ansible
/
xoxys.network
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: ansible:main
Branches Tags
ansible:main
ansible:docs
...
pull from: ansible:docs
Branches Tags
ansible:main
ansible:docs

No commits in common. "main" and "docs" have entirely different histories.
main ... docs

22 changed files with 183 additions and 436 deletions
Show Stats Expand all files Collapse all files

11
.gitignore vendored
View File

@ -1,11 +0,0 @@
# ---> Ansible
*.retry
plugins
library
# ---> Python
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class

15
.later.yml
View File

@ -1,15 +0,0 @@
---
ansible:
custom_modules:
- iptables_raw
- openssl_pkcs12
- proxmox_kvm
- ucr
- corenetworks_dns
- corenetworks_token
rules:
exclude_files:
- "LICENSE*"
- "**/*.md"
- "**/*.ini"

7
.markdownlint.yml
View File

@ -1,7 +0,0 @@
---
default: True
MD013: False
MD041: False
MD024: False
MD004:
style: dash

1
.prettierignore
View File

@ -1 +0,0 @@
LICENSE

47
.woodpecker/docs.yaml
View File

@ -1,47 +0,0 @@
---
when:
- event: [pull_request]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
steps:
- name: generate
image: quay.io/thegeeklab/ansible-doctor
environment:
ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/
ANSIBLE_DOCTOR_FORCE_OVERWRITE: "true"
ANSIBLE_DOCTOR_LOG_LEVEL: INFO
ANSIBLE_DOCTOR_ROLE_NAME: ${CI_REPO_NAME}
ANSIBLE_DOCTOR_TEMPLATE: readme
- name: format
image: quay.io/thegeeklab/alpine-tools
commands:
- prettier -w README.md
- name: diff
image: quay.io/thegeeklab/alpine-tools
commands:
- git diff --color=always README.md
- name: publish
image: quay.io/thegeeklab/wp-git-action
settings:
action:
- commit
- push
author_email: ci-bot@rknet.org
author_name: ci-bot
branch: main
message: "[skip ci] automated docs update"
netrc_machine: gitea.rknet.org
netrc_password:
from_secret: gitea_token
when:
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
depends_on:
- lint

30
.woodpecker/lint.yaml
View File

@ -1,30 +0,0 @@
---
when:
- event: [pull_request, tag]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
steps:
- name: ansible-later
image: quay.io/thegeeklab/ansible-later:4
commands:
- ansible-later
environment:
FORCE_COLOR: "1"
- name: python-format
image: docker.io/python:3.12
commands:
- pip install -qq ruff
- ruff format --check --diff .
environment:
PY_COLORS: "1"
- name: python-lint
image: docker.io/python:3.12
commands:
- pip install -qq ruff
- ruff .
environment:
PY_COLORS: "1"

26
.woodpecker/notify.yml
View File

@ -1,26 +0,0 @@
---
when:
- event: [tag]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
runs_on: [success, failure]
steps:
- name: matrix
image: quay.io/thegeeklab/wp-matrix
settings:
homeserver:
from_secret: matrix_homeserver
password:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
username:
from_secret: matrix_username
when:
- status: [success, failure]
depends_on:
- docs

21
LICENSE
View File

@ -1,21 +0,0 @@
MIT License
Copyright (c) 2022 Robert Kaussow <mail@thegeeklab.de>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is furnished
to do so, subject to the following conditions:
The above copyright notice and this permission notice (including the next
paragraph) shall be included in all copies or substantial portions of the
Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

29
README.md → _docs/index.md
View File

@ -1,13 +1,16 @@
# xoxys.network
---
title: network
type: docs
---
[![Build Status](https://ci.rknet.org/api/badges/ansible/xoxys.network/status.svg)](https://ci.rknet.org/repos/ansible/xoxys.network)
[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.network/src/branch/main/LICENSE)
[![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&amp;logoColor=white)](https://gitea.rknet.org/ansible/xoxys.network)
[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.network?logo=drone&amp;server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.network)
[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.network/src/branch/main/LICENSE)
Manage linux network configuration.
## Table of content
<!--more-->
- [Requirements](#requirements)
- [Default Variables](#default-variables)
- [network_defaultif](#network_defaultif)
- [network_fqdn](#network_fqdn)
@ -22,15 +25,9 @@ Manage linux network configuration.
- [network_restart_enabled](#network_restart_enabled)
- [network_routes](#network_routes)
- [Dependencies](#dependencies)
- [License](#license)
- [Author](#author)
---
## Requirements
- Minimum Ansible version: `2.10`
## Default Variables
### network_defaultif
@ -171,14 +168,8 @@ network_routes:
10.168.0.0/27 via 10.168.0.1 dev eth0
```
## Dependencies
None.
## License
MIT
## Author
[Robert Kaussow](https://gitea.rknet.org/xoxys)

48
defaults/main.yml
View File

@ -1,48 +0,0 @@
---
network_hostname: localhost
network_fqdn: localdomain
network_reboot_enabled: True
network_restart_enabled: True
network_ipv6_enabled: True
network_defaultif: eth0
network_interfaces: {}
# @var network_interfaces:example: >
# network_interfaces:
# eth0:
# bootproto: none
# onboot: yes
# hwaddr: "aa:bb:cc:dd:ee"
# ipaddr: 192.168.0.5
# prefix: 26
# gateway: "192.168.0.1"
# userctl: no
# @end
network_routes: {}
# @var network_routes: example: >
# network_routes:
# eth0: |
# 10.168.0.1/32 via 0.0.0.0 dev eth0 scope link
# 10.168.0.0/27 via 10.168.0.1 dev eth0
# @end
network_resolve_enabled: False
network_resolve_server:
- 8.8.8.8
network_hosts_extra: []
# @var network_hosts_extra:example: >
# network_hosts_extra:
# - hostname: myhost
# fqdn: myhost.rknet.org
# address: 1.2.3.4
# @end
network_nm_config: {}
# @var network_nm_config:example: >
# network_nm_config:
# unmanaged: |
# [keyfile]
# unmanaged-devices=interface-name:ens*

34
handlers/main.yml
View File

@ -1,34 +0,0 @@
---
- name: Set flag require_reboot
ansible.builtin.set_fact:
__network_require_reboot: True
listen: __network_host_reboot
- name: Restart network
ansible.builtin.shell: "{{ __network_restart_command }}"
async: 1
poll: 0
when:
- (not __network_require_reboot | default(False) | bool) or (not network_reboot_enabled | bool)
- network_restart_enabled | bool
listen: __network_restart
tags:
- skip_ansible_later
- name: Reboot server
ansible.builtin.reboot:
msg: "Reboot triggered by Ansible"
async: 1
poll: 0
ignore_errors: True
when: network_reboot_enabled | bool
listen: __network_host_reboot
- name: Waiting for host startup
ansible.builtin.wait_for_connection:
delay: 5
timeout: 300
when: (network_reboot_enabled | bool) or (network_restart_enabled | bool)
listen:
- __network_restart
- __network_host_reboot

173
index.md Normal file
View File

@ -0,0 +1,173 @@
---
title: network
type: docs
---
[![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.network) [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.network?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.network) [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.network/src/branch/main/LICENSE)
Manage linux network configuration.
<!--more-->
- [Default Variables](#default-variables)
- [network_defaultif](#network_defaultif)
- [network_fqdn](#network_fqdn)
- [network_hostname](#network_hostname)
- [network_hosts_extra](#network_hosts_extra)
- [network_interfaces](#network_interfaces)
- [network_ipv6_enabled](#network_ipv6_enabled)
- [network_nm_config](#network_nm_config)
- [network_reboot_enabled](#network_reboot_enabled)
- [network_resolve_enabled](#network_resolve_enabled)
- [network_resolve_server](#network_resolve_server)
- [network_restart_enabled](#network_restart_enabled)
- [network_routes](#network_routes)
- [Dependencies](#dependencies)
---
## Default Variables
### network_defaultif
#### Default value
```YAML
network_defaultif: eth0
```
### network_fqdn
#### Default value
```YAML
network_fqdn: localdomain
```
### network_hostname
#### Default value
```YAML
network_hostname: localhost
```
### network_hosts_extra
#### Default value
```YAML
network_hosts_extra: []
```
#### Example usage
```YAML
network_hosts_extra:
- hostname: myhost
fqdn: myhost.rknet.org
address: 1.2.3.4
```
### network_interfaces
#### Default value
```YAML
network_interfaces: {}
```
#### Example usage
```YAML
network_interfaces:
eth0:
bootproto: none
onboot: yes
hwaddr: "aa:bb:cc:dd:ee"
ipaddr: 192.168.0.5
prefix: 26
gateway: "192.168.0.1"
userctl: no
```
### network_ipv6_enabled
#### Default value
```YAML
network_ipv6_enabled: true
```
### network_nm_config
#### Default value
```YAML
network_nm_config: {}
```
#### Example usage
```YAML
network_nm_config:
unmanaged: |
[keyfile]
unmanaged-devices=interface-name:ens*
```
### network_reboot_enabled
#### Default value
```YAML
network_reboot_enabled: true
```
### network_resolve_enabled
#### Default value
```YAML
network_resolve_enabled: false
```
### network_resolve_server
#### Default value
```YAML
network_resolve_server:
- 8.8.8.8
```
### network_restart_enabled
#### Default value
```YAML
network_restart_enabled: true
```
### network_routes
#### Default value
```YAML
network_routes: {}
```
#### Example usage
```YAML
network_routes:
eth0: |
10.168.0.1/32 via 0.0.0.0 dev eth0 scope link
10.168.0.0/27 via 10.168.0.1 dev eth0
```
## Dependencies
None.

24
meta/main.yml
View File

@ -1,24 +0,0 @@
---
galaxy_info:
# @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys)
author: Robert Kaussow <mail@thegeeklab.de>
namespace: xoxys
role_name: network
# @meta description: >
# [![Build Status](https://ci.rknet.org/api/badges/ansible/xoxys.network/status.svg)](https://ci.rknet.org/repos/ansible/xoxys.network)
# [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.network/src/branch/main/LICENSE)
#
# Manage linux network configuration.
# @end
description: Manage linux network configuration
license: MIT
min_ansible_version: "2.10"
platforms:
- name: EL
versions:
- "9"
galaxy_tags:
- network
dependencies: []
collections:
- community.general

17
pyproject.toml
View File

@ -1,17 +0,0 @@
[tool.ruff]
exclude = [".git", "__pycache__"]
line-length = 99
indent-width = 4
[tool.ruff.lint]
ignore = ["W191", "E111", "E114", "E117", "S101", "S105"]
select = ["F", "E", "I", "W", "S"]
[tool.ruff.format]
quote-style = "double"
indent-style = "space"
line-ending = "lf"
[tool.pytest.ini_options]
filterwarnings = ["ignore::FutureWarning", "ignore::DeprecationWarning"]

16
tasks/main.yml
View File

@ -1,16 +0,0 @@
---
- ansible.builtin.include_vars: "{{ var_files }}"
vars:
var_files: "{{ lookup('first_found', params, errors='ignore') }}"
params:
files:
- "{{ ansible_lsb.id | default('') | lower }}.yml"
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version }}.yml"
- "{{ ansible_os_family | lower }}.yml"
- default.yml
paths:
- "vars"
when: var_files
- ansible.builtin.include_tasks: nm.yml
when: __network_nmcli | bool
- ansible.builtin.include_tasks: setup.yml

29
tasks/nm.yml
View File

@ -1,29 +0,0 @@
---
- name: Add NetworkManager configuration
ansible.builtin.copy:
content: "{{ item.value }}"
dest: "/etc/NetworkManager/conf.d/{{ item.key }}.conf"
owner: root
group: root
mode: "0640"
loop: "{{ network_nm_config | dict2items }}"
loop_control:
label: "{{ item.key }}"
notify: __network_host_reboot
- name: Register active NetworkManager configuration
ansible.builtin.find:
paths: /etc/NetworkManager/conf.d/
file_type: file
patterns: "*.conf"
register: __network_nm_config_active
changed_when: False
failed_when: False
- name: Remove unmanaged NetworkManager configuration
ansible.builtin.file:
path: "{{ item }}"
state: absent
loop: "{{ __network_nm_config_active.files | map(attribute='path') | list }}"
notify: __network_host_reboot
when: (item | basename | splitext | first) not in (network_nm_config | dict2items | map(attribute='key') | list)

51
tasks/setup.yml
View File

@ -1,51 +0,0 @@
---
- name: Set hostname
ansible.builtin.hostname:
name: "{{ network_hostname }}"
when: network_hostname
notify: __network_host_reboot
- name: Write hosts file
ansible.builtin.template:
src: etc/hosts.j2
dest: /etc/hosts
owner: root
group: root
mode: "0644"
notify: __network_host_reboot
- name: Add network interface configuration
ansible.builtin.template:
src: etc/sysconfig/network-scrips/ifcfg.j2
dest: "/etc/sysconfig/network-scripts/ifcfg-{{ item.key }}"
owner: root
group: root
mode: "0644"
loop: "{{ network_interfaces | dict2items }}"
loop_control:
label: "{{ item.key }}"
when: item.key in ansible_interfaces or item.key.split(":")[0] in ansible_interfaces
register: __network_ifcfg
notify: __network_restart
- name: Add static routes
ansible.builtin.copy:
content: "{{ item.value }}"
dest: "/etc/sysconfig/network-scripts/route-{{ item.key }}"
owner: root
group: root
mode: "0644"
loop: "{{ network_routes | dict2items }}"
loop_control:
label: "{{ item.key }}"
when: item.key in ansible_interfaces
notify: __network_restart
- name: Set DNS servers
ansible.builtin.template:
src: etc/resolv.conf.j2
dest: /etc/resolv.conf
owner: root
group: root
mode: "0644"
when: network_resolve_enabled | bool

14
templates/etc/hosts.j2
View File

@ -1,14 +0,0 @@
#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
{% if network_ipv6_enabled %}
::1 localhost6 localhost6.localdomain6
{% endif %}
{% if network_hostname is defined and network_fqdn is defined and network_defaultif is defined %}
{{ network_interfaces[network_defaultif].ipaddr | default(hostvars[inventory_hostname]["ansible_" + network_defaultif].ipv4.address) }} {{ network_fqdn }} {{ network_hostname }}
{% endif %}
{% if network_hosts_extra %}
{% for item in network_hosts_extra %}
{{ item.address }} {{ item.fqdn }} {{ item.hostname }}
{% endfor %}
{% endif %}

4
templates/etc/resolv.conf.j2
View File

@ -1,4 +0,0 @@
{{ ansible_managed | comment }}
{% for item in network_resolve_server %}
nameserver {{ item }}
{% endfor %}

12
templates/etc/sysconfig/network-scrips/ifcfg.j2
View File

@ -1,12 +0,0 @@
#jinja2: lstrip_blocks: True
{{ ansible_managed | comment }}
DEVICE="{{ item.key }}"
{% for key, value in item.value.items() %}
{% if key | lower == "dns" and not value is string and value is iterable %}
{% for item in value -%}
DNS{{ loop.index }}={{ item }}
{% endfor %}
{% else %}
{{- key | upper }}={{ value }}
{% endif %}
{% endfor %}

3
vars/default.yml
View File

@ -1,3 +0,0 @@
---
__network_nmcli: False
__network_restart_command: systemctl restart network

7
vars/redhat-9.yml
View File

@ -1,7 +0,0 @@
---
__network_nmcli: True
__network_restart_command: |-
nmcli connection reload
{%- for file in __network_ifcfg | json_query('results[?changed==`true`].dest') %}
&& nmcli conn up {{ file }}
{%- endfor %}