Refactor; allow udev rules to be applied from host_vars
This commit is contained in:
parent
ca536c4ee6
commit
d28d667b8d
|
|
@ -1,8 +1,8 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
global_packages:
|
global_packages:
|
||||||
Debian:
|
Debian:
|
||||||
- vim
|
- vim
|
||||||
- mtr-tiny
|
- mtr-tiny
|
||||||
- traceroute
|
- traceroute
|
||||||
- tcpdump
|
- tcpdump
|
||||||
|
- ethtool
|
||||||
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
udev_rules:
|
||||||
|
nic:
|
||||||
|
- 'SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="52:54:00:ce:2a:b2", NAME="xgei0"'
|
||||||
|
- 'SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="52:54:00:74:5b:6e", NAME="xgei1"'
|
||||||
|
|
@ -5,8 +5,15 @@
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
|
|
||||||
- name: Router
|
- name: Set up routers
|
||||||
hosts: routers
|
hosts: routers
|
||||||
roles:
|
roles:
|
||||||
- firewall
|
- firewall
|
||||||
- router
|
- router
|
||||||
|
|
||||||
|
- name: Restart if required
|
||||||
|
hosts: all
|
||||||
|
tasks:
|
||||||
|
- name: Reboot
|
||||||
|
ansible.builtin.reboot:
|
||||||
|
when: restart_required is defined
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
- name: update initramfs
|
||||||
|
ansible.builtin.command: "update-initramfs -u"
|
||||||
|
# register: restart_required
|
||||||
|
|
||||||
|
- name: trigger udev add
|
||||||
|
ansible.builtin.command: "udevadm trigger --action=add"
|
||||||
|
|
@ -0,0 +1,27 @@
|
||||||
|
---
|
||||||
|
- name: Check whether vlan config is valid
|
||||||
|
ansible.builtin.assert:
|
||||||
|
that:
|
||||||
|
- item.value.name is defined if item.value.type == "eth"
|
||||||
|
- item.value.parent is defined if item.value.type == "vlan"
|
||||||
|
- item.value.parent in interfaces if item.value.parent is defined
|
||||||
|
with_items:
|
||||||
|
- interfaces
|
||||||
|
|
||||||
|
- name: Create physical interfaces
|
||||||
|
community.general.interfaces_file:
|
||||||
|
dest: "/etc/network/interfaces.d/{{ item.key }}.conf"
|
||||||
|
iface: "{{ item.value.name }}"
|
||||||
|
with_items:
|
||||||
|
- interfaces | select(item.value.type != "vlan")
|
||||||
|
|
||||||
|
- name: Create vlan interfaces
|
||||||
|
community.general.interfaces_file:
|
||||||
|
dest: "/etc/network/interfaces.d/{{ item.key }}.conf"
|
||||||
|
iface: "{{ interfaces[item.value.parent].name }}.{{ item.value.vlan_id }}"
|
||||||
|
with_items:
|
||||||
|
- interfaces | select(item.value.type == "vlan")
|
||||||
|
|
||||||
|
- name: Restart networking
|
||||||
|
ansible.builtin.notify:
|
||||||
|
- restart networking
|
||||||
|
|
@ -1,7 +1,13 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Add ssh keys for root
|
- name: Add ssh keys for root
|
||||||
ansible.builtin.include_tasks: root_sshkeys.yml
|
ansible.posix.authorized_key:
|
||||||
|
user: root
|
||||||
|
key: "{{ lookup('ansible.builtin.url', item) }}"
|
||||||
|
state: present # Note: we don't remove other/existing keys
|
||||||
|
with_items:
|
||||||
|
- "{{ global_root_ssh_key_urls | default([]) }}"
|
||||||
|
- "{{ root_ssh_keys | default([]) }}"
|
||||||
|
|
||||||
- name: Set hostname
|
- name: Set hostname
|
||||||
ansible.builtin.hostname:
|
ansible.builtin.hostname:
|
||||||
|
|
@ -12,3 +18,15 @@
|
||||||
ansible.builtin.package:
|
ansible.builtin.package:
|
||||||
name: sudo
|
name: sudo
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
|
- name: Install standard packages
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: "{{ item }}"
|
||||||
|
state: present
|
||||||
|
with_items:
|
||||||
|
- "{{ global_packages[ansible_os_family] | default([]) }}"
|
||||||
|
- "{{ local_packages | default([]) }}"
|
||||||
|
|
||||||
|
- name: Configure udev rules
|
||||||
|
ansible.builtin.include_tasks: udev.yml
|
||||||
|
when: udev_rules is defined
|
||||||
|
|
|
||||||
|
|
@ -1,10 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Install standard packages
|
|
||||||
ansible.builtin.package:
|
|
||||||
name: "{{ item }}"
|
|
||||||
state: present
|
|
||||||
with_items: "{{
|
|
||||||
(global_packages[ansible_os_family] | default([])) +
|
|
||||||
(local_packages | default([]))
|
|
||||||
}}"
|
|
||||||
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Add public keys for root
|
|
||||||
ansible.posix.authorized_key:
|
|
||||||
user: root
|
|
||||||
key: "{{ lookup('ansible.builtin.url', item) }}"
|
|
||||||
state: present # Note: we don't remove other/existing keys
|
|
||||||
with_items: "{{
|
|
||||||
(global_root_ssh_key_urls | default([])) +
|
|
||||||
(root_ssh_keys | default([]))
|
|
||||||
}}"
|
|
||||||
|
|
@ -0,0 +1,17 @@
|
||||||
|
---
|
||||||
|
- name: Create /etc/udev/rules.d
|
||||||
|
ansible.builtin.file:
|
||||||
|
name: /etc/udev/rules.d
|
||||||
|
state: directory
|
||||||
|
mode: "755"
|
||||||
|
|
||||||
|
- name: Template out to udev.d
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: udev.rules.j2
|
||||||
|
dest: "/etc/udev/rules.d/{{ item.key }}.rules"
|
||||||
|
mode: "644"
|
||||||
|
with_items:
|
||||||
|
- "{{ udev_rules | dict2items }}"
|
||||||
|
notify:
|
||||||
|
- update initramfs
|
||||||
|
- trigger udev add
|
||||||
|
|
@ -0,0 +1,9 @@
|
||||||
|
{%- if item.value is string -%}
|
||||||
|
{{ item.value }}
|
||||||
|
{%- elif item.value is iterable -%}
|
||||||
|
{% for val in item.value -%}
|
||||||
|
{{ val }}
|
||||||
|
{% endfor -%}
|
||||||
|
{%- else -%}
|
||||||
|
{{ ("udev_rules for " + item.key + " are incorrect")/0 }}
|
||||||
|
{%- endif -%}
|
||||||
Loading…
Reference in New Issue