ansible-roles/vpn/bridge/tasks/main.yml

66 lines
1.7 KiB
YAML

---
- name: "create interface directory hierarchy"
ansible.builtin.file:
path: "{{ system_etc_root_directory }}/network/interfaces/{{ item }}"
state: "directory"
mode: 0755
loop:
- "br0"
- "br0/ifup.d"
- "br0/ifdown.d"
- "br0/nftables"
- name: "nftables up script"
ansible.builtin.template:
src: "./nftables/up.nft"
dest: "{{ system_etc_root_directory }}/network/interfaces/br0/nftables/up.nft"
mode: 0644
register: vpn_bridge_nftables_up
- name: "interface up scripts"
ansible.builtin.template:
src: "./ifupdown.d/{{ item }}"
dest: "{{ system_etc_root_directory }}/network/interfaces/br0/ifup.d/{{ item }}"
mode: 0755
loop:
- "00-interface"
- "10-nftables"
- "20-routes"
register: vpn_bridge_interface_up
- name: "configure interface"
ansible.builtin.copy:
src: "./br0"
dest: "/etc/network/interfaces.d/br0"
mode: 0644
register: vpn_bridge_interface_file
- name: "restart interface"
ansible.builtin.shell: |
if ip link show dev br0
then
ifdown br0 && ifup br0
else
ifup br0
fi
when:
vpn_bridge_nftables_up.changed or
vpn_bridge_interface_up.changed or
vpn_bridge_interface_file.changed
- name: "nftables down script"
ansible.builtin.template:
src: "./nftables/down.nft"
dest: "{{ system_etc_root_directory }}/network/interfaces/br0/nftables/down.nft"
mode: 0644
- name: "interface down scripts"
ansible.builtin.template:
src: "./ifupdown.d/{{ item }}"
dest: "{{ system_etc_root_directory }}/network/interfaces/br0/ifdown.d/{{ item }}"
mode: 0755
loop:
- "00-interface"
- "10-nftables"
- "20-routes"