2023-07-08 09:45:59 +02:00			`src: "./br0"`
Initial commit 2022-12-20 19:47:11 +01:00			`dest: "/etc/network/interfaces.d/br0"`
			`mode: 0644`
Move bridge setup to iproute2 2023-08-10 16:34:04 +02:00			`register: vpn_bridge_interface_file`
Initial commit 2022-12-20 19:47:11 +01:00
			`- name: "restart interface"`
			`ansible.builtin.shell: \|`
			`if ip link show dev br0`
			`then`
			`ifdown br0 && ifup br0`
			`else`
			`ifup br0`
			`fi`
			`when:`
Move bridge setup to iproute2 2023-08-10 16:34:04 +02:00			`vpn_bridge_nftables_up.changed or`
			`vpn_bridge_interface_up.changed or`
			`vpn_bridge_interface_file.changed`
Initial commit 2022-12-20 19:47:11 +01:00
Move bridge setup to iproute2 2023-08-10 16:34:04 +02:00			`- name: "nftables down script"`
			`ansible.builtin.template:`
			`src: "./nftables/down.nft"`
			`dest: "{{ system_etc_root_directory }}/network/interfaces/br0/nftables/down.nft"`
			`mode: 0644`

			`- name: "interface down scripts"`
			`ansible.builtin.template:`
			`src: "./ifupdown.d/{{ item }}"`
			`dest: "{{ system_etc_root_directory }}/network/interfaces/br0/ifdown.d/{{ item }}"`
Initial commit 2022-12-20 19:47:11 +01:00			`mode: 0755`
Add IPv6 support to bridges 2023-07-27 23:07:45 +02:00			`loop:`
Move bridge setup to iproute2 2023-08-10 16:34:04 +02:00			`- "00-interface"`
			`- "10-nftables"`
			`- "20-routes"`