From f3b2b68b643d412c63da15a684ccfbef9774ec75 Mon Sep 17 00:00:00 2001
From: Albert Stefanov <aastefanov@outlook.com>
Date: Sat, 4 May 2024 20:16:12 +0300
Subject: [PATCH] Allow configuring network interfaces

---
 .../ansible/group_vars/all/packages.yml       |  2 +-
 .../host_vars/server1/interfaces.yml.example  | 24 +++++++++++
 automation/ansible/lint.sh                    |  2 +-
 .../ansible/roles/common/handlers/main.yml    | 13 ++++--
 .../ansible/roles/common/tasks/interfaces.yml | 31 ++++----------
 .../ansible/roles/common/tasks/main.yml       |  4 ++
 .../ansible/roles/common/tasks/udev.yml       |  4 +-
 .../roles/common/templates/interface.conf.j2  | 41 +++++++++++++++++++
 8 files changed, 90 insertions(+), 31 deletions(-)
 create mode 100644 automation/ansible/host_vars/server1/interfaces.yml.example
 create mode 100644 automation/ansible/roles/common/templates/interface.conf.j2

diff --git a/automation/ansible/group_vars/all/packages.yml b/automation/ansible/group_vars/all/packages.yml
index 2172a19..29270bf 100644
--- a/automation/ansible/group_vars/all/packages.yml
+++ b/automation/ansible/group_vars/all/packages.yml
@@ -5,4 +5,4 @@ global_packages:
     - mtr-tiny
     - traceroute
     - tcpdump
-    - ethtool
\ No newline at end of file
+    - ethtool
diff --git a/automation/ansible/host_vars/server1/interfaces.yml.example b/automation/ansible/host_vars/server1/interfaces.yml.example
new file mode 100644
index 0000000..c44c2c5
--- /dev/null
+++ b/automation/ansible/host_vars/server1/interfaces.yml.example
@@ -0,0 +1,24 @@
+---
+interfaces:
+  xgei0.100:
+    ipv4:
+      method: static
+      address: 192.0.2.2/24
+      nameservers:
+        - 8.8.8.8
+        - 8.8.4.4
+      gateway: 192.0.2.1
+      metric: 500
+    ipv6:
+      method: static
+      address: 2001:db8::2/64
+      nameservers:
+        - 2001:4860:4860::8888
+        - 2001:4860:4860::8844
+      gateway: 2001:db8::1
+      metric: 600
+  xgei0.101:
+    ipv4:
+      method: manual
+    ipv6:
+      method: auto
diff --git a/automation/ansible/lint.sh b/automation/ansible/lint.sh
index db329b7..9ded9b4 100755
--- a/automation/ansible/lint.sh
+++ b/automation/ansible/lint.sh
@@ -1 +1 @@
-ansible-lint roles/*/tasks/main.yml
+ansible-lint roles/*/tasks/main.yml host_vars/**/*.yml group_vars/**/*.yml roles/*/handlers/main.yml
diff --git a/automation/ansible/roles/common/handlers/main.yml b/automation/ansible/roles/common/handlers/main.yml
index 53b486a..45a5ddb 100644
--- a/automation/ansible/roles/common/handlers/main.yml
+++ b/automation/ansible/roles/common/handlers/main.yml
@@ -1,7 +1,14 @@
 ---
-- name: update initramfs
+- name: Restart networking
+  ansible.builtin.service:
+    name: networking
+    state: restarted
+
+- name: Update initramfs
   ansible.builtin.command: "update-initramfs -u"
+  changed_when: true
   # register: restart_required
 
-- name: trigger udev add
-  ansible.builtin.command: "udevadm trigger --action=add"
\ No newline at end of file
+- name: Trigger udev add
+  ansible.builtin.command: "udevadm trigger --action=add"
+  changed_when: true
diff --git a/automation/ansible/roles/common/tasks/interfaces.yml b/automation/ansible/roles/common/tasks/interfaces.yml
index c4781a6..4f4c399 100644
--- a/automation/ansible/roles/common/tasks/interfaces.yml
+++ b/automation/ansible/roles/common/tasks/interfaces.yml
@@ -1,27 +1,10 @@
 ---
-- name: Check whether vlan config is valid
-  ansible.builtin.assert:
-    that:
-      - item.value.name is defined if item.value.type == "eth"
-      - item.value.parent is defined if item.value.type == "vlan"
-      - item.value.parent in interfaces if item.value.parent is defined
-  with_items:
-    - interfaces
-
-- name: Create physical interfaces
-  community.general.interfaces_file:
+- name: Create interface files
+  ansible.builtin.template:
+    src: interface.conf.j2
     dest: "/etc/network/interfaces.d/{{ item.key }}.conf"
-    iface: "{{ item.value.name }}"
+    mode: "644"
   with_items:
-    - interfaces | select(item.value.type != "vlan")
-
-- name: Create vlan interfaces
-  community.general.interfaces_file:
-    dest: "/etc/network/interfaces.d/{{ item.key }}.conf"
-    iface: "{{ interfaces[item.value.parent].name }}.{{ item.value.vlan_id }}"
-  with_items:
-    - interfaces | select(item.value.type == "vlan")
-
-- name: Restart networking
-  ansible.builtin.notify:
-    - restart networking
+    - "{{ interfaces | dict2items }}"
+  notify:
+    - Restart networking
diff --git a/automation/ansible/roles/common/tasks/main.yml b/automation/ansible/roles/common/tasks/main.yml
index 3e310f7..935011c 100644
--- a/automation/ansible/roles/common/tasks/main.yml
+++ b/automation/ansible/roles/common/tasks/main.yml
@@ -30,3 +30,7 @@
 - name: Configure udev rules
   ansible.builtin.include_tasks: udev.yml
   when: udev_rules is defined
+
+- name: Configure network interfaces
+  ansible.builtin.include_tasks: interfaces.yml
+  when: interfaces is defined
diff --git a/automation/ansible/roles/common/tasks/udev.yml b/automation/ansible/roles/common/tasks/udev.yml
index 0d99efe..e95e254 100644
--- a/automation/ansible/roles/common/tasks/udev.yml
+++ b/automation/ansible/roles/common/tasks/udev.yml
@@ -13,5 +13,5 @@
   with_items:
     - "{{ udev_rules | dict2items }}"
   notify:
-    - update initramfs
-    - trigger udev add
+    - Update initramfs
+    - Trigger udev add
diff --git a/automation/ansible/roles/common/templates/interface.conf.j2 b/automation/ansible/roles/common/templates/interface.conf.j2
new file mode 100644
index 0000000..759126e
--- /dev/null
+++ b/automation/ansible/roles/common/templates/interface.conf.j2
@@ -0,0 +1,41 @@
+{% if not(item.shutdown is defined) or not(item.shutdown) %}
+auto {{ item.key }}
+{% endif %}
+
+{% if 'ipv4' in item.value %}
+{%- set props = item.value.ipv4 -%}
+iface {{ item.key }} inet {{ props.method }}
+{% if props.method == 'static' %}
+	address {{ props.address }}
+	{% if 'nameservers' in props -%}
+	dns-nameservers {{ props.nameservers | join(' ') }}
+	{% endif -%}
+	{% if 'gateway' in props -%}
+	{% if not(props.metric is defined) -%}
+	gateway {{ props.gateway }}
+	{% else -%}
+	post-up   /sbin/ip route add default via {{ props.gateway }} dev {{ item.key }} metric {{ props.metric }}
+	post-down /sbin/ip route del default via {{ props.gateway }} dev {{ item.key }} metric {{ props.metric }}
+	{% endif -%}
+	{% endif -%}
+{%- endif %}
+{% endif %}
+
+{% if 'ipv6' in item.value -%}
+{%- set props = item.value.ipv6 -%}
+iface {{ item.key }} inet6 {{ props.method }}
+{% if props.method == 'static' %}
+	address {{ props.address }}
+	{% if 'nameservers' in props -%}
+	dns-nameservers {{ props.nameservers | join(' ') }}
+	{% endif -%}
+	{% if 'gateway' in props -%}
+	{% if not(props.metric is defined) -%}
+	gateway {{ props.gateway }}
+	{% else -%}
+	post-up   /sbin/ip -6 route add default via {{ props.gateway }} dev {{ item.key }} metric {{ props.metric }}
+	post-down /sbin/ip -6 route del default via {{ props.gateway }} dev {{ item.key }} metric {{ props.metric }}
+	{% endif -%}
+	{% endif -%}
+{%- endif %}
+{% endif %}